[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fP6YeY1Dx4jTZ_ggHfQToNq3MtDZQdFJTFDe0_QsoUx0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":14,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":31,"analysis":131,"fingerprints":156},"only-admins","Only Admins","1.0","pcoitinho","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcoitinho\u002F","\u003Cp>Only Admins is a minimal plugin that restricts your entire WordPress site to Admins.\u003C\u002Fp>\n\u003Cp>Best used as a MU-Plugin on Development and Staging sites.\u003C\u002Fp>\n","Only Admins is a minimal plugin that restricts your entire WordPress site to Admins.",10,1122,0,"","4.7.32","4.3",[18,19,20],"development","security","staging","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fonly-admins.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},1,30,94,"2026-04-04T11:54:13.786Z",[32,54,77,95,114],{"slug":33,"name":34,"version":35,"author":36,"author_profile":37,"description":38,"short_description":39,"active_installs":40,"downloaded":41,"rating":22,"num_ratings":42,"last_updated":43,"tested_up_to":44,"requires_at_least":45,"requires_php":46,"tags":47,"homepage":51,"download_link":52,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"display-environment-type","Display Environment Type","1.6.0","Stoil Dobreff","https:\u002F\u002Fprofiles.wordpress.org\u002Fsdobreff\u002F","\u003Cp>WordPress 5.5 introduced a way to differentiate between environment types (development, staging, production). This plugin shows your site’s environment type in the admin bar and the dashboard “At a Glance” widget.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2020\u002F07\u002F24\u002Fnew-wp_get_environment_type-function-in-wordpress-5-5\u002F\" rel=\"nofollow ugc\">More info about the feature\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To gain additional control — for example, setting the environment or other values from the WP admin (when \u003Ccode>wp-config.php\u003C\u002Fcode> is writable) — consider installing our other plugin \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002F0-day-analytics\u002F\" rel=\"ugc\">0 Day Analytics\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Recommended Plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002F0-day-analytics\u002F\" rel=\"ugc\">0 Day Analytics\u003C\u002Fa> — a powerful plugin for sites that need more insight into errors and runtime behavior. It includes a Cron manager, a Transient manager (database-backed), DB manager, Snippet manager, Mail manager, Plugin Version Switcher available from the Plugins page and many more.\u003C\u002Fli>\n\u003C\u002Ful>\n","Displays WordPress 5.5's environment type setting in the admin bar and the \"At a Glance\" dashboard widget.",1000,135115,4,"2025-12-19T15:09:00.000Z","6.9.4","5.5","7.4",[18,48,49,50,20],"dtap","environment","production","https:\u002F\u002Froytanck.com\u002F2020\u002F08\u002F21\u002Fnew-wordpress-plugin-display-environment-type\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-environment-type.1.6.0.zip","2026-03-15T15:16:48.613Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":40,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":75,"vuln_count":27,"unpatched_count":13,"last_vuln_date":76,"fetched_at":53},"wp-secure-maintainance","WP Secure Maintenance","1.7","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>Want to lock your site for Maintenance or Development? Then this is the right Plugin. Using WP Secure Maintenance you can lock the whole site with a seceret PIN.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set password to protect your site for maintenance or development\u003C\u002Fli>\n\u003Cli>Set your own logo or use default logo\u003C\u002Fli>\n\u003Cli>Change placeholder text for WP Secure Maintenance login form\u003C\u002Fli>\n\u003Cli>Change Submit button label for WP Secure Maintenance’s login form\u003C\u002Fli>\n\u003Cli>Change Error text for WP Secure Maintenance’s login form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Docs & Support\u003C\u002Fh4>\n\u003Cp>Will be available soon.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you are looking for WordPress Admin Security, use our Free WP SECURE ADMIN plugin.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsecure-wp-admin\u002F\" rel=\"ugc\">WP SECURE ADMIN\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Interested in contributing to WP Secure Maintenance\u003C\u002Fstrong>\u003Cbr \u002F>\nHead over to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpexpertsio\u002FWP-Secure-Maintainance\" rel=\"nofollow ugc\">WP Secure Maintenance \u003Cstrong>GitHub Repository\u003C\u002Fstrong>\u003C\u002Fa> to find out how you can pitch in 😉\u003C\u002Fp>\n","Want to lock your site for Maintenance or Development? Then this is the right Plugin",56320,72,5,"2024-06-20T07:15:00.000Z","6.5.8","5.2","7.0",[18,70,71,72],"maintenance","maintenance-lock","site-security","https:\u002F\u002Fwpexperts.io\u002Fproducts\u002Fwp-secure-maintenance\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-secure-maintainance.1.7.zip",91,"2024-06-21 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":13,"num_ratings":13,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":46,"tags":90,"homepage":92,"download_link":93,"security_score":94,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"wp-shield","WP Shield","1.6","drupalmatts","https:\u002F\u002Fprofiles.wordpress.org\u002Fdrupalmatts\u002F","\u003Cp>This plugin will allow you to secure your development, staging and UAT environments\u003Cbr \u002F>\nwith an http authentication block that can be controlled in admin but also turned\u003Cbr \u002F>\noff via a declared variable in your config file.  