[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCcikDjkSm8YVFG6QVlIjwqI8X5etrpuJFvVeIqRzZ9Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":125,"fingerprints":228},"lyon-site-activity","Lyon Site Activity","2.0.2","Wheaton College","https:\u002F\u002Fprofiles.wordpress.org\u002Fwheatoncollege\u002F","\u003Cp>A simple, lightweight plugin that gives site administrators an at-a-glance view of recent content edits.\u003C\u002Fp>\n\u003Cp>A single screen under the \u003Cstrong>Tools\u003C\u002Fstrong> menu  shows tabular data for the latest created, latest modified, and\u002For latest trashed post, pages, or custom post types.  You can also find the latest created taxonomies and custom taxonomies, along with latest added media elements (currently only PDF application types are supported.)  Dynamic navigation control is found in a sticky element at the top of the page, allowing fast access to special areas of interest.\u003C\u002Fp>\n\u003Cp>A single screen under the \u003Cstrong>Settings\u003C\u002Fstrong> menu will allow you to show only those posts, custom post types, taxonomies, or custom taxonomies that you are interested in seeing.  Please note that while custom post type and custom taxonomies you create will be listed here, it does not mean that they are fully supported at this time.  They should work as desired, but custom post types and custom taxonomies can be tricky.\u003C\u002Fp>\n\u003Ch3>Background\u003C\u002Fh3>\n\u003Cp>This plugin was designed to fulfill a need of Wheaton College, Norton MA. We wanted to track \u003Cem>some\u003C\u002Fem> editor activity without storing records in the database. The guiding principle was that the code would be lightweight and \u003Cem>read only\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>One use case is to review recent edits to ensure user compliance with existing guidelines.\u003C\u002Fp>\n\u003Cp>Another is to review if there have been any recent edits at all.\u003C\u002Fp>\n\u003Cp>This plugin supplements our paid site monitoring software. The idea is to catch issues early, providing a teaching opportunity for web editors that are less experienced.\u003C\u002Fp>\n","A simple, lightweight plugin that gives site administrators an at-a-glance view of recent content edits.",10,1385,0,"2020-09-28T17:10:00.000Z","5.3.21","3.5","5.4.0",[19,20,21],"admin","logging","site-activity","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flyon-site-activity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flyon-site-activity.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"wheatoncollege",1,30,84,"2026-04-04T22:25:22.542Z",[35,56,75,90,105],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":11,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":54,"download_link":55,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"log-deprecated-notices","Log Deprecated Notices","0.4.1","Andrew Nacin","https:\u002F\u002Fprofiles.wordpress.org\u002Fnacin\u002F","\u003Cp>This plugin logs the usage of deprecated files, functions, and function arguments. It identifies where the deprecated functionality is being used and offers the alternative if available.\u003C\u002Fp>\n\u003Cp>This is a plugin for developers. WP_DEBUG is not needed, though its general usage is strongly recommended. Deprecated notices normally exposed by WP_DEBUG will be logged instead.\u003C\u002Fp>\n\u003Cp>This plugin also logs incorrect function usage, which WordPress started reporting in 3.1.\u003C\u002Fp>\n\u003Cp>Please report any bugs to plugins in a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Flog-deprecated-notices\" rel=\"ugc\">support thread\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This is young software. It works, but there’s a lot left on the todo (check out the Other Notes tab). Have an idea? Let me know.\u003C\u002Fp>\n\u003Ch3>Ideas\u003C\u002Fh3>\n\u003Cp>These are the various things on the @todo:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Plugin identification. Also, an unobstrusive note on plugins page next to said plugins.\u003C\u002Fli>\n\u003Cli>Perhaps the ability to auto-purge the log.\u003C\u002Fli>\n\u003Cli>Ability to filter on file or plugin in which the deprecated functionality is used.