[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHcD84r39FsnFfwTB5dziXfuVrBmxHmR12KLWw0biGhc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":144,"fingerprints":268},"extension-manager","Extension Manager","0.6.6","Christian Schenk","https:\u002F\u002Fprofiles.wordpress.org\u002Fchschenk\u002F","\u003Cp>If you’re a WordPress admin you probably want a plugin with the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>install, update and delete plugins and themes\u003C\u002Fli>\n\u003Cli>it should be able to handle various locations, i.e. at least these \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugins#Plugin_Repositories\" title=\"WordPress Codex Plugin Repositories\" rel=\"nofollow ugc\">plugin repositories\u003C\u002Fa> and maybe some from \u003Ca href=\"http:\u002F\u002Fwww.google.com\u002Fsearch?q=wordpress%20plugins\" title=\"Google search on WordPress plugins\" rel=\"nofollow ugc\">somewhere\u003C\u002Fa> else.\u003C\u002Fli>\n\u003Cli>basic search functionality for all these plugins and themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugins lets you do (almost) all of these things.\u003C\u002Fp>\n\u003Cp>Have a look at this \u003Ca href=\"http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=-BzX7bv3DgM\" title=\"Introduction to Extension Manager for WordPress\" rel=\"nofollow ugc\">video\u003C\u002Fa> to see how it works.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>This plugin was tested with PHP 5.2.x. Currently it won’t work with\u003Cbr \u002F>\nolder versions, i.e. PHP 4. Please be patient until I’ve fixed that.\u003C\u002Fp>\n\u003Cp>But it’s possible that this plugin will never work with PHP 4 because\u003Cbr \u002F>\nit’s likely that I will not find the time to implement that. So please\u003Cbr \u002F>\nconsider updating your installation of PHP.\u003C\u002Fp>\n\u003Cp>If you’d like to help me fixing compatibility issues write me an \u003Ca href=\"http:\u002F\u002Fwww.christianschenk.org\u002Flegal-notice\u002F#contact\" title=\"Contact me\" rel=\"nofollow ugc\">e-mail\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Videos\u003C\u002Fh3>\n\u003Cp>Have a look at this \u003Ca href=\"http:\u002F\u002Fwww.christianschenk.org\u002Fprojects\u002Fwordpress-extension-manager\u002Fvideo-for-this-plugin\u002F\" title=\"Introduction to Extension Manager for WordPress\" rel=\"nofollow ugc\">video\u003C\u002Fa> to see how it works.\u003C\u002Fp>\n\u003Ch3>Licence\u003C\u002Fh3>\n\u003Cp>This plugin is released under the GPL.\u003C\u002Fp>\n\u003Ch3>Translation\u003C\u002Fh3>\n\u003Cp>This plugin is available in these languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German (I’m working on it)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you want to help me translating it into other languages \u003Ca href=\"http:\u002F\u002Fwww.christianschenk.org\u002Flegal-notice\u002F#contact\" title=\"Contact me\" rel=\"nofollow ugc\">drop me a line\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin helps you to install, upgrade, delete and search for plugins and themes.",10,5725,0,"2008-11-22T15:00:00.000Z","2.6.3","2.0","",[19,20,21,22,23],"delete","install","search","update","upgrade","http:\u002F\u002Fwww.christianschenk.org\u002Fprojects\u002Fwordpress-extension-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fextension-manager.0.6.6.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"chschenk",3,280,30,84,"2026-04-04T14:13:05.685Z",[38,57,76,102,124],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":17,"tags":53,"homepage":55,"download_link":56,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"plugin-reinstaller","Plugin Reinstaller","1.1","Hiroaki Miyashita","https:\u002F\u002Fprofiles.wordpress.org\u002Fhiroaki-miyashita\u002F","\u003Cp>The Plugin Reinstaller plugin enables the bulk plugin reinstall. Just activate the plugin and select \u003Ccode>Update\u003C\u002Fcode> > \u003Ccode>Bulk Actions\u003C\u002Fcode>. Deactivate the plugin if you do not use.\u003C\u002Fp>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate the plugin\u003C\u002Fli>\n\u003Cli>That’s it! 🙂\u003C\u002Fli>\n\u003C\u002Fol>\n","The Plugin Reinstaller plugin enables the bulk plugin reinstall.",20,2184,100,1,"2013-07-10T13:24:00.000Z","3.6.1","3.1",[20,54,22,23],"reinstall","http:\u002F\u002Fwpgogo.com\u002Fdevelopment\u002Fplugin-reinstaller.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-reinstaller.1.1.