[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjtHGMbL6ZmenxyLXfG5z3ZdHOXNLropFka48RGyIB3Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":152,"fingerprints":194},"theme-mentor","Theme Mentor","0.2","Mario Peshev","https:\u002F\u002Fprofiles.wordpress.org\u002Fnofearinc\u002F","\u003Cp>Theme Mentor is a cousin of the Theme-Check plugin getting deeper into the code analysis.\u003C\u002Fp>\n\u003Cp>It’s using different approaches to monitor for common problems regarding theme reviews from the WordPress Theme Reviewers Team. It is prone to fault analysis, so use only as a reference for improving your code base even further.\u003C\u002Fp>\n\u003Cp>Currently supported validations:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Mark all  tags in template files\u003C\u002Fli>\n\u003Cli>Mark all  tags in template files\u003C\u002Fli>\n\u003Cli>Warn about query_posts() usage\u003C\u002Fli>\n\u003Cli>capital_P_dangit control (disallow any WordPress spelling other than WordPress as is – that is WORDPRESS and WordPress, ugh)\u003C\u002Fli>\n\u003Cli>wp_deregister_script(‘jquery’) is forbidden\u003C\u002Fli>\n\u003Cli>wp_dequeue_script(‘jquery’) is forbidden\u003C\u002Fli>\n\u003Cli>prevent global $data; call as a common troublemaker (props @pippinsplugins)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>header.php specific\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Make sure that wp_head is before \u003C\u002Fli>\n\u003Cli>Ensure that wp_title(…) is called within  and  tags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>footer.php specific\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Make sure that wp_footer is before \u003C\u002Fli>\n\u003C\u002Ful>\n","Theme Mentor is a cousin of the Theme-Check plugin getting deeper into the code analysis.",10,5516,100,2,"2020-02-12T13:14:00.000Z","5.2.24","4.9.13","",[20,21,22,23,24],"code","quality","review","testing","theme","https:\u002F\u002Fgithub.com\u002Fmpeshev\u002FTheme-Mentor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-mentor.0.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"nofearinc",13,5120,86,164,69,"2026-04-05T07:49:01.688Z",[41,62,82,102,125],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":13,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":18,"tags":55,"homepage":60,"download_link":61,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"theme-preview","Theme Preview","1.4","Dougal Campbell","https:\u002F\u002Fprofiles.wordpress.org\u002Fdougal\u002F","\u003Cp>By default, the only way to see how a new theme looks on your site is to\u003Cbr \u002F>\nactivate it, making it visible to everyone who visits. With this plugin, it\u003Cbr \u002F>\nis possible to view how a new theme looks without activating it.\u003C\u002Fp>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cp>Possible future enhancements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add an options screen.\u003C\u002Fli>\n\u003Cli>Allow choice of theme to preview from a known list of installed themes.\u003C\u002Fli>\n\u003Cli>Provide persistent previews by setting a cookie.\u003C\u002Fli>\n\u003Cli>Restrict preview ability by user Roles\u002FCapabilities.\u003C\u002Fli>\n\u003Cli>Child-theme friendliness.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>May not work properly with child themes. This is because it will not be able\u003Cbr \u002F>\nto inherit from the parent theme as it normally would.\u003C\u002Fp>\n","Allows you test how a theme looks on your site without activating it.",300,41450,1,"2016-02-17T16:20:00.000Z","4.4.34","2.6.0",[56,57,58,23,59],"css","presentation","preview","themes","http:\u002F\u002Fdougal.gunters.org\u002Fplugins\u002Ftheme-preview","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-preview.1.4.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":13,"downloaded":70,"rating":13,"num_ratings":51,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":80,"download_link":81,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"eli-php-compatibility-scanner","Eli's PHP Compatibility Scanner","1.1.1","Eli Hanna","https:\u002F\u002Fprofiles.wordpress.org\u002Feliehanna\u002F","\u003Cp>\u003Cstrong>⚠️ Important: Development Environment Only\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is designed for development environments like LocalWP, XAMPP, or self-hosted servers. It will \u003Cstrong>not work\u003C\u002Fstrong> on most managed hosting providers (WP Engine, Kinsta, SiteGround, etc.) due to security restrictions that disable the \u003Ccode>exec()\u003C\u002Fcode> function and limit access to PHP binaries.