[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fesXI6JM0hZYFAzLoEuw0ZCZD7Y4m6eUPzm6Yfq90wdo":3,"$fdYI3Z7xLKkEJLzylBlM4keNaJtqC2dj5WP3p2Ooo29Q":230,"$ftNAW5tw2AXiatPfqvMEzOH16eZsNBpD2RUraNVsWjQ4":235},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":140,"fingerprints":193},"last-users-dashboard-widget","Last-USERS-Dashboard-Widget","0.305","n4me","https:\u002F\u002Fprofiles.wordpress.org\u002Fn4me\u002F","\u003Cp>Widget for Dashboard WP.\u003Cbr \u002F>\nShows last (10) registered users and their activity.\u003Cbr \u002F>\n(shown for role ‘admin’ or ‘editor’)\u003C\u002Fp>\n\u003Cp>Give the administrator and editors the opportunity to see information about the latest 10 (you can change the count) of freshly registered users and their activity (posts, pages, comments).\u003Cbr \u002F>\nWidget for the dashboard in the admin panel WP.\u003Cbr \u002F>\nShown to administrators or editors.\u003Cbr \u002F>\nOf course, it’s about spammers and bots.\u003C\u002Fp>\n","Widget for Dashboard WP. Shows last (10) registered users and their activity. (shown for role 'admin' or 'editor') Russian: Дат &hellip;",0,1339,100,1,"2019-10-23T15:37:00.000Z","5.3.21","3.6","",[20,21,22,23,24],"admin","dashboard","tool","users","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-users-dashboard-widget.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,10,30,84,"2026-07-15T20:34:33.009Z",[38,57,81,100,119],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":13,"downloaded":46,"rating":13,"num_ratings":14,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":55,"download_link":56,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"admin-users-logged-in","Admin Users Logged In","1.0.6","Marcel Pol","https:\u002F\u002Fprofiles.wordpress.org\u002Fmpol\u002F","\u003Cp>Dashboard widget that shows admin users and when they were last logged in.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>This plugin is compatible with \u003Ca href=\"https:\u002F\u002Fwww.classicpress.net\" rel=\"nofollow ugc\">ClassicPress\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contributions\u003C\u002Fh4>\n\u003Cp>This plugin is also available in\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcodeberg.org\u002Fcyclotouriste\u002Fadmin-users-logged-in\" rel=\"nofollow ugc\">Codeberg\u003C\u002Fa>.\u003C\u002Fp>\n","Dashboard widget that shows admin users and when they were last logged in.",3922,"2026-01-10T09:18:00.000Z","6.9.4","4.4","7.0",[52,53,54],"admin-users","dashboard-widget","last-login","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-users-logged-in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-users-logged-in.1.0.6.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":77,"download_link":78,"security_score":79,"vuln_count":14,"unpatched_count":11,"last_vuln_date":80,"fetched_at":28},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",20000,633977,86,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5","7.4",[20,74,53,75,76],"administration","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,"2019-02-25 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":67,"num_ratings":34,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":18,"download_link":98,"security_score":99,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"hide-admin-bar-from-non-admins","Hide Admin Bar from Non-Admins","1.0.2","Andrew Lima","https:\u002F\u002Fprofiles.wordpress.org\u002Fandrewza\u002F","\u003Ch3>Install, activate, and you’re done.\u003C\u002Fh3>\n\u003Cp>This plugin hides the WordPress Toolbar (admin bar) for all visitors and users without the ‘administrator’ role. It’s a very simple plugin with no settings to configure.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use this plugin for sites with only one admin who needs access to the dashboard and the admin bar.\u003C\u002Fli>\n\u003Cli>This plugin is super lightweight, with just a few lines of code.\u003C\u002Fli>\n\u003Cli>If you need to show the toolbar for other user roles, use the filter \u003Ccode>habfna_show_admin_bar_roles\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is a tweak of the code by Yoast to hide the admin bar for non-admins only.