[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHNa__B5Vg-eF443PUZY7F3OU2PVq4G81Or5yFPgviP4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":131,"fingerprints":209},"igniterauth","HTTP Authentication site lock","1.0.0","Affilipoint","https:\u002F\u002Fprofiles.wordpress.org\u002Frramroop\u002F","\u003Cp>IgniterAuth protects your website from the being accessible to the public and bots. It’s particularly useful when deploying beta or staging environments to make the site inaccessible to the public and also protect it from being crawled and indexed by search bots.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>Plugin featured overview:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works with any WordPress theme\u003C\u002Fli>\n\u003Cli>Visible only to non logged in users\u003C\u002Fli>\n\u003Cli>Give your users access using a custom username\u002Fpassword or by using the WP site credentials.\u003C\u002Fli>\n\u003Cli>Enable ‘noindex’ meta tags and ‘X-Robots-Tag: noindex’ in the header of your site\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>Our aim is to help you get the most out of your WordPress site both with our Plugins and Themes.\u003C\u002Fp>\n\u003Cp>If you feel that we have achieved this by using this plugin, please \u003Ca href=\"\" rel=\"nofollow ugc\">leave us a review\u003C\u002Fa>. We appreciate it very much and your feedback helps us develop better plugins and themes.\u003C\u002Fp>\n\u003Cp>Thank you\u003Cbr \u002F>\nJames\u003C\u002Fp>\n\u003Ch4>Privacy Statement\u003C\u002Fh4>\n\u003Cp>This plugin does not collect any personal information about you. When you activate, disactivate and remove the plugin a ping is sent to our server for usage statistics.\u003C\u002Fp>\n","Restrict your site from the public while it's in development, staging or maintenance mode.",0,1323,"2023-05-18T09:22:00.000Z","6.1.10","5.4","7.4",[18,19,20,21,22],"authentication","development","noindex","site-lock","staging","https:\u002F\u002Faffilipoint.com\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Figniterauth.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"rramroop",1,30,84,"2026-04-04T14:37:24.623Z",[36,57,79,97,116],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":16,"tags":51,"homepage":55,"download_link":56,"security_score":46,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"display-environment-type","Display Environment Type","1.6.0","Stoil Dobreff","https:\u002F\u002Fprofiles.wordpress.org\u002Fsdobreff\u002F","\u003Cp>WordPress 5.5 introduced a way to differentiate between environment types (development, staging, production). This plugin shows your site’s environment type in the admin bar and the dashboard “At a Glance” widget.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2020\u002F07\u002F24\u002Fnew-wp_get_environment_type-function-in-wordpress-5-5\u002F\" rel=\"nofollow ugc\">More info about the feature\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To gain additional control — for example, setting the environment or other values from the WP admin (when \u003Ccode>wp-config.php\u003C\u002Fcode> is writable) — consider installing our other plugin \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002F0-day-analytics\u002F\" rel=\"ugc\">0 Day Analytics\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Recommended Plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002F0-day-analytics\u002F\" rel=\"ugc\">0 Day Analytics\u003C\u002Fa> — a powerful plugin for sites that need more insight into errors and runtime behavior. It includes a Cron manager, a Transient manager (database-backed), DB manager, Snippet manager, Mail manager, Plugin Version Switcher available from the Plugins page and many more.\u003C\u002Fli>\n\u003C\u002Ful>\n","Displays WordPress 5.5's environment type setting in the admin bar and the \"At a Glance\" dashboard widget.",1000,135115,100,4,"2025-12-19T15:09:00.000Z","6.9.4","5.5",[19,52,53,54,22],"dtap","environment","production","https:\u002F\u002Froytanck.com\u002F2020\u002F08\u002F21\u002Fnew-wordpress-plugin-display-environment-type\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-environment-type.1.6.0.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":46,"downloaded":65,"rating":46,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":75,"download_link":76,"security_score":77,"vuln_count":31,"unpatched_count":11,"last_vuln_date":78,"fetched_at":27},"the-permalinker","The Permalinker","1.9.0","Andy Stratton","https:\u002F\u002Fprofiles.wordpress.org\u002Ftheandystratton\u002F","\u003Cp>Use short codes to dynamically link to your WordPress pages and posts. All you need is the ID. This can come in handy when developing content for WordPress sites. Makes for a cleaner migration with no need to manipulate content when moving from one subdirectory or domain to another.\u003C\u002Fp>\n\u003Cp>Attributes of \u003Ccode>append\u003C\u002Fcode> \u003Ccode>class\u003C\u002Fcode>, \u003Ccode>rel\u003C\u002Fcode>, and \u003Ccode>target\u003C\u002Fcode> are supported within the \u003Ccode>[permalink]\u003C\u002Fcode> opening tag. See FAQs. You can insert the token \u003Ccode>%post_title%\u003C\u002Fcode> to dynamically insert the post’s title into anchor text (content between the opening and closing shortcode).