[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5oDmB2PeriMzBid4oeUZx262y14aQ2MD9ge6hFU3cS8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":141,"fingerprints":481},"login-as-user","Login as User","1.6.8","Yiannis Christodoulou","https:\u002F\u002Fprofiles.wordpress.org\u002Fyiannistaos\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.web357.com\u002Flogin-as-user-wordpress-plugin?utm_source=wp_plugin_repo&utm_medium=wp_listing&utm_campaign=wp_repo_link&utm_content=wp_repo_link_to_plugin_page\" rel=\"nofollow ugc\">Login as a User WordPress plugin\u003C\u002Fa> \u003Cstrong>allows admins to have easy access to the frontend as a specific user\u003C\u002Fstrong> and thus solve problems or provide better and faster customer support. \u003Cstrong>With one click\u003C\u002Fstrong>, the admin logs in as the external user or customer and handles any situation without wasting any time at all. If you want a WordPress plugin to switch accounts in an instant, Login as User is for you.\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Flogin-as-user-wordpress-demo.web357.com\u002Fwp-admin\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    Username: demo_admin\n    Password: demo_password\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Video Description\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FOrptAiAQo04?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Basic Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>In the Admin area, you select Users in the left-hand side menu and click All Users in the sub-menu. Now, all users of your website appear on the screen along with the Login as… button besides each name. You can click the button of the user you want to switch account.\u003C\u002Fli>\n\u003Cli>Are you in a user’s profile and want to login as this user? Just click the button Login as:… at the top left-hand side and you will be able to check data and help this specific user with any problem.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Positioning\u003C\u002Fstrong>: You can choose the position of the “Login as user” toolbar. There are two available positions, the top and the bottom.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite support\u003C\u002Fstrong>: Allows administrators to log in as any user across the network without needing SuperAdmin privileges. \u003C\u002Fli>\n\u003Cli>Compatible with the “User Insights” WordPress plugin. You just have to add a custom field with the name “loginasuser”.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>PRO Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WooCommerce Integration\u003C\u002Fstrong>: Are you using the WooCommerce plugin? In the orders page, the Login as user button appears besides each customer to help you provide better customer support.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Subscriptions Integration\u003C\u002Fstrong>: Is one of your customers having trouble with their order? Do you want to check the details of a customer’s order? You can easily check the customer’s problem from his\u002Fher perspective by switching with the Login as User button in the WooCommerce order details page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.web357.com\u002Farticle\u002F118-role-management-permissions-in-login-as-user-plugin-pro-only?utm_source=wp_plugin_repo&utm_medium=wp_listing&utm_campaign=wp_repo_link&utm_content=wp_repo_link_to_plugin_page\" rel=\"nofollow ugc\">Role Management Permissions\u003C\u002Fa>\u003C\u002Fstrong>: The “Role Management Permissions” parameter in the “Login as User” plugin allows administrators to define which roles have the ability to manage (log in as) users of other roles. This feature enhances security and control by limiting the login-as-user capability to specific roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.web357.com\u002Farticle\u002F102-shortcode-login-as-user?utm_source=wp_plugin_repo&utm_medium=wp_listing&utm_campaign=wp_repo_link&utm_content=wp_repo_link_to_plugin_page\" rel=\"nofollow ugc\">Shortcode\u003C\u002Fa>\u003C\u002Fstrong>: You can use the shortcode [login_as_user user_id=”357″] to display the login as user button everywhere, event at the frontend. You just have to specify the user ID in the attribute.