[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fS19PNxL98Wfe8LhuTaqmMw6ftzJ8p1gUIQIDpGNkYiw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":15,"tags":18,"homepage":24,"download_link":25,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":128,"fingerprints":596},"export-2-multisite","Export 2 Multisite","0.2","jamiechong","https:\u002F\u002Fprofiles.wordpress.org\u002Fjamiechong\u002F","\u003Cp>Export 2 Multisite exports your standalone database SQL for import into a WP multisite installation. It handles duplicate users (based on email) and will copy over all site settings including Widgets and Menus. You still need to copy the files for your themes, plugins and uploads.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>This plugin has been minimally tested, but has been used to successfully migrate a handful of standalone sites to a multisite installation.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>There is a good possibility it won’t work for sites that make use of a multitude of plugins – especially plugins that have their own database tables.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Installation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create a new site on the Multisite.\u003C\u002Fli>\n\u003Cli>Copy the plugins and themes from this standalone site to the Multisite.\u003C\u002Fli>\n\u003Cli>Copy the files from wp-content\u002Fuploads\u002F on this site to wp-content\u002Fuploads\u002Fsites\u002F\u002F on the multisite.\u003C\u002Fli>\n\u003Cli>Backup the database on the Multisite.\u003C\u002Fli>\n\u003Cli>Provide the Site ID of the Multisite. This can be found by hovering the mouse over the new site on Network Admin->Sites.\u003C\u002Fli>\n\u003Cli>Provide the New URL. Example: \u002F\u002Fmysite.my-wp-multisite.com\u003C\u002Fli>\n\u003Cli>Provide the New file path (The file path of the Multisite installation).\u003C\u002Fli>\n\u003Cli>Export the database dump.\u003C\u002Fli>\n\u003Cli>Import the SQL into your Multisite installation.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cul>\n\u003Cli>\u003Cstrong>Important:\u003C\u002Fstrong> The exported SQL will DROP the tables that were created for the Site ID you provided. So only perform this migration on new empty Sites.\u003C\u002Fli>\n\u003Cli>Note that the you may need to review the exported SQL to ensure that plugin database tables have been exported correctly.\u003C\u002Fli>\n\u003Cli>The site admin (username and password) is the user you created while creating the new Site, NOT the site admin of this standalone site.\u003C\u002Fli>\n\u003Cli>The guts of this export plugin were inspired by \u003Ca href=\"https:\u002F\u002Fiandunn.name\u002Fcomprehensive-wordpress-multisite-migrations\u002F\" rel=\"nofollow ugc\">this blog post\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>The code for this plugin has been modified from the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-migrate-db\" rel=\"ugc\">WP Migrate DB\u003C\u002Fa> plugin, but should not conflict with it in any way.\u003C\u002Fli>\n\u003C\u002Ful>\n","Exports your standalone database SQL for import into a WP Multisite installation.",10,2009,100,1,"","4.0.38","3.5",[19,20,21,22,23],"database","export","migrate","multisite","mysql","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexport-2-multisite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexport-2-multisite.0.2.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},3,4020,95,30,91,"2026-04-04T03:44:04.050Z",[38,61,78,95,111],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":15,"download_link":57,"security_score":58,"vuln_count":14,"unpatched_count":26,"last_vuln_date":59,"fetched_at":60},"simple-table-manager","Simple Table Manager","1.6.1","ryo0inoue","https:\u002F\u002Fprofiles.wordpress.org\u002Fryo0inoue\u002F","\u003Cp>Simple Table Manager enables editing table records and exporting them to CSV files through a minimal database interface from your dashboard.