[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1nUkoF7F-DwYzzPn2mHi6BNMt6k-RSoMFX4YvGwN9EE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":141,"fingerprints":175},"longer-login","Longer Login (\"Remember Me\" Extension)","1.0.0","John Morris","https:\u002F\u002Fprofiles.wordpress.org\u002Fjtmorris\u002F","\u003Cp>Do you use the “Remember Me” feature when logging in to your WordPress site? I know I do.\u003C\u002Fp>\n\u003Cp>Do you find it annoying when WordPress stops remembering you after a few days? I know I do.\u003C\u002Fp>\n\u003Cp>Longer Login is a simple WordPress plugin that remedies this.  By default, WordPress automatically\u003Cbr \u002F>\nforgets users after 14 days.  This plugin adds an option in your website’s General Settings that\u003Cbr \u002F>\ncan change this expiration date.  There are numerous options ranging from 1 day to 1 year.\u003C\u002Fp>\n\u003Cp>Change the setting, and the next time you, or any user on your site logs in with “Remember Me” checked,\u003Cbr \u002F>\nWordPress will keep them logged in for that specified time.\u003C\u002Fp>\n\u003Ch4>How Does It Work?\u003C\u002Fh4>\n\u003Cp>To remember users, websites store a small piece of information in your web browser’s memory.\u003Cbr \u002F>\nThis token of information is called an \u003Ca href=\"wikipedia.org\u002Fwiki\u002FHTTP_cookie\" rel=\"nofollow ugc\">HTTP cookie\u003C\u002Fa>. These\u003Cbr \u002F>\ncookies have an expiration date specified by the website.\u003C\u002Fp>\n\u003Cp>By default, WordPress websites have their persistent login cookies expire after 14 days. This plugin\u003Cbr \u002F>\nchanges the length of time the cookie will survive. Instead of 14 days after login, you can make the\u003Cbr \u002F>\ncookie live for as long as 1 year after login.\u003C\u002Fp>\n","Longer Login allows customizing the length of WordPress' \"Remember Me\" length. No more automatic logouts every few days!",100,2034,0,"2015-06-02T00:32:00.000Z","4.2.39","4.1","",[19,20,21,22,23],"cookie","expiration","login","remember","remember-me","http:\u002F\u002Flonger-login.johnmorris.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flonger-login.1.0.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"jtmorris",1,30,84,"2026-04-04T18:38:20.656Z",[37,58,78,105,122],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":32,"unpatched_count":13,"last_vuln_date":57,"fetched_at":28},"remember-me-controls","Remember Me Controls","2.1","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>Take control of the “Remember Me” login feature for WordPress by having it enabled by default, customize how long users are remembered, or disable this built-in feature by default.\u003C\u002Fp>\n\u003Cp>For those unfamiliar, “Remember Me” is a checkbox present when logging into WordPress. If checked, WordPress will remember the login session for 14 days. If unchecked, the login session will be remembered for only 2 days. Once a login session expires, WordPress will require you to log in again if you wish to continue using the admin section of the site.\u003C\u002Fp>\n\u003Cp>This plugin provides three primary controls over the behavior of the “Remember Me” feature:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically check “Remember Me” : The ability to have the “Remember Me” checkbox automatically checked when the login form is loaded (it isn’t checked by default).\u003C\u002Fli>\n\u003Cli>Customize the duration of the “Remember Me” : The ability to customize how long WordPress will remember a login session when “Remember Me” is checked, either forever or a customizable number of hours.\u003C\u002Fli>\n\u003Cli>Disable “Remember Me” : The ability to completely disable the feature, preventing the checkbox from appearing and restricting all login sessions to 2 days.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>NOTE: WordPress remembers who you are based on cookies stored in your web browser. If you use a different web browser, clear your cookies, use a browser on a different machine, or uninstall\u002Freinstall (and possibly even just restarting) your browser then you will have to log in again since WordPress will not be able to locate the cookies needed to identify you.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>Other than the plugins listed below, compatibility has not been tested or attempted for any other third-party plugins that provide their own login widgets or login handling.\u003C\u002Fp>\n\u003Cp>Special handling has been added to provide compatibility with the following plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" rel=\"ugc\">BuddyPress\u003C\u002Fa> (in particular, its “Log in” widget)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsidebar-login\u002F\" rel=\"ugc\">Sidebar Login\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-sidebar-widget\u002F\" rel=\"ugc\">Login Widget With Shortcode\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links: \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fremember-me-controls\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fremember-me-controls\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fremember-me-controls\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n","Have \"Remember Me\" checked by default on the login page and