[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1vG6X0JHNfcy6vaHpO_2oXon4x3uZXvZasJQNb1Qwa0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":136,"fingerprints":531},"uix-usercenter","Uix UserCenter","1.0.3","UIUX Lab","https:\u002F\u002Fprofiles.wordpress.org\u002Fuiuxlab\u002F","\u003Cp>This plugin is a simple way to build, organize and display Sign-in, registration and publishing system with AJAX into any existing WordPress theme. \u003Cstrong>Using template file to embed your theme.\u003C\u002Fstrong>\u003C\u002Fp>\n","Sign-in, registration and publishing system with AJAX, support remote API.",0,3749,50,2,"2025-04-24T06:47:00.000Z","6.8.5","4.2","5.6",[20,21,22,23,24],"custom-api","login","member","register","users","https:\u002F\u002Fuiux.cc\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuix-usercenter.1.0.3.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"uiuxlab",6,540,97,32,86,"2026-04-04T21:16:17.519Z",[40,62,80,100,119],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":60,"download_link":61,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29},"expire-user-passwords","Expire User Passwords","1.4.2","Matt Miller","https:\u002F\u002Fprofiles.wordpress.org\u002Fmillermedianow\u002F","\u003Cp>Note: This is a forked version of the now unsupported \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexpire-passwords\u002F\" rel=\"ugc\">Expire Passwords\u003C\u002Fa> plugin. The notes below are copied over from the original plugin and will be updated as relevant updates become available. Please help by contributing to the GitHub repository \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">Expire Passwords\u003C\u002Fa> on GitHub\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fexpire-user-passwords\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Harden the security of your site by preventing unauthorized access to stale user accounts.\u003C\u002Fp>\n\u003Cp>This plugin is also ideal for sites needing to meet certain industry security compliances – such as government, banking or healthcare.\u003C\u002Fp>\n\u003Cp>In the plugin settings you can set the maximum number of days users are allowed to use the same password (90 days by default), as well as which user roles will be required to reset their passwords regularly (non-Administrators by default).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Albanian (Shqip)\u003C\u002Fli>\n\u003Cli>Arabic (العربية)\u003C\u002Fli>\n\u003Cli>Armenian (Հայերեն)\u003C\u002Fli>\n\u003Cli>Basque (Euskara)\u003C\u002Fli>\n\u003Cli>Bengali (বাংলা)\u003C\u002Fli>\n\u003Cli>Bulgarian (Български)\u003C\u002Fli>\n\u003Cli>Catalan (Català)\u003C\u002Fli>\n\u003Cli>Chinese Simplified (简体中文)\u003C\u002Fli>\n\u003Cli>Croatian (Hrvatski)\u003C\u002Fli>\n\u003Cli>Czech (Čeština)\u003C\u002Fli>\n\u003Cli>Danish (Dansk)\u003C\u002Fli>\n\u003Cli>Dutch (Nederlands)\u003C\u002Fli>\n\u003Cli>Estonian (Eesti)\u003C\u002Fli>\n\u003Cli>Finnish (Suomi)\u003C\u002Fli>\n\u003Cli>French (Français)\u003C\u002Fli>\n\u003Cli>Galician (Galego)\u003C\u002Fli>\n\u003Cli>Georgian (ქართული)\u003C\u002Fli>\n\u003Cli>German (Deutsch)\u003C\u002Fli>\n\u003Cli>Greek (Ελληνικά)\u003C\u002Fli>\n\u003Cli>Hebrew (עברית)\u003C\u002Fli>\n\u003Cli>Hindi (हिन्दी)\u003C\u002Fli>\n\u003Cli>Hungarian (Magyar)\u003C\u002Fli>\n\u003Cli>Indonesian (Bahasa Indonesia)\u003C\u002Fli>\n\u003Cli>Irish (Gaeilge)\u003C\u002Fli>\n\u003Cli>Italian (Italiano)\u003C\u002Fli>\n\u003Cli>Japanese (日本語)\u003C\u002Fli>\n\u003Cli>Korean (한국어)\u003C\u002Fli>\n\u003Cli>Latvian (Latviešu)\u003C\u002Fli>\n\u003Cli>Lithuanian (Lietuvių)\u003C\u002Fli>\n\u003Cli>Macedonian (Македонски)\u003C\u002Fli>\n\u003Cli>Norwegian (Norsk)\u003C\u002Fli>\n\u003Cli>Persian (فارسی)\u003C\u002Fli>\n\u003Cli>Persian – Afghanistan (دری)\u003C\u002Fli>\n\u003Cli>Polish (Polski)\u003C\u002Fli>\n\u003Cli>Portuguese – Brazil (Português do Brasil)\u003C\u002Fli>\n\u003Cli>Portuguese – Portugal (Português)\u003C\u002Fli>\n\u003Cli>Romanian (Română)\u003C\u002Fli>\n\u003Cli>Russian (Русский)\u003C\u002Fli>\n\u003Cli>Serbian (Српски)\u003C\u002Fli>\n\u003Cli>Slovak (Slovenčina)\u003C\u002Fli>\n\u003Cli>Slovenian (Slovenščina)\u003C\u002Fli>\n\u003Cli>Spanish (Español)\u003C\u002Fli>\n\u003Cli>Swedish (Svenska)\u003C\u002Fli>\n\u003Cli>Tamil (தமிழ்)\u003C\u002Fli>\n\u003Cli>Thai (ไทย)\u003C\u002Fli>\n\u003Cli>Turkish (Türkçe)\u003C\u002Fli>\n\u003Cli>Ukrainian (Українська)\u003C\u002Fli>\n\u003Cli>Urdu (اردو)\u003C\u002Fli>\n\u003Cli>Vietnamese (Tiếng Việt)\u003C\u002Fli>\n\u003Cli>Welsh (Cymraeg)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Require certain users to change their passwords on a regular basis.",3000,57937,84,5,"2026-02-17T09:27:00.000Z","6.9.4","4.0","8.1",[21,57,58,59,24],"membership","passwords","security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-user-passwords.1.4.2.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":27,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":60,"tags":76,"homepage":60,"download_link":78,"security_score":79,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29},"prevent-concurrent-logins","Prevent Concurrent Logins","0.4.0","Frankie Jarrett","https:\u002F\u002Fprofiles.wordpress.org\u002Ffjarrett\u002F","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fprevent-concurrent-logins\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Deters members\u002Fsubscribers from sharing their accounts with others\u003C\u002Fli>\n\u003Cli>Hardens security by destoying old sessions automatically\u003C\u002Fli>\n\u003Cli>Prompts old sessions to login again if they want to continue\u003C\u002Fli>\n\u003Cli>Ideal for membership sites and web applications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> If you plan to network-activate this plugin on a multisite network, please install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fproper-network-activation\u002F\" rel=\"ugc\">Proper Network Activation\u003C\u002Fa> plugin \u003Cem>beforehand\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fprevent-concurrent-logins\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fprevent-concurrent-logins\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Prevents users from staying logged into the same account from multiple places.",900,17293,17,"2016-08-16T22:21:00.000Z","4.6.30","4.1",[21,57,59,77,24],"sensei","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-concurrent-logins.0.4.0.zip",85,{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":27,"downloaded":88,"rating":37,"num_ratings":89,"last_updated":90,"tested_up_to":16,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":96,"download_link":97,"security_score":98,"vuln_count":51,"unpatched_count":11,"last_vuln_date":99,"fetched_at":29},"wp-front-end-profile","WP Frontend Profile","1.3.9","Glowlogix","https:\u002F\u002Fprofiles.wordpress.org\u002Fglowlogix\u002F","\u003Cp>WP Frontend Profile gives you the ability to add a extensible user profile section to the frontend of your WordPress website. By default the plugin adds two tabs to the frontend profile. One of these tabs, titled profile, allows a user to edit their user data including email, first and last names, URL and bio (description). The password tab allows a user to change their password for the site.\u003C\u002Fp>\n\u003Ch4>Plugin Extensibility\u003C\u002Fh4>\n\u003Cp>As the frontend profile is rendered with tabs you can easily add your own tabs with your own fields to store user meta data. Tabs and fields are added through filters and all the saving of the data is taken care of for you.\u003C\u002Fp>\n\u003Cp>You can add the following field types:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WYSIWYG\u003C\u002Fli>\n\u003Cli>Select\u003C\u002Fli>\n\u003Cli>Multi Select\u003C\u002Fli>\n\u003Cli>Radio\u003C\u002Fli>\n\u003Cli>Text Area\u003C\u002Fli>\n\u003Cli>Checkbox\u003C\u002Fli>\n\u003Cli>Password\u003C\u002Fli>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>Text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See FAQs for how to add our own fields and tabs.