[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJkiK8buonFM23SpPSXMPSMH_rvcqK6f8fXNs99cduZ4":3,"$fkj5YxUVQkb8Dil7NJ44NXzq-FEqz8N1g6g_BjxZMYyg":205,"$fQur0ILEu3pZGhboyiO3vcVcrNZjg3CpyVBk1r-X4GgY":210},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":135,"fingerprints":189},"multisite-user-role-sync","Multisite User Role Sync","1.0","Shawn","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawnxlw\u002F","\u003Cp>Say goodbye to the headache of managing users in a multisite network! Now when a user visits a blog in the network, the user will be added to the blog with your specified roles automatically.\u003C\u002Fp>\n\u003Cp>Here is how this plugin works:\u003C\u002Fp>\n\u003Col>\n\u003Cli>When a user visits a site, this plugin checks if the user is already a member of the site.\u003C\u002Fli>\n\u003Cli>If the user is a member, do nothing.\u003C\u002Fli>\n\u003Cli>Otherwise add the user to the site with the user\\’s role in blog #1, or a role specified by you. \u003Cem>[Sync Role]\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>If the user is not an existing member of blog #1, the user will be added with a role specified by you. \u003Cem>[Default Role]\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>When a user\\’s role is updated, the user\\’s new role can be updated across all the bogs the user is member of. \u003Cem>[Role Update]\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Fol>\n","Automatically add users to peer blogs in a multisite network.",10,2696,100,3,"2016-09-01T04:32:00.000Z","4.6.30","3.2","",[20,21,22,23,24],"blog","multisite","network","roles","user","https:\u002F\u002Fshawnwang.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-user-role-sync.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":27,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"shawnxlw",2,20,30,84,"2026-05-20T10:10:48.257Z",[41,59,78,97,118],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":13,"num_ratings":35,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":57,"download_link":58,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-over-network","WP Over Network","0.4.4","yuka2py","https:\u002F\u002Fprofiles.wordpress.org\u002Fyuka2py\u002F","\u003Cp>Add ability to get posts from over your network sites. Supports widget, shortcode, and customizable original function.\u003C\u002Fp>\n\u003Cp>Use the following:\u003C\u002Fp>\n\u003Ch4>In template\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php \n\nget_header();\nthe_post();\n\n?>\n\u003Csection id=\"content-primary\">\n        \u003Cheader id=\"page-header\">\n                \u003Ch1>\u003C?php the_title() ?>\u003C\u002Fh1>\n        \u003C\u002Fheader>\n\u003C?php\n\n\u002F\u002F Getting recent posts the page and post, minus the host blog.\n\u002F\u002F Specify the \"affect_wp_query = true\", for using the wp_pagenavi.\n$posts = wponw::get_posts('exclude_blog_ids=1&post_type=post,page&affect_wp_query=true');\n\nwp_pagenavi();\n\n?>\n\u003C?php if ( ! empty ( $posts ) ) : ?>\n        \u003Csection class=\"post-list\">\n\u003C?php\n        foreach ( $posts as $post ) :\n                wponw::setup_blog_and_postdata( $post );\n?>\n                \u003Csection id=\"post-\u003C?php the_ID() ?>\" \u003C?php post_class() ?>>\n                        \u003Ch2>【\u003C?php echo $post->blog_name ?>】\u003C\u002Fh2>\n                        \u003Ch1>\u003Ca href=\"\u003C?php the_permalink() ?>\">\u003C?php the_title() ?>\u003C\u002Fa>\u003C\u002Fh1>\n                        \u003C?php echo get_the_excerpt() ?>\n                \u003C\u002Fsection>\n\u003C?php\n                wponw::restore_blog_and_postdata();\n        endforeach;\n?>\n        \u003C\u002Fsection>\n\u003C?php else : ?>\n        \u003Cp>Sorry, there is no post.\u003C\u002Fp>\n\u003C?php endif; # End of empty( $posts ) ?>\n\n\u003C\u002Fsection>\n\u003C?php\n\nwp_reset_query();\nget_sidebar();\nget_footer();\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Using as Shortcode\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Display with default.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Arguments, can be used the same as \u003Ccode>wponw::render_post_archive_to_string\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use your template file, includes 3 post types\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list numberposts=8 post_type=products,promotions,information template=TemplateFileNameInYourTheme]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>NOTICE: DON’T include the file extension in TemplateFileNameInYourTheme.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you want to use your own rendering function.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list numberposts=5 post_type=products renderer=YourRenderFunction]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>To create an archive page with a page.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You create the new page, and write the below shortcode in the post content.