[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fyL6-_rRUXz60smemcgFS7OzrL7bLwJ8peRs1-Ka4BNw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":36,"analysis":134,"fingerprints":212},"proper-network-activation","Proper Network Activation","1.0.5","scribu","https:\u002F\u002Fprofiles.wordpress.org\u002Fscribu\u002F","\u003Cp>When running WordPress MultiSite, you have a very handy feature called network activation. It allows you to activate a plugin for the entire network of sites. The trouble is that it only does half the job.\u003C\u002Fp>\n\u003Cp>Some plugins have an install procedure that is meant to be run only on activation. However, when you do a network activation, that install procedure is only run for the current site. So, you end up with plugins not working properly on all the other sites.\u003C\u002Fp>\n\u003Cp>What this plugin does:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>when doing a network de\u002Factivation, it triggers the de\u002Factivation hook on all sites in the network\u003C\u002Fli>\n\u003Cli>when creating a new site, it triggers the activation hook for all active network plugins on that site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links: \u003Ca href=\"http:\u002F\u002Fscribu.net\u002Fwordpress\u002Fproper-network-activation\" rel=\"nofollow ugc\">Plugin News\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fscribu.net\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Development\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Contribute Code at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fscribu\u002Fwp-proper-network-activation\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fscribu\u002Fwp-proper-network-activation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Contribute Translations at \u003Ca href=\"https:\u002F\u002Ftranslate.foe-services.de\u002Fprojects\u002Fproper-network-activation\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.foe-services.de\u002Fprojects\u002Fproper-network-activation\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Avoid errors when using WordPress MultiSite network activation",20,32400,86,7,"2013-03-14T12:57:00.000Z","3.5.2","3.1","",[20,21,22,23],"activation","admin","multisite","plugins","http:\u002F\u002Fscribu.net\u002Fwordpress\u002Fproper-network-activation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproper-network-activation.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":11,"total_installs":32,"avg_security_score":13,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},27990,4851,69,"2026-04-04T07:03:26.447Z",[37,57,76,94,115],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":55,"download_link":56,"security_score":47,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"plugin-report","Plugin Report","2.2.2","Torsten Landsiedel","https:\u002F\u002Fprofiles.wordpress.org\u002Fzodiac1978\u002F","\u003Cp>A WordPress plugin that provides detailed information about currently installed plugins.\u003C\u002Fp>\n\u003Ch3>Plugin Report will allow you to:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Spot plugins that are no longer maintained.\u003C\u002Fli>\n\u003Cli>Get a quick overview of the “plugin health” of your site.\u003C\u002Fli>\n\u003Cli>Provide clients with a detailed report, right from their own dashboard, or as CSV spreadsheet.\u003C\u002Fli>\n\u003Cli>Find plugins that are no longer active on multisite installs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Thanks to Roy Tanck for trusting me to adopt this great plugin. Hartelijk bedankt!\u003C\u002Fp>\n\u003Cp>Special thanks go to \u003Ca href=\"http:\u002F\u002Ftristen.ca\u002F\" rel=\"nofollow ugc\">Tristen Forsythe Brown\u003C\u002Fa> for the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftristen\u002Ftablesort\" rel=\"nofollow ugc\">tablesort JavaScript library\u003C\u002Fa> licensed under the MIT License.\u003C\u002Fp>\n","A WordPress plugin that provides detailed information about currently installed plugins.",1000,26304,100,14,"2026-01-18T12:46:00.000Z","6.9.4","4.6","5.6",[21,22,54,23],"plugin-info","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-report\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-report.2.2.2.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":47,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":51,"requires_php":70,"tags":71,"homepage":74,"download_link":75,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"admin-bar-plugin-switcher","Admin Bar Plugin Switcher","1.1","Milan Dinić","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimadin\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fmilandinic.com\u002Fwordpress\u002Fplugins\u002Fadmin-bar-plugin-switcher\u002F\" rel=\"nofollow ugc\">Plugin homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmilandinic.com\u002F\" rel=\"nofollow ugc\">Plugin author\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmilandinic.com\u002Fdonate\u002F\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin adds a menu in admin bar that enables toggling of activation status of plugins. It can be helpful to developers who want to quickly see something before and after plugin is activated.