[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKMvh3-1guxrOSSeSQRysbMEnaBYpMNJpg1c2-aKLpow":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":163,"fingerprints":232},"ultimate-category-excluder","Ultimate Category Excluder","1.7","Marios Alexandrou","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarios-alexandrou\u002F","\u003Cp>Ultimate Category Excluder, abbreviated as UCE, is a WordPress plugin that allows you to quickly and easily exclude categories from your front page, archives, feeds, and searches. Just select which categories you want to be excluded, and UCE does all the work for you!\u003C\u002Fp>\n","Ultimate Category Excluder allows you to quickly and easily exclude categories from your front page, archives, feeds, and search results.",50000,549023,84,77,"2025-12-29T14:20:00.000Z","6.9.4","5.0","",[20,21,22,23,24],"exclude-categories","exclude-category","hidden-category","hide-categories","hide-category","http:\u002F\u002Finfolific.com\u002Ftechnology\u002Fsoftware-worth-using\u002Fultimate-category-excluder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-category-excluder.zip",99,1,0,"2020-01-08 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2020-35135","ultimate-category-excluder-cross-site-request-forgery","Ultimate Category Excluder \u003C= 1.1 - Cross-Site Request Forgery","The Ultimate Category Excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF.",null,"\u003C=1.1","1.2","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0e30d2ca-1918-4fcf-979e-7cae0d84529e?source=api-prod",1476,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":27,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},"marios-alexandrou",7,195200,1456,78,"2026-04-04T15:23:58.031Z",[57,77,98,121,140],{"slug":58,"name":59,"version":40,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":51,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":74,"download_link":75,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wonderplugin-exclude-category","Exclude Category from Blog","WonderPlugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fwonderplugin\u002F","\u003Cp>\u003Cstrong>Exclude Categories from Blog\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Exclude Category from Blog is a WordPress plugin to exclude categories from WordPress blog page, home page and search result.\u003C\u002Fp>\n\u003Cp>When you setup a WordPress blog, by default, WordPress will display posts from all categories on your home page or blog page. In some cases, you may want to exclude some posts from displaying on the blog, for example, password protected posts or posts that are not part of your normal blog content. You can assign these posts to a category, then use Exclude Category from Blog to stop them from displaying on the blog.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Exclude categories from WordPress blog page or home page\u003C\u002Fli>\n\u003Cli>Exclude categories from search result\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How to Use\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>After the plugin is installed and activated, in WordPress backend, goto left menu Settings -> Exclude Categories, configure the categories to be excluded\u003C\u002Fli>\n\u003C\u002Ful>\n","Exclude categories from WordPress blog page, home page and search",1000,11204,80,"2023-12-05T23:38:00.000Z","6.4.8","3.6",[20,21,71,72,73],"exclude-category-from-blog","exclude-category-from-home","exclude-category-from-search","https:\u002F\u002Fwww.wonderplugin.com\u002Fwordpress-exclude-category-from-blog\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwonderplugin-exclude-category.zip",85,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":17,"requires_php":18,"tags":91,"homepage":96,"download_link":97,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"display-categories-widget","Display Categories Widget","3.1","iteamweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fiteamweb\u002F","\u003Cp>Display Categories Widget will display Child categories on your sidebar. Can be placed on widget in sidebar.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our development is being tracked on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fiteamweb\u002FDisplay-Categories-Widget\" rel=\"nofollow ugc\">GitHub URL\u003C\u002Fa>. Please fork, code, raise pull request, suggest improvements on GitHub.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Limit number of categories that appears.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Exclude categories from display.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Restrict levels of categories that can be shown.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display categories as list or dropdown.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Hide categories that does not have any posts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display\u002FHide number of posts available in categories.