[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fq4_79lIbnjWrGVv3DQPp_pktA7mwrsH6TPTEuPlw7lo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":35,"analysis":141,"fingerprints":244},"little-free-archive-freshener","Little Free Archive Freshener","1.0.2","Sam Glover","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamglover\u002F","\u003Cp>It is a good practice to review your evergreen posts and pages periodically to update and expand the information on them and improve their SEO performance. But if you have a lot of posts and pages it can be hard to keep track of them. Little Free Air Freshener makes it simple by suggesting one at a time for you to work on.\u003C\u002Fp>\n","The Little Free Archive Freshener plugin for WordPress is an editorial and SEO tool that helps you keep your posts and pages fresh.",0,1074,"2024-07-19T17:59:00.000Z","6.6.5","5.5","7.3.5",[18,19,20],"archive","maintenance","seo","https:\u002F\u002Fsamglover.net\u002Fprojects\u002Flittle-free-archive-freshener\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flittle-free-archive-freshener.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"samglover",2,40,96,10,91,"2026-04-04T13:04:23.305Z",[36,60,82,101,123],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":11,"last_vuln_date":59,"fetched_at":25},"link-checker","Link Checker Professional","1.18.7","Marco Beierer","https:\u002F\u002Fprofiles.wordpress.org\u002Fmbsec\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwww.marcobeierer.com\u002Fwordpress-plugins\u002Flink-checker\" rel=\"nofollow ugc\">Link Checker\u003C\u002Fa> for WordPress uses an external service to crawl your website and find broken links and images on your website.\u003C\u002Fp>\n\u003Cp>In contrast to search engine tools like the Google Search Console, which only show if a URL on your website is not reachable, it does not matter for the Link Checker if the links leads to an internal or external URL. The Link Checker will find all dead links.\u003C\u002Fp>\n\u003Cp>The Link Checker works for every plugin out of the box. The computation costs for your website is also very low because the crawler does the heavy work and just acts like a normal visitor, who visits all pages of you website once.\u003C\u002Fp>\n\u003Ch4>Out of service\u003C\u002Fh4>\n\u003Cp>It’s no longer possible to purchase tokens for the Link Checker as of mid-January 2023.\u003C\u002Fp>\n\u003Cp>The service is still available for all users that have already purchased a token and will be shutdown when the last issued token expires mid-January 2024.\u003C\u002Fp>\n\u003Ch4>Paid plugin\u003C\u002Fh4>\n\u003Cp>Please note that the Link Checker requires a paid token to operate. The free version is no longer offered.\u003C\u002Fp>\n\u003Ch4>Videos\u003C\u002Fh4>\n\u003Cp>You can find videos about the Link Checker on the \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=8rUFDp09tjs&list=PL5VYcNma6nfxIrlbpz0f1avXT_JIrUZA1\" rel=\"nofollow ugc\">Link Checker for WordPress playlist on YouTube\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F8rUFDp09tjs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent&listType=playlist&list=PL5VYcNma6nfxIrlbpz0f1avXT_JIrUZA1\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Simple setup\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works out of the box\u003C\u002Fstrong> with all WordPress plugins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Low computation costs\u003C\u002Fstrong> for your webserver.\u003C\u002Fli>\n\u003Cli>Lists all broken links and redirects on your website.\u003C\u002Fli>\n\u003Cli>Support for Polylang (probably also WPML) sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Technical Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Respects your robots.txt file (also the crawl-delay directive).\n\u003Cul>\n\u003Cli>You can use the user-agents MB-LinkChecker to control the crawler.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional Features of the Professional Version\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Check if embedded internal and external \u003Cstrong>images\u003C\u002Fstrong> are broken.\u003C\u002Fli>\n\u003Cli>Check if embedded \u003Cstrong>YouTube videos\u003C\u002Fstrong> are broken.\u003C\u002Fli>\n\u003Cli>Scheduler to \u003Cstrong>automatically check a website\u003C\u002Fstrong> once a day and get a summary report by email.\u003C\u002Fli>\n\u003Cli>The result can be exported as CSV file.\u003C\u002Fli>\n\u003Cli>Form login support to check protected pages like membership areas.\u003C\u002Fli>\n\u003Cli>The result is saved on the Link Checker server so that it can be fetched multiple times without requiring a recheck. For example from different users or with different browsers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upcoming Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for checking the availability of videos, CSS files and JS files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Technical Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Works with \u003Cstrong>PHP 5.6 and 7\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Is the service free of charge?