[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fw-LAvjMDk2m8XTSVY1m4w2MsImWgx-Y0-fg7RlpS-AE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":7,"tested_up_to":14,"requires_at_least":15,"requires_php":7,"tags":16,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":134,"fingerprints":204},"show-content-by-user-level","Show Content by User Level","0.1","","https:\u002F\u002Fprofiles.wordpress.org\u002Fnicholascaporusso\u002F","\u003Cp>This plug-in hides a specific part of the content of a page (or post) to all users whose user level is below a required user level.\u003C\u002Fp>\n\u003Cp>Therefore, if a content is visible to user level X:\u003Cbr \u002F>\n1. if X > 0 users who are not registered will not be able to access that specific content;\u003Cbr \u002F>\n2. users whose user level is less than X will not be able to access that specific content;\u003Cbr \u002F>\n3. users whose user level is equal or greater than X will be able to access that specific content.\u003C\u002Fp>\n\u003Cp>To hide a specific content, use the following syntax to encapsulate the hidden content:\u003Cbr \u002F>\n[hide {level}] {content} [hide {level}]\u003Cbr \u002F>\nwhere {level} is the NUMBER corresponding to the user level, and {content} is the part of you want to hide.\u003C\u002Fp>\n\u003Cp>Example:\u003Cbr \u002F>\n[hide 0] You will always see this content [hide 0]\u003Cbr \u002F>\n[hide 1] You will not see this if you are not logged as subscriber [hide 1]\u003Cbr \u002F>\n[hide 2] You will not see this if you are not logged as contributor [hide 2]\u003Cbr \u002F>\n[hide 3] You will not see this if you are not logged as author [hide 3]\u003Cbr \u002F>\n[hide 4] You will not see this if you are not logged as editor [hide 4]\u003Cbr \u002F>\n[hide 5] You will not see this if you are not logged as administrator [hide 5]\u003C\u002Fp>\n\u003Cp>Fancy example:\u003C\u002Fp>\n\u003Cp>[hide 1] You will see this if you are logged as subscriber [hide 5], but you will not see this if you are not logged as administrator [hide 5][hide 1]\u003C\u002Fp>\n\u003Cp>For further help, please visit http:\u002F\u002Fwww.nicholascaporusso.com\u002Fshowcontent-by-userlevel\u002F\u003C\u002Fp>\n","This simple plug-in hides content from all users except those that exceed a specific user level.",10,3404,0,"2.7.1","2.5",[17,18,19,20],"content","permission","role","user-level","http:\u002F\u002Fwww.nicholascaporusso.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-content-by-user-level.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":28,"display_name":28,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"nicholascaporusso",1,30,94,"2026-04-05T03:11:44.497Z",[34,48,68,87,109],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":10,"active_installs":11,"downloaded":41,"rating":13,"num_ratings":13,"last_updated":42,"tested_up_to":14,"requires_at_least":15,"requires_php":7,"tags":43,"homepage":44,"download_link":45,"security_score":46,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":47},"show-user-level-content","Show User Level Content","0.2","rexreed","https:\u002F\u002Fprofiles.wordpress.org\u002Frexreed\u002F","\u003Cp>This plug-in is quite simple: it hides content from all users except those at a specified user level.\u003C\u002Fp>\n\u003Cp>Alternatively, you can think of it as only showing content to users at a specified user level.\u003C\u002Fp>\n\u003Cp>Utilization is quite simple, with the use of the tag [hide {level}] and the end-tag [\\hide] as the way to encapsulate the hidden content.\u003C\u002Fp>\n\u003Cp>Future revisions will utilize Role Manager options instead of user levels, so stay tuned.\u003C\u002Fp>\n",5451,"2009-03-19T23:13:00.000Z",[17,18,19,20],"http:\u002F\u002Fwww.fourhourworkweekdiary.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-user-level-content.zip",85,"2026-03-15T15:16:48.613Z",{"slug":49,"name":50,"version":51,"author":52,"author_profile":53,"description":54,"short_description":55,"active_installs":11,"downloaded":56,"rating":13,"num_ratings":13,"last_updated":57,"tested_up_to":58,"requires_at_least":59,"requires_php":7,"tags":60,"homepage":66,"download_link":67,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":47},"manage-user-roles","Manage User Roles","2.1.0","Airton Vancin Junior","https:\u002F\u002Fprofiles.wordpress.org\u002Fairtonvancin\u002F","\u003Cp>This plugin gives administrators fine-grained control over content visibility in the WordPress admin area. Instead of a one-size-fits-all approach, you can set specific viewing permissions for each user role.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Role-Based Permissions:\u003C\u002Fstrong> For each user role (like Editor, Author, Contributor), you can decide what content they are allowed to see.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Rules:\u003C\u002Fstrong> Choose between two simple but powerful rules for each role:\n\u003Cul>\n\u003Cli>\u003Cstrong>See only their own content:\u003C\u002Fstrong> The user will only see the posts, pages, or custom post types they have personally created.