[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6MtGvWnWHwDsmKV17GnE-an8rynhMikBuYbna-LDBfo":3,"$fKRI1AxUt4nLtVrOz2ucRp2VUCUR8TMVCW94taurLLSA":175,"$fN8ZucfW2P84eU1nhOa5DkqAjA08_okXo-rlslOytJ6A":180},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":16,"download_link":21,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":33,"analysis":127,"fingerprints":162},"restrict-json-rest-api","Restrict Json Rest Api","1.0","Rajat","https:\u002F\u002Fprofiles.wordpress.org\u002Frajatdev\u002F","\u003Cp>This Plugin Create a options which can provide ability to disable all or particular routes for json api.This plugin\u003Cbr \u002F>\nhelp to restrict the use of public credentials of website.This will protect the data such as users details of wordpress\u003Cbr \u002F>\netc\u003C\u002Fp>\n","Plugin to restrict json rest api, which you want to restrict to use from outside",0,530,"2024-03-28T06:51:00.000Z","6.4.8","5.0.1","",[18,19,20],"api","json-api","rest-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestrict-json-rest-api.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":22,"computed_at":32},"rajatdev",3,87,30,"2026-05-19T22:53:12.658Z",[34,55,75,90,108],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":16,"tags":49,"homepage":52,"download_link":53,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"rest-api-toolbox","REST API Toolbox","1.4.4","Pete Nelson","https:\u002F\u002Fprofiles.wordpress.org\u002Fgungeekatx\u002F","\u003Cp>Allows tweaking of several REST API settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable the REST API\u003C\u002Fli>\n\u003Cli>Remove WordPress core endpoints\u003C\u002Fli>\n\u003Cli>Require authentication for core endpoints\u003C\u002Fli>\n\u003Cli>Force SSL\u003C\u002Fli>\n\u003Cli>WP-CLI commands: wp rest-api-toolbox\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Find us on GitHub at https:\u002F\u002Fgithub.com\u002Fpetenelson\u002Fwp-rest-api-toolbox\u003C\u002Fp>\n\u003Cp>(Creative commons toolbox image provided by James Tworow https:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Fsherlock77\u002F)\u003C\u002Fp>\n","Allows tweaking of several REST API settings",2000,41155,100,8,"2025-01-02T16:18:00.000Z","6.7.5","4.4",[19,50,20,51],"rest","wp-rest-api","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frest-api-toolbox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frest-api-toolbox.1.4.4.zip",92,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":44,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":16,"tags":69,"homepage":73,"download_link":74,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"rest-api-helper","REST API Helper","2.2.8","JasmanXcrew","https:\u002F\u002Fprofiles.wordpress.org\u002Fjasmanxcrew\u002F","\u003Cp>This plugin help REST API for display featured media source, author, categories, and custom fields.\u003Cbr \u002F>\nThis plugin is made for \u003Ca href=\"https:\u002F\u002Fgoo.gl\u002FqznlXo\" rel=\"nofollow ugc\">Ionic Mobile App Builder\u003C\u002Fa>, suitable used for ionic framework.\u003Cbr \u002F>\nThis plugin also support for display custom field in metabox and also make it allow crossorigin only for json files. Compatible with wp-restapi2 and json-api.\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n* Product listing without Woo API\u003Cbr \u002F>\n* REST-API Auth Basic\u003Cbr \u002F>\n* Fix CORS and Preflight CORS (Example Issue: Request header field ……. is not allowed by Access-Control-Allow-Headers in preflight response.)\u003Cbr \u002F>\n* Woo ACF Gallery\u003Cbr \u002F>\n* Gallery JSON Array or Object\u003Cbr \u002F>\n* One Signal Push\u003Cbr \u002F>\n* Custom Field Support\u003Cbr \u002F>\n* Fix issue render VisualComposer ([vc_row]Hello World . . .[\u002Fvc_row])\u003C\u002Fp>\n\u003Ch3>Woocommerce\u003C\u002Fh3>\n\u003Cp>for enable Woo product and categories without authorization, add this code in wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_WOO\", true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can changing custom field for gallery (default woo using _product_image_gallery metakey), add this line\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_WOO_ACF_GALLERY\", 'images'); \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>and for type data object or string (default string, separator with coma)\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_WOO_ACF_GALLERY_OBJECT\", false);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>OneSignal Sender\u003C\u002Fh3>\n\u003Cp>for enable oneSignal Sender add this code in wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_ONESIGNAL_PUSH\", true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>then fix your app_id and app_key\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_ONESIGNAL_PUSH\", false);\ndefine(\"IMH_ONESIGNAL_PAGE_IN_APP\", 'post_singles'); \u002F\u002Fthis additional data (key: page and value: post_singles\u002Fpost_id)\ndefine(\"IMH_ONESIGNAL_APP_ID\", '31ee45e2-c63d-4048-903a-89ca43f3afa2');\ndefine(\"IMH_ONESIGNAL_APP_KEY\", 'YzUzNmZkOTAtMmVlMC00OWIzLThlNGQtMzQyYzzyNmFhZjcw');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Anonymous Comments\u003C\u002Fh3>\n\u003Cp>You can allow anonymous comments using configuration:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_ALLOW_PREFLIGHT_CORS\",true); \u002F\u002Frequired for method post\ndefine(\"IMH_ANONYMOUS_COMMENTS\",true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>send comment using url like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Fwordpress.co.id\u002Fwp-json\u002Fwp\u002Fv2\u002Fcomments?author_name=Your Name Here&author_email=your-email-address@website-address-here.com&author_name=Your Name Here&content=Your Comment Here&post=20\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Register REST-API\u003C\u002Fh3>\n\u003Cp>You can allow register new user using configuration:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_RESTAPI_REGISTER\",true); \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>End Point:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwordpress.co.id\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u002Fregister\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Visual Composer\u003C\u002Fh3>\n\u003Cp>Fix issue render VisualComposer Content\u003C\u002Fp>\n\u003Cp>Response is:\u003Cbr \u002F>\n[vc_row]Hello World . . .[\u002Fvc_row]\u003Cbr \u002F>\nResponse should be:\u003C\u002Fp>\n\u003Cp>Hello World . . .\u003C\u002Fp>\n\u003Cp>add this code in wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define(\"IMH_VC_SHORTCODE\",true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fihsana.com\" rel=\"nofollow ugc\">Ihsana Global Solusindo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"ihsana.com\u002Fi\u002F?u=imabuilder\" rel=\"nofollow ugc\">IMA BuildeRz – Ionic Mobile App Builder + Code Generator \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fihsana.com\u002Fi\u002F?u=iwpdev\" rel=\"nofollow ugc\">iWP-DevToolz – WordPress Plugin Maker + Code Generator \u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin help REST API for display featured media source, author, categories, and custom fields.",600,22582,1,"2022-01-02T16:25:00.000Z","5.3.21","4.0",[70,71,19,72,20],"ionic","json","mobile-app","http:\u002F\u002Fihsana.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frest-api-helper.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":11,"num_ratings":11,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":16,"tags":88,"homepage":16,"download_link":89,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"kill-json-rest-api","Kill JSON REST API","1.1.0","arminmeth","https:\u002F\u002Fprofiles.wordpress.org\u002Farminmeth\u002F","\u003Cp>While WordPress is slowly but surely becoming a complete application framework and JSON REST API is huge step in this direction, there is a large number of WordPress users that do not need advanced features like those offered by WordPress JSON REST API. This plugin helps them to turn those advanced features off and not worry about it.\u003C\u002Fp>\n\u003Cp>While other similar plugins disable JSON REST API functionality only for anonymous users, Kill JSON REST API completely disables the framework for all users and removes links and tags from head element.\u003C\u002Fp>\n","Completely disables JSON REST API for both registered and anonymous users in WordPress 4.7.* and removes API links and tags.",20,2823,"2017-02-15T10:03:00.000Z","4.7.33","4.7",[18,71,19,50,20],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkill-json-rest-api.1.1.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":11,"num_ratings":11,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":16,"tags":103,"homepage":106,"download_link":107,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"wp-rest-api-multilanguage-over-wmpl","WP REST API multilanguage (over WMPL)","0.1","elemind","https:\u002F\u002Fprofiles.wordpress.org\u002Felemind\u002F","\u003Cp>Plugin will allow you to fetch the WP REST API call with a “lang” variable.\u003Cbr \u002F>\nIt will retrieve the right content from WPML.