[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fum-sK9PfBXGddE1IN14wLStqe3ZCB_sEu3ixKpqEotM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":148,"fingerprints":291},"scand-osticket-connector","osTicket Connector","1.0.9","SCAND","https:\u002F\u002Fprofiles.wordpress.org\u002Fscandltd\u002F","\u003Cp>This WordPress plugin supports the creation of new tickets in the osTicket system by using osTicket API. Only contact forms, which send emails, are supported as our plugin hooks the wp_mail function to get the forms’ data.\u003C\u002Fp>\n\u003Ch4>Important\u003C\u002Fh4>\n\u003Cp>The contact form must contain “Email”, “Full Name”, “Subject” and “Message” fields at least.\u003C\u002Fp>\n\u003Ch4>osTicket API\u003C\u002Fh4>\n\u003Cp>The osTicket API is used as simple XML or JSON over HTTP. Ticket creation is supported only.\u003C\u002Fp>\n\u003Ch4>Authentication\u003C\u002Fh4>\n\u003Cp>Authentication via the API is done via API keys configured inside the osTicket admin panel. API keys are created and tied to a source IP address, which will be checked against the source IP of requests to the HTTP API.\u003C\u002Fp>\n\u003Cp>API keys can be created and managed via the admin panel. Navigate to Manage -> API keys. Use Add New API Key to create a new API key. Currently, no special configuration is required to allow the API key to be used for the HTTP API. All API keys are valid for the HTTP API.\u003Cbr \u002F>\nSee more details \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FosTicket\u002FosTicket\u002Fblob\u002Fmaster\u002Fsetup\u002Fdoc\u002Fapi.md\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Deployment\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Configure osTicket support system to enable the access via API for your WordPress (see “Authentication” section).\u003C\u002Fli>\n\u003Cli>Set up the contact form and input the attribute value of the tag name exactly as given in the settings form of the plugin. This will let the data map to osTicket API data template correctly.\u003C\u002Fli>\n\u003Cli>Add a hidden input with a name specified in ‘Form Identifier’ while using the contact form.\u003C\u002Fli>\n\u003C\u002Fol>\n","Create tickets in osTicket support system via the existing contact form.",300,10159,100,4,"2024-10-18T06:56:00.000Z","6.6.5","4.3","",[20,21,22,23,24],"connector","http","osticket","scandltd","support","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fscand-osticket-connector\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscand-osticket-connector.1.0.9.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":23,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},3,330,78,30,79,"2026-04-05T03:15:48.119Z",[40,58,84,106,128],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":13,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":18,"download_link":56,"security_score":57,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"forum-wordpress-fr","Forum_wordpress_fr","4.2","arena","https:\u002F\u002Fprofiles.wordpress.org\u002Farena\u002F","\u003Cp>Affiche le petit questionnaire pr&eacute;-rempli pour le forum https:\u002F\u002Fwpfr.net\u002Fsupport\u002F\u003Cbr \u002F>\net le copie (&agrave; la demande) dans votre presse-papier.\u003C\u002Fp>\n\u003Cp>Peut n&eacute;cessiter la pr&eacute;sence du plugin flash dans votre browser !\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin is using the following external software :\u003Cbr \u002F>\n1. ZeroClipboard developped in Flash by Joseph Huckaby (2014) [js\u002Ffwf_zc.swf]\u003C\u002Fp>\n","Questionnaire du forum https:\u002F\u002Fwpfr.net\u002Fsupport",400,12753,6,"2020-05-11T17:38:00.000Z","5.4.19","5.2",[55],"questionnaire-du-forum-https-wpfr-net-support","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforum-wordpress-fr.4.2.zip",85,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":79,"download_link":80,"security_score":81,"vuln_count":82,"unpatched_count":28,"last_vuln_date":83,"fetched_at":30},"hostinger","Hostinger Tools","3.0.59","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Tools is an all-in-one plugin designed to streamline essential tasks for WordPress site administrators. This plugin offers a range of features to help you manage your site’s information, maintenance mode, security, and redirects effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Basic Info\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the current WordPress version with automatic update checks.