[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3AUwO0MlCif7uR3DQc561XVpHXJua9sfVoC8_LsHCBo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":36,"analysis":133,"fingerprints":175},"loginout","LogInOut button","0.305","n4me","https:\u002F\u002Fprofiles.wordpress.org\u002Fn4me\u002F","\u003Cp>Заменяет [LogInOut] в виджете “html” (“Внешний вид”->”Виджеты”) на кнопку “Вход редактора\u002FВыйти”. Фильтр. Стили не трогал.\u003Cbr \u002F>\nОсобенность: После клика (входа\u002Fвыхода) остаёмся на той же страничке, где и были.\u003Cbr \u002F>\nт.е. Для всех показывается кнопка “Вход редактора”, после входа показывается кнопка “Выйти”.\u003C\u002Fp>\n\u003Cp>Дополнение:\u003Cbr \u002F>\nВо второй части скрипта (смотри исходник плагина) создается div с двумя ссылками. Одна ссылка “Имя пользователя” (при клике – логаут), справа от UserName ссылка в админ-панель.\u003Cbr \u002F>\nДополнение показывается только вошедшим (залогинившимся) пользователям.\u003C\u002Fp>\n\u003Cp>И да, это тупо-плагин, без каких либо настроек.\u003Cbr \u002F>\nУстановка: установил плагин, Активировал, Написал [LogInOut] где-нить под меню – работает.\u003Cbr \u002F>\nНужны красивости – поправил css плагина.\u003Cbr \u002F>\nНужны особенности – полез редактировать сам плагин. Он меньше и проще чем это описание.\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>In LogInOut 0.254 version Styles in file loginout.css\u003C\u002Fp>\n\u003Ch4>Website\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Floginout\u002F\u003C\u002Fp>\n","Заменяет [LogInOut] в виджете \"html\" (\"Внешний вид\"->\"Виджеты\") на кнопку \"Вход редактора\u002FВыйти\". Фильтр.",10,1549,100,1,"2019-10-23T15:43:00.000Z","5.3.21","3.6","",[20,21,22,23,24],"button","login","logout","shortcode","username","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Floginout\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floginout.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},30,84,"2026-04-05T18:22:08.866Z",[37,61,79,98,116],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":59,"download_link":60,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"basic-front-end-login","Basic Front-End Login","2.1","Mitchell Bennis","https:\u002F\u002Fprofiles.wordpress.org\u002Feemitch\u002F","\u003Cp>Adds a basic front-end login for to any page, post or widget and redirects to the page you choose. It also can block access to the back-end and disable the Admin Bar. This plugin is for when you want your users to be logged-in, but do not want them to have access to the WordPress Dashboard.\u003C\u002Fp>\n\u003Cp>To display the login form, place this shortcode on any page, post, or widget: \u003Cem>[eeBFEL]\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>After the user has logged in, they will be redirected to your home page or the URL you define in the plugin settings. You can also optionaly display a logout button at the bottom-right of each page.\u003C\u002Fp>\n\u003Ch3>Redirect After Login\u003C\u002Fh3>\n\u003Cp>To define destinations in additional login forms, use the “redirect” attribute to over-ride the default. There is no limit to the number of forms you can use.\u003C\u002Fp>\n\u003Cp>\u003Cem>[eeBFEL redirect=”https:\u002F\u002Fwebsite.com\u002Fyour-files-page\u002F”]\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Deny Dashboard Access\u003C\u002Fh3>\n\u003Cp>In the plugin settings you can optionally select roles that you want to deny back-end access to. All built-in and custom roles, except Administrator, can be blocked. The Admin Bar will not appear and direct back-end access attempts will simply redirect to your home page. This restriction will be site-wide and is unrelated to the use of the shortcode.\u003C\u002Fp>\n\u003Cp>Even if you don’t need a login form, this can add an extra measure of security to your website by denying back-end access to all roles except Administrators.\u003C\u002Fp>\n\u003Ch3>NEW – Show a Logout Button\u003C\u002Fh3>\n\u003Cp>Optionally show a small logout button on the bottom-right of each page if the user is logged in. Logging out returns the user to the home page.\u003C\u002Fp>\n","Adds a basic front-end login form to any page, post or widget and redirects to the page you choose.",300,5310,74,3,"2025-12-25T22:12:00.000Z","6.9.4","5.0","7.4",[54,55,56,57,58],"login-form","login-redirect","logout-button","no-admin-bar","user-login","https:\u002F\u002Fsimplefilelist.com\u002Fbasic-front-end-login\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbasic-front-end-login.