[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjuXU9N_sFdSCLnh75oZ63nOW6xRw-47jMVh9adnD4ck":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":129,"fingerprints":260},"sumedia-urlify","Sumedia Urlify","0.3.8","Sven Ullmann","https:\u002F\u002Fprofiles.wordpress.org\u002Fsumediawebdesign\u002F","\u003Cp>Makes \u002Fwp-admin\u002F and \u002Fwp-login.php pathes configurable using mod_rewrite.\u003C\u002Fp>\n\u003Cp>This plugin support a way to change the admins URL and the login path.\u003C\u002Fp>\n\u003Cp>It will change 3 things:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Write to .htaccess some Rules\u003C\u002Fli>\n\u003Cli>Define a constant in the wp-config.php\u003C\u002Fli>\n\u003Cli>Hook into the url fetching methods to substitute the new urls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>So far in version 0.2.0 it seems to work properly.\u003C\u002Fp>\n\u003Ch4>Dependencies\u003C\u002Fh4>\n\u003Cp>This plugin depends on:\u003C\u002Fp>\n\u003Cp>wp-cli\u002Fwp-config-transformer\u003C\u002Fp>\n\u003Ch4>Troubleshooting\u003C\u002Fh4>\n\u003Cp>If something breaks, you have to revert the changes of this plugin as\u003Cbr \u002F>\ndescribed in https:\u002F\u002Fwww.sumedia-howto.de\u002Fwordpress\u002Fwordpress-urls-rewrite-zum-schutz-sensibler-dateien-und-pfade\u002F (German)\u003C\u002Fp>\n\u003Ch4>Changelog\u003C\u002Fh4>\n\u003Cp>See changelog.txt\u003C\u002Fp>\n","Makes \u002Fwp-admin\u002F and \u002Fwp-login.php pathes configurable using mod_rewrite.",0,1152,"2020-12-09T17:54:00.000Z","5.4.19","5.3","5.6.0",[18,19,20,21],"admin-url","login-url","rewrite","security","https:\u002F\u002Fgithub.com\u002Fsumedia-wordpress\u002Furlify","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsumedia-urlify.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"sumediawebdesign",2,30,84,"2026-04-04T06:23:15.816Z",[35,55,77,97,116],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":30,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":53,"download_link":54,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"custom-admin-url","Custom WP-Admin URL","test","Sharif Ahammed","https:\u002F\u002Fprofiles.wordpress.org\u002Fnuxrif\u002F","\u003Ch3>Custom WP-Admin URL by nuxrif\u003C\u002Fh3>\n\u003Cp>Plugin Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Activate and play.\u003C\u002Fli>\n\u003Cli>Easy to control. \u003C\u002Fli>\n\u003Cli>No conflicts.\u003Cbr \u002F>\n& many More\u003C\u002Fli>\n\u003C\u002Ful>\n","This is a plugin to give your authority to change wordpress admin url with your demand.",100,12927,60,"2014-06-30T07:44:00.000Z","3.9.40","3.6","",[18,19,51,52],"wordpress-admin-url","wp-admin-url","http:\u002F\u002Fmollik.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-admin-url.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":43,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":49,"tags":69,"homepage":75,"download_link":76,"security_score":43,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"wphhsecure","WPHH SECURE – AIO WordPress Security With File Locking & WP Hide Login","1.1.9","WPHackedHelp","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginsupportwphackedhelp\u002F","\u003Cp>Secure your WordPress site with one-click file locking, login path hiding, role-based access, and smart dashboard visibility. Built for speed, security, and control.\u003C\u002Fp>\n\u003Ch3>Full Description\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>WPHH SECURE\u003C\u002Fstrong> by \u003Ca href=\"https:\u002F\u002Fsecure.wphackedhelp.com\" rel=\"nofollow ugc\">WP Hacked Help\u003C\u002Fa> is a comprehensive WordPress security plugin that integrates advanced file protection and login URL obfuscation. It blocks brute-force attacks, unauthorized access, and file tampering by allowing you to easily lock or unlock your WordPress files and folders with a single click.\u003C\u002Fp>\n\u003Cp>The plugin comes with a user-friendly interface and real-time feedback, ensuring secure operations without any technical knowledge required. WPHH SECURE is built to work seamlessly with the native WordPress functions, ensuring compatibility and safety for all sites, including blogs, business sites, and WooCommerce stores.