[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fskvpjiTjLZP3rcyrbyzRpqOByrWTNTqwyMlqpBSxPCQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":143,"fingerprints":251},"placeholder-it-widget","Placeholder it","0.9","johanvandemerwe","https:\u002F\u002Fprofiles.wordpress.org\u002Fjvandemerwe\u002F","\u003Cp>This plugin contains a widget that can be used to show placeholders on widget areas where you still have to do some\u003Cbr \u002F>\nwork. It uses the webservice of “www.placehold.it” to generate the image.\u003C\u002Fp>\n\u003Cp>This plugin comes in handy if you have a customer that you would like to show the layout of his upcoming website\u003Cbr \u002F>\nand can use placeholders to show him the proportions and with the use of text, what comes where.\u003C\u002Fp>\n\u003Cp>You can customize the text and the colors,\u003Cbr \u002F>\nand you can add wrappers and wrapper classes. The settings page makes it possible to work with default values of your\u003Cbr \u002F>\nown choice.\u003C\u002Fp>\n\u003Cp>This plugin owes credits to: Tareq Hasan for I have used his Settings Class for the settings page.\u003Cbr \u002F>\nhttp:\u002F\u002Ftareq.weDevs.com Tareq’s Planet\u003C\u002Fp>\n\u003Cp>After the plugin is activated you can start immediattely adding widgets, but you could also have a look first\u003Cbr \u002F>\nat the plugin’s options that can be found in the settings menu of WordPress.\u003C\u002Fp>\n\u003Cp>Here you can change the defaults that are used when you add a new widgets. But remember that any widgets that are\u003Cbr \u002F>\nalready set, will not automatically get any changes you’ve made to the defaults. Changes only apply to widgets\u003Cbr \u002F>\nconfigured after you’ve changed the default values of the plugin.\u003C\u002Fp>\n\u003Cp>This plugin has been developed and tested with WordPress version 4.3.1\u003C\u002Fp>\n\u003Ch3>additional classes\u003C\u002Fh3>\n\u003Cp>You can also add some classes before and after the widget, to match it with your own development CSS.\u003C\u002Fp>\n\u003Ch3>bootstrap\u003C\u002Fh3>\n\u003Cp>If your site supports bootstrap, you can use the bootstrap classes in the wrappers (f.e. “col-md-6”). To make sure\u003Cbr \u002F>\nthat the placeholders are nicely filling the space you should make the dimensions a lot bigger than the size of the\u003Cbr \u002F>\ncolumn, bootstrap css will make that the placeholders fit in the columns.\u003C\u002Fp>\n\u003Cp>You can use the “img-responsive” class as well to make sure that the placeholder will resize responsively.\u003C\u002Fp>\n\u003Ch3>Limitations\u003C\u002Fh3>\n\u003Cp>This plugin requires internet connection\u003C\u002Fp>\n\u003Cp>Coding by: \u003Ca href=\"http:\u002F\u002Fwww.enovision.net\" rel=\"nofollow ugc\">Johan van de Merwe\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin nor the creator of this plugin is affiliated with the developers of www.placehold.it.\u003Cbr \u002F>\nThe plugin comes as it is and is depending on the availability of the www.placehold.it webservice.\u003C\u002Fp>\n\u003Ch3>What this plugin is not\u003C\u002Fh3>\n\u003Cp>With this plugin you can place placeholders with text or dimensions, that’s it. No images of cats, dogs or pizza’s.\u003Cbr \u002F>\nJust boring looking placeholders. The developers have no intention to develop this plugin any further than that.\u003Cbr \u002F>\nFor placeholder plugins with cats, dogs or pizza’s, you have to look for another plugin. The placeholders in this\u003Cbr \u002F>\nplugin are just for development and preview purpose only and are not meant for keeping them on your final production\u003Cbr \u002F>\nwebsite, nor can it be used for placeholding in case real images don’t exist.\u003C\u002Fp>\n","Add placeholders easily to widget areas during site development, with many options",10,1326,0,"2016-06-10T11:39:00.000Z","4.3.34","2.0.2","",[19,20],"development","placeholder","http:\u002F\u002Fwww.enovision.nl\u002FPlaceholder_It_Widget_widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplaceholder-it-widget.0.9.