\u003C\u002Fp>\n","Hides the WordPress toolbar (admin bar) for all non-admin users. Simple plugin with no settings to configure.",10000,237834,"2024-11-18T14:39:00.000Z","6.7.5","5.2",[95,96,21,97],"admin-bar","adminbar","toolbar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-bar-from-non-admins.1.0.2.zip",92,{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":89,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":92,"requires_at_least":112,"requires_php":72,"tags":113,"homepage":117,"download_link":118,"security_score":99,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"wp-widget-disable","Widget Disable","3.0.1","required","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearerequired\u002F","\u003Cp>This simple plugin allows you to disable any sidebar and dashboard widget for the current WordPress site you are on. It provides a simple user interface available to users with \u003Ccode>edit_theme_options\u003C\u002Fcode> capabilities (usually Administrator role) available under Appearance -> Disable Widgets.\u003Cbr \u002F>\nAfter saving the settings, the sidebar and dashboard widgets are removed from and the user can’t see those widgets anymore.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer? Get to know the hooks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Have a look at the filters we provide:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_widget_disable_default_sidebar_widgets\u003C\u002Fcode> – Allows you to exclude certain sidebar widgets from being disabled.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_widget_disable_default_dashboard_widgets\u003C\u002Fcode> – Allows you to exclude certain dashboard widgets from being disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Contributions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you would like to contribute to this plugin, report an issue or anything like that, please note that we develop this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwearerequired\u002FWP-Widget-Disable\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Frequired.com\u002F\" title=\"Team of experienced web professionals from Switzerland & Germany\" rel=\"nofollow ugc\">required\u003C\u002Fa>\u003C\u002Fp>\n","Disable sidebar and dashboard widgets with an easy to use interface.",185881,96,24,"2024-11-18T13:40:00.000Z","6.0",[20,21,114,115,116],"dashboard-widgets","sidebar-widgets","widgets","https:\u002F\u002Frequired.com\u002Fservices\u002Fwordpress-plugins\u002Fwp-widget-disable\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-widget-disable.3.0.1.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":48,"requires_at_least":112,"requires_php":132,"tags":133,"homepage":137,"download_link":138,"security_score":13,"vuln_count":14,"unpatched_count":11,"last_vuln_date":139,"fetched_at":28},"admin-bar-dashboard-control","Admin Bar & Dashboard Access Control","1.2.9","Collins Agbonghama","https:\u002F\u002Fprofiles.wordpress.org\u002Fcollizo4sky\u002F","\u003Cp>Simple plugin for disabling admin bar and preventing access to WordPress dashboard based on a user’s roles.\u003C\u002Fp>\n\u003Cp>It is that simple 😀\u003C\u002Fp>\n\u003Ch3>Plugins you will like:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ffusewp.com\u002F\" rel=\"nofollow ugc\">FuseWP\u003C\u002Fa>\u003C\u002Fstrong>: Connect wordPress to marketing platforms and sync users to your email list.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-user-avatar\u002F\" rel=\"ugc\">ProfilePress\u003C\u002Fa>\u003C\u002Fstrong>: A simple yet powerful eCommerce and paid membership plugin for accepting one-time and recurring payments and selling subscriptions via Stripe & PayPal, restrict content and control user access. \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmailoptin.io\u002F\" rel=\"nofollow ugc\">MailOptin\u003C\u002Fa>\u003C\u002Fstrong> – The best WordPress email optin forms, email automation & newsletters plugin in the market.