[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkSqH5Nse5GgQBFlb7EXT1SH9TsyaBqQNCcbJAsNoomQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":135,"fingerprints":173},"json-api-auth","JSON API Auth","3.0.0","Ali Qureshi","https:\u002F\u002Fprofiles.wordpress.org\u002Fparorrey\u002F","\u003Cp>JSON API Auth extends the JSON API Plugin to allow RESTful user authentication.\u003C\u002Fp>\n\u003Cp>JSON API Plugin, that is required, was closed on August 7, 2019 from WordPress repository. You can download \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPI-Media\u002Fjson-api\" rel=\"nofollow ugc\">JSON API Plugin\u003C\u002Fa> from https:\u002F\u002Fgithub.com\u002FPI-Media\u002Fjson-api until it is republished and available on WordPress.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Generate Auth Cookie for user authentication\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Validate Auth Cookie\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Get Current User Info\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For documentation: See ‘Other Notes’ tab above for usage examples.\u003C\u002Fp>\n\u003Cp>Credits: http:\u002F\u002Fwww.parorrey.com\u002Fsolutions\u002Fjson-api-auth\u002F\u003C\u002Fp>\n","Extends the JSON API Plugin for RESTful user authentication",800,78995,94,11,"2025-07-29T11:41:00.000Z","6.8.5","3.0.1","5.3",[20,21,22,23],"api","authenticate-user","json-api","wordpress-user-authentication","http:\u002F\u002Fwww.parorrey.com\u002Fsolutions\u002Fjson-api-auth\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjson-api-auth.3.0.0.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"parorrey",5,2110,93,20,89,"2026-04-04T06:18:57.828Z",[40,62,83,103,117],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":26,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":59,"download_link":60,"security_score":61,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"rest-api-toolbox","REST API Toolbox","1.4.4","Pete Nelson","https:\u002F\u002Fprofiles.wordpress.org\u002Fgungeekatx\u002F","\u003Cp>Allows tweaking of several REST API settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable the REST API\u003C\u002Fli>\n\u003Cli>Remove WordPress core endpoints\u003C\u002Fli>\n\u003Cli>Require authentication for core endpoints\u003C\u002Fli>\n\u003Cli>Force SSL\u003C\u002Fli>\n\u003Cli>WP-CLI commands: wp rest-api-toolbox\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Find us on GitHub at https:\u002F\u002Fgithub.com\u002Fpetenelson\u002Fwp-rest-api-toolbox\u003C\u002Fp>\n\u003Cp>(Creative commons toolbox image provided by James Tworow https:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Fsherlock77\u002F)\u003C\u002Fp>\n","Allows tweaking of several REST API settings",2000,40876,8,"2025-01-02T16:18:00.000Z","6.7.5","4.4","",[22,56,57,58],"rest","rest-api","wp-rest-api","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frest-api-toolbox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frest-api-toolbox.1.4.4.zip",92,{"slug":63,"name":64,"version":65,"author":7,"author_profile":8,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":73,"homepage":78,"download_link":79,"security_score":80,"vuln_count":81,"unpatched_count":27,"last_vuln_date":82,"fetched_at":29},"json-api-user","JSON API User","4.1.0","\u003Cp>JSON API User extends the JSON API Plugin with a new Controller to allow RESTful user registration, authentication, password reset, RESTful Facebook Login, RESTful User Meta and BuddyPress xProfile get and update methods. This plugin is for WordPress\u002FMobile app developers who want to use WordPress as mobile app data backend.\u003C\u002Fp>\n\u003Cp>JSON API Plugin, that is required, was closed on August 7, 2019 from WordPress repository. You can download \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPI-Media\u002Fjson-api\" rel=\"nofollow ugc\">JSON API Plugin\u003C\u002Fa> from https:\u002F\u002Fgithub.com\u002FPI-Media\u002Fjson-api until it is republished and available on WordPress.