[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fLp_pnhxHEPT9hM5CIIzNLXVqnrty6ov6J3Yp750CL9Y":3,"$f9H5PoPKdeLCB3JExwOUPshChCq358PSD_XWa8klRXnk":271,"$f_kktURT-iBweyffqS7LVh7HI4C7WguxdGicLcPlMuUU":276},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":36,"analysis":137,"fingerprints":251},"torque","Torque – Optimise the transport of your Website","1.0.0","Hexydec","https:\u002F\u002Fprofiles.wordpress.org\u002Fhexydec\u002F","\u003Cp>Take advantage of best in class minification to squeeze every byte out of your HTML, CSS, and Javascript, combine this with the control over cache headers, lazy loading, and more, and your website will not only be noticeably faster, your server will be under less load, enabling you to serve more clients with your existing metal.\u003C\u002Fp>\n\u003Cp>The plugin also includes a suite of security features to help you secure your website, including full control over Content-Security-Policy, which enables you to control which domains can embed assets on your website, and what domains you can connect to. This prevents malicious scripts from being able to run and more.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Site Analysis\n\u003Cul>\n\u003Cli>Environment information\u003C\u002Fli>\n\u003Cli>Page information such as MIME type, output size and compression ratio\u003C\u002Fli>\n\u003Cli>Asset counts and sizes with recommendations\u003C\u002Fli>\n\u003Cli>Performance metrics with descriptions and recommendations\u003C\u002Fli>\n\u003Cli>Security metrics with descriptions and recommendations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Minification\n\u003Cul>\n\u003Cli>Minify your HTML (Uses HTMLdoc)\u003C\u002Fli>\n\u003Cli>Minify and cache your inline CSS (Uses CSSdoc)\u003C\u002Fli>\n\u003Cli>Minify and cache your inline Javascript (Uses JSlite)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Combine Files\n\u003Cul>\n\u003Cli>Combine and minify CSS files\u003C\u002Fli>\n\u003Cli>Combine and minify Javascript files\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Lazy load images\u003C\u002Fli>\n\u003Cli>Headers\n\u003Cul>\n\u003Cli>Set shared cache timeout\u003C\u002Fli>\n\u003Cli>Set client cache timeout\u003C\u002Fli>\n\u003Cli>Enable client to check whether their cached page is still valid, and send an HTTP 304 response if it is\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Security\n\u003Cul>\n\u003Cli>Disable MIME sniffing\u003C\u002Fli>\n\u003Cli>XSS protection\u003C\u002Fli>\n\u003Cli>Control how the site can be embedded\u003C\u002Fli>\n\u003Cli>Enable HSTS to force browsers to only connect over HTTPS\u003C\u002Fli>\n\u003Cli>Specify Content-Security-Policy to control what domains can connect and embed content in your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Preload\n\u003Cul>\n\u003Cli>Select which assets to preload with first load\u003C\u002Fli>\n\u003Cli>Preload combined stylesheets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Administration panel to control all features, including all minification optimisations\u003C\u002Fli>\n\u003Cli>Print minification stats in the console\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fhexydec\u002Ftorque\" rel=\"nofollow ugc\">Torque Github homepage\u003C\u002Fa> for more information.\u003C\u002Fp>\n","A Wordpress plugin to optimise the transport of your website to the client. Reduce the load on your server and make your Wordpress website fly!",0,8519,"2025-01-30T17:27:00.000Z","6.7.5","6.0","8.1",[18,19,20,21,22],"minification","minify","optimization","performance","security","https:\u002F\u002Fgithub.com\u002Fhexydec\u002Ftorque","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.1.0.0.zip",92,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"hexydec",1,30,88,"2026-05-20T05:16:28.166Z",[37,58,83,101,121],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":47,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"jethost-total-care","JetHost Total Care – Security & Enhancements","2.4.1","JetHost","https:\u002F\u002Fprofiles.wordpress.org\u002Fjethost\u002F","\u003Cp>JetHost Total Care simplifies your WordPress management by consolidating essential features like security, site enhancements and performance into a single, user-friendly plugin. This eliminates the need for multiple plugins, reducing conflicts, improving performance, and streamlining your workflow.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Ch4>Optimize WordPress Core:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Configure AutoSave intervals.\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable WordPress revisions.\u003C\u002Fli>\n\u003Cli>Limit revisions number.\u003C\u002Fli>\n\u003Cli>Media Trash control.\u003C\u002Fli>\n\u003Cli>Adjust memory limits for improved performance.\u003C\u002Fli>\n\u003Cli>Enhance security by hiding your WordPress version, disabling directory listing, and controlling error reporting.\u003C\u002Fli>\n\u003Cli>Protect core WordPress files and directories from unauthorized access.\u003C\u002Fli>\n\u003Cli>Disable WordPress emojis to improve frontend performance.\u003C\u002Fli>\n\u003Cli>Remove default Dashicons on the frontend for faster load times.\u003C\u002Fli>\n\u003Cli>Disable WordPress embeds to reduce unnecessary scripts and requests.\u003C\u002Fli>\n\u003Cli>Remove the jQuery Migrate library from the frontend if not needed by the theme or plugins.\u003C\u002Fli>\n\u003Cli>Limit login attempts to block brute-force attacks and protect user accounts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Heartbeat API Control:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Manage the frequency of the WordPress Heartbeat API to optimize performance and reduce server load.\u003C\u002Fli>\n\u003Cli>Set different heartbeat intervals or disable it completely for:\n\u003Cul>\n\u003Cli>Admin Dashboard – Maintain responsive experience for admins and editors.\u003C\u002Fli>\n\u003Cli>Post\u002FPage Editor – Ensure autosave works efficiently without overloading the server.\u003C\u002Fli>\n\u003Cli>Website Frontend – Minimize unnecessary background requests for visitors.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Author Security:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Prevent user enumeration for enhanced security.