[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcz5_8mkN_sgCecjBx3tRB2sALLc-WvlfwZpSf3_qVO4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":139,"fingerprints":192},"username-update","Username Update","1.0.0","Dhaval Panchal","https:\u002F\u002Fprofiles.wordpress.org\u002Fdhavalpanchal\u002F","\u003Cp>The “Username Update” plugin enhances the default username editing functionality in WordPress by providing an additional feature to send an email notification when a user’s username is updated. This plugin is useful in scenarios where administrators or users need to change their usernames and notify the user about the update.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003Cbr \u002F>\n* Username Editing: The plugin adds a new field in the user profile editing screen where administrators or users can enter a new username.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Username Validation: The entered username is validated to ensure it meets the required criteria. If the username is invalid, an error message is displayed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Username Availability: The plugin checks if the new username is already taken by another user. If the username is unavailable, an error message is shown, prompting the user to choose a different username.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Email Notification: Upon successful username update, the plugin sends an email notification to the user with the updated username. This helps in keeping users informed about the changes made to their accounts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Admin Notice: The plugin displays an admin notice to provide feedback on the username update process. If there are any validation errors or if the username already exists, appropriate error messages are displayed as admin notices.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Overall, the “Username Update” plugin enhances the user profile editing experience in WordPress by allowing easy and secure username changes while keeping users informed via email notifications. It ensures smooth validation, error handling, and admin notices for a seamless user experience.\u003C\u002Fp>\n","The \"Username Update\" plugin enhances the default username editing functionality in WordPress by providing an additional feature to send an  &hellip;",0,2611,"2025-02-06T09:46:00.000Z","6.7.5","6.3","7.0",[18,19,20,21,4],"email-notification","user-management","user-profile","username","https:\u002F\u002Fd.p.panchal.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fusername-update.1.0.0.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"dhavalpanchal",2,10,30,88,"2026-04-04T05:05:35.350Z",[36,57,80,101,121],{"slug":37,"name":38,"version":6,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":54,"download_link":55,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"wp-quick-username-update","Quick User Profile Update","webman technologies","https:\u002F\u002Fprofiles.wordpress.org\u002Foremtech\u002F","\u003Cp>Quick User Profile Update will give admin authority of user profile quick update from admin panel\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Quick edit the user\u003C\u002Fli>\n\u003Cli>Update Username\u003C\u002Fli>\n\u003C\u002Ful>\n","Quick User Profile Update will give admin authority of user profile quick update from admin panel",1008,100,1,"2018-06-05T11:11:00.000Z","4.9.29","4.7","5.2.4",[51,52,21,4,53],"login","quick-user-profile-edit","users","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quick-username-update.zip",85,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":54,"tags":72,"homepage":54,"download_link":77,"security_score":78,"vuln_count":45,"unpatched_count":11,"last_vuln_date":79,"fetched_at":26},"username-updater","Easy Username Updater","1.0.6","Yogesh Pant","https:\u002F\u002Fprofiles.wordpress.org\u002Fyogeshpant\u002F","\u003Cp>Easy Username updater is a plugin which allows administrators to change usernames on their site. It provide list of users with their email address,username and role. It changes display name as well.\u003C\u002Fp>\n\u003Cp>This plugin also do following:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Search the user by username, email address, or role.\u003C\u002Fli>\n\u003Cli>Send the updated username to user by email.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>How to install?