\u003C\u002Fli>\n\u003Cli>Offer some kind of better multisite support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Want to add something here? I’m all ears. plugins at \u003Ca href=\"http:\u002F\u002Fandrewnacin.com\u002F\" rel=\"nofollow ugc\">andrewnacin.com\u003C\u002Fa> or @\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fnacin\" rel=\"nofollow ugc\">nacin\u003C\u002Fa> on Twitter.\u003C\u002Fp>\n\u003Cp>I will prioritize these tasks based on feedback, so let me know what you’d like to see.\u003C\u002Fp>\n","Logs the usage of deprecated files, functions, and function arguments, and identifies where the deprecated functionality is being used.",1000,165887,100,"2021-06-25T14:17:00.000Z","5.8.13","3.0","",[19,51,52,20,53],"deprecated","e_notice","wp_debug","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flog-deprecated-notices\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flog-deprecated-notices.0.4.1.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":49,"download_link":74,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"quick-debug-log-viewer","Quick debug.log Viewer","1.2.2","WPSani","https:\u002F\u002Fprofiles.wordpress.org\u002Fsani060913\u002F","\u003Cp>\u003Cstrong>Quick debug.log Viewer\u003C\u002Fstrong> lets you quickly inspect your site’s debug.log file without leaving the WordPress dashboard. Now with a \u003Cstrong>floating action button (FAB)\u003C\u002Fstrong> and modal for frontend viewing, searching, and filtering!\u003Cbr \u002F>\nThe FAB is now draggable and its position is remembered — with a right-click option to reset.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Instantly view, scroll, \u003Cstrong>search\u003C\u002Fstrong>, and filter your \u003Ccode>debug.log\u003C\u002Fcode> contents  \u003C\u002Fli>\n\u003Cli>🔍 Search and browse logs even from the frontend with a floating action button (FAB) and modal  \u003C\u002Fli>\n\u003Cli>Filter logs by type: Fatal, Warning, Notice — or show all  \u003C\u002Fli>\n\u003Cli>Clear the log with a single click (now via AJAX)  \u003C\u002Fli>\n\u003Cli>Download the log for backups or support  \u003C\u002Fli>\n\u003Cli>Load large logs in chunks with the \u003Cstrong>Load More\u003C\u002Fstrong> button  \u003C\u002Fli>\n\u003Cli>Secure HTML output with escaping to prevent session theft  \u003C\u002Fli>\n\u003Cli>Stack traces are shown in single blocks for better readability  \u003C\u002Fli>\n\u003Cli>Works even if \u003Ccode>WP_DEBUG\u003C\u002Fcode> is off — as long as the file exists  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Ideal for developers, site managers, and anyone needing to troubleshoot WordPress issues fast.\u003C\u002Fp>\n\u003Cp>👉 Learn more and download from: \u003Ca href=\"https:\u002F\u002Fwpsani.store\u002Fdownloads\u002Fquick-debug-log-viewer-free\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpsani.store\u002Fdownloads\u002Fquick-debug-log-viewer-free\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Easily view and manage your WordPress debug.log file directly from the admin area — no FTP access required.",20,569,"2025-06-05T06:14:00.000Z","6.8.5","6.0","7.0",[19,71,72,20,73],"debug","error-log","troubleshooting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquick-debug-log-viewer.1.2.2.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":11,"downloaded":83,"rating":13,"num_ratings":13,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":49,"tags":87,"homepage":88,"download_link":89,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"log-deprecated-notices-extender","Log Deprecated Notices Extender","0.1.2","Joey Kudish","https:\u002F\u002Fprofiles.wordpress.org\u002Fjkudish\u002F","\u003Cp>This developer-oriented WordPress plugin extends Log Deprecated Notices to show a link in the WP 3.3+ Toolbar. Based on \u003Ca href=\"http:\u002F\u002Fnacin.com\" rel=\"nofollow ugc\">Andrew Nacin\u003C\u002Fa>‘s \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flog-deprecated-notices\u002F\" rel=\"ugc\">Log Deprecated Notices\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin is built and maintained by \u003Ca href=\"http:\u002F\u002Fjkudish.com\" title=\"Joachim Kudish\" rel=\"nofollow ugc\">Joachim Kudish\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Follow development, fork and contribute on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjkudish\u002FLogDeprecatedNoticesExtender\" rel=\"nofollow ugc\">github\u003C\u002Fa>\u003C\u002Fp>\n","This developer-oriented WordPress plugin extends Andrew Nacin's Log Deprecated Notices to show a link in the WP 3.3+ Toolbar.",2501,"2012-01-14T23:19:00.000Z","3.4.2","3.3",[19,51,52,20,53],"http:\u002F\u002Fjkudish.com\u002Flog-deprecated-notices-extender\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flog-deprecated-notices-extender.0.1.2.