[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzmj_7_TX9oGWjZ8L6ARownyxiTMcSRgWmWoEmGeyvvc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":147,"fingerprints":277},"milesweb-tools","MilesWeb Tools","1.0.2","MilesWeb","https:\u002F\u002Fprofiles.wordpress.org\u002Fmilesweb\u002F","\u003Cp>\u003Cstrong>MilesWeb Tools\u003C\u002Fstrong> is a powerful WordPress plugin designed to enhance your site’s functionality and security. It helps you manage security settings, maintenance mode, enforce HTTPS, disable file editing, log user activity, track storage usage, and provides detailed insights into active and inactive themes and plugins.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable\u002Fdisable maintenance mode.\u003C\u002Fli>\n\u003Cli>Force HTTPS redirection.\u003C\u002Fli>\n\u003Cli>Disable file editing in the WordPress admin panel.\u003C\u002Fli>\n\u003Cli>Disable XML-RPC to prevent security vulnerabilities.\u003C\u002Fli>\n\u003Cli>Track user logins.\u003C\u002Fli>\n\u003Cli>Display active theme details and inactive theme storage usage.\u003C\u002Fli>\n\u003Cli>Show active\u002Finactive plugins, including their size, and memory usage.\u003C\u002Fli>\n\u003Cli>Identify outdated plugins and themes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>Manage security, maintenance, and user logging while monitoring storage usage in one plugin.\u003C\u002Fp>\n\u003Ch3>License & Credits\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later. Contributions from the WordPress community are appreciated.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, visit MilesWeb Support or the WordPress support forums.\u003C\u002Fp>\n","MilesWeb Tools is a powerful WordPress plugin designed to enhance your site's functionality and security. It helps you manage security settings,  &hellip;",7000,16743,0,"2025-07-25T11:31:00.000Z","6.8.5","5.6","7.4",[19,20,21,22,23],"maintenance","plugin-info","security","storage-usage","user-logging","https:\u002F\u002Fmilesweb.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmilesweb-tools.1.0.2.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"milesweb",1,30,94,"2026-04-04T11:04:43.846Z",[37,60,80,103,127],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":58,"vuln_count":32,"unpatched_count":13,"last_vuln_date":59,"fetched_at":28},"hostinger","Hostinger Tools","3.0.59","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Tools is an all-in-one plugin designed to streamline essential tasks for WordPress site administrators. This plugin offers a range of features to help you manage your site’s information, maintenance mode, security, and redirects effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Basic Info\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the current WordPress version with automatic update checks.\u003C\u002Fli>\n\u003Cli>Shows the current PHP version with automatic update checks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Maintenance Mode\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable or disable maintenance mode for your site.\u003C\u002Fli>\n\u003Cli>Provide a URL to bypass maintenance mode for selected users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Security\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable XML-RPC requests to enhance your site’s security.\u003C\u002Fli>\n\u003Cli>Enable or disable Authorize application page to enhance your site’s security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Redirects\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force all URLs to use HTTPS for secure browsing.\u003C\u002Fli>\n\u003Cli>Force all URLs to use WWW to ensure consistency in site access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>LLMs.txt Generation\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically generate a structured LLMs.txt file in Markdown format.\u003C\u002Fli>\n\u003Cli>Include website title, description, posts, pages, and products (if WooCommerce is active).\u003C\u002Fli>\n\u003Cli>Keep the file updated when content changes or new content is published.\u003C\u002Fli>\n\u003Cli>Help AI-powered tools better understand and interact with your website content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hostinger Tools is the new version of the previous Hostinger plugin, offering an updated and enhanced experience.\u003Cbr \u002F>\nThe Onboarding assistant and the Learning section previously included in this plugin were moved to the separate plugin Hostinger Easy Onboarding.