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"jvandemerwe",4,340,30,84,"2026-04-04T13:10:37.274Z",[35,57,82,101,122],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":55,"download_link":56,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"media-placeholders","Media Placeholders","0.9.2","Weston Ruter","https:\u002F\u002Fprofiles.wordpress.org\u002Fwestonruter\u002F","\u003Cp>Activate this plugin to redirect all requests for missing uploaded images on your blog to your favorite placeholder image service, such as \u003Ca href=\"http:\u002F\u002Fplacehold.it\" rel=\"nofollow ugc\">placehold.it\u003C\u002Fa> or \u003Ca href=\"http:\u002F\u002Fplacekitten.com\u002F\" rel=\"nofollow ugc\">placekitten.com\u003C\u002Fa>. Note that although kittens are cute, the placehold.it service is actually more useful because the background and foreground color can remain consistant across all image sizes (e.g. full size vs thumbnail in a gallery), and so it is easier to see which images in a page are related to each other. (You can change the default placehold.it service to placekitten.com by defining \u003Ccode>MISSING_UPLOADED_IMAGE_PLACEHOLDER_BUILTIN\u003C\u002Fcode> to be \u003Ccode>placekitten_color\u003C\u002Fcode> or \u003Ccode>placekitten_grayscale\u003C\u002Fcode>, or supplying those same values via the \u003Ccode>missing_uploaded_image_placeholder_builtin\u003C\u002Fcode> filter).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This plugin is for use during development only.\u003C\u002Fstrong> It is expected that this plugin will be activated on your local development environment (e.g. on Vagrant or XAMPP), or on your staging server. This plugin is especially useful when working on a team where you share around a database dump but not the uploaded images (which should always be omitted from the code repository), so if you give a database dump to another developer but don’t include the uploaded images, with this plugin enabled they will see a placeholder where the uploaded image appears. This plugin is an alternative approach to what is offered by the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuploads-by-proxy\u002F\" rel=\"ugc\">Uploads by Proxy\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>If you have applied the production database to another environment which lacks the uploaded files, but you know that all images referenced in the database do exist on production, you can define the \u003Ccode>MISSING_UPLOADED_IMAGE_REDIRECT_SERVER\u003C\u002Fcode> constant or filter \u003Ccode>missing_uploaded_image_redirect_server\u003C\u002Fcode> to short-circuit the placeholder service and redirect the image request to that server.\u003C\u002Fp>\n\u003Cp>This plugin will not work if you are on a multisite network that uses the old system for referring to uploaded files, where the URL includes \u003Ccode>\u002Ffiles\u002F\u003C\u002Fcode> which is intercepted by a rewrite rule and passed directly to \u003Ccode>ms-files.php\u003C\u002Fcode>. See \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F19235\" title=\"Turn ms-files.php off by default\" rel=\"nofollow ugc\">#19235\u003C\u002Fa>. Similarly, make sure that missing uploaded files get served by the WordPress 404 handler, not Apache\u002FNginx. If you are using Nginx with the default Varying Vagrant Vagrants config, you’ll want to remove \u003Ccode>png|jpg|jpeg|gif\u003C\u002Fcode> from the following location rule in \u003Ccode>nginx-wp-common.conf\u003C\u002Fcode> (or remove it altogether):\u003C\u002Fp>\n\u003Cpre>\u003Ccode># Handle all static assets by serving the file directly. Add directives \n# to send expires headers and turn off 404 error logging.\nlocation ~* \\.(js|css|png|jpg|jpeg|gif|ico)$ {\n    expires 24h;\n    log_not_found off;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can add support for your own favorite placeholder services by filtering \u003Ccode>missing_uploaded_image_placeholder\u003C\u002Fcode>.\u003Cbr \u002F>\nFor example, you can add this to your \u003Ccode>functions.php\u003C\u002Fcode> or drop it into a \u003Ccode>mu-plugin\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n\u002F**\n * Use Flickholdr as placeholder service\n * @param null|string $url\n * @param array $args  {attached_file, width, height, attachment_id}\n *\u002F\nfunction my_filter_missing_uploaded_image_placeholder( $url, $args ) {\n    $attachment = get_post( $args['attachment_id'] );\n    $tags = join( ' ', array(\n        $attachment->post_title,\n        $attachment->post_excerpt,\n        $attachment->post_content,\n        $attachment->_wp_attachment_image_alt\n    ) );\n    $tags = strtolower( preg_replace( '#[^A-Za-z0-9]+#', ',', $tags ) );\n    $tags = trim( $tags, ',' );\n    $url = sprintf( 'http:\u002F\u002Fflickholdr.com\u002F%d\u002F%d\u002F%s', $args['width'], $args['height'], $tags );\n    return $url;\n}\nadd_filter( 'missing_uploaded_image_placeholder', 'my_filter_missing_uploaded_image_placeholder', 10, 2 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fx-team\u002Fwp-media-placeholders\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fx-team\u002Fwp-media-placeholders\u002Fissues\" rel=\"nofollow ugc\">issues\u003C\u002Fa> reported there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Redirect requests to non-existent uploaded images to a placeholder service like placehold.it or placekitten.com. For use during development.",70,3303,100,2,"2015-02-25T01:45:00.000Z","3.6.1","3.5",[51,19,52,53,54],"404","images","placeholders","uploads","http:\u002F\u002Fgithub.com\u002Fx-team\u002Fwp-missing-upload-placeholders","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-placeholders.