[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5I6n1BwtBghv7hnmZ-RtWRWq3NKZsoze7bMLRc2sJlU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":144,"fingerprints":216},"site-health-tool-manager","Site Health Tool Manager","1.1","Will Earnhardt","https:\u002F\u002Fprofiles.wordpress.org\u002Fearnjam\u002F","\u003Cp>Depending on your server setup, there may be tests in the WordPress Site Health tool that are not relevant and will never pass. For example, you may have background updates disabled if your entire site is kept under version control.\u003C\u002Fp>\n\u003Cp>This plugin adds a simple settings page to exclude those tests from the Site Health Status page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This should \u003Cem>only\u003C\u002Fem> be used to disable tests with a legitimate and acceptable reason for failing. \u003Cem>It should not be used to hide tests which can be fixed.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Icon from the \u003Ca href=\"https:\u002F\u002Fwww.iconfinder.com\u002Ficons\u002F4174309\u002Fgeometric_heart_heartbeat_hearts_love_valentine_icon\" rel=\"nofollow ugc\">Geometric Hearts Valentine’s Day icon set\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fwww.iconfinder.com\u002FAbstracto-create\" rel=\"nofollow ugc\">Katerine Melina (Abstracto Create)\u003C\u002Fa> and licensed under \u003Ca href=\"https:\u002F\u002Fcreativecommons.org\u002Flicenses\u002Fby\u002F3.0\u002F\" rel=\"nofollow ugc\">CC by 3.0\u003C\u002Fa>.\u003C\u002Fp>\n","Easily control which tests appear in the the Site Health Tool",2000,19384,100,13,"2020-09-22T10:06:00.000Z","5.5.18","5.2","5.6",[20,21],"administration","site-health","https:\u002F\u002Fgithub.com\u002Fearnjam\u002Fsite-health-tool-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-health-tool-manager.1.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"earnjam",1,30,84,"2026-04-04T09:15:56.447Z",[36,53,78,99,121],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":25,"downloaded":44,"rating":25,"num_ratings":25,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":51,"download_link":52,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"scout-checkr","Scout Checkr","0.1.75","SpiralScout","https:\u002F\u002Fprofiles.wordpress.org\u002Fspiralscout\u002F","\u003Cp>Scout Checkr helps WordPress website owners easily monitor the health of multiple WordPress sites in one place.\u003C\u002Fp>\n\u003Cp>Sick of having to go back and forth checking multiple WordPress sites for issues? This new Grafana WordPress plugin will save up to 80% of the time you spent in the past monitoring multiple sites by organizing the health monitoring within one admin dashboard. Check for security alerts, server status, and performance reports without setting up a new tab on Grafana – Scout Checkr has done the work for you.\u003C\u002Fp>\n\u003Cp>Scout Checkr is for web development agencies, freelancers, WordPress web admins and business owners who manage more than one WordPress site and want a secure and organized way to monitor their health and issues from a single dashboard view.\u003C\u002Fp>\n\u003Cp>It’s one-of-a-kind, makes adding new WP sites very easy and available to download for free. Please leave a review once you have tried it.\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n-Easy to understand visual representation of data and what needs your attention\u003Cbr \u002F>\n-Site Health report card\u003Cbr \u002F>\n-Prepared API endpoint\u003C\u002Fp>\n","Manage and observe multiple Wordpress sites you manage in one comfortable view. Best way to be updated about your Site Health status you can monitor  &hellip;",719,"2022-07-04T09:16:00.000Z","6.0.11","4.9","5.5",[20,50,21],"grafana","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscout-checkr.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":51,"download_link":74,"security_score":75,"vuln_count":76,"unpatched_count":25,"last_vuln_date":77,"fetched_at":27},"wp-maintenance-mode","LightStart – Maintenance Mode, Coming Soon and Landing Page Builder","2.6.20","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Add a maintenance page to your blog that lets visitors know your blog is down for maintenance, add a coming soon page for a new website or create a landing page for an existing site. User with admin rights gets full access to the blog including the front end.\u003C\u002Fp>\n\u003Cp>Activate the plugin and your blog is in maintenance-mode, works and only registered users with enough rights can see the front end. You can use a date with a countdown timer for visitor information or set a value and unit for information.\u003C\u002Fp>\n\u003Cp>Also works with WordPress Multisite installs (each blog from the network has its own maintenance settings).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fully customizable (change colors, texts and backgrounds).\u003C\u002Fli>\n\u003Cli>Subscription form (export emails to .csv file).\u003C\u002Fli>\n\u003Cli>Countdown timer (remaining time).\u003C\u002Fli>\n\u003Cli>Contact form (receive emails from visitors).