[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4Y30TSnttzzcP_0uUIkkQY42y5de2vQrOBpvYfGCkeg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":140,"fingerprints":363},"members-for-kofi","Members for Ko-fi","1.0.1","trudslev","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrudslev\u002F","\u003Cp>Members for Ko-fi is a WordPress plugin that integrates with Ko-fi to manage WordPress users and roles based on Ko-fi webhooks. This plugin allows you to automate user role assignments, log donations (in a database table), and manage memberships seamlessly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Automatically assign roles to users based on Ko-fi donations or memberships.\u003Cbr \u002F>\n– Log user actions, such as donations and role changes, in a dedicated database table (no file logging).\u003Cbr \u002F>\n– Lightweight debug logging to the PHP error log when WP_DEBUG is enabled.\u003Cbr \u002F>\n– Fully compatible with GDPR and WordPress privacy tools.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use Cases:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Reward your Ko-fi supporters with exclusive access to content or features.\u003Cbr \u002F>\n– Automate user role management for subscription-based memberships.\u003Cbr \u002F>\n– Track and log user activity for better insights.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv3 or later. See the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">GNU General Public License\u003C\u002Fa> for more details.\u003C\u002Fp>\n","Integrate with Ko-fi to manage WordPress users or roles via webhook.",10,253,0,"2025-09-06T11:34:00.000Z","6.8.5","5.6","7.4",[19,20,21,22,23],"ko-fi","membership","roles","user-management","webhook","https:\u002F\u002Fgithub.com\u002Ftrudslev\u002Fmembers-for-kofi","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmembers-for-kofi.1.0.1.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,94,"2026-04-04T06:52:08.402Z",[36,60,79,100,121],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":31,"unpatched_count":13,"last_vuln_date":59,"fetched_at":28},"members","Members – Membership & User Role Editor Plugin","3.2.19","Blair Williams","https:\u002F\u002Fprofiles.wordpress.org\u002Fsupercleanse\u002F","\u003Cp>Members is a roles and capabilities based WordPress membership plugin. It gives your users the ultimate member experience by giving you powerful tools to add roles and capabilities and assign them to your users.\u003C\u002Fp>\n\u003Cp>Members allows you to set permissions to restrict content on your site by providing a simple user interface (UI) for WordPress’ powerful roles and capabilities system, which has traditionally only been available to developers who know how to code this by hand.\u003C\u002Fp>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Role Editor:\u003C\u002Fstrong> Allows you to edit, create, and delete roles as well as capabilities for these roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple User Roles:\u003C\u002Fstrong> Give one, two, or even more roles to any user.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Explicitly Deny Capabilities:\u003C\u002Fstrong> Deny specific capabilities to specific user roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clone Roles:\u003C\u002Fstrong> Build a new role by cloning an existing role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content Permissions \u002F Restricted Content:\u003C\u002Fstrong> Protect content to determine which users (by role) have access to post content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcodes:\u003C\u002Fstrong> Shortcodes to control who has access to content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widgets:\u003C\u002Fstrong> A login form widget and users widget to show in your theme’s sidebars.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Private Site:\u003C\u002Fstrong> You can make your site and its feed completely private if you want.