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":77,"download_link":78,"security_score":79,"vuln_count":80,"unpatched_count":13,"last_vuln_date":81,"fetched_at":25},"query-monitor","Query Monitor – The developer tools panel for WordPress","3.20.2","John Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnbillion\u002F","\u003Cp>Query Monitor is the developer tools panel for WordPress and WooCommerce. It enables debugging of database queries, PHP errors, hooks and actions, block editor blocks, enqueued scripts and stylesheets, HTTP API calls, and more.\u003C\u002Fp>\n\u003Cp>It includes some advanced features such as debugging of Ajax calls, REST API calls, user capability checks, and full support for block themes and full site editing. It includes the ability to narrow down much of its output by plugin or theme, allowing you to quickly determine poorly performing plugins, themes, or functions.\u003C\u002Fp>\n\u003Cp>Query Monitor focuses heavily on presenting its information in a useful manner, for example by showing aggregate database queries grouped by the plugins, themes, or functions that are responsible for them. It adds an admin toolbar menu showing an overview of the current page, with complete debugging information shown in panels once you select a menu item.\u003C\u002Fp>\n\u003Cp>Query Monitor supports versions of WordPress up to three years old, and PHP version 7.4 or higher.\u003C\u002Fp>\n\u003Cp>For complete information, please see \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002F\" rel=\"nofollow ugc\">the Query Monitor website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Here’s an overview of what’s shown for each page load:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Database queries, including notifications for slow, duplicate, or erroneous queries. Allows filtering by query type (\u003Ccode>SELECT\u003C\u002Fcode>, \u003Ccode>UPDATE\u003C\u002Fcode>, \u003Ccode>DELETE\u003C\u002Fcode>, etc), responsible component (plugin, theme, WordPress core), and calling function, and provides separate aggregate views for each.\u003C\u002Fli>\n\u003Cli>The template filename, the complete template hierarchy, and names of all template parts that were loaded or not loaded (for block themes and classic themes).\u003C\u002Fli>\n\u003Cli>PHP errors presented nicely along with their responsible component and call stack, and a visible warning in the admin toolbar.\u003C\u002Fli>\n\u003Cli>Usage of “Doing it Wrong” or “Deprecated” functionality in the code on your site.\u003C\u002Fli>\n\u003Cli>Blocks and associated properties within post content and within full site editing (FSE).\u003C\u002Fli>\n\u003Cli>Matched rewrite rules, associated query strings, and query vars.\u003C\u002Fli>\n\u003Cli>Enqueued scripts and stylesheets, along with their dependencies, dependents, and alerts for broken dependencies.\u003C\u002Fli>\n\u003Cli>Language settings and loaded translation files (MO files and JSON files) for each text domain.\u003C\u002Fli>\n\u003Cli>HTTP API requests, with response code, responsible component, and time taken, with alerts for failed or erroneous requests.\u003C\u002Fli>\n\u003Cli>User capability checks, along with the result and any parameters passed to the capability check.\u003C\u002Fli>\n\u003Cli>Environment information, including detailed information about PHP, the database, WordPress, and the web server.\u003C\u002Fli>\n\u003Cli>The values of all WordPress conditional functions such as \u003Ccode>is_single()\u003C\u002Fcode>, \u003Ccode>is_home()\u003C\u002Fcode>, etc.\u003C\u002Fli>\n\u003Cli>Transients that were updated.\u003C\u002Fli>\n\u003Cli>Usage of \u003Ccode>switch_to_blog()\u003C\u002Fcode> and \u003Ccode>restore_current_blog()\u003C\u002Fcode> on Multisite installations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Whenever a redirect occurs, Query Monitor adds an HTTP header containing the call stack, so you can use your favourite HTTP inspector or browser developer tools to trace what triggered the redirect.