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":13,"downloaded":69,"rating":13,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":77,"download_link":78,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"user-status-shortcode","User Status Shortcode","0.1.1","Reed Wendorf","https:\u002F\u002Fprofiles.wordpress.org\u002Freedwf\u002F","\u003Cp>Easily allows you to display different content to your visitors that are logged in than those that are logged out via shortcode.  Tested in templates, pages, posts and text widgets.  Create a personalized experience for your users that are logged in and your visitors that are logged out. This plugin might be useful for inbound marketers.\u003C\u002Fp>\n\u003Cp>Available on GitHub: https:\u002F\u002Fgithub.com\u002Freedwf\u002Fuser-status-shortcode\u003C\u002Fp>\n\u003Ch4>Usage Example\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>[userloggedin]content[\u002Fuserloggedin]  \u002F\u002Freturns content only to logged in users\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>[userloggedout]content[\u002Fuserloggedout]  \u002F\u002Freturns content only to logged out users\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Release Notes\u003C\u002Fh3>\n\u003Ch4>0.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Tested up to 4.4.1\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Initial Release\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily allows you to display different content to your visitors that are logged in than those that are logged out via shortcode.",9329,5,"2016-01-21T22:31:00.000Z","4.4.34","3.0",[75,21,22,23,76],"inbound","widget","https:\u002F\u002Fwww.storyblock.media\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-status-shortcode.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":48,"last_updated":89,"tested_up_to":16,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-login-logout","Simple Login Logout","1.1.1","Yahya Mohammed","https:\u002F\u002Fprofiles.wordpress.org\u002Fyahya2022\u002F","\u003Cp>This simple plugin makes your life easier by adding a login and logout link to your navigation menu out of the box. It adds a login link with a “Log in” text to your navigation menu automatically if logged out, it changes to a “log out” text with a logout link with WordPress nonce if logged in. Which means you won’t run to a WordPress warning while trying to logout from a custom logout link again.\u003C\u002Fp>\n","This simple plugin makes your life easier by adding a login and logout link to your navigation menu out of the box. It adds a login link with a \" …",40,3047,"2020-02-09T11:05:00.000Z","3.0.1","5.2.4",[93,21,94,95,22],"log-out-button","login-button","login-menu","https:\u002F\u002Fethioliquid.com\u002Fsimple-login-logout\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-login-logout.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":11,"downloaded":106,"rating":28,"num_ratings":28,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":113,"download_link":114,"security_score":115,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-loginout","WP LogInOut","0.1.7","nabtron","https:\u002F\u002Fprofiles.wordpress.org\u002Fnabtron\u002F","\u003Cp>The plugin uses the \u003Ccode>wp_loginout\u003C\u002Fcode> functionality and extends it to automatically show login or logout button on your selected menu.\u003C\u002Fp>\n\u003Cp>The status of login or logout changes depending upon the users login status.\u003C\u002Fp>\n\u003Cp>The admin panel provides options to:\u003C\u002Fp>\n\u003Col>\n\u003Cli>select theme location for menu you want to extend\u003C\u002Fli>\n\u003Cli>code before and after the button link (\u003Cli> and \u003C\u002Fli> usually)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Please let us know if you encounter any bug or want features added to this plugin here on forums or at : \u003Ca href=\"https:\u002F\u002Fnabtron.com\u002Fwp-loginout\u002F\" rel=\"nofollow ugc\">Nabtron\u003C\u002Fa>\u003C\u002Fp>\n","Show login or logout button on any menu based on user login or logout status dynamically.",4049,"2024-11-26T17:30:00.000Z","6.7.5","4.0",[111,20,21,22,112],"automatically","menu","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-loginout\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-loginout.0.1.7.zip",92,{"slug":117,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":28,"downloaded":123,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":124,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":18,"download_link":131,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":132},"wps-safe-logout","1.0.0","Pradeep Ghosh","https:\u002F\u002Fprofiles.wordpress.org\u002Fpradeepghosh\u002F","\u003Cp>Generally user when logout from wordpress website and after they press browser back button then they can see previous login pages(but accessable).