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":11,"downloaded":98,"rating":13,"num_ratings":13,"last_updated":99,"tested_up_to":67,"requires_at_least":100,"requires_php":49,"tags":101,"homepage":49,"download_link":104,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"pagelog","Pagelog","1.8","Jacob N. Breetvelt","https:\u002F\u002Fprofiles.wordpress.org\u002Fopajaap\u002F","\u003Cp>This plugin registers and displays statistics of the usage of selected wp posts\u002Fpages. A simple shortcode on the page causes the useage of the page to be registered.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Place shortcode [pagelog] at the end of a page, and its usage will be registered. Login name (if logged in), ip address, date\u002Ftime are saved in a db table.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The menu item Tools -> Pagelog enables you to configure the behaviour and displays the statistics.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>About and Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Pagelog is written and maintained by J.N. Breetvelt, ( http:\u002F\u002Fwww.opajaap.nl\u002F ) a.k.a. OpaJaap\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin registers and displays statistics of the usage of selected wp posts\u002Fpages.",2540,"2025-05-10T09:06:00.000Z","2.1",[102,20,103],"admin-tool","page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpagelog.1.8.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":13,"downloaded":113,"rating":13,"num_ratings":13,"last_updated":49,"tested_up_to":114,"requires_at_least":115,"requires_php":116,"tags":117,"homepage":122,"download_link":123,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":124},"logaction","LogAction – Activity Logs for Admin","1.0.0","Sylvanus","https:\u002F\u002Fprofiles.wordpress.org\u002Fgblessylva\u002F","\u003Cp>\u003Cstrong>LogAction – Activity Logs for Admin\u003C\u002Fstrong> is a powerful WordPress plugin that provides a detailed activity logging system for your website. It tracks user actions, changes, and events, allowing site administrators to monitor activity, enhance security, and improve user experience. With an intuitive interface and customizable features, LogAction makes managing your site’s activity a breeze.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Tracks user logins, post updates, plugin activations, and more.\u003C\u002Fli>\n\u003Cli>View logs in an intuitive interface.\u003C\u002Fli>\n\u003Cli>Export logs to CSV for offline analysis or reporting.\u003C\u002Fli>\n\u003Cli>Customize logging preferences to suit your site’s needs.\u003C\u002Fli>\n\u003Cli>Filter logs by date and actions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is essential for administrators aiming to monitor activity, troubleshoot issues, and enhance their site’s security posture.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Ensure your PHP version is at least 7.4 for optimal performance.\u003C\u002Fli>\n\u003Cli>Compatible with the latest WordPress version.\u003C\u002Fli>\n\u003C\u002Ful>\n","Track and log WordPress activities to monitor and improve your site's security and administrative tasks.",377,"6.7.5","5.0","7.4",[118,119,20,120,121],"activity-log","admin-tools","security","wordpress","https:\u002F\u002Fgithub.com\u002Fgblessylva\u002FLogAction\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogaction.1.0.0.zip","2026-03-15T10:48:56.248Z",{"attackSurface":126,"codeSignals":150,"taintFlows":215,"riskAssessment":216,"analyzedAt":227},{"hooks":127,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":13,"unprotectedCount":13},[128,134,137,141,144],{"type":129,"name":130,"callback":131,"file":132,"line":133},"action","plugins_loaded","anonymous","includes\\class-lyon-site-activity.php",122,{"type":129,"name":135,"callback":131,"file":132,"line":136},"admin_menu",135,{"type":138,"name":139,"callback":131,"file":132,"line":140},"filter","plugin_action_links_lyon-site-activity\u002Flyon-site-activity.php",136,{"type":129,"name":142,"callback":131,"file":132,"line":143},"admin_init",137,{"type":129,"name":135,"callback":131,"file":132,"line":145},138,[],[],[],[],{"dangerousFunctions":151,"sqlUsage":152,"outputEscaping":155,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":214},[],{"prepared":153,"raw":13,"locations":154},14,[],{"escaped":30,"rawEcho":156,"locations":157},35,[158,162,164,166,167,168,169,171,172,174,175,176,177,178,180,181,182,183,185,187,188,189,190,192,194,195,196,197,199,201,203,205,207,209,212],{"file":159,"line":160,"context":161},"includes\\class-lyon-site-activity-admin.php",93,"raw