\u003C\u002Fli>\n\u003C\u002Ful>\n","Login as User is a free WordPress plugin that helps admins switch user accounts instantly to check data.",30000,514356,96,40,"2026-02-03T10:42:00.000Z","6.9.4","5.3","7.4",[20,21,4,22,23],"admin","login","user","web357","https:\u002F\u002Fwww.web357.com\u002Flogin-as-user-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-as-user.1.6.8.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"yiannistaos",4,30460,94,19,90,"2026-04-04T15:22:16.891Z",[40,63,83,101,120],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":26,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":60,"download_link":61,"security_score":62,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"masquerade","Masquerade","1.01","jrking4","https:\u002F\u002Fprofiles.wordpress.org\u002Fjrking4\u002F","\u003Cp>This plugin adds an option to the User List in the admin area where you can click “Masquerade as User”, you will be automatically logged in as that user and redirected to the home page.\u003C\u002Fp>\n","Adds a link to users.php that allows an administrator to login as that user without knowing the password.",70,2230,1,"2012-06-18T18:45:00.000Z","3.3.2","2.8","",[56,57,4,58,59],"admin-login","admin-login-as-user","masquerade-as-user","user-login","http:\u002F\u002Fcastle-creative.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmasquerade.1.01.zip",85,{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":54,"tags":78,"homepage":81,"download_link":82,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-last-login","WP Last Login","7","Konstantin Obenland","https:\u002F\u002Fprofiles.wordpress.org\u002Fobenland\u002F","\u003Cp>This plugin adds an extra column to the users overview with the date of the last login for each user.\u003Cbr \u002F>\nAdditionally, users can be sorted by the date of their last login.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>I will be more than happy to update the plugin with new locales, as soon as I receive them!\u003Cbr \u002F>\nCurrently available in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Arabic\u003C\u002Fli>\n\u003Cli>Chinese\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Italian\u003C\u002Fli>\n\u003Cli>Japanese\u003C\u002Fli>\n\u003Cli>Nederlands\u003C\u002Fli>\n\u003Cli>Norwegian (bokmål)\u003C\u002Fli>\n\u003Cli>Polish\u003C\u002Fli>\n\u003Cli>Portuguese\u003C\u002Fli>\n\u003Cli>Rumanian\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin Filter Hooks\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>wpll_current_user_can\u003C\u002Fstrong> (\u003Cem>boolean\u003C\u002Fem>)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Whether the column is supposed to be shown.\u003Cbr \u002F>\n  Default: true\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>wpll_date_format\u003C\u002Fstrong> (\u003Cem>string\u003C\u002Fem>)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>The date format string for the date output.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Make the last login for each user visible in the user overview.",10000,152316,74,25,"2025-04-28T14:50:00.000Z","6.8.5","3.1",[20,79,21,80,22],"last-login","login-time","http:\u002F\u002Fen.wp.obenland.it\u002Fwp-last-login\u002F#utm_source=wordpress&utm_medium=plugin&utm_campaign=wp-last-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-last-login.7.zip",{"slug":84,"name":85,"version":86,"author":67,"author_profile":68,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":54,"tags":96,"homepage":99,"download_link":100,"security_score":62,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-approve-user","WP Approve User","11","\u003Cp>This plugin lets you approve or reject user registrations.