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin Integration:\u003C\u002Fstrong> Members is highly recommended by other WordPress developers. Many existing plugins integrate their custom roles and capabilities directly into it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Seamless MemberPress Integration\u003C\u002Fh4>\n\u003Cp>If you’re looking to build a business out of your membership site by creating paid memberships there’s no better way than to \u003Ca href=\"https:\u002F\u002Fmemberpress.com\u002Fplans\u002Fpricing\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=integration_1\" rel=\"nofollow ugc\">use MemberPress\u003C\u002Fa>. Members and \u003Ca href=\"https:\u002F\u002Fmemberpress.com\u002Fplans\u002Fpricing\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=integration_2\" rel=\"nofollow ugc\">MemberPress\u003C\u002Fa> work together to provide the ultimate member experience and will help you start and profit from your amazing WordPress membership sites!\u003C\u002Fp>\n\u003Ch4>All Add-ons are now included\u003C\u002Fh4>\n\u003Cp>Members now includes ALL of it’s add-ons completely free of charge! Here are some of the awesome features they add to Members:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Permissions:\u003C\u002Fstrong> Allows site owners to hide or show blocks based on user logged-in status, user role, or capability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Caps:\u003C\u002Fstrong> Creates additional capabilities for control over WordPressâ€™ privacy and personal data features (GDPR).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Access:\u003C\u002Fstrong> Allows site administrators to control which users have access to the WordPress admin via role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Core Create Caps:\u003C\u002Fstrong> Adds the create_posts and create_pages caps to posts\u002Fpages to separate them from their edit_* counterparts, providing more flexible editing capabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories and Tag Caps:\u003C\u002Fstrong> The Category and Tag Caps add-on creates custom capabilities for the core category and post tag taxonomies. This allows site owners to have precise control over who can manage, edit, delete, or assign categories\u002Ftags.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role Levels:\u003C\u002Fstrong> Exposes the old user levels system, which fixes the WordPress author drop-down bug when users don’t have a role with one of the assigned levels.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role Hierarchy:\u003C\u002Fstrong> Creates a hierarchical roles system.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACF Integration:\u003C\u002Fstrong> Creates custom capabilities for the Advanced Custom Fields (ACF) plugin for managing with the Members plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>EDD Integration:\u003C\u002Fstrong> Integrates the Easy Digital Downloads plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GiveWP Integration:\u003C\u002Fstrong> Integrates the GiveWP and GiveWP Recurring Donations plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Meta Box Integration:\u003C\u002Fstrong> Integrates the Meta Box plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Integration:\u003C\u002Fstrong> Integrates the WooCommerce plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more info, visit the \u003Ca href=\"https:\u002F\u002Fmembers-plugin.com\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=learn_more\" rel=\"nofollow ugc\">Members plugin home page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Like this plugin?\u003C\u002Fh3>\n\u003Cp>The Members plugin is a massive project with 1,000s of lines of code to maintain. A major update can take weeks or months of work. We don’t make any money directly from this plugin while other, similar plugins charge substantial fees to even download them or get updates. Please consider helping the cause by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmemberpress.com\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=memberpress_upgrade\" rel=\"nofollow ugc\">Adding MemberPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmembers\u002Freviews\u002F?filter=5#new-post\" rel=\"ugc\">Rating the plugin\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you need plugin support from us, you can \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmembers\u002F\" rel=\"ugc\">visit our support page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Plugin Development\u003C\u002Fh3>\n\u003Cp>If you’re a theme author, plugin author, or just a code hobbyist, you can follow the development of this plugin on