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display\u002FHide category description on hover in title attribute\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FhFwz-yDu710?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Ch4>How to contact plugin support?\u003C\u002Fh4>\n\u003Cp>We support through https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisplay-categories-widget and http:\u002F\u002Fwww.iteamweb.com\u002Fopen-source-softwares\u002Fwordpress\u002Fwordpress-plugins\u002Fdisplay-categories-widget\u002F\u003C\u002Fp>\n\u003Ch3>Arbitrary section 1\u003C\u002Fh3>\n","Display Categories Widget will display Child categories on your sidebar. Can be placed on widget in sidebar.",4000,85039,96,25,"2019-11-03T07:24:00.000Z","5.2.24",[92,23,93,94,95],"categories","list-categories","select-categories","widget","http:\u002F\u002Fwww.iteamweb.com\u002Fopen-source-softwares\u002Fwordpress\u002Fwordpress-plugins\u002Fdisplay-categories-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-categories-widget.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":16,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":118,"download_link":119,"security_score":120,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"hide-cart-functions","Hide Cart Functions","1.2.16","artiosmedia","https:\u002F\u002Fprofiles.wordpress.org\u002Fartiosmedia\u002F","\u003Cp>Several plugins offer the ability to edit the shopping cart functions on the page, including hiding the price, “Add to Cart” button, quantity selector, and product options dropdown, but not often in one plugin. Additionally, none of the available plugins or snippets allow a custom message to appear in any format, including embedded graphics, nor do they allow any combination of hidden shopping cart elements on the same WooCommerce website.\u003C\u002Fp>\n\u003Cp>At least not until now! \u003Cstrong>Hide Cart Functions\u003C\u002Fstrong> gives a WooCommerce website complete control over each user’s side shop’s functionality while allowing users to create multiple rules to apply to various categories or products within the same system.\u003C\u002Fp>\n\u003Cp>Take your shopping page edits one step further; a user can also enter IDs or classes to hide custom elements. This additional provision enables users to customize third-party plugin functions beyond WooCommerce options or adjust those provided by themes with WooCommerce templates. This extra level of customization may yield unexpected results; therefore, use it at your own discretion and thoroughly test it. We cannot resolve any conflicts resulting from the use of this field.\u003C\u002Fp>\n\u003Ch4>How to Find a Product ID\u003C\u002Fh4>\n\u003Cp>Open your WordPress dashboard and click on Pages > All Pages. Then, select the page for which you need to find the ID. Once the page has opened, you need to look at the URL in your web browser’s address bar. Here, you will find the page ID number displayed in the page URL, immediately after ?post=.\u003C\u002Fp>\n\u003Ch4>Plugin Limitation\u003C\u002Fh4>\n\u003Cp>As a disclaimer to this plugin’s capabilities, it is not possible to create a rule to customize the cart functions for any individual Variable Post ID found within a variable product post. The plugin can only modify the tasks of a Product ID or Category ID due to WooCommerce’s inherent limits, not because of the plugin.\u003C\u002Fp>\n\u003Ch4>As of version 1.0.4\u003C\u002Fh4>\n\u003Cp>A requested setting has been added to each rule that allows you to apply it to Guest Users only or Logged-In users only, but not both at once, which would cause a conflict. Leave both unchecked to apply to all users.\u003C\u002Fp>\n\u003Ch4>As of version 1.0.5\u003C\u002Fh4>\n\u003Cp>Search and select for products with a 3-letter minimum length was added to ease selecting products for which the rule applies. This addition works in conjunction with the Product ID field, allowing you to use one, both, or neither at the same time.\u003C\u002Fp>\n\u003Ch4>As of version 1.2.16\u003C\u002Fh4>\n\u003Cp>New Store-Wide Settings section added with two security options to combat carding attacks. Carding is when bots use your WooCommerce checkout to test stolen credit card numbers by posting directly to checkout endpoints, bypassing any hidden buttons. “Cripple Bots” requires a valid cart session before checkout, blocking direct POST attacks while allowing real customers to shop normally. “Disable Purchases” completely blocks all code-activated purchases as a temporary nuclear option during active attacks. Both settings apply globally and are independent of individual product rules.\u003C\u002Fp>\n\u003Cp>Also added “Show Login Button” option which displays a login button in place of the hidden Add to Cart button for guest users. Works with “Guests Only” to encourage visitors to log in to see prices and make purchases. Includes customizable button text and configurable return URL (Current Product Page, Shop Page, Home Page, or My Account Page) so customers return to where they were browsing after logging in.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>All text strings use WordPress translation functions. Includes complete translations for English, Spanish, French, German, Portuguese, Dutch, Polish, Finnish, and Russian. Any edits to the PO files or additional languages are welcome.\u003C\u002Fp>\n\u003Ch4>Donations\u003C\u002Fh4>\n\u003Cp>If this free effort assists you, please consider making a small donation from the main plugin page, found on the lower right. All funds assist orphans in destitution.\u003C\u002Fp>\n\u003Ch3>Technical Details for Release 1.2.16\u003C\u002Fh3>\n\u003Cp>Load time: 0.409 s; Memory usage: 59.62 MiB\u003Cbr \u002F>\nPHP up to tested version: 8.4.17\u003Cbr \u002F>\nMySQL up to tested version: 8.4.8\u003Cbr \u002F>\nMariaDB up to tested version: 12.1.2\u003Cbr \u002F>\ncURL up to tested version: 8.18.0, OpenSSL\u002F3.6.1\u003Cbr \u002F>\nPHP 7.4, 8.0, 8.1, 8.2, 8.3, and 8.4 compliant. Not tested on 8.5 yet.\u003C\u002Fp>\n\u003Ch3>Using in Multisite Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Extract the zip file contents in the wp-content\u002Fmu-plugins\u002F directory of your WordPress installation. (This is not created by default. You must create it in the wp-content folder.) The ‘mu’ does not stand for multi-user as it did for WPMU, it stands for ‘must-use’ as any code placed in that folder will run without needing to be activated.\u003C\u002Fli>\n\u003Cli>Follow the plugin setting panel in the WordPress settings menu.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Privacy & Data\u003C\u002Fh3>\n\u003Cp>This plugin operates entirely on your server with no external services, APIs, or data transmission. All rule settings are stored locally in your WordPress database (wp_options table). No visitor data is collected, tracked, or shared beyond standard WordPress and WooCommerce functionality.\u003C\u002Fp>\n\u003Cp>The Cripple Bots security feature uses WooCommerce’s built-in session system to validate that customers added items to their cart before checkout. No additional cookies are created. Blocked bot attempts are logged to WooCommerce’s standard log system (wc-logs) for security monitoring, including the IP address of the blocked request.\u003C\u002Fp>\n\u003Cp>The Show Login Button feature redirects guests to the standard WordPress\u002FWooCommerce login page with a return URL parameter – no tracking is involved.\u003C\u002Fp>\n\u003Cp>Complete deletion of all plugin settings is available by enabling “Delete Data on Uninstall” in Store-Wide Settings before uninstalling.\u003C\u002Fp>\n","Hide the product's price, add-to-cart button, quantity, and options on any product and order. Inject an optional message.",3000,43017,98,12,"2026-02-04T00:15:00.000Z","5.8","7.4",[114,24,115,116,117],"hide-add-to-cart","hide-option","hide-price","hide-quantity","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-cart-functions","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-cart-functions.1.2.16.zip",100,{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":87,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":18,"tags":135,"homepage":138,"download_link":139,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"pro-categories-widget","Pro Categories Widget","1.3","Shambhu Patnaik","https:\u002F\u002Fprofiles.wordpress.org\u002Fshambhu-patnaik\u002F","\u003Cp>Pro Categories Widget plugin.You have choice to specific categories exclude.\u003C\u002Fp>\n\u003Ch4>Features :\u003C\u002Fh4>\n\u003Col>\n\u003Cli>You have choice to specific categories exclude.\u003C\u002Fli>\n\u003Cli>Show post count like WordPress category widget.\u003C\u002Fli>\n\u003Cli>Exclude multiple categories (comma separated).\u003C\u002Fli>\n\u003Cli>Show all categories.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>More detail : http:\u002F\u002Fsocialcms.wordpress.com\u002F\u003C\u002Fp>\n","Pro Categories Widget plugin.You have choice to specific categories exclude.",900,22864,11,"2019-03-26T04:17:00.000Z","5.1.22","2.9",[136,20,137,122],"advanced-categories-widget","exclude-categories-widget","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpro-categories-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpro-categories-widget.zip",{"slug":141,"name":142,"version":143,"author":144,"author_profile":145,"description":146,"short_description":147,"active_installs":148,"downloaded":149,"rating":150,"num_ratings":151,"last_updated":152,"tested_up_to":153,"requires_at_least":154,"requires_php":18,"tags":155,"homepage":161,"download_link":162,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"advanced-sitemap-generator","Advanced Sitemap Generator","1.1.1","Sparx IT Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fsparxit\u002F","\u003Cp> This plugin is the most powerfull plugin which easily display your post and page through shortcode on front end.You just need to put shortcode([sitemap]) on your