\u003Cbr \u002F>\nWhile a user is unapproved, they can’t access the WordPress Admin.\u003C\u002Fp>\n\u003Cp>On activation of the plugin, all existing users will automatically be flagged Approved. The site admin will never experience restricted access and does not need approval.\u003Cbr \u002F>\nThis plugin is probably not compatible with WooCommerce.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>I will be more than happy to update the plugin with new locales, as soon as I receive them!\u003Cbr \u002F>\nCurrently available in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>Deutsch\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Hebrew\u003C\u002Fli>\n\u003Cli>Persian\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Hooks\u003C\u002Fh4>\n\u003Ch3>Actions\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>wpau_approve\u003C\u002Fstrong> (\u003Cem>int\u003C\u002Fem>)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>User-ID of approved user.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>wpau_unapprove\u003C\u002Fstrong> (\u003Cem>int\u003C\u002Fem>)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>User-ID of unapproved user.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Filter\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>wpau_default_options\u003C\u002Fstrong> (\u003Cem>array\u003C\u002Fem>)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Default options.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>wpau_update_message_handler\u003C\u002Fstrong> (\u003Cem>string\u003C\u002Fem>)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Allows to return custom update messages.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>wpau_message_placeholders\u003C\u002Fstrong> (\u003Cem>array\u003C\u002Fem>)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Filters the placeholders in approve\u002Funapprove emails.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Adds action links to user table to approve or unapprove user registrations.",3000,103941,84,41,"2024-01-03T18:18:00.000Z","6.4.8","4.3",[20,97,21,22,98],"approve","user-management","http:\u002F\u002Fen.wp.obenland.it\u002Fwp-approve-user\u002F#utm_source=wordpress&utm_medium=plugin&utm_campaign=wp-approve-user","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-approve-user.11.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":91,"num_ratings":111,"last_updated":112,"tested_up_to":76,"requires_at_least":113,"requires_php":54,"tags":114,"homepage":118,"download_link":119,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-user-login-notifier","User Login Notifier for WordPress","1.0.7","BuddyDev","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuddydev\u002F","\u003Cp>User Login notifier for WordPress notifies site admin and the users on a WordPress site when a user logs in succesfully or the login attempt is failed.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Notify site admin of a user login\u003C\u002Fli>\n\u003Cli>Notify the user of their successful login to a site\u003C\u002Fli>\n\u003Cli>Notify Site admin when a user login attempt is failed\u003C\u002Fli>\n\u003Cli>Notify User when his\u002Fher account login is failed\u003C\u002Fli>\n\u003Cli>Admin can setup if the user gets notified or not from the settings page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The purpose of this plugin is to keep track of all the successful and failed login attempts on a WordPress Site.\u003C\u002Fp>\n\u003Cp>Please visit \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fwordpress\u002Fintroducing-wordpress-user-login-notification-plugin\u002F\" title=\"Plugin release post\" rel=\"nofollow ugc\">BuddyDev\u003C\u002Fa> for more details\u003C\u002Fp>\n","User Login Notifier plugin notifies WordPress site admin and users of the successful and failed login attempts via email.",1000,24703,5,"2025-09-23T07:06:00.000Z","5.0",[115,116,21,117,22],"admin-notification","failed-login","login-notification","https:\u002F\u002FbuddyDev.com\u002Fplugins\u002Fwp-user-login-notifier\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-user-login-notifier.1.0.7.