[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8Gp26TmVmi2YyG2zvllOEB63yjjlxCEFrYrzCfB34t4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":140,"fingerprints":219},"network-user-management","Network User Management","1.0","Gravuj Miklos Henrich","https:\u002F\u002Fprofiles.wordpress.org\u002Fhenrichro\u002F","\u003Cp>Add users on each of your sites inside the network (Multisite). If, before the installation of this plugin, a user was registered only on one of your sites, with this plugin you can add it to all of your sites and assign to all his site profiles his default (choosen) role. If no role was choosen for the user at the registration, the default role for new registered users will be used for the user. After the installation of this plugin, every further user registration will be synchronised on all your sites inside the network (Multisite).\u003C\u002Fp>\n","Synchronise users and user roles from main Blog, automatically add users to each site in your WordPress network (Multisite).",10,2143,60,2,"2013-09-16T08:28:00.000Z","3.6.1","3.0","",[20,21,22],"multisite","roles","users","N\u002FA","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnetwork-user-management.zip",85,0,null,"2026-03-15T14:54:45.397Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"henrichro",5,150,30,84,"2026-04-04T06:35:48.042Z",[38,58,76,97,119],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":46,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":55,"download_link":56,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":57},"multisite-user-role-manager","Multisite User Role Manager","1.0.7","OzTheGreat","https:\u002F\u002Fprofiles.wordpress.org\u002Fozthegreat\u002F","\u003Cp>For WordPress Multisite (WPMU) installs, allows Super Admins to easily manage each users roles and blogs from one\u003Cbr \u002F>\nscreen in the Network Admin menu.\u003C\u002Fp>\n\u003Cp>You no longer have to go to each blog to change the user’s role. It’s also\u003Cbr \u002F>\nmuch easier to see which sites a user is associated with.\u003C\u002Fp>\n","Manage user roles for each blog from a single screen on multisite (WPMU) setups",100,30215,3,"2017-11-07T14:04:00.000Z","4.8.28","4.0",[53,20,21,22,54],"management","wpmu","https:\u002F\u002Fwpartisan.me\u002Fplugins\u002Fmultisite-user-role-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-user-role-manager.1.0.7.zip","2026-03-15T15:16:48.613Z",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":35,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":17,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":57},"multisite-user-management","Multisite User Management","1.1","thenbrent","https:\u002F\u002Fprofiles.wordpress.org\u002Fthenbrent\u002F","\u003Cp>Running a WordPress network? You no longer need to manually add new users to each of your sites.\u003C\u002Fp>\n\u003Cp>With this plugin, users are assigned a default role for each of your sites. You set the default role for each site and this plugin applies it.\u003C\u002Fp>\n\u003Cp>You can assign different roles for each site or keep a site private by assigning no role.\u003C\u002Fp>\n","Automatically add users to each site in your WordPress network.",70,89954,21,"2014-10-16T23:47:00.000Z","3.4.2",[72,20,73,21,22],"buddypress","multiuser","http:\u002F\u002Fgithub.com\u002Fthenbrent\u002Fmultisite-user-management","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-user-management.1.1.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":95,"download_link":96,"security_score":46,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":57},"user-switching","User Switching","1.11.2","John Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnbillion\u002F","\u003Cp>This plugin allows you to quickly swap between user accounts in WordPress at the click of a button. You’ll be instantly logged out and logged in as your desired user. This is handy for helping customers on WooCommerce sites, membership sites, testing environments, or for any site where administrators need to switch between multiple accounts.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Switch user: Instantly switch to any user account from the \u003Cem>Users\u003C\u002Fem> screen.\u003C\u002Fli>\n\u003Cli>Switch back: Instantly switch back to your originating account.\u003C\u002Fli>\n\u003Cli>Switch off: Log out of your account but retain the ability to instantly switch back in again.\u003C\u002Fli>\n\u003Cli>Compatible with Multisite, WooCommerce, BuddyPress, and bbPress.\u003C\u002Fli>\n\u003Cli>Compatible with most membership and user management plugins.\u003C\u002Fli>\n\u003Cli>Compatible with most two-factor authentication solutions (see the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for more info).\u003C\u002Fli>\n\u003Cli>Approved for use on enterprise-grade WordPress platforms such as \u003Ca href=\"https:\u002F\u002Fwww.altis-dxp.com\u002F\" rel=\"nofollow ugc\">Altis\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwpvip.com\u002F\" rel=\"nofollow ugc\">WordPress VIP\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: User Switching supports versions of WordPress up to three years old, and PHP version 7.4 or higher.