[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2FJYjLG1Nr_joOcNMMJfQnFqEsSPG_l3DSKwMrFI4WY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":145,"fingerprints":200},"global-settings","Global Setting","1.1","victor4g","https:\u002F\u002Fprofiles.wordpress.org\u002Fvictor4g\u002F","\u003Cp>Global Setting allows you to add, update and delete the global variables for your blog. Get Paid version at : http:\u002F\u002Fjust4u.x10.bz\u002Fglobal\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>You can add new custom global variables for your blog.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Short code available to use that created option values in post and page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>You can add Logtext as global variable value with HTML tags.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>You can add Global settings for your site i.e Facebook Api Key, Home page text etc.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Settings\u003C\u002Fh3>\n\u003Cp>Go to Admin -> click on Global Setting tab.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Click on add option button to add new option.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Duble click on option value to edit it and then press update button to save it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","Global Setting allows you to add, update and delete the global variables for your blog. Get Paid version at : http:\u002F\u002Fjust4u.x10.bz\u002Fglobal",100,2809,80,4,"2013-03-03T16:41:00.000Z","3.5.2","2.0.2","",[20,21,22,23,24],"custom","custom-global-fields","global","global-setting","settings","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fglobal-settings.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,110,30,84,"2026-04-04T17:17:41.218Z",[38,61,85,106,125],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":11,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":26,"vuln_count":59,"unpatched_count":27,"last_vuln_date":60,"fetched_at":29},"custom-global-variables","Custom Global Variables","1.1.2","akirak","https:\u002F\u002Fprofiles.wordpress.org\u002Fakirak\u002F","\u003Cp>Create your own custom variables to manage information on your website such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Phone numbers\u003C\u002Fli>\n\u003Cli>Addresses\u003C\u002Fli>\n\u003Cli>Social media links\u003C\u002Fli>\n\u003Cli>HTML snippets\u003C\u002Fli>\n\u003Cli>And anything else\u003Cbr \u002F>\ntest\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Easily access them globally in WordPress and PHP.\u003C\u002Fp>\n\u003Ch4>Why you need it\u003C\u002Fh4>\n\u003Cp>Rather than having to change something like an email address across multiple pages, you can do it in one place. Avoid the pitfalls of hard coding information in your WordPress theme that is likely to change.\u003C\u002Fp>\n\u003Ch4>Why it’s better\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Your variables are stored and retrieved locally without any calls to the database. That means faster load times for your pages!\u003C\u002Fli>\n\u003Cli>Variables can be accessed easily in PHP from the global scope.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Display your variables using the shortcode syntax:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[cgv variable-name]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Or using the superglobal in PHP:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php echo $GLOBALS['cgv']['variable-name'] ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Easily create custom variables that can be accessed globally in Wordpress and PHP. Retrieval of information is extremely fast, with no database calls.",5000,20866,10,"2023-03-22T21:22:00.000Z","6.1.10","3.0.1","5.6",[39,54,24,55,56],"options","shortcodes","variables","https:\u002F\u002Fwww.newtarget.com\u002Fsolutions\u002Fwordpress-websites","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-global-variables.1.1.2.zip",1,"2021-01-11 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":82,"download_link":83,"security_score":11,"vuln_count":59,"unpatched_count":27,"last_vuln_date":84,"fetched_at":29},"astra-import-export","Import \u002F Export Customizer Settings","1.1.0","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Cp>Astra theme customizer offers several settings for header\u002Ffooter layout, sidebar and blog designs, colors, backgrounds, typography and much more. You need to tweak the number of settings to make your site look flawless. These settings can be moved to other Astra sites easily with Import \u002F Export Customizer Settings plugin. It will save repetitive work to arrange all customizer settings for each new Astra site or while moving the site from local to live.\u003C\u002Fp>\n\u003Cp>It is an easy-to-use plugin for the Astra theme that lets you import-export customizer settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This Import\u002FExport plugin is created only for the \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002F?utm_source=wp-repo&utm_campaign=home-page-banner-for-astra-theme&utm_medium=description\" rel=\"nofollow ugc\">Astra theme\u003C\u002Fa>. You should have the Astra theme installed and activated on your website.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbsf.io\u002Fastra-import-export-demo\" rel=\"nofollow ugc\">Try it out on a free dummy site\u003C\u002Fa>\u003C\u002Fp>\n","Astra theme customizer offers several settings for header\u002Ffooter layout, sidebar and blog designs, colors, backgrounds, typography and much more.",50000,1008491,94,6,"2025-12-01T09:46:00.000Z","6.9.4","4.4","5.4",[78,79,80,24,81],"astra-addons-export","customizer-settings","import","theme-settings","https:\u002F\u002Fwpastra.