[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fT5XnX5RLY7KoMoU4q2tazKHtiso-4edBv8bIEXpCIK8":3,"$fC4EC_jZiufE4XDYl74QkWB_djW5LdTcM399OuS8RDDM":347,"$f8nMZ1rtYticAp2B5eECkAst0vJY_IvmlZ-aYSfHR6ZU":351},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":36,"analysis":133,"fingerprints":311},"freelancer-time-log-pro","Freelancer Time Log Pro","1.0.3","Fred","https:\u002F\u002Fprofiles.wordpress.org\u002Ffredawd\u002F","\u003Cp>Freelancer Time Log Pro is a lightweight time tracking plugin made for freelancers who want to track work fast without leaving wp-admin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Start\u002FStop timer in the WordPress admin bar\u003C\u002Fli>\n\u003Cli>Draggable floating timer\u003C\u002Fli>\n\u003Cli>Stop modal with client + project selection\u003C\u002Fli>\n\u003Cli>Ticket number + description\u003C\u002Fli>\n\u003Cli>Per-user entries overview\u003C\u002Fli>\n\u003Cli>Project totals + client totals\u003C\u002Fli>\n\u003Cli>CSV export (all, per project, per client)\u003C\u002Fli>\n\u003Cli>Delete single entries or bulk cleanup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Suggestions or feature requests? Feel free to reach out via https:\u002F\u002Fwww.alentejowebdesign.nl\u002F — if you’d like to see specific improvements or extensions, let me know.\u003C\u002Fp>\n","A simple time tracking plugin for freelancers: admin-bar start\u002Fstop timer, per-user entries, client\u002Fproject assignment, totals and CSV export.",0,82,"2026-04-05T08:18:00.000Z","6.9.4","6.0","7.4",[18,19,20,21,22],"admin-bar","freelancers","productivity","time-tracker","time-tracking","https:\u002F\u002Fwww.alentejowebdesign.nl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffreelancer-time-log-pro.1.0.3.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"fredawd",1,30,94,"2026-05-20T02:56:26.622Z",[37,56,75,94,115],{"slug":38,"name":39,"version":6,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":11,"num_ratings":11,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":49,"download_link":53,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":55},"adminimal-bar","AdMinimal Bar – Minimize the Admin Bar","DCODED","https:\u002F\u002Fprofiles.wordpress.org\u002Fdcodeddev\u002F","\u003Cp>AdMinimal Bar is designed to streamline your workflow and enhance productivity. With AdMinimal Bar, you can minimize the WordPress admin bar on the frontend, reducing distractions and providing a clean, distraction-free environment. The admin bar expands only when you hover over it, giving you quick access to essential features without cluttering your screen. Experience a seamless and focused workflow with AdMinimal Bar.\u003C\u002Fp>\n","AdMinimal Bar is designed to streamline your workflow and enhance productivity. With AdMinimal Bar, you can minimize the WordPress admin bar on the fr …",10,918,"2023-06-07T21:21:00.000Z","6.2.9","4.0","",[18,51,20,52],"frontend","workflow","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadminimal-bar.1.0.3.zip",85,"2026-04-06T09:54:40.288Z",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":11,"downloaded":64,"rating":25,"num_ratings":32,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"admin-hero","AdminHero","1.3.1","WebPro","https:\u002F\u002Fprofiles.wordpress.org\u002Fnchisley\u002F","\u003Cp>Admin Hero for website administrators provides a fast, convenient way to capture important information right inside the WordPress dashboard. With a simple floating button in the admin bar, you can open a sleek, distraction-free modal to jot down notes, reminders, or project instructions. Notes are saved securely and persist across sessions, making it ideal for solo developers, client handoffs, or multi-admin teams. Whether you’re managing one site or dozens, Admin Hero keeps your thoughts organized and always within reach. Toggles the modal to fill the viewport for complete distraction freedom.