[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNmaZK8VS8KuJlSHhnP2M8Md1j52T8b0uOEjmof0sx1g":3,"$fmCdpFnUyolzwhH8jxPdVxei6LFSpbhh0nt9__-GEsXQ":256,"$fR52TJTn-Wj8eQKJlAkiWLgbBcqQtNhPkcF4G2-wkAr4":261},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":40,"analysis":123,"fingerprints":230},"simple-groups","Simple Groups","1.1","ChrisHurst","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrishurst\u002F","\u003Cp>Simple Groups Plugin for WordPress is a very simple plugin that adds Basic Group functionality to the Users system.\u003Cbr \u002F>\nThe groups can be used via a shortcode to display members only content to users in that specific group.\u003C\u002Fp>\n\u003Cp>Developer Website: http:\u002F\u002FMyWebsiteAdvisor.com\u003C\u002Fp>\n\u003Cp>Plugin Page: http:\u002F\u002FMyWebsiteAdvisor.com\u002Ftools\u002Fwordpress-plugins\u002Fsimple-groups\u002F\u003C\u002Fp>\n\u003Cp>We are looking for testimonials and live examples of our plugins on your website!\u003Cbr \u002F>\nPlease submit your website or testimonial here: http:\u002F\u002FMyWebsiteAdvisor.com\u002Ftestimonials\u003Cbr \u002F>\nIf we choose your testimonial or website we can link to your site and generate some free traffic for you!\u003C\u002Fp>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP5\u003C\u002Fli>\n\u003C\u002Ful>\n","Simple Groups Plugin for WordPress is a very simple plugin that adds Basic Group functionality to the Users system. The groups can be used via a shor &hellip;",10,3057,60,2,"2012-12-26T20:22:00.000Z","3.5.2","3.0.1","",[20,21,22,23],"admin","groups","security","users","http:\u002F\u002FMyWebsiteAdvisor.com\u002Ftools\u002Fwordpress-plugins\u002Fsimple-groups\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-groups.1.2.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"chrishurst",21,1770,84,2044,68,"2026-05-20T01:44:04.370Z",[41,60,77,93,107],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":27,"downloaded":49,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":59},"codecave-admin-security-auditor","CodeCave Admin Security Auditor","1.2.4","CodeCave","https:\u002F\u002Fprofiles.wordpress.org\u002Fidmistir\u002F","\u003Cp>CodeCave Admin Security Auditor is a lightweight plugin that helps you monitor user activity by tracking and displaying the last login time for each user in your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically tracks the last login time for all users\u003C\u002Fli>\n\u003Cli>Displays last login information in the WordPress admin users table\u003C\u002Fli>\n\u003Cli>Sortable last login column for easy user management\u003C\u002Fli>\n\u003Cli>Shows “Never” for users who haven’t logged in since plugin installation\u003C\u002Fli>\n\u003Cli>Timezone-aware display (uses your WordPress timezone settings)\u003C\u002Fli>\n\u003Cli>Clean uninstall – removes all data when plugin is deleted\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003Cli>No configuration needed – works out of the box\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Use Cases:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Monitor user engagement and activity\u003C\u002Fli>\n\u003Cli>Identify inactive user accounts\u003C\u002Fli>\n\u003Cli>Security auditing and compliance\u003C\u002Fli>\n\u003Cli>User account cleanup and maintenance\u003C\u002Fli>\n\u003Cli>Track user adoption of your WordPress site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Privacy and Data:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin stores the last login timestamp as user metadata in your WordPress database. No data is sent to external servers. When you uninstall the plugin, all stored data is automatically removed.\u003C\u002Fp>\n\u003Ch3>Developer Notes\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Accessing Last Login Data Programmatically:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can retrieve the last login timestamp for a user:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$auditor = CodeCave_Admin_Security_Auditor::get_instance();\n$last_login = $auditor->get_last_login( $user_id );\n\nif ( $last_login ) {\n    echo 'Last login: ' . date( 'Y-m-d H:i:s', $last_login );\n} else {\n    echo 'Never logged in';\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Hooks and Filters:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin uses standard WordPress hooks and does not currently provide custom hooks. This may be added in future versions based on user feedback.