page\u002Fpost. \u003C\u002Fp>\n\u003Cp> If you want to exclude pages then put ([sitemap excludepage=”1,4″]) where 1,4 are the page id seperated by the comma’s. \u003C\u002Fp>\n\u003Cp> If you want to exclude  post from a specific categories then put ([sitemap  excludepage=”1,4″ excludecat=”6,3″]) where 6,3 are the category id seperated by the comma’s. \u003C\u002Fp>\n\u003Cp> If you want to exclude specific posts then put ([sitemap excludepage=”1,4″ excludecat=”6,3″ excludepost=”1,183″]) where 1,183 are the post id seperated by the comma’s. \u003C\u002Fp>\n\u003Cp> If you want to show custom link “home” then put ([sitemap excludepage=”1,4″ excludecat=”6,3″ excludepost=”1,183″ home=”yes”]) \u003C\u002Fp>\n\u003Cp> If you want to show specific number of post then put ([sitemap excludepage=”1,4″ excludecat=”6,3″ excludepost=”1,183″ home=”yes” postcount=”4″]) where 4 is the number of post to show \u003C\u002Fp>\n\u003Cp> If you don’t want to show any of the post put ([sitemap showpost=”no”]) \u003C\u002Fp>\n\u003Cp> For more plugins, themes and WordPress support , Please visit http:\u002F\u002Fwww.csschopper.com\u002F \u003C\u002Fp>\n","This plugin easily display you post and page through shortcode on front end.You just need to put shortcode([sitemap]) on your page or post.",400,22377,86,8,"2014-08-13T09:26:00.000Z","3.9.40","2.9.1",[156,157,158,159,160],"exclude-category-posts","page-sitemap","posts-sitemap","simple-sitemap","sitemap","http:\u002F\u002Fwww.csschopper.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-sitemap-generator.1.1.1.zip",{"attackSurface":164,"codeSignals":189,"taintFlows":219,"riskAssessment":220,"analyzedAt":231},{"hooks":165,"ajaxHandlers":185,"restRoutes":186,"shortcodes":187,"cronEvents":188,"entryPointCount":29,"unprotectedCount":29},[166,172,177,181],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","admin_menu","ksuce_admin_menu","ultimate-category-excluder.php",33,{"type":173,"name":174,"callback":175,"file":170,"line":176},"filter","pre_get_posts","ksuce_exclude_categories",34,{"type":167,"name":178,"callback":179,"file":170,"line":180},"xmlrpc_call","ksuce_detect_xmlrpc_api",39,{"type":167,"name":182,"callback":183,"file":170,"line":184},"rest_api_init","ksuce_detect_rest_api",40,[],[],[],[],{"dangerousFunctions":190,"sqlUsage":191,"outputEscaping":196,"fileOperations":29,"externalRequests":29,"nonceChecks":28,"capabilityChecks":29,"bundledLibraries":218},[],{"prepared":29,"raw":28,"locations":192},[193],{"file":170,"line":194,"context":195},132,"$wpdb->get_var() with variable interpolation",{"escaped":29,"rawEcho":197,"locations":198},9,[199,202,204,206,208,210,212,214,216],{"file":170,"line":200,"context":201},82,"raw output",{"file":170,"line":203,"context":201},107,{"file":170,"line":205,"context":201},108,{"file":170,"line":207,"context":201},109,{"file":170,"line":209,"context":201},110,{"file":170,"line":211,"context":201},111,{"file":170,"line":213,"context":201},129,{"file":170,"line":215,"context":201},131,{"file":170,"line":217,"context":201},133,[],[],{"summary":221,"deductions":222},"The static analysis of 'ultimate-category-excluder' v1.7 indicates a relatively small attack surface, with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are directly exposed without authentication. This suggests a generally good design principle in limiting entry points. However, the code analysis reveals significant concerns regarding data handling.  Specifically, 100% of the SQL queries are not using prepared statements, and 100% of output is not properly escaped. This represents a critical weakness, as it opens the plugin to potential SQL injection and cross-site scripting (XSS) vulnerabilities, even if no specific taint flows were detected in this static analysis pass. The presence of a historical high-severity CVE, which was a Cross-Site Request Forgery (CSRF), further highlights past security oversights and suggests a pattern of vulnerabilities that, while potentially patched in older versions, indicates areas of past weakness in sanitization and protection against malicious input. While the plugin has a good defense in depth strategy by limiting direct entry points, the lack of secure coding practices in SQL and output handling presents a substantial risk.",[223,226,228],{"reason":224,"points":225},"Raw SQL queries without prepared statements",10,{"reason":227,"points":151},"Output not properly escaped",{"reason":229,"points":230},"Historical high-severity CVE (CSRF)",15,"2026-03-16T17:19:13.164Z",{"wat":233,"direct":238},{"assetPaths":234,"generatorPatterns":235,"scriptPaths":236,"versionParams":237},[],[],[],[],{"cssClasses":239,"htmlComments":242,"htmlAttributes":243,"restEndpoints":251,"jsGlobals":252,"shortcodeOutput":253},[240,241],"wrap","widefat",[],[244,245,246,247,248,249,250],"name=\"exclude_main[]\"","name=\"exclude_feed[]\"","name=\"exclude_archives[]\"","name=\"exclude_search[]\"","name=\"disable_for_api\"","id=\"disable_for_api\"","name=\"ksuce\"",[],[],[]]