[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDpEjLwt0DuMXXgEtwaX3JaodAsMkHDy0p8rtysR3WY8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":131,"fingerprints":291},"ts-collections","TS Collections","1.0.1","rktaiwala","https:\u002F\u002Fprofiles.wordpress.org\u002Frktaiwala\u002F","\u003Cp>\u003Cstrong>Please drop me a message, if there is any problem in using the plugin.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin provides some common missing options in WordPress like –\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force All Javascript in Footer.\u003C\u002Fli>\n\u003Cli>Force ASYNC for all Javascript except jQuery.\u003C\u002Fli>\n\u003Cli>Force jQuery In Footer.\u003C\u002Fli>\n\u003Cli>Automatically link Twitter usernames.\u003C\u002Fli>\n\u003Cli>Mark Comments with Very Long URLs as Spam.\u003C\u002Fli>\n\u003Cli>Set Minimum Comment Length to 20.\u003C\u002Fli>\n\u003Cli>Allow PHP in Default Text Widgets.\u003C\u002Fli>\n\u003Cli>Remove Auto Linking of URLs in WordPress Comments.\u003C\u002Fli>\n\u003Cli>Remove the URL Field from the WordPress Comment Form.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin comes with the option to enable or disable each feature.\u003C\u002Fp>\n\u003Ch3>Usuage\u003C\u002Fh3>\n\u003Cp>There is no special step to use it. After activating the plugin you will get the options to select the icon in the Widget Screen.\u003C\u002Fp>\n","TS Collections provide some usefull Wordpress Customizations, filters, actions to make your wordpress experience more smoother and user friendly.",10,1325,100,1,"2016-05-18T09:33:00.000Z","4.5.33","4.1.1","",[20,21,22,23,24],"actions","async-javascript","customizations","filters","footer-javascript","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fts-collections.1.0.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},3,50,90,30,87,"2026-04-04T08:30:12.940Z",[39,60,79,99,116],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":34,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"debug-bar-actions-and-filters-addon","Debug Bar Actions and Filters Addon","1.5.5","Subharanjan","https:\u002F\u002Fprofiles.wordpress.org\u002Fsubharanjan\u002F","\u003Cp>This plugin adds two more tabs in the Debug Bar to display hooks(Actions and Filters) attached to the current request. Actions tab displays the actions hooked to current request. Filters tab displays the filter tags along with the functions attached to it with respective priority.\u003C\u002Fp>\n\u003Ch4>Important\u003C\u002Fh4>\n\u003Cp>This plugin requires the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebug-bar\u002F\" rel=\"ugc\">Debug Bar\u003C\u002Fa> plugin to be installed and activated.\u003C\u002Fp>\n\u003Cp>Also note that this plugin should be used solely for debugging and\u002For in a development environment and is not intended for use on a production site.\u003C\u002Fp>\n\u003Cp>If you like this plugin, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fdebug-bar-actions-and-filters-addon\" rel=\"ugc\">rate and\u002For review\u003C\u002Fa> it. If you have ideas on how to make the plugin even better or if you have found any bugs, please report these in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdebug-bar-actions-and-filters-addon\" rel=\"ugc\">Support Forum\u003C\u002Fa> or in the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsubharanjanm\u002Fdebug-bar-actions-and-filters-addon\u002Fissues\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Displays all the hooks( Actions and Filters ) for the current request in Debug Bar panel.",500,136631,8,"2022-06-15T16:53:00.000Z","6.0.11","3.3","5.2.4",[20,55,56,57,23],"debug-bar","debug-bar-actions-display","debug-bar-filters-display","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebug-bar-actions-and-filters-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebug-bar-actions-and-filters-addon.1.5.5.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":35,"downloaded":68,"rating":13,"num_ratings":14,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":77,"download_link":78,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"facetwp-manipulator","FacetWP Manipulator","1.0.0","David Cramer","https:\u002F\u002Fprofiles.wordpress.org\u002Fdesertsnowman\u002F","\u003Cp>FacetWP comes with many filters which gives you the power to mould it to your needs. Generally, you would code these filters into your child theme in the functions.php file. This has drawbacks, however. If you do not use a child theme or you change to a new theme, you stand to loose functionality on updates.