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>See all content:\u003C\u002Fstrong> The user will have no content restrictions and can see everything, just like an administrator.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Bar Cleanup:\u003C\u002Fstrong> The “Edit” link on the admin bar is automatically hidden when a user is viewing a post they don’t have permission to see.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Administrator Override:\u003C\u002Fstrong> Administrators are never affected by these rules and can always see all content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This is the perfect tool for multi-author websites, magazines, or any project where you need to ensure users only have access to the content relevant to them.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This file is part of Manage User Roles.\u003C\u002Fp>\n\u003Cp>Manage User Roles is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published\u003Cbr \u002F>\nby the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>Manage User Roles is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>Get a copy of the GNU General Public License in \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","A flexible plugin to control content visibility for non-administrator users with advanced, role-based rules.",1525,"2026-01-08T01:15:00.000Z","6.9.4","3.0",[61,62,63,64,65],"administration","content-visibility","permissions","roles","user","https:\u002F\u002Fgithub.com\u002Fairton\u002Fmanage-user-roles","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanage-user-roles.2.1.0.zip",{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":13,"downloaded":76,"rating":13,"num_ratings":13,"last_updated":77,"tested_up_to":58,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":85,"download_link":86,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":47},"wpsal-simple-access-list","WPSAL (Simple Access List)","1.2.0","VERYA Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fveryaca\u002F","\u003Cp>\u003Cstrong>WPSAL (Simple Access List)\u003C\u002Fstrong> is a lightweight plugin that allows \u003Cem>WordPress\u003C\u002Fem> site owners to control access to posts, pages and custom post types. You can restrict content to specific \u003Cstrong>users\u003C\u002Fstrong> or \u003Cstrong>roles\u003C\u002Fstrong> and redirect unauthorized visitors to any page.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Restrict access to posts, pages or custom post types.\u003C\u002Fli>\n\u003Cli>Assign access to individual \u003Cstrong>users\u003C\u002Fstrong> or \u003Cstrong>roles\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Redirect unauthorized visitors to a page of your choice.\u003C\u002Fli>\n\u003Cli>Developer-friendly with filters and hooks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to the \u003Cstrong>Posts\u003C\u002Fstrong>, \u003Cstrong>Pages\u003C\u002Fstrong>, or any custom post type list in the \u003Cem>WordPress\u003C\u002Fem> admin.\u003C\u002Fli>\n\u003Cli>Hover over a post row to reveal the \u003Cstrong>WPSAL\u003C\u002Fstrong> action menu. Click it.\u003C\u002Fli>\n\u003Cli>In the modal that appears, select the allowed \u003Cstrong>users\u003C\u002Fstrong> and\u002For \u003Cstrong>roles\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Optionally select a \u003Cstrong>redirect page\u003C\u002Fstrong> for unauthorized visitors.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Save\u003C\u002Fstrong> — the access restrictions are applied immediately.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Ideal for:\u003C\u002Fstrong> membership sites, client portals, private blogs, or any scenario requiring flexible content access control.\u003C\u002Fp>\n\u003Ch3>Development Notes\u003C\u002Fh3>\n\u003Cp>This plugin includes minified JavaScript and CSS files.\u003Cbr \u002F>\nThe uncompressed source files are publicly available here:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SweetAlert2 v11.26.18: https:\u002F\u002Fgithub.com\u002Fsweetalert2\u002Fsweetalert2\u002Farchive\u002Frefs\u002Ftags\u002Fv11.26.18.zip\u003C\u002Fli>\n\u003Cli>TomSelect v2.5.1: https:\u002F\u002Fgithub.com\u002Forchidjs\u002Ftom-select\u002Farchive\u002Frefs\u002Ftags\u002Fv2.5.1.zip\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support \u002F Documentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>For documentation, visit: https:\u002F\u002Fwpsal.verya.xyz\u002F.\u003C\u002Fli>\n\u003Cli>For support or to report bugs, please visit the plugin page on the \u003Cem>WordPress\u003C\u002Fem> repository.