\u003C\u002Fp>\n","Track and display the last login time for each user in the WordPress admin users table.",199,"6.8.5","5.8","7.4",[20,54,55,22,23],"last-login","login","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcodecave-admin-security-auditor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodecave-admin-security-auditor.1.2.4.zip",100,"2026-03-15T10:48:56.248Z",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":27,"downloaded":68,"rating":27,"num_ratings":27,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":18,"download_link":76,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"fake-admin","Fake Admin","1.0.15","pigeonposse","https:\u002F\u002Fprofiles.wordpress.org\u002Fpigeonposse\u002F","\u003Cp>🕵️‍♀️🔌 WordPress plugin that prevents your admin user from being exposed to the public.\u003C\u002Fp>\n\u003Ch3>Protect Your WordPress Admin User with FakeAdmin\u003C\u002Fh3>\n\u003Cp>Have you ever published a post or page on \u003Cem>WordPress\u003C\u002Fem> from your admin account without realizing that you are exposing your admin user to the public? 🙈 It is a common mistake as well as frustrating, especially if your blog is personal and you are the \u003Cstrong>administrator\u003C\u002Fstrong> and blog writer.\u003C\u002Fp>\n\u003Cp>Do not care anymore! 🤗 With \u003Cstrong>FakeAdmin\u003C\u002Fstrong> you can prevent your admin user from being publicly exposed.\u003C\u002Fp>\n\u003Ch3>How does it work?\u003C\u002Fh3>\n\u003Cp>The plugin allows you to create a \u003Cem>“ghost”\u003C\u002Fem> user that looks like your admin user, but without the ability to create or edit anything. Once the \u003Cstrong>FakeAdmin\u003C\u002Fstrong> user is created, as an administrator, you can work on your \u003Cem>WordPress\u003C\u002Fem> site without worrying about exposing your admin user to the public. Everything you create or edit will be attributed to the user \u003Cstrong>FakeAdmin\u003C\u002Fstrong> and the security of your site will not be compromised.\u003C\u002Fp>\n\u003Cp>It’s a simple and effective solution! Now you can work on your site with peace of mind knowing that you are protecting you.\u003C\u002Fp>\n\u003Ch4>More info\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpigeonposse\u002Ffake-admin\" rel=\"nofollow ugc\">Github project page\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development \u002F Contributing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpigeonposse\u002Ffake-admin#-development\" rel=\"nofollow ugc\">Contribute\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Prevent your administrator user from being exposed to the public with just a few clicks.",2268,"2026-02-24T16:52:00.000Z","6.9.4","5.3","5.6",[20,74,22,23,75],"roles","wp-admin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffake-admin.1.0.15.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":27,"downloaded":85,"rating":27,"num_ratings":27,"last_updated":86,"tested_up_to":70,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":91,"download_link":92,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"last-login-info-display","Last Login Info Display","1.1.1","Ahmod Musa","https:\u002F\u002Fprofiles.wordpress.org\u002Fmusabin\u002F","\u003Cp>Last Login Info Display is a lightweight WordPress plugin that helps administrators track user activity by displaying the last login time and total login count for each user in the WordPress admin users list.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Last Login Tracking\u003C\u002Fstrong>: Adds a sortable “Last Login” column showing when each user last logged in\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Count\u003C\u002Fstrong>: Tracks and displays the total number of logins for each user\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sortable Columns\u003C\u002Fstrong>: Sort users by last login time or login count\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite Compatible\u003C\u002Fstrong>: Works perfectly with WordPress Multisite installations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong>: Includes .pot file for translations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight\u003C\u002Fstrong>: Optimized for performance with minimal database overhead\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Configuration Needed\u003C\u002Fstrong>: Works out of the box after activation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Uninstall\u003C\u002Fstrong>: Removes all plugin data when uninstalled\u003C\u002Fli>\n\u003C\u002Ful>\n","Track user activity with a detailed \"Last Login\" and \"Login Count\" column in the WordPress Users dashboard.",378,"2026-01-02T13:44:00.000Z","4.9","7.0",[20,55,22,90,23],"user-management","https:\u002F\u002Fahmodmusa.com\u002Flast-login-info-display\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-login-info-display.1.1.1.