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generate Auth Cookie for user authentication\u003C\u002Fli>\n\u003Cli>Validate Auth Cookie\u003C\u002Fli>\n\u003Cli>RESTful User Registration\u003C\u002Fli>\n\u003Cli>RESTful Facebook Login\u002FRegistration with valid access_token\u003C\u002Fli>\n\u003Cli>RESTful BuddyPress xProfile fields update\u003C\u002Fli>\n\u003Cli>Get User Meta and xProfile fields\u003C\u002Fli>\n\u003Cli>Update User Meta and xProfile fields\u003C\u002Fli>\n\u003Cli>Delete User Meta\u003C\u002Fli>\n\u003Cli>Password Reset\u003C\u002Fli>\n\u003Cli>Get Avatar\u003C\u002Fli>\n\u003Cli>Get User Info\u003C\u002Fli>\n\u003Cli>Post Comment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin was created for mobile apps integration with the web app using WordPress as backend for all the data. WordPress helped in putting together the web app quickly and then Mobile iOS and Android apps were integrated via this plugin. There were some app specific customized methods which are not included but rest have been made generic for community usage.\u003C\u002Fp>\n\u003Cp>My other JSON API Auth plugin has also been integrated with this plugin from version 1.1 because most endpoints required user authentication via cookie for data update.\u003C\u002Fp>\n\u003Cp>Pro Version – JSON API User Plus\u003C\u002Fp>\n\u003Cp>A pro version of this plugin, \u003Ca href=\"http:\u002F\u002Fwww.parorrey.com\u002Fsolutions\u002Fjson-api-user-plus\u002F\" rel=\"nofollow ugc\">JSON API User Plus\u003C\u002Fa>, is available here http:\u002F\u002Fwww.parorrey.com\u002Fsolutions\u002Fjson-api-user-plus\u002F that supports BuddyPress Messages component, BuddyPress avatar upload, BuddyPress Extended Profile, BuddyPress Groups, BuddyPress Friends, BuddyPress Activity, BuddyPress Notifications, BuddyPres Settings and other BuddyPress related functions to integrate BuddyPress features in your mobile app via REST api.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.parorrey.com\u002Fsolutions\u002Fjson-api-user-plus\u002F\" rel=\"nofollow ugc\">JSON API User Plus\u003C\u002Fa> includes API key which protects and restricts the endpoint calls. This key can be updated from Settings > User Plus options page. Your app must include this key with every call to get the data from REST API. Please see documentation for calling endpoints examples for ‘JSON API User Plus’.\u003C\u002Fp>\n\u003Cp>JSON API User Plus features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generate Auth Cookie for user authentication\u003C\u002Fli>\n\u003Cli>Validate Auth Cookie\u003C\u002Fli>\n\u003Cli>RESTful User Registration\u003C\u002Fli>\n\u003Cli>RESTful Facebook Login\u002FRegistration with valid access_token\u003C\u002Fli>\n\u003Cli>RESTful BuddyPress xProfile fields update\u003C\u002Fli>\n\u003Cli>Get User Meta and xProfile fields\u003C\u002Fli>\n\u003Cli>Update User Meta and xProfile fields\u003C\u002Fli>\n\u003Cli>Delete User Meta\u003C\u002Fli>\n\u003Cli>Password Reset\u003C\u002Fli>\n\u003Cli>Get\u002FUpload Avatar\u003C\u002Fli>\n\u003Cli>Get User Info\u003C\u002Fli>\n\u003Cli>Post Comment\u003C\u002Fli>\n\u003Cli>Add Post, Update Post, Delete Post\u003C\u002Fli>\n\u003Cli>Add\u002FEdit\u002FDelete Custom Post Type, Custom Fields\u003C\u002Fli>\n\u003Cli>Search User\u003C\u002Fli>\n\u003Cli>BuddyPress Activities\u003C\u002Fli>\n\u003Cli>BuddyPress Members\u003C\u002Fli>\n\u003Cli>BuddyPress Friends\u003C\u002Fli>\n\u003Cli>BuddyPress Notifications\u003C\u002Fli>\n\u003Cli>BuddyPress Settings\u003C\u002Fli>\n\u003Cli>& many more\u003C\u002Fli>\n\u003C\u002Ful>\n","Extends the JSON API Plugin to allow RESTful user registration, authentication & many other User Meta, BP functions. A Pro version is also available.",1000,120913,78,21,"2025-07-29T11:54:00.000Z",[74,22,75,76,77],"authentication","restful-facebook-login","restful-user-meta-and-buddypress-xprofile","restful-user-registration","http:\u002F\u002Fwww.parorrey.com\u002Fsolutions\u002Fjson-api-user\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjson-api-user.4.1.0.zip",97,1,"2024-07-10 00:00:00",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":26,"num_ratings":81,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":54,"tags":96,"homepage":100,"download_link":101,"security_score":102,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"rest-api-helper","REST API Helper","2.2.8","JasmanXcrew","https:\u002F\u002Fprofiles.wordpress.org\u002Fjasmanxcrew\u002F","\u003Cp>This plugin help REST API for display featured media source, author, categories, and custom fields.\u003Cbr \u002F>\nThis plugin is made for \u003Ca href=\"https:\u002F\u002Fgoo.gl\u002FqznlXo\" rel=\"nofollow ugc\">Ionic Mobile App Builder\u003C\u002Fa>, suitable used for ionic framework.\u003Cbr \u002F>\nThis plugin also support for display custom field in metabox and also make it allow crossorigin only for json files. Compatible with wp-restapi2 and json-api.