\u003C\u002Fli>\n\u003Cli>Disable “List Users” functionality.\u003C\u002Fli>\n\u003Cli>Customize author slugs and base URLs for better control.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Admin Enhancements:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Duplicate any post or page with one click.\u003C\u002Fli>\n\u003Cli>Hide the admin bar on the frontend for all or selected user roles.\u003C\u002Fli>\n\u003Cli>Replace the default WordPress logo with your own on the login screen.\u003C\u002Fli>\n\u003Cli>Disable Theme and Plugin file editors for better security.\u003C\u002Fli>\n\u003Cli>Switch entirely to the Classic Editor by disabling Gutenberg.\u003C\u002Fli>\n\u003Cli>Password protect the entire website from unauthorized access.\u003C\u002Fli>\n\u003Cli>Set custom redirects after login and logout.\u003C\u002Fli>\n\u003Cli>Change the default WordPress login URL to protect against brute-force attacks.\u003C\u002Fli>\n\u003Cli>Under Maintenance Mode – When activated, visitors who are not logged in will see a maintenance notice on the site’s frontend. Logged-in users can continue working in the website without interruptions.\u003C\u002Fli>\n\u003Cli>Disable search engine indexing to discourage search engines from listing the site while it is under construction.\u003C\u002Fli>\n\u003Cli>Enable SVG uploads with automatic sanitization for safe use of vector graphics.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Comment Management:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable future comments on posts, pages, and media attachments.\u003C\u002Fli>\n\u003Cli>Optionally hide existing comments for a cleaner frontend and improved performance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Database Optimization\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Check Database Health – Scan your database to see the number of optimizable items.\u003C\u002Fli>\n\u003Cli>One-Click Optimization – Select the items you want to clean and optimize instantly.\n\u003Cul>\n\u003Cli>Optimize Database Tables\u003C\u002Fli>\n\u003Cli>Clean Post Revisions\u003C\u002Fli>\n\u003Cli>Clean Auto-draft Posts\u003C\u002Fli>\n\u003Cli>Clean Trashed Posts\u003C\u002Fli>\n\u003Cli>Delete Comments Marked as Spam\u003C\u002Fli>\n\u003Cli>Delete Unapproved Comments\u003C\u002Fli>\n\u003Cli>Delete Trashed Comments\u003C\u002Fli>\n\u003Cli>Clean Expired Transients\u003C\u002Fli>\n\u003Cli>Clean All Transients\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Scheduled Optimization – Automate cleanups by setting optimization frequency (Daily, Weekly, Monthly).\u003C\u002Fli>\n\u003Cli>Last Optimization Log – Quickly view the last optimization date and time.\u003C\u002Fli>\n\u003C\u002Ful>\n","JetHost Total Care simplifies WordPress management by consolidating features like security, site enhancements and performance into a single plugin.",700,2480,100,3,"2026-04-02T14:06:00.000Z","6.9.4","5.5","7.4",[54,20,21,55,22],"enhancements","protection","https:\u002F\u002Fwww.jethost.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjethost-total-care.2.4.1.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":80,"download_link":81,"security_score":82,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wp-safely-disable-directory-browsing","WP safely disable directory browsing","0.1","Maurisource","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaurisource\u002F","\u003Cp>This essential .htaccess rules plugin allow you to improve security of your wordpress blog.\u003C\u002Fp>\n\u003Cp>More info:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>More info on \u003Ca href=\"http:\u002F\u002Fwww.maurisource.com\u002Fblog\u002Fwp-safely-disable-directory-browsing\u002F\" rel=\"nofollow ugc\">WP safely disable directory browsing\u003C\u002Fa>, with info on how to configure it.\u003C\u002Fli>\n\u003Cli>Special Thanks to \u003Ca href=\"http:\u002F\u002Fwww.maurisource.com\u002F\" rel=\"nofollow ugc\">Agence web Montreal\u003C\u002Fa> for support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Changelog\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>first release\u003C\u002Fli>\n\u003C\u002Ful>\n","This essential .htaccess rules plugin allow you to improve security of your wordpress blog.",300,5960,82,8,"2012-10-05T18:03:00.000Z","2.9.2","2.6","",[75,76,77,78,79],"directory-browsing","htaccess","web-performance-optimization","wordpress-security","wp-content","http:\u002F\u002Fwww.maurisource.com\u002Fblog\u002Fwp-safely-disable-directory-browsing\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-safely-disable-directory-browsing.zip",85,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":47,"num_ratings":32,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":73,"tags":96,"homepage":99,"download_link":100,"security_score":82,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"css-above-the-fold","CSS Above The Fold","1.0","Pau Iglesias","https:\u002F\u002Fprofiles.wordpress.org\u002Fpauiglesias\u002F","\u003Cp>Improve user experience by having your above-the-fold (top of the page) CSS styles in-page.\u003C\u002Fp>\n\u003Cp>Even if the rest of the CSS files take a seconds to load, these specific CSS styles displayed from the head section ensure a quick rendering of your page and better score in testing systems like Google Page Speed Insights.\u003C\u002Fp>\n\u003Cp>But you do not need to maintain two separate stylesheets, just select specific fragments of your theme style file with a special markup to create an above-the-fold styles joining the CSS fragments in the head section.\u003C\u002Fp>\n\u003Cp>This plugin enables a special open and close tags that you can insert editing your style.css theme file to surround pieces of code:\u003C\u002Fp>\n\u003Cp>[css-above-the-fold]\u003C\u002Fp>\n\u003Cp>… Your theme CSS code fragment …\u003C\u002Fp>\n\u003Cp>[\u002Fcss-above-the-fold]\u003C\u002Fp>\n\u003Cp>But this syntax is not an standard CSS, so you need to include this tags between CSS comments, there are two ways to do it:\u003C\u002Fp>\n\u003Ch3>1. Comment whole section\u003C\u002Fh3>\n\u003Cp>The easiest way, the CSS is rendered only in the head but not in the stylesheet.\u003Cbr \u002F>\nThis kind of markup does not allow to use your own CSS comments inside the fragment.