[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGHKpIWDCFFT4NOvbG_YehDONkMr_c5GvzFQiwtbQn5E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":136,"fingerprints":182},"last-activity","Last Activity","2.0.3","Sajjad Hossain Sagor","https:\u002F\u002Fprofiles.wordpress.org\u002Fsajjad67\u002F","\u003Cp>Keep Tracks of each plugin’s last active datetime, helpful to find obsolete plugins for deletion.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>No Complex Settings\u003C\u002Fli>\n\u003Cli>WP Settings Date Timezone\u003C\u002Fli>\n\u003Cli>View Last Time Activity In Plugin’s List View Page\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin saves each plugin's last activity time.",0,1611,"","6.9.4","5.6","8.0",[18,19,20,21],"activity","plugin-activity","plugin-status","status","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flast-activity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-activity.2.0.3.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"sajjad67",32,10230,139,79,"2026-04-05T01:55:24.463Z",[36,56,78,98,120],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":11,"num_ratings":11,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":13,"tags":48,"homepage":52,"download_link":53,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"monitor-activities-log","Monitor Activities Log","1.0.0","Dipankar Pal","https:\u002F\u002Fprofiles.wordpress.org\u002Fdipankarpal212\u002F","\u003Cp>Get notified with all plugin activities inside your applicatin. In one place you can track plugin activities by the users such as activation, deactivation, installation, deletion and more.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>✅ List all plugin’s activities\u003Cbr \u002F>\n  ✅ Filter data by Plugin Name, Plugin Status, Users, Users Caps, Date\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>You may provide arbitrary sections, in the same format as the ones above.  This may be of use for extremely complicated\u003Cbr \u002F>\nplugins where more information needs to be conveyed that doesn’t fit into the categories of “description” or\u003Cbr \u002F>\n“installation.”  Arbitrary sections will be shown below the built-in sections outlined above.\u003C\u002Fp>\n","Get notified with all plugin activities inside your applicatin. In one place you can track plugin activities by the users such as activation, deactiva &hellip;",683,"2022-06-28T04:16:00.000Z","6.0.11","3.0.1",[37,49,50,51,19],"monitor-plugin","monitor-plugin-status","plugin-activities","http:\u002F\u002Fdomain.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonitor-activities-log.1.0.0.zip",85,"2026-03-15T15:16:48.613Z",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":14,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":76,"download_link":77,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"nodeinfo","NodeInfo(2)","3.1.0","Matthias Pfefferle","https:\u002F\u002Fprofiles.wordpress.org\u002Fpfefferle\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fnodeinfo.diaspora.software\u002F\" rel=\"nofollow ugc\">NodeInfo\u003C\u002Fa> is an effort to create a standardized way of exposing metadata about a server running one of the distributed social networks. The two key goals are being able to get better insights into the user base of distributed social networking and the ability to build tools that allow users to choose the best fitting software and server for their needs.\u003C\u002Fp>\n\u003Cp>This plugin provides a barebone JSON file with basic “node”-informations. The file can be extended by other WordPress plugins, like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fostatus-for-wordpress\u002F\" rel=\"ugc\">OStatus\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpfefferle\u002Fwordpress-dandelion\" rel=\"nofollow ugc\">Diaspora\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Factivitypub\u002F\" rel=\"ugc\">ActivityPub\u003C\u002Fa>\u002F\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpterotype\u002F\" rel=\"ugc\">Pterotype\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>What information does this plugin share?\u003C\u002Fh3>\n\u003Cp>The plugin exposes the following public information about your site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Software\u003C\u002Fstrong>: WordPress version (major version only for privacy)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Usage statistics\u003C\u002Fstrong>: Number of users, posts, and comments\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site info\u003C\u002Fstrong>: Your site name and description\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protocols\u003C\u002Fstrong>: Which federation protocols your site supports (e.g., ActivityPub)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Services\u003C\u002Fstrong>: Which external services your site can connect to (e.g., RSS feeds)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This information helps other servers in the Fediverse discover and interact with your site.