[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYyhFI3-WCIy0elTqNG2kYsPY0l_52t9rWG7a0QFEe-c":3,"$faZ9CJvXG1YKgISnsTWqP4nTy_8NCbKd7LQvGt5fMS-w":244,"$fsbFsAzO_sptohu3fcsKpyiPc9VuYl2wh-2NLA7VDE1o":248},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":38,"analysis":120,"fingerprints":211},"user-session-control","User Session Control","0.3.1","Frankie Jarrett","https:\u002F\u002Fprofiles.wordpress.org\u002Ffjarrett\u002F","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fuser-session-control\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WordPress 4.1 “Dinah” introduced the awesome power of user session management.\u003C\u002Fp>\n\u003Cp>However, you are limited to only being able to destroy your own sessions, and you cannot destroy them individually.\u003C\u002Fp>\n\u003Cp>This plugin allows Administrators to view and manage all sessions by all users on an individual basis.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays a custom “God view” screen of all active user sessions\u003C\u002Fli>\n\u003Cli>Sort sessions by user, role, creation date, expiry date or IP address\u003C\u002Fli>\n\u003Cli>Quickly and easily destroy sessions you think may be a security risk\u003C\u002Fli>\n\u003Cli>Respects the timezone, date format and time format saved under General Settings\u003C\u002Fli>\n\u003Cli>View all user sessions from all blogs on your network via the Network Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Deutsch\u003C\u002Fli>\n\u003Cli>Español\u003C\u002Fli>\n\u003Cli>Français\u003C\u002Fli>\n\u003Cli>Português\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","View and manage all active user sessions in a custom admin screen.",700,10221,94,7,"2016-12-23T19:25:00.000Z","4.7.33","4.1","",[20,21,22,23],"login","security","sessions","users","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.3.1.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":25,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"fjarrett",5,2140,30,84,"2026-05-20T01:09:23.742Z",[39,58,72,89,102],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":36,"num_ratings":33,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":18,"download_link":56,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"expire-user-passwords","Expire User Passwords","1.4.2","Matt Miller","https:\u002F\u002Fprofiles.wordpress.org\u002Fmillermedianow\u002F","\u003Cp>Note: This is a forked version of the now unsupported \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexpire-passwords\u002F\" rel=\"ugc\">Expire Passwords\u003C\u002Fa> plugin. The notes below are copied over from the original plugin and will be updated as relevant updates become available. Please help by contributing to the GitHub repository \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">Expire Passwords\u003C\u002Fa> on GitHub\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fexpire-user-passwords\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Harden the security of your site by preventing unauthorized access to stale user accounts.\u003C\u002Fp>\n\u003Cp>This plugin is also ideal for sites needing to meet certain industry security compliances – such as government, banking or healthcare.\u003C\u002Fp>\n\u003Cp>In the plugin settings you can set the maximum number of days users are allowed to use the same password (90 days by default), as well as which user roles will be required to reset their passwords regularly (non-Administrators by default).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Albanian (Shqip)\u003C\u002Fli>\n\u003Cli>Arabic (العربية)\u003C\u002Fli>\n\u003Cli>Armenian (Հայերեն)\u003C\u002Fli>\n\u003Cli>Basque (Euskara)\u003C\u002Fli>\n\u003Cli>Bengali (বাংলা)\u003C\u002Fli>\n\u003Cli>Bulgarian (Български)\u003C\u002Fli>\n\u003Cli>Catalan (Català)\u003C\u002Fli>\n\u003Cli>Chinese Simplified (简体中文)\u003C\u002Fli>\n\u003Cli>Croatian (Hrvatski)\u003C\u002Fli>\n\u003Cli>Czech (Čeština)\u003C\u002Fli>\n\u003Cli>Danish (Dansk)\u003C\u002Fli>\n\u003Cli>Dutch (Nederlands)\u003C\u002Fli>\n\u003Cli>Estonian (Eesti)\u003C\u002Fli>\n\u003Cli>Finnish (Suomi)\u003C\u002Fli>\n\u003Cli>French (Français)\u003C\u002Fli>\n\u003Cli>Galician (Galego)\u003C\u002Fli>\n\u003Cli>Georgian (ქართული)\u003C\u002Fli>\n\u003Cli>German (Deutsch)\u003C\u002Fli>\n\u003Cli>Greek (Ελληνικά)\u003C\u002Fli>\n\u003Cli>Hebrew (עברית)\u003C\u002Fli>\n\u003Cli>Hindi (हिन्दी)\u003C\u002Fli>\n\u003Cli>Hungarian (Magyar)\u003C\u002Fli>\n\u003Cli>Indonesian (Bahasa Indonesia)\u003C\u002Fli>\n\u003Cli>Irish (Gaeilge)\u003C\u002Fli>\n\u003Cli>Italian (Italiano)\u003C\u002Fli>\n\u003Cli>Japanese (日本語)\u003C\u002Fli>\n\u003Cli>Korean (한국어)\u003C\u002Fli>\n\u003Cli>Latvian (Latviešu)\u003C\u002Fli>\n\u003Cli>Lithuanian (Lietuvių)\u003C\u002Fli>\n\u003Cli>Macedonian (Македонски)\u003C\u002Fli>\n\u003Cli>Norwegian (Norsk)\u003C\u002Fli>\n\u003Cli>Persian (فارسی)\u003C\u002Fli>\n\u003Cli>Persian – Afghanistan (دری)\u003C\u002Fli>\n\u003Cli>Polish (Polski)\u003C\u002Fli>\n\u003Cli>Portuguese – Brazil (Português do Brasil)\u003C\u002Fli>\n\u003Cli>Portuguese – Portugal (Português)\u003C\u002Fli>\n\u003Cli>Romanian (Română)\u003C\u002Fli>\n\u003Cli>Russian (Русский)\u003C\u002Fli>\n\u003Cli>Serbian (Српски)\u003C\u002Fli>\n\u003Cli>Slovak (Slovenčina)\u003C\u002Fli>\n\u003Cli>Slovenian (Slovenščina)\u003C\u002Fli>\n\u003Cli>Spanish (Español)\u003C\u002Fli>\n\u003Cli>Swedish (Svenska)\u003C\u002Fli>\n\u003Cli>Tamil (தமிழ்)\u003C\u002Fli>\n\u003Cli>Thai (ไทย)\u003C\u002Fli>\n\u003Cli>Turkish (Türkçe)\u003C\u002Fli>\n\u003Cli>Ukrainian (Українська)\u003C\u002Fli>\n\u003Cli>Urdu (اردو)\u003C\u002Fli>\n\u003Cli>Vietnamese (Tiếng Việt)\u003C\u002Fli>\n\u003Cli>Welsh (Cymraeg)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Require certain users to change their passwords on a regular basis.",3000,58543,"2026-02-17T09:27:00.000Z","6.9.4","4.0","8.1",[20,54,55,21,23],"membership","passwords","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-user-passwords.1.4.2.zip",100,{"slug":59,"name":60,"version":61,"author":7,"author_profile":8,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":57,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":17,"requires_php":18,"tags":69,"homepage":18,"download_link":71,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"prevent-concurrent-logins","Prevent Concurrent Logins","0.4.0","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fprevent-concurrent-logins\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Deters members\u002Fsubscribers from sharing their accounts with others\u003C\u002Fli>\n\u003Cli>Hardens security by destoying old sessions automatically\u003C\u002Fli>\n\u003Cli>Prompts old sessions to login again if they want to continue\u003C\u002Fli>\n\u003Cli>Ideal for membership sites and web applications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> If you plan to network-activate this plugin on a multisite network, please install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fproper-network-activation\u002F\" rel=\"ugc\">Proper Network Activation\u003C\u002Fa> plugin \u003Cem>beforehand\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fprevent-concurrent-logins\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fprevent-concurrent-logins\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Prevents users from staying logged into the same account from multiple places.",900,17403,17,"2016-08-16T22:21:00.000Z","4.6.30",[20,54,21,70,23],"sensei","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-concurrent-logins.0.4.0.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":35,"downloaded":80,"rating":26,"num_ratings":26,"last_updated":81,"tested_up_to":50,"requires_at_least":17,"requires_php":82,"tags":83,"homepage":86,"download_link":87,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":88},"users-login-monitor","Users Login Monitor","5.22","wpgear","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpgear\u002F","\u003Cp>Ext Security.\u003Cbr \u002F>\nDashboard & Daily-Digest about users activity.\u003Cbr \u002F>\nNow the console has a widget that displays last login users, whith: Date-Time, IP address (whith Whois info) and Device type\u002FBrowser.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Even without going to the site admin area, you will be informed about the activity of the current day.\u003C\u002Fli>\n\u003Cli>Any person can be a recipient of notifications. Not necessarily the Administrator.\u003C\u002Fli>\n\u003Cli>Now in the Admin console you have a new widget with a list of users in order of decreasing Login time.