\u003C\u002Fp>\n\u003Cp>With automatic exclusions for sensitive folders and the ability to manage folder exceptions, WPHH SECURE ensures that critical areas like uploads, cache, and backups are not locked accidentally. It also features login URL hiding to prevent unauthorized access to your site’s backend.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>One-Click Lock\u002FUnlock\u003C\u002Fstrong> – Lock or unlock all WordPress files and folders with a single click.\u003Cbr \u002F>\n✅ \u003Cstrong>Smart Dashboard\u003C\u002Fstrong> – Access real-time status updates and track lock activities in the dashboard.\u003Cbr \u002F>\n✅ \u003Cstrong>Role-Based Access\u003C\u002Fstrong> – Configure permissions to restrict access to the lock\u002Funlock feature based on user roles.\u003Cbr \u002F>\n✅ \u003Cstrong>Login URL Hiding\u003C\u002Fstrong> – Prevent brute-force login attempts by hiding or changing your default WordPress login URL.\u003Cbr \u002F>\n✅ \u003Cstrong>Safe File Handling\u003C\u002Fstrong> – Built on WP_Filesystem for secure file handling using AJAX for smooth background execution.\u003Cbr \u002F>\n✅ \u003Cstrong>Auto Exclusions\u003C\u002Fstrong> – Automatically exclude high-priority folders (e.g., uploads, cache, backups) from being locked.\u003Cbr \u002F>\n✅ \u003Cstrong>Visual Progress Feedback\u003C\u002Fstrong> – Watch real-time updates with progress bars and completion messages.\u003Cbr \u002F>\n✅ \u003Cstrong>Folder Exclusion Manager\u003C\u002Fstrong> – Easily add or remove folders from the exclusion list to keep them safe.\u003C\u002Fp>\n","Secure your WordPress site with one-click file locking, login path hiding, role-based access, and smart dashboard visibility.",70,1870,7,"2026-01-21T13:20:00.000Z","6.9.4","5.0",[70,71,72,73,74],"brute-force-protection","file-locking","hide-login-url","wordpress-security","wp-filesystem","https:\u002F\u002Fsecure.wphackedhelp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwphhsecure.1.1.9.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":43,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":68,"requires_php":90,"tags":91,"homepage":95,"download_link":96,"security_score":43,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"secure-login-url-hide","Secure Login URL Hide","1.0.3","wpwellconcept","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpwellconcept\u002F","\u003Cp>\u003Cstrong>Secure Login URL Hide\u003C\u002Fstrong> is a lightweight and secure plugin that allows you to easily change your WordPress login URL to anything you want. This plugin enhances your WordPress security by making the default \u003Ccode>wp-admin\u003C\u002Fcode> and \u003Ccode>wp-login.php\u003C\u002Fcode> pages inaccessible to unauthorized users.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom Login URL\u003C\u002Fstrong>: Change your login URL to anything you want (e.g., \u003Ccode>\u002Flogin\u002F\u003C\u002Fcode>, \u003Ccode>\u002Fsignin\u002F\u003C\u002Fcode>, \u003Ccode>\u002Fadmin\u002F\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security\u003C\u002Fstrong>: Blocks access to \u003Ccode>wp-admin\u003C\u002Fcode> and \u003Ccode>wp-login.php\u003C\u002Fcode> directories\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Redirects\u003C\u002Fstrong>: Configure custom redirect URLs for unauthorized access attempts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Logout Handling\u003C\u002Fstrong>: Seamless logout functionality with custom login URLs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite Compatible\u003C\u002Fstrong>: Works with WordPress multisite installations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No File Modifications\u003C\u002Fstrong>: Doesn’t modify core WordPress files\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Admin Interface\u003C\u002Fstrong>: Simple, focused settings page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>The plugin intercepts page requests and redirects unauthorized users away from protected areas. It doesn’t rename files or add rewrite rules – it simply works by intercepting requests and providing a secure alternative login method.