[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-ddo6jO6nl53iczmlJVNdMMbmY-HY0MqdMNQIhFoiuk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":35,"analysis":57,"fingerprints":170},"om-change-login-design","Om Change Login Design","01.00.05","Er Siddharth Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fsiddharthsingh91\u002F","\u003Cp>Change the wordpress admin design, You can upload your own site logo on that.\u003C\u002Fp>\n\u003Cp>Just input your message using the admin panel and the message will display on the frontend of your site on all pages.\u003C\u002Fp>\n\u003Cp>You can show a beautiful pop-up Message on the top of the website, the Middle section, and in the footer.\u003C\u002Fp>\n\u003Cp>It is very lightweight, it will not increase any load on the website.\u003C\u002Fp>\n\u003Cp>With the help of setting you can tune on or off the pop-up for the rest of the pages on the website.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“Compatible with all major browsers, well tested with ie10”\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Change the wordpress admin design, You can upload your own site logo on that.",0,709,"2022-05-08T10:57:00.000Z","5.9.13","5.8.0","",[18,19,20],"admin-design","admin-login-design","wordpress-admin-design","http:\u002F\u002Fsanditsolution.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fom-change-login-design.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"siddharthsingh91",5,40,91,30,88,"2026-04-05T06:25:31.487Z",[36],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":11,"num_ratings":11,"last_updated":16,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":53,"download_link":54,"security_score":55,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":56},"wp-admin-view","WP Admin View","1.0.0","krishjohnson","https:\u002F\u002Fprofiles.wordpress.org\u002Fkrishjohnson\u002F","\u003Cp>WP Admin View – WordPress plugin provide several options\u002Ftools to completely change the entire look of default WordPress admin section. It can be used to offer your customers a complete new & stylish admin dashboard with your brand name.\u003C\u002Fp>\n\u003Cp>*** Features\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* White Label Branding.\n* Unlimited color options + 16 pre-made themes.\n* Flat\u002FDefault design.\n* White Label Emails.\n* Upload custom logo for login and dashboard pages.\n* Hide, rename and sort admin menu items.\n* Hide unwanted widgets from dashboard.\n* Privilege Users who can access to all menu items.\n* RTL Compatibility.\n* Custom Icons for admin menu items: Dashicons and FontAwesome icons\n* Custom login Theme.\n* Manage and Create custom dashboard widgets.\n* Manage Admin Bar elements.\n* Ability to add custom links to the admin bar.\n* Disable automatic background updates.\n* Multi-site Network Support – Global option\u002FIndividual blog option.\n* Export and Import of settings feature.\n* Powerful and simple to use Options panel.\n* Add custom css styles for login and admin pages.\n* Tested for Compatibility with popular plugins: Contact form 7, Visual Composer, WP Super cache, WP Total cache, woocommerce, etc.\n\u003C\u002Fcode>\u003C\u002Fpre>\n","WP Admin View plugin provide several options to customize WordPress Admin theme, elements & views.",999,"4.7.32","4.6","5.2.4",[49,50,51,37,52],"wp-admin-customize","wp-admin-design","wp-admin-theme","wp-admin","https:\u002F\u002F100utils.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-admin-view.zip",100,"2026-03-15T10:48:56.248Z",{"attackSurface":58,"codeSignals":120,"taintFlows":134,"riskAssessment":161,"analyzedAt":169},{"hooks":59,"ajaxHandlers":109,"restRoutes":116,"shortcodes":117,"cronEvents":118,"entryPointCount":119,"unprotectedCount":11},[60,66,69,74,78,82,84,90,93,97,101,105],{"type":61,"name":62,"callback":63,"file":64,"line":65},"action","admin_enqueue_scripts","om_change_admin_login_remove_notic","admin\\function\\admin_function.php",2,{"type":61,"name":67,"callback":63,"file":64,"line":68},"login_enqueue_scripts",3,{"type":61,"name":70,"callback":71,"file":72,"line":73},"admin_menu","om_change_login_design_admin_menu","admin\\function\\admin_main_menu.php",10,{"type":61,"name":62,"callback":75,"file":76,"line":77},"om_change_login_admin_js_css","admin\\function\\include_js_css.php",13,{"type":61,"name":67,"callback":79,"file":80,"line":81},"om_change_login_design_scripts","including_js_css.php",4,{"type":61,"name":67,"callback":83,"file":80,"line":73},"om_change_login_design_scripts_style",{"type":85,"name":86,"callback":87,"file":88,"line":89},"filter","login_message","om_change_login_top_text","index.php",16,{"type":61,"name":67,"callback":91,"file":88,"line":92},"om_change_login_design_logo",17,{"type":85,"name":94,"callback":95,"file":88,"line":96},"login_headerurl","om_change_login_design_url",18,{"type":85,"name":98,"callback":99,"file":88,"line":100},"login_headertext","om_change_login_design_title",19,{"type":85,"name":102,"callback":103