[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fy2kt547W7dQklVwh0TR7rD3ATM7wTb2M5jJUKlKpmbs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":142,"fingerprints":184},"to-dos","To-Dos","1.0","swedish boy","https:\u002F\u002Fprofiles.wordpress.org\u002Fswedish-boy\u002F","\u003Cp>Another plugin built for admins\u002Fdevelopers. Help yourself remember what you’re working on and what you should do next. Add simple To-Dos to your WordPress Dashboard. When a task is done you mark it’s checkbox.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Dashboard Widgetized\u003C\u002Fli>\n\u003Cli>Done tasks are kept until you clean them up.\u003C\u002Fli>\n\u003Cli>Style your to-do. 6 basic colors, bold or underline.\u003C\u002Fli>\n\u003Cli>Allow any HTML you like from the configure page.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add simple To-Dos to your Wordpress Dashboard. Help yourself remember what you're working on and what you should do next.",20,4286,0,"2009-09-17T16:56:00.000Z","2.8.4","2.7","",[19,20,21,22],"dashboard","notes","post-it","to-do","http:\u002F\u002Fwww.swedishboy.dk\u002Fwordpress\u002Fto-dos\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fto-dos.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"swedish-boy",3,130,30,84,"2026-04-04T20:49:16.726Z",[37,58,81,102,123],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":13,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"noteflow","NoteFlow – Smart Notes Manager for WordPress Admin","1.6.0","Ankit Panchal","https:\u002F\u002Fprofiles.wordpress.org\u002Fankitmaru\u002F","\u003Cp>\u003Cstrong>NoteFlow\u003C\u002Fstrong> is a lightweight and powerful notes management plugin designed for WordPress administrators. Whether you need to jot down quick reminders, manage tasks, or organize ideas, NoteFlow makes it easy to create, organize, and manage your notes directly from your WordPress dashboard.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple and intuitive note creation\u003C\u002Fli>\n\u003Cli>Rich text editor with formatting options\u003C\u002Fli>\n\u003Cli>Pin important notes to the top\u003C\u002Fli>\n\u003Cli>Quick search functionality\u003C\u002Fli>\n\u003Cli>Color-coding for better organization\u003C\u002Fli>\n\u003Cli>Clean and user-friendly interface\u003C\u002Fli>\n\u003Cli>Responsive design\u003C\u002Fli>\n\u003Cli>Lightweight and optimized performance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Content ideas and drafts\u003C\u002Fli>\n\u003Cli>Task management\u003C\u002Fli>\n\u003Cli>Quick reminders\u003C\u002Fli>\n\u003Cli>Team communications\u003C\u002Fli>\n\u003Cli>Project notes\u003C\u002Fli>\n\u003Cli>Editorial calendars\u003C\u002Fli>\n\u003Cli>Bug tracking\u003C\u002Fli>\n\u003Cli>Feature requests\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>NoteFlow does not collect any personal data. All notes are stored locally in your WordPress database, ensuring full compliance with GDPR and other privacy regulations.\u003C\u002Fp>\n","A simple and efficient notes manager for WordPress admin dashboard. Create, organize, and manage your notes directly from WordPress.",675,"2026-02-24T07:22:00.000Z","6.9.4","5.2","7.2",[51,52,20,53,54],"admin-notes","dashboard-notes","task-management","to-do-list","https:\u002F\u002Fpluginstack.dev","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnoteflow.1.6.0.zip",100,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":17,"tags":73,"homepage":77,"download_link":78,"security_score":79,"vuln_count":31,"unpatched_count":13,"last_vuln_date":80,"fetched_at":27},"wp-dashboard-notes","WP Dashboard Notes","1.0.13","Jeroen Sormani","https:\u002F\u002Fprofiles.wordpress.org\u002Fsormano\u002F","\u003Cp>Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Colored notes\u003C\u002Fli>\n\u003Cli>List notes or regular notes\u003C\u002Fli>\n\u003Cli>Public or private notes\u003C\u002Fli>\n\u003Cli>Edit on dashboard\u003C\u002Fli>\n\u003Cli>Add as many notes as you like\u003C\u002Fli>\n\u003Cli>Drag & drop list items\u003C\u002Fli>\n\u003Cli>No save button needed!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Feature requests, ratings and donations are welcome and appreciated!