\u003C\u002Fp>\n","Simplified WordPress management. Manage site info, maintenance, security, & redirects.",3000000,16730722,60,25,"2026-03-03T11:48:00.000Z","6.9.4","5.5","8.1",[38,54,19,21,55],"https","tools","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger.3.0.59.zip",99,"2024-01-05 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":26,"num_ratings":70,"last_updated":71,"tested_up_to":50,"requires_at_least":72,"requires_php":16,"tags":73,"homepage":77,"download_link":78,"security_score":26,"vuln_count":32,"unpatched_count":13,"last_vuln_date":79,"fetched_at":28},"xo-security","XO Security","3.10.8","ishitaka","https:\u002F\u002Fprofiles.wordpress.org\u002Fishitaka\u002F","\u003Cp>XO Security is a plugin to enhance login related security.\u003Cbr \u002F>\nThis plugin does not write to .htaccess file. Besides Apache, LiteSpeed, Nginx and IIS also work.\u003C\u002Fp>\n\u003Ch4>Functions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Record login log.\u003C\u002Fli>\n\u003Cli>Limit login attempts.\u003C\u002Fli>\n\u003Cli>Add Captcha to the login form and comment form.\u003C\u002Fli>\n\u003Cli>Change the URL of the login page.\u003C\u002Fli>\n\u003Cli>Enable two-factor authentication (2FA) for login.\u003C\u002Fli>\n\u003Cli>Login Alert.\u003C\u002Fli>\n\u003Cli>Disable login by mail address.\u003C\u002Fli>\n\u003Cli>Disable login by user name.\u003C\u002Fli>\n\u003Cli>Change login error message.\u003C\u002Fli>\n\u003Cli>Disable XML-RPC and XML-RPC Pingback.\u003C\u002Fli>\n\u003Cli>Disable REST API.\u003C\u002Fli>\n\u003Cli>Disable author archive page.\u003C\u002Fli>\n\u003Cli>Remove comment author class of comments list.\u003C\u002Fli>\n\u003Cli>Remove the username from the oEmbed response data.\u003C\u002Fli>\n\u003Cli>WooCommerce login page protection.\u003C\u002Fli>\n\u003Cli>Anti-spam comment.\u003C\u002Fli>\n\u003Cli>Hide WordPress version information.\u003C\u002Fli>\n\u003Cli>Edit the author slug.\u003C\u002Fli>\n\u003Cli>Disable RSS and Atom feeds.\u003C\u002Fli>\n\u003Cli>Activate maintenance mode.\u003C\u002Fli>\n\u003Cli>Delete the readme.html file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress multisite considerations\u003C\u002Fh4>\n\u003Cp>If you set the login page separately for the main site and the subsite, you will not be able to use the password loss function of the subsite. We recommend that you set the login page to be common to all sites.\u003C\u002Fp>\n","XO Security is a plugin to enhance login related security.",30000,351892,11,"2025-12-06T00:29:00.000Z","4.9",[74,75,19,21,76],"brute-force","login","two-factor","https:\u002F\u002Fxakuro.com\u002Fwordpress\u002Fxo-security\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxo-security.3.10.8.zip","2017-02-07 00:00:00",{"slug":81,"name":82,"version":83,"author":81,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":50,"requires_at_least":92,"requires_php":17,"tags":93,"homepage":98,"download_link":99,"security_score":100,"vuln_count":101,"unpatched_count":13,"last_vuln_date":102,"fetched_at":28},"mainwp","MainWP Dashboard: Self-hosted WordPress Management for Agencies","6.0.3","https:\u002F\u002Fprofiles.wordpress.org\u002Fmainwp\u002F","\u003Cp>Managing multiple WordPress sites can be a time-consuming and frustrating task. The \u003Ca href=\"https:\u002F\u002Fmainwp.com\u002F\" rel=\"nofollow ugc\">MainWP Dashboard\u003C\u002Fa> empowers you to take back your time by allowing you to efficiently manage and secure all your WordPress sites from your own centralized Dashboard.\u003C\u002Fp>\n\u003Cp>Designed for agencies, freelancers, and web professionals, MainWP offers comprehensive control with a privacy-first approach. Harness the power of MainWP for updates, backups, and more, ensuring your sites are always running smoothly and securely.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features for Advanced WordPress Management:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Centralized Updates: Keep all your WordPress sites up-to-date with single-click updates.\u003C\u002Fli>\n\u003Cli>Secure Backups: Implement scheduled or on-demand backups for complete site security.\u003C\u002Fli>\n\u003Cli>Manage both your sites and your clients with the Client Management module\u003C\u002Fli>\n\u003Cli>The built-in Cost Tracker allows you to easily keep track of client costs\u003C\u002Fli>\n\u003Cli>Private and Self-hosted: Your data stays yours, with full privacy and control.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Stop the Software as a Service (SaaS) Treadmill:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Built on WordPress’s core principles, the MainWP Dashboard plugin is uniquely positioned as the go-to solution for WordPress management. It combines ease of use with robust features and unmatched privacy.