[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5c976-QclMQ-4nBFVEWN4zbdhYkhqiRdg3BpO4OIEwo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":131,"fingerprints":239},"mif-wp-customizer","MIF WP Customizer","1.0.0","asergeev34","https:\u002F\u002Fprofiles.wordpress.org\u002Fasergeev34\u002F","\u003Cp>Plugin of additional WordPress customization for creation of social network site.\u003C\u002Fp>\n\u003Cp>Allows to implement:\u003C\u002Fp>\n\u003Cp>1) placing of user login and logout tools in menu areas and widgets’ areas of\u003Cbr \u002F>\n    stand-alone sites of social network;\u003C\u002Fp>\n\u003Cp>2) functioning of subscription tools for updates of stand-alone sites by\u003Cbr \u002F>\n    members of social network;\u003C\u002Fp>\n\u003Cp>3) improving of management and site navigation tools (toolbar management,\u003Cbr \u002F>\n   page scrolling, page redirection).\u003C\u002Fp>\n\u003Cp>It is oriented on work in WordPress Multisite mode with social networking plugin\u003Cbr \u002F>\nBuddyPress. It can be used in regular WordPress installations for solving individual\u003Cbr \u002F>\ntasks.\u003C\u002Fp>\n","Plugin of additional WordPress customization for creation of social network site.",0,1141,"2018-03-26T17:15:00.000Z","4.9.29","4.8","",[18,19,20,21,22],"adminbar","login","member","multisite","redirect","https:\u002F\u002Fgithub.com\u002Falexey-sergeev\u002Fmif-bp-customizer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmif-wp-customizer.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},2,10,93,30,89,"2026-04-04T05:53:43.509Z",[37,61,81,98,115],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":16,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":11,"last_vuln_date":60,"fetched_at":27},"simple-membership-after-login-redirection","Simple Membership After Login Redirection","2.0","wp.insider","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpinsider-1\u002F","\u003Cp>This addon allows you to configure an after login page for each of the membership access levels you create in your \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-membership\u002F\" rel=\"ugc\">simple membership plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This addon plugin will automatically redirect the members to the appropriate page after they log into your site.\u003C\u002Fp>\n\u003Cp>After you install this addon, edit your membership levels and specify the redirect pages and the addon will take care of the rest.\u003C\u002Fp>\n","An addon for the simple membership plugin to configure after login redirection to a specific page based on the member's level.",10000,217673,96,15,"2026-01-04T01:13:00.000Z","6.9.4","4.5",[19,20,53,54,55],"members","membership","redirection","https:\u002F\u002Fsimple-membership-plugin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-membership-after-login-redirection.2.0.zip",99,1,"2024-09-30 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":16,"tags":76,"homepage":79,"download_link":80,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"jonimo-simple-redirect","jonimo Simple Redirect","1.5","jonimo","https:\u002F\u002Fprofiles.wordpress.org\u002Fjonimo\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fjonimo.com\" rel=\"nofollow ugc\">jonimo\u003C\u002Fa> simple redirect helps your users with different roles get to the right place when they login or logout of your WordPress, WooCommerce or BuddyPress site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set any url (internal or external) to redirect users to on login or logout.\u003C\u002Fli>\n\u003Cli>Redirect users with specific roles to a location just once, or up to nine times.\u003C\u002Fli>\n\u003Cli>After a user has been redirected the required number of times on login, they are automatically redirected to a default location\u003C\u002Fli>\n\u003Cli>The default location is where users will be redirected if no custom location is specified. The default location can be any internal or external url, tag, page or category.\u003C\u002Fli>\n\u003Cli>On logout redirect users to any internal or external url.\u003C\u002Fli>\n\u003Cli>Fully compatible with WordPress 3.9 and BuddyPress 1.9.2 You can give your users an experience more similar to popular social networks by redirecting them to\u003Cbr \u002F>\ntheir personal profile pages, their ‘friends’ menu or the activity stream.