[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faEooWQXnTJe13CY-5ACMmAGnijoyP3Jleo70l4WqSig":3,"$fTVyWSWJIXi5OhbuYAZEK18qqaLs-fMohjB6TWxc9rRc":269,"$fhtQEX9yweNz9c_4Nwk8Z9P9wYCf9c8d0nVfzncEyU9o":273},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":35,"analysis":142,"fingerprints":249},"omni-ping-list-checker","Omni Ping List Checker","1.3.6","omnitelecomltd","https:\u002F\u002Fprofiles.wordpress.org\u002Fomnitelecomltd\u002F","\u003Cp>\u003Cstrong>Omni Ping List Checker\u003C\u002Fstrong> automatically keeps your WordPress ping list up-to-date with verified, working XML-RPC endpoints.\u003C\u002Fp>\n\u003Cp>When you publish a new post, WordPress can notify (“ping”) blog directories and search engines. However, many default ping services are no longer active. This plugin fetches a curated list of \u003Cstrong>actually working\u003C\u002Fstrong> services, validated daily.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Sync\u003C\u002Fstrong> – Updates your ping list on a schedule (hourly, twice daily, or daily)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Verified URLs\u003C\u002Fstrong> – Only includes services that respond with valid XML-RPC\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Updates\u003C\u002Fstrong> – Only syncs when the list has changed (uses checksums)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fallback Caching\u003C\u002Fstrong> – Keeps a local copy in case the API is temporarily unavailable\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Sync\u003C\u002Fstrong> – One-click button to sync immediately\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Connection Test\u003C\u002Fstrong> – Verify your API connection is working\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site Ping Tester\u003C\u002Fstrong> – Register your site and verify your pings are actually being sent\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ping Statistics\u003C\u002Fstrong> – Track total pings, success rate, and errors\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Beautiful Admin\u003C\u002Fstrong> – Dark-themed settings page with Omni branding\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>Configure the API URL (if using a custom server)\u003C\u002Fli>\n\u003Cli>Enable automatic sync\u003C\u002Fli>\n\u003Cli>The plugin will fetch the validated ping list and update your WordPress settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The ping list is updated in \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Writing \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Update Services\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.0 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>Access to the Omni Ping List API\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services provided by Omni Telecom Ltd. These connections are required for the plugin’s core functionality.\u003C\u002Fp>\n\u003Ch4>Omni Ping List API\u003C\u002Fh4>\n\u003Cp>This plugin connects to the Omni Ping List API to retrieve a validated list of working XML-RPC ping service URLs. This is the core feature of the plugin – keeping your WordPress Update Services list current with verified, working endpoints.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service URL:\u003C\u002Fstrong> https:\u002F\u002Fpingtest.omnicode.software\u002Fapi\u002Fv1\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* When you click “Sync Now” manually\u003Cbr \u002F>\n* When Auto-Sync is enabled (on your chosen schedule: hourly, twice daily, or daily)\u003Cbr \u002F>\n* When you click “Test Connection”\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Your site’s IP address (standard for any HTTP request)\u003Cbr \u002F>\n* Plugin version (in the User-Agent header)\u003Cbr \u002F>\n* Previously received checksum (to check if list has changed)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is received:\u003C\u002Fstrong>\u003Cbr \u002F>\n* List of validated XML-RPC ping service URLs\u003Cbr \u002F>\n* Checksum for change detection\u003C\u002Fp>\n\u003Cp>This service is provided by Omni Telecom Ltd: \u003Ca href=\"https:\u002F\u002Fpingtest.omnicode.software\u002Fterms.php\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fpingtest.omnicode.software\u002Fprivacy.php\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Site Ping Tester (Optional Feature)\u003C\u002Fh4>\n\u003Cp>If you choose to use the Site Ping Tester feature, the plugin connects to an RPC endpoint to test that your WordPress pings are being sent correctly. This feature is entirely optional.