[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAI-JVusMB4eMCjRxf90oc3eImiUsJEhhOJH1Aez_cCM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":80,"crawl_stats":37,"alternatives":87,"analysis":198,"fingerprints":431},"smart-maintenance-mode","Smart Maintenance Mode","1.5.3","brijeshk89","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrijeshk89\u002F","\u003Cp>Smart Maintenance Mode is a plugin which allows you to set your site to maintenance mode so that your readers see the Coming Soon page while you can see the actual development of your site. You can create ranges and define the IP range which will see the actual site using Smart Maintenance Mode.\u003C\u002Fp>\n\u003Cp>Features in Smart Maintenance Mode include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable\u002FDisable Maintenance Mode\u003C\u002Fli>\n\u003Cli>Add\u002FRemove Custom HTML content\u003C\u002Fli>\n\u003Cli>Add\u002FRemove a Countdown to the time when your site will be live\u003C\u002Fli>\n\u003Cli>Add\u002FRemove custom messages for Maintenance Mode page\u003C\u002Fli>\n\u003Cli>Add\u002FRemove custom images for Maintenance Mode page\u003C\u002Fli>\n\u003Cli>Allow User roles to access actual site when Maintenance Mode is enabled\u003C\u002Fli>\n\u003Cli>Allow your IP to access actual site when Maintenance Mode is enabled\u003C\u002Fli>\n\u003Cli>Create IP ranges\u003C\u002Fli>\n\u003Cli>Delete IP ranges\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable IP ranges\u003C\u002Fli>\n\u003Cli>Completely FREE\u003C\u002Fli>\n\u003Cli>Licensed under GNU GPL version 3\u003C\u002Fli>\n\u003Cli>Safe & Secure\u003C\u002Fli>\n\u003C\u002Ful>\n","Smart Maintenance Mode allows you to put your site under maintenance mode for others and you can see the actual developement of your site by allowing  …",1000,57559,64,15,"2025-04-16T04:15:00.000Z","6.8.5","3.0","",[20,21,22,23,4],"allow-ip","customize","ip","maintenance-mode","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsmart-maintenance-mode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-maintenance-mode.1.5.3.zip",76,4,1,"2025-03-25 14:11:16","2026-03-15T15:16:48.613Z",[32,47,61,67],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-1490","smart-maintenance-mode-reflected-cross-site-scripting-via-setstatus-parameter","Smart Maintenance Mode \u003C= 1.5.2 - Reflected Cross-Site Scripting via setstatus Parameter","The Smart Maintenance Mode plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘setstatus’ parameter in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.5.2","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-17 12:54:27",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fea9ca8ac-e735-4e84-af0f-45d22a8e2124?source=api-prod",23,{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":37,"affected_versions":52,"patched_in_version":53,"severity":39,"cvss_score":54,"cvss_vector":55,"vuln_type":42,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60},"CVE-2024-12682","smart-maintenance-mode-authenticated-admin-stored-cross-site-scripting","Smart Maintenance Mode \u003C= 1.5.1 - Authenticated (Admin+) Stored Cross-Site Scripting","The Smart Maintenance Mode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C=1.5.1","1.5.2",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2025-03-03 00:00:00","2025-04-21 15:22:08",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F23447ee8-e852-4ddf-a333-5d0df01c4195?source=api-prod",50,{"id":62,"url_slug":63,"title":50,"description":51,"plugin_slug":4,"theme_slug":37,"affected_versions":52,"patched_in_version":53,"severity":39,"cvss_score":54,"cvss_vector":55,"vuln_type":42,"published_date":56,"updated_date":64,"references":65,"days_to_patch":60},"CVE-2024-12683","smart-maintenance-mode-authenticated-admin-stored-cross-site-scripting-2","2025-04-21 15:22:35",[66],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6322ba0b-e1f1-4fda-b7a4-826844046f89?source=api-prod",{"id":68,"url_slug":69,"title":70,"description":71,"plugin_slug":4,"theme_slug":37,"affected_versions":72,"patched_in_version":37,"severity":39,"cvss_score":73,"cvss_vector":74,"vuln_type":75,"published_date":76,"updated_date":77,"references":78,"days_to_patch":37},"CVE-2024-33638","smart-maintenance-mode-cross-site-request-forgery","Smart Maintenance Mode \u003C= 1.5.3 - Cross-Site Request Forgery","The Smart Maintenance Mode plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=1.5.3",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-04-25 00:00:00","2025-04-17 12:53:44",[79],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F138c636b-27fb-4d76-b01c-60a10749913d?