[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fz4fj4mysyW6Ba-6Ram3dk5Ds0nRlrra2odc1M2CiG0w":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":138,"fingerprints":197},"theme-plugin-profiler","Theme and Plugin (T&P) Profiler","0.1","Christian Jongeneel","https:\u002F\u002Fprofiles.wordpress.org\u002Fcjbj\u002F","\u003Cp>The Theme and Plugin Profiler uses a little known PHP feature known as ticks. Basically, this is an internal event that occurs every time a code block is executed, marked (roughly) by a function call or curly {} brackets.\u003C\u002Fp>\n\u003Cp>The plugin uses ticks to collect a list of the functions that were executed, how often they were called and how much time they took in total. The plugin’s option page gives some filters to select and sort the results. This will give developers clues which parts of their code demand scrutiny.\u003C\u002Fp>\n","Make your theme or plugin faster, greener and smarter with this plugin, that will tell you which of your functions is eating up most server time.",10,1556,0,"","4.4.34","3.0",[18,19,20],"developers","plugins","themes","https:\u002F\u002Fthplpr.wordpress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-plugin-profiler.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"cjbj",1,30,94,"2026-04-04T14:08:55.980Z",[34,56,75,98,121],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":31,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":14,"tags":48,"homepage":52,"download_link":53,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":55},"automatic-updater","Advanced Automatic Updates","1.0.2","Gary Pendergast","https:\u002F\u002Fprofiles.wordpress.org\u002Fpento\u002F","\u003Cp>Advanced Automatic Updates adds extra options to WordPress’ built-in Automatic Updates feature. On top of security updates, it also supports installing major releases, plugins, themes, or even regular SVN checkouts!\u003C\u002Fp>\n\u003Cp>If you’re working on a WordPress Multisite install, it will properly restrict the options page to your Network Admin.\u003C\u002Fp>\n\u003Cp>While this will be useful for the vast majority of sites, please exercise caution, particularly if you have any custom themes or plugins running on your site.\u003C\u002Fp>\n","Adds extra options to WordPress' built-in Automatic Updates feature.",30000,255107,61,"2021-06-04T00:46:00.000Z","5.0.25","3.7",[49,19,50,20,51],"core","stable","updates","http:\u002F\u002Fpento.net\u002Fprojects\u002Fautomatic-updater-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-updater.1.0.2.zip",85,"2026-03-15T15:16:48.613Z",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":23,"num_ratings":29,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":73,"download_link":74,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":55},"kp-zip-downloader","KP Zip Downloader","1.0.3","Kalpesh Prajapati","https:\u002F\u002Fprofiles.wordpress.org\u002Fkprajapati22\u002F","\u003Cp>KP Zip Downloader provides an easy way to download installed plugins and themes as ZIP files directly from your WordPress admin dashboard. This tool is particularly useful for developers, site administrators, or anyone needing to quickly access the source files for migration or backup purposes.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Download any installed plugin as a ZIP file.\u003C\u002Fli>\n\u003Cli>Download any installed theme as a ZIP file.\u003C\u002Fli>\n\u003Cli>Fully integrated with the WordPress admin dashboard.\u003C\u002Fli>\n\u003Cli>Simple and intuitive user interface.\u003C\u002Fli>\n\u003Cli>Lightweight and efficient.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows administrators to download installed plugins and themes as ZIP files directly from the WordPress dashboard.",2000,9366,"2025-12-06T19:54:00.000Z","6.9.4","5.0","7.4",[71,19,20,72],"download","zip","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkp-zip-downloader","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkp-zip-downloader.1.0.3.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":95,"download_link":96,"security_score":97,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":55},"export-plugins-and-templates","Export Plugins and Templates","1.3","Mohammad I. Okfie","https:\u002F\u002Fprofiles.wordpress.org\u002Fokfie\u002F","\u003Cp>In this plugin you will be able to export your plugins and templates by easy way so, the file after export it will be zip file you can upload zip file to another sites if you want that’s.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Export Your Plugins.\u003C\u002Fli>\n\u003Cli>Export Your Templates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Ch4>Export Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>After installing the plugin, you need to go to the “Export Plugins” subsection in the “Plugins” menu.