\u003C\u002Fp>\n\u003Ch4>Security Benefits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hide Default Login\u003C\u002Fstrong>: Prevents brute force attacks on standard WordPress login URLs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce Attack Surface\u003C\u002Fstrong>: Makes it harder for attackers to find your admin area\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Access Point\u003C\u002Fstrong>: Creates a unique entry point that only you know about\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Core Modifications\u003C\u002Fstrong>: Safe to use and easy to disable if needed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security-conscious website owners\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Business websites\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-commerce sites\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Personal blogs\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Any WordPress site that needs enhanced security\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Important Notes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bookmark your new login URL\u003C\u002Fstrong> – you won’t be able to access the default WordPress login\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Test thoroughly\u003C\u002Fstrong> before deploying to production\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keep your custom URL private\u003C\u002Fstrong> – don’t share it publicly\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy to disable\u003C\u002Fstrong> – simply deactivate the plugin to restore default behavior\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily and safely change the WordPress login URL to anything you want. Makes wp-admin and wp-login.php inaccessible for enhanced security.",40,355,1,"2025-08-28T03:12:00.000Z","6.8.5","7.4",[92,93,94,78,21],"admin","hide","login","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsecure-login-url-hide\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecure-login-url-hide.1.0.3.zip",{"slug":98,"name":99,"version":80,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":43,"num_ratings":106,"last_updated":107,"tested_up_to":89,"requires_at_least":68,"requires_php":108,"tags":109,"homepage":114,"download_link":115,"security_score":43,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"admin-login-hide-pti","Admin Login Hide – PTI","PTI WebTech","https:\u002F\u002Fprofiles.wordpress.org\u002Fptiwebtech2025\u002F","\u003Cp>\u003Cstrong>Admin Login Hide – PTI\u003C\u002Fstrong> helps protect your WordPress site by hiding or customizing the default login URLs (\u003Ccode>wp-login.php\u003C\u002Fcode> and \u003Ccode>wp-admin\u003C\u002Fcode>). This helps reduce automated bot attacks, brute-force attempts, and unauthorized login access.\u003C\u002Fp>\n\u003Cp>With just a few clicks, you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change the default login URL to a custom path\u003C\u002Fli>\n\u003Cli>Prevent access to the default \u003Ccode>wp-login.php\u003C\u002Fcode> and \u003Ccode>wp-admin\u003C\u002Fcode> paths\u003C\u002Fli>\n\u003Cli>Improve your site’s overall login security\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for WordPress users who want a lightweight, easy-to-use security enhancement without needing complex settings or heavy plugins.\u003C\u002Fp>\n","Easily hide or customize your WordPress login URL to enhance security and prevent unauthorized access.",10,347,3,"2025-07-01T05:30:00.000Z","7.2",[110,111,21,112,113],"custom-login-url","hide-login","wp-admin","wp-login-php","https:\u002F\u002Fgithub.com\u002Fptiwebtech\u002Fadmin-login-hide-pti","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-login-hide-pti.1.0.3.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":104,"downloaded":124,"rating":11,"num_ratings":11,"last_updated":125,"tested_up_to":89,"requires_at_least":68,"requires_php":108,"tags":126,"homepage":49,"download_link":128,"security_score":43,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"fortress-login-pro","Fortress Login Pro – Secure, Hide & Rename Login URL","1.1.3","Hamdi Saidani","https:\u002F\u002Fprofiles.wordpress.org\u002Fhamdisaidani\u002F","\u003Cp>\u003Cstrong>Fortress Login Pro\u003C\u002Fstrong> is a battle-ready security plugin that replaces your WordPress login page (\u003Ccode>wp-login.php\u003C\u002Fcode>) with a private, rotating URL that only you control.