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":81,"total_installs":82,"avg_security_score":83,"avg_patch_time_days":84,"trust_score":85,"computed_at":86},5,1500,85,25,84,"2026-04-04T07:04:19.312Z",[88,113,136,155,177],{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":99,"last_updated":100,"tested_up_to":16,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":108,"download_link":109,"security_score":110,"vuln_count":27,"unpatched_count":111,"last_vuln_date":112,"fetched_at":30},"content-control","Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More","2.6.5","Daniel Iser","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanieliser\u002F","\u003Cp>Content Control is a transformative plugin, allowing you to fine-tune every aspect of your WordPress website’s content. Decide who gets to see what, where, and when – be it pages, posts, widgets, or individual block visibility using our handy shortcode. Your content, your rules, executed perfectly!\u003C\u002Fp>\n\u003Cp>Content Control is intuitive and powerful, designed for all users—whether logged in, holding specific roles, or even guests. Need top-tier content restriction or a dependable access manager for your site? Look no further. We’ve expanded our controls to include Gutenberg and Full Site Editor, giving you unmatched command.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>Discover what Content Control brings to your table:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Full control over your site’s content, restrict user access with ease!.\u003C\u002Fli>\n\u003Cli>Create a \u003Cstrong>Paid Membership\u003C\u002Fstrong> sites using your favorite or existing ecommerce plugins.\u003C\u002Fli>\n\u003Cli>Set up a seamless paywall for your content, providing teasers for users and prompting them to purchase access.\u003C\u002Fli>\n\u003Cli>Per block controls for Gutenberg and Full Site Editor, including user roles, device type, and more.\n\u003Cul>\n\u003Cli>Responsive block controls with customizable breakpoints.\u003C\u002Fli>\n\u003Cli>Control block visibility by user status, roles, device type & more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Restrict access to pages, posts, widgets, and individual blocks based on user status, roles, device type & more.\u003C\u002Fli>\n\u003Cli>Offer membership tools for crafting membership access and members-only content.\u003C\u002Fli>\n\u003Cli>Provide responsive block designs that adapt to varying device sizes.\u003C\u002Fli>\n\u003Cli>Lockdown content selectively for improved user experiences.\u003C\u002Fli>\n\u003Cli>Implement role-based redirections to guide users effectively.\u003C\u002Fli>\n\u003Cli>Unlock the power of subscription content and monetization strategies.\u003C\u002Fli>\n\u003Cli>Safeguard specific categories, tags, custom post types, and custom taxonomies.\u003C\u002Fli>\n\u003Cli>Manage access to \u003Ca href=\"https:\u002F\u002Fwww.hongkiat.com\u002Fblog\u002Fwordpress-attachment-pages\u002F\" rel=\"nofollow ugc\">media attachment pages\u003C\u002Fa> for logged in\u002Fout users or specific user roles.\u003C\u002Fli>\n\u003Cli>Display a custom message to users who do not have permission to view the content.\u003C\u002Fli>\n\u003Cli>Display specific content on a page or post to logged in users only, specific user roles, or logged out users.\u003C\u002Fli>\n\u003Cli>Redirect users without access permission to a login page, website homepage, or a custom URL.\u003C\u002Fli>\n\u003Cli>Highlight subscriber-only content for premium users.