[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTTrIW039gBhBchNClw6qvh1AE3kb_HorjmrWPP5F44s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":133,"fingerprints":254},"my-github","My Github","1.2.4","Ratul Hasan","https:\u002F\u002Fprofiles.wordpress.org\u002Fratulhasan\u002F","\u003Cp>A simple and nice WordPress plugin that can track your GitHub’s profile. You can showcase your Followers, Following, Company, Location, Blog URL, Twitter Account, Public Repositories, Public Repository’s Used Language.\u003Cbr \u002F>\nIf the installation is okay, go  and create a page and\u002For post or update a page and\u002For post and insert a Shortcode 👉 [my_github] to show your profile.\u003Cbr \u002F>\nYou can also find Quick Tags in your editor. You can also setup your settings from My GitHub under Settings page. That’s it.\u003Cbr \u002F>\n\u003Cstrong>Currently supports:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Editor ShortCode support\u003Cbr \u002F>\n– GitHub Widget Profile View\u003Cbr \u002F>\n– User profiles\u003Cbr \u002F>\n– Repositories\u003Cbr \u002F>\n– Used Main Language\u003Cbr \u002F>\n– Repository Star Count\u003Cbr \u002F>\n– Repository Watcher Count\u003Cbr \u002F>\n– Repository Fork Count\u003Cbr \u002F>\n– Repository License\u003Cbr \u002F>\n– Repository’s Last Pushed Time\u003Cbr \u002F>\n– Add custom template option.\u003C\u002Fp>\n\u003Cp>Developers can also add their custom header name by using the hook \u003Ccode>git_name_header\u003C\u002Fcode>  like this\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('git_name_header', function($url){\n    return \"My Github Showcase\";\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Developers can also add their custom template by using the hook \u003Ccode>my_github_custom_template\u003C\u002Fcode>  like this\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('my_github_custom_template', function($url){\n    return \u002Ftemplate_path\u002Ffile.php\";\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin provides very basic styling. If anyone has any ideas for a better styling – pull requests are welcome!\u003Cbr \u002F>\nThe development repo is \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FRatulHasan\u002Fmy-github\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>My Github uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements.\u003C\u002Fp>\n\u003Cp>Appsero SDK \u003Cstrong>does not gather any data by default.\u003C\u002Fstrong> The SDK only starts gathering basic telemetry data \u003Cstrong>when a user allows it via the admin notice\u003C\u002Fstrong>. We collect the data to ensure a great user experience for all our users.\u003C\u002Fp>\n\u003Cp>Integrating Appsero SDK \u003Cstrong>DOES NOT IMMEDIATELY\u003C\u002Fstrong> start gathering data, \u003Cstrong>without confirmation from users in any case.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n","A simple and nice WordPress plugin that can track your github's profile.",10,1455,100,2,"2023-12-25T12:45:00.000Z","6.4.8","5.2","5.6",[20,21,22,23,24],"developer","development","github","portfolio","profile","https:\u002F\u002Fgithub.com\u002FRatulHasan\u002Fmy-github","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-github.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"ratulhasan",3,240,92,30,88,"2026-04-04T16:17:45.978Z",[41,56,79,97,116],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":28,"downloaded":49,"rating":28,"num_ratings":28,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":54,"download_link":55,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"show-git-developer-profile","Show developer profile","1.0","evandrosouza89","https:\u002F\u002Fprofiles.wordpress.org\u002Fevandrosouza89\u002F","\u003Cp>The main purpose of this plugin if to automate the process of fetching profile information and listing repositories of a given github user provided by the github public API (https:\u002F\u002Fdeveloper.github.com\u002F).\u003C\u002Fp>\n\u003Cp>The information managed by this plugin is shown in the theme as a widget. The best theme areas to use this plugin are the side bars (left or right).\u003C\u002Fp>\n\u003Cp>You can customize the styling of this plugin by editing ‘show-developer-profile-styles.css’ file.\u003C\u002Fp>\n","A plugin to fetch and exhibit profile information and list repositories of a given github user.",908,"2020-01-09T16:55:00.000Z","5.3.21","5.0",[20,22,23,24],"https:\u002F\u002Fgithub.com\u002Fevandrosouza89\u002Fshow-developer-profile","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-git-developer-profile.1.0.