[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_OcZiFDkjlnHFY3__4sbGm-ySzghYEUXyMoZxUkC0V4":3,"$ffWmCi1cUujPgTOmwJ6gkpDdFayYQYycBjpsAd3rxeLk":393,"$f52lUZTM38MbyYw-JlX0aojxaCbE5HlwFM53JW6JzkkA":397},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":38,"analysis":141,"fingerprints":362},"php-constants-manager","PHP Constants Manager","1.2.0","cartpauj","https:\u002F\u002Fprofiles.wordpress.org\u002Fcartpauj\u002F","\u003Cp>PHP Constants Manager provides a secure and user-friendly interface for managing PHP constants in WordPress. No more editing wp-config.php or theme files to add or modify constants!\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Complete Constant Management\u003C\u002Fstrong>: Create, read, update, and delete PHP constants from the WordPress admin\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dual View System\u003C\u002Fstrong>: “My Constants” for your custom constants and “All Constants” to view every constant in your WordPress installation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Native WordPress UI\u003C\u002Fstrong>: Built using WP_List_Table with sorting, searching, and bulk actions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Data Types\u003C\u002Fstrong>: Support for String, Integer, Float, Boolean, and NULL constant types with strict validation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time Validation\u003C\u002Fstrong>: Form fields validate values against selected type with immediate feedback\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Active\u002FInactive States\u003C\u002Fstrong>: Toggle constants on\u002Foff without deleting them\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conflict Detection\u003C\u002Fstrong>: Visual indicators show when constants are already defined elsewhere (predefined)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Screen Options\u003C\u002Fstrong>: Customize table views with adjustable items per page and column visibility controls\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Early Loading Option\u003C\u002Fstrong>: Optional must-use plugin creation for loading constants before other plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Load Order Awareness\u003C\u002Fstrong>: Constants loaded during plugins_loaded action (priority 1) for broad compatibility\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Help\u003C\u002Fstrong>: Built-in help system with detailed documentation and best practices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Administrator Only\u003C\u002Fstrong>: Secure access restricted to users with manage_options capability\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database Storage\u003C\u002Fstrong>: Constants stored safely in a custom database table with full audit trail\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Import\u002FExport\u003C\u002Fstrong>: Backup and migrate constants using CSV files with detailed error reporting\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI Integration\u003C\u002Fstrong>: Manage constants, import\u002Fexport CSV, and toggle early loading from the terminal via \u003Ccode>wp phpcm ...\u003C\u002Fcode> — ideal for automation, CI\u002FCD, and multi-site provisioning\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Understanding Predefined Constants\u003C\u002Fh4>\n\u003Cp>The plugin intelligently detects when constants are already defined by WordPress core, other plugins, or your theme:\u003Cbr \u002F>\n* \u003Cstrong>Not Predefined\u003C\u002Fstrong>: Your constant is unique and will work normally\u003Cbr \u002F>\n* \u003Cstrong>Predefined\u003C\u002Fstrong>: The constant exists elsewhere – your definition is saved but won’t override the existing value due to PHP’s constant rules\u003C\u002Fp>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Manage environment-specific configuration\u003C\u002Fli>\n\u003Cli>Toggle debug constants without file editing\u003C\u002Fli>\n\u003Cli>Store API keys and configuration values securely\u003C\u002Fli>\n\u003Cli>Create fallback constants for different environments\u003C\u002Fli>\n\u003Cli>Document constant purposes with built-in descriptions\u003C\u002Fli>\n\u003Cli>Audit all constants in your WordPress installation\u003C\u002Fli>\n\u003Cli>Backup constants to CSV files for migration between sites\u003C\u002Fli>\n\u003Cli>Import constants in bulk from properly formatted CSV files\u003C\u002Fli>\n\u003Cli>Automate site setup and deployment pipelines with WP-CLI (\u003Ccode>wp phpcm add MY_KEY ...