,"file":88,"line":104},"login_footer","om_change_login_footer_text",20,{"type":85,"name":106,"callback":107,"priority":73,"file":88,"line":108},"plugin_action_links","om_change_login_design_add_action",26,[110],{"action":111,"nopriv":112,"callback":113,"hasNonce":114,"hasCapCheck":112,"file":115,"line":65},"om_change_login_admin_reponse",false,"om_change_login_design_submit",true,"admin\\function\\form_submit.php",[],[],[],1,{"dangerousFunctions":121,"sqlUsage":122,"outputEscaping":124,"fileOperations":11,"externalRequests":11,"nonceChecks":119,"capabilityChecks":11,"bundledLibraries":133},[],{"prepared":11,"raw":11,"locations":123},[],{"escaped":125,"rawEcho":65,"locations":126},8,[127,131],{"file":128,"line":129,"context":130},"admin\\function\\html_container.php",22,"raw output",{"file":128,"line":132,"context":130},79,[],[135,153],{"entryPoint":136,"graph":137,"unsanitizedCount":11,"severity":152},"om_change_login_design_submit (admin\\function\\form_submit.php:3)",{"nodes":138,"edges":150},[139,144],{"id":140,"type":141,"label":142,"file":115,"line":143},"n0","source","$_POST",7,{"id":145,"type":146,"label":147,"file":115,"line":148,"wp_function":149},"n1","sink","update_option() [Settings Manipulation]",14,"update_option",[151],{"from":140,"to":145,"sanitized":114},"low",{"entryPoint":154,"graph":155,"unsanitizedCount":11,"severity":152},"\u003Cform_submit> (admin\\function\\form_submit.php:0)",{"nodes":156,"edges":159},[157,158],{"id":140,"type":141,"label":142,"file":115,"line":143},{"id":145,"type":146,"label":147,"file":115,"line":148,"wp_function":149},[160],{"from":140,"to":145,"sanitized":114},{"summary":162,"deductions":163},"The \"om-change-login-design\" plugin v01.00.05 exhibits a generally good security posture based on the provided static analysis. The plugin has no known CVEs, indicating a history of secure development or prompt patching.  Furthermore, the static analysis reveals a small attack surface with only one AJAX handler, and importantly, this entry point appears to be protected. The code signals also show positive signs, with no dangerous functions, SQL queries exclusively using prepared statements, and a proper nonce check present.\n\nHowever, there are a couple of areas for concern that prevent a perfect score.  A significant portion of output (20%) is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is directly outputted without sanitization. Additionally, while a nonce check is present, the absence of capability checks on the single AJAX handler is a notable weakness. This means that any authenticated user, regardless of their role or permissions, could potentially trigger this AJAX action, which is a security risk. The taint analysis shows no concerning flows, and the lack of file operations or external HTTP requests further strengthens the perceived security.\n\nIn conclusion, the plugin has strong foundations in preventing common vulnerabilities like SQL injection and basic unauthorized access. The developers have made good choices regarding prepared statements and nonce checks. The primary areas of risk are the potential for unescaped output leading to XSS and the lack of role-based access control on the AJAX endpoint. Addressing these two points would significantly enhance the plugin's security.",[164,167],{"reason":165,"points":166},"20% of output not properly escaped",6,{"reason":168,"points":143},"AJAX handler lacks capability checks","2026-03-17T06:55:25.356Z",{"wat":171,"direct":191},{"assetPaths":172,"generatorPatterns":180,"scriptPaths":181,"versionParams":183},[173,174,175,176,177,178,179],"\u002Fwp-content\u002Fplugins\u002Fom-change-login-design\u002Fadmin\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fom-change-login-design\u002Fbootstrap\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fom-change-login-design\u002Fbootstrap\u002Fjs\u002Fbootstrap.bundle.min.js","\u002Fwp-content\u002Fplugins\u002Fom-change-login-design\u002Fadmin\u002Fjs\u002Fom_image_upload.js","\u002Fwp-content\u002Fplugins\u002Fom-change-login-design\u002Fadmin\u002Fjs\u002Fom_login_design_script.js","\u002Fwp-content\u002Fplugins\u002Fom-change-login-design\u002Fjs\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fom-change-login-design\u002Fcss\u002Fstyle.css",[],[182],"js\u002Fscript.js",[184,185,186,187,188,189,190],"om-change-login-design\u002Fadmin\u002Fcss\u002Fstyle.css?ver=","om-change-login-design\u002Fbootstrap\u002Fcss\u002Fbootstrap.min.css?ver=","om-change-login-design\u002Fbootstrap\u002Fjs\u002Fbootstrap.bundle.min.js?ver=","om-change-login-design\u002Fadmin\u002Fjs\u002Fom_image_upload.js?ver=","om-change-login-design\u002Fadmin\u002Fjs\u002Fom_login_design_script.js?ver=","om-change-login-design\u002Fjs\u002Fscript.js?ver=","om-change-login-design\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":192,"htmlComments":193,"htmlAttributes":194,"restEndpoints":195,"jsGlobals":196,"shortcodeOutput":198},[],[],[],[],[197],"om_change_login_admin_script",[]]