[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcllSBUSGC-k4UAelqROga52ughLgpZ4qj5WBhNm4fO4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":134,"fingerprints":186},"thebrent-private-site","Private Sites","0.1.0","Brent Maxwell","https:\u002F\u002Fprofiles.wordpress.org\u002Fthebrent\u002F","\u003Cp>Quick plugin to enable the setting of a site private. Includes options for with multi-site capabilities. Includes functionality to show which sites are private on the blog list screen of the network dashboard.\u003C\u002Fp>\n\u003Ch3>Use and Options\u003C\u002Fh3>\n\u003Cp>The optiuon will be shown at the bottom of the “General” settings page.\u003C\u002Fp>\n","Quick plugin to enable the setting of a site private. Includes options for with multi-site capabilities.",20,3265,0,"2015-03-31T14:08:00.000Z","4.11","3.0.1","",[19,20,21],"multisite","network","private-site","http:\u002F\u002Fthebrent.net\u002Fprojects\u002Fprivate-site\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthebrent-private-site.0.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"thebrent",2,30,84,"2026-04-04T14:46:18.296Z",[35,58,78,97,114],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":54,"download_link":55,"security_score":32,"vuln_count":56,"unpatched_count":13,"last_vuln_date":57,"fetched_at":26},"unconfirmed","Unconfirmed","1.3.7","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>If you run a WordPress or BuddyPress installation, you probably know that some of the biggest administrative headaches come from the activation process. Activation emails may be caught by spam filters, deleted unwillingly, or simply not understood. Yet WordPress itself has no UI for viewing and managing unactivated members.\u003C\u002Fp>\n\u003Cp>Unconfirmed creates a Dashboard panel under the Users menu (Network Admin > Users on Multisite) that shows a list of unactivated user registrations. For each registration, you have the option of resending the original activation email, or manually activating the user.\u003C\u002Fp>\n\u003Cp>Note that the plugin works for the following configurations:\u003Cbr \u002F>\n1. Multisite, with or without BuddyPress\u003Cbr \u002F>\n2. Single site, with BuddyPress used for user registration\u003C\u002Fp>\n\u003Cp>There is currently no support for single-site WP registration without BuddyPress.\u003C\u002Fp>\n","Allows WordPress admins to manage unactivated users, by activating them manually, deleting their pending registrations, or resending the activation em &hellip;",2000,246166,90,47,"2023-12-04T19:58:00.000Z","6.4.8","3.1",[51,52,53,19,20],"activate","activation","email","http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Funconfirmed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funconfirmed.1.3.7.zip",1,"2014-04-11 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":66,"num_ratings":30,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":17,"tags":71,"homepage":75,"download_link":76,"security_score":77,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"network-username-restrictions-override","Network Username Restrictions Override","1.3","Daniel Westermann-Clark","https:\u002F\u002Fprofiles.wordpress.org\u002Fdwc\u002F","\u003Cp>By default, WordPress network usernames cannot contain anything but lowercase letters and numbers. This plugin adds network options to let you include hyphens, underscores, or uppercase letters, if desired.\u003C\u002Fp>\n\u003Cp>Furthermore, this plugin gives you the option to allow email addresses as usernames, or to allow all-numeric usernames (e.g. “1234”).\u003C\u002Fp>\n\u003Cp>Finally, this plugin lets you override the minimum length for usernames (which defaults to four characters).