\u003C\u002Fcode>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP-CLI Commands\u003C\u002Fh4>\n\u003Cp>When WP-CLI is available, the plugin registers a \u003Ccode>phpcm\u003C\u002Fcode> command suite that mirrors the admin UI:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp phpcm list [--active] [--inactive] [--type=\u003Ctype>] [--search=\u003Cterm>] [--format=\u003Cformat>]\u003C\u002Fcode> — list managed constants\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm get \u003Cname>\u003C\u002Fcode> — show a single constant (supports \u003Ccode>--field=\u003Cfield>\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm add \u003Cname> [\u003Cvalue>] [--type=\u003Ctype>] [--description=\u003Ctext>] [--inactive] [--porcelain]\u003C\u002Fcode> — create a constant (value can be \u003Ccode>-\u003C\u002Fcode> to read from stdin)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm update \u003Cname> [--value=\u003Cvalue>] [--type=\u003Ctype>] [--description=\u003Ctext>] [--active|--inactive]\u003C\u002Fcode> — update fields\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm delete \u003Cname>... [--yes]\u003C\u002Fcode> — delete one or more by name\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm activate|deactivate|toggle \u003Cname>...\u003C\u002Fcode> — flip active state\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm defined \u003Cname>\u003C\u002Fcode> — report whether the constant is currently defined and by whom (this plugin, early-load, or elsewhere like wp-config.php)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm all-defines [--user-defined] [--search=\u003Cterm>]\u003C\u002Fcode> — inspect every PHP constant present in the process\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm status\u003C\u002Fcode> — plugin health summary (table, row counts, early-loading state)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm import \u003Cfile|-> [--overwrite]\u003C\u002Fcode> — import CSV (file path or stdin)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm export [\u003Cfile>] [--active] [--inactive] [--type=\u003Ctype>]\u003C\u002Fcode> — write CSV to a file or stdout\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp phpcm early-loading enable|disable|status\u003C\u002Fcode> — manage the must-use plugin that loads constants before all other plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Run \u003Ccode>wp help phpcm \u003Csubcommand>\u003C\u002Fcode> for detailed usage, flags, and examples.\u003C\u002Fp>\n\u003Ch3>Developer Information\u003C\u002Fh3>\n\u003Ch4>Database Schema\u003C\u002Fh4>\n\u003Cp>The plugin creates a custom table \u003Ccode>{prefix}phpcm_constants\u003C\u002Fcode> with the following structure:\u003Cbr \u002F>\n* \u003Ccode>id\u003C\u002Fcode> – Primary key (auto-increment)\u003Cbr \u002F>\n* \u003Ccode>name\u003C\u002Fcode> – Constant name (unique, varchar 191)\u003Cbr \u002F>\n* \u003Ccode>value\u003C\u002Fcode> – Constant value (longtext)\u003Cbr \u002F>\n* \u003Ccode>type\u003C\u002Fcode> – Data type (enum: string, integer, float, boolean, null)\u003Cbr \u002F>\n* \u003Ccode>is_active\u003C\u002Fcode> – Whether the constant is loaded (tinyint)\u003Cbr \u002F>\n* \u003Ccode>description\u003C\u002Fcode> – Optional description (text)\u003Cbr \u002F>\n* \u003Ccode>created_at\u003C\u002Fcode> – Creation timestamp (datetime)\u003Cbr \u002F>\n* \u003Ccode>updated_at\u003C\u002Fcode> – Last update timestamp (datetime)\u003C\u002Fp>\n\u003Ch4>WordPress Hooks Used\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>plugins_loaded\u003C\u002Fcode> (priority 1) – Early constant loading for maximum compatibility\u003C\u002Fli>\n\u003Cli>\u003Ccode>admin_menu\u003C\u002Fcode> – Menu registration\u003C\u002Fli>\n\u003Cli>\u003Ccode>admin_post_*\u003C\u002Fcode> – Form submission handling\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_ajax_*\u003C\u002Fcode> – AJAX operations\u003C\u002Fli>\n\u003Cli>\u003Ccode>WP_CLI::add_command('phpcm', ...)