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":11,"downloaded":65,"rating":48,"num_ratings":32,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":74,"download_link":75,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"admin-restriction","Admin Restriction","1.1.2","Barry Kooij","https:\u002F\u002Fprofiles.wordpress.org\u002Fbarrykooij\u002F","\u003Cp>Disables updating the WordPress Core plus plugin and theme installation, updating and removal for all users except the administrator user with ID 1.\u003C\u002Fp>\n","Disables updating the WordPress Core plus plugin and theme installation, updating and removal for all users except the administrator user with ID 1.",3815,"2023-08-25T14:17:00.000Z","6.3.8","3.0",[70,71,72,73],"plugin-delete","plugin-install","plugin-update","wordpress-core-update","http:\u002F\u002Fwww.barrykooij.com\u002Fadmin-restriction\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-restriction.1.1.2.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":17,"tags":91,"homepage":97,"download_link":98,"security_score":99,"vuln_count":100,"unpatched_count":13,"last_vuln_date":101,"fetched_at":28},"better-search-replace","Better Search Replace","1.4.10","WP Engine","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpengine\u002F","\u003Cp>When moving your WordPress site to a new domain or server, you will likely run into a need to run a search\u002Freplace on the database for everything to work correctly. Fortunately, there are several plugins available for this task, however, all have a different approach to a few key features. This plugin consolidates the best features from these plugins, incorporating the following features in one simple plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Serialization support for all tables\u003C\u002Fli>\n\u003Cli>The ability to select specific tables\u003C\u002Fli>\n\u003Cli>The ability to run a “dry run” to see how many fields will be updated\u003C\u002Fli>\n\u003Cli>No server requirements aside from a running installation of WordPress\u003C\u002Fli>\n\u003Cli>WordPress Multisite support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Time-saving features available in the Pro version:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>View exactly what changed during a search\u002Freplace\u003C\u002Fli>\n\u003Cli>Backup and import the database while running a search\u002Freplace\u003C\u002Fli>\n\u003Cli>Priority email support from the developer of the plugin\u003C\u002Fli>\n\u003Cli>Save or load custom profiles for quickly repeating a search\u002Freplace in the future\u003C\u002Fli>\n\u003Cli>Support and updates for 1 year\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbettersearchreplace.com\u002F\" rel=\"nofollow ugc\">Learn more about Better Search Replace Pro\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The search and replace functionality is heavily based on interconnect\u002Fit’s great and open-source Search Replace DB script, modified to use WordPress native database functions to ensure compatibility.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supported Languages\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Want to contribute?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Feel free to open an issue or submit a pull request on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdeliciousbrains\u002Fbetter-search-replace\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","A simple plugin to update URLs or other text in a database.",1000000,17311737,86,541,"2025-12-08T17:21:00.000Z","6.9.4","3.0.1",[92,93,94,95,96],"search-and-replace","search-replace","search-replace-database","update-database-urls","update-live-url","https:\u002F\u002Fbettersearchreplace.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-search-replace.1.4.10.zip",98,2,"2024-01-24 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":89,"requires_at_least":115,"requires_php":116,"tags":117,"homepage":122,"download_link":123,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"go-live-update-urls","Go Live Update Urls","7.0.7","Mat Lipe","https:\u002F\u002Fprofiles.wordpress.org\u002Fmat-lipe\u002F","\u003Ch3>Change the domain on your site with one click.\u003C\u002Fh3>\n\u003Cp>Goes through entire site and replaces all instances of an old URL with a new one. Used most often when changing the domain of your site.\u003C\u002Fp>\n\u003Cp>Automatically detects and handles special domain circumstances to give you an accurate update every time without side effects.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developed and supported by \u003Ca href=\"https:\u002F\u002Fonpointplugins.com\u002Fgo-live-update-urls\u002F\" rel=\"nofollow ugc\">OnPoint Plugins\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Database table by table selection.