[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1SFcWBkgK2oLLMAru2kpRpmjKCyAm2jAPE2OZkC58XI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":52,"analysis":153,"fingerprints":245},"improved-user-search-in-backend","Improved user search in backend","1.2.6","Blackbam","https:\u002F\u002Fprofiles.wordpress.org\u002Fblackbam\u002F","\u003Cp>This Plugin improves the search for users in the WordPress backend significantly. It empowers admins to search for the first name, last name and email address of users instead of only their nicknames\u002Fnicenames.\u003C\u002Fp>\n\u003Cp>It is also possible to search for custom user meta fields now.\u003C\u002Fp>\n\u003Cp>Translations: English, German, Swedish\u003C\u002Fp>\n\u003Cp>Plugin Homepage: http:\u002F\u002Fwww.blackbam.at\u002Fblackbams-blog\u002F2011\u002F06\u002F27\u002Fwordpress-improved-user-search-first-name-last-name-email-in-backend\u002F\u003Cbr \u002F>\nSpecial characters like quotes are escaped, problems with the query may apper when trying to search for other non-alphanumeric characters.\u003C\u002Fp>\n\u003Ch3>1.2.4\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Added translations and il8n (Mikael Grön \u003Ca href=\"mailto:jag@mikaelgron.se\" rel=\"nofollow ugc\">jag@mikaelgron.se\u003C\u002Fa>)\u003Cbr \u002F>\n(en_US, en_UK,sv_SE)\u003C\u002Fli>\n\u003Cli>Added german translation (de_DE)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.2.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Database compatibility improved.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.2.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Re-allowed special characters in keys, but strings are still escaped for safe queries.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.2.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Filter and test custom meta fields. Remove unallowed characters.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.2.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Added Case-insensitive matching.\u003C\u002Fli>\n\u003Cli>Added Multisite support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.1.2\u003C\u002Fh3>\n\u003Cp>Fix issue where attempting to activate the plugin would throw an “Invalid Header” error\u003C\u002Fp>\n\u003Ch3>1.1.1\u003C\u002Fh3>\n\u003Cp>Minor changes.\u003C\u002Fp>\n\u003Ch3>1.1\u003C\u002Fh3>\n\u003Cp>Added options page to include custom user meta fields in the search.\u003C\u002Fp>\n\u003Ch3>1.0.1\u003C\u002Fh3>\n\u003Cp>Little code improvements.\u003C\u002Fp>\n\u003Ch4>1.0\u003C\u002Fh4>\n\u003Cp>Initial release to the Plugins directory.\u003C\u002Fp>\n","Improves the search for users in the backend significantly: Search for first name, last, email and more of users instead of only nicename.",200,14766,100,5,"2014-08-02T12:15:00.000Z","3.9.40","3.0","",[20,21,22,23],"backend","search","user","user-search","http:\u002F\u002Fwww.blackbam.at\u002Fblackbams-blog\u002F2011\u002F06\u002F27\u002Fwordpress-improved-user-search-first-name-last-name-email-in-backend\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimproved-user-search-in-backend.1.2.6.zip",85,1,0,"2014-08-13 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2014-5196","improved-user-search-in-backend-cross-site-request-forgery-to-cross-site-scripting","Improved User Search in Backend \u003C= 1.2.5 - Cross-Site Request Forgery to Cross-Site Scripting","Cross-site request forgery (CSRF) vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that insert XSS sequences via the iusib_meta_fields parameter.",null,"\u003C=1.2.5","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2e8abe63-c11b-48e7-8867-3bc1ab940b1f?source=api-prod",3450,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":50,"computed_at":51},"blackbam",3,69,"2026-04-05T01:57:11.877Z",[53,75,98,117,135],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":28,"num_ratings":28,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":72,"download_link":73,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"enhanced-admin-user-search","Enhanced Admin User Search","1.0.2","Mayank Majeji","https:\u002F\u002Fprofiles.wordpress.org\u002Fmayankmajeji\u002F","\u003Ch4>Easily Enhance Your WordPress Admin User Search\u003C\u002Fh4>\n\u003Cp>WordPress Enhanced Admin User Search plugin extends the default WordPress admin user search functionality, providing administrators with more comprehensive search options.