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simply CRUD table contents on your wp-admin screen\u003C\u002Fli>\n\u003Cli>Search and sort table records\u003C\u002Fli>\n\u003Cli>No knowledge of MySQL or PHP required\u003C\u002Fli>\n\u003Cli>Export table records to a CSV file\u003C\u002Fli>\n\u003Cli>Does not allow users to create tables or change the structure of the table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Simple Table Manager is a tool suited for the initial development phase of a website. It is ideal when you want to ask someone else with no database expertise to keep track of table records on your website. This was the motivation for developing this plugin.\u003C\u002Fp>\n\u003Cp>Note that to comply with wordpress.org plugin security guidelines, edited and added record fields are filtered through wp_kses_post() to prevent sql injection attacks. In some cases, wanted tags may be filtered out leading to field corruption.\u003C\u002Fp>\n","Enables viewing and editing table records and exporting them to CSV files through a minimal database interface from your dashboard.",400,24407,96,4,"2025-01-19T23:50:00.000Z","6.7.5","6.2","7.3",[55,19,20,23,56],"crud","table","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-table-manager.1.6.1.zip",92,"2023-10-16 00:00:00","2026-03-15T15:16:48.613Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":26,"num_ratings":26,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":15,"tags":74,"homepage":15,"download_link":76,"security_score":77,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":60},"ob-db-excel-converter","OB DB Excel Converter","2.1","Oudaryamay Burai","https:\u002F\u002Fprofiles.wordpress.org\u002Foudaryamayburai\u002F","\u003Cp>This plugin provide you the functionality to export MySql database table to excel file. The plugin is very easy to use. It also allow you to show all database table’s value with “Convert To Excel” option in admin panel.\u003C\u002Fp>\n\u003Cp>We are currently working on a new functionality which will provide you the functionality to export database table with selected field name.\u003C\u002Fp>\n\u003Ch4>Plugin Functionalities:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Easy to see all database table in Admin Panel\u003C\u002Fli>\n\u003Cli>Export any table to Excel file\u003C\u002Fli>\n\u003Cli>Easy to see results in Admin Panel by writing custom MySQL query\u003C\u002Fli>\n\u003Cli>Copy\u002FCSV\u002FExcel\u002FPDF\u002FPrint the output custom MySQL query result\u003C\u002Fli>\n\u003Cli>We are adding additional more functionality to this plugin soon…\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin provide you the functionality to export MySql database table to excel file. The plugin is very easy to use.",80,2398,"2020-10-27T14:03:00.000Z","5.5.18","2.9.0",[19,75,20,23,56],"excel","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fob-db-excel-converter.2.1.zip",85,{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":11,"downloaded":86,"rating":26,"num_ratings":26,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":15,"tags":90,"homepage":93,"download_link":94,"security_score":77,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":60},"lh-mysqldump","LH Mysqldump","1.01","shawfactor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawfactor\u002F","\u003Cp>LH Mysql plugin allow you to create a complete database backup with single click. The entire contents of your databse can be downloaded in a compressed zip file which can also be emailed on an ongoing basis\u003C\u002Fp>\n\u003Cp>FEATURES\u003Cbr \u002F>\n* A simple interface to download your database\u003Cbr \u002F>\n* A complete backup, including custom and non wordpress tables\u003Cbr \u002F>\n* The export file is zipped, massively reducing the size of the file downloaded or emailed\u003Cbr \u002F>\n* Ongoing backups by email on a weekly basis\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like this plugin? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Flh-mysqldump\u002F\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Love this plugin or want to help the LocalHero Project? Please consider \u003Ca href=\"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-mysqldump\u002F\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Example use:\u003C\u002Fp>\n","A simple plugin to export and backup your database, on an ongoing basis",1746,"2022-08-08T05:53:00.000Z","6.0.11","5.4",[19,91,20,23,92],"email","sql","https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-mysqldump\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-mysqldump.zip",{"slug":96,"name":97,"version":6,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":11,"downloaded":102,"rating":26,"num_ratings":26,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":15,"tags":106,"homepage":109,"download_link":110,"security_score":77,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":60},"move-postpage-to-subsite","Move Post\u002FPage to Subsite","Marco Palermo","https:\u002F\u002Fprofiles.wordpress.org\u002Fpalermomarco\u002F","\u003Cp>Many older WP sites used categories and\u002For pages to organize what were essentially subsites without proper access control and other site-specific goodies like themes, widgets, and plugins.\u003C\u002Fp>\n\u003Cp>This plugin lets you move that content to another site on your WordPress network with a single click, with seamless redirects.\u003C\u002Fp>\n\u003Cp>I needed it on www.robadadonne.it when moving old contents from root domain to subsites.\u003C\u002Fp>\n\u003Cp>This is \u003Cstrong>beta\u003C\u002Fstrong> software. Back stuff up first.\u003C\u002Fp>\n\u003Cp>This plugin is forked from https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmove-to-subsite\u002F\u003C\u002Fp>\n\u003Cp>Please contribute on Github https:\u002F\u002Fgithub.com\u002Fpalermomarco\u002Fmove-to-subsite\u003C\u002Fp>\n","Wordpress multisite plugin to move posts in a category and\u002For a page hierarchy to a new subsite, with seamless redirects. It copy also post attachmen &hellip;",1969,"2013-09-13T08:54:00.000Z","3.6.1","3.3.2",[20,107,21,108,22],"import","move","https:\u002F\u002Fgithub.com\u002Fpalermomarco\u002Fmove-to-subsite","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmove-postpage-to-subsite.0.2.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":11,"downloaded":119,"rating":13,"num_ratings":14,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":15,"tags":123,"homepage":126,"download_link":127,"security_score":77,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":60},"pitta-migration","Pitta Migration","0.4.2","icc97","https:\u002F\u002Fprofiles.wordpress.org\u002Ficc97\u002F","\u003Cp>This plugin is aimed at developers that need to migrate their databases from\u003Cbr \u002F>\nproduction to test or local domains.\u003C\u002Fp>\n\u003Cp>This is the simplest way I’ve found to migrate databases quickly.\u003C\u002Fp>\n\u003Cp>You only have to set the \u003Ccode>WP_HOME\u003C\u002Fcode>\u003Cbr \u002F>\n(\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FEditing_wp-config.php#WordPress_address_.28URL.29\" rel=\"nofollow ugc\">WordPress address URL\u003C\u002Fa>)\u003Cbr \u002F>\nand \u003Ccode>WP_SITEURL\u003C\u002Fcode>\u003Cbr \u002F>\n(\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FEditing_wp-config.php#Blog_address_.28URL.29\" rel=\"nofollow ugc\">Blog address URL\u003C\u002Fa>)\u003Cbr \u002F>\nconstants once for each environment and then the database is automatically\u003Cbr \u002F>\nupgraded when you import a database and login to the admin area.\u003C\u002Fp>\n\u003Cp>This stands on the shoulders of the constants and fills the hole for when\u003Cbr \u002F>\nplugins don’t follow the rules and use the database directly.\u003C\u002Fp>\n\u003Cp>This plugin is designed to be the most lightweight way to migrate your database\u003Cbr \u002F>\nand stay out the way of your own processes.\u003C\u002Fp>\n\u003Cp>It works with WordPress to use WordPress’ own constants to update the database\u003Cbr \u002F>\nusing the\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FClass_Reference\u002Fwpdb\" rel=\"nofollow ugc\">WordPress Database Object\u003C\u002Fa>.\u003Cbr \u002F>\nIt avoids search and replaces in text files. It uses database queries to update\u003Cbr \u002F>\nthe database as should be done.