\u003C\u002Fli>\n\u003Cli>Updates serialized data in core tables.\u003C\u002Fli>\n\u003Cli>Updates encoded URL.\u003C\u002Fli>\n\u003Cli>Easy to use admin page – which may be found under Tools.\u003C\u002Fli>\n\u003Cli>Works on both multisite and single site installs.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Updates Entire Site Including\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Posts\u003C\u002Fli>\n\u003Cli>Pages\u003C\u002Fli>\n\u003Cli>Image URLs\u003C\u002Fli>\n\u003Cli>Excerpts\u003C\u002Fli>\n\u003Cli>Post meta data\u003C\u002Fli>\n\u003Cli>Custom post types\u003C\u002Fli>\n\u003Cli>Widgets and widget data\u003C\u002Fli>\n\u003Cli>Options and settings\u003C\u002Fli>\n\u003Cli>And much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Domain Update Process\u003C\u002Fh3>\n\u003Cp>Full step-by-step instructions for a changing a site’s domain \u003Ca href=\"https:\u002F\u002Fonpointplugins.com\u002Fhow-to-change-your-domain-name-on-wordpress\u002F\" rel=\"nofollow ugc\">may be found here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Included Language Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English (en_US).\u003C\u002Fli>\n\u003Cli>French (fr_FR).\u003C\u002Fli>\n\u003Cli>German (de_DE).\u003C\u002Fli>\n\u003Cli>Spanish (es_ES).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Developer docs \u003Ca href=\"https:\u002F\u002Fonpointplugins.com\u002Fgo-live-update-urls\u002Fdeveloper-docs-go-live-update-urls\u002F\" rel=\"nofollow ugc\">may be found here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Cp>Troubleshooting information \u003Ca href=\"https:\u002F\u002Fonpointplugins.com\u002Fgo-live-update-urls\u002Fgo-live-update-urls-troubleshooting\u002F\" rel=\"nofollow ugc\">may be found here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cp>Send pull requests via the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flipemat\u002Fgo-live-update-urls\u002F\" rel=\"nofollow ugc\">Github Repo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Go PRO\u003C\u002Fh3>\n\u003Cp>Our \u003Ca href=\"https:\u002F\u002Fonpointplugins.com\u002Fproduct\u002Fgo-live-update-urls-pro\u002F?utm_source=readme&utm_campaign=gopro&utm_medium=dot-org\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa> brings additional functionality to this plugin. Check out \u003Ca href=\"https:\u002F\u002Fonpointplugins.com\u002Fgo-live-update-urls\u002Fgo-live-update-urls-pro-demo\u002F?utm_source=demo&utm_campaign=gopro&utm_medium=dot-org\" rel=\"nofollow ugc\">the demo\u003C\u002Fa> to see if the PRO version is useful for you.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Updates database tables created by plugins.\u003C\u002Fli>\n\u003Cli>Database tables are organized into simple intuitive sections.\u003C\u002Fli>\n\u003Cli>Ability to choose between tables or sections.\u003C\u002Fli>\n\u003Cli>Ability to convert relative URL into absolute URL.\u003C\u002Fli>\n\u003Cli>Updates serialized data across any table.\u003C\u002Fli>\n\u003Cli>Updates encoded URL across any table.\u003C\u002Fli>\n\u003Cli>Updates JSON data across any table.\u003C\u002Fli>\n\u003Cli>Ability to test URL changes before running them.\u003C\u002Fli>\n\u003Cli>URL testing report is provided for peace of mind.\u003C\u002Fli>\n\u003Cli>Option to fix common mistakes automatically when entering a URL.\u003C\u002Fli>\n\u003Cli>View and use history of your site’s address.\u003C\u002Fli>\n\u003Cli>Accessible update history including count and location of updated URL. \u003Cstrong>New\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Predictive URL automatically fill in the “Old URL” and “New URL.”\u003C\u002Fli>\n\u003Cli>Real time reporting of count and location of URL which will be updated.\u003C\u002Fli>\n\u003Cli>Report of count and location of URL which were updated.\u003C\u002Fli>\n\u003Cli>WP-CLI support for updating URL from the command line.\u003C\u002Fli>\n\u003Cli>Priority support with access to members only support area.