[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBxSHYMSVsgDy6rV7pSbXQPbLHWx9hzCZG9N0jga75vU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":113,"crawl_stats":38,"alternatives":120,"analysis":226,"fingerprints":703},"shiftcontroller","ShiftController Employee Shift Scheduling","4.9.92","plainware","https:\u002F\u002Fprofiles.wordpress.org\u002Fplainware\u002F","\u003Cp>ShiftController is a lightweight, easy to use WordPress staff scheduling and rostering, rota planning plugin for any business that needs to manage and schedule employees.\u003C\u002Fp>\n\u003Ch4>Keep Organized\u003C\u002Fh4>\n\u003Cp>Associate your employees with calendars, configure shift types, assign managers, and keep your staff scheduling under control anywhere at anytime online from your WordPress powered website!\u003C\u002Fp>\n\u003Ch4>Escape Schedule Conflicts\u003C\u002Fh4>\n\u003Cp>Quickly see and correct any conflicts due to overlapping shifts or timeoffs. Each conflicting entry is highlighted in the schedule calendar so you will not miss it.\u003C\u002Fp>\n\u003Ch4>Mobile Friendly\u003C\u002Fh4>\n\u003Cp>Responsive design that works perfectly well for iPhone, Android, Blackberry, Windows as well as for desktops, laptops and tablets.\u003C\u002Fp>\n\u003Ch3>Pro Version Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Bulk Edit\u003C\u002Fstrong>\u003Cbr \u002F>\nThe \u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\u002Fbulk-actions\u002F\" rel=\"nofollow ugc\">Bulk Edit\u003C\u002Fa> function lets you change or delete multiple shifts at once.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Repeat Shifts\u003C\u002Fstrong>\u003Cbr \u002F>\nQuickly \u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\u002Frecurring-shifts\u002F\" rel=\"nofollow ugc\">create new or repeat existing shifts\u003C\u002Fa> months ahead.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Shift Pickup\u003C\u002Fstrong>\u003Cbr \u002F>\nWith the \u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\u002Fshift-pickup\u002F\" rel=\"nofollow ugc\">Shift Pickup\u003C\u002Fa> module shifts can be marked as requested for pickup, and other employees can pick them up.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Schedule Templates\u003C\u002Fstrong>\u003Cbr \u002F>\nQuickly create new week schedules from \u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\u002Fschedule-templates\u002F\" rel=\"nofollow ugc\">schedule templates\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom Fields\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\u002Fcustom-fields\u002F\" rel=\"nofollow ugc\">Additional fields\u003C\u002Fa> for shifts to keep custom information.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Schedule Limits\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\u002Fschedule-limits\u002F\" rel=\"nofollow ugc\">Limit total number or duration of shifts\u003C\u002Fa> within a day, a week, or a month.\u003C\u002Fp>\n\u003Cp>Please visit \u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\" title=\"WordPress Employee Scheduling\" rel=\"nofollow ugc\">our website\u003C\u002Fa> for more info and \u003Ca href=\"https:\u002F\u002Fwww.shiftcontroller.com\u002Forder\u002F\" rel=\"nofollow ugc\">get the Premium version now!\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Please contact us at https:\u002F\u002Fwww.shiftcontroller.com\u002Fcontact\u002F\u003C\u002Fp>\n\u003Cp>Author: Plainware\u003Cbr \u002F>\nAuthor URI: https:\u002F\u002Fwww.shiftcontroller.com\u003C\u002Fp>\n","Schedule staff and shifts anywhere at anytime online from your WordPress powered website.",700,124263,86,21,"2026-03-11T08:27:00.000Z","6.9.4","4.1","5.6",[20,21,22,23,24],"employee","rota","shift","staff","volunteer","https:\u002F\u002Fwww.shiftcontroller.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshiftcontroller.4.9.92.zip",94,6,0,"2024-10-03 00:00:00","2026-03-15T15:16:48.613Z",[33,49,63,78,90,103],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2024-9435","shiftcontroller-employee-shift-scheduling-reflected-cross-site-scripting","ShiftController Employee Shift Scheduling \u003C= 4.9.66 - Reflected Cross-Site Scripting","The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=4.9.66","4.9.67","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-10-04 06:48:42",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdd3a198c-7c24-45b1-95a7-eb16472a51e2?source=api-prod",1,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"CVE-2024-44040","shiftcontroller-employee-shift-scheduling-authenticated-administrator-stored-cross-site-scripting","ShiftController Employee Shift Scheduling \u003C= 4.9.64 - Authenticated (Administrator+) Stored Cross-Site Scripting","The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.9.64 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.","\u003C=4.9.64","4.9.65",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-09-23 00:00:00","2024-10-02 19:59:32",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F53192f38-ab76-4843-a652-37c266b527e7?source=api-prod",10,{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":38,"affected_versions":68,"patched_in_version":69,"severity":70,"cvss_score":71,"cvss_vector":72,"vuln_type":73,"published_date":74,"updated_date":75,"references":76,"days_to_patch":48},"CVE-2024-4733","shiftcontroller-employee-shift-scheduling-authenticated-contributor-php-object-injection","ShiftController Employee Shift Scheduling \u003C= 4.9.57 - Authenticated (Contributor+) PHP Object Injection","The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the `hc3_session`-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.","\u003C=4.9.57","4.9.58","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2024-05-16 07:20:34","2024-05-16 