\u003C\u002Fh4>\n\u003Cp>The Link Checker Professional is a paid plugin. A free version was offered for many years, but since August 2022 only a paid version is available.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.marcobeierer.com\u002Fwordpress-plugins\u002Flink-checker-professional\" rel=\"nofollow ugc\">Link Checker Professional\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Use of an External Server\u003C\u002Fh4>\n\u003Cp>The Link Checker uses an external server, operated by the developer of the plugin, to crawl your website and detect broken links. This means, that there is some communication between your website and the server. The only data that is communicated to the external server by your website is the URL of your website and the fact that you are using WordPress. The server than crawlers your website (as a normal visitor does) and answers with a list of the found broken links.\u003C\u002Fp>\n","An easy to use link checker for WordPress to detect broken links and images on your website.",4000,207049,64,30,"2023-01-14T03:03:00.000Z","6.0.11","4.5","",[53,37,54,19,20],"broken-link-checker","links","https:\u002F\u002Fwww.marcobeierer.com\u002Fwordpress-plugins\u002Flink-checker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flink-checker.1.18.7.zip",84,1,"2019-03-22 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":29,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":80,"download_link":81,"security_score":70,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"noindex-seo","noindex SEO","2.0.0","Javier Casares","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaviercasares\u002F","\u003Cp>Fine-grained control over how search engines index and display your WordPress content. Apply 5 independent robots directives to 25 different page contexts with flexible implementation methods.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>5 Robots Directives:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>noindex\u003C\u002Fstrong>: Prevent search engines from indexing the page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>nofollow\u003C\u002Fstrong>: Prevent search engines from following links on the page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>noarchive\u003C\u002Fstrong>: Prevent search engines from showing cached versions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>nosnippet\u003C\u002Fstrong>: Prevent search engines from showing text snippets in results\u003C\u002Fli>\n\u003Cli>\u003Cstrong>noimageindex\u003C\u002Fstrong>: Prevent search engines from indexing images on the page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Implementation Methods:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>HTML Meta Tags: Traditional method, easy to verify in page source (default)\u003C\u002Fli>\n\u003Cli>HTTP Headers: More robust, works with all content types including PDFs and images\u003C\u002Fli>\n\u003Cli>Both: Maximum compatibility for all scenarios\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Control Levels:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Global Settings: Apply directives to 25 different page contexts (posts, pages, archives, etc.)\u003C\u002Fli>\n\u003Cli>Granular Control (Optional): Override global settings for individual posts, pages, and custom post types via meta boxes in the editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Perfect for:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Blocking indexing of attachment pages while allowing link following\u003C\u002Fli>\n\u003Cli>Preventing duplicate content issues with flexible directive combinations\u003C\u002Fli>\n\u003Cli>Controlling archive page indexing with granular control\u003C\u002Fli>\n\u003Cli>Managing pagination SEO with independent settings\u003C\u002Fli>\n\u003Cli>Protecting private content from search engine caching\u003C\u002Fli>\n\u003Cli>Preventing snippet display while still indexing content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Main pages\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Front Page: Block the indexing of the site’s front page.\u003C\u002Fli>\n\u003Cli>Home: Block the indexing of the site’s home page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Pages and Posts\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Page: Block the indexing of the site’s pages.\u003C\u002Fli>\n\u003Cli>Privacy Policy: Block the indexing of the site’s privacy policy page.\u003C\u002Fli>\n\u003Cli>Single: Block the indexing of a post on the site.