\u003C\u002Fp>\n\u003Cp>A short code for \u003Ccode>[template_uri]\u003C\u002Fcode> exists if you’d like to dynamically grab the full URL to your current template directory (useful for adding images and other resources bundled in a template via the page\u002Fpost editor).\u003C\u002Fp>\n\u003Cp>\u003Cem>Example 1: Create link.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[permalink id=2 rel=\"internal\"]Check out my latest post named %post_title%[\u002Fpermalink] or use `[permalink]this link[\u002Fpermalink]` to link to this post.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Example 2: Output Permalink URL.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Ca href=\"[permalink]\">;This post.\u003C\u002Fa>;\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Example 3: Template Directory URI\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cimg src=\"[template_uri]\u002Fphotos\u002Fme_grandma.jpg\" alt=\"A Photo of Me and My Grandma\" \u002F>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Use short codes to dynamically link to your WordPress pages and posts. All you need is the ID. This can come in handy when developing content for Word …",12640,2,"2024-12-13T20:33:00.000Z","6.4.8","2.6","",[19,72,73,74,22],"linking","migration","permalinks","http:\u002F\u002Ftheandystratton.com\u002F2009\u002Fthe-permalinker-wordpress-plugin-dynamic-permalinks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-permalinker.1.9.0.zip",91,"2024-12-13 15:58:35",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":32,"downloaded":87,"rating":46,"num_ratings":31,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":70,"download_link":96,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"dev-theme","Dev Theme","1.2.1","Avi Bashari","https:\u002F\u002Fprofiles.wordpress.org\u002Fbashari\u002F","\u003Ch4>DEV Theme\u003C\u002Fh4>\n\u003Cp>Develop your website on live server without crashing your site, then deploy all changes in 1 click.\u003C\u002Fp>\n\u003Cp>With Dev Theme plugin, you can easily create a separate staging environment for your website where you can test and experiment with new themes and designs without affecting your live site. Our plugin allows you to make changes to your staging site, preview the changes and only when you’re ready, you can push them to your live site with just a click of a button.\u003C\u002Fp>\n\u003Cp>Our plugin makes it easy for you to edit themes on your live site, without worrying about affecting your live site until you decides to. You can experiment with different themes, customize them to your liking, and see how they look and feel on your site, all without having to worry about damaging your live website.\u003C\u002Fp>\n\u003Cp>While the plugin does not allow you to edit plugins on the site, it ensures that any changes made to your theme are isolated and do not affect your live site. This means that you can experiment with new designs, layouts, and features without the risk of damaging your website’s performance or functionality.\u003C\u002Fp>\n\u003Cp>Overall, Dev Theme plugin is a powerful tool that allows you to create a safe and isolated environment to experiment with your website’s design and layout, making it easy for you to make changes and improvements without any risk to your live site.\u003C\u002Fp>\n\u003Ch4>How it works?\u003C\u002Fh4>\n\u003Cp>The staging feature of Dev Theme, allows you to create a safe and secure environment for you to experiment and develop your website without impacting your live site.\u003C\u002Fp>\n\u003Cp>When you create a staging environment, the plugin will copy your active theme into a folder called “dev-theme”.\u003Cbr \u002F>\nThis folder is where you can safely edit the code of your website without affecting the live version.\u003Cbr \u002F>\nOnce you’ve made the desired changes, you can preview the new version of your website by either activating the dev-theme just for your user, to do that, just enter to your profile and look for the “Dev Theme” option.\u003Cbr \u002F>\nAnother option, add a dev_theme cookie with the value “enabled” in your browser.\u003C\u002Fp>\n\u003Cp>This way, you can test your changes thoroughly before making them live to ensure the best possible user experience.\u003Cbr \u002F>\nWith Dev Theme plugin, you can confidently develop and experiment with your website knowing that your live site remains safe and untouched.\u003C\u002Fp>\n","DEV Theme",1893,"2023-05-09T22:11:00.000Z","6.2.9","4.6","5.6",[93,19,94,22,95],"dev","stage","theme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdev-theme.