[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzANWQvBa9WBirao_i5vMa9xc0YiAHEPSuqOOrmUy7H8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":131,"fingerprints":183},"tdd-debug-bar-post-meta","Debug Bar Post Meta","0.1","Taylor Dewey","https:\u002F\u002Fprofiles.wordpress.org\u002Ftaylorde\u002F","\u003Cp>Debug Bar Post Meta adds a pane to the debug bar with information about post meta for the current post.\u003Cbr \u002F>\nThis plugin requires the Debug Bar installed and activated in order to help you.\u003C\u002Fp>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Only load the menu when viewing a single post either in admin or front-end.\u003C\u002Fli>\n\u003C\u002Ful>\n","Very simple extention to the debug bar to get a list of post meta for the current post",10,5585,100,2,"2012-09-19T18:48:00.000Z","3.4.2","",[19,20,21,22],"custom-fields","debug-bar","meta","post-meta","http:\u002F\u002Fgithub.com\u002Ftddewey\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftdd-debug-bar-post-meta.0.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"taylorde",3,70,30,84,"2026-04-05T14:45:33.389Z",[38,58,77,96,113],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"ultimate-fields","Ultimate Fields","3.0.2","Radoslav Georgiev","https:\u002F\u002Fprofiles.wordpress.org\u002Fradogeorgiev\u002F","\u003Cp>With Ultimate Fields you can easily create fields in the admin. Those fields can be displayed when you are editing a post or page (any post type actually) or in an options page (ex. Theme Options) anywhere in the admin.\u003C\u002Fp>\n\u003Cp>Please visit \u003Ca href=\"https:\u002F\u002Fwww.ultimate-fields.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.ultimate-fields.com\u002F\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy to use.\u003C\u002Fli>\n\u003Cli>Various field types (listed below)\u003C\u002Fli>\n\u003Cli>Support for Post Type and Options Page as locations for fields. All locations have advanced placement rules, in order to only show them when needed.\u003C\u002Fli>\n\u003Cli>WYSIWYG Field Creation\u003C\u002Fli>\n\u003Cli>Focused on developers: A clean object-oriented API allows you to cleanly define all of your fields through code.\u003C\u002Fli>\n\u003Cli>Perfected tabs, alignment and styles\u003C\u002Fli>\n\u003Cli>Import, Export and in-theme JSON Synchronization\u003C\u002Fli>\n\u003Cli>JavaScript-based interface\u003C\u002Fli>\n\u003Cli>Unlimited field nesting with the Repeater and Complex fields\u003C\u002Fli>\n\u003Cli>Conditional Logic between fields in the same container (and ones on upper levels)\u003C\u002Fli>\n\u003Cli>REST API Support\u003C\u002Fli>\n\u003Cli>Admin Columns\u003C\u002Fli>\n\u003Cli>Integration with WordPress SEO for automatic field content ratings\u003C\u002Fli>\n\u003Cli>Clean styles: Ultimate Fields follows WordPress’ built in styles as much as possible and provides a seamless experience. It’s even fully responsive.\u003C\u002Fli>\n\u003Cli>Full-featured interface for data loading\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Fields\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Text\u003C\u002Fli>\n\u003Cli>Textarea\u003C\u002Fli>\n\u003Cli>WYSIWYG Editor\u003C\u002Fli>\n\u003Cli>Password\u003C\u002Fli>\n\u003Cli>Number\u003C\u002Fli>\n\u003Cli>Checkbox\u003C\u002Fli>\n\u003Cli>Select\u003C\u002Fli>\n\u003Cli>Multiselect\u003C\u002Fli>\n\u003Cli>Image-Select (a visual select)\u003C\u002Fli>\n\u003Cli>File\u003C\u002Fli>\n\u003Cli>Image\u003C\u002Fli>\n\u003Cli>WP Object (for selection of an object among posts, terms and users)\u003C\u002Fli>\n\u003Cli>WP Objects (for multiple objects)\u003C\u002Fli>\n\u003Cli>Link\u003C\u002Fli>\n\u003Cli>Section\u003C\u002Fli>\n\u003Cli>Tab\u003C\u002Fli>\n\u003Cli>Complex\u003C\u002Fli>\n\u003Cli>Repeater\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Repeaters\u003C\u002Fh4>\n\u003Cp>Repeaters can be used to add repeatable groups of fields. You can combine a text and a file field into a Slide group and allow the user to add as many slides as he needs. The value is saved in a single field!\u003C\u002Fp>\n\u003Cp>Additionally you can add different types of groups into a single repeater. This way the user could add both Video Slides and Image Slides through the same place.