\u003C\u002Fp>\n\u003Cp>FacetWP Manipulator allows you to add code to specific filters to manipulate functionality without hard coding it to the themes files. This means that your functionality via filters can be activated or deactivated without touching the file system.\u003C\u002Fp>\n","FacetWP Manipulator allows you to add code to specific FacetWP filters and Actions to manipulate functionality without hard coding it to the theme.",6111,"2017-01-17T23:45:00.000Z","4.7.32","3.6",[73,74,75,76],"facetwp","facetwp-actions","facetwp-filters","facetwp-hooks","https:\u002F\u002Fcramer.co.za","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffacetwp-manipulator.1.0.0.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":11,"downloaded":87,"rating":27,"num_ratings":27,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":98,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"captain-hooks","Captain Hooks","1.0.2","David Beja","https:\u002F\u002Fprofiles.wordpress.org\u002Fdbeja\u002F","\u003Cp>Captain Hooks is a robust WordPress plugin designed to give developers an in-depth look at all the hooks available in their WordPress environment. Explore actions, filters, and shortcodes like never before!\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Comprehensive Hook Listing\u003C\u002Fstrong>: Easily list and search all hooks (actions and filters) across any theme or plugin installed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Insight\u003C\u002Fstrong>: View all shortcodes, along with their parameters.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Code Implementation Viewer\u003C\u002Fstrong>: Quickly pinpoint where the hooks and shortcodes are implemented within the code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sample Codes\u003C\u002Fstrong>: Not sure how to use a hook? Get code samples instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Mode\u003C\u002Fstrong>: An advanced feature to monitor actions or filters in real-time and log all its parameters for better debugging.\u003C\u002Fli>\n\u003C\u002Ful>\n","Captain Hooks is a WordPress plugin that provides developers with a comprehensive view of all actions, filters, and shortcodes of their environment.",1396,"2025-03-10T17:17:00.000Z","6.7.5","5.7","7.2",[20,93,23,94,95],"admin","hooks","shortcodes","https:\u002F\u002Fgithub.com\u002Fdbkode\u002Fcaptain-hooks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptain-hooks.1.0.2.zip",92,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":11,"downloaded":107,"rating":13,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":18,"tags":112,"homepage":114,"download_link":115,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"prioritize-hooks","Prioritize Hooks","1.2","Jon Weatherhead","https:\u002F\u002Fprofiles.wordpress.org\u002Fjweathe\u002F","\u003Cp>Prioritize Hooks allows the overriding of the priority of various filters and actions hooked by plugins and themes.\u003Cbr \u002F>\nA list of non-core actions and filters registered before the \u003Ccode>admin_init\u003C\u002Fcode> action will be shown in the\u003Cbr \u002F>\nPrioritize Hooks settings page, with the option of overriding the priority of any that you should so wish. At the moment,\u003Cbr \u002F>\nthe hook cannot be changed, just the priority of that callback within its respective hook. Note that priorities will not\u003Cbr \u002F>\nbe overridden until the \u003Ccode>wp_loaded\u003C\u002Fcode> action is run. To disabled a hook, use hyphen(-) as the priority.\u003Cbr \u002F>\nLeave a priority blank to reset it.\u003C\u002Fp>\n","Prioritize Hooks allows the overriding of the priority of various filters and actions hooked by plugins and themes.",2383,2,"2013-12-30T06:10:00.000Z","3.7.41","3.2",[20,23,94,113],"override","http:\u002F\u002Fportfolio.planetjon.ca\u002Fprojects\u002Fprioritize-hooks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprioritize-hooks.1.2.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":11,"downloaded":124,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":125,"requires_at_least":71,"requires_php":18,"tags":126,"homepage":18,"download_link":129,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":130},"rtpanel-hooks-editor","rtPanel Hooks Editor","2.5.1","rtCamp","https:\u002F\u002Fprofiles.wordpress.org\u002Frtcamp\u002F","\u003Cp>This plugin is add-on for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Frtpanel\" title=\"rtPanel Theme Framework\" rel=\"ugc\">rtPanel Theme Framework\u003C\u002Fa> and should be used alongwith it.