[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkF9QxdGCryQgsJ3cJIiXpPXBQICyNO12dC4aagt4qmo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":140,"fingerprints":253},"modify-author-url","Plugin Name:       Modify Author URL","1.0","Jared Harbour","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaredharbour\u002F","\u003Cp>Ever want to change the url used to display your posts?  This plugin\u003Cbr \u002F>\nallows a blog administrator to change a users url slug from their edit profile page.\u003C\u002Fp>\n\u003Cp>The plugin allows for the creation of new author slugs, but also saves old slugs a user has used in the past.\u003C\u002Fp>\n","Allows administrators to modify a users author url from their profile page.",10,1728,0,"2011-02-23T04:56:00.000Z","3.1.4","3.0.1","",[19,20,21],"author","slug","url","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmodify-author-url.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"jaredharbour",3,30,84,"2026-04-04T15:10:55.143Z",[34,55,75,95,118],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":52,"download_link":53,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"wp-author-slug","WP Author Slug","5","Konstantin Obenland","https:\u002F\u002Fprofiles.wordpress.org\u002Fobenland\u002F","\u003Cp>This plugin replaces the author slug with a sanitized version of the user’s display name.\u003C\u002Fp>\n\u003Cp>This plugin will not prevent hackers from finding out your login name but the login name won’t be visible\u003Cbr \u002F>\nin the author archive’s URL, which works towards your friendly URLs with using your display name.\u003C\u002Fp>\n\u003Cp>DO NOT use this on a site with more than 1000 registered users, as updating all of their nicenames at once might break your site.\u003C\u002Fp>\n","Add a layer of security and prevent your login name from being shown in the author archive's URL.",2000,35171,96,19,"2025-09-09T01:07:00.000Z","6.8.5","3.0",[19,50,51,20,21],"author-archive","security","http:\u002F\u002Fen.wp.obenland.it\u002Fwp-author-slug\u002F?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp-author-slug","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-author-slug.5.zip",100,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":44,"num_ratings":31,"last_updated":65,"tested_up_to":47,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":73,"download_link":74,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"edit-author-slug","Edit Author Slug","1.9.2","Brandon Allen","https:\u002F\u002Fprofiles.wordpress.org\u002Fcnorris23\u002F","\u003Cp>This plugin allows full control of your user permalinks, allowing you to change both the author base (the ‘\u002Fauthor\u002F’ portion of the author URLs), and the author slug (defaults to the username of the author). You can set the author base globally, or you can set it to be user-specific based on a user’s role. You now have the power to craft the perfect URL structure for you Author pages.\u003C\u002Fp>\n\u003Cp>WordPress default structure \u003Cem>http:\u002F\u002Fexample.com\u002Fauthor\u002Fusername\u002F\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Edit Author Slug allows for \u003Cem>http:\u002F\u002Fexample.com\u002Fninja\u002Fmaster-ninja\u002F\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Using a role-based author base would allow for \u003Cem>http:\u002F\u002Fexample.com\u002Fida\u002Fmaster-splinter\u002F\u003C\u002Fem> (for an Administrator Role), or \u003Cem>http:\u002F\u002Fexample.com\u002Fkoga\u002Fleonardo\u002F\u003C\u002Fem> (for a Subscriber Role).\u003C\u002Fp>\n\u003Cp>Development of this plugin takes place on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthebrandonallen\u002Fedit-author-slug\u002F\" title=\"Edit Author Slug on Github\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Pull requests are always welcome!\u003C\u002Fp>\n\u003Cp>Translations should be submitted to \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fedit-author-slug\" rel=\"nofollow ugc\">Translate WordPress\u003C\u002Fa>.\u003C\u002Fp>\n","Allows an admin (or capable user) to edit the author slug of a user, and change the author base.",100000,1525613,"2025-05-27T04:15:00.000Z","5.8","7.4",[19,69,70,71,72],"author-base","author-slug","nicename","user-nicename","https:\u002F\u002Fgithub.com\u002Fthebrandonallen\u002Fedit-author-slug\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-author-slug.1.9.2.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":63,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":47,"requires_at_least":87,"requires_php":17,"tags":88,"homepage":93,"download_link":94,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"no-category-base-wpml","No Category Base (WPML)","1.4","DigitalME","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalmeactivecampaign\u002F","\u003Cp>As the name suggests this plugin will completely remove the mandatory ‘Category Base’ from your category permalinks ( e.g. ‘mysite.com\u002Fcategory\u002Fmy-category\u002F’ to ‘mysite.com\u002Fmy-category\u002F’ ).