[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fl1BvnP0pikOPP7-xK1cZx7v_7GJKn0AKJg5uR-1Y39Q":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":130,"fingerprints":412},"safe-wp-updates-by-wp-boom","\"Safe WP Updates\" by WP Boom","1.3.61","wpboom","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpboom\u002F","\u003Cp>A site cloning and visual testing tool that allows creation of development sites for WordPress update testing through visual comparison via the Wp Boom service.\u003C\u002Fp>\n\u003Ch3>3rd Party or External Services\u003C\u002Fh3>\n\u003Cp>This plugin utilizes (2) 3rd party services located at:\u003C\u002Fp>\n\u003Ch4>https:\u002F\u002Fapp.wpboom.com\u002Fapi\u002Fv1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>This service is the core of our plugin which allows us to queue remote screenshot of web pages and manage account-specific details for registered and unregistered usage of our snapshot service.\u003C\u002Fli>\n\u003Cli>Terms of Service Link: https:\u002F\u002Fwww.wpboom.com\u002Fterms-of-service\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>https:\u002F\u002Fopenai.chrisbond.dev\u002Ftunnel.php\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>This service allows us to overcome certain roadblocks that occur due restrictions that users may not know exist on their host (such as internal IP addressing and DNS). These issues usually result in the inability for this plugin to communicate with our service located at https:\u002F\u002Fapp.wpboom.com\u003C\u002Fli>\n\u003Cli>Terms of Service Link: Link is embedded in JSON response when unauthenticated requests are made (you can see the response just by visiting the page at https:\u002F\u002Fopenai.chrisbond.dev\u002Ftunnel.php) and are the same terms located at https:\u002F\u002Fwww.wpboom.com\u002Fterms-of-service\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","A site cloning and visual testing tool that allows creation of development sites for WordPress update testing.",0,696,100,2,"2025-01-21T11:14:00.000Z","6.7.5","6.2","7.4",[20,21,22],"development","testing","utility","https:\u002F\u002Fwww.wpboom.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafe-wp-updates-by-wp-boom.1.3.61.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,88,"2026-04-04T15:40:09.960Z",[35,58,77,96,114],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"sf-adminbar-tools","Admin Bar Tools","4.0","Grégory Viguier","https:\u002F\u002Fprofiles.wordpress.org\u002Fgreglone\u002F","\u003Cp>The plugin adds a new tab in your admin bar with simple but useful indications and tools.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the number of queries in your page and the amount of time to generate the page.\u003C\u002Fli>\n\u003Cli>Displays the php memory usage and php memory limits (constants \u003Ccode>WP_MEMORY_LIMIT\u003C\u002Fcode> and \u003Ccode>WP_MAX_MEMORY_LIMIT\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>displays the php version and WP version.\u003C\u002Fli>\n\u003Cli>Displays \u003Ccode>WP_DEBUG\u003C\u002Fcode>, \u003Ccode>SCRIPT_DEBUG\u003C\u002Fcode>, \u003Ccode>WP_DEBUG_LOG\u003C\u002Fcode>, \u003Ccode>WP_DEBUG_DISPLAY\u003C\u002Fcode>, and error reporting values.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>In your site front-end:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lists the template and all template parts used in the current page (template parts added with \u003Ccode>get_template_part()\u003C\u002Fcode>). Compatible with WooCommerce’s templates.\u003C\u002Fli>\n\u003Cli>\u003Ccode>$wp_query\u003C\u002Fcode>: this will open a lightbox displaying the content of \u003Ccode>$wp_query\u003C\u002Fcode>. Click the lightbox title to reload the value, click outside the lightbox to close it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>In your site administration:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Admin hooks: lists some oftenly used hooks (like \u003Ccode>admin_init\u003C\u002Fcode>). The indicator to the right of the line tells you how many times the hook has been triggered by a callback. A “P” means the hook has a parameter: hover it for more details. Click a hook (on its text) to auto-select its code, for example: click \u003Cem>admin_init\u003C\u002Fem> to select \u003Ccode>add_action( 'admin_init', '' );\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>$current_screen\u003C\u002Fcode>: displays the value of 4 properties of this object: \u003Ccode>id\u003C\u002Fcode>, \u003Ccode>base\u003C\u002Fcode>, \u003Ccode>parent_base\u003C\u002Fcode>, \u003Ccode>parent_file\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>$...now\u003C\u002Fcode>: displays the value of the well-known variables \u003Ccode>$pagenow\u003C\u002Fcode>, \u003Ccode>$typenow\u003C\u002Fcode>, and \u003Ccode>$taxnow\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>On a user profile page, \u003Ccode>$userdata\u003C\u002Fcode>: : this will open a lightbox displaying the user’s data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can decide who’s gonna use this plugin (go to your profile page for all the settings). This way, the plugin’s items won’t show up to other users (your client for example).\u003Cbr \u002F>\nAlso, a new menu item \u003Ccode>Code Tester\u003C\u002Fcode> will appear. There you are able to do some tests with your code.\u003C\u002Fp>\n","Adds some small development tools to the admin bar.",400,15121,96,8,"2021-01-18T16:09:00.000Z","5.6.0","4.7","5.6",[52,20,53,21,54],"debug","query","tests","https:\u002F\u002Fwww.screenfeed.fr\u002Fsf-abt\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsf-adminbar-tools.zip",85,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":30,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":75,"download_link":76,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"eli-php-compatibility-scanner","Eli's PHP Compatibility Scanner","1.1.1","Eli Hanna","https:\u002F\u002Fprofiles.wordpress.org\u002Feliehanna\u002F","\u003Cp>\u003Cstrong>⚠️ Important: Development Environment Only\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is designed for development environments like LocalWP, XAMPP, or self-hosted servers. It will \u003Cstrong>not work\u003C\u002Fstrong> on most managed hosting providers (WP Engine, Kinsta, SiteGround, etc.) due to security restrictions that disable the \u003Ccode>exec()\u003C\u002Fcode> function and limit access to PHP binaries.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How It Works\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin leverages \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsquizlabs\u002FPHP_CodeSniffer\" rel=\"nofollow ugc\">PHP_CodeSniffer\u003C\u002Fa> with the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPHPCompatibility\u002FPHPCompatibility\" rel=\"nofollow ugc\">PHPCompatibility\u003C\u002Fa> standard to perform deep static analysis of your PHP code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core Components:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Bundled Dependencies\u003C\u002Fstrong>: Includes PHP_CodeSniffer and PHPCompatibility ruleset\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Batch Processing\u003C\u002Fstrong>: Scans files in configurable batches (10-100 files) to manage memory usage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Command Execution\u003C\u002Fstrong>: Executes PHPCS via PHP’s \u003Ccode>exec()\u003C\u002Fcode> function with specific parameters\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server-Side State\u003C\u002Fstrong>: Stores file lists in WordPress options to optimize AJAX requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Progressive UI\u003C\u002Fstrong>: Real-time batch results with stop\u002Fstart controls\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>How to Use:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Navigate to \u003Cstrong>Tools \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> PHP Compatibility Scanner\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Review the \u003Cstrong>System Check\u003C\u002Fstrong> section to ensure your environment is compatible\u003C\u002Fli>\n\u003Cli>Select the \u003Cstrong>plugins and\u002For themes\u003C\u002Fstrong> you want to scan by checking their boxes\u003C\u002Fli>\n\u003Cli>Configure your scan options:\n\u003Cul>\n\u003Cli>\u003Cstrong>Target PHP Version\u003C\u002Fstrong>: Choose the PHP version you want to test against (7.4 – 8.4)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Batch Size\u003C\u002Fstrong>: Select how many files to process at once (default: 50 files)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Skip Vendor Directory\u003C\u002Fstrong>: Keep checked to skip third-party dependencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Start Scan\u003C\u002Fstrong> to begin the compatibility check\u003C\u002Fli>\n\u003Cli>View results in real-time as each