\u003C\u002Fli>\n\u003Cli>Fully multisite compatible, giving each site administration control over where the different users of their site are redirected to\u003C\u002Fli>\n\u003Cli>Extendable and built with developers in mind. It’s easy to change the default redirect behaviour using custom filters.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Works with WooCommerce\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fjonimo.com\u002Fproduct\u002Fjonimo-simple-redirect-pro\" rel=\"nofollow ugc\">jonimo simple redirect\u003C\u002Fa> is 100% compatible with Woocommerce, meaning you can login using the woocommerce login form and still redirect users a set number of times to a specific location \u003C\u002Fli>\n\u003Cli>NEW With Woocommerce -> Example: Redirect each user just once to an offer page on login or logout\u003C\u002Fli>\n\u003Cli>NEW With Woocommerce -> Example: Redirect each user with a specific role to a set product category just once on login, and then to any other location on logout.\u003C\u002Fli>\n\u003Cli>NEW With Woocommerce -> Example: Always redirect different users on logout to a thank you for buying screen \u003C\u002Fli>\n\u003Cli>Free support for 1 year\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>= Use examples for a none WooCommerce site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>On login, redirect subscribers to an welcome page just once, and then to the homepage.\u003C\u002Fli>\n\u003Cli>On login, redirect users to any url before reverting to the default location the next time a user logs in.\u003C\u002Fli>\n\u003Cli>On login, redirect BuddyPress users to their profile edit screen a set number of times before redirecting them to their profile.  \u003C\u002Fli>\n\u003Cli>On login, redirect users to a specific blog article just once when they login and then after that to another location. \u003C\u002Fli>\n\u003Cli>On login, encourage users to accept updates to terms and conditions.   \u003C\u002Fli>\n\u003Cli>Always redirect users to a specific location.\u003C\u002Fli>\n\u003Cli>On logout, redirect users to any location, including external sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have any questions, or require support, let us know at \u003Ca href=\"http:\u002F\u002Fjonimo.com\u002Fforums\u002Fsupport\" title=\"jonimo support\" rel=\"nofollow ugc\">jonimo\u003C\u002Fa>\u003C\u002Fp>\n","Easily redirect users with specific roles to any url, page, tag or category a set number of times when they login or logout.",70,8979,100,8,"2014-04-21T20:15:00.000Z","3.9.40","3.0.1",[77,19,78,21,22],"buddypress","logout","http:\u002F\u002Fwww.jonimo.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjonimo-simple-redirect.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":31,"downloaded":89,"rating":11,"num_ratings":11,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":16,"tags":93,"homepage":96,"download_link":97,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"login-customiser","Login Customiser","0.1","Poetic Coding","https:\u002F\u002Fprofiles.wordpress.org\u002Fmikegrant\u002F","\u003Cp>A Simple plugin to customise WP-Login, allowing you to change where users are redirected to upon successful login.\u003C\u002Fp>\n","A Simple plugin to customise WP-Login, allowing you to change where users are redirected to upon successful login.",2229,"2013-08-21T08:03:00.000Z","3.6.1","2.9",[19,94,53,95],"login-redirect","private","http:\u002F\u002Fwww.poeticcoding.co.uk\u002Fplugins\u002Flogin-customiser","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-customiser.0.1.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":31,"downloaded":106,"rating":71,"num_ratings":30,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":113,"download_link":114,"security_score":71,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"primary-redirect","Primary Redirect","2.0.2","Mustafa Uysal","https:\u002F\u002Fprofiles.wordpress.org\u002Fm_uysl\u002F","\u003Cp>Primary Redirect is a powerful WordPress plugin that allows you to customize where users are redirected after logging in. Instead of the default WordPress behavior, you can redirect users to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A custom URL of your choice\u003C\u002Fli>\n\u003Cli>Their primary blog’s dashboard (in multisite installations)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is perfect for:\u003Cbr \u002F>\n* Multisite networks where you want users to go to their primary blog\u003Cbr \u002F>\n* Sites with custom dashboards or landing pages\u003Cbr \u002F>\n* Improving