19:33:31",[77],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9c8ab916-240d-43c3-92d4-7efd75862a5e?source=api-prod",{"id":79,"url_slug":80,"title":81,"description":82,"plugin_slug":4,"theme_slug":38,"affected_versions":83,"patched_in_version":84,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":85,"updated_date":86,"references":87,"days_to_patch":89},"CVE-2023-1978","shiftcontroller-employee-shift-scheduling-reflected-cross-site-scripting-via-query-string","ShiftController Employee Shift Scheduling \u003C= 4.9.25 - Reflected Cross-Site Scripting via Query String","The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=4.9.25","4.9.26","2023-04-13 00:00:00","2024-01-22 19:56:02",[88],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb5c61212-e68e-4198-b078-18121576b767?source=api-prod",285,{"id":91,"url_slug":92,"title":93,"description":94,"plugin_slug":4,"theme_slug":38,"affected_versions":95,"patched_in_version":96,"severity":70,"cvss_score":97,"cvss_vector":98,"vuln_type":44,"published_date":99,"updated_date":86,"references":100,"days_to_patch":102},"CVE-2023-29424","shiftcontroller-employee-shift-scheduling-unauthenticated-stored-cross-site-scripting-via-hc-title","ShiftController Employee Shift Scheduling \u003C= 4.9.23 - Unauthenticated Stored Cross-Site Scripting via 'hc-title'","The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hc_title’ parameter in versions up to, and including, 4.9.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=4.9.23","4.9.24",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2023-04-06 00:00:00",[101],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbc38990f-0079-46de-8197-0187189d90d9?source=api-prod",292,{"id":104,"url_slug":105,"title":106,"description":107,"plugin_slug":4,"theme_slug":38,"affected_versions":95,"patched_in_version":96,"severity":41,"cvss_score":108,"cvss_vector":109,"vuln_type":110,"published_date":99,"updated_date":86,"references":111,"days_to_patch":102},"CVE-2023-29425","shiftcontroller-employee-shift-scheduling-cross-site-request-forgery-via-get","ShiftController Employee Shift Scheduling \u003C= 4.9.23 - Cross-Site Request Forgery via get","The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.9.23. This is due to missing or incorrect nonce validation on the get method of the HC3_Post class. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:L","Cross-Site Request Forgery (CSRF)",[112],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fca058dde-48fd-46f4-b16c-97cdf79578ff?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":114,"total_installs":115,"avg_security_score":116,"avg_patch_time_days":117,"trust_score":118,"computed_at":119},5,1810,83,136,67,"2026-04-04T09:21:51.188Z",[121,145,168,190,210],{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":16,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":141,"download_link":142,"security_score":143,"vuln_count":114,"unpatched_count":29,"last_vuln_date":144,"fetched_at":31},"organization-chart","Organization chart","1.7.6","wpdevart","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevart\u002F","\u003Cp>WordPress organization chart plugin is a nice and handy tool for creating simple and nice organizational charts. If you have any suggestions about the functionality, just let us know.\u003C\u002Fp>\n\u003Ch3>You can check the demo of the plugin here:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdemo.wpdevart.com\u002Forganization-chart\" rel=\"nofollow ugc\">Demo Page\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features of Free version\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>User-friendly interface\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works great with all actual WordPress versions\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive(mobile-friendly) design\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg-ready plugin\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to add unlimited themes and elements\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to add image for each element\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to duplicate the organizational charts or themes\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to add horizontal scrolling instead of mobile view\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to select theme for each element\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to change the organizational chart background color and border radius\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to enable Popup functionality\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to configure Popup styles\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to set User Permissions\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Also, our plugin has a premium version, so you can upgrade the free version and get more functionality – \u003Ca href=\"https:\u002F\u002Fwpdevart.com\u002Fwordpress-organization-chart-plugin\u002F\" rel=\"nofollow ugc\">WordPress Organization Chart Premium\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features of the Premium version\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Built-in themes for the elements\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable elements\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to change the title and description font family\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to change the elements border styles\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to change the elements background color(gradient)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full Screen functionality\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Drag and Zoom functionality\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ability to set a responsive view after the element\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>If you have any questions, issues or even suggestions occurring our plugin, you can contact us at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Forganization-chart\" rel=\"ugc\">SUPPORT FORUM\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FF4md4FQDvSY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Below we listed the WordPress Organizational Chart plugin options list. If you click on the element edit button, you will see a popup window with the following settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Element Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Information tab\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Type the URL – Type the element image URL or upload it using the “Upload” button.