plugin\u002Ftheme is scanned\u003C\u002Fli>\n\u003Cli>Review any \u003Cstrong>errors\u003C\u002Fstrong> (❌) or \u003Cstrong>warnings\u003C\u002Fstrong> (⚠️) found in your code\u003C\u002Fli>\n\u003Cli>Click on any target to expand and see detailed compatibility issues\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Why It Requires Development Environments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ccode>exec()\u003C\u002Fcode> Function\u003C\u002Fstrong>: Required to run PHPCS binary – disabled on managed hosts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP Binary Access\u003C\u002Fstrong>: Needs access to PHP executable – restricted on shared hosting\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Composer Dependencies\u003C\u002Fstrong>: Requires vendor directory with PHPCS installation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File System Access\u003C\u002Fstrong>: Creates temporary files for batch processing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory\u002FTime Limits\u003C\u002Fstrong>: Long-running scans need relaxed execution limits\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Supported Environments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>LocalWP\u003C\u002Fstrong> (recommended)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XAMPP\u002FMAMP\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Docker WordPress\u003C\u002Fstrong> setups\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Self-hosted\u003C\u002Fstrong> VPS\u002Fdedicated servers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Development\u003C\u002Fstrong> environments with shell access\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Unsupported Environments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WP Engine\u003C\u002Fstrong> (exec() disabled)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Kinsta\u003C\u002Fstrong> (security restrictions)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SiteGround\u003C\u002Fstrong> (managed hosting limitations)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GoDaddy Managed WordPress\u003C\u002Fstrong> (function restrictions)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress.com\u003C\u002Fstrong> (no plugin uploads)\u003C\u002Fli>\n\u003Cli>Most \u003Cstrong>shared hosting\u003C\u002Fstrong> providers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>This plugin is actively developed for WordPress development environments. Contributions are welcome, especially:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Additional PHP version compatibility rules\u003C\u002Fli>\n\u003Cli>Performance optimizations\u003C\u002Fli>\n\u003Cli>UI\u002FUX improvements\u003C\u002Fli>\n\u003Cli>Hosted environment compatibility solutions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Technical Details\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Dependencies\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>PHP_CodeSniffer\u003C\u002Fstrong>: ^3.13 (static analysis engine)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHPCompatibility\u003C\u002Fstrong>: dev-develop (compatibility ruleset)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>License\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>GPLv2 or later – same as WordPress core.\u003C\u002Fp>\n","A comprehensive WordPress plugin that scans your plugins and themes for PHP version compatibility issues using the  PHPCompatibility ruleset.",891,"2026-03-09T20:55:00.000Z","6.9.4","4.5",[71,72,73,21,74],"code-quality","compatibility","phpcs","wordpress-development","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feli-php-compatibility-scanner","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feli-php-compatibility-scanner.1.1.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":11,"num_ratings":11,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":94,"download_link":95,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"test-email-redirector","Test Email Redirector","1.3.3","Zaib Makda","https:\u002F\u002Fprofiles.wordpress.org\u002Fconnectzaib\u002F","\u003Cp>The Test Email Redirector ensures no accidental emails reach real users during WordPress development, staging, or testing. Redirect’s all outgoing emails to a designated test address. Additional features include optional CC\u002FBCC addresses and the ability to include original recipient information in the forwarded email.