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service URL:\u003C\u002Fstrong> https:\u002F\u002Fpingtest.omnicode.software\u002Frpc\u002F{your-token}\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* When WordPress sends a ping after publishing or updating a post (only if you have configured the RPC endpoint in Update Services)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Standard XML-RPC ping data (your site URL, post title, post URL)\u003Cbr \u002F>\n* Your unique site token (to identify your site)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is received:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Confirmation that the ping was received\u003Cbr \u002F>\n* Your ping is forwarded to all verified ping services\u003C\u002Fp>\n\u003Cp>This service is provided by Omni Telecom Ltd: \u003Ca href=\"https:\u002F\u002Fpingtest.omnicode.software\u002Fterms.php\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fpingtest.omnicode.software\u002Fprivacy.php\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>User Consent\u003C\u002Fh4>\n\u003Cp>Auto-Sync is disabled by default. Before enabling Auto-Sync, users must accept the External Service Agreement which explains the data transmission. You can disable Auto-Sync at any time through the plugin settings to stop external API calls.\u003C\u002Fp>\n\u003Ch4>Contact\u003C\u002Fh4>\n\u003Cp>For privacy questions or data deletion requests, contact: support@omnitelecom.co.uk\u003C\u002Fp>\n","Automatically updates your WordPress Update Services with a verified, working ping list from Omni Ping List Checker.",0,141,"2026-03-10T20:22:00.000Z","6.9.4","5.0","7.4",[18,19,20,21,22],"blog-ping","ping","seo","update-services","xml-rpc","https:\u002F\u002Fpingtest.omnicode.software","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fomni-ping-list-checker.1.3.6.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,94,"2026-05-20T07:03:14.900Z",[36,58,79,99,122],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":14,"requires_at_least":15,"requires_php":49,"tags":50,"homepage":56,"download_link":57,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"disable-xml-rpc-api","Disable XML-RPC-API","2.1.7","Amin Nazemi","https:\u002F\u002Fprofiles.wordpress.org\u002Faminnz\u002F","\u003Cp>Protect your website from xmlrpc brute-force attacks,DOS and DDOS attacks, this plugin disables the XML-RPC and trackbacks-pingbacks on your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PLUGIN FEATURES\u003C\u002Fstrong>\u003Cbr \u002F>\n(These are options you can enable or disable each one)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable access to xmlrpc.php file using .httacess file \u003C\u002Fli>\n\u003Cli>Automatically change htaccess file permission to read-only (0444)\u003C\u002Fli>\n\u003Cli>Disable X-pingback to minimize CPU usage \u003C\u002Fli>\n\u003Cli>Disable selected methods from XML-RPC\u003C\u002Fli>\n\u003Cli>Remove pingback-ping link from header\u003C\u002Fli>\n\u003Cli>Disable trackbacks and pingbacks to avoid spammers and hackers\u003C\u002Fli>\n\u003Cli>Rename XML-RPC slug to whatever you want\u003C\u002Fli>\n\u003Cli>Black list IPs for XML-RPC\u003C\u002Fli>\n\u003Cli>White list IPs for XML-RPC\u003C\u002Fli>\n\u003Cli>Some options to speed-up your wordpress website\u003C\u002Fli>\n\u003Cli>Disable JSON REST API\u003C\u002Fli>\n\u003Cli>Hide WordPress Version\u003C\u002Fli>\n\u003Cli>Disable built-in WordPress file editor\u003C\u002Fli>\n\u003Cli>Disable wlw manifest\u003C\u002Fli>\n\u003Cli>And some other options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>What is XMLRPC\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>XML-RPC, or XML Remote Procedure Call is a protocol which uses XML to encode its calls and HTTP as a transport mechanism.\u003Cbr \u002F>\nBeginning in WordPress 3.5, XML-RPC is enabled by default. Additionally, the option to disable\u002Fenable XML-RPC was removed. For various reasons, site owners may wish to disable this functionality. This plugin provides an easy way to do so.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why you should disable XML-RPC\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>Xmlrpc has two main weaknesses\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Brute force attacks:\u003Cbr \u002F>\nAttackers try to login to WordPress using xmlrpc.php with as many username\u002Fpassword combinations as they can enter. A method within xmlrpc.php allows the attacker to use a single command (system.multicall) to guess hundreds of passwords. Daniel Cid at Sucuri described it well in October 2015: “With only 3 or 4 HTTP requests, the attackers could try thousands of passwords, bypassing security tools that are designed to look and block brute force attempts.”\u003C\u002Fli>\n\u003Cli>Denial of Service Attacks via Pingback:\u003Cbr \u002F>\nBack in 2013, attackers sent Pingback requests through xmlrpc.php of approximately 2500 WordPress sites to “herd (these sites) into a voluntary botnet,” according to Gur Schatz at Incapsula. “This gives any attacker a virtually limitless set of IP addresses to Distribute a Denial of Service attack across a network of over 100 million WordPress sites, without having to compromise them.”