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":77,"vuln_count":34,"unpatched_count":28,"last_vuln_date":78,"fetched_at":30},"wp-reroute-email","WP Reroute Email","1.5.2","Sajjad Hossain","https:\u002F\u002Fprofiles.wordpress.org\u002Fmsh134\u002F","\u003Cp>This plugin intercepts all outgoing emails from a WordPress site, sent using the wp_mail() function, and reroutes them to a predefined configurable email address. This is useful in case where you do not want email sent from a WordPress site to reach the users. For an example, to resolve an issue you downloaded production database to your development site and you want no email is sent to production users when testing. You may enable this plugin in development server and reroute emails to your given email address.\u003C\u002Fp>\n\u003Cp>WP Reroute Email provides options for adding your own text or the recipients address at the bottom of the mail.\u003C\u002Fp>\n\u003Cp>You may also save a copy of the email to database and view them from the interface.\u003C\u002Fp>\n\u003Cp>Now, you will be able to disable rerouting based on the subject texts.\u003C\u002Fp>\n","This plugin reroutes all outgoing emails from a WordPress site (sent using the wp_mail() function) to a predefined configurable email address.",1000,28119,9,"2025-07-06T06:59:00.000Z","6.8.5","",[71,72,73,74],"developer-tool","development-server","email","mail","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-reroute-email\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-reroute-email.1.5.2.zip",98,"2023-07-05 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":11,"last_updated":89,"tested_up_to":68,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":95,"download_link":96,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"spatie-ray","Ray","1.7.10","freekmurze","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreekmurze\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fmyray.app\" rel=\"nofollow ugc\">Ray\u003C\u002Fa> is a beautiful, lightweight desktop app that helps you debug your app. There’s a \u003Ca href=\"https:\u002F\u002Fmyray.app\" rel=\"nofollow ugc\">free demo\u003C\u002Fa> available that can be unlocked with a \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fproducts\u002Fray\" rel=\"nofollow ugc\">license\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>After installing this plugin, you can use the \u003Ccode>ray()\u003C\u002Fcode> function to quickly dump stuff. Any variable(s) that you pass to \u003Ccode>ray()\u003C\u002Fcode> will be displayed.\u003C\u002Fp>\n\u003Cp>Here some examples:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>ray('Hello world');\n\nray(['a' => 1, 'b' => 2])->color('red');\n\nray('multiple', 'arguments', 'are', 'welcome');\n\nray()->showQueries();\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>There are many other helper functions available on Ray that allow you to display things that can help you debug such as \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fframework-agnostic-php-project#measuring-performance-and-memory-usage\" rel=\"nofollow ugc\">runtime and memory usage\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fwordpress#showing-queries\" rel=\"nofollow ugc\">queries that were executed\u003C\u002Fa>, and much more.\u003C\u002Fp>\n\u003Ch3>Full Documentation\u003C\u002Fh3>\n\u003Cp>The extensive documentation can be found \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>It contains the \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Finstallation-in-your-project\u002Fwordpress\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa> for WordPress.\u003C\u002Fp>\n\u003Cp>After it is installed you can use any of the \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fframework-agnostic-php-project\" rel=\"nofollow ugc\">framework agnostic\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fwordpress\" rel=\"nofollow ugc\">WordPress specific functions\u003C\u002Fa>.\u003C\u002Fp>\n","Easily debug WordPress sites using Ray.",500,34993,"2025-12-10T09:18:00.000Z","5.5","8.0",[93,94,20,21],"debug","debugging","https:\u002F\u002Fgithub.com\u002Fspatie\u002Fwordpress-ray","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspatie-ray.1.7.10.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":69,"tags":112,"homepage":114,"download_link":115,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"asset-queue-manager","Asset Queue Manager","1.0.3","NateWr","https:\u002F\u002Fprofiles.wordpress.org\u002Fnatewr\u002F","\u003Cp>This tool allows you to monitor, dequeue and requeue scripts and styles that are enqueued on your site. It is designed for frontend performance engineers who want to view and manage all assets enqueued on any page and control the minification and concatenation themselves.