\u003C\u002Fp>\n\u003Cp>Most developers have their own methods for exporting\u002Fimporting the database –\u003Cbr \u002F>\nif you can use \u003Ccode>mysqldump\u003C\u002Fcode> then you probably don’t want a WordPress plugin to\u003Cbr \u002F>\ndo it for you.\u003C\u002Fp>\n\u003Cp>It makes no assumptions about your database and it’s cross platform.\u003C\u002Fp>\n\u003Cp>P.S. Pitta is taken from the start of an \u003Ca href=\"http:\u002F\u002Fwordpress.stackexchange.com\u002Fa\u002F182\u002F5433\" rel=\"nofollow ugc\">answer from WordPress SE\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Deployment of a WordPress site from one box to another has been a PITA since\u003Cbr \u002F>\n  day one I started working with WordPress. (Truth-be-told it was a PITA with\u003Cbr \u002F>\n  Drupal for 2 years before I started with WordPress so the problem is\u003Cbr \u002F>\n  certainly not exclusively with WordPress.)\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>So this plugin aims to make things less PITA and more yummy Pitta (pedants will\u003Cbr \u002F>\nmention that Pitta can also be spelled pita).\u003C\u002Fp>\n\u003Cp>Its inspiration actually comes from the \u003Ca href=\"http:\u002F\u002Fwordpress.stackexchange.com\u002Fq\u002F119\u002F5433\" rel=\"nofollow ugc\">second answer\u003C\u002Fa>\u003Cbr \u002F>\nfrom the same \u003Ca href=\"http:\u002F\u002Fwordpress.stackexchange.com\u002Fq\u002F119\u002F5433\" rel=\"nofollow ugc\">WordPress SE question\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Coincidentally there is a migratory bird called a \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FPitta\" rel=\"nofollow ugc\">Pitta\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>The fairy pitta migrates from Korea, Japan, Taiwan and coastal China to Borneo.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>P.P.S. This plugin is based off the excellent \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftheantichris\u002FWordPress-Plugin-Boilerplate\" rel=\"nofollow ugc\">WordPress Plugin Boilerplate\u003C\u002Fa> from antichris on Github\u003C\u002Fp>\n","Migrate WordPress databases using WP_HOME and WP_SITEURL constants.",1723,"2015-08-24T21:27:00.000Z","4.3.34","2.2",[124,19,125,21,23],"backup","developer","https:\u002F\u002Fwww.vsni.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpitta-migration.0.4.2.zip",{"attackSurface":129,"codeSignals":211,"taintFlows":347,"riskAssessment":582,"analyzedAt":595},{"hooks":130,"ajaxHandlers":157,"restRoutes":206,"shortcodes":207,"cronEvents":208,"entryPointCount":209,"unprotectedCount":210},[131,136,141,145,148,153],{"type":132,"name":133,"callback":133,"file":134,"line":135},"action","admin_menu","class\\e2wpms.php",171,{"type":137,"name":138,"callback":139,"priority":11,"file":134,"line":140},"filter","e2wpms_tables","site_tables_filter",175,{"type":137,"name":142,"callback":143,"priority":11,"file":134,"line":144},"wpmu_mdb_after_inserts","site_after_inserts",176,{"type":137,"name":146,"callback":146,"file":134,"line":147},"admin_body_class",1982,{"type":132,"name":149,"callback":150,"file":151,"line":152},"plugins_loaded","e2wpms_loaded","export-2-multisite.php",54,{"type":132,"name":154,"callback":155,"file":151,"line":156},"init","e2wpms_init",60,[158,164,168,172,175,179,183,187,191,194,198,202],{"action":159,"nopriv":160,"callback":161,"hasNonce":162,"hasCapCheck":160,"file":134,"line":163},"e2wpms_delete_migration_profile",false,"ajax_delete_migration_profile",true,77,{"action":165,"nopriv":160,"callback":166,"hasNonce":162,"hasCapCheck":160,"file":134,"line":167},"e2wpms_save_profile","ajax_save_profile",78,{"action":169,"nopriv":160,"callback":170,"hasNonce":162,"hasCapCheck":160,"file":134,"line":171},"e2wpms_initiate_migration","ajax_initiate_migration",79,{"action":173,"nopriv":160,"callback":174,"hasNonce":162,"hasCapCheck":160,"file":134,"line":69},"e2wpms_migrate_table","ajax_migrate_table",{"action":176,"nopriv":160,"callback":177,"hasNonce":160,"hasCapCheck":160,"file":134,"line":178},"e2wpms_finalize_migration","ajax_finalize_migration",81,{"action":180,"nopriv":160,"callback":181,"hasNonce":162,"hasCapCheck":160,"file":134,"line":182},"e2wpms_clear_log","ajax_clear_log",82,{"action":184,"nopriv":160,"callback":185,"hasNonce":162,"hasCapCheck":160,"file":134,"line":186},"e2wpms_get_log","ajax_get_log",83,{"action":188,"nopriv":160,"callback":189,"hasNonce":160,"hasCapCheck":160,"file":134,"line":190},"e2wpms_fire_migration_complete","fire_migration_complete",84,{"action":192,"nopriv":160,"callback":193,"hasNonce":160,"hasCapCheck":160,"file":134,"line":77},"e2wpms_plugin_compatibility","ajax_plugin_compatibility",{"action":195,"nopriv":160,"callback":196,"hasNonce":160,"hasCapCheck":160,"file":134,"line":197},"e2wpms_blacklist_plugins","ajax_blacklist_plugins",86,{"action":199,"nopriv":160,"callback":200,"hasNonce":162,"hasCapCheck":160,"file":134,"line":201},"e2wpms_update_max_request_size","ajax_update_max_request_size",87,{"action":203,"nopriv":160,"callback":204,"hasNonce":160,"hasCapCheck":160,"file":134,"line":205},"e2wpms_cancel_migration","ajax_cancel_migration",88,[],[],[],12,5,{"dangerousFunctions":212,"sqlUsage":227,"outputEscaping":242,"fileOperations":11,"externalRequests":14,"nonceChecks":345,"capabilityChecks":14,"bundledLibraries":346},[213,218,221,224],{"fn":214,"file":215,"line":216,"context":217},"unserialize","class\\e2wpms-base.php",165,"$unserialized_response = unserialize( $response['body'] );",{"fn":214,"file":134,"line":219,"context":220},831,"$return = @unserialize( trim( $response ) );",{"fn":214,"file":134,"line":222,"context":223},1392,"$this->primary_keys = unserialize( stripslashes( $_POST['primary_keys'] ) );",{"fn":214,"file":134,"line":225,"context":226},1708,"if ( is_string( $data ) && ( $unserialized = @unserialize( $data ) ) !== false ) {",{"prepared":228,"raw":210,"locations":229},9,[230,233,235,237,239],{"file":134,"line":231,"context":232},606,"$wpdb->get_results() with variable interpolation",{"file":134,"line":234,"context":232},941,{"file":134,"line":236,"context":232},1249,{"file":134,"line":238,"context":232},1288,{"file":134,"line":240,"context":241},1646,"$wpdb->query() with variable interpolation",{"escaped":243,"rawEcho":244,"locations":245},8,50,[246,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,316,318,321,323,324,326,328,330,332,334,336,338,340,342,343],{"file":215,"line":247,"context":248},254,"raw output",{"file":134,"line":250,"context":248},465,{"file":134,"line":252,"context":248},474,{"file":134,"line":254,"context":248},478,{"file":134,"line":256,"context":248},482,{"file":134,"line":258,"context":248},487,{"file":134,"line":260,"context":248},491,{"file":134,"line":262,"context":248},513,{"file":134,"line":264,"context":248},533,{"file":134,"line":266,"context":248},537,{"file":134,"line":268,"context":248},542,{"file":134,"line":270,"context":248},548,{"file":134,"line":272,"context":248},1816,{"file":134,"line":274,"context":248},2133,{"file":134,"line":276,"context":248},2134,{"file":134,"line":278,"context":248},2135,{"file":134,"line":280,"context":248},2136,{"file":134,"line":282,"context":248},2137,{"file":134,"line":284,"context":248},2138,{"file":134,"line":286,"context":248},2139,{"file":134,"line":288,"context":248},2140,{"file":134,"line":290,"context":248},2141,{"file":134,"line":292,"context":248},2142,{"file":134,"line":294,"context":248},2143,{"file":134,"line":296,"context":248},2144,{"file":134,"line":298,"context":248},2145,{"file":134,"line":300,"context":248},2148,{"file":134,"line":302,"context":248},2149,{"file":134,"line":304,"context":248},2150,{"file":134,"line":306,"context":248},2151,{"file":134,"line":308,"context":248},2154,{"file":134,"line":310,"context":248},2261,{"file":134,"line":312,"context":248},2349,{"file":314,"line":31,"context":248},"template\\common\\compatibility.php",{"file":314,"line":31,"context":248},{"file":317,"line":243,"context":248},"template\\migrate-progress.php",{"file":319,"line":320,"context":248},"template\\migrate.php",44,{"file":319,"line":322,"context":248},47,{"file":319,"line":244,"context":248},{"file":319,"line":325,"context":248},61,{"file":319,"line":327,"context":248},71,{"file":319,"line":329,"context":248},127,{"file":319,"line":331,"context":248},164,{"file":319,"line":333,"context":248},181,{"file":319,"line":335,"context":248},199,{"file":319,"line":337,"context":248},348,{"file":339,"line":31,"context":248},"template\\options.php",{"file":341,"line":210,"context":248},"template\\profile.php",{"file":341,"line":210,"context":248},{"file":341,"line":344,"context":248},7,11,[],[348,364,378,391,436,461,477,492,561],{"entryPoint":349,"graph":350,"unsanitizedCount":14,"severity":363},"output_diagnostic_info (class\\e2wpms.php:469)",{"nodes":351,"edges":361},[352,356],{"id":353,"type":354,"label":355,"file":134,"line":260},"n0","source","$_SERVER['SERVER_SOFTWARE']",{"id":357,"type":358,"label":359,"file":134,"line":260,"wp_function":360},"n1","sink","echo() [XSS]","echo",[362],{"from":353,"to":357,"sanitized":160},"medium",{"entryPoint":365,"graph":366,"unsanitizedCount":377,"severity":363},"download_file (class\\e2wpms.php:2082)",{"nodes":367,"edges":375},[368,371],{"id":353,"type":354,"label":369,"file":134,"line":370},"$_GET (x2)",2086,{"id":357,"type":358,"label":372,"file":134,"line":373,"wp_function":374},"header() [Header Injection]",2101,"header",[376],{"from":353,"to":357,"sanitized":160},2,{"entryPoint":379,"graph":380,"unsanitizedCount":26,"severity":390},"load_assets (class\\e2wpms.php:1945)",{"nodes":381,"edges":388},[382,384],{"id":353,"type":354,"label":369,"file":134,"line":383},1964,{"id":357,"type":358,"label":385,"file":134,"line":386,"wp_function":387},"wp_redirect() [Open Redirect]",1968,"wp_redirect",[389],{"from":353,"to":357,"sanitized":162},"low",{"entryPoint":392,"graph":393,"unsanitizedCount":49,"severity":435},"ajax_migrate_table (class\\e2wpms.php:643)",{"nodes":394,"edges":428},[395,398,401,404,408,411,416,420,423],{"id":353,"type":354,"label":396,"file":134,"line":397},"$_POST (x2)",664,{"id":357,"type":399,"label":400,"file":134,"line":397},"transform","→ remote_post()",{"id":402,"type":358,"label":403,"file":215,"line":216,"wp_function":214},"n2","unserialize() [Object Injection]",{"id":405,"type":354,"label":406,"file":134,"line":407},"n3","$_POST",694,{"id":409,"type":399,"label":410,"file":134,"line":407},"n4","→ open()",{"id":412,"type":358,"label":413,"file":134,"line":414,"wp_function":415},"n5","fopen() [File Access]",1784,"fopen",{"id":417,"type":354,"label":418,"file":134,"line":419},"n6","$_POST['table']",698,{"id":421,"type":399,"label":422,"file":134,"line":419},"n7","→ export_table()",{"id":424,"type":358,"label":425,"file":134,"line":426,"wp_function":427},"n8","get_results() [SQLi]",1506,"get_results",[429,430,431,432,433,434],{"from":353,"to":357,"sanitized":160},{"from":357,"to":402,"sanitized":160},{"from":405,"to":409,"sanitized":160},{"from":409,"to":412,"sanitized":160},{"from":417,"to":421,"sanitized":160},{"from":421,"to":424,"sanitized":160},"high",{"entryPoint":437,"graph":438,"unsanitizedCount":377,"severity":435},"ajax_initiate_migration (class\\e2wpms.php:780)",{"nodes":439,"edges":455},[440,442,443,445,446,447,449,451],{"id":353,"type":354,"label":406,"file":134,"line":441},822,{"id":357,"type":358,"label":403,"file":134,"line":219,"wp_function":214},{"id":402,"type":354,"label":406,"file":134,"line":444},823,{"id":405,"type":399,"label":400,"file":134,"line":444},{"id":409,"type":358,"label":403,"file":215,"line":216,"wp_function":214},{"id":412,"type":354,"label":406,"file":134,"line":448},836,{"id":417,"type":399,"label":450,"file":134,"line":448},"→ log_error()",{"id":421,"type":358,"label":452,"file":215,"line":453,"wp_function":454},"update_option() [Settings Manipulation]",249,"update_option",[456,457,458,459,460],{"from":353,"to":357,"sanitized":162},{"from":402,"to":405,"sanitized":160},{"from":405,"to":409,"sanitized":160},{"from":412,"to":417,"sanitized":160},{"from":417,"to":421,"sanitized":160},{"entryPoint":462,"graph":463,"unsanitizedCount":377,"severity":435},"export_table (class\\e2wpms.php:1236)",{"nodes":464,"edges":473},[465,467,468,470,472],{"id":353,"type":354,"label":466,"file":134,"line":222},"$_POST['primary_keys']",{"id":357,"type":358,"label":403,"file":134,"line":222,"wp_function":214},{"id":402,"type":354,"label":406,"file":134,"line":469},1560,{"id":405,"type":399,"label":471,"file":134,"line":469},"→ recursive_unserialize_replace()",{"id":409,"type":358,"label":403,"file":134,"line":225,"wp_function":214},[474,475,476],{"from":353,"to":357,"sanitized":160},{"from":402,"to":405,"sanitized":160},{"from":405,"to":409,"sanitized":160},{"entryPoint":478,"graph":479,"unsanitizedCount":377,"severity":435},"ajax_cancel_migration (class\\e2wpms.php:2244)",{"nodes":480,"edges":488},[481,483,484,486,487],{"id":353,"type":354,"label":406,"file":134,"line":482},2252,{"id":357,"type":358,"label":359,"file":134,"line":310,"wp_function":360},{"id":402,"type":354,"label":406,"file":134,"line":485},2258,{"id":405,"type":399,"label":400,"file":134,"line":485},{"id":409,"type":358,"label":403,"file":215,"line":216,"wp_function":214},[489,490,491],{"from":353,"to":357,"sanitized":160},{"from":402,"to":405,"sanitized":160},{"from":405,"to":409,"sanitized":160},{"entryPoint":493,"graph":494,"unsanitizedCount":560,"severity":435},"\u003Ce2wpms> (class\\e2wpms.php:0)",{"nodes":495,"edges":543},[496,497,498,499,500,501,502,503,504,505,507,509,511,514,516,518,520,522,524,526,528,530,532,534,536,539,541],{"id":353,"type":354,"label":355,"file":134,"line":260},{"id":357,"type":358,"label":359,"file":134,"line":260,"wp_function":360},{"id":402,"type":354,"label":396,"file":134,"line":441},{"id":405,"type":358,"label":403,"file":134,"line":219,"wp_function":214},{"id":409,"type":354,"label":466,"file":134,"line":222},{"id":412,"type":358,"label":403,"file":134,"line":222,"wp_function":214},{"id":417,"type":354,"label":369,"file":134,"line":383},{"id":421,"type":358,"label":385,"file":134,"line":386,"wp_function":387},{"id":424,"type":354,"label":369,"file":134,"line":370},{"id":506,"type":358,"label":372,"file":134,"line":373,"wp_function":374},"n9",{"id":508,"type":354,"label":406,"file":134,"line":482},"n10",{"id":510,"type":358,"label":359,"file":134,"line":310,"wp_function":360},"n11",{"id":512,"type":354,"label":513,"file":134,"line":397},"n12","$_POST (x5)",{"id":515,"type":399,"label":400,"file":134,"line":397},"n13",{"id":517,"type":358,"label":403,"file":215,"line":216,"wp_function":214},"n14",{"id":519,"type":354,"label":396,"file":134,"line":407},"n15",{"id":521,"type":399,"label":410,"file":134,"line":407},"n16",{"id":523,"type":358,"label":413,"file":134,"line":414,"wp_function":415},"n17",{"id":525,"type":354,"label":418,"file":134,"line":419},"n18",{"id":527,"type":399,"label":422,"file":134,"line":419},"n19",{"id":529,"type":358,"label":425,"file":134,"line":426,"wp_function":427},"n20",{"id":531,"type":354,"label":406,"file":134,"line":448},"n21",{"id":533,"type":399,"label":450,"file":134,"line":448},"n22",{"id":535,"type":358,"label":452,"file":215,"line":453,"wp_function":454},"n23",{"id":537,"type":354,"label":538,"file":134,"line":469},"n24","$_POST (x4)",{"id":540,"type":399,"label":471,"file":134,"line":469},"n25",{"id":542,"type":358,"label":403,"file":134,"line":225,"wp_function":214},"n26",[544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559],{"from":353,"to":357,"sanitized":162},{"from":402,"to":405,"sanitized":162},{"from":409,"to":412,"sanitized":162},{"from":417,"to":421,"sanitized":162},{"from":424,"to":506,"sanitized":162},{"from":508,"to":510,"sanitized":162},{"from":512,"to":515,"sanitized":160},{"from":515,"to":517,"sanitized":160},{"from":519,"to":521,"sanitized":160},{"from":521,"to":523,"sanitized":160},{"from":525,"to":527,"sanitized":160},{"from":527,"to":529,"sanitized":160},{"from":531,"to":533,"sanitized":160},{"from":533,"to":535,"sanitized":160},{"from":537,"to":540,"sanitized":160},{"from":540,"to":542,"sanitized":160},13,{"entryPoint":562,"graph":563,"unsanitizedCount":581,"severity":435},"\u003Cmigrate> (template\\migrate.php:0)",{"nodes":564,"edges":577},[565,568,569,571,573],{"id":353,"type":354,"label":566,"file":319,"line":567},"$_GET (x3)",33,{"id":357,"type":358,"label":359,"file":319,"line":320,"wp_function":360},{"id":402,"type":354,"label":566,"file":319,"line":570},226,{"id":405,"type":399,"label":572,"file":319,"line":570},"→ template_part()",{"id":409,"type":358,"label":574,"file":134,"line":575,"wp_function":576},"call_user_func() [RCE]",2342,"call_user_func",[578,579,580],{"from":353,"to":357,"sanitized":160},{"from":402,"to":405,"sanitized":160},{"from":405,"to":409,"sanitized":160},6,{"summary":583,"deductions":584},"The 'export-2-multisite' plugin v0.2 presents a moderate security risk due to several concerning findings in its static analysis.  