\u003C\u002Fp>\n\u003Ch4>Profile Output\u003C\u002Fh4>\n\u003Cp>To output the frontend profile feature you can use the following shortcodes in editor:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Profile page \u003Ccode>[wpfep-profile]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Edit profile \u003Ccode>[wpfep]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Register page \u003Ccode>[wpfep-register]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Login page \u003Ccode>[wpfep-login]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added Login Widget\u003C\u002Fli>\n\u003Cli>Addon for Mailchimp\u003C\u002Fli>\n\u003Cli>Added Content Restriction feature for paid members.\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Frontend Profile allows users to edit\u002Fview their profile and register\u002Flogin without going into the dashboard to do so.",22187,8,"2026-02-21T21:44:00.000Z","4.0.1","5.2.17",[21,94,23,95,24],"profile","user-meta","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-front-end-profile\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-front-end-profile.1.3.9.zip",83,"2026-03-06 11:21:23",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":27,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":60,"tags":114,"homepage":117,"download_link":118,"security_score":79,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29},"login-to-read-more","Login to read more","0.2.0","Takayuki Miyauchi","https:\u002F\u002Fprofiles.wordpress.org\u002Fmiyauchi\u002F","\u003Cp>Display content enclosed by the shortcode for registered users only.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[auth]This content will display for registered users only[\u002Fauth]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fmiya0001\u002Flogin-to-read-more\u003C\u002Fp>\n\u003Cp>Arguments\u003C\u002Fp>\n\u003Cul>\n\u003Cli>class – Class name for css. default value is “btn btn-primary btn-large”\u003C\u002Fli>\n\u003Cli>href – Link URL for button. default value is login url for your site\u003C\u002Fli>\n\u003Cli>text – Button text. default value is “Login to read more”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The following will add a class as argument.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Example: [auth class=\"foo\"]\nOutput: \u003Ca class=\"foo\" ...>...\u003C\u002Fa>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The following will change url link.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Example: [auth href=\"http:\u002F\u002Fexample.com\u002Fxxx\u002F\"]\nOutput: \u003Ca href=\"http:\u002F\u002Fexample.com\u002Fxxx\u002F\" ...>...\u003C\u002Fa>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The following will change text.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Example: [auth text=\"Join\"]\nOutput: \u003Ca ...>Join\u003C\u002Fa>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Filter Hook\u003C\u002Fp>\n\u003Cul>\n\u003Cli>login_to_read_more_class – Change default class.\u003C\u002Fli>\n\u003Cli>login_to_read_more_href – Change default url.\u003C\u002Fli>\n\u003Cli>login_to_read_more_text – Change default text.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The following is example for “login_to_read_more_text” filter.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('login_to_read_more_text', 'my_login_to_read_more_text');\nfunction my_login_to_read_more_text(){\n    return 'Join';\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Display content enclosed by the shortcode for registered users only.",30,4072,1,"2013-06-27T08:53:00.000Z","3.5.2","3.5",[21,22,115,23,116],"post","shortcode","http:\u002F\u002Fwpist.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-to-read-more.0.2.0.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":108,"downloaded":127,"rating":11,"num_ratings":11,"last_updated":128,"tested_up_to":53,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":134,"download_link":135,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29},"user-mail-only-register","Multibyte CAPTCHA login and Mail only register","4.03","Katsushi Kawamori","https:\u002F\u002Fprofiles.wordpress.org\u002Fkatsushi-kawamori\u002F","\u003Ch4>Login form with Multibyte CAPTCHA\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Anti-Bot measures with original CAPTCHA.