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":27,"downloaded":101,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":50,"requires_at_least":102,"requires_php":52,"tags":103,"homepage":105,"download_link":106,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":59},"login-defender","Login Defender","1.0.1","Amzil Ayoub","https:\u002F\u002Fprofiles.wordpress.org\u002Famzil000ayoub\u002F","\u003Cp>Login Defender enhances your WordPress site’s security by allowing you to change the default login URL and block direct access to wp-login.php. It also logs unauthorized login attempts with IP address, browser, and timestamp for tracking purposes. Includes stats and the ability to reset logs from the admin dashboard.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Change default login URL to a custom slug\u003C\u002Fli>\n\u003Cli>Block access to wp-login.php and wp-admin (if not logged in)\u003C\u002Fli>\n\u003Cli>Track failed login access attempts (IP, time, browser)\u003C\u002Fli>\n\u003Cli>View login attempt statistics: last 24h, 7d, 1m, 3m, 6m, 1y\u003C\u002Fli>\n\u003Cli>Clear\u002Freset login attempt logs with one click\u003C\u002Fli>\n\u003Cli>Improved security against brute-force login attacks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to use ?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Configure Settings\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Go to Settings > Login Defender\u003Cbr \u002F>\n2. Enable the switch: “Enable Custom Login URL”\u003Cbr \u002F>\n3. Enter a slug like my-login (allowed: letters, numbers, _, -)\u003Cbr \u002F>\n4. Save settings\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Access Your New Login Page\u003C\u002Fstrong>\u003Cbr \u002F>\n– Example: \u003Ccode>https:\u002F\u002Fyourdomain.com\u002Fmylogin\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Monitor Attempts\u003C\u002Fstrong>\u003Cbr \u002F>\n– See login attempt stats at the top of the settings page\u003Cbr \u002F>\n– Click “Clear Logs” to reset tracking data\u003C\u002Fp>\n","Login Defender enhances your WordPress site's security by allowing you to change the default login URL.",1037,"6.0",[104,20,55,22,23],"activity","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-defender","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-defender.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":27,"downloaded":115,"rating":27,"num_ratings":27,"last_updated":116,"tested_up_to":50,"requires_at_least":117,"requires_php":52,"tags":118,"homepage":18,"download_link":122,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"storm-clean-admin","Storm Clean Admin","1.0.0","Wpstorm Genius","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpstormdev\u002F","\u003Cp>\u003Cstrong>Storm Clean Admin\u003C\u002Fstrong> is a lightweight and performance-focused WordPress plugin that helps site administrators manage inactive users, track activity, and maintain a clean, secure dashboard.\u003C\u002Fp>\n\u003Cp>Built with a modern React-powered interface and adhering to WordPress coding standards, it provides a seamless experience for both administrators and site managers.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🚀 \u003Cstrong>Fast & Lightweight\u003C\u002Fstrong> – Uses native WordPress APIs for optimal performance.\u003C\u002Fli>\n\u003Cli>🧍‍♂️ \u003Cstrong>Smart User Management\u003C\u002Fstrong> – Detect, deactivate, or delete inactive users automatically.\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> – Monitor user login activity, registrations, and engagement.\u003C\u002Fli>\n\u003Cli>⚙️ \u003Cstrong>Custom Automation\u003C\u002Fstrong> – Schedule cleanups and inactivity checks.\u003C\u002Fli>\n\u003Cli>🔒 \u003Cstrong>Security Focused\u003C\u002Fstrong> – Protects admin and critical roles from accidental removal.\u003C\u002Fli>\n\u003Cli>🎨 \u003Cstrong>Modern UI\u003C\u002Fstrong> – Clean, responsive React interface integrated with WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Use Storm Clean Admin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Keep your user database clean and efficient\u003C\u002Fli>\n\u003Cli>Identify dormant or risky accounts\u003C\u002Fli>\n\u003Cli>Automate routine maintenance tasks\u003C\u002Fli>\n\u003Cli>Improve visibility on user activity\u003C\u002Fli>\n\u003Cli>Maintain GDPR compliance by removing unused accounts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Built For Admins and Developers\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fully compatible with WordPress coding and security standards\u003C\u002Fli>\n\u003Cli>Translation-ready and fully localizable\u003C\u002Fli>\n\u003Cli>Uses WordPress REST API for scalability and speed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Works with WordPress 5.0+\u003C\u002Fli>\n\u003Cli>Tested up to 6.8.3\u003C\u002Fli>\n\u003Cli>Supports classic and block themes\u003C\u002Fli>\n\u003Cli>Translation-ready with included \u003Ccode>.pot\u003C\u002Fcode> file\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Inactive Users