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":54,"tags":135,"homepage":139,"download_link":140,"security_score":62,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"chap-secure-login","Chap Secure Password Login","1.6.6","Enrico Rossomando","https:\u002F\u002Fprofiles.wordpress.org\u002Fredsend\u002F","\u003Cp>Whenever you try to login into your website, you can use this plugin to trasmit your password encrypted. The encryption process is done by the Chap protocol; this is particularly useful when you can’t use ssl or other kinds of secure protocols. By activating the ChapSecureLogin plugin, the only information transmitted unencrypted is the username; password is hided with a random number (nonce) generated by the session – and opportunely transformed by the SHA-256 algorithm.\u003Cbr \u002F>\nIn the first login there will be an error, but don’t worry is only a tecnical error. Indeed in the next login’s operation, if the values are correct, there will not be errors, but you give mind because the password will sended in unencrypted way.\u003Cbr \u002F>\nIf you want more details about this algorithm, check \u003Ca href=\"http:\u002F\u002Fwww.devarticles.com\u002Fc\u002Fa\u002FJavaScript\u002FBuilding-a-CHAP-Login-System-An-ObjectOriented-Approach\u002F\" rel=\"nofollow ugc\">“Building a CHAP Login System”\u003C\u002Fa>.\u003Cbr \u002F>\nThis is a zero-configuration plugin.\u003C\u002Fp>\n\u003Cp>Enrico Rossomando (redsend) this is my blog about programming, gaming and startup > \u003Ca href=\"https:\u002F\u002Fwww.mrred.it\u002F\" title=\"Blog about programming, gaming and startup\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.mrred.it\u003C\u002Fa>\u003C\u002Fp>\n","Do not show password, during login, on an insecure channel (without SSL). Use a SHA-256 hash algorithm.",700,58331,62,8,"2020-06-07T08:21:00.000Z","5.4.19","2.5",[20,21,136,137,138],"password","privacy","username","https:\u002F\u002Fwww.mrred.it\u002Fchap-secure-login-a-wordpress-plugin-for-secure-password-authentication\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchap-secure-login.1.6.6.zip",{"attackSurface":142,"codeSignals":357,"taintFlows":443,"riskAssessment":473,"analyzedAt":480},{"hooks":143,"ajaxHandlers":349,"restRoutes":350,"shortcodes":351,"cronEvents":356,"entryPointCount":50,"unprotectedCount":27},[144,150,153,155,158,161,164,166,172,176,180,184,187,191,195,200,204,208,211,215,218,222,226,230,233,236,239,241,243,245,247,250,254,257,259,261,265,268,272,276,279,284,288,291,295,297,301,305,309,312,316,319,321,323,325,329,332,335,337,339,340,343,345],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","plugins_loaded","anonymous","includes\\class-main.php",138,{"type":145,"name":151,"callback":147,"file":148,"line":152},"admin_enqueue_scripts",152,{"type":145,"name":151,"callback":147,"file":148,"line":154},153,{"type":145,"name":156,"callback":147,"file":148,"line":157},"admin_menu",157,{"type":145,"name":159,"callback":147,"file":148,"line":160},"admin_init",158,{"type":145,"name":162,"callback":147,"file":148,"line":163},"wp_enqueue_scripts",174,{"type":145,"name":162,"callback":147,"file":148,"line":165},175,{"type":167,"name":168,"callback":169,"priority":170,"file":171,"line":92},"filter","user_has_cap","filter_user_has_cap",10,"includes\\class-w357-login-as-user.php",{"type":167,"name":173,"callback":174,"priority":170,"file":171,"line":175},"map_meta_cap","filter_map_meta_cap",42,{"type":145,"name":177,"callback":178,"file":171,"line":179},"init","action_init",43,{"type":145,"name":181,"callback":182,"file":171,"line":183},"wp_logout","login_as_user_clear_olduser_cookie",44,{"type":145,"name":185,"callback":182,"file":171,"line":186},"wp_login",45,{"type":167