\u003C\u002Fli>\n\u003Cli>WordPress : \u003Ccode>wp-login.php\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>WordPress : \u003Ccode>wp-login.php?action=register\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>WordPress : \u003Ccode>wp-login.php?action=lostpassword\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Register\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Register only email address.\u003C\u002Fli>\n\u003Cli>Can check the terms of use agreement for user register.\u003C\u002Fli>\n\u003Cli>Anti-Bot measures with original CAPTCHA.\u003C\u002Fli>\n\u003Cli>WordPress : \u003Ccode>wp-login.php?action=register\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>shortcode : \u003Ccode>[umorregister]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Filter for shortcode form\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F** ==================================================\n * Filter for message.\n *\n *\u002F\nadd_filter( 'umor_register_success_msg', function(){ return 'Message for register success.'; }, 10, 1 );\nadd_filter( 'umor_login_success_login_msg', function(){ return 'Message for login success.'; }, 10, 1 );\nadd_filter( 'umor_register_error', function(){ return 'Message for register error.'; }, 10, 1 );\nadd_filter( 'umor_register_nomail', function(){ return 'Message for unentered mail.'; }, 10, 1 );\nadd_filter( 'umor_register_noterm', function(){ return 'Message for unentered term of use.'; }, 10, 1 );\nadd_filter( 'umor_register_form_label', function(){ return 'Message for form label.'; }, 10, 1 );\nadd_filter( 'umor_register_term_of_use', function(){ return 'Message for term of use.'; }, 10, 1 );\nadd_filter( 'umor_not_register_message', function(){ return 'Message for not register.'; }, 10, 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cpre>\u003Ccode>\u002F** ==================================================\n * Filter for login form message.\n *\n *\u002F\nadd_filter(\n    'umor_login_message',\n    function( $message, $text ) {\n        $message = '\u003Cp class=\"myclass\">';\n        $message .= $text;\n        $message .= '\u003C\u002Fp>';\n        return $message;\n    },\n    10,\n    2\n);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cpre>\u003Ccode>\u002F** ==================================================\n * Filter for Term of use URL.\n *\n *\u002F\nadd_filter(\n    'umor_register_term_of_use_url',\n    function( $term_of_use_url ) {\n        if ( 'ja' === get_locale() ) {\n            $term_of_use_url = 'https:\u002F\u002Ftest.com\u002Fja\u002F';\n        }\n        return $term_of_use_url;\n    },\n    10,\n    1\n);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cpre>\u003Ccode>\u002F** ==================================================\n * Filter for input text size.\n *\n *\u002F\nadd_filter( 'umor_register_input_size', function(){ return 17; }, 10, 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cpre>\u003Ccode>\u002F** ==================================================\n * Filter for class name.\n *\n *\u002F\nadd_filter( 'umor_register_notice_class_name', function(){ return 'mynotice'; }, 10, 1 );\nadd_filter( 'umor_register_form_class_name', function(){ return 'myform'; }, 10, 1 );\nadd_filter( 'umor_register_label_class_name', function(){ return 'mylabel'; }, 10, 1 );\nadd_filter( 'umor_register_input_class_name', function(){ return 'myinput'; }, 10, 1 );\nadd_filter( 'umor_register_check_form_class_name', function(){ return 'mycheckform'; }, 10, 1 );\nadd_filter( 'umor_register_check_class_name', function(){ return 'mycheck'; }, 10, 1 );\nadd_filter( 'umor_register_captcha_input_class_name', function(){ return 'mycaptcha_input'; }, 10, 1 );\nadd_filter( 'umor_register_submit_class_name', function(){ return 'mysubmit'; }, 10, 