\u003C\u002Fli>\n\u003Cli>Type the title –  Type the element title in this field.\u003C\u002Fli>\n\u003Cli>Type the description – Type the element description in this field.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Styling\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select the theme – You can select the element theme using this option.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Theme Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>General Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Responsive(Add a horizontal scroll, Mobile view) – This option allows to select how to display the organization chart, if the is is bigger then the container.\u003C\u002Fli>\n\u003Cli>Background Color – Choose the container background color.\u003C\u002Fli>\n\u003Cli>Border Radius – Type the container border radius.\u003C\u002Fli>\n\u003Cli>Padding – Type the global padding values.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Line style\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set the line color – This option allows to set the global line(border) color.\u003C\u002Fli>\n\u003Cli>Line Height – This option allows to set the global line(border) height.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Item style\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Background Color – Select the element background color.\u003C\u002Fli>\n\u003Cli>Minimum Width – Type the element minimum width.\u003C\u002Fli>\n\u003Cli>Minimum Height – Type the element minimum height.\u003C\u002Fli>\n\u003Cli>Image width – Type the element image width.\u003C\u002Fli>\n\u003Cli>Image height – Type the element image height.\u003C\u002Fli>\n\u003Cli>Image Border Radius – Type the image border radius.\u003C\u002Fli>\n\u003Cli>Image Margin – Type the image margin option values.\u003C\u002Fli>\n\u003Cli>Title font – Configure the title font style by clicking on the pencil icon(available options are: Font Family, Color, Font Size, Line Height, Letter Spacing, Font Weight, Font Style).\u003C\u002Fli>\n\u003Cli>Title Margin – Type the title margin option values.\u003C\u002Fli>\n\u003Cli>Description font – Configure the description font style by clicking on the pencil icon(available options are: Font Family, Color, Font Size, Line Height, Letter Spacing, Font Weight, Font Style).\u003C\u002Fli>\n\u003Cli>Description margin – Type the description margin option values.\u003C\u002Fli>\n\u003Cli>Item Border – Configure the element border style by clicking on the pencil icon(available options are: Item Border Type, Item Border Color, Border Width, Border Radius).\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress organization chart plugin is a nice and handy tool for creating simple and nice organizational charts. If you have any suggestions about the &hellip;",5000,112078,100,13,"2026-02-12T21:23:00.000Z","3.4.0","",[137,138,122,139,140],"employee-list","org-chart","organizational-chart","staff-directory","https:\u002F\u002Fwpdevart.com\u002Fwordpress-organization-chart-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Forganization-chart.1.7.6.zip",96,"2024-08-07 00:01:25",{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":155,"num_ratings":156,"last_updated":157,"tested_up_to":158,"requires_at_least":159,"requires_php":160,"tags":161,"homepage":163,"download_link":164,"security_score":165,"vuln_count":166,"unpatched_count":29,"last_vuln_date":167,"fetched_at":31},"simple-staff-list","Simple Staff List","2.2.5","Brett Shumaker","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrettshumaker\u002F","\u003Cp>The Simple Staff List plugin allows you to build a staff directory for your website. You get an easy-to-use interface\u003Cbr \u002F>\nwhich allows you to edit the following fields for each staff member: Name, Photo, Position, Email, Phone Number, and Bio.\u003Cbr \u002F>\nThere’s also a drag-and-drop interface to set the order of your staff members.\u003C\u002Fp>\n\u003Cp>You’ll use the \u003Ccode>[simple-staff-list]\u003C\u002Fcode> shortcode within a page or post to display the full staff listing in the order set\u003Cbr \u002F>\non the “Order” page. You’ll be able to customize the information shown for each staff member on your website by editing a simple template. You can add your own custom CSS to style your staff list as well.\u003C\u002Fp>\n\u003Cp>Use the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsimple-staff-list\" title=\"Simple Staff List support\" rel=\"ugc\">Simple Staff List support section\u003C\u002Fa> to post any problems\u002Fcomments!\u003C\u002Fp>\n","A simple plugin to build and display a staff listing for your website.",3000,156619,92,40,"2025-04-21T20:27:00.000Z","6.8.0","3.0","5.4",[20,137,23,140,162],"staff-list","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-staff-list\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-staff-list.2.2.5.zip",99,3,"2023-12-27 00:00:00",{"slug":169,"name":170,"version":171,"author":172,"author_profile":173,"description":174,"short_description":175,"active_installs":176,"downloaded":177,"rating":178,"num_ratings":179,"last_updated":180,"tested_up_to":16,"requires_at_least":181,"requires_php":135,"tags":182,"homepage":185,"download_link":186,"security_score":187,"vuln_count":188,"unpatched_count":29,"last_vuln_date":189,"fetched_at":31},"team-showcase","Team Showcase – Responsive Team Members Grid, Slider & Carousel Plugin","3.0.0","Themepoints","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemepoints\u002F","\u003Cp>\u003Cstrong>Team Showcase\u003C\u002Fstrong> is a lightweight yet powerful WordPress plugin that helps you display your team members, staff, employees, board members, or speakers in a clean and professional way.