\u003C\u002Fcode> – Registers the CLI command when WP-CLI is available\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Load Order & Compatibility\u003C\u002Fh4>\n\u003Cp>Constants are defined during \u003Ccode>plugins_loaded\u003C\u002Fcode> with priority 1, ensuring they are available to:\u003Cbr \u002F>\n* All theme functions and templates\u003Cbr \u002F>\n* Other plugins (unless using higher priority)\u003Cbr \u002F>\n* WordPress core hooks like \u003Ccode>init\u003C\u002Fcode>, \u003Ccode>wp_loaded\u003C\u002Fcode>, etc.\u003C\u002Fp>\n\u003Ch4>Security Implementation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Capability requirement: \u003Ccode>manage_options\u003C\u002Fcode> (administrators only)\u003C\u002Fli>\n\u003Cli>Nonce verification on all form submissions and AJAX requests\u003C\u002Fli>\n\u003Cli>SQL injection prevention with prepared statements\u003C\u002Fli>\n\u003Cli>Input sanitization using WordPress core functions\u003C\u002Fli>\n\u003Cli>Output escaping for all displayed data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Code Standards\u003C\u002Fh4>\n\u003Cp>This plugin follows WordPress coding standards and best practices:\u003Cbr \u002F>\n* PSR-4 autoloading structure\u003Cbr \u002F>\n* WordPress database abstraction layer\u003Cbr \u002F>\n* Internationalization ready\u003Cbr \u002F>\n* WP_List_Table implementation\u003Cbr \u002F>\n* Standard WordPress admin UI patterns\u003C\u002Fp>\n","Safely manage PHP constants (defines) through the WordPress admin or WP-CLI with full CRUD functionality and comprehensive viewing capabilities.",0,442,100,1,"2026-04-16T05:46:00.000Z","6.9.4","5.0","7.4",[20,21,22,23,24],"admin","configuration","constants","defines","php","https:\u002F\u002Fgithub.com\u002Fcartpauj\u002Fphp-constants-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-constants-manager.1.2.0.zip",null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},6,31900,99,1225,78,"2026-05-19T20:58:30.820Z",[39,65,87,107,125],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":61,"download_link":62,"security_score":34,"vuln_count":63,"unpatched_count":11,"last_vuln_date":64,"fetched_at":28},"wp-phpmyadmin-extension","WP phpMyAdmin","5.2.2.01","Puvox Software","https:\u002F\u002Fprofiles.wordpress.org\u002Fpuvoxsoftware\u002F","\u003Ch4>[ ✅ 𝐒𝐄𝐂𝐔𝐑𝐄 𝐏𝐋𝐔𝐆𝐈𝐍𝐒 𝐵𝓎 𝒫𝓊𝓋𝑜𝓍 ] :\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>• Checked against vulnerability holes.\u003Cbr \u002F>\n  • No extra load\u002Fslowness to site.\u003Cbr \u002F>\n  • Does not collect & share private data.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Plugin Description\u003C\u002Fh4>\n\u003Cp>The famous database browser & manager (for MySQL & MariaDB) – use it inside WordPress Dashboard without an extra hassle.\u003C\u002Fp>\n\u003Ch3>NOTES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin has been started from 2018 year, and we have no connections to the old age’s vulnerable wp-phpMyAdmin plugin (published elsewhere by 3rd party scammers) . So, this current plugin is just a wrapper for official phpMyAdmin release and depends itself on the realiability & security of the \u003Ccode>phpMyAdmin\u003C\u002Fcode> itself. Also, initially we wanted to put PhpMyAdmin released \u003Ccode>.zip\u003C\u002Fcode> file untouched (to ensure the checksums are same) and unpack that \u003Ccode>.zip\u003C\u002Fcode> directly upon plugin’s installation, but unfortunately WordPress Plugin Team didn’t allow to put \u003Ccode>.zip\u003C\u002Fcode> file in the package (saying that SVN doesn’t like working with \u003Ccode>.zip\u003C\u002Fcode> files). Thus, we had to submit extracted PMA (but still original & untouched) to the repository.