[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5XqEI3lkIiqb6ds8fosXXKODYSIAGsGSZZYydOD2aRs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":146,"fingerprints":301},"user-last-visit","User Last Visit","1.0","CNHK SYSTEMS","https:\u002F\u002Fprofiles.wordpress.org\u002Fcnhk_systems\u002F","\u003Cp>The plugin keeps record in UNIX timstamp format of the last time each logged in user visits the site. Record for each user is directly\u003Cbr \u002F>\nvisible on the users list table in the admin panel. The plugin also provides some utility function and hook.\u003C\u002Fp>\n\u003Ch4>Function Description\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Ccode>user_last_visit( $user_id = \"current\", $verbose = TRUE );\u003C\u002Fcode>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Parameters :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>mixed \u003Ccode>$user_id\u003C\u002Fcode>, the user ID or “current” for the current user (logged in user). default: “current”.\u003C\u002Fli>\n\u003Cli>bool \u003Ccode>$verbose\u003C\u002Fcode>, if \u003Ccode>TRUE\u003C\u002Fcode> the result returned is a literal expression of the last visit time. default: \u003Ccode>TRUE\u003C\u002Fcode>. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Returned value :\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If \u003Ccode>$verbose\u003C\u002Fcode> is \u003Ccode>TRUE\u003C\u002Fcode> a string is returned. If \u003Ccode>$verbose\u003C\u002Fcode> is \u003Ccode>FALSE\u003C\u002Fcode> the UNIX timestamp of last visit is returned. When the user is not logged in, or when there is no record yet, the function return \u003Ccode>FALSE\u003C\u002Fcode> if \u003Ccode>$verbose\u003C\u002Fcode> is set to \u003Ccode>FALSE\u003C\u002Fcode>, a string if \u003Ccode>$verbose\u003C\u002Fcode> is \u003Ccode>TRUE\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch4>Filter Hook\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Ccode>\"ulv-can-record\"\u003C\u002Fcode>\u003C\u002Fstrong> : located in \u003Ccode>\".\u002Fincludes\u002Fuser-last-visit.class.php\"\u003C\u002Fcode> around line #24\u003C\u002Fp>\n\u003Cp>Some users or some pages can be excluded for last visit recording. There is an admin page for that. But you can also add some additional filtering via this hook. This filter hook is applied within a \u003Ccode>wp_loaded\u003C\u002Fcode> action. So you must attach your functions before that (typically on \u003Ccode>init\u003C\u002Fcode>, once the user is authenticated).\u003Cbr \u002F>\nYou can eventually use the \u003Ccode>User_Last_Visit\u003C\u002Fcode> class separately in your theme\u002Fplugin.\u003C\u002Fp>\n\u003Ch4>Available Translations\u003C\u002Fh4>\n\u003Cp>Français\u003C\u002Fp>\n","The plugin keeps record on each user last visit time using logged-in status, user ID and user meta data. Multisite compatible.",30,2425,90,2,"2016-12-11T17:34:00.000Z","4.2.39","3.8","",[20,21,22,23,24],"logged-in","multisite","record","user","visit","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-last-visit.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":11,"trust_score":35,"computed_at":36},"cnhk_systems",3,80,84,"2026-04-04T21:16:02.488Z",[38,61,85,108,128],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"user-switching","User Switching","1.11.2","John Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnbillion\u002F","\u003Cp>This plugin allows you to quickly swap between user accounts in WordPress at the click of a button. You’ll be instantly logged out and logged in as your desired user. This is handy for helping customers on WooCommerce sites, membership sites, testing environments, or for any site where administrators need to switch between multiple accounts.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Switch user: Instantly switch to any user account from the \u003Cem>Users\u003C\u002Fem> screen.\u003C\u002Fli>\n\u003Cli>Switch back: Instantly switch back to your originating account.\u003C\u002Fli>\n\u003Cli>Switch off: Log out of your account but retain the ability to instantly switch back in again.\u003C\u002Fli>\n\u003Cli>Compatible with Multisite, WooCommerce, BuddyPress, and bbPress.\u003C\u002Fli>\n\u003Cli>Compatible with most membership and user management plugins.\u003C\u002Fli>\n\u003Cli>Compatible with most two-factor authentication solutions (see the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for more info).