\u003C\u002Fp>\n\u003Cp>Create stunning team sections using grid, slider, list, popup, and carousel layouts — no coding required.\u003C\u002Fp>\n\u003Cp>The plugin works with any WordPress theme and gives you full control over layout, style, and content.\u003C\u002Fp>\n\u003Ch3>Useful Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthemepoints.com\u002Fproduct\u002Fteam-showcase-pro\u002F\" rel=\"nofollow ugc\">Upgrade to Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthemepoints.com\u002Fteamshowcase\u002F\" rel=\"nofollow ugc\">Live Preview\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthemepoints.com\u002Fteamshowcase\u002Fdocs\u002Fteam-showcase\u002Foverview\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Installation Tutorial & Demonstration\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FS9mgBm14n0I?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Why Choose Team Showcase?\u003C\u002Fh3>\n\u003Cp>Most team plugins only show names and images.\u003Cbr \u002F>\n\u003Cstrong>Team Showcase goes further.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>✔ 25+ professionally designed team layouts\u003Cbr \u002F>\n✔ Grid, slider, list & filterable layouts\u003Cbr \u002F>\n✔ Popup member profile with full details\u003Cbr \u002F>\n✔ Easy shortcode & Gutenberg support\u003Cbr \u002F>\n✔ Lightweight, fast & SEO-friendly\u003Cbr \u002F>\n✔ Works with any WordPress theme\u003C\u002Fp>\n\u003Cp>Whether you need a simple team grid or an advanced interactive team section, Team Showcase gives you full control.\u003C\u002Fp>\n\u003Ch3>Key Features – Free Version\u003C\u002Fh3>\n\u003Cp>✔ Create \u003Cstrong>unlimited team members\u003C\u002Fstrong>\u003Cbr \u002F>\n✔ Responsive \u003Cstrong>grid, slider & list\u003C\u002Fstrong> layouts\u003Cbr \u002F>\n✔ Select team members by \u003Cstrong>categories\u003C\u002Fstrong>\u003Cbr \u002F>\n✔ Control ordering (ASC \u002F DESC \u002F Custom)\u003Cbr \u002F>\n✔ Popup member details (basic layout)\u003Cbr \u002F>\n✔ Easy shortcode support\u003Cbr \u002F>\n✔ Clean, lightweight & fast\u003Cbr \u002F>\n✔ SEO-friendly HTML markup\u003Cbr \u002F>\n✔ Translation ready\u003Cbr \u002F>\n✔ Works with any theme\u003C\u002Fp>\n\u003Ch3>Team Member Fields\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Member Name  \u003C\u002Fli>\n\u003Cli>Designation  \u003C\u002Fli>\n\u003Cli>Email \u003C\u002Fli>\n\u003Cli>Location \u003C\u002Fli>\n\u003Cli>Contact Number \u003C\u002Fli>\n\u003Cli>Website \u003C\u002Fli>\n\u003Cli>Short Description  \u003C\u002Fli>\n\u003Cli>Team Member Image  \u003C\u002Fli>\n\u003Cli>Social Media Profiles  \u003C\u002Fli>\n\u003Cli>Categories \u003C\u002Fli>\n\u003Cli>Team Member Skills\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Advanced Team Member Popup\u003C\u002Fh3>\n\u003Cp>Display detailed information in a modern popup:\u003C\u002Fp>\n\u003Cp>✔ Full description\u003Cbr \u002F>\n✔ Member Information\u003Cbr \u002F>\n✔ Social media links\u003Cbr \u002F>\n✔ Smooth animations\u003Cbr \u002F>\n✔ Member Skills\u003C\u002Fp>\n\u003Cp>👉 Advanced popup layouts and animations are available in \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fthemepoints.com\u002Fproduct\u002Fteam-showcase-pro\u002F\" rel=\"nofollow ugc\">Pro version »\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Flexible Layout Options\u003C\u002Fh3>\n\u003Cp>Choose how your team appears:\u003C\u002Fp>\n\u003Cp>✔ Grid layout\u003Cbr \u002F>\n✔ Slider \u002F carousel layout\u003Cbr \u002F>\n✔ List layout\u003Cbr \u002F>\n✔ Responsive for desktop, tablet & mobile\u003Cbr \u002F>\n✔ Custom column control\u003C\u002Fp>\n\u003Cp>👉 More layouts, animations, and filters available in \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fthemepoints.com\u002Fproduct\u002Fteam-showcase-pro\u002F\" rel=\"nofollow ugc\">Pro »\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Team Showcase Pro – Unlock Full Power 🚀\u003C\u002Fh3>\n\u003Cp>Upgrade to \u003Cstrong>Team Showcase Pro\u003C\u002Fstrong> to build premium, conversion-focused team sections.\u003C\u002Fp>\n\u003Ch3>Pro Features\u003C\u002Fh3>\n\u003Cp>🔥 25+ premium team styles\u003Cbr \u002F>\n🔥 Filterable team layouts\u003Cbr \u002F>\n🔥 Advanced popup templates\u003Cbr \u002F>\n🔥 Team member skills with progress bars\u003Cbr \u002F>\n🔥 Additional slider controls & animations\u003Cbr \u002F>\n🔥 Priority support\u003C\u002Fp>\n\u003Cp>👉 Ideal for agencies, businesses & professional websites\u003C\u002Fp>\n\u003Ch3>Who Is This Plugin For?\u003C\u002Fh3>\n\u003Cp>✔ Companies & startups\u003Cbr \u002F>\n✔ Agencies & freelancers\u003Cbr \u002F>\n✔ Schools & universities\u003Cbr \u002F>\n✔ Corporate teams\u003Cbr \u002F>\n✔ NGOs & organizations\u003Cbr \u002F>\n✔ Event speakers & staff\u003Cbr \u002F>\n✔ Board members & advisors\u003C\u002Fp>\n\u003Cp>If your website needs to build trust with real people, \u003Cstrong>Team Showcase is for you\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Easy to Use – No Coding Required\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install & activate the plugin  \u003C\u002Fli>\n\u003Cli>Add team members  \u003C\u002Fli>\n\u003Cli>Choose a layout style  \u003C\u002Fli>\n\u003Cli>Insert shortcode  \u003C\u002Fli>\n\u003Cli>Done 🎉\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Performance & Compatibility\u003C\u002Fh3>\n\u003Cp>✔ Lightweight & optimized\u003Cbr \u002F>\n✔ Mobile-friendly layouts\u003Cbr \u002F>\n✔ Compatible with all modern themes\u003Cbr \u002F>\n✔ Regular updates\u003Cbr \u002F>\n✔ Follows WordPress coding standards\u003C\u002Fp>\n\u003Ch3>Support & Documentation\u003C\u002Fh3>\n\u003Cp>We actively maintain this plugin and listen to user feedback.