\u003C\u002Fp>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Only users with the ability to edit other users can switch user accounts. By default this is only Administrators on single site installations, and Super Admins on Multisite installations.\u003C\u002Fli>\n\u003Cli>Passwords are not (and cannot be) revealed.\u003C\u002Fli>\n\u003Cli>Uses the cookie authentication system in WordPress when remembering the account(s) you’ve switched from and when switching back.\u003C\u002Fli>\n\u003Cli>Implements the nonce security system in WordPress, meaning only those who intend to switch users can switch.\u003C\u002Fli>\n\u003Cli>Full support for user session validation where appropriate.\u003C\u002Fli>\n\u003Cli>Full support for HTTPS.\u003C\u002Fli>\n\u003Cli>Backed by \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fvdp\u002Fuser-switching\" rel=\"nofollow ugc\">the Patchstack Vulnerability Disclosure Program\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit the \u003Cem>Users\u003C\u002Fem> menu in WordPress and you’ll see a \u003Cem>Switch To\u003C\u002Fem> link in the list of action links for each user.\u003C\u002Fli>\n\u003Cli>Click this and you will immediately switch into that user account.\u003C\u002Fli>\n\u003Cli>You can switch back to your originating account via the \u003Cem>Switch back\u003C\u002Fem> link on each dashboard screen or in your profile menu in the WordPress toolbar.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for information about the \u003Cem>Switch Off\u003C\u002Fem> feature.\u003C\u002Fp>\n\u003Ch3>Other Plugins\u003C\u002Fh3>\n\u003Cp>I maintain several other plugins for developers. Check them out:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquery-monitor\u002F\" rel=\"ugc\">Query Monitor\u003C\u002Fa> is the developer tools panel for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-crontrol\u002F\" rel=\"ugc\">WP Crontrol\u003C\u002Fa> lets you view and control what’s happening in the WP-Cron system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Statement\u003C\u002Fh3>\n\u003Cp>User Switching does not send data to any third party, nor does it include any third party resources, nor will it ever do so.\u003C\u002Fp>\n\u003Cp>User Switching makes use of browser cookies in order to allow users to switch to another account. Its cookies operate using the same mechanism as the authentication cookies in WordPress core, which means their values contain the user’s \u003Ccode>user_login\u003C\u002Fcode> field in plain text which should be treated as potentially personally identifiable information (PII) for privacy and regulatory reasons (GDPR, CCPA, etc). The names of the cookies are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wordpress_user_sw_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_secure_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_olduser_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See also the FAQ for some questions relating to privacy and safety when switching between users.\u003C\u002Fp>\n\u003Ch3>Accessibility Statement\u003C\u002Fh3>\n\u003Cp>User Switching aims to be fully accessible to all of its users. It implements best practices for web accessibility, outputs semantic and structured markup, adheres to the default styles and accessibility guidelines of WordPress, uses the accessibility APIs provided by WordPress and web browsers where appropriate, and is fully accessible via keyboard.\u003C\u002Fp>\n\u003Cp>User Switching should adhere to Web Content Accessibility Guidelines (WCAG) 2.0 at level AA when used with a recent version of WordPress where its admin area itself adheres to these guidelines. If you’ve experienced or identified an accessibility issue in User Switching, please open a thread in \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fuser-switching\u002F\" rel=\"ugc\">the User Switching plugin support forum\u003C\u002Fa> and I’ll address it swiftly.\u003C\u002Fp>\n","Instant switching between user accounts in WordPress and WooCommerce.",200000,5499975,98,239,"2026-02-27T00:17:00.000Z","6.9.4","6.1","7.4",[93,20,77,22,94],"fast-user-switching","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-switching.1.11.2.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":86,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":111,"tags":112,"homepage":116,"download_link":117,"security_score":118,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":57},"view-admin-as","View Admin As","1.8.10","Jory Hogeveen","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeraweb\u002F","\u003Ch4>The ultimate User switcher and Role manager\u003C\u002Fh4>\n\u003Cp>This plugin will add a menu item to your admin bar where you can change your view in the WordPress admin.