\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple and lightweight plugin to disable XML-RPC API, X-Pingback and pingback-ping in WordPress 3.5+ for a faster and more secure website",100000,798984,82,42,"2026-02-04T06:54:00.000Z","",[51,52,53,54,55],"disable-xml-rpc","disable-xmlrpc","pingback","stop-brute-force-attacks","xmlrpc","https:\u002F\u002Fneatma.com\u002Fdsxmlrpc-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-xml-rpc-api.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":49,"download_link":78,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"disable-xml-rpc-pingback","Disable XML-RPC Pingback","1.2.2","Samuel Aguilera","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamuelaguilera\u002F","\u003Cp>Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.\u003C\u002Fp>\n\u003Cp>This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The original one.\u003C\u002Fli>\n\u003Cli>Simple and effective.\u003C\u002Fli>\n\u003Cli>No marketing buzz.\u003C\u002Fli>\n\u003Cli>Maintained and \u003Cstrong>updated when needed\u003C\u002Fstrong> since 2014.\u003C\u002Fli>\n\u003Cli>100% compliant with \u003Cstrong>WordPress coding standards\u003C\u002Fstrong> which makes it fail safe.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>60,000+ active installations\u003C\u002Fstrong> can’t be wrong.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’re happy with the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-xml-rpc-pingback\u002Freviews\u002F?filter=5\" rel=\"ugc\">please don’t forget to give it a good rating\u003C\u002Fa>, it will motivate me to keep sharing and improving this plugin (and others).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Removes the following methods from XML-RPC interface.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>pingback.ping\u003C\u002Fli>\n\u003Cli>pingback.extensions.getPingbacks\u003C\u002Fli>\n\u003Cli>X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.8.1 or higher.\u003C\u002Fli>\n\u003C\u002Ful>\n","Stops abuse of your site's XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.",60000,422743,78,14,"2025-11-24T11:09:00.000Z","6.8.5","4.8","5.6",[75,53,76,77,22],"ddos","rpc","xml","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-xml-rpc-pingback.1.2.2.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":73,"tags":94,"homepage":96,"download_link":97,"security_score":98,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"remove-xmlrpc-pingback-ping","Remove & Disable XML-RPC Pingback","1.6","cleverplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fcleverplugins\u002F","\u003Cp>Prevent your WordPress site from participating and being a victim of pingback denial of service attacks. \u003Cstrong>After activation the plugin automatically disables XML-RPC. There’s no need to configure anything.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>By disabling the XML-RPC pingback you’ll:\u003Cbr \u002F>\n* lower your server CPU usage\u003Cbr \u002F>\n* prevent malicious scripts from using your site to run pingback denial of service attacks\u003Cbr \u002F>\n* prevent malicious scripts to run denial of service attacks on your site via pingback\u003C\u002Fp>\n\u003Cp>From sucuri.net:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Any WordPress site with Pingback enabled (which is on by default) can be used in DDOS attacks against other sites.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Learn More\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwptavern.com\u002Fhow-to-prevent-wordpress-from-participating-in-pingback-denial-of-service-attacks\" rel=\"nofollow ugc\">How To Prevent WordPress From Participating In Pingback Denial of Service Attacks\u003C\u002Fa> – wptavern.com\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.sucuri.net\u002F2014\u002F03\u002Fmore-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html\" rel=\"nofollow ugc\">More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack\u003C\u002Fa> – sucuri.net\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fhackguard.com\u002Fxmlrpc-php-ping-backs-hackers-denial-service-attacks\" rel=\"nofollow ugc\">xmlrpc.php and Pingbacks and Denial of Service Attacks, Oh My!\u003C\u002Fa> – hackguard.com\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Is Your Site Attacking Others?\u003C\u002Fh4>\n\u003Cp>Use \u003Ca href=\"http:\u002F\u002Flabs.sucuri.net\u002F?is-my-wordpress-ddosing\" rel=\"nofollow ugc\">Sucuri’s WordPress DDOS Scanner\u003C\u002Fa> to check if your site is DDOS’ing other websites\u003C\u002Fp>\n\u003Ch4>Why Not Just Disable XMLRPC Altogether?\u003C\u002Fh4>\n\u003Cp>Yes, you can choose to do that, but if you use popular plugins like JetPack (that use XMLRPC) then those plugins will stop working. That is why this small plugin exists.