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Documentation included  \u003C\u002Fli>\n\u003Cli>Community support via WordPress.org  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority support available in Pro\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>👉 Upgrade to \u003Ca href=\"https:\u002F\u002Fthemepoints.com\u002Fproduct\u002Fteam-showcase-pro\u002F\" rel=\"nofollow ugc\">Pro\u003C\u002Fa> for advanced features & faster support\u003C\u002Fp>\n","Create beautiful, responsive team member sections with grid, slider, list, popup, and carousel layouts. Perfect for companies, agencies, startups, sch &hellip;",2000,106217,68,24,"2026-02-08T09:38:00.000Z","4.0",[20,23,183,184,169],"team-grid","team-members","https:\u002F\u002Fthemepoints.com\u002Fteamshowcase\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fteam-showcase.zip",98,2,"2025-12-30 00:00:00",{"slug":191,"name":192,"version":193,"author":194,"author_profile":195,"description":196,"short_description":197,"active_installs":11,"downloaded":198,"rating":155,"num_ratings":199,"last_updated":200,"tested_up_to":201,"requires_at_least":159,"requires_php":18,"tags":202,"homepage":206,"download_link":207,"security_score":208,"vuln_count":114,"unpatched_count":29,"last_vuln_date":209,"fetched_at":31},"aio-time-clock-lite","All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier","2.0.4","Codebangers","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodebangers\u002F","\u003Cp>Employees can easily clock in and out.  Managers can run reports, keep track of employees\u002Fvolunteers\u002Fcontractors and their time.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FOS8zy4PQtlY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Need Support? We can help:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcodebangers.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Portal\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Keep track of employee, contractor and volunteer shifts\u003C\u002Fli>\n\u003Cli>Generate custom reports\u003C\u002Fli>\n\u003Cli>Manage employee departments and wages\u003C\u002Fli>\n\u003Cli>Easily create and edit shifts\u003C\u002Fli>\n\u003Cli>Supports all timezones\u003C\u002Fli>\n\u003Cli>View employee activity in real time\u003C\u002Fli>\n\u003Cli>Includes handy dandy time clock widget\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Use the Live Time Clock or Have Employees Select From Predefined Shifts to Clock in\u002Fout\u003C\u002Fli>\n\u003Cli>Employee and Mangers Profile\u003C\u002Fli>\n\u003Cli>Multiple Time Clock Layouts\u003C\u002Fli>\n\u003Cli>Add your own custom roles for time clock access\u003C\u002Fli>\n\u003Cli>Simple\u002FAdvanced Shift Reports\u003C\u002Fli>\n\u003Cli>Includes Manager\u002FEmployee\u002FVolunteer\u002FContractor profiles\u003C\u002Fli>\n\u003Cli>Automatically clear out shifts\u003C\u002Fli>\n\u003Cli>Export Shifts to Spreadsheet\u002FCSV\u003C\u002Fli>\n\u003Cli>Manage Wages\u003C\u002Fli>\n\u003Cli>Supports Shift History\u003C\u002Fli>\n\u003Cli>Supports Dynamic and Static Time Zones\u003C\u002Fli>\n\u003Cli>Monthly\u002FYearly Charts\u003C\u002Fli>\n\u003Cli>Compatible with Quickbooks\u003C\u002Fli>\n\u003Cli>Supports Unlimited Clock in Locations\u003C\u002Fli>\n\u003Cli>Supports Google Analytics\u003C\u002Fli>\n\u003Cli>Supports Employee IP Address and GPS Tracking (includes tracking map)\u003C\u002Fli>\n\u003Cli>Imports\u002FExport Shifts, Locations, and more for backups and migration\u003C\u002Fli>\n\u003Cli>Includes Time Clock Widget\u003C\u002Fli>\n\u003Cli>Custom Error Log\u003C\u002Fli>\n\u003Cli>Supports Multi Site\u003C\u002Fli>\n\u003Cli>Extensions that allow you do even more\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodebangers.com\u002Fproduct\u002Fall-in-one-time-clock\u002F\" rel=\"nofollow ugc\">Learn More About All in Time Clock Pro\u003C\u002Fa>\u003Cbr \u002F>\nUse coupon code “timeclockpro”\u003C\u002Fp>\n","Employees can easily clock in and out.  Managers can run reports, keep track of employees\u002Fvolunteers\u002Fcontractors and their time.",32674,8,"2025-11-01T23:53:00.000Z","6.8.5",[203,20,204,205,24],"clock","punch-clock","time","https:\u002F\u002Fcodebangers.com\u002Fproduct\u002Fall-in-one-time-clock-lite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faio-time-clock-lite.2.0.4.zip",95,"2025-11-03 16:00:57",{"slug":211,"name":212,"version":213,"author":214,"author_profile":215,"description":216,"short_description":217,"active_installs":218,"downloaded":219,"rating":187,"num_ratings":199,"last_updated":220,"tested_up_to":16,"requires_at_least":181,"requires_php":18,"tags":221,"homepage":223,"download_link":224,"security_score":208,"vuln_count":166,"unpatched_count":29,"last_vuln_date":225,"fetched_at":31},"time-clock","Time Clock – A WordPress Employee & Volunteer Time Clock Plugin","1.3.2","Scott Paterson","https:\u002F\u002Fprofiles.wordpress.org\u002Fscottpaterson\u002F","\u003Ch4>Overview\u003C\u002Fh4>\n\u003Cp>This plugin allows employees or volunteers to clock in and out for their work shifts.\u003C\u002Fp>\n\u003Cp>From the Developer: I built this plugin because I’ve frequently volunteered at bicycle and computer repair non-profits, and each one was using a buggy, custom-made time clock to track hours. It caused the non-profit extra work and was a headache. So I built this plugin to help out other organizations in the same situation.