\u003C\u002Fp>\n\u003Cp>Go \u003Cstrong>Pro\u003C\u002Fstrong> for some awesome features, with many more to come: \u003Ca href=\"https:\u002F\u002Fadminhero.pro\" rel=\"nofollow ugc\">AdminHero.pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Pro features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Autosave Notes:\u003C\u002Fstrong> Continuously saves your note content as you type (and on close), with visual “autosaved” feedback.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Persistence Mode:\u003C\u002Fstrong> Remembers whether the modal was open (and its position\u002Ffullscreen state) across page loads and navigation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dragging Modal:\u003C\u002Fstrong> Lets you click-and-drag the modal header to reposition it, remembers that position, and offers a “reset” link.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Floater (Dashboard):\u003C\u002Fstrong> Adds a convenient and persistent floating button to access your Hero from anywhere in the dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frontend Mode:\u003C\u002Fstrong> Brings all the same functionality to your site’s front end.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out our other awesome plugins: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-shift\" rel=\"ugc\">Admin Shift\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftruncate-text\" rel=\"ugc\">Truncate Text\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>After activation, an AdminHero logo icon appears in the admin bar.  \u003C\u002Fli>\n\u003Cli>Click the icon to open the notes modal.  \u003C\u002Fli>\n\u003Cli>Write or edit your notes using the editor.  \u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Save\u003C\u002Fstrong> to store your notes.\u003C\u002Fli>\n\u003Cli>Use the info panel to store important client info.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you have questions or issues, please reach out at \u003Ca href=\"https:\u002F\u002Fadminhero.pro\" rel=\"nofollow ugc\">AdminHero.pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>We welcome contributions! See our guidelines at \u003Ca href=\"https:\u002F\u002Fadminhero.pro\" rel=\"nofollow ugc\">AdminHero.pro\u003C\u002Fa>.\u003C\u002Fp>\n","Admin notes for website administrators, accessible via a modal that lets you write, edit, and save notes directly within the WordPress dashboard.",1303,"2025-06-18T00:28:00.000Z","6.8.5","5.0","7.2",[70,18,71,72,20],"admin","memo","notes","https:\u002F\u002FNateChisley.com\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-hero.1.3.1.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":33,"last_updated":86,"tested_up_to":66,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":92,"download_link":93,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"hide-admin-bar","Hide Admin Bar","1.0.2","David Vongries","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidvongries\u002F","\u003Cp>Hides the Admin Bar in WordPress 3.1+.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New! You can now hide the WordPress admin bar for specific user roles!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>What’s next?\u003C\u002Fh3>\n\u003Cp>If you like Hide Admin Bar, you will love our other, free WordPress products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbetteradminbar.com\u002F?utm_source=hide_admin_bar&utm_medium=repository&utm_campaign=bab\" rel=\"nofollow ugc\">Better Admin Bar\u003C\u002Fa>\u003C\u002Fstrong> – The plugin to make your clients enjoy WordPress. It replaces the default admin bar to provide the best possible user experience when editing & navigating a website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-pagebuilderframework.com\u002F?utm_source=hide_admin_bar&utm_medium=repository&utm_campaign=wpbf\" rel=\"nofollow ugc\">Page Builder Framework\u003C\u002Fa>\u003C\u002Fstrong> – A fast & minimalistic WordPress theme designed for the new WordPress era.