\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n* Product listing without Woo API\u003Cbr \u002F>\n* REST-API Auth Basic\u003Cbr \u002F>\n* Fix CORS and Preflight CORS (Example Issue: Request header field ……. is not allowed by Access-Control-Allow-Headers in preflight response.)\u003Cbr \u002F>\n* Woo ACF Gallery\u003Cbr \u002F>\n* Gallery JSON Array or Object\u003Cbr \u002F>\n* One Signal Push\u003Cbr \u002F>\n* Custom Field Support\u003Cbr \u002F>\n* Fix issue render VisualComposer ([vc_row]Hello World . . .[\u002Fvc_row])\u003C\u002Fp>\n\u003Ch3>Woocommerce\u003C\u002Fh3>\n\u003Cp>for enable Woo product and categories without authorization, add this code in wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_WOO\", true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can changing custom field for gallery (default woo using _product_image_gallery metakey), add this line\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_WOO_ACF_GALLERY\", 'images'); \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>and for type data object or string (default string, separator with coma)\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_WOO_ACF_GALLERY_OBJECT\", false);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>OneSignal Sender\u003C\u002Fh3>\n\u003Cp>for enable oneSignal Sender add this code in wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_ONESIGNAL_PUSH\", true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>then fix your app_id and app_key\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_ONESIGNAL_PUSH\", false);\ndefine(\"IMH_ONESIGNAL_PAGE_IN_APP\", 'post_singles'); \u002F\u002Fthis additional data (key: page and value: post_singles\u002Fpost_id)\ndefine(\"IMH_ONESIGNAL_APP_ID\", '31ee45e2-c63d-4048-903a-89ca43f3afa2');\ndefine(\"IMH_ONESIGNAL_APP_KEY\", 'YzUzNmZkOTAtMmVlMC00OWIzLThlNGQtMzQyYzzyNmFhZjcw');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Anonymous Comments\u003C\u002Fh3>\n\u003Cp>You can allow anonymous comments using configuration:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_ALLOW_PREFLIGHT_CORS\",true); \u002F\u002Frequired for method post\ndefine(\"IMH_ANONYMOUS_COMMENTS\",true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>send comment using url like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Fwordpress.co.id\u002Fwp-json\u002Fwp\u002Fv2\u002Fcomments?author_name=Your Name Here&author_email=your-email-address@website-address-here.com&author_name=Your Name Here&content=Your Comment Here&post=20\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Register REST-API\u003C\u002Fh3>\n\u003Cp>You can allow register new user using configuration:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_RESTAPI_REGISTER\",true); \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>End Point:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwordpress.co.id\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u002Fregister\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Visual Composer\u003C\u002Fh3>\n\u003Cp>Fix issue render VisualComposer Content\u003C\u002Fp>\n\u003Cp>Response is:\u003Cbr \u002F>\n[vc_row]Hello World . . .[\u002Fvc_row]\u003Cbr \u002F>\nResponse should be:\u003C\u002Fp>\n\u003Cp>Hello World . . .\u003C\u002Fp>\n\u003Cp>add this code in wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_VC_SHORTCODE\",true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fihsana.com\" rel=\"nofollow ugc\">Ihsana Global Solusindo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"ihsana.com\u002Fi\u002F?u=imabuilder\" rel=\"nofollow ugc\">IMA BuildeRz – Ionic Mobile App Builder + Code Generator \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fihsana.com\u002Fi\u002F?u=iwpdev\" rel=\"nofollow ugc\">iWP-DevToolz – WordPress Plugin Maker + Code Generator \u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin help REST API for display featured media source, author, categories, and custom fields.",600,22471,"2022-01-02T16:25:00.000Z","5.3.21","4.0",[97,98,22,99,57],"ionic","json","mobile-app","http:\u002F\u002Fihsana.