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Multibyte CAPTCHA login form and register users with mail only.",5650,"2025-12-02T23:22:00.000Z","4.7","8.0",[132,133,21,23,24],"captcha","email","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-mail-only-register\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-mail-only-register.4.03.zip",{"attackSurface":137,"codeSignals":363,"taintFlows":503,"riskAssessment":520,"analyzedAt":530},{"hooks":138,"ajaxHandlers":299,"restRoutes":347,"shortcodes":360,"cronEvents":361,"entryPointCount":362,"unprotectedCount":89},[139,145,149,153,156,160,164,169,172,177,182,186,190,193,197,201,205,208,211,215,219,223,227,231,234,237,239,243,247,250,253,256,260,263,266,270,273,277,281,285,289,293,296],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_enqueue_scripts","uix_usercenter_scripts","helper\\settings.php",22,{"type":140,"name":146,"callback":147,"file":148,"line":79},"add_meta_boxes","add","includes\\admin\\uix-custom-metaboxes\\init.php",{"type":140,"name":150,"callback":151,"file":148,"line":152},"save_post","save",89,{"type":140,"name":141,"callback":154,"file":148,"line":155},"backstage_scripts",93,{"type":140,"name":157,"callback":158,"file":148,"line":159},"admin_init","load_form_core",134,{"type":161,"name":162,"callback":162,"file":148,"line":163},"filter","admin_body_class",137,{"type":140,"name":165,"callback":166,"file":167,"line":168},"rest_api_init","closure","includes\\API\\auth.php",16,{"type":140,"name":165,"callback":166,"file":170,"line":171},"includes\\API\\get-list.php",15,{"type":140,"name":173,"callback":174,"file":175,"line":176},"after_setup_theme","uix_usercenter_create_pages","includes\\modules\\auto-create-pages.php",13,{"type":140,"name":178,"callback":179,"priority":180,"file":181,"line":176},"wp_login","uix_usercenter_ajax_usercenter_track_user_logins",10,"includes\\modules\\combine-js.php",{"type":140,"name":183,"callback":184,"priority":185,"file":181,"line":108},"wp_print_scripts","uix_usercenter_combine_all_ajax_usercenter_script",9999,{"type":140,"name":187,"callback":188,"file":189,"line":171},"init","uix_usercenter_ajax_global_variables","includes\\modules\\global-variables.php",{"type":140,"name":157,"callback":166,"file":191,"line":192},"includes\\post-type\\instance.php",27,{"type":161,"name":194,"callback":195,"file":191,"line":196},"body_class","new_class",35,{"type":161,"name":198,"callback":199,"priority":180,"file":191,"line":200},"post_thumbnail_html","remove_thumbnail_dimensions",36,{"type":140,"name":173,"callback":202,"priority":203,"file":191,"line":204},"add_featured_image_support",11,37,{"type":161,"name":206,"callback":207,"priority":203,"file":191,"line":37},"featured_image_column_post_types","custom_featured_image_column_remove_post_types",{"type":140,"name":187,"callback":209,"priority":11,"file":210,"line":203},"uix_usercenter_taxonomy_register","includes\\post-type\\post-type-init.php",{"type":161,"name":212,"callback":213,"file":210,"line":214},"manage_edit-uix_usercenter_columns","uix_usercenter_taxonomy_edit_cols",75,{"type":140,"name":216,"callback":217,"priority":180,"file":210,"line":218},"manage_uix_usercenter_posts_custom_column","uix_usercenter_taxonomy_cols_display",104,{"type":161,"name":220,"callback":221,"file":210,"line":222},"parse_query","uix_usercenter_admin_posts_filter",250,{"type":161,"name":224,"callback":225,"file":210,"line":226},"manage_edit-uix_usercenter_sortable_columns","uix_usercenter_register_post_column_views_sortable",294,{"type":161,"name":228,"callback":229,"file":210,"line":230},"pre_post_title","uix_usercenter_mask_empty_post_title",309,{"type":140,"name":187,"callback":132,"file":232,"line":233},"uix-usercenter.php",39,{"type":140,"name":187,"callback":235,"file":232,"line":236},"register_scripts",40,{"type":140,"name":141,"callback":154,"file":232,"line":238},42,{"type":140,"name":240,"callback":241,"file":232,"line":242},"wp_enqueue_scripts","frontpage_scripts",43,{"type":140,"name":244,"callback":245,"file":232,"line":246},"current_screen","usage_notice",44,{"type