[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxfn4WQPv4lGQFOL6da9is5bnlfc9uHKWet8QpordJA4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":13,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":111,"fingerprints":195},"ez-downloader","EZ-Downloader","1.6","Abolfazl Edalati","https:\u002F\u002Fprofiles.wordpress.org\u002Fdrowranger\u002F","\u003Cp>Install Plugin with URL\u003C\u002Fp>\n\u003Ch3>توضیحات\u003C\u002Fh3>\n\u003Cp>پلاگین را نصب کنید\u003C\u002Fp>\n\u003Cp>سپس داخل فیلد پلاگین لینک دانلود مستقیم پلاگین مورد نظر خود را وارد کنید.\u003C\u002Fp>\n\u003Cp>بعد روی دکمه نصب کلیک کنید تا پلاگین مورد نظر دانلود و نصب شود.\u003C\u002Fp>\n\u003Cp>توجه کنید لینک باید حاوی فایل اصلی پلاگین باشد ( یعنی فقط فایل های پلاگین داخلش باشه نه اینکه پلاگین داخل یک فایل دیگه و راهنما ها باشه )\u003C\u002Fp>\n\u003Cp>لینک های غیر مستقیم توسط پلاگین دانلود نمیشود.\u003C\u002Fp>\n\u003Cp>اگر خوشتون اومد و دوست داشتید نظر بدید و امتیاز 5 ستاره ثبت کنید.\u003C\u002Fp>\n\u003Ch3>ویدیو آموزشی\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FzgGtPl3JhZg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Install Plugin with URL",60,1662,100,9,"2025-09-26T12:11:00.000Z","6.8.5","3.0.1","",[20],"plugin-downloader","https:\u002F\u002Fwiraweb.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fez-downloader.1.6.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":13,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"drowranger",2,140,30,94,"2026-04-04T15:39:48.776Z",[35,54,72,92],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":37,"active_installs":42,"downloaded":43,"rating":13,"num_ratings":29,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":18,"tags":47,"homepage":51,"download_link":52,"security_score":53,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"wp-anything-downloader","WP Anything Downloader","3.0.2","vinit sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fvinit-sharma\u002F","\u003Cp>This plugin allows you to Direct download Any theme and plugin from wp admin panel. best plugin for download theme or plugin from wp-admin\u003C\u002Fp>\n\u003Cp>Perfect plugin  for direct download theme and plugin  with admin panel.\u003C\u002Fp>\n\u003Ch3>3.0.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>upgrade plugin for aws\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>3.0.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fixed a bug\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>3.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fixed a bug\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.0.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Security Updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fixed a bug\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display WP Anything Downloader\u003C\u002Fli>\n\u003C\u002Ful>\n",3000,42978,"2022-03-22T08:13:00.000Z","5.9.13","3.5",[48,49,50],"direct-download","theme-downloader-plugin-downloader","wordpress-theme-and-plugin-download","https:\u002F\u002Fd3logics.com\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-anything-downloader.3.0.4.zip",85,{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":13,"downloaded":62,"rating":13,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":18,"tags":67,"homepage":18,"download_link":70,"security_score":71,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"downloadify-wp","Downloadify WP","1.0.1","Md Khorshed Alam","https:\u002F\u002Fprofiles.wordpress.org\u002Fkhorshedalamwp\u002F","\u003Cp>Downloadify WP is one of the most popular plugins for downloading plugins and themes in WordPress.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Download the plugin and theme with one click.\u003C\u002Fli>\n\u003C\u002Ful>\n","Downloadify WP for WordPress Plugin And Theme Downloader.",1836,1,"2025-01-06T05:18:00.000Z","6.7.5","6.2.2",[48,68,20,69],"downloader-wp","theme-downloader","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdownloadify-wp.1.0.1.zip",92,{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":23,"num_ratings":23,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":18,"tags":85,"homepage":90,"download_link":91,"security_score":71,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"monster-downloader","Monster Downloader","1.0.2","pluginbazar","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginbazar\u002F","\u003Cp>Monster Downloader is the best plugin for download plugin and themes.Perfect plugin for quickly downloading themes and plugins.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Download the plugin and theme with one click.