While the plugin boasts a clean vulnerability history with no recorded CVEs, this could be misleading as the code itself exhibits potential weaknesses.  A significant concern is the presence of 5 AJAX handlers that lack authentication checks, creating a substantial attack surface for unauthorized actions. Furthermore, the taint analysis reveals 6 high-severity flows with unsanitized paths, indicating a strong possibility of data manipulation or injection vulnerabilities if these paths are reachable by malicious input. The frequent use of the `unserialize` function without clear context on its input sources is also a red flag, as unserialization of untrusted data is a known attack vector.  The low rate of properly escaped output (14%) further exacerbates these risks, making cross-site scripting (XSS) a plausible threat.  Despite a relatively low number of entry points and the absence of critical taint flows, the combination of unprotected AJAX handlers, high-severity taint flows, and poor output escaping necessitates caution. The vulnerability history, while currently clean, does not negate the inherent risks identified in the code analysis.",[585,587,589,591,593],{"reason":586,"points":11},"AJAX handlers without auth checks",{"reason":588,"points":209},"High severity taint flows with unsanitized paths",{"reason":590,"points":243},"Low percentage of properly escaped output",{"reason":592,"points":210},"Use of unserialize function",{"reason":594,"points":581},"SQL queries without prepared statements","2026-03-16T23:18:23.504Z",{"wat":597,"direct":606},{"assetPaths":598,"generatorPatterns":601,"scriptPaths":602,"versionParams":603},[599,600],"\u002Fwp-content\u002Fplugins\u002Fexport-2-multisite\u002Fcss\u002Fe2wpms-admin.css","\u002Fwp-content\u002Fplugins\u002Fexport-2-multisite\u002Fjs\u002Fe2wpms-admin.js",[],[600],[604,605],"export-2-multisite\u002Fcss\u002Fe2wpms-admin.css?ver=","export-2-multisite\u002Fjs\u002Fe2wpms-admin.js?ver=",{"cssClasses":607,"htmlComments":619,"htmlAttributes":620,"restEndpoints":630,"jsGlobals":643,"shortcodeOutput":645},[608,609,610,611,612,613,614,615,616,617,618],"e2wpms-admin-wrapper","e2wpms-migrate-tab","e2wpms-settings-tab","e2wpms-tab-content","js-action-link","migrate-t","js-migrate-tab","js-settings-tab","js-profile-tab","js-log-tab","js-compatibility-tab",[],[621,622,623,624,625,626,627,628,629],"data-div-name","data-migration-profile-id","data-profile-name","data-delete-profile-id","data-id","data-source-id","data-target-id","data-action","data-original-table-name",[631,632,633,634,635,636,637,638,639,640,641,642],"\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fdelete_migration_profile","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fsave_profile","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Finitiate_migration","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fmigrate_table","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Ffinalize_migration","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fclear_log","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fget_log","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Ffire_migration_complete","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fplugin_compatibility","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fblacklist_plugins","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fupdate_max_request_size","\u002Fwp-json\u002Fe2wpms\u002Fv1\u002Fcancel_migration",[644],"e2wpms_ajax_object",[]]