[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fG7rlEXKoJvstIHWGR4QzA2kYTeLP1AyOJEUxEwxXlOk":3,"$fTBZguh72wU1gH5E2uHagWt2iWSVVqMQICwrFfJS4zAc":257,"$fehgc3L1078TKZr1s8hfzcmguV-l-2KRROKIapmDX-MA":261},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":39,"analysis":144,"fingerprints":229},"support-me","Support Me","1.0.6","TrustedLogin","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrustedlogin\u002F","\u003Cp>Sometimes you just need some help, and when you’re working privately with support personnel for a plugin or theme, creating temporary admin accounts can be a pain.\u003C\u002Fp>\n\u003Cp>Support Me makes creating accounts for support purposes a snap:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can set support accounts to expire after a set number of minutes, hours, or days, or even not expire at all.\u003C\u002Fli>\n\u003Cli>Once a support account expires, it is automatically deleted.\u003C\u002Fli>\n\u003Cli>No more making up fake email addresses or dealing with the full user registration process. Just set an expiration, and generate an account.\u003C\u002Fli>\n\u003Cli>You can manage support account sessions just like any other user account.\u003C\u002Fli>\n\u003Cli>Easily see when Support Accounts expire in a new ‘Expires’ column on the Users screen\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And don’t worry about Support Accounts overreaching their bounds on your website. All support accounts are granted full admin privileges with the caveat that they can’t create, edit, promote, or delete other users.\u003C\u002Fp>\n\u003Cp>Support Me is also fully compatible with debugging plugins such as Debug Bar, ensuring support personnel can help you solve your problems faster so you can get back to work.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note: Support Me requires a minimum of PHP 5.3 to be running on your web host.\u003C\u002Fstrong> Help move plugin developers and WordPress forward into modern PHP by asking your host to upgrade you today.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Contribute to Support Me\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is in active development \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTrustedLogin\u002Fsupport-me\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests are welcome!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Thank you to our \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsupport-me\" rel=\"nofollow ugc\">community translators\u003C\u002Fa> on WordPress.org:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English (UK) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fgaryj\u002F\" rel=\"nofollow ugc\">Gary Jones\u003C\u002Fa> (@GaryJ)\u003C\u002Fli>\n\u003Cli>French (France) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ffxbenard\u002F\" rel=\"nofollow ugc\">François-Xavier Bénard\u003C\u002Fa> (@fxbenard)\u003C\u002Fli>\n\u003Cli>German – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fpixolin\u002F\" rel=\"nofollow ugc\">Bego Mario Garde\u003C\u002Fa> (@pixolin)\u003C\u002Fli>\n\u003Cli>German (Formal) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fpixolin\u002F\" rel=\"nofollow ugc\">Bego Mario Garde\u003C\u002Fa> (@pixolin)\u003C\u002Fli>\n\u003Cli>Italian – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwolly\u002F\" rel=\"nofollow ugc\">Paolo Valenti\u003C\u002Fa> (@wolly)\u003C\u002Fli>\n\u003Cli>Russian – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fsergeybiryukov\u002F\" rel=\"nofollow ugc\">Sergey Biryukov\u003C\u002Fa> (@SergeyBiryukov)\u003C\u002Fli>\n\u003Cli>Hebrew – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Framiy\u002F\" rel=\"nofollow ugc\">Rami Yushuvaev\u003C\u002Fa> (@ramiy)\u003C\u002Fli>\n\u003Cli>Japanese – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnao\u002F\" rel=\"nofollow ugc\">Naoko Takano\u003C\u002Fa> (@nao)\u003C\u002Fli>\n\u003Cli>Nepali – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Frabmalin\u002F\" rel=\"nofollow ugc\">Nilambar Sharma\u003C\u002Fa> (@rabmalin)\u003C\u002Fli>\n\u003C\u002Ful>\n","Allows you to generate expireable user accounts for support purposes.",900,13005,100,5,"2024-02-01T00:38:00.000Z","6.4.8","3.5.0","5.3",[20,21,22],"account","support","users","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsupport-me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupport-me.1.0.6.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"trustedlogin",3,30910,90,30,87,"2026-05-20T01:26:26.007Z",[40,62,84,105,123],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":35,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":60,"download_link":61,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wc-password-strength-settings","Password Strength Settings for WooCommerce","3.0.1","Danny Santoro","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielsantoro\u002F","\u003Cp>Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.\u003C\u002Fp>\n\u003Ch3>What does this plugin do?