\u003C\u002Fp>\n\u003Cp>If you have a non-profit or a business, this plugin will help you track hours.\u003C\u002Fp>\n\u003Ch4>Having Problems?\u003C\u002Fh4>\n\u003Cp>If you are having problems or see a bug, please create a support thread \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftime-clock\" rel=\"ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Watch this 2 minute video of how the plugin works:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FW1669tqn3WU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Time Clock Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Users can clock in and out from shifts\u003C\u002Fli>\n\u003Cli>Users can clock in and out from lunch breaks\u003C\u002Fli>\n\u003Cli>Admins can easily make new user accounts\u003C\u002Fli>\n\u003Cli>Admins can view the number of hours worked for each day\u003C\u002Fli>\n\u003Cli>Admins can change the color and text of the time clock\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Ch4>Time Clock Pro\u003C\u002Fh4>\n\u003Cp>We offer a Pro version of this plugin for business owners who need more features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Export Activity to CSV File\u003C\u002Fli>\n\u003Cli>Time Clock can be used as a widget\u003C\u002Fli>\n\u003Cli>Admin Metrics\u003C\u002Fli>\n\u003Cli>See how many users are currently working\u003C\u002Fli>\n\u003Cli>Link a WordPress account to a Time Clock Account so users don’t have to login\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpplugin.org\u002Fdownloads\u002Ftime-clock-pro\u002F\" rel=\"nofollow ugc\">You can learn more about Time Clock Pro here\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>About the Plugin Developer\u003C\u002Fh4>\n\u003Cp>This plugin was created by \u003Ca href=\"https:\u002F\u002Fwpplugin.org\" rel=\"nofollow ugc\">WP Plugin\u003C\u002Fa>.\u003C\u002Fp>\n","An employee \u002F volunteer time clock for WordPress",600,17882,"2025-12-04T02:46:00.000Z",[203,20,205,222,24],"timeclock","https:\u002F\u002Fwpplugin.org\u002Fdownloads\u002Ftime-clock-pro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftime-clock.1.3.2.zip","2025-10-23 19:44:27",{"attackSurface":227,"codeSignals":357,"taintFlows":650,"riskAssessment":688,"analyzedAt":702},{"hooks":228,"ajaxHandlers":349,"restRoutes":350,"shortcodes":351,"cronEvents":356,"entryPointCount":48,"unprotectedCount":29},[229,235,241,243,247,251,255,258,263,267,272,277,281,285,289,293,297,301,305,309,313,317,321,325,328,332,337,342,345],{"type":230,"name":231,"callback":232,"priority":62,"file":233,"line":234},"filter","user_has_cap","wpAllowEditPost","hc3\\crud\\wordpress\\custompost.php",45,{"type":236,"name":237,"callback":238,"file":239,"line":240},"action","init","_init","hc3\\_wordpress\\abstract\\plugin.php",39,{"type":236,"name":237,"callback":242,"file":239,"line":156},"intercept",{"type":236,"name":244,"callback":245,"file":239,"line":246},"admin_init","adminInit",41,{"type":236,"name":248,"callback":249,"file":239,"line":250},"admin_menu","adminMenu",42,{"type":230,"name":252,"callback":253,"file":239,"line":254},"parent_file","setCurrentAppMenu",43,{"type":236,"name":256,"callback":257,"file":239,"line":234},"admin_enqueue_scripts","scripts",{"type":230,"name":259,"callback":260,"file":261,"line":262},"wp_mail_content_type","set_html_mail_content_type","hc3\\_wordpress\\email.php",26,{"type":230,"name":264,"callback":265,"file":261,"line":266},"wp_mail_charset","set_charset",27,{"type":230,"name":268,"callback":269,"file":270,"line":271},"locale","setWpLocale","hc3\\_wordpress\\translate.php",16,{"type":230,"name":273,"callback":274,"priority":62,"file":275,"line":276},"shiftcontroller4\u002Fapi\u002Fshifts\u002Fget","shiftsGet","sh4\\api\\api.php",52,{"type":230,"name":278,"callback":279,"priority":62,"file":275,"line":280},"shiftcontroller4\u002Fapi\u002Fshifts\u002Fgetbyid","shiftsGetById",53,{"type":230,"name":282,"callback":283,"priority":62,"file":275,"line":284},"shiftcontroller4\u002Fapi\u002Fshifts\u002Fcreate","shiftsCreate",54,{"type":230,"name":286,"callback":287,"priority":62,"file":275,"line":288},"shiftcontroller4\u002Fapi\u002Fshifts\u002Fdeletebyid","shiftsDeleteById",55,{"type":230,"name":290,"callback":291,"priority":62,"file":275,"line":292},"shiftcontroller4\u002Fapi\u002Fshifts\u002Fupdatebyid","shiftsUpdateById",56,{"type":230,"name":294,"callback":295,"priority":62,"file":275,"line":296},"shiftcontroller4\u002Fapi\u002Femployees\u002Fget","employeesGet",58,{"type":230,"name":298,"callback":299,"priority":62,"file":275,"line":300},"shiftcontroller4\u002Fapi\u002Femployees\u002Fgetbyid","employeesGetById",59,{"type":230,"name":302,"callback":303,"priority":62,"file":275,"line":304},"shiftcontroller4\u002Fapi\u002Femployees\u002Fcreate","employeesCreate",60,{"type":230,"name":306,"callback":307,"priority":62,"file":275,"line":308},"shiftcontroller4\u002Fapi\u002Femployees\u002Fgetbyuserid","employeesGetByUserId",61,{"type":230,"name":310,"callback":311,"priority":62,"file":275,"line":312},"shiftcontroller4\u002Fapi\u002Femployees\u002Fcreatebyuserid","employeesCreateByUserId",62,{"type":230,"name":314,"callback":315,"priority":62,"file":275,"line":316},"shiftcontroller4\u002Fapi\u002Fcalendars\u002Fget","calendarsGet",64,{"type":230,"name":318,"callback":319,"priority":62,"file":275,"line":320},"shiftcontroller4\u002Fapi\u002Femployees\u002Fgetbycalendarid","employeesGetByCalendarId",65,{"type":230,"name":322,"callback":323,"priority":62,"file":275,"line":324},"shiftcontroller4\u002Fapi\u002Femployees\u002Faddtocalendar","employeesAddToCalendar",66,{"type":230,"name":326,"callback":327,"priority":62,"file":275,"line":118},"shiftcontroller4\u002Fapi\u002Femployees\u002Fremovefromcalendar","employeesRemoveFromCalendar",{"type":230,"name":329,"callback":330,"priority":62,"file":275,"line":331},"shiftcontroller4\u002Fapi\u002Fcalendars\u002