\u003C\u002Fli>\n\u003Cli>All download reports show in the WP list table.\u003C\u002Fli>\n\u003C\u002Ful>\n","Monster Downloader is the best plugin for download plugin and themes.Perfect plugin for quickly downloading themes and plugins.",70,3184,"2024-05-09T06:58:00.000Z","6.5.8","6.0.2",[86,87,88,89],"wp-best-theme-plugin-downloader","wp-downloader-plus","wp-plugin-downloader","wp-theme-downloader","https:\u002F\u002Fpluginbazar.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonster-downloader.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":23,"downloaded":100,"rating":23,"num_ratings":23,"last_updated":101,"tested_up_to":16,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":109,"download_link":110,"security_score":13,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"prominent-manager","Prominent Manager","1.1.4","M Hemel Hasan","https:\u002F\u002Fprofiles.wordpress.org\u002Fhemelhasan\u002F","\u003Cp>\u003Cstrong>Prominent Manager\u003C\u002Fstrong> makes plugin management effortless.\u003Cbr \u002F>\nWith just one click, you can download any installed plugin as a ZIP file directly from your WordPress admin dashboard — no FTP, cPanel, or external tools needed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why you’ll love it:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Quickly download plugins for backup or migration.\u003Cbr \u002F>\n– Ensure you have a local copy of your favorite plugins.\u003Cbr \u002F>\n– Safe, lightweight, and easy to use.\u003C\u002Fp>\n\u003Cp>Currently, Prominent Manager focuses on \u003Cstrong>plugin downloads\u003C\u002Fstrong>, but upcoming updates will include:\u003Cbr \u002F>\n– \u003Cstrong>Theme downloads\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Plugin rollback\u003C\u002Fstrong> (restore to a previous version)\u003Cbr \u002F>\n– \u003Cstrong>Theme rollback\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>No complex configuration — just install, activate, and start downloading.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Benefits:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Zero performance impact.\u003Cbr \u002F>\n– Secure, lossless ZIP downloads.\u003Cbr \u002F>\n– Works with any plugin installed on your site.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Download any installed plugin in ZIP format.\u003C\u002Fli>\n\u003Cli>One-click download button under each plugin in your dashboard.\u003C\u002Fli>\n\u003Cli>Lightweight and secure — no performance overhead.\u003C\u002Fli>\n\u003Cli>No technical skills required.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Upcoming Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Download installed themes.\u003C\u002Fli>\n\u003Cli>Roll back plugins to previous versions.\u003C\u002Fli>\n\u003Cli>Roll back themes to previous versions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once activated:\u003Cbr \u002F>\n– Go to \u003Cstrong>Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Installed Plugins\u003C\u002Fstrong>.\u003Cbr \u002F>\n– Under each plugin, you’ll see a \u003Cstrong>Download\u003C\u002Fstrong> button.\u003Cbr \u002F>\n– Click the button to download the plugin as a ZIP file.\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Cp>If the plugin isn’t working:\u003Cbr \u002F>\n1. Ensure Prominent Manager is \u003Cstrong>activated\u003C\u002Fstrong>.\u003Cbr \u002F>\n2. Check if the \u003Cstrong>Download\u003C\u002Fstrong> button appears under each plugin.\u003Cbr \u002F>\n3. Click the button and note any error messages.\u003Cbr \u002F>\n4. Open a support ticket with details from step 3.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Prominent Manager uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements.\u003C\u002Fp>\n\u003Cp>Appsero SDK \u003Cstrong>does not gather any data by default.\u003C\u002Fstrong> The SDK only starts gathering basic telemetry data \u003Cstrong>when a user allows it via the admin notice\u003C\u002Fstrong>. We collect the data to ensure a great user experience for all our users.\u003C\u002Fp>\n\u003Cp>Integrating Appsero SDK \u003Cstrong>DOES NOT IMMEDIATELY\u003C\u002Fstrong> start gathering data, \u003Cstrong>without confirmation from users in any case.