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[content_control]\u003C\u002Fcode> shortcode to protect content inline and cater to subscriber preferences.\u003C\u002Fli>\n\u003Cli>Control widget visibility by selecting the user type that can view each widget.\u003C\u002Fli>\n\u003Cli>Conditionally show coming soon or maintenance mode pages based on various rules.\u003C\u002Fli>\n\u003Cli>Restrict access to your site’s REST API endpoints.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcontentcontrolplugin.com\u002Fdocs\u002F?utm_campaign=plugin-info&utm_source=readme-description&utm_medium=wordpress&utm_content=documentation-link\" rel=\"nofollow ugc\">Content Control Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cp>Content Control Pro, with advanced features like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Content Teasers for Paywalls, giving your users a sneak peek, leaving them wanting more.\u003C\u002Fli>\n\u003Cli>Optimize your WooCommerce & Easy Digital Downloads (EDD) & Paid Memberships Pro experiences with advanced rules.\u003C\u002Fli>\n\u003Cli>Schedule blocks, controlling content visibility timings using customizable scheduling rules.\u003C\u002Fli>\n\u003Cli>Dive deeper with advanced block rules and a boolean editor.\u003C\u002Fli>\n\u003Cli>Customize login, registration & recovery page urls. Custom login urls give a more personalized user experience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcontentcontrolplugin.com\u002Fpricing\u002F?utm_campaign=plugin-info&utm_source=readme-description&utm_medium=wordpress&utm_content=upgrade-link\" rel=\"nofollow ugc\">Upgrade to Content Control Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>: Content Control handles media access via content on media attachment pages but won’t restrict direct server-level access to media files.\u003C\u002Fp>\n\u003Ch4>Passionately Crafted by Code Atlantic\u003C\u002Fh4>\n\u003Cp>At \u003Ca href=\"https:\u002F\u002Fcode-atlantic.com\" title=\"Code Atlantic - High Quality WordPress Plugins\" rel=\"nofollow ugc\">Code Atlantic\u003C\u002Fa>, we’re passionate about crafting tools that empower your digital journey. Content Control is a testament to our commitment to quality.\u003C\u002Fp>\n\u003Cp>Dive into some of our renowned plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppopupmaker.com\" title=\"#1 Popup & Marketing Plugin for WordPress\" rel=\"nofollow ugc\">Popup Maker\u003C\u002Fa>\u003C\u002Fstrong> – The #1 Popup & Marketing Plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-menus\u002F\" title=\"Show, Hide & Customize Menu Items For Different Users\" rel=\"ugc\">User Menus\u003C\u002Fa>\u003C\u002Fstrong> – Innovatively Show, Hide & Customize Menu Items\u003C\u002Fli>\n\u003C\u002Ful>\n","Restrict content based on login status, user roles, device type & more. Monetize your content with a paywall or members-only content.",40000,871139,98,575,"2025-05-27T08:57:00.000Z","6.2","7.4",[104,105,23,106,107],"access-control","content-restriction","members-only","membership","https:\u002F\u002Fcontentcontrolplugin.com\u002F?utm_campaign=plugin-info&utm_source=php-file-header&utm_medium=plugin-ui&utm_content=plugin-uri","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-control.2.6.5.zip",96,0,"2025-05-07 00:00:00",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":134,"download_link":135,"security_score":83,"vuln_count":111,"unpatched_count":111,"last_vuln_date":37,"fetched_at":30},"custom-script-for-customizer","Custom Header Footer Scripts for Customizer","1.1.1","Rupok","https:\u002F\u002Fprofiles.wordpress.org\u002Fre_enter_rupok\u002F","\u003Cp>Add custom script to header and footer through WordPress Customizer. Edit your scripts with CodeMirror editor within Customizer. You can place any custom JavaScript, Google Analytics or embed script. Extremely helpful if you need to place any custom javascript or jQuery code to header or footer. This plugin gives you the ability to place different scripts to header or footer separately. Uses Customizer so you can edit the code live and see the changes on the fly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>CodeMirror Editor\u003C\u002Fli>\n\u003Cli>Ability to add custom scripts to wp header.