\u003C\u002Fli>\n\u003C\u002Ful>\n","Change the domain on your site with one click.",80000,2274092,90,59,"2026-02-03T18:57:00.000Z","6.2.0","7.4.0",[118,119,92,120,121],"database","domain","update-urls","urls","https:\u002F\u002Fonpointplugins.com\u002Fgo-live-update-urls\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgo-live-update-urls.7.0.7.zip",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":135,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":17,"tags":139,"homepage":142,"download_link":143,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"easy-theme-and-plugin-upgrades","Easy Theme and Plugin Upgrades","2.0.2","Chris Jean","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrisjean\u002F","\u003Cp>WordPress has a built-in feature to install themes and plugins by supplying a zip file. Unfortunately, you cannot upgrade a theme or plugin using the same process. Instead, WordPress will say “destination already exists” when trying to upgrade using a zip file and will fail to upgrade the theme or plugin.\u003C\u002Fp>\n\u003Cp>Easy Theme and Plugin Upgrades fixes this limitation in WordPress by automatically upgrading the theme or plugin if it already exists.\u003C\u002Fp>\n\u003Cp>While upgrading, a backup copy of the old theme or plugin is first created. This allows you to install the old version in case of problems with the new version.\u003C\u002Fp>\n\u003Cp>Attention: Version 2.0.0 changed the functionality of the plugin. You are no longer required to select “Yes” from a drop down before the theme or plugin can be upgraded. The need for an upgrade is now detected automatically. So, if you are used to the old functionality of the plugin, do not be concerned about the absence of upgrade details on the theme and plugin upload pages. Simply upload the theme or plugin as if you were installing it, and the plugin will automatically handle upgrading as needed.\u003C\u002Fp>\n","Easily upgrade your themes and plugins using zip files without removing the theme or plugin first.",70000,1436562,94,117,"2022-04-20T03:40:00.000Z","5.7.15","4.4",[140,22,23,141],"theme","upload","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Feasy-theme-and-plugin-upgrades\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-theme-and-plugin-upgrades.2.0.2.zip",{"attackSurface":145,"codeSignals":157,"taintFlows":200,"riskAssessment":249,"analyzedAt":267},{"hooks":146,"ajaxHandlers":153,"restRoutes":154,"shortcodes":155,"cronEvents":156,"entryPointCount":13,"unprotectedCount":13},[147],{"type":148,"name":149,"callback":150,"file":151,"line":152},"action","admin_menu","wpextmgr_add_options_page","extension-manager.php",46,[],[],[],[],{"dangerousFunctions":158,"sqlUsage":159,"outputEscaping":161,"fileOperations":198,"externalRequests":49,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":199},[],{"prepared":13,"raw":13,"locations":160},[],{"escaped":13,"rawEcho":162,"locations":163},17,[164,167,169,171,173,175,177,179,181,183,185,186,188,190,192,194,196],{"file":151,"line":165,"context":166},55,"raw output",{"file":151,"line":168,"context":166},108,{"file":151,"line":170,"context":166},163,{"file":151,"line":172,"context":166},165,{"file":151,"line":174,"context":166},166,{"file":151,"line":176,"context":166},178,{"file":151,"line":178,"context":166},184,{"file":151,"line":180,"context":166},192,{"file":151,"line":182,"context":166},210,{"file":151,"line":184,"context":166},252,{"file":151,"line":184,"context":166},{"file":151,"line":187,"context":166},255,{"file":151,"line":189,"context":166},260,{"file":151,"line":191,"context":166},261,{"file":151,"line":193,"context":166},285,{"file":151,"line":195,"context":166},290,{"file":151,"line":197,"context":166},295,7,[],[201,224,233],{"entryPoint":202,"graph":203,"unsanitizedCount":32,"severity":223},"wpextmgr_show_options_page (extension-manager.php:64)",{"nodes":204,"edges":219},[205,210,214],{"id":206,"type":207,"label":208,"file":151,"line":209},"n0","source","$_POST (x3)",79,{"id":211,"type":212,"label":213,"file":151,"line":209},"n1","transform","→ showBody()",{"id":215,"type":216,"label":217,"file":151,"line":168,"wp_function":218},"n2","sink","echo() [XSS]","echo",[220,222],{"from":206,"to":211,"sanitized":221},false,{"from":211,"to":215,"sanitized":221},"medium",{"entryPoint":225,"graph":226,"unsanitizedCount":49,"severity":223},"getFilterTable (extension-manager.php:274)",{"nodes":227,"edges":231},[228,230],{"id":206,"type":207,"label":229,"file":151,"line":197},"$_POST['filter_search_string']",{"id":211,"type":216,"label":217,"file":151,"line":197,"wp_function":218},[232],{"from":206,"to":211,"sanitized":221},{"entryPoint":234,"graph":235,"unsanitizedCount":248,"severity":223},"\u003Cextension-manager> (extension-manager.php:0)",{"nodes":236,"edges":244},[237,238,239,240,242],{"id":206,"type":207,"label":229,"file":151,"line":197},{"id":211,"type":216,"label":217,"file":151,"line":197,"wp_function":218},{"id":215,"type":207,"label":208,"file":151,"line":209},{"id":241,"type":212,"label":213,"file":151,"line":209},"n3",{"id":243,"type":216,"label":217,"file":151,"line":168,"wp_function":218},"n4",[245,246,247],{"from":206,"to":211,"sanitized":221},{"from":215,"to":241,"sanitized":221},{"from":241,"to":243,"sanitized":221},4,{"summary":250,"deductions":251},"The