\u003C\u002Fp>\n\u003Cp>The MainWP plugins are open-source and privacy-focused and come with their own privacy policies to ensure that the plugins do not collect any personally identifiable information (PII).\u003C\u002Fp>\n\u003Cp>The MainWP Dashboard is extendable, allowing third-party developers to hook into it. It also provides support for CLI and has its own REST API, so anything you need or want to run your business your way can be developed for your MainWP Dashboard.\u003C\u002Fp>\n\u003Cp>All of this makes MainWP the best non-SaaS alternative to ManageWP, InfiniteWP, WPRemote, and WP Umbrella.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Getting Started with MainWP:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MainWP is designed to be user-friendly and intuitive, even for those new to WordPress management plugins. With a straightforward setup process and a clean, organized dashboard, you’ll be able to start managing your WordPress sites efficiently in no time.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Setting up MainWP is straightforward—install the dashboard on a private WordPress site, add the MainWP Child plugin to your other WordPress sites, and take control.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Your Guarantee of Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The MainWP plugins come with their own \u003Ca href=\"https:\u002F\u002Fmainwp.com\u002Fmainwp-plugin-privacy-policy\u002F\" rel=\"nofollow ugc\">privacy policies\u003C\u002Fa> to ensure that the plugins do not collect any personally identifiable information (PII).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How Is MainWP Free? What’s the Catch? How Will You Continue to Pay Development Costs?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MainWP Dashboard is \u003Ca href=\"https:\u002F\u002Fmainwp.com\u002Fmainwp-free-features\u002F\" rel=\"nofollow ugc\">100% FREE\u003C\u002Fa> and always will be. Whether you manage 5 sites or 5,000, the core dashboard remains free.\u003C\u002Fp>\n\u003Cp>We make money by offering \u003Ca href=\"https:\u002F\u002Fmainwp.com\u002Fsignup\u002F\" rel=\"nofollow ugc\">MainWP Pro\u003C\u002Fa>, which provides access to a wide range of premium add-ons. These premium add-ons are organized into two clear categories:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Integrations:\u003C\u002Fstrong>\u003Cbr \u002F>\nAdd-ons in this category enable seamless connections with popular third-party services and plugins, allowing you to integrate the tools you already use directly into your MainWP Dashboard.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Extensions:\u003C\u002Fstrong>\u003Cbr \u002F>\nThese are custom-built, standalone add-ons developed exclusively for the MainWP Dashboard, designed to add unique and specialized functionality to enhance your WordPress management experience.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more details, visit our \u003Ca href=\"https:\u002F\u002Fmainwp.com\u002Fmainwp-add-ons\u002F\" rel=\"nofollow ugc\">Premium Add-ons\u003C\u002Fa> page and see how our free and pro features compare at \u003Ca href=\"https:\u002F\u002Fmainwp.com\u002Ffree-vs-pro\u002F\" rel=\"nofollow ugc\">Free vs. Pro: Know the Difference\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Experience the MainWP Difference\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Are you ready to take the hassle out of managing your WordPress sites? MainWP makes it easy to keep everything updated, secure, and running just the way you need it. With over 20k site owners trusting MainWP with over 700k WordPress sites, every day, you’ll quickly see how much simpler website management can be. Try it today and feel the difference for yourself!\u003C\u002Fp>\n","Run updates, backups, security and reporting across all client sites from your own server. Keep data private and prove your value with branded reports &hellip;",20000,1648191,98,2341,"2026-03-10T15:41:00.000Z","6.2",[94,95,21,96,97],"backups","manage-multiple-wordpress-sites","update","wordpress-maintenance","https:\u002F\u002Fmainwp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmainwp.6.0.3.zip",97,6,"2024-02-27 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":123,"download_link":124,"security_score":125,"vuln_count":32,"unpatched_count":13,"last_vuln_date":126,"fetched_at":28},"wp-secure-maintainance","WP Secure Maintenance","1.7","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>Want to lock your site for Maintenance or Development? Then this is the right Plugin. Using WP Secure Maintenance you can lock the whole site with a seceret PIN.