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frest-api-helper.zip",85,{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":36,"downloaded":111,"rating":27,"num_ratings":27,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":54,"tags":115,"homepage":54,"download_link":116,"security_score":102,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"kill-json-rest-api","Kill JSON REST API","1.1.0","arminmeth","https:\u002F\u002Fprofiles.wordpress.org\u002Farminmeth\u002F","\u003Cp>While WordPress is slowly but surely becoming a complete application framework and JSON REST API is huge step in this direction, there is a large number of WordPress users that do not need advanced features like those offered by WordPress JSON REST API. This plugin helps them to turn those advanced features off and not worry about it.\u003C\u002Fp>\n\u003Cp>While other similar plugins disable JSON REST API functionality only for anonymous users, Kill JSON REST API completely disables the framework for all users and removes links and tags from head element.\u003C\u002Fp>\n","Completely disables JSON REST API for both registered and anonymous users in WordPress 4.7.* and removes API links and tags.",2690,"2017-02-15T10:03:00.000Z","4.7.32","4.7",[20,98,22,56,57],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkill-json-rest-api.1.1.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":27,"num_ratings":27,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":54,"tags":130,"homepage":133,"download_link":134,"security_score":102,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"get-json-api","Get Json Api","0.1","digitalissimo","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalissimo\u002F","\u003Cp>If you need to get the information from another site or your site using JSON API (https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjson-api\u002F) you can use this plugin.\u003Cbr \u002F>\nFor slideshow this plugin use Cycle2 (http:\u002F\u002Fjquery.malsup.com\u002Fcycle2).\u003C\u002Fp>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>[getapi url=\"www.mysite.com\" limit=\"5\" type=\"[CYCLE or LIST]\"]:\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cul>\n\u003Cli>\n\u003Cp>url: url before ?json=get_recent_posts\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>limit: number element of json result\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>type: “Cycle” is a slideshow of thumbs or “List” is the list of post titles\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Retrieve the results of the API of a site that uses the plugin JSON API",10,2560,"2014-01-08T09:09:00.000Z","3.4.2","3.4",[98,22,131,132],"shortcode","widget","http:\u002F\u002Fplugin.digitalissimoweb.it\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fget-json-api.0.1.zip",{"attackSurface":136,"codeSignals":161,"taintFlows":168,"riskAssessment":169,"analyzedAt":172},{"hooks":137,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":27,"unprotectedCount":27},[138,144,149,153],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","admin_notices","pim_auth_draw_notice_json_api","json-api-auth.php",33,{"type":145,"name":146,"callback":147,"file":142,"line":148},"filter","json_api_controllers","pimAuthJsonApiController",39,{"type":145,"name":150,"callback":151,"file":142,"line":152},"json_api_auth_controller_path","setAuthControllerPath",41,{"type":139,"name":154,"callback":155,"priority":26,"file":142,"line":156},"init","json_api_auth_checkAuthCookie",43,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":167},[],{"prepared":27,"raw":27,"locations":164},[],{"escaped":81,"rawEcho":27,"locations":166},[],[],[],{"summary":170,"deductions":171},"The \"json-api-auth\" plugin v3.0.0 demonstrates an exceptionally strong security posture based on the provided static analysis. The complete absence of identified AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its potential attack surface.  Furthermore, the code analysis reveals a commitment to secure coding practices, with no dangerous functions, all SQL queries utilizing prepared statements, and all output being properly escaped. The lack of file operations and external HTTP requests further reduces the risk of common web vulnerabilities.  The plugin's vulnerability history is also clean, with no recorded CVEs, indicating a history of responsible development and maintenance. The absence of taint analysis results suggests no apparent pathways for unsanitized data to enter critical functions. In conclusion, this plugin appears to be very well-secured.",[],"2026-03-16T19:20:36.310Z",{"wat":174,"direct":179},{"assetPaths":175,"generatorPatterns":176,"scriptPaths":177,"versionParams":178},[],[],[],[],{"cssClasses":180,"htmlComments":181,"htmlAttributes":182,"restEndpoints":183,"jsGlobals":184,"shortcodeOutput":185},[],[],[],[],[],[]]