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list post_type=post exclude_blog_ids=1 affect_wp_query=true]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>@yuka2py on twitter\u003C\u002Fp>\n","Add ability to get posts from over your network sites. Supports widget, shortcode, and customizable original function.",90,6316,"2013-07-28T02:40:00.000Z","3.5.2","3.5",[55,21,22,56],"blogs","posts","https:\u002F\u002Fgithub.com\u002Fyuka2py\u002Fwp_over_network","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-over-network.0.4.4.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":13,"num_ratings":14,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":76,"download_link":77,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"multisite-user-role-manager","Multisite User Role Manager","1.0.7","OzTheGreat","https:\u002F\u002Fprofiles.wordpress.org\u002Fozthegreat\u002F","\u003Cp>For WordPress Multisite (WPMU) installs, allows Super Admins to easily manage each users roles and blogs from one\u003Cbr \u002F>\nscreen in the Network Admin menu.\u003C\u002Fp>\n\u003Cp>You no longer have to go to each blog to change the user’s role. It’s also\u003Cbr \u002F>\nmuch easier to see which sites a user is associated with.\u003C\u002Fp>\n","Manage user roles for each blog from a single screen on multisite (WPMU) setups",80,30365,"2017-11-07T14:04:00.000Z","4.8.28","4.0",[73,21,23,74,75],"management","users","wpmu","https:\u002F\u002Fwpartisan.me\u002Fplugins\u002Fmultisite-user-role-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-user-role-manager.1.0.7.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":38,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":18,"tags":92,"homepage":95,"download_link":96,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"multisite-user-management","Multisite User Management","1.1","thenbrent","https:\u002F\u002Fprofiles.wordpress.org\u002Fthenbrent\u002F","\u003Cp>Running a WordPress network? You no longer need to manually add new users to each of your sites.\u003C\u002Fp>\n\u003Cp>With this plugin, users are assigned a default role for each of your sites. You set the default role for each site and this plugin applies it.\u003C\u002Fp>\n\u003Cp>You can assign different roles for each site or keep a site private by assigning no role.\u003C\u002Fp>\n","Automatically add users to each site in your WordPress network.",70,90220,21,"2014-10-16T23:47:00.000Z","3.4.2","3.0",[93,21,94,23,74],"buddypress","multiuser","http:\u002F\u002Fgithub.com\u002Fthenbrent\u002Fmultisite-user-management","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-user-management.1.1.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":13,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":115,"download_link":116,"security_score":117,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"network-subsite-user-registration","Network Subsite User Registration","4.1","Justin Fletcher","https:\u002F\u002Fprofiles.wordpress.org\u002Fjustinticktock\u002F","\u003Cp>The ‘Network Subsite User Registration’ (NSUR) plugin removes the WordPress Multisite restriction that registration is on the Network main site, subsite Administrators can now allow user registration for their site only.\u003C\u002Fp>\n\u003Cp>WordPress Network (Multisite) installations by default only allow user registration for the whole Network, e.g. users can only register for the main site and not the other sites on the network.  The ‘Network Subsite User Registration’ plugin allows local admins of sub-sites within the Network\u002FMultisite the ability to enable user registration themselves for their site.\u003C\u002Fp>\n\u003Cp>The role by default that a new user receives is ‘subscriber’, however, there is a setting which allows you to define a different initial role (per sub-site) that a user receives after registration.\u003C\u002Fp>\n\u003Cp>@Developers – If you want to use your own template you can override the template used for the ..\u002Flocal-signup page by creating a template with the file ‘page-signup.php’ and add this to either the parent or child theme.\u003C\u002Fp>\n\u003Ch4>Plugin site\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fjustinandco.com\u002Fplugins\u002Fnetwork-subsite-user-registration\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fjustinandco.com\u002Fplugins\u002Fnetwork-subsite-user-registration\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>GitHub – Development\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjustinticktock\u002Fnetwork-subsite-user-registration\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fjustinticktock\u002Fnetwork-subsite-user-registration\u003C\u002Fa>\u003C\u002Fp>\n","Allow the public to register user accounts on Subsites within a Network (MultiSite) installation.",50,46105,52,"2025-04-17T15:48:00.000Z","6.8.5","4.7",[21,22,112,113,114],"register","signup","user-registration","http:\u002F\u002Fjustinandco.com\u002Fplugins\u002Fnetwork-subsite-user-registration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnetwork-subsite-user-registration.4.1.zip",92,{"slug":119,"name":120,"version":81,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":11,"downloaded":125,"rating":67,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":133,"download_link":134,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"hyper-admins","Hyper Admins","scribu","https:\u002F\u002Fprofiles.wordpress.org\u002Fscribu\u002F","\u003Cp>With this plugin, super-admins can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>view any theme on any site, without enabling it\u003C\u002Fli>\n\u003Cli>access any site through Admin Bar -> My Sites, without having a role on it\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Intended for \u003Ca href=\"http:\u002F\u002Fscribu.net\u002Fwordpress\u002Fthe-future-of-multisite.html\" rel=\"nofollow ugc\">small Multisite installs\u003C\u002Fa>.\u003C\u002Fp>\n","Simplify administration tasks for super-admins.",27506,1,"2014-04-09T21:51:00.000Z","3.7.41","3.4",[131,21,22,132,74],"administration","themes","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fhyper-admins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhyper-admins.zip",{"attackSurface":136,"codeSignals":160,"taintFlows":177,"riskAssessment":178,"analyzedAt":188},{"hooks":137,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":28,"unprotectedCount":28},[138,144,148,152],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","network_admin_menu","murs_add_settings_menu","multisite-user-role-sync.php",12,{"type":139,"name":145,"callback":146,"file":142,"line":147},"admin_init","murs_settings_init",13,{"type":139,"name":149,"callback":150,"priority":28,"file":142,"line":151},"init","murs_sync_user_role",146,{"type":139,"name":153,"callback":154,"priority":11,"file":142,"line":155},"set_user_role","murs_update_user_role",199,[],[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":164,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":176},[],{"prepared":28,"raw":28,"locations":163},[],{"escaped":28,"rawEcho":165,"locations":166},5,[167,170,171,173,174],{"file":142,"line":168,"context":169},66,"raw output",{"file":142,"line":168,"context":169},{"file":142,"line":172,"context":169},78,{"file":142,"line":172,"context":169},{"file":142,"line":175,"context":169},97,[],[],{"summary":179,"deductions":180},"The 'multisite-user-role-sync' v1.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with exposed entry points is commendable, contributing to a very small attack surface. Furthermore, the code demonstrates good practice by utilizing prepared statements for all SQL queries, mitigating the risk of SQL injection vulnerabilities.  The lack of file operations and external HTTP requests also reduces potential attack vectors. \n\nHowever, a significant concern arises from the complete lack of output escaping. With five identified output points and 0% properly escaped, any data displayed by this plugin is potentially vulnerable to Cross-Site Scripting (XSS) attacks. This is a critical oversight that attackers could exploit to inject malicious scripts into the user's browser. The absence of nonce checks and capability checks, while potentially acceptable given the limited attack surface, still leaves room for potential unauthorized actions if any vulnerabilities were to be discovered that bypassed the entry point limitations. The clean vulnerability history is a positive sign, but it does not negate the present risks identified in the code analysis.\n\nIn conclusion, while the plugin is built with a secure foundation regarding entry points and data querying, the complete failure to escape output is a major security flaw. This critical weakness, coupled with the absence of authorization checks on the limited functionality, presents a tangible risk of XSS vulnerabilities. The plugin's history of no vulnerabilities is encouraging but should not lead to complacency, especially given the identified code-level risks.",[181,184,186],{"reason":182,"points":183},"Unescaped output",15,{"reason":185,"points":165},"Missing nonce checks",{"reason":187,"points":165},"Missing capability checks","2026-04-16T12:45:17.690Z",{"wat":190,"direct":195},{"assetPaths":191,"generatorPatterns":192,"scriptPaths":193,"versionParams":194},[],[],[],[],{"cssClasses":196,"htmlComments":197,"htmlAttributes":201,"restEndpoints":202,"jsGlobals":203,"shortcodeOutput":204},[],[198,199,200],"\u003C!-- Settings Saved -->","\u003C!-- Here is how this plugin works: -->","#### Updating a role anywhere will result in the new role synced to all the blogs the user is member of. Use at your own risk ####",[],[],[],[],{"error":206,"url":207,"statusCode":208,"statusMessage":209,"message":209},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmultisite-user-role-sync\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":28,"versions":211},[]]