[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0-fXrUIZ21UFT55SuqvW2u-W6KCxA_0FHWItI1IoS9k":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":134,"fingerprints":234},"ssh-sftp-updater-support","SSH SFTP Updater Support","1.1.1","TerraFrost","https:\u002F\u002Fprofiles.wordpress.org\u002Fterrafrost\u002F","\u003Cp>Keeping your WordPress install up-to-date and installing plugins in a hassle-free manner is not so easy if your server uses SFTP. “SSH SFTP Updater Support” for WordPress uses phpseclib to remedy this deficiency.\u003C\u002Fp>\n\u003Cp>To use it, after installing and activating the plugins, add the necessary constants early in the code in your wp-config.php:\u003C\u002Fp>\n\u003Cp>a) \u003Ccode>define('FS_METHOD', 'ssh2');\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>b) Others as \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fapis\u002Fwp-config-php\u002F#wordpress-upgrade-constants\" rel=\"nofollow ugc\">detailed in the official WP codex\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin is offered and maintained as a free service to the WP community. You might also be interested in enhancing your WordPress site with our other top plugins, below.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fupdraftplus.com\u002F?ref=212&source=sshsmtp\" rel=\"nofollow ugc\">UpdraftPlus\u003C\u002Fa>\u003C\u002Fstrong> simplifies backups and restoration. It is the #1 most-used backup\u002Frestore plugin, with over a million currently-active installs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fupdraftplus.com\u002Fupdraftcentral\u002F?ref=212&source=sshsmtp\" rel=\"nofollow ugc\">UpdraftCentral\u003C\u002Fa>\u003C\u002Fstrong> – a highly efficient way to manage, optimize, update and backup multiple websites from one place.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgetwpo.com\u002F\" rel=\"nofollow ugc\">WP-Optimize\u003C\u002Fa>\u003C\u002Fstrong> helps you to optimize and clean your WordPress database so that it runs at maximum efficiency.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>More quality plugins\u003C\u002Fstrong>: \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.simbahosting.co.uk\u002Fs3\u002Fshop\u002F\" rel=\"nofollow ugc\">Premium WooCommerce extensions\u003C\u002Fa>\u003C\u002Fstrong> | \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidanderson#content-plugins\" rel=\"nofollow ugc\">Other useful plugins\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n","\"SSH SFTP Updater Support\" is the easiest way to keep your WordPress installation up-to-date with SFTP.",10000,536412,96,99,"2026-01-26T23:22:00.000Z","6.9.4","5.0","5.6",[20,21],"sftp","ssh","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssh-sftp-updater-support.1.1.1.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"terrafrost",1,30,94,"2026-04-04T15:26:14.829Z",[36,61,82,100,117],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":22,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":25,"last_vuln_date":60,"fetched_at":27},"cyan-backup","CYAN Backup","2.5.5","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>Backup your entire WordPress site and its database into a zip file on a schedule.  Remote storage options include FTP, SFTP and FTPS.\u003C\u002Fp>\n\u003Cp>CYAN Backup is a fork of the great \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftotal-backup\u002F\" rel=\"ugc\">Total Backup\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwokamoto\u002F\" rel=\"nofollow ugc\">wokamoto\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Currently support schedules are hourly, daily, weekly and monthly with intervals for each (for example you could select a schedule of every 4 hours or every 6 weeks, etc.).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PHP5 Required\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Localization\u003C\u002Fh4>\n\u003Cp>CYAN Backup is fully ready to be translated in to any supported languages, if you have translated into your language, please let me know.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Configure the archive path which specifies the directory to store your backups to.  This must be writeable by the web server but should not be accessible via the web as a hacker could guess the filename and get a copy copy of your database.  If you must place the backups in a directory inside of the WordPress directory (or web server root) make sure to block extenal access via .htaccess or other means.  The default path is the directory for the temp files returned by sys_get_temp_dir().\u003C\u002Fp>\n\u003Cp>Configure the excluded paths which specify the directories you don’t want to back up.  