[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdAfxjD12nwRs8oA9PWjYtTmsk0Ype8C_GmaeYYaW1e0":3,"$fFtS9pjAa1FDKZ0aV5gFTGLH_f38aAYKGxQZzz42VG80":162,"$f71h9dORA_OyA4ooZbUoVREIOSBElTEs_0uFgrGtov0M":167},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":32,"analysis":123,"fingerprints":149},"headless-pages","Headless Pages","1.0.1","johnmmackey","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnmmackey\u002F","\u003Cp>This WordPress plugin is designed to be used when WP is deployed as a Headless CMS.\u003C\u002Fp>\n\u003Cp>Using \u003Ca href=\"https:\u002F\u002Fwww.advancedcustomfields.com\" rel=\"nofollow ugc\">Advanced Custom Fields\u003C\u002Fa> provides fine-grained control for content modeling;\u003Cbr \u002F>\nthis plugin disables the default ‘content’ field as well as excerpts, trackbacks, comments and other unneeded fields from\u003Cbr \u002F>\nthe default page edit view.\u003C\u002Fp>\n","Disable the default Wordpress page editor when using custom fields.",0,7414,"2020-12-19T01:34:00.000Z","5.6.17","3.0","5.3",[18,19],"cms","headless","https:\u002F\u002Fgithub.com\u002Fjohnmmackey\u002Fwp-headless-pages","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheadless-pages.1.0.1.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,84,"2026-07-15T09:42:07.045Z",[33,51,74,94,109],{"slug":34,"name":35,"version":6,"author":36,"author_profile":37,"description":38,"short_description":39,"active_installs":40,"downloaded":41,"rating":42,"num_ratings":43,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":49,"download_link":50,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"wp-headless","WP Headless","Joe Bailey-Roberts","https:\u002F\u002Fprofiles.wordpress.org\u002Fsephsekla\u002F","\u003Cp>Logged in users are redirected to the editor screen for the post, while non-logged in users must log in first. This means that you can share a readable link straight to the editor, depending on your permalink settings.\u003C\u002Fp>\n\u003Cp>Good for task management or organisation resource management.\u003C\u002Fp>\n\u003Ch3>What the plugin actually does\u003C\u002Fh3>\n\u003Cp>In simple terms, the plugin removes the frontend of the WordPress site. Post permalinks go straight to the editor page, and the theme is mostly redundant.\u003C\u002Fp>\n\u003Ch3>Why would I want to do that?\u003C\u002Fh3>\n\u003Cp>This is definitely not a useful plugin for a public-facing website. Instead, this allows you to convert WordPress into a headless CMS for managing tasks, content and more, all protected by the standard user role system. You can share a post permalink with a collaborator and they will be directed straight to the editor screen.\u003C\u002Fp>\n\u003Cp>Maybe you want to go a step further and create an external application to display your WordPress content elsewhere using the API. In this case you definitely don’t want the standard WP frontend accessible!\u003C\u002Fp>\n","A lightweight plugin to disable the WP frontend experience.",300,8006,100,2,"2019-04-25T16:50:00.000Z","5.1.22","4.6","5.2.4",[18,19],"","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-headless.zip",{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":42,"downloaded":59,"rating":42,"num_ratings":60,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":64,"tags":65,"homepage":71,"download_link":72,"security_score":73,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"frontend-view-for-headless-cms","Frontend View For Headless CMS","1.1","Dropndot Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fdropndot\u002F","\u003Cp>Frontend View For Headless CMS is a plugin that seamlessly links your backend WordPress content, including posts, pages, custom post types, taxonomies, categories, and authors to your headless CMS frontend site. This ensures that any content in your WordPress backend are linked with your headless CMS frontend, therefore, you can easily visit the contents using visit links.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Redirects from WordPress content to the corresponding URLs on your headless CMS site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>This plugin is developed by Dropndot Solutions. For more information, visit \u003Ca href=\"https:\u002F\u002Fwww.dropndot.com\u002F\" rel=\"nofollow ugc\">Dropndot Solutions\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For support or inquiries, please contact us at \u003Ca href=\"mailto:info@dropndot.com\" rel=\"nofollow ugc\">info@dropndot.