Management\u003C\u002Fstrong> – Automatically detect and manage inactive accounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Activity Tracking\u003C\u002Fstrong> – Track login times and last activity\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automated Cleanup\u003C\u002Fstrong> – Schedule automatic cleanup of inactive users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> – View site and user activity trends\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Exclusions\u003C\u002Fstrong> – Exclude specific user roles from inactivity checks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Actions\u003C\u002Fstrong> – Deactivate or delete inactive users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity Charts\u003C\u002Fstrong> – Visualize login and registration patterns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Actions\u003C\u002Fstrong> – Apply actions to multiple users simultaneously\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security-Focused\u003C\u002Fstrong> – Built with WordPress best practices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern UI\u003C\u002Fstrong> – Responsive React dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Navigate to \u003Cstrong>Storm Clean Admin\u003C\u002Fstrong> in the WordPress admin menu.\u003C\u002Fli>\n\u003Cli>Configure inactivity thresholds and exclusion rules.\u003C\u002Fli>\n\u003Cli>Enable automatic cleanup or manage users manually.\u003C\u002Fli>\n\u003Cli>Monitor user activity and manage accounts from the dashboard.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>All user login times are tracked locally in your database. No external data transmission occurs. Data remains on your WordPress installation.\u003C\u002Fp>\n\u003Ch3>Roadmap\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Multisite compatibility\u003C\u002Fli>\n\u003Cli>Email notifications for inactive users\u003C\u002Fli>\n\u003Cli>Export\u002Fimport cleanup logs\u003C\u002Fli>\n\u003Cli>WooCommerce integration for user activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Documentation, FAQs, and support: \u003Ca href=\"https:\u002F\u002Fwpstorm.ir\u002Fclean-admin\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpstorm.ir\u002Fclean-admin\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Feedback & Contribution\u003C\u002Fh3>\n\u003Cp>Report issues or share ideas: \u003Ca href=\"https:\u002F\u002Fwpstorm.ir\u002Fsupport\" rel=\"nofollow ugc\">https:\u002F\u002Fwpstorm.ir\u002Fsupport\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Cstrong>Wpstorm Team\u003C\u002Fstrong>\u003Cbr \u002F>\nWebsite: \u003Ca href=\"https:\u002F\u002Fwpstorm.ir\" rel=\"nofollow ugc\">https:\u002F\u002Fwpstorm.ir\u003C\u002Fa>\u003C\u002Fp>\n","A modern WordPress plugin to manage inactive users, monitor site activity, and keep your site optimized and secure.",158,"2025-11-29T20:28:00.000Z","5.0",[119,120,121,22,90],"admin-tools","inactive-users","optimization","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstorm-clean-admin.1.0.0.zip",{"attackSurface":124,"codeSignals":203,"taintFlows":220,"riskAssessment":221,"analyzedAt":229},{"hooks":125,"ajaxHandlers":184,"restRoutes":185,"shortcodes":186,"cronEvents":201,"entryPointCount":202,"unprotectedCount":27},[126,132,136,140,144,149,153,158,162,166,170,175,178,181],{"type":127,"name":128,"callback":129,"file":130,"line":131},"action","init","register_groups_taxonomy","simple-groups.php",16,{"type":127,"name":133,"callback":134,"file":130,"line":135},"delete_user","delete_user_groups_relationships",19,{"type":127,"name":137,"callback":138,"file":130,"line":139},"admin_menu","add_groups_admin_page",26,{"type":127,"name":141,"callback":142,"priority":11,"file":130,"line":143},"manage_groups_custom_column","manage_user_groups_column",29,{"type":145,"name":146,"callback":147,"file":130,"line":148},"filter","manage_edit-groups_columns","manage_groups_taxonomy_user_column",32,{"type":145,"name":150,"callback":151,"file":130,"line":152},"parent_file","fix_groups_taxonomy_page_menu",35,{"type":145,"name":154,"callback":155,"priority":156,"file":130,"line":157},"manage_users_columns","add_manage_users_columns",15,42,{"type":127,"name":159,"callback":160,"priority":156,"file":130,"line":161},"manage_users_custom_column","user_column_data",43,{"type":145,"name":163,"callback":164,"priority":11,"file":130,"line":165},"user_row_actions","add_users_action_row_groups_link",46,{"type":127,"name":167,"callback":168,"file":130,"line":169},"pre_user_query","user_query",49,{"type":127,"name":171,"callback":172,"priority":173,"file":130,"line":174},"show_user_profile","edit_user_groups_section",25,56,{"type":127,"name":176,"callback":172,"priority":173,"file":130,"line":177},"edit_user_profile",57,{"type":127,"name":179,"callback":180,"file":130,"line