The default excluded directories are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>wp-content\u002Fcache\u002F : the directory for the cache files used by WP super cache and so on.\u003C\u002Fli>\n\u003Cli>wp-content\u002Ftmp\u002F : the directory for the cache files used by DB Cache Reloaded Fix so on.\u003C\u002Fli>\n\u003Cli>wp-content\u002Fupgrade\u002F : the directory for the temp files used by the WordPress upgrade function.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have configured your archive path below the main WordPress directory you MUST add it to the list of excluded directories as well.\u003C\u002Fp>\n\u003Cp>Activate and configure the scheduler if you want to backup on a regular basis.  Schedule options include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hourly (Backup your site every X hours, an hourly backup with an interval of 12 would run a backup twice a day).\u003C\u002Fli>\n\u003Cli>Daily (Backup your site every X days at a specific time.\u003C\u002Fli>\n\u003Cli>Weekly (Backup your site every X weeks at a specific day and time, for example every second Tuesday at 4am).\u003C\u002Fli>\n\u003Cli>Monthly (Backup your site every X months on a specific day and time, for example the 1st day of the month at 4am).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also enable auto pruning of old backups by setting the number of backup files you want to keep.\u003C\u002Fp>\n\u003Cp>Backing up your site can take a while, you will want to ensure your PHP and webserver are configured to allow for the backup script to run long enough to complete the backup..\u003C\u002Fp>\n\u003Cp>Once a backup is complete you can download the backup files from the links in Backup page.  You can delete old backup files by checking one or more boxes in the backup list and then clicking the Delete button.\u003C\u002Fp>\n\u003Cp>The backup file of DB is included in the zip file as {the directory name of WordPress}.yyyymmdd.hhmmss.sql.\u003C\u002Fp>\n\u003Ch3>Road Map\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>2.5 – Dropbox support\u003C\u002Fli>\n\u003Cli>3.0 – Restore support\u003C\u002Fli>\n\u003C\u002Ful>\n","Backup your entire WordPress site and its database into a zip file on a schedule.  Remote storage options include FTP, SFTP and FTPS.",300,36256,82,11,"2025-11-04T23:46:00.000Z","6.8.5","2.9",[52,53,54,55,20],"backup","ftp","schedule","scp","http:\u002F\u002Ftoolstack.com\u002Fcyan-backup","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcyan-backup.2.5.5.zip",95,4,"2025-11-07 20:49:54",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":31,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":22,"tags":75,"homepage":79,"download_link":80,"security_score":81,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"simple-syntax-highlighting","Simple Syntax Highlighting","1.1","gung","https:\u002F\u002Fprofiles.wordpress.org\u002Fgung\u002F","\u003Cp>Simple Syntax Highlighting (SSH), simple, clean and lighweight plugin to integrate highlight.js into WordPress. highlightjs has automatic language detection an turn on syntax highlighting. You just need to select text than press button  \u003Cssh> or add the code into \u003Cpre> \u003Ccode> \u003C\u002F code> \u003C\u002F pre> format.\u003Cbr \u002F>\nCredit:\u003Cbr \u002F>\nHighlight.js – https:\u002F\u002Fhighlightjs.org\u003Cbr \u002F>\nLine numbering plugin: https:\u002F\u002Fgithub.com\u002Fwcoder\u002Fhighlightjs-line-numbers.js\u003C\u002Fp>\n\u003Cp>Supports highlighting\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Java\u003C\u002Fli>\n\u003Cli>C\u003C\u002Fli>\n\u003Cli>HTML\u003C\u002Fli>\n\u003Cli>CSS\u003C\u002Fli>\n\u003Cli>PHP\u003C\u002Fli>\n\u003Cli>and more, up to 176 language, see: https:\u002F\u002Fhighlightjs.org\u002Fstatic\u002Fdemo\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Instalation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download plugin Simple Syntax Highlighting archive, than unzip it.\u003C\u002Fli>\n\u003Cli>Upload the “simple-sintax-highlighting” folder to the “wp-content\u002Fplugins” directory.\u003C\u002Fli>\n\u003Cli>Activate the plugin through “plugins” menu in WordPress dashboard.\u003C\u002Fli>\n\u003Cli>Open menu: Setting > Simple Syntax Highlighting to configure.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Screenshoot\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Plugin Settings\u003C\u002Fli>\n\u003Cli>Editor\u003C\u002Fli>\n\u003C\u002Fol>\n","Simple, clean and lightweight syntax highlighting WordPress plugin.",60,10493,80,"2018-05-25T17:06:00.000Z","4.9.29","3.0",[76,77,62,21,78],"code","highlighter","syntax","http:\u002F\u002Fidnetter.