configure how long a login is remembered. Or disable the feature altogether.",4000,51395,86,7,"2024-09-04T19:20:00.000Z","6.6.5","5.5",[19,21,22,23,53],"session","https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fremember-me-controls\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremember-me-controls.2.1.zip",91,"2024-09-05 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":11,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":76,"download_link":77,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"always-remember-me","Always Remember Me","1.0","Ozh","https:\u002F\u002Fprofiles.wordpress.org\u002Fozh\u002F","\u003Cp>Tired of regularly logging in and clicking the “Remember me” checkbox? No more. With this plugin, once\u003Cbr \u002F>\nyou have logged in and until you voluntarily log out, your blog will remember you.\u003C\u002Fp>\n\u003Cp>The ‘Remember Me’ checkbox on the login form will be always checked, and instead of logging you in for 14 days, the expiration is set to one year.\u003C\u002Fp>\n\u003Cp>Related: for your \u003Cem>localhost\u003C\u002Fem> hacking, see plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fno-login\u002F\" rel=\"ugc\">No Login\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>On \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fozh\u002Falways-remember-me\" rel=\"nofollow ugc\">Github\u003C\u002Fa>. I don’t read WordPress support forums.\u003C\u002Fp>\n","Always checked 'Remember Me' checkbox and longer auth cookie expiration. Your blog will remember you.",200,6025,2,"2020-06-07T14:42:00.000Z","5.4.19","3.0","5.6",[74,19,21,75,22],"checkbox","ozh","http:\u002F\u002Fplanetozh.com\u002Fblog\u002Fmy-projects\u002Fwordpress-plugin-always-remember-me-login-checkbox\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falways-remember-me.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":100,"download_link":101,"security_score":102,"vuln_count":103,"unpatched_count":13,"last_vuln_date":104,"fetched_at":28},"themeisle-companion","Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More","3.0.5","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FfoS_QbuY-Lg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Why Choose Orbit Fox?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>All Essential Website Features in One Place\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Orbit Fox includes all the popular functionality most site owners need: SVG support, social sharing, website templates, custom fonts, stock photos, page builder widgets, menu icons, and site customization tools.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Eliminate Plugin Bloat\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Replace over a dozen individual utility plugins with just one solution. Reduce plugin management complexity, minimize potential conflicts, and keep your WordPress dashboard organized.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Smart Performance Optimization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Modules only load when enabled and are compatible with your existing theme and plugins, ensuring optimal site performance and preventing conflicts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Save Time on Setup and Maintenance\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Skip installing a dozen separate plugins when building new sites. Get fully functional websites in minutes, not hours. Plus, maintain just one plugin instead of managing multiple updates, settings, and compatibility issues.\u003C\u002Fp>\n\u003Ch3>Orbit Fox Modules\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Content & Design:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Website Templates – 45+ professional starter website templates to choose from\u003C\u002Fli>\n\u003Cli>Custom Fonts – Upload and use any custom font on your website\u003C\u002Fli>\n\u003Cli>Reading Progress Bar – Increase engagement with a visual reading progress indicator\u003C\u002Fli>\n\u003Cli>SVG Support – Enable safe SVG file uploads\u003C\u002Fli>\n\u003Cli>Free Stock Photos – 1,300+ free images to use for personal and commercial purposes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Page Building & Widgets:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Elementor Widgets – Add 6 popular widgets to Elementor\u003C\u002Fli>\n\u003Cli>Beaver Builder Modules – Add 6 popular modules to Beaver Builder\u003C\u002Fli>\n\u003Cli>Customize Login Page – Change the design of your site’s login page and customize your login form\u003C\u002Fli>\n\u003Cli>Duplicate Page or Post – Duplicate any post or page on your website with one click\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>User Experience:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Social Share Buttons – Add social sharing buttons to your website with mobile\u002Fdesktop optimization\u003C\u002Fli>\n\u003Cli>Menu Icons – Add icons to any menu\u003C\u002Fli>\n\u003Cli>GDPR\u002FCCPA Cookie Notice – Show GDPR\u002FCCPA-compliant cookie notifications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Site Management:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Header and Footer Scripts – Add tracking codes and custom CSS\u002FJS\u003C\u002Fli>\n\u003Cli>Disable Comments – Site-wide comment control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Works With Any Theme\u003C\u002Fh3>\n\u003Cp>Orbit Fox is designed to work seamlessly with all WordPress themes. For the best experience, pair it with our professional themes like \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fthemes\u002Fneve\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Neve\u003C\u002Fstrong>\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fthemes\u002Fhestia\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Hestia\u003C\u002Fstrong>\u003C\u002Fa> – built by the same team for perfect integration.