It allows you to bring your Database\u003Cbr \u002F>\nback to non-production environments without having to physically turn off the plugin each time.\u003C\u002Fp>\n\u003Cp>Variable:  \u003Ccode>define('WP_SHIELD_UN', '');\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>This simple line of code (recommended to add to a file ignored by your code management\u003Cbr \u002F>\nsoftware and required into your wp_config.php file) will override the enabled flag\u003Cbr \u002F>\nif the plugin’s settings.  Enable in production and add the above code.  If that\u003Cbr \u002F>\nrequire file doesn’t exist in your other environments, it will prompt users for the\u003Cbr \u002F>\nset username and password.\u003C\u002Fp>\n","This plugin will allow you to secure your development, staging and UAT environments with an http authentication block that can be controlled in admin  …",300,2309,"2023-12-06T01:22:00.000Z","6.4.8","4.6",[18,91,19],"environments","https:\u002F\u002Fwww.tronebrandenergy.com\u002Fplugins\u002Fshield","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-shield.1.6.zip",85,{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":22,"downloaded":103,"rating":22,"num_ratings":104,"last_updated":105,"tested_up_to":88,"requires_at_least":106,"requires_php":14,"tags":107,"homepage":111,"download_link":112,"security_score":75,"vuln_count":27,"unpatched_count":13,"last_vuln_date":113,"fetched_at":53},"the-permalinker","The Permalinker","1.9.0","Andy Stratton","https:\u002F\u002Fprofiles.wordpress.org\u002Ftheandystratton\u002F","\u003Cp>Use short codes to dynamically link to your WordPress pages and posts. All you need is the ID. This can come in handy when developing content for WordPress sites. Makes for a cleaner migration with no need to manipulate content when moving from one subdirectory or domain to another.\u003C\u002Fp>\n\u003Cp>Attributes of \u003Ccode>append\u003C\u002Fcode> \u003Ccode>class\u003C\u002Fcode>, \u003Ccode>rel\u003C\u002Fcode>, and \u003Ccode>target\u003C\u002Fcode> are supported within the \u003Ccode>[permalink]\u003C\u002Fcode> opening tag. See FAQs. You can insert the token \u003Ccode>%post_title%\u003C\u002Fcode> to dynamically insert the post’s title into anchor text (content between the opening and closing shortcode).\u003C\u002Fp>\n\u003Cp>A short code for \u003Ccode>[template_uri]\u003C\u002Fcode> exists if you’d like to dynamically grab the full URL to your current template directory (useful for adding images and other resources bundled in a template via the page\u002Fpost editor).\u003C\u002Fp>\n\u003Cp>\u003Cem>Example 1: Create link.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[permalink id=2 rel=\"internal\"]Check out my latest post named %post_title%[\u002Fpermalink] or use `[permalink]this link[\u002Fpermalink]` to link to this post.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Example 2: Output Permalink URL.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Ca href=\"[permalink]\">;This post.\u003C\u002Fa>;\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Example 3: Template Directory URI\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cimg src=\"[template_uri]\u002Fphotos\u002Fme_grandma.jpg\" alt=\"A Photo of Me and My Grandma\" \u002F>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Use short codes to dynamically link to your WordPress pages and posts. All you need is the ID. This can come in handy when developing content for Word …",12640,2,"2024-12-13T20:33:00.000Z","2.6",[18,108,109,110,20],"linking","migration","permalinks","http:\u002F\u002Ftheandystratton.com\u002F2009\u002Fthe-permalinker-wordpress-plugin-dynamic-permalinks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-permalinker.1.9.0.zip","2024-12-13 15:58:35",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":28,"downloaded":122,"rating":22,"num_ratings":27,"last_updated":123,"tested_up_to":124,"requires_at_least":89,"requires_php":125,"tags":126,"homepage":14,"download_link":130,"security_score":94,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"dev-theme","Dev Theme","1.2.1","Avi Bashari","https:\u002F\u002Fprofiles.wordpress.org\u002Fbashari\u002F","\u003Ch4>DEV Theme\u003C\u002Fh4>\n\u003Cp>Develop your website on live server without crashing your site, then deploy all changes in 1 click.