\u003C\u002Fli>\n\u003Cli>The response from any jQuery-initiated Ajax request on the page will contain various debugging information in its headers. PHP errors also get output to the browser’s developer console.\u003C\u002Fli>\n\u003Cli>The response from an authenticated WordPress REST API request will contain an overview of performance information and PHP errors in its headers, as long as the authenticated user has permission to view Query Monitor’s output. An \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Frest-api\u002Fusing-the-rest-api\u002Fglobal-parameters\u002F#_envelope\" rel=\"nofollow ugc\">an enveloped REST API request\u003C\u002Fa> will include even more debugging information in the \u003Ccode>qm\u003C\u002Fcode> property of the response.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By default, Query Monitor’s output is only shown to Administrators on single-site installations, and Super Admins on Multisite installations.\u003C\u002Fp>\n\u003Cp>In addition to this, you can set an authentication cookie which allows you to view Query Monitor output when you’re not logged in (or if you’re logged in as a non-Administrator). See the Settings panel for details.\u003C\u002Fp>\n\u003Ch3>Other Plugins\u003C\u002Fh3>\n\u003Cp>I maintain several other plugins for developers. Check them out:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002F\" rel=\"ugc\">User Switching\u003C\u002Fa> provides instant switching between user accounts in WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-crontrol\u002F\" rel=\"ugc\">WP Crontrol\u003C\u002Fa> lets you view and control what’s happening in the WP-Cron system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Statement\u003C\u002Fh3>\n\u003Cp>Query Monitor is private by default and always will be. It does not persistently store any of the data that it collects. It does not send data to any third party, nor does it include any third party resources. \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Query Monitor’s full privacy statement can be found here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Accessibility Statement\u003C\u002Fh3>\n\u003Cp>Query Monitor aims to be fully accessible to all of its users. \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002Faccessibility\u002F\" rel=\"nofollow ugc\">Query Monitor’s full accessibility statement can be found here\u003C\u002Fa>.\u003C\u002Fp>\n","Query Monitor is the developer tools panel for WordPress and WooCommerce.",200000,19156533,98,463,"2025-12-11T22:16:00.000Z","6.9.4","6.1","7.4",[74,75,19,76,58],"debug","debug-bar","performance","https:\u002F\u002Fquerymonitor.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquery-monitor.3.20.2.zip",97,1,"2026-03-30 23:21:22",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":67,"num_ratings":92,"last_updated":93,"tested_up_to":70,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":99,"download_link":100,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"yoast-test-helper","Yoast Test Helper","1.18","Yoast","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoast\u002F","\u003Cp>This plugin makes testing Yoast SEO, Yoast SEO add-ons and integrations and resetting the different features a lot easier. It also makes testing database migrations a lot easier as it allows you to set the database version and see if the upgrade process runs smoothly.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>This test helper plugin has several features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable Yoast SEO development mode.\u003C\u002Fli>\n\u003Cli>Saving and restoring Yoast SEO and Yoast SEO extension options, to test upgrade paths.\u003C\u002Fli>\n\u003Cli>Add options debug info to Yoast SEO admin pages.\u003C\u002Fli>\n\u003Cli>Reset the internal link counter, prominent words calculation and other features.\u003C\u002Fli>\n\u003Cli>Add two post types (Books and Movies) with two taxonomies (Category and Genre) each and optionally disable the block editor for them.\u003C\u002Fli>\n\u003Cli>Easily add an inline script after a selected script.\u003C\u002Fli>\n\u003Cli>Replace your \u003Ccode>.test\u003C\u002Fcode> TLD with \u003Ccode>example.com\u003C\u002Fcode> in your Schema output, so you can easily copy paste to Google’s Structured Data Testing Tool.\u003C\u002Fli>\n\u003Cli>Change the number of URLs shown in an XML Sitemap.\u003C\u002Fli>\n\u003Cli>Easily change your MyYoast URL.