\u003C\u002Fli>\n\u003Cli>Coming soon page;\u003C\u002Fli>\n\u003Cli>Landing page templates;\u003C\u002Fli>\n\u003Cli>WordPress multisite;\u003C\u002Fli>\n\u003Cli>Responsive design;\u003C\u002Fli>\n\u003Cli>Social media icons;\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme;\u003C\u002Fli>\n\u003Cli>SEO options;\u003C\u002Fli>\n\u003Cli>Exclude URLs from maintenance;\u003C\u002Fli>\n\u003Cli>Bot functionality to collect the emails in a friendly and efficient way;\u003C\u002Fli>\n\u003Cli>GDPR Ready;\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bugs, technical hints or contribute\u003C\u002Fh4>\n\u003Cp>Please give us feedback, contribute and file technical bugs on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fandrianvaleanu\u002FWP-Maintenance-Mode\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fthemeisle.com\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptimole.com\u002F\" rel=\"nofollow ugc\">Optimole\u003C\u002Fa> – Optimole is your all-in-one image optimization solution for WordPress & beyond.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpshout.com\u002F\" rel=\"nofollow ugc\">WPShout\u003C\u002Fa> – In-Depth WordPress Tutorials for Developers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frevive.social\u002F\" rel=\"nofollow ugc\">Revive Social\u003C\u002Fa> – Revive Old Posts helps you keep your content alive and in front the audiences that matter.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.codeinwp.com\u002F\" rel=\"nofollow ugc\">CodeinWP\u003C\u002Fa> – CodeinWP stands for all-things-WordPress. From web design to freelancing and from development to business, your questions are covered.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdomainwheel.com\" rel=\"nofollow ugc\">DomainWheel\u003C\u002Fa> – Free Short Website name generator, with the help of AI, for instant ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check-out \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" title=\"Themeisle blog\" rel=\"nofollow ugc\">our blog\u003C\u002Fa> to learn from our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress\u002Freviews\u002F\" title=\"WordPress Reviews\" rel=\"nofollow ugc\">WordPress Reviews\u003C\u002Fa> and see other \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress-plugins\u002F\" title=\"WordPress Plugins Comparisons\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.",500000,19310486,86,859,"2025-12-10T19:23:00.000Z","6.9.4","4.7","7.1",[70,20,71,72,73],"admin","coming-soon","maintenance-mode","unavailable","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maintenance-mode.2.6.20.zip",96,6,"2024-01-05 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":51,"tags":93,"homepage":95,"download_link":96,"security_score":33,"vuln_count":97,"unpatched_count":25,"last_vuln_date":98,"fetched_at":27},"adminimize","Adminimize","1.11.11","WP Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp_media\u002F","\u003Cp>If you manage a multi-author WordPress blog or WordPress sites for clients, then you may have wondered if it was possible to clean up the WordPress admin area for your users? There are lots of things in the WordPress admin area that your users don’t need to see or use. This plugin help you to hide unnecessary items from WordPress admin area.\u003C\u002Fp>\n\u003Cp>Adminimize makes it easy to remove items from view based on a user’s role.\u003C\u002Fp>\n\u003Ch4>What does this plugin do?\u003C\u002Fh4>\n\u003Cp>The plugin changes the administration backend and gives you the power to assign rights on certain parts. Admins can activate\u002Fdeactivate every part of the menu and even parts of the sub-menu. Meta fields can be administered separately for posts and pages. Certain parts of the write menu can be deactivated separately for admins or non-admins. The header of the backend is minimized and optimized to give you more space and the structure of the menu gets changed to make it more logical – this can all be done per user so each role and their resulting users can have his own settings.\u003C\u002Fp>\n\u003Ch4>Support Custom Post Type\u003C\u002Fh4>\n\u003Cp>The plugin support all functions also for custom post types, automatically in the settings page.\u003C\u002Fp>\n\u003Ch4>Support Custom Options on all different post types\u003C\u002Fh4>\n\u003Cp>It is possible to add own options to hide areas in the back-end of WordPress. It is easy and you must only forgive a ID or class, a selector, of the markup, that you will hide.\u003C\u002Fp>\n\u003Ch4>Compatibility with plugins for MetaBoxes in Write-area\u003C\u002Fh4>\n\u003Cp>You can add your own options, you must only check for css selectors.\u003C\u002Fp>\n\u003Ch4>Help with “Your own options”\u003C\u002Fh4>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002F328449\" title=\"Plugin: Adminimize Help with Your own options (3 posts)\" rel=\"ugc\">entry on the WP community forum\u003C\u002Fa> for help with this great possibility.