[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZGL7psll8C2LyEkMv4QsFosWPHd-6SYxb1LxpQaydoE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":138,"fingerprints":177},"logged-in-users","Logged In Users","1.0","Pluginaid","https:\u002F\u002Fprofiles.wordpress.org\u002Fauthorityaid\u002F","\u003Cp>Adds a dashboard widget displaying a list of users currently logged in to your site. Useful for monitoring live user activity and session management.\u003C\u002Fp>\n","Adds a dashboard widget showing which users are currently logged in.",0,339,"","6.3.8","4.7","7.0",[18,19,20,21],"dashboard","logged-in","session","users","https:\u002F\u002Fpluginaid.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogged-in-users.1.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"authorityaid",3,30,94,"2026-04-05T14:22:52.563Z",[35,57,77,95,116],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":13,"tags":50,"homepage":54,"download_link":55,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":56},"user-access-shortcodes","User Access Shortcodes","2.3","WP Darko","https:\u002F\u002Fprofiles.wordpress.org\u002Fspwebguy\u002F","\u003Cp>This is the simplest way of controlling who sees what in your posts\u002Fpages. This plugin allows you to restrict content to logged in users only (or guests, or by roles) with simple shortcodes. What you see is what you get, and it’s totally free.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Show content only for Guests\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_guest]\nThis content can only be seen by guests.\n[\u002FUAS_guest]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content only for Registered\u002FLogged in users\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_loggedin]\nThis content can only be seen by logged in users.\n[\u002FUAS_loggedin]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content ony for specific roles\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_role roles=\"administrator, editor\"]\nThis content can only be seen by administrators and editors.\n[\u002FUAS_role]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content ony for specific users\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_specific ids=\"23, 127\"]\nThis content can only be seen by users with IDs 23 and 127.\n[\u002FUAS_specific]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Several extra parameters are available, please go to \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\u002Fget-started-with-the-user-access-shortcodes-plugin\u002F\" rel=\"nofollow ugc\">the plugin’s documentation\u003C\u002Fa> if you need more information on how to use this plugin.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Find help on \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\" rel=\"nofollow ugc\">our support platform\u003C\u002Fa> for this plugin (we’ll answer you fast, promise).\u003C\u002Fp>\n","The simplest way of controlling who sees what in your posts\u002Fpages. Restrict content to logged in users only (or guests, or by roles) with simple short &hellip;",1000,23406,98,13,"2026-01-29T19:32:00.000Z","6.9.4","3.6",[51,52,19,53,21],"access-shortcodes","logged","user","https:\u002F\u002Fwpdarko.com\u002Fsupport\u002Fget-started-with-the-user-access-shortcodes-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-access-shortcodes.2.3.zip","2026-03-15T15:16:48.613Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":32,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":13,"tags":71,"homepage":13,"download_link":75,"security_score":76,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":56},"user-session-control","User Session Control","0.3.1","Frankie Jarrett","https:\u002F\u002Fprofiles.wordpress.org\u002Ffjarrett\u002F","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fuser-session-control\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WordPress 4.1 “Dinah” introduced the awesome power of user session management.\u003C\u002Fp>\n\u003Cp>However, you are limited to only being able to destroy your own sessions, and you cannot destroy them individually.\u003C\u002Fp>\n\u003Cp>This plugin allows Administrators to view and manage all sessions by all users on an individual basis.