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n","Manage WordPress plugins with ease — download, back up, and (coming soon) roll back directly from your dashboard",766,"2025-08-10T17:48:00.000Z","4.0","7.2",[105,20,106,107,108],"plugin-backup","plugin-rollback","plugin-download","wordpress-plugin-manager","https:\u002F\u002Fmhemelhasan.com\u002Fpm-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprominent-manager.1.1.4.zip",{"attackSurface":112,"codeSignals":129,"taintFlows":136,"riskAssessment":188,"analyzedAt":194},{"hooks":113,"ajaxHandlers":125,"restRoutes":126,"shortcodes":127,"cronEvents":128,"entryPointCount":23,"unprotectedCount":23},[114,120],{"type":115,"name":116,"callback":117,"file":118,"line":119},"action","admin_menu","cpi_add_admin_menu","inc\\admin_pages.php",17,{"type":115,"name":121,"callback":122,"priority":63,"file":123,"line":124},"admin_enqueue_scripts","cpi_enqueue_custom_styles","inc\\functions.php",19,[],[],[],[],{"dangerousFunctions":130,"sqlUsage":131,"outputEscaping":133,"fileOperations":23,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":135},[],{"prepared":23,"raw":23,"locations":132},[],{"escaped":29,"rawEcho":23,"locations":134},[],[],[137,173],{"entryPoint":138,"graph":139,"unsanitizedCount":29,"severity":172},"cpi_settings_page (inc\\admin_pages.php:20)",{"nodes":140,"edges":166},[141,146,150,157,160,163],{"id":142,"type":143,"label":144,"file":118,"line":145},"n0","source","$_POST",34,{"id":147,"type":148,"label":149,"file":118,"line":145},"n1","transform","→ cpi_download_and_extract_plugin()",{"id":151,"type":152,"label":153,"file":154,"line":155,"wp_function":156},"n2","sink","wp_remote_get() [SSRF]","inc\\plugin_install.php",22,"wp_remote_get",{"id":158,"type":143,"label":144,"file":118,"line":159},"n3",56,{"id":161,"type":148,"label":162,"file":118,"line":159},"n4","→ cti_download_and_extract_theme()",{"id":164,"type":152,"label":153,"file":165,"line":155,"wp_function":156},"n5","inc\\theme_install.php",[167,169,170,171],{"from":142,"to":147,"sanitized":168},false,{"from":147,"to":151,"sanitized":168},{"from":158,"to":161,"sanitized":168},{"from":161,"to":164,"sanitized":168},"medium",{"entryPoint":174,"graph":175,"unsanitizedCount":29,"severity":172},"\u003Cadmin_pages> (inc\\admin_pages.php:0)",{"nodes":176,"edges":183},[177,178,179,180,181,182],{"id":142,"type":143,"label":144,"file":118,"line":145},{"id":147,"type":148,"label":149,"file":118,"line":145},{"id":151,"type":152,"label":153,"file":154,"line":155,"wp_function":156},{"id":158,"type":143,"label":144,"file":118,"line":159},{"id":161,"type":148,"label":162,"file":118,"line":159},{"id":164,"type":152,"label":153,"file":165,"line":155,"wp_function":156},[184,185,186,187],{"from":142,"to":147,"sanitized":168},{"from":147,"to":151,"sanitized":168},{"from":158,"to":161,"sanitized":168},{"from":161,"to":164,"sanitized":168},{"summary":189,"deductions":190},"Based on the static analysis and vulnerability history provided, the \"ez-downloader\" plugin v1.6 exhibits a strong security posture with several good practices in place. Notably, the absence of any recorded CVEs and the clean code signals, such as 100% of SQL queries using prepared statements and all output being properly escaped, are positive indicators. The plugin also demonstrates good use of nonces and capability checks, further reinforcing its defense mechanisms.  The static analysis reveals no directly exposed attack vectors like AJAX handlers, REST API routes, or shortcodes that lack authorization. Taint analysis did not reveal any critical or high severity vulnerabilities with unsanitized paths, indicating a low risk of direct code injection or path traversal through analyzed flows.\n\nHowever, there are two flows identified with \"unsanitized paths\" in the taint analysis, which, while not classified as critical or high severity, represent a potential area of concern. The absence of details on these specific flows means their exact impact is unknown, but it suggests that user-supplied data might be processed in a way that could lead to unexpected behavior or, in a more complex scenario, a vulnerability if combined with other factors. Given the lack of past vulnerabilities, it's possible these are low-risk issues or are mitigated by other factors not evident in this summary. Overall, the plugin appears robust and well-maintained from a security perspective, but the presence of unsanitized paths warrants a closer look for complete assurance.",[191],{"reason":192,"points":193},"Flows with unsanitized paths found",10,"2026-03-16T21:42:40.008Z",{"wat":196,"direct":203},{"assetPaths":197,"generatorPatterns":199,"scriptPaths":200,"versionParams":201},[198],"\u002Fwp-content\u002Fplugins\u002Fez-downloader\u002Fassets\u002Fstyle.css",[],[],[202],"ez-downloader\u002Fassets\u002Fstyle.css?ver=",{"cssClasses":204,"htmlComments":205,"htmlAttributes":206,"restEndpoints":207,"jsGlobals":208,"shortcodeOutput":209},[],[],[],[],[],[]]