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you find bugs or would like to contribute, see our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FYoast\u002Fyoast-test-helper\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin makes testing Yoast SEO, Yoast SEO add-ons and integrations and resetting the different features a lot easier.",60000,762113,12,"2025-12-01T18:28:00.000Z","6.4","7.2.5",[19,97,98],"yoast","yoast-seo","https:\u002F\u002Fgithub.com\u002Fyoast\u002Fyoast-test-helper","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyoast-test-helper.1.18.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":67,"num_ratings":111,"last_updated":112,"tested_up_to":70,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":120,"download_link":121,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"what-the-file","What The File","1.6.1","Barry Kooij","https:\u002F\u002Fprofiles.wordpress.org\u002Fbarrykooij\u002F","\u003Cp>What The File adds an option to your toolbar showing what file and template parts are used to display the page you’re currently viewing.\u003C\u002Fp>\n\u003Cp>You can click the file name to directly edit it through the theme editor, though I don’t recommend this for bigger changes.\u003C\u002Fp>\n\u003Cp>What The File supports BuddyPress and Roots Theme based themes.\u003C\u002Fp>\n\u003Cp>More information can be found \u003Ca href=\"http:\u002F\u002Fwww.barrykooij.com\u002Fwhat-the-file\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Looking for a great related posts plugin for WordPress?\u003C\u002Fh4>\n\u003Cp>Another plugin I’ve built, that I’m very proud of is Related Posts for WordPress. Related Posts for WordPress offers you the ability to link related posts to each other with just 1 click! And it’s 100% free! \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frelated-posts-for-wp\u002F\" rel=\"ugc\">Check it out on the WordPress repository.\u003C\u002Fa>\u003C\u002Fp>\n","What The File is the best tool to find out what template parts are used to display the page you're currently viewing!",40000,585647,882,"2026-02-19T17:21:00.000Z","3.1","5.3",[19,116,117,118,119],"file","template","template-editing","toolbar","http:\u002F\u002Fwww.barrykooij.com\u002Fwhat-the-file\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-the-file.1.6.1.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":67,"num_ratings":132,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":17,"tags":136,"homepage":17,"download_link":141,"security_score":142,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"prevent-browser-caching","Prevent Browser Caching","2.3.5","kostyatereshchuk","https:\u002F\u002Fprofiles.wordpress.org\u002Fkostyatereshchuk\u002F","\u003Cp>Are you a frontend developer? Do you want to clear browser cache for all users? Just activate this plugin and show your work!\u003C\u002Fp>\n\u003Cp>Prevent Browser Caching allows you to update the assets version of all CSS and JS files automatically or manually in one click.\u003C\u002Fp>\n\u003Cp>Now you can show the latest changes on the site without asking the client to clear the cache.\u003C\u002Fp>\n\u003Ch4>How it works?\u003C\u002Fh4>\n\u003Cp>Usually, WordPress loads assets using query param “ver” in the URL (e.g., style.css?ver=4.9.6). It allows browsers to cache these files until the parameter will not be updated.\u003C\u002Fp>\n\u003Cp>To prevent caching of CSS and JS files, this plugin adds a unique number (e.g., 1526905286) to the “ver” parameter (e.g., style.css?ver=4.9.6.1526905286) for all links, loaded using wp_enqueue_style and wp_enqueue_script functions.\u003C\u002Fp>\n\u003Ch4>For developers\u003C\u002Fh4>\n\u003Cp>By default, this plugin updates all assets files every time a user loads a page and adds options in the admin panel (Settings -> Prevent Browser Caching) which allows you to configure updating of these files.\u003C\u002Fp>\n\u003Cp>But you can also set the version of CSS and JS files programmatically.\u003C\u002Fp>\n\u003Cp>Just insert this code in functions.php file of your theme and change the value of assets_version when you need to update assets:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>prevent_browser_caching( array( \n    'assets_version' => '123' \n) );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Updates the assets version of all CSS and JS files. Shows the latest changes on the site without asking the client to clear browser