\u003C\u002Fp>\n\u003Cp>With this plugin, you can search for users not only by their username and email address but also by their first name, last name, display name, and user ID.\u003C\u002Fp>\n\u003Ch4>Features of WP Enhanced Admin User Search\u003C\u002Fh4>\n\u003Cp>Enhanced Search: Search for users by first name, last name, display name, and user ID in addition to username and email address.\u003Cbr \u002F>\nImproved Filtering: Easily locate users with more refined search queries, making user management tasks more efficient.\u003Cbr \u002F>\nSaves Time: Spend less time searching for users and more time managing your WordPress site with the enhanced search capabilities.\u003Cbr \u002F>\nCompatible: Works seamlessly with the WordPress admin interface, integrating seamlessly with the existing user search functionality.\u003Cbr \u002F>\nUseful for Multi-Author Sites: Ideal for sites with multiple authors, making it easier to find specific users among a large pool of contributors. Keywords: multi-author, contributor, authors.\u003Cbr \u002F>\nPerfect for Membership Sites: Simplify user management on membership sites by quickly locating members based on various criteria. Keywords: membership, subscribers.\u003Cbr \u002F>\nGreat for Learning Management Systems (LMS): Streamline user administration on LMS platforms by searching for users by their names or IDs. Keywords: LMS, e-learning, education.\u003Cbr \u002F>\nBeneficial for Sites with a Large number of Registered Users: Enhance the user search experience on sites with a large number of registered users, improving overall site management. Keywords: high-volume, registered users.\u003C\u002Fp>\n\u003Cp>Enhanced Admin User Search is a must-have tool for WordPress site administrators who need more flexibility and efficiency when managing users on their site. Upgrade your user search experience today with Enhanced Admin User Search!\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is created by \u003Ca href=\"https:\u002F\u002Fmayankmajeji.com\u002F\" title=\"Mayank Majeji\" rel=\"friend nofollow ugc\">Mayank Majeji\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you find this plugin useful to enhance the admin user search of your WordPress website, then please leave a good rating. Your feedback will motivate us for good work.\u003C\u002Fp>\n\u003Cp>To learn more about WordPress, SEO and Blogging, you can also visit \u003Ca href=\"http:\u002F\u002Funmaskwp.com\u002F\" title=\"UnmaskWP\" rel=\"friend nofollow ugc\">UnmaskWP\u003C\u002Fa> for tutorials and guides on topics like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Funmaskwp.com\u002Fsnippets\u002F\" title=\"WordPress Code Snippets Library\" rel=\"friend nofollow ugc\">WordPress Code Snippets Library\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Funmaskwp.com\u002Fhow-to-start-an-online-store\u002F\" title=\"[2024] How to Start an Online Store? (Step by Step)\" rel=\"friend nofollow ugc\">[2024] How to Start an Online Store? (Step by Step)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Funmaskwp.com\u002Fconnect-domain-name-to-web-hosting-service\u002F\" title=\"How to Connect Domain Name with Web Hosting Service? (Step-by-step)\" rel=\"friend nofollow ugc\">How to Connect Domain Name with Web Hosting Service? (Step-by-step)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>…and many more \u003Ca href=\"https:\u002F\u002Funmaskwp.com\u002Fblog\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress tutorials\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>WP Enhanced Admin User Search is the easiest way to enhance admin user search on your WordPress website by simply activating the plugin, especially for multi-author sites, membership sites, and LMS sites where users are registered in bulk.\u003C\u002Fp>\n\u003Cp>I’ve implemented these simple tricks on all of our websites and wanted to share them with everyone, especially bloggers, beginners, and non-technical users.\u003C\u002Fp>\n\u003Cp>I hope you find the WP Enhanced Admin User Search Plugin useful.\u003C\u002Fp>\n\u003Cp>Thank you\u003Cbr \u002F>\nMayank Majeji\u003C\u002Fp>\n","This plugin extends the default WordPress admin user search functionality in the search query.",10,993,"2024-11-08T09:42:00.000Z","6.6.5","5.0","7.0",[68,69,70,71,23],"admin-user-search","backend-users","search-by-name","search-by-user-id","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenhanced-admin-user-search\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenhanced-admin-user-search.1.0.2.zip",92,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":96,"download_link":97,"security_score":26,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"extended-user-search-in-wp-admin","Extended User Search In WP-Admin","3","amit5204","https:\u002F\u002Fprofiles.wordpress.org\u002Famit5204\u002F","\u003Cp>By default WordPress in WP-admin allows users to search only by username or email id.