\u003C\u002Fli>\n\u003Cli>Shows the current PHP version with automatic update checks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Maintenance Mode\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable or disable maintenance mode for your site.\u003C\u002Fli>\n\u003Cli>Provide a URL to bypass maintenance mode for selected users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Security\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable XML-RPC requests to enhance your site’s security.\u003C\u002Fli>\n\u003Cli>Enable or disable Authorize application page to enhance your site’s security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Redirects\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force all URLs to use HTTPS for secure browsing.\u003C\u002Fli>\n\u003Cli>Force all URLs to use WWW to ensure consistency in site access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>LLMs.txt Generation\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically generate a structured LLMs.txt file in Markdown format.\u003C\u002Fli>\n\u003Cli>Include website title, description, posts, pages, and products (if WooCommerce is active).\u003C\u002Fli>\n\u003Cli>Keep the file updated when content changes or new content is published.\u003C\u002Fli>\n\u003Cli>Help AI-powered tools better understand and interact with your website content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hostinger Tools is the new version of the previous Hostinger plugin, offering an updated and enhanced experience.\u003Cbr \u002F>\nThe Onboarding assistant and the Learning section previously included in this plugin were moved to the separate plugin Hostinger Easy Onboarding.\u003C\u002Fp>\n","Simplified WordPress management. Manage site info, maintenance, security, & redirects.",3000000,16730722,60,25,"2026-03-03T11:48:00.000Z","6.9.4","5.5","8.1",[59,75,76,77,78],"https","maintenance","security","tools","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger.3.0.59.zip",99,1,"2024-01-05 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":66,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":71,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":102,"download_link":103,"security_score":104,"vuln_count":33,"unpatched_count":28,"last_vuln_date":105,"fetched_at":30},"really-simple-ssl","Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)","9.5.8","Really Simple Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Freallysimpleplugins\u002F","\u003Cp>Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate.\u003C\u002Fp>\n\u003Ch3>Really simple, Effective and Performant WordPress Security\u003C\u002Fh3>\n\u003Cp>Really Simple Security is the most lightweight and easy-to-use security plugin for WordPress. It secures your WordPress website with SSL certificate generation, including proper 301 https redirection and SSL enforcement, scanning for possible vulnerabilities, Login Protection and implementing essential WordPress hardening features.\u003C\u002Fp>\n\u003Cp>We believe that security should have the absolute minimum effect on website performance, user experience and maintainability. Therefore, Really Simple Security is:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightweight:\u003C\u002Fstrong> Every security feature is developed with a modular approach and with performance in mind. Disabled features won’t load any redundant code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy-to-use:\u003C\u002Fstrong> 1-minute configuration with short onboarding setup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Features\u003C\u002Fh3>\n\u003Ch4>Easy SSL Migration\u003C\u002Fh4>\n\u003Cp>Migrates your website to HTTPS and enforces SSL in just one click.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>301 redirect via PHP or .htaccess\u003C\u002Fli>\n\u003Cli>Secure cookies\u003C\u002Fli>\n\u003Cli>Let’s Encrypt: Install an SSL Certificate if your hosting provider supports manual installation.\u003C\u002Fli>\n\u003Cli>Server Health Check: Your server configuration is every bit as important for your website security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Hardening\u003C\u002Fh4>\n\u003Cp>Tweak your configuration and keep WordPress fortified and safe by tackling potential weaknesses.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Prevent code execution in the uploads folder\u003C\u002Fli>\n\u003Cli>Prevent login feedback and disable user enumeration\u003C\u002Fli>\n\u003Cli>Disable XML-RPC\u003C\u002Fli>\n\u003Cli>Disable directory browsing\u003C\u002Fli>\n\u003Cli>Username restrictions (block ‘admin’ and public names)\u003C\u002Fli>\n\u003Cli>and much more..