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set password to protect your site for maintenance or development\u003C\u002Fli>\n\u003Cli>Set your own logo or use default logo\u003C\u002Fli>\n\u003Cli>Change placeholder text for WP Secure Maintenance login form\u003C\u002Fli>\n\u003Cli>Change Submit button label for WP Secure Maintenance’s login form\u003C\u002Fli>\n\u003Cli>Change Error text for WP Secure Maintenance’s login form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Docs & Support\u003C\u002Fh4>\n\u003Cp>Will be available soon.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you are looking for WordPress Admin Security, use our Free WP SECURE ADMIN plugin.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsecure-wp-admin\u002F\" rel=\"ugc\">WP SECURE ADMIN\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Interested in contributing to WP Secure Maintenance\u003C\u002Fstrong>\u003Cbr \u002F>\nHead over to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpexpertsio\u002FWP-Secure-Maintainance\" rel=\"nofollow ugc\">WP Secure Maintenance \u003Cstrong>GitHub Repository\u003C\u002Fstrong>\u003C\u002Fa> to find out how you can pitch in 😉\u003C\u002Fp>\n","Want to lock your site for Maintenance or Development? Then this is the right Plugin",1000,56320,72,5,"2024-06-20T07:15:00.000Z","6.5.8","5.2","7.0",[120,19,121,122],"development","maintenance-lock","site-security","https:\u002F\u002Fwpexperts.io\u002Fproducts\u002Fwp-secure-maintenance\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-secure-maintainance.1.7.zip",91,"2024-06-21 00:00:00",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":13,"num_ratings":13,"last_updated":137,"tested_up_to":138,"requires_at_least":72,"requires_php":16,"tags":139,"homepage":144,"download_link":145,"security_score":125,"vuln_count":32,"unpatched_count":13,"last_vuln_date":146,"fetched_at":28},"password-for-wp","Password for WP","1.6.1","get3code","https:\u002F\u002Fprofiles.wordpress.org\u002Fget3code\u002F","\u003Cp>Add a password for the entire WordPress website in a simple and quick way. You can edit the background and add a message to the user. The plugin is completely free.\u003C\u002Fp>\n\u003Ch3>Upgrading\u003C\u002Fh3>\n\u003Cp>For manual upgrades via FTP, deactivate and reactivate the plugin to ensure it works correctly.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Plugin translations will be added in future versions.\u003C\u002Fp>\n","Add a password for the entire WordPress website. Edit the background and message. Free and simple to use.",200,3721,"2025-01-03T12:40:00.000Z","6.7.5",[140,141,142,143,21],"maintenance-mode","password","password-protect","restrict-content","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-for-wp.1.6.1.zip","2024-12-11 15:10:43",{"attackSurface":148,"codeSignals":221,"taintFlows":246,"riskAssessment":273,"analyzedAt":276},{"hooks":149,"ajaxHandlers":205,"restRoutes":217,"shortcodes":218,"cronEvents":219,"entryPointCount":220,"unprotectedCount":13},[150,155,158,162,166,171,175,179,185,189,192,195,200],{"type":151,"name":152,"callback":153,"file":154,"line":101},"action","admin_init","milesweb_settings_register","includes\\admin-page.php",{"type":151,"name":156,"callback":157,"file":154,"line":48},"admin_menu","milesweb_settings_menu",{"type":151,"name":159,"callback":160,"priority":26,"file":154,"line":161},"admin_bar_menu","milesweb_settings_toolbar_menu",38,{"type":151,"name":163,"callback":164,"priority":32,"file":165,"line":101},"init","milesweb_force_https_redirect","includes\\https-redirect.php",{"type":151,"name":167,"callback":168,"file":169,"line":170},"template_redirect","milesweb_maintenance_mode","includes\\maintenance-mode.php",7,{"type":151,"name":172,"callback":173,"file":169,"line":174},"wp_enqueue_scripts","milesweb_enqueue_maintenance_stylesheet",8,{"type":151,"name":176,"callback":177,"priority":26,"file":178,"line":174},"wp_footer","mw_force_footer_output","includes\\mymw-footer.php",{"type":180,"name":181,"callback":182,"file":183,"line":184},"filter","xmlrpc_enabled","__return_false","includes\\security-settings.php",17,{"type":180,"name":186,"callback":187,"file":183,"line":188},"wp_headers","closure",19,{"type":151,"name":190,"callback":191,"priority":32,"file":183,"line":33},"plugins_loaded","milesweb_disable_xmlrpc",{"type":151,"name":156,"callback":193,"file":194,"line":114},"milesweb_admin_menu","includes