\u003Cbr \u002F>\nJust select the plugin you want and then click in the “Export Plugin Now” button. You will get a .zip file to download. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Export Templates\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>After installing the plugin, you need to go to the “Export Templates” subsection in the “Appearence” menu.\u003Cbr \u002F>\nJust select the template you want and then click in the “Export Template Now” button. You will get a .zip file to download.\u003C\u002Fli>\n\u003C\u002Ful>\n","Export Plugins and Templates allows you to export any template or plugin already installed in your WordPress.",1000,34069,88,12,"2024-08-09T02:15:00.000Z","6.6.5","4.0","5.6",[92,93,94,19,20],"export","export-plugin","export-theme","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexport-plugins-and-templates\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexport-plugins-and-templates.1.3.zip",92,{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":29,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":14,"tags":112,"homepage":116,"download_link":117,"security_score":118,"vuln_count":119,"unpatched_count":13,"last_vuln_date":120,"fetched_at":55},"wip-custom-login","WIP Custom Login","1.3.6","alexvtn","https:\u002F\u002Fprofiles.wordpress.org\u002Falexvtn\u002F","\u003Cp>WIP Custom Login allows you to customize the login section of WordPress and you can replace the admin WordPress logo, set a background image and much more.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fw5jFYlFjlz0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>Premium features.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Default Skins\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can set a default plugin skin and replace the saved options.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Background slideshow\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can create a beautiful body background slideshow and make your admin page unique.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Unlimited colors\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can change the colors of each section, like the login button.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Backup section\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can create a backup of plugin settings ( included the slideshow) or restore the default settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Sample data\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can import the preview settings, from the backup section.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>You can get the premium version from the link below:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.themeinprogress.com\u002Fc-login-free-custom-login-wordpress-plugin\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.themeinprogress.com\u002Fc-login-free-custom-login-wordpress-plugin\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Installation\u003C\u002Fh4>\n\u003Cp>Once you have installed the plugin, you just need to activate the plugin in order to enable it.\u003C\u002Fp>\n\u003Ch4>Configuration\u003C\u002Fh4>\n\u003Cp>WIP Custom Login will add a new admin page, where you can customize the login page.\u003C\u002Fp>\n\u003Ch3>Translators\u003C\u002Fh3>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English (Default)\u003C\u002Fli>\n\u003Cli>Italiano\u003C\u002Fli>\n\u003C\u002Ful>\n","WIP Custom Login allows you to customize the login section of WordPress and you can replace the admin WordPress logo, set a background image and much  &hellip;",800,71529,60,"2025-04-23T12:44:00.000Z","6.8.5","3.5.0",[113,114,19,20,115],"custom-login","customization","wordpress-login","https:\u002F\u002Fwww.themeinprogress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwip-custom-login.1.3.6.zip",99,2,"2023-05-22 00:00:00",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":106,"downloaded":129,"rating":23,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":90,"tags":134,"homepage":136,"download_link":137,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":55},"wp-disable-updates","WP Disables Updates","1.1.3","vinvin27","https:\u002F\u002Fprofiles.wordpress.org\u002Fvinvin27\u002F","\u003Cp>WP Disables Updates allow you to disables plugin or themes or translation or wordpress core updates.\u003C\u002Fp>\n\u003Cp>Major features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable plugins updates.\u003C\u002Fli>\n\u003Cli>Disable themes updates.\u003C\u002Fli>\n\u003Cli>Disable translation updates.\u003C\u002Fli>\n\u003Cli>Disable WordPress core updates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PS: Used there features if you know what you are doing. No updates = Security holes, but sometimes updates may break your website.