\u003C\u002Fli>\n\u003Cli>Singular: Block the indexing of a post or a page of the site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Taxonomies\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Category: Block the indexing of the site categories. The lists where the posts appear.\u003C\u002Fli>\n\u003Cli>Tag: Block the indexing of the site’s tags. The lists where the posts appear.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Dates\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Date: Block the indexing when any date-based archive page (i.e. a monthly, yearly, daily or time-based archive) of the site. The lists where the posts appear.\u003C\u002Fli>\n\u003Cli>Day: Block the indexing when a daily archive of the site. The lists where the posts appear.\u003C\u002Fli>\n\u003Cli>Month: Block the indexing when a monthly archive of the site. The lists where the posts appear.\u003C\u002Fli>\n\u003Cli>Time: Block the indexing when an hourly, “minutely”, or “secondly” archive of the site. The lists where the posts appear.\u003C\u002Fli>\n\u003Cli>Year: Block the indexing when a yearly archive of the site. The lists where the posts appear.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Archives\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Archive: Block the indexing of any type of Archive page. Category, Tag, Author and Date based pages are all types of Archives. The lists where the posts appear.\u003C\u002Fli>\n\u003Cli>Author: Block the indexing of the author’s page, where the author’s publications appear.\u003C\u002Fli>\n\u003Cli>Post Type Archive: Block the indexing of any post type page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Pagination\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Pagination: Block the indexing of the pagination, i.e. all pages other than the main page of an archive.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Search\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Search: Block the indexing of the internal search result pages.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Attachments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Attachment: Block the indexing of an attachment document to a post or page. An attachment is an image or other file uploaded through the post editor’s upload utility. Attachments can be displayed on their own “page” or template. This will not cause the indexing of the image or file to be blocked.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Previews\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customize Preview: Block the indexing when a content is being displayed in customize mode.\u003C\u002Fli>\n\u003Cli>Preview: Block the indexing when a single post is being displayed in draft mode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Error Page\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Error 404: This will cause an error page to be blocked from being indexed. As it is an error page, it should not be indexed per se, but just in case.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important note: if you have any doubt about any of the following items it is best not to activate the option as you could lose results in the search engines.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress: 6.6 – 6.9\u003C\u002Fli>\n\u003Cli>PHP: 7.2 – 8.5\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cp>This plugin adheres to the following security measures and review protocols for each version:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002F\" rel=\"nofollow ugc\">WordPress Plugin Handbook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fwordpress-org\u002Fplugin-security\u002F\" rel=\"nofollow ugc\">WordPress Plugin Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fapis\u002Fsecurity\u002F\" rel=\"nofollow ugc\">WordPress APIs Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002FWordPress-Coding-Standards\" rel=\"nofollow ugc\">WordPress Coding Standards\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-check\u002F\" rel=\"ugc\">Plugin Check (PCP)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin does not collect any information about your site, your identity, the plugins, themes or content the site has.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Vulnerabilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No vulnerabilities have been published up to version 2.0.0.\u003C\u002Fli>\n\u003Cli>Version 2.0.0 includes proactive security hardening based on comprehensive security audit (see docs\u002FSECURITY-2026-01-20.md).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Found a security vulnerability? Please report it to us privately at the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjaviercasares\u002Fnoindex-seo\u002Fsecurity\u002Fadvisories\u002Fnew\" rel=\"nofollow ugc\">noindex SEO GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Control search engine indexing with robots directives using HTML meta tags or HTTP headers.",3000,45718,100,"2026-01-20T14:42:00.000Z","6.9.4","6.6","7.2",[76,77,78,79,20],"noarchive","nofollow","noindex","robots","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnoindex-seo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnoindex-seo.2.0.0.