[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fX-YpE22X4cKvc-0VLa7Okw30awT7sT4vUPzUxkLXbg0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":46,"crawl_stats":37,"alternatives":54,"analysis":137,"fingerprints":234},"tm-replace-howdy","TM Replace Howdy","1.4.2","David Wood","https:\u002F\u002Fprofiles.wordpress.org\u002Ftechnical_mastermind\u002F","\u003Cp>The Replace Howdy Plugin is designed to replace the word “Howdy” in the WordPress admin area\u002Fadmin bar with something else. By default it randomly pulls from a list of several replacement words and phrases such as “Hello”, “Welcome”, and “Get to the choppa”. The plugin also comes with a menu where you can limit it to professional sounding greetings, set a static word or phrase, or add your own list (which can be by itself or added into the default list for even more variety)!\u003C\u002Fp>\n\u003Ch4>List of replacement words\u002Fphrases\u003C\u002Fh4>\n\u003Cp>Professional greetings, also part of the default list\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Chow,\u003C\u002Fli>\n\u003Cli>Hello,\u003C\u002Fli>\n\u003Cli>Aloha,\u003C\u002Fli>\n\u003Cli>Bonjour,\u003C\u002Fli>\n\u003Cli>Welcome,\u003C\u002Fli>\n\u003Cli>Greetings,\u003C\u002Fli>\n\u003Cli>Konnichiwa,\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Default list\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Get to the choppa,\u003C\u002Fli>\n\u003Cli>Live long and prosper,\u003C\u002Fli>\n\u003Cli>We require a shrubbery,\u003C\u002Fli>\n\u003Cli>May the force be with you,\u003C\u002Fli>\n\u003Cli>Pay no attention to the man behind the curtain,\u003C\u002Fli>\n\u003Cli>Wassap,\u003C\u002Fli>\n\u003Cli>Don’t mind me,\u003C\u002Fli>\n\u003Cli>Looking good today,\u003C\u002Fli>\n\u003Cli>Eat all your vegetables,\u003C\u002Fli>\n\u003Cli>I can see you right now,\u003C\u002Fli>\n\u003Cli>I can hear you breathing,\u003C\u002Fli>\n\u003Cli>Have you showered recently,\u003C\u002Fli>\n\u003Cli>There is a ninja behind you,\u003C\u002Fli>\n\u003Cli>Do you know what time it is,\u003C\u002Fli>\n\u003Cli>Wipe that grin off your face,\u003C\u002Fli>\n\u003Cli>Don’t make me come down there,\u003C\u002Fli>\n\u003Cli>You just gained +5 WordPress skills,\u003C\u002Fli>\n\u003Cli>I know you are sitting at a computer,\u003C\u002Fli>\n\u003Cli>Did you remember to brush your teeth,\u003C\u002Fli>\n\u003Cli>Did you put on clean underwear this morning,\u003C\u002Fli>\n\u003Cli>Don’t read this directly or you will get a lazy eye,\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>A word on support and additional features\u003C\u002Fh4>\n\u003Cp>Due to time constraints, I am not able to keep up with this plugin as much as I would like. If you want to help keep it up do date, feel free to create a pull request on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdfwood90\u002Ftm-replace-howdy\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>!\u003C\u002Fp>\n","Banish the \"Howdy\" greeting from the WordPress admin area with this simple to use plugin!",200,12774,100,3,"2015-11-20T16:01:00.000Z","4.4.34","3.8","",[20,21,22,23,24],"howdy","remove-howdy","replace","replace-howdy","technical-mastermind","http:\u002F\u002Ftechnicalmastermind.com\u002Fplugins\u002Ftm-replace-howdy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftm-replace-howdy.1.4.2.zip",63,1,"2025-06-19 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-49972","tm-replace-howdy-cross-site-request-forgery","TM Replace Howdy \u003C= 1.4.2 - Cross-Site Request Forgery","The TM Replace Howdy plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.4.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-06-25 15:59:37",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F640e24f6-2a0b-4435-a659-d034611d07e4?source=api-prod",{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":50,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"technical_mastermind",2,210,74,30,76,"2026-04-04T09:04:46.355Z",[55,75,91,106,121],{"slug":21,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":13,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":18,"tags":68,"homepage":71,"download_link":72,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"Remove Howdy","1.0","Revault Media","https:\u002F\u002Fprofiles.wordpress.org\u002Frevaultmedia\u002F","\u003Cp>This plugin will remove the “Howdy” text in the top right corner of your dashboard.