[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdqGuvggPqsbxEwhdmKoxdPPrQgJI-OJSXFMqNLh0q2U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":138,"fingerprints":210},"multisite-administration-tools","Multisite Administration Tools","1.21","Aaron Axelsen","https:\u002F\u002Fprofiles.wordpress.org\u002Faxelseaa\u002F","\u003Cp>The Multisite Administration Tools plugin adds additional columns to the Sites, Plugins and Themes tables in the Network Admin interface.\u003C\u002Fp>\n\u003Cp>On the Sites table, two additional columns are added to allow admins to easily view the theme of the site, and also any plugins that are enabled.\u003C\u002Fp>\n\u003Cp>On the Themes table, there is an additional column added which allows the administrator to see all sites that are actively using that theme.\u003C\u002Fp>\n\u003Cp>On the Plugins table, there is an additional column added which allows the administrator to see all sites that are actively using that plugin.\u003C\u002Fp>\n","Adds information to the network admin sites, plugins and themes page. Allows you to easily see what theme and plugins are enabled on a site.",10,3393,100,2,"2025-12-21T16:29:00.000Z","6.9.4","5.8","7.2",[20,21,22,23,24],"admintools","multisite","network","plugins","themes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultisite-administration-tools\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-administration-tools.1.21.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"axelseaa",3,170,95,139,76,"2026-04-04T16:22:37.195Z",[40,61,76,97,116],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":13,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":54,"download_link":59,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"plugin-activation-status","Plugin Activation Status","1.0.2.1","Curtiss Grymala","https:\u002F\u002Fprofiles.wordpress.org\u002Fcgrymala\u002F","\u003Cp>Plugin Activation Status makes it easier for owners of multisite and multi-network WordPress installations to perform plugin audits on their installations. The plugin generates a list of plugins that are not currently active on any sites or networks. It generates a separate list of plugins that are active somewhere within the installation, and provides details about where and how those plugins are activated.\u003C\u002Fp>\n\u003Cp>This plugin first retrieves a full list of all of the plugins that are network-activated throughout your installation. Then, it loops through all of the sites in your installation, retrieving a list of all of the active plugins on each site. Next, it runs a diff between the full list of installed plugins and the list of all active plugins.\u003C\u002Fp>\n\u003Cp>Once it retrieves all of that information, it outputs two separate lists.\u003C\u002Fp>\n\u003Cp>The first list is the list of Inactive Plugins; all plugins that are installed, but not activated anywhere within WordPress will be listed there. The second list shows all of the Active Plugins; all plugins that are installed and activated somewhere within WordPress are shown there.\u003C\u002Fp>\n\u003Cp>Within the Active Plugins list, each plugin also has a list of all of the places the plugin is active (at the top, a list of all of the places it’s network-active; at the bottom, all of the places it’s normally-activated).\u003C\u002Fp>\n\u003Cp>When the plugin generates the lists of plugins, it stores those lists as site options in the database, so the lists can be retrieved for reference without using any additional server resources. If you would like to remove those cached lists and generate new lists, you simply have to click the Continue button on the admin page.\u003C\u002Fp>\n","Scans a multisite or multi-network installation to identify all plugins that are active or not.",26167,92,14,"2018-04-03T19:04:00.000Z","4.9.29","3.8","",[56,57,21,58,23],"active","multi-network","network-active","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-activation-status.1.0.2.1.zip",85,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":27,"downloaded":69,"rating":27,"num_ratings":27,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":54,"download_link":75,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"veo-multisite-plugin-manager","VEO Multisite Plugin Manager","1.3.2","kebes","https:\u002F\u002Fprofiles.wordpress.org\u002Fkebes\u002F","\u003Cp>VEO Multisite Plugin Manager allows you to:\u003Cbr \u002F>\n– View which plugins are active globally.\u003Cbr \u002F>\n– See the sites where plugins are individually active.