\u003C\u002Fp>\n\u003Ch4>Embedding in themes and plugins\u003C\u002Fh4>\n\u003Cp>Ultimate Fields has all the necessary logic built in. Just place it wherever you need and include ultimate-fields.php\u003C\u002Fp>\n","Easy and powerful custom fields management: Post Meta, Options Pages, Repeaters and many field types!",900,14539,20,"2018-05-15T13:59:00.000Z","4.9.29","4.9","5.4",[19,21,22,54,55],"repeater","theme-options","https:\u002F\u002Fwww.ultimate-fields.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-fields.3.0.2.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":17,"tags":73,"homepage":75,"download_link":76,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"show-hidden-post-meta","Show Hidden Post Meta","1.0.1","Philip Newcomer","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilipnewcomer\u002F","\u003Cp>This plugin makes all custom fields (post meta) visible in the “Custom Fields” meta box on post edit screens.\u003C\u002Fp>\n","Makes hidden post meta visible on post edit screens",300,8139,86,6,"2019-09-25T22:40:00.000Z","5.2.24","3.2",[74,19,21,22],"admin","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshow-hidden-post-meta\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-hidden-post-meta.1.0.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":66,"downloaded":85,"rating":68,"num_ratings":11,"last_updated":86,"tested_up_to":87,"requires_at_least":51,"requires_php":88,"tags":89,"homepage":93,"download_link":94,"security_score":95,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wp-admin-search-meta","WP-Admin Search Post Meta","0.3","meloniq","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeloniq\u002F","\u003Cp>Enables searching post meta fields on admin pages.\u003C\u002Fp>\n","Enables searching post meta fields on admin pages.",6412,"2024-11-21T22:59:00.000Z","6.7.5","5.6",[19,22,90,91,92],"postmeta","search","wp-admin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-admin-search-meta\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-admin-search-meta.0.3.zip",92,{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":13,"downloaded":104,"rating":13,"num_ratings":14,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":17,"tags":108,"homepage":111,"download_link":112,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"post-meta-manager","Post Meta Manager","1.0.4","Andrew Norcross","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorcross\u002F","\u003Cp>Creates a panel to change or delete meta keys in bulk. Useful for when you are switching plugins or themes that use specific meta keys for functionality, or for general cleanup for older sites that may have older meta data that is no longer in use.\u003C\u002Fp>\n","A simple utility plugin for changing or deleting post or user meta (custom fields) keys in bulk.",9026,"2016-03-18T18:38:00.000Z","4.4.34","3.0",[109,19,110,22,90],"custom-field","metadata","http:\u002F\u002Fandrewnorcross.com\u002Fplugins\u002Fpost-meta-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-meta-manager.1.0.4.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":26,"num_ratings":26,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":17,"tags":126,"homepage":129,"download_link":130,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"easy-custom-fields","Easy Custom Fields","0.6","Thorsten Ott","https:\u002F\u002Fprofiles.wordpress.org\u002Ftott\u002F","\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>simply generate post boxes with multiple fields \u002F groups\u003C\u002Fli>\n\u003Cli>easily validate\u002Fsanitize input and output data\u003C\u002Fli>\n\u003Cli>easy access to field data via $easy_cf->field_id->get() or $easy_cf->field_id->get( NULL, $raw=true );\u003C\u002Fli>\n\u003Cli>get error messages for validation failures via admin notices\u003C\u002Fli>\n\u003Cli>custom post type aware\u003C\u002Fli>\n\u003Cli>extendable to your needs by extending Easy_CF_Field and Easy_CF_Validator classes (see advanced usage)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>As this script is mainly meant as basis for developers it needs minor coding skills to add this functionality\u003Cbr \u002F>\nto your theme.\u003C\u002Fp>\n\u003Cp>In order to make use of this class simply initialize it from the functions.php file of your theme as described below.