[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYbQoYGV5J2pfVKdQbB5Una1jlSELKiVk5fU3fK0A-U8":3,"$fMNNG5-PoqQy1SPEd5ZZmas12JEcWdFOXtbtYeVoZpmY":207,"$fk7LeDg6h0-7G4Yc2vUBRmWMrsFuXLjyIyHbCaPMe6EU":212},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":7,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":38,"analysis":140,"fingerprints":185},"kahis-notes","Kahi's WP Notes","0.7","","https:\u002F\u002Fprofiles.wordpress.org\u002Fkahi\u002F","\u003Cp>For me, it’s place to leave notes about future articles, possible topics, ToDos connected with that particular WP site.\u003C\u002Fp>\n\u003Cp>Nothing more to explain. \u003Ca href=\"http:\u002F\u002Fkahi.cz\u002Fwordpress\u002Fwp-content\u002Fimages\u002Fkahis-notes-plugin\u002Fnotes-screen.png\" rel=\"nofollow ugc\">See the screenshot\u003C\u002Fa>. Making notes inside your WordPress, as simple as possible.\u003C\u002Fp>\n\u003Cp>For more information, support, giving feedback or anything – see the \u003Ca href=\"http:\u002F\u002Fkahi.cz\u002Fwordpress\u002Fwp-notes-plugin\u002F\" rel=\"nofollow ugc\">official plugin’s site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>PHP 5\u003C\u002Fstrong> on your server is necessary to run this plugin.\u003C\u002Fp>\n","For me, it's the place to keep notes about future articles, possible topics, plans, ToDos connected with that particular WP site.",80,4954,100,2,"2009-07-15T12:09:00.000Z","2.8.1","2.7",[19,20,21,22],"admin","administration","note","notes","http:\u002F\u002Fkahi.cz\u002Fwordpress\u002Fwp-notes-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkahis-notes.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":32,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":25,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"kahi",5,400,30,84,"2026-05-20T03:12:38.796Z",[39,55,79,102,119],{"slug":40,"name":41,"version":42,"author":7,"author_profile":8,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":26,"num_ratings":26,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":7,"tags":50,"homepage":53,"download_link":54,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"website-diary","Website Diary","0.9.1","\u003Cp>For keeping diary-like notes, so you can quickly overview recent changes on your site (and spot the source of an eventual problem). Adds a box on your administration dashboard. Only administrators are allowed to add and read diary-records (see the beginning of the source code for detailed explanation).\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>PHP 5\u003C\u002Fstrong> on your server is necessary to run this plugin.\u003C\u002Fp>\n","For keeping diary-like notes, so you can quickly overview recent changes on your site (and spot the source of an eventual problem).",10,3211,"2010-08-28T22:46:00.000Z","3.0.5","2.9",[19,20,51,22,52],"diary","tracking","http:\u002F\u002Fkahi.cz\u002Fwordpress\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebsite-diary.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":7,"tags":70,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":26,"last_vuln_date":78,"fetched_at":28},"wp-dashboard-notes","WP Dashboard Notes","1.0.13","Jeroen Sormani","https:\u002F\u002Fprofiles.wordpress.org\u002Fsormano\u002F","\u003Cp>Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Colored notes\u003C\u002Fli>\n\u003Cli>List notes or regular notes\u003C\u002Fli>\n\u003Cli>Public or private notes\u003C\u002Fli>\n\u003Cli>Edit on dashboard\u003C\u002Fli>\n\u003Cli>Add as many notes as you like\u003C\u002Fli>\n\u003Cli>Drag & drop list items\u003C\u002Fli>\n\u003Cli>No save button needed!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Feature requests, ratings and donations are welcome and appreciated!\u003C\u002Fstrong>\u003C\u002Fp>\n","Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user  …",20000,249722,92,109,"2026-04-08T12:28:00.000Z","6.8.5","4.0",[71,72,21,22,73],"admin-note","dashboard-notes","to-do-list","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-dashboard-notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-dashboard-notes.1.0.13.zip",98,3,"2024-08-09 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":7,"download_link":98,"security_score":99,"vuln_count":100,"unpatched_count":26,"last_vuln_date":101,"fetched_at":28},"wb-sticky-notes","Sticky Notes for WP Dashboard","1.2.6","Web Builder 143","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebbuilder143\u002F","\u003Cp>Need a simple way to stay organized inside your WordPress admin area? \u003Cstrong>Sticky Notes for WP Dashboard\u003C\u002Fstrong> lets you add customizable sticky notes right to your dashboard—just like the ones on your desk, but smarter.