":140,"name":157,"callback":248,"file":232,"line":249},"tc_i18n",45,{"type":140,"name":157,"callback":251,"file":232,"line":252},"load_helper",46,{"type":140,"name":157,"callback":254,"file":232,"line":255},"nag_ignore",47,{"type":140,"name":257,"callback":258,"file":232,"line":259},"admin_menu","options_admin_menu",48,{"type":140,"name":187,"callback":261,"file":232,"line":262},"cors_config",51,{"type":140,"name":187,"callback":264,"file":232,"line":265},"permission_redirect_loginpage",54,{"type":140,"name":267,"callback":268,"file":232,"line":269},"wp_head","permission_remove_toolbar",55,{"type":140,"name":157,"callback":271,"file":232,"line":272},"permission_adminpage_redirect_member",56,{"type":140,"name":274,"callback":275,"file":232,"line":276},"generate_rewrite_rules","checkcodepage_rewrite_rules",59,{"type":140,"name":278,"callback":279,"file":232,"line":280},"template_redirect","checkcodepage_template_redirect",60,{"type":140,"name":282,"callback":283,"file":232,"line":284},"query_vars","checkcodepage_custom_query_vars_filter",61,{"type":161,"name":286,"callback":287,"file":232,"line":288},"show_admin_bar","__return_false",276,{"type":140,"name":290,"callback":291,"file":232,"line":292},"admin_notices","usage_notice_app",577,{"type":140,"name":290,"callback":294,"file":232,"line":295},"template_notice_required",578,{"type":140,"name":297,"callback":187,"file":232,"line":298},"plugins_loaded",1042,[300,306,307,311,313,317,318,322,323,327,328,332,336,337,341,342,346],{"action":301,"nopriv":302,"callback":303,"hasNonce":304,"hasCapCheck":302,"file":305,"line":171},"updateuser_action",false,"uix_usercenter_ajax_updateuser",true,"includes\\modules\\ajax-curd.php",{"action":301,"nopriv":304,"callback":303,"hasNonce":304,"hasCapCheck":302,"file":305,"line":168},{"action":308,"nopriv":302,"callback":309,"hasNonce":304,"hasCapCheck":302,"file":305,"line":310},"usersubmission_action","uix_usercenter_ajax_usersubmission",131,{"action":308,"nopriv":304,"callback":309,"hasNonce":304,"hasCapCheck":302,"file":305,"line":312},132,{"action":314,"nopriv":302,"callback":315,"hasNonce":304,"hasCapCheck":302,"file":316,"line":171},"login_action","uix_usercenter_ajax_login","includes\\modules\\ajax-login.php",{"action":314,"nopriv":304,"callback":315,"hasNonce":304,"hasCapCheck":302,"file":316,"line":168},{"action":319,"nopriv":302,"callback":320,"hasNonce":302,"hasCapCheck":302,"file":321,"line":171},"logout_action","uix_usercenter_ajax_logout","includes\\modules\\ajax-logout.php",{"action":319,"nopriv":304,"callback":320,"hasNonce":302,"hasCapCheck":302,"file":321,"line":168},{"action":324,"nopriv":302,"callback":325,"hasNonce":304,"hasCapCheck":302,"file":326,"line":168},"passwordreset_action","uix_usercenter_ajax_passwordreset","includes\\modules\\ajax-password_reset.php",{"action":324,"nopriv":304,"callback":325,"hasNonce":304,"hasCapCheck":302,"file":326,"line":72},{"action":329,"nopriv":304,"callback":330,"hasNonce":304,"hasCapCheck":302,"file":326,"line":331},"passwordreset_verify_action","uix_usercenter_ajax_passwordreset_verify",81,{"action":333,"nopriv":302,"callback":334,"hasNonce":304,"hasCapCheck":302,"file":335,"line":168},"register_action","uix_usercenter_ajax_register","includes\\modules\\ajax-register.php",{"action":333,"nopriv":304,"callback":334,"hasNonce":304,"hasCapCheck":302,"file":335,"line":72},{"action":338,"nopriv":302,"callback":339,"hasNonce":302,"hasCapCheck":302,"file":340,"line":171},"createcaptcha_action","uix_usercenter_ajax_createcaptcha","includes\\modules\\create-captcha.php",{"action":338,"nopriv":304,"callback":339,"hasNonce":302,"hasCapCheck":302,"file":340,"line":168},{"action":343,"nopriv":302,"callback":344,"hasNonce":302,"hasCapCheck":302,"file":345,"line":171},"createnonce_action","uix_usercenter_ajax_createnonce","includes\\modules\\create-nonce.php",{"action":343,"nopriv":304,"callback":344,"hasNonce":302,"hasCapCheck":302,"file":345,"line":168},[348,355],{"namespace":349,"route":350,"methods":351,"callback":353,"permissionCallback":354,"file":167,"line":252},"usercenter\u002Fv1","\u002Fauth",[352],"POST","uix_usercenter_get_auth_data","__return_true",{"namespace":349,"route":356,"methods":357,"callback":358,"permissionCallback":354,"file":170,"line":359},"\u002F(?P\u003Ccat_slug>.