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How It Works\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin leverages \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsquizlabs\u002FPHP_CodeSniffer\" rel=\"nofollow ugc\">PHP_CodeSniffer\u003C\u002Fa> with the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPHPCompatibility\u002FPHPCompatibility\" rel=\"nofollow ugc\">PHPCompatibility\u003C\u002Fa> standard to perform deep static analysis of your PHP code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core Components:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Bundled Dependencies\u003C\u002Fstrong>: Includes PHP_CodeSniffer and PHPCompatibility ruleset\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Batch Processing\u003C\u002Fstrong>: Scans files in configurable batches (10-100 files) to manage memory usage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Command Execution\u003C\u002Fstrong>: Executes PHPCS via PHP’s \u003Ccode>exec()\u003C\u002Fcode> function with specific parameters\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server-Side State\u003C\u002Fstrong>: Stores file lists in WordPress options to optimize AJAX requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Progressive UI\u003C\u002Fstrong>: Real-time batch results with stop\u002Fstart controls\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>How to Use:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Navigate to \u003Cstrong>Tools \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> PHP Compatibility Scanner\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Review the \u003Cstrong>System Check\u003C\u002Fstrong> section to ensure your environment is compatible\u003C\u002Fli>\n\u003Cli>Select the \u003Cstrong>plugins and\u002For themes\u003C\u002Fstrong> you want to scan by checking their boxes\u003C\u002Fli>\n\u003Cli>Configure your scan options:\n\u003Cul>\n\u003Cli>\u003Cstrong>Target PHP Version\u003C\u002Fstrong>: Choose the PHP version you want to test against (7.4 – 8.4)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Batch Size\u003C\u002Fstrong>: Select how many files to process at once (default: 50 files)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Skip Vendor Directory\u003C\u002Fstrong>: Keep checked to skip third-party dependencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Start Scan\u003C\u002Fstrong> to begin the compatibility check\u003C\u002Fli>\n\u003Cli>View results in real-time as each plugin\u002Ftheme is scanned\u003C\u002Fli>\n\u003Cli>Review any \u003Cstrong>errors\u003C\u002Fstrong> (❌) or \u003Cstrong>warnings\u003C\u002Fstrong> (⚠️) found in your code\u003C\u002Fli>\n\u003Cli>Click on any target to expand and see detailed compatibility issues\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Why It Requires Development Environments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ccode>exec()\u003C\u002Fcode> Function\u003C\u002Fstrong>: Required to run PHPCS binary – disabled on managed hosts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP Binary Access\u003C\u002Fstrong>: Needs access to PHP executable – restricted on shared hosting\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Composer Dependencies\u003C\u002Fstrong>: Requires vendor directory with PHPCS installation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File System Access\u003C\u002Fstrong>: Creates temporary files for batch processing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory\u002FTime Limits\u003C\u002Fstrong>: Long-running scans need relaxed execution limits\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Supported Environments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>LocalWP\u003C\u002Fstrong> (recommended)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XAMPP\u002FMAMP\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Docker WordPress\u003C\u002Fstrong> setups\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Self-hosted\u003C\u002Fstrong> VPS\u002Fdedicated servers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Development\u003C\u002Fstrong> environments with shell