Fgetbyemployeeid","calendarsGetByEmployeeId",69,{"type":236,"name":333,"callback":334,"file":335,"line":336},"rest_api_init","routes","sh4\\api\\rest.php",14,{"type":236,"name":338,"callback":339,"file":340,"line":341},"admin_notices","anonymous","shiftcontroller4.php",18,{"type":236,"name":237,"callback":343,"file":340,"line":344},"addRoles",77,{"type":236,"name":346,"callback":347,"file":340,"line":348},"template_redirect","startFrontSession",79,[],[],[352],{"tag":353,"callback":354,"file":340,"line":355},"shiftcontroller4","shortcode",78,[],{"dangerousFunctions":358,"sqlUsage":363,"outputEscaping":374,"fileOperations":166,"externalRequests":29,"nonceChecks":188,"capabilityChecks":29,"bundledLibraries":649},[359],{"fn":360,"file":340,"line":361,"context":362},"create_function",19,"create_function( '',",{"prepared":364,"raw":188,"locations":365},29,[366,370],{"file":367,"line":368,"context":369},"hc3\\functions.php",31,"$wpdb->get_results() with variable interpolation",{"file":371,"line":372,"context":373},"sh4\\upgrade3\\query.php",25,"$wpdb->get_var() with variable interpolation",{"escaped":375,"rawEcho":376,"locations":377},49,142,[378,382,384,386,388,390,392,394,396,399,401,403,405,407,409,411,413,415,417,419,421,423,426,427,428,430,432,433,435,436,438,440,441,443,444,445,447,449,451,453,455,457,459,461,463,464,466,468,470,472,474,476,477,479,481,483,485,487,489,491,492,494,495,496,498,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,557,559,561,563,565,567,570,573,576,578,580,582,584,586,588,589,590,592,593,595,596,599,601,603,605,607,610,612,614,616,617,619,620,622,624,626,628,629,630,632,634,636,637,639,641,644,645,647],{"file":379,"line":380,"context":381},"hc3\\dic.php",202,"raw output",{"file":367,"line":383,"context":381},334,{"file":367,"line":385,"context":381},347,{"file":367,"line":387,"context":381},356,{"file":389,"line":300,"context":381},"hc3\\hookswrapper.php",{"file":391,"line":254,"context":381},"hc3\\ui\\element\\input\\checkboxdetails.php",{"file":391,"line":393,"context":381},44,{"file":391,"line":395,"context":381},74,{"file":397,"line":398,"context":381},"hc3\\ui\\element\\input\\multiset.php",46,{"file":397,"line":400,"context":381},47,{"file":397,"line":402,"context":381},80,{"file":239,"line":404,"context":381},380,{"file":239,"line":406,"context":381},390,{"file":239,"line":408,"context":381},395,{"file":239,"line":410,"context":381},467,{"file":239,"line":412,"context":381},484,{"file":239,"line":414,"context":381},490,{"file":239,"line":416,"context":381},504,{"file":239,"line":418,"context":381},577,{"file":239,"line":420,"context":381},690,{"file":422,"line":292,"context":381},"hc3\\_wordpress\\ui\\element\\input\\richtextarea.php",{"file":424,"line":425,"context":381},"sh4\\api\\html\\view.html.php",38,{"file":424,"line":425,"context":381},{"file":424,"line":234,"context":381},{"file":424,"line":429,"context":381},50,{"file":424,"line":431,"context":381},71,{"file":424,"line":402,"context":381},{"file":424,"line":434,"context":381},111,{"file":424,"line":434,"context":381},{"file":424,"line":437,"context":381},126,{"file":424,"line":439,"context":381},130,{"file":424,"line":439,"context":381},{"file":424,"line":442,"context":381},134,{"file":424,"line":442,"context":381},{"file":424,"line":442,"context":381},{"file":424,"line":446,"context":381},148,{"file":424,"line":448,"context":381},157,{"file":424,"line":450,"context":381},165,{"file":424,"line":452,"context":381},179,{"file":424,"line":454,"context":381},188,{"file":424,"line":456,"context":381},196,{"file":424,"line":458,"context":381},207,{"file":424,"line":460,"context":381},216,{"file":424,"line":462,"context":381},231,{"file":424,"line":462,"context":381},{"file":424,"line":465,"context":381},240,{"file":424,"line":467,"context":381},244,{"file":424,"line":469,"context":381},245,{"file":424,"line":471,"context":381},267,{"file":424,"line":473,"context":381},276,{"file":424,"line":475,"context":381},291,{"file":424,"line":475,"context":381},{"file":424,"line":478,"context":381},300,{"file":424,"line":480,"context":381},301,{"file":424,"line":482,"context":381},302,{"file":424,"line":484,"context":381},306,{"file":424,"line":486,"context":381},311,{"file":424,"line":488,"context":381},323,{"file":424,"line":490,"context":381},332,{"file":424,"line":387,"context":381},{"file":424,"line":493,"context":381},360,{"file":424,"line":493,"context":381},{"file":424,"line":493,"context":381},{"file":424,"line":497,"context":381},364,{"file":424,"line":497,"context":381},{"file":424,"line":500,"context":381},368,{"file":424,"line":502,"context":381},377,{"file":424,"line":504,"context":381},378,{"file":424,"line":506,"context":381},404,{"file":424,"line":508,"context":381},413,{"file":424,"line":510,"context":381},421,{"file":424,"line":512,"context":381},459,{"file":424,"line":514,"context":381},468,{"file":424,"line":516,"context":381},476,{"file":424,"line":518,"context":381},511,{"file":424,"line":520,"context":381},520,{"file":424,"line":522,"context":381},528,{"file":424,"line":524,"context":381},542,{"file":424,"line":526,"context":381},551,{"file":424,"line":528,"context":381},559,{"file":424,"line":530,"context":381},573,{"file":424,"line":532,"context":381},587,{"file":424,"line":534,"context":381},596,{"file":424,"line":536,"context":381},604,{"file":424,"line":538,"context":381},608,{"file":424,"line":540,"context":381},622,{"file":424,"line":542,"context":381},636,{"file":424,"line":544,"context":381},645,{"file":424,"line":546,"context":381},653,{"file":424,"line":548,"context":381},657,{"file":424,"line":550,"context":381},671,{"file":424,"line":552,"context":381},680,{"file":424,"line":554,"context":381},688,{"file":424,"line":556,"context":381},702,{"file":424,"line":558,"context":381},711,{"file":424,"line":560,"context":381},719,{"file":424,"line":562