\u003C\u002Fp>\n\u003Ch4>Simple Usage\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>require_once( WP_PLUGIN_DIR . '\u002Feasy-custom-fields\u002Feasy-custom-fields.php' );\n$field_data = array (\n    'testgroup' => array (              \u002F\u002F unique group id\n        'fields' => array(              \u002F\u002F array \"fields\" with field definitions\n            'field1'    => array(),     \u002F\u002F globally unique field id\n            'field2'    => array(),\n            'field3'    => array(),\n        ),\n    ),\n);\n$easy_cf = new Easy_CF($field_data);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Advanced Usage\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>require_once( WP_PLUGIN_DIR . '\u002Feasy-custom-fields\u002Feasy-custom-fields.php' );\n$field_data = array (\n    'testgroup' => array (\n        'fields' => array(\n            'field1'    => array(),\n            'field2'    => array(),\n            'field3'    => array(),\n        ),\n    ),\n    'advanced_testgroup' => array (                                     \u002F\u002F unique group id\n        'fields' => array(                                              \u002F\u002F array \"fields\" with field definitions \n            'advanced_field'    => array(                               \u002F\u002F globally unique field id\n                'label'         => 'Advanced Field Description',        \u002F\u002F Field Label\n                'hint'          => 'Long Advanced Field description',   \u002F\u002F A descriptive hint for the field\n                'type'          => 'textarea',                          \u002F\u002F Custom Field Type (see Ref: field_type)\n                'class'         => 'aclass',                            \u002F\u002F CSS Wrapper class for the field\n                'input_class'   => 'theEditor',                         \u002F\u002F CSS class for the input field\n                'error_msg'     => 'The Advanced Field is wrong' ),     \u002F\u002F Error message to show when validate fails\n                'validate'      => 'validatorname',                     \u002F\u002F Custom Validator (see Ref: validator)\n            'advanced_email' => array(\n                'label' => 'Email',\n                'hint' => 'Enter your email',\n                'validate' => 'email', )\n        ),\n        'title' => 'Product Description',   \u002F\u002F Group Title\n        'context' => 'advanced',            \u002F\u002F context as in https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fadd_meta_box\n        'pages' => array( 'post', 'page' ), \u002F\u002F pages as in https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fadd_meta_box\n    ),\n);\n\nif ( !class_exists( \"Easy_CF_Validator_Email\" ) ) {\n\n    class Easy_CF_Validator_Email extends Easy_CF_Validator {\n        public function get( $value='' ) {\n            return esc_attr( $value );\n        }\n\n        public function set( $value='' ) {\n            $value = esc_attr( trim( stripslashes( $value ) ) );\n            return $value;\n        }\n\n        public function validate( $value='' ) {\n            if ( empty( $value ) || is_email( $value ) ) \n                return true;\n            else\n                return false;\n        }\n    }\n}\n\nif ( !class_exists( \"Easy_CF_Field_Textarea\" ) ) {\n    class Easy_CF_Field_Textarea extends Easy_CF_Field {\n        public function print_form() {\n            $class = ( empty( $this->_field_data['class'] ) ) ? $this->_field_data['id'] . '_class' :  $this->_field_data['class'];\n            $input_class = ( empty( $this->_field_data['input_class'] ) ) ? $this->_field_data['id'] . '_input_class' :  $this->_field_data['input_class'];\n\n            $id = ( empty( $this->_field_data['id'] ) ) ? $this->_field_data['id'] :  $this->_field_data['id'];\n            $label = ( empty( $this->_field_data['label'] ) ) ? $this->_field_data['id'] :  $this->_field_data['label'];\n            $value = $this->get();\n            $hint = ( empty( $this->_field_data['hint'] ) ) ? '' :  '\u003Cp>\u003Cem>' . $this->_field_data['hint'] . '\u003C\u002Fem>\u003C\u002Fp>';\n\n            $label_format =\n                '\u003Cdiv class=\"%s\">'.\n                '\u003Cp>\u003Clabel for=\"%s\">\u003Cstrong>%s\u003C\u002Fstrong>\u003C\u002Flabel>\u003C\u002Fp>'.\n                '\u003Cp>\u003Ctextarea class=\"%s\" style=\"width: 100%%;\" type=\"text\" name=\"%s\">%s\u003C\u002Ftextarea>\u003C\u002Fp>'.\n                '%s'.