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fultimatedashboard.io\u002F?utm_source=hide_admin_bar&utm_medium=repository&utm_campaign=udb\" rel=\"nofollow ugc\">Ultimate Dashboard\u003C\u002Fa>\u003C\u002Fstrong> – The #1 WordPress plugin to customize your WordPress dashboard and admin area.\u003C\u002Fli>\n\u003C\u002Ful>\n","Hide the Admin Bar in WordPress 3.1+.",20000,810224,90,"2025-11-04T09:02:00.000Z","3.1","5.6",[70,18,90,91,76],"hidden","hide","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-admin-bar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-bar.1.0.2.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":83,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":88,"tags":108,"homepage":112,"download_link":113,"security_score":25,"vuln_count":32,"unpatched_count":11,"last_vuln_date":114,"fetched_at":27},"hide-admin-bar-based-on-user-roles","Hide Admin Bar Based on User Roles","7.2.1","Ankit Panchal","https:\u002F\u002Fprofiles.wordpress.org\u002Fankitmaru\u002F","\u003Cp>\u003Cstrong>Hide Admin Bar Based On User Roles\u003C\u002Fstrong> gives you complete control over who sees the WordPress toolbar.\u003C\u002Fp>\n\u003Cp>Whether you are running a membership site, a WooCommerce store, or simply want a cleaner frontend for your subscribers, this plugin lets you hide the admin bar with precision — by role, capability, device, page, or time. Stop exposing backend links to users who don’t need them.\u003C\u002Fp>\n\u003Cp>The plugin is lightweight, developer-friendly, and works immediately upon activation — no configuration required to get started.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F25WBldgArAk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F_BAwxGVnKNY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Simple but great plugin. 🙂\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fsimple-but-great-plugin-12\u002F\" rel=\"ugc\">wptoolsdev\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Works flawlessly! 🙂\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fworks-flawlessly-129\u002F\" rel=\"ugc\">thebrazeneye\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>🚀 Key Features (Free)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hide for All Users:\u003C\u002Fstrong> Completely remove the admin bar from the frontend for everyone.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide for Guests:\u003C\u002Fstrong> Ensure non-logged-in visitors never see the toolbar.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Hiding:\u003C\u002Fstrong> Select specific roles (e.g., Subscriber, Customer, Editor) to hide the bar for.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Capability-Based Hiding:\u003C\u002Fstrong> Hide the bar based on WordPress capabilities (e.g., hide for anyone who cannot \u003Ccode>manage_options\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight & Fast:\u003C\u002Fstrong> Zero bloat — no external requests, no database overhead on the frontend.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🏆 Premium Features (Pro)\u003C\u002Fh3>\n\u003Cp>Unlock advanced visibility logic with the \u003Ca href=\"https:\u002F\u002Fpluginstack.dev\u002Fplugins\u002Fhide-admin-bar-pro\" rel=\"nofollow ugc\">Pro version\u003C\u002Fa>:\u003Cbr \u002F>\n* \u003Cstrong>Page-Based Targeting:\u003C\u002Fstrong> Show or hide the admin bar only on specific URLs, post types, or page templates.\u003Cbr \u002F>\n* \u003Cstrong>Device Detection:\u003C\u002Fstrong> Hide the toolbar on Mobile or Tablet to save screen space, while keeping it on Desktop.\u003Cbr \u002F>\n* \u003Cstrong>Per-User Overrides:\u003C\u002Fstrong> Manually force the admin bar to show or hide for individual user accounts.\u003Cbr \u002F>\n* \u003Cstrong>Time-Based Visibility:\u003C\u002Fstrong> Automatically hide the bar during specific hours of the day.\u003Cbr \u002F>\n* \u003Cstrong>Smart Redirects:\u003C\u002Fstrong> Redirect users to the homepage or a custom URL when they try to access the backend.