output",{"file":159,"line":163,"context":161},132,{"file":159,"line":165,"context":161},142,{"file":159,"line":165,"context":161},{"file":159,"line":165,"context":161},{"file":159,"line":165,"context":161},{"file":159,"line":170,"context":161},143,{"file":159,"line":170,"context":161},{"file":159,"line":173,"context":161},147,{"file":159,"line":173,"context":161},{"file":159,"line":173,"context":161},{"file":159,"line":173,"context":161},{"file":159,"line":173,"context":161},{"file":159,"line":179,"context":161},149,{"file":159,"line":179,"context":161},{"file":159,"line":179,"context":161},{"file":159,"line":179,"context":161},{"file":159,"line":184,"context":161},151,{"file":159,"line":186,"context":161},155,{"file":159,"line":186,"context":161},{"file":159,"line":186,"context":161},{"file":159,"line":186,"context":161},{"file":159,"line":191,"context":161},158,{"file":159,"line":193,"context":161},161,{"file":159,"line":193,"context":161},{"file":159,"line":193,"context":161},{"file":159,"line":193,"context":161},{"file":159,"line":198,"context":161},164,{"file":159,"line":200,"context":161},175,{"file":159,"line":202,"context":161},218,{"file":159,"line":204,"context":161},219,{"file":159,"line":206,"context":161},220,{"file":159,"line":208,"context":161},258,{"file":210,"line":211,"context":161},"includes\\class-lyon-site-activity-list-table.php",44,{"file":210,"line":213,"context":161},112,[],[],{"summary":217,"deductions":218},"The 'lyon-site-activity' plugin v2.0.2 exhibits a strong security posture in several key areas based on the static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly limits the potential attack surface. Furthermore, the plugin demonstrates good practice by exclusively using prepared statements for its SQL queries, mitigating risks of SQL injection. The lack of file operations and external HTTP requests also reduces potential vulnerabilities.\n\nHowever, the static analysis reveals a significant concern regarding output escaping. With only 3% of 36 outputs properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data that is displayed on the frontend without proper sanitization could be exploited to inject malicious scripts. The complete absence of nonce checks and capability checks on potential entry points, although the entry points themselves are currently zero, indicates a potential weakness if the plugin's functionality were to expand or be integrated with other components that introduce new entry points. The vulnerability history showing no recorded CVEs suggests a history of responsible development, but it cannot compensate for identified code weaknesses.\n\nIn conclusion, while the plugin benefits from a minimal attack surface and secure SQL practices, the pervasive issue with output escaping presents a critical security concern that requires immediate attention. The lack of any security checks (nonces, capabilities) is also a point of concern for future-proofing. Addressing the output escaping vulnerabilities is paramount to securing this plugin.",[219,222,225],{"reason":220,"points":221},"Low output escaping rate",15,{"reason":223,"points":224},"Missing nonce checks",5,{"reason":226,"points":224},"Missing capability checks","2026-03-17T00:51:53.880Z",{"wat":229,"direct":238},{"assetPaths":230,"generatorPatterns":233,"scriptPaths":234,"versionParams":235},[231,232],"\u002Fwp-content\u002Fplugins\u002Flyon-site-activity\u002Fassets\u002Fstyles.css","\u002Fwp-content\u002Fplugins\u002Flyon-site-activity\u002Fassets\u002Fscripts.js",[],[232],[236,237],"lyon-site-activity\u002Fassets\u002Fstyles.css?ver=","lyon-site-activity\u002Fassets\u002Fscripts.js?ver=",{"cssClasses":239,"htmlComments":242,"htmlAttributes":243,"restEndpoints":245,"jsGlobals":246,"shortcodeOutput":247},[240,241],"site-activity-settings","lsa_cpt_list",[],[244],"name=\"lsa_plugin_options[lsa_post_tax_types",[],[],[]]