\u003C\u002Fp>\n\u003Cp>To follow updates to this plugin, visit:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fdanieltwc.com\u002F\u003C\u002Fp>\n\u003Cp>For help with this version, visit:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fdanieltwc.com\u002F2011\u002Fnetwork-username-restrictions-override-1-0\u002F\u003C\u002Fp>\n","Override restrictions on WordPress network usernames.",100,10464,"2024-04-24T14:02:00.000Z","6.5.8","3.4",[72,73,19,20,74],"admin","authentication","wpmu","https:\u002F\u002Fdanieltwc.com\u002F2011\u002Fnetwork-username-restrictions-override-1-0\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnetwork-username-restrictions-override.1.3.zip",92,{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":66,"downloaded":86,"rating":77,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":17,"tags":91,"homepage":17,"download_link":96,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"plugin-activation-status","Plugin Activation Status","1.0.2.1","Curtiss Grymala","https:\u002F\u002Fprofiles.wordpress.org\u002Fcgrymala\u002F","\u003Cp>Plugin Activation Status makes it easier for owners of multisite and multi-network WordPress installations to perform plugin audits on their installations. The plugin generates a list of plugins that are not currently active on any sites or networks. It generates a separate list of plugins that are active somewhere within the installation, and provides details about where and how those plugins are activated.\u003C\u002Fp>\n\u003Cp>This plugin first retrieves a full list of all of the plugins that are network-activated throughout your installation. Then, it loops through all of the sites in your installation, retrieving a list of all of the active plugins on each site. Next, it runs a diff between the full list of installed plugins and the list of all active plugins.\u003C\u002Fp>\n\u003Cp>Once it retrieves all of that information, it outputs two separate lists.\u003C\u002Fp>\n\u003Cp>The first list is the list of Inactive Plugins; all plugins that are installed, but not activated anywhere within WordPress will be listed there. The second list shows all of the Active Plugins; all plugins that are installed and activated somewhere within WordPress are shown there.\u003C\u002Fp>\n\u003Cp>Within the Active Plugins list, each plugin also has a list of all of the places the plugin is active (at the top, a list of all of the places it’s network-active; at the bottom, all of the places it’s normally-activated).\u003C\u002Fp>\n\u003Cp>When the plugin generates the lists of plugins, it stores those lists as site options in the database, so the lists can be retrieved for reference without using any additional server resources. If you would like to remove those cached lists and generate new lists, you simply have to click the Continue button on the admin page.\u003C\u002Fp>\n","Scans a multisite or multi-network installation to identify all plugins that are active or not.",26167,14,"2018-04-03T19:04:00.000Z","4.9.29","3.8",[92,93,19,94,95],"active","multi-network","network-active","plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-activation-status.1.0.2.1.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":45,"downloaded":105,"rating":66,"num_ratings":30,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":17,"tags":109,"homepage":112,"download_link":113,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-over-network","WP Over Network","0.4.4","yuka2py","https:\u002F\u002Fprofiles.wordpress.org\u002Fyuka2py\u002F","\u003Cp>Add ability to get posts from over your network sites. Supports widget, shortcode, and customizable original function.\u003C\u002Fp>\n\u003Cp>Use the following:\u003C\u002Fp>\n\u003Ch4>In template\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php \n\nget_header();\nthe_post();\n\n?>\n\u003Csection id=\"content-primary\">\n        \u003Cheader id=\"page-header\">\n                \u003Ch1>\u003C?php the_title() ?>\u003C\u002Fh1>\n        \u003C\u002Fheader>\n\u003C?php\n\n\u002F\u002F Getting recent posts the page and post, minus the host blog.\n\u002F\u002F Specify the \"affect_wp_query = true\", for using the wp_pagenavi.\n$posts = wponw::get_posts('exclude_blog_ids=1&post_type=post,page&affect_wp_query=true');\n\nwp_pagenavi();\n\n?>\n\u003C?php if ( ! empty ( $posts ) ) : ?>\n        \u003Csection class=\"post-list\">\n\u003C?php\n        foreach ( $posts as $post ) :\n                wponw::setup_blog_and_postdata( $post );\n?>\n                \u003Csection id=\"post-\u003C?php the_ID() ?>\" \u003C?php post_class() ?>>\n                        \u003Ch2>【\u003C?php echo $post->blog_name ?>】\u003C\u002Fh2>\n                        \u003Ch1>\u003Ca href=\"\u003C?php the_permalink() ?>\">\u003C?php the_title() ?