\u003C\u002Fp>\n\u003Cp>It adds an option page under rtPanel Theme Options, using which, a user can write codes for various action and\u002For filter hooks supported by \u003Ca href=\"https:\u002F\u002Frtcamp.com\u002Frtpanel\u002F\" title=\"rtPanel Theme Framework\" rel=\"nofollow ugc\">rtPanel Theme Framework\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Using this plugin a user need not edit any theme files to achieve desired functionality.\u003C\u002Fp>\n\u003Ch4>Useful Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frtcamp.com\u002Frtpanel\u002Fplugins-list\u002Frtpanel-hooks-editor\u002F\" rel=\"nofollow ugc\">rtPanel Hooks Editor Plugin’s Homepage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdocs.rtcamp.com\u002Frtpanel\u002Fdeveloper\u002F\" rel=\"nofollow ugc\">Hooks Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fcommunity.rtcamp.com\u002Fc\u002Frtpanel\" rel=\"nofollow ugc\">Free Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin is add-on for [rtPanel Theme Framework](https:\u002F\u002Fwordpress.org\u002Fthemes\u002Frtpanel \"rtPanel Theme Framework\") and should be used along &hellip;",5306,"4.0.38",[20,23,94,127,128],"rtcamp","rtpanel","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frtpanel-hooks-editor.2.5.1.zip","2026-03-15T10:48:56.248Z",{"attackSurface":132,"codeSignals":255,"taintFlows":282,"riskAssessment":283,"analyzedAt":290},{"hooks":133,"ajaxHandlers":246,"restRoutes":252,"shortcodes":253,"cronEvents":254,"entryPointCount":14,"unprotectedCount":14},[134,141,146,148,152,157,160,163,168,171,175,180,184,187,190,194,197,200,202,205,207,210,212,214,217,219,222,224,227,229,231,234,238,243],{"type":135,"name":136,"callback":137,"priority":138,"file":139,"line":140},"filter","tlo_settings_default_data","register_addon",99,"classes\\addons\\addasynctojs.php",27,{"type":135,"name":142,"callback":143,"priority":144,"file":139,"line":145},"clean_url","defer_parsing_of_js",11,34,{"type":135,"name":136,"callback":137,"priority":138,"file":147,"line":140},"classes\\addons\\allscriptsinfooter copy.php",{"type":149,"name":150,"callback":151,"file":147,"line":145},"action","after_setup_theme","jquery_in_footer",{"type":149,"name":153,"callback":154,"priority":155,"file":147,"line":156},"wp_footer","wp_print_scripts",5,44,{"type":149,"name":153,"callback":158,"priority":155,"file":147,"line":159},"wp_enqueue_scripts",45,{"type":149,"name":153,"callback":161,"priority":155,"file":147,"line":162},"wp_print_head_scripts",46,{"type":149,"name":164,"callback":165,"file":166,"line":167},"admin_init","load_tinymce","classes\\addons\\content-clips\\classes\\contentClipsEditorIcon.php",19,{"type":135,"name":169,"callback":170,"file":166,"line":140},"mce_external_plugins","tinymce_add_plugin",{"type":135,"name":172,"callback":173,"file":166,"line":174},"mce_buttons","tinymce_register_button",28,{"type":149,"name":176,"callback":177,"file":178,"line":179},"init","registerPostType","classes\\addons\\content-clips\\classes\\contentClipsPostType.php",23,{"type":149,"name":181,"callback":182,"file":178,"line":183},"save_post","save",24,{"type":135,"name":185,"callback":186,"file":178,"line":140},"post_updated_messages","alterMessages",{"type":135,"name":188,"callback":189,"file":178,"line":174},"manage_edit-contentclips_columns","ts_edit_content_clips_columns",{"type":149,"name":191,"callback":192,"priority":11,"file":178,"line":193},"manage_contentclips_posts_custom_column","ts_manage_content_clips_columns",29,{"type":135,"name":136,"callback":137,"priority":138,"file":195,"line":196},"classes\\addons\\content-clips\\content-clips.php",25,{"type":149,"name":198,"callback":199,"file":195,"line":159},"admin_enqueue_scripts","enqueueBackendScripts",{"type":135,"name":136,"callback":137,"priority":138,"file":201,"line":140},"classes\\addons\\jqueryinfooter.php",{"type":149,"name":203,"callback":151,"file":201,"line":204},"wp_default_scripts",33,{"type":135,"name":136,"callback":137,"priority":138,"file":206,"line":140},"classes\\addons\\linktwitterusername.php",{"type":135,"name":208,"callback":209,"file":206,"line":204},"the_content","link_twitter_username",{"type":135,"name":211,"callback":209,"file":206,"line":145},"comment_text",{"type":135,"name":136,"callback":137,"priority":138,"file":213,"line":140},"classes\\addons\\markcomment.php",{"type":135,"name":215,"callback":216,"priority":138,"file":213,"line":204},"pre_comment_approved","rkv_url_spamcheck",{"type":135,"name":136,"callback":137,"priority":138,"file":218,"line":140},"classes\\addons\\minimumcommentlength.php",{"type":135,"name":220,"callback":221,"priority":138,"file":218,"line":204},"preprocess_comment","minimal_comment_length",{"type":135,"name":136,"callback":137,"priority":138,"file":223,"line":140},"classes\\addons\\phpintextwidget.php",{"type":135,"name":225,"callback":226,"priority":138,"file":223,"line":204},"widget_text","php_in_widget",{"type":135,"name":136,"callback":137,"priority":138,"file":228,"line":140},"classes\\addons\\removeautolinking.php",{"type":135,"name":136,"callback":137,"priority":138,"file":230,"line":140},"classes\\addons\\removeurlcomment.php",{"type":135,"name":232,"callback":233,"file":230,"line":204},"comment_form_default_fields","remove_comment_fields",{"type":149,"name":164,"callback":235,"file":236,"line":237},"registerSettings","classes\\TheLastOneSettings.php",39,{"type":149,"name":239,"callback":240,"priority":241,"file":236,"line":242},"admin_menu","addSubMenuPage",9,42,{"type":149,"name":198,"callback":199,"file":244,"line":245},"tscollections.php",31,[247],{"action":248,"nopriv":249,"callback":250,"hasNonce":249,"hasCapCheck":249,"file":166,"line":251},"contentclipsTinymceOptions",false,"tinymce_options",18,[],[],[],{"dangerousFunctions":256,"sqlUsage":257,"outputEscaping":259,"fileOperations":27,"externalRequests":27,"nonceChecks":14,"capabilityChecks":32,"bundledLibraries":281},[],{"prepared":27,"raw":27,"locations":258},[],{"escaped":108,"rawEcho":144,"locations":260},[261,264,265,266,268,270,273,275,277,278,280],{"file":166,"line":262,"context":263},115,"raw output",{"file":178,"line":138,"context":263},{"file":178,"line":13,"context":263},{"file":178,"line":267,"context":263},183,{"file":178,"line":269,"context":263},184,{"file":271,"line":272,"context":263},"views\\TheLastOneSettings\\general-settings.php",14,{"file":271,"line":274,"context":263},16,{"file":271,"line":276,"context":263},17,{"file":271,"line":167,"context":263},{"file":271,"line":279,"context":263},20,{"file":271,"line":279,"context":263},[],[],{"summary":284,"deductions":285},"The 'ts-collections' plugin v1.0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by not using dangerous functions, performing all SQL queries using prepared statements, and avoiding file operations and external HTTP requests. The presence of nonce and capability checks, although not comprehensive across all entry points, is a commendable start. However, a significant concern arises from the single AJAX handler which lacks any authentication checks, presenting a direct and unprotected entry point for potential attackers. The low percentage of properly escaped output further exacerbates this risk, as unsanitized data processed through this handler could lead to cross-site scripting (XSS) vulnerabilities.\n\nThe vulnerability history for 'ts-collections' is clean, with no recorded CVEs. This is a strong positive indicator that the plugin has historically been secure or that its limited feature set hasn't attracted significant vulnerabilities. However, the lack of historical issues should not overshadow the immediate risks identified in the static analysis. The absence of taint analysis findings is also good, suggesting no immediately obvious critical or high severity data flow issues were detected within the analyzed scope.\n\nIn conclusion, while 'ts-collections' has a promising foundation with secure SQL handling and a clean vulnerability record, the unprotected AJAX endpoint is a critical flaw that demands immediate attention. The low output escaping rate further increases the risk of XSS. Addressing these specific code-level concerns should be the priority for improving the plugin's overall security.",[286,288],{"reason":287,"points":49},"AJAX handler without authentication",{"reason":289,"points":155},"Low output escaping percentage","2026-03-17T01:32:27.631Z",{"wat":292,"direct":299},{"assetPaths":293,"generatorPatterns":295,"scriptPaths":296,"versionParams":297},[294],"\u002Fwp-content\u002Fplugins\u002Fts-collections\u002Fcss\u002Flo.css",[],[],[298],"ts-collections\u002Fcss\u002Flo.css?ver=",{"cssClasses":300,"htmlComments":304,"htmlAttributes":305,"restEndpoints":307,"jsGlobals":309,"shortcodeOutput":314},[301,302,303],"title-widget","alert","alert-danger",[],[306],"data-tab",[308],"\u002Fwp-json\u002FcontentclipsTinymceOptions",[310,311,312,313],"tinymce","tinyMCEPopup","form_utils","e",[315],"[content_clips"]