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Redirect all outgoing emails to a test email address.\u003Cbr \u002F>\n– Add optional CC and BCC addresses.\u003Cbr \u002F>\n– Include original recipient information in the forwarded email.\u003Cbr \u002F>\n– Enable or disable email redirection without deactivating the plugin.\u003Cbr \u002F>\n– Fully configurable via the WordPress admin Tools menu.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">License URI\u003C\u002Fa> for details.\u003C\u002Fp>\n","Redirects all outgoing WordPress emails to a specified test address for development and testing purposes.",60,534,"2025-08-01T09:59:00.000Z","6.8.5","5.0","7.2",[20,92,93,21],"email","forward","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftest-email-redirector.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":11,"num_ratings":11,"last_updated":106,"tested_up_to":68,"requires_at_least":50,"requires_php":107,"tags":108,"homepage":112,"download_link":113,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wowholic-core","Wowholic CORE","1.1.3","Wowholic","https:\u002F\u002Fprofiles.wordpress.org\u002Fwowholic\u002F","\u003Ch3>CORE: WordPress utilities\u003C\u002Fh3>\n\u003Cp>CORE is a utility-based, unintrusive WordPress plugin. It offers a simple UI to tweak many sensible default settings to quickstart your new fresh WordPress project. It’s recommended for developers building custom themes with ACF.\u003C\u002Fp>\n\u003Cp>CORE builds on top of Wowholic’s +5 years of experience developing fully custom WordPress sites, for all sorts of customers and industries. We made this plugin to be more efficient and productive in our own work, and we hope it helps you too!\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Clean up unnecessary WordPress’ defaults:\n\u003Cul>\n\u003Cli>Remove comments widget styles\u003C\u002Fli>\n\u003Cli>Remove WP version from RSS feed\u003C\u002Fli>\n\u003Cli>Remove Gutenberg block library CSS (only if Classic Editor plugin is active)\u003C\u002Fli>\n\u003Cli>Remove RSD link\u003C\u002Fli>\n\u003Cli>Remove post, category and comment feed links\u003C\u002Fli>\n\u003Cli>Remove Windows Live Writer link\u003C\u002Fli>\n\u003Cli>Remove canonical link\u003C\u002Fli>\n\u003Cli>Remove shortlink\u003C\u002Fli>\n\u003Cli>Remove relational adjacent links\u003C\u002Fli>\n\u003Cli>Remove emoji detection script and styles\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Disable Theme & Plugin Editors, Widgets Admin Page, Default Post Type and Comments\u003C\u002Fli>\n\u003Cli>Set up some default redirections (archives, attachment pages…)\u003C\u002Fli>\n\u003Cli>Set up a visual grid on different breakpoints for debugging layout styles\u003C\u002Fli>\n\u003Cli>Enable layout spacing utility for debugging distances between elements (using \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fstevenlei\u002Fspacingjs\" rel=\"nofollow ugc\">spacingjs\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Add custom format options to TinyMCE \u003Cem>(only if Classic Editor is active)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Allow removing unnecessary buttons from TinyMCE \u003Cem>(only if Classic Editor is active)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Enable Theme Options \u003Cem>(only if ACF is active)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Add label next to Flexible Content Layout name \u003Cem>(only if ACF is active)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Allow shortcodes in excerpts, textareas and text fields \u003Cem>(only if ACF is active)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Enable pretty Search URL\u003C\u002Fli>\n\u003Cli>Enable \u003Ccode>[email]\u003C\u002Fcode> shortcode for antispam\u003C\u002Fli>\n\u003Cli>Change WordPress’ upload size limit\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Some of these features are contextual, which means that they won’t show or work unless some condition is met (usually, if a given plugin is active or not).\u003C\u002Fp>\n\u003Ch3>Community Feedback\u003C\u002Fh3>\n\u003Cp>Although already providing many features, this plugin is still in its early stages of development. Please reach out to us for any constructive feedback you might have!