,"name":188,"callback":189,"priority":50,"file":171,"line":190},"wp_head","login_message_style",46,{"type":167,"name":192,"callback":193,"priority":50,"file":171,"line":194},"wp_footer","add_login_message",47,{"type":145,"name":196,"callback":197,"priority":198,"file":171,"line":199},"admin_bar_menu","login_as_user_link_back_link_on_toolbar",999,48,{"type":167,"name":201,"callback":202,"file":171,"line":203},"removable_query_args","filter_removable_query_args",49,{"type":145,"name":205,"callback":206,"file":171,"line":207},"personal_options","w357_personal_options",50,{"type":145,"name":162,"callback":209,"file":171,"line":210},"enqueue_styles",51,{"type":167,"name":212,"callback":213,"priority":109,"file":171,"line":214},"usin_user_db_data","usin_user_db_loginasuser",52,{"type":167,"name":216,"callback":213,"priority":109,"file":171,"line":217},"usin_single_user_db_data",53,{"type":167,"name":219,"callback":220,"priority":109,"file":171,"line":221},"usin_fields","usin_fields_loginasuser",54,{"type":145,"name":223,"callback":224,"file":171,"line":225},"admin_notices","disableFreeVersionNotice",58,{"type":167,"name":227,"callback":228,"priority":198,"file":171,"line":229},"woocommerce_clear_cart_on_logout","__return_false",217,{"type":167,"name":231,"callback":228,"priority":198,"file":171,"line":232},"woocommerce_clear_cart_on_login",218,{"type":167,"name":234,"callback":228,"priority":198,"file":171,"line":235},"woocommerce_clear_cart_on_new_login",219,{"type":167,"name":227,"callback":237,"priority":198,"file":171,"line":238},"closure",221,{"type":167,"name":227,"callback":228,"priority":198,"file":171,"line":240},293,{"type":167,"name":231,"callback":228,"priority":198,"file":171,"line":242},294,{"type":167,"name":234,"callback":228,"priority":198,"file":171,"line":244},295,{"type":167,"name":227,"callback":237,"priority":198,"file":171,"line":246},297,{"type":167,"name":248,"callback":237,"file":171,"line":249},"body_class",495,{"type":167,"name":251,"callback":147,"priority":252,"file":171,"line":253},"attach_session_information",99,1097,{"type":167,"name":227,"callback":228,"priority":255,"file":171,"line":256},9999,1231,{"type":167,"name":231,"callback":228,"priority":255,"file":171,"line":258},1232,{"type":167,"name":234,"callback":228,"priority":255,"file":171,"line":260},1233,{"type":167,"name":262,"callback":263,"priority":255,"file":171,"line":264},"woocommerce_persistent_cart_enabled","__return_true",1236,{"type":145,"name":185,"callback":266,"priority":50,"file":171,"line":267},"initWooCommerceCartAfterLogin",1239,{"type":145,"name":269,"callback":270,"file":171,"line":271},"woocommerce_cart_updated","backupWooCommerceCart",1242,{"type":145,"name":273,"callback":274,"file":171,"line":275},"template_redirect","restoreWooCommerceCartIfEmpty",1245,{"type":145,"name":177,"callback":277,"priority":111,"file":171,"line":278},"initialize_w357_login_as_user",1330,{"type":167,"name":280,"callback":281,"file":282,"line":283},"mepr-admin-members-cols","loginasuser_col","includes\\integrations\\class-memberpress.php",11,{"type":167,"name":285,"callback":286,"priority":170,"file":282,"line":287},"mepr_members_list_table_row","loginasuser_members_cell",12,{"type":167,"name":289,"callback":281,"file":282,"line":290},"mepr-admin-subscriptions-cols",15,{"type":167,"name":292,"callback":293,"priority":170,"file":282,"line":294},"mepr-admin-subscriptions-cell","loginasuser_subscriptions_cell",16,{"type":167,"name":296,"callback":281,"file":282,"line":36},"mepr-admin-transactions-cols",{"type":167,"name":298,"callback":299,"priority":170,"file":282,"line":300},"mepr-admin-transactions-cell","loginasuser_transactions_cell",20,{"type":167,"name":302,"callback":281,"priority":170,"file":303,"line":304},"manage_sc-orders_columns","includes\\integrations\\class-surecart.php",13,{"type":167,"name":306,"callback":307,"priority":170,"file":303,"line":308},"manage_sc-orders_custom_column","loginasuser_col_content