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":68,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":51,"tags":96,"homepage":51,"download_link":99,"security_score":57,"vuln_count":29,"unpatched_count":11,"last_vuln_date":100,"fetched_at":25},"ultimate-noindex-nofollow-tool-ii","Ultimate Noindex Nofollow Tool II","1.3.6","texttheater","https:\u002F\u002Fprofiles.wordpress.org\u002Ftexttheater\u002F","\u003Cp>Improves your blog’s search engine optimization by “noindexing” pages you choose.\u003C\u002Fp>\n\u003Cp>Add the \u003Ccode>noindex\u003C\u002Fcode> robots meta tag to archives, categories, search pages, tags, author pages, login, admin pages or any other page you choose.\u003C\u002Fp>\n\u003Cp>Add the \u003Ccode>rel=\"nofollow\"\u003C\u002Fcode> attribute to individual pages listed by the \u003Ccode>wp_list_pages\u003C\u002Fcode> function or the Pages widget. Also, add the \u003Ccode>rel=\"nofollow\"\u003C\u002Fcode> attribute to archive links, category links, registration and login links.\u003C\u002Fp>\n\u003Cp>Written by Jon Kemp, currently maintained by Kilian Evang.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>After installation, the settings page for this plugin can be found in your WordPress administration interface under Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Ultimate noindex.\u003C\u002Fp>\n","Improves your blog's search engine optimization by \"noindexing\" pages you choose. Now also for page-based (as opposed to date-based) archives.",59569,62,8,"2024-02-20T16:20:00.000Z","6.4.8","2.6.5",[18,97,98,77,20],"archives","google","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-noindex-nofollow-tool-ii.zip","2024-03-25 00:00:00",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":29,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":121,"download_link":122,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"wp-remove-category-from-archive-title","WP Remove Category from Archive Title","1.3","Isrg Rajan","https:\u002F\u002Fprofiles.wordpress.org\u002Fisrgrajan\u002F","\u003Cp>WP Remove Category from Archive Title is a lightweight plugin that removes the default “Category:” prefix from archive titles in WordPress. This improves aesthetics, readability, and SEO.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Removes “Category:” prefix from category archive titles.\u003Cbr \u002F>\n– Works with other archive types such as tags, authors, and custom taxonomies.\u003Cbr \u002F>\n– Ensures compatibility with the latest WordPress version (6.7.2) and PHP (7.4+).\u003Cbr \u002F>\n– Improved code structure for better performance and security.\u003Cbr \u002F>\n– Lightweight and efficient—no performance impact.\u003C\u002Fp>\n","WP Remove Category from Archive Title helps you remove the default \"Category:\" prefix from archive titles, improving SEO and readability.",300,6805,60,"2025-03-08T17:11:00.000Z","6.7.5","4.0","7.4",[117,118,119,20,120],"archive-title","category","cleanup","wordpress","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-remove-category-from-archive-title\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-remove-category-from-archive-title.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":32,"downloaded":131,"rating":11,"num_ratings":11,"last_updated":132,"tested_up_to":72,"requires_at_least":133,"requires_php":115,"tags":134,"homepage":138,"download_link":139,"security_score":70,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":140},"amoos-functionality-suite","Amoos Functionality Suite","1.1.0","Manea Raluca","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanraraluca\u002F","\u003Cp>The Amoos Functionality Suite is a powerful WordPress plugin that consolidates multiple website functionalities into one easy-to-manage package. Each functionality can be activated or deactivated independently, giving you complete control over your website’s features.