\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cp>If you want to read contributing guidelines, you can find them at the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWowholic\u002FCORE\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>\u003C\u002Fp>\n","CORE makes you faster and more efficient when developing custom WordPress sites.",40,2316,"2025-12-04T09:20:00.000Z","7.0",[109,20,110,111,22],"custom-themes","efficiency","productivity","https:\u002F\u002Fgithub.com\u002FWowholic\u002FCORE","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwowholic-core.1.1.3.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":11,"num_ratings":11,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":48,"tags":127,"homepage":94,"download_link":129,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"back-to-the-theme","Back To The Theme","1.2.0","Mikael Korpela","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimison\u002F","\u003Cp>A tool to observe how a page loads in different themes simultaneously.\u003Cbr \u002F>\nUseful for debugging plugins or Gutenberg blocks.\u003C\u002Fp>\n\u003Cp>How to Use:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install several themes you’d like to check out.\u003C\u002Fli>\n\u003Cli>Create a new page.\u003C\u002Fli>\n\u003Cli>Navigate to \u003Cem>Tools\u003C\u002Fem> \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Cem>Back To The Theme\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Choose if you want to demo editor- or view side.\u003C\u002Fli>\n\u003Cli>Select the themes you’d like to check out.\u003C\u002Fli>\n\u003Cli>Choose the page you just created. This page will be previewed with all the themes you’ve selected.\u003C\u002Fli>\n\u003Cli>Click \u003Cem>Do it!\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Scroll to see the page rendered with all the themes you selected.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You’ll see your page load with different themes in a bunch of iframes for handy preview and debugging.\u003C\u002Fp>\n\u003Cp>A nice list of popular themes to test:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>wp theme install \\\u003Cbr \u002F>\n  astra \\\u003Cbr \u002F>\n  colormag \\\u003Cbr \u002F>\n  customizr \\\u003Cbr \u002F>\n  generatepress \\\u003Cbr \u002F>\n  hestia \\\u003Cbr \u002F>\n  hueman \\\u003Cbr \u002F>\n  oceanwp \\\u003Cbr \u002F>\n  shapely \\\u003Cbr \u002F>\n  storefront \\\u003Cbr \u002F>\n  sydney \\\u003Cbr \u002F>\n  twentyeleven \\\u003Cbr \u002F>\n  twentyfifteen \\\u003Cbr \u002F>\n  twentyfourteen \\\u003Cbr \u002F>\n  twentynineteen \\\u003Cbr \u002F>\n  twentyseventeen \\\u003Cbr \u002F>\n  twentysixteen \\\u003Cbr \u002F>\n  twentyten \\\u003Cbr \u002F>\n  twentythirteen \\\u003Cbr \u002F>\n  twentytwelve \\\u003Cbr \u002F>\n  vantage\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Cp>See docs for \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Ftheme\u002Finstall\u002F\" rel=\"nofollow ugc\">wp theme install\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsimison\u002Fback-to-the-theme\" rel=\"nofollow ugc\">Plugin’s source code on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","See a page with different themes all at once, just like that!",10,1687,"2019-03-01T22:26:00.000Z","5.1.22","4.6",[52,20,21,128],"themes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fback-to-the-theme.zip",{"attackSurface":131,"codeSignals":215,"taintFlows":306,"riskAssessment":398,"analyzedAt":411},{"hooks":132,"ajaxHandlers":183,"restRoutes":190,"shortcodes":209,"cronEvents":210,"entryPointCount":214,"unprotectedCount":214},[133,139,143,147,151,154,158,162,166,170,175,179],{"type":134,"name":135,"callback":136,"priority":13,"file":137,"line":138},"action","admin_enqueue_scripts","admin_load_js","safe-wp-updates-by-wp-boom.php",55,{"type":134,"name":140,"callback":141,"file":137,"line":142},"init","closure",106,{"type":134,"name":144,"callback":145,"file":137,"line":146},"admin_notices","safeupdates_admin_notice",126,{"type":148,"name":149,"callback":141,"file":137,"line":150},"filter","the_content",135,{"type":134,"name":152,"callback":141,"file":137,"line":153},"wp_enqueue_scripts",147,{"type":134,"name":155,"callback":141,"priority":156,"file":137,"line":157},"save_post",11,158,{"type":148,"name":159,"callback":160,"priority":122,"file":137,"line":161},"safeupdates_cron_ajax","safeupdates_ajax",172,{"type":134,"name":163,"callback":164,"file":137,"line":165},"admin_menu","safeupdates_admin_menu",193,{"type":134,"name":167,"callback":168,"file":137,"line":169},"rest_api_init","safeupdates_register_api_endpoints",538,{"type":134,"name":171,"callback":172,"priority":173,"file":137,"line":174},"admin_bar_menu","safeupdates_toolbar_link_to_wpboom",80,557,{"type":148,"name":176,"callback":177,"priority":122,"file":137,"line":178},"heartbeat_received","safeupdates_heartbeat_received",571,{"type":148,"name":180,"callback":181,"file":137,"line":182},"heartbeat_settings","safeupdates_change_frequency_of_heartbeat_settings",577,[184,187],{"action":160,"nopriv":185,"callback":160,"hasNonce":185,"hasCapCheck":185,"file":137,"line":186},false,56,{"action":188,"nopriv":185,"callback":141,"hasNonce":185,"hasCapCheck":185,"file":137,"line":189},"safeupdates_news",63,[191,199,204],{"namespace":192,"route":193,"methods":194,"callback":196,"permissionCallback":197,"file":137,"line":198},"wpboom\u002Fv2","\u002Fstatus",[195],"GET","safeupdates_REST_status","__return_true",508,{"namespace":192,"route":200,"methods":201,"callback":202,"permissionCallback":197,"file":137,"line":203},"\u002Fsnapshot_completed\u002F(?P\u003Ctoken>[a-zA-Z0-9-=.]+)\u002F(?P\u003Capi>[a-zA-Z0-9-=.]+)\u002F(?P\u003Cregistered>(true|false))",[195],"safeupdates_REST_snapshot_completed",515,{"namespace":192,"route":205,"methods":206,"callback":207,"permissionCallback":197,"file":137,"line":208},"\u002Fsync\u002F(?P\u003Ctoken>[a-zA-Z0-9-=]+)",[195],"safeupdates_REST_sync",525,[],[211],{"hook":159,"callback":159,"file":212,"line":213},"includes\\classes\\wpboom.php",318,5,{"dangerousFunctions":216,"sqlUsage":285,"outputEscaping":288,"fileOperations":303,"externalRequests":290,"nonceChecks":304,"capabilityChecks":14,"bundledLibraries":305},[217,222,225,229,232,235,238,241,244,246,248,250,252,255,258,261,263,265,268,270,273,275,277,279,281,283],{"fn":218,"file":219,"line":220,"context":221},"exec","dashboard.php",19,"@exec( $cmd,$wpcli_response);",{"fn":218,"file":219,"line":223,"context":224},21,"@exec($cmd,$wpcli_response);",{"fn":218,"file":226,"line":227,"context":228},"includes\\classes\\base-lib.php",231,"$line_count = @exec($copy_line_count_cmd);",{"fn":218,"file":226,"line":230,"context":231},237,"@exec($cmd);",{"fn":218,"file":226,"line":233,"context":234},254,"$path = @exec(\"which \" .$options['path_to_wpcli']);",{"fn":218,"file":226,"line":236,"context":237},256,"$path = @exec(\"which wp\");",{"fn":218,"file":226,"line":239,"context":240},298,"$path = @exec(\"which convert\");",{"fn":218,"file":226,"line":242,"context":243},325,"@exec($cmd,$result);",{"fn":218,"file":226,"line":245,"context":243},347,{"fn":218,"file":226,"line":247,"context":231},432,{"fn":218,"file":226,"line":249,"context":231},435,{"fn":218,"file":226,"line":251,"context":243},621,{"fn":218,"file":212,"line":253,"context":254},251,"@exec(\"cd {$path};{$wp_cli_command} plugin list --fields=name,status,update,version,update_version,u",{"fn":218,"file":212,"line":256,"context":257},264,"@exec(\"cd {$path};{$wp_cli_command} plugin update {$plugin_name} --format=json\",$message);",{"fn":218,"file":212,"line":259,"context":260},297,"@exec($cmd1);",{"fn":218,"file":212,"line":239,"context":262},"@exec($cmd2);",{"fn":218,"file":212,"line":264,"context":243},378,{"fn":218,"file":212,"line":266,"context":267},392,"$error_log = @exec(\"tail -n 50 \" . ABSPATH . $prefix . \"\u002Ferror_log\",$result);",{"fn":218,"file":212,"line":269,"context":243},567,{"fn":218,"file":212,"line":271,"context":272},568,"$message =  @exec($cmd . ' | wc -l');",{"fn":218,"file":212,"line":274,"context":231},581,{"fn":218,"file":212,"line":276,"context":231},587,{"fn":218,"file":212,"line":278,"context":243},598,{"fn":218,"file":212,"line":280,"context":260},635,{"fn":218,"file":212,"line":282,"context":262},636,{"fn":218,"file":212,"line":284,"context":231},687,{"prepared":286,"raw":11,"locations":287},28,[],{"escaped":289,"rawEcho":290,"locations":291},226,4,[292,295,298,300],{"file":226,"line":293,"context":294},57,"raw output",{"file":296,"line":297,"context":294},"templates\\modals.php",281,{"file":296,"line":299,"context":294},304,{"file":301,"line":302,"context":294},"templates\\pages.php",151,6,3,[],[307,359,379,389],{"entryPoint":308,"graph":309,"unsanitizedCount":11,"severity":358},"safeupdates_ajax (includes\\classes\\wpboom.php:166)",{"nodes":310,"edges":351},[311,316,322,326,331,334,338,341,344,346],{"id":312,"type":313,"label":314,"file":212,"line":315},"n0","source","$_POST (x9)",198,{"id":317,"type":318,"label":319,"file":212,"line":320,"wp_function":321},"n1","sink","update_option() [Settings