it’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcaseproof\u002Fmembers\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","The best WordPress membership and user role editor plugin. User Roles & Capabilities editor helps you restrict content in just a few clicks.",300000,6754890,98,1242,"2026-02-13T16:00:00.000Z","6.9.4","6.0",[52,53,54,55,21],"access","capabilities","memberships","permissions","https:\u002F\u002Fmembers-plugin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmembers.3.2.19.zip",99,"2024-12-10 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":26,"num_ratings":31,"last_updated":70,"tested_up_to":49,"requires_at_least":71,"requires_php":16,"tags":72,"homepage":76,"download_link":77,"security_score":26,"vuln_count":31,"unpatched_count":13,"last_vuln_date":78,"fetched_at":28},"ko-fi-button","Ko-fi Button","1.3.10","koficommunity","https:\u002F\u002Fprofiles.wordpress.org\u002Fkoficommunity\u002F","\u003Cp>Ko-fi is a fast and friendly way to earn money from your blog, website or project.\u003C\u002Fp>\n\u003Cp>Create your free page at ko-fi.com in just a few minutes and link your PayPal or Stripe account to start receiving donations.\u003C\u002Fp>\n\u003Cp>Use the Plugin to add a Ko-fi button or donation panel to any widget area, sidebar or use the shortcode [kofi] to add a button to any page or post.\u003C\u002Fp>\n\u003Cp>Not sure where to start? \u003Ca href=\"https:\u002F\u002Fhelp.ko-fi.com\u002Fhc\u002Fen-us\u002Farticles\u002F115004002614-Adding-a-Ko-fi-Button-to-your-WordPress-site-or-blog\" rel=\"nofollow ugc\">Take a look at our guide!\u003C\u002Fa>\u003C\u002Fp>\n","Receive donations on your Ko-fi page with a button on your WordPress site.",5000,87139,"2025-12-12T01:46:00.000Z","4.6",[73,19,20,74,75],"donate-plugin","monetization","paypal-donate","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fko-fi-button.1.3.10.zip","2023-04-25 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":26,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":76,"tags":93,"homepage":96,"download_link":97,"security_score":98,"vuln_count":31,"unpatched_count":31,"last_vuln_date":99,"fetched_at":28},"user-registration-aide","User Registration Aide","1.5.3.8","bnovotny","https:\u002F\u002Fprofiles.wordpress.org\u002Fbnovotny\u002F","\u003Cp>Customize the entire user management experience to your own liking!. Now you can have all user management features in one plugin! Includes New User Approve and Email Verification Features new in 1.5.3.0 and optional lost password security questions. Also allows you to add additional fields of any input type to registration form and profile for better user management and control. Customize the Default WordPress Registration Form & Login Page CSS & Messaging.  It also helps reduce unwanted spam registrations. Has anti-spam built in, customize default WordPress login\u002Fregistration forms both in design and messaging, adds agreement policy and link to policy to registration form for members, can create custom redirects after login and registration, templates for password change and lost password and email verification, custom password strength options, and password update management. Can limit amount of time between password changes and the number of times before duplicate passwords allowed, set minimum password length and also require special characters, upper and lower case letters and numbers so your site is made more secure. New templates allow you to use custom password strength for both lost password and reset password options.\u003C\u002Fp>\n\u003Cp>WordPress User Registration Aide allows you to require more fields when a new user registers. This not only can help to stop spammers, but it can also increase your user management capabilities and services for your user base. All the new fields that you add also are added to existing users profiles, but the users will have to fill them out of course, but any new users will be required to fill out these fields if they are included in the registration process. The new fields can be any variety, select, text, radio button or checkbox, and all the standard html input types, and optional if you like.\u003C\u002Fp>\n\u003Cp>New in 1.5.3.0\u003Cbr \u002F>\nNew User Approve Feature\u003Cbr \u002F>\nNew User Email Verification Feature\u003Cbr \u002F>\nLost Password Reset Form Security Question for added Security.