access\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Unsupported Environments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WP Engine\u003C\u002Fstrong> (exec() disabled)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Kinsta\u003C\u002Fstrong> (security restrictions)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SiteGround\u003C\u002Fstrong> (managed hosting limitations)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GoDaddy Managed WordPress\u003C\u002Fstrong> (function restrictions)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress.com\u003C\u002Fstrong> (no plugin uploads)\u003C\u002Fli>\n\u003Cli>Most \u003Cstrong>shared hosting\u003C\u002Fstrong> providers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>This plugin is actively developed for WordPress development environments. Contributions are welcome, especially:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Additional PHP version compatibility rules\u003C\u002Fli>\n\u003Cli>Performance optimizations\u003C\u002Fli>\n\u003Cli>UI\u002FUX improvements\u003C\u002Fli>\n\u003Cli>Hosted environment compatibility solutions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Technical Details\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Dependencies\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>PHP_CodeSniffer\u003C\u002Fstrong>: ^3.13 (static analysis engine)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHPCompatibility\u003C\u002Fstrong>: dev-develop (compatibility ruleset)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>License\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>GPLv2 or later – same as WordPress core.\u003C\u002Fp>\n","A comprehensive WordPress plugin that scans your plugins and themes for PHP version compatibility issues using the  PHPCompatibility ruleset.",891,"2026-03-09T20:55:00.000Z","6.9.4","4.5","7.4",[76,77,78,23,79],"code-quality","compatibility","phpcs","wordpress-development","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feli-php-compatibility-scanner","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feli-php-compatibility-scanner.1.1.1.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":28,"downloaded":90,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":91,"requires_at_least":92,"requires_php":74,"tags":93,"homepage":99,"download_link":100,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":101},"monwoo-web-agency-config","Monwoo Web Agency Config","0.0.3","Miguel Monwoo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmonwoo\u002F","\u003Cp>Wa-config is a Web Agency plugin ready\u003Cbr \u002F>\nto run \u003Cstrong>parrallel programming\u003C\u002Fstrong>\u003Cbr \u002F>\nwith \u003Cstrong>advanced debug\u003C\u002Fstrong> and \u003Cstrong>end to end testing\u003C\u002Fstrong> tools.\u003C\u002Fp>\n\u003Cp>It’s fully \u003Cstrong>free\u003C\u002Fstrong> for ‘AS IS’ personal or commercial usage since it’s licensed under \u003Cstrong>Apache-2.0\u003C\u002Fstrong>.\u003Cbr \u002F>\nLicence requirements :\u003Cbr \u002F>\n – Derivative Works that you distribute must include a readable copy of the attribution notices (Usage of the plugin already have those notices, you have to upgrade it only in case of plugin source modifications)\u003Cbr \u002F>\n – You can patent your work until this Licence is respected. A patent forbiding usage of this already published plugin is forbiden.\u003C\u002Fp>\n\u003Cp>It come with :\u003Cbr \u002F>\n – \u003Cstrong>Skills and missions\u003C\u002Fstrong> concepts ready to use as taxonomy and custom post type\u003Cbr \u002F>\n – \u003Cstrong>Internaionalisation\u003C\u002Fstrong> and \u003Cstrong>WooCommerce\u003C\u002Fstrong> integration\u003Cbr \u002F>\n – A \u003Cstrong>securised REST API\u003C\u002Fstrong> to deploy custom static HTML front head\u003Cbr \u002F>\n – A \u003Cstrong>commonJS deploy script\u003C\u002Fstrong> to easyliy deploy your static HTML frontend heads\u003Cbr \u002F>\n – A \u003Cstrong>review system\u003C\u002Fstrong> for all team members using this plugin\u003Cbr \u002F>\n – \u003Cstrong>Codeception\u003C\u002Fstrong> as end to end test tool\u003Cbr \u002F>\n – \u003Cstrong>PhpDocumentor output\u003C\u002Fstrong> as an up to date HTML documentation\u003Cbr \u002F>\n – \u003Cstrong>Pdf.js\u003C\u002Fstrong> for quick display of main documentation files\u003Cbr \u002F>\n – results of \u003Cstrong>Miguel Monwoo R&D\u003C\u002Fstrong> for \u003Cstrong>parallel programmings\u003C\u002Fstrong> and \u003Cstrong>advanced integrations\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Monwoo Web Agency Config will help with \u003Cstrong>Web Agency jobs\u003C\u002Fstrong> like :\u003Cbr \u002F>\n – Posting past or current \u003Cstrong>missions managable by skills\u003C\u002Fstrong>.