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-syntax-highlighting.zip",85,{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":25,"num_ratings":25,"last_updated":92,"tested_up_to":16,"requires_at_least":17,"requires_php":93,"tags":94,"homepage":98,"download_link":99,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"bulk-deployer","Bulk Deployer","1.0.0","Hayan","https:\u002F\u002Fprofiles.wordpress.org\u002Fhmamoun\u002F","\u003Cp>Bulk Deployer helps developers and agencies manage multiple WordPress installations by automating plugin deployment to many sites at once. Perfect for WordPress developers, agencies, and site administrators who need to deploy plugins across multiple client sites efficiently.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bulk Deployment\u003C\u002Fstrong>: Deploy multiple plugins to multiple sites simultaneously\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Credential Management\u003C\u002Fstrong>: Store FTP\u002FSFTP credentials with encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Connection Testing\u003C\u002Fstrong>: Test connections before deployment to avoid failures\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Progress Tracking\u003C\u002Fstrong>: Real-time deployment progress with detailed results\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Protocols\u003C\u002Fstrong>: Support for both FTP and SFTP connections\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Interface\u003C\u002Fstrong>: Intuitive admin interface for easy management\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security First\u003C\u002Fstrong>: All credentials encrypted using WordPress salts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress agencies managing multiple client sites\u003C\u002Fli>\n\u003Cli>Developers deploying plugins across development environments\u003C\u002Fli>\n\u003Cli>Site administrators updating plugins on multiple installations\u003C\u002Fli>\n\u003Cli>Automated deployment workflows for plugin updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Nonces on all AJAX endpoints for CSRF protection\u003C\u002Fli>\n\u003Cli>Capability checks (\u003Ccode>manage_options\u003C\u002Fcode>) for access control\u003C\u002Fli>\n\u003Cli>Passwords encrypted using WordPress salts\u003C\u002Fli>\n\u003Cli>Secure credential storage and transmission\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Connections\u003C\u002Fh3>\n\u003Cp>This plugin enables you to deploy WordPress plugins to remote servers via FTP or SFTP. All connections are made exclusively to servers that YOU configure with YOUR own credentials.\u003C\u002Fp>\n\u003Ch4>What Gets Connected\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Your Own Servers Only\u003C\u002Fstrong>: The plugin connects only to FTP\u002FSFTP servers that you manually add in the settings\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Controlled Credentials\u003C\u002Fstrong>: All server addresses, ports, usernames, and passwords are provided by you\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Third-Party Services\u003C\u002Fstrong>: No data is sent to any service controlled by the plugin author or any third party\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What Data Is Sent\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Plugin Files\u003C\u002Fstrong>: When you initiate a deployment, the plugin uploads the selected WordPress plugin files to your specified servers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: Data is sent only when you manually trigger a deployment action\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Where\u003C\u002Fstrong>: Data goes only to the FTP\u002FSFTP servers you have configured\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Tracking\u003C\u002Fstrong>: The plugin does not send any analytics, usage data, or personal information anywhere\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Connection Protocols\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>FTP\u003C\u002Fstrong>: Standard File Transfer Protocol connections to your servers (typically port 21)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SFTP\u003C\u002Fstrong>: Secure File Transfer Protocol over SSH to your servers (typically port 22)\u003C\u002Fli>\n\u003Cli>Both protocols require you to provide server credentials and are used solely to upload plugin files to your own infrastructure\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SSH2\u002FSFTP Protocol Usage\u003C\u002Fh4>\n\u003Cp>This plugin uses the PHP SSH2 extension to establish SFTP connections to your remote servers. When SFTP is selected (port 22), the plugin uses the SSH2 protocol and the \u003Ccode>ssh2.sftp:\u002F\u002F\u003C\u002Fcode> stream wrapper to securely transfer files.