\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Vulnerability Detection\u003C\u002Fh4>\n\u003Cp>Get notified when plugins, themes or WP core contain vulnerabilities and need appropriate action.\u003C\u002Fp>\n\u003Ch4>Login Protection\u003C\u002Fh4>\n\u003Cp>Allow or enforce Two-Factor Authentication (2FA) for specific user roles. Users receive a two-factor code via Email.\u003C\u002Fp>\n\u003Ch3>Improve Security with Really Simple Security Pro\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Freally-simple-ssl.com\u002F\" rel=\"nofollow ugc\">Protect your site with all essential security features by upgrading to Really Simple Security Pro.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Advanced SSL enforcement\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Mixed Content Scan & Fixer. Detect files that are requested over HTTP and fix them to HTTPS, both Front- and Back-end.\u003C\u002Fli>\n\u003Cli>Enable HTTP Strict Transport Security and configure your site for the HSTS Preload list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Firewall\u003C\u002Fh4>\n\u003Cp>Really Simple Security Pro includes a performant and efficient WordPress firewall, to stop bots, crawlers and bad actors with IP and username blocks.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>404 blocking – Blocks crawlers as they trigger unusual numbers of 404 errors.\u003C\u002Fli>\n\u003Cli>Region blocking – Only allow\u002Fblock access to your site from specific regions.\u003C\u002Fli>\n\u003Cli>Automated and customisable Firewall rules.\u003C\u002Fli>\n\u003Cli>IP blocklist and allowlist.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Headers\u003C\u002Fh4>\n\u003Cp>Security headers protect your site visitors against the risk of clickjacking, cross-site-forgery attacks, stealing login credentials and malware.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Independent of your Server Configuration, works on Apache, LiteSpeed, NGINX, etc.\u003C\u002Fli>\n\u003Cli>Protect your website visitors with X-XSS Protection, X-Content-Type-Options, X-Frame-Options, a Referrer Policy and CORS headers.\u003C\u002Fli>\n\u003Cli>Automatically generate your WordPress-tailored Content Security Policy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Vulnerability Measures\u003C\u002Fh4>\n\u003Cp>When a vulnerability is detected in a plugin, theme or WordPress core you will get notified accordingly. With Vulnerability Measures, you can configure simple but effective measures to make sure that a critical vulnerability won’t remain unattended.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force update: An update process will be tried multiple times until it can be assumed development of a theme or plugin is abandoned. You will be notified during these steps.\u003C\u002Fli>\n\u003Cli>Quarantine: When a plugin or theme can’t be updated to solve a vulnerability, Really Simple Security can quarantine the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Site Hardening\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choose a custom login URL\u003C\u002Fli>\n\u003Cli>Automated File Permissions check and fixer\u003C\u002Fli>\n\u003Cli>Rename and randomize your database prefix\u003C\u002Fli>\n\u003Cli>Change the debug.log file location to a non-public folder\u003C\u002Fli>\n\u003Cli>Disable application passwords\u003C\u002Fli>\n\u003Cli>Control admin creation\u003C\u002Fli>\n\u003Cli>Disable HTTP methods, reducing HTTP requests\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Login Protection\u003C\u002Fh4>\n\u003Cp>Secure your website’s login process and user accounts with powerful security measures.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Two-Step verification (Email login)\u003C\u002Fli>\n\u003Cli>2FA (two factor authentication) with TOTP\u003C\u002Fli>\n\u003Cli>Passwordless login with passkey login\u003C\u002Fli>\n\u003Cli>Enforce strong passwords and frequent password change\u003C\u002Fli>\n\u003Cli>Limit Login Attempts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>With Limit Login Attempts you can configure a threshold to temporarily or permanently block IP addresses or (non-existing) usernames. You can also throw a CAPTCHA after a failed login (hCaptcha or Google reCaptcha)\u003C\u002Fp>\n\u003Ch4>Access Control\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Restrict access to your site for specific regions.\u003C\u002Fli>\n\u003Cli>Add specific IP addresses or IP ranges to the Blocklist or Allowlist.