\u003C\u002Fli>\n\u003Cli>Ability to add custom scripts to wp footer.\u003C\u002Fli>\n\u003Cli>Ability to add multiple scripts.\u003C\u002Fli>\n\u003Cli>Ability to add Google Alalytics code.\u003C\u002Fli>\n\u003Cli>Ability to add any embed code.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Check my free WordPress Theme \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fflexia\u002F\" rel=\"ugc\">Flexia\u003C\u002Fa>, one theme to rule them all.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Check my other plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fessential-addons-for-elementor-lite\u002F\" rel=\"ugc\">Essential Addons For Elementor\u003C\u002Fa>\u003C\u002Fstrong> – Most popular Elementor extensions with 1 Million+ active users in the WordPress repository.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterdocs\u002F\" rel=\"ugc\">BetterDocs\u003C\u002Fa>\u003C\u002Fstrong> – Best documentation & knowledge base plugin for WordPress to help you reduce support tickets\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetterlinks\u002F\" rel=\"ugc\">BetterLinks\u003C\u002Fa>\u003C\u002Fstrong> – Latest best WordPress link management plugin for link shortening, tracking & analyzing.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnotificationx\u002F\" rel=\"ugc\">NotificationX\u003C\u002Fa>\u003C\u002Fstrong> – Best Social Proof & FOMO Marketing Solution\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-scheduled-posts\u002F\" rel=\"ugc\">SchedulePress\u003C\u002Fa>\u003C\u002Fstrong> – Complete solution for WordPress Post Scheduling to manage schedules through an editorial calendar.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembedpress\u002F\" rel=\"ugc\">EmbedPress\u003C\u002Fa>\u003C\u002Fstrong>– Embed videos, images, posts, audio, maps and upload PDF, DOC, PPT & all other types of content into your WordPress site with one-click and showcase it beautifully for the visitors.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemplately\u002F\" rel=\"ugc\">Templately\u003C\u002Fa>\u003C\u002Fstrong> Ultimate Template clouds with 1800+ ready templates for Elementor & Gutenberg along with FREE cloud collaboration with your team.\u003C\u002Fp>\n","Add custom script to header and footer through WordPress Customizer. Edit your scripts with CodeMirror editor within Customizer.",2000,25816,100,2,"2023-08-20T06:54:00.000Z","6.3.8","4.0",[129,130,131,132,133],"codemirror","custom-javascript","custom-script","customizer-script","header-footer-script","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-script-for-customizer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-script-for-customizer.1.1.1.zip",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":11,"downloaded":144,"rating":145,"num_ratings":146,"last_updated":147,"tested_up_to":16,"requires_at_least":148,"requires_php":18,"tags":149,"homepage":153,"download_link":154,"security_score":123,"vuln_count":111,"unpatched_count":111,"last_vuln_date":37,"fetched_at":30},"many-tips-together","Admin Tweaks","3.3.3","brasofilo","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrasofilo\u002F","\u003Cp>With Admin Tweaks you’ll be able to simplify and make \u003Cstrong>deep customizations\u003C\u002Fstrong> in the administrative interface.\u003Cbr \u002F>\nIt’s a compilation of hooks for enhancing, styling and reducing WordPress backend.\u003C\u002Fp>\n\u003Cp>Do you like to adjust and style the backend as much as the frontend?\u003Cbr \u002F>\nSo, we are together!\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Admin Bar: remove, add and modify menu items.\u003C\u002Fli>\n\u003Cli>Admin Menus: remove menu and submenu items; sort Settings menu; rename “Posts”.\u003C\u002Fli>\n\u003Cli>Appearance: hide general elements; create admin notices.\u003C\u002Fli>\n\u003Cli>Dashboard: remove and add widgets.\u003C\u002Fli>\n\u003Cli>General Settings: enable arcane Link Manager; privacy; other misc options.\u003C\u002Fli>\n\u003Cli>Listings: customize rows and columns for post types, users and plugins.