[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6qysUOuMHgRs3IyczD4rf8i8js1rtJPhHLAO5smnNDI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":134,"fingerprints":256},"theme-extension-downloader","Theme & Extension Downloader","1.0.0","CHRS Interactive","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrsinteractive\u002F","\u003Cp>Theme & Extension Downloader is a simple utility plugin that allows WordPress administrators to download any installed plugin or theme as a ZIP file. Perfect for creating backups, migrating extensions between sites, or sharing custom plugins\u002Fthemes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Download any installed plugin as a ZIP file\u003C\u002Fli>\n\u003Cli>Download any installed theme as a ZIP file\u003C\u002Fli>\n\u003Cli>Bulk download multiple items in a single ZIP bundle\u003C\u002Fli>\n\u003Cli>See active\u002Finactive status at a glance\u003C\u002Fli>\n\u003Cli>Seamless admin integration under Plugins and Appearance menus\u003C\u002Fli>\n\u003Cli>Secure – admin-only with nonce verification\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Use Cases:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create quick backups before updating plugins\u003C\u002Fli>\n\u003Cli>Migrate custom plugins to staging sites\u003C\u002Fli>\n\u003Cli>Share custom-developed themes with clients\u003C\u002Fli>\n\u003Cli>Archive plugins you want to keep for later\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Simple & Lightweight:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does one thing and does it well. No bloat, no upsells, no tracking. Just a clean, simple interface for downloading your extensions.\u003C\u002Fp>\n","Download any installed plugin or theme as a ZIP file directly from your WordPress dashboard.",0,147,"2026-02-10T19:05:00.000Z","6.9.4","5.0","7.4",[18,19,20,21,22],"backup","download","export","theme","zip","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-extension-downloader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-extension-downloader.1.0.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"chrsinteractive",4,400,701,79,"2026-04-04T08:13:43.696Z",[37,53,76,91,115],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":25,"downloaded":45,"rating":11,"num_ratings":11,"last_updated":46,"tested_up_to":14,"requires_at_least":47,"requires_php":16,"tags":48,"homepage":51,"download_link":52,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"export-media-as-zip","Export Media as ZIP","1.6","Huzoor Bux","https:\u002F\u002Fprofiles.wordpress.org\u002Fhuzoorbakhsh\u002F","\u003Cp>\u003Cstrong>Export Media as ZIP\u003C\u002Fstrong> is a lightweight plugin that allows administrators to download all images from the WordPress media library as a ZIP file. It’s perfect for quick backups, migrations, or sharing image assets with clients.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Export JPG, PNG, GIF, JPEG, and WEBP images\u003C\u002Fli>\n\u003Cli>Admin-only access to the export feature\u003C\u002Fli>\n\u003Cli>One-click download\u003C\u002Fli>\n\u003Cli>No configuration needed\u003C\u002Fli>\n\u003Cli>Compatible with all major themes and plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you have any questions or need help, please feel free to open an issue on GitHub or contact me at huzoorbux@gmail.com.\u003C\u002Fp>\n","Export your entire WordPress media library as a single downloadable ZIP file. Simple, fast, and admin-only.",1016,"2025-12-09T03:34:00.000Z","6.0",[18,49,20,50,22],"download-images","media","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexport-media-as-zip.1.5.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":51,"tags":68,"homepage":72,"download_link":73,"security_score":25,"vuln_count":74,"unpatched_count":11,"last_vuln_date":75,"fetched_at":27},"download-theme","Download Theme","1.1.2","Metagauss","https:\u002F\u002Fprofiles.wordpress.org\u002Fmetagauss\u002F","\u003Cp>Download Theme allows you to download any theme directly from your WordPress dashboard. It adds the download link right on the theme listing page, on each theme, as shown in the screenshot.