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it is\u003C\u002Fstrong>: SSH2 is a PHP extension that implements the SSH2 (Secure Shell) protocol, enabling secure file transfers via SFTP. The \u003Ccode>ssh2.sftp:\u002F\u002F\u003C\u002Fcode> is a PHP stream wrapper that allows file operations over SFTP connections.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it’s used for\u003C\u002Fstrong>: The SSH2 extension is used to establish secure SFTP connections to your configured remote servers for uploading plugin files. This provides encrypted file transfer capabilities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent\u003C\u002Fstrong>: When you deploy plugins via SFTP, the plugin sends:\u003Cbr \u002F>\n* Plugin files (as ZIP archives and extracted files) to your configured SFTP servers\u003Cbr \u002F>\n* Authentication credentials (username and password) to establish the SFTP connection\u003Cbr \u002F>\n* File transfer commands and directory operations\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When\u003C\u002Fstrong>: Data is sent only when you manually initiate a deployment action through the plugin’s admin interface.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Where\u003C\u002Fstrong>: All connections are made to SFTP servers that you configure with your own server addresses, ports, and credentials. No data is sent to any third-party service.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PHP SSH2 Extension\u003C\u002Fstrong>: This plugin requires the PHP SSH2 extension (\u003Ccode>php-ssh2\u003C\u002Fcode>) to be installed on your server for SFTP functionality. The SSH2 extension is an open-source PHP extension that implements the SSH2 protocol. For more information about the SSH2 protocol, visit: https:\u002F\u002Fwww.php.net\u002Fmanual\u002Fen\u002Fbook.ssh2.php\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>: All server credentials are encrypted using WordPress salts before being stored in your database. The plugin does not collect, store, or transmit any data to external services beyond the SFTP connections you configure.\u003C\u002Fp>\n\u003Cp>For your security and legal protection, all server credentials are encrypted using WordPress salts before being stored in your database.\u003C\u002Fp>\n","Bulk deploy WordPress plugins to multiple sites via FTP or SFTP. Manage target sites, test connections, and deploy selected plugins in one go.",10,128,"2026-02-22T22:53:00.000Z","7.4",[95,96,97,53,20],"automation","bulk","deploy","https:\u002F\u002Fhayan.mamouns.xyz\u002Fbulk-deployer-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-deployer.1.0.0.zip",{"slug":101,"name":102,"version":85,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":90,"downloaded":107,"rating":25,"num_ratings":25,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":22,"tags":111,"homepage":115,"download_link":116,"security_score":81,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"display-ssh","Display SSH Keys","Robert Sim","https:\u002F\u002Fprofiles.wordpress.org\u002Frobertsky_\u002F","\u003Cp>A simple plugin to show public keys of the authors. You can send a plain-text of your ssh key(s) to your friends\u002Fcolleagues using a predefined link.\u003C\u002Fp>\n\u003Cp>The SSH Key field to enter is in Your Profile.\u003C\u002Fp>\n\u003Cp>An example of the predefined link: http:\u002F\u002Fexample.com\u002Fauthor\u002F\u003Cem>username\u003C\u002Fem>\u002Fssh\u002F\u003C\u002Fp>\n","A simple plugin to show public keys of the authors.",1559,"2015-10-13T07:49:00.000Z","4.3.34","4.3.1",[112,113,114],"author","profile","sshkey","https:\u002F\u002Fgithub.com\u002Frobertsky\u002Fdisplay-ssh","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-ssh.1.0.0.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":25,"downloaded":125,"rating":25,"num_ratings":25,"last_updated":126,"tested_up_to":16,"requires_at_least":17,"requires_php":127,"tags":128,"homepage":22,"download_link":133,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"package-installator","Package Installator","1.2.1","Thomas Lloancy","https:\u002F\u002Fprofiles.wordpress.org\u002Ftlloancy\u002F","\u003Cp>Package Installator empowers WordPress administrators to manage system-level packages, such as PHP extensions, directly from the WordPress admin dashboard. It features a modern, React-based interface with a searchable table, animated progress bars, and detailed command output for installing and uninstalling packages via SSH.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Modern UI\u003C\u002Fstrong>: React-based interface with search functionality and animated progress bars.