\\security-shield.php",{"type":151,"name":196,"callback":197,"priority":198,"file":199,"line":101},"wp_login","milesweb_log_user_login",10,"includes\\user-logging.php",{"type":151,"name":201,"callback":202,"file":203,"line":204},"admin_enqueue_scripts","milesweb_enqueue_assets","milesweb.php",59,[206,211,214],{"action":207,"nopriv":208,"callback":207,"hasNonce":209,"hasCapCheck":209,"file":210,"line":101},"milesweb_save_setting",false,true,"includes\\ajax-handler.php",{"action":212,"nopriv":208,"callback":212,"hasNonce":209,"hasCapCheck":209,"file":213,"line":58},"milesweb_delete_theme","includes\\theme-plugin-info.php",{"action":215,"nopriv":208,"callback":215,"hasNonce":209,"hasCapCheck":209,"file":213,"line":216},"milesweb_delete_plugin",124,[],[],[],3,{"dangerousFunctions":222,"sqlUsage":223,"outputEscaping":226,"fileOperations":13,"externalRequests":224,"nonceChecks":220,"capabilityChecks":114,"bundledLibraries":245},[],{"prepared":224,"raw":13,"locations":225},2,[],{"escaped":227,"rawEcho":170,"locations":228},129,[229,232,234,236,238,241,243],{"file":169,"line":230,"context":231},44,"raw output",{"file":169,"line":233,"context":231},51,{"file":169,"line":235,"context":231},52,{"file":169,"line":237,"context":231},53,{"file":239,"line":240,"context":231},"templates\\admin-view.php",136,{"file":239,"line":242,"context":231},137,{"file":239,"line":244,"context":231},148,[],[247,265],{"entryPoint":248,"graph":249,"unsanitizedCount":13,"severity":264},"milesweb_save_setting (includes\\ajax-handler.php:8)",{"nodes":250,"edges":262},[251,256],{"id":252,"type":253,"label":254,"file":210,"line":255},"n0","source","$_POST (x2)",13,{"id":257,"type":258,"label":259,"file":210,"line":260,"wp_function":261},"n1","sink","update_option() [Settings Manipulation]",18,"update_option",[263],{"from":252,"to":257,"sanitized":209},"low",{"entryPoint":266,"graph":267,"unsanitizedCount":13,"severity":264},"\u003Cajax-handler> (includes\\ajax-handler.php:0)",{"nodes":268,"edges":271},[269,270],{"id":252,"type":253,"label":254,"file":210,"line":255},{"id":257,"type":258,"label":259,"file":210,"line":260,"wp_function":261},[272],{"from":252,"to":257,"sanitized":209},{"summary":274,"deductions":275},"The \"milesweb-tools\" v1.0.2 plugin exhibits a strong security posture based on the provided static analysis. The plugin demonstrates good practices by implementing nonce checks and capability checks for all identified AJAX entry points, leaving no unprotected entry points. Furthermore, the code utilizes prepared statements for all SQL queries and a high percentage of output is properly escaped, minimizing the risk of common vulnerabilities like SQL injection and Cross-Site Scripting (XSS). The absence of file operations and any critical or high-severity taint flows further strengthens its security.  The plugin's vulnerability history is entirely clear, with no recorded CVEs, indicating a lack of known exploitable flaws. This suggests a diligent development process or a relatively new plugin with limited exposure. While the plugin has a small attack surface and no documented past vulnerabilities, the presence of two external HTTP requests without further context could represent a minor area of concern, as these requests could potentially be leveraged in certain attack scenarios if not handled securely by the remote endpoint.",[],"2026-03-16T17:58:47.755Z",{"wat":278,"direct":293},{"assetPaths":279,"generatorPatterns":285,"scriptPaths":286,"versionParams":287},[280,281,282,283,284],"\u002Fwp-content\u002Fplugins\u002Fmilesweb-tools\u002Fassets\u002Fcss\u002Fmw-style.css","\u002Fwp-content\u002Fplugins\u002Fmilesweb-tools\u002Fassets\u002Fjs\u002Fmw-script.js","\u002Fwp-content\u002Fplugins\u002Fmilesweb-tools\u002Fassets\u002Fjs\u002Fchart-script.js","\u002Fwp-content\u002Fplugins\u002Fmilesweb-tools\u002Fassets\u002Fjs\u002Fchart.js","\u002Fwp-content\u002Fplugins\u002Fmilesweb-tools\u002Fassets\u002Fcss\u002Fmaintenance-mode.css",[],[281,282,283],[288,289,290,291,292],"milesweb-tools\u002Fassets\u002Fcss\u002Fmw-style.css?ver=","milesweb-tools\u002Fassets\u002Fjs\u002Fmw-script.js?ver=","milesweb-tools\u002Fassets\u002Fjs\u002Fchart-script.js?ver=","milesweb-tools\u002Fassets\u002Fjs\u002Fchart.js?ver=","milesweb-tools\u002Fassets\u002Fcss\u002Fmaintenance-mode.css?ver=",{"cssClasses":294,"htmlComments":298,"htmlAttributes":299,"restEndpoints":302,"jsGlobals":303,"shortcodeOutput":306},[295,296,297],"mainbodytag","coming-soon","coming-soon-a",[],[300,301],"data-milesweb-ajax-url","data-milesweb-nonce",[],[304,305],"mileswebAjax","storageData",[]]