":13},"personal_options_update","save_user_groups",{"type":127,"name":182,"callback":180,"file":130,"line":183},"edit_user_profile_update",61,[],[],[187,191,195,198],{"tag":188,"callback":189,"file":130,"line":190},"members_only","members_only_shortcode",65,{"tag":192,"callback":193,"file":130,"line":194},"group_access","group_access_shortcode",66,{"tag":196,"callback":193,"file":130,"line":197},"groups_access",67,{"tag":199,"callback":200,"file":130,"line":38},"public_access","public_access_shortcode",[],4,{"dangerousFunctions":204,"sqlUsage":205,"outputEscaping":207,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":218,"bundledLibraries":219},[],{"prepared":14,"raw":27,"locations":206},[],{"escaped":208,"rawEcho":202,"locations":209},12,[210,213,215,216],{"file":130,"line":211,"context":212},195,"raw output",{"file":130,"line":214,"context":212},207,{"file":130,"line":214,"context":212},{"file":130,"line":217,"context":212},304,5,[],[],{"summary":222,"deductions":223},"The simple-groups plugin v1.1 demonstrates a generally good security posture based on the provided static analysis and vulnerability history. The absence of dangerous functions, file operations, external HTTP requests, and SQL queries not using prepared statements are all positive indicators. The presence of capability checks, while not absolute, is also a good practice.  However, the lack of nonce checks on any of its entry points is a significant concern. This, coupled with 25% of output potentially not being properly escaped, creates potential avenues for Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities, especially given the four shortcodes which represent potential user interaction points. The plugin's history of zero known CVEs is a strong point, suggesting it has been well-maintained or less targeted.  Overall, while the plugin avoids common pitfalls like raw SQL and outdated libraries, the absence of fundamental security checks on its entry points and potential output unescaped leave room for improvement and introduce moderate risk.",[224,226],{"reason":225,"points":156},"0 Nonce checks found",{"reason":227,"points":228},"25% of output not properly escaped",6,"2026-04-16T12:57:35.415Z",{"wat":231,"direct":240},{"assetPaths":232,"generatorPatterns":235,"scriptPaths":236,"versionParams":237},[233,234],"\u002Fwp-content\u002Fplugins\u002Fsimple-groups\u002Fsimple-groups.css","\u002Fwp-content\u002Fplugins\u002Fsimple-groups\u002Fsimple-groups.js",[],[234],[238,239],"simple-groups\u002Fsimple-groups.css?ver=","simple-groups\u002Fsimple-groups.js?ver=",{"cssClasses":241,"htmlComments":243,"htmlAttributes":245,"restEndpoints":248,"jsGlobals":249,"shortcodeOutput":251},[242],"simple-groups-admin-notice",[244],"\u003C!-- Simple Groups Plugin -->",[246,247],"data-simple-groups-nonce","data-simple-groups-user-id",[],[250],"simple_groups_settings",[252,253,254,255],"[members_only]","[group_access]","[groups_access]","[public_access]",{"error":257,"url":258,"statusCode":259,"statusMessage":260,"message":260},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsimple-groups\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":202,"versions":262},[263,270,276,282],{"version":264,"download_url":25,"svn_tag_url":265,"released_at":28,"has_diff":266,"diff_files_changed":267,"diff_lines":28,"trac_diff_url":268,"vulnerabilities":269,"is_current":266},"1.2","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsimple-groups\u002Ftags\u002F1.2\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsimple-groups%2Ftags%2F1.1&new_path=%2Fsimple-groups%2Ftags%2F1.2",[],{"version":6,"download_url":271,"svn_tag_url":272,"released_at":28,"has_diff":266,"diff_files_changed":273,"diff_lines":28,"trac_diff_url":274,"vulnerabilities":275,"is_current":257},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-groups.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsimple-groups\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsimple-groups%2Ftags%2F1.0.1&new_path=%2Fsimple-groups%2Ftags%2F1.1",[],{"version":96,"download_url":277,"svn_tag_url":278,"released_at":28,"has_diff":266,"diff_files_changed":279,"diff_lines":28,"trac_diff_url":280,"vulnerabilities":281,"is_current":266},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-groups.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsimple-groups\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsimple-groups%2Ftags%2F1.0&new_path=%2Fsimple-groups%2Ftags%2F1.0.1",[],{"version":283,"download_url":284,"svn_tag_url":285,"released_at":28,"has_diff":266,"diff_files_changed":286,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":287,"is_current":266},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-groups.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsimple-groups\u002Ftags\u002F1.0\u002F",[],[]]