\u003C\u002Fli>\n\u003C\u002Ful>\n","We have ONE goal in mind: making it easy to control access to pages and posts.",199,"2026-02-13T18:40:00.000Z","6.6","7.4",[81,82,62,83,84],"access-control","content-restriction","role-management","user-permissions","https:\u002F\u002Fwpsal.verya.xyz\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpsal-simple-access-list.1.2.0.zip",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":58,"requires_at_least":100,"requires_php":79,"tags":101,"homepage":105,"download_link":106,"security_score":107,"vuln_count":29,"unpatched_count":13,"last_vuln_date":108,"fetched_at":47},"members","Members – Membership & User Role Editor Plugin","3.2.19","Blair Williams","https:\u002F\u002Fprofiles.wordpress.org\u002Fsupercleanse\u002F","\u003Cp>Members is a roles and capabilities based WordPress membership plugin. It gives your users the ultimate member experience by giving you powerful tools to add roles and capabilities and assign them to your users.\u003C\u002Fp>\n\u003Cp>Members allows you to set permissions to restrict content on your site by providing a simple user interface (UI) for WordPress’ powerful roles and capabilities system, which has traditionally only been available to developers who know how to code this by hand.\u003C\u002Fp>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Role Editor:\u003C\u002Fstrong> Allows you to edit, create, and delete roles as well as capabilities for these roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple User Roles:\u003C\u002Fstrong> Give one, two, or even more roles to any user.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Explicitly Deny Capabilities:\u003C\u002Fstrong> Deny specific capabilities to specific user roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clone Roles:\u003C\u002Fstrong> Build a new role by cloning an existing role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content Permissions \u002F Restricted Content:\u003C\u002Fstrong> Protect content to determine which users (by role) have access to post content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcodes:\u003C\u002Fstrong> Shortcodes to control who has access to content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widgets:\u003C\u002Fstrong> A login form widget and users widget to show in your theme’s sidebars.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Private Site:\u003C\u002Fstrong> You can make your site and its feed completely private if you want.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin Integration:\u003C\u002Fstrong> Members is highly recommended by other WordPress developers. Many existing plugins integrate their custom roles and capabilities directly into it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Seamless MemberPress Integration\u003C\u002Fh4>\n\u003Cp>If you’re looking to build a business out of your membership site by creating paid memberships there’s no better way than to \u003Ca href=\"https:\u002F\u002Fmemberpress.com\u002Fplans\u002Fpricing\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=integration_1\" rel=\"nofollow ugc\">use MemberPress\u003C\u002Fa>. Members and \u003Ca href=\"https:\u002F\u002Fmemberpress.com\u002Fplans\u002Fpricing\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=integration_2\" rel=\"nofollow ugc\">MemberPress\u003C\u002Fa> work together to provide the ultimate member experience and will help you start and profit from your amazing WordPress membership sites!\u003C\u002Fp>\n\u003Ch4>All Add-ons are now included\u003C\u002Fh4>\n\u003Cp>Members now includes ALL of it’s add-ons completely free of charge! Here are some of the awesome features they add to Members:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Permissions:\u003C\u002Fstrong> Allows site owners to hide or show blocks based on user logged-in status, user role, or capability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Caps:\u003C\u002Fstrong> Creates additional capabilities for control over WordPressâ€™ privacy and personal data features (GDPR).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Access:\u003C\u002Fstrong> Allows site administrators to control which users have access to the WordPress admin via role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Core Create Caps:\u003C\u002Fstrong> Adds the create_posts and create_pages caps to posts\u002Fpages to separate them from their edit_* counterparts, providing more flexible editing capabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories and Tag Caps:\u003C\u002Fstrong> The Category and Tag Caps add-on creates custom capabilities for the core category and post tag taxonomies. This allows site owners to have precise control over who can manage, edit, delete, or assign categories\u002Ftags.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role Levels:\u003C\u002Fstrong> Exposes the old user levels system, which fixes the WordPress author drop-down bug when users don’t have a role with one of the assigned levels.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role Hierarchy:\u003C\u002Fstrong> Creates a hierarchical roles system.