\u003C\u002Fli>\n\u003Cli>Approved for use on enterprise-grade WordPress platforms such as \u003Ca href=\"https:\u002F\u002Fwww.altis-dxp.com\u002F\" rel=\"nofollow ugc\">Altis\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwpvip.com\u002F\" rel=\"nofollow ugc\">WordPress VIP\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: User Switching supports versions of WordPress up to three years old, and PHP version 7.4 or higher.\u003C\u002Fp>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Only users with the ability to edit other users can switch user accounts. By default this is only Administrators on single site installations, and Super Admins on Multisite installations.\u003C\u002Fli>\n\u003Cli>Passwords are not (and cannot be) revealed.\u003C\u002Fli>\n\u003Cli>Uses the cookie authentication system in WordPress when remembering the account(s) you’ve switched from and when switching back.\u003C\u002Fli>\n\u003Cli>Implements the nonce security system in WordPress, meaning only those who intend to switch users can switch.\u003C\u002Fli>\n\u003Cli>Full support for user session validation where appropriate.\u003C\u002Fli>\n\u003Cli>Full support for HTTPS.\u003C\u002Fli>\n\u003Cli>Backed by \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fvdp\u002Fuser-switching\" rel=\"nofollow ugc\">the Patchstack Vulnerability Disclosure Program\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit the \u003Cem>Users\u003C\u002Fem> menu in WordPress and you’ll see a \u003Cem>Switch To\u003C\u002Fem> link in the list of action links for each user.\u003C\u002Fli>\n\u003Cli>Click this and you will immediately switch into that user account.\u003C\u002Fli>\n\u003Cli>You can switch back to your originating account via the \u003Cem>Switch back\u003C\u002Fem> link on each dashboard screen or in your profile menu in the WordPress toolbar.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for information about the \u003Cem>Switch Off\u003C\u002Fem> feature.\u003C\u002Fp>\n\u003Ch3>Other Plugins\u003C\u002Fh3>\n\u003Cp>I maintain several other plugins for developers. Check them out:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquery-monitor\u002F\" rel=\"ugc\">Query Monitor\u003C\u002Fa> is the developer tools panel for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-crontrol\u002F\" rel=\"ugc\">WP Crontrol\u003C\u002Fa> lets you view and control what’s happening in the WP-Cron system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Statement\u003C\u002Fh3>\n\u003Cp>User Switching does not send data to any third party, nor does it include any third party resources, nor will it ever do so.\u003C\u002Fp>\n\u003Cp>User Switching makes use of browser cookies in order to allow users to switch to another account. Its cookies operate using the same mechanism as the authentication cookies in WordPress core, which means their values contain the user’s \u003Ccode>user_login\u003C\u002Fcode> field in plain text which should be treated as potentially personally identifiable information (PII) for privacy and regulatory reasons (GDPR, CCPA, etc). The names of the cookies are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wordpress_user_sw_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_secure_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_olduser_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See also the FAQ for some questions relating to privacy and safety when switching between users.\u003C\u002Fp>\n\u003Ch3>Accessibility Statement\u003C\u002Fh3>\n\u003Cp>User Switching aims to be fully accessible to all of its users. It implements best practices for web accessibility, outputs semantic and structured markup, adheres to the default styles and accessibility guidelines of WordPress, uses the accessibility APIs provided by WordPress and web browsers where appropriate, and is fully accessible via keyboard.\u003C\u002Fp>\n\u003Cp>User Switching should adhere to Web Content Accessibility Guidelines (WCAG) 2.0 at level AA when used with a recent version of WordPress where its admin area itself adheres to these guidelines. If you’ve experienced or identified an accessibility issue in User Switching, please open a thread in \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fuser-switching\u002F\" rel=\"ugc\">the User Switching plugin support forum\u003C\u002Fa> and I’ll address it swiftly.