[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fj9tMESV7c0-HH4-aGlJQdbuV3a_tK4qd4YEquPamQg4":3,"$fVHQcVhl4LSGPgOmgIQCzyhSNLn6Y9aEQqN2bY2WglUc":330,"$fNyxoVNt9oY_4yA21rGkJD9XSL9WRyY7dMcYso3Wii18":334},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":68,"crawl_stats":39,"alternatives":74,"analysis":190,"fingerprints":312},"relocate-upload","Relocate Upload","0.24.1","alanft","https:\u002F\u002Fprofiles.wordpress.org\u002Falanft\u002F","\u003Cp>Relocate Upload lets you specify folders, and adds a menu to the Media Library (and Edit Media admin page) that lets you switch media items between these folders and WPs default upload location.\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Cp>When creating new folders,\u003C\u002Fp>\n","Wordpress uploads media to one pre-set folder. Relocate Upload lets you switch media to other folders.",100,14671,68,7,"2020-02-08T07:10:00.000Z","5.3.21","2.8","",[20,21,22,23,24],"admin","folder","move","relocate","upload","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Frelocate-upload\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelocate-upload.zip",55,2,1,"2025-06-27 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34,51],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":39,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":39,"patch_diff_files":48,"patch_trac_url":39,"research_status":39,"research_verified":49,"research_rounds_completed":50,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":49,"poc_model_used":39,"poc_verification_depth":39},"CVE-2025-53315","relocate-upload-cross-site-request-forgery","Relocate Upload \u003C= 0.24.1 - Cross-Site Request Forgery","The Relocate Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.24.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=0.24.1","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-07-02 19:23:20",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9075a705-e72f-4331-ab8f-bb06e1a58225?source=api-prod",[],false,0,{"id":52,"url_slug":53,"title":54,"description":55,"plugin_slug":4,"theme_slug":39,"affected_versions":56,"patched_in_version":57,"severity":58,"cvss_score":59,"cvss_vector":60,"vuln_type":61,"published_date":62,"updated_date":63,"references":64,"days_to_patch":66,"patch_diff_files":67,"patch_trac_url":39,"research_status":39,"research_verified":49,"research_rounds_completed":50,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":49,"poc_model_used":39,"poc_verification_depth":39},"CVE-2012-1205","relocate-upload-remote-file-inclusion","Relocate Upload \u003C 0.20 - Remote File Inclusion","PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.","\u003C0.20","0.20","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2011-09-19 00:00:00","2024-01-22 19:56:02",[65],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Feb629dfc-1be2-4a56-907f-0b5c64cc066e?source=api-prod",4509,[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":69,"avg_security_score":70,"avg_patch_time_days":71,"trust_score":72,"computed_at":73},110,70,4018,58,"2026-05-20T02:37:57.161Z",[75,100,123,145,168],{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":96,"download_link":97,"security_score":98,"vuln_count":29,"unpatched_count":50,"last_vuln_date":99,"fetched_at":31},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",60000,1320732,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4","7.0",[20,92,93,94,95],"import","media","post","uploads","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip",84,"2016-08-08 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":110,"num_ratings":11,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":121,"download_link":122,"security_score":85,"vuln_count":50,"unpatched_count":50,"last_vuln_date":39,"fetched_at":31},"disable-dashboard-for-woocommerce","Disable Bloat for WordPress & WooCommerce","3.5.0","Rock Solid","https:\u002F\u002Fprofiles.wordpress.org\u002Fmikewire_rocksolid\u002F","\u003Cp>🚀 \u003Cstrong>Boost Your Site’s Speed and Cleanliness with Disable Bloat!\u003C\u002Fstrong> 🚀\u003C\u002Fp>\n\u003Ch3>Over 400k downloads and 20k+ active installs! And many 5 star reviews\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>“This plugin will from now on be on my ‘required plugins’ list 🙂”\u003C\u002Fstrong>\u003Cbr \u002F>\n⭐️⭐️⭐️⭐️⭐️\u003Cbr \u002F>\n\u003Cem>— Janca\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“So much easier than manually maintaining a list of filters to remove!”\u003C\u002Fstrong>\u003Cbr \u002F>\n⭐️⭐️⭐️⭐️⭐️\u003Cbr \u002F>\n\u003Cem>— Hollowdev\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“Wow – just wow!!!”