[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSyRBLjoRVFJGNJT7Dp-XkHGaXhBefvuywowcBmnKacg":3,"$fBJ-vrgem5tk1jr05ND1tcfULc_X9NXDAPB2xZEppFuU":238,"$fRa2Xv--vZRKc_IBLoXwg0q3H-yt8V5PxrZcTbItr1yY":243},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":35,"analysis":130,"fingerprints":216},"plain-logger","Plain Logger","1.1.2","hxh90","https:\u002F\u002Fprofiles.wordpress.org\u002Fhxh90\u002F","\u003Cp>Easily log any event on your WordPress site to text file. When simple echo and var_dump just won’t do.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Clear log with one click\u003C\u002Fli>\n\u003Cli>Refresh log with one click\u003C\u002Fli>\n\u003C\u002Ful>\n","Requires at least: 3.9 Tested up to: 4.7 Stable tag: 1.1.2",10,1295,100,1,"2017-08-22T14:43:00.000Z","",[18,19,20,21,22],"actions","activity","admin","best-error-log","debugging","https:\u002F\u002Fgithub.com\u002Ffujianto\u002Fplain-logger","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplain-logger.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},30,84,"2026-05-19T21:14:17.302Z",[36,56,68,88,106],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":32,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":16,"tags":50,"homepage":16,"download_link":55,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"bulk-actions-select-all","Bulk Actions Select All","1.1.1","Jesper van Engelen","https:\u002F\u002Fprofiles.wordpress.org\u002Fengelen\u002F","\u003Cp>\u003Cstrong>Bulk Actions: Select All\u003C\u002Fstrong> adds an option to the posts and taxonomy terms overviews in the WordPress Admin to select “All Entries”. By default, WordPress only allows you to select the posts\u002Fterms on the current page.\u003C\u002Fp>\n\u003Ch4>Supported content types\u003C\u002Fh4>\n\u003Cp>The plugin works for posts, pages and custom post types. Furthermore, it supports categories, tags and custom taxonomies. At this point, it doesn’t support comments and other object types besides post types and taxonomies.\u003C\u002Fp>\n","Adds an option to the admin posts and terms overview pages to select all items (instead of just the ones on the current page) to apply bulk actions.",900,22370,92,"2017-06-02T08:30:00.000Z","4.8.28","3.5",[20,51,52,53,54],"bulk","bulk-actions","posts","terms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-actions-select-all.1.1.1.zip",{"slug":52,"name":57,"version":6,"author":40,"author_profile":41,"description":58,"short_description":59,"active_installs":13,"downloaded":60,"rating":13,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":16,"tags":65,"homepage":16,"download_link":67,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"Advanced Bulk Actions","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbulk-actions\u002F\" rel=\"ugc\">Advanced Bulk Actions\u003C\u002Fa> is a WordPress plugin that adds new bulk actions to your admin panel on the posts, pages and users overviews. It works with custom post types.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This plugin \u003Cstrong>works only with WordPress versions 4.7+\u003C\u002Fstrong> and is in active development. The objective to is to implement a wide range of useful bulk actions.\u003Cbr \u002F>\n  Feedback is highly appreciated: if you have any suggestions regarding bulk actions, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbulk-actions#new-post\" rel=\"ugc\">create a new topic in the support forums\u003C\u002Fa>. Thank you!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>With this plugin, you can easily switch the post types, change the featured image, or change the post visibility or status, of multiple posts at once.\u003C\u002Fp>\n\u003Ch4>Features: bulk actions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Change post type\u003C\u002Fli>\n\u003Cli>Change featured image\u003C\u002Fli>\n\u003Cli>Change post visibility\u003C\u002Fli>\n\u003Cli>Change post status\u003C\u002Fli>\n\u003C\u002Ful>\n","Supercharge the WordPress admin panel with additional bulk actions to manage your content",5751,5,"2017-05-31T12:13:00.000Z","4.7.33","4.7",[18,20,66,51,52],"advanced-bulk-actions","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-actions.1.1.2.zip",{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":76,"downloaded":77,"rating":26,"num_ratings":26,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":81,"tags":82,"homepage":86,"download_link":87,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"dev-info-bar","Dev Info Bar","1.0.2","istvankrucsanyica","https:\u002F\u002Fprofiles.wordpress.org\u002Fistvankrucsanyica\u002F","\u003Cp>A simple WordPress extension which adds itself to the admin bar, providing system information such as PHP, MySQL version and  details of the WordPress being used.