\u003C\u002Fp>\n\u003Cp>But what if you want to search user by first name or last name or both. What if you want to search by entering only partial email address\u002Fid or username or by bio, you cannot do it as by default. WordPress do not come with this feature.\u003Cbr \u002F>\nThis plugin eliminate above limitation. Which could perform search based on full-name, first-name, last-name, email, username and bio.\u003Cbr \u002F>\n“Extended User Search In WP-admin” Plugin that allows admin to search user much more deeply and overcomes the limit possessed by WordPress.\u003C\u002Fp>\n\u003Cp>Note :- This plugin is inspired from “Improved user search in backend” and “User First Name \u002F Full Name Search In WP-admin” plugins.\u003C\u002Fp>\n","By default WordPress in WP-admin allows users to search only by username or email id.",1000,8913,94,13,"2022-12-13T16:06:00.000Z","6.1.10","4.9.6",[91,92,93,94,95],"empower-user-search-in-wpadmin","extend-user-search-in-wpadmin","search-by-first-name-in-wpadmin","search-by-full-name-in-wpadmin","search-by-last-name-in-wpadmin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fextended-user-search-in-wp-admin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fextended-user-search-in-wp-admin.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":13,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":18,"tags":112,"homepage":115,"download_link":116,"security_score":26,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"better-user-search","Better User Search","1.1.1","dale3h","https:\u002F\u002Fprofiles.wordpress.org\u002Fdale3h\u002F","\u003Cp>Better User Search is a must have plugin if you’re running WooCommerce. Without it, you’re stuck trying to remember every\u003Cbr \u002F>\ncustomer’s username.\u003C\u002Fp>\n\u003Cp>Better User Search is used to improve the user search functionality in the admin\u002Fbackend.\u003C\u002Fp>\n\u003Cp>WordPress by default only allows you to search for users by username\u002Fnicename. Using Better User Search, you will be able\u003Cbr \u002F>\nto search by first name, last name, email address and any custom user meta field that already exists in the user meta table.\u003C\u002Fp>\n\u003Cp>On top of that, there is an “OR” feature provided. Just include the word “or” (case-insensitive) in your search query\u003Cbr \u002F>\nand the plugin will search for any user that matches at least 1 of the search terms.\u003C\u002Fp>\n\u003Cp>“OR” Search Example:\u003Cbr \u002F>\nLet’s find all WooCommerce customers in Texas or Florida. To do this, first make sure that \u003Ccode>billing_state\u003C\u002Fcode> and \u003Ccode>shipping_state\u003C\u002Fcode>\u003Cbr \u002F>\nare setup in the Better User Search settings. Now head to the Users page and type “TX or FL” into the search field.\u003C\u002Fp>\n\u003Cp>It really is that simple!\u003Cbr \u002F>\nSpecial characters like quotes are escaped, problems with the query may appear when trying to search for other non-alphanumeric characters.\u003C\u002Fp>\n","Better User Search is a must have plugin if you're running WooCommerce. Without it, you're stuck trying to remember every",700,12360,15,"2016-02-03T19:32:00.000Z","4.4.34","3.1",[113,20,21,22,114],"admin","users","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetter-user-search\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-user-search.1.1.1.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":13,"downloaded":125,"rating":126,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":18,"tags":131,"homepage":133,"download_link":134,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"enhanced-user-search","Enhanced User Search","1.0.0","khan.shabnam","https:\u002F\u002Fprofiles.wordpress.org\u002Fkhanshabnam\u002F","\u003Cp>Enhanced User Search: Effortlessly Find Your Users\u003Cbr \u002F>\nStruggling to locate specific users in your WordPress admin panel? The default search only allows filtering by username and email, making it cumbersome to find users with common names or if you don’t recall their exact login credentials.