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch3>1. Ahrefs Analytics\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Add Ahrefs Analytics tracking script to your website\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Features:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Asynchronous script loading\u003C\u002Fli>\n\u003Cli>Customizable tracking key\u003C\u002Fli>\n\u003Cli>Admin settings panel\u003C\u002Fli>\n\u003Cli>Duplicate script detection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2. Password Protection\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Add password protection to your entire website\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Features:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Domain-specific protection (optional)\u003C\u002Fli>\n\u003Cli>Exclude specific pages from protection\u003C\u002Fli>\n\u003Cli>Skip protection for logged-in users\u003C\u002Fli>\n\u003Cli>Cookie-based authentication (cache-friendly)\u003C\u002Fli>\n\u003Cli>Customizable password form design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>3. Google Analytics\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Add Google Analytics 4 tracking to your website\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Features:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Google Analytics 4 (gtag.js) integration\u003C\u002Fli>\n\u003Cli>Customizable Measurement ID\u003C\u002Fli>\n\u003Cli>Asynchronous script loading\u003C\u002Fli>\n\u003Cli>Duplicate script detection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>4. Custom CSS Classes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Add custom CSS classes meta box to pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Features:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Meta box in page editor\u003C\u002Fli>\n\u003Cli>Comma-separated class input\u003C\u002Fli>\n\u003Cli>Automatic body class addition\u003C\u002Fli>\n\u003Cli>Easy CSS customization\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>5. Floating Icons\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Add floating WhatsApp and phone icons to your website\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Features:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>WhatsApp icon with direct messaging\u003C\u002Fli>\n\u003Cli>Two phone icons with direct calling (different colors)\u003C\u002Fli>\n\u003Cli>4 position options (corners)\u003C\u002Fli>\n\u003Cli>Responsive design\u003C\u002Fli>\n\u003Cli>Inline SVG icons (no external dependencies)\u003C\u002Fli>\n\u003Cli>Customizable contact numbers\u003C\u002Fli>\n\u003Cli>Visual distinction between phone numbers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6. Contact Box\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Insert contact information box into blog posts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Features:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Automatic insertion in blog posts\u003C\u002Fli>\n\u003Cli>Middle-of-content positioning\u003C\u002Fli>\n\u003Cli>Clickable phone and email links\u003C\u002Fli>\n\u003Cli>Customizable contact information\u003C\u002Fli>\n\u003Cli>Modern styled design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>7. Dynamic Cities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Create dynamic city pages with SEO optimization\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Features:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Dynamic URL rewriting\u003C\u002Fli>\n\u003Cli>SEO-optimized titles and descriptions\u003C\u002Fli>\n\u003Cli>Shortcode for city lists\u003C\u002Fli>\n\u003Cli>Automatic city list insertion\u003C\u002Fli>\n\u003Cli>Customizable SEO templates\u003C\u002Fli>\n\u003Cli>Romanian cities included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Ch3>Main Dashboard\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Access the main dashboard at \u003Cstrong>Amoos Suite\u003C\u002Fstrong> in your WordPress admin\u003C\u002Fli>\n\u003Cli>Toggle functionalities on\u002Foff using the switch controls\u003C\u002Fli>\n\u003Cli>Click “Configure” to access individual settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Individual Functionality Settings\u003C\u002Fh3>\n\u003Ch4>Ahrefs Analytics\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Amoos Suite > Ahrefs Analytics\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Enable the functionality\u003C\u002Fli>\n\u003Cli>Enter your Ahrefs Analytics tracking key\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Password Protection\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Amoos Suite > Password Protection\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Enable the functionality\u003C\u002Fli>\n\u003Cli>Set your protection password\u003C\u002Fli>\n\u003Cli>Configure domain restrictions (optional)\u003C\u002Fli>\n\u003Cli>Select pages to exclude from protection\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Google Analytics\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Amoos Suite > Google Analytics\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Enable the functionality\u003C\u002Fli>\n\u003Cli>Enter your Google Analytics Measurement ID\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Custom CSS Classes\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Amoos Suite > Custom CSS Classes\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Enable the functionality\u003C\u002Fli>\n\u003Cli>Edit any page to add custom CSS classes\u003C\u002Fli>\n\u003Cli>Classes