\u003C\u002Fp>\n\u003Ch3>Supported NodeInfo versions\u003C\u002Fh3>\n\u003Cp>This plugin supports all major NodeInfo specification versions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>NodeInfo 1.0\u003C\u002Fstrong> and \u003Cstrong>1.1\u003C\u002Fstrong> – Original specifications\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NodeInfo 2.0\u003C\u002Fstrong>, \u003Cstrong>2.1\u003C\u002Fstrong>, and \u003Cstrong>2.2\u003C\u002Fstrong> – Current specifications with extended metadata\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NodeInfo2\u003C\u002Fstrong> – Alternative single-endpoint format\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Endpoints\u003C\u002Fh3>\n\u003Cp>After activation, the following endpoints become available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>\u002F.well-known\u002Fnodeinfo\u003C\u002Fcode> – Discovery document (start here)\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-json\u002Fnodeinfo\u002F2.2\u003C\u002Fcode> – NodeInfo 2.2 (recommended)\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-json\u002Fnodeinfo\u002F2.1\u003C\u002Fcode> – NodeInfo 2.1\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-json\u002Fnodeinfo\u002F2.0\u003C\u002Fcode> – NodeInfo 2.0\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-json\u002Fnodeinfo\u002F1.1\u003C\u002Fcode> – NodeInfo 1.1\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-json\u002Fnodeinfo\u002F1.0\u003C\u002Fcode> – NodeInfo 1.0\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002F.well-known\u002Fx-nodeinfo2\u003C\u002Fcode> – NodeInfo2 format\u003C\u002Fli>\n\u003C\u002Ful>\n","NodeInfo and NodeInfo2 for WordPress!",1000,18204,80,1,"2025-12-30T16:58:00.000Z","6.6","7.2",[72,73,74,57,75],"activitypub","diaspora","fediverse","ostatus","https:\u002F\u002Fgithub.com\u002Fpfefferle\u002Fwordpress-nodeinfo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnodeinfo.3.1.0.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":64,"downloaded":86,"rating":11,"num_ratings":11,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":96,"download_link":97,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"plugin-activation-tracker","Plugin Activation Tracker","3.6","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>Keep track of plugins you activate or deactivate through the dashboard by viewing when each and every one of them was enabled or disabled.\u003C\u002Fp>\n\u003Cp>This plugin allows storing plugin status tracker records for 60 days. Site administrator can customize the duration as their requirements.\u003C\u002Fp>\n\u003Cp>Current features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds new columns on the plugins dashboard screen that shows when each plugin was activated and deactivated with author name and IP address.\u003C\u002Fli>\n\u003Cli>Supported on multisite.\u003C\u002Fli>\n\u003Cli>Control whether you’d like to see a relative date or a “regular” date as set under Settings > General\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>While by default the date & time settings are being used, you can always change the date format by filtering ‘pat_date_time_format_gwl’. For instance:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n\nadd_filter( 'pat_date_time_format_gwl', 'my_pat_date_time_format_gwl' );\nfunction my_pat_date_time_format_gwl( $date_format ) {\n    return 'm-d-Y';\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Here’s some more info on \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFormatting_Date_and_Time\" rel=\"nofollow ugc\">date & time formatting in WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003C\u002Fstrong>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Fplugin-activation-tracker\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nFor any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n","Keep track of plugins you activate or deactivate through the dashboard by viewing when each and every one of them was enabled or disabled.",8185,"2025-04-28T11:56:00.000Z","6.8.5","4.9","7.4",[92,20,93,94,95],"plugin-info","plugin-tracker","plugins","tracker","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-activation-tracker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-activation-tracker.3.6.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":64,"downloaded":106,"rating":107,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":13,"tags":112,"homepage":117,"download_link":118,"security_score":54,"vuln_count":67,"unpatched_count":11,"last_vuln_date":119,"fetched_at":55},"plugin-groups","Plugin Groups","2.0.9","David Cramer","https:\u002F\u002Fprofiles.wordpress.org\u002Fdesertsnowman\u002F","\u003Cp>If you have a lot of plugins installed, it can be difficult to manage them all. Now you can organize the plugins admin page by grouping your plugins by purpose. Each group will be displayed as a plugin status tabs in the plugins admin page, so you can easily filter which plugins you are viewing by group.\u003C\u002Fp>\n\u003Cp>A free plugin by \u003Ca href=\"https:\u002F\u002Fcramer.co.za\" rel=\"nofollow ugc\">David Cramer\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDavidCramer\u002Fplugin-groups\" rel=\"nofollow ugc\">Contribute to the development on GitHub\u003C\u002Fa>\u003C\u002Fp>\n","Organize plugins in the Plugins Admin Page by creating groups and filter types",27148,86,30,"2024-02-20T06:45:00.000Z","6.4.8","5.3",[113,114,99,115,116],"plugin-filter","plugin-group","plugin-organizer","plugin-status-filter","https:\u002F\u002Fcramer.co.za","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-groups.zip","2024-02-20 00:00:00",{"slug":121,"name":122,"version":123,"author":60,"author_profile":61,"description":124,"short_description":125,"active_installs":64,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":14,"requires_at_least":130,"requires_php":13,"tags":131,"homepage":134,"download_link":135,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"webfinger","WebFinger","4.0.1","\u003Cp>WebFinger allows you to be discovered on the web using an identifier like \u003Ccode>you@yourdomain.com\u003C\u002Fcode> — similar to how email works, but for your online identity.