\u003C\u002Fp>\n\u003Cp>🛡️ It doesn’t just hide the login—it lets you track, rotate, and control it.\u003C\u002Fp>\n\u003Cp>Perfect for freelancers, agencies, eCommerce owners, and anyone tired of blind brute-force attacks.\u003C\u002Fp>\n\u003Ch3>🔐 Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom Login URL:\u003C\u002Fstrong> Hide \u003Ccode>wp-login.php\u003C\u002Fcode> and set your own private login path  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-Rotate Slugs:\u003C\u002Fstrong> Automatically change your login URL on a custom schedule  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dual-Slug Rotation Safety:\u003C\u002Fstrong> Keep the old URL live until the new one is used (fail-safe)  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Slug Generator:\u003C\u002Fstrong> Choose readable word combos or full-random slugs (with number support)  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Access Logs & Charts:\u003C\u002Fstrong> See IPs, timestamps, referrers, and user-agents by login attempt  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export Logs:\u003C\u002Fstrong> Download access history or slug changes in CSV or JSON  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Slug History Panel:\u003C\u002Fstrong> Restore, archive, or delete old slugs anytime  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>SMTP Configuration:\u003C\u002Fstrong> Set up outgoing email for login slug alerts and rotation notices  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Test Email & Rotation:\u003C\u002Fstrong> Built-in checks before activating rotation so you don’t get locked out  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>System File Protection:\u003C\u002Fstrong> Optional toggle to block access to \u003Ccode>install.php\u003C\u002Fcode> and \u003Ccode>setup-config.php\u003C\u002Fcode> via \u003Ccode>.htaccess\u003C\u002Fcode>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean UI:\u003C\u002Fstrong> Fast, modern dashboard with zero bloat or upsell traps  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>✅ Works With\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WooCommerce, Easy Digital Downloads, and major eCommerce plugins  \u003C\u002Fli>\n\u003Cli>Membership systems like MemberPress, Paid Memberships Pro  \u003C\u002Fli>\n\u003Cli>Popular security plugins: Wordfence, iThemes, Sucuri  \u003C\u002Fli>\n\u003Cli>Caching tools like WP Rocket, Cloudflare, W3 Total Cache  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Why Fortress (vs limit login or captcha plugins)?\u003C\u002Fh3>\n\u003Cp>Most plugins try to \u003Cstrong>respond\u003C\u002Fstrong> to brute-force.\u003Cbr \u002F>\nFortress prevents it by removing the login form from public view.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>No login page = no attack surface.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Final Word\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Fortress Login Pro\u003C\u002Fstrong> doesn’t just hide your login—it makes you smarter about who’s trying to reach it.\u003C\u002Fp>\n\u003Cp>Real logs. Real control. No BS.\u003Cbr \u002F>\nReady to lock down WordPress the way it should’ve shipped.\u003C\u002Fp>\n\u003Cp>Try our companion plugin: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnotification-blocker\u002F\" rel=\"ugc\">Notification Blocker\u003C\u002Fa> — hide noisy dashboard alerts with one click.\u003C\u002Fp>\n","Hide and rotate your WordPress login URL. Track access, export logs, and prevent brute-force attacks with real-time