will be automatically added to the body tag\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Floating Icons\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Amoos Suite > Floating Icons\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Enable the functionality\u003C\u002Fli>\n\u003Cli>Enter WhatsApp number\u003C\u002Fli>\n\u003Cli>Enter first phone number (blue icon)\u003C\u002Fli>\n\u003Cli>Enter second phone number (green icon)\u003C\u002Fli>\n\u003Cli>Choose icon position\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Contact Box\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Amoos Suite > Contact Box\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Enable the functionality\u003C\u002Fli>\n\u003Cli>Configure contact information\u003C\u002Fli>\n\u003Cli>Set box title and contact form link\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Dynamic Cities\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Amoos Suite > Dynamic Cities\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Enable the functionality\u003C\u002Fli>\n\u003Cli>Set base page slug\u003C\u002Fli>\n\u003Cli>Configure SEO templates\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003Cli>Flush rewrite rules (go to Settings > Permalinks)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Ch3>City List Shortcode\u003C\u002Fh3>\n\u003Cp>Use \u003Ccode>[orase_optimizare_seo]\u003C\u002Fcode> to display a list of Romanian cities with links to their respective pages.\u003C\u002Fp>\n\u003Ch3>Hooks and Filters\u003C\u002Fh3>\n\u003Ch3>Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>amoos_functionality_suite_init\u003C\u002Fcode> – Fired when the plugin initializes\u003C\u002Fli>\n\u003Cli>\u003Ccode>amoos_ahrefs_analytics_script\u003C\u002Fcode> – Fired before Ahrefs script output\u003C\u002Fli>\n\u003Cli>\u003Ccode>amoos_google_analytics_script\u003C\u002Fcode> – Fired before Google Analytics script output\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>amoos_contact_box_content\u003C\u002Fcode> – Filter contact box HTML content\u003C\u002Fli>\n\u003Cli>\u003Ccode>amoos_dynamic_cities_list\u003C\u002Fcode> – Filter the list of cities\u003C\u002Fli>\n\u003Cli>\u003Ccode>amoos_floating_icons_position\u003C\u002Fcode> – Filter floating icons position\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All inputs are sanitized and validated\u003C\u002Fli>\n\u003Cli>Nonce verification for all forms\u003C\u002Fli>\n\u003Cli>Capability checks for admin functions\u003C\u002Fli>\n\u003Cli>XSS protection for output\u003C\u002Fli>\n\u003Cli>SQL injection prevention\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Performance Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Asynchronous script loading\u003C\u002Fli>\n\u003Cli>Conditional loading (only when enabled)\u003C\u002Fli>\n\u003Cli>Optimized database queries\u003C\u002Fli>\n\u003Cli>Minimal resource usage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress:\u003C\u002Fstrong> 5.0 or higher\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP:\u003C\u002Fstrong> 7.4 or higher\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MySQL:\u003C\u002Fstrong> 5.6 or higher\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tested up to:\u003C\u002Fstrong> WordPress 6.4\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Browser Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Chrome 80+\u003C\u002Fli>\n\u003Cli>Firefox 75+\u003C\u002Fli>\n\u003Cli>Safari 13+\u003C\u002Fli>\n\u003Cli>Edge 80+\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch3>Common Issues\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Scripts not loading\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Check if functionality is enabled\u003C\u002Fli>\n\u003Cli>Verify script keys\u002FIDs are correct\u003C\u002Fli>\n\u003Cli>Check for JavaScript errors in browser console\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Rewrite rules not working (Dynamic Cities)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to Settings > Permalinks\u003C\u002Fli>\n\u003Cli>Click “Save Changes” to flush rewrite rules\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Password protection not working\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Check domain settings\u003C\u002Fli>\n\u003Cli>Verify password is correct\u003C\u002Fli>\n\u003Cli>Clear browser cache and cookies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Floating icons not appearing\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Check if functionality is enabled\u003C\u002Fli>\n\u003Cli>Verify phone numbers are correctly formatted\u003C\u002Fli>\n\u003Cli>Check for CSS conflicts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Debug Mode\u003C\u002Fh3>\n\u003Cp>Enable WordPress debug mode to see detailed error messages:\u003Cbr \u002F>\n    \u003Ccode>php\u003Cbr \u002F>\ndefine('WP_DEBUG', true);\u003Cbr \u002F>\ndefine('WP_DEBUG_LOG', true);\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to third-party external services when certain functionalities are enabled. This section documents what data is sent, when it’s sent, and where it goes.