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why is this useful?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Fediverse & Mastodon:\u003C\u002Fstrong> WebFinger is essential for federation. It allows Mastodon and other ActivityPub-powered platforms to find and follow your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Decentralized Identity:\u003C\u002Fstrong> People can look you up using your WordPress domain, making your site the canonical source for your online identity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with other plugins:\u003C\u002Fstrong> This plugin provides the foundation that other plugins (like the ActivityPub plugin) build upon.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How it works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When someone searches for \u003Ccode>@you@yourdomain.com\u003C\u002Fcode> on Mastodon or another federated service, their server asks your WordPress site: “Who is this person?” WebFinger answers that question by providing information about you and links to your profiles.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Technical details:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WebFinger is an open standard (\u003Ca href=\"http:\u002F\u002Ftools.ietf.org\u002Fhtml\u002Frfc7033\" rel=\"nofollow ugc\">RFC 7033\u003C\u002Fa>) that enables discovery of information about people and resources on the internet. It works by responding to requests at \u003Ccode>\u002F.well-known\u002Fwebfinger\u003C\u002Fcode> on your domain.\u003C\u002Fp>\n","WebFinger for WordPress",21454,74,3,"2025-12-16T11:02:00.000Z","4.2",[72,132,133,75,121],"discovery","jrd","https:\u002F\u002Fgithub.com\u002Fpfefferle\u002Fwordpress-webfinger","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebfinger.4.0.1.zip",{"attackSurface":137,"codeSignals":164,"taintFlows":172,"riskAssessment":173,"analyzedAt":181},{"hooks":138,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":11,"unprotectedCount":11},[139,145,147,151,154,157],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_enqueue_scripts","anonymous","includes\\class-last-activity.php",115,{"type":140,"name":141,"callback":142,"file":143,"line":146},116,{"type":148,"name":149,"callback":142,"file":143,"line":150},"filter","manage_plugins_columns",120,{"type":140,"name":152,"callback":142,"file":143,"line":153},"manage_plugins_custom_column",121,{"type":140,"name":155,"callback":142,"file":143,"line":156},"activated_plugin",123,{"type":140,"name":158,"callback":142,"file":143,"line":159},"deactivated_plugin",124,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":166,"outputEscaping":168,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":171},[],{"prepared":11,"raw":11,"locations":167},[],{"escaped":169,"rawEcho":11,"locations":170},5,[],[],[],{"summary":174,"deductions":175},"The \"last-activity\" v2.0.3 plugin exhibits a strong security posture based on the provided static analysis.  The complete absence of any identified attack surface (AJAX handlers, REST API routes, shortcodes, cron events) is a significant strength, as it minimizes potential entry points for attackers.  Furthermore, the code signals indicate responsible development practices, with no dangerous functions, all SQL queries using prepared statements, and all output properly escaped.  The lack of file operations and external HTTP requests further reduces the plugin's attack surface.\n\nThe plugin's vulnerability history is also exceptionally clean, with zero known CVEs, no unpatched vulnerabilities, and no recorded common vulnerability types. This suggests a history of secure development and diligent maintenance, or that the plugin has not been a target or subject to extensive public security research.  However, the absence of nonce checks and capability checks is a potential concern, particularly if the plugin were to introduce any new user-facing functionalities in the future that could be exploited in a cross-site request forgery (CSRF) or privilege escalation attack.  While the current static analysis shows no exploitable flows, future development without these fundamental security mechanisms could introduce risks.",[176,179],{"reason":177,"points":178},"Missing nonce checks",10,{"reason":180,"points":178},"Missing capability checks","2026-03-17T05:50:34.947Z",{"wat":183,"direct":192},{"assetPaths":184,"generatorPatterns":187,"scriptPaths":188,"versionParams":189},[185,186],"\u002Fwp-content\u002Fplugins\u002Flast-activity\u002Fadmin\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Flast-activity\u002Fadmin\u002Fjs\u002Fadmin.js",[],[186],[190,191],"last-activity\u002Fadmin\u002Fcss\u002Fadmin.css?ver=","last-activity\u002Fadmin\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":193,"htmlComments":194,"htmlAttributes":195,"restEndpoints":197,"jsGlobals":198,"shortcodeOutput":200},[],[],[196],"data-pluginfile",[],[199],"LastActivity",[]]