\u003C\u002Fstrong>\u003C\u002Fp>\n","Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user  &hellip;",20000,248966,92,109,"2024-08-27T08:39:00.000Z","6.4.8","4.0",[74,52,75,20,76],"admin-note","note","wordpress-notes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-dashboard-notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-dashboard-notes.1.0.13.zip",90,"2024-08-09 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":68,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":17,"tags":95,"homepage":97,"download_link":98,"security_score":99,"vuln_count":100,"unpatched_count":100,"last_vuln_date":101,"fetched_at":27},"dashboard-notepad","Dashboard Notepad","1.42","Stephanie Leary","https:\u002F\u002Fprofiles.wordpress.org\u002Fsillybean\u002F","\u003Cp>This dashboard widget provides a simple notepad. The widget settings allow you to choose which roles can edit the notes, and which roles can merely read them. Version 1.30 also adds support for custom roles and integrates with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmembers\u002F\" rel=\"ugc\">Members plugin\u003C\u002Fa> for role settings.\u003C\u002Fp>\n\u003Cp>You can display the contents of your notepad using a template tag and\u002For shortcode. The widget permissions apply to these tags as well: only users with permission to read the notes will see the notes on the front end. You can use \u003Ccode>div#dashboard-notes\u003C\u002Fcode> in your theme’s CSS file to style the notes.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Belorussian (be_BY) by \u003Ca href=\"http:\u002F\u002Ffatcow.com\" rel=\"nofollow ugc\">FatCow\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Bulgarian (bg_BG) by \u003Ca href=\"http:\u002F\u002Fwww.siteground.com\u002F\" rel=\"nofollow ugc\">SiteGround\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) by Axel Vanderhaeghen\u003C\u002Fli>\n\u003Cli>German (de_DE) by Guido Kerkewitz\u003C\u002Fli>\n\u003Cli>Italian (it_IT) translation by Francesco Bevivino\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO) by Web Hosting Geeks (\u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002F\" rel=\"nofollow ugc\">Web\u003Cbr \u002F>\nGeek Sciense\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Swedish (se_SV) by \u003Ca href=\"http:\u002F\u002Fwww.rabatt.se\" rel=\"nofollow ugc\">Rabatt\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Ukranian (uk_UA) by \u003Ca href=\"http:\u002F\u002Fgetvoip.com\u002Fblog\" rel=\"nofollow ugc\">Michael Yunat\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>If you would like to send me a translation, please write to me through \u003Ca href=\"http:\u002F\u002Fsillybean.net\u002Fabout\u002Fcontact\u002F\" rel=\"nofollow ugc\">my contact page\u003C\u002Fa>. Let me know which plugin you’ve translated and how you would like to be credited. I will write you back so you can attach the files in your reply.\u003C\u002Fp>\n","The very simplest of notepads for your Dashboard.",10000,92629,12,"2017-11-28T13:39:00.000Z","4.1.42","2.8",[19,20,96],"widget","http:\u002F\u002Fsillybean.net\u002Fcode\u002Fwordpress\u002Fdashboard-notepad\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-notepad.1.42.zip",63,1,"2025-09-22 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":47,"requires_at_least":115,"requires_php":116,"tags":117,"homepage":120,"download_link":121,"security_score":112,"vuln_count":31,"unpatched_count":13,"last_vuln_date":122,"fetched_at":27},"dashboard-widgets-suite","Dashboard Widgets Suite","3.5","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>1 Plugin. 9 Widgets. Awesome Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cem>Add new widgets to your WordPress Dashboard. Streamline your workflow and optimize productivity.