\u003C\u002Fh3>\n\u003Cp>WooCommerce has an integrated Password Strength Meter which forces users to use strong passwords. Sometimes this isn’t desirable – with this plugin, you can choose between five password levels ranging from “Anything Goes” to “Strong Passwords Only”. In addition, you can modify the colors and appearance of these custom messages, as well as modify or remove the password hint. For details on how the password strength is determined, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDanielSantoro\u002Fwc-password-strength-settings\u002Fwiki\u002FHow-Password-Strength-is-Determined\" rel=\"nofollow ugc\">please read the documentation here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What’s New?\u003C\u002Fh4>\n\u003Cp>Version 3.0.0 is a bit of a rewrite to bring the plugin up to modern coding standards. Functionality should not be impacted, but if it is, please reach out on the support forums.\u003C\u002Fp>\n\u003Cp>Version 3.0.1 is simply a hotfix declaring compatibility with WooCommerce HPOS. Since this plugin doesn’t touch anything with the orders or order metadata, it shouldn’t be impacted at all. \u003Cem>However\u003C\u002Fem>, if you notice any issues then please reach out via the contact form on my website.\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>While this does allow for user accounts to have weaker passwords, it’s a good idea to still encourage strong password use – \u003Cem>especially\u003C\u002Fem> for administrators!\u003C\u002Fp>\n\u003Ch4>Planned Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option to remove “- Please enter a stronger password.” that is added by WordPress.\u003C\u002Fli>\n\u003Cli>Nothing else at the moment, but let me know if you have any ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n","Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.",10000,177306,24,"2023-10-11T20:51:00.000Z","6.3.8","5.8","",[56,57,58,22,59],"accounts","passwords","security","woocommerce","https:\u002F\u002Fdanielsantoro.com\u002Fproject\u002Fwoocommerce-password-strength-settings-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-password-strength-settings.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":13,"num_ratings":14,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":80,"download_link":81,"security_score":13,"vuln_count":82,"unpatched_count":26,"last_vuln_date":83,"fetched_at":28},"disable-user-login","Disable User Login","2.1.7","Saint Systems","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaintsystems\u002F","\u003Cp>This plugin gives you the ability to disable specific user accounts via a profile setting.\u003C\u002Fp>\n\u003Cp>Once installed and activated, a checkbox appears on the user profile settings (only for admins). When checked, the user’s account will be disabled and they will be unable to login with the account. If they try to login, they are instantly logged out and redirected to the login page with a message that notifies them their account is disabled.\u003C\u002Fp>\n\u003Cp>This can be useful in a few situations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You want freelance writers to still show up in the authors box, but you don’t want them to be able to login.\u003C\u002Fli>\n\u003Cli>You have former employees who have authored posts and you don’t want to delete them or reassign their posts to other users, but still need them to show up in the “Authors box.”\u003C\u002Fli>\n\u003Cli>You are working on a site for a client who has an account, but do not want him to login and\u002For make changes during development.\u003C\u002Fli>\n\u003Cli>You have a client who has an unpaid invoice.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaintsystems\u002Fdisable-user-login\u002F\" rel=\"nofollow ugc\">This plugin is on GitHub!\u003C\u002Fa>\u003C\u002Fstrong> Pull requests are welcome. If possible please report issues through Github.\u003C\u002Fp>\n\u003Ch4>Upgrade to Pro\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.saintsystems.com\u002Fproducts\u002Fdisable-user-login-pro\u002F\" rel=\"nofollow ugc\">Disable User Login Pro\u003C\u002Fa> adds powerful tools for managing user accounts at scale:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>CSV Import & Export\u003C\u002Fstrong> — bulk enable or disable hundreds of users at once via spreadsheet\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Notifications\u003C\u002Fstrong> — automatically notify users when their account is disabled or re-enabled, with customizable email templates, merge tags, and optional admin CC\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Audit Log\u003C\u002Fstrong> — full history of every disable\u002Fenable action with timestamps, who performed it, and why\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Filterable User List\u003C\u002Fstrong> — “Disabled” and “Enabled” filter views on the Users screen with count badges and a sortable Disabled column\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for membership sites, nonprofits managing volunteers, agencies onboarding\u002Foffboarding clients, and universities managing student accounts.