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays a custom “God view” screen of all active user sessions\u003C\u002Fli>\n\u003Cli>Sort sessions by user, role, creation date, expiry date or IP address\u003C\u002Fli>\n\u003Cli>Quickly and easily destroy sessions you think may be a security risk\u003C\u002Fli>\n\u003Cli>Respects the timezone, date format and time format saved under General Settings\u003C\u002Fli>\n\u003Cli>View all user sessions from all blogs on your network via the Network Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Deutsch\u003C\u002Fli>\n\u003Cli>Español\u003C\u002Fli>\n\u003Cli>Français\u003C\u002Fli>\n\u003Cli>Português\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","View and manage all active user sessions in a custom admin screen.",700,10133,7,"2016-12-23T19:25:00.000Z","4.7.32","4.1",[72,73,74,21],"login","security","sessions","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.3.1.zip",85,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":24,"downloaded":85,"rating":24,"num_ratings":86,"last_updated":87,"tested_up_to":48,"requires_at_least":88,"requires_php":16,"tags":89,"homepage":93,"download_link":94,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":56},"admin-users-logged-in","Admin Users Logged In","1.0.6","Marcel Pol","https:\u002F\u002Fprofiles.wordpress.org\u002Fmpol\u002F","\u003Cp>Dashboard widget that shows admin users and when they were last logged in.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>This plugin is compatible with \u003Ca href=\"https:\u002F\u002Fwww.classicpress.net\" rel=\"nofollow ugc\">ClassicPress\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contributions\u003C\u002Fh4>\n\u003Cp>This plugin is also available in\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcodeberg.org\u002Fcyclotouriste\u002Fadmin-users-logged-in\" rel=\"nofollow ugc\">Codeberg\u003C\u002Fa>.\u003C\u002Fp>\n","Dashboard widget that shows admin users and when they were last logged in.",3834,1,"2026-01-10T09:18:00.000Z","4.4",[90,91,92],"admin-users","dashboard-widget","last-login","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-users-logged-in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-users-logged-in.1.0.6.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":11,"num_ratings":11,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":108,"tags":109,"homepage":114,"download_link":115,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":56},"user-timer","User Timer","0.1.3","sosidee","https:\u002F\u002Fprofiles.wordpress.org\u002Fsosidee\u002F","\u003Cp>User Timer tracks how long logged-in users stay active on your site. It checks at regular intervals if the user’s browser is still open on any page. You can set the check interval (in minutes), and choose which user roles to monitor.\u003C\u002Fp>\n\u003Cp>Useful for understanding how long users engage with your site — for example, measuring admin working time, member activity, or student engagement on e-learning platforms.\u003C\u002Fp>\n\u003Cp>Collected data can be filtered by date range and exported to CSV, showing total time (in minutes) per user.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Main features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set check interval (in minutes)\u003C\u002Fli>\n\u003Cli>Enable tracking by user role\u003C\u002Fli>\n\u003Cli>Filter data by date range\u003C\u002Fli>\n\u003Cli>Export results to CSV\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Go to \u003Cstrong>Tools > User Timer\u003C\u002Fstrong>. Set the interval and select which user roles to track. The plugin will start logging active time.\u003C\u002Fp>\n","Tracks the activity of logged-in users by measuring how long their browser stays active on the site.",20,570,"2025-04-11T15:07:00.000Z","6.7.5","5.9","8.0",[110,4,111,112,113],"analytics","usage-tracking","user-activity","user-tracking","https:\u002F\u002Fsosplugin.com\u002Fwp-shelly\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-timer.0.1.3.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":24,"num_ratings":86,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":13,"tags":129,"homepage":135,"download_link":136,"security_score":76,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":137},"kings-different-content-for-members","Kings Different Content for Members","1.0.1","Saif","https:\u002F\u002Fprofiles.wordpress.org\u002Fkingsrrf\u002F","\u003Cp>This will add allow you to show some content to the general visitors, which the logged in users can’t see. On the other hand, you can also show some contents to the logged in users only, which general visitors can’t see.\u003C\u002Fp>\n\u003Cp>\u003Cstrong> Features: \u003C\u002Fstrong>\u003Cbr \u002F>\n1. Ultra light plugin, only around 2 KB. \u003Cbr \u002F>\n2. Show some contents only to the general visitors, which logged in users can’t see.  \u003Cbr \u002F>\n3. Show some contents only to the logged in users, which general visitors can’t see.  \u003Cbr \u002F>\n4. Show all other contents to all the visitors, regardless of their login state.  \u003Cbr \u002F>\n5. Use this shortcode as many times as you want, anywhere in any of your websites.  \u003C\u002Fp>\n\u003Cp>\u003Cstrong> Usage: \u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Here’s a step by step user manual:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install the plugin. (Find the instructions in the “Installation” section.)\u003C\u002Fli>\n\u003Cli>Use the shortcode to show contents (text\u002Fimages\u002Fvideos\u002F etc) only to the logged in users: \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cpre>[logged-in] YOUR CONTENT FOR LOGGED IN USERS HERE [\u002Flogged-in]\u003C\u002Fpre>\n\u003Cp>Note: general visitors, who are not logged in can’t see this content. \u003Cbr \u002F>\n3. Use the shortcode to show contents (text\u002Fimages\u002Fvideos\u002F etc) only to the general visitors:\u003C\u002Fp>\n\u003Cpre>[general-content] YOUR CONTENT FOR LOGGED IN USERS HERE [\u002Fgeneral-content]\u003C\u002Fpre>\n\u003Cp>Note: logged in users can’t see this content.\u003C\u002Fp>\n\u003Cp>You can use this short code as many times as you want.\u003C\u002Fp>\n","This will add allow you to show different texts only for logged in users, while normal texts for normal visitors.",10,1703,"2014-06-09T07:57:00.000Z","3.9.40","3.0.1",[130,131,132,133,134],"logged-in-content","logged-in-only-content","members-only-content","restricted-contents","view-content-to-logged-in-users","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkings-different-content-for-members\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkings-different-content-for-members.zip","2026-03-15T14:54:45.397Z",{"attackSurface":139,"codeSignals":151,"taintFlows":164,"riskAssessment":165,"analyzedAt":176},{"hooks":140,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":11,"unprotectedCount":11},[141],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","wp_dashboard_setup","liu_add_dashboard_widget","logged-in-users.php",21,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":155,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":163},[],{"prepared":11,"raw":11,"locations":154},[],{"escaped":156,"rawEcho":156,"locations":157},2,[158,161],{"file":145,"line":159,"context":160},33,"raw output",{"file":145,"line":162,"context":160},58,[],[],{"summary":166,"deductions":167},"The \"logged-in-users\" v1.0 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any identified dangerous functions, raw SQL queries, file operations, or external HTTP requests, combined with 100% prepared statement usage for SQL, suggests good development practices.  Furthermore, the lack of any known CVEs, past or present, and no recorded vulnerability history is a significant positive indicator of its security.  The plugin's attack surface is currently zero, meaning there are no entry points identified, which drastically reduces the immediate risk of exploitation. \n\nHowever, there are some areas for concern. The presence of 50% unescaped output for the four identified output points indicates a potential for Cross-Site Scripting (XSS) vulnerabilities. While the attack surface is zero at present, this could change with future updates. The complete absence of nonce checks and capability checks on any identified entry points (even if zero are currently present) is a missed opportunity for robust security and could become a significant weakness if any entry points are added in future versions. The zero taint analysis flows with unsanitized paths is excellent, but this is in conjunction with zero analyzed flows, making it hard to definitively state its taint flow security. \n\nIn conclusion, the plugin is currently in a very secure state with no known vulnerabilities and a zero attack surface. The primary weakness lies in the handling of output and the lack of built-in security checks like nonces and capability checks, which, while not exploitable currently, represent potential future risks. Developers should address the unescaped output and consider implementing these checks as the plugin evolves.",[168,171,174],{"reason":169,"points":170},"Unescaped output identified",6,{"reason":172,"points":173},"Missing nonce checks on potential entry points",5,{"reason":175,"points":173},"Missing capability checks on potential entry points","2026-03-17T05:57:31.567Z",{"wat":178,"direct":183},{"assetPaths":179,"generatorPatterns":180,"scriptPaths":181,"versionParams":182},[],[],[],[],{"cssClasses":184,"htmlComments":185,"htmlAttributes":186,"restEndpoints":187,"jsGlobals":188,"shortcodeOutput":189},[],[],[],[],[],[190],"\u003Cli>%s \u003Csmall>(%s)\u003C\u002Fsmall>\u003C\u002Fli>"]