Manipulation]",243,"update_option",{"id":323,"type":313,"label":324,"file":212,"line":325},"n2","$_POST",195,{"id":327,"type":318,"label":328,"file":212,"line":329,"wp_function":330},"n3","get_var() [SQLi]",286,"get_var",{"id":332,"type":313,"label":333,"file":212,"line":325},"n4","$_POST (x6)",{"id":335,"type":318,"label":336,"file":212,"line":337,"wp_function":53},"n5","query() [SQLi]",290,{"id":339,"type":313,"label":340,"file":212,"line":325},"n6","$_POST (x8)",{"id":342,"type":318,"label":343,"file":212,"line":264,"wp_function":218},"n7","exec() [RCE]",{"id":345,"type":313,"label":324,"file":212,"line":325},"n8",{"id":347,"type":318,"label":348,"file":212,"line":349,"wp_function":350},"n9","get_results() [SQLi]",624,"get_results",[352,354,355,356,357],{"from":312,"to":317,"sanitized":353},true,{"from":323,"to":327,"sanitized":353},{"from":332,"to":335,"sanitized":353},{"from":339,"to":342,"sanitized":353},{"from":345,"to":347,"sanitized":353},"low",{"entryPoint":360,"graph":361,"unsanitizedCount":11,"severity":358},"\u003Cwpboom> (includes\\classes\\wpboom.php:0)",{"nodes":362,"edges":373},[363,364,365,366,367,368,369,370,371,372],{"id":312,"type":313,"label":314,"file":212,"line":315},{"id":317,"type":318,"label":319,"file":212,"line":320,"wp_function":321},{"id":323,"type":313,"label":324,"file":212,"line":325},{"id":327,"type":318,"label":328,"file":212,"line":329,"wp_function":330},{"id":332,"type":313,"label":333,"file":212,"line":325},{"id":335,"type":318,"label":336,"file":212,"line":337,"wp_function":53},{"id":339,"type":313,"label":340,"file":212,"line":325},{"id":342,"type":318,"label":343,"file":212,"line":264,"wp_function":218},{"id":345,"type":313,"label":324,"file":212,"line":325},{"id":347,"type":318,"label":348,"file":212,"line":349,"wp_function":350},[374,375,376,377,378],{"from":312,"to":317,"sanitized":353},{"from":323,"to":327,"sanitized":353},{"from":332,"to":335,"sanitized":353},{"from":339,"to":342,"sanitized":353},{"from":345,"to":347,"sanitized":353},{"entryPoint":380,"graph":381,"unsanitizedCount":11,"severity":358},"safeupdates_dashboard_page_content (safe-wp-updates-by-wp-boom.php:205)",{"nodes":382,"edges":387},[383,385],{"id":312,"type":313,"label":384,"file":137,"line":289},"$_POST (x2)",{"id":317,"type":318,"label":319,"file":137,"line":386,"wp_function":321},249,[388],{"from":312,"to":317,"sanitized":353},{"entryPoint":390,"graph":391,"unsanitizedCount":11,"severity":358},"\u003Csafe-wp-updates-by-wp-boom> (safe-wp-updates-by-wp-boom.php:0)",{"nodes":392,"edges":396},[393,395],{"id":312,"type":313,"label":394,"file":137,"line":289},"$_POST (x4)",{"id":317,"type":318,"label":319,"file":137,"line":386,"wp_function":321},[397],{"from":312,"to":317,"sanitized":353},{"summary":399,"deductions":400},"The safe-wp-updates-by-wp-boom plugin exhibits a concerning security posture due to a significant number of unprotected entry points. All identified AJAX handlers and REST API routes lack proper authentication and permission checks. While the static analysis indicates good practices in SQL query sanitization (100% prepared statements) and output escaping (98%), the absence of authorization on such a large portion of the attack surface presents a substantial risk.  Taint analysis revealed no critical or high-severity vulnerabilities, and the plugin's vulnerability history is clean, suggesting a lack of publicly known exploits. However, the inherent risk from the unprotected entry points cannot be overlooked. The plugin's strengths lie in its robust handling of SQL and output, but these are overshadowed by the critical security gap of unauthenticated access points.",[401,403,405,407,409],{"reason":402,"points":122},"AJAX handlers without auth checks",{"reason":404,"points":122},"REST API routes without permission callbacks",{"reason":406,"points":214},"Dangerous function exec",{"reason":408,"points":214},"Nonce checks missing",{"reason":410,"points":214},"Capability checks missing","2026-03-17T06:24:36.134Z",{"wat":413,"direct":421},{"assetPaths":414,"generatorPatterns":416,"scriptPaths":417,"versionParams":418},[415],"\u002Fwp-content\u002Fplugins\u002Fsafe-wp-updates-by-wp-boom\u002Fjs\u002Fwpboom-front.js",[],[],[419,420],"wpboom-main-front-js","js\u002Fwpboom-front.js?version=",{"cssClasses":422,"htmlComments":423,"htmlAttributes":424,"restEndpoints":432,"jsGlobals":433,"shortcodeOutput":435},[],[],[425,426,427,428,429,430,431],"data-bs-toggle","data-bs-target","aria-controls","aria-expanded","data-bs-parent","role","data-bs-dismiss",[],[434],"boomvars",[]]