\u003C\u002Fp>\n\u003Ch3>Who Should Use Orbit Fox\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Beginners\u003C\u002Fstrong> – Get professional features without the learning curve\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Freelancers & Agencies\u003C\u002Fstrong> – Build efficient, streamlined client websites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Website Owners\u003C\u002Fstrong> – Access essential functionality through one organized solution\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anyone\u003C\u002Fstrong> who wants commonly needed features without multiple plugin installations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fthemeisle-companion\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Need help getting started? Check out our \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Farticle\u002F951-orbit-fox-documentation\" rel=\"nofollow ugc\">complete documentation\u003C\u002Fa> for step-by-step guides on every feature.\u003C\u002Fp>\n\u003Ch3>Useful Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like Orbit Fox, you’re sure to love \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">our other plugins\u003C\u002Fa> as well.\u003C\u002Fli>\n\u003Cli>Learn more about WordPress on our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" rel=\"nofollow ugc\">blog\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Get the most out of your WordPress website with our helpful \u003Ca href=\"https:\u002F\u002Fyoutube.com\u002Fplaylist?list=PLmRasCVwuvpSep2MOsIoE0ncO9JE3FcKP\" rel=\"nofollow ugc\">YouTube Tutorials\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add modules like share buttons, header & footer scripts, disable comments, reading progress bar, custom fonts, custom login page & more in one plugin.",100000,13570171,96,317,"2025-12-10T19:26:00.000Z","6.9.4","5.3","7.4",[95,96,97,98,99],"cookie-notice","duplicate-page","login-customizer","share-buttons","svg-support","https:\u002F\u002Forbitfox.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthemeisle-companion.zip",83,20,"2025-11-03 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":66,"downloaded":113,"rating":11,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":17,"tags":118,"homepage":120,"download_link":121,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"easy-timeout-session","Easy Timeout Session","1.1","jokiruiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fjokioki\u002F","\u003Cp>The Easy Timeout Session WordPress plugin allows you to change the session\u003Cbr \u002F>\nduration for the WordPress user.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Open Timeout Session Page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Specify the session length (you can specify in seconds, hours or days)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Do you use worpdress admin with an iPad? Don´t worry, this plugin is fully\u003Cbr \u002F>\nadapted for tablets and smartphones.\u003C\u002Fp>\n\u003Cp>\u003Cem>Thank you for downloading! your feedback is well appreciated!\u003C\u002Fem>\u003C\u002Fp>\n","The Easy Timeout Session WordPress plugin allows you to change the session duration for the WordPress user.",6836,3,"2015-11-02T12:36:00.000Z","4.3.34","3.0.1",[119],"timeout-session-cookie-user-wordpress-login-logout","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-timeout-session\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-timeout-session.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":103,"downloaded":130,"rating":11,"num_ratings":32,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":138,"download_link":139,"security_score":140,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"biscotti","Biscotti","2.1.0","Jason Cosper","https:\u002F\u002Fprofiles.wordpress.org\u002Fboogah\u002F","\u003Cp>Biscotti is a plugin that modifies the expiration of the logged in user cookie in WordPress to three months, six months, or one year. Because some people hate to have to keep entering their passwords.\u003C\u002Fp>\n\u003Ch3>WP-CLI Commands\u003C\u002Fh3>\n\u003Cp>As of version 2.1.0, Biscotti includes WP-CLI commands for managing a user’s logged in session cookie expiration.\u003C\u002Fp>\n\u003Ch4>biscotti get\u003C\u002Fh4>\n\u003Cp>This command returns the previously defined cookie expiration of a user.\u003C\u002Fp>\n\u003Ch3>Options\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>\u003Cuser_id> — The ID of the user. \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>biscotti set\u003C\u002Fh4>\n\u003Cp>This command sets the logged in session cookie expiration of a user.