\u003C\u002Fli>\n\u003Cli>Determine and save the IP address, device and browser details, from which the was made Login. (if your server is configured correctly). For better informational content, in order to be able to determine the parameters of the User’s devices (OS, Browser, Type Device), you should have a PHP extension on the server: “Browscap”. Alternatively, you can use the Lite-Version – Plugin: “quick-browscap” from the official WP repository.\u003C\u002Fli>\n\u003Cli>It is important to understand that the time to enter the site and the time of the last activity of the user are different events.\u003C\u002Fli>\n\u003Cli>Displays “Login Success” Statistics for each User.\u003C\u002Fli>\n\u003Cli>Displays Count “Users Activity” in Admin Bar.\u003C\u002Fli>\n\u003C\u002Ful>\n","A freeware plugin, for daily-notify site administrator, about users who logged in during the day.",2575,"2026-02-26T09:01:00.000Z","5.4",[20,84,85,21,23],"logout","members","https:\u002F\u002Fwpgear.xyz\u002Fusers-login-monitor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fusers-login-monitor.zip","2026-04-06T09:54:40.288Z",{"slug":90,"name":91,"version":92,"author":76,"author_profile":77,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":26,"num_ratings":26,"last_updated":97,"tested_up_to":50,"requires_at_least":17,"requires_php":82,"tags":98,"homepage":100,"download_link":101,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"new-users-monitor","New Users Monitor","3.22","\u003Cp>Ext Security.\u003Cbr \u002F>\nYou may not know that your site has already been hacked.\u003Cbr \u002F>\nThere are many ways to add a new user to the system, without your knowledge.\u003Cbr \u002F>\nThis plugin will promptly notify you that a new user has registered on your site.\u003Cbr \u002F>\nNow the console has a widget that displays all new users.\u003C\u002Fp>\n\u003Cp>All new users will be highlighted in red until Admin confirm each of them in User-Profile.\u003Cbr \u002F>\nWith the active Option: “Deny Login if User is not confirmed”, you will sleep much more peacefully.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin has already helped out many times when some of our sites were hacked. But we quickly found out about it. And we were able to fast stop the problem.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic scanning of the Users list on a schedule, and detect unauthorized addition to the DB.\u003C\u002Fli>\n\u003Cli>Notification to Administrator by e-mail.\u003C\u002Fli>\n\u003Cli>The “Users” Table has a sortable Column “Confirm” ON\u002FOFF. Users who are not Verified are highlighted in red.\u003C\u002Fli>\n\u003Cli>Option: “Allow to change Settings – only for Admin”. Default = ON\u003C\u002Fli>\n\u003Cli>Option: “Deny Login if User is not confirmed”. Default = ON\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadaptive-login-action\" rel=\"ugc\">Integration with “Adaptive Login Action”\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Ext Security. Automatic scanning of the Users list, detect unauthorized addition. Informs immediately Admin by email. Informative Widget.",10,1839,"2026-03-04T17:37:00.000Z",[99,20,85,21,23],"accept","https:\u002F\u002Fwpgear.xyz\u002Fnew-users-monitor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnew-users-monitor.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":95,"downloaded":110,"rating":57,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":118,"download_link":119,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"user-login-disable","User Login Disable","0.1.0","chexwarrior","https:\u002F\u002Fprofiles.wordpress.org\u002Fchexwarrior\u002F","\u003Cp>This plugin allows administrators to enable or disable other user account’s logins.\u003C\u002Fp>\n\u003Cp>When a user is disabled:\u003Cbr \u002F>\n* They can not login to the site\u003Cbr \u002F>\n* They are immediately logged out of the site\u003Cbr \u002F>\n* Any \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2020\u002F11\u002F05\u002Fapplication-passwords-integration-guide\u002F\" rel=\"nofollow ugc\">application passwords\u003C\u002Fa> created with this user will no longer authenticate with the WP REST API\u003C\u002Fp>\n\u003Ch4>WP-CLI Integration\u003C\u002Fh4>\n\u003Cp>This plugin integrates with WP-CLI and provides the following two commands:\u003C\u002Fp>\n\u003Cpre>\u003Ccode># Enables the target users\nwp user enable \u003CList of User IDs, Logins or Emails> [--all]\n\n# Disables the target users\nwp user disable \u003CList of User IDs, Logins or Emails> [--all]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>This plugin is developed on the author’s own time so there is no guarantee that reported bugs will be fixed in a timely fashion.