\u003C\u002Fp>\n\u003Cp>Note that it has no settings, just activate it and it works immediately for any user that has permission to activate\u002Fdeactivate plugins. Also note that it is not multisite compatible.\u003C\u002Fp>\n\u003Cp>And it’s on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdimadin\u002Fadmin-bar-plugin-switcher\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Activate\u002Fdeactivate plugins from admin bar.",10,2379,2,"2019-02-24T15:10:00.000Z","5.1.22","5.2.4",[20,72,73,23],"admin-bar","deactivation","https:\u002F\u002Fmilandinic.com\u002Fwordpress\u002Fplugins\u002Fadmin-bar-plugin-switcher\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-bar-plugin-switcher.1.1.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":65,"downloaded":84,"rating":47,"num_ratings":67,"last_updated":85,"tested_up_to":50,"requires_at_least":86,"requires_php":87,"tags":88,"homepage":92,"download_link":93,"security_score":47,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"multisite-administration-tools","Multisite Administration Tools","1.21","Aaron Axelsen","https:\u002F\u002Fprofiles.wordpress.org\u002Faxelseaa\u002F","\u003Cp>The Multisite Administration Tools plugin adds additional columns to the Sites, Plugins and Themes tables in the Network Admin interface.\u003C\u002Fp>\n\u003Cp>On the Sites table, two additional columns are added to allow admins to easily view the theme of the site, and also any plugins that are enabled.\u003C\u002Fp>\n\u003Cp>On the Themes table, there is an additional column added which allows the administrator to see all sites that are actively using that theme.\u003C\u002Fp>\n\u003Cp>On the Plugins table, there is an additional column added which allows the administrator to see all sites that are actively using that plugin.\u003C\u002Fp>\n","Adds information to the network admin sites, plugins and themes page. Allows you to easily see what theme and plugins are enabled on a site.",3393,"2025-12-21T16:29:00.000Z","5.8","7.2",[89,22,90,23,91],"admintools","network","themes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultisite-administration-tools\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-administration-tools.1.21.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":105,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":113,"download_link":114,"security_score":47,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wpcore","WPCore Plugin Manager","1.9.2","stueynet","https:\u002F\u002Fprofiles.wordpress.org\u002Fstueynet\u002F","\u003Cp>WPCore is a tool that allows you to manage collections of WordPress plugins and then quickly install them on any WordPress site. You can generate your collections at https:\u002F\u002Fwpcore.com and then import them to your WordPress site by copying and pasting your unique collection key in WordPress.\u003C\u002Fp>\n","Create plugin collections and install them in one click on any WordPress site.",10000,168565,96,32,"2025-05-20T17:15:00.000Z","6.8.5","3.5",[21,110,111,112,23],"administration","install","installation","https:\u002F\u002Fwpcore.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcore.1.9.2.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":11,"last_updated":126,"tested_up_to":16,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":132,"download_link":133,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"root-relative-urls","Root Relative URLs","2.3","MarcusPope","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcuspope\u002F","\u003Cp>A WordPress plugin that converts all URL formats to root-relative URLs to enable seamless transitioning between staging\u002Fproduction host environments and debugging\u002Ftesting from mobile devices, without the use of hackish tactics like textual find-replace strategies or risky hosts\u002FNAT spoofing strategies.\u003C\u002Fp>\n\u003Cp>With Root Relative URLs you can browse your development site from http:\u002F\u002Flocalhost\u002F or http:\u002F\u002F127.0.0.1\u002F or from a named network resource like http:\u002F\u002Fmycomputername\u002F without worrying about links redirecting you back to your site’s URL.\u003C\u002Fp>\n\u003Cp>This plugin also modifies the tinyMCE hooks so links and media embedded with built-in tools will only insert URLs from the first forward slash after the domain (i.e. the root of your site.)  