\u003C\u002Fp>\n\u003Cp>Enhanced User Search simplifies user management by expanding the search capabilities. This plugin allows you to search for users by their first name, last name, username, or email address.\u003C\u002Fp>\n\u003Cp>Here’s how Enhanced User Search streamlines your workflow:\u003C\u002Fp>\n\u003Cp>Effortless User Identification: Quickly locate users with common names or those whose credentials you might not readily remember.\u003Cbr \u002F>\nImproved Efficiency: Save time and frustration by searching based on any combination of user information.\u003Cbr \u002F>\nEnhanced User Management: Gain greater control over your user base with a more comprehensive search functionality.\u003C\u002Fp>\n\u003Cp>Key Features:\u003C\u002Fp>\n\u003Cp>Search users by first name, last name, username, and email address.\u003Cbr \u002F>\nIntegrates seamlessly with the existing WordPress user search interface.\u003Cbr \u002F>\nLightweight and efficient, ensuring smooth performance on your website.\u003Cbr \u002F>\nEasy to use – no configuration required, activates upon installation.\u003C\u002Fp>\n\u003Cp>Benefits:\u003C\u002Fp>\n\u003Cp>Save Time: Find the users you need faster with a more comprehensive search.\u003Cbr \u002F>\nImproved Accuracy: Locate specific users with ease, reducing the risk of identifying the wrong person.\u003Cbr \u002F>\nEnhanced User Management: Gain greater control over your user base.\u003Cbr \u002F>\nWho should use Enhanced User Search?\u003C\u002Fp>\n\u003Cp>This plugin is ideal for anyone who manages users in WordPress, especially those with:\u003C\u002Fp>\n\u003Cp>Large User Bases: Easily find specific users even amidst a vast number of accounts.\u003Cbr \u002F>\nMembership Sites: Efficiently manage user accounts for membership websites.\u003Cbr \u002F>\nMultisite Networks: Effortlessly locate users across multiple sites in your network.\u003Cbr \u002F>\nEnhanced User Search empowers you to manage your WordPress users with greater efficiency and ease. Download the plugin today and experience the difference!\u003C\u002Fp>\n","Effortlessly find users in WordPress! Search by first & last name, username, or email.",1264,80,4,"2024-04-29T16:50:00.000Z","6.5.8","6.4.3",[118,93,95,23,132],"username-search-in-admin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenhanced-user-search","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenhanced-user-search.zip",{"slug":136,"name":137,"version":138,"author":139,"author_profile":140,"description":141,"short_description":142,"active_installs":143,"downloaded":144,"rating":126,"num_ratings":145,"last_updated":146,"tested_up_to":147,"requires_at_least":148,"requires_php":18,"tags":149,"homepage":151,"download_link":152,"security_score":26,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"full-name-search-in-wp-admin","User First Name \u002F Full Name Search In WP-admin","2.1","merajneesh","https:\u002F\u002Fprofiles.wordpress.org\u002Fmerajneesh\u002F","\u003Cp>By default WordPress in WP-admin allows users to search only by complete username or full email id.\u003C\u002Fp>\n\u003Cp>But what if you want to search user by first name or last name or both. What if you want to search by entering only partial\u003Cbr \u002F>\nemail address or username, you cannot do it as by default WordPress do not come with this feature.\u003Cbr \u002F>\nAbove limitation motivated me to develop a plugin which could perform search based\u003Cbr \u002F>\non full-name , first-name, last-name, email and username.\u003Cbr \u002F>\n“User First Name \u002F Full Name Search In WP-admin” Plugin that allows admin to search user much more deeply and\u003Cbr \u002F>\novercomes the limit possessed by WordPress.\u003C\u002Fp>\n\u003Cp>Note :- This plugin is inspired from “Improved user search in backend” plugin.\u003C\u002Fp>\n\u003Ch3>4.9.6\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Modified to work on 4.9.6\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Function updated\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Tested on 4.6\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>A title name and file name changed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>A title name and file name changed\u003C\u002Fli>\n\u003C\u002Ful>\n","User First Name \u002F Full Name Search In WP-admin plugin which empowers users search with no