\u003C\u002Fp>\n","Prevent pingback, XML-RPC and denial of service DDOS attacks by disabling the XML-RPC pingback functionality.",9000,94645,60,6,"2023-07-24T23:03:00.000Z","6.3.8","5.2",[95,19,53,22,55],"disable-ping","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fremove-xmlrpc-pingback-ping","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-xmlrpc-pingback-ping.1.6.zip",85,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":89,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":49,"tags":113,"homepage":119,"download_link":120,"security_score":121,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"manage-xml-rpc","Manage XML-RPC","1.0.2","brainvireinfo","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainvireinfo\u002F","\u003Cp>You can now disable XML-RPC to avoid Brute force attack for given IPs or can even enable access for some IPs. XML-RPC on WordPress is actually an API that gives developers who build mobile apps, desktop apps and other services, the ability to talk to a WordPress site. The XML-RPC API that WordPress provides gives developers, a way to write applications (for you) that can do many of the things that you can do when logged into WordPress via the web interface.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Block XML-RPC by following way.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable pingback.ping, pingback.extensions.getPingbacks and Unset X-Pingback from HTTP headers, that will block bots to access specified method.\u003C\u002Fli>\n\u003Cli>Disable\u002FBlock XML-RPC for all users.\u003C\u002Fli>\n\u003C\u002Ful>\n","Enable\u002FDisable XML-RPC for all or based on IP list, also you can control pingback and Unset X-Pingback from HTTP headers.",6000,64423,4,"2024-12-02T07:10:00.000Z","6.7.5","4.0",[114,115,116,117,118],"block-xml-rpc","brute-force-attacks","security","xml-rpc-pingback","xmlrpc-php-attack","http:\u002F\u002Fwww.brainvire.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanage-xml-rpc.1.0.2.zip",92,{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":109,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":49,"tags":136,"homepage":140,"download_link":141,"security_score":98,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"auto-ping-booster","Auto Ping Booster","1.2","same2cool","https:\u002F\u002Fprofiles.wordpress.org\u002Fsame2cool\u002F","\u003Col>\n\u003Cli>Use this plugin to ping your blog, post, pages, images, docs files, on daily basis.\u003C\u002Fli>\n\u003Cli>Auto Ping Booster will auto Ping your blog in Google Blogsearch after every update.\u003C\u002Fli>\n\u003Cli>Auto Ping Booster is known about SEO Booster. \u003C\u002Fli>\n\u003Cli>Just upload auto-ping-booster.zip file to plugin directory or upload it by plugin option in menu and active it. It works automatically itself.\n\u003C\u002Fli>\n\u003Cli>Once you update your post or blog, your update will be automatically pinged to top pinger sites.\u003C\u002Fli>\n\u003Cli>Your post will be on google indexing within 10 to 15 minutes.\u003C\u002Fli>\n\u003Cli>Google, Yandex, PingoMatic, NewsGator and top services. \u003C\u002Fli>\n\u003Cli>For More Information Contact \u003Ca href=\"http:\u002F\u002Fwww.samee.us\" rel=\"nofollow ugc\">Digital Marketing Specialist\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>If your target country is China, Install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbaidu-ping-booster\u002F\" rel=\"ugc\">Baidu Ping Booster\u003C\u002Fa> \u003C\u002Fli>\n\u003C\u002Fol>\n","Auto Ping Booster will auto ping your blog in Google, Baidu, Yandex and many search engines after each update.",1000,40223,80,"2017-11-28T17:08:00.000Z","4.6.30","3.3",[137,138,139,19,20],"blogsearch","booster","google","http:\u002F\u002Fseoleaders.club\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-ping-booster.zip",{"attackSurface":143,"codeSignals":203,"taintFlows":215,"riskAssessment":242,"analyzedAt":248},{"hooks":144,"ajaxHandlers":176,"restRoutes":197,"shortcodes":198,"cronEvents":199,"entryPointCount":202,"unprotectedCount":11},[145,150,154,157,161,166,169,172],{"type":146,"name":147,"callback":148,"file":149,"line":132},"action","admin_menu","add_admin_menu","omni-ping-list-checker.php",{"type":146,"name":151,"callback":152,"file":149,"line":153},"admin_init","register_settings",81,{"type":146,"name":155,"callback":156,"file":149,"line":46},"admin_enqueue_scripts","enqueue_admin_assets",{"type":146,"name":158,"callback":159,"file":149,"line":160},"omni_ping_sync_event","sync",86,{"type":162,"name":163,"callback":164,"file":149,"line":165},"filter","cron_schedules","add_cron_schedule",87,{"type":146,"name":167,"callback":168,"file":149,"line":25},"update_option_omni_ping_sync_enabled","schedule_sync",{"type":146,"name":170,"callback":168,"file":149,"line":171},"update_option_omni_ping_schedule",101,{"type":146,"name":173,"callback":174,"file":149,"