\u003Cbr \u002F>\n – \u003Cstrong>Internationalising\u003C\u002Fstrong> content and WooCommerce products (need Polylang plugin).\u003Cbr \u002F>\n – Billings with \u003Cstrong>order prefix\u003C\u002Fstrong> for WooCommerce.\u003Cbr \u002F>\n – Ensuring human and automatic \u003Cstrong>plugable reviews\u003C\u002Fstrong>.\u003Cbr \u002F>\n – Deploying custom \u003Cstrong>static frontend\u003C\u002Fstrong> like Angular\u002FSvelte\u002FVue.js\u002FJS\u002FHTML\u002Fetc….\u003Cbr \u002F>\n – Launching custom authenticated \u003Cstrong>End to End user tests\u003C\u002Fstrong>\u003Cbr \u002F>\n   under production server with existing user accounts (Codeception).\u003Cbr \u002F>\n – \u003Cstrong>Backuping\u003C\u002Fstrong> and \u003Cstrong>optimizing\u003C\u002Fstrong> the website\u003Cbr \u002F>\n   (mandatory to ensure safe tests launch under production data).\u003Cbr \u002F>\n – Extending this plugin to \u003Cstrong>improve those base features\u003C\u002Fstrong>.\u003Cbr \u002F>\n – Runing same \u003Cstrong>instance\u003C\u002Fstrong> of this plugin \u003Cstrong>in parallele\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FItmLWXc4LZ0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmiguel.monwoo.com\" rel=\"nofollow ugc\">Build by Miguel Monwoo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin make your website ready to do \u003Cstrong>advanced\u003C\u002Fstrong> human and\u002For automatic tests \u003Cstrong>reviews\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WARNING\u003C\u002Fstrong> : always test your \u003Cstrong>BACKUP\u003C\u002Fstrong> strategie \u003Cstrong>BEFORE LAUNCHING\u003C\u002Fstrong> codeception tests.\u003C\u002Fp>\n\u003Cp>Indeed, we never know what may happen \u003Cstrong>in case of falling tests\u003C\u002Fstrong> or unknown side effects. So alway \u003Cstrong>have a backup\u003C\u002Fstrong> ready.\u003C\u002Fp>\n\u003Cp>We provide links before the codeception test launch to let you do the kind of light or heavy backup you like.\u003C\u002Fp>\n","Monwoo Web Agency Config (Wa-config) is a Web Agency production tool build from researches and developpements done by Miguel Monwoo from 2011 to 2022.",1144,"6.0.11","5.9.2",[94,95,96,97,98],"codeception","optimisations","quality-review","wa-config","web-agency","https:\u002F\u002Fmoonkiosk.monwoo.com\u002Fen\u002Fmissions\u002Fwa-config-monwoo_en","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonwoo-web-agency-config.0.0.3.zip","2026-03-15T10:48:56.248Z",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":36,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":121,"download_link":122,"security_score":38,"vuln_count":123,"unpatched_count":28,"last_vuln_date":124,"fetched_at":30},"mw-wp-form","MW WP Form","5.1.0","Takashi Kitajima","https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\u002F","\u003Cp>\u003Cstrong>This plugin currently has only the minimum required maintenance releases.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Main maintainer has been handed over from @inc2734 to @websoudan.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MW WP Form can create mail form with a confirmation screen using shortcode.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Form created using shortcodes\u003C\u002Fli>\n\u003Cli>Using confirmation page is possible.\u003C\u002Fli>\n\u003Cli>The page changes by the same URL or individual URL are possible.\u003C\u002Fli>\n\u003Cli>Many validation rules\u003C\u002Fli>\n\u003Cli>Saving inquiry data is possible.\u003C\u002Fli>\n\u003Cli>Displaying Chart using saved inquiry data is possible.