\u003C\u002Fp>\n\u003Cp>For background, please read \u003Ca href=\"https:\u002F\u002Fgist.github.com\u002Fchriscoyier\u002F2074e17ce9ae5e6d537e\" rel=\"nofollow ugc\">Chris Coyier’s initial request\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Warning: This plugin makes it easy to break your site. Don’t use this unless you know what you’re doing.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>How to use\u003C\u002Fh4>\n\u003Cp>Once the plugin is activated, browse to any page on the front of your site. An Assets link will appear on the top right of the admin bar. Click that to view and manage all assets.\u003C\u002Fp>\n\u003Ch4>Developers\u003C\u002Fh4>\n\u003Cp>Development takes place on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FNateWr\u002Fasset-queue-manager\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Patches welcome.\u003C\u002Fp>\n","A tool for experienced frontend performance engineers to take control over the scripts and styles enqueued on their site.",200,15840,94,14,"2016-03-10T10:16:00.000Z","4.4.34","4.0",[93,20,21,113],"tool","https:\u002F\u002Fgithub.com\u002FNateWr\u002Fasset-queue-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fasset-queue-manager.1.0.3.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":105,"downloaded":124,"rating":13,"num_ratings":125,"last_updated":126,"tested_up_to":68,"requires_at_least":127,"requires_php":69,"tags":128,"homepage":131,"download_link":132,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"discourage-search-engines-notifier","Discourage Search Engines Notifier","2.6.0","MΛCHINΣ CØDΣ","https:\u002F\u002Fprofiles.wordpress.org\u002Ffstab\u002F","\u003Cp>Discourage Search Engines Notifier adds a clear red or green eye icon to your WordPress admin bar, instantly indicating whether your site is hidden from search engines. Clicking the icon takes you directly to the Search Engine Visibility settings page. No setup or configuration is required—simply install and activate the plugin.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Red\u002Fgreen eye icon indicating search engine visibility\u003C\u002Fli>\n\u003Cli>Direct access to the Search Engine Visibility settings\u003C\u002Fli>\n\u003Cli>Works out of the box with no configuration required\u003C\u002Fli>\n\u003Cli>Lightweight and efficient, with minimal impact on performance\u003C\u002Fli>\n\u003Cli>Supports donations via \u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fmachinecode\" rel=\"nofollow ugc\">Ko-fi\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbuymeacoffee.com\u002Fmchncd\" rel=\"nofollow ugc\">Buy Me a Coffee\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is distributed under the GNU General Public License v3.0 or later. See the \u003Ccode>license.txt\u003C\u002Fcode> file for details.\u003C\u002Fp>\n","Shows an admin bar icon indicating your site's search engine visibility status.",5961,4,"2025-11-10T03:13:00.000Z","3.5",[20,21,129,130,113],"notifier","seo","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdiscourage-search-engines-notifier\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdiscourage-search-engines-notifier.2.6.0.zip",{"attackSurface":134,"codeSignals":196,"taintFlows":226,"riskAssessment":245,"analyzedAt":253},{"hooks":135,"ajaxHandlers":187,"restRoutes":188,"shortcodes":189,"cronEvents":194,"entryPointCount":195,"unprotectedCount":28},[136,142,147,152,156,161,165,170,175,179,184],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_menu","cb_add_settings_page","includes\\Admin\\Menu.php",26,{"type":137,"name":143,"callback":144,"file":145,"line":146},"admin_init","register_settings_page","includes\\Admin\\Settings.php",48,{"type":148,"name":149,"callback":150,"file":145,"line":151},"filter","mce_external_plugins","my_github_mce_external_plugins",50,{"type":148,"name":153,"callback":154,"file":145,"line":155},"mce_buttons","my_github_mce_buttons",51,{"type":137,"name":157,"callback":158,"file":159,"line":160},"admin_enqueue_scripts","register_admin_scripts","includes\\Assets.php",25,{"type":137,"name":162,"callback":163,"file":159,"line":164},"wp_enqueue_scripts","register_front_end_scripts",27,{"type":148,"name":166,"callback":167,"file":168,"line":169},"template_include","cb_template_include","includes\\Frontend\\Shortcode.php",41,{"type":137,"name":171,"callback":172,"file":173,"line":174},"widgets_init","register_github_widget","includes\\Frontend\\Widget.php",32,{"type":137,"name":176,"callback":177,"file":178,"line":160},"update_option","cb_update_option","includes\\Transient.php",{"type":137,"name":180,"callback":181,"file":182,"line":183},"activate_plugin","cb_activate_plugin","my-github.php",40,{"type":137,"name":185,"callback":186,"file":182,"line":169},"plugins_loaded","initiate_plugin",[],[],[190],{"tag":191,"callback":192,"file":168,"line":193},"my_github","cb_my_github_shortcode",43,[],1,{"dangerousFunctions":197,"sqlUsage":198,"outputEscaping":204,"fileOperations":28,"externalRequests":34,"nonceChecks":195,"capabilityChecks":28,"bundledLibraries":225},[],{"prepared":28,"raw":195,"locations":199},[200],{"file":201,"line":202,"context":203},"uninstall.php",22,"$wpdb->query() with