_order",14,{"type":167,"name":310,"callback":281,"priority":170,"file":303,"line":311},"manage_sc-customers_columns",17,{"type":167,"name":313,"callback":314,"priority":170,"file":303,"line":315},"manage_sc-customers_custom_column","loginasuser_col_content",18,{"type":167,"name":317,"callback":281,"priority":109,"file":318,"line":304},"woocommerce_shop_subscription_list_table_columns","includes\\integrations\\class-woocommerce-subscriptions.php",{"type":145,"name":320,"callback":314,"priority":170,"file":318,"line":308},"woocommerce_shop_subscription_list_table_custom_column",{"type":167,"name":322,"callback":281,"priority":109,"file":318,"line":311},"manage_edit-shop_subscription_columns",{"type":145,"name":324,"callback":314,"priority":170,"file":318,"line":315},"manage_shop_subscription_posts_custom_column",{"type":145,"name":326,"callback":327,"file":318,"line":328},"add_meta_boxes","add_login_as_user_metabox",21,{"type":167,"name":330,"callback":281,"priority":109,"file":331,"line":304},"manage_woocommerce_page_wc-orders_columns","includes\\integrations\\class-woocommerce.php",{"type":145,"name":333,"callback":334,"priority":170,"file":331,"line":308},"manage_woocommerce_page_wc-orders_custom_column","loginasuser_col_content_hp",{"type":167,"name":336,"callback":281,"priority":109,"file":331,"line":311},"manage_edit-shop_order_columns",{"type":145,"name":338,"callback":314,"priority":170,"file":331,"line":315},"manage_shop_order_posts_custom_column",{"type":145,"name":326,"callback":327,"file":331,"line":328},{"type":167,"name":341,"callback":281,"priority":109,"file":342,"line":287},"manage_users_columns","includes\\integrations\\class-wp-userlist.php",{"type":167,"name":344,"callback":314,"priority":290,"file":342,"line":304},"manage_users_custom_column",{"type":145,"name":146,"callback":346,"file":347,"line":348},"run_LoginAsUser","login-as-user.php",66,[],[],[352],{"tag":353,"callback":354,"file":171,"line":355},"login_as_user","loginasuserShortcode",55,[],{"dangerousFunctions":358,"sqlUsage":359,"outputEscaping":361,"fileOperations":27,"externalRequests":27,"nonceChecks":440,"capabilityChecks":441,"bundledLibraries":442},[],{"prepared":27,"raw":27,"locations":360},[],{"escaped":362,"rawEcho":175,"locations":363},110,[364,367,368,369,371,372,374,376,378,380,383,385,386,388,390,391,393,395,397,398,400,402,404,406,407,409,410,412,414,416,418,420,423,424,426,428,430,431,433,435,437,439],{"file":365,"line":294,"context":366},"admin\\settings-view.php","raw output",{"file":365,"line":294,"context":366},{"file":365,"line":300,"context":366},{"file":365,"line":370,"context":366},30,{"file":365,"line":370,"context":366},{"file":365,"line":373,"context":366},122,{"file":365,"line":375,"context":366},124,{"file":365,"line":377,"context":366},133,{"file":365,"line":379,"context":366},142,{"file":381,"line":382,"context":366},"includes\\class-w357-custom-fields.php",35,{"file":381,"line":384,"context":366},79,{"file":381,"line":384,"context":366},{"file":381,"line":387,"context":366},131,{"file":381,"line":389,"context":366},148,{"file":381,"line":152,"context":366},{"file":381,"line":392,"context":366},176,{"file":381,"line":394,"context":366},177,{"file":381,"line":396,"context":366},181,{"file":381,"line":396,"context":366},{"file":381,"line":399,"context":366},186,{"file":381,"line":401,"context":366},204,{"file":381,"line":403,"context":366},205,{"file":381,"line":405,"context":366},209,{"file":381,"line":405,"context":366},{"file":381,"line":408,"context":366},214,{"file":381,"line":246,"context":366},{"file":171,"line":411,"context":366},550,{"file":171,"line":413,"context":366},889,{"file":171,"line":415,"context":366},894,{"file":171,"line":417,"context":366},898,{"file":171,"line":419,"context":366},1214,{"file":421,"line":422,"context":366},"includes\\class-w357-settings.php",482,{"file":282,"line":355,"context":366},{"file":282,"line":425,"context":366},61,{"file":282,"line":427,"context":366},67,{"file":282,"line":429,"context":366},87,{"file":303,"line":217,"context":366},{"file":318,"line":432,"context":366},60,{"file":318,"line":434,"context":366},75,{"file":331,"line":436,"context":366},59,{"file":331,"line":438,"context":366},69,{"file":331,"line":62,"context":366},2,7,[],[444,462],{"entryPoint":445,"graph":446,"unsanitizedCount":50,"severity":461},"add_login_message (includes\\class-w357-login-as-user.php:503)",{"nodes":447,"edges":458},[448,453],{"id":449,"type":450,"label":451,"file":171,"line":452},"n0","source","$_REQUEST",526,{"id":454,"type":455,"label":456,"file":171,"line":411,"wp_function":457},"n1","sink","echo() [XSS]","echo",[459],{"from":449,"to":454,"sanitized":460},false,"medium",{"entryPoint":463,"graph":464,"unsanitizedCount":27,"severity":472},"\u003Cclass-w357-login-as-user> (includes\\class-w357-login-as-user.php:0)",{"nodes":465,"edges":469},[466,468],{"id":449,"type":450,"label":467,"file":171,"line":452},"$_REQUEST (x2)",{"id":454,"type":455,"label":456,"file":171,"line":411,"wp_function":457},[470],{"from":449,"to":454,"sanitized":471},true,"low",{"summary":474,"deductions":475},"The \"login-as-user\" plugin v1.6.8 exhibits a generally strong security posture based on the static analysis. The absence of direct AJAX or REST API endpoints that bypass authentication is a significant positive. The code also demonstrates good practices by exclusively using prepared statements for SQL queries and incorporating both nonce and capability checks, indicating an awareness of common WordPress security vulnerabilities. The plugin also has no recorded vulnerability history, which is a strong indicator of stable and secure development over time.\n\nHowever, there are minor areas for improvement. The taint analysis reveals one flow with unsanitized paths, which, while not classified as critical or high severity in this specific analysis, represents a potential avenue for unexpected behavior or vulnerabilities if input is not handled meticulously. Furthermore, the output escaping is only properly done in 72% of cases. While this might not lead to immediate critical issues, it leaves room for potential cross-site scripting (XSS) vulnerabilities if user-controlled data is rendered without proper sanitization in the remaining 28% of outputs.\n\nOverall, the plugin is well-developed from a security perspective, with a minimal attack surface and a history free of known vulnerabilities. The primary concerns are the single unsanitized path flow and the imperfect output escaping, which are minor but should be addressed to achieve a truly robust security profile.",[476,478],{"reason":477,"points":111},"Flows with unsanitized paths",{"reason":479,"points":33},"Output escaping not fully proper","2026-03-16T17:25:05.667Z",{"wat":482,"direct":491},{"assetPaths":483,"generatorPatterns":486,"scriptPaths":487,"versionParams":488},[484,485],"\u002Fwp-content\u002Fplugins\u002Flogin-as-user\u002Fadmin\u002Fcss\u002Fadmin.min.css","\u002Fwp-content\u002Fplugins\u002Flogin-as-user\u002Fadmin\u002Fjs\u002Fadmin.min.js",[],[485],[489,490],"login-as-user\u002Fadmin\u002Fcss\u002Fadmin.min.css?ver=","login-as-user\u002Fadmin\u002Fjs\u002Fadmin.min.js?ver=",{"cssClasses":492,"htmlComments":494,"htmlAttributes":503,"restEndpoints":505,"jsGlobals":506,"shortcodeOutput":508},[493],"column-loginasuser_col",[495,496,497,498,499,500,501,502]," Login as User for WordPress - v1.6.8 (free version) "," Author: Web357 "," Copyright © 2014-2024 Web357. All rights reserved. "," License: GNU\u002FGPLv3, http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html "," Website: https:\u002F\u002Fwww.web357.com\u002Flogin-as-user-wordpress-plugin "," Demo: https:\u002F\u002Flogin-as-user-wordpress-demo.web357.com\u002Fwp-admin\u002F "," Support: https:\u002F\u002Fwww.web357.com\u002Fsupport "," Last modified: Tuesday 03 February 2026, 10:23:18 AM ",[504],"data-loginasuser_id",[],[507],"loginasuserAjax",[]]