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.saintsystems.com\u002Fproducts\u002Fdisable-user-login-pro\u002F\" rel=\"nofollow ugc\">Learn more about Disable User Login Pro\u003C\u002Fa>\u003C\u002Fp>\n","Disable user accounts without deleting them. One-click enable\u002Fdisable, bulk actions, force logout, and customizable disabled message.",5000,65754,"2026-04-03T18:58:00.000Z","6.9.4","6.2","7.4",[20,77,78,79,22],"disable","login","user","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-user-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-user-login.2.1.7.zip",1,"2023-11-15 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":18,"tags":99,"homepage":102,"download_link":103,"security_score":25,"vuln_count":82,"unpatched_count":26,"last_vuln_date":104,"fetched_at":28},"resend-welcome-email","Resend Welcome Email","1.1.9","Hudson Atwell","https:\u002F\u002Fprofiles.wordpress.org\u002Fadbox\u002F","\u003Cp>This tool was developed to quickly send a user a new password reset link via email when they are having trouble logging in.\u003C\u002Fp>\n\u003Ch4>Developers & Designers\u003C\u002Fh4>\n\u003Cp>This extension has a public GitHub page where users can contribute fixes and improvements.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fatwellpub\u002Fresend-welcome-email\" title=\"Follow & Contribute to core development on GitHub\" rel=\"nofollow ugc\">Follow Development on GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fatwellpub\" title=\"Follow the developer on Twitter\" rel=\"nofollow ugc\">Follow Developer on Twitter\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftiborepcek\u002F\" title=\"Tibor Repček on GitHub\" rel=\"nofollow ugc\">Tibor Repček\u003C\u002Fa> – translation into slovak language (slovenčina)\u003C\u002Fp>\n","Quickly send a new welcome email and password reset link for a user through the user's profile edit area.",1000,22406,74,9,"2018-02-24T07:40:00.000Z","4.9.29","4.3.1",[21,100,22,101],"user-management","welcome-email","http:\u002F\u002Fwww.twitter.com\u002Fatwellpub","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fresend-welcome-email.1.1.9.zip","2015-04-27 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":36,"downloaded":113,"rating":26,"num_ratings":26,"last_updated":114,"tested_up_to":115,"requires_at_least":43,"requires_php":54,"tags":116,"homepage":121,"download_link":122,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"temporary-access-for-users","Temporary Access for users","1.0.0","Sagar Prajapati","https:\u002F\u002Fprofiles.wordpress.org\u002Fsagarprajapati\u002F","\u003Cp>Plugin is use full for provide temporary access to user. Also we can disable user to temporary based.\u003C\u002Fp>\n\u003Cp>Temporary Access for users plugins creates the temporary user. If the admin wants to create a temporary user for some limited period of time like give temporary login to a user then this plugin is helpful to you.\u003C\u002Fp>\n\u003Cp>It is the easiest, simple and light weight plugin which also provides disable an existing user functionality. It means the plugin is ready to create an unlimited number of temporary accounts which will be disabled the user when their limitation will over.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n","Plugin is use full for provide temporary access to user. Also we can disable the user to temporary based.",2368,"2020-07-06T04:48:00.000Z","5.4.19",[117,118,119,106,120],"disable-account","disable-user","temporary-access","temporary-user","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-access-for-users\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftemporary-access-for-users.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":26,"num_ratings":26,"last_updated":133,"tested_up_to":73,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":142,"download_link":143,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"fake-user-detector","Fake User Detector","1.0.4","PluginRx","https:\u002F\u002Fprofiles.wordpress.org\u002Fapos37\u002F","\u003Cp>Fake User Detector helps WordPress site owners identify and flag suspicious user accounts after they have already registered.\u003C\u002Fp>\n\u003Cp>This plugin does not prevent or block registrations. Instead, it analyzes user data post-registration to highlight accounts that appear automated, fake, or low-quality, making it easier to review and remove them manually.\u003C\u002Fp>\n\u003Cp>Fake User Detector is designed as a cleanup and review tool, not a registration firewall. It works well alongside other plugins that handle CAPTCHA, email verification, honeypots, or other signup prevention techniques.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Post-Registration Analysis:\u003C\u002Fstrong> Evaluates user accounts after creation to identify suspicious patterns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gibberish Detection:\u003C\u002Fstrong> Flags accounts with non-human patterns like too many uppercase letters, no vowels, or clusters of consonants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Symbol and Number Filters:\u003C\u002Fstrong> Detects unnatural use of digits or special characters in names.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Detection Rules:\u003C\u002Fstrong> Enable or disable individual checks to suit your site’s user base.