\u003C\u002Fp>\n","Instant switching between user accounts in WordPress and WooCommerce.",200000,5499975,98,239,"2026-02-27T00:17:00.000Z","6.9.4","6.1","7.4",[55,21,39,56,57],"fast-user-switching","users","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-switching.1.11.2.zip",100,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":51,"requires_at_least":74,"requires_php":53,"tags":75,"homepage":81,"download_link":82,"security_score":60,"vuln_count":83,"unpatched_count":27,"last_vuln_date":84,"fetched_at":29},"when-last-login","When Last Login","1.2.3","Andrew Lima","https:\u002F\u002Fprofiles.wordpress.org\u002Fandrewza\u002F","\u003Cp>A lightweight plugin that allows you to see active users according to their last login time\u002Fdate. No need to configure, simply activate When Last and you’re ready to go! This adds a custom column to your WordPress users list of “Last Login” and a timestamp linked to that user.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Show when last a user has logged into your site.\u003C\u002Fli>\n\u003Cli>Sorts users according to last login time stamp (Ascending\u002FDescending) in the WordPress user list.\u003C\u002Fli>\n\u003Cli>Administrator widget for top 3 users according to login count.\u003C\u002Fli>\n\u003Cli>Integrates with Paid Memberships Pro  1.8+ – Add’s a ‘Last Logged In’ column to the ‘Members List’.\u003C\u002Fli>\n\u003Cli>Generates a login history table under ‘When Last Login’ > ‘All Login Records’. \u003C\u002Fli>\n\u003Cli>Hooks and filters for developers.\u003C\u002Fli>\n\u003Cli>Record the user’s last IP address when logging into your WordPress website (Optional Setting).\u003C\u002Fli>\n\u003Cli>A variety of \u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=premium_addons\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> and Free add-ons available. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwhen-last-login-welcome-email-add-on\u002F\" rel=\"ugc\">When Last Login – Welcome Email\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwhen-last-login-export-user-records\u002F\" rel=\"ugc\">When Last Login – Export User Records\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002Fwhen-last-login-slack-notifications\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=slack_notifications\" rel=\"nofollow ugc\">When Last Login – Slack Notifications\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002Fwhen-last-login-user-statistics\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=user_statistics\" rel=\"nofollow ugc\">When Last Login – User Statistics\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002Fzapier-integration\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=zapier_integration\" rel=\"nofollow ugc\">When Last Login – Zapier Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>When Last Login in your Language\u003C\u002Fh4>\n\u003Cp>We need your help to translate When Last Login into your locale. To translate When Last Login, simply visit \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwhen-last-login\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwhen-last-login\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Track Your Members Better\u003C\u002Fh4>\n\u003Cp>You are able to track which members login to your site by simply sorting your default user’s list according to when last the user was seen in easily readable text such as “X Min\u002FHours\u002FDays\u002FWeeks\u002FMonths\u002FYears”.\u003C\u002Fp>\n\u003Ch4>Plugins that When Last Login integrates with\u003C\u002Fh4>\n\u003Cp>Here is a list of plugins we currently support:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paidmembershipspro.com\u002F\" rel=\"nofollow ugc\">Paid Memberships Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftwo-factor\u002F\" rel=\"ugc\">Two Factor Authentication\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have a plugin and would like to integrate with When Last Login, please open a support thread.\u003C\u002Fp>\n\u003Ch4>Need Help\u003C\u002Fh4>\n\u003Cp>Something not working as intended or have a question about functionality of When Last Login. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwhen-last-login\" rel=\"ugc\">Open a support thread\u003C\u002Fa>\u003C\u002Fp>\n","Show a users last login date by creating a sortable column in your WordPress users list.",50000,184463,94,36,"2025-12-03T08:51:00.000Z","5.0",[76,77,78,79,80],"last-logged-in","last-login","last-seen","user-login","user-login-time","https:\u002F\u002Fwhenlastlogin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhen-last-login.1.2.3.zip",1,"2023-03-01 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":60,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":99,"tags":100,"homepage":18,"download_link":105,"security_score":106,"vuln_count":83,"unpatched_count":27,"last_vuln_date":107,"fetched_at":29},"delete-me","Delete Me","3.2","cmc3215","https:\u002F\u002Fprofiles.wordpress.org\u002Fcmc3215\u002F","\u003Cp>Allow users with specific WordPress roles to delete themselves from the \u003Cstrong>Your Profile\u003C\u002Fstrong> page or anywhere Shortcodes can be used using the Shortcode \u003Ccode>[plugin_delete_me \u002F]\u003C\u002Fcode>.\u003Cbr \u002F>\nSettings for this plugin are found on the \u003Cstrong>Settings -> Delete Me\u003C\u002Fstrong> subpanel. Multisite and Network Activation supported.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How it works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>A user clicks the delete link, which defaults to “Delete Account”, but can be changed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>User is asked to confirm they want to delete themselves.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If confirmed, user and all their Posts, Links, and (optionally) Comments are deleted.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Deleted user (optionally) redirected to landing page URL, default is homepage, can be changed or left blank.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Settings available:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Enable or disable Network Wide, which applies a single page of settings across all Multisite network Sites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Select specific WordPress roles (e.g. Subscriber) you want to allow to delete themselves using Delete Me.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>class\u003C\u002Fcode> and \u003Ccode>style\u003C\u002Fcode> attributes of the delete link.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>\u003Ca>\u003C\u002Fcode> tag clickable content of the delete link.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Landing page URL.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Your Profile\u003C\u002Fstrong> confirmation page Heading, Warning, Password (optionally require password), Button.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Enable or disable delete link on the \u003Cstrong>Your Profile\u003C\u002Fstrong> page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Javascript confirm text for Shortcode.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Enable or disable Javascript confirm for Shortcode.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Enable or disable using a form (require password) instead of a link for Shortcode.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Multisite: Delete user from entire Network or current Site only.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Delete comments.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>E-mail notification when a user deletes themselves.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Allow users with specific WordPress roles to delete themselves from the Your Profile page or anywhere Shortcodes can be used.",8000,107894,23,"2024-06-02T14:24:00.000Z","6.5.8","3.7","5.2.4",[101,102,21,103,104],"delete","gdpr","unsubscribe","user-management","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdelete-me.3.2.zip",92,"2023-10-23 00:00:00",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":60,"num_ratings":118,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":18,"tags":122,"homepage":126,"download_link":127,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"woo-for-logged-users","Require Login for WooCommerce","1.4.1","Ramon Ahnert","https:\u002F\u002Fprofiles.wordpress.org\u002Frahmohn\u002F","\u003Cp>Set the WooCommerce Shop only for logged-in users. Just activate the plugin and users not logged-in will be redirected to “My Account” page by default to login.