\n                '\u003C\u002Fdiv>';\n            printf( $label_format, $class, $id, $label, $input_class, $id, $value, $hint );\n        }\n    }\n}\n\n$easy_cf = new Easy_CF($field_data);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>If you’re not using auto_init then meta boxes need to be added individually using\u003Cbr \u002F>\nadd_meta_box( $group_id, $group_title, array( &$easy_cf, ‘meta_box_cb’ ), $page, $group_context );\u003Cbr \u002F>\nand the save methods need to be initialized after adding all meta boxes using\u003Cbr \u002F>\n$easy_cf->add_save_method();\u003C\u002Fp>\n","This is a set of extendable classes to allow easy handling of custom post fields.",60,9455,"2012-07-11T14:45:00.000Z","3.3.2","2.9.2",[19,127,22,128],"custom-post-fields","post_meta","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Feasy-custom-fields\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-custom-fields.zip",{"attackSurface":132,"codeSignals":152,"taintFlows":170,"riskAssessment":171,"analyzedAt":182},{"hooks":133,"ajaxHandlers":148,"restRoutes":149,"shortcodes":150,"cronEvents":151,"entryPointCount":26,"unprotectedCount":26},[134,139,142],{"type":135,"name":136,"callback":137,"file":138,"line":69},"action","wp_print_styles","print_styles","class-debug-bar-post-meta.php",{"type":135,"name":140,"callback":137,"file":138,"line":141},"admin_print_styles",7,{"type":143,"name":144,"callback":145,"file":146,"line":147},"filter","debug_bar_panels","tdd_dbpm_debug_bar_panels","debug-bar-post-meta.php",26,[],[],[],[],{"dangerousFunctions":153,"sqlUsage":154,"outputEscaping":156,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":169},[],{"prepared":26,"raw":26,"locations":155},[],{"escaped":26,"rawEcho":157,"locations":158},5,[159,162,164,165,167],{"file":138,"line":160,"context":161},28,"raw output",{"file":138,"line":163,"context":161},29,{"file":138,"line":34,"context":161},{"file":138,"line":166,"context":161},39,{"file":138,"line":168,"context":161},59,[],[],{"summary":172,"deductions":173},"The \"tdd-debug-bar-post-meta\" v0.1 plugin exhibits a seemingly strong security posture based on the provided static analysis. There are no identified entry points like AJAX handlers, REST API routes, or shortcodes that could be directly exploited. Furthermore, the code signals indicate a complete absence of dangerous functions and file operations, and all SQL queries are properly prepared. This suggests a cautious approach to handling sensitive operations. The lack of any known historical vulnerabilities also contributes to a positive assessment, implying consistent security practices throughout its development.\n\nHowever, a significant concern arises from the output escaping results. With 5 total outputs and 0% properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed by the plugin that is not properly sanitized before rendering in the browser is susceptible to manipulation by attackers. The absence of nonce and capability checks across all identified (though zero) entry points, while not directly exploitable due to the lack of entry points, signifies a missed opportunity to implement foundational WordPress security measures that would be critical if the plugin were to be extended or modified in the future. The lack of any taint flows analyzed is also a weakness, as it suggests a potential gap in the analysis process itself.\n\nIn conclusion, while the plugin has avoided common pitfalls like direct SQL injection or exposed AJAX actions, the critical failure in output escaping presents a substantial XSS risk. The absence of any vulnerability history is reassuring, but the current analysis highlights the immediate need to address output sanitization to mitigate potential security breaches.",[174,176,178,180],{"reason":175,"points":141},"Outputs not properly escaped (potential XSS)",{"reason":177,"points":157},"No taint analysis performed",{"reason":179,"points":14},"Missing nonce checks on potential entry points",{"reason":181,"points":14},"Missing capability checks on potential entry points","2026-03-17T01:09:39.860Z",{"wat":184,"direct":193},{"assetPaths":185,"generatorPatterns":188,"scriptPaths":189,"versionParams":190},[186,187],"\u002Fwp-content\u002Fplugins\u002Ftdd-debug-bar-post-meta\u002Fcss\u002Fdebug-bar-post-meta.css","\u002Fwp-content\u002Fplugins\u002Ftdd-debug-bar-post-meta\u002Fcss\u002Fdebug-bar-post-meta.min.css",[],[],[191,192],"tdd-debug-bar-post-meta\u002Fcss\u002Fdebug-bar-post-meta.css?ver=","tdd-debug-bar-post-meta\u002Fcss\u002Fdebug-bar-post-meta.min.css?ver=",{"cssClasses":194,"htmlComments":196,"htmlAttributes":197,"restEndpoints":198,"jsGlobals":199,"shortcodeOutput":200},[195],"debug-bar-post-meta",[],[],[],[],[]]