\u003Cbr \u002F>\nTake care to use this way only when the plugin is active, because you are commenting some parts of your theme stylesheet.\u003C\u002Fp>\n\u003Cp>\u002F* [css-above-the-fold]\u003C\u002Fp>\n\u003Cp>… CSS code fragment …\u003C\u002Fp>\n\u003Cp>[\u002Fcss-above-the-fold] *\u002F\u003C\u002Fp>\n\u003Ch3>2. Comment only the tags\u003C\u002Fh3>\n\u003Cp>The unobtrusive way, it allows you to include comments inside fragments, but the fragments are rendered both in the head section and the CSS file.\u003Cbr \u002F>\nThis way is plugin-independent, and your theme stylesheet will keep running with this plugin activated or not.\u003C\u002Fp>\n\u003Cp>\u002F* [css-above-the-fold] *\u002F\u003C\u002Fp>\n\u003Cp>… CSS code fragment …\u003C\u002Fp>\n\u003Cp>\u002F* [\u002Fcss-above-the-fold] *\u002F\u003C\u002Fp>\n\u003Cp>You can use these two kinds of markup combined in your CSS File.\u003C\u002Fp>\n\u003Cp>The resulting CSS fragments introduced in the header are compacted and minified.\u003C\u002Fp>\n\u003Cp>This plugin only read the style.css file when it is modified, and stores the results using the WP options API.\u003C\u002Fp>\n","Faster CSS browser rendering displaying selected fragments of your theme stylesheet file directly into the head section.",200,16196,"2015-08-31T11:47:00.000Z","4.3.34","3.3.2",[18,19,97,98,20],"minify-css","minify-stylesheet","http:\u002F\u002Fblogestudio.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcss-above-the-fold.1.0.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":91,"downloaded":109,"rating":47,"num_ratings":110,"last_updated":111,"tested_up_to":50,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":119,"download_link":120,"security_score":47,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"divewp-boost-site-performance","DiveWP – Boost Site Performance with Clear, Actionable Steps","2.3.3","Oleg Petrov","https:\u002F\u002Fprofiles.wordpress.org\u002Freplikon\u002F","\u003Ch4>🔌 NEW: Plugins Management\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Monitor and manage all installed plugins from one place.\u003C\u002Fstrong> DiveWP’s \u003Cstrong>Plugins Management\u003C\u002Fstrong> feature shows every plugin with active\u002Finactive status, update availability, and “Up to date” state. View details and changelog from WordPress.org, and activate or deactivate plugins without leaving the dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugins Management & Abilities API:\u003C\u002Fstrong> Use the \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> ability so AI assistants can list plugins, fetch description and changelog for a plugin, or activate\u002Fdeactivate a plugin by file path.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What Plugins Management Delivers:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Unified plugin list\u003C\u002Fstrong> – All installed plugins with status pills (Active, Inactive, Update Available, Up to date)\u003Cbr \u002F>\n* \u003Cstrong>Dashboard overview\u003C\u002Fstrong> – Green and red pill counts on the main dashboard for quick health overview\u003Cbr \u002F>\n* \u003Cstrong>Details drawer\u003C\u002Fstrong> – Overview, full description, and changelog from WordPress.org\u003Cbr \u002F>\n* \u003Cstrong>Toggle activation\u003C\u002Fstrong> – Activate or deactivate plugins from the card or drawer\u003Cbr \u002F>\n* \u003Cstrong>Search\u003C\u002Fstrong> – Filter plugins by name, author, or description\u003Cbr \u002F>\n* \u003Cstrong>Abilities API\u003C\u002Fstrong> – Operations: list (all plugins), details (wp.org info for one plugin), toggle (activate\u002Fdeactivate)\u003C\u002Fp>\n\u003Ch4>🤖 NEW: AI Capabilities & WordPress Abilities API\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Talk to your WordPress site through AI!\u003C\u002Fstrong> DiveWP integrates with the \u003Cstrong>WordPress Abilities API\u003C\u002Fstrong> and Model Context Protocol (MCP), so AI tools like Cursor, Claude, and ChatGPT can query your site’s health and diagnostics directly—no copy-paste needed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Abilities API & MCP:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>11 Diagnostic Abilities\u003C\u002Fstrong> – Server insights, cron monitoring, plugins management, database health, security audits, and more via the Abilities API\u003Cbr \u002F>\n* \u003Cstrong>Zero Copy-Paste\u003C\u002Fstrong> – AI agents run diagnostics through MCP without manual log sharing\u003Cbr \u002F>\n* \u003Cstrong>Secure Authentication\u003C\u002Fstrong> – WordPress Application Passwords for safe, controlled access\u003Cbr \u002F>\n* \u003Cstrong>Step-by-Step Setup\u003C\u002Fstrong> – “AI Capabilities” tab guides you through 3-step configuration for Abilities API and MCP clients\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Available Abilities:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fserver-insights\u003C\u002Fcode> – Full server health & config check\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> – Monitor WP-Cron and Action Scheduler; background tasks & overdue jobs\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fdb-insights\u003C\u002Fcode> – Database size & optimization status\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fsecurity-insights\u003C\u002Fcode> – Vulnerability & configuration audit\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fperformance-checks\u003C\u002Fcode> – Caching & optimization discovery\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Ftheme-builder-insights\u003C\u002Fcode> – Theme and page builder health\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fwoocommerce-best-practices\u003C\u002Fcode> – WooCommerce optimization\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fseo-optimization\u003C\u002Fcode> – SEO configuration audit\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Femail-communications\u003C\u002Fcode> – Email delivery & SMTP status\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fhosting-benchmark-latest\u003C\u002Fcode> – Latest benchmark results\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> – List installed plugins, fetch wp.org details\u002Fchangelog, or toggle plugin activation (operations: list, details, toggle)\u003C\u002Fp>\n\u003Ch4>⏰ NEW: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Take control of WordPress cron jobs and scheduled tasks.