\u003C\u002Fstrong>\u003Cbr \u002F>\n⭐️⭐️⭐️⭐️⭐️\u003Cbr \u002F>\n\u003Cem>— Hebhensen\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Bloat is the silent killer of your site’s performance, often slowing down your entire website. Ensure your site stays lightning-fast with \u003Cstrong>Disable Bloat\u003C\u002Fstrong>, the ultimate plugin to disable unnecessary features that drag your site down.\u003C\u002Fp>\n\u003Cp>By default, the WordPress admin panel is cluttered with preinstalled elements that can distract you from your work. \u003Cstrong>Disable Bloat\u003C\u002Fstrong> smooths and cleans the admin panel by removing these unnecessary elements.\u003C\u002Fp>\n\u003Cp>✨ \u003Cstrong>Why Choose Disable Bloat?\u003C\u002Fstrong> ✨\u003Cbr \u002F>\n– Make Your Admin Panel Fast and Clean by disabling unwanted features\u003Cbr \u002F>\n– Accelerate Your WordPress Website and enhance user experience\u003Cbr \u002F>\n– Boost Security by turning off features you don’t use\u003Cbr \u002F>\n– Eliminate Third-Party Plugin Bloat to keep your site lean and fast-loading\u003C\u002Fp>\n\u003Cp>Enjoy the perfect blend of aesthetics and speed. With \u003Cstrong>Disable Bloat\u003C\u002Fstrong>, every tweak is seamless and live, giving you the fast, clean WordPress admin panel you deserve.\u003C\u002Fp>\n\u003Cp>🔓 \u003Cstrong>Premium Version\u003C\u002Fstrong> 🔓\u003Cbr \u002F>\nUnlock all features with \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">Disable Bloat for WordPress & WooCommerce PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>🚫 \u003Cstrong>Disable WooCommerce Bloat\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Turn Off WooCommerce Admin\u003C\u002Fstrong> to lighten your back-end\u003Cbr \u002F>\n– \u003Cstrong>Remove WooCommerce Promotions\u003C\u002Fstrong> cluttering your admin panel\u003Cbr \u002F>\n– \u003Cstrong>Reduce CSS and JavaScript Load\u003C\u002Fstrong> for a faster front-end and back-end\u003C\u002Fp>\n\u003Cp>📊 \u003Cstrong>WooCommerce Admin\u003C\u002Fstrong>\u003Cbr \u002F>\nWooCommerce Admin is a JavaScript-driven dashboard that can slow down your website. Disabling it can help speed up your site and improve user experience. Use these options to disable WooCommerce Admin, Analytics, Home screen, and other features slowing your admin panel:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable WooCommerce Admin\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Choose Admin Features to Disable\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Turn Off Marketing Hub and Promotions\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>📧 \u003Cstrong>WooCommerce Emails\u003C\u002Fstrong>\u003Cbr \u002F>\nAnnoyed by WooCommerce’s promotional emails? Stay balanced by disabling:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WooCommerce Guide Emails\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove “Get the App” from Emails \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🛠️ \u003Cstrong>WooCommerce Back-end Scripts\u003C\u002Fstrong>\u003Cbr \u002F>\nSpeed up your site by disabling unwanted scripts:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable WooCommerce Status Meta Box\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WooCommerce Dashboard Setup Widget\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable New WooCommerce Product Editor\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WooCommerce Blocks (back-end) \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🌐 \u003Cstrong>Your Store’s Front-end\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable unnecessary scripts and styles loading on your shop’s front-end:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable WooCommerce Widgets\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WooCommerce Scripts and Styles\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WooCommerce Cart Fragments\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WooCommerce Blocks (front-end) \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Unnecessary Stripe Scripts \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🧼 \u003Cstrong>Optimize WordPress Admin Panel\u003C\u002Fstrong>\u003Cbr \u002F>\nMake the admin panel smooth and clean by removing unnecessary elements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Clean Admin Interface\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Update Notice for Non-admin Users\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WordPress Editor Autosave\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Dashboard Widgets \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove WordPress Logo from Admin Bar \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Admin Footer Text \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🔒 \u003Cstrong>WordPress Login Page\u003C\u002Fstrong>\u003Cbr \u002F>\nCustomize the login page to your preference:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hide WordPress Logo from Login Page \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change Logo Link on Login Page \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change Logo Title Parameter on Login Page \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Login Language Switcher \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🚀 \u003Cstrong>Boost Your Site’s Performance\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable features you never use to improve load times and user experience:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable Password Strength Meter\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Load Comments Script Only When Needed\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WordPress Dashicons on Front-end\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove DNS Prefetch to s.w.org \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable jQuery Migrate \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Sidebar Widgets \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Meta Generator Tag \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Emoji Scripts \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable wp-embed \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🗑️ \u003Cstrong>Remove Scripts from Header\u003C\u002Fstrong>\u003Cbr \u002F>\nClean up your site’s header by removing unwanted scripts:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Remove RSS Feed Links \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable All RSS Feeds \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Generator Tag from RSS Feeds \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Link to Windows Live Writer Manifest File \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Shortlink from HTTP Header \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🔧 \u003Cstrong>Disable Unused Core WordPress Features\u003C\u002Fstrong>\u003Cbr \u002F>\nEnhance performance and security by disabling unused features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable XML-RPC API \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Post Revisions\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Turn Off Built-in File Editor\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🔄 \u003Cstrong>Updates\u003C\u002Fstrong>\u003Cbr \u002F>\nControl how your website updates to save resources:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable Themes Auto-updates\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Plugins Auto-updates\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable All WordPress Core Updates \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🛡️ \u003Cstrong>Speed and Security\u003C\u002Fstrong>\u003Cbr \u002F>\nKeep your site fast and secure by managing core features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable File Editor \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Post Revisions \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Application Passwords \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Script\u002FStyle Version Parameter \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🌐 \u003Cstrong>WordPress API\u003C\u002Fstrong>\u003Cbr \u002F>\nManage various WordPress APIs to improve performance:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable XML-RPC API \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WordPress Heartbeat API \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable REST API \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>✍️ \u003Cstrong>Block Editor\u003C\u002Fstrong>\u003Cbr \u002F>\nManage Block Editor features to keep your site fast:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable Gutenberg\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Specific Gutenberg Features \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🔗 \u003Cstrong>Third-Party Plugins Bloat\u003C\u002Fstrong>\u003Cbr \u002F>\nOptimize your site by managing third-party plugin bloat:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Remove Jetpack Installation Notice\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Jetpack Promotions and Blaze\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Elementor Dashboard