\u003C\u002Fli>\n\u003Cli>Media: custom columns; re-attachment; sanitize filenames; jpeg quality; audio\u002Fphoto\u002Fvideo metadata.\u003C\u002Fli>\n\u003Cli>Plugins: many row modifications; live filter by keyword\u002Factive\u002Finactive; move plugins menus from the main menu into the Tools menu (Code Snippets, The SEO Framework, Hide Admin Notices).\u003C\u002Fli>\n\u003Cli>User Profile: remove almost everything; add custom CSS.\u003C\u002Fli>\n\u003Cli>Login: redirects; errors; modify almost everything; add custom CSS.\u003C\u002Fli>\n\u003Cli>Maintenance Mode: with minimum Role allowed and possibility to block only the backend.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Acknowledgments\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Everything changed after \u003Ca href=\"https:\u002F\u002Fwordpress.stackexchange.com\u002F\" rel=\"nofollow ugc\">WordPress Stack Exchange\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Plugin interface using @bainternet’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbainternet\u002FAdmin-Page-Class\" rel=\"nofollow ugc\">Admin Page Class\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>CSS for hiding help texts adapted from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-expert-mode\u002F\" rel=\"ugc\">Admin Expert Mode\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Everything started with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadminimize\u002F\" rel=\"ugc\">Adminimize\u003C\u002Fa>, by Frank Büeltge, which does an awesome job hiding WordPress elements, but I wanted more, and these are some of the great resources where I found many snippets: \u003Ca href=\"https:\u002F\u002Fwordpress.stackexchange.com\u002Fquestions\u002F1567\u002Fbest-collection-of-code-for-your-functions-php-file\" rel=\"nofollow ugc\">Stack Exchange\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwpengineer.com\" rel=\"nofollow ugc\">WPengineer\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\" rel=\"nofollow ugc\">wpbeginner\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fcss-tricks.com\" rel=\"nofollow ugc\">CSS-TRICKS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwp.smashingmagazine.com\" rel=\"nofollow ugc\">Smashing Magazine\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fjustintadlock.com\" rel=\"nofollow ugc\">Justin Tadlock\u003C\u002Fa>…\u003C\u002Fli>\n\u003Cli>The option to hide the help texts from many areas of WordPress uses the CSS file of the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-expert-mode\u002F\" rel=\"ugc\">Admin Expert Mode\u003C\u002Fa>, by Scott Reilly.\u003C\u002Fli>\n\u003C\u002Ful>\n","Customize various aspects of WordPress backend. Create a clean and easier admin area for the users.",42635,94,33,"2025-04-16T19:44:00.000Z","5.0",[150,21,151,23,152],"admin-interface","login","profile","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmany-tips-together","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmany-tips-together.3.3.3.zip",{"slug":156,"name":157,"version":158,"author":159,"author_profile":160,"description":161,"short_description":162,"active_installs":163,"downloaded":164,"rating":123,"num_ratings":165,"last_updated":166,"tested_up_to":167,"requires_at_least":168,"requires_php":18,"tags":169,"homepage":175,"download_link":176,"security_score":83,"vuln_count":111,"unpatched_count":111,"last_vuln_date":37,"fetched_at":30},"live-css-js-code-editor","Live Custom CSS JS Code Editor","1.0.5","Ozan Canakli","https:\u002F\u002Fprofiles.wordpress.org\u002Fozancanakli\u002F","\u003Cp>This plugin allows you to add custom site-wide \u003Cstrong>CSS, JavaScript, Header, Footer Code\u003C\u002Fstrong> to your WordPress site. The changes appear instantly on your website with help of \u003Cstrong>WordPress Live Customizer.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FgP78wXPayvU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>In your WordPress Dashboard, navigate to Customize > Live Code Editor to get started.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When you Change or Update your WordPress Theme, Your Custom Code isn’t effected from these changes.