\u003C\u002Fli>\n\u003Cli>PHP >= 7.2.5 is required to for \u003Cstrong>phpMyAdmin\u003C\u002Fstrong> latest version (otherwise you will have option to use older version of PMA, which is not encouraged to be used).\u003C\u002Fli>\n\u003Cli>For the reason to make it compact, some unnecessary files (language files, OpenLayer\u002FGIS map lib, extra themes, etc) are removed.\u003C\u002Fli>\n\u003Cli>It’s recommended, that you enable the plugin only while you need to use PhpMyAdmin. Otherwise, for longer periods, you can deactivate plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Liability\u003C\u002Fh4>\n\u003Cp>We are not developers of PhpMyAdmin itself, neither affiliated with them. We just made this plugin as a wrapper (container) of official PhpMyAdmin, to make it possible to be installed as a WP plugin. However, we don’t monitor PhpMyAdmin package’s source code itself. We take no responsibility about this plugin. Use it at your own responsibility (However, as it’s also visible in stats, thousands of users are using this extendion and only few people have complained about errors).\u003C\u002Fp>\n\u003Ch4>Available Options\u003C\u002Fh4>\n\u003Cp>See all available options and their description on plugin’s settings page.\u003C\u002Fp>\n","[ ✅ 𝐒𝐄𝐂𝐔𝐑𝐄 𝐏𝐋𝐔𝐆𝐈𝐍𝐒 𝐵𝓎 𝒫𝓊𝓋𝑜𝓍 ] phpMyAdmin -  Database Browser & Manager (for MySQL & MariaDB)",50000,1062477,92,58,"2025-10-17T18:58:00.000Z","6.7.5","6.0","",[56,57,58,59,60],"database","manager","mysql","phpminiadmin","phpmyadmin","https:\u002F\u002Fpuvox.software\u002Fsoftware\u002Fwordpress-plugins\u002F?plugin=wp-phpmyadmin-extension","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-phpmyadmin-extension.zip",2,"2022-08-01 00:00:00",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":76,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":18,"tags":80,"homepage":84,"download_link":85,"security_score":34,"vuln_count":14,"unpatched_count":11,"last_vuln_date":86,"fetched_at":28},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",20000,633977,86,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5",[20,81,82,83,24],"administration","dashboard-widget","error-reporting","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip","2019-02-25 00:00:00",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":16,"requires_at_least":100,"requires_php":18,"tags":101,"homepage":105,"download_link":106,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"wp-memory-usage","WP-Memory-Usage","2.0.0","berkux","https:\u002F\u002Fprofiles.wordpress.org\u002Fberkux\u002F","\u003Cp>WP-Memory-Usage is a lightweight but powerful WordPress plugin that monitors and displays memory usage directly in your WordPress admin area.\u003Cbr \u002F>\nThis tool is essential for site administrators and developers who need to keep an eye on the memory consumption of their WordPress installation, helping to identify potential issues and optimize performance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What the plugin shows:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In the \u003Cstrong>admin footer\u003C\u002Fstrong> (every admin page):\u003Cbr \u002F>\n* Current memory usage vs. WordPress limit (with percentage)\u003Cbr \u002F>\n* Current memory usage vs. PHP limit (with percentage)\u003Cbr \u002F>\n* Server IP address and server name\u003Cbr \u002F>\n* PHP version\u003C\u002Fp>\n\u003Cp>In the \u003Cstrong>Dashboard widget\u003C\u002Fstrong> (“Memory Overview”):\u003Cbr \u002F>\n* PHP version, architecture (32\u002F64 bit), max execution time\u003Cbr \u002F>\n* WordPress memory limit (WP_MEMORY_LIMIT), WordPress admin limit (WP_MAX_MEMORY_LIMIT), PHP memory limit\u003Cbr \u002F>\n* Current peak memory usage with a visual progress bar (colour-coded: green \u002F orange \u002F red)\u003Cbr \u002F>\n* Link to the Threshold Alerts settings page\u003C\u002Fp>\n\u003Cp>Memory Alerts Tabs (since 2.0.0):\u003Cbr \u002F>\nLog events, set thresholds (Warning \u002F Danger \u002F Critical), monitor memory usage…\u003C\u002Fp>\n\u003Ch3>Why Use WP-Memory-Usage?