[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuCyuOHkaywkVFJqZdxed3a_zr4-_-EYjGvcgjs_qodQ":3,"$fImqPKADfiU_6DoDiV6SVK_Wtde4nhVWUjSlMcRRTQAM":235,"$fwIVXNlVSIgzmxw9sMkwbWkDmD55aveFzNwFouO6OXyo":240},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":50,"crawl_stats":38,"alternatives":58,"analysis":163,"fingerprints":219},"meks-quick-plugin-disabler","Meks Quick Plugin Disabler","1.0","Meks","https:\u002F\u002Fprofiles.wordpress.org\u002Fmekshq\u002F","\u003Cp>Main purpose of Meks Quick Plugin Disabler is to quickly find out if any recent issue you are having on your website is related to the one of currently active plugins.\u003C\u002Fp>\n\u003Cp>It is made for developers, techical support engineers, as well as for regular WordPress users. Sometimes, usually after updating your plugins, themes or WordPress installation, strange issues may appear and mess the things up. This plugin provides a really neat way to check the problem.\u003C\u002Fp>\n\u003Ch3>Benefits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Huge time saver when debugging websites with lots of plugins\u003C\u002Fli>\n\u003Cli>Neat solution instead of forced plugin deactivation via FTP (i.e. changing the plugins folder name)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Meks Quick Plugin Disabler is created by \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n","Temporarily disable (and restore) all currently active plugins with a single click",2000,18703,100,7,"2024-07-29T12:31:00.000Z","6.6.5","3.7","",[20,21,22,23,24],"activate","deactivate","debug","disable","plugins","https:\u002F\u002Fmekshq.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmeks-quick-plugin-disabler.zip",70,1,"2025-12-15 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":38,"patch_diff_files":47,"patch_trac_url":38,"research_status":38,"research_verified":48,"research_rounds_completed":49,"research_plan":38,"research_summary":38,"research_vulnerable_code":38,"research_fix_diff":38,"research_exploit_outline":38,"research_model_used":38,"research_started_at":38,"research_completed_at":38,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":48,"poc_model_used":38,"poc_verification_depth":38},"CVE-2025-68083","meks-quick-plugin-disabler-cross-site-request-forgery","Meks Quick Plugin Disabler \u003C= 1.0 - Cross-Site Request Forgery","The Meks Quick Plugin Disabler plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-12-19 17:07:19",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd4271fde-ce9e-416e-8f7d-661a3e777a5d?source=api-prod",[],false,0,{"slug":51,"display_name":7,"profile_url":8,"plugin_count":52,"total_installs":53,"avg_security_score":54,"avg_patch_time_days":55,"trust_score":56,"computed_at":57},"mekshq",14,116900,90,236,72,"2026-05-20T00:34:53.489Z",[59,80,101,125,141],{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":49,"downloaded":67,"rating":49,"num_ratings":49,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":77,"download_link":78,"security_score":79,"vuln_count":49,"unpatched_count":49,"last_vuln_date":38,"fetched_at":30},"quick-disabler","Quick Disabler","1.0.2","Nayon Islam","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebnayon\u002F","\u003Cp>\u003Cstrong>Quick Plugin Disabler\u003C\u002Fstrong> helps you instantly disable all active plugins except itself with a single click.\u003Cbr \u002F>\nNeed to find out which plugin is breaking your site? This tool is built for exactly that.\u003Cbr \u002F>\nUse the \u003Cstrong>Re-enable Plugins\u003C\u002Fstrong> button to bring everything back—no need to reactivate plugins one by one.\u003C\u002Fp>\n\u003Cp>✅ Perfect for:\u003Cbr \u002F>\n– Troubleshooting plugin conflicts\u003Cbr \u002F>\n– Debugging white screen issues\u003Cbr \u002F>\n– Simplifying your dev workflow\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Disable all active plugins (except this one)\u003C\u002Fli>\n\u003Cli>Re-enable them all again\u003C\u002Fli>\n\u003Cli>Powered by AJAX — no page reloads\u003C\u002Fli>\n\u003Cli>Works on multisite\u003C\u002Fli>\n\u003Cli>Lightweight & admin-only access\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Author Information\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Author Name\u003C\u002Fstrong>: Nayon Islam\u003Cbr \u002F>\n\u003Cstrong>Email\u003C\u002Fstrong>: nayonislam105@gmail.com\u003Cbr \u002F>\n\u003Cstrong>Author URL\u003C\u002Fstrong>: https:\u002F\u002Fprofiles.wordpress.org\u002Fwebnayon\u003C\u002Fp>\n","Easily disable all active plugins—except this one—with one click. Re-enable them anytime using AJAX. Perfect for debugging and troubleshooting.",287,"2025-03-29T08:50:00.000Z","6.7.5","5.5","7.0",[73,74,22,75,76],"admin-tools","deactivate-all","disable-plugins","troubleshoot","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquick-disabler\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquick-disabler.zip",92,{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":71,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":99,"download_link":100,"security_score":13,"vuln_count":49,"unpatched_count":49,"last_vuln_date":38,"fetched_at":30},"plugin-load-filter","Plugin Load Filter","4.4.0","enomoto celtislab","https:\u002F\u002Fprofiles.wordpress.org\u002Fenomoto-celtislab\u002F","\u003Cp>Although you may have installed a lot of plugins, you may not want (or need) them activated for all of your posts and pages. With this plugin, you will be able to deactivate unnecessary plugins for each individual post and page.