\u003C\u002Fp>\n\u003Cp>The plugin requires no setup or modifying core wordpress files and will not break any links. It will also take care of redirecting your old category links to the new ones.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Better and logical permalinks like ‘mysite.com\u002Fmy-category\u002F’ and ‘mysite.com\u002Fmy-category\u002Fmy-post\u002F’.\u003C\u002Fli>\n\u003Cli>Simple plugin – barely adds any overhead.\u003C\u002Fli>\n\u003Cli>Works out of the box – no setup needed.\u003C\u002Fli>\n\u003Cli>No need to modify WordPress files.\u003C\u002Fli>\n\u003Cli>Doesn’t require other plugins to work.\u003C\u002Fli>\n\u003Cli>Compatible with sitemap plugins.\u003C\u002Fli>\n\u003Cli>Compatible with WPML.\u003C\u002Fli>\n\u003Cli>Works with multiple sub-categories.\u003C\u002Fli>\n\u003Cli>Works with WordPress Multisite.\u003C\u002Fli>\n\u003Cli>Redirects old category permalinks to the new ones (301 redirect, good for SEO).\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin removes the mandatory 'Category Base' from your category permalinks. It's compatible with WPML.",856653,92,33,"2025-11-07T13:46:00.000Z","5.0",[89,90,91,92],"category-base","category-permalinks","category-slug","category-url","https:\u002F\u002Fwww.digitalme.cc\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-category-base-wpml.1.4.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":116,"download_link":117,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"admin-slug-column","Admin Slug Column","2.0.0","Chuck Reynolds","https:\u002F\u002Fprofiles.wordpress.org\u002Fryno267\u002F","\u003Cp>This plugin adds a URL path column to the edit screens for all post types — posts, pages, and any custom post type including WooCommerce products. Child pages show the full nested path. For drafts, pending, and scheduled content the URL path is shown slightly greyed out since it isn’t an official URL yet. Multibyte characters in slugs (non-latin languages) are fully supported.\u003C\u002Fp>\n\u003Cp>I initially built this out of necessity to quickly identify pages by their slug\u002Fpath as sometimes the titles that clients used did’t match up nicely with the URL slug on the front-end of the site; so here’s a fast way to do that. Nothing fancy, just does what it does.\u003C\u002Fp>\n\u003Cp>Do you have a feature you’d like or a bug you’ve found? Feel free to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fchuckreynolds\u002FAdmin-Slug-Column\u002Fissues\" rel=\"nofollow ugc\">make an issue on the github repo\u003C\u002Fa>.\u003C\u002Fp>\n","Adds a URL path column to all admin post type edit screens. Works with posts, pages, and any custom post type including WooCommerce products.",5000,63546,98,31,"2026-03-10T02:49:00.000Z","6.9.4","5.2","8.0",[112,113,114,20,115],"admin-columns","page-titles","permalink","url-path","https:\u002F\u002Fgithub.com\u002Fchuckreynolds\u002FAdmin-Slug-Column","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-slug-column.2.0.0.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":103,"downloaded":126,"rating":54,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":16,"requires_php":130,"tags":131,"homepage":136,"download_link":137,"security_score":84,"vuln_count":138,"unpatched_count":13,"last_vuln_date":139,"fetched_at":25},"wp-custom-author-url","WP Custom Author URL","2.1.0","Poodle Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fpoodleplugins\u002F","\u003Cp>This plugin will allow you to choose a custom URL for your author links, instead of the standard WordPress author page.\u003Cbr \u002F>\nThis can be useful if you want to link to your own Twitter, LinkedIn or other social media profile.\u003C\u002Fp>\n\u003Cp>There are two areas where this plugin can be configured:\u003C\u002Fp>\n\u003Cp>Firstly, a global settings section is available under WordPress Settings. Second, under each users profile page.\u003C\u002Fp>\n\u003Cp>A user can set their own custom URL on their profile page, and this will apply just to them.\u003Cbr \u002F>\nThis can can be overriden by the global admin setting, if the ‘Override Individual Authors’ setting is checked.\u003C\u002Fp>\n\u003Cp>Custom author URL’s also redirect author pages when directly accessed.\u003Cbr \u002F>\nFor example if your user is called Bob, and you try to access https:\u002F\u002Fyourblog.com\u002Fauthor\u002Fbob, it will redirect.\u003C\u002Fp>\n","Set a custom URL for your author name link, on a global or author-specific basis. Also redirects all author pages.",27788,8,"2024-11-01T23:23:00.000Z","6.7.5","5.6",[19,132,133,134,135],"author-url","banner","custom-url","profile","https:\u002F\u002Fpoodleplugins.