\u003Cbr \u002F>\nThis plugin eliminate this thing.\u003C\u002Fp>\n","This plugin will not allow the user to access login pages after logout when press the browser back button",598,"6.1.10","4.8","5.6",[128,22,129,130],"back-button-disable","restricted-unauthorised-access-to-login-pages","safe-logout","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwps-safe-logout.zip","2026-03-15T10:48:56.248Z",{"attackSurface":134,"codeSignals":151,"taintFlows":163,"riskAssessment":164,"analyzedAt":174},{"hooks":135,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":28,"unprotectedCount":28},[136,142],{"type":137,"name":138,"callback":139,"file":140,"line":141},"filter","widget_text","sda_loginout","loginout.php",38,{"type":143,"name":144,"callback":145,"file":140,"line":146},"action","__after_header","sda_username_show",54,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":155,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":162},[],{"prepared":28,"raw":28,"locations":154},[],{"escaped":28,"rawEcho":156,"locations":157},2,[158,161],{"file":140,"line":159,"context":160},49,"raw output",{"file":140,"line":159,"context":160},[],[],{"summary":165,"deductions":166},"The \"loginout\" plugin v0.305 presents a mixed security posture. On the positive side, the static analysis indicates a remarkably small attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the plugin shows strong adherence to secure coding practices regarding database interactions, with 100% of SQL queries utilizing prepared statements and no file operations or external HTTP requests detected.  The absence of known CVEs and past vulnerabilities is also a significant strength, suggesting a history of stability and potentially good security focus from the developers.\n\nHowever, several concerning signals emerge from the code analysis. The most prominent is that 100% of the plugin's outputs are not properly escaped. This represents a significant risk, as it makes the plugin vulnerable to Cross-Site Scripting (XSS) attacks. Any user-provided data that is displayed by the plugin without proper sanitization could be manipulated to inject malicious scripts, potentially leading to session hijacking, defacement, or other harmful actions. Additionally, the complete lack of nonce checks and capability checks, especially when considering the potential for output manipulation, raises concerns about authorization and the plugin's ability to prevent unauthorized actions or data access. The taint analysis showing zero flows is a positive indicator, but this must be viewed in conjunction with the unescaped output, as the analysis might not have fully covered all potential taint paths due to the limited entry points detected.\n\nIn conclusion, while \"loginout\" v0.305 demonstrates excellent practices in areas like database security and a minimal attack surface, the critical flaw of unescaped output leaves it highly susceptible to XSS vulnerabilities. The absence of historical vulnerabilities is encouraging, but it does not mitigate the current, identified risks. The plugin's security is severely undermined by the lack of output escaping. Until this is addressed, the plugin should be considered a high-risk component.",[167,170,172],{"reason":168,"points":169},"Output not properly escaped (XSS risk)",8,{"reason":171,"points":70},"No nonce checks present",{"reason":173,"points":70},"No capability checks present","2026-03-17T01:44:00.099Z",{"wat":176,"direct":182},{"assetPaths":177,"generatorPatterns":179,"scriptPaths":180,"versionParams":181},[178],"\u002Fwp-content\u002Fplugins\u002Floginout\u002Floginout.css",[],[],[],{"cssClasses":183,"htmlComments":186,"htmlAttributes":187,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":191},[184,185],"enter","show-user-name",[],[188],"data-username",[],[],[192],"[LogInOut]"]