Widget\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Elementor Google Fonts Package\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable SkyVerge Dashboard\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Yoast Ads, Premium Nags, and Admin Bar Item \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Yoast HTML Comments \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Contact Form 7 JavaScript and CSS \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide UpDraftPlus on Admin Toolbar \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Advanced Custom Fields Admin Menu \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove WPML Meta Generator Tag \u003Ca href=\"https:\u002F\u002Fdisablebloat.com\u002F?utm_source=wp_org&utm_medium=referral&utm_campaign=readme\" rel=\"nofollow ugc\">PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Flexible Shipping Extensions Menu Entry\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable WP Desk Dashboard Widget\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>⚙️ \u003Cstrong>Usage\u003C\u002Fstrong>\u003Cbr \u002F>\nGo to the configuration page: \u003Cstrong>Settings -> Disable Bloat\u003C\u002Fstrong> to get started. 🚀\u003C\u002Fp>\n","All-in-One solution to speed up your WordPress & WooCommerce. Remove unnecessary features and make your site faster and cleaner.",10000,476399,96,"2025-02-05T12:44:00.000Z","6.7.5","4.5","5.6",[116,117,118,119,120],"admin-panel-customization","remove-bloat","website-cleanup","woocommerce","wordpress-optimization","https:\u002F\u002Fdisablebloat.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-dashboard-for-woocommerce.3.5.0.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":108,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":18,"tags":137,"homepage":143,"download_link":144,"security_score":11,"vuln_count":50,"unpatched_count":50,"last_vuln_date":39,"fetched_at":31},"disable-wp-notification","Disable WP Notification","3.4","Sourabh Agrawal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsourabhasct\u002F","\u003Cp>Showing the notifications related to plugins and themes is not a good idea for all the user roles. Disable WP Notification helps you to disable all the spammy notifications from the entire wordpress dashboard.\u003C\u002Fp>\n\u003Cp>I know sometimes it is require to get the notifications, so considering this, Our experienced developers provide you the following options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable all notifications\u003C\u002Fli>\n\u003Cli>Disable Notifications for all users\u003C\u002Fli>\n\u003Cli>Disable Notifications for all users except admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Disable WP Notification Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Disable all the spammy notifications and clean the Dashboard.\u003C\u002Fli>\n\u003Cli>A panel to show all the disabled notifications.\u003C\u002Fli>\n\u003Cli>Disable the notifications for all the users including admin.\u003C\u002Fli>\n\u003Cli>Disable the notifications for all the users excluding admin. That means, except admin this will work only on the other users.\u003C\u002Fli>\n\u003Cli>Disable theme updates and notification.\u003C\u002Fli>\n\u003Cli>Disable plugin updates.\u003C\u002Fli>\n\u003Cli>Only Admin can manage the settings.\u003C\u002Fli>\n\u003C\u002Ful>\n","Best wordpress plugin to remove all the admin panel notifications in just one click. Including the theme and plugin update notification.",68422,86,12,"2026-03-10T05:53:00.000Z","6.9.4","6.0",[138,139,140,141,142],"disable-admin-notices","disable-dashboard-notifications","disable-plugin-update","disable-theme-update","remove-unwanted-notification","https:\u002F\u002Fsourabhagrawal.com\u002Fdisable-wp-notification","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-wp-notification.3.4.zip",{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":108,"downloaded":153,"rating":154,"num_ratings":155,"last_updated":156,"tested_up_to":135,"requires_at_least":157,"requires_php":158,"tags":159,"homepage":164,"download_link":165,"security_score":166,"vuln_count":28,"unpatched_count":50,"last_vuln_date":167,"fetched_at":31},"prevent-direct-access","Prevent Direct Access – Protect WordPress Files","2.8.8.7","WP Folio Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuildwps\u002F","\u003Cp>Prevent Direct Access (PDA) offers a simple solution to protect your WordPress files as well as prevent Google, other search engines and unwanted users from indexing and stealing your hard-to-produce ebooks, documents, and videos.