\u003Cbr \u002F>\nAll user features are added to the all users table for easy access to approve, deny, resend emails, activate, and delete denied users.\u003C\u002Fp>\n\u003Cp>Another important option is that you can also add new fields to the users profile page but not require them for registration, so you can increase you user management capabilities. This is an exciting new feature for Web-masters that wish to increase contact options, communications, and information obtained from your user base.\u003C\u002Fp>\n\u003Cp>Plugin Features:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Easy to use\nQuickly and easily add new fields to user registration\nAdd your own custom fields or existing fields like First Name, Last Name & Nickname to the registration form\nReduce bots and spammers with additional fields on the registration form\nGet better control over your user base\nNew fields are added to existing WordPress User Profiles!\nIncrease your knowledge of, and interaction with your customers & users!\nAdd Custom Logo & Messages to Registration & Login Pages!\nAdd Custom Background Image or Background Color to Login & Registration Pages!\nAnti-Spam Math Problem\nPassword Strength Meter\nCustom Password Strength Options to Create Your Own Password Strength Definition\nChoose custom display name fields for users by roles or for all users\nForce New Users to change password after getting password from email\nForce Existing Users to change password after specified amount of time\nNot allow same password to be used for specified number of times\nOptional fields on registration form -- Use or don't use * for required fields\nDifferent input types for fields like checkbox, select, radio buttons, numbers\nNew User Approve\u002FDeny\u002FDelete Feature\nNew User Email Verification\nLost Password Reset Security Questions\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Read more: http:\u002F\u002Fcreative-software-design-solutions.com\u002Fwordpress-user-registration-aide-force-add-new-user-fields-on-registration-form\u002F#ixzz22CCABfOx\u003C\u002Fp>\n\u003Cp>Instructions: http:\u002F\u002Fcreative-software-design-solutions.com\u002Fwp-content\u002Fuploads\u002F2017\u002F05\u002FUSER_REGISTRATION_AIDE_INSTRUCTIONS.pdf\u003C\u002Fp>\n\u003Cp>Instruction Video for using new filters to fix URA custom page template styling issues: https:\u002F\u002Fyoutu.be\u002Fnar71ttdjVg\u003C\u002Fp>\n","Adds custom user fields to better manage users & members & customize login-registration page css & messages. Lets you customize the entire &hellip;",79354,66,20,"2017-05-01T19:50:00.000Z","4.7.32","4.4",[37,20,94,95,22],"registration","user","http:\u002F\u002Fcreative-software-design-solutions.com\u002Fwordpress-user-registration-aide-force-add-new-user-fields-on-registration-form\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-registration-aide.zip",63,"2025-06-08 00:00:00",{"slug":22,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":13,"num_ratings":13,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":117,"download_link":118,"security_score":88,"vuln_count":119,"unpatched_count":31,"last_vuln_date":120,"fetched_at":28},"User Management","1.2","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>User Management for WordPress gives you the power to manage users and their data from a centralized dashboard Import\u002FExport\u002FUpdate user data by roles and filters.\u003C\u002Fp>\n\u003Cp>User Management for WordPress gives admin the ability to import or export user details on a website. You can easily import or export WP users, roles, and capabilities via CSV file in just a few clicks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin is also compatible with the WooCommerce plugin\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Import user details via CSV file.\u003C\u002Fli>\n\u003Cli>Import WP user roles & capabilities via CSV file.\u003C\u002Fli>\n\u003Cli>Export details of WP users to a CSV file.\u003C\u002Fli>\n\u003Cli>Export specific users by roles and capabilities.\u003C\u002Fli>\n\u003Cli>Export specific users in general.\u003C\u002Fli>\n\u003Cli>Export roles and capabilities only.\u003C\u002Fli>\n\u003Cli>Export profile information with the user metadata (your custom field in CSV).\u003C\u002Fli>\n\u003Cli>Create\u002Fupdate user details easily.