\u003Cbr \u002F>\nSwitch to other users without the need to login as that user or even switch roles and temporarily change your own capabilities.\u003C\u002Fp>\n\u003Cp>When you’re viewing as a different user, you can also change this user’s preferences; like screen settings on various admin pages.\u003C\u002Fp>\n\u003Cp>With the “Role defaults” module you can set default screen settings and metabox locations for roles and apply them to users through various bulk actions.\u003C\u002Fp>\n\u003Cp>It also features a “Role manager” module to add, edit or remove roles and grant or deny them capabilities.\u003C\u002Fp>\n\u003Ch4>Overview \u002F Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Switch between user accounts\n\u003Cul>\n\u003Cli>Edit this user’s screen preferences and settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Switch between roles\u003C\u002Fli>\n\u003Cli>Temporarily change your own capabilities (non-destructively)\u003C\u002Fli>\n\u003Cli>View your site as an unregistered visitor\u003C\u002Fli>\n\u003Cli>Switch language\u002Flocale on backend and frontend\u003C\u002Fli>\n\u003Cli>Make combinations of the above view types\u003C\u002Fli>\n\u003Cli>Easily switch back anytime\u003C\u002Fli>\n\u003Cli>Completely secure (see \u003Cem>Security\u003C\u002Fem> below)\u003C\u002Fli>\n\u003Cli>Do all the above without logging out!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Module: Role defaults (screen settings)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set default screen settings for roles\u003C\u002Fli>\n\u003Cli>Apply defaults to a user\u003C\u002Fli>\n\u003Cli>Apply defaults to all users of a role\u003C\u002Fli>\n\u003Cli>Apply defaults when registering a new user (in a multisite this is done when a user is added to its first blog)\u003C\u002Fli>\n\u003Cli>Copy defaults from one role to another (or multiple)\u003C\u002Fli>\n\u003Cli>Import\u002FExport role defaults, can also download (and upload) setting files\u003C\u002Fli>\n\u003Cli>Disable the “screen settings” option and\u002For lock the meta boxes for all users that don’t have access to this plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002Fwiki\u002FRole-Defaults\" rel=\"nofollow ugc\">Click here for Role Defaults documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Module: Role manager (role editor)\u003C\u002Fh4>\n\u003Cp>\u003Cem>Note: Changes made with the Role Manager are permanent!\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add, edit or delete roles\u003C\u002Fli>\n\u003Cli>Grant and\u002For add capabilities to roles\u003C\u002Fli>\n\u003Cli>Rename roles\u003C\u002Fli>\n\u003Cli>Clone roles\u003C\u002Fli>\n\u003Cli>Import\u002FExport roles, can also download (and upload) setting files\u003C\u002Fli>\n\u003Cli>Update role capabilities from current view\u003C\u002Fli>\n\u003Cli>Automatically migrate users to another role after deleting a role\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002Fwiki\u002FRole-Manager\" rel=\"nofollow ugc\">Click here for Role Manager documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Compatibility & Integrations\u003C\u002Fh4>\n\u003Cp>This plugin will work with most other plugins but these are tested:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Advanced Access Manager\u003C\u002Fstrong> \u003Cem>(Pro version not verified)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>bbPress\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>BuddyPress\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Genesis Framework\u003C\u002Fstrong> \u003Cem>(and probably other theme frameworks)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Site Kit\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gravity Forms\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Groups 2.1+\u003C\u002Fstrong> \u003Cem>(Custom integration: adds a view type for groups. Pro version not tested)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pods Framework 2.0+\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Members\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restrict User Access 0.13+\u003C\u002Fstrong> \u003Cem>(Custom integration: adds a view type for access levels)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Roles and Capabilities\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Role Editor\u003C\u002Fstrong> \u003Cem>(Pro version not verified)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Switching\u003C\u002Fstrong> \u003Cem>(Not sure why you’d want this but yes, switch-ception is possible!)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WPFront User Role Editor\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP Admin UI Customize 1.5.11+\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Yoast SEO\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Full list of tested plugins and details: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002Fwiki\u002FCompatibility-&-Integrations\" rel=\"nofollow ugc\">Compatibility & Integrations\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>I can’t switch back!