\u003C\u002Fstrong> DiveWP’s \u003Cstrong>Cron Job Manager\u003C\u002Fstrong> gives you a clear view of WP-Cron and Action Scheduler so you can spot overdue jobs, slow hooks, and misconfigured cron setups.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cron Jobs & Abilities API:\u003C\u002Fstrong> Use the \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> ability so AI assistants can inspect your cron status, overdue tasks, and recommendations without opening the admin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What the Cron Job Manager Delivers:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Real-time cron monitoring\u003C\u002Fstrong> – WP-Cron and Action Scheduler in one dashboard\u003Cbr \u002F>\n* \u003Cstrong>Hook performance\u003C\u002Fstrong> – Execution time and memory per cron hook\u003Cbr \u002F>\n* \u003Cstrong>Overdue & orphan detection\u003C\u002Fstrong> – Find stuck or orphaned scheduled tasks\u003Cbr \u002F>\n* \u003Cstrong>Execution history\u003C\u002Fstrong> – Filterable, paginated cron run history\u003Cbr \u002F>\n* \u003Cstrong>Health guidance\u003C\u002Fstrong> – System health and cron configuration tips\u003C\u002Fp>\n\u003Ch4>🚀 Hosting Performance Benchmark – Know If You Need to Upgrade!\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Measure how your hosting handles your WordPress site!\u003C\u002Fstrong> DiveWP’s comprehensive Hosting Performance Benchmark is a powerful enterprise-grade testing system that evaluates your hosting environment through real-world performance tests.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What It Tests:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Database Performance\u003C\u002Fstrong> – Tests INSERT, SELECT, UPDATE operations, datetime functions, and aggregate operations (8 comprehensive tests)\u003Cbr \u002F>\n* \u003Cstrong>Server Resources\u003C\u002Fstrong> – Evaluates CPU, memory, I\u002FO, and network capabilities (5 resource tests)\u003Cbr \u002F>\n* \u003Cstrong>Concurrency Handling\u003C\u002Fstrong> – Measures how your hosting performs under multiple simultaneous requests (4 concurrency tests)\u003Cbr \u002F>\n* \u003Cstrong>E-commerce Performance\u003C\u002Fstrong> – Tests WooCommerce-like operations including price calculations, shipping, and inventory checks (3 performance tests)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Benefits:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>20+ Individual Tests\u003C\u002Fstrong> – Comprehensive evaluation across 4 major categories\u003Cbr \u002F>\n* \u003Cstrong>Real-World Simulation\u003C\u002Fstrong> – Tests simulate actual WordPress operations, not synthetic benchmarks\u003Cbr \u002F>\n* \u003Cstrong>6-Minute Complete Analysis\u003C\u002Fstrong> – Get detailed insights in approximately 6 minutes\u003Cbr \u002F>\n* \u003Cstrong>Actionable Results\u003C\u002Fstrong> – Understand if your current hosting is sufficient or if you need to upgrade\u003Cbr \u002F>\n* \u003Cstrong>Cross-Database Compatible\u003C\u002Fstrong> – Works with MySQL, MariaDB, PostgreSQL, SQLite, and SQL Server\u003Cbr \u002F>\n* \u003Cstrong>Optimized for Shared Hosting\u003C\u002Fstrong> – Designed to work efficiently even on shared hosting environments\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Site owners wondering if their hosting plan is sufficient\u003Cbr \u002F>\n* Users experiencing slow performance and wanting to identify bottlenecks\u003Cbr \u002F>\n* Anyone considering upgrading their hosting plan\u003Cbr \u002F>\n* Developers evaluating hosting performance for client sites\u003C\u002Fp>\n\u003Ch4>🎯 Transform Your WP Journey\u003C\u002Fh4>\n\u003Cp>Discover your site’s true potential by understanding exactly what’s happening under the hood. DiveWP provides clear insights about Performance, Security, and Best Practices – all explained in plain English. Take control of your digital presence by learning as you optimize!\u003C\u002Fp>\n\u003Ch4>🔍 Key Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>🔌 NEW: Plugins Management\u003C\u002Fstrong>\u003Cbr \u002F>\n* Unified list of all installed plugins with status (Active, Inactive, Update Available, Up to date)\u003Cbr \u002F>\n* Dashboard counts green (up to date) and red (updates available) pills for quick overview\u003Cbr \u002F>\n* Details drawer with overview, WordPress.org description, and changelog\u003Cbr \u002F>\n* Toggle plugin activation from card or drawer; search by name, author, or description\u003Cbr \u002F>\n* Abilities API: \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> (list, details, toggle) for AI-assisted plugin management\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⏰ NEW: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fstrong>\u003Cbr \u002F>\n* Real-time WP-Cron and Action Scheduler tracking\u003Cbr \u002F>\n* Monitor hook performance and execution time\u003Cbr \u002F>\n* Detect orphaned and overdue tasks\u003Cbr \u002F>\n* Identify problematic cron hooks affecting performance\u003Cbr \u002F>\n* Complete execution history with filtering and pagination\u003Cbr \u002F>\n* Integrates with Abilities API via \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> for AI-assisted cron diagnostics\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🤖 NEW: AI Capabilities & WordPress Abilities API\u003C\u002Fstrong>\u003Cbr \u002F>\n* WordPress Abilities API and MCP let AI assistants query your site for diagnostics\u003Cbr \u002F>\n* 11 abilities for server, cron jobs, plugins, security, database, and performance insights\u003Cbr \u002F>\n* Works with Cursor, Claude Desktop, ChatGPT, and other MCP clients\u003Cbr \u002F>\n* Secure access via WordPress Application Passwords\u003Cbr \u002F>\n* Step-by-step setup guide in “AI Capabilities” tab\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 Hosting Performance Benchmark\u003C\u002Fstrong>\u003Cbr \u002F>\n* Comprehensive hosting evaluation with 20+ real-world performance tests\u003Cbr \u002F>\n* Database, resource, concurrency, and e-commerce performance analysis\u003Cbr \u002F>\n* Determine