\u003C\u002Fh3>\n\u003Cp>Excessive memory usage leads to slower sites, HTTP 500 errors, and failed background jobs (cron, imports, backups). WP-Memory-Usage gives you the information you need to act before users are affected — without overwhelming you with notifications.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin menu:\u003C\u002Fstrong> See at settings “Memory Alerts”\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time memory display\u003C\u002Fstrong> in dashboard and every admin page footer\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Colour-coded progress bar\u003C\u002Fstrong> (green \u002F orange \u002F red) for instant status recognition\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Set Thresholds:\u003C\u002Fstrong> Set values for three threshold levels (Warning, Danger, Critical) and switch on\u002Foff logging\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Set how to measure:\u003C\u002Fstrong> Use peak memory?\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Set Logging:\u003C\u002Fstrong> Log Ajax, Rest, Admin, Cron, favicon, OK\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Set how to alert:\u003C\u002Fstrong> Mailadress, intervals for rotating and deleting logfiles\u003C\u002Fli>\n\u003Cli>\u003Cstrong>History tab:\u003C\u002Fstrong> show latest logged requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Digest tab:\u003C\u002Fstrong> browse and review past aggregated requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Actions tab:\u003C\u002Fstrong> practical guidance on what to do when you receive an alert\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory Thresholds tab:\u003C\u002Fstrong> current settings and assessment & recommendations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Check Installation tab:\u003C\u002Fstrong> all ok for using this plugin?\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean uninstall:\u003C\u002Fstrong> removes all options, cron jobs, and log files on deletion\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New Logo for the Plugin\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>PluginCheck-Plugin Status\u003C\u002Fh3>\n\u003Cp>Plugin is compatible with PluginCheck-Plugin. Note regarding “trademarked_term”: “WP-Memory-Usage” and “wp-memory-usage” are today considered restricted terms. This plugin entered the WordPress repository in 2009, when those terms were permitted.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Copyright 2009–2013 by Alex Rabe, 2022– Bernhard Kux\u003C\u002Fp>\n","Show up the PHP version, memory limit and current memory usage in the dashboard and admin footer. Optional monitor threshold and alert via email.",10000,292583,90,21,"2026-03-04T20:51:00.000Z","5.3",[20,102,24,103,104],"memory","server","usage","https:\u002F\u002Fwww.json-content-importer.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-memory-usage.2.0.0.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":13,"num_ratings":14,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":54,"download_link":124,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"php-version","PHP Version","1.0.7","Md Mazedul Islam","https:\u002F\u002Fprofiles.wordpress.org\u002Fmazedulislam27\u002F","\u003Cp>“PHP version” is very simple and lightweight plugin that will help you for showing up the current PHP version in WordPress dashboard.\u003C\u002Fp>\n\u003Cp>If you satisfied with this plugin, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fphp-version\" rel=\"ugc\">\u003Cstrong>rate\u003C\u002Fstrong>\u003C\u002Fa> it. Your rate will encourage to do better in the future.\u003C\u002Fp>\n","You can able to see the current PHP version in WordPress admin dashboard widget.",4000,36029,"2025-12-09T21:06:00.000Z","6.9.0","4.0","5.6.0",[20,122,108,103,123],"dashboard","version","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-version.