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW FEATURES as Version 1.0.5:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Add Custom CSS to WordPress Admin dashboard.\u003Cbr \u002F>\n* Add Custom JavaScript to WordPress Admin dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>MAIN FEATURES:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom CSS code\u003C\u002Fli>\n\u003Cli>Custom Javascript code\u003C\u002Fli>\n\u003Cli>Custom Header Code (Inside  tags)(Google Analytics and Facebook Pixel compatible.)\u003C\u002Fli>\n\u003Cli>Custom Footer Code (Before closing  tag aka wp_footer function)\u003C\u002Fli>\n\u003Cli>See Your Changes Immediately on your WordPress Site\u003C\u002Fli>\n\u003Cli>Built in Syntax Code Highlighter\u003C\u002Fli>\n\u003Cli>16 Color Schemes (Monokai, Chrome, GitHub, Twilight, Dreamweaver, XCode, Eclipse etc. 8 Light, 8 Dark)\u003C\u002Fli>\n\u003Cli>Live Syntax Checking (CSS, JavaScript, HTML)\u003C\u002Fli>\n\u003Cli>Syntax Highlighting\u003C\u002Fli>\n\u003Cli>Line wrapping\u003C\u002Fli>\n\u003Cli>Code folding\u003C\u002Fli>\n\u003Cli>Multiple cursors and selections\u003C\u002Fli>\n\u003Cli>Handles huge code blocks (four million lines seems to be the limit!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Special thanks to \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fjustinbusa\u002F\" rel=\"nofollow ugc\">Justin Busa\u003C\u002Fa> of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbeaver-builder-lite-version\u002F\" rel=\"ugc\">Beaver Builder\u003C\u002Fa> for the inspiration.\u003C\u002Fp>\n","Live Custom CSS JS Code Editor allows you to easily add custom CSS, JavaScript, Header, Footer Code to your site, straight from your WordPress Customi …",400,12960,3,"2020-03-13T20:32:00.000Z","5.3.21","3.4",[170,171,172,173,174],"css","custom-css","custom-js","customizer","javascript","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Flive-css-js-code-editor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flive-css-js-code-editor.zip",{"slug":178,"name":179,"version":180,"author":181,"author_profile":182,"description":183,"short_description":184,"active_installs":185,"downloaded":186,"rating":111,"num_ratings":111,"last_updated":187,"tested_up_to":188,"requires_at_least":189,"requires_php":102,"tags":190,"homepage":196,"download_link":197,"security_score":123,"vuln_count":111,"unpatched_count":111,"last_vuln_date":37,"fetched_at":30},"qpmn-pod-by-qp-group","QPMN POD by QP Group","1.9.1","qppitdev2","https:\u002F\u002Fprofiles.wordpress.org\u002Fqppitdev2\u002F","\u003Cp>QPMN is a print-on-demand platform tailored for card games and puzzles. With our unique Adaptive Bulk Discount, you can combine multiple small orders with different designs and delivery dates into one, maximizing your profit. QPMN offers the widest variety of card materials and sizes compared to any other POD platform. We also feature the world’s first advanced playing card design maker, supporting up to 600 cards. Our tool allows users to upload duplicate images seamlessly, enabling you to create decks and start selling with ease.\u003C\u002Fp>\n\u003Ch4>Why QPMN\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>QPMN Adaptive Bulk Discount\u003C\u002Fstrong>: Combine orders with different designs and locations into one and enjoy bulk discounts, starting from just 2 items.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No MOQ\u003C\u002Fstrong>: Order even a single deck.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-click Integration\u003C\u002Fstrong>: Add our advanced playing card design maker to your store effortlessly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How its work\u003C\u002Fh4>\n\u003Cp>\u003Cem>Watch Video Tutorial\u003C\u002Fem>: \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=uL9yDOPEZ1c\" rel=\"nofollow ugc\">QPMN Plugin Setup\u003C\u002Fa>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install the QPMN Plugin.\u003C\u002Fli>\n\u003Cli>Register on QPMN and create your account.