\u003C\u002Fp>\n","Set the WooCommerce Shop only for logged-in users. Just activate the plugin.",2000,29963,10,"2025-09-21T11:35:00.000Z","6.8.5","3.0.1",[20,123,124,125,57],"logged-in-user","only-logged-in-user","shop","https:\u002F\u002Fgithub.com\u002FRahmon\u002Fwoo-for-logged-users","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-for-logged-users.1.4.1.zip",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":136,"downloaded":137,"rating":48,"num_ratings":138,"last_updated":139,"tested_up_to":51,"requires_at_least":140,"requires_php":18,"tags":141,"homepage":144,"download_link":145,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"user-access-shortcodes","User Access Shortcodes","2.3","WP Darko","https:\u002F\u002Fprofiles.wordpress.org\u002Fspwebguy\u002F","\u003Cp>This is the simplest way of controlling who sees what in your posts\u002Fpages. This plugin allows you to restrict content to logged in users only (or guests, or by roles) with simple shortcodes. What you see is what you get, and it’s totally free.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Show content only for Guests\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_guest]\nThis content can only be seen by guests.\n[\u002FUAS_guest]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content only for Registered\u002FLogged in users\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_loggedin]\nThis content can only be seen by logged in users.\n[\u002FUAS_loggedin]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content ony for specific roles\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_role roles=\"administrator, editor\"]\nThis content can only be seen by administrators and editors.\n[\u002FUAS_role]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content ony for specific users\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_specific ids=\"23, 127\"]\nThis content can only be seen by users with IDs 23 and 127.\n[\u002FUAS_specific]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Several extra parameters are available, please go to \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\u002Fget-started-with-the-user-access-shortcodes-plugin\u002F\" rel=\"nofollow ugc\">the plugin’s documentation\u003C\u002Fa> if you need more information on how to use this plugin.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Find help on \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\" rel=\"nofollow ugc\">our support platform\u003C\u002Fa> for this plugin (we’ll answer you fast, promise).\u003C\u002Fp>\n","The simplest way of controlling who sees what in your posts\u002Fpages. Restrict content to logged in users only (or guests, or by roles) with simple short &hellip;",1000,23406,13,"2026-01-29T19:32:00.000Z","3.6",[142,143,20,23,56],"access-shortcodes","logged","https:\u002F\u002Fwpdarko.com\u002Fsupport\u002Fget-started-with-the-user-access-shortcodes-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-access-shortcodes.2.3.zip",{"attackSurface":147,"codeSignals":199,"taintFlows":230,"riskAssessment":286,"analyzedAt":300},{"hooks":148,"ajaxHandlers":190,"restRoutes":196,"shortcodes":197,"cronEvents":198,"entryPointCount":83,"unprotectedCount":83},[149,154,157,161,165,170,174,179,183,186],{"type":150,"name":151,"callback":151,"file":152,"line":153},"action","admin_menu","includes\\ulv-admin.class.php",18,{"type":150,"name":155,"callback":155,"priority":83,"file":152,"line":156},"init",19,{"type":150,"name":158,"callback":159,"file":152,"line":160},"admin_enqueue_scripts","enqueue_scripts",20,{"type":150,"name":162,"callback":163,"file":152,"line":164},"admin_print_scripts","print_scripts",21,{"type":166,"name":167,"callback":168,"file":152,"line":169},"filter","manage_users_columns","set_users_columns",22,{"type":166,"name":171,"callback":172,"priority":173,"file":152,"line":95},"manage_users_custom_column","users_columns",6,{"type":166,"name":175,"callback":176,"priority":118,"file":177,"line":178},"ulv-can-record","record_filter","includes\\ulv-public.class.php",34,{"type":150,"name":180,"callback":181,"file":177,"line":182},"plugins_loaded","load_plugin_textdomain",35,{"type":150,"name":184,"callback":184,"file":185,"line":138},"wp_loaded","includes\\user-last-visit.class.php",{"type":150,"name":180,"callback":187,"file":188,"line":189},"get_instance","main.php",26,[191],{"action":192,"nopriv":193,"callback":194,"hasNonce":193,"hasCapCheck":193,"file":195,"line":118},"ulv_user_preview",false,"user_preview","includes\\ulv-ajax-cb.php",[],[],[],{"dangerousFunctions":200,"sqlUsage":201,"outputEscaping":203,"fileOperations":27,"externalRequests":27,"nonceChecks":14,"capabilityChecks":27,"bundledLibraries":229},[],{"prepared":27,"raw":27,"locations":202},[],{"escaped":204,"rawEcho":205,"locations":206},8,12,[207,210,212,213,215,217,219,221,223,224,225,227],{"file":152,"line":208,"context":209},95,"raw