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Useful Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Freally-simple-ssl.com\u002Fknowledge-base-overview\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Freally-simple-ssl.com\u002Fdefinitions\u002F\" rel=\"nofollow ugc\">Security Definitions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Freally-simple-ssl\" rel=\"nofollow ugc\">Translate Really Simple Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Freally-simple-ssl\u002Fissues\" rel=\"nofollow ugc\">Issues & pull requests\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Freally-simple-ssl\u002Flabels\u002Ffeature%20request\" rel=\"nofollow ugc\">Feature requests\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Love Really Simple Security?\u003C\u002Fh3>\n\u003Cp>If you want to support the continuing development of this plugin, please consider buying \u003Ca href=\"https:\u002F\u002Fwww.really-simple-ssl.com\u002Fpro\u002F\" rel=\"nofollow ugc\">Really Simple Security Pro\u003C\u002Fa>, which includes some excellent security features and premium support.\u003C\u002Fp>\n\u003Ch3>About Really Simple Plugins\u003C\u002Fh3>\n\u003Cp>Our mission is to make complex WordPress requirements really easy. Really Simple Security is developed by \u003Ca href=\"https:\u002F\u002Fwww.really-simple-ssl.com\u002Fabout-us\" rel=\"nofollow ugc\">Really Simple Plugins\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For generating SSL certificates, Really Simple Security uses the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffbett\u002Fle-acme2-php\u002F\" rel=\"nofollow ugc\">le acme2 PHP\u003C\u002Fa> Let’s Encrypt client library, thanks to ‘fbett’ for providing it. Vulnerability Detection uses WP Vulnerability, an open-source initiative by Javier Casares. Want to join as a collaborator? We’re on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Freally-simple-plugins\u002Freally-simple-ssl\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> as well!\u003C\u002Fp>\n","Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate.",205655178,98,8803,"2026-02-26T10:57:00.000Z","6.6","7.4",[99,75,77,100,101],"2fa","two-factor","vulnerabilities","https:\u002F\u002Freally-simple-ssl.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freally-simple-ssl.9.5.8.zip",96,"2026-03-15 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":35,"num_ratings":116,"last_updated":117,"tested_up_to":71,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":124,"download_link":125,"security_score":126,"vuln_count":50,"unpatched_count":28,"last_vuln_date":127,"fetched_at":30},"bbpress","bbPress","2.6.14","John James Jacoby","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnjamesjacoby\u002F","\u003Cp>Are you looking for a timeless, elegant, and streamlined discussion board? bbPress is easy to integrate, easy to use, and is built to scale with your growing community.\u003C\u002Fp>\n\u003Cp>bbPress is intentionally simple yet infinitely powerful forum software, built by contributors to WordPress.\u003C\u002Fp>\n","bbPress is forum software for WordPress.",100000,9266210,343,"2025-07-02T15:44:00.000Z","6.0","5.6.20",[121,122,123,24],"discussion","forum","forums","https:\u002F\u002Fbbpress.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbpress.2.6.14.zip",91,"2025-03-04 00:00:00",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":114,"downloaded":136,"rating":137,"num_ratings":138,"last_updated":139,"tested_up_to":71,"requires_at_least":140,"requires_php":18,"tags":141,"homepage":146,"download_link":147,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"https-redirection","Easy HTTPS Redirection (SSL)","2.0.0","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Ch4>Only use this plugin if you have installed SSL certificate on your site and HTTPS is working correctly\u003C\u002Fh4>\n\u003Cp>Once you’ve installed an SSL certificate on your site, it’s important to ensure that your webpages are accessed via their secure HTTPS URLs.\u003C\u002Fp>\n\u003Cp>To improve SEO and user security, you want search engines and visitors to always use the HTTPS version of your pages. This plugin makes that easy by automatically redirecting users to the HTTPS version whenever they try to access the non-HTTPS (HTTP) version of a page.\u003C\u002Fp>\n\u003Ch3>Example\u003C\u002Fh3>\n\u003Cp>Let’s say you want to ensure the following page is always accessed over HTTPS:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If a visitor tries to access:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin will automatically redirect them to the secure version:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This ensures that visitors always access the HTTPS version of your pages or site.