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable admin bar and control users access to WordPress dashboard.",3000,70421,94,18,"2025-12-04T13:26:00.000Z","5.4",[95,134,135,136,97],"admin-dashboard","disable-admin-bar","disable-toolbar","https:\u002F\u002Fprofilepress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-bar-dashboard-control.1.2.9.zip","2023-10-31 00:00:00",{"attackSurface":141,"codeSignals":153,"taintFlows":179,"riskAssessment":180,"analyzedAt":192},{"hooks":142,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":152,"entryPointCount":11,"unprotectedCount":11},[143],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","wp_dashboard_setup","ludw_add_last_dashboardWidgets","last-users-dashboard-widget.php",53,[],[],[],[],{"dangerousFunctions":154,"sqlUsage":155,"outputEscaping":160,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":32,"bundledLibraries":178},[],{"prepared":14,"raw":14,"locations":156},[157],{"file":147,"line":158,"context":159},22,"$wpdb->get_var() with unsafe: $user_email",{"escaped":11,"rawEcho":161,"locations":162},7,[163,166,168,170,172,174,176],{"file":147,"line":164,"context":165},31,"raw output",{"file":147,"line":167,"context":165},33,{"file":147,"line":169,"context":165},34,{"file":147,"line":171,"context":165},37,{"file":147,"line":173,"context":165},38,{"file":147,"line":175,"context":165},42,{"file":147,"line":177,"context":165},43,[],[],{"summary":181,"deductions":182},"The 'last-users-dashboard-widget' plugin version 0.305 exhibits a generally strong security posture from a static analysis perspective, with no identified attack surface through common entry points like AJAX, REST API, shortcodes, or cron events. The absence of dangerous functions, file operations, and external HTTP requests further contributes to this positive assessment. The code also shows a commitment to security by implementing capability checks on its SQL queries. \n\nHowever, a significant concern arises from the complete lack of output escaping. This means that any data rendered by the plugin could potentially be manipulated by an attacker, leading to cross-site scripting (XSS) vulnerabilities. The 50% of SQL queries not using prepared statements also represent a potential SQL injection risk, although the total number of queries is low. The absence of nonce checks, while not directly linked to an exposed attack surface in this specific analysis, is generally a good practice for securing AJAX actions and could be a missed opportunity for layered security. \n\nThe plugin's vulnerability history is a significant strength, with zero recorded CVEs of any severity. This suggests a history of responsible development and a lack of exploitable vulnerabilities discovered to date. In conclusion, while the plugin benefits from a minimal attack surface and a clean vulnerability history, the critical lack of output escaping and the presence of non-prepared SQL queries are notable weaknesses that require immediate attention.",[183,186,189],{"reason":184,"points":185},"All output is unescaped",8,{"reason":187,"points":188},"50% of SQL queries not using prepared statements",5,{"reason":190,"points":191},"No nonce checks",3,"2026-04-16T14:35:47.585Z",{"wat":194,"direct":200},{"assetPaths":195,"generatorPatterns":197,"scriptPaths":198,"versionParams":199},[196],"\u002Fwp-content\u002Fplugins\u002Flast-users-dashboard-widget\u002Flast-users-dashboard-widget.php",[],[],[],{"cssClasses":201,"htmlComments":202,"htmlAttributes":203,"restEndpoints":204,"jsGlobals":205,"shortcodeOutput":206},[],[],[],[],[],[207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,222,225,224,222,226,227,228,229],"Да, ты админ или редактор!\u003Cbr>","У нас на сайте "," пользователей,",". Вот.\u003Cbr>\n","Посмотрим "," свежезарегистрированых и их активность:","\u003Chr> ID: "," \u003Ca href=\"","\" target=\"_blank\">","\u003C\u002Fa>\u003Cbr>email: ","\u003Cbr>url: ","\u003Cbr>fname: ","\u003Cbr>lname: ","\u003Cbr>user-roles: ","\n","\u003Ca href=\"","\" target=\"_blank\">Постов: ","\u003C\u002Fa> ","\" target=\"_blank\">Страниц: ","\" target=\"_blank\">Комментариев (по имейл): ","\u003C\u002Fa>","\u003Cbr>registered: ","\u003Cbr>\n",{"error":231,"url":232,"statusCode":233,"statusMessage":234,"message":234},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Flast-users-dashboard-widget\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":236},[]]