output",{"file":195,"line":211,"context":209},25,{"file":195,"line":11,"context":209},{"file":195,"line":214,"context":209},48,{"file":195,"line":216,"context":209},53,{"file":218,"line":173,"context":209},"views\\admin-page.php",{"file":218,"line":220,"context":209},38,{"file":218,"line":222,"context":209},47,{"file":218,"line":35,"context":209},{"file":218,"line":26,"context":209},{"file":218,"line":226,"context":209},87,{"file":218,"line":228,"context":209},97,[],[231,249,268,277],{"entryPoint":232,"graph":233,"unsanitizedCount":83,"severity":248},"refresh_page (includes\\ulv-admin.class.php:193)",{"nodes":234,"edges":246},[235,240],{"id":236,"type":237,"label":238,"file":152,"line":239},"n0","source","$_SERVER",201,{"id":241,"type":242,"label":243,"file":152,"line":244,"wp_function":245},"n1","sink","wp_redirect() [Open Redirect]",203,"wp_redirect",[247],{"from":236,"to":241,"sanitized":193},"medium",{"entryPoint":250,"graph":251,"unsanitizedCount":33,"severity":248},"user_preview (includes\\ulv-ajax-cb.php:18)",{"nodes":252,"edges":264},[253,255,258,261],{"id":236,"type":237,"label":254,"file":195,"line":160},"$_POST (x3)",{"id":241,"type":242,"label":256,"file":195,"line":211,"wp_function":257},"echo() [XSS]","echo",{"id":259,"type":237,"label":260,"file":195,"line":160},"n2","$_POST",{"id":262,"type":242,"label":256,"file":195,"line":263,"wp_function":257},"n3",54,[265,266],{"from":236,"to":241,"sanitized":193},{"from":259,"to":262,"sanitized":267},true,{"entryPoint":269,"graph":270,"unsanitizedCount":27,"severity":276},"\u003Culv-admin.class> (includes\\ulv-admin.class.php:0)",{"nodes":271,"edges":274},[272,273],{"id":236,"type":237,"label":238,"file":152,"line":239},{"id":241,"type":242,"label":243,"file":152,"line":244,"wp_function":245},[275],{"from":236,"to":241,"sanitized":267},"low",{"entryPoint":278,"graph":279,"unsanitizedCount":27,"severity":276},"\u003Culv-ajax-cb> (includes\\ulv-ajax-cb.php:0)",{"nodes":280,"edges":284},[281,283],{"id":236,"type":237,"label":282,"file":195,"line":160},"$_POST (x4)",{"id":241,"type":242,"label":256,"file":195,"line":211,"wp_function":257},[285],{"from":236,"to":241,"sanitized":267},{"summary":287,"deductions":288},"The \"user-last-visit\" v1.0 plugin exhibits a mixed security posture.  On the positive side, it demonstrates good practices by avoiding dangerous functions, not executing raw SQL queries, and not making external HTTP requests. The presence of nonce checks and a lack of reported historical vulnerabilities suggest a developer who is at least somewhat security-aware. However, significant concerns arise from the attack surface analysis. A single AJAX handler is present and lacks any authentication checks, presenting a direct pathway for unauthorized actions. Furthermore, the taint analysis indicates flows with unsanitized paths, although no critical or high severity issues were identified in this specific analysis, the presence of such flows coupled with unprotected entry points is worrying. The plugin's current state, with its unprotected AJAX endpoint and unsanitized path flows, requires immediate attention despite the absence of known CVEs.",[289,292,295,298],{"reason":290,"points":291},"AJAX handler without auth checks",7,{"reason":293,"points":294},"Taint flows with unsanitized paths",5,{"reason":296,"points":297},"Low output escaping percentage",4,{"reason":299,"points":294},"Capability checks are missing","2026-03-16T22:26:34.050Z",{"wat":302,"direct":311},{"assetPaths":303,"generatorPatterns":306,"scriptPaths":307,"versionParams":308},[304,305],"\u002Fwp-content\u002Fplugins\u002Fuser-last-visit\u002Fassets\u002Fjs\u002Fadmin-page.js","\u002Fwp-content\u002Fplugins\u002Fuser-last-visit\u002Fassets\u002Fcss\u002Fadmin-page.css",[],[304],[309,310],"user-last-visit\u002Fassets\u002Fjs\u002Fadmin-page.js?ver=","user-last-visit\u002Fassets\u002Fcss\u002Fadmin-page.css?ver=",{"cssClasses":312,"htmlComments":313,"htmlAttributes":314,"restEndpoints":316,"jsGlobals":317,"shortcodeOutput":320},[],[],[315],"data-ulv-id",[],[318,319],"ulvAllLogins","ulvSettingsText",[]]