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Official\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fmw-wp-form.web-soudan.co.jp\u003C\u002Fp>\n\u003Ch4>GitHub\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fweb-soudan\u002Fmw-wp-form\u003C\u002Fp>\n\u003Ch4>The following third-party resources\u003C\u002Fh4>\n\u003Cp>Google Charts\u003Cbr \u002F>\nSource: https:\u002F\u002Fdevelopers.google.com\u002Fchart\u002F\u003C\u002Fp>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F2inc.org\" rel=\"nofollow ugc\">Takashi Kitajima\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\" rel=\"nofollow ugc\">inc2734\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwebcre-archive.com\" rel=\"nofollow ugc\">Ryujiro Yamamoto\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fryu263\" rel=\"nofollow ugc\">ryu263\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fkee-non.com\" rel=\"nofollow ugc\">Tsujimoto Tomoyuki\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ftomothumb\" rel=\"nofollow ugc\">tomothumb\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>[Naoyuki Ohata] ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnanniku\" rel=\"nofollow ugc\">nanniku\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmt8.biz\u002F\" rel=\"nofollow ugc\">Kazuto Takeshita\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmt8biz\u002F\" rel=\"nofollow ugc\">moto hachi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.next-season.net\u002F\" rel=\"nofollow ugc\">Atsushi Ando\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnext-season\u002F\" rel=\"nofollow ugc\">NExt-Season\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvisualive.jp\u002F\" rel=\"nofollow ugc\">Kazuki Tomiyasu\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fkuck1u\u002F\" rel=\"nofollow ugc\">KUCKLU\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmypacecreator.net\u002F\" rel=\"nofollow ugc\">Kei Nomura\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmypacecreator\u002F\" rel=\"nofollow ugc\">mypacecreator\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmh35\" rel=\"nofollow ugc\">mh35\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnojimage\" rel=\"nofollow ugc\">Takashi Nojima\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fherikutu\" rel=\"nofollow ugc\">herikutu\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftsucharoku\" rel=\"nofollow ugc\">tsucharoku\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ft-hamano\" rel=\"nofollow ugc\">Tetsuaki Hamano\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwildworks\u002F\" rel=\"nofollow ugc\">t-hamano\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmusus\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmusus\u002F\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flikr\" rel=\"nofollow ugc\">Yosuke Onoue\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Flikr\u002F\" rel=\"nofollow ugc\">likr\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fyudai524\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fyudai524\u002F\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnoldorinfo\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnoldorinfo\u002F\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> )\u003C\u002Fli>\n\u003C\u002Ful>\n","MW WP Form is shortcode base contact form plugin. This plugin have many features. For example you can use many validation rules, inquiry data saving,  &hellip;",200000,1771027,22,"2024-03-13T02:48:00.000Z","6.4.8","6.0",[117,118,119,58,120],"confirm","form","mail","shortcode","https:\u002F\u002Fmw-wp-form.web-soudan.co.jp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmw-wp-form.5.1.0.zip",6,"2026-04-01 16:50:15",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":135,"num_ratings":136,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":140,"tags":141,"homepage":147,"download_link":148,"security_score":149,"vuln_count":150,"unpatched_count":28,"last_vuln_date":151,"fetched_at":30},"wpide","WPIDE – File Manager & Code Editor","3.5.3","XplodedThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fxplodedthemes\u002F","\u003Cp>\u003Cstrong>WPIDE\u003C\u002Fstrong> is an Advanced \u003Cstrong>File Manager\u003C\u002Fstrong> and \u003Cstrong>Code Editor\u003C\u002Fstrong> plugin for WordPress that you can use completely for free.\u003C\u002Fp>\n\u003Cp>The Code Editor lets you edit any file within your wp-content folder, not just plugins and themes.\u003C\u002Fp>\n\u003Cp>The included \u003Cstrong>code completion\u003C\u002Fstrong> will help you remember your WordPress\u002FPHP commands providing function reference along the way. Edit multiple files with the tabbed editor.