\u003C\u002Fli>\n\u003Cli>Go to the QPMN dashboard > My Store, and connect your WordPress store to QPMN.\u003C\u002Fli>\n\u003C\u002Fol>\n","Partner with QPMN, leverage the next-gen customizable print-on-demand drop shipping plugin to transform your store.",200,3586,"2026-01-21T08:21:00.000Z","6.7.5","5.5",[191,192,193,194,195],"customized","drop-shipping","print-on-demand","printing","woocommerce","https:\u002F\u002Fwww.qpmarketnetwork.com\u002Fapp\u002Fe-shopper\u002Fwoocommerce-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fqpmn-pod-by-qp-group.1.9.1.zip",{"attackSurface":199,"codeSignals":222,"taintFlows":374,"riskAssessment":414,"analyzedAt":430},{"hooks":200,"ajaxHandlers":218,"restRoutes":219,"shortcodes":220,"cronEvents":221,"entryPointCount":111,"unprotectedCount":111},[201,207,210,214],{"type":202,"name":203,"callback":204,"file":205,"line":206},"action","plugins_loaded","smart_maintenance_mode_load_plugin_textdomain","smart-maintenance-mode.php",43,{"type":202,"name":203,"callback":208,"file":205,"line":209},"smart_maintenance_mode_update_check",75,{"type":202,"name":211,"callback":212,"file":205,"line":213},"template_redirect","maintenance_mode_page",205,{"type":202,"name":215,"callback":216,"file":205,"line":217},"admin_menu","smart_maintenance_mode_admin_menu",217,[],[],[],[],{"dangerousFunctions":223,"sqlUsage":235,"outputEscaping":246,"fileOperations":28,"externalRequests":111,"nonceChecks":28,"capabilityChecks":165,"bundledLibraries":373},[224,228,231,233],{"fn":225,"file":205,"line":226,"context":227},"unserialize",104,"$smm_roles = unserialize(get_option('smm_roles'));",{"fn":225,"file":205,"line":229,"context":230},106,"$smm_countdown = unserialize(get_option('smm_countdown'));",{"fn":225,"file":205,"line":232,"context":227},664,{"fn":225,"file":205,"line":234,"context":230},667,{"prepared":236,"raw":165,"locations":237},7,[238,241,243],{"file":205,"line":239,"context":240},556,"$wpdb->query() with variable interpolation",{"file":205,"line":242,"context":240},576,{"file":205,"line":244,"context":245},659,"$wpdb->get_results() with variable interpolation",{"escaped":247,"rawEcho":248,"locations":249},6,62,[250,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,300,302,304,306,307,309,311,313,315,317,319,321,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355,357,359,361,363,365,367,369,371],{"file":205,"line":251,"context":252},126,"raw output",{"file":205,"line":254,"context":252},139,{"file":205,"line":256,"context":252},140,{"file":205,"line":258,"context":252},149,{"file":205,"line":260,"context":252},154,{"file":205,"line":262,"context":252},158,{"file":205,"line":264,"context":252},188,{"file":205,"line":266,"context":252},191,{"file":205,"line":268,"context":252},197,{"file":205,"line":270,"context":252},198,{"file":205,"line":272,"context":252},298,{"file":205,"line":274,"context":252},324,{"file":205,"line":276,"context":252},368,{"file":205,"line":278,"context":252},545,{"file":205,"line":280,"context":252},557,{"file":205,"line":282,"context":252},578,{"file":205,"line":284,"context":252},645,{"file":205,"line":286,"context":252},649,{"file":205,"line":288,"context":252},683,{"file":205,"line":290,"context":252},698,{"file":205,"line":292,"context":252},699,{"file":205,"line":294,"context":252},705,{"file":205,"line":296,"context":252},712,{"file":205,"line":298,"context":252},714,{"file":205,"line":298,"context":252},{"file":205,"line":301,"context":252},717,{"file":205,"line":303,"context":252},723,{"file":205,"line":305,"context":252},725,{"file":205,"line":305,"context":252},{"file":205,"line":308,"context":252},728,{"file":205,"line":310,"context":252},734,{"file":205,"line":312,"context":252},736,{"file":205,"line":314,"context":252},739,{"file":205,"line":316,"context":252},746,{"file":205,"line":318,"context":252},753,{"file":205,"line":320,"context":252},802,{"file":205,"line":322,"context":252},804,{"file":205,"line":324,"context":252},808,{"file":205,"line":326,"context":252},814,{"file":205,"line":328,"context":252},816,{"file":205,"line":330,"context":252},818,{"file":205,"line":332,"context":252},821,{"file":205,"line":334,"context":252