\u003C\u002Fp>\n\u003Cp>By filtering the activation of plugins, you can significantly speed up your website.\u003C\u002Fp>\n\u003Cp>Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Support Post Format type\u003C\u002Fli>\n\u003Cli>Support Custom Post type\u003C\u002Fli>\n\u003Cli>Support Jetpack Modules filtering\u003C\u002Fli>\n\u003Cli>Support WP Embed Content card (is_embed template)\u003C\u002Fli>\n\u003Cli>Support Simple Post Language Locale switcher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition to blog posts and pages, for example providing services as a Web application, you can also distinguish the plugins for blog and Web applications.\u003C\u002Fp>\n\u003Ch4>To further performance up plugin\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fyasakani-cache\u002F\" rel=\"ugc\">YASAKANI Cache\u003C\u002Fa> is a simple and easy to use super high speed page cache.\u003C\u002Fp>\n\u003Cp>For more detailed information, there is an introduction page.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fceltislab.net\u002Fen\u002Fwp-plugin-load-filter\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n","Dynamically activate the selected plugins for each page. Response will be faster by filtering plugins.",8000,184127,96,52,"2026-03-31T03:12:00.000Z","6.3","8.1",[75,96,97,98],"dynamic-deactivate-plugins","locale-switching","performance","https:\u002F\u002Fceltislab.net\u002Fen\u002Fwp-plugin-load-filter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-load-filter.4.4.0.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":54,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":18,"tags":115,"homepage":121,"download_link":122,"security_score":123,"vuln_count":28,"unpatched_count":49,"last_vuln_date":124,"fetched_at":30},"plugin-logic","Plugin Logic","1.1.2","simon_h","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimon_h\u002F","\u003Cp>A possibility to increase the speed of your WordPress page is to deactivate Plugins on pages,\u003Cbr \u002F>\nwhere they are not needed. This Plugin allows you to do this on a easy way.\u003Cbr \u002F>\nSo you can reduce the amount of JavaScript and CSS files which are loaded and SQL queries run at page load.\u003C\u002Fp>\n","Url based plugin deactivation or activation.",8309,94,27,"2025-12-05T17:20:00.000Z","6.9.4","6.2.0",[116,117,118,119,120],"activate-plugins-by-url","deactivate-plugins-by-rules","deactivate-plugins-by-url","disable-plugins-by-page","disable-plugins-by-rules","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-logic\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-logic.1.1.2.zip",99,"2022-12-02 00:00:00",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":49,"num_ratings":49,"last_updated":135,"tested_up_to":113,"requires_at_least":136,"requires_php":137,"tags":138,"homepage":18,"download_link":140,"security_score":13,"vuln_count":49,"unpatched_count":49,"last_vuln_date":38,"fetched_at":30},"fdp-debug","FDP Debug","0.0.6","Jose Mortellaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiuse\u002F","\u003Cp>It adds an action button to collect information to debug Freesoul Deactivate Plugins.\u003Cbr \u002F>\nWithout Freesoul Deactivate Plugins you don’t need this plugin.\u003Cbr \u002F>\nAfter activation, if in the Singles or Archives settings of Freesoul Deactivate Plugins you go with your mouse on a row, you will see the button “DEBUG”.\u003Cbr \u002F>\nClicking on “DEBUG”, you will see some information that you can give to the support of Freesoul Deactivate Plugins. It will be an help for the problem-solving.\u003C\u002Fp>\n\u003Ch3>Backend Speed Optimization\u003C\u002Fh3>\n\u003Cp>Advanced backend optimization to speed up your WordPress admin area.\u003Cbr \u002F>\nRead \u003Ca href=\"https:\u002F\u002Fjosemortellaro.com\u002Fbackend-speed-optimization\u002F\" rel=\"nofollow ugc\">Backend Speed Optimization Service\u003C\u002Fa> for more information.\u003C\u002Fp>\n","It adds an action button to collect information to debug Freesoul Deactivate Plugins. If you don't use Freesoul Deactivate Plugins you don't …",10,2082,"2025-12-10T09:09:00.000Z","4.6","5.6",[22,139],"freesoul-deactivate-plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffdp-debug.0.0.6.zip",{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":149,"downloaded":150,"rating":151,"num_ratings":151,"last_updated":152,"tested_up_to":16,"requires_at_least":153,"requires_php":18,"tags":154,"homepage":160,"download_link":161,"security_score":79,"vuln_count":28,"unpatched_count":49,"last_vuln_date":162,"fetched_at":30},"user-blocker","User Blocker","2.2","solwininfotech","https:\u002F\u002Fprofiles.wordpress.org\u002Fsolwininfotech\u002F","\u003Cp>User Blocker plugin provide the ability to admin to block or unblock user accounts quickly and effortlessly. User can be blocked by Roll or username for specific day & time OR date range Or permanently. When someone tries to log in, and if that user blocked then a friendly error message is displayed on the login screen. You can unblock accounts at any time you want.\u003Cbr \u002F>\nAlso admin can view blocked user list and quickly search user and unblock account if require.