\u003C\u002Fp>\n","A simple WordPress extension which adds itself to the admin bar, providing system information such as PHP, MySQL version and  details of the WordPress &hellip;",80,2358,"2019-01-21T19:14:00.000Z","5.0.25","4.5","5.6",[20,83,22,84,85],"admin-bar","environment","server","http:\u002F\u002Fistvankrucsanyica.com\u002Fdevinfobar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdev-info-bar.1.0.2.zip",{"slug":89,"name":90,"version":71,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":13,"num_ratings":97,"last_updated":98,"tested_up_to":63,"requires_at_least":99,"requires_php":16,"tags":100,"homepage":104,"download_link":105,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"admin-command-palette","Admin Command Palette","jhned","https:\u002F\u002Fprofiles.wordpress.org\u002Fjhned\u002F","\u003Cp>The Admin Command Palette (ACP) is a modal window in the WordPress Admin that live searches admin content, which saves you many clicks and page loads. You can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Search for and navigate to user-generated content (Posts, Pages, Users, etc.).\u003C\u002Fli>\n\u003Cli>Search for and navigate to WordPress Admin Pages (All Posts, Add New Post, etc.).\u003C\u002Fli>\n\u003Cli>Perform WordPress Admin actions via the ACP or a keyboard shortcut (Publish, Add Media, View Post, etc.).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin brings about a new level of efficiency to WordPress admin user interactions: it’s like the difference between going over a mountain via a pass, versus going through a mountain via a tunnel. The tunnel is always more direct, more efficient, and more straightforward than the pass.\u003C\u002Fp>\n","Optimize WordPress admin navigation with a modal window to search for and navigate directly to WordPress admin pages.",70,4833,4,"2017-05-01T19:51:00.000Z","3.0.1",[18,20,101,102,103],"navigation","search","ux","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-command-palette\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-command-palette.1.0.3.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":95,"downloaded":114,"rating":26,"num_ratings":26,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":16,"tags":118,"homepage":128,"download_link":129,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"ngg-simple-history","NextCellent Simple History","2.0.1","niknetniko","https:\u002F\u002Fprofiles.wordpress.org\u002Fniknetniko\u002F","\u003Cp>NextCellent Simple History logs events related to NextCellent in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-history\u002F\" rel=\"ugc\">Simple History\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>Currently, it logs following events:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adding galleries\u003C\u002Fli>\n\u003Cli>Updating galleries\u003C\u002Fli>\n\u003Cli>Deleting galleries\u003C\u002Fli>\n\u003Cli>Adding pages for galleries\u003C\u002Fli>\n\u003Cli>Adding images to galleries\u003C\u002Fli>\n\u003Cli>Adding albums\u003C\u002Fli>\n\u003Cli>Editing albums\u003C\u002Fli>\n\u003Cli>Deleting albums\u003C\u002Fli>\n\u003Cli>Updating the NextCellent options\u003C\u002Fli>\n\u003Cli>Deleting images\u003C\u002Fli>\n\u003Cli>Updating images\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: this only works with NextCellent Gallery, not with NextGEN Gallery.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>NextCellent Simple History has some requirements to be able to run:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnextcellent-gallery-nextgen-legacy\u002F\" rel=\"ugc\">NextCellent\u003C\u002Fa> 1.9.27 or higher\u003C\u002Fli>\n\u003Cli>PHP 5.4 or higher (5.5 or higher is recommended, since 5.4 is no longer supported by PHP)\u003C\u002Fli>\n\u003Cli>WordPress 4.0 or higher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cp>So far NextCellent Simple History is available to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Polish (thanks to \u003Ca href=\"http:\u002F\u002Ffw2s.com\u002F\" rel=\"nofollow ugc\">Frank P. Walentynowicz\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Danish (\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002FThomasDK81\" rel=\"nofollow ugc\">thomasdk81\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you want to help, please contact me.\u003C\u002Fp>\n\u003Ch4>Source code\u003C\u002Fh4>\n\u003Cp>The source code is available on \u003Ca href=\"https:\u002F\u002Fbitbucket.org\u002Fniknetniko\u002Fngg-simplehistory\" rel=\"nofollow ugc\">BitBucket\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Feel free to contribute.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>The plugin icon was adapted from an icon made by \u003Ca href=\"http:\u002F\u002Fwww.freepik.com\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002Fwww.flaticon.com\" rel=\"nofollow ugc\">www.flaticon.com\u003C\u002Fa> is licensed under \u003Ca href=\"http:\u002F\u002Fcreativecommons.org\u002Flicenses\u002Fby\u002F3.0\u002F\" rel=\"nofollow ugc\">Creative Commons BY 3.0\u003C\u002Fa>.