if your hosting plan is sufficient for your site\u003Cbr \u002F>\n* Cross-database compatibility (MySQL, MariaDB, PostgreSQL, SQLite, SQL Server)\u003Cbr \u002F>\n* Optimized for shared hosting environments\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Deep Site Insights\u003C\u002Fstrong>\u003Cbr \u002F>\n* Understand your site inside out\u003Cbr \u002F>\n* Comprehensive analysis of core functions\u003Cbr \u002F>\n* Database health monitoring\u003Cbr \u002F>\n* User activity tracking\u003Cbr \u002F>\n* Everything explained in plain English\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Performance & Speed\u003C\u002Fstrong>\u003Cbr \u002F>\n* Clear performance insights\u003Cbr \u002F>\n* Actionable optimization steps\u003Cbr \u002F>\n* Speed improvement recommendations\u003Cbr \u002F>\n* Learn what affects your site’s performance\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛡️ Security & Best Practices\u003C\u002Fstrong>\u003Cbr \u002F>\n* Proactive security checks\u003Cbr \u002F>\n* Easy-to-follow hardening recommendations\u003Cbr \u002F>\n* Learn WordPress security best practices\u003Cbr \u002F>\n* Implement as you learn\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📊 Database Health\u003C\u002Fstrong>\u003Cbr \u002F>\n* Optimize database performance\u003Cbr \u002F>\n* Clear insights into tables and structure\u003Cbr \u002F>\n* Cleanup recommendations\u003Cbr \u002F>\n* Learn database management without being a tech expert\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎯 SEO & Visibility\u003C\u002Fstrong>\u003Cbr \u002F>\n* Practical SEO recommendations\u003Cbr \u002F>\n* Essential optimization techniques\u003Cbr \u002F>\n* Improve search engine rankings\u003Cbr \u002F>\n* Learn while implementing\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛍️ WooCommerce Optimization\u003C\u002Fstrong>\u003Cbr \u002F>\n* Specialized store insights\u003Cbr \u002F>\n* Performance optimization\u003Cbr \u002F>\n* Checkout process analysis\u003Cbr \u002F>\n* Shopping experience improvements\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📧 Email System Monitor\u003C\u002Fstrong>\u003Cbr \u002F>\n* Detailed logging and diagnostics\u003Cbr \u002F>\n* Track email system performance\u003Cbr \u002F>\n* Ensure reliable communication\u003Cbr \u002F>\n* Monitor delivery status\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎨 Theme & Builder Analysis\u003C\u002Fstrong>\u003Cbr \u002F>\n* Theme performance insights\u003Cbr \u002F>\n* Page builder optimization\u003Cbr \u002F>\n* Visual elements analysis\u003Cbr \u002F>\n* Speed optimization guidance\u003C\u002Fp>\n\u003Ch4>💡 How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Install & Scan:\u003C\u002Fstrong> Quick installation and automatic site analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Get Clear Insights:\u003C\u002Fstrong> Receive easy-to-understand explanations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Learn Best Practices:\u003C\u002Fstrong> Understand WordPress through your own site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Implement Changes:\u003C\u002Fstrong> Follow actionable recommendations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitor Progress:\u003C\u002Fstrong> Track improvements and keep learning\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>🎯 Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Beginners:\u003C\u002Fstrong> Finally understand what’s happening on your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Store Owners:\u003C\u002Fstrong> Optimize WooCommerce performance and boost sales\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agency Teams:\u003C\u002Fstrong> Maintain multiple sites while learning best practices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content Creators:\u003C\u002Fstrong> Improve site visibility while mastering WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌟 What’s New in 2.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Plugins Management\u003C\u002Fli>\n\u003Cli>New “Plugins Management” feature: view all installed plugins with status pills (Active, Inactive, Update Available, Up to date)\u003C\u002Fli>\n\u003Cli>Dashboard overview counts green (up to date) and red (updates available) pills alongside other feature statuses\u003C\u002Fli>\n\u003Cli>Details drawer with overview, full description, and changelog from WordPress.org\u003C\u002Fli>\n\u003Cli>Activate\u002Fdeactivate plugins from the card or drawer; search by name, author, or description\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Abilities API – \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Operations: list (all plugins with status), details (wp.org description and changelog for one plugin), toggle (activate\u002Fdeactivate by plugin file)\u003C\u002Fli>\n\u003Cli>AI assistants can list plugins, fetch plugin info, or change activation state via MCP\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌟 What’s New in 2.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: AI Capabilities & WordPress Abilities API\u003C\u002Fli>\n\u003Cli>New “AI Capabilities” tab with step-by-step setup guide\u003C\u002Fli>\n\u003Cli>10 diagnostic abilities for AI agents (server, cron jobs, database, security, performance, and more)\u003C\u002Fli>\n\u003Cli>Support for Cursor, Claude Desktop, ChatGPT via Model Context Protocol (MCP)\u003C\u002Fli>\n\u003Cli>Secure access using WordPress Application Passwords\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fli>\n\u003Cli>Full cron jobs dashboard: WP-Cron and Action Scheduler in one place\u003C\u002Fli>\n\u003Cli>Hook performance, overdue and orphan detection, execution history\u003C\u002Fli>\n\u003Cli>Abilities API integration: \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> for AI-driven cron diagnostics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: REST API Access Logging in User Events\u003C\u002Fli>\n\u003Cli>Track API access via Application Passwords in the event log\u003C\u002Fli>\n\u003Cli>Monitor AI agent activity and external integrations\u003C\u002Fli>\n\u003Cli>Throttled logging to prevent flood from MCP bursts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IMPROVED\u003C\u002Fstrong>: Cron Jobs Feature Enhancements\u003C\u002Fli>\n\u003Cli>Aligned AJAX and server health calculations for consistent status display\u003C\u002Fli>\n\u003Cli>“Potential orphan” terminology for clearer task identification\u003C\u002Fli>\n\u003Cli>Added Alternate Cron explanation footnote\u003C\u002Fli>\n\u003Cli>Visual accent pills for Important\u002FRecommendation notes in task modals\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? We’re here for you!