This means when you push content changes to a staging or production environment they are guaranteed to reference the correct target instead of accidentally referencing a production resource in development or, worse-yet, a development-exclusive resource in production.\u003C\u002Fp>\n\u003Cp>It supports path-based MU Installations, but does not support domain-based MU sites due to architectural deficiencies in the WordPress core.\u003C\u002Fp>\n\u003Cp>Version 1.5 fixes an infinite redirect problem that is a result of a core bug in WordPress.  If you have problems with the \u003C!–more–> tag or permalinks for custom post types, please read the FAQ or new Install Steps for support.\u003C\u002Fp>\n\u003Cp>Version 2.2 allows for adding certain URL’s or partial URL’s to a blacklist, meaning I won’t use root relative urls, but dynamic absolute URLs instead for displaying content.  This will fix problems with 3rd party plugins, and can be configured on the General Settings page.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n","Converts all URLs to root-relative URLs for hosting the same site on multiple IPs, easier production migration and better mobile device testing.",6000,77389,58,"2017-11-28T08:04:00.000Z","3.2.1",[21,129,130,22,131],"content","links","url","http:\u002F\u002Fwww.marcuspope.com\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Froot-relative-urls.zip",{"attackSurface":135,"codeSignals":158,"taintFlows":173,"riskAssessment":202,"analyzedAt":211},{"hooks":136,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":27,"unprotectedCount":27},[137,143,146,150],{"type":138,"name":139,"callback":140,"priority":65,"file":141,"line":142},"action","activated_plugin","update_queue","proper-network-activation.php",21,{"type":138,"name":144,"callback":140,"priority":65,"file":141,"line":145},"deactivated_plugin",22,{"type":138,"name":147,"callback":148,"file":141,"line":149},"network_admin_notices","admin_notices",24,{"type":138,"name":151,"callback":152,"file":141,"line":153},"wpmu_new_blog","setup",29,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":162,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":172},[],{"prepared":67,"raw":27,"locations":161},[],{"escaped":27,"rawEcho":163,"locations":164},4,[165,167,168,170],{"file":141,"line":34,"context":166},"raw output",{"file":141,"line":26,"context":166},{"file":141,"line":169,"context":166},90,{"file":141,"line":171,"context":166},91,[],[174,194],{"entryPoint":175,"graph":176,"unsanitizedCount":192,"severity":193},"ajax_response (proper-network-activation.php:134)",{"nodes":177,"edges":189},[178,183],{"id":179,"type":180,"label":181,"file":141,"line":182},"n0","source","$_POST",142,{"id":184,"type":185,"label":186,"file":141,"line":187,"wp_function":188},"n1","sink","get_col() [SQLi]",148,"get_col",[190],{"from":179,"to":184,"sanitized":191},false,1,"high",{"entryPoint":195,"graph":196,"unsanitizedCount":192,"severity":193},"\u003Cproper-network-activation> (proper-network-activation.php:0)",{"nodes":197,"edges":200},[198,199],{"id":179,"type":180,"label":181,"file":141,"line":182},{"id":184,"type":185,"label":186,"file":141,"line":187,"wp_function":188},[201],{"from":179,"to":184,"sanitized":191},{"summary":203,"deductions":204},"The plugin 'proper-network-activation' v1.0.5 exhibits a mixed security posture. On the positive side, it has a minimal attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and no known historical vulnerabilities. Furthermore, all SQL queries are properly prepared, which is a significant security strength. However, the static analysis reveals critical weaknesses. All identified output operations are unescaped, presenting a direct risk of cross-site scripting (XSS) vulnerabilities if any data displayed originates from user input. The taint analysis also flags two flows with unsanitized paths, both categorized as high severity. This suggests that potentially malicious data could be processed without proper sanitization, leading to security issues. The absence of nonce and capability checks, while not directly leading to deductions based on the provided attack surface (as there are no entry points to check), indicates a general lack of defensive coding practices that could become problematic if the plugin's functionality were to expand in the future.",[205,208,210],{"reason":206,"points":207},"Unescaped output detected",12,{"reason":209,"points":48},"High severity taint flow with unsanitized path",{"reason":209,"points":48},"2026-03-16T22:47:25.552Z",{"wat":213,"direct":218},{"assetPaths":214,"generatorPatterns":215,"scriptPaths":216,"versionParams":217},[],[],[],[],{"cssClasses":219,"htmlComments":223,"htmlAttributes":224,"restEndpoints":225,"jsGlobals":227,"shortcodeOutput":229},[220,221,222],"pna-count-current","pna-count-total","pna",[],[],[226],"\u002Fwp-json\u002Fpna\u002F",[222,228],"ajaxurl",[]]