\u003C\u002Fp>\n","Add Simple History integration for NextCellent.",2209,"2016-04-01T10:57:00.000Z","4.5.33","4.0.0",[19,20,119,120,121,122,123,124,125,126,127],"changelog","changes","feed","history","log","nextcellent","nextgen","stream","syslog","https:\u002F\u002Fbitbucket.org\u002Fniknetniko\u002Fngg-simplehistory","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fngg-simple-history.2.0.1.zip",{"attackSurface":131,"codeSignals":182,"taintFlows":201,"riskAssessment":202,"analyzedAt":215},{"hooks":132,"ajaxHandlers":171,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":138,"unprotectedCount":138},[133,139,143,146,150,155,158,164,167],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","admin_menu","plain_logger_add_admin_menu","admin\u002Fsetting-page.php",2,{"type":134,"name":140,"callback":141,"file":137,"line":142},"admin_init","plain_logger_settings_init",3,{"type":134,"name":144,"callback":145,"file":137,"line":61},"admin_enqueue_scripts","plainLogger_admin_enqueue",{"type":134,"name":147,"callback":123,"priority":11,"file":148,"line":149},"plain_logger","class-plain-logger.php",18,{"type":134,"name":151,"callback":152,"file":153,"line":154},"admin_footer","print_log","inc\u002Fclass-log-to-db.php",7,{"type":134,"name":151,"callback":156,"file":153,"line":157},"clear_log",8,{"type":159,"name":160,"callback":161,"file":162,"line":163},"filter","plainLogger-log","get_log","inc\u002Fclass-log-to-file.php",15,{"type":134,"name":165,"callback":147,"priority":61,"file":166,"line":32},"init","plain-logger.php",{"type":134,"name":168,"callback":169,"file":166,"line":170},"plugins_loaded","load_setting_page",64,[172,176],{"action":173,"nopriv":174,"callback":156,"hasNonce":174,"hasCapCheck":174,"file":162,"line":175},"plainLogger-log-clear",false,13,{"action":160,"nopriv":174,"callback":177,"hasNonce":174,"hasCapCheck":174,"file":162,"line":178},"ajax_get_log",14,[],[],[],{"dangerousFunctions":183,"sqlUsage":188,"outputEscaping":190,"fileOperations":142,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":200},[184],{"fn":185,"file":162,"line":186,"context":187},"unserialize",51,"echo (is_object($content) ? json_encode(unserialize(serialize($content))) : $content);",{"prepared":26,"raw":26,"locations":189},[],{"escaped":14,"rawEcho":97,"locations":191},[192,194,196,198],{"file":137,"line":186,"context":193},"raw output",{"file":137,"line":195,"context":193},68,{"file":153,"line":197,"context":193},12,{"file":162,"line":199,"context":193},19,[],[],{"summary":203,"deductions":204},"The 'plain-logger' plugin version 1.1.2 presents a significant security risk due to its unprotected AJAX endpoints. The presence of two AJAX handlers, both lacking authentication checks, creates a wide attack surface. This means any unauthenticated user can potentially trigger these functions, which could have severe consequences if they are not properly secured. Furthermore, the use of the 'unserialize' function, especially in conjunction with user-supplied input that might not be adequately validated or sanitized, poses a serious risk of remote code execution (RCE) or denial-of-service (DoS) attacks. The static analysis also reveals a concerning lack of output escaping, with only 20% of outputs being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities. While the plugin has no recorded vulnerability history, indicating a potentially clean past, the current code analysis reveals fundamental security flaws that demand immediate attention. The absence of nonce checks and capability checks on the identified AJAX endpoints further exacerbates the risk. The plugin's overall security posture is weak, with critical areas of its code requiring immediate remediation to mitigate these substantial risks.",[205,207,209,211,213],{"reason":206,"points":11},"Unprotected AJAX handlers (2)",{"reason":208,"points":163},"Use of unserialize() function",{"reason":210,"points":157},"Low percentage of properly escaped output",{"reason":212,"points":11},"Missing nonce checks on AJAX",{"reason":214,"points":11},"Missing capability checks on AJAX","2026-04-16T12:48:38.620Z",{"wat":217,"direct":224},{"assetPaths":218,"generatorPatterns":221,"scriptPaths":222,"versionParams":223},[219,220],"\u002Fwp-content\u002Fplugins\u002Fplain-logger\u002Fadmin\u002Fassets\u002Ffield_plainLoggerArea.css","\u002Fwp-content\u002Fplugins\u002Fplain-logger\u002Fadmin\u002Fassets\u002Ffield_plainLoggerArea.js",[],[220],[],{"cssClasses":225,"htmlComments":228,"htmlAttributes":229,"restEndpoints":231,"jsGlobals":232,"shortcodeOutput":233},[226,227],"field_plainLoggerArea","content",[],[230],"data-target=\"field_plainLoggerArea\"",[],[],[234,235,236,237],"\u003Cdiv id=\"field_plainLoggerArea\" class='field_plainLoggerArea'>","\u003Cdiv class='content'>","\u003Cbutton type=\"button\" data-target=\"field_plainLoggerArea\" class=\"logReader-clean button button-primary\">Clear log data\u003C\u002Fbutton>","\u003Cbutton type=\"button\" id=\"refs\" data-target=\"field_plainLoggerArea\" class=\"logReader-refresh button button-secondary\">Refresh\u003C\u002Fbutton>",{"error":239,"url":240,"statusCode":241,"statusMessage":242,"message":242},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fplain-logger\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":244},[245],{"version":246,"download_url":247,"svn_tag_url":248,"released_at":27,"has_diff":174,"diff_files_changed":249,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":250,"is_current":174},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplain-logger.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fplain-logger\u002Ftags\u002F1.0.0\u002F",[],[]]