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fastra-import-export.1.1.0.zip","2020-09-16 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":95,"num_ratings":96,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":18,"tags":100,"homepage":18,"download_link":105,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"display-html-sitemap","Simple HTML Sitemap","1.0.5","Dipak Kumar Pusti","https:\u002F\u002Fprofiles.wordpress.org\u002Fdipakbbsr\u002F","\u003Cp>Simple HTML Sitemap will generate HTML sitemap for your sitemap page. The plugin will not only show Page and Posts but also your other Custom Post Type like Products etc. You can also configure to show or hide your Post Types.\u003C\u002Fp>\n\u003Ch4>Available Shortcodes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[display-html-sitemap]\u003C\u002Fli>\n\u003C\u002Ful>\n","Simple HTML Sitemap creates beautiful sitemap for you website with it's dedicated shortcode.",1000,11677,74,3,"2020-06-23T10:23:00.000Z","5.4.19","4.0",[101,102,103,24,104],"custom-post-type","html-sitemap","post-type","sitemap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-html-sitemap.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":11,"num_ratings":32,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":18,"tags":119,"homepage":123,"download_link":124,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"cfs-options-screens","CFS Options Screens","1.2.7","Jon Christopher","https:\u002F\u002Fprofiles.wordpress.org\u002Fjchristopher\u002F","\u003Cp>Build any number of options screens based on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-field-suite\u002F\" rel=\"ugc\">Custom Field Suite\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>For Example\u003C\u002Fh4>\n\u003Cp>Begin by creating Field Group(s) you want to include on your options screen. \u003Cstrong>Be sure to set NO Placement Rules.\u003C\u002Fstrong> Once it’s created, note the post ID it uses. You can then register any number of options screens like so:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_cfs_options_screens( $screens ) {\n    $screens[] = array(\n        'name'            => 'options',\n        'menu_title'      => __( 'Site Options' ),\n        'page_title'      => __( 'Customize Site Options' ),\n        'menu_position'   => 100,\n        'icon'            => 'dashicons-admin-generic', \u002F\u002F optional, dashicons-admin-generic is the default\n        'field_groups'    => array( 'My Field Group' ), \u002F\u002F Field Group name(s) of CFS Field Group to use on this page (can also be post IDs)\n    );\n\n    return $screens;\n}\n\nadd_filter( 'cfs_options_screens', 'my_cfs_options_screens' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Retrieve your options like so:\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>$value = cfs_get_option( 'options_screen_name', 'cfs_field_name_from_field_group' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can set up multiple top level and\u002For children options pages by adding a \u003Ccode>parent\u003C\u002Fcode> argument when registering your screen:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_cfs_options_screens( $screens ) {\n\n    \u002F\u002F Parent\n    $screens[] = array(\n        'name'         => 'options',\n        'field_groups' => array( 'My Parent Field Group Name' ),\n    );\n\n    \u002F\u002F Child\n    $screens[] = array(\n        'name'         => 'options-nav',\n        'parent'       => 'options', \u002F\u002F name of the parent\n        'field_groups' => array( 'My Child Field Group Name' ),\n    );\n\n    return $screens;\n }\n\n add_filter( 'cfs_options_screens', 'my_cfs_options_screens' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also use CFS Options Screens to set up Field Group ‘defaults’, allowing a Field Group to appear both on a CFS Options Screen and a post edit screen. The CFS Options Screen will act as the default\u002Ffallback and the post edit screen will override those defaults.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_cfs_options_screens( $screens ) {\n    $screens[] = array(\n        'name'            => 'options',\n        'menu_title'      => __( 'Site Options' ),\n        'page_title'      => __( 'Customize Site Options' ),\n        'menu_position'   => 100,\n        'icon'            => 'dashicons-admin-generic', \u002F\u002F optional, dashicons-admin-generic is the default\n        'field_groups'    => array(\n            array(\n                'title'         => 'My CFS Field Group Name',\n                'has_overrides' => true,\n            ),\n        ),\n    );\n\n    return $screens;\n}\n\nadd_filter( 'cfs_options_screens', 'my_cfs_options_screens' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Check out the \u003Ccode>cfs_options_screens_override_note_default\u003C\u002Fcode> and \u003Ccode>cfs_options_screens_override_note_override\u003C\u002Fcode> filters to customize the messaging for CFS Options Screens overrides.\u003C\u002Fp>\n","Create options screens that utilize Custom Field Suite",400,6812,"2022-02-10T17:11:00.000Z","5.9.0","3.9",[120,121,54,122,24],"cfs","custom-field-suite","screen","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcfs-options-screens\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcfs-options-screens.1.2.7.