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACF Integration:\u003C\u002Fstrong> Creates custom capabilities for the Advanced Custom Fields (ACF) plugin for managing with the Members plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>EDD Integration:\u003C\u002Fstrong> Integrates the Easy Digital Downloads plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GiveWP Integration:\u003C\u002Fstrong> Integrates the GiveWP and GiveWP Recurring Donations plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Meta Box Integration:\u003C\u002Fstrong> Integrates the Meta Box plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Integration:\u003C\u002Fstrong> Integrates the WooCommerce plugin capabilities into the Members plugin’s role manager.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more info, visit the \u003Ca href=\"https:\u002F\u002Fmembers-plugin.com\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=learn_more\" rel=\"nofollow ugc\">Members plugin home page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Like this plugin?\u003C\u002Fh3>\n\u003Cp>The Members plugin is a massive project with 1,000s of lines of code to maintain. A major update can take weeks or months of work. We don’t make any money directly from this plugin while other, similar plugins charge substantial fees to even download them or get updates. Please consider helping the cause by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmemberpress.com\u002F?utm_source=members_plugin&utm_medium=link&utm_campaign=readme&utm_content=memberpress_upgrade\" rel=\"nofollow ugc\">Adding MemberPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmembers\u002Freviews\u002F?filter=5#new-post\" rel=\"ugc\">Rating the plugin\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you need plugin support from us, you can \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmembers\u002F\" rel=\"ugc\">visit our support page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Plugin Development\u003C\u002Fh3>\n\u003Cp>If you’re a theme author, plugin author, or just a code hobbyist, you can follow the development of this plugin on it’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcaseproof\u002Fmembers\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","The best WordPress membership and user role editor plugin. User Roles & Capabilities editor helps you restrict content in just a few clicks.",300000,6754890,98,1242,"2026-02-13T16:00:00.000Z","6.0",[102,103,104,63,64],"access","capabilities","memberships","https:\u002F\u002Fmembers-plugin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmembers.3.2.19.zip",99,"2024-12-10 00:00:00",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":119,"num_ratings":120,"last_updated":121,"tested_up_to":58,"requires_at_least":122,"requires_php":123,"tags":124,"homepage":7,"download_link":130,"security_score":131,"vuln_count":132,"unpatched_count":13,"last_vuln_date":133,"fetched_at":47},"advanced-access-manager","Advanced Access Manager – Access Governance for WordPress","7.1.0","AAM Plugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fvasyltech\u002F","\u003Cp>\u003Cstrong>Advanced Access Manager (AAM)\u003C\u002Fstrong> introduces \u003Cstrong>Access Governance for WordPress\u003C\u002Fstrong> – a systematic approach to securing your site by controlling who can access what, when, and why.\u003C\u002Fp>\n\u003Cp>Most WordPress security plugins focus on external threats like malware, firewalls, and brute-force attacks. AAM addresses the \u003Cstrong>root cause of the #1 WordPress security risk: broken access controls, excessive privileges, and misconfigured roles\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Instead of reacting to attacks, AAM helps you \u003Cstrong>design security into your WordPress site\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>What Access Governance means in practice\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Mitigate Broken Access Controls\u003C\u002Fstrong>. Ensure roles, users, and permissions are correctly configured to prevent unauthorized actions and privilege escalation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Eliminate Excessive Privileges\u003C\u002Fstrong>. Identify overpowered users and reduce access to critical functionality, admin areas, and APIs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Content by Design\u003C\u002Fstrong>. Control who can view, edit, publish, or delete posts, pages, media, taxonomies, and custom content types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Govern Access with Policy\u003C\u002Fstrong>. Define access rules using JSON Access Policies — portable, auditable, and automation-friendly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Build Custom Security Logic\u003C\u002Fstrong>. Use the AAM PHP Framework to create advanced, programmatic access controls tailored to your application.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security Audit\u003C\u002Fstrong>. Detect risky role assignments, misconfigurations, and compromised accounts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular Access Control\u003C\u002Fstrong>. Manage permissions for any user, role, or visitor with precision.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role & Capability Management\u003C\u002Fstrong>. Customize WordPress roles and capabilities beyond defaults.