[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPSR3v34zFeh4KXZBwfmSq6TBK-VfzLR3j-5t77WXnwc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":14,"unpatched_count":14,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":43,"crawl_stats":34,"alternatives":50,"analysis":164,"fingerprints":206},"site-info-dashboard-widget","Site Info","1.1","Rami Yushuvaev","https:\u002F\u002Fprofiles.wordpress.org\u002Framiy\u002F","\u003Cp>This simple, but useful, plugin adds a widget to your WordPress dashboard, displaying a list of site information. Showing the site name, tagline, site URL, admin URL, admin language, text direction, WordPress version and PHP version.\u003C\u002Fp>\n\u003Cp>It’s very handy if you want to see your site general information in one place – your sites dashboard.\u003C\u002Fp>\n\u003Ch4>More info\u003C\u002Fh4>\n\u003Cp>To read how this plugin was developed, including code examples and screenshots, visit: https:\u002F\u002FGenerateWP.com\u002Fintroducing-dashboard-widgets-generator\u002F\u003C\u002Fp>\n\u003Cp>You can find the plugin source code in here:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>https:\u002F\u002FGenerateWP.com\u002Fsnippet\u002Fnvl3vxg\u002F\u003C\u002Fli>\n\u003Cli>https:\u002F\u002FGenerateWP.com\u002Fsnippet\u002F2VvAap6\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And you can ask for more features using the original post comments area.\u003C\u002Fp>\n","WordPress dashboard widget displaying the main site info.",60,3148,100,1,"2018-02-02T23:06:00.000Z","4.9.29","3.0","5.2.4",[20,21,22],"dashboard","dashboard-widget","site-info","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsite-info-dashboard-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-info-dashboard-widget.1.1.zip",64,"2025-09-05 00:00:00","2026-03-15T15:16:48.613Z",[29],{"id":30,"url_slug":31,"title":32,"description":33,"plugin_slug":4,"theme_slug":34,"affected_versions":35,"patched_in_version":34,"severity":36,"cvss_score":37,"cvss_vector":38,"vuln_type":39,"published_date":26,"updated_date":40,"references":41,"days_to_patch":34},"CVE-2025-58866","site-info-authenticated-editor-information-exposure","Site Info \u003C= 1.1 - Authenticated (Editor+) Information Exposure","The Site Info plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with Editor-level access and above, to extract sensitive user or configuration data.",null,"\u003C=1.1","low",2.7,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2025-09-11 14:30:42",[42],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4b78e38b-d16a-4891-96ae-6f6f7138dcc5?source=api-prod",{"slug":44,"display_name":7,"profile_url":8,"plugin_count":45,"total_installs":46,"avg_security_score":47,"avg_patch_time_days":48,"trust_score":47,"computed_at":49},"ramiy",4,250,80,30,"2026-04-04T06:52:41.274Z",[51,75,98,120,142],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":71,"download_link":72,"security_score":13,"vuln_count":14,"unpatched_count":73,"last_vuln_date":74,"fetched_at":27},"dashboard-welcome-for-elementor","Dashboard Welcome for Elementor","1.0.10","IdeaBox Creations","https:\u002F\u002Fprofiles.wordpress.org\u002Fideaboxcreations\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowerpackelements.com\u002Fdashboard-welcome-elementor\u002F?utm_medium=dashboard-welcome&utm_source=repo-readme&utm_campaign=repo-homepage-link\" title=\"PowerPack Elements\" rel=\"nofollow ugc\">Dashboard Welcome by PowerPack Elements\u003C\u002Fa> gives you full control over the WordPress welcome panel using Elementor. You can personalize the dashboard with content and design built with Elementor. You can add heading, contact information, form, video, images, affiliate links, etc.\u003C\u002Fp>\n\u003Cp>PLUS, you can display a template as per the user role.\u003C\u002Fp>\n\u003Ch4>How this works?\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F2wG1Jb0B7T4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a layout with Elementor.\u003C\u002Fli>\n\u003Cli>Go to plugin settings and select the layout from dropdown for any user role.\u003C\u002Fli>\n\u003Cli>Save the setting. Done!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Our other Elementor addons\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowerpackelements.com\u002F?utm_medium=dashboard-welcome&utm_source=repo-readme&utm_campaign=powerpack-elementor\" title=\"PowerPack for Elementor\" rel=\"nofollow ugc\">PowerPack for Elementor\u003C\u002Fa> – Extend Elementor with 50+ Creative Widgets and build beautiful websites.