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Widgets\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite provides awesome widgets that you can add to your Dashboard with a click:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Control Panel\u003C\u002Fstrong> – Control widgets directly from the Dashboard\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Notes\u003C\u002Fstrong>    – Add, edit, delete notes for any user role\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Feed Box\u003C\u002Fstrong>      – Display and customize any RSS Feed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social Box\u003C\u002Fstrong>    – Display social links from Twitter, Facebook, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>List Box\u003C\u002Fstrong>      – Display custom lists created via the Menu screen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Box\u003C\u002Fstrong>    – Display any theme or WP widget (e.g., Search, Text)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>System Info\u003C\u002Fstrong>   – Display basic or advanced system information\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Log\u003C\u002Fstrong>     – Display, customize, reset your WP debug log\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP Error Log\u003C\u002Fstrong> – Display, customize, reset your server error log\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Each widget includes its own set of options for customizing display 🙂\u003C\u002Fp>\n\u003Cp>The notes widget is super awesome, designed for serious note takers. You can choose from 3 note formats: Text, HTML, or Code. Check out \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdashboard-widgets-suite\u002F#installation\" rel=\"ugc\">Installation\u003C\u002Fa> for more about the User Notes Widget.\u003C\u002Fp>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsupport\u002F#contact\" rel=\"nofollow ugc\">Suggest a widget!\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite provides a slick set of useful Dashboard widgets with some great features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes 9 awesome Dashboard widgets\u003C\u002Fli>\n\u003Cli>Easy to set up and customize options\u003C\u002Fli>\n\u003Cli>Regularly updated and “future proof”\u003C\u002Fli>\n\u003Cli>Secure, clean, error-free code\u003C\u002Fli>\n\u003Cli>Built with the WordPress API\u003C\u002Fli>\n\u003Cli>Lightweight, fast and flexible\u003C\u002Fli>\n\u003Cli>Focused on performance, loads only enabled widgets\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable widgets via Dashboard or plugin settings\u003C\u002Fli>\n\u003Cli>Option to restore 1-column display for the Dashboard\u003C\u002Fli>\n\u003Cli>Shortcodes to display widgets on the frontend\u003C\u002Fli>\n\u003Cli>Many options for customizing widget display\u003C\u002Fli>\n\u003Cli>Works perfectly with or without Gutenberg\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdashboard-widgets-suite\u002Fscreenshots\u002F\" rel=\"ugc\">Check out the Screenshots\u003C\u002Fa> for more details!\u003C\u002Fp>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsupport\u002F#contact\" rel=\"nofollow ugc\">Suggest a feature!\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Adds 9 awesome widgets to your WP Dashboard. Includes User Notes, Social Buttons, System Info, Debug\u002FError Logs, and more!",4000,152523,98,36,"2026-01-28T20:06:00.000Z","4.7","5.6.20",[19,118,119,20,96],"debug","log","https:\u002F\u002Fperishablepress.com\u002Fdashboard-widgets-suite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-widgets-suite.3.5.zip","2024-06-12 19:49:38",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":57,"num_ratings":91,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":136,"tags":137,"homepage":140,"download_link":141,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"dashboard-sticky-notes","Dashboard Sticky Notes","1.1.2","Hiroaki Miyashita","https:\u002F\u002Fprofiles.wordpress.org\u002Fhiroaki-miyashita\u002F","\u003Cp>The Dashboard Sticky Notes plugin adds the functionality to add sticky notes into the dashboard. You could specify the context (normal or side), priority (high or low), and target (user roles and\u002For users themselves) with notes. HTML tags and shortcodes are also available in the content.