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Just activate this plugin.\u003C\u002Fli>\n\u003Cli>You can see Download link on each theme box on Appearance page.\u003C\u002Fli>\n\u003Cli>Click on any of them and that theme’s zip will be downloaded to your computer.\u003C\u002Fli>\n\u003Cli>Cheers!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Download Theme Services\u003C\u002Fh4>\n\u003Cp>Download Theme now offers Theme Services. If you need expert help setting up your WordPress theme, simply go to your WordPress dashboard, navigate to the Help button in the top right corner, and click on Get Help Now.\u003C\u002Fp>\n\u003Ch4>Download Plugin\u003C\u002Fh4>\n\u003Cp>If you want to download any plugin from your WordPress admin panel’s Plugins page, then use our other plugin – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdownload-plugin\" rel=\"ugc\">Download Plugin\u003C\u002Fa>\u003C\u002Fp>\n","Download any theme from your WordPress admin panel's Appearance page by just one click!",4000,127909,80,7,"2025-04-23T11:55:00.000Z","6.8.5","3.0",[54,69,21,70,71],"download-theme-zip","theme-zip","themes","http:\u002F\u002Fmetagauss.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdownload-theme.1.1.2.zip",1,"2023-05-24 00:00:00",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":25,"num_ratings":74,"last_updated":86,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":87,"homepage":89,"download_link":90,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"kp-zip-downloader","KP Zip Downloader","1.0.3","Kalpesh Prajapati","https:\u002F\u002Fprofiles.wordpress.org\u002Fkprajapati22\u002F","\u003Cp>KP Zip Downloader provides an easy way to download installed plugins and themes as ZIP files directly from your WordPress admin dashboard. This tool is particularly useful for developers, site administrators, or anyone needing to quickly access the source files for migration or backup purposes.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Download any installed plugin as a ZIP file.\u003C\u002Fli>\n\u003Cli>Download any installed theme as a ZIP file.\u003C\u002Fli>\n\u003Cli>Fully integrated with the WordPress admin dashboard.\u003C\u002Fli>\n\u003Cli>Simple and intuitive user interface.\u003C\u002Fli>\n\u003Cli>Lightweight and efficient.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows administrators to download installed plugins and themes as ZIP files directly from the WordPress dashboard.",2000,9366,"2025-12-06T19:54:00.000Z",[19,88,71,22],"plugins","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkp-zip-downloader","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkp-zip-downloader.1.0.3.zip",{"slug":92,"name":93,"version":94,"author":93,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":66,"requires_at_least":103,"requires_php":104,"tags":105,"homepage":110,"download_link":111,"security_score":112,"vuln_count":113,"unpatched_count":74,"last_vuln_date":114,"fetched_at":27},"backup-bolt","Backup Bolt","1.5.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fbackupbolt\u002F","\u003Cp>Backup Bolt is the easiest and simplest one click backup plugin you could ever find!. Now take a custom backup with minimal storage consumption or backup your full WordPress site with a click of button!. Clutter free straight forward interface. Download backup with zip compression.\u003C\u002Fp>\n\u003Ch3>BACKUP FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Super easy backup interface\u003C\u002Fli>\n\u003Cli>Custom backup for minimal storage consumption\u003C\u002Fli>\n\u003Cli>Full WordPress backup\u003C\u002Fli>\n\u003Cli>Backup size v\u002Fs Free memory calculation\u003C\u002Fli>\n\u003Cli>PCLZIP based faster backup process\u003C\u002Fli>\n\u003Cli>Realtime process logging during backup\u003C\u002Fli>\n\u003Cli>Generate large backups within seconds\u003C\u002Fli>\n\u003Cli>Download the backup in zip format\u003C\u002Fli>\n\u003Cli>Backups are auto deleted daily for storage consumption\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Show Your Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Rate Plugin – If you find this plugin useful, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbackup-bolt\u002Freviews\u002F\" rel=\"ugc\">positive review\u003C\u002Fa>. Your reviews are our biggest motivation for further development of the plugin.