variable interpolation",{"escaped":205,"rawEcho":206,"locations":207},127,8,[208,211,213,215,217,218,219,222],{"file":173,"line":209,"context":210},53,"raw output",{"file":173,"line":212,"context":210},56,{"file":173,"line":214,"context":210},78,{"file":173,"line":216,"context":210},93,{"file":173,"line":107,"context":210},{"file":173,"line":77,"context":210},{"file":220,"line":221,"context":210},"includes\\templates\\my_github_main.php",23,{"file":223,"line":224,"context":210},"includes\\templates\\my_github_profile.php",173,[],[227],{"entryPoint":228,"graph":229,"unsanitizedCount":28,"severity":244},"\u003Cmy_github_profile> (includes\\templates\\my_github_profile.php:0)",{"nodes":230,"edges":241},[231,235],{"id":232,"type":233,"label":234,"file":223,"line":205},"n0","source","$_GET (x4)",{"id":236,"type":237,"label":238,"file":223,"line":239,"wp_function":240},"n1","sink","echo() [XSS]",131,"echo",[242],{"from":232,"to":236,"sanitized":243},true,"low",{"summary":246,"deductions":247},"The \"my-github\" plugin version 1.2.4 exhibits a generally good security posture based on the provided static analysis. There are no identified critical or high-severity vulnerabilities in taint analysis, and the plugin has no recorded vulnerability history, suggesting a proactive approach to security by its developers. The high percentage of properly escaped output (94%) and the presence of nonce checks are positive indicators. The limited attack surface, with only one shortcode and no unprotected entry points, further contributes to its apparent safety.\n\nHowever, there are areas of concern. The single SQL query is not using prepared statements, which presents a potential risk for SQL injection if the query's inputs are not rigorously validated and escaped server-side. While the number of external HTTP requests is low (3), any interaction with external services can introduce risks if not handled securely. The complete absence of capability checks is a significant weakness. Without capability checks, any user, regardless of their role or permissions, could potentially interact with the plugin's functionality, opening it up to unauthorized access or manipulation if any of its components have sensitive actions.\n\nIn conclusion, the \"my-github\" plugin demonstrates commendable security practices in output escaping and managing its attack surface. Nevertheless, the lack of capability checks and the use of raw SQL queries without prepared statements represent significant security weaknesses that should be addressed to achieve a more robust security posture. The absence of historical vulnerabilities is promising but should not overshadow the identified code-level risks.",[248,250],{"reason":249,"points":206},"Raw SQL query without prepared statements",{"reason":251,"points":252},"No capability checks for any entry points",15,"2026-03-17T00:52:40.030Z",{"wat":255,"direct":269},{"assetPaths":256,"generatorPatterns":261,"scriptPaths":262,"versionParams":264},[257,258,259,260],"\u002Fwp-content\u002Fplugins\u002Fmy-github\u002Fassets\u002Fmy_github_qtags.min.js","\u002Fwp-content\u002Fplugins\u002Fmy-github\u002Fassets\u002Fmy_github.min.css","\u002Fwp-content\u002Fplugins\u002Fmy-github\u002Fassets\u002Fgrids-min.css","\u002Fwp-content\u002Fplugins\u002Fmy-github\u002Fassets\u002Ffontawesome-free-5.15.3\u002Fcss\u002Fall.min.css",[],[263],"\u002Fwp-content\u002Fplugins\u002Fmy-github\u002Fappsero\u002Fsrc\u002FClient.php",[265,266,267,268],"my-github\u002Fassets\u002Fmy_github_qtags.min.js?ver=","my-github\u002Fassets\u002Fmy_github.min.css?ver=","my-github\u002Fassets\u002Fgrids-min.css?ver=","my-github\u002Fassets\u002Ffontawesome-free-5.15.3\u002Fcss\u002Fall.min.css?ver=",{"cssClasses":270,"htmlComments":273,"htmlAttributes":276,"restEndpoints":279,"jsGlobals":280,"shortcodeOutput":282},[271,272],"my-github-profile","my-github-repo",[274,275],"\u003C!-- Menu class file -->","\u003C!-- Project My Github -->",[277,278],"data-username","data-repo-count",[],[281],"my_github_opts",[283],"[my_github]"]