\u003C\u002Fp>\n","Remove the \"Howdy\" text in the top right corner of your dashboard.",900,13618,4,"2018-12-09T22:16:00.000Z","5.0.25","3.0",[69,70,20,21,23],"change-howdy","customize-dashboard","http:\u002F\u002Fnickadams.tv\u002Fremove-howdy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-howdy.zip",85,0,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":13,"downloaded":83,"rating":13,"num_ratings":28,"last_updated":84,"tested_up_to":85,"requires_at_least":18,"requires_php":86,"tags":87,"homepage":89,"download_link":90,"security_score":13,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"mc-good-bye-howdy","MC Good-bye Howdy","2.6.5","Mike Hickcox","https:\u002F\u002Fprofiles.wordpress.org\u002Fmike-hickcox\u002F","\u003Cul>\n\u003Cli>So many choices, seven of them! This is the versatile way to replace “Howdy” as the greeting to those who log in as users of your website.\u003C\u002Fli>\n\u003Cli>Your choices include:\n\u003Cul>\n\u003Cli>Write your own greeting\u003C\u002Fli>\n\u003Cli>Create your own random list of greetings\u003C\u002Fli>\n\u003Cli>Just remove “Howdy”\u003C\u002Fli>\n\u003Cli>Greet by daypart (Good Morning, Good Afternoon, Good Evening)\u003C\u002Fli>\n\u003Cli>Show today’s day and date\u003C\u002Fli>\n\u003Cli>Use the pre-filled list of random international greetings\u003C\u002Fli>\n\u003Cli>Use the pre-filled list of random positive, feel-good phrases\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily remove Howdy, replace with your own words or random list, today's day and date, or daypart greeting.",3412,"2025-11-25T21:36:00.000Z","6.8.5","7.1",[69,88,20,21,23],"disable-howdy","https:\u002F\u002FMid-Coast.com\u002Fmc-good-bye-howdy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmc-good-bye-howdy.2.6.5.zip",{"slug":23,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":13,"downloaded":98,"rating":74,"num_ratings":74,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":18,"tags":102,"homepage":104,"download_link":105,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"WP Easy Replace Howdy","1.1.0","Asif Ali","https:\u002F\u002Fprofiles.wordpress.org\u002Fasifalimca2011\u002F","\u003Cp>Description: This plugin will Replace “Howdy” in the top right corner with “Welcome” of your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Feature\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin will Replace “Howdy” in the top right corner with “Welcome” of your WordPress dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n","Description: This plugin will Replace \"Howdy\" in the top right corner with \"Welcome\" of your WordPress dashboard.",2703,"2023-09-12T11:44:00.000Z","6.3.8","3.5.0",[69,70,20,21,103],"replace-howdy-from-dashboard","http:\u002F\u002Fasifalimca.wordpress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freplace-howdy.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":74,"num_ratings":74,"last_updated":116,"tested_up_to":117,"requires_at_least":67,"requires_php":118,"tags":119,"homepage":18,"download_link":120,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"disableremove-howdy","Disable\u002FRemove Howdy","1.0.0","Hybrid Webs","https:\u002F\u002Fprofiles.wordpress.org\u002Fhybridwebs\u002F","\u003Cp>Easly Disable or Remove “Howdy” from the the Upper Right corner of your dashboard.\u003C\u002Fp>\n\u003Cp>Simply install plugin & remove Howdy from your wordpress dashboard\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.0 or higher.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easly Disable or Remove \"Howdy\" from the the Upper Right corner of your dashboard.",10,1058,"2019-12-27T10:35:00.000Z","5.3.21","5.6",[69,88,20,21,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisableremove-howdy.zip",{"slug":122,"name":56,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":114,"downloaded":128,"rating":129,"num_ratings":64,"last_updated":130,"tested_up_to":131,"requires_at_least":67,"requires_php":18,"tags":132,"homepage":135,"download_link":136,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"replace-howdy-with-hello","1.2","swadeshswain","https:\u002F\u002Fprofiles.wordpress.org\u002Fswadeshswain\u002F","\u003Cp>This plugin will Replace the “Howdy” with your custom text in the top right corner of your dashboard.