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":27,"num_ratings":27,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":18,"tags":138,"homepage":143,"download_link":144,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"admin-customization","Admin Customization","2.0.1","Alex Ciobica","https:\u002F\u002Fprofiles.wordpress.org\u002Fciobi\u002F","\u003Cp>Admin Customization allows you to change the appearance of your WordPress backend.\u003C\u002Fp>\n\u003Cp>The plugin allows you to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>change the backend favicon.\u003C\u002Fli>\n\u003Cli>change the backend logo.\u003C\u002Fli>\n\u003Cli>hide the admin logo text and \u002F or logo image.\u003C\u002Fli>\n\u003Cli>change the logo text font size.\u003C\u002Fli>\n\u003Cli>change the login page logo with a logo of any width.\u003C\u002Fli>\n\u003Cli>change the admin footer text.\u003C\u002Fli>\n\u003Cli>disable dashboard widgets.\u003C\u002Fli>\n\u003Cli>hide update notices and plugin update count.\u003C\u002Fli>\n\u003Cli>turn on redirection to homepage on administration panels logout.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Translations available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Romanian\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin also corrects some WordPress UX mistakes like not being able to click on the backend or on the login logos, and the fact that the user info dropdown list is mistakenly 2px larger than the dropdown header.\u003C\u002Fp>\n\u003Ch4>Author\u003C\u002Fh4>\n\u003Cp>You should should follow me (@ciobi) on \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fciobi\u002F\" rel=\"nofollow ugc\">twitter\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Plugin Last Updated\u003C\u002Fh4>\n\u003Cp>October 30th, 2011\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Romanian\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Cristi Burcă] (http:\u002F\u002Fscribu.net), for scbFramework (http:\u002F\u002Fscribu.net\u002Fwordpress\u002Fscb-framework), the plugin framework on which this plugin was built\u003C\u002Fli>\n\u003C\u002Ful>\n","Customize your Wordpress backend.",200,25642,"2011-10-29T23:14:00.000Z","3.2.1","3.2",[139,140,141,142,24],"admin","backend","customization","favicon","https:\u002F\u002Fgithub.com\u002Fc10b10\u002Fwp-admin-customization\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-customization.2.0.1.zip",{"attackSurface":146,"codeSignals":161,"taintFlows":185,"riskAssessment":186,"analyzedAt":199},{"hooks":147,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":160,"entryPointCount":59,"unprotectedCount":27},[148],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","admin_menu","gbs_custom_options","gbs.php",35,[],[],[157],{"tag":22,"callback":158,"file":152,"line":159},"gbs_global_option",36,[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":173,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":184},[],{"prepared":27,"raw":32,"locations":164},[165,169],{"file":166,"line":167,"context":168},"gbs-option.php",58,"$wpdb->get_results() with variable interpolation",{"file":170,"line":171,"context":172},"uninstall.php",11,"$wpdb->query() with variable interpolation",{"escaped":27,"rawEcho":14,"locations":174},[175,178,180,182],{"file":166,"line":176,"context":177},12,"raw output",{"file":166,"line":179,"context":177},83,{"file":166,"line":181,"context":177},95,{"file":166,"line":183,"context":177},135,[],[],{"summary":187,"deductions":188},"The \"global-settings\" plugin v1.1 exhibits a mixed security posture. On the positive side, the plugin has no recorded vulnerabilities (CVEs), no bundled libraries, and no external HTTP requests, which are all excellent indicators of good security hygiene. The attack surface is also minimal, with only one shortcode and no AJAX handlers or REST API routes that are exposed without authentication checks.\n\nHowever, the static analysis reveals significant concerns regarding data handling. Specifically, the plugin performs SQL queries without using prepared statements, which is a critical vulnerability that could lead to SQL injection. Furthermore, all output is unescaped, presenting a high risk of cross-site scripting (XSS) vulnerabilities. The absence of nonce checks and capability checks on its entry points, combined with the lack of taint analysis data, suggests a potential for other unaddressed security flaws, especially if the shortcode handler is not robustly secured.\n\nGiven the lack of historical vulnerabilities, it's possible the plugin has not been extensively targeted or that its limited functionality has not exposed deeper issues. Nonetheless, the identified SQL and XSS risks are severe and require immediate attention. The plugin's strengths lie in its minimal attack surface and clean vulnerability history, but these are overshadowed by critical flaws in data sanitization and secure coding practices.",[189,191,194,197],{"reason":190,"points":48},"Raw SQL queries without prepared statements",{"reason":192,"points":193},"No output escaping for any output",8,{"reason":195,"points":196},"Missing nonce checks",5,{"reason":198,"points":196},"Missing capability checks","2026-03-16T20:53:05.657Z",{"wat":201,"direct":207},{"assetPaths":202,"generatorPatterns":204,"scriptPaths":205,"versionParams":206},[203],"\u002Fwp-content\u002Fplugins\u002Fglobal-settings\u002Fdownload.png",[],[],[],{"cssClasses":208,"htmlComments":209,"htmlAttributes":210,"restEndpoints":211,"jsGlobals":212,"shortcodeOutput":213},[],[],[],[],[],[22]]