\u003C\u002Fp>\n\u003Ch3>Options\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>\u003Cuser_id> — ID of the user.\n\n\u003Cexpiration> — New expiration duration. It must be one of the following values: `'3 months'`, `'6 months'`, `'1 year'`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>Please remember to replace the \u003Ccode>user_id\u003C\u002Fcode> and \u003Ccode>expiration\u003C\u002Fcode> placeholders with the actual user ID and desired expiration duration when running either of these commands.\u003C\u002Fp>\n","Biscotti makes your user's login cookie a little bit longer.",1213,"2024-05-01T15:21:00.000Z","6.5.8","6.0","8.0",[136,21,137],"cookies","profile","https:\u002F\u002Fgithub.com\u002Fboogah\u002Fbiscotti","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbiscotti.2.1.0.zip",92,{"attackSurface":142,"codeSignals":158,"taintFlows":168,"riskAssessment":169,"analyzedAt":174},{"hooks":143,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":13,"unprotectedCount":13},[144,150],{"type":145,"name":146,"callback":147,"file":148,"line":149},"filter","auth_cookie_expiration","lolo_adjust_login_period","longer-login.php",31,{"type":145,"name":151,"callback":152,"file":148,"line":153},"admin_init","register_fields",53,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":162,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":167},[],{"prepared":13,"raw":13,"locations":161},[],{"escaped":13,"rawEcho":32,"locations":163},[164],{"file":148,"line":165,"context":166},116,"raw output",[],[],{"summary":170,"deductions":171},"The 'longer-login' plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. There is no apparent attack surface exposed through AJAX, REST API, shortcodes, or cron events. Furthermore, the code signals indicate a lack of dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), file operations, external HTTP requests, and importantly, no evident taint flows. This suggests a well-written plugin with a focus on secure coding practices.\n\nHowever, a significant concern arises from the output escaping. With one total output and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data outputted by the plugin to the browser without proper escaping is susceptible to manipulation, allowing an attacker to inject malicious scripts. The absence of any known CVEs or past vulnerabilities is a positive indicator, suggesting the developers have a history of producing secure code, but this does not negate the immediate risk posed by the unescaped output.\n\nIn conclusion, while the plugin is commendably free of common vulnerabilities like SQL injection and lacks a significant attack surface, the critical flaw in output escaping presents a substantial security risk. Prioritizing the proper escaping of all outputs should be the immediate focus to mitigate the potential for XSS attacks. The lack of known historical vulnerabilities is a strength, but the identified coding deficiency requires prompt attention.",[172],{"reason":173,"points":48},"Output not properly escaped","2026-03-16T21:02:22.123Z",{"wat":176,"direct":181},{"assetPaths":177,"generatorPatterns":178,"scriptPaths":179,"versionParams":180},[],[],[],[],{"cssClasses":182,"htmlComments":183,"htmlAttributes":221,"restEndpoints":223,"jsGlobals":224,"shortcodeOutput":225},[],[184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220],"Copyright 2015 John Morris  (email : johntylermorris@jtmorris.net)","This program is free software; you can redistribute it and\u002For modify","it under the terms of the GNU General Public License, version 2, as","published by the Free Software Foundation.","This program is distributed in the hope that it will be useful,","but WITHOUT ANY WARRANTY; without even the implied warranty of","MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the","GNU General Public License for more details.","You should have received a copy of the GNU General Public License","along with this program; if not, write to the Free Software","Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA","Authentication Cookie Expiration Filter","https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Fhooks\u002Fauth_cookie_expiration\u002F","Get the value stored in the database","Is value stored, and is it a valid integer","Invalid value trying to be stored, just keep it as is.","Add setting to General Settings page","SEE: https:\u002F\u002Fcodex.wordpress.org\u002FModifying_Options_Pages","Class constructor. Responsible for registering the settings field on admin_init.","Tells WordPress we have a settings API field to insert on the General Settings page.","Page","Option name","Validation\u002FSanitization function callback","ID","Title","Callback","Outputs the form field HTML.","If there is no stored option, use the default of 14 days","Key = Seconds (used by WordPress expiration filter and stored in database)","Value = Readable name with localization","Make sure we're going to \"select\" the value stored in the database","The sanitization\u002Fvalidation callback for the register_field call. In this case, it","checks if the value is numeric, and if not, inserts a default value.","The form field input","The sanitized form field input.","instantiate the class so the constructor is called, which sets this whole trainwreck","in motion.",[222],"lolo_login_expiration_length",[],[],[]]