\u003C\u002Fp>\n\u003Cp>Use it to jot down reminders, create to-do lists, or leave quick notes for other users. Each note can be styled, resized, and moved around to fit the way you work. Whether you’re managing a personal site or running a team, Sticky Notes makes it easy to keep important information front and center.\u003C\u002Fp>\n\u003Ch3>Why you’ll love Sticky Notes for WP Dashboard:\u003C\u002Fh3>\n\u003Cp>– Create as many sticky notes as you need, anywhere in the admin dashboard\u003Cbr \u002F>\n– Change colors, fonts, and themes to match your style\u003Cbr \u002F>\n– Drag and drop notes to position them exactly where you want\u003Cbr \u002F>\n– Show or hide notes with one click\u003Cbr \u002F>\n– Duplicate, archive, and organize notes easily\u003Cbr \u002F>\n– Control who can access notes with user role restrictions\u003Cbr \u002F>\n– Option to hide notes on specific admin pages for a cleaner view\u003C\u002Fp>\n\u003Cp>With an intuitive interface and zero setup required, Sticky Notes for WP Dashboard is a must-have productivity tool for any WP site owner.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Create sticky notes directly on your WP admin dashboard  \u003C\u002Fli>\n\u003Cli>Easy-to-use interface for quick note management  \u003C\u002Fli>\n\u003Cli>Customize notes with themes, colors, and fonts  \u003C\u002Fli>\n\u003Cli>Resizable and movable notes for better organization  \u003C\u002Fli>\n\u003Cli>Hide or show notes globally with one click  \u003C\u002Fli>\n\u003Cli>Duplicate notes with a single click  \u003C\u002Fli>\n\u003Cli>Archive notes for future reference  \u003C\u002Fli>\n\u003Cli>Disable sticky notes on specific admin pages  \u003C\u002Fli>\n\u003Cli>Limit note access by user roles\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Our Other Free Plugins\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwb-custom-product-tabs-for-woocommerce\u002F\" rel=\"ugc\">Custom Product Tabs for WooCommerce\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwb-mail-logger\u002F\" rel=\"ugc\">Mail Logger for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","Create sticky notes in your WP admin for reminders and to-dos. Restrict notes by user roles and disable them on specific pages.",1000,17184,6,"2026-03-26T17:19:00.000Z","7.0","3.5.0","5.6",[95,72,22,96,97],"admin-notes","reminders","sticky-notes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwb-sticky-notes.1.2.6.zip",99,1,"2025-12-31 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":13,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":91,"tags":116,"homepage":7,"download_link":118,"security_score":65,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"noted","Noted!","1.0","Kyle Van Deusen","https:\u002F\u002Fprofiles.wordpress.org\u002Fskvandeusen\u002F","\u003Cp>Noted! is a user-friendly note-taking plugin that allows Admin users to create and manage notes directly in WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fw8L9smQBA6k?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cem>Your Project Memory Bank\u003C\u002Fem>\u003Cbr \u002F>\nStore project-specific notes, instructions, and reminders all in one place — no more searching through old emails or docs.\u003C\u002Fp>\n\u003Cp>\u003Cem>Always One-Click Away\u003C\u002Fem>\u003Cbr \u002F>\nAccess Noted! from the front-end, back-end, or any screen — only visible to site administrators.\u003C\u002Fp>\n\u003Cp>\u003Cem>Lightweight and Clutter-Free\u003C\u002Fem>\u003Cbr \u002F>\nNo over-the-top features or extras. Noted! is there when you need it and gone when you don’t.\u003C\u002Fp>\n","A simple, lightweight, and user-friendly note-taking system within the WordPress admin.",900,3119,14,"2024-11-22T18:47:00.000Z","6.7.5","5.3",[19,22,117],"productivity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnoted.1.0.