\u003C\u002Fh4>\n\u003Cp>See item \u003Cstrong>3\u003C\u002Fstrong> at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fview-admin-as\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>It’s not working! \u002F I found a bug!\u003C\u002Fh4>\n\u003Cp>Please let me know through the support and add a plugins and themes list! 🙂\u003C\u002Fp>\n\u003Ch4>Security\u003C\u002Fh4>\n\u003Cp>This plugin is completely safe and will keep your users, passwords and data secure.\u003Cbr \u002F>\nFor more info see item \u003Cstrong>7\u003C\u002Fstrong> at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fview-admin-as\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch4>Developer notes\u003C\u002Fh4>\n\u003Cp>This plugin will only be useful for admins (network super admins or regular admins). It will not add functionalities for other roles unless you specifically apply custom capabilities for those users.\u003Cbr \u002F>\nAlso keep in mind that switching to users that have equal roles is disabled. (regular admins to regular admins + super admins to super admins)\u003C\u002Fp>\n\u003Cp>I’ve created this at first for myself since I’m a developer and often need to see the outcome on roles which my clients use.\u003C\u002Fp>\n\u003Cp>So, when you are developing a plugin or theme that does anything with roles or capabilities you can use this plugin to easily check if everything works.\u003Cbr \u002F>\nNo more hassle of creating test users and constantly logging out and in anymore!\u003C\u002Fp>\n\u003Cp>This plugin is also useful to support your clients and\u002For users. For example; make screen display presets of the edit and overview pages before you let them log in.\u003C\u002Fp>\n\u003Ch4>You can find me here:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.keraweb.nl\u002F\" rel=\"nofollow ugc\">Keraweb\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fnl.linkedin.com\u002Fin\u002Fjoryhogeveen\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>Please help translating this plugin on \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fview-admin-as\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch4>Actions & Filters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002Fwiki\u002FActions\" rel=\"nofollow ugc\">Click here for Action documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002Fwiki\u002FFilters\" rel=\"nofollow ugc\">Click here for Filter documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin capabilities\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002Fwiki\u002FCustom-capabilities\" rel=\"nofollow ugc\">Click here for documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Ideas?\u003C\u002Fh4>\n\u003Cp>Please let me know on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fview-admin-as\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>!\u003C\u002Fp>\n","View the WordPress admin as a different role or visitor, switch between users, temporarily change your capabilities, set screen settings for roles.",9000,122645,48,"2024-11-23T15:34:00.000Z","6.7.5","4.1","5.2.4",[113,21,114,22,115],"admin","switch","view","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fview-admin-as\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fview-admin-as.1.8.10.zip",92,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":91,"tags":134,"homepage":138,"download_link":139,"security_score":46,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":57},"expire-users","Expire Users","1.2.2","Ben Huson","https:\u002F\u002Fprofiles.wordpress.org\u002Fhusobj\u002F","\u003Cblockquote>\n\u003Cp>Important security update – if you are using version 0.2 or earlier please upgrade\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>This plugin allows you to set expiry dates for user logins. You can set a user to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Never expire (default)\u003C\u002Fli>\n\u003Cli>Expire in X days, weeks, moths or years\u003C\u002Fli>\n\u003Cli>Expire on a specific date\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When a user expires you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change the role of that user\u003C\u002Fli>\n\u003Cli>Replace the user’s password with a randomly generated one\u003C\u002Fli>\n\u003Cli>Send an email notification to the user\u003C\u002Fli>\n\u003Cli>Send an email notification to the site administrator\u003C\u002Fli>\n\u003Cli>Remove expiry details and allow user to continue to login\u003C\u002Fli>\n\u003Cli>Perform you own actions using an \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbenhuson\u002Fexpire-users\u002Fwiki\u002Fexpire_users_expired\" rel=\"nofollow ugc\">\u003Ccode>expire_users_expired\u003C\u002Fcode>\u003C\u002Fa> hook\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can automatically assign expiry details to users who sign up via the register form.\u003C\u002Fp>\n\u003Cp>The email notification messages can be configured in the admin settings.