\u003C\u002Fp>\n","Replaces the default WordPress dashboard welcome panel with custom designed Elementor template.",20000,152714,82,23,"2026-02-23T15:38:00.000Z","6.9.4","6.3","7.4",[20,21,68,69,70],"elementor","elementor-addon","elementor-template","https:\u002F\u002Fpowerpackelements.com\u002Fdashboard-welcome-elementor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-welcome-for-elementor.1.0.10.zip",0,"2022-12-16 00:00:00",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":59,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":66,"tags":89,"homepage":94,"download_link":95,"security_score":96,"vuln_count":14,"unpatched_count":73,"last_vuln_date":97,"fetched_at":27},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",631204,86,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5",[90,91,21,92,93],"admin","administration","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,"2019-02-25 00:00:00",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":66,"tags":113,"homepage":117,"download_link":118,"security_score":119,"vuln_count":73,"unpatched_count":73,"last_vuln_date":34,"fetched_at":27},"wp-widget-disable","Widget Disable","3.0.1","required","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearerequired\u002F","\u003Cp>This simple plugin allows you to disable any sidebar and dashboard widget for the current WordPress site you are on. It provides a simple user interface available to users with \u003Ccode>edit_theme_options\u003C\u002Fcode> capabilities (usually Administrator role) available under Appearance -> Disable Widgets.\u003Cbr \u002F>\nAfter saving the settings, the sidebar and dashboard widgets are removed from and the user can’t see those widgets anymore.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer? Get to know the hooks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Have a look at the filters we provide:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_widget_disable_default_sidebar_widgets\u003C\u002Fcode> – Allows you to exclude certain sidebar widgets from being disabled.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_widget_disable_default_dashboard_widgets\u003C\u002Fcode> – Allows you to exclude certain dashboard widgets from being disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Contributions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you would like to contribute to this plugin, report an issue or anything like that, please note that we develop this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwearerequired\u002FWP-Widget-Disable\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Frequired.com\u002F\" title=\"Team of experienced web professionals from Switzerland & Germany\" rel=\"nofollow ugc\">required\u003C\u002Fa>\u003C\u002Fp>\n","Disable sidebar and dashboard widgets with an easy to use interface.",10000,185111,96,24,"2024-11-18T13:40:00.000Z","6.7.5","6.0",[90,20,114,115,116],"dashboard-widgets","sidebar-widgets","widgets","https:\u002F\u002Frequired.com\u002Fservices\u002Fwordpress-plugins\u002Fwp-widget-disable\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-widget-disable.3.0.1.zip",92,{"slug":121,"name":122,"version":123,"author":55,"author_profile":56,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":128,"num_ratings":129,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":133,"tags":134,"homepage":133,"download_link":139,"security_score":140,"vuln_count":14,"unpatched_count":14,"last_vuln_date":141,"fetched_at":27},"dashboard-welcome-for-beaver-builder","Dashboard Welcome for Beaver Builder","1.0.8","\u003Cp>Dashboard Welcome by \u003Ca href=\"https:\u002F\u002Fwpbeaveraddons.com\u002F?utm_medium=bb-dashboard-welcome&utm_source=repo-readme&utm_campaign=repo-homepage-link\" title=\"Beaver Addons\" rel=\"nofollow ugc\">Beaver Addons\u003C\u002Fa> gives you full control over the WordPress welcome panel using Beaver Builder. You can personalize the dashboard with content and design built with Beaver Builder. You can add heading, contact information, form, video, images, affiliate links, etc.\u003C\u002Fp>\n\u003Cp>PLUS, you can display a template as per the user role.\u003C\u002Fp>\n\u003Ch4>How this works?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Create a layout with Beaver Builder.\u003C\u002Fli>\n\u003Cli>Go to plugin settings and select the layout from dropdown for any user role.\u003C\u002Fli>\n\u003Cli>Save the setting. Done!\u003C\u002Fli>\n\u003C\u002Ful>\n","Replaces the default WordPress dashboard welcome panel with custom designed Beaver Builder template.",2000,29619,94,7,"2023-09-22T19:23:00.000Z","6.3.8","5.0","",[135,136,137,138,21],"beaver-builder","beaver-builder-addon","beaver-builder-template","dashboard-welcome","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-welcome-for-beaver-builder.zip",63,"2026-01-07 00:00:00",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":150,"downloaded":151,"rating":13,"num_ratings":152,"last_updated":153,"tested_up_to":64,"requires_at_least":154,"requires_php":155,"tags":156,"homepage":133,"download_link":161,"security_score":96,"vuln_count":162,"unpatched_count":73,"last_vuln_date":163,"fetched_at":27},"dashboard-to-do-list","Dashboard To-Do List","1.3.2","Andrew","https:\u002F\u002Fprofiles.wordpress.org\u002Farapps92\u002F","\u003Cp>Are you a web designer or developer? Or are you creating a plugin or a theme? Are you finding hard to keep track of your tasks or your notepad is just untidy?