\u003C\u002Fp>\n\u003Cp>With Dev Theme plugin, you can easily create a separate staging environment for your website where you can test and experiment with new themes and designs without affecting your live site. Our plugin allows you to make changes to your staging site, preview the changes and only when you’re ready, you can push them to your live site with just a click of a button.\u003C\u002Fp>\n\u003Cp>Our plugin makes it easy for you to edit themes on your live site, without worrying about affecting your live site until you decides to. You can experiment with different themes, customize them to your liking, and see how they look and feel on your site, all without having to worry about damaging your live website.\u003C\u002Fp>\n\u003Cp>While the plugin does not allow you to edit plugins on the site, it ensures that any changes made to your theme are isolated and do not affect your live site. This means that you can experiment with new designs, layouts, and features without the risk of damaging your website’s performance or functionality.\u003C\u002Fp>\n\u003Cp>Overall, Dev Theme plugin is a powerful tool that allows you to create a safe and isolated environment to experiment with your website’s design and layout, making it easy for you to make changes and improvements without any risk to your live site.\u003C\u002Fp>\n\u003Ch4>How it works?\u003C\u002Fh4>\n\u003Cp>The staging feature of Dev Theme, allows you to create a safe and secure environment for you to experiment and develop your website without impacting your live site.\u003C\u002Fp>\n\u003Cp>When you create a staging environment, the plugin will copy your active theme into a folder called “dev-theme”.\u003Cbr \u002F>\nThis folder is where you can safely edit the code of your website without affecting the live version.\u003Cbr \u002F>\nOnce you’ve made the desired changes, you can preview the new version of your website by either activating the dev-theme just for your user, to do that, just enter to your profile and look for the “Dev Theme” option.\u003Cbr \u002F>\nAnother option, add a dev_theme cookie with the value “enabled” in your browser.\u003C\u002Fp>\n\u003Cp>This way, you can test your changes thoroughly before making them live to ensure the best possible user experience.\u003Cbr \u002F>\nWith Dev Theme plugin, you can confidently develop and experiment with your website knowing that your live site remains safe and untouched.\u003C\u002Fp>\n","DEV Theme",1893,"2023-05-09T22:11:00.000Z","6.2.9","5.6",[127,18,128,20,129],"dev","stage","theme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdev-theme.zip",{"attackSurface":132,"codeSignals":144,"taintFlows":151,"riskAssessment":152,"analyzedAt":155},{"hooks":133,"ajaxHandlers":140,"restRoutes":141,"shortcodes":142,"cronEvents":143,"entryPointCount":13,"unprotectedCount":13},[134],{"type":135,"name":136,"callback":137,"priority":64,"file":138,"line":139},"action","init","onlyadmins_router","onlyadmins.php",31,[],[],[],[],{"dangerousFunctions":145,"sqlUsage":146,"outputEscaping":148,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":27,"bundledLibraries":150},[],{"prepared":13,"raw":13,"locations":147},[],{"escaped":13,"rawEcho":13,"locations":149},[],[],[],{"summary":153,"deductions":154},"The \"only-admins\" v1.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any exposed AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code demonstrates excellent security practices with 100% of SQL queries using prepared statements and 100% of output being properly escaped. The presence of at least one capability check is also a positive sign of access control implementation.  The taint analysis revealing zero flows with unsanitized paths, particularly at critical and high severity levels, further reinforces the perception of secure coding.\n\nNo recorded vulnerabilities, past or present, contribute to a low-risk profile for this plugin. The lack of known CVEs and no history of common vulnerability types suggest that the developers have maintained a secure codebase.  While the plugin's limited functionality (implied by the zero entry points) naturally reduces complexity and thus potential vulnerabilities, the observed code signals indicate deliberate security considerations were made.  In conclusion, \"only-admins\" v1.0 appears to be a very secure plugin with no immediate exploitable flaws identified in the static analysis or its vulnerability history. Its strengths lie in its minimal attack surface and adherence to secure coding principles.  The only area for potential improvement, though not a current risk, would be to ensure that the single capability check covers all intended administrative functionalities.",[],"2026-03-16T23:29:08.185Z",{"wat":157,"direct":162},{"assetPaths":158,"generatorPatterns":159,"scriptPaths":160,"versionParams":161},[],[],[],[],{"cssClasses":163,"htmlComments":164,"htmlAttributes":165,"restEndpoints":166,"jsGlobals":167,"shortcodeOutput":168},[],[],[],[],[],[169],"You don't have permission to accesss this page. \u003Ca href=\"%s\">Logout?\u003C\u002Fa>"]