[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJk8a2NcIQnppNxqwteJHs8DBA5UxdqLttfDLxDc4-QQ":3,"$fb4atZDzKGu4qZPRpp3i3ABuG4sAeRMeHROnyk2DpRSU":278},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":141,"fingerprints":241},"host-changer","WPMultiHost – 1 WordPress Site with Multiple Domains","1.0.2","Iqonic Design","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqonicdesign\u002F","\u003Cp>WPMultiHost is a plugin which helps you to access 1 WordPress site from Multiple domains.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FzEV2GVB-BcU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Whom it will help?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This for developers sharing to help them share local site on a domain.\u003C\u002Fli>\n\u003Cli>It will allow WordPress site to be accessed from multiple domiain consecutively.\u003C\u002Fli>\n\u003Cli>Will help to use it with NGROK and any other tunnel domains.\u003C\u002Fli>\n\u003C\u002Ful>\n","WPMultiHost is a plugin which helps to access same WordPress site from different domains.",10,1829,0,"2024-12-06T12:28:00.000Z","6.7.5","3.0.1","5.2.4",[19,20,21,22,23],"changer","dynamic-host","host-switcher","multihost","multiplehosts","http:\u002F\u002Fiqonic.design\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhost-changer.1.0.2.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":34,"computed_at":35},"iqonicdesign",5,17210,82,"2026-04-06T09:49:30.027Z",[37,55,77,100,123],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":13,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":52,"download_link":53,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"domain-swapper","Domain-swapper","1.2.0","Myridia Company","https:\u002F\u002Fprofiles.wordpress.org\u002Fveto\u002F","\u003Cp>With Domain Swapper, you can access a single WordPress site using multiple domains, such as domain1.foo.com, domain2.foo.com, domain3.foo.com, etc.\u003Cbr \u002F>\nhttps:\u002F\u002Fdomain-swapper.myridia.com\u003C\u002Fp>\n\u003Ch3>Whom it will help?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This for developers sharing to help them share local site on a domain.\u003C\u002Fli>\n\u003Cli>You can use for multi language.\u003C\u002Fli>\n\u003Cli>Hook different content to each domain\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Setup\u003C\u002Fh3>\n","Domain Swapper is a plugin which lets to access one  WordPress site with different domains.",623,"2025-12-12T06:01:00.000Z","6.9.4","6.7","8.2.0",[51,20,21,22,23],"change-domains","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdomain-swapper","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdomain-swapper.zip",100,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":47,"requires_at_least":16,"requires_php":68,"tags":69,"homepage":75,"download_link":76,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"my-wp-login-logo","My WordPress Login Logo","2.5.2","afsalrahim","https:\u002F\u002Fprofiles.wordpress.org\u002Fafsalrahim\u002F","\u003Cp>\u003Cstrong>My WordPress Login Logo\u003C\u002Fstrong> lets you to add a custom logo in your wordpress login page instead of the usual wordpress logo and customize your login page.\u003C\u002Fp>\n\u003Cp>It also allows you to specify the height and width of the logo. Apart from that you can also customize the login form by adding a custom message below login form and also provide some cool fade in effects for the login form. By adding your custom logo in your login page, you can make your website more professional and also impress the guest bloggers and other users who view these pages.\u003C\u002Fp>\n","My WordPress Login Logo lets you to add a custom logo in your wordpress login page instead of the usual wordpress logo and customize your login page.",10000,182940,98,12,"2026-02-17T12:28:00.000Z","",[70,71,72,73,74],"change-login-page-logo","custom-logo","login-page-logo","logo-changer","wordpress-login-logo","https:\u002F\u002Fafsal.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-wp-login-logo.2.5.2.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":63,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":68,"tags":91,"homepage":68,"download_link":96,"security_score":97,"vuln_count":98,"unpatched_count":13,"last_vuln_date":99,"fetched_at":28},"username-updater","Easy Username Updater","1.0.6","Yogesh Pant","https:\u002F\u002Fprofiles.wordpress.org\u002Fyogeshpant\u002F","\u003Cp>Easy Username updater is a plugin which allows administrators to change usernames on their site. It provide list of users with their email address,username and role. It changes display name as well.\u003C\u002Fp>\n\u003Cp>This plugin also do following:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Search the user by username, email address, or role.\u003C\u002Fli>\n\u003Cli>Send the updated username to user by email.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>How to install?