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":13,"num_ratings":14,"last_updated":135,"tested_up_to":78,"requires_at_least":136,"requires_php":54,"tags":137,"homepage":139,"download_link":140,"security_score":49,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"wp-php-version-display","WP PHP Version Display","2.0","Arul Prasad J","https:\u002F\u002Fprofiles.wordpress.org\u002Farulprasadj\u002F","\u003Cp>This is a lightweight WordPress plugin that displays the current running PHP\u002FMySQL version inside “At a Glance” admin dashboard widget.\u003C\u002Fp>\n\u003Cp>Plugin uses standard actions and filters only. (No jQuery used)\u003C\u002Fp>\n\u003Cp>If you love this plugin, \u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Farulprasadj?locale.x=en_GB\" rel=\"nofollow ugc\">buy me a cup of coffee\u003C\u002Fa>\u003C\u002Fp>\n","Displays the current running PHP\u002FMySQL version inside \"At a Glance\" admin dashboard widget.",3000,20438,"2025-04-25T13:28:00.000Z","3.0",[20,122,24,103,138],"support","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-php-version-display\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-php-version-display.2.0.zip",{"attackSurface":142,"codeSignals":219,"taintFlows":232,"riskAssessment":353,"analyzedAt":361},{"hooks":143,"ajaxHandlers":206,"restRoutes":216,"shortcodes":217,"cronEvents":218,"entryPointCount":63,"unprotectedCount":11},[144,150,153,156,160,164,168,172,175,179,182,186,190,194,200,203],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_init","handle_admin_actions","php-constants-manager.php",76,{"type":145,"name":146,"callback":151,"file":148,"line":152},"migrate_mu_plugin_filename",77,{"type":145,"name":154,"callback":155,"file":148,"line":36},"admin_menu","add_admin_menu",{"type":145,"name":157,"callback":158,"file":148,"line":159},"admin_enqueue_scripts","enqueue_admin_assets",79,{"type":145,"name":161,"callback":162,"file":148,"line":163},"admin_notices","show_admin_notices",80,{"type":145,"name":165,"callback":166,"priority":14,"file":148,"line":167},"plugins_loaded","load_managed_constants",83,{"type":145,"name":169,"callback":170,"file":148,"line":171},"admin_post_phpcm_save_constant","handle_save_constant",89,{"type":145,"name":173,"callback":174,"file":148,"line":97},"admin_post_phpcm_delete_constant","handle_delete_constant",{"type":145,"name":176,"callback":177,"file":148,"line":178},"admin_post_phpcm_toggle_constant","handle_toggle_constant",91,{"type":145,"name":180,"callback":181,"file":148,"line":49},"admin_post_phpcm_bulk_action","handle_bulk_action",{"type":145,"name":183,"callback":184,"file":148,"line":185},"admin_post_phpcm_export_csv","handle_export_csv",93,{"type":145,"name":187,"callback":188,"file":148,"line":189},"admin_post_phpcm_import_csv","handle_import_csv",94,{"type":145,"name":191,"callback":192,"file":148,"line":193},"admin_post_phpcm_save_settings","handle_save_settings",95,{"type":195,"name":196,"callback":197,"priority":198,"file":148,"line":199},"filter","set-screen-option","set_screen_options",10,102,{"type":145,"name":165,"callback":201,"priority":11,"file":148,"line":202},"get_instance",1618,{"type":145,"name":165,"callback":204,"priority":11,"file":148,"line":205},"phpcm_check_db_version",1659,[207,213],{"action":208,"nopriv":209,"callback":210,"hasNonce":211,"hasCapCheck":211,"file":148,"line":212},"phpcm_check_constant",false,"ajax_check_constant",true,98,{"action":214,"nopriv":209,"callback":215,"hasNonce":211,"hasCapCheck":211,"file":148,"line":34},"phpcm_toggle_constant","ajax_toggle_constant",[],[],[],{"dangerousFunctions":220,"sqlUsage":221,"outputEscaping":224,"fileOperations":11,"externalRequests":11,"nonceChecks":198,"capabilityChecks":230,"bundledLibraries":231},[],{"prepared":222,"raw":11,"locations":223},13,[],{"escaped":225,"rawEcho":14,"locations":226},151,[227],{"file":148,"line":228,"context":229},1285,"raw output",20,[],[233,251,271,289,302],{"entryPoint":234,"graph":235,"unsanitizedCount":11,"severity":250},"handle_save_settings (php-constants-manager.php:1564)",{"nodes":236,"edges":248},[237,242],{"id":238,"type":239,"label":240,"file":148,"line":241},"n0","source","$_POST",1573,{"id":243,"type":244,"label":245,"file":148,"line":246,"wp_function":247},"n1","sink","update_option() [Settings Manipulation]",1577,"update_option",[249],{"from":238,"to":243,"sanitized":211},"low",{"entryPoint":252,"graph":253,"unsanitizedCount":11,"severity":250},"\u003Cconstants-list> (views\\admin\\constants-list.php:0)",{"nodes":254,"edges":268},[255,259,262,266],{"id":238,"type":239,"label":256,"file":257,"line":258},"$_REQUEST['page']","views\\admin\\constants-list.php",72,{"id":243,"type":244,"label":260,"file":257,"line":258,"wp_function":261},"echo() [XSS]","echo",{"id":263,"type":239,"label":264,"file":257,"line":265},"n2","$_REQUEST['type_filter']",74,{"id":267,"type":244,"label":260,"file":257,"line":265,"wp_function":261},"n3",[269,270],{"from":238,"to":243,"sanitized":211},{"from":263,"to":267,"sanitized":211},{"entryPoint":272,"graph":273,"unsanitizedCount":14,"severity":288},"handle_save_constant (php-constants-manager.php:396)",{"nodes":274,"edges":285},[275,277,280],{"id":238,"type":239,"label":240,"file":148,"line":276},477,{"id":243,"type":278,"label":279,"file":148,"line":276},"transform","→ get_constant_by_name()",{"id":263,"type":244,"label":281,"file":282,"line":283,"wp_function":284},"get_row() [SQLi]","includes\\class-phpcm-db.php",266,"get_row",[286,287],{"from":238,"to":243,"sanitized":209},{"from":243,"to":263,"sanitized":209},"high",{"entryPoint":290,"graph":291,"unsanitizedCount":14,"severity":288},"ajax_toggle_constant (php-constants-manager.php:721)",{"nodes":292,"edges":299},[293,295,297],{"id":238,"type":239,"label":240,"file":148,"line":294},736,{"id":243,"type":278,"label":296,"file":148,"line":294},"→ get_constant()",{"id":263,"type":244,"label":281,"file":282,"line":298,"wp_function":284},234,[300,301],{"from":238,"to":243,"sanitized":209},{"from":243,"to":263,"sanitized":209},{"entryPoint":303,"graph":304,"unsanitizedCount":352,"severity":288},"\u003Cphp-constants-manager> (php-constants-manager.php:0)",{"nodes":305,"edges":342},[306,308,312,315,317,319,321,325,327,329,332,334,336,338,340],{"id":238,"type":239,"label":240,"file":148,"line":307},406,{"id":243,"type":244,"label":309,"file":148,"line":310,"wp_function":311},"wp_redirect() [Open Redirect]",687,"wp_redirect",{"id":263,"type":239,"label":313,"file":148,"line":314},"$_GET (x2)",808,{"id":267,"type":244,"label":309,"file":148,"line":316,"wp_function":311},1557,{"id":318,"type":239,"label":240,"file":148,"line":241},"n4",{"id":320,"type":244,"label":245,"file":148,"line":246,"wp_function":247},"n5",{"id":322,"type":239,"label":323,"file":148,"line":324},"n6","$_GET",371,{"id":326,"type":278,"label":296,"file":148,"line":324},"n7",{"id":328,"type":244,"label":281,"file":282,"line":298,"wp_function":284},"n8",{"id":330,"type":239,"label":331,"file":148,"line":276},"n9","$_POST (x3)",{"id":333,"type":278,"label":279,"file":148,"line":276},"n10",{"id":335,"type":244,"label":281,"file":282,"line":283,"wp_function":284},"n11",{"id":337,"type":239,"label":240,"file":148,"line":294},"n12",{"id":339,"type":278,"label":296,"file":148,"line":294},"n13",{"id":341,"type":244,"label":281,"file":282,"line":298,"wp_function":284},"n14",[343,344,345,346,347,348,349,350,351],{"from":238,"to":243,"sanitized":211},{"from":263,"to":267,"sanitized":211},{"from":318,"to":320,"sanitized":211},{"from":322,"to":326,"sanitized":209},{"from":326,"to":328,"sanitized":209},{"from":330,"to":333,"sanitized":209},{"from":333,"to":335,"sanitized":209},{"from":337,"to":339,"sanitized":209},{"from":339,"to":341,"sanitized":209},5,{"summary":354,"deductions":355},"The \"php-constants-manager\" v1.1.5 plugin exhibits a generally strong security posture, with excellent adherence to many best practices. The absence of dangerous functions, file operations, and external HTTP requests is highly commendable. The plugin also demonstrates a commitment to secure coding by exclusively using prepared statements for its SQL queries and having a very high percentage of properly escaped outputs. Furthermore, the comprehensive use of nonce and capability checks on its AJAX handlers indicates a robust defense against unauthorized access and potential Cross-Site Request Forgery (CSRF) attacks. The plugin's vulnerability history is also clean, with no recorded CVEs, suggesting a history of secure development.