\u003C\u002Fp>\n\u003Ch3>Google Analytics\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What it is:\u003C\u002Fstrong> Google Analytics is a web analytics service provided by Google LLC that tracks and reports website traffic and user behavior.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it’s used for:\u003C\u002Fstrong> This plugin integrates Google Analytics 4 (GA4) to track website visitors, page views, user interactions, and other analytics data when the Google Analytics functionality is enabled.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003Cbr \u002F>\n– The plugin loads the Google Analytics tracking script from \u003Ccode>googletagmanager.com\u003C\u002Fcode> on every page load when the functionality is enabled\u003Cbr \u002F>\n– Google Analytics automatically collects visitor data including: IP address, page URLs, referrer information, browser and device information, geographic location (derived from IP), and user interactions (clicks, scrolls, form submissions, etc.)\u003Cbr \u002F>\n– Data is sent to Google’s servers each time a page is viewed by a visitor\u003Cbr \u002F>\n– The data collection is controlled by Google Analytics and follows Google’s data collection practices\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service provider:\u003C\u002Fstrong> Google LLC\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fmarketingplatform.google.com\u002Fabout\u002Fanalytics\u002Fterms\u002F\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This functionality is optional and only active when explicitly enabled in the plugin settings. You can disable it at any time through the plugin’s admin interface.\u003C\u002Fp>\n\u003Ch3>Ahrefs Analytics\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What it is:\u003C\u002Fstrong> Ahrefs Analytics is a web analytics service provided by Ahrefs Pte. Ltd. that tracks and reports website traffic and user behavior.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it’s used for:\u003C\u002Fstrong> This plugin integrates Ahrefs Analytics to track website visitors, page views, and other analytics data when the Ahrefs Analytics functionality is enabled.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003Cbr \u002F>\n– The plugin loads the Ahrefs Analytics tracking script from \u003Ccode>analytics.ahrefs.com\u003C\u002Fcode> on every page load when the functionality is enabled\u003Cbr \u002F>\n– Ahrefs Analytics automatically collects visitor data including: IP address, page URLs, referrer information, browser and device information, and user interactions\u003Cbr \u002F>\n– Data is sent to Ahrefs’ servers each time a page is viewed by a visitor\u003Cbr \u002F>\n– The data collection is controlled by Ahrefs Analytics and follows Ahrefs’ data collection practices\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service provider:\u003C\u002Fstrong> Ahrefs Pte. Ltd.\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fahrefs.com\u002Fterms\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fahrefs.com\u002Fprivacy\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This functionality is optional and only active when explicitly enabled in the plugin settings. You can disable it at any time through the plugin’s admin interface.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, feature requests, or bug reports, please contact:\u003Cbr \u002F>\n– \u003Cstrong>Email:\u003C\u002Fstrong> support@amoos.ro\u003Cbr \u002F>\n– \u003Cstrong>Website:\u003C\u002Fstrong> https:\u002F\u002Famoos.ro\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL v2 or later.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Font Awesome icons by Fonticons, Inc.\u003C\u002Fli>\n\u003Cli>WordPress hooks and filters\u003C\u002Fli>\n\u003Cli>jQuery for admin interface enhancements\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>Contributions are welcome! Please feel free to submit pull requests or open issues for bugs and feature requests.