\u003Cbr \u002F>\nWordPress has added a quite convenient feature since version 3.7: Automatic update.\u003C\u002Fp>\n\u003Cp>But sometimes, updates can be a real problem for your website.\u003Cbr \u002F>\nIt is important to make updates to avoid security problems, but you must be very careful when applying updates.\u003Cbr \u002F>\nFor example, if you use a prenium theme and you have not made a child theme for the changes. If the theme requires an update, it may delete all your changes and lost working hours….\u003C\u002Fp>\n\u003Cp>But be careful, it’s to be used, if you know what you’re doing. You have to be on the lookout for changes made to the plugins.\u003Cbr \u002F>\nIf a correction has been made to fill a security hole or just to improve the plugin.\u003C\u002Fp>\n\u003Cp>More detail on this blog post – write in French :\u003Cbr \u002F>\nDésactiver les \u003Ca href=\"https:\u002F\u002Fwww.vinvin.dev\u002Fwordpress-desactiver-mise-jour\u002F\" rel=\"nofollow ugc\">mises à jour WordPress\u003C\u002Fa>\u003C\u002Fp>\n","WP Disables Updates allow you to disables plugin or themes or wordpress core updates.",12880,3,"2022-11-06T07:10:00.000Z","6.1.10","3.2",[135,19,20,51],"disable","https:\u002F\u002Fwww.vinvin.dev\u002Fworpdress\u002Fplugins\u002Fdisable-plugins-themes-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-disable-updates.zip",{"attackSurface":139,"codeSignals":164,"taintFlows":182,"riskAssessment":183,"analyzedAt":196},{"hooks":140,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":13,"unprotectedCount":13},[141,147,151,155],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","admin_init","thplpr_settings_init","thplpr.php",22,{"type":142,"name":148,"callback":149,"file":145,"line":150},"admin_menu","thplpr_create_admin_menu",25,{"type":142,"name":152,"callback":153,"priority":13,"file":145,"line":154},"muplugins_loaded","thplpr_tick_counter",40,{"type":142,"name":156,"callback":157,"priority":158,"file":145,"line":159},"shutdown","thplpr_show_profile",9999,43,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":166,"outputEscaping":168,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":181},[],{"prepared":13,"raw":13,"locations":167},[],{"escaped":119,"rawEcho":169,"locations":170},5,[171,174,175,177,179],{"file":145,"line":172,"context":173},74,"raw output",{"file":145,"line":97,"context":173},{"file":145,"line":176,"context":173},215,{"file":145,"line":178,"context":173},219,{"file":145,"line":180,"context":173},225,[],[],{"summary":184,"deductions":185},"The \"theme-plugin-profiler\" v0.1 plugin exhibits a strong security posture based on the provided static analysis. It has no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero-sized attack surface.  The code signals are also largely positive, with no dangerous functions, no raw SQL queries (all prepared statements), no file operations, and no external HTTP requests. This indicates good development practices in these areas.\n\nHowever, a significant concern arises from the output escaping. With 7 total outputs and only 29% properly escaped, there is a high likelihood of cross-site scripting (XSS) vulnerabilities. This means user-supplied or dynamic data displayed to users might not be properly sanitized, allowing attackers to inject malicious scripts. The absence of nonce checks and capability checks on all entry points, coupled with zero taint flows analyzed, means that the analysis might not have fully uncovered potential vulnerabilities, especially concerning privilege escalation or unauthorized actions.\n\nThe plugin's vulnerability history is completely clean, with no recorded CVEs. This is a positive indicator, suggesting that either the plugin has not been a target for exploitation, or it has been developed with security in mind. However, the lack of taint analysis and the poor output escaping overshadow this positive aspect, as the identified weaknesses could easily lead to exploitable vulnerabilities that might not yet be reflected in a CVE database. The overall conclusion is that while the plugin avoids common pitfalls like raw SQL and external requests, the significant output escaping deficiency presents a notable risk that needs immediate attention.",[186,189,191,193],{"reason":187,"points":188},"Poor output escaping (29% properly escaped)",7,{"reason":190,"points":169},"No nonce checks on entry points",{"reason":192,"points":169},"No capability checks on entry points",{"reason":194,"points":195},"Limited taint analysis performed",4,"2026-03-16T23:27:28.627Z",{"wat":198,"direct":203},{"assetPaths":199,"generatorPatterns":200,"scriptPaths":201,"versionParams":202},[],[],[],[],{"cssClasses":204,"htmlComments":205,"htmlAttributes":206,"restEndpoints":207,"jsGlobals":208,"shortcodeOutput":209},[],[],[],[],[],[]]