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin & Menu Control\u003C\u002Fstrong>. Restrict dashboard areas and tailor the admin experience per user or role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API & Endpoint Protection\u003C\u002Fstrong>. Secure REST and XML-RPC access with fine-grained controls.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern Authentication Options\u003C\u002Fstrong>. Support passwordless and secure login flows.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer-Ready Framework\u003C\u002Fstrong>. Extend WordPress security using AAM’s powerful SDK.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ad-Free & Transparent\u003C\u002Fstrong>. – No ads, no tracking, no bloat.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Built for Security-Conscious WordPress Users\u003C\u002Fh4>\n\u003Cp>AAM is trusted by \u003Cstrong>150,000+ websites\u003C\u002Fstrong> to deliver enterprise-grade access control without unnecessary complexity. Whether you’re a site owner, agency, developer, or security professional, AAM gives you \u003Cstrong>full control over WordPress access — by design\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Most core features are free. Advanced capabilities are available via premium add-ons.\u003C\u002Fp>\n\u003Cp>No hidden tracking. No data collection. No unwanted changes.\u003Cbr \u002F>\nJust \u003Cstrong>security you can reason about, audit, and trust\u003C\u002Fstrong>.\u003C\u002Fp>\n","Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.",100000,7384389,84,420,"2026-03-08T15:53:00.000Z","5.8.0","5.6.0",[125,126,127,128,129],"access-governance","api-security","restricted-content","security","user-roles","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-access-manager.7.1.0.zip",95,11,"2024-03-20 00:00:00",{"attackSurface":135,"codeSignals":156,"taintFlows":169,"riskAssessment":197,"analyzedAt":203},{"hooks":136,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":13,"unprotectedCount":13},[137,143,147],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","init","showcontentuserlevel_setup","showcontent_by_userlevel.php",23,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_menu","showcontentuserlevel_admin_hook",33,{"type":148,"name":149,"callback":150,"file":141,"line":151},"filter","the_content","Wp_ShowContent_by_UserLevel",47,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":13,"externalRequests":13,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":168},[],{"prepared":13,"raw":13,"locations":159},[],{"escaped":161,"rawEcho":161,"locations":162},2,[163,166],{"file":141,"line":164,"context":165},123,"raw output",{"file":141,"line":167,"context":165},133,[],[170,189],{"entryPoint":171,"graph":172,"unsanitizedCount":13,"severity":188},"showcontentuserlevel_conf (showcontent_by_userlevel.php:98)",{"nodes":173,"edges":185},[174,179],{"id":175,"type":176,"label":177,"file":141,"line":178},"n0","source","$_POST",114,{"id":180,"type":181,"label":182,"file":141,"line":183,"wp_function":184},"n1","sink","update_option() [Settings Manipulation]",121,"update_option",[186],{"from":175,"to":180,"sanitized":187},true,"low",{"entryPoint":190,"graph":191,"unsanitizedCount":13,"severity":188},"\u003Cshowcontent_by_userlevel> (showcontent_by_userlevel.php:0)",{"nodes":192,"edges":195},[193,194],{"id":175,"type":176,"label":177,"file":141,"line":178},{"id":180,"type":181,"label":182,"file":141,"line":183,"wp_function":184},[196],{"from":175,"to":180,"sanitized":187},{"summary":198,"deductions":199},"The 'show-content-by-user-level' plugin version 0.1 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly minimizes the plugin's attack surface.  Furthermore, the code signals indicate robust security practices, with all SQL queries utilizing prepared statements, a crucial defense against SQL injection. The presence of nonce and capability checks on the limited entry points is also a positive indicator.\n\nHowever, a key concern arises from the output escaping. With 50% of the identified outputs not properly escaped, there is a potential risk of Cross-Site Scripting (XSS) vulnerabilities. While the taint analysis shows no unsanitized paths and no high-severity issues, the unescaped output remains a tangible risk that could be exploited if user-supplied data indirectly reaches these output points.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the limited and seemingly well-protected attack surface, suggests a low overall risk profile. The primary area of improvement is ensuring all outputs are correctly escaped to mitigate potential XSS risks.",[200],{"reason":201,"points":202},"Unescaped output detected",6,"2026-03-16T23:31:10.302Z",{"wat":205,"direct":210},{"assetPaths":206,"generatorPatterns":207,"scriptPaths":208,"versionParams":209},[],[],[],[],{"cssClasses":211,"htmlComments":212,"htmlAttributes":213,"restEndpoints":214,"jsGlobals":215,"shortcodeOutput":216},[],[],[],[],[],[217,218],"[hide ","[\u002Fhide]"]