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Like the Plugin?\u003C\u002Fh3>\n\u003Cp>If you find this plugin helpful, please leave a positive review on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontend-view-for-headless-cms\" rel=\"ugc\">WordPress Plugin Directory\u003C\u002Fa>\u003C\u002Fp>\n","Frontend View For Headless CMS links backend WordPress articles, pages, custom post types, taxonomies, and categories to the headless CMS site.",2339,5,"2025-05-09T06:04:00.000Z","6.8.5","5.0","7.2",[66,67,68,69,70],"headless-cms-wordpress","headless-frontend","next-js","react","wordpress-to-next-js","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontend-view-for-headless-cms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffrontend-view-for-headless-cms.1.1.zip",92,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":11,"downloaded":82,"rating":11,"num_ratings":11,"last_updated":83,"tested_up_to":84,"requires_at_least":63,"requires_php":85,"tags":86,"homepage":92,"download_link":93,"security_score":42,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"atlasly-content-manager","Atlasly Content Manager","1.0.0","ashwathama","https:\u002F\u002Fprofiles.wordpress.org\u002Fashwathama\u002F","\u003Cp>Atlasly helps you build schema-driven data models inside WordPress and use them through REST API and GraphQL.\u003C\u002Fp>\n\u003Cp>Use Atlasly when you need:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Structured content types and entries\u003C\u002Fli>\n\u003Cli>API-first workflows for headless WordPress\u003C\u002Fli>\n\u003Cli>Form submission capture and data storage\u003C\u002Fli>\n\u003Cli>Import\u002Fexport for operational workflows\u003C\u002Fli>\n\u003Cli>Relationship fields and flexible schema design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This free plugin includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Content type builder with 20+ field types\u003C\u002Fli>\n\u003Cli>Entry management with CRUD operations\u003C\u002Fli>\n\u003Cli>REST API endpoints for content types and entries\u003C\u002Fli>\n\u003Cli>GraphQL endpoint for querying data\u003C\u002Fli>\n\u003Cli>File uploads through WordPress media library\u003C\u002Fli>\n\u003Cli>Relationship fields between entries\u003C\u002Fli>\n\u003Cli>Import\u002Fexport in CSV, JSON, and XML\u003C\u002Fli>\n\u003Cli>Setup wizard and admin dashboard\u003C\u002Fli>\n\u003Cli>Basic webhook triggers for create\u002Fupdate\u002Fdelete events\u003C\u002Fli>\n\u003C\u002Ful>\n","Schema-driven content types, entries, REST API, GraphQL, and form capture for modern WordPress projects.",245,"2026-03-05T09:28:00.000Z","6.9.4","7.4",[87,88,89,90,91],"custom-fields","form-submissions","graphql","headless-cms","rest-api","https:\u002F\u002Fgithub.com\u002FchandrakantNagpure\u002Fatlasly","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fatlasly-content-manager.1.0.0.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":11,"downloaded":102,"rating":11,"num_ratings":11,"last_updated":103,"tested_up_to":62,"requires_at_least":63,"requires_php":85,"tags":104,"homepage":49,"download_link":108,"security_score":73,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"flotiq-sync","Flotiq Sync","1.1.0","Flotiq","https:\u002F\u002Fprofiles.wordpress.org\u002Fflotiq\u002F","\u003Cp>The purpose of this plugin is to let you fill your \u003Ca href=\"https:\u002F\u002Fflotiq.com\" rel=\"nofollow ugc\">Flotiq\u003C\u002Fa> account with your WordPress data. Thanks to this, you can take advantage of WordPress and dive into the Flotiq universe. We support automatic synchronization of the following types of content: posts, pages, media, tags, categories, authors.\u003C\u002Fp>\n\u003Cp>This plugin is relying on a 3rd party Software as a Service – \u003Ca href=\"https:\u002F\u002Fflotiq.com\" rel=\"nofollow ugc\">Flotiq\u003C\u002Fa> to store a copy of your data (posts, pages, media, tags, categories and authors) in your personal Flotiq Account. Your data will remain private. The plugin does not affect your data stored in WordPress.