\u003C\u002Fp>\n\u003Cp>We’ve created an intuitive user interface directly in your Media Library. It’s simple and easy to use. You’ll be able to protect your private files in no time.\u003C\u002Fp>\n\u003Ch4>An Inside Look at Prevent Direct Access (PDA) Gold\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F37wP7TTcW4Q?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Our PDA Lite version offers the following features:\u003C\u002Fp>\n\u003Ch3>Protect Unlimited WordPress Media Library File Uploads\u003C\u002Fh3>\n\u003Cp>Prevent Direct Access is designed to protect all your WordPress media files such as images (PNG, JPEG), documents (PDF, DOCX, PPTX), audios, and videos (MP4, MP3) that you upload to your website under Media Library or via Media, Pages or Posts.\u003C\u002Fp>\n\u003Cp>Once protected, only admin users and the file’s author can access them directly. Unwanted users will be redirected to your 404 not found page when attempting to read and download these file URLs.\u003C\u002Fp>\n\u003Cp>You can protect unlimited file uploads with our PDA Lite alone.\u003C\u002Fp>\n\u003Ch3>Customize “No Access” Page\u003C\u002Fh3>\n\u003Cp>Instead of redirecting unauthorized users to the 404 page, you can show them a custom page, e.g registration or login page. Users will have to log into your site in order to access these protected files.\u003C\u002Fp>\n\u003Ch3>Auto-generate Private URLs\u003C\u002Fh3>\n\u003Cp>Once a WordPress file is protected, Prevent Direct Access will automatically generate a private download link containing a random string for you to access or share this private file with others.\u003C\u002Fp>\n\u003Cp>You can then copy that private download link to clipboard and subsequently paste it on your browsers and\u002For email by clicking on the Copy URL button.\u003C\u002Fp>\n\u003Ch3>Restrict Access based on IP Addresses\u003C\u002Fh3>\n\u003Cp>Private Download Links can be accessed by anyone who knows the exact URL. You have an option to block unwanted IP addresses from accessing your private links. You can also expire them automatically by clicks or time with our PDA Gold version.\u003C\u002Fp>\n\u003Ch3>Block Google from Indexing your Files\u003C\u002Fh3>\n\u003Cp>Prevent Direct Access (PDA) explicitly tells Google and other search engines not to index any of your protected files so that their content and original URLs will never appear on the search results.\u003C\u002Fp>\n\u003Ch3>Prevent Image Hotlinking\u003C\u002Fh3>\n\u003Cp>Our plugin also stops others from stealing and using your images on their website by linking them directly from your website, which could slow down your website significantly.\u003C\u002Fp>\n\u003Ch3>Protect WordPress Uploads Directory\u003C\u002Fh3>\n\u003Cp>The \u003Ccode>wp-content\u002Fuploads\u003C\u002Fcode> folder where all your uploaded images and files are stored will also be protected. No one will be able to see and browse the content on that folder anymore.\u003C\u002Fp>\n\u003Ch3>Disable Copy and Right Click\u003C\u002Fh3>\n\u003Cp>Our plugin provides you with an option to disable text selection and right-click on all your web pages to prevent content theft.\u003C\u002Fp>\n\u003Ch3>Restrict Media Library Access\u003C\u002Fh3>\n\u003Cp>Instead of allowing users to view all file uploads in Media Library, you can restrict users to view their own ones only.\u003C\u002Fp>\n\u003Cp>We also provide a premium \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fextensions\u002Fwordpress-restrict-page-file-access\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Folder Protection\u003C\u002Fa> feature that allows you to protect all files inside the private folder with just one-click.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>Prevent Direct Access Gold Version\u003C\u002Fh4>\n\u003Cp>Our \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">PDA Gold\u003C\u002Fa> offers more advanced features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Protect unlimited files and all file types\u003C\u002Fli>\n\u003Cli>Encrypt protected files to stop unauthorized downloads from viewing\u003C\u002Fli>\n\u003Cli>Protect new file uploads automatically or on the fly\u003C\u002Fli>\n\u003Cli>Restrict protected file access to logged-in users or custom user roles\u003C\u002Fli>\n\u003Cli>Search and replace unprotected URLs in content\u003C\u002Fli>\n\u003Cli>Create & customize unlimited Private Download Links\u003C\u002Fli>\n\u003Cli>Expire Private Download Links by days and clicks\u003C\u002Fli>\n\u003Cli>Protect all files under specific folders on WordPress root and uploads directory with our \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fextensions\u002Fwordpress-restrict-page-file-access\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Folder Protection\u003C\u002Fa> feature.