\u003C\u002Fp>\n\u003Col>\n\u003Cli>Unzip the downloaded ‘username-updater.zip’ file\u003C\u002Fli>\n\u003Cli>Upload the ‘username-updater’ folder to ‘\u002Fwp-content\u002Fplugins’ directory of your WordPress installation\u003C\u002Fli>\n\u003Cli>Activate the plugin via the WordPress Plugins page\u003C\u002Fli>\n\u003Cli>A new submenu will automatically create on users menu\u003C\u002Fli>\n\u003C\u002Fol>\n","A plugin to change registered username and display name.",125946,86,39,"2025-07-03T12:54:00.000Z","6.8.5","4.0",[92,93,78,94,95],"change-username","easy-username-updater","wordpress-username-changer","wordpress-username-updater","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fusername-updater.zip",99,1,"2022-07-12 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":65,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":68,"tags":114,"homepage":119,"download_link":120,"security_score":121,"vuln_count":98,"unpatched_count":98,"last_vuln_date":122,"fetched_at":28},"custom-background-changer","Custom Background Changer","3.0","Anshul Gangrade","https:\u002F\u002Fprofiles.wordpress.org\u002Fanshuln90\u002F","\u003Cp>Custom Background Changer is a simlpe way to change separate background color or image for each post, page.\u003C\u002Fp>\n\u003Cp>The Custom Background Changer plugin supports the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli> Choose background color\u003C\u002Fli>\n\u003Cli> Add a background image\u003C\u002Fli>\n\u003Cli> Options for vertical & horizontal repeating\u003C\u002Fli>\n\u003Cli> Options for Background Position\u003C\u002Fli>\n\u003Cli> Options for Background Style\u003C\u002Fli>\n\u003Cli> Options for Fade out the bottom edge of your background image\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.paypal.me\u002Fanshulgangrade\" rel=\"nofollow ugc\">Donate Me\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you are having any kind of issue with configuring our plugin or you face any problem, Contact us on hello@anshullabs.xyz\u003C\u002Fp>\n","Custom Background Changer Plugin is allows you to very easily to add custom color or background image on each post and pages.",1000,45558,7,"2018-03-26T07:59:00.000Z","4.9.29","3.5",[115,116,117,101,118],"background-changer","bg-chnage","custom-background","post-backgraound","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-background-changer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-background-changer.3.0.zip",63,"2025-12-31 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":15,"requires_at_least":136,"requires_php":68,"tags":137,"homepage":128,"download_link":140,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"username","Username","1.3","Pranav Pathak","https:\u002F\u002Fprofiles.wordpress.org\u002Fpranavpathakjaora\u002F","\u003Cp>The Username plugin helps to change username of admin, without effecting other user’s username. First it will check if same username is exist or not. if same username is not exist, then only it will update existing user’s username. Every administrator can change only his\u002Fher username from admin panel.\u003C\u002Fp>\n\u003Cp>After activation there is a sub menu in Settings called Username. Click on this and there is an option to change Username. Insert your new username and then in settings there is an option \u003Cstrong>Click to check username is exist or not\u003C\u002Fstrong> Click and check user is exist or not. If username already exist then it will alert you as \u003Cstrong>Username In Use!\u003C\u002Fstrong> in red color, else it will alert you \u003Cstrong>Username Not In Use!\u003C\u002Fstrong> in green color. If username is not exist and user click on submit then it will update username and it will redirect to login page. Now login with new username.\u003C\u002Fp>\n\u003Cp>Note Password remains same. It is completely safe.\u003Cbr \u002F>\nIf you are not redirect to login page that means Username is not changed.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.5.1 or greater\u003C\u002Fli>\n\u003Cli>PHP 5.2.6 or greater (5.3 recommended)\u003C\u002Fli>\n\u003Cli>MySQL 4.1.2 or greater (5.x recommended)\u003C\u002Fli>\n\u003C\u002Ful>\n","The Username plugin helps to change username, only if username is not exist and without effecting others user's username.",900,15145,80,4,"2024-12-10T03:26:00.000Z","3.5.2",[138,92,139],"admin","username-changer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fusername.1.3.zip",{"attackSurface":142,"codeSignals":216,"taintFlows":229,"riskAssessment":230,"analyzedAt":240},{"hooks":143,"ajaxHandlers":212,"restRoutes":213,"shortcodes":214,"cronEvents":215,"entryPointCount":13,"unprotectedCount":13},[144,150,154,158,161,166,169,172,174,177,180,183,186,189,192,195,198,202,206,209],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_menu","wphc_admin_menu","app\\base\\WPHCBase.php",46,{"type":145,"name":151,"callback":152,"file":148,"line":153},"admin_init","wphc_admin_setting",48,{"type":145,"name":155,"callback":156,"file":148,"line":157},"admin_enqueue_scripts","wphc_enqueueStyles",49,{"type":145,"name":155,"callback":159,"file":148,"line":160},"wphc_enqueueScripts",50,{"type":162,"name":163,"callback":164,"file":165,"line":149},"filter","pre_option_home","wphc_custom_siteurl","app\\filters\\WPHCFilterHook.php",{"type":162,"name":167,"callback":164,"file":165,"line":168},"pre_option_siteurl",47,{"type":162,"name":