[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fu7EAAwdhEjrG7c_Ynr65ycWJ6-9YE8iYwtPWJ4vq-FI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":46,"crawl_stats":35,"alternatives":53,"analysis":150,"fingerprints":189},"first-graders-toolbox","1 click disable all","1.0.3","Atakan Au","https:\u002F\u002Fprofiles.wordpress.org\u002Fatakanau\u002F","\u003Cp>Add the link for disable all plugins with one click\u003Cbr \u002F>\nVisit my blog for details, support request and feedback: \u003Ca href=\"https:\u002F\u002Fatakanau.blogspot.com\u002F2023\u002F06\u002Fone-click-disable-all-plugins-wp-plugin.html\" rel=\"nofollow ugc\">1 click disable all\u003C\u002Fa>\u003C\u002Fp>\n","Disable all plugins with one click",0,1030,"2025-04-09T12:28:00.000Z","6.8.5","5.0","5.6",[18,19,20,21,22],"access","admin","disable","remote","tool","https:\u002F\u002Fatakanau.blogspot.com\u002F2023\u002F06\u002Fone-click-disable-all-plugins-wp-plugin.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffirst-graders-toolbox.1.0.3.zip",100,1,"2023-12-05 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":37,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":27,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2024-21749","1-click-disable-all-cross-site-request-forgery","1 click disable all \u003C= 1.0.1 - Cross-Site Request Forgery","The 1 click disable all plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'ATAKANAUFGT_atakanau_plgn_page' function. This makes it possible for unauthenticated attackers to deactivate all plugins via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.0.1","1.0.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-03-11 08:49:11",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe7c98de6-7e76-48f3-aa79-57bf4f387428?source=api-prod",97,{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":25,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},"atakanau",10,2230,27,94,"2026-04-04T15:36:18.023Z",[54,77,100,116,133],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":25,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":74,"download_link":75,"security_score":76,"vuln_count":11,"unpatched_count":11,"last_vuln_date":35,"fetched_at":28},"hide-admin-toolbar","Hide Admin Toolbar","1.0","Aftab Ali Muni","https:\u002F\u002Fprofiles.wordpress.org\u002Faftabmuni\u002F","\u003Cp>This plugin is used to hide admin toolbar from website. It will hide that bar when you are logged in and viewing the site.\u003C\u002Fp>\n","This plugin is used to hide admin toolbar from website. It will hide that bar when you are logged in and viewing the site.",8000,55411,4,"2023-11-26T07:19:00.000Z","6.4.8","3.1","",[70,71,72,73],"disable-admin-bar","disable-admin-toolbar","hide-admin-bar","remove-admin-bar-from-website","https:\u002F\u002Faftabmuni.wordpress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-toolbar.zip",85,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":51,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":97,"download_link":98,"security_score":25,"vuln_count":26,"unpatched_count":11,"last_vuln_date":99,"fetched_at":28},"admin-bar-dashboard-control","Admin Bar & Dashboard Access Control","1.2.9","Collins Agbonghama","https:\u002F\u002Fprofiles.wordpress.org\u002Fcollizo4sky\u002F","\u003Cp>Simple plugin for disabling admin bar and preventing access to WordPress dashboard based on a user’s roles.\u003C\u002Fp>\n\u003Cp>It is that simple 😀\u003C\u002Fp>\n\u003Ch3>Plugins you will like:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ffusewp.com\u002F\" rel=\"nofollow ugc\">FuseWP\u003C\u002Fa>\u003C\u002Fstrong>: Connect wordPress to marketing platforms and sync users to your email list.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-user-avatar\u002F\" rel=\"ugc\">ProfilePress\u003C\u002Fa>\u003C\u002Fstrong>: A simple yet powerful eCommerce and paid membership plugin for accepting one-time and recurring payments and selling subscriptions via Stripe & PayPal, restrict content and control user access. \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmailoptin.io\u002F\" rel=\"nofollow ugc\">MailOptin\u003C\u002Fa>\u003C\u002Fstrong> – The best WordPress email optin forms, email automation & newsletters plugin in the market.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable admin bar and control users access to WordPress dashboard.",3000,70187,18,"2025-12-04T13:26:00.000Z","6.9.4","6.0","5.4",[93,94,70,95,96],"admin-bar","admin-dashboard","disable-toolbar","toolbar","https:\u002F\u002Fprofilepress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-bar-dashboard-control.1.2.9.zip","2023-10-31 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":25,"downloaded":108,"rating":25,"num_ratings":109,"last_updated":110,"tested_up_to":89,"requires_at_least":111,"requires_php":16,"tags":112,"homepage":114,"download_link":115,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":35,"fetched_at":28},"hide-admin-navbar","MM Admin Bar","1.10.2","Mehraz Morshed","https:\u002F\u002Fprofiles.wordpress.org\u002Fmehrazmorshed\u002F","\u003Cp>This plugin, when activated, hides the admin navigation bar from the front end.\u003C\u002Fp>\n\u003Ch3>What is Hide Admin Bar?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin is the ultimate solution for WordPress websites to hide admin toolbar from the frontend.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why disable admin bar?