hassles.",70,4610,8,"2018-06-17T16:54:00.000Z","4.9.29","4.9",[150,94,132],"empower-user-search-wp-admin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffull-name-search-in-wp-admin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffull-name-search-in-wp-admin.zip",{"attackSurface":154,"codeSignals":174,"taintFlows":187,"riskAssessment":233,"analyzedAt":244},{"hooks":155,"ajaxHandlers":170,"restRoutes":171,"shortcodes":172,"cronEvents":173,"entryPointCount":28,"unprotectedCount":28},[156,162,166],{"type":157,"name":158,"callback":159,"file":160,"line":161},"action","plugins_loaded","improved_user_search_in_backend_init","improved-user-search-in-backend.php",23,{"type":157,"name":163,"callback":164,"file":160,"line":165},"pre_user_query","user_search_by_multiple_parameters",31,{"type":157,"name":167,"callback":168,"file":160,"line":169},"admin_menu","improved_user_search_in_backend_options",34,[],[],[],[],{"dangerousFunctions":175,"sqlUsage":176,"outputEscaping":184,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":186},[],{"prepared":28,"raw":177,"locations":178},2,[179,182],{"file":160,"line":180,"context":181},57,"$wpdb->get_results() with variable interpolation",{"file":160,"line":183,"context":181},63,{"escaped":177,"rawEcho":28,"locations":185},[],[],[188,207,220],{"entryPoint":189,"graph":190,"unsanitizedCount":27,"severity":206},"improved_user_search_in_backend_page (improved-user-search-in-backend.php:87)",{"nodes":191,"edges":203},[192,197],{"id":193,"type":194,"label":195,"file":160,"line":196},"n0","source","$_POST",95,{"id":198,"type":199,"label":200,"file":160,"line":201,"wp_function":202},"n1","sink","update_option() [Settings Manipulation]",98,"update_option",[204],{"from":193,"to":198,"sanitized":205},false,"low",{"entryPoint":208,"graph":209,"unsanitizedCount":177,"severity":219},"user_search_by_multiple_parameters (improved-user-search-in-backend.php:37)",{"nodes":210,"edges":217},[211,214],{"id":193,"type":194,"label":212,"file":160,"line":213},"$_GET (x2)",50,{"id":198,"type":199,"label":215,"file":160,"line":180,"wp_function":216},"get_results() [SQLi]","get_results",[218],{"from":193,"to":198,"sanitized":205},"high",{"entryPoint":221,"graph":222,"unsanitizedCount":49,"severity":219},"\u003Cimproved-user-search-in-backend> (improved-user-search-in-backend.php:0)",{"nodes":223,"edges":230},[224,225,226,228],{"id":193,"type":194,"label":212,"file":160,"line":213},{"id":198,"type":199,"label":215,"file":160,"line":180,"wp_function":216},{"id":227,"type":194,"label":195,"file":160,"line":196},"n2",{"id":229,"type":199,"label":200,"file":160,"line":201,"wp_function":202},"n3",[231,232],{"from":193,"to":198,"sanitized":205},{"from":227,"to":229,"sanitized":205},{"summary":234,"deductions":235},"The 'improved-user-search-in-backend' plugin, version 1.2.6, presents a mixed security posture. While it boasts a zero attack surface for entry points and correctly escapes all identified outputs, indicating a good understanding of frontend security, the static analysis reveals concerning trends in its backend code. Specifically, the plugin utilizes raw SQL queries without prepared statements, a significant security weakness that can lead to SQL injection vulnerabilities if not handled meticulously. Furthermore, the taint analysis highlights two high-severity flows with unsanitized paths, suggesting potential risks where user-supplied input could be processed in a way that compromises application integrity or exposes sensitive data. The plugin's vulnerability history, though only including a single medium-severity Cross-Site Scripting (XSS) vulnerability from 2014 and currently unpatched CVEs, indicates past issues with input sanitization. While the absence of recent vulnerabilities is a positive sign, the identified code signals and taint flows warrant caution, suggesting that ongoing vigilance and potential code refactoring are advisable to maintain a robust security profile.",[236,238,241],{"reason":237,"points":61},"Raw SQL queries without prepared statements",{"reason":239,"points":240},"High severity taint flows with unsanitized paths",12,{"reason":242,"points":243},"Medium severity CVE history (XSS)",7,"2026-03-16T20:16:44.311Z",{"wat":246,"direct":251},{"assetPaths":247,"generatorPatterns":248,"scriptPaths":249,"versionParams":250},[],[],[],[],{"cssClasses":252,"htmlComments":255,"htmlAttributes":256,"restEndpoints":264,"jsGlobals":265,"shortcodeOutput":266},[253,254],"wrap","form-table",[],[257,258,259,260,261,262,263],"name=\"improved_user_search_in_backend_update\"","value=\"true\"","name=\"iusib_meta_fields\"","rows=\"6\"","cols=\"50\"","name=\"Save\"","value=\"Save Settings\"",[],[],[]]