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📚 \u003Ca href=\"https:\u002F\u002Fdivewp.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>💬 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdivewp\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>🐞 \u003Ca href=\"https:\u002F\u002Fdivewp.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Bug Reports and Contact\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>DiveWP respects your privacy and that of your users. We do not collect any personal data. All analysis is performed locally on your server.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>DiveWP is proudly created and maintained by Oleg Petrov.\u003C\u002Fp>\n","Learn WP Best Practices Through Your Own Site! Get clear insights about Performance, Security, and Best Practices – explained in plain English.",2060,6,"2026-02-26T08:16:00.000Z","6.8","7.2",[115,116,117,22,118],"abilities-api","cron-jobs","performance-optimization","site-health","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdivewp-boost-site-performance\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdivewp-boost-site-performance.2.3.3.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":91,"downloaded":129,"rating":11,"num_ratings":11,"last_updated":130,"tested_up_to":50,"requires_at_least":131,"requires_php":52,"tags":132,"homepage":135,"download_link":136,"security_score":47,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"rationalcleanup","RationalCleanup","1.1.0","rationalwp","https:\u002F\u002Fprofiles.wordpress.org\u002Frationalwp\u002F","\u003Cp>RationalCleanup removes unnecessary WordPress features, hardens security, and improves performance. All 24 options are toggleable with sensible defaults that balance security and compatibility.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Head Tags\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove unnecessary meta tags and links from the document head:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Remove WordPress generator meta tag (hides version number)\u003C\u002Fli>\n\u003Cli>Remove WLW manifest link\u003C\u002Fli>\n\u003Cli>Remove RSD link\u003C\u002Fli>\n\u003Cli>Remove shortlink\u003C\u002Fli>\n\u003Cli>Remove REST API discovery link\u003C\u002Fli>\n\u003Cli>Remove RSS feed links\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Frontend Bloat\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove scripts and styles that most sites don’t need:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Remove emoji detection scripts and styles\u003C\u002Fli>\n\u003Cli>Remove jQuery Migrate from frontend\u003C\u002Fli>\n\u003Cli>Remove Gutenberg block library CSS\u003C\u002Fli>\n\u003Cli>Remove global styles and SVG filters\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Security\u003C\u002Fstrong>\u003Cbr \u002F>\nHarden WordPress against common attack vectors:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable XML-RPC completely (prevents brute force and DDoS attacks)\u003C\u002Fli>\n\u003Cli>Prevent user enumeration (blocks author archives and REST API user endpoints)\u003C\u002Fli>\n\u003Cli>Obfuscate login error messages (prevents username discovery)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Performance\u003C\u002Fstrong>\u003Cbr \u002F>\nReduce unnecessary WordPress overhead:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable self-pingbacks\u003C\u002Fli>\n\u003Cli>Throttle Heartbeat API (reduces server load)\u003C\u002Fli>\n\u003Cli>Extend autosave interval (reduces database writes)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable major WordPress subsystems:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable comments system completely\u003C\u002Fli>\n\u003Cli>Disable block editor (force classic editor)\u003C\u002Fli>\n\u003Cli>Disable REST API for non-authenticated users\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Admin Cleanup\u003C\u002Fstrong>\u003Cbr \u002F>\nDeclutter the WordPress admin dashboard:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Remove WordPress Events and News widget\u003C\u002Fli>\n\u003Cli>Remove Quick Draft widget\u003C\u002Fli>\n\u003Cli>Remove At a Glance widget\u003C\u002Fli>\n\u003Cli>Remove Activity widget\u003C\u002Fli>\n\u003Cli>Remove Site Health Status widget\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Opinionated Defaults\u003C\u002Fh4>\n\u003Cp>RationalCleanup uses sensible defaults:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security options:\u003C\u002Fstrong> Enabled by default (XML-RPC disabled, user enumeration blocked)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Head cleanup:\u003C\u002Fstrong> Mostly enabled (safe, no compatibility issues)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frontend cleanup:\u003C\u002Fstrong> Emoji and jQuery Migrate removal enabled\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Breaking features:\u003C\u002Fstrong> Disabled by default (comments, block editor, REST API restrictions)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin widgets:\u003C\u002Fstrong> Disabled by default\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>RationalWP Menu\u003C\u002Fh4>\n\u003Cp>This plugin uses a shared parent menu for all RationalWP plugins. When activated, you’ll see a \u003Cstrong>RationalWP\u003C\u002Fstrong> menu in your admin sidebar containing links to all installed RationalWP plugins.