170,"callback":171,"file":165,"line":153},"option_home","wphc_custom_content_url",{"type":162,"name":173,"callback":171,"file":165,"line":157},"option_siteurl",{"type":162,"name":175,"callback":176,"file":165,"line":160},"stylesheet_directory_uri","wphc_custom_style_uri",{"type":162,"name":178,"callback":176,"file":165,"line":179},"stylesheet_directory",51,{"type":162,"name":181,"callback":176,"file":165,"line":182},"template_directory_uri",52,{"type":162,"name":184,"callback":171,"file":165,"line":185},"plugins_url",53,{"type":162,"name":187,"callback":171,"file":165,"line":188},"content_url",54,{"type":162,"name":190,"callback":171,"file":165,"line":191},"the_content",55,{"type":162,"name":193,"callback":171,"priority":11,"file":165,"line":194},"style_loader_src",56,{"type":162,"name":196,"callback":171,"priority":11,"file":165,"line":197},"script_loader_src",57,{"type":162,"name":199,"callback":200,"file":165,"line":201},"upload_dir","wphc_custom_featured_img_url",58,{"type":162,"name":203,"callback":204,"file":165,"line":205},"wp_get_attachment_url","wphc_custom_attachment_url",59,{"type":162,"name":207,"callback":171,"file":165,"line":208},"get_the_guid",60,{"type":162,"name":210,"callback":171,"file":165,"line":211},"avatar_defaults",61,[],[],[],[],{"dangerousFunctions":217,"sqlUsage":218,"outputEscaping":220,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":228},[],{"prepared":98,"raw":13,"locations":219},[],{"escaped":98,"rawEcho":221,"locations":222},2,[223,226],{"file":148,"line":224,"context":225},104,"raw output",{"file":148,"line":227,"context":225},109,[],[],{"summary":231,"deductions":232},"The \"host-changer\" plugin v1.0.2 presents a seemingly strong security posture based on the provided static analysis and vulnerability history. The absence of any identified CVEs or known vulnerabilities, coupled with a lack of dangerous functions and file operations, indicates a generally well-developed plugin. The SQL query utilizes prepared statements, which is a positive security practice, and there are no identified taint flows.  This suggests a low risk of exploitation through common attack vectors related to data manipulation or code execution.\n\nHowever, a significant concern arises from the complete lack of capability checks and nonce checks. While the attack surface is currently reported as zero, this could be misleading. Any future addition of AJAX handlers, REST API routes, or shortcodes without proper authentication and authorization mechanisms would immediately expose the plugin to significant risks. The low percentage of properly escaped output also suggests a potential for cross-site scripting (XSS) vulnerabilities if user-controlled data is ever introduced into output without proper sanitization.  The plugin's strengths lie in its clean code regarding dangerous functions and SQL, but its weaknesses are critical omissions in authentication and output sanitization that could be exploited if new entry points are added or existing ones become accessible.\n\nIn conclusion, while the plugin currently shows no direct vulnerabilities, the foundational security practices for handling user input and controlling access are severely lacking. This makes it highly susceptible to future vulnerabilities if not addressed. The plugin's current security is more a reflection of its limited functionality and attack surface rather than robust security implementation.",[233,236,238],{"reason":234,"points":235},"Missing capability checks",15,{"reason":237,"points":11},"Missing nonce checks",{"reason":239,"points":32},"Low output escaping (33%)","2026-03-16T23:44:09.613Z",{"wat":242,"direct":255},{"assetPaths":243,"generatorPatterns":248,"scriptPaths":249,"versionParams":250},[244,245,246,247],"\u002Fwp-content\u002Fplugins\u002Fhost-changer\u002Fassets\u002Fadmin\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fhost-changer\u002Fassets\u002Fadmin\u002Fcss\u002Fcustom.css","\u002Fwp-content\u002Fplugins\u002Fhost-changer\u002Fassets\u002Fadmin\u002Fjs\u002Fbootstrap.min.js","\u002Fwp-content\u002Fplugins\u002Fhost-changer\u002Fassets\u002Fadmin\u002Fjs\u002Fcustom.js",[],[],[251,252,253,254],"host-changer\u002Fassets\u002Fadmin\u002Fcss\u002Fbootstrap.min.css?ver=","host-changer\u002Fassets\u002Fadmin\u002Fcss\u002Fcustom.css?ver=","host-changer\u002Fassets\u002Fadmin\u002Fjs\u002Fbootstrap.min.js?ver=","host-changer\u002Fassets\u002Fadmin\u002Fjs\u002Fcustom.js?ver=",{"cssClasses":256,"htmlComments":261,"htmlAttributes":266,"restEndpoints":270,"jsGlobals":271,"shortcodeOutput":275},[257,258,259,260],"page-header","page-title","page-wrapper","page-content",[262,263,264,265],"\u003C!-- Bootstrap CSS -->","\u003C!-- Custom CSS -->","\u003C!-- Bootstrap JS -->","\u003C!-- Custom JS -->",[267,268,269],"name=\"wphc_setting_option[enablehostchanger]\"","id=\"enablehostchanger\"","id=\"enablehostchanger-description\"",[],[272,273,274],"wphc_bootstrap_js","wphc_custom_css","wphc_custom",[276,277],"\u003Ch2>Please contact the administrator to allow your host\u002Fdomain.\u003C\u002Fh2>","\u003Cp>Your Host\u002FDomain: ",{"slug":4,"current_version":6,"total_versions":13,"versions":279},[]]