\u003Cbr \u002F>\n– Quickly navigate to the plugin pages of specific sites.\u003C\u002Fp>\n","Manage and monitor plugin activation across WordPress Multisite networks.",290,"2025-08-26T11:38:00.000Z","6.7.5","4.6","7.0",[21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fveo-multisite-plugin-manager.1.3.2.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":54,"tags":91,"homepage":95,"download_link":96,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"automatic-updater","Advanced Automatic Updates","1.0.2","Gary Pendergast","https:\u002F\u002Fprofiles.wordpress.org\u002Fpento\u002F","\u003Cp>Advanced Automatic Updates adds extra options to WordPress’ built-in Automatic Updates feature. On top of security updates, it also supports installing major releases, plugins, themes, or even regular SVN checkouts!\u003C\u002Fp>\n\u003Cp>If you’re working on a WordPress Multisite install, it will properly restrict the options page to your Network Admin.\u003C\u002Fp>\n\u003Cp>While this will be useful for the vast majority of sites, please exercise caution, particularly if you have any custom themes or plugins running on your site.\u003C\u002Fp>\n","Adds extra options to WordPress' built-in Automatic Updates feature.",30000,255107,94,61,"2021-06-04T00:46:00.000Z","5.0.25","3.7",[92,23,93,24,94],"core","stable","updates","http:\u002F\u002Fpento.net\u002Fprojects\u002Fautomatic-updater-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-updater.1.0.2.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":13,"num_ratings":107,"last_updated":108,"tested_up_to":16,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":114,"download_link":115,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"kp-zip-downloader","KP Zip Downloader","1.0.3","Kalpesh Prajapati","https:\u002F\u002Fprofiles.wordpress.org\u002Fkprajapati22\u002F","\u003Cp>KP Zip Downloader provides an easy way to download installed plugins and themes as ZIP files directly from your WordPress admin dashboard. This tool is particularly useful for developers, site administrators, or anyone needing to quickly access the source files for migration or backup purposes.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Download any installed plugin as a ZIP file.\u003C\u002Fli>\n\u003Cli>Download any installed theme as a ZIP file.\u003C\u002Fli>\n\u003Cli>Fully integrated with the WordPress admin dashboard.\u003C\u002Fli>\n\u003Cli>Simple and intuitive user interface.\u003C\u002Fli>\n\u003Cli>Lightweight and efficient.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows administrators to download installed plugins and themes as ZIP files directly from the WordPress dashboard.",2000,9366,1,"2025-12-06T19:54:00.000Z","5.0","7.4",[112,23,24,113],"download","zip","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkp-zip-downloader","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkp-zip-downloader.1.0.3.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":105,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":54,"tags":130,"homepage":134,"download_link":135,"security_score":136,"vuln_count":107,"unpatched_count":27,"last_vuln_date":137,"fetched_at":29},"unconfirmed","Unconfirmed","1.3.7","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>If you run a WordPress or BuddyPress installation, you probably know that some of the biggest administrative headaches come from the activation process. Activation emails may be caught by spam filters, deleted unwillingly, or simply not understood. Yet WordPress itself has no UI for viewing and managing unactivated members.\u003C\u002Fp>\n\u003Cp>Unconfirmed creates a Dashboard panel under the Users menu (Network Admin > Users on Multisite) that shows a list of unactivated user registrations. For each registration, you have the option of resending the original activation email, or manually activating the user.\u003C\u002Fp>\n\u003Cp>Note that the plugin works for the following configurations:\u003Cbr \u002F>\n1. Multisite, with or without BuddyPress\u003Cbr \u002F>\n2. Single site, with BuddyPress used for user registration\u003C\u002Fp>\n\u003Cp>There is currently no support for single-site WP registration without BuddyPress.