visibility.",612,"2025-05-09T10:19:00.000Z",[70,110,127,21,112],"login-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffortress-login-pro.1.1.3.zip",{"attackSurface":130,"codeSignals":208,"taintFlows":221,"riskAssessment":248,"analyzedAt":259},{"hooks":131,"ajaxHandlers":204,"restRoutes":205,"shortcodes":206,"cronEvents":207,"entryPointCount":11,"unprotectedCount":11},[132,138,142,148,153,155,159,163,167,171,174,177,180,183,185,187,190,192,194,197,200],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","admin_notices","get_messages","src\\Sumedia\\Urlify\\Base\\Messenger.php",21,{"type":133,"name":139,"callback":140,"file":136,"line":141},"template_footer","reset_messages",22,{"type":143,"name":144,"callback":145,"file":146,"line":147},"filter","insert_with_markers_inline_instructions","filter_modifications","src\\Sumedia\\Urlify\\Htaccess.php",51,{"type":133,"name":149,"callback":150,"file":151,"line":152},"admin_init","check_version","src\\Sumedia\\Urlify\\Plugin.php",9,{"type":133,"name":149,"callback":154,"file":151,"line":104},"check_rewrite_version",{"type":133,"name":156,"callback":157,"file":151,"line":158},"plugins_loaded","textdomain",11,{"type":133,"name":160,"callback":161,"file":151,"line":162},"admin_print_styles","admin_stylesheets",12,{"type":133,"name":164,"callback":165,"file":151,"line":166},"admin_menu","setup_menu",13,{"type":143,"name":168,"callback":169,"file":151,"line":170},"script_loader_src","urlify",16,{"type":143,"name":172,"callback":169,"file":151,"line":173},"style_loader_src",17,{"type":143,"name":175,"callback":169,"file":151,"line":176},"site_url",18,{"type":143,"name":178,"callback":169,"file":151,"line":179},"login_url",19,{"type":143,"name":181,"callback":169,"file":151,"line":182},"admin_url",20,{"type":133,"name":156,"callback":184,"file":151,"line":137},"checkRewriteEngineChanges",{"type":133,"name":156,"callback":186,"file":151,"line":141},"controller",{"type":133,"name":149,"callback":188,"file":151,"line":189},"closure",54,{"type":133,"name":149,"callback":188,"file":151,"line":191},75,{"type":133,"name":149,"callback":188,"file":151,"line":193},149,{"type":133,"name":149,"callback":195,"file":151,"line":196},"prepare",172,{"type":133,"name":149,"callback":198,"file":151,"line":199},"execute",173,{"type":133,"name":134,"callback":201,"file":202,"line":203},"sumedia_base_phpversionlow_message","sumedia-urlify.php",55,[],[],[],[],{"dangerousFunctions":209,"sqlUsage":210,"outputEscaping":212,"fileOperations":11,"externalRequests":11,"nonceChecks":87,"capabilityChecks":11,"bundledLibraries":220},[],{"prepared":158,"raw":11,"locations":211},[],{"escaped":213,"rawEcho":30,"locations":214},4,[215,218],{"file":136,"line":216,"context":217},82,"raw output",{"file":202,"line":219,"context":217},53,[],[222,240],{"entryPoint":223,"graph":224,"unsanitizedCount":87,"severity":239},"activate (src\\Sumedia\\Urlify\\Plugin.php:60)",{"nodes":225,"edges":236},[226,231],{"id":227,"type":228,"label":229,"file":151,"line":230},"n0","source","$_SERVER['QUERY_STRING']",76,{"id":232,"type":233,"label":234,"file":151,"line":230,"wp_function":235},"n1","sink","wp_redirect() [Open Redirect]","wp_redirect",[237],{"from":227,"to":232,"sanitized":238},false,"medium",{"entryPoint":241,"graph":242,"unsanitizedCount":87,"severity":239},"\u003CPlugin> (src\\Sumedia\\Urlify\\Plugin.php:0)",{"nodes":243,"edges":246},[244,245],{"id":227,"type":228,"label":229,"file":151,"line":230},{"id":232,"type":233,"label":234,"file":151,"line":230,"wp_function":235},[247],{"from":227,"to":232,"sanitized":238},{"summary":249,"deductions":250},"The \"sumedia-urlify\" plugin version 0.3.8 exhibits a generally strong security posture based on the provided static analysis.  The absence of any known CVEs and the exclusive use of prepared statements for SQL queries are significant strengths.  Furthermore, the plugin demonstrates good practices by implementing a nonce check and properly escaping a majority of its outputs, mitigating common web vulnerabilities. The lack of external HTTP requests, file operations, and a minimal attack surface with zero unprotected entry points further contribute to its secure design.",[251,254,256],{"reason":252,"points":253},"Unsanitized paths in taint analysis",8,{"reason":255,"points":213},"Outputs not properly escaped",{"reason":257,"points":258},"No capability checks",5,"2026-03-17T07:05:30.161Z",{"wat":261,"direct":267},{"assetPaths":262,"generatorPatterns":264,"scriptPaths":265,"versionParams":266},[263],"\u002Fwp-content\u002Fplugins\u002Fsumedia-urlify\u002Fassets\u002Fcss\u002Fadmin-style.css",[],[],[],{"cssClasses":268,"htmlComments":270,"htmlAttributes":271,"restEndpoints":272,"jsGlobals":273,"shortcodeOutput":274},[269],"sumedia-urlify-admin-style",[],[],[],[],[]]