\u003C\u002Fp>\n\u003Cp>Please post in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fexpire-users\" rel=\"ugc\">support forum\u003C\u002Fa> if you have any questions, or refer to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbenhuson\u002Fexpire-users\u002Fwiki\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbenhuson\u002Fexpire-users\u002Fissues\" rel=\"nofollow ugc\">report bugs\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbenhuson\u002Fexpire-users\u002Fissues\" rel=\"nofollow ugc\">submit translations\u003C\u002Fa> at the plugin’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbenhuson\u002Fexpire-users\u002F\" rel=\"nofollow ugc\">GitHub page\u003C\u002Fa>.\u003C\u002Fp>\n","Set expiry dates for user logins.",4000,53229,96,25,"2025-09-19T16:05:00.000Z","6.8.5","5.4",[135,136,137,21,22],"expire","login","password","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fexpire-users\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-users.1.2.2.zip",{"attackSurface":141,"codeSignals":170,"taintFlows":207,"riskAssessment":208,"analyzedAt":218},{"hooks":142,"ajaxHandlers":166,"restRoutes":167,"shortcodes":168,"cronEvents":169,"entryPointCount":26,"unprotectedCount":26},[143,149,152,155,158,162],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","edit_user_profile_update","wpnm_edit_user_profile","network-user-management.php",54,{"type":144,"name":150,"callback":146,"file":147,"line":151},"user_register",55,{"type":144,"name":153,"callback":146,"file":147,"line":154},"wpmu_activate_user",56,{"type":144,"name":156,"callback":146,"file":147,"line":157},"wpmu_new_user",57,{"type":144,"name":159,"callback":160,"file":147,"line":161},"admin_enqueue_scripts","wpnm_css",148,{"type":144,"name":163,"callback":164,"file":147,"line":165},"network_admin_menu","register_wpnm",149,[],[],[],[],{"dangerousFunctions":171,"sqlUsage":172,"outputEscaping":180,"fileOperations":26,"externalRequests":26,"nonceChecks":14,"capabilityChecks":26,"bundledLibraries":206},[],{"prepared":26,"raw":14,"locations":173},[174,177],{"file":147,"line":175,"context":176},61,"$wpdb->get_results() with variable interpolation",{"file":147,"line":178,"context":179},69,"$wpdb->get_col() with variable interpolation",{"escaped":26,"rawEcho":181,"locations":182},11,[183,186,188,190,192,194,196,198,200,202,204],{"file":147,"line":184,"context":185},103,"raw output",{"file":147,"line":187,"context":185},106,{"file":147,"line":189,"context":185},107,{"file":147,"line":191,"context":185},110,{"file":147,"line":193,"context":185},111,{"file":147,"line":195,"context":185},112,{"file":147,"line":197,"context":185},113,{"file":147,"line":199,"context":185},115,{"file":147,"line":201,"context":185},116,{"file":147,"line":203,"context":185},117,{"file":147,"line":205,"context":185},120,[],[],{"summary":209,"deductions":210},"The \"network-user-management\" plugin v1.0 exhibits a generally positive security posture with no recorded vulnerabilities and a seemingly small attack surface.  The static analysis shows zero AJAX handlers, REST API routes, shortcodes, or cron events, which is a strong indicator of a limited exposure.  Furthermore, there are no reported CVEs, indicating a history of good security practices or a lack of discovery, which is encouraging.\n\nHowever, the code analysis reveals significant concerns that overshadow the positive findings. The plugin uses two SQL queries, and alarmingly, 0% of them utilize prepared statements. This practice, combined with 0% proper output escaping across 11 identified outputs, presents a high risk of SQL injection and Cross-Site Scripting (XSS) vulnerabilities. While taint analysis shows no explicit flows, the raw SQL and unescaped output are direct pathways for such attacks. The presence of nonce checks is a minor positive, but their effectiveness is negated by the lack of capability checks and the other critical code hygiene issues.\n\nIn conclusion, while the plugin's history and limited attack surface are strengths, the critical deficiencies in database query security and output sanitization render it highly vulnerable. The absence of capability checks further exacerbates these risks, as any authenticated user could potentially trigger these vulnerabilities. Immediate remediation of SQL query preparation and output escaping is paramount to mitigate severe security risks.",[211,213,216],{"reason":212,"points":11},"SQL queries not using prepared statements",{"reason":214,"points":215},"No proper output escaping",8,{"reason":217,"points":32},"No capability checks","2026-03-16T23:38:09.641Z",{"wat":220,"direct":227},{"assetPaths":221,"generatorPatterns":223,"scriptPaths":224,"versionParams":225},[222],"\u002Fwp-content\u002Fplugins\u002Fnetwork-user-management\u002Fwpnm.css",[],[],[226],"wpnm.css?ver=1.0",{"cssClasses":228,"htmlComments":230,"htmlAttributes":231,"restEndpoints":232,"jsGlobals":233,"shortcodeOutput":234},[229],"button-checkbox",[],[],[],[],[235],"\u003Cform name=\"wpnm_form\" method=\"post\" action=\""]