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flag for Review:\u003C\u002Fstrong> Suspicious accounts are flagged and marked for potential deletion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Notice:\u003C\u002Fstrong> Quickly see how many flagged users exist from your admin area.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Scan Existing Users:\u003C\u002Fstrong> Scan the users admin list table for suspicious accounts so you can easily delete them.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gravity Forms Integration:\u003C\u002Fstrong> If using Gravity Forms User Registration, the plugin optionally runs validation checks on registrations submitted via forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Hooks:\u003C\u002Fstrong> Add or customize detection logic with your own functions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Detection Checks Include:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Manually flagged by admin\u003C\u002Fli>\n\u003Cli>Excessive uppercase letters (more than 5 in a name unless all caps)\u003C\u002Fli>\n\u003Cli>No vowels in names longer than 5 characters\u003C\u002Fli>\n\u003Cli>Six or more consecutive consonants in a name\u003C\u002Fli>\n\u003Cli>Presence of numbers in names\u003C\u002Fli>\n\u003Cli>Presence of special characters other than letters, numbers, and dashes\u003C\u002Fli>\n\u003Cli>Similarity between first and last name (exact match or one includes the other)\u003C\u002Fli>\n\u003Cli>Very short names (2 characters)\u003C\u002Fli>\n\u003Cli>Invalid or disposable email domains\u003C\u002Fli>\n\u003Cli>Excessive periods in email address (more than 3)\u003C\u002Fli>\n\u003Cli>Username containing URL patterns (\u003Ccode>http\u003C\u002Fcode>, \u003Ccode>https\u003C\u002Fcode>, or \u003Ccode>www\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Known spam words in user bio or name\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Fake User Detector is ideal for membership sites, communities, forums, or any WordPress site that allows user registration and needs a practical way to review and clean up suspicious accounts that already exist.\u003C\u002Fp>\n","Detect and flag suspicious existing user accounts using simple checks to help clean up fake or low-quality registrations.",20,369,"2026-04-06T20:04:00.000Z","5.9","8.0",[137,138,139,140,141],"account-flagging","bot-detection","fake-users","spam","user-registration","https:\u002F\u002Fpluginrx.com\u002Fplugin\u002Ffake-user-detector\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffake-user-detector.1.0.4.zip",{"attackSurface":145,"codeSignals":213,"taintFlows":222,"riskAssessment":223,"analyzedAt":228},{"hooks":146,"ajaxHandlers":201,"restRoutes":208,"shortcodes":209,"cronEvents":210,"entryPointCount":82,"unprotectedCount":26},[147,153,157,162,166,170,176,179,183,187,191,196],{"type":148,"name":149,"callback":150,"file":151,"line":152},"action","wwsm_delete_account","delete_account","includes\\accounts\\wwsm-account-management.php",35,{"type":148,"name":154,"callback":155,"file":156,"line":50},"wwsm_new_account","new_account_panel","includes\\accounts\\wwsm-account-panel.php",{"type":158,"name":159,"callback":160,"file":156,"line":161},"filter","views_users","new_account_action",25,{"type":148,"name":163,"callback":164,"file":156,"line":165},"admin_print_styles-users.php","admin_print_styles",27,{"type":148,"name":167,"callback":168,"file":156,"line":169},"admin_print_scripts-users.php","admin_print_scripts",28,{"type":158,"name":171,"callback":172,"priority":173,"file":174,"line":175},"user_has_cap","grant_caps",10,"includes\\accounts\\wwsm-account-setup.php",62,{"type":158,"name":177,"callback":177,"priority":13,"file":174,"line":178},"map_meta_cap",63,{"type":158,"name":180,"callback":181,"file":174,"line":182},"manage_users_columns","add_expires_column",66,{"type":158,"name":184,"callback":185,"priority":173,"file":174,"line":186},"manage_users_custom_column","display_expires_column",67,{"type":158,"name":188,"callback":189,"priority":13,"file":174,"line":190},"editable_roles","hide_support_role",70,{"type":148,"name":192,"callback":193,"file":194,"line":195},"plugins_loaded","load_textdomain","includes\\wwsm-loader.php",56,{"type":148,"name":197,"callback":198,"file":199,"line":200},"admin_notices","ww_support_me_admin_notice","support-me.php",39,[202],{"action":203,"nopriv":204,"callback":205,"hasNonce":206,"hasCapCheck":206,"file":151,"line":207},"add_support_account",false,"add_account",true,33,[],[],[211],{"hook":149,"callback":149,"file":151,"line":212},81,{"dangerousFunctions":214,"sqlUsage":215,"outputEscaping":217,"fileOperations":26,"externalRequests":26,"nonceChecks":82,"capabilityChecks":33,"bundledLibraries":221},[],{"prepared":26,"raw":26,"locations":216},[],{"escaped":14,"rawEcho":82,"locations":218},[219],{"file":199,"line":169,"context":220},"raw output",[],[],{"summary":224,"deductions":225},"The \"support-me\" plugin v1.0.6 exhibits a generally strong security posture based on the static analysis. The plugin demonstrates good security practices by implementing nonce checks and capability checks on its entry points, specifically its AJAX handler. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests, coupled with the exclusive use of prepared statements for SQL queries, significantly reduces the risk of common vulnerabilities. The high percentage of properly escaped output is also a positive indicator of secure coding.\n\nDespite the positive aspects, there are minor areas for improvement. The static analysis did not reveal any taint flows, which is excellent, but it's important to note that taint analysis can be limited by its scope. The lack of any recorded vulnerability history is a strong positive, suggesting the plugin has a history of being well-maintained and secure. However, it's crucial to remember that past security does not guarantee future security, and ongoing vigilance is always necessary.\n\nIn conclusion, \"support-me\" v1.0.6 appears to be a securely developed plugin with a minimal attack surface and robust security measures in place. The absence of critical vulnerabilities in static analysis and historical data is highly reassuring. The primary recommendation would be to continue this diligent approach to security, ensuring all new code adheres to these secure coding standards.",[226],{"reason":227,"points":33},"Unescaped output detected","2026-03-16T19:10:10.473Z",{"wat":230,"direct":239},{"assetPaths":231,"generatorPatterns":234,"scriptPaths":235,"versionParams":236},[232,233],"\u002Fwp-content\u002Fplugins\u002Fsupport-me\u002Fassets\u002Fcss\u002Fwwsm-users.css","\u002Fwp-content\u002Fplugins\u002Fsupport-me\u002Fassets\u002Fjs\u002Fwwsm-users.js",[],[233],[237,238],"wwsm-users-css?ver=","wwsm-users-js?ver=",{"cssClasses":240,"htmlComments":250,"htmlAttributes":251,"restEndpoints":253,"jsGlobals":254,"shortcodeOutput":256},[241,242,243,244,245,246,247,248,249],"add-account-panel","wwsm-notice","wwsm-username","username-result","wwsm-token","token-result","wwsm-expires","expires-result","wwsm-choice",[],[252],"data-wwsm-dismiss",[],[255],"wwsm_users_params",[],{"error":206,"url":258,"statusCode":259,"statusMessage":260,"message":260},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsupport-me\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":262,"versions":263},7,[264,269,276,282,289,296,303],{"version":6,"download_url":24,"svn_tag_url":265,"released_at":27,"has_diff":204,"diff_files_changed":266,"diff_lines":27,"trac_diff_url":267,"vulnerabilities":268,"is_current":206},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsupport-me\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsupport-me%2Ftags%2F1.0.5&new_path=%2Fsupport-me%2Ftags%2F1.0.6",[],{"version":270,"download_url":271,"svn_tag_url":272,"released_at":27,"has_diff":204,"diff_files_changed":273,"diff_lines":27,"trac_diff_url":274,"vulnerabilities":275,"is_current":204},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupport-me.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsupport-me\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsupport-me%2Ftags%2F1.0.4&new_path=%2Fsupport-me%2Ftags%2F1.0.5",[],{"version":126,"download_url":277,"svn_tag_url":278,"released_at":27,"has_diff":204,"diff_files_changed":279,"diff_lines":27,"trac_diff_url":280,"vulnerabilities":281,"is_current":204},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupport-me.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsupport-me\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsupport-me%2Ftags%2F1.0.3&new_path=%2Fsupport-me%2Ftags%2F1.0.4",[],{"version":283,"download_url":284,"svn_tag_url":285,"released_at":27,"has_diff":204,"diff_files_changed":286,"diff_lines":27,"trac_diff_url":287,"vulnerabilities":288,"is_current":204},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupport-me.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsupport-me\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsupport-me%2Ftags%2F1.0.2&new_path=%2Fsupport-me%2Ftags%2F1.0.3",[],{"version":290,"download_url":291,"svn_tag_url":292,"released_at":27,"has_diff":204,"diff_files_changed":293,"diff_lines":27,"trac_diff_url":294,"vulnerabilities":295,"is_current":204},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupport-me.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsupport-me\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsupport-me%2Ftags%2F1.0.1&new_path=%2Fsupport-me%2Ftags%2F1.0.2",[],{"version":297,"download_url":298,"svn_tag_url":299,"released_at":27,"has_diff":204,"diff_files_changed":300,"diff_lines":27,"trac_diff_url":301,"vulnerabilities":302,"is_current":204},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupport-me.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsupport-me\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsupport-me%2Ftags%2F1.0.0&new_path=%2Fsupport-me%2Ftags%2F1.0.1",[],{"version":108,"download_url":304,"svn_tag_url":305,"released_at":27,"has_diff":204,"diff_files_changed":306,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":307,"is_current":204},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupport-me.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsupport-me\u002Ftags\u002F1.0.0\u002F",[],[]]