\u003C\u002Fp>\n\u003Ch4>License\u003C\u002Fh4>\n\u003Cp>Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog. But if you enjoy this plugin, you can thank me and leave a \u003Ca href=\"http:\u002F\u002Fbueltge.de\u002Fwunschliste\u002F\" title=\"Wishliste and Donate\" rel=\"nofollow ugc\">small donation\u003C\u002Fa> for the time I’ve spent writing and supporting this plugin. And I really don’t want to know how many hours of my life this plugin has already eaten 😉\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>The plugin comes with various translations, please refer to the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FInstalling_WordPress_in_Your_Language\" title=\"Installing WordPress in Your Language\" rel=\"nofollow ugc\">WordPress Codex\u003C\u002Fa> for more information about activating the translation. If you want to help to translate the plugin to your language, please have a look at the sitemap.pot file which contains all definitions and may be used with a \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fsoftware\u002Fgettext\u002F\" rel=\"nofollow ugc\">gettext\u003C\u002Fa> editor like \u003Ca href=\"http:\u002F\u002Fwww.poedit.net\u002F\" rel=\"nofollow ugc\">Poedit\u003C\u002Fa> (Windows) or use, I prefers this, the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fadminimize\" rel=\"nofollow ugc\">translation service from wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n","Adminimize that lets you hide 'unnecessary' items from the WordPress backend",200000,3104947,94,253,"2024-03-15T16:24:00.000Z","6.4.8","4.0",[20,94],"customization","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadminimize\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadminimize.1.11.11.zip",2,"2014-08-01 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":86,"downloaded":107,"rating":63,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":118,"download_link":119,"security_score":13,"vuln_count":31,"unpatched_count":25,"last_vuln_date":120,"fetched_at":27},"performance-lab","Performance Lab","4.1.0","WordPress Performance Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fperformanceteam\u002F","\u003Cp>The Performance Lab plugin is a collection of features focused on enhancing the performance of your site, most of which should eventually be merged into WordPress core. The plugin facilitates the discovery and activation of the individual performance feature plugins which the performance team is developing. In this way you can test the features to get their benefits before they become available in WordPress core. You can also play an important role by providing feedback to further improve the solutions.\u003C\u002Fp>\n\u003Cp>The feature plugins which are currently featured by this plugin are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembed-optimizer\u002F\" rel=\"ugc\">Embed Optimizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauto-sizes\u002F\" rel=\"ugc\">Enhanced Responsive Images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdominant-color-images\u002F\" rel=\"ugc\">Image Placeholders\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fimage-prioritizer\u002F\" rel=\"ugc\">Image Prioritizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnocache-bfcache\u002F\" rel=\"ugc\">Instant Back\u002FForward\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwebp-uploads\u002F\" rel=\"ugc\">Modern Image Formats\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foptimization-detective\u002F\" rel=\"ugc\">Optimization Detective\u003C\u002Fa> (dependency for Embed Optimizer and Image Prioritizer)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fperformant-translations\u002F\" rel=\"ugc\">Performant Translations\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fspeculation-rules\u002F\" rel=\"ugc\">Speculative Loading\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fview-transitions\u002F\" rel=\"ugc\">View Transitions\u003C\u002Fa> \u003Cem>(experimental)\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These plugins can also be installed separately from installing Performance Lab, but having the Performance Lab plugin also active will ensure you find out about new performance features as they are developed.\u003C\u002Fp>\n","Performance plugin from the WordPress Performance Team, which is a collection of standalone performance features.",3452248,50,"2026-02-27T20:19:00.000Z","7.0","6.6","7.2",[114,115,116,117,21],"diagnostics","measurement","optimization","performance","https:\u002F\u002Fgithub.com\u002FWordPress\u002Fperformance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fperformance-lab.4.1.0.zip","2023-05-18 00:00:00",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":136,"tags":137,"homepage":142,"download_link":143,"security_score":131,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"remove-dashboard-access-for-non-admins","Remove Dashboard Access","1.2.1","TrustedLogin","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrustedlogin\u002F","\u003Cp>The easiest and safest way to restrict access to your WordPress site’s Dashboard and administrative menus. Remove Dashboard Access is a lightweight plugin that automatically redirects users who shouldn’t have access to the Dashboard to a custom URL of your choosing. Redirects can also be configured on a per-role\u002Fper-capability basis, allowing you to keep certain users out of the Dashboard, while retaining access for others.