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Sometimes you need to disable admin toolbar to feel the user experience on your WordPress-powered websites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to remove admin bar?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This lightweight and user-friendly plugin empowers you to remove admin toolbar from the frontend of your site.\u003C\u002Fli>\n\u003C\u002Ful>\n","Hide the admin bar from the frontend.",8451,2,"2026-02-04T18:10:00.000Z","4.4",[70,71,72,55,113],"remove-admin-bar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-admin-navbar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-navbar.zip",{"slug":117,"name":118,"version":57,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":25,"num_ratings":26,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":68,"tags":128,"homepage":131,"download_link":132,"security_score":76,"vuln_count":11,"unpatched_count":11,"last_vuln_date":35,"fetched_at":28},"disable-pointers","Disable Pointers","Simon Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Flumpysimon\u002F","\u003Cp>When new features are introduced into WordPress, various helpful pointers (tooltips) maybe shown to users on the admin screens. This simple plugin disables them for all users. No options, no configuration, just install and activate.\u003C\u002Fp>\n","Disable the pointers (tooltips) shown on WordPress admin screens",40,3023,"2015-04-27T22:45:00.000Z","4.2.39","3.3",[19,20,129,130],"pointers","tooltips","https:\u002F\u002Fgithub.com\u002Flumpysimon\u002Fwp-disable-pointers","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-pointers.zip",{"slug":134,"name":135,"version":57,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":48,"downloaded":140,"rating":11,"num_ratings":11,"last_updated":141,"tested_up_to":142,"requires_at_least":143,"requires_php":68,"tags":144,"homepage":147,"download_link":148,"security_score":149,"vuln_count":11,"unpatched_count":11,"last_vuln_date":35,"fetched_at":28},"tcbd-wp-admin-bar-hide","TCBD WP Admin Bar Hide","Touhidul Sadeek","https:\u002F\u002Fprofiles.wordpress.org\u002Ftcoder\u002F","\u003Cp>Hide your admin bar when you are login.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy to use.\u003C\u002Fli>\n\u003Cli>Supper Light (Only 1KB).\u003C\u002Fli>\n\u003C\u002Ful>\n","Hide your admin bar when you are login.",2319,"2024-05-19T12:07:00.000Z","6.5.8","3.0",[93,70,95,145,146],"remove-toolbar","remove-wordpress-toolbar","http:\u002F\u002Fdemos.tcoderbd.com\u002Fwordpress_plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftcbd-wp-admin-bar-hide.1.0.zip",92,{"attackSurface":151,"codeSignals":172,"taintFlows":180,"riskAssessment":181,"analyzedAt":188},{"hooks":152,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":11,"unprotectedCount":11},[153,159,163],{"type":154,"name":155,"callback":156,"file":157,"line":158},"action","admin_menu","add_plugin_menu","first-graders-toolbox.php",23,{"type":154,"name":160,"callback":161,"file":157,"line":162},"admin_enqueue_scripts","enqueue_scripts",24,{"type":164,"name":165,"callback":166,"priority":48,"file":157,"line":167},"filter","plugin_row_meta","add_plugin_meta_links",25,[],[],[],[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":11,"externalRequests":11,"nonceChecks":26,"capabilityChecks":11,"bundledLibraries":179},[],{"prepared":11,"raw":11,"locations":175},[],{"escaped":177,"rawEcho":11,"locations":178},5,[],[],[],{"summary":182,"deductions":183},"The static analysis of \"first-graders-toolbox\" v1.0.3 indicates a generally strong security posture.  There are no identified dangerous functions, SQL queries use prepared statements exclusively, and all output is properly escaped.  Furthermore, the absence of file operations and external HTTP requests minimizes common attack vectors.  The presence of a nonce check is a positive sign of security awareness.\n\nHowever, the plugin has a history of one known CVE, specifically a medium-severity Cross-Site Request Forgery (CSRF) vulnerability, which was last recorded on December 5, 2023. While this vulnerability is listed as patched, the fact that it existed in the first place warrants attention, especially since the current version v1.0.3 is not explicitly stated as being after this patch. The lack of capability checks on any entry points, though there are no entry points identified in this analysis, is a potential area for concern if functionality were to be added in the future without proper authorization checks.\n\nIn conclusion, the code itself appears to be well-written from a security perspective in this version, with no immediate critical or high risks detected within the static analysis. The primary concern stems from the past vulnerability history. While no vulnerabilities are currently unpatched, the presence of a CSRF issue suggests that careful auditing of any new features and continued vigilance are necessary. The absence of capability checks is a weakness that could become a significant risk if the plugin's functionality expands.",[184,186],{"reason":185,"points":48},"Past Medium Severity CVE (CSRF)",{"reason":187,"points":177},"No capability checks on entry points","2026-03-17T07:03:17.989Z",{"wat":190,"direct":197},{"assetPaths":191,"generatorPatterns":193,"scriptPaths":194,"versionParams":195},[192],"\u002Fwp-content\u002Fplugins\u002Ffirst-graders-toolbox\u002Fscript.js",[],[192],[196],"first-graders-toolbox\u002Fscript.js?ver=",{"cssClasses":198,"htmlComments":199,"htmlAttributes":200,"restEndpoints":201,"jsGlobals":202,"shortcodeOutput":204},[],[],[],[],[203],"atakanaufgt_script",[]]