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>REQUIREMENTS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 5.0+\u003C\u002Fli>\n\u003Cli>PHP 7.0+\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpexperts.io\u002Fdocumentation\u002Fuser-management\" rel=\"nofollow ugc\">Click Here\u003C\u002Fa> to read complete documentation of the product. The documentation includes a step-by-step installation and configuration guide, system specifications, troubleshooting, and support.\u003C\u002Fp>\n\u003Ch3>Major Update\u003C\u002Fh3>\n\u003Cp>This is major update of our plugin please make sure you have take backup before updating this plugin.\u003C\u002Fp>\n","User Import Export plugin allows you to export and import WordPress Users and Roles.",60,2777,"2024-12-09T07:50:00.000Z","6.7.5","6.7","7.0",[95,114,22,115,116],"user-approval","user-profiles","user-roles","https:\u002F\u002Fwpexperts.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-management.1.2.zip",2,"2025-01-14 00:00:00",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":26,"num_ratings":131,"last_updated":76,"tested_up_to":49,"requires_at_least":132,"requires_php":17,"tags":133,"homepage":76,"download_link":138,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":139},"role-based-content-restrictor","Role Based Content Restrictor","1.2.0","inzidev","https:\u002F\u002Fprofiles.wordpress.org\u002Finzidev\u002F","\u003Cp>\u003Cstrong>Role Based Content Restrictor\u003C\u002Fstrong> allows you to restrict access to individual posts, pages, and custom post types based on user roles.\u003C\u002Fp>\n\u003Cp>You can:\u003Cbr \u002F>\n* Allow specific roles per page\u002Fpost.\u003Cbr \u002F>\n* Set a \u003Cstrong>custom redirect page\u003C\u002Fstrong> per post.\u003Cbr \u002F>\n* Configure a \u003Cstrong>global fallback redirect\u003C\u002Fstrong> from the plugin settings.\u003Cbr \u002F>\n* Optionally display a message or notice on the redirect page.\u003C\u002Fp>\n\u003Cp>Perfect for:\u003Cbr \u002F>\n* Membership sites\u003Cbr \u002F>\n* Learning Management Systems (LMS)\u003Cbr \u002F>\n* Intranets and company portals\u003Cbr \u002F>\n* Client dashboards or gated content areas\u003C\u002Fp>\n\u003Cp>Lightweight, developer-friendly, and works with any theme or builder (Elementor, Gutenberg, etc.).\u003C\u002Fp>\n\u003Ch3>About the Author\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Inzamam Abbasi\u003C\u002Fstrong> – Professional WordPress Developer with over 10 years of experience, specializing in \u003Cstrong>custom plugin development\u003C\u002Fstrong> and scalable WordPress solutions.\u003Cbr \u002F>\nI’ve successfully delivered 1,000+ projects, including membership systems, e-learning platforms, booking systems, and more.\u003C\u002Fp>\n\u003Cp>Learn more at \u003Ca href=\"https:\u002F\u002Finzidev.com\" rel=\"nofollow ugc\">inzidev.com\u003C\u002Fa>\u003C\u002Fp>\n","Restrict access to pages, posts, and custom post types by user roles. Redirect unauthorized users to a custom page or a global fallback.",50,363,3,"5.8",[134,135,20,136,137],"access-control","content","restrict","roles-based-content-restrictor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frole-based-content-restrictor.zip","2026-03-15T10:48:56.248Z",{"attackSurface":141,"codeSignals":217,"taintFlows":269,"riskAssessment":354,"analyzedAt":362},{"hooks":142,"ajaxHandlers":188,"restRoutes":209,"shortcodes":210,"cronEvents":211,"entryPointCount":216,"unprotectedCount":13},[143,149,154,157,160,163,168,169,172,174,177,180,185],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","plugins_loaded","closure","members-for-kofi.php",52,{"type":144,"name":150,"callback":151,"file":152,"line":153},"admin_init","register_settings","src\\Admin\\AdminSettings.php",57,{"type":144,"name":155,"callback":156,"file":152,"line":107},"admin_enqueue_scripts","enqueue_admin_scripts",{"type":144,"name":158,"callback":146,"file":159,"line":153},"init","src\\Cron\\RoleExpiryChecker.php",{"type":144,"name":161,"callback":162,"file":159,"line":88},"kofi_members_check_role_expiry","remove_expired_roles",{"type":144,"name":164,"callback":165,"file":166,"line":167},"admin_menu","add_menu","src\\Plugin.php",49,{"type":144,"name":150,"callback":151,"file":166,"line":129},{"type":144,"name":158,"callback":170,"file":166,"line":171},"initialize_logger",51,{"type":144,"name":158,"callback":173,"file