\u003C\u002Fp>\n\u003Cp>To report a bug please visit the plugin’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FChexWarrior\u002Fwp-user-disable-login\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Allows administrators to disable other user logins.",1120,1,"2022-07-22T20:43:00.000Z","6.0.11","5.6","8.0",[117,20,21,23],"audit","https:\u002F\u002Fgithub.com\u002FChexWarrior\u002Fwp-user-disable-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-login-disable.0.1.0.zip",{"attackSurface":121,"codeSignals":140,"taintFlows":165,"riskAssessment":203,"analyzedAt":210},{"hooks":122,"ajaxHandlers":136,"restRoutes":137,"shortcodes":138,"cronEvents":139,"entryPointCount":26,"unprotectedCount":26},[123,129,133],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","plugins_loaded","usc_i18n","user-session-control.php",36,{"type":124,"name":130,"callback":131,"file":127,"line":132},"network_admin_menu","usc_register_user_submenu",50,{"type":124,"name":134,"callback":131,"file":127,"line":135},"admin_menu",52,[],[],[],[],{"dangerousFunctions":141,"sqlUsage":142,"outputEscaping":147,"fileOperations":26,"externalRequests":26,"nonceChecks":111,"capabilityChecks":26,"bundledLibraries":164},[],{"prepared":111,"raw":111,"locations":143},[144],{"file":127,"line":145,"context":146},308,"$wpdb->get_results() with variable interpolation",{"escaped":148,"rawEcho":149,"locations":150},62,6,[151,154,156,158,160,162],{"file":127,"line":152,"context":153},175,"raw output",{"file":127,"line":155,"context":153},177,{"file":127,"line":157,"context":153},183,{"file":127,"line":159,"context":153},241,{"file":127,"line":161,"context":153},279,{"file":127,"line":163,"context":153},287,[],[166,192],{"entryPoint":167,"graph":168,"unsanitizedCount":26,"severity":191},"usc_user_submenu_callback (user-session-control.php:60)",{"nodes":169,"edges":187},[170,174,180,184],{"id":171,"type":172,"label":173,"file":127,"line":36},"n0","source","$_GET (x3)",{"id":175,"type":176,"label":177,"file":127,"line":178,"wp_function":179},"n1","sink","echo() [XSS]",159,"echo",{"id":181,"type":172,"label":182,"file":127,"line":183},"n2","$_SERVER (x3)",223,{"id":185,"type":176,"label":177,"file":127,"line":186,"wp_function":179},"n3",243,[188,190],{"from":171,"to":175,"sanitized":189},true,{"from":181,"to":185,"sanitized":189},"low",{"entryPoint":193,"graph":194,"unsanitizedCount":26,"severity":191},"\u003Cuser-session-control> (user-session-control.php:0)",{"nodes":195,"edges":200},[196,197,198,199],{"id":171,"type":172,"label":173,"file":127,"line":36},{"id":175,"type":176,"label":177,"file":127,"line":178,"wp_function":179},{"id":181,"type":172,"label":182,"file":127,"line":183},{"id":185,"type":176,"label":177,"file":127,"line":186,"wp_function":179},[201,202],{"from":171,"to":175,"sanitized":189},{"from":181,"to":185,"sanitized":189},{"summary":204,"deductions":205},"The \"user-session-control\" plugin v0.3.1 exhibits a generally strong security posture based on the provided static analysis. The absence of a significant attack surface, particularly in AJAX handlers, REST API routes, shortcodes, and cron events, is a major positive indicator. Furthermore, the code shows good practices with a high percentage of properly escaped output and the use of prepared statements for half of its SQL queries. The presence of a nonce check also suggests an attempt to mitigate certain types of attacks.\n\nHowever, the analysis does highlight a potential area for concern: the complete absence of capability checks. While there are no identified direct vulnerabilities in the provided data, relying solely on nonce checks for security can be insufficient. Capability checks are crucial for ensuring that only authorized users can perform specific actions within WordPress. The lack of these checks, combined with the fact that all SQL queries are not using prepared statements, introduces a subtle risk that could be exploited in conjunction with other, less obvious vulnerabilities if they were to arise.