>\u003C\u002Fa>\u003C\u002Fh1>\n                        \u003C?php echo get_the_excerpt() ?>\n                \u003C\u002Fsection>\n\u003C?php\n                wponw::restore_blog_and_postdata();\n        endforeach;\n?>\n        \u003C\u002Fsection>\n\u003C?php else : ?>\n        \u003Cp>Sorry, there is no post.\u003C\u002Fp>\n\u003C?php endif; # End of empty( $posts ) ?>\n\n\u003C\u002Fsection>\n\u003C?php\n\nwp_reset_query();\nget_sidebar();\nget_footer();\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Using as Shortcode\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Display with default.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Arguments, can be used the same as \u003Ccode>wponw::render_post_archive_to_string\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use your template file, includes 3 post types\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list numberposts=8 post_type=products,promotions,information template=TemplateFileNameInYourTheme]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>NOTICE: DON’T include the file extension in TemplateFileNameInYourTheme.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you want to use your own rendering function.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list numberposts=5 post_type=products renderer=YourRenderFunction]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>To create an archive page with a page.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You create the new page, and write the below shortcode in the post content.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wponw_recent_post_list post_type=post exclude_blog_ids=1 affect_wp_query=true]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>@yuka2py on twitter\u003C\u002Fp>\n","Add ability to get posts from over your network sites. Supports widget, shortcode, and customizable original function.",6272,"2013-07-28T02:40:00.000Z","3.5.2","3.5",[110,19,20,111],"blogs","posts","https:\u002F\u002Fgithub.com\u002Fyuka2py\u002Fwp_over_network","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-over-network.0.4.4.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":45,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":132,"download_link":133,"security_score":77,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"multisite-enhancements","Multisite Enhancements","1.7.1","Frank Bueltge","https:\u002F\u002Fprofiles.wordpress.org\u002Fbueltge\u002F","\u003Cp>When you work quite a bit with WordPress Multisites, sometimes you need more information or menu items. This plugin enhances the network area for super admins with useful functions.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds Blog and User ID in network view \u003Ca href=\"http:\u002F\u002Fwpengineer.com\u002F2188\u002Fview-blog-id-in-wordpress-multisite\u002F\" rel=\"nofollow ugc\">more\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Enables an ‘Add New’ link under the Plugins menu for Network admins\u003C\u002Fli>\n\u003Cli>Adds several useful items to the multisite ‘Network Admin’ admin bar\u003C\u002Fli>\n\u003Cli>On the network plugins page, show which site has this plugin active\u003C\u002Fli>\n\u003Cli>On the network theme page, show which blog has the theme active and which is a Child theme\u003C\u002Fli>\n\u003Cli>Change Admin footer text for Administrators to view currently used RAM, SQL, RAM versions fast\u003C\u002Fli>\n\u003Cli>Adds Favicon from the theme folder to the admin area to easily identify the blog. Use the \u003Ccode>favicon.ico\u003C\u002Fcode> file in the theme folder of the active theme in each blog\u003C\u002Fli>\n\u003Cli>Adds Favicon to each blog on the Admin Bar Item ‘My Sites’. If you like a custom path for each favicon, please see the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbueltge\u002FWordPress-Multisite-Enhancements\u002Fwiki\u002FFilter-Hook-for-Favicon-File-Path\" rel=\"nofollow ugc\">documentation\u003C\u002Fa> for this feature.\u003C\u002Fli>\n\u003Cli>Removes also the ‘W’ logo and his sub-links in the admin bar\u003C\u002Fli>\n\u003Cli>Adds the status to each site in the admin bar to identify fastly if the site has a \u003Ccode>noindex\u003C\u002Fcode> status and to see the external url.