\u003C\u002Fp>\n","Allows WordPress admins to manage unactivated users, by activating them manually, deleting their pending registrations, or resending the activation em &hellip;",246166,90,47,"2023-12-04T19:58:00.000Z","6.4.8","3.1",[131,132,133,21,22],"activate","activation","email","http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Funconfirmed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funconfirmed.1.3.7.zip",84,"2014-04-11 00:00:00",{"attackSurface":139,"codeSignals":172,"taintFlows":197,"riskAssessment":198,"analyzedAt":209},{"hooks":140,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":27,"unprotectedCount":27},[141,147,152,156,160,164],{"type":142,"name":143,"callback":144,"file":145,"line":146},"filter","manage_sites-network_columns","msadmintools_sites_add_columns","multisite-administration-tools.php",181,{"type":148,"name":149,"callback":150,"priority":11,"file":145,"line":151},"action","manage_sites_custom_column","msadmintools_sites_render_column",260,{"type":142,"name":153,"callback":154,"file":145,"line":155},"manage_themes-network_columns","msadmintools_themes_add_column",275,{"type":148,"name":157,"callback":158,"priority":11,"file":145,"line":159},"manage_themes_custom_column","msadmintools_themes_render_column",302,{"type":142,"name":161,"callback":162,"file":145,"line":163},"manage_plugins-network_columns","msadmintools_plugins_add_column",317,{"type":148,"name":165,"callback":166,"priority":11,"file":145,"line":167},"manage_plugins_custom_column","msadmintools_plugins_render_column",344,[],[],[],[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":196},[],{"prepared":27,"raw":27,"locations":175},[],{"escaped":177,"rawEcho":177,"locations":178},8,[179,182,184,186,188,190,192,194],{"file":145,"line":180,"context":181},213,"raw output",{"file":145,"line":183,"context":181},216,{"file":145,"line":185,"context":181},219,{"file":145,"line":187,"context":181},232,{"file":145,"line":189,"context":181},294,{"file":145,"line":191,"context":181},299,{"file":145,"line":193,"context":181},336,{"file":145,"line":195,"context":181},341,[],[],{"summary":199,"deductions":200},"The plugin \"multisite-administration-tools\" v1.21 exhibits a generally strong security posture based on the provided static analysis. There are no identified entry points like AJAX handlers, REST API routes, or shortcodes that are accessible without authentication, indicating a good practice in limiting the attack surface. Furthermore, the code signals show no dangerous functions, all SQL queries utilize prepared statements, and there are no file operations or external HTTP requests, which are all positive indicators of secure coding. The complete absence of known CVEs and a clean vulnerability history further bolster its security profile.\n\nHowever, there are areas for concern. The analysis reveals that only 50% of the identified output operations are properly escaped. This leaves a significant portion of the plugin's output potentially vulnerable to cross-site scripting (XSS) attacks if user-supplied data is not rigorously sanitized before being displayed. Additionally, the lack of any nonce checks or capability checks on the (hypothetically present) entry points is a notable weakness. While the attack surface is currently zero, any future additions without these fundamental security mechanisms could introduce significant vulnerabilities.\n\nIn conclusion, the plugin demonstrates excellent security by default through its minimal attack surface and secure handling of core functionalities like database interactions. Its clean vulnerability history is a strong testament to its current stability. The primary weaknesses lie in the incomplete output escaping and the complete absence of authorization checks on entry points, which, despite the current lack of entry points, represents a potential risk for future development. Addressing the output escaping and ensuring proper authorization are implemented for any future additions would further solidify its security.",[201,204,207],{"reason":202,"points":203},"Incomplete output escaping",4,{"reason":205,"points":206},"Missing nonce checks on entry points",5,{"reason":208,"points":206},"Missing capability checks on entry points","2026-03-17T00:39:38.796Z",{"wat":211,"direct":220},{"assetPaths":212,"generatorPatterns":214,"scriptPaths":215,"versionParams":217},[213],"\u002Fwp-content\u002Fplugins\u002Fmultisite-administration-tools\u002Fmsadmintools.css",[],[216],"\u002Fwp-content\u002Fplugins\u002Fmultisite-administration-tools\u002Fmsadmintools.js",[218,219],"multisite-administration-tools\u002Fmsadmintools.css?ver=","multisite-administration-tools\u002Fmsadmintools.js?ver=",{"cssClasses":221,"htmlComments":223,"htmlAttributes":224,"restEndpoints":225,"jsGlobals":226,"shortcodeOutput":227},[222],"msadmintools-plugin-details",[],[],[],[],[]]