line":175},"plugins_loaded","omni_ping_list_checker",420,[177,183,187,190,194],{"action":178,"nopriv":179,"callback":180,"hasNonce":181,"hasCapCheck":181,"file":149,"line":182},"omni_ping_manual_sync",false,"ajax_manual_sync",true,90,{"action":184,"nopriv":179,"callback":185,"hasNonce":181,"hasCapCheck":181,"file":149,"line":186},"omni_ping_test_connection","ajax_test_connection",91,{"action":188,"nopriv":179,"callback":189,"hasNonce":181,"hasCapCheck":181,"file":149,"line":121},"omni_ping_save_endpoint","ajax_save_endpoint",{"action":191,"nopriv":179,"callback":192,"hasNonce":181,"hasCapCheck":181,"file":149,"line":193},"omni_ping_refresh_test_status","ajax_refresh_test_status",93,{"action":195,"nopriv":179,"callback":196,"hasNonce":181,"hasCapCheck":181,"file":149,"line":33},"omni_ping_accept_tos","ajax_accept_tos",[],[],[200],{"hook":158,"callback":158,"file":149,"line":201},176,5,{"dangerousFunctions":204,"sqlUsage":205,"outputEscaping":207,"fileOperations":11,"externalRequests":31,"nonceChecks":202,"capabilityChecks":90,"bundledLibraries":214},[],{"prepared":11,"raw":11,"locations":206},[],{"escaped":208,"rawEcho":31,"locations":209},83,[210],{"file":211,"line":212,"context":213},"includes\u002Fclass-admin-page.php",300,"raw output",[],[216,234],{"entryPoint":217,"graph":218,"unsanitizedCount":11,"severity":233},"ajax_save_endpoint (omni-ping-list-checker.php:325)",{"nodes":219,"edges":231},[220,225],{"id":221,"type":222,"label":223,"file":149,"line":224},"n0","source","$_POST",332,{"id":226,"type":227,"label":228,"file":149,"line":229,"wp_function":230},"n1","sink","update_option() [Settings Manipulation]",353,"update_option",[232],{"from":221,"to":226,"sanitized":181},"low",{"entryPoint":235,"graph":236,"unsanitizedCount":11,"severity":233},"\u003Comni-ping-list-checker> (omni-ping-list-checker.php:0)",{"nodes":237,"edges":240},[238,239],{"id":221,"type":222,"label":223,"file":149,"line":224},{"id":226,"type":227,"label":228,"file":149,"line":229,"wp_function":230},[241],{"from":221,"to":226,"sanitized":181},{"summary":243,"deductions":244},"The \"omni-ping-list-checker\" plugin exhibits a generally strong security posture based on the static analysis. A significant strength is the complete absence of SQL injection vulnerabilities, with all queries using prepared statements. Furthermore, the vast majority of output is properly escaped, and there are no identified taint flows of critical or high severity. The presence of nonce and capability checks on all identified AJAX entry points, along with the absence of direct SQL queries or file operations, indicates good development practices for handling user-provided data.\n\nHowever, the plugin does make one external HTTP request, which represents a potential, albeit minor, attack surface. While the static analysis did not uncover any immediate vulnerabilities related to this, any external request should always be treated with caution, as it can be a vector for various attacks if not handled securely by the remote service or if the plugin fails to validate the response. The plugin's vulnerability history is notably clean, with no recorded CVEs, which is a very positive indicator of its past security maintenance.\n\nIn conclusion, \"omni-ping-list-checker\" v1.3.6 appears to be a securely coded plugin. The strengths in input sanitization, output escaping, and access control far outweigh the minor concerns related to the single external HTTP request. The lack of historical vulnerabilities further reinforces its good security standing. Users can generally have confidence in the security of this plugin.",[245],{"reason":246,"points":247},"External HTTP requests (potential attack vector)",3,"2026-04-16T15:11:01.144Z",{"wat":250,"direct":259},{"assetPaths":251,"generatorPatterns":254,"scriptPaths":255,"versionParams":256},[252,253],"\u002Fwp-content\u002Fplugins\u002Fomni-ping-list-checker\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fomni-ping-list-checker\u002Fassets\u002Fjs\u002Fadmin.js",[],[253],[257,258],"omni-ping-list-checker\u002Fassets\u002Fcss\u002Fadmin.css?ver=","omni-ping-list-checker\u002Fassets\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":260,"htmlComments":261,"htmlAttributes":262,"restEndpoints":265,"jsGlobals":266,"shortcodeOutput":268},[],[],[263,264],"data-nonce","data-tos-accepted",[],[267],"omniPing",[],{"error":181,"url":270,"statusCode":271,"statusMessage":272,"message":272},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fomni-ping-list-checker\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":31,"versions":274},[275],{"version":6,"download_url":24,"svn_tag_url":276,"released_at":26,"has_diff":179,"diff_files_changed":277,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":278,"is_current":181},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fomni-ping-list-checker\u002Ftags\u002F1.3.6\u002F",[],[]]