\u003C\u002Fp>\n\u003Cp>The File Manager lets you copy, move, duplicate, create archives, download, upload, edit, delete, preview files & directories \u003Cstrong>without FTP or cPanel access\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>WPIDE uses a \u003Cstrong>very modern, clean and easy to use interface\u003C\u002Fstrong> to make managing and editing your files a breeze! It comes with 6 different themes and a dark mode to reduce blue light exposure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Did you know?\u003C\u002Fstrong>\u003Cbr \u002F>\nMore than \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fblog\u002F2020\u002F09\u002Fmillions-of-sites-targeted-in-file-manager-vulnerability-attacks\u002F\" rel=\"nofollow ugc\">700,000 WordPress websites\u003C\u002Fa> were attacked during September 2020.\u003Cbr \u002F>\nMalicious bots are looking to exploit vulnerable versions of WP file manager plugins.\u003C\u002Fp>\n\u003Cp>Fortunately, WPIDE is built with \u003Cstrong>security in mind\u003C\u002Fstrong> and comes with this vulnerability \u003Cstrong>fixed\u003C\u002Fstrong>! So rest assured! WPIDE poses no risk to you!\u003C\u002Fp>\n\u003Ch3>▶️ VIDEO OVERVIEW\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FwF0PUz8wfRM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=wF0PUz8wfRM\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=wF0PUz8wfRM\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>⚡️ FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Advanced File Manager\u003C\u002Fli>\n\u003Cli>File Tree Browser\u003C\u002Fli>\n\u003Cli>Smart context menu\u003C\u002Fli>\n\u003Cli>Customizable Root Path\u003C\u002Fli>\n\u003Cli>Create new files and directories\u003C\u002Fli>\n\u003Cli>Download files \u002F folders (Batch support)\u003C\u002Fli>\n\u003Cli>Upload files \u002F folders using drag n drop (Batch support)\u003C\u002Fli>\n\u003Cli>Zip \u002F Unzip files and folders (Batch support)\u003C\u002Fli>\n\u003Cli>Deep search for files \u002F folders by keyword\u003C\u002Fli>\n\u003Cli>Calculate folder size\u003C\u002Fli>\n\u003Cli>Advanced File Editor\u003C\u002Fli>\n\u003Cli>Editor Line numbers\u003C\u002Fli>\n\u003Cli>Editor Find + Replace\u003C\u002Fli>\n\u003Cli>Editor Syntax highlighting\u003C\u002Fli>\n\u003Cli>Editor Highlight Matching Parentheses\u003C\u002Fli>\n\u003Cli>Editor Automatic Indentation + Code Folding\u003C\u002Fli>\n\u003Cli>Editor keyboard commands \u002F shortcuts\u003C\u002Fli>\n\u003Cli>Tabbed interface for editing multiple files\u003C\u002Fli>\n\u003Cli>WordPress and PHP code auto-completion\u003C\u002Fli>\n\u003Cli>PHP code parsing and validation\u003C\u002Fli>\n\u003Cli>PHP file backup before saving\u003C\u002Fli>\n\u003Cli>File Recovery Wizard\u003C\u002Fli>\n\u003Cli>Using WordPress filesystem API\u003C\u002Fli>\n\u003Cli>Beautiful Image Gallery\u003C\u002Fli>\n\u003Cli>Video \u002F Audio Media Player\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwpide.com\" rel=\"nofollow ugc\">👉 \u003Cstrong>WPIDE PRO\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fh3>\n\u003Ch3>⭐️ PRO FEATURES\u003C\u002Fh3>\n\u003Ch4>File Editor\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Auto Save\u003C\u002Fstrong> Feature: While editing, files will be auto saved every X seconds to a draft file. Original files are not affected. If you ever close the page by mistake without saving a file, you will be able to restore from the auto saved file.\u003C\u002Fli>\n\u003Cli>Auto Saved \u003Cstrong>Quick Diff\u003C\u002Fstrong>: You can view and compare differences between the auto saved and the current file using the Quick Diff Viewer, then decide if you wish to restore from the auto saved or keep the current file.\u003C\u002Fli>\n\u003Cli>Toggle \u003Cstrong>Full Screen\u003C\u002Fstrong>: This will allow you to toggle full screen the editor area by itself, giving you more space while editing on smaller screens.