\u003C\u002Fp>\n","This plugin will Replace the \"Howdy\" with your custom text in the top right corner of your dashboard.",8317,60,"2015-10-18T07:01:00.000Z","4.3.34",[69,133,134,20,23],"custom-text","customize-howdy","http:\u002F\u002Fwww.odrasoft.com\u002Fplugins\u002Fremove-howdy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freplace-howdy-with-hello.zip",{"attackSurface":138,"codeSignals":167,"taintFlows":192,"riskAssessment":222,"analyzedAt":233},{"hooks":139,"ajaxHandlers":163,"restRoutes":164,"shortcodes":165,"cronEvents":166,"entryPointCount":74,"unprotectedCount":74},[140,146,149,153,158],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","plugins_loaded","_load_textdomain","index.php",82,{"type":141,"name":147,"callback":147,"file":144,"line":148},"init",83,{"type":141,"name":150,"callback":151,"file":144,"line":152},"admin_menu","add_admin_page",84,{"type":154,"name":155,"callback":156,"priority":114,"file":144,"line":157},"filter","gettext","replace_howdy",104,{"type":154,"name":159,"callback":160,"priority":161,"file":144,"line":162},"admin_bar_menu","replace_howdy_admin_bar",25,107,[],[],[],[],{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":171,"fileOperations":74,"externalRequests":74,"nonceChecks":74,"capabilityChecks":28,"bundledLibraries":191},[],{"prepared":74,"raw":74,"locations":170},[],{"escaped":114,"rawEcho":172,"locations":173},8,[174,178,179,181,183,185,187,189],{"file":175,"line":176,"context":177},"options.php",22,"raw output",{"file":175,"line":161,"context":177},{"file":175,"line":180,"context":177},28,{"file":175,"line":182,"context":177},39,{"file":175,"line":184,"context":177},48,{"file":175,"line":186,"context":177},51,{"file":175,"line":188,"context":177},58,{"file":175,"line":190,"context":177},66,[],[193,212],{"entryPoint":194,"graph":195,"unsanitizedCount":14,"severity":211},"options_save_settings (index.php:209)",{"nodes":196,"edges":208},[197,202],{"id":198,"type":199,"label":200,"file":144,"line":201},"n0","source","$_POST (x3)",214,{"id":203,"type":204,"label":205,"file":144,"line":206,"wp_function":207},"n1","sink","update_option() [Settings Manipulation]",215,"update_option",[209],{"from":198,"to":203,"sanitized":210},false,"low",{"entryPoint":213,"graph":214,"unsanitizedCount":74,"severity":211},"\u003Cindex> (index.php:0)",{"nodes":215,"edges":219},[216,218],{"id":198,"type":199,"label":217,"file":144,"line":201},"$_POST (x4)",{"id":203,"type":204,"label":205,"file":144,"line":206,"wp_function":207},[220],{"from":198,"to":203,"sanitized":221},true,{"summary":223,"deductions":224},"The \"tm-replace-howdy\" plugin v1.4.2 exhibits a mixed security posture. On the positive side, the static analysis reveals a very small attack surface, with no identified AJAX handlers, REST API routes, shortcodes, or cron events that could be directly exploited. The code also demonstrates good practices by using prepared statements for all SQL queries. However, a significant concern arises from the output escaping, where 56% of the 18 total outputs are not properly escaped, indicating a potential for Cross-Site Scripting (XSS) vulnerabilities. Additionally, the taint analysis identified one flow with an unsanitized path, though it's not categorized as critical or high severity, it still warrants attention.\n\nThe vulnerability history presents a substantial risk. The plugin has a known CVE, and critically, it is currently unpatched. This single medium-severity vulnerability, last recorded in June 2025, suggests a pattern of past security weaknesses and a lack of ongoing maintenance to address them. While the absence of critical or high-severity CVEs is positive, the presence of an unpatched medium vulnerability, combined with the observed output escaping issues and unsanitized taint flow, means this plugin should be approached with caution. The small attack surface is a strength, but the unpatched vulnerability and code quality concerns outweigh this positive aspect, suggesting a medium to high overall risk.",[225,228,231],{"reason":226,"points":227},"Unpatched medium vulnerability",15,{"reason":229,"points":230},"56% of outputs not properly escaped",6,{"reason":232,"points":64},"Flow with unsanitized path","2026-03-16T20:20:42.302Z",{"wat":235,"direct":242},{"assetPaths":236,"generatorPatterns":238,"scriptPaths":239,"versionParams":240},[237],"\u002Fwp-content\u002Fplugins\u002Ftm-replace-howdy\u002Fcss\u002Ftm-replace-howdy.css",[],[],[241],"tm-replace-howdy\u002Fcss\u002Ftm-replace-howdy.css?ver=",{"cssClasses":243,"htmlComments":244,"htmlAttributes":245,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[],[],[],[],[],[]]