\u003Cbr \u002F>\n* \u003Cstrong>Inactivity Auto-Hide:\u003C\u002Fstrong> Automatically slide the toolbar away after a configurable period of inactivity.\u003Cbr \u002F>\n* \u003Cstrong>Import \u002F Export Settings:\u003C\u002Fstrong> Back up and migrate your configuration across sites in one click.\u003C\u002Fp>\n\u003Ch3>You can check our other plugins:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimakit-for-wp\u002F\" rel=\"ugc\">All-in-One WordPress Toolkit for SEO, Security, Customization, and Performance\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flike-dislike-for-wp\u002F\" rel=\"ugc\">Like Dislike For WP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-block-editor-fullscreen-mode\u002F\" rel=\"ugc\">Disable Block Editor FullScreen mode\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnoteflow\u002F\" rel=\"ugc\">NoteFlow – Smart Notes Manager for WordPress Admin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","Hide the WordPress Admin Bar for specific user roles, capabilities, devices, pages, or time windows. The ultimate toolbar control plugin for membershi …",786650,78,20,"2026-04-13T18:20:00.000Z","7.0","5.5",[18,109,76,110,111],"admin-toolbar","toolbar","user-roles","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-admin-bar-based-on-user-roles\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-bar-based-on-user-roles.7.2.1.zip","2022-02-21 00:00:00",{"slug":116,"name":117,"version":78,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":33,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":49,"tags":128,"homepage":49,"download_link":131,"security_score":132,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"hide-admin-bar-from-non-admins","Hide Admin Bar from Non-Admins","Andrew Lima","https:\u002F\u002Fprofiles.wordpress.org\u002Fandrewza\u002F","\u003Ch3>Install, activate, and you’re done.\u003C\u002Fh3>\n\u003Cp>This plugin hides the WordPress Toolbar (admin bar) for all visitors and users without the ‘administrator’ role. It’s a very simple plugin with no settings to configure.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use this plugin for sites with only one admin who needs access to the dashboard and the admin bar.\u003C\u002Fli>\n\u003Cli>This plugin is super lightweight, with just a few lines of code.\u003C\u002Fli>\n\u003Cli>If you need to show the toolbar for other user roles, use the filter \u003Ccode>habfna_show_admin_bar_roles\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is a tweak of the code by Yoast to hide the admin bar for non-admins only.\u003C\u002Fp>\n","Hides the WordPress toolbar (admin bar) for all non-admin users. Simple plugin with no settings to configure.",10000,237834,86,"2024-11-18T14:39:00.000Z","6.7.5","5.2",[18,129,130,110],"adminbar","dashboard","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-bar-from-non-admins.1.0.2.zip",92,{"attackSurface":134,"codeSignals":219,"taintFlows":229,"riskAssessment":298,"analyzedAt":310},{"hooks":135,"ajaxHandlers":172,"restRoutes":215,"shortcodes":216,"cronEvents":217,"entryPointCount":44,"unprotectedCount":218},[136,142,146,151,155,158,161,165,169],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","init","load_textdomain","freelancer-time-log-pro.php",31,{"type":137,"name":143,"callback":144,"file":140,"line":145},"admin_init","maybe_update_db",32,{"type":137,"name":147,"callback":148,"priority":149,"file":140,"line":150},"admin_bar_menu","admin_bar",200,34,{"type":137,"name":152,"callback":153,"file":140,"line":154},"admin_enqueue_scripts","enqueue_assets",35,{"type":137,"name":156,"callback":156,"file":140,"line":157},"admin_menu",37,{"type":137,"name":143,"callback":159,"file":140,"line":160},"register_settings",38,{"type":137,"name":162,"callback":163,"file":140,"line":164},"admin_post_frtlp_tlog_export_csv","export_csv",53,{"type":137,"name":166,"callback":167,"file":140,"line":168},"admin_footer","