\u003C\u002Fp>\n\u003Ch3>Roadmap\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[ ] Additional analytics providers\u003C\u002Fli>\n\u003Cli>[ ] More floating icon options\u003C\u002Fli>\n\u003Cli>[ ] Advanced SEO features\u003C\u002Fli>\n\u003Cli>[ ] Performance monitoring\u003C\u002Fli>\n\u003Cli>[ ] Multi-language support\u003C\u002Fli>\n\u003Cli>[ ] Import\u002FExport settings\u003C\u002Fli>\n\u003Cli>[ ] White-label options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Made with ❤️ by Amoos\u003C\u002Fstrong>\u003C\u002Fp>\n","A comprehensive WordPress plugin that provides multiple functionalities for your website, all manageable from a single admin interface.",103,"2026-02-02T09:33:00.000Z","5.0",[135,136,137,19,20],"analytics","contact","functionality","https:\u002F\u002Famoos.ro\u002Fplugins\u002Famoos-functionality-suite","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Famoos-functionality-suite.1.1.0.zip","2026-03-15T14:54:45.397Z",{"attackSurface":142,"codeSignals":163,"taintFlows":215,"riskAssessment":234,"analyzedAt":243},{"hooks":143,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":11,"unprotectedCount":11},[144,150,154,156],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_enqueue_scripts","anonymous","little-free-archive-freshener.php",32,{"type":145,"name":151,"callback":147,"file":152,"line":153},"admin_init","options.php",5,{"type":145,"name":151,"callback":147,"file":155,"line":153},"widget.php",{"type":145,"name":157,"callback":147,"file":155,"line":158},"wp_dashboard_setup",23,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":58,"bundledLibraries":214},[],{"prepared":11,"raw":11,"locations":166},[],{"escaped":168,"rawEcho":169,"locations":170},4,22,[171,174,176,178,180,182,184,186,188,190,192,194,196,197,199,201,203,204,206,208,210,212],{"file":152,"line":172,"context":173},44,"raw output",{"file":152,"line":175,"context":173},50,{"file":152,"line":177,"context":173},51,{"file":152,"line":179,"context":173},66,{"file":152,"line":181,"context":173},67,{"file":152,"line":183,"context":173},68,{"file":152,"line":185,"context":173},74,{"file":152,"line":187,"context":173},85,{"file":152,"line":189,"context":173},87,{"file":155,"line":191,"context":173},79,{"file":155,"line":193,"context":173},80,{"file":155,"line":195,"context":173},81,{"file":155,"line":189,"context":173},{"file":155,"line":198,"context":173},89,{"file":155,"line":200,"context":173},90,{"file":155,"line":202,"context":173},102,{"file":155,"line":131,"context":173},{"file":155,"line":205,"context":173},104,{"file":155,"line":207,"context":173},183,{"file":155,"line":209,"context":173},186,{"file":155,"line":211,"context":173},191,{"file":155,"line":213,"context":173},193,[],[216],{"entryPoint":217,"graph":218,"unsanitizedCount":11,"severity":233},"\u003Cwidget> (widget.php:0)",{"nodes":219,"edges":230},[220,225],{"id":221,"type":222,"label":223,"file":155,"line":224},"n0","source","$_GET (x2)",9,{"id":226,"type":227,"label":228,"file":155,"line":193,"wp_function":229},"n1","sink","echo() [XSS]","echo",[231],{"from":221,"to":226,"sanitized":232},true,"low",{"summary":235,"deductions":236},"The \"little-free-archive-freshener\" v1.0.2 plugin demonstrates a strong security posture in several key areas. The static analysis reveals no identified attack surface points, meaning there are no directly exposed AJAX handlers, REST API routes, shortcodes, or cron events that could be directly accessed by unauthenticated users. Furthermore, the absence of dangerous functions, external HTTP requests, and file operations significantly reduces the potential for common web vulnerabilities. The code also utilizes prepared statements for all SQL queries, a critical practice for preventing SQL injection. The presence of a capability check, though singular, indicates an attempt at access control.\n\nHowever, the most significant concern lies in the output escaping. With 15% of outputs properly escaped out of 26 total, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Any dynamic content displayed to users that is not correctly escaped could be manipulated by attackers to inject malicious scripts. The lack of nonce checks is also a notable weakness, particularly if any actions are performed without proper authorization checks tied to these capabilities. The plugin's vulnerability history, showing zero recorded CVEs, is positive but should be viewed in conjunction with the identified code weaknesses, as these could be potential vectors for undiscovered vulnerabilities.\n\nIn conclusion, while the plugin avoids many common attack vectors and demonstrates good practices in areas like SQL security and attack surface minimization, the poor handling of output escaping presents a clear and present danger for XSS. The absence of nonce checks further amplifies this risk. Addressing the output escaping and implementing nonce checks where appropriate should be the highest priority for improving the plugin's security.",[237,240],{"reason":238,"points":239},"Low output escaping percentage",12,{"reason":241,"points":242},"Missing nonce checks",7,"2026-03-17T06:22:25.303Z",{"wat":245,"direct":252},{"assetPaths":246,"generatorPatterns":248,"scriptPaths":249,"versionParams":250},[247],"\u002Fwp-content\u002Fplugins\u002Flittle-free-archive-freshener\u002Fadmin.js",[],[247],[251],"little-free-archive-freshener\u002Fadmin.js?ver=",{"cssClasses":253,"htmlComments":254,"htmlAttributes":255,"restEndpoints":256,"jsGlobals":257,"shortcodeOutput":258},[],[],[],[],[],[]]