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>File Manager\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Advanced Mode Option: When enabled, all files and folders will be available for editing including \u003Cstrong>core WordPress files\u003C\u002Fstrong> and the \u003Cstrong>wp-config.php\u003C\u002Fstrong> file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Config Manager\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View all defined constants within wp-config.php\u003C\u002Fli>\n\u003Cli>Add \u002F Update \u002F Remove constants\u003C\u002Fli>\n\u003Cli>Prevent Duplicated Constants\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Image Editor\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Resize \u002F Crop Images\u003C\u002Fli>\n\u003Cli>Apply filters\u003C\u002Fli>\n\u003Cli>Add Frames \u002F Corners\u003C\u002Fli>\n\u003Cli>Add Text \u002F Stickers\u003C\u002Fli>\n\u003Cli>Add Patterns \u002F Gradients\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Database Manager\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View Tables\u003C\u002Fli>\n\u003Cli>Create New Tables\u003C\u002Fli>\n\u003Cli>Add \u002F Update \u002F Delete Rows\u003C\u002Fli>\n\u003Cli>Update Table Structure\u003C\u002Fli>\n\u003Cli>Update Column Indexes\u003C\u002Fli>\n\u003Cli>Safe Editing Enabled\u003C\u002Fli>\n\u003C\u002Ful>\n","WPIDE is a powerful file manager and code editor for WordPress with tabs, code completion, and full access to the entire wp-content folder.",40000,884997,96,287,"2025-10-24T13:24:00.000Z","6.7.5","5.0","7.4.0",[142,143,144,145,146],"code-editor","file-editor","file-manager","plugin-editor","theme-editor","https:\u002F\u002Fwpide.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpide.3.5.3.zip",95,4,"2024-10-14 10:52:09",{"attackSurface":153,"codeSignals":169,"taintFlows":184,"riskAssessment":185,"analyzedAt":193},{"hooks":154,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":28,"unprotectedCount":28},[155,161],{"type":156,"name":157,"callback":158,"file":159,"line":160},"action","admin_menu","theme_mentor_page","theme-mentor.php",56,{"type":156,"name":162,"callback":163,"file":159,"line":164},"dx_theme_mentor_before_tests_list","display_theme_name_tested",57,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":173,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":51,"bundledLibraries":183},[],{"prepared":28,"raw":28,"locations":172},[],{"escaped":51,"rawEcho":150,"locations":174},[175,179,180,182],{"file":176,"line":177,"context":178},"inc\\templates\\admin-template.php",9,"raw output",{"file":176,"line":177,"context":178},{"file":159,"line":181,"context":178},134,{"file":159,"line":37,"context":178},[],[],{"summary":186,"deductions":187},"The \"theme-mentor\" v0.2 plugin exhibits a generally good security posture based on the provided static analysis. The absence of any identified attack surface entry points (AJAX, REST API, shortcodes, cron events) suggests a limited exposure to external manipulation. Furthermore, the code signals indicate a clean slate regarding dangerous functions, file operations, and external HTTP requests. The use of prepared statements for SQL queries is a strong positive, mitigating common SQL injection risks. However, a significant concern is the low percentage of properly escaped output (20%). This indicates that user-supplied data, if it were to reach the output functions, could potentially lead to cross-site scripting (XSS) vulnerabilities. The presence of only one capability check, while better than none, implies that authorization for actions might not be comprehensive, leaving room for privilege escalation if other entry points were discovered. The lack of any vulnerability history is positive but could also be due to the plugin being new or not having undergone extensive public scrutiny. The absence of taint analysis findings is also encouraging, suggesting no obvious unsanitized data flows were detected within the analyzed scope. Overall, while the plugin demonstrates good foundational security practices by avoiding many common pitfalls, the unescaped output is a notable weakness that requires attention.",[188,190],{"reason":189,"points":123},"Low output escaping percentage",{"reason":191,"points":192},"Limited capability checks found",3,"2026-03-17T01:11:02.017Z",{"wat":195,"direct":204},{"assetPaths":196,"generatorPatterns":200,"scriptPaths":201,"versionParams":202},[197,198,199],"\u002Fwp-content\u002Fplugins\u002Ftheme-mentor\u002Finc\u002Fgeneral-theme-validations.php","\u002Fwp-content\u002Fplugins\u002Ftheme-mentor\u002Ftheme-mentor-executor.php","\u002Fwp-content\u002Fplugins\u002Ftheme-mentor\u002Finc\u002Fcomplex\u002F",[],[],[203],"theme-mentor\u002Fstyle.css?ver=",{"cssClasses":205,"htmlComments":211,"htmlAttributes":212,"restEndpoints":213,"jsGlobals":214,"shortcodeOutput":215},[206,207,208,209,210],"tm_report_row","tm_message","tm_file","tm_line","tm_snippet",[],[],[],[],[]]