user experience with personalized redirects\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom URL Redirect\u003C\u002Fstrong>: Set any URL as the post-login destination\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Primary Blog Redirect\u003C\u002Fstrong>: Automatically redirect users to their primary blog’s dashboard (multisite)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Network & Single Site Support\u003C\u002Fstrong>: Works on both multisite networks and single WordPress sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Configuration\u003C\u002Fstrong>: Simple settings interface in WordPress admin\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong>: Clean, modern code following WordPress best practices\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Multisite Support\u003C\u002Fh4>\n\u003Cp>On multisite installations, you get additional options:\u003Cbr \u002F>\n* Redirect users to their primary blog’s dashboard\u003Cbr \u002F>\n* Network-wide settings that apply to all sites\u003Cbr \u002F>\n* Override custom URLs with primary blog redirect\u003C\u002Fp>\n\u003Ch4>Single Site Support\u003C\u002Fh4>\n\u003Cp>On single WordPress sites, configure a custom redirect URL that applies to all users after login.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you like this plugin, then consider checking out our other projects:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpoweredcache.com\u002F\" rel=\"friend nofollow ugc\">Powered Cache\u003C\u002Fa> – Caching and Optimization for WordPress – Easily Improve PageSpeed & Web Vitals Score\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fmagic-login-pro\u002F\" rel=\"friend nofollow ugc\">Magic Login Pro\u003C\u002Fa> – Easy, secure, and passwordless authentication for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fpaddlepress-pro\u002F\" rel=\"friend nofollow ugc\">PaddlePress PRO\u003C\u002Fa> – Paddle Plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Feasy-text-to-speech\u002F\" rel=\"friend nofollow ugc\">Easy Text-to-Speech for WordPress\u003C\u002Fa> – Transform your textual content into high-quality synthesized speech with AI.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fhandywriter\u002F\" rel=\"friend nofollow ugc\">Handywriter\u003C\u002Fa> – AI-powered writing assistant that can help you create content for your WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fwp-accessibility-toolkit\u002F\" rel=\"friend nofollow ugc\">WP Accessibility Toolkit\u003C\u002Fa> – A collection of tools to help you make your WordPress more accessible.\u003C\u002Fli>\n\u003C\u002Ful>\n","Redirects users to a custom URL or their primary blog's dashboard after login, replacing the default WordPress behavior.",2644,"2025-07-25T11:39:00.000Z","6.8.5","5.0","7.4",[19,21,112,22,55],"primary","https:\u002F\u002Fhandyplugins.co","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprimary-redirect.2.0.2.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":11,"downloaded":123,"rating":11,"num_ratings":11,"last_updated":124,"tested_up_to":50,"requires_at_least":109,"requires_php":16,"tags":125,"homepage":129,"download_link":130,"security_score":71,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"lck-cloud-connector","LCK cloud Connector","1.0.6","LCK cloud","https:\u002F\u002Fprofiles.wordpress.org\u002Flckcloud\u002F","\u003Cp>\u003Cstrong>Securely turn your existing WordPress content into “Members Only” pages. This plugin provides professional access control and member management.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>“LCK cloud Connector” is an official plugin designed to integrate advanced membership features into your WordPress site without complex coding.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Roles of This Plugin:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can easily set “access restrictions” for existing pages, posts, and categories. By implementing a system where only logged-in users can access specific content, you can properly control the range of information disclosure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security by Data Isolation:\u003C\u002Fstrong>\u003Cbr \u002F>\nUnlike standard membership plugins, it does not store sensitive member data (names, passwords, payment info, etc.) in your WordPress database. By isolating and managing data within the secure LCK cloud environment, you can minimize security risks for your website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features and Solutions:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Membership Management:\u003C\u002Fstrong> Seamless integration and stable operation with LCK cloud.