+)\u002Fdisplay\u002F(?P\u003Cdisplay_number>\\d+)\u002Fpage\u002F(?P\u003Cpage_number>\\d+)\u002Frand\u002F(?P\u003Corderby_rand>\\d+)\u002Fstatistics\u002F(?P\u003Cenable_stat>\\d+)",[352],"uix_usercenter_get_usercenter_data",26,[],[],19,{"dangerousFunctions":364,"sqlUsage":365,"outputEscaping":367,"fileOperations":14,"externalRequests":11,"nonceChecks":89,"capabilityChecks":33,"bundledLibraries":499},[],{"prepared":11,"raw":11,"locations":366},[],{"escaped":368,"rawEcho":369,"locations":370},449,70,[371,374,377,378,380,383,385,386,387,389,390,392,395,397,399,400,402,403,405,406,408,410,412,415,416,418,420,421,422,424,427,429,431,433,435,437,440,442,444,446,448,450,452,453,455,457,458,460,462,463,465,467,469,471,472,473,475,477,478,479,481,482,484,486,487,489,491,493,495,497],{"file":372,"line":276,"context":373},"helper\\tabs\\general-settings.php","raw output",{"file":375,"line":376,"context":373},"helper\\tabs\\temp.php",53,{"file":375,"line":376,"context":373},{"file":375,"line":379,"context":373},77,{"file":381,"line":382,"context":373},"includes\\admin\\uix-custom-metaboxes\\classes\\controller-upload.php",58,{"file":384,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\checkbox.php",{"file":384,"line":171,"context":373},{"file":384,"line":192,"context":373},{"file":388,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\color.php",{"file":388,"line":171,"context":373},{"file":388,"line":391,"context":373},23,{"file":393,"line":394,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\custom-attrs.php",78,{"file":393,"line":396,"context":373},80,{"file":393,"line":398,"context":373},87,{"file":393,"line":152,"context":373},{"file":393,"line":401,"context":373},102,{"file":393,"line":310,"context":373},{"file":404,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\date.php",{"file":404,"line":171,"context":373},{"file":404,"line":407,"context":373},33,{"file":409,"line":362,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\editor.php",{"file":409,"line":411,"context":373},21,{"file":413,"line":414,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\image.php",25,{"file":413,"line":192,"context":373},{"file":413,"line":417,"context":373},49,{"file":419,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\multi-checkbox.php",{"file":419,"line":171,"context":373},{"file":419,"line":13,"context":373},{"file":419,"line":423,"context":373},65,{"file":425,"line":426,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\multi-content.php",190,{"file":425,"line":428,"context":373},192,{"file":425,"line":430,"context":373},199,{"file":425,"line":432,"context":373},201,{"file":425,"line":434,"context":373},221,{"file":425,"line":436,"context":373},257,{"file":438,"line":439,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\multi-portfolio.php",164,{"file":438,"line":441,"context":373},166,{"file":438,"line":443,"context":373},173,{"file":438,"line":445,"context":373},175,{"file":438,"line":447,"context":373},225,{"file":438,"line":449,"context":373},273,{"file":451,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\number.php",{"file":451,"line":171,"context":373},{"file":451,"line":454,"context":373},29,{"file":456,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\price.php",{"file":456,"line":171,"context":373},{"file":456,"line":459,"context":373},28,{"file":461,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\radio.php",{"file":461,"line":171,"context":373},{"file":461,"line":464,"context":373},101,{"file":461,"line":466,"context":373},112,{"file":461,"line":468,"context":373},279,{"file":470,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\select.php",{"file":470,"line":171,"context":373},{"file":470,"line":13,"context":373},{"file":470,"line":474,"context":373},63,{"file":476,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\text