\u003C\u002Fp>\n\u003Cp>Localization\u003C\u002Fp>\n\u003Cul>\n\u003Cli>French (fr_FR) – \u003Ca href=\"http:\u002F\u002Fericlowry.fr\u002F\" rel=\"nofollow ugc\">Eric Lowry\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Japanese (ja) – \u003Ca href=\"https:\u002F\u002Fwpgogo.com\u002F\" rel=\"nofollow ugc\">Hiroaki Miyashita\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation in Japanese\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.cmswp.jp\u002Fplugins\u002Fdashboard_sticky_notes\u002F\" rel=\"nofollow ugc\">Dashboard Sticky Notes\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Special Thanks\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.wpsupportspecialists.com\u002Fdashboard-sticky-notes\u002F\" rel=\"nofollow ugc\">WP Support Specialists\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Known Issues \u002F Bugs\u003C\u002Fh3>\n\u003Cp>None.\u003C\u002Fp>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate the plugin\u003C\u002Fli>\n\u003Cli>That’s it! 🙂\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin adds the functionality to add sticky notes into the dashboard.",2000,27333,"2020-07-11T00:35:00.000Z","5.4.19","3.0","5.3",[19,75,20,138,139],"sticky","sticky-notes","https:\u002F\u002Fwww.cmswp.jp\u002Fplugins\u002Fdashboard_sticky_notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-sticky-notes.1.1.2.zip",{"attackSurface":143,"codeSignals":158,"taintFlows":171,"riskAssessment":172,"analyzedAt":183},{"hooks":144,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":13,"unprotectedCount":13},[145,150],{"type":146,"name":147,"callback":148,"file":149,"line":69},"action","init","todos_init","to-dos.php",{"type":146,"name":151,"callback":152,"file":149,"line":153},"wp_dashboard_setup","add_todos_widget",110,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":162,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":170},[],{"prepared":13,"raw":13,"locations":161},[],{"escaped":13,"rawEcho":31,"locations":163},[164,167,169],{"file":149,"line":165,"context":166},49,"raw output",{"file":149,"line":168,"context":166},52,{"file":149,"line":68,"context":166},[],[],{"summary":173,"deductions":174},"The \"to-dos\" plugin v1.0 demonstrates a generally strong security posture from a static analysis perspective, with no identified dangerous functions, SQL injection vulnerabilities, or file operations.  The absence of external HTTP requests and the complete reliance on prepared statements for SQL queries are positive indicators. However, a critical concern emerges from the \"Output escaping\" signal, where 100% of the identified outputs are not properly escaped. This suggests a significant risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts through user-generated or plugin-generated output that is not sanitized before being displayed to other users or administrators. The plugin's lack of any recorded vulnerability history could indicate either a lack of past scrutiny or genuinely effective security practices, but the present unescaped output poses a clear and present danger.\n\nWhile the plugin appears to have a limited attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events without authorization checks, this doesn't mitigate the immediate risk of XSS. The complete absence of nonce and capability checks across all identified entry points (though there are none listed) is noted, but the more pressing issue is the unescaped output. In conclusion, the \"to-dos\" plugin v1.0 has strengths in its foundational code practices regarding SQL and external requests, but the pervasive lack of output escaping represents a major weakness that requires immediate attention to prevent potential XSS attacks. The vulnerability history is a positive sign, but it cannot override the concrete findings of the static analysis.",[175,178,181],{"reason":176,"points":177},"All identified outputs are unescaped",8,{"reason":179,"points":180},"No nonce checks on entry points",5,{"reason":182,"points":180},"No capability checks on entry points","2026-03-16T22:47:57.990Z",{"wat":185,"direct":190},{"assetPaths":186,"generatorPatterns":187,"scriptPaths":188,"versionParams":189},[],[],[],[],{"cssClasses":191,"htmlComments":193,"htmlAttributes":194,"restEndpoints":197,"jsGlobals":198,"shortcodeOutput":199},[192],"button",[],[195,196],"name=\"dashboard_todos\"","id=\"todos_submit\"",[],[],[200],"\u003Cscript language=\"javascript\">\nfunction todo_update() {\n\tdocument.dashboard_todos.submit();\n}\n\u003C\u002Fscript>\n\u003Cform name=\"dashboard_todos\" method=\"post\">\n\u003Cinput type=\"hidden\" name=\"todo_action\" value=\"1\">\n"]