":166,"line":148},"initialize_cron",{"type":144,"name":158,"callback":175,"file":166,"line":176},"add_rewrite_rules",53,{"type":144,"name":178,"callback":146,"file":166,"line":179},"template_redirect",54,{"type":181,"name":182,"callback":183,"file":166,"line":184},"filter","query_vars","initialize_query_vars",75,{"type":144,"name":186,"callback":146,"file":166,"line":187},"kofi_members_check_expired_roles",208,[189,194,198,202,205],{"action":190,"nopriv":191,"callback":192,"hasNonce":193,"hasCapCheck":193,"file":152,"line":98},"members_for_kofi_pagination",false,"handle_pagination",true,{"action":195,"nopriv":191,"callback":196,"hasNonce":193,"hasCapCheck":191,"file":152,"line":197},"members_for_kofi_clear_logs","handle_clear_logs",64,{"action":199,"nopriv":191,"callback":200,"hasNonce":193,"hasCapCheck":191,"file":152,"line":201},"members_for_kofi_update_rows_per_page","handle_update_rows_per_page",65,{"action":203,"nopriv":191,"callback":204,"hasNonce":193,"hasCapCheck":191,"file":152,"line":88},"members_for_kofi_filter_logs","handle_filter_logs",{"action":206,"nopriv":191,"callback":207,"hasNonce":193,"hasCapCheck":191,"file":152,"line":208},"members_for_kofi_refresh_logs","handle_refresh_logs",67,[],[],[212,214],{"hook":161,"callback":161,"file":159,"line":213},61,{"hook":186,"callback":186,"file":166,"line":215},204,5,{"dangerousFunctions":218,"sqlUsage":219,"outputEscaping":229,"fileOperations":31,"externalRequests":13,"nonceChecks":216,"capabilityChecks":31,"bundledLibraries":268},[],{"prepared":11,"raw":131,"locations":220},[221,224,227],{"file":152,"line":222,"context":223},433,"$wpdb->get_var() with variable interpolation",{"file":152,"line":225,"context":226},514,"$wpdb->query() with variable interpolation",{"file":152,"line":228,"context":223},615,{"escaped":230,"rawEcho":231,"locations":232},62,18,[233,236,238,240,242,243,245,247,249,251,253,255,257,259,261,262,264,266],{"file":152,"line":234,"context":235},232,"raw output",{"file":152,"line":237,"context":235},235,{"file":152,"line":239,"context":235},237,{"file":152,"line":241,"context":235},252,{"file":152,"line":12,"context":235},{"file":152,"line":244,"context":235},271,{"file":152,"line":246,"context":235},284,{"file":152,"line":248,"context":235},309,{"file":152,"line":250,"context":235},310,{"file":152,"line":252,"context":235},327,{"file":152,"line":254,"context":235},329,{"file":152,"line":256,"context":235},332,{"file":152,"line":258,"context":235},346,{"file":152,"line":260,"context":235},362,{"file":152,"line":130,"context":235},{"file":152,"line":263,"context":235},724,{"file":152,"line":265,"context":235},731,{"file":166,"line":267,"context":235},70,[],[270,292,303,315,326],{"entryPoint":271,"graph":272,"unsanitizedCount":119,"severity":291},"handle_pagination (src\\Admin\\AdminSettings.php:471)",{"nodes":273,"edges":288},[274,279,283],{"id":275,"type":276,"label":277,"file":152,"line":278},"n0","source","$_POST (x2)",492,{"id":280,"type":281,"label":282,"file":152,"line":278},"n1","transform","→ render_logs_table()",{"id":284,"type":285,"label":286,"file":152,"line":263,"wp_function":287},"n2","sink","echo() [XSS]","echo",[289,290],{"from":275,"to":280,"sanitized":191},{"from":280,"to":284,"sanitized":191},"medium",{"entryPoint":293,"graph":294,"unsanitizedCount":119,"severity":291},"handle_update_rows_per_page (src\\Admin\\AdminSettings.php:533)",{"nodes":295,"edges":300},[296,298,299],{"id":275,"type":276,"label":277,"file":152,"line":297},541,{"id":280,"type":281,"label":282,"file":152,"line":297},{"id":284,"type":285,"label":286,"file":152,"line":265,"wp_function":287},[301,302],{"from":275,"to":280,"sanitized":191},{"from":280,"to":284,"sanitized":191},{"entryPoint":304,"graph":305,"unsanitizedCount":131,"severity":291},"handle_filter_logs (src\\Admin\\AdminSettings.php:550)",{"nodes":306,"edges":312},[307,310,311],{"id":275,"type":276,"label":308,"file":152,"line":309},"$_POST (x3)",557,{"id":280,"type":281,"label":282,"file":152,"line":309},{"id":284,"type":285,"label":286,"file":152,"line":263,"wp_function":287},[313,314],{"from":275,"to":280,"sanitized":191},{"from":280,"to":284,"sanitized":191},{"entryPoint":316,"graph":317,"unsanitizedCount":131,"severity":291},"handle_refresh_logs (src\\Admin\\AdminSettings.php:565)",{"nodes":318,"edges":323},[319,321,322],{"id":275,"type":276,"label":308,"file":152,"line":320},572,{"id":280,"type":281,"label":282,"file":152,"line":320},{"id":284,"type":285,"label":286,"file":152,"line":263,"wp_function":287},[324,325],{"from":275,"to":280,"sanitized":191},{"from":280,"to":284,"sanitized":191},{"entryPoint":327,"graph":328,"unsanitizedCount":11,"severity":291},"\u003CAdminSettings> (src\\Admin\\AdminSettings.php:0)",{"nodes":329,"edges":349},[330,333,337,339,342,345,347],{"id":275,"type":276,"label":331,"file":152,"line":332},"$_POST",569,{"id":280,"type":285,"label":334,"file":152,"line":335,"wp_function":336},"get_results() [SQLi]",638,"get_results",{"id":284,"type":276,"label":308,"file":152,"line":338},570,{"id":340,"type":285,"label":286,"file":152,"line":341,"wp_function":287},"n3",696,{"id":343,"type":276,"label":344,"file":152,"line":278},"n4","$_POST (x10)",{"id":346,"type":281,"label":282,"file":152,"line":278},"n5",{"id":348,"type":285,"label":286,"file":152,"line":263,"wp_function":287},"n6",[350,351,352,353],{"from":275,"to":280,"sanitized":193},{"from":284,"to":340,"sanitized":193},{"from":343,"to":346,"sanitized":191},{"from":346,"to":348,"sanitized":191},{"summary":355,"deductions":356},"The \"members-for-kofi\" plugin v1.0.1 exhibits a generally strong security posture based on the provided static analysis. All identified entry points, including AJAX handlers, are protected by authentication checks, which is a significant positive. The plugin also demonstrates good practices by utilizing prepared statements for a majority of its SQL queries and properly escaping most of its output. The absence of known CVEs and a clean vulnerability history further contribute to this positive assessment.\n\nHowever, a critical concern arises from the taint analysis, which reveals five flows with unsanitized paths. While these flows are not categorized as critical or high severity, the presence of unsanitized paths indicates a potential risk for input validation vulnerabilities. Additionally, the plugin performs file operations and has one capability check. Although the specific nature and security implications of these are not detailed, they represent areas that warrant closer inspection. The overall security is good due to robust entry point protection and standard practices, but the taint analysis highlights a specific area for improvement and vigilance.\n\nIn conclusion, \"members-for-kofi\" v1.0.1 is likely a secure plugin due to its focus on authentication and basic security measures. The lack of known vulnerabilities is reassuring. The primary area of concern is the five unsanitized paths identified in the taint analysis, which could potentially lead to security issues if not handled carefully in subsequent code reviews or updates. The presence of file operations and a capability check, while not inherently insecure, require careful implementation to avoid introducing vulnerabilities.",[357,360],{"reason":358,"points":359},"Unsanitized paths in taint analysis",15,{"reason":361,"points":131},"File operations present","2026-03-17T00:45:37.068Z",{"wat":364,"direct":375},{"assetPaths":365,"generatorPatterns":369,"scriptPaths":370,"versionParams":371},[366,367,368],"\u002Fwp-content\u002Fplugins\u002Fmembers-for-kofi\u002Fassets\u002Fcss\u002Fadmin-styles.css","\u002Fwp-content\u002Fplugins\u002Fmembers-for-kofi\u002Fassets\u002Fjs\u002Fadmin-settings.js","\u002Fwp-content\u002Fplugins\u002Fmembers-for-kofi\u002Fassets\u002Fjs\u002Ffrontend.js",[],[367,368],[372,373,374],"members-for-kofi\u002Fassets\u002Fcss\u002Fadmin-styles.css?ver=","members-for-kofi\u002Fassets\u002Fjs\u002Fadmin-settings.js?ver=","members-for-kofi\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":376,"htmlComments":380,"htmlAttributes":384,"restEndpoints":391,"jsGlobals":393,"shortcodeOutput":395},[377,378,379],"members-for-kofi-settings-section","members-for-kofi-settings-field","members-for-kofi-tier-mapping-row",[381,382,383],"\u003C!-- Members for Ko-fi Settings -->","\u003C!-- Ko-fi Tier Mapping -->","\u003C!-- Role Expiry Settings -->",[385,386,387,388,389,390],"data-kofi-members-ajax-url","data-kofi-members-pagination-nonce","data-kofi-members-clear-logs-nonce","data-kofi-members-rows-per-page-nonce","data-kofi-members-filter-nonce","data-kofi-members-refresh-logs-nonce",[392],"\u002Fwp-json\u002Fmembers-for-kofi\u002Fv1\u002Fwebhook",[394],"kofiMembers",[]]