\u003Cbr \u002F>\n* \u003Cstrong>Access Control:\u003C\u002Fstrong> “Members Only” settings for individual pages or entire categories.\u003Cbr \u002F>\n* \u003Cstrong>Automatic Redirect:\u003C\u002Fstrong> Automatically guides non-logged-in users to the secure login screen.\u003Cbr \u002F>\n* \u003Cstrong>No-Code Design:\u003C\u002Fstrong> Admin interface that eliminates the need to edit WordPress \u003Ccode>functions.php\u003C\u002Fcode>.\u003Cbr \u002F>\n* \u003Cstrong>High Reliability:\u003C\u002Fstrong> Provided by a registered “Telecommunications Business Operator (Notification No. E-02-04640)” with the Kinki Bureau of Telecommunications in Japan.\u003C\u002Fp>\n\u003Cp>Ideal for corporate portals, member-only media, and internal document sharing sites. It supports smooth website operation as a secure “Membership Management WordPress” solution.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Related Resources:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwww.lck-cloud.jp\u002F\" rel=\"nofollow ugc\">LCK cloud Official Website\u003C\u002Fa> – Service details and features.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwww.lck-cloud.jp\u002Fmembership-site-creation-guide.html\" rel=\"nofollow ugc\">Membership Site Building Guide\u003C\u002Fa> – Case studies and how to build a membership site.\u003C\u002Fp>\n\u003Ch3>日本語説明\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>WordPressサイトに閲覧制限とセキュアな会員管理機能を。既存のコンテンツを「ログイン限定」へ切り替えるためのプラグインです。\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>「LCK cloud Connector」は、既存のWordPressサイトを活用して、安全な会員制サイトを構築するための公式コネクタです。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>【本プラグインの主な役割】\u003C\u002Fstrong>\u003Cbr \u002F>\n特別なカスタマイズを行うことなく、固定ページ、投稿、カテゴリーに対して「閲覧制限」を設定できます。 特定のユーザーのみがログインしてアクセスできる仕組みを導入することで、情報公開の範囲を適切に制御することが可能です。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>【データ隔離によるセキュリティ設計】\u003C\u002Fstrong>\u003Cbr \u002F>\n会員の個人データ（名前、パスワード、決済情報等）をWordPress側のデータベース内に保持しない設計を採用しています。 国内の専用環境（LCK cloud）でデータを隔離して一元管理する仕組みにより、サイト運営におけるセキュリティのリスクを最小限に抑えられます。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>【主な機能と運用ニーズへの対応】\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>会員管理 WordPress 連携:\u003C\u002Fstrong> LCK cloudとの同期による、安定したメンバーシップ運用。\u003Cbr \u002F>\n* \u003Cstrong>閲覧制限・アクセス制御:\u003C\u002Fstrong> ページやカテゴリー単位での「ログイン限定」設定機能。\u003Cbr \u002F>\n* \u003Cstrong>認証画面への誘導:\u003C\u002Fstrong> 未ログイン者が制限ページにアクセスした際の自動リダイレクト。\u003Cbr \u002F>\n* \u003Cstrong>ノーコード設計:\u003C\u002Fstrong> \u003Ccode>functions.php\u003C\u002Fcode> などのプログラム編集をせず、管理画面から設定可能。\u003Cbr \u002F>\n* \u003Cstrong>国内データセンターの利用:\u003C\u002Fstrong> 総務省近畿総合通信局届出済みの電気通信事業者（届出番号 E-02-04640）による提供・運営。\u003C\u002Fp>\n\u003Cp>法人向けのポータルサイト、会員限定のメディア、社内用資料共有サイトなど、高い信頼性と分かりやすい「会員サイトの作り方」を必要とする環境に適しています。 セキュリティと利便性の両立を目的とした「会員管理 WordPress」のソリューションとして、円滑なサイト運営を支援します。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>【関連リソース】\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwww.lck-cloud.jp\u002F\" rel=\"nofollow ugc\">LCK cloud 公式サイト\u003C\u002Fa> – サービスの詳細はこちら\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwww.lck-cloud.jp\u002Fmembership-site-creation-guide.html\" rel=\"nofollow ugc\">会員サイト構築ガイド\u003C\u002Fa> – 具体的な導入事例や会員サイトの作り方を解説\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to LCK cloud to provide membership authentication and access control services.\u003Cbr \u002F>\n– Purpose: It is used to verify the user’s membership status and control access to restricted pages or categories.\u003Cbr \u002F>\n– Data sent: During access verification, the plugin sends the following data to the LCK cloud server: Registration Number (uno), Group ID (grp), Session ID (cid\u002Flck_cloud_in), and the current Request URL (r).\u003Cbr \u002F>\n– Service provider: LCK cloud\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fwww.lck-cloud.jp\u002Fagree.html\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.lck-cloud.jp\u002Fprivacy.html\u003C\u002Fp>\n","Easily restrict access to your existing WordPress pages and posts. Official connector to build secure membership sites with LCK cloud.",202,"2026-02-09T02:06:00.000Z",[126,94,127,54,128],"access-control","member-management","security","https:\u002F\u002Fwww.lck-cloud.jp\u002Fplugin.