\n\nDespite these strengths, the taint analysis reveals a significant concern. Three flows were identified with unsanitized paths, and these are classified as high severity. While the specific impact of these flows is not detailed, unsanitized paths can lead to various vulnerabilities, including path traversal or arbitrary file access, especially if these paths are user-controlled. The absence of critical severity taint flows is a positive indicator, but the presence of high-severity issues in this area warrants careful attention. The fact that all flows analyzed had some form of unsanitized path, even if not critical, suggests this is a systemic issue within the plugin's handling of path-related data.",[356,359],{"reason":357,"points":358},"High severity taint flows with unsanitized paths",15,{"reason":360,"points":352},"All analyzed flows had unsanitized paths","2026-03-17T05:59:26.789Z",{"wat":363,"direct":376},{"assetPaths":364,"generatorPatterns":369,"scriptPaths":370,"versionParams":371},[365,366,367,368],"\u002Fwp-content\u002Fplugins\u002Fphp-constants-manager\u002Fassets\u002Fcss\u002Fphpcm-admin.css","\u002Fwp-content\u002Fplugins\u002Fphp-constants-manager\u002Fassets\u002Fjs\u002Fphpcm-admin.js","\u002Fwp-content\u002Fplugins\u002Fphp-constants-manager\u002Fassets\u002Fjs\u002Fphpcm-script.js","\u002Fwp-content\u002Fplugins\u002Fphp-constants-manager\u002Fassets\u002Fcss\u002Fphpcm-styles.css",[],[366,367],[372,373,374,375],"php-constants-manager\u002Fassets\u002Fcss\u002Fphpcm-admin.css?ver=","php-constants-manager\u002Fassets\u002Fjs\u002Fphpcm-admin.js?ver=","php-constants-manager\u002Fassets\u002Fjs\u002Fphpcm-script.js?ver=","php-constants-manager\u002Fassets\u002Fcss\u002Fphpcm-styles.css?ver=",{"cssClasses":377,"htmlComments":383,"htmlAttributes":385,"restEndpoints":389,"jsGlobals":390,"shortcodeOutput":392},[378,379,380,381,382],"phpcm-admin-page","phpcm-constant-name","phpcm-constant-value","phpcm-constant-type","phpcm-constant-actions",[384],"\u003C!-- PHP Constants Manager -->",[386,387,388],"data-constant-name","data-constant-value","data-constant-type",[],[391],"phpcm_admin_ajax_object",[],{"error":211,"url":394,"statusCode":395,"statusMessage":396,"message":396},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fphp-constants-manager\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":398,"versions":399},3,[400,405,412],{"version":6,"download_url":26,"svn_tag_url":401,"released_at":27,"has_diff":209,"diff_files_changed":402,"diff_lines":27,"trac_diff_url":403,"vulnerabilities":404,"is_current":211},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fphp-constants-manager\u002Ftags\u002F1.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fphp-constants-manager%2Ftags%2F1.1.5&new_path=%2Fphp-constants-manager%2Ftags%2F1.2.0",[],{"version":406,"download_url":407,"svn_tag_url":408,"released_at":27,"has_diff":209,"diff_files_changed":409,"diff_lines":27,"trac_diff_url":410,"vulnerabilities":411,"is_current":209},"1.1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-constants-manager.1.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fphp-constants-manager\u002Ftags\u002F1.1.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fphp-constants-manager%2Ftags%2F1.1.4&new_path=%2Fphp-constants-manager%2Ftags%2F1.1.5",[],{"version":413,"download_url":414,"svn_tag_url":415,"released_at":27,"has_diff":209,"diff_files_changed":416,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":417,"is_current":209},"1.1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-constants-manager.1.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fphp-constants-manager\u002Ftags\u002F1.1.4\u002F",[],[]]