render_modal",391,{"type":137,"name":166,"callback":170,"file":140,"line":171},"render_floating_timer",392,[173,178,182,186,190,194,198,202,207,211],{"action":174,"nopriv":175,"callback":176,"hasNonce":175,"hasCapCheck":175,"file":140,"line":177},"frtlp_tlog_get_state",false,"ajax_get_state",41,{"action":179,"nopriv":175,"callback":180,"hasNonce":175,"hasCapCheck":175,"file":140,"line":181},"frtlp_tlog_start","ajax_start",42,{"action":183,"nopriv":175,"callback":184,"hasNonce":175,"hasCapCheck":175,"file":140,"line":185},"frtlp_tlog_pause","ajax_pause",43,{"action":187,"nopriv":175,"callback":188,"hasNonce":175,"hasCapCheck":175,"file":140,"line":189},"frtlp_tlog_resume","ajax_resume",44,{"action":191,"nopriv":175,"callback":192,"hasNonce":175,"hasCapCheck":175,"file":140,"line":193},"frtlp_tlog_finalize","ajax_finalize",45,{"action":195,"nopriv":175,"callback":196,"hasNonce":175,"hasCapCheck":175,"file":140,"line":197},"frtlp_tlog_reopen","ajax_reopen",46,{"action":199,"nopriv":175,"callback":200,"hasNonce":175,"hasCapCheck":175,"file":140,"line":201},"frtlp_tlog_stop_save","ajax_stop_save",47,{"action":203,"nopriv":175,"callback":204,"hasNonce":175,"hasCapCheck":205,"file":140,"line":206},"frtlp_tlog_delete_entry","ajax_delete_entry",true,48,{"action":208,"nopriv":175,"callback":209,"hasNonce":175,"hasCapCheck":205,"file":140,"line":210},"frtlp_tlog_delete_all","ajax_delete_all",49,{"action":212,"nopriv":175,"callback":213,"hasNonce":175,"hasCapCheck":175,"file":140,"line":214},"frtlp_tlog_delete_project","ajax_delete_project",50,[],[],[],8,{"dangerousFunctions":220,"sqlUsage":221,"outputEscaping":224,"fileOperations":32,"externalRequests":11,"nonceChecks":226,"capabilityChecks":227,"bundledLibraries":228},[],{"prepared":222,"raw":11,"locations":223},24,[],{"escaped":214,"rawEcho":11,"locations":225},[],2,5,[],[230,248,270,289],{"entryPoint":231,"graph":232,"unsanitizedCount":11,"severity":247},"ajax_delete_entry (freelancer-time-log-pro.php:795)",{"nodes":233,"edges":245},[234,239],{"id":235,"type":236,"label":237,"file":140,"line":238},"n0","source","$_POST",798,{"id":240,"type":241,"label":242,"file":140,"line":243,"wp_function":244},"n1","sink","get_row() [SQLi]",810,"get_row",[246],{"from":235,"to":240,"sanitized":205},"low",{"entryPoint":249,"graph":250,"unsanitizedCount":11,"severity":247},"export_csv (freelancer-time-log-pro.php:884)",{"nodes":251,"edges":267},[252,255,259,262],{"id":235,"type":236,"label":253,"file":140,"line":254},"$_GET (x2)",895,{"id":240,"type":241,"label":256,"file":140,"line":257,"wp_function":258},"get_results() [SQLi]",906,"get_results",{"id":260,"type":236,"label":261,"file":140,"line":254},"n2","$_GET",{"id":263,"type":241,"label":264,"file":140,"line":265,"wp_function":266},"n3","header() [Header Injection]",951,"header",[268,269],{"from":235,"to":240,"sanitized":205},{"from":260,"to":263,"sanitized":205},{"entryPoint":271,"graph":272,"unsanitizedCount":11,"severity":247},"\u003Cfreelancer-time-log-pro> (freelancer-time-log-pro.php:0)",{"nodes":273,"edges":285},[274,277,279,280,281,283],{"id":235,"type":236,"label":275,"file":140,"line":276},"$_POST (x2)",707,{"id":240,"type":241,"label":242,"file":140,"line":278,"wp_function":244},712,{"id":260,"type":236,"label":253,"file":140,"line":254},{"id":263,"type":241,"label":256,"file":140,"line":257,"wp_function":258},{"id":282,"type":236,"label":261,"file":140,"line":254},"n4",{"id":284,"type":241,"label":264,"file":140,"line":265,"wp_function":266},"n5",[286,287,288],{"from":235,"to":240,"sanitized":205},{"from":260,"to":263,"sanitized":205},{"from":282,"to":284,"sanitized":205},{"entryPoint":290,"graph":291,"unsanitizedCount":32,"severity":297},"ajax_reopen (freelancer-time-log-pro.php:704)",{"nodes":292,"edges":295},[293,294],{"id":235,"type":236,"label":237,"file":140,"line":276},{"id":240,"type":241,"label":242,"file":140,"line":278,"wp_function":244},[296],{"from":235,"to":240,"sanitized":175},"high",{"summary":299,"deductions":300},"The \"freelancer-time-log-pro\" v1.0.3 plugin demonstrates a mixed security posture. On the positive side, the plugin utilizes prepared statements for all SQL queries and properly escapes all output, which are strong indicators of good coding practices and protection against common vulnerabilities like SQL injection and cross-site scripting (XSS).  