\u003C\u002Fp>\n\u003Cp>You can choose to automatically redirect your entire domain to HTTPS, or selectively apply HTTPS redirection to specific pages.\u003C\u002Fp>\n\u003Ch3>Video Tutorials\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FoyJgRFCM6u8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLtyBraB64v8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Force Load Static Files Using HTTPS\u003C\u002Fh3>\n\u003Cp>If you started using SSL from day 1 of your site then all your static files are already embedded using HTTPS URL. You have no issue there.\u003C\u002Fp>\n\u003Cp>However, if you have an existing website where you have a lot of static files that are embedded in your posts and pages using NON-HTTPS URL then you will need to change those. Otherwise, the browser will show an SSL warning to your visitors.\u003C\u002Fp>\n\u003Cp>This plugin has an option that will allow you to force load those static files using HTTPS URL dynamically.\u003C\u002Fp>\n\u003Cp>This will help you make the webpage fully compatible with SSL.\u003C\u002Fp>\n\u003Ch3>SSL Certificate Expiry Notification\u003C\u002Fh3>\n\u003Cp>This plugin includes a feature that allows you to receive email notifications when your SSL certificate is about to expire. It helps ensure your website remains secure and accessible over HTTPS.\u003C\u002Fp>\n\u003Cp>You can configure the recipient email address and specify how many days in advance the notification should be sent. By default, the notification is sent 7 days before expiry, but you can adjust this to suit your preference.\u003C\u002Fp>\n\u003Cp>This feature is especially useful for site owners who may not frequently check their SSL status, or for those managing multiple websites. By receiving timely alerts, you can renew your SSL certificate in advance and prevent potential downtime or security warnings.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically redirect all HTTP traffic to HTTPS\u003C\u002Fli>\n\u003Cli>Option to force HTTPS on the entire site\u003C\u002Fli>\n\u003Cli>Option to selectively apply HTTPS redirection to specific pages\u003C\u002Fli>\n\u003Cli>Helps search engines index the secure versions of your pages\u003C\u002Fli>\n\u003Cli>Improves site security and user trust\u003C\u002Fli>\n\u003Cli>Force load static files (images, js, css etc) using a HTTPS URL\u003C\u002Fli>\n\u003Cli>SSL certificate expiry notification – Option to send SSL expiry notifications to a specific email address\u003C\u002Fli>\n\u003Cli>Easily see which SSL certificates on your site are approaching their expiry date.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>View more details on the \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin\" rel=\"nofollow ugc\">HTTPS Redirection plugin\u003C\u002Fa> page.\u003C\u002Fp>\n","The plugin allows an automatic redirection to the \"HTTPS\" version\u002FURL of the site. Make your site SSL compatible easily.",1169853,84,71,"2025-12-02T03:12:00.000Z","6.5",[142,75,143,144,145],"force-ssl","insecure-content","redirection","ssl","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttps-redirection.2.0.0.zip",{"attackSurface":149,"codeSignals":187,"taintFlows":223,"riskAssessment":277,"analyzedAt":290},{"hooks":150,"ajaxHandlers":183,"restRoutes":184,"shortcodes":185,"cronEvents":186,"entryPointCount":28,"unprotectedCount":28},[151,157,161,165,167,170,174,178],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","admin_init","check_requirements","class-http-api.php",29,{"type":152,"name":158,"callback":159,"file":155,"line":160},"plugins_loaded","init",33,{"type":152,"name":162,"callback":163,"file":155,"line":164},"admin_notices","anonymous",68,{"type":152,"name":159,"callback":166,"file":155,"line":35},"load_textdomain",{"type":152,"name":168,"callback":169,"file":155,"line":37},"admin_menu","adminMenu",{"type":152,"name":171,"callback":172,"file":155,"line":173},"admin_enqueue_scripts","adminEnqueueScripts",80,{"type":152,"name":175,"callback":176,"file":155,"line":177},"wp_mail","createTicket",82,{"type":179,"name":180,"callback":181,"file":155,"line":182},"filter","wpcf7_form_tag","cf7FormTagFilter",83,[],[],[],[],{"dangerousFunctions":188,"sqlUsage":189,"outputEscaping":191,"fileOperations":221,"externalRequests":82,"nonceChecks":82,"capabilityChecks":82,"bundledLibraries":222},[],{"prepared":28,"raw":28,"locations":190},[],{"escaped":82,"rawEcho":192,"locations":193},13,[194,198,199,201,203,205,207,209,211,213,215,217,219],{"file":195,"line":196,"context":197},"admin-settings.php",16,"raw