\u003C\u002Fli>\n\u003Cli>Handy SSL identifier for each site on the network site view page.\u003C\u002Fli>\n\u003Cli>See the last login of users.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add functions to be used in your install\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The function \u003Ccode>get_blog_list()\u003C\u002Fcode> is currently deprecated in the WP Core, but currently usable. The plugin checks this and gets an alternative in \u003Ca href=\".\u002Finc\u002Fautoload\u002Fcore.php\" rel=\"nofollow ugc\">\u003Ccode>inc\u002Fautoload\u002Fcore.php\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>If you will develop the alternative to this function from my source, then use the method \u003Ccode>get_blog_list()\u003C\u002Fcode> in class \u003Ccode>Multisite_Core\u003C\u002Fcode>. My source also uses caching with the Transient API. More about the function in  \u003Ca href=\".\u002Finc\u002Fautoload\u002Fclass-core.php\" rel=\"nofollow ugc\">\u003Ccode>inc\u002Fautoload\u002Fclass-core.php\u003C\u002Fcode>\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>If you use WordPress version 3.7 and higher, then check the function \u003Ccode>wp_get_sites()\u003C\u002Fcode>, the new alternative function inside the core to get all sides inside the network. The function accepts a array with arguments, see the \u003Ca href=\"http:\u002F\u002Fwpseek.com\u002Fwp_get_sites\u002F\" rel=\"nofollow ugc\">description\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>But if you use WordPress 4.6 and higher then that new alternative 😉 – \u003Ccode>get_sites()\u003C\u002Fcode> – is the current function to get all sites in the network. The helper method of this plugin \u003Ccode>Multisite_Core::get_blog_list()\u003C\u002Fcode> or the function \u003Ccode>get_blog_list()\u003C\u002Fcode> have all checks included.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Filter the theme list to find your target quickly. This works on a single theme page and also on a network theme page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Crafted by Inpsyde\u003C\u002Fh4>\n\u003Cp>The team at \u003Ca href=\"http:\u002F\u002Finpsyde.com\u002F\" rel=\"nofollow ugc\">Inpsyde\u003C\u002Fa> is engineering the web and WordPress since 2006.\u003C\u002Fp>\n\u003Ch4>Donation?\u003C\u002Fh4>\n\u003Cp>If you want to donate – we prefer a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fmultisite-enhancements?rate=5#postform\" rel=\"ugc\">positive review\u003C\u002Fa>, nothing more.\u003Cbr \u002F>\n\u003Cstrong>Crafted by \u003Ca href=\"https:\u002F\u002Finpsyde.com\" rel=\"nofollow ugc\">Inpsyde\u003C\u002Fa> · The team is engineering the Web since 2006.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Hints, knowledge\u003C\u002Fh4>\n\u003Cp>See also for helpful hints on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbueltge\u002Fwordpress-multisite-enhancements\u002Fwiki\" rel=\"nofollow ugc\">wiki page\u003C\u002Fa>.\u003Cbr \u002F>\nEspecially the following topics are interest:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbueltge\u002FWordPress-Multisite-Enhancements\u002Fwiki\u002FFilter-Hook-for-Favicon-File-Path\" rel=\"nofollow ugc\">Filter Hook for Favicon File Path – Define your custom Favicon path\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbueltge\u002Fwordpress-multisite-enhancements\u002Fwiki\u002FLarge-Network-Problem\" rel=\"nofollow ugc\">Large Network Problem\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bugs, technical hints or contributions\u003C\u002Fh4>\n\u003Cp>Please give me feedback, contribute, and file technical bugs on this\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbueltge\u002FWordPress-Multisite-Enhancements\u002Fissues\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>, use Issues.\u003C\u002Fp>\n\u003Ch4>License\u003C\u002Fh4>\n\u003Cp>Good news, this plugin is free for everyone! Since it’s released under the GPL,\u003Cbr \u002F>\nyou can use it free of charge on your personal or commercial blog. But if you enjoy this plugin,\u003Cbr \u002F>\nyou can thank me and leave a\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=6069955\" title=\"Paypal Donate link\" rel=\"nofollow ugc\">small donation\u003C\u002Fa>\u003Cbr \u002F>\nfor the time I’ve spent writing and supporting this plugin.