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-custom-author-url.2.1.0.zip",1,"2023-04-18 00:00:00",{"attackSurface":141,"codeSignals":175,"taintFlows":196,"riskAssessment":239,"analyzedAt":252},{"hooks":142,"ajaxHandlers":171,"restRoutes":172,"shortcodes":173,"cronEvents":174,"entryPointCount":13,"unprotectedCount":13},[143,149,154,156,160,163,167],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","admin_init","init_modify_author_url","authorurl.php",15,{"type":144,"name":150,"callback":151,"file":152,"line":153},"show_user_profile","profile_author_url_field","classes\\authorurl.class.php",14,{"type":144,"name":155,"callback":151,"file":152,"line":148},"edit_user_profile",{"type":144,"name":157,"callback":158,"file":152,"line":159},"edit_user_profile_update","profile_author_url_save",17,{"type":144,"name":161,"callback":158,"file":152,"line":162},"personal_options_update",18,{"type":144,"name":164,"callback":165,"file":152,"line":166},"admin_head","check_permalink",20,{"type":144,"name":168,"callback":169,"file":152,"line":170},"admin_notices","bad_permalink_message",27,[],[],[],[],{"dangerousFunctions":176,"sqlUsage":181,"outputEscaping":184,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":194,"bundledLibraries":195},[177],{"fn":178,"file":152,"line":179,"context":180},"unserialize",52,"$author_urls = unserialize($author_urls[0]);",{"prepared":182,"raw":13,"locations":183},4,[],{"escaped":13,"rawEcho":182,"locations":185},[186,189,191,193],{"file":152,"line":187,"context":188},148,"raw output",{"file":152,"line":190,"context":188},159,{"file":152,"line":192,"context":188},162,{"file":152,"line":192,"context":188},2,[],[197,221],{"entryPoint":198,"graph":199,"unsanitizedCount":194,"severity":220},"profile_author_url_save (classes\\authorurl.class.php:57)",{"nodes":200,"edges":216},[201,206,210],{"id":202,"type":203,"label":204,"file":152,"line":205},"n0","source","$_POST (x2)",75,{"id":207,"type":208,"label":209,"file":152,"line":205},"n1","transform","→ check_nicename()",{"id":211,"type":212,"label":213,"file":152,"line":214,"wp_function":215},"n2","sink","get_var() [SQLi]",112,"get_var",[217,219],{"from":202,"to":207,"sanitized":218},false,{"from":207,"to":211,"sanitized":218},"high",{"entryPoint":222,"graph":223,"unsanitizedCount":194,"severity":220},"\u003Cauthorurl.class> (classes\\authorurl.class.php:0)",{"nodes":224,"edges":234},[225,227,229,230,232],{"id":202,"type":203,"label":204,"file":152,"line":226},67,{"id":207,"type":212,"label":213,"file":152,"line":228,"wp_function":215},106,{"id":211,"type":203,"label":204,"file":152,"line":205},{"id":231,"type":208,"label":209,"file":152,"line":205},"n3",{"id":233,"type":212,"label":213,"file":152,"line":214,"wp_function":215},"n4",[235,237,238],{"from":202,"to":207,"sanitized":236},true,{"from":211,"to":231,"sanitized":218},{"from":231,"to":233,"sanitized":218},{"summary":240,"deductions":241},"The \"modify-author-url\" plugin v1.0 exhibits a mixed security posture. While it has a very small attack surface and no known historical vulnerabilities, the static analysis reveals critical weaknesses.  A significant concern is the presence of the `unserialize` function, which is notoriously dangerous when used with untrusted input, and the taint analysis indicates two flows with unsanitized paths that are rated as high severity. Furthermore, 100% of the plugin's output is not properly escaped, posing a risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce checks on its zero AJAX handlers is also a point of concern, though currently, there are no AJAX handlers to exploit.\n\nThe plugin's lack of historical vulnerabilities is a positive indicator, suggesting good coding practices in the past. However, the current code analysis highlights a concerning reliance on potentially unsafe functions and a failure to properly escape output. The presence of `unserialize` coupled with unsanitized taint flows are the most pressing issues. While the attack surface is currently minimal and there are no known CVEs, the identified code signals warrant attention to prevent future exploitation.",[242,244,247,249],{"reason":243,"points":148},"Dangerous function unserialize used",{"reason":245,"points":246},"High severity unsanitized taint flows",12,{"reason":248,"points":127},"0% output properly escaped",{"reason":250,"points":251},"No nonce checks on AJAX handlers",5,"2026-03-17T00:20:48.384Z",{"wat":254,"direct":259},{"assetPaths":255,"generatorPatterns":256,"scriptPaths":257,"versionParams":258},[],[],[],[],{"cssClasses":260,"htmlComments":262,"htmlAttributes":263,"restEndpoints":264,"jsGlobals":265,"shortcodeOutput":266},[261],"wh-pl-warning",[],[],[],[],[]]