\u003C\u002Fp>\n\u003Col>\n\u003Cli>Unzip the downloaded ‘username-updater.zip’ file\u003C\u002Fli>\n\u003Cli>Upload the ‘username-updater’ folder to ‘\u002Fwp-content\u002Fplugins’ directory of your WordPress installation\u003C\u002Fli>\n\u003Cli>Activate the plugin via the WordPress Plugins page\u003C\u002Fli>\n\u003Cli>A new submenu will automatically create on users menu\u003C\u002Fli>\n\u003C\u002Fol>\n","A plugin to change registered username and display name.",10000,125946,86,39,"2025-07-03T12:54:00.000Z","6.8.5","4.0",[73,74,58,75,76],"change-username","easy-username-updater","wordpress-username-changer","wordpress-username-updater","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fusername-updater.zip",99,"2022-07-12 00:00:00",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":44,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":98,"download_link":99,"security_score":78,"vuln_count":30,"unpatched_count":11,"last_vuln_date":100,"fetched_at":26},"wp-edit-username","WP Edit Username","2.0.5","Sajjad Hossain Sagor","https:\u002F\u002Fprofiles.wordpress.org\u002Fsajjad67\u002F","\u003Cp>This plugin adds feature to edit\u002Fchange user username.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Edit Username: Allows editing of usernames.\u003C\u002Fli>\n\u003Cli>Only users with the \u003Ccode>edit_other_users()\u003C\u002Fcode> capability can change usernames.\u003C\u002Fli>\n\u003Cli>If the “Send Email” option is enabled, the user will receive a notification email when their username is changed.\u003C\u002Fli>\n\u003Cli>You can customize the email subject and body text in the admin dashboard or via filter hooks.\u003C\u002Fli>\n\u003Cli>Modify the email subject using the filter: \u003Ccode>wpeu_email_subject\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Modify the email headers using the filter: \u003Ccode>wpeu_email_headers\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Adjust the email body content using the filter \u003Ccode>wpeu_email_body\u003C\u002Fcode>. (Note: \u003Ccode>$new_username\u003C\u002Fcode> and \u003Ccode>$old_username\u003C\u002Fcode> are automatically prepended to the email content).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Hooks Usage:\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php\n\nadd_filter( 'wp_username_changed_email_subject', 'change_email_subject' );\n\nfunction change_email_subject( $subject )\n{\n    $subject = 'Your customized subject';\n\n    return $subject;\n}\n\nadd_filter( 'wp_username_changed_email_body', 'change_email_body' );\n\nfunction change_email_body( $old_username, $new_username )\n{\n    $email_body = \"Your custom email text body.\";\n\n    return $email_body;\n}\n\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Easily Edit User Profile Username clicking a button.",2000,24886,5,"2025-12-08T15:37:00.000Z","6.9.4","5.6","8.0",[96,73,97,20,21],"ajax","profile-edit","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-edit-username\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-edit-username.2.0.5.zip","2023-12-19 00:00:00",{"slug":19,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":11,"num_ratings":11,"last_updated":110,"tested_up_to":14,"requires_at_least":111,"requires_php":16,"tags":112,"homepage":117,"download_link":118,"security_score":119,"vuln_count":30,"unpatched_count":45,"last_vuln_date":120,"fetched_at":26},"User Management","1.2","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>User Management for WordPress gives you the power to manage users and their data from a centralized dashboard Import\u002FExport\u002FUpdate user data by roles and filters.\u003C\u002Fp>\n\u003Cp>User Management for WordPress gives admin the ability to import or export user details on a website. You can easily import or export WP users, roles, and capabilities via CSV file in just a few clicks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin is also compatible with the WooCommerce plugin\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Import user details via CSV file.\u003C\u002Fli>\n\u003Cli>Import WP user roles & capabilities via CSV file.\u003C\u002Fli>\n\u003Cli>Export details of WP users to a CSV file.\u003C\u002Fli>\n\u003Cli>Export specific users by roles and capabilities.\u003C\u002Fli>\n\u003Cli>Export specific users in general.\u003C\u002Fli>\n\u003Cli>Export roles and capabilities only.\u003C\u002Fli>\n\u003Cli>Export profile information with the user metadata (your custom field in CSV).\u003C\u002Fli>\n\u003Cli>Create\u002Fupdate user details easily.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>REQUIREMENTS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 5.0+\u003C\u002Fli>\n\u003Cli>PHP 7.0+\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpexperts.io\u002Fdocumentation\u002Fuser-management\" rel=\"nofollow ugc\">Click Here\u003C\u002Fa> to read complete documentation of the product. The documentation includes a step-by-step installation and configuration guide, system specifications, troubleshooting, and support.\u003C\u002Fp>\n\u003Ch3>Major Update\u003C\u002Fh3>\n\u003Cp>This is major update of our plugin please make sure you have take backup before updating this plugin.\u003C\u002Fp>\n","User Import Export plugin allows you to export and import WordPress Users and Roles.",60,2777,"2024-12-09T07:50:00.000Z","6.7",[113,114,19,115,116],"user","user-approval","user-profiles","user-roles","https:\u002F\u002Fwpexperts.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-management.1.2.zip",66,"2025-01-14 00:00:00",{"slug":122,"name":123,"version":6