cache.",10000,109482,28,"2024-04-09T17:18:00.000Z","6.5.8","4.0",[137,138,139,19,140],"assets","browser-cache","clear","frontend","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-browser-caching.2.3.5.zip",92,{"attackSurface":144,"codeSignals":183,"taintFlows":235,"riskAssessment":236,"analyzedAt":250},{"hooks":145,"ajaxHandlers":179,"restRoutes":180,"shortcodes":181,"cronEvents":182,"entryPointCount":13,"unprotectedCount":13},[146,152,156,160,163,167,170,173,176],{"type":147,"name":148,"callback":149,"priority":80,"file":150,"line":151},"action","init","SetLanguage","placeholder-it-widget.php",25,{"type":147,"name":153,"callback":154,"file":150,"line":155},"admin_head","AdminStyles",26,{"type":147,"name":157,"callback":158,"file":150,"line":159},"admin_init","ConfigSettings",27,{"type":147,"name":161,"callback":162,"file":150,"line":132},"admin_menu","InsertAdminMenuLink",{"type":147,"name":164,"callback":165,"file":150,"line":166},"widgets_init","InitializeWidget",29,{"type":147,"name":168,"callback":169,"file":150,"line":31},"admin_head-widgets.php","set_widget_icon",{"type":147,"name":171,"callback":171,"file":172,"line":31},"admin_enqueue_scripts","settings\\class.settings-api.php",{"type":147,"name":171,"callback":171,"file":174,"line":175},"widget\\widget.placeholder-it-widget.php",20,{"type":147,"name":177,"callback":177,"file":174,"line":178},"wp_enqueue_scripts",21,[],[],[],[],{"dangerousFunctions":184,"sqlUsage":189,"outputEscaping":191,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":234},[185],{"fn":186,"file":172,"line":187,"context":188},"create_function",108,"$callback = create_function('', 'echo \"'.str_replace('\"', '\\\"', $section['desc']).'\";');",{"prepared":13,"raw":13,"locations":190},[],{"escaped":192,"rawEcho":193,"locations":194},13,19,[195,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,229,230,232],{"file":150,"line":196,"context":197},76,"raw output",{"file":172,"line":199,"context":197},176,{"file":172,"line":201,"context":197},213,{"file":172,"line":203,"context":197},236,{"file":172,"line":205,"context":197},258,{"file":172,"line":207,"context":197},279,{"file":172,"line":209,"context":197},295,{"file":172,"line":211,"context":197},305,{"file":172,"line":213,"context":197},318,{"file":172,"line":215,"context":197},334,{"file":172,"line":217,"context":197},353,{"file":172,"line":219,"context":197},369,{"file":172,"line":221,"context":197},385,{"file":172,"line":223,"context":197},465,{"file":172,"line":225,"context":197},477,{"file":227,"line":228,"context":197},"widget\\piwSettings.php",207,{"file":227,"line":201,"context":197},{"file":174,"line":231,"context":197},86,{"file":174,"line":233,"context":197},153,[],[],{"summary":237,"deductions":238},"The \"placeholder-it-widget\" plugin version 0.9 presents a mixed security posture. On one hand, it demonstrates good practices by having no known CVEs, no SQL queries without prepared statements, no file operations, and no external HTTP requests. Furthermore, the attack surface is minimal, with zero AJAX handlers, REST API routes, shortcodes, or cron events identified, and importantly, none of these entry points appear to be unprotected.\n\nHowever, significant concerns arise from the static analysis. The presence of the `create_function` dangerous function is a major red flag, as it can be exploited for arbitrary code execution if user-supplied input is passed to it without proper sanitization. Additionally, the output escaping is only 41% proper, indicating a substantial risk of cross-site scripting (XSS) vulnerabilities if user-controlled data is displayed to other users without adequate sanitization. The lack of any nonce or capability checks, while seemingly aligned with the zero attack surface, means that if any new entry points were to be introduced, they would likely be unprotected.\n\nThe plugin's vulnerability history is spotless, which is positive. However, this could be attributed to its limited functionality or a lack of thorough security auditing. The strengths lie in its controlled attack surface and absence of common web vulnerabilities like SQL injection. The primary weaknesses are the use of `create_function` and insufficient output escaping, both of which introduce serious security risks.",[239,242,245,248],{"reason":240,"points":241},"Dangerous function: create_function",15,{"reason":243,"points":244},"Low output escaping percentage (41%)",8,{"reason":246,"points":247},"No nonce checks",5,{"reason":249,"points":247},"No capability checks","2026-03-17T00:49:41.511Z",{"wat":252,"direct":258},{"assetPaths":253,"generatorPatterns":255,"scriptPaths":256,"versionParams":257},[254],"\u002Fwp-content\u002Fplugins\u002Fplaceholder-it-widget\u002Fcss\u002Fadmin.css",[],[],[],{"cssClasses":259,"htmlComments":260,"htmlAttributes":261,"restEndpoints":262,"jsGlobals":263,"shortcodeOutput":264},[4],[],[],[],[],[]]