},827,{"file":205,"line":336,"context":252},838,{"file":205,"line":338,"context":252},839,{"file":205,"line":340,"context":252},848,{"file":205,"line":342,"context":252},849,{"file":205,"line":344,"context":252},855,{"file":205,"line":346,"context":252},860,{"file":205,"line":348,"context":252},861,{"file":205,"line":350,"context":252},866,{"file":205,"line":352,"context":252},868,{"file":205,"line":354,"context":252},872,{"file":205,"line":356,"context":252},874,{"file":205,"line":358,"context":252},878,{"file":205,"line":360,"context":252},880,{"file":205,"line":362,"context":252},884,{"file":205,"line":364,"context":252},892,{"file":205,"line":366,"context":252},896,{"file":205,"line":368,"context":252},897,{"file":205,"line":370,"context":252},898,{"file":205,"line":372,"context":252},904,[],[375,403],{"entryPoint":376,"graph":377,"unsanitizedCount":111,"severity":402},"smart_maintenance_mode_option_page (smart-maintenance-mode.php:343)",{"nodes":378,"edges":398},[379,384,390,394],{"id":380,"type":381,"label":382,"file":205,"line":383},"n0","source","$_POST (x3)",385,{"id":385,"type":386,"label":387,"file":205,"line":388,"wp_function":389},"n1","sink","update_option() [Settings Manipulation]",502,"update_option",{"id":391,"type":381,"label":392,"file":205,"line":393},"n2","$_GET (x2)",554,{"id":395,"type":386,"label":396,"file":205,"line":239,"wp_function":397},"n3","query() [SQLi]","query",[399,401],{"from":380,"to":385,"sanitized":400},true,{"from":391,"to":395,"sanitized":400},"low",{"entryPoint":404,"graph":405,"unsanitizedCount":111,"severity":402},"\u003Csmart-maintenance-mode> (smart-maintenance-mode.php:0)",{"nodes":406,"edges":411},[407,408,409,410],{"id":380,"type":381,"label":382,"file":205,"line":383},{"id":385,"type":386,"label":387,"file":205,"line":388,"wp_function":389},{"id":391,"type":381,"label":392,"file":205,"line":393},{"id":395,"type":386,"label":396,"file":205,"line":239,"wp_function":397},[412,413],{"from":380,"to":385,"sanitized":400},{"from":391,"to":395,"sanitized":400},{"summary":415,"deductions":416},"The \"smart-maintenance-mode\" plugin, version 1.5.3, presents a mixed security posture.  While the attack surface appears minimal with no exposed AJAX handlers, REST API routes, shortcodes, or cron events, and a limited number of entry points, several code signals raise concerns. The presence of \"unserialize\" is a significant red flag, as it can lead to remote code execution if not handled with extreme caution and proper input validation.  Furthermore, a low percentage (9%) of properly escaped outputs suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into web pages viewed by other users.\n\nThe vulnerability history is concerning, with four known CVEs, one of which remains unpatched. The prevalence of medium severity XSS and CSRF vulnerabilities in the past indicates a pattern of insecure input handling and insufficient protection against malicious actions. The recent unpatched vulnerability is particularly worrying and represents an immediate security threat. While the plugin demonstrates some positive practices like a majority of SQL queries using prepared statements and a few capability checks, these are overshadowed by the critical risk of \"unserialize\" and the persistent historical pattern of XSS and CSRF issues, compounded by an active unpatched vulnerability.",[417,420,422,425,428],{"reason":418,"points":419},"Unpatched CVE",18,{"reason":421,"points":14},"Dangerous function: unserialize",{"reason":423,"points":424},"Low output escaping (9% proper)",12,{"reason":426,"points":427},"Multiple past vulnerabilities (4 total)",10,{"reason":429,"points":165},"Nonce check present but potentially insufficient","2026-03-16T18:54:01.099Z",{"wat":432,"direct":438},{"assetPaths":433,"generatorPatterns":435,"scriptPaths":436,"versionParams":437},[434],"\u002Fwp-content\u002Fplugins\u002Fsmart-maintenance-mode\u002Fjs\u002Fcountdown.js",[],[],[],{"cssClasses":439,"htmlComments":440,"htmlAttributes":441,"restEndpoints":442,"jsGlobals":443,"shortcodeOutput":446},[],[],[],[],[444,445],"smm_done_handler","myCountdown1",[]]