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Limit Dashboard access to user roles:\n\u003Cul>\n\u003Cli>Admins only\u003C\u002Fli>\n\u003Cli>Admins + editors\u003C\u002Fli>\n\u003Cli>Admins, editors, and authors\u003C\u002Fli>\n\u003Cli>or restrict by specific user capability\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Choose your own redirect URL\u003C\u002Fli>\n\u003Cli>Optionally allow users to edit their profiles\u003C\u002Fli>\n\u003Cli>Display a message on the login screen so users know why they’re being redirected\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Blocking access to the Dashboard is a great way to prevent clients from breaking their sites, prevent users from seeing things they shouldn’t, and to keep your site’s backend more secure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Allow only users with roles or capabilities:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can restrict Dashboard access to Admins only, Editors or above, Authors or above, or by selecting a specific user capability.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Grant access to user profiles:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Optionally allow all users the ability to edit their profiles in the Dashboard. Users lacking the chosen capability won’t be able to access any other sections of the Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Show a custom login message:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Supply a message to display on the login screen. Leaving this blank disables the message.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.",30000,467245,92,78,"2024-11-29T20:13:00.000Z","6.7.5","3.1.0","5.3",[138,20,139,140,141],"access","dashboard","login","restrict","https:\u002F\u002Fwww.trustedlogin.com\u002Fremove-dashboard-access\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-dashboard-access-for-non-admins.1.2.1.zip",{"attackSurface":145,"codeSignals":168,"taintFlows":181,"riskAssessment":209,"analyzedAt":215},{"hooks":146,"ajaxHandlers":164,"restRoutes":165,"shortcodes":166,"cronEvents":167,"entryPointCount":25,"unprotectedCount":25},[147,154,160],{"type":148,"name":149,"callback":150,"priority":151,"file":152,"line":153},"action","admin_menu","shtm_add_settings_page",10,"site-health-tool-manager.php",27,{"type":155,"name":156,"callback":157,"priority":158,"file":152,"line":159},"filter","site_status_tests","shtm_filter_tests",10000,47,{"type":148,"name":161,"callback":162,"file":152,"line":163},"wp_dashboard_setup","shtm_filter_dashboard_widget",58,[],[],[],[],{"dangerousFunctions":169,"sqlUsage":170,"outputEscaping":172,"fileOperations":25,"externalRequests":25,"nonceChecks":31,"capabilityChecks":31,"bundledLibraries":180},[],{"prepared":25,"raw":25,"locations":171},[],{"escaped":173,"rawEcho":97,"locations":174},4,[175,178],{"file":152,"line":176,"context":177},132,"raw output",{"file":152,"line":179,"context":177},133,[],[182,201],{"entryPoint":183,"graph":184,"unsanitizedCount":25,"severity":200},"shtm_settings_page (site-health-tool-manager.php:64)",{"nodes":185,"edges":197},[186,191],{"id":187,"type":188,"label":189,"file":152,"line":190},"n0","source","$_POST",102,{"id":192,"type":193,"label":194,"file":152,"line":195,"wp_function":196},"n1","sink","update_option() [Settings Manipulation]",103,"update_option",[198],{"from":187,"to":192,"sanitized":199},true,"low",{"entryPoint":202,"graph":203,"unsanitizedCount":25,"severity":200},"\u003Csite-health-tool-manager> (site-health-tool-manager.php:0)",{"nodes":204,"edges":207},[205,206],{"id":187,"type":188,"label":189,"file":152,"line":190},{"id":192,"type":193,"label":194,"file":152,"line":195,"wp_function":196},[208],{"from":187,"to":192,"sanitized":199},{"summary":210,"deductions":211},"The \"site-health-tool-manager\" v1.1 plugin exhibits a strong security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points significantly limits its attack surface.  The code signals further reinforce this, showing no dangerous functions, all SQL queries using prepared statements, and a reasonable output escaping rate. The presence of nonce and capability checks, although minimal, is a positive sign. The taint analysis reveals no unsanitized paths or critical\u002Fhigh severity flows, indicating the developers have likely considered input validation. The vulnerability history being completely clean further supports a low-risk profile for this plugin.\n\nWhile the current analysis indicates a very secure plugin, the limited scope of analysis (only 2 taint flows analyzed) might mean some edge cases are not uncovered. The 67% proper output escaping, while decent, could be improved to 100% to mitigate potential XSS vulnerabilities in the remaining cases. However, given the overall lack of critical findings and the clean history, the plugin appears well-developed from a security perspective.",[212],{"reason":213,"points":214},"Output escaping not fully implemented",5,"2026-03-16T18:39:52.231Z",{"wat":217,"direct":222},{"assetPaths":218,"generatorPatterns":219,"scriptPaths":220,"versionParams":221},[],[],[],[],{"cssClasses":223,"htmlComments":229,"htmlAttributes":230,"restEndpoints":237,"jsGlobals":238,"shortcodeOutput":239},[224,225,226,227,228],"wrap","notice","notice-success","is-dismissible","notice-error",[],[231,232,233,234,235,236],"name=\"checked[]\"","id=\"widget-setting\"","name=\"widget\"","name=\"submit\"","value=\"Save Settings\"","name=\"shtm-disable-tests-nonce\"",[],[],[]]