\u003C\u002Fli>\n\u003Cli>Grant individual or multiple files access via Referrer Links\u003C\u002Fli>\n\u003Cli>Restrict access to WooCommerce order page by IP addresses using \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fextensions\u002Fwoocommerce-integration\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">WooCommerce Integration\u003C\u002Fa> extension\u003C\u002Fli>\n\u003Cli>Sync or offload multiple files to Amazon S3, search & replace unprotected URLs in content and set their expiration time with \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fextensions\u002Famazon-s3-wordpress-uploads\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Amazon S3 Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Upload multiple files directly from your local to Amazon S3 or Wasabi using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-s3-smart-upload\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"ugc\">WordPress Amazon S3 – Wasabi Smart File Uploads Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fextensions\u002Fwordpress-multisite-integration?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Integrate with WordPress Multisite Network\u003C\u002Fa> and top membership plugins\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fdocs\u002Fgrant-learndash-courses-access-enrolled-students\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Integrate with LearnDash plugin\u003C\u002Fa> to grant course materials access to enrolled students only\u003C\u002Fli>\n\u003Cli>Protect multiple files at once and many other premium features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out our \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=premium-after-gold-features&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Prevent Direct Access (PDA) Gold\u003C\u002Fa> now.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Documentation and support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>For documentation and tutorials go to our \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fdocs\u002F?utm_source=wp.org&utm_medium=documentations-and-support&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Check out \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fdocs\u002Fcompatible-wordpress-plugins\u002F?utm_source=wp.org&utm_medium=documentations-and-support&utm_campaign=pda-lite\" rel=\"nofollow ugc\">compatible hosting, themes, and plugins\u003C\u002Fa> with PPWP\u003C\u002Fli>\n\u003Cli>If you have any more questions or want to request new features, contact us through \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fcontact\u002F?utm_source=wp.org&utm_medium=documentations-and-support&utm_campaign=pda-lite\" rel=\"nofollow ugc\">this form\u003C\u002Fa> or drop us an email at \u003Ca href=\"mailto:hello@preventdirectaccess.com\" rel=\"nofollow ugc\">hello@preventdirectaccess.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>PDA is designed to fully respect and protect personal information of its users. It does not collect any user information without your consent.\u003C\u002Fp>\n\u003Cp>We’re using GetResponse to communicate with our users in case they would like to opt in and receive future updates from us.\u003C\u002Fp>\n\u003Cp>User’s emails will be first sent to an external API on our secure server before getting managed by GetResponse.\u003C\u002Fp>\n\u003Cp>Please see our complete \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Fprivacy-policy\u002F?utm_source=wp.org&utm_medium=privacy-policy&utm_campaign=pda-lite\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.getresponse.com\u002Flegal\u002Fprivacy\" rel=\"nofollow ugc\">GetResponse’s\u003C\u002Fa>.\u003C\u002Fp>\n","A simple way to prevent search engines and the public from indexing and accessing your files without complex user authentication.",271830,94,292,"2026-04-06T09:12:00.000Z","4.7","5.6.1",[160,161,162,163,95],"copy-protection","downloads","folder-protection","protection","https:\u002F\u002Fpreventdirectaccess.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-direct-access.2.8.8.7.zip",99,"2025-04-24 00:00:00",{"slug":169,"name":170,"version":171,"author":172,"author_profile":173,"description":174,"short_description":175,"active_installs":176,"downloaded":177,"rating":11,"num_ratings":178,"last_updated":179,"tested_up_to":180,"requires_at_least":181,"requires_php":18,"tags":182,"homepage":187,"download_link":188,"security_score":189,"vuln_count":50,"unpatched_count":50,"last_vuln_date":39,"fetched_at":31},"hide-admin-toolbar","Hide Admin Toolbar","1.0","Aftab Ali Muni","https:\u002F\u002Fprofiles.wordpress.org\u002Faftabmuni\u002F","\u003Cp>This plugin is used to hide admin toolbar from website. It will hide that bar when you are logged in and viewing the site.