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":110,"downloaded":127,"rating":128,"num_ratings":129,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":7,"tags":133,"homepage":137,"download_link":138,"security_score":76,"vuln_count":14,"unpatched_count":26,"last_vuln_date":139,"fetched_at":28},"user-notes","User Notes","2.0.0","cartpauj","https:\u002F\u002Fprofiles.wordpress.org\u002Fcartpauj\u002F","\u003Cp>This plugin adds a text editor area to each User Profile in the dashboard for Administrators to keep private notes about each User. The notes are ONLY visible to Administrators — that’s the whole point! It also adds a column to the “All Users” list where you can quickly see the note for the user without having to even open their profile.\u003C\u002Fp>\n\u003Cp>It is especially handy for \u003Ca href=\"http:\u002F\u002Fwww.memberpress.com\u002F?aff=20\" title=\"Best membership plugin for WordPress\" rel=\"nofollow ugc\">Membership Sites\u003C\u002Fa> where you may have thousands of members to deal with and need to remember special circumstances for them.\u003C\u002Fp>\n","Keep private notes about each of your users that only Administrators can see.",15223,96,15,"2026-04-12T20:46:00.000Z","6.9.4","6.0",[95,21,134,135,136],"private-notes","secure-notes","user","https:\u002F\u002Fgithub.com\u002Fcartpauj\u002Fuser-notes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-notes.2.0.0.zip","2025-09-26 00:00:00",{"attackSurface":141,"codeSignals":161,"taintFlows":173,"riskAssessment":174,"analyzedAt":184},{"hooks":142,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":26,"unprotectedCount":26},[143,148,151,154],{"type":144,"name":145,"callback":145,"file":146,"line":147},"action","admin_init","knotes.php",52,{"type":144,"name":149,"callback":149,"file":146,"line":150},"admin_menu",53,{"type":144,"name":152,"callback":152,"file":146,"line":153},"admin_head",54,{"type":144,"name":155,"callback":155,"file":146,"line":156},"wp_dashboard_setup",55,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":100,"bundledLibraries":172},[],{"prepared":26,"raw":26,"locations":164},[],{"escaped":26,"rawEcho":14,"locations":166},[167,170],{"file":146,"line":168,"context":169},140,"raw output",{"file":146,"line":171,"context":169},170,[],[],{"summary":175,"deductions":176},"The \"kahis-notes\" v0.7 plugin exhibits a generally good security posture based on the provided static analysis. The absence of any known CVEs and a clean vulnerability history suggests a well-maintained and secure codebase.  The plugin also demonstrates good practices by not exposing a large attack surface through AJAX, REST API, shortcodes, or cron events, and notably, all SQL queries utilize prepared statements, a critical security measure.\n\nHowever, a significant concern arises from the output escaping analysis, where 100% of outputs are not properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. While the taint analysis shows no flows, this doesn't negate the XSS risk inherent in unescaped output. The plugin also has only one capability check, which might be insufficient depending on the plugin's functionality, and no nonce checks are present, which is a concern for any interactive elements.\n\nIn conclusion, while \"kahis-notes\" v0.7 has a solid foundation with no known vulnerabilities and secure database interactions, the complete lack of output escaping presents a critical security weakness. This single issue significantly elevates the risk profile and requires immediate attention to prevent potential XSS attacks.",[177,180,182],{"reason":178,"points":179},"Unescaped output detected",8,{"reason":181,"points":33},"Missing nonce checks",{"reason":183,"points":77},"Minimal capability checks","2026-04-16T11:04:05.027Z",{"wat":186,"direct":194},{"assetPaths":187,"generatorPatterns":190,"scriptPaths":191,"versionParams":192},[188,189],"\u002Fwp-content\u002Fplugins\u002Fkahis-notes\u002Ficon.png","\u002Fwp-content\u002Fplugins\u002Fkahis-notes\u002Fjquery.autogrow.js",[],[189],[193],"kahis-notes\u002Fjquery.autogrow.js?ver=1.2.2",{"cssClasses":195,"htmlComments":197,"htmlAttributes":199,"restEndpoints":203,"jsGlobals":204,"shortcodeOutput":206},[196],"knotes",[198],"by plugin: Kahi's Notes",[200,201,202],"id=\"knotes\"","name=\"knotes_content\"","value=\"knotes_submit_update\"",[],[205],"jQuery('#knotes textarea').autogrow();",[],{"error":208,"url":209,"statusCode":210,"statusMessage":211,"message":211},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fkahis-notes\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":26,"versions":213},[]]