\u003C\u002Fp>\n\u003Cp>Add this useful tool to your WordPress website, create a to-do list from within the main Admin Dashboard and display it on your website.\u003C\u002Fp>\n\u003Cp>Keep your list in one place and specific to your website\u002Fproject.\u003C\u002Fp>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily edit your To-Do list from the Admin Dashboard.\u003C\u002Fli>\n\u003Cli>Allow Editors to view and edit the dashboard To-Do list widget as well as Administrators.\u003C\u002Fli>\n\u003Cli>Display the To-Do list as a floating widget on the frontend of your website.\u003C\u002Fli>\n\u003Cli>Choose the position of the floating widget.\u003C\u002Fli>\n\u003Cli>Restrict the visibility of the floating widget to logged in Administrators and\u002For Editors only.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Simply install and activate the plugin, open your Admin Dashboard and write your list.\u003C\u002Fp>\n","A dashboard to-do list widget with the option to show the to-do list on the website. This is a great tool for web developers building a new website.",1000,21915,8,"2025-12-08T11:23:00.000Z","4.0","5.6",[21,157,158,159,160],"tasks","to-do","todo","todo-list","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-to-do-list.1.3.2.zip",2,"2024-06-06 00:00:00",{"attackSurface":165,"codeSignals":181,"taintFlows":191,"riskAssessment":192,"analyzedAt":205},{"hooks":166,"ajaxHandlers":177,"restRoutes":178,"shortcodes":179,"cronEvents":180,"entryPointCount":73,"unprotectedCount":73},[167,173],{"type":168,"name":169,"callback":170,"file":171,"line":172},"action","wp_dashboard_setup","add_dashboard_widget","site_info_dashboard_widget.php",44,{"type":168,"name":174,"callback":175,"file":171,"line":176},"plugins_loaded","load_textdomain",45,[],[],[],[],{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":185,"fileOperations":73,"externalRequests":73,"nonceChecks":73,"capabilityChecks":73,"bundledLibraries":190},[],{"prepared":73,"raw":73,"locations":184},[],{"escaped":14,"rawEcho":14,"locations":186},[187],{"file":171,"line":188,"context":189},110,"raw output",[],[],{"summary":193,"deductions":194},"The plugin \"site-info-dashboard-widget\" v1.1 exhibits a mixed security posture. On the positive side, the static analysis reveals no critical code signals like dangerous functions, raw SQL queries, or file operations. It also correctly uses prepared statements for all SQL queries and has a small attack surface with no apparent unprotected entry points. However, there are some areas of concern. The output escaping is only 50% properly implemented, meaning there's a potential for cross-site scripting (XSS) vulnerabilities if user-controlled data is directly outputted without proper sanitization.  The complete absence of nonce and capability checks on what would typically be considered entry points (even though the reported number is zero) is also a red flag that might be an artifact of the analysis or an oversight in the plugin's design. The vulnerability history is a significant concern, with one low-severity, but currently unpatched, CVE for exposure of sensitive information. The fact that this is the only known vulnerability type and it remains unpatched suggests a potential pattern of oversight in security hygiene, especially given its recency.\n\nIn conclusion, while the plugin demonstrates some good security practices, particularly in its handling of SQL and its limited attack surface, the partial output escaping and the unpatched low-severity CVE are significant weaknesses. The lack of nonce and capability checks, even if not directly exploitable in this reported static analysis, points to a need for more robust security implementations. Users should be cautious due to the unpatched vulnerability and the potential for XSS if the output escaping is insufficient for all dynamic content.",[195,198,201,203],{"reason":196,"points":197},"Unpatched CVE exists",15,{"reason":199,"points":200},"Output escaping is only 50% proper",5,{"reason":202,"points":200},"No nonce checks reported",{"reason":204,"points":200},"No capability checks reported","2026-03-16T21:46:13.836Z",{"wat":207,"direct":212},{"assetPaths":208,"generatorPatterns":209,"scriptPaths":210,"versionParams":211},[],[],[],[],{"cssClasses":213,"htmlComments":214,"htmlAttributes":215,"restEndpoints":216,"jsGlobals":217,"shortcodeOutput":218},[],[],[],[],[],[219],"\u003Ctable>\u003Ctr>\u003Ctd>\u003Cstrong>Site Name :\u003C\u002Fstrong>\u003C\u002Ftd>\u003Ctd>"]