output",{"file":195,"line":156,"context":197},{"file":195,"line":200,"context":197},49,{"file":195,"line":202,"context":197},62,{"file":195,"line":204,"context":197},74,{"file":195,"line":206,"context":197},86,{"file":195,"line":208,"context":197},95,{"file":195,"line":210,"context":197},103,{"file":195,"line":212,"context":197},112,{"file":195,"line":214,"context":197},124,{"file":195,"line":216,"context":197},134,{"file":155,"line":218,"context":197},205,{"file":155,"line":220,"context":197},212,2,[],[224,248,268],{"entryPoint":225,"graph":226,"unsanitizedCount":82,"severity":247},"getData (class-http-api.php:344)",{"nodes":227,"edges":243},[228,233,237],{"id":229,"type":230,"label":231,"file":155,"line":232},"n0","source","$_SERVER",369,{"id":234,"type":235,"label":236,"file":155,"line":232},"n1","transform","→ log()",{"id":238,"type":239,"label":240,"file":155,"line":241,"wp_function":242},"n2","sink","file_put_contents() [File Write]",420,"file_put_contents",[244,246],{"from":229,"to":234,"sanitized":245},false,{"from":234,"to":238,"sanitized":245},"medium",{"entryPoint":249,"graph":250,"unsanitizedCount":82,"severity":247},"\u003Cclass-http-api> (class-http-api.php:0)",{"nodes":251,"edges":263},[252,255,258,259,261],{"id":229,"type":230,"label":253,"file":155,"line":254},"$_POST[?]",191,{"id":234,"type":239,"label":256,"file":155,"line":254,"wp_function":257},"update_option() [Settings Manipulation]","update_option",{"id":238,"type":230,"label":231,"file":155,"line":232},{"id":260,"type":235,"label":236,"file":155,"line":232},"n3",{"id":262,"type":239,"label":240,"file":155,"line":241,"wp_function":242},"n4",[264,266,267],{"from":229,"to":234,"sanitized":265},true,{"from":238,"to":260,"sanitized":245},{"from":260,"to":262,"sanitized":245},{"entryPoint":269,"graph":270,"unsanitizedCount":28,"severity":276},"adminMenuOptions (class-http-api.php:173)",{"nodes":271,"edges":274},[272,273],{"id":229,"type":230,"label":253,"file":155,"line":254},{"id":234,"type":239,"label":256,"file":155,"line":254,"wp_function":257},[275],{"from":229,"to":234,"sanitized":265},"low",{"summary":278,"deductions":279},"The \"scand-osticket-connector\" v1.0.9 plugin exhibits a generally strong security posture in several key areas. The absence of known CVEs and a lack of recorded past vulnerabilities is a positive indicator. The code analysis reveals no dangerous functions, all SQL queries utilize prepared statements, and there are no identified critical or high severity taint flows. Furthermore, the plugin appears to implement nonce and capability checks where appropriate, and the attack surface is entirely protected by authentication, with zero unprotected entry points.\n\nHowever, there are notable areas of concern. The low percentage of properly escaped output (7%) is a significant risk. This suggests that data displayed to users might not be adequately sanitized, potentially leading to cross-site scripting (XSS) vulnerabilities. While no critical taint flows were found, the \"flows with unsanitized paths\" indicate that the plugin's handling of certain data could still be problematic. The presence of file operations and external HTTP requests, even if limited, warrants careful review to ensure these actions are performed securely and with proper validation.\n\nIn conclusion, while the plugin has a clean vulnerability history and demonstrates good practices in areas like SQL injection prevention and attack surface protection, the weak output escaping is a critical weakness that requires immediate attention. The presence of unsanitized paths in taint analysis, though not resulting in critical severity, also suggests potential areas for improvement in input validation and data sanitization.",[280,283,286,288],{"reason":281,"points":282},"Low output escaping (7%)",8,{"reason":284,"points":285},"Unsanitized paths in taint analysis",5,{"reason":287,"points":33},"File operations present",{"reason":289,"points":33},"External HTTP requests present","2026-03-16T20:04:03.408Z",{"wat":292,"direct":299},{"assetPaths":293,"generatorPatterns":295,"scriptPaths":296,"versionParams":297},[294],"\u002Fwp-content\u002Fplugins\u002Fscand-osticket-connector\u002Fcss\u002Fscand-osticket-connector.css",[],[],[298],"scand-osticket-connector\u002Fcss\u002Fscand-osticket-connector.css?ver=",{"cssClasses":300,"htmlComments":301,"htmlAttributes":302,"restEndpoints":304,"jsGlobals":305,"shortcodeOutput":306},[],[],[303],"data-scand-osticket-config",[],[],[]]