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User Blocker Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block user by time (FROM-time to TO-time) for certain week days\u003C\u002Fli>\n\u003Cli>Block user by date (FROM-date to TO-date)\u003C\u002Fli>\n\u003Cli>Block user Permanently\u003C\u002Fli>\n\u003Cli>Unblock user any time\u003C\u002Fli>\n\u003Cli>Block user by UserName OR by Role\u003C\u002Fli>\n\u003Cli>Customizable message for each blocked User OR Blocked Role\u003C\u002Fli>\n\u003Cli>View blocked user list By Time, By Date and Permanently blocked users.\u003C\u002Fli>\n\u003Cli>Easy to search any blocked user by username\u002F email \u002F First name to view blocking status and modify or remove blocking\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Technical Support\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You have any suggestion with User Blocker plugin or you found a bug, please contact us at \u003Ca href=\"http:\u002F\u002Fsupport.solwininfotech.com\" rel=\"nofollow ugc\">support.solwininfotech.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Permissions:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Only administrators are allowed to use this system. People with lower access levels are neither shown the new bulk actions, nor are they allowed to change the status of accounts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important: Plugin does not deactivate any Admin users.\u003C\u002Fstrong>\u003C\u002Fp>\n","To block users from admin side except admin users for specific day,time, and date or permanently.",3000,81777,82,"2024-08-09T14:45:00.000Z","5.4",[155,156,157,158,159],"block-user","deactivate-users","deny-user","disable-users","restrict-user","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-blocker.zip","2022-11-09 00:00:00",{"attackSurface":164,"codeSignals":191,"taintFlows":204,"riskAssessment":205,"analyzedAt":218},{"hooks":165,"ajaxHandlers":187,"restRoutes":188,"shortcodes":189,"cronEvents":190,"entryPointCount":49,"unprotectedCount":49},[166,172,176,180,184],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","plugins_loaded","plugin_textdomain","meks-quick-plugin-disabler.php",41,{"type":167,"name":173,"callback":174,"file":170,"line":175},"admin_init","check",44,{"type":167,"name":177,"callback":178,"file":170,"line":179},"pre_current_active_plugins","action_links",47,{"type":167,"name":181,"callback":182,"file":170,"line":183},"admin_notices","disabled_msg",95,{"type":167,"name":181,"callback":185,"file":170,"line":186},"restored_msg",105,[],[],[],[],{"dangerousFunctions":192,"sqlUsage":193,"outputEscaping":195,"fileOperations":49,"externalRequests":49,"nonceChecks":49,"capabilityChecks":49,"bundledLibraries":203},[],{"prepared":49,"raw":49,"locations":194},[],{"escaped":196,"rawEcho":196,"locations":197},2,[198,201],{"file":170,"line":199,"context":200},69,"raw output",{"file":170,"line":202,"context":200},73,[],[],{"summary":206,"deductions":207},"The meks-quick-plugin-disabler v1.0 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, there are no dangerous functions, no raw SQL queries, and no external HTTP requests, which are all good indicators of secure coding practices. However, a significant concern is the lack of nonce and capability checks across all entry points. This, combined with a medium severity Cross-Site Request Forgery (CSRF) vulnerability in its history that remains unpatched, suggests potential weaknesses in authentication and authorization mechanisms. The plugin's history indicates a past vulnerability that has not been addressed, which is a serious red flag for ongoing security.\n\nWhile the code analysis shows a lack of obvious vulnerabilities like SQL injection or XSS due to prepared statements and some output escaping, the absence of proper nonce and capability checks is a critical oversight. This means that an attacker could potentially trigger plugin actions without proper user authorization. The single medium severity CSRF vulnerability, even if dated, is still a known issue that exposes users to risk. The plugin's strength lies in its minimal attack surface and use of prepared statements, but its weakness is the clear disregard for proper authorization checks, which, combined with historical vulnerabilities, points to a moderate to high-risk plugin that requires immediate attention to patch the known CVE.",[208,211,213,215],{"reason":209,"points":210},"Unpatched medium severity CVE",15,{"reason":212,"points":133},"No nonce checks on entry points",{"reason":214,"points":133},"No capability checks on entry points",{"reason":216,"points":217},"50% of outputs not properly escaped",4,"2026-03-16T18:39:31.134Z",{"wat":220,"direct":225},{"assetPaths":221,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[],[],[],[],{"cssClasses":226,"htmlComments":227,"htmlAttributes":228,"restEndpoints":229,"jsGlobals":230,"shortcodeOutput":231},[],[],[],[],[],[232,233,234],"\u003Ca href=\""," Temporarily disable all active plugins"," Restore disabled plugins",{"error":236,"url":237,"statusCode":238,"statusMessage":239,"message":239},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmeks-quick-plugin-disabler\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":49,"versions":241},[]]