.php",{"file":476,"line":171,"context":373},{"file":476,"line":391,"context":373},{"file":480,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\textarea.php",{"file":480,"line":171,"context":373},{"file":480,"line":483,"context":373},31,{"file":485,"line":176,"context":373},"includes\\admin\\uix-custom-metaboxes\\controls\\url.php",{"file":485,"line":171,"context":373},{"file":485,"line":488,"context":373},24,{"file":490,"line":192,"context":373},"theme_templates\\tmpl-usercenter_register.php",{"file":232,"line":492,"context":373},589,{"file":232,"line":494,"context":373},603,{"file":232,"line":496,"context":373},804,{"file":232,"line":498,"context":373},821,[500],{"name":501,"version":28,"knownCves":502},"TinyMCE",[],[504],{"entryPoint":505,"graph":506,"unsanitizedCount":11,"severity":519},"\u003Cgeneral-settings> (helper\\tabs\\general-settings.php:0)",{"nodes":507,"edges":517},[508,512],{"id":509,"type":510,"label":511,"file":372,"line":488},"n0","source","$_POST (x12)",{"id":513,"type":514,"label":515,"file":372,"line":246,"wp_function":516},"n1","sink","update_option() [Settings Manipulation]","update_option",[518],{"from":509,"to":513,"sanitized":304},"low",{"summary":521,"deductions":522},"The \"uix-usercenter\" v1.0.3 plugin exhibits a mixed security posture. On the positive side, the absence of known CVEs and a clean taint analysis suggest that common, severe vulnerabilities like code injection and SQL injection are likely absent. The plugin also demonstrates good practices by exclusively using prepared statements for its SQL queries and a high percentage of properly escaped output.\n\nHowever, significant concerns arise from the plugin's attack surface. A notable portion of its entry points, specifically 8 out of 19, lack authentication or capability checks. This includes 6 AJAX handlers and 2 REST API routes that are exposed without proper authorization. This could allow unauthenticated users to interact with potentially sensitive functionalities or trigger unexpected behavior. While no dangerous functions were identified, and file operations are limited, the unprotected entry points present a clear avenue for attackers to probe and potentially exploit.\n\nThe plugin's vulnerability history is empty, which is a positive indicator. This suggests a good track record, or at least no publicly disclosed issues to date. Coupled with the internal code analysis showing no critical or high severity taint flows, this reinforces the notion that the plugin has likely been developed with some attention to security. Nevertheless, the unprotected entry points remain a critical weakness that requires immediate attention to harden the plugin's security.",[523,525,528],{"reason":524,"points":180},"Unprotected AJAX handlers",{"reason":526,"points":527},"Unprotected REST API routes",7,{"reason":529,"points":51},"Significant unescaped output (13%)","2026-03-17T06:50:21.029Z",{"wat":532,"direct":541},{"assetPaths":533,"generatorPatterns":536,"scriptPaths":537,"versionParams":538},[534,535],"\u002Fwp-content\u002Fplugins\u002Fuix-usercenter\u002Fassets\u002Fcss\u002Fuix-usercenter.css","\u002Fwp-content\u002Fplugins\u002Fuix-usercenter\u002Fassets\u002Fjs\u002Fuix-usercenter.js",[],[535],[539,540],"uix-usercenter\u002Fassets\u002Fcss\u002Fuix-usercenter.css?ver=","uix-usercenter\u002Fassets\u002Fjs\u002Fuix-usercenter.js?ver=",{"cssClasses":542,"htmlComments":546,"htmlAttributes":548,"restEndpoints":551,"jsGlobals":555,"shortcodeOutput":558},[543,544,545],"uix-usercenter-login-form","uix-usercenter-register-form","uix-usercenter-password-reset-form",[547],"\u003C!-- Uix UserCenter notices -->",[549,550],"data-uix-usercenter-action","data-uix-usercenter-nonce",[552,553,554],"\u002Fwp-json\u002Fuix-usercenter\u002Fv1\u002Flogin","\u002Fwp-json\u002Fuix-usercenter\u002Fv1\u002Fregister","\u002Fwp-json\u002Fuix-usercenter\u002Fv1\u002Flogout",[556,557],"uix_usercenter_ajax_url","uix_usercenter_nonces",[559,560,561],"[uix_usercenter_login]","[uix_usercenter_register]","[uix_usercenter_password_reset]"]