\u003Cbr \u002F>\nAnd I really don’t want to know how many hours of my life this plugin has already eaten 😉\u003C\u002Fp>\n\u003Ch4>Contact & Feedback\u003C\u002Fh4>\n\u003Cp>The plugin is designed and developed by me \u003Ca href=\"http:\u002F\u002Fbueltge.de\" rel=\"nofollow ugc\">Frank Bültge\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplus.google.com\u002F+FrankBültge\u002Fabout?rel=author\" rel=\"nofollow ugc\">G+ Page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please let me know if you like the plugin or hate it.\u003Cbr \u002F>\nPlease fork it, and add an issue for ideas and bugs on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbueltge\u002FWordPress-Multisite-Enhancements\" rel=\"nofollow ugc\">Github Repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Disclaimer\u003C\u002Fh4>\n\u003Cp>I’m German, and my English might be gruesome here and there.\u003Cbr \u002F>\nSo please be patient with me and let me know if there are typos or grammatical parts. Thanks\u003C\u002Fp>\n","Enhance Multisite for Network Admins with different topics",70,174060,48,"2024-07-18T15:27:00.000Z","6.6.5","4.6","7.2",[130,131,19,20],"admin-bar","administration","https:\u002F\u002Fgithub.com\u002Fbueltge\u002FWordPress-Multisite-Enhancements","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-enhancements.1.7.1.zip",{"attackSurface":135,"codeSignals":163,"taintFlows":173,"riskAssessment":174,"analyzedAt":185},{"hooks":136,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":13,"unprotectedCount":13},[137,143,147,152,156],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","admin_init","settings_init","private-site.php",21,{"type":138,"name":144,"callback":145,"file":141,"line":146},"plugins_loaded","redirect",22,{"type":148,"name":149,"callback":150,"file":141,"line":151},"filter","wpmu_blogs_columns","wmpu_blogs_columns",25,{"type":138,"name":153,"callback":154,"priority":56,"file":141,"line":155},"manage_blogs_custom_column","sites_private_column_field",26,{"type":138,"name":157,"callback":154,"priority":56,"file":141,"line":158},"manage_sites_custom_column",27,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":172},[],{"prepared":13,"raw":13,"locations":166},[],{"escaped":13,"rawEcho":56,"locations":168},[169],{"file":141,"line":170,"context":171},59,"raw output",[],[],{"summary":175,"deductions":176},"The \"thebrent-private-site\" plugin v0.1.0 exhibits a surprisingly low attack surface based on the static analysis. With no registered AJAX handlers, REST API routes, shortcodes, or cron events, the plugin appears to have minimal direct entry points into its functionality. Furthermore, the absence of dangerous function calls, file operations, and external HTTP requests, coupled with a complete reliance on prepared statements for SQL queries, suggests a cautious approach to core security practices in these areas.  The lack of any recorded vulnerabilities or CVEs further reinforces an initial impression of a secure plugin. However, a critical weakness is the complete lack of output escaping. This means that any data outputted by the plugin is susceptible to injection attacks, particularly Cross-Site Scripting (XSS). The absence of nonce and capability checks across its (albeit limited) entry points also presents a significant concern, as it implies that actions within the plugin might not be properly authorized or protected against replay attacks. While the plugin is robust in areas like SQL handling and limiting its direct attack surface, the unescaped output and missing authorization checks are significant security gaps that require immediate attention to prevent potential compromises.",[177,180,183],{"reason":178,"points":179},"Output escaping is not implemented",8,{"reason":181,"points":182},"Nonce checks are not implemented",5,{"reason":184,"points":182},"Capability checks are not implemented","2026-03-16T23:04:13.657Z",{"wat":187,"direct":192},{"assetPaths":188,"generatorPatterns":189,"scriptPaths":190,"versionParams":191},[],[],[],[],{"cssClasses":193,"htmlComments":195,"htmlAttributes":196,"restEndpoints":197,"jsGlobals":198,"shortcodeOutput":199},[194],"dashicons-yes",[],[],[],[],[]]