\u003C\u002Fli>\n\u003Cli>Submit a Bug – If you find any issue, please submit a bug via support forum.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Thanks to \u003Ca href=\"https:\u002F\u002Fsweetalert2.github.io\u002F\" rel=\"nofollow ugc\">SweetAlert2\u003C\u002Fa> for beautiful alert box script.\u003C\u002Fp>\n","Super simple one click backup your site and download the backup in compressed zip format. Choose between custom or full WordPress backup.",900,17597,94,13,"2025-10-05T14:23:00.000Z","4.0","5.6",[18,106,107,108,109],"backups","download-backup","restore","zip-backup","https:\u002F\u002Fbackupbolt.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbackup-bolt.1.5.0.zip",76,3,"2025-10-02 00:00:00",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":51,"tags":130,"homepage":131,"download_link":132,"security_score":133,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"theme-downloader","Theme Downloader","1.1.1","George Stephanis","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeorgestephanis\u002F","\u003Cp>Most themes are licensed under the GPL, which makes it completely legal for you to do whatever you like with them, so long as you don’t restrict what other people, in turn, can do with them.  This is a type of copyleft license, and it means that you are free to redistribute any GPL-compliant themes any way you like!\u003C\u002Fp>\n\u003Cp>Unfortunately, it’s often hard to actually do.  While it’s easy to upload a theme as a zip file, it’s difficult to get the theme back afterwards!  This plugin aims to make that a bit easier.\u003C\u002Fp>\n\u003Cp>If your server is capable of making Zip archives, and your user account has the \u003Ccode>edit_themes\u003C\u002Fcode> capability, then this plugin will let you download any of your themes — including any modifications you’ve made to the code of it — as a Zip file that you can then reinstall on any other WordPress site!\u003C\u002Fp>\n\u003Cp>Enjoy!  🙂\u003C\u002Fp>\n\u003Cp>P.S. — If the author of your theme didn’t license it on a GPL-compliant license, make sure you’re not breaking any licensing terms by what you do with the theme once you’ve downloaded it!\u003C\u002Fp>\n","A handy dandy plugin that tries to let you download any installed theme as a zip file.",200,29320,72,14,"2014-10-08T15:50:00.000Z","3.9.40","3.4",[19,21,22],"http:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-downloader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-downloader.1.1.1.zip",85,{"attackSurface":135,"codeSignals":159,"taintFlows":171,"riskAssessment":249,"analyzedAt":255},{"hooks":136,"ajaxHandlers":155,"restRoutes":156,"shortcodes":157,"cronEvents":158,"entryPointCount":11,"unprotectedCount":11},[137,143,147,151],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","admin_menu","add_admin_menus","theme-extension-downloader.php",65,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_init","handle_download",66,{"type":138,"name":148,"callback":149,"file":141,"line":150},"admin_enqueue_scripts","enqueue_assets",67,{"type":138,"name":152,"callback":153,"file":141,"line":154},"plugins_loaded","get_instance",612,[],[],[],[],{"dangerousFunctions":160,"sqlUsage":161,"outputEscaping":163,"fileOperations":169,"externalRequests":11,"nonceChecks":31,"capabilityChecks":113,"bundledLibraries":170},[],{"prepared":11,"raw":11,"locations":162},[],{"escaped":164,"rawEcho":74,"locations":165},52,[166],{"file":141,"line":167,"context":168},364,"raw output",2,[],[172,195,207],{"entryPoint":173,"graph":174,"unsanitizedCount":74,"severity":194},"process_single_download (theme-extension-downloader.php:171)",{"nodes":175,"edges":190},[176,181,185],{"id":177,"type":178,"label":179,"file":141,"line":180},"n0","source","$_GET",194,{"id":182,"type":183,"label":184,"file":141,"line":180},"n1","transform","→ create_and_serve_zip()",{"id":186,"type":187,"label":188,"file":141,"line":167,"wp_function":189},"n2","sink","echo() [XSS]","echo",[191,193],{"from":177,"to":182,"sanitized":192},false,{"from":182,"to":186,"sanitized":192},"medium",{"entryPoint":196,"graph":197,"unsanitizedCount":74,"severity":194},"process_bulk_download (theme-extension-downloader.php:200)",{"nodes":198,"edges":204},[199,202,203],{"id":177,"type":178,"label":200,"file":141,"line":201},"$_POST",229,{"id":182,"type":183,"label":184,"file":141,"line":201},{"id":186,"type":187,"label":188,"file":141,"line":167,"wp_function":189},[205,206],{"from":177,"to":182,"sanitized":192},{"from":182,"to":186,"sanitized":192},{"entryPoint":208,"graph":209,"unsanitizedCount":169,"severity":194},"\u003Ctheme-extension-downloader> (theme-extension-downloader.php:0)",{"nodes":210,"edges":240},[211,214,218,219,221,225,228,230,232,234,236,238],{"id":177,"type":178,"label":212,"file":141,"line":213},"$_POST (x2)",216,{"id":182,"type":187,"label":215,"file":141,"line":216,"wp_function":217},"header() [Header Injection]",357,"header",{"id":186,"type":178,"label":200,"file":141,"line":213},{"id":220,"type":187,"label":188,"file":141,"line":167,"wp_function":189},"n3",{"id":222,"type":178,"label":223,"file":141,"line":224},"n4","$_GET (x3)",188,{"id":226,"type":187,"label":188,"file":141,"line":227,"wp_function":189},"n5",510,{"id":229,"type":178,"label":179,"file":141,"line":180},"n6",{"id":231,"type":183,"label":184,"file":141,"line":180},"n7",{"id":233,"type":187,"label":188,"file":141,"line":167,"wp_function":189},"n8",{"id":235,"type":178,"label":200,"file":141,"line":201},"n9",{"id":237,"type":183,"label":184,"file":141,"line":201},"n10",{"id":239,"type":187,"label":188,"file":141,"line":167,"wp_function":189},"n11",[241,243,244,245,246,247,248],{"from":177,"to":182,"sanitized":242},true,{"from":186,"to":220,"sanitized":242},{"from":222,"to":226,"sanitized":242},{"from":229,"to":231,"sanitized":192},{"from":231,"to":233,"sanitized":192},{"from":235,"to":237,"sanitized":192},{"from":237,"to":239,"sanitized":192},{"summary":250,"deductions":251},"The \"theme-extension-downloader\" plugin v1.0.0 demonstrates a strong security posture based on the provided static analysis.  It features a complete absence of exposed AJAX handlers, REST API routes, shortcodes, and cron events, resulting in a zero-percent attack surface without authentication.  The code also shows excellent practices in SQL query handling, with 100% usage of prepared statements, and a high percentage of properly escaped output, minimizing risks of injection and XSS vulnerabilities.  The presence of nonce and capability checks further reinforces its security measures. \n\nDespite these strengths, the taint analysis revealed three flows with unsanitized paths, indicating potential vulnerabilities if these paths were to be exposed to user input without proper sanitization. While the severity of these flows is not categorized as critical or high, the presence of unsanitized paths is a notable concern that could be exploited in conjunction with other potential weaknesses. The plugin's vulnerability history is clean, with no known CVEs, which suggests a well-maintained codebase or limited exposure.  However, the taint analysis findings should not be overlooked, as they represent a potential area for exploitation.",[252],{"reason":253,"points":254},"Flows with unsanitized paths found",15,"2026-03-17T06:50:06.639Z",{"wat":257,"direct":262},{"assetPaths":258,"generatorPatterns":259,"scriptPaths":260,"versionParams":261},[],[],[],[],{"cssClasses":263,"htmlComments":272,"htmlAttributes":273,"restEndpoints":276,"jsGlobals":277,"shortcodeOutput":279},[264,265,266,267,268,269,270,271],"chrs-ted-status","chrs-ted-status-active","chrs-ted-status-inactive","chrs-ted-inactive","chrs-ted-selected-count","chrs-ted-item-check","chrs-ted-select-all","chrs-ted-bulk-download",[],[274,275],"data-chrs-ted-download","data-chrs-ted-type",[],[278],"chrs_ted_selected_items",[]]