\n\nThe vulnerability history is entirely clean, with zero recorded CVEs across all severities. This indicates that, historically, the plugin has not been a source of security issues. However, a clean history doesn't guarantee future safety, and the previously mentioned potential weaknesses in capability checks and SQL query handling should still be addressed to further harden the plugin.",[206,208],{"reason":207,"points":95},"No capability checks implemented",{"reason":209,"points":33},"SQL queries not fully using prepared statements","2026-03-16T19:24:31.005Z",{"wat":212,"direct":221},{"assetPaths":213,"generatorPatterns":216,"scriptPaths":217,"versionParams":218},[214,215],"\u002Fwp-content\u002Fplugins\u002Fuser-session-control\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fuser-session-control\u002Fjs\u002Fscript.js",[],[215],[219,220],"user-session-control\u002Fcss\u002Fstyle.css?ver=","user-session-control\u002Fjs\u002Fscript.js?ver=",{"cssClasses":222,"htmlComments":237,"htmlAttributes":238,"restEndpoints":241,"jsGlobals":242,"shortcodeOutput":243},[223,224,225,226,227,228,229,230,231,232,233,234,235,236,23],"tablenav-pages","displaying-num","pagination-links","first-page","disabled","prev-page","paging-input","total-pages","next-page","last-page","sorting-indicator","wp-list-table","widefat","fixed",[],[239,240],"data-user_id","data-token_hash",[],[],[],{"error":189,"url":245,"statusCode":246,"statusMessage":247,"message":247},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fuser-session-control\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":149,"versions":249},[250,256,263,270,277,284],{"version":6,"download_url":24,"svn_tag_url":251,"released_at":27,"has_diff":252,"diff_files_changed":253,"diff_lines":27,"trac_diff_url":254,"vulnerabilities":255,"is_current":189},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fuser-session-control\u002Ftags\u002F0.3.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fuser-session-control%2Ftags%2F0.3.0&new_path=%2Fuser-session-control%2Ftags%2F0.3.1",[],{"version":257,"download_url":258,"svn_tag_url":259,"released_at":27,"has_diff":252,"diff_files_changed":260,"diff_lines":27,"trac_diff_url":261,"vulnerabilities":262,"is_current":252},"0.3.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.3.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fuser-session-control\u002Ftags\u002F0.3.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fuser-session-control%2Ftags%2F0.2.2&new_path=%2Fuser-session-control%2Ftags%2F0.3.0",[],{"version":264,"download_url":265,"svn_tag_url":266,"released_at":27,"has_diff":252,"diff_files_changed":267,"diff_lines":27,"trac_diff_url":268,"vulnerabilities":269,"is_current":252},"0.2.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.2.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fuser-session-control\u002Ftags\u002F0.2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fuser-session-control%2Ftags%2F0.2.1&new_path=%2Fuser-session-control%2Ftags%2F0.2.2",[],{"version":271,"download_url":272,"svn_tag_url":273,"released_at":27,"has_diff":252,"diff_files_changed":274,"diff_lines":27,"trac_diff_url":275,"vulnerabilities":276,"is_current":252},"0.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fuser-session-control\u002Ftags\u002F0.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fuser-session-control%2Ftags%2F0.2.0&new_path=%2Fuser-session-control%2Ftags%2F0.2.1",[],{"version":278,"download_url":279,"svn_tag_url":280,"released_at":27,"has_diff":252,"diff_files_changed":281,"diff_lines":27,"trac_diff_url":282,"vulnerabilities":283,"is_current":252},"0.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fuser-session-control\u002Ftags\u002F0.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fuser-session-control%2Ftags%2F0.1.0&new_path=%2Fuser-session-control%2Ftags%2F0.2.0",[],{"version":105,"download_url":285,"svn_tag_url":286,"released_at":27,"has_diff":252,"diff_files_changed":287,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":288,"is_current":252},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fuser-session-control\u002Ftags\u002F0.1.0\u002F",[],[]]