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Package Management\u003C\u002Fstrong>: Install or uninstall packages like \u003Ccode>php-xml\u003C\u002Fcode>, \u003Ccode>php-mbstring\u003C\u002Fcode>, \u003Ccode>php-curl\u003C\u002Fcode>, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SSH Integration\u003C\u002Fstrong>: Secure SSH connections using private key or password authentication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time Feedback\u003C\u002Fstrong>: AJAX updates for package status, progress, and detailed command logs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Expandable Logs\u003C\u002Fstrong>: View raw command output for each package operation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SSH Status\u003C\u002Fstrong>: Visual indicators for SSH connection status on both settings and package manager pages.\u003Cbr \u002F>\n\u003Cstrong>Important Note\u003C\u002Fstrong>: Currently compatible only with Debian-based distributions (e.g., Debian, Ubuntu) using \u003Ccode>apt\u003C\u002Fcode>. Future versions will support other Linux distributions (Red Hat, Fedora, Arch, etc.) with tools like \u003Ccode>yum\u003C\u002Fcode>, \u003Ccode>dnf\u003C\u002Fcode>, and \u003Ccode>pacman\u003C\u002Fcode>.\u003Cbr \u002F>\n\u003Cstrong>Warning\u003C\u002Fstrong>: This plugin executes system commands via SSH, which can impact your server. Ensure proper SSH configuration and test on a staging environment.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Cp>Includes all dependencies: React, Axios, React-Select, phpseclib3.\u003Cbr \u002F>\nNo Composer or npm required.\u003C\u002Fp>\n\u003Ch3>⚠️ Avertissements de sécurité très importants\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Ce plugin exécute des commandes \u003Cstrong>root\u003C\u002Fstrong> via SSH depuis WordPress.\u003C\u002Fli>\n\u003Cli>Une vulnérabilité (XSS, vol de session, compte admin compromis) pourrait permettre une prise de contrôle totale du serveur.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>N’utilisez PAS en production sans\u003C\u002Fstrong> :\n\u003Cul>\n\u003Cli>HTTPS forcé\u003C\u002Fli>\n\u003Cli>2FA sur tous les comptes admin\u003C\u002Fli>\n\u003Cli>Restriction IP sur l’admin WP\u003C\u002Fli>\n\u003Cli>Liste blanche stricte des commandes autorisées\u003C\u002Fli>\n\u003Cli>Sauvegardes régulières (fichiers + base)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Testez \u003Cstrong>uniquement sur staging\u003C\u002Fstrong> au début.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.1.0 – December 2025\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Full internationalization (i18n) support with French and English translations\u003C\u002Fli>\n\u003Cli>Command history logging with database table\u003C\u002Fli>\n\u003Cli>Non-interactive root command executor\u003C\u002Fli>\n\u003Cli>Improved session handling and security\u003C\u002Fli>\n\u003Cli>Updated for WordPress 6.9 compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Initial release with React UI, SSH package management, and support for Debian-based systems.\u003C\u002Fli>\n\u003Cli>Features animated progress bars, expandable command output, and SSH status indicators.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary Section\u003C\u002Fh3>\n\u003Ch3>Future Plans\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Support for Red Hat, Fedora, Arch, and other Linux distributions.\u003C\u002Fli>\n\u003Cli>Enhanced error handling and user feedback.\u003C\u002Fli>\n\u003Cli>Real-time log streaming for long-running operations.\u003C\u002Fli>\n\u003Cli>Support for additional package managers (\u003Ccode>yum\u003C\u002Fcode>, \u003Ccode>dnf\u003C\u002Fcode>, \u003Ccode>pacman\u003C\u002Fcode>).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For contributions or issues, contact Tlloancy at [tlloancy@deter-mi.net].\u003C\u002Fp>\n","A plugin to manage system packages (e.g., php-xml) with a modern React-based UI via SSH.",319,"2026-03-03T05:35:00.000Z","8.2",[129,130,131,21,132],"debian","package-manager","react-ui","system-packages","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpackage-installator.1.2.1.zip",{"attackSurface":135,"codeSignals":182,"taintFlows":200,"riskAssessment":227,"analyzedAt":233},{"hooks":136,"ajaxHandlers":172,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":31,"unprotectedCount":25},[137,143,147,151,155,160,163,165,168],{"type":138,"name":139,"callback":140,"priority":90,"file":141,"line":142},"filter","filesystem_method","phpseclib_filesystem_method","sftp.php",18,{"type":138,"name":144,"callback":145,"priority":90,"file":141,"line":146},"request_filesystem_credentials","phpseclib_request_filesystem_credentials",19,{"type":138,"name":148,"callback":149