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":11,"num_ratings":11,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":70,"tags":110,"homepage":114,"download_link":115,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"deploy-helper","Deploy Helper","0.6","topdrawinc","https:\u002F\u002Fprofiles.wordpress.org\u002Ftopdrawinc\u002F","\u003Cp>Simplify the process of deploying a website. If you ever worked on a WordPress site on a local environment, you know how frustrating it can be to move it to different servers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwww.topdraw.com\u002Fnews\u002Fwp-plugin-deploy-helper\u002F\" title=\"Top Draw home page\" rel=\"nofollow ugc\">Plugin home page\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Ftd-deployhelper\u002F\" title=\"Forum \u002F Support\" rel=\"ugc\">Forum \u002F Support\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Simplify the process of deploying a website. If you ever worked on a Wordpress site on a local environment, you know how frustrating it can be to move …",10,3556,"2012-06-05T22:13:00.000Z","3.3.2","2.9.0",[111,19,112,113,22],"deployment","hosting","paths","http:\u002F\u002Fwww.topdraw.com\u002Fnews\u002Fwp-plugin-deploy-helper\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdeploy-helper.0.6.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":105,"downloaded":124,"rating":11,"num_ratings":11,"last_updated":70,"tested_up_to":125,"requires_at_least":126,"requires_php":70,"tags":127,"homepage":70,"download_link":129,"security_score":46,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":130},"only-admins","Only Admins","1.0","pcoitinho","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcoitinho\u002F","\u003Cp>Only Admins is a minimal plugin that restricts your entire WordPress site to Admins.\u003C\u002Fp>\n\u003Cp>Best used as a MU-Plugin on Development and Staging sites.\u003C\u002Fp>\n","Only Admins is a minimal plugin that restricts your entire WordPress site to Admins.",1122,"4.7.32","4.3",[19,128,22],"security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fonly-admins.zip","2026-03-15T10:48:56.248Z",{"attackSurface":132,"codeSignals":161,"taintFlows":174,"riskAssessment":202,"analyzedAt":208},{"hooks":133,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":11,"unprotectedCount":11},[134,140,144,148,152],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","init","lock","index.php",48,{"type":135,"name":141,"callback":142,"file":138,"line":143},"admin_menu","settingsMenu",49,{"type":135,"name":145,"callback":146,"priority":31,"file":138,"line":147},"admin_notices","adminNoticeWarning",50,{"type":135,"name":149,"callback":150,"file":138,"line":151},"wp_head","noIndex",51,{"type":153,"name":154,"callback":155,"file":138,"line":156},"filter","plugin_action_links_igniter-auth\u002Findex.php","settingsLink",54,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":11,"externalRequests":11,"nonceChecks":31,"capabilityChecks":11,"bundledLibraries":173},[],{"prepared":11,"raw":11,"locations":164},[],{"escaped":166,"rawEcho":66,"locations":167},13,[168,171],{"file":169,"line":25,"context":170},"includes\\AuthClass.php","raw output",{"file":169,"line":172,"context":170},158,[],[175,194],{"entryPoint":176,"graph":177,"unsanitizedCount":11,"severity":193},"settingsPage (includes\\AuthClass.php:132)",{"nodes":178,"edges":190},[179,184],{"id":180,"type":181,"label":182,"file":169,"line":183},"n0","source","$_POST (x4)",148,{"id":185,"type":186,"label":187,"file":169,"line":188,"wp_function":189},"n1","sink","update_option() [Settings Manipulation]",153,"update_option",[191],{"from":180,"to":185,"sanitized":192},true,"low",{"entryPoint":195,"graph":196,"unsanitizedCount":11,"severity":193},"\u003CAuthClass> (includes\\AuthClass.php:0)",{"nodes":197,"edges":200},[198,199],{"id":180,"type":181,"label":182,"file":169,"line":183},{"id":185,"type":186,"label":187,"file":169,"line":188,"wp_function":189},[201],{"from":180,"to":185,"sanitized":192},{"summary":203,"deductions":204},"The static analysis of igniterauth v1.0.0 reveals a generally positive security posture with no identified vulnerabilities in its attack surface or taint analysis. The plugin demonstrates good practices by not utilizing dangerous functions, exclusively employing prepared statements for SQL queries, and including at least one nonce check. The absence of external HTTP requests and file operations further contributes to a reduced attack vector.  \n\nHowever, a notable concern is the lack of capability checks across all identified entry points, which could lead to unauthorized access if any of the zero identified entry points were to become exposed in the future. While the current attack surface is minimal, the absence of capability checks represents a potential weakness that could be exploited if the plugin were to expand its functionality or if an unforeseen entry point emerged. The vulnerability history also shows no past issues, suggesting a generally secure development but also offering limited historical data to assess long-term security trends.\n\nIn conclusion, igniterauth v1.0.0 appears to be a secure plugin at version 1.0.0, with strong adherence to fundamental security practices like prepared statements and output escaping. The primary weakness lies in the absence of capability checks, which, while not exploitable with the current zero entry points, is a significant omission that should be addressed proactively to maintain a robust security framework as the plugin evolves.",[205],{"reason":206,"points":207},"No capability checks on entry points",15,"2026-03-17T07:18:28.252Z",{"wat":210,"direct":215},{"assetPaths":211,"generatorPatterns":212,"scriptPaths":213,"versionParams":214},[],[],[],[],{"cssClasses":216,"htmlComments":217,"htmlAttributes":218,"restEndpoints":219,"jsGlobals":220,"shortcodeOutput":221},[],[],[],[],[],[]]