The absence of known CVEs and a clean vulnerability history further suggest a relatively stable and secure past.\n\nHowever, a significant concern arises from the attack surface. The plugin exposes 10 AJAX handlers, with a substantial 8 of them lacking proper authentication checks. This creates a wide entry point for potential attackers. Compounding this, the taint analysis revealed one flow with unsanitized paths, flagged as high severity. While not classified as critical, this unsanitized path, especially in conjunction with unprotected AJAX endpoints, warrants careful attention as it could lead to unintended file system access or other security breaches.\n\nIn conclusion, while the plugin excels in secure data handling through prepared statements and proper output escaping, the numerous unprotected AJAX endpoints and the identified high-severity unsanitized path represent the most critical security weaknesses. These areas significantly increase the risk of unauthorized actions and potential exploits, outweighing the strengths in other areas of the analysis. Further investigation and patching of these specific entry points are strongly recommended.",[301,303,305,308],{"reason":302,"points":218},"8 unprotected AJAX handlers",{"reason":304,"points":44},"1 high severity unsanitized path flow",{"reason":306,"points":307},"Limited nonce checks (2)",3,{"reason":309,"points":226},"Limited capability checks (5)","2026-04-16T15:05:49.221Z",{"wat":312,"direct":323},{"assetPaths":313,"generatorPatterns":317,"scriptPaths":318,"versionParams":319},[314,315,316],"\u002Fwp-content\u002Fplugins\u002Ffreelancer-time-log-pro\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Ffreelancer-time-log-pro\u002Fjs\u002Fadmin-script.js","\u002Fwp-content\u002Fplugins\u002Ffreelancer-time-log-pro\u002Fcss\u002Ffrontend-style.css",[],[315],[320,321,322],"freelancer-time-log-pro\u002Fcss\u002Fadmin-style.css?ver=","freelancer-time-log-pro\u002Fjs\u002Fadmin-script.js?ver=","freelancer-time-log-pro\u002Fcss\u002Ffrontend-style.css?ver=",{"cssClasses":324,"htmlComments":328,"htmlAttributes":329,"restEndpoints":332,"jsGlobals":343,"shortcodeOutput":346},[325,326,327],"frtlp-time-log-container","frtlp-time-log-running","frtlp-time-log-stopped",[],[330,331],"data-frtlp-user-id","data-frtlp-running-state",[333,334,335,336,337,338,339,340,341,342],"\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fstate","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fstart","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fpause","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fresume","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Ffinalize","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Freopen","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fstop-save","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fdelete-entry","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fdelete-all","\u002Fwp-json\u002Ffrtlp\u002Fv1\u002Fdelete-project",[344,345],"frtlp_admin_ajax_url","frtlp_current_user_id",[],{"error":205,"url":348,"statusCode":349,"statusMessage":350,"message":350},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ffreelancer-time-log-pro\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":32,"versions":352},[353],{"version":6,"download_url":24,"svn_tag_url":354,"released_at":26,"has_diff":175,"diff_files_changed":355,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":356,"is_current":205},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffreelancer-time-log-pro\u002Ftags\u002F1.0.3\u002F",[],[]]