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flck-cloud-connector.1.0.6.zip",{"attackSurface":132,"codeSignals":178,"taintFlows":202,"riskAssessment":230,"analyzedAt":238},{"hooks":133,"ajaxHandlers":171,"restRoutes":172,"shortcodes":173,"cronEvents":177,"entryPointCount":59,"unprotectedCount":11},[134,140,145,149,153,158,163,166],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","admin_menu","register_menu_page","inc\\admin-settings-page.php",16,{"type":135,"name":141,"callback":142,"file":143,"line":144},"wp_print_scripts","mif_wpc_button_to_top","inc\\button-to-top.php",13,{"type":135,"name":146,"callback":147,"file":148,"line":144},"widgets_init","mif_wpc_join_to_multisite_widget_init","inc\\join-to-multisite.php",{"type":135,"name":150,"callback":151,"priority":31,"file":148,"line":152},"save_post","mif_wpc_join_to_multisite_automatic",198,{"type":135,"name":154,"callback":155,"file":156,"line":157},"admin_head-nav-menus.php","mif_wpc_login_logout_menu_metabox_register","inc\\login-logout-menu.php",18,{"type":159,"name":160,"callback":161,"priority":31,"file":156,"line":162},"filter","wp_get_nav_menu_items","mif_wpc_login_logout_menu_metabox_links",81,{"type":135,"name":146,"callback":164,"file":165,"line":144},"mif_wpc_user_login_widget_init","inc\\login-logout-widget.php",{"type":135,"name":167,"callback":168,"file":169,"line":170},"wp_enqueue_scripts","mif_wp_customizer_styles","mif-wp-customizer.php",84,[],[],[174],{"tag":22,"callback":175,"file":176,"line":144},"mif_wpc_shortcode_redirect","inc\\shortcodes.php",[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":182,"fileOperations":11,"externalRequests":11,"nonceChecks":30,"capabilityChecks":11,"bundledLibraries":201},[],{"prepared":11,"raw":11,"locations":181},[],{"escaped":183,"rawEcho":184,"locations":185},9,7,[186,189,191,193,195,197,199],{"file":138,"line":187,"context":188},111,"raw output",{"file":148,"line":190,"context":188},102,{"file":148,"line":192,"context":188},132,{"file":156,"line":194,"context":188},51,{"file":156,"line":196,"context":188},57,{"file":165,"line":198,"context":188},109,{"file":165,"line":200,"context":188},138,[],[203,222],{"entryPoint":204,"graph":205,"unsanitizedCount":11,"severity":221},"update_mif_wpc_options (inc\\admin-settings-page.php:131)",{"nodes":206,"edges":218},[207,212],{"id":208,"type":209,"label":210,"file":138,"line":211},"n0","source","$_POST",141,{"id":213,"type":214,"label":215,"file":138,"line":216,"wp_function":217},"n1","sink","update_option() [Settings Manipulation]",149,"update_option",[219],{"from":208,"to":213,"sanitized":220},true,"low",{"entryPoint":223,"graph":224,"unsanitizedCount":11,"severity":221},"\u003Cadmin-settings-page> (inc\\admin-settings-page.php:0)",{"nodes":225,"edges":228},[226,227],{"id":208,"type":209,"label":210,"file":138,"line":211},{"id":213,"type":214,"label":215,"file":138,"line":216,"wp_function":217},[229],{"from":208,"to":213,"sanitized":220},{"summary":231,"deductions":232},"The \"mif-wp-customizer\" v1.0.0 plugin exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and the plugin's limited attack surface are positive indicators.  However, concerns arise from the output escaping, where only 56% of outputs are properly escaped, leaving a significant portion potentially vulnerable to cross-site scripting (XSS) attacks.  While there are no critical or high-severity taint flows and SQL queries are properly prepared, the less than ideal output escaping is a notable weakness. The plugin also has no explicit capability checks on its single shortcode, which could be a concern if the shortcode performs sensitive operations.  Overall, the plugin is relatively secure due to its small footprint and lack of history, but the output escaping deficiency requires attention to mitigate potential XSS vulnerabilities.",[233,235],{"reason":234,"points":72},"Insufficient output escaping",{"reason":236,"points":237},"Lack of capability checks on shortcode",5,"2026-03-17T06:20:14.869Z",{"wat":240,"direct":249},{"assetPaths":241,"generatorPatterns":244,"scriptPaths":245,"versionParams":246},[242,243],"\u002Fwp-content\u002Fplugins\u002Fmif-wp-customizer\u002Fmif-wpc-styles.css","\u002Fwp-content\u002Fplugins\u002Fmif-wp-customizer\u002Fcss\u002Ffont-awesome.min.css",[],[],[247,248],"mif-wpc-styles.css?ver=","font-awesome.min.css?ver=",{"cssClasses":250,"htmlComments":251,"htmlAttributes":252,"restEndpoints":253,"jsGlobals":254,"shortcodeOutput":255},[],[],[],[],[],[]]