\u003C\u002Fp>\n","Clean up legacy WordPress bloat, improve security, and optimize performance with toggleable, opinionated defaults.",237,"2026-02-06T20:58:00.000Z","5.0",[133,134,20,21,22],"cleanup","disable-xmlrpc","https:\u002F\u002Frationalwp.com\u002Fplugins\u002Fcleanup\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frationalcleanup.1.1.0.zip",{"attackSurface":138,"codeSignals":144,"taintFlows":202,"riskAssessment":238,"analyzedAt":250},{"hooks":139,"ajaxHandlers":140,"restRoutes":141,"shortcodes":142,"cronEvents":143,"entryPointCount":11,"unprotectedCount":11},[],[],[],[],[],{"dangerousFunctions":145,"sqlUsage":146,"outputEscaping":148,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":201},[],{"prepared":11,"raw":11,"locations":147},[],{"escaped":32,"rawEcho":149,"locations":150},29,[151,155,157,159,161,162,163,164,166,168,169,171,172,173,174,176,177,179,181,183,184,186,188,190,191,193,195,197,199],{"file":152,"line":153,"context":154},"admin.php",145,"raw output",{"file":152,"line":156,"context":154},146,{"file":152,"line":158,"context":154},147,{"file":152,"line":160,"context":154},154,{"file":152,"line":160,"context":154},{"file":152,"line":160,"context":154},{"file":152,"line":160,"context":154},{"file":152,"line":165,"context":154},189,{"file":152,"line":167,"context":154},227,{"file":152,"line":167,"context":154},{"file":152,"line":170,"context":154},230,{"file":152,"line":170,"context":154},{"file":152,"line":129,"context":154},{"file":152,"line":129,"context":154},{"file":152,"line":175,"context":154},247,{"file":152,"line":175,"context":154},{"file":152,"line":178,"context":154},264,{"file":152,"line":180,"context":154},271,{"file":152,"line":182,"context":154},273,{"file":152,"line":182,"context":154},{"file":185,"line":48,"context":154},"templates\\csp-recommendations.php",{"file":185,"line":187,"context":154},5,{"file":185,"line":189,"context":154},17,{"file":185,"line":149,"context":154},{"file":185,"line":192,"context":154},31,{"file":185,"line":194,"context":154},51,{"file":185,"line":196,"context":154},53,{"file":185,"line":198,"context":154},61,{"file":185,"line":200,"context":154},63,[],[203,221],{"entryPoint":204,"graph":205,"unsanitizedCount":32,"severity":220},"draw (admin.php:127)",{"nodes":206,"edges":217},[207,212],{"id":208,"type":209,"label":210,"file":152,"line":211},"n0","source","$_SERVER",142,{"id":213,"type":214,"label":215,"file":152,"line":153,"wp_function":216},"n1","sink","echo() [XSS]","echo",[218],{"from":208,"to":213,"sanitized":219},false,"medium",{"entryPoint":222,"graph":223,"unsanitizedCount":236,"severity":237},"\u003Cadmin> (admin.php:0)",{"nodes":224,"edges":233},[225,226,227,231],{"id":208,"type":209,"label":210,"file":152,"line":211},{"id":213,"type":214,"label":215,"file":152,"line":153,"wp_function":216},{"id":228,"type":209,"label":229,"file":152,"line":230},"n2","$_GET",42,{"id":232,"type":214,"label":215,"file":152,"line":129,"wp_function":216},"n3",[234,235],{"from":208,"to":213,"sanitized":219},{"from":228,"to":232,"sanitized":219},2,"low",{"summary":239,"deductions":240},"The \"torque\" plugin v1.0.0 exhibits a concerning security posture despite the absence of known CVEs and a limited attack surface. Static analysis reveals significant issues with output escaping, with only 3% of 30 identified outputs being properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed within the context of a user's browser. Furthermore, the taint analysis identified two flows with unsanitized paths, suggesting potential for path traversal or arbitrary file access vulnerabilities, even though they are not classified as critical or high severity. The complete lack of capability checks and nonce checks on identified entry points, combined with the low percentage of properly escaped outputs, means that any interaction with these points could be exploited by unauthenticated users or without proper verification. The vulnerability history being clean is a positive sign, but it cannot mitigate the immediate risks identified in the static and taint analysis. The plugin's strengths lie in its absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests. However, the critical weakness in output sanitization and the presence of unsanitized paths represent substantial security risks that need immediate attention.",[241,244,246,248],{"reason":242,"points":243},"Low percentage of properly escaped outputs",12,{"reason":245,"points":69},"Taint flows with unsanitized paths",{"reason":247,"points":187},"No nonce checks on entry points",{"reason":249,"points":187},"No capability checks on entry points","2026-03-17T06:03:36.209Z",{"wat":252,"direct":261},{"assetPaths":253,"generatorPatterns":256,"scriptPaths":257,"versionParams":258},[254,255],"\u002Fwp-content\u002Fplugins\u002Ftorque\u002Fjavascript\u002Fcsp.js","\u002Fwp-content\u002Fplugins\u002Ftorque\u002Fstylesheets\u002Fcsp.css",[],[254],[259,260],"torque\u002Fjavascript\u002Fcsp.js?ver=","torque\u002Fstylesheets\u002Fcsp.css?ver=",{"cssClasses":262,"htmlComments":265,"htmlAttributes":266,"restEndpoints":268,"jsGlobals":269,"shortcodeOutput":270},[263,264],"nav-tab","nav-tab-active",[],[267],"data-tab",[],[],[],{"error":272,"url":273,"statusCode":274,"statusMessage":275,"message":275},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ftorque\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":277,"versions":278},21,[279,284,291,298,305,312,319,326,333,340,347,354,361,368,375,382,389,396,403,410,417],{"version":6,"download_url":24,"svn_tag_url":280,"released_at":26,"has_diff":219,"diff_files_changed":281,"diff_lines":26,"trac_diff_url":282,"vulnerabilities":283,"is_current":272},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F1.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.7.5&new_path=%2Ftorque%2Ftags%2F1.0.0",[],{"version":285,"download_url":286,"svn_tag_url":287,"released_at":26,"has_diff":219,"diff_files_changed":288,"diff_lines":26,"trac_diff_url":289,"vulnerabilities":290,"is_current":219},"0.7.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.7.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.7.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.7.4&new_path=%2Ftorque%2Ftags%2F0.7.5",[],{"version":292,"download_url":293,"svn_tag_url":294,"released_at":26,"has_diff":219,"diff_files_changed":295,"diff_lines":26,"trac_diff_url":296,"vulnerabilities":297,"is_current":219},"0.7.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.7.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.7.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.7.3&new_path=%2Ftorque%2Ftags%2F0.7.4",[],{"version":299,"download_url":300,"svn_tag_url":301,"released_at":26,"has_diff":219,"diff_files_changed":302,"diff_lines":26,"trac_diff_url":303,"vulnerabilities":304,"is_current":219},"0.7.