\u003C\u002Fp>\n\u003Cp>The Flotiq Terms and Conditions are available at \u003Ca href=\"https:\u002F\u002Fflotiq.com\u002Fflotiq-terms-of-service\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fflotiq.com\u002Fflotiq-terms-of-service\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","Use this WordPress plugin to easily connect your WordPress instance to Flotiq and synchronize your data.",1224,"2025-04-24T12:39:00.000Z",[105,106,90,107],"backup","flotiq","synchronization","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflotiq-sync.1.1.0.zip",{"slug":110,"name":111,"version":77,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":11,"downloaded":116,"rating":11,"num_ratings":11,"last_updated":117,"tested_up_to":84,"requires_at_least":118,"requires_php":85,"tags":119,"homepage":49,"download_link":122,"security_score":42,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"infospica-headless-api","Infospica Headless API","Infospica","https:\u002F\u002Fprofiles.wordpress.org\u002Ficssubscriptions\u002F","\u003Cp>Infospica Headless API transforms WordPress into a secure and flexible headless CMS by providing a custom REST API namespace with full CRUD capabilities.\u003C\u002Fp>\n\u003Cp>Instead of modifying the default WordPress REST API, this plugin creates an isolated and configurable API layer designed specifically for secure and scalable headless architectures.\u003C\u002Fp>\n\u003Ch3>Ideal for\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Headless WordPress (Next.js, Nuxt, React, Vue, Angular)\u003C\u002Fli>\n\u003Cli>Mobile applications\u003C\u002Fli>\n\u003Cli>SaaS platforms\u003C\u002Fli>\n\u003Cli>Custom frontend integrations\u003C\u002Fli>\n\u003Cli>API-driven architectures\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Custom API namespace with version control\u003C\u002Fli>\n\u003Cli>Full CRUD endpoints (GET, POST, PUT, PATCH, DELETE)\u003C\u002Fli>\n\u003Cli>Supports:\n\u003Cul>\n\u003Cli>Pages\u003C\u002Fli>\n\u003Cli>Posts\u003C\u002Fli>\n\u003Cli>Custom Post Types\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Optional ACF field support (if ACF is active)\u003C\u002Fli>\n\u003Cli>Authentication-aware read and write access\u003C\u002Fli>\n\u003Cli>Capability-based write protection\u003C\u002Fli>\n\u003Cli>Built-in pagination support (\u003Ccode>?page\u003C\u002Fcode> and \u003Ccode>?per_page\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Clean and intuitive admin settings UI\u003C\u002Fli>\n\u003Cli>Clean uninstall (removes plugin data and settings)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Highlights\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All API endpoints require authentication\u003C\u002Fli>\n\u003Cli>Write operations require appropriate WordPress capabilities\u003C\u002Fli>\n\u003Cli>CSRF protection enforced for cookie-based authentication (nonce validation)\u003C\u002Fli>\n\u003Cli>Sensitive user data (such as email addresses) is not exposed\u003C\u002Fli>\n\u003Cli>WooCommerce core pages are automatically excluded from API responses\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Authentication\u003C\u002Fh3>\n\u003Cp>All endpoints require authentication.\u003C\u002Fp>\n\u003Cp>Supported authentication methods:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress login cookies (browser\u002Fadmin usage)\n\u003Cul>\n\u003Cli>Write requests require \u003Ccode>X-WP-Nonce\u003C\u002Fcode> header or \u003Ccode>_wpnonce\u003C\u002Fcode> parameter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Application Passwords (recommended for external applications)\u003C\u002Fli>\n\u003Cli>Any authentication method that properly sets the current user context\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Write operations are additionally restricted by WordPress capabilities (e.g., \u003Ccode>edit_posts\u003C\u002Fcode>, \u003Ccode>delete_posts\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Ch3>Available Endpoints\u003C\u002Fh3>\n\u003Cp>Base structure:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fwp-json\u002F{namespace}\u002F{version}\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fwp-json\u002Fmy-api\u002Fv1\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Status\u003C\u002Fh4>\n\u003Cp>GET \u003Ccode>\u002Fstatus\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Pages\u003C\u002Fh4>\n\u003Cp>GET \u003Ccode>\u002Fpages\u003C\u002Fcode>\u003Cbr \u002F>\nGET \u003Ccode>\u002Fpages\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nPOST \u003Ccode>\u002Fpages\u003C\u002Fcode>\u003Cbr \u002F>\nPUT \u003Ccode>\u002Fpages\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nPATCH \u003Ccode>\u002Fpages\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nDELETE \u003Ccode>\u002Fpages\u002F{id}\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Posts\u003C\u002Fh4>\n\u003Cp>GET \u003Ccode>\u002Fposts\u003C\u002Fcode>\u003Cbr \u002F>\nGET \u003Ccode>\u002Fposts\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nPOST \u003Ccode>\u002Fposts\u003C\u002Fcode>\u003Cbr \u002F>\nPUT \u003Ccode>\u002Fposts\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nPATCH \u003Ccode>\u002Fposts\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nDELETE \u003Ccode>\u002Fposts\u002F{id}\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Custom Post Types\u003C\u002Fh4>\n\u003Cp>GET \u003Ccode>\u002F{post-type}\u003C\u002Fcode>\u003Cbr \u002F>\nGET \u003Ccode>\u002F{post-type}\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nPOST \u003Ccode>\u002F{post-type}\u003C\u002Fcode>\u003Cbr \u002F>\nPUT \u003Ccode>\u002F{post-type}\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nPATCH \u003Ccode>\u002F{post-type}\u002F{id}\u003C\u002Fcode>\u003Cbr \u002F>\nDELETE \u003Ccode>\u002F{post-type}\u002F{id}\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Pagination\u003C\u002Fh3>\n\u003Cp>All list endpoints support:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>?page=1  \n&per_page=10 (maximum 50)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fwp-json\u002Fmy-api\u002Fv1\u002Fposts?page=2&per_page=5\u003Ch3>License\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This plugin is licensed under GPLv2 or later.\u003C\u002Fp>\n","Transform WordPress into a secure headless CMS with a custom REST API, full CRUD support, CPT integration, and ACF compatibility.",105,"2026-03-24T12:45:00.000Z","6.0",[120,121,19,90,91],"acf","custom-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finfospica-headless-api.1.0.0.zip",{"attackSurface":124,"codeSignals":137,"taintFlows":144,"riskAssessment":145,"analyzedAt":148},{"hooks":125,"ajaxHandlers":133,"restRoutes":134,"shortcodes":135,"cronEvents":136,"entryPointCount":11,"unprotectedCount":11},[126],{"type":127,"name":128,"callback":129,"priority":130,"file":131,"line":132},"action","init","closure",99,"headless-pages.php",16,[],[],[],[],{"dangerousFunctions":138,"sqlUsage":139,"outputEscaping":141,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":143},[],{"prepared":11,"raw":11,"locations":140},[],{"escaped":11,"rawEcho":11,"locations":142},[],[],[],{"summary":146,"deductions":147},"The static analysis of the 'headless-pages' v1.0.1 plugin reveals an exceptionally clean codebase with no identified attack surface points.  The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits potential entry points for malicious actors. Furthermore, the code exhibits strong security practices by using prepared statements for all SQL queries, properly escaping all output, and avoiding dangerous functions, file operations, and external HTTP requests.  The lack of any recorded vulnerabilities, including critical or high severity issues, in its history further bolsters its security profile.",[],"2026-04-16T13:36:18.367Z",{"wat":150,"direct":155},{"assetPaths":151,"generatorPatterns":152,"scriptPaths":153,"versionParams":154},[],[],[],[],{"cssClasses":156,"htmlComments":157,"htmlAttributes":158,"restEndpoints":159,"jsGlobals":160,"shortcodeOutput":161},[],[],[],[],[],[],{"error":163,"url":164,"statusCode":165,"statusMessage":166,"message":166},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fheadless-pages\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":43,"versions":168},[169,175],{"version":6,"download_url":21,"svn_tag_url":170,"released_at":23,"has_diff":171,"diff_files_changed":172,"diff_lines":23,"trac_diff_url":173,"vulnerabilities":174,"is_current":163},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fheadless-pages\u002Ftags\u002F1.0.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fheadless-pages%2Ftags%2F1.0.0&new_path=%2Fheadless-pages%2Ftags%2F1.0.1",[],{"version":77,"download_url":176,"svn_tag_url":177,"released_at":23,"has_diff":171,"diff_files_changed":178,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":179,"is_current":171},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheadless-pages.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fheadless-pages\u002Ftags\u002F1.0.0\u002F",[],[]]