,"file":141,"line":150},"fs_ftp_connection_types","phpseclib_fs_ftp_connection_types",20,{"type":138,"name":152,"callback":153,"priority":90,"file":141,"line":154},"filesystem_method_file","phpseclib_filesystem_method_file",21,{"type":156,"name":157,"callback":158,"file":141,"line":159},"action","admin_head-plugins.php","phpseclib_disable_update_link_onclick",24,{"type":156,"name":161,"callback":161,"priority":31,"file":141,"line":162},"plugins_loaded",299,{"type":156,"name":164,"callback":164,"file":141,"line":44},"admin_init",{"type":138,"name":166,"callback":166,"priority":90,"file":141,"line":167},"plugin_row_meta",302,{"type":156,"name":169,"callback":170,"file":141,"line":171},"all_admin_notices","show_admin_notice_upgradead",402,[173],{"action":174,"nopriv":175,"callback":176,"hasNonce":177,"hasCapCheck":177,"file":141,"line":178},"ssh_sftp_updater_support_ajax",false,"ssh_sftp_updater_support_ajax_handler",true,301,[],[],[],{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":186,"fileOperations":197,"externalRequests":25,"nonceChecks":31,"capabilityChecks":198,"bundledLibraries":199},[],{"prepared":25,"raw":25,"locations":185},[],{"escaped":187,"rawEcho":188,"locations":189},46,3,[190,193,195],{"file":141,"line":191,"context":192},257,"raw output",{"file":141,"line":194,"context":192},436,{"file":141,"line":196,"context":192},482,5,2,[],[201,218],{"entryPoint":202,"graph":203,"unsanitizedCount":31,"severity":217},"phpseclib_request_filesystem_credentials (sftp.php:62)",{"nodes":204,"edges":215},[205,210],{"id":206,"type":207,"label":208,"file":141,"line":209},"n0","source","$_POST[$field]",269,{"id":211,"type":212,"label":213,"file":141,"line":209,"wp_function":214},"n1","sink","echo() [XSS]","echo",[216],{"from":206,"to":211,"sanitized":175},"medium",{"entryPoint":219,"graph":220,"unsanitizedCount":25,"severity":226},"\u003Csftp> (sftp.php:0)",{"nodes":221,"edges":224},[222,223],{"id":206,"type":207,"label":208,"file":141,"line":209},{"id":211,"type":212,"label":213,"file":141,"line":209,"wp_function":214},[225],{"from":206,"to":211,"sanitized":177},"low",{"summary":228,"deductions":229},"The 'ssh-sftp-updater-support' plugin v1.1.1 exhibits a generally good security posture, demonstrating strong adherence to secure coding practices. The static analysis reveals a very small attack surface with all identified entry points (one AJAX handler) appearing to have authentication checks. The code heavily utilizes prepared statements for SQL queries, has a high rate of proper output escaping, and includes nonce and capability checks. There are no recorded critical or high severity vulnerabilities in its history, which is a positive indicator of its stability and security.\n\nHowever, the presence of one flow with an unsanitized path, even without a critical or high severity rating in the taint analysis, represents a potential area of concern. While not explicitly leading to a vulnerability in the current analysis, unsanitized paths can be a precursor to file inclusion or path traversal vulnerabilities if user input is involved. The plugin's file operation count is moderate, making this an area to monitor.  Overall, the plugin is well-developed from a security perspective, but the single identified unsanitized path warrants careful consideration and potential further investigation to ensure it does not lead to exploitable weaknesses.",[230],{"reason":231,"points":232},"Flow with unsanitized paths detected",8,"2026-03-16T17:35:58.596Z",{"wat":235,"direct":242},{"assetPaths":236,"generatorPatterns":238,"scriptPaths":239,"versionParams":240},[237],"\u002Fwp-content\u002Fplugins\u002Fssh-sftp-updater-support\u002Fstyle.css",[],[],[241],"\u002Fwp-content\u002Fplugins\u002Fssh-sftp-updater-support\u002Fstyle.css?ver=",{"cssClasses":243,"htmlComments":244,"htmlAttributes":254,"restEndpoints":256,"jsGlobals":257,"shortcodeOutput":260},[],[245,246,247,248,249,250,251,252,253],"\u003C!-- see http:\u002F\u002Fadambrown.info\u002Fp\u002Fwp_hooks\u002Fhook\u002F\u003Cfilter name> -->","\u003C!-- phpcs:disable WordPress.Security.NonceVerification.Missing -- handled by WP core -->","\u003C!-- phpcs:ignore  WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- false positive","\u003C!-- phpcs:ignore  WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- Handled in WP core, false positive","\u003C!-- phpcs:ignore WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents -- user supplied constant","\u003C!-- phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- false positive","\u003C!-- phpcs:ignore WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents -- it's a file","\u003C!--","-->",[255],"data-connection_type",[],[258,259],"jQuery","$",[]]