,"context":381},730,{"file":424,"line":564,"context":381},739,{"file":424,"line":566,"context":381},762,{"file":568,"line":569,"context":381},"sh4\\feed\\view.php",163,{"file":571,"line":572,"context":381},"sh4\\ical\\view.php",255,{"file":574,"line":575,"context":381},"sh4\\reminders\\html\\admin\\review.php",223,{"file":574,"line":577,"context":381},229,{"file":574,"line":579,"context":381},248,{"file":574,"line":581,"context":381},249,{"file":574,"line":583,"context":381},265,{"file":574,"line":585,"context":381},326,{"file":574,"line":587,"context":381},337,{"file":574,"line":385,"context":381},{"file":574,"line":385,"context":381},{"file":574,"line":591,"context":381},351,{"file":574,"line":591,"context":381},{"file":574,"line":594,"context":381},370,{"file":574,"line":504,"context":381},{"file":597,"line":598,"context":381},"sh4\\reminders\\html\\admin\\templates.php",115,{"file":597,"line":600,"context":381},182,{"file":602,"line":187,"context":381},"sh4\\reminders\\html\\admin.php",{"file":602,"line":604,"context":381},112,{"file":602,"line":606,"context":381},122,{"file":608,"line":609,"context":381},"sh4\\upgrade3\\controller.php",89,{"file":608,"line":611,"context":381},90,{"file":608,"line":613,"context":381},91,{"file":608,"line":615,"context":381},192,{"file":608,"line":89,"context":381},{"file":608,"line":618,"context":381},288,{"file":608,"line":486,"context":381},{"file":608,"line":621,"context":381},429,{"file":608,"line":623,"context":381},437,{"file":608,"line":625,"context":381},438,{"file":627,"line":62,"context":381},"sh4\\_wordpress\\conf\\html\\admin\\view\\publish.html.php",{"file":627,"line":480,"context":381},{"file":627,"line":486,"context":381},{"file":627,"line":631,"context":381},321,{"file":627,"line":633,"context":381},331,{"file":627,"line":635,"context":381},341,{"file":627,"line":591,"context":381},{"file":627,"line":638,"context":381},361,{"file":627,"line":640,"context":381},372,{"file":642,"line":643,"context":381},"sh4\\_wordpress\\users\\html\\anon\\view\\login.php",22,{"file":642,"line":179,"context":381},{"file":340,"line":646,"context":381},146,{"file":340,"line":648,"context":381},260,[],[651,668,677],{"entryPoint":652,"graph":653,"unsanitizedCount":188,"severity":41},"get2 (sh4\\upgrade3\\controller.php:196)",{"nodes":654,"edges":665},[655,660],{"id":656,"type":657,"label":658,"file":608,"line":659},"n0","source","$_GET (x2)",209,{"id":661,"type":662,"label":663,"file":608,"line":89,"wp_function":664},"n1","sink","echo() [XSS]","echo",[666],{"from":656,"to":661,"sanitized":667},false,{"entryPoint":669,"graph":670,"unsanitizedCount":188,"severity":41},"get4 (sh4\\upgrade3\\controller.php:315)",{"nodes":671,"edges":675},[672,674],{"id":656,"type":657,"label":658,"file":608,"line":673},325,{"id":661,"type":662,"label":663,"file":608,"line":621,"wp_function":664},[676],{"from":656,"to":661,"sanitized":667},{"entryPoint":678,"graph":679,"unsanitizedCount":686,"severity":687},"\u003Ccontroller> (sh4\\upgrade3\\controller.php:0)",{"nodes":680,"edges":684},[681,683],{"id":656,"type":657,"label":682,"file":608,"line":659},"$_GET (x4)",{"id":661,"type":662,"label":663,"file":608,"line":89,"wp_function":664},[685],{"from":656,"to":661,"sanitized":667},4,"low",{"summary":689,"deductions":690},"The 'shiftcontroller' plugin v4.9.92 exhibits a mixed security posture. On the positive side, the static analysis shows a minimal attack surface with no AJAX handlers or REST API routes directly exposed without authentication. The plugin also demonstrates a strong commitment to secure SQL practices, with 94% of queries utilizing prepared statements. However, there are significant areas of concern. The presence of the `create_function` dangerous function is a red flag, as it can be a vector for code injection if not handled with extreme care. Furthermore, the output escaping rate is alarmingly low at 26%, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities, especially since XSS has been a common vulnerability type in its history.\n\nThe vulnerability history reveals a substantial number of known CVEs (6), with a notable presence of high and medium severity issues, including XSS, Deserialization, and CSRF. While there are currently no unpatched vulnerabilities, the past patterns of severe issues, coupled with the low output escaping rate and the presence of `create_function`, indicate a recurring tendency towards exploitable weaknesses. The taint analysis, while showing no critical or high severity flows, did identify 3 flows with unsanitized paths, which is concerning given the plugin's history. The complete lack of capability checks on its single entry point (shortcode) is also a significant oversight. Overall, while some good practices are present, the plugin's past vulnerability record and specific static analysis findings warrant caution and suggest potential underlying security weaknesses.",[691,694,696,698,700],{"reason":692,"points":693},"Low output escaping rate (26%)",15,{"reason":695,"points":62},"Presence of dangerous function: create_function",{"reason":697,"points":693},"Past high and medium severity vulnerabilities",{"reason":699,"points":62},"No capability checks on entry points",{"reason":701,"points":62},"Taint flows with unsanitized paths (3\u002F3)","2026-03-16T19:21:02.055Z",{"wat":704,"direct":710},{"assetPaths":705,"generatorPatterns":707,"scriptPaths":708,"versionParams":709},[706],"\u002Fwp-content\u002Fplugins\u002Fshiftcontroller\u002Fsh4\u002Fapp\u002Fassets\u002Fjs\u002Fsh4.js",[],[706],[],{"cssClasses":711,"htmlComments":713,"htmlAttributes":714,"restEndpoints":716,"jsGlobals":717,"shortcodeOutput":724},[712],"sh4-schedule-wrap",[],[715],"data-sh4-type",[],[718,719,720,721,722,723],"HC3_Functions","HC3_UriAction","HC3_Session","HC3_Request","HC3_Enqueuer","ShiftController4",[725],"[shiftcontroller4]"]