security posture of \"extension-manager\" v0.6.6 exhibits a mixed bag of good practices and significant concerns. On the positive side, the plugin demonstrates a lack of known vulnerabilities in its history and does not appear to utilize dangerous functions or raw SQL queries. It also avoids bundling external libraries, reducing the risk of outdated components. However, the static analysis reveals critical weaknesses, most notably a complete absence of output escaping for all identified outputs. This means any data processed by the plugin and displayed to users is vulnerable to injection attacks, such as Cross-Site Scripting (XSS). Furthermore, the taint analysis indicates unsanitized paths, suggesting potential for path traversal or other file system vulnerabilities, though the severity is not rated as critical or high.\n\nThe absence of nonce checks and capability checks on any potential entry points (though zero are reported) is a significant concern, as it implies that even if entry points existed, they would likely be unprotected against unauthorized access or manipulation. The presence of file operations and external HTTP requests without stated security controls further amplifies the risk. Given the identified issues, particularly the unescaped output and taint analysis results, the plugin requires immediate attention to address these vulnerabilities before it can be considered secure.",[252,255,258,260,262,265],{"reason":253,"points":254},"All output unescaped",12,{"reason":256,"points":257},"Unsanitized paths in taint flows",8,{"reason":259,"points":198},"No nonce checks",{"reason":261,"points":198},"No capability checks",{"reason":263,"points":264},"File operations present without clear auth\u002Fsanitization",5,{"reason":266,"points":32},"External HTTP requests present without clear auth\u002Fsanitization","2026-03-17T00:52:44.279Z",{"wat":269,"direct":278},{"assetPaths":270,"generatorPatterns":273,"scriptPaths":274,"versionParams":275},[271,272],"\u002Fwp-content\u002Fplugins\u002Fextension-manager\u002Fextension-manager.css","\u002Fwp-content\u002Fplugins\u002Fextension-manager\u002Fextension-manager.js",[],[272],[276,277],"extension-manager\u002Fextension-manager.css?ver=","extension-manager\u002Fextension-manager.js?ver=",{"cssClasses":279,"htmlComments":283,"htmlAttributes":316,"restEndpoints":328,"jsGlobals":329,"shortcodeOutput":332},[280,281,282],"wrap","options","widefat",[284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312,313,314,315],"WordPress Extension Manager","Copyright (C) 2008 Christian Schenk","This program is free software; you can redistribute it and\u002For","modify it under the terms of the GNU General Public License","as published by the Free Software Foundation; either version 2","of the License, or (at your option) any later version.","This program is distributed in the hope that it will be useful,","but WITHOUT ANY WARRANTY; without even the implied warranty of","MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  See the","GNU General Public License for more details.","You should have received a copy of the GNU General Public License","along with this program; if not, write to the Free Software","Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA","Convenience methods","Adds a menu to the 'Options' page","version okay?","This functions displays an error message that this plugin doesn't work with PHP4, yet.","The logic and layout of the options page","i18n","catches every error that might occur","What do you want to do?","Install Plugins","Install Themes","Maintenance","Plugins","Themes","Installed and downloaded plugins","Before deleting any installed plugins make sure that you've deactivated them on the","plugins screen","You've installed or downloaded these plugins:","Remove installation","Remove download",[317,318,319,320,321,322,323,324,325,317,319,321,326,327,325,326,325,327,325],"name=\"show_plugins\"","value=\"Install Plugins\"","name=\"show_themes\"","value=\"Install Themes\"","name=\"maintenance\"","value=\"Maintenance\"","name=\"install_plugin\"","name=\"download\"","name=\"name\"","name=\"delete_installed_plugin\"","name=\"delete_downloaded_plugin\"",[],[330,331],"wpextmgr_show_options_page","wpextmgr_show_options_page_php4",[]]