\u003C\u002Fp>\n","This plugin is used to hide admin toolbar from website. It will hide that bar when you are logged in and viewing the site.",9000,55913,4,"2023-11-26T07:19:00.000Z","6.4.8","3.1",[183,184,185,186],"disable-admin-bar","disable-admin-toolbar","hide-admin-bar","remove-admin-bar-from-website","https:\u002F\u002Faftabmuni.wordpress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-toolbar.zip",85,{"attackSurface":191,"codeSignals":230,"taintFlows":250,"riskAssessment":294,"analyzedAt":311},{"hooks":192,"ajaxHandlers":221,"restRoutes":227,"shortcodes":228,"cronEvents":229,"entryPointCount":29,"unprotectedCount":50},[193,199,203,208,213,217],{"type":194,"name":195,"callback":196,"file":197,"line":198},"action","admin_enqueue_scripts","ru_register_scripts","relocate-upload.php",23,{"type":194,"name":200,"callback":201,"file":197,"line":202},"admin_head","relocate_upload_js",98,{"type":204,"name":205,"callback":206,"file":197,"line":207},"filter","posts_where","relocate_upload_library_filter",157,{"type":204,"name":209,"callback":210,"priority":211,"file":197,"line":212},"attachment_fields_to_edit","relocate_upload_menu",3,182,{"type":194,"name":214,"callback":215,"file":197,"line":216},"admin_menu","RU_admin_items",216,{"type":204,"name":218,"callback":219,"file":197,"line":220},"wp_get_attachment_url","wp_get_attachment_url_absolute_path_fix",343,[222],{"action":223,"nopriv":49,"callback":224,"hasNonce":225,"hasCapCheck":49,"file":197,"line":226},"relocate_upload","relocate_upload_js_action",true,24,[],[],[],{"dangerousFunctions":231,"sqlUsage":232,"outputEscaping":234,"fileOperations":28,"externalRequests":50,"nonceChecks":29,"capabilityChecks":50,"bundledLibraries":249},[],{"prepared":178,"raw":50,"locations":233},[],{"escaped":50,"rawEcho":235,"locations":236},6,[237,239,241,243,245,247],{"file":197,"line":85,"context":238},"raw output",{"file":197,"line":240,"context":238},121,{"file":197,"line":242,"context":238},151,{"file":197,"line":244,"context":238},286,{"file":197,"line":246,"context":238},287,{"file":197,"line":248,"context":238},288,[],[251,267,281],{"entryPoint":252,"graph":253,"unsanitizedCount":29,"severity":41},"relocate_upload_js (relocate-upload.php:99)",{"nodes":254,"edges":265},[255,260],{"id":256,"type":257,"label":258,"file":197,"line":259},"n0","source","$_GET",146,{"id":261,"type":262,"label":263,"file":197,"line":242,"wp_function":264},"n1","sink","echo() [XSS]","echo",[266],{"from":256,"to":261,"sanitized":49},{"entryPoint":268,"graph":269,"unsanitizedCount":50,"severity":280},"relocate_upload_js_action (relocate-upload.php:28)",{"nodes":270,"edges":278},[271,274],{"id":256,"type":257,"label":272,"file":197,"line":273},"$_GET (x2)",51,{"id":261,"type":262,"label":275,"file":197,"line":276,"wp_function":277},"get_row() [SQLi]",53,"get_row",[279],{"from":256,"to":261,"sanitized":225},"low",{"entryPoint":282,"graph":283,"unsanitizedCount":50,"severity":280},"\u003Crelocate-upload> (relocate-upload.php:0)",{"nodes":284,"edges":291},[285,286,287,289],{"id":256,"type":257,"label":272,"file":197,"line":273},{"id":261,"type":262,"label":275,"file":197,"line":276,"wp_function":277},{"id":288,"type":257,"label":258,"file":197,"line":259},"n2",{"id":290,"type":262,"label":263,"file":197,"line":242,"wp_function":264},"n3",[292,293],{"from":256,"to":261,"sanitized":225},{"from":288,"to":290,"sanitized":225},{"summary":295,"deductions":296},"The \"relocate-upload\" plugin, version 0.24.1, presents a mixed security posture.  While it demonstrates good practices by utilizing prepared statements for all SQL queries and including a nonce check on its single AJAX handler, significant concerns arise from its output escaping and vulnerability history.  The static analysis reveals that 100% of output is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is directly reflected in the output.  Furthermore, the plugin has a history of two known CVEs, with one critical vulnerability remaining unpatched, specifically related to Cross-Site Request Forgery (CSRF) and PHP Remote File Inclusion. This historical pattern suggests a recurring weakness in secure coding practices, particularly concerning input validation and file handling, and the unpatched critical vulnerability is a severe immediate risk.