\u003C\u002Fp>\n\u003Cp>Tested with the latest version of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WPML 3.2.7\u003C\u002Fli>\n\u003Cli>WP REST API 2.0-beta4\u003C\u002Fli>\n\u003C\u002Ful>\n","Allows you to request a language with your WP-API and WPML site.",10,2113,"2015-11-02T14:42:00.000Z","4.3.34","4.3.0",[19,104,51,105],"multilanguage","wpml","http:\u002F\u002Felemind.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rest-api-multilanguage-over-wmpl.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":31,"num_ratings":118,"last_updated":119,"tested_up_to":16,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":125,"download_link":126,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"woocommerce-legacy-rest-api","WooCommerce Legacy REST API","1.0.5","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fdeveloper.woocommerce.com\u002F2023\u002F10\u002F03\u002Fthe-legacy-rest-api-will-move-to-a-dedicated-extension-in-woocommerce-9-0\u002F\" rel=\"nofollow ugc\">The Legacy REST API will no longer part of WooCommerce as of version 9.0\u003C\u002Fa>. This plugin restores the full functionality of the removed Legacy REST API code in WooCommerce 9.0 and later versions.\u003C\u002Fp>\n\u003Cp>For all intents and purposes, having this plugin installed and active in WooCommerce 9.0 and newer versions is equivalent to enabling the Legacy REST API in WooCommerce 8.9 and older versions (via WooCommerce – Settings – Advanced – Legacy API). All the endpoints work the same way, and existing user keys also continue working.\u003C\u002Fp>\n\u003Cp>On the other hand, installing this plugin together with WooCommerce 8.9 or an older version is safe: the plugin detects that the Legacy REST API is still part of WooCommerce and doesn’t initialize itself as to not interfere with the built-in code.\u003C\u002Fp>\n\u003Cp>Please note that \u003Cstrong>the Legacy REST API is not compatible with \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fdocument\u002Fhigh-performance-order-storage\u002F\" rel=\"nofollow ugc\">High-Performance Order Storage\u003C\u002Fa>\u003C\u002Fstrong>. Upgrading the code that relies on the Legacy REST API to use the current WooCommerce REST API instead is highly recommended.\u003C\u002Fp>\n","The WooCommerce Legacy REST API, which is now part of WooCommerce itself but will be removed in WooCommerce 9.0.",400000,2335738,28,"2025-01-23T18:59:00.000Z","6.2","7.4",[20,123,124],"woo","woocommerce","https:\u002F\u002Fgithub.com\u002Fwoocommerce\u002Fwoocommerce-legacy-rest-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoocommerce-legacy-rest-api.1.0.5.zip",{"attackSurface":128,"codeSignals":149,"taintFlows":157,"riskAssessment":158,"analyzedAt":161},{"hooks":129,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":11,"unprotectedCount":11},[130,136,139],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","admin_menu","rjrapi_disable_menu","pages\u002Fadmin-menu.php",2,{"type":131,"name":137,"callback":138,"file":134,"line":83},"admin_init","rjrapi_settings_fields",{"type":140,"name":141,"callback":142,"file":143,"line":144},"filter","rest_endpoints","rjrapi_disable_default_endpoints","restrict-wp-json-rest-api.php",27,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":156},[],{"prepared":11,"raw":11,"locations":152},[],{"escaped":154,"rawEcho":11,"locations":155},4,[],[],[],{"summary":159,"deductions":160},"The restrict-json-rest-api plugin v1.0 presents a strong initial security posture based on the provided static analysis.  There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero-member attack surface, and crucially, no unprotected entry points.  The code also demonstrates good practices by avoiding dangerous functions, performing all SQL queries with prepared statements, and properly escaping all identified output operations.  Furthermore, there are no file operations, external HTTP requests, or bundled libraries to consider, and the taint analysis shows no concerning flows.  This suggests a well-written and security-conscious plugin at this version.",[],"2026-04-16T14:45:35.692Z",{"wat":163,"direct":168},{"assetPaths":164,"generatorPatterns":165,"scriptPaths":166,"versionParams":167},[],[],[],[],{"cssClasses":169,"htmlComments":170,"htmlAttributes":171,"restEndpoints":172,"jsGlobals":173,"shortcodeOutput":174},[],[],[],[],[],[],{"error":176,"url":177,"statusCode":178,"statusMessage":179,"message":179},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Frestrict-json-rest-api\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":181},[]]