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.7.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.7.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.7.2&new_path=%2Ftorque%2Ftags%2F0.7.3",[],{"version":306,"download_url":307,"svn_tag_url":308,"released_at":26,"has_diff":219,"diff_files_changed":309,"diff_lines":26,"trac_diff_url":310,"vulnerabilities":311,"is_current":219},"0.7.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.7.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.7.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.7.1&new_path=%2Ftorque%2Ftags%2F0.7.2",[],{"version":313,"download_url":314,"svn_tag_url":315,"released_at":26,"has_diff":219,"diff_files_changed":316,"diff_lines":26,"trac_diff_url":317,"vulnerabilities":318,"is_current":219},"0.7.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.7.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.7.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.7.0&new_path=%2Ftorque%2Ftags%2F0.7.1",[],{"version":320,"download_url":321,"svn_tag_url":322,"released_at":26,"has_diff":219,"diff_files_changed":323,"diff_lines":26,"trac_diff_url":324,"vulnerabilities":325,"is_current":219},"0.7.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.7.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.7.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.6.5&new_path=%2Ftorque%2Ftags%2F0.7.0",[],{"version":327,"download_url":328,"svn_tag_url":329,"released_at":26,"has_diff":219,"diff_files_changed":330,"diff_lines":26,"trac_diff_url":331,"vulnerabilities":332,"is_current":219},"0.6.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.6.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.6.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.6.4&new_path=%2Ftorque%2Ftags%2F0.6.5",[],{"version":334,"download_url":335,"svn_tag_url":336,"released_at":26,"has_diff":219,"diff_files_changed":337,"diff_lines":26,"trac_diff_url":338,"vulnerabilities":339,"is_current":219},"0.6.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.6.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.6.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.6.3&new_path=%2Ftorque%2Ftags%2F0.6.4",[],{"version":341,"download_url":342,"svn_tag_url":343,"released_at":26,"has_diff":219,"diff_files_changed":344,"diff_lines":26,"trac_diff_url":345,"vulnerabilities":346,"is_current":219},"0.6.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.6.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.6.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.6.2&new_path=%2Ftorque%2Ftags%2F0.6.3",[],{"version":348,"download_url":349,"svn_tag_url":350,"released_at":26,"has_diff":219,"diff_files_changed":351,"diff_lines":26,"trac_diff_url":352,"vulnerabilities":353,"is_current":219},"0.6.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.6.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.6.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.6.1&new_path=%2Ftorque%2Ftags%2F0.6.2",[],{"version":355,"download_url":356,"svn_tag_url":357,"released_at":26,"has_diff":219,"diff_files_changed":358,"diff_lines":26,"trac_diff_url":359,"vulnerabilities":360,"is_current":219},"0.6.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.6.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.6.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.6.0&new_path=%2Ftorque%2Ftags%2F0.6.1",[],{"version":362,"download_url":363,"svn_tag_url":364,"released_at":26,"has_diff":219,"diff_files_changed":365,"diff_lines":26,"trac_diff_url":366,"vulnerabilities":367,"is_current":219},"0.6.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.6.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.6.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.8&new_path=%2Ftorque%2Ftags%2F0.6.0",[],{"version":369,"download_url":370,"svn_tag_url":371,"released_at":26,"has_diff":219,"diff_files_changed":372,"diff_lines":26,"trac_diff_url":373,"vulnerabilities":374,"is_current":219},"0.5.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.7&new_path=%2Ftorque%2Ftags%2F0.5.8",[],{"version":376,"download_url":377,"svn_tag_url":378,"released_at":26,"has_diff":219,"diff_files_changed":379,"diff_lines":26,"trac_diff_url":380,"vulnerabilities":381,"is_current":219},"0.5.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.6&new_path=%2Ftorque%2Ftags%2F0.5.7",[],{"version":383,"download_url":384,"svn_tag_url":385,"released_at":26,"has_diff":219,"diff_files_changed":386,"diff_lines":26,"trac_diff_url":387,"vulnerabilities":388,"is_current":219},"0.5.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.5&new_path=%2Ftorque%2Ftags%2F0.5.6",[],{"version":390,"download_url":391,"svn_tag_url":392,"released_at":26,"has_diff":219,"diff_files_changed":393,"diff_lines":26,"trac_diff_url":394,"vulnerabilities":395,"is_current":219},"0.5.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.4&new_path=%2Ftorque%2Ftags%2F0.5.5",[],{"version":397,"download_url":398,"svn_tag_url":399,"released_at":26,"has_diff":219,"diff_files_changed":400,"diff_lines":26,"trac_diff_url":401,"vulnerabilities":402,"is_current":219},"0.5.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.3&new_path=%2Ftorque%2Ftags%2F0.5.4",[],{"version":404,"download_url":405,"svn_tag_url":406,"released_at":26,"has_diff":219,"diff_files_changed":407,"diff_lines":26,"trac_diff_url":408,"vulnerabilities":409,"is_current":219},"0.5.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.2&new_path=%2Ftorque%2Ftags%2F0.5.3",[],{"version":411,"download_url":412,"svn_tag_url":413,"released_at":26,"has_diff":219,"diff_files_changed":414,"diff_lines":26,"trac_diff_url":415,"vulnerabilities":416,"is_current":219},"0.5.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftorque%2Ftags%2F0.5.1&new_path=%2Ftorque%2Ftags%2F0.5.2",[],{"version":418,"download_url":419,"svn_tag_url":420,"released_at":26,"has_diff":219,"diff_files_changed":421,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":422,"is_current":219},"0.5.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftorque.0.5.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftorque\u002Ftags\u002F0.5.1\u002F",[],[]]