\n\nWhile the attack surface is limited and most entry points have some form of protection, the lack of proper output escaping and the unpatched critical vulnerability significantly elevate the risk associated with this plugin. The vulnerability history, including a critical PHP Remote File Inclusion flaw, is particularly worrying and indicates a potential for severe compromise if exploited. Therefore, users should exercise extreme caution with this plugin, prioritize updating to a version that addresses the known critical vulnerability, and ideally, consider alternatives until its security posture is demonstrably improved.",[297,300,303,305,308],{"reason":298,"points":299},"Unpatched Critical CVE",20,{"reason":301,"points":302},"100% Unescaped Output",8,{"reason":304,"points":14},"Flow with unsanitized paths",{"reason":306,"points":307},"Historical PHP RFI vulnerability",15,{"reason":309,"points":310},"Historical CSRF vulnerability",10,"2026-03-16T20:48:55.184Z",{"wat":313,"direct":320},{"assetPaths":314,"generatorPatterns":316,"scriptPaths":317,"versionParams":318},[315],"\u002Fwp-content\u002Fplugins\u002Frelocate-upload\u002Fjs\u002Frelocate-upload.js",[],[315],[319],"relocate-upload\u002Fjs\u002Frelocate-upload.js?ver=",{"cssClasses":321,"htmlComments":322,"htmlAttributes":323,"restEndpoints":326,"jsGlobals":327,"shortcodeOutput":329},[],[],[324,325],"media_id","ru_folder",[],[328],"ru_request_move",[],{"error":225,"url":331,"statusCode":332,"statusMessage":333,"message":333},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Frelocate-upload\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":335,"versions":336},5,[337,345,352,361,370],{"version":338,"download_url":339,"svn_tag_url":340,"released_at":39,"has_diff":49,"diff_files_changed":341,"diff_lines":39,"trac_diff_url":342,"vulnerabilities":343,"is_current":49},"0.21","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelocate-upload.0.21.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frelocate-upload\u002Ftags\u002F0.21\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frelocate-upload%2Ftags%2F0.20&new_path=%2Frelocate-upload%2Ftags%2F0.21",[344],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":39},{"version":57,"download_url":346,"svn_tag_url":347,"released_at":39,"has_diff":49,"diff_files_changed":348,"diff_lines":39,"trac_diff_url":349,"vulnerabilities":350,"is_current":49},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelocate-upload.0.20.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frelocate-upload\u002Ftags\u002F0.20\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frelocate-upload%2Ftags%2F0.14&new_path=%2Frelocate-upload%2Ftags%2F0.20",[351],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":39},{"version":353,"download_url":354,"svn_tag_url":355,"released_at":39,"has_diff":49,"diff_files_changed":356,"diff_lines":39,"trac_diff_url":357,"vulnerabilities":358,"is_current":49},"0.14","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelocate-upload.0.14.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frelocate-upload\u002Ftags\u002F0.14\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frelocate-upload%2Ftags%2F0.11&new_path=%2Frelocate-upload%2Ftags%2F0.14",[359,360],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":39},{"id":52,"url_slug":53,"title":54,"severity":58,"cvss_score":59,"vuln_type":61,"patched_in_version":57},{"version":362,"download_url":363,"svn_tag_url":364,"released_at":39,"has_diff":49,"diff_files_changed":365,"diff_lines":39,"trac_diff_url":366,"vulnerabilities":367,"is_current":49},"0.11","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelocate-upload.0.11.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frelocate-upload\u002Ftags\u002F0.11\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frelocate-upload%2Ftags%2F0.10&new_path=%2Frelocate-upload%2Ftags%2F0.11",[368,369],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":39},{"id":52,"url_slug":53,"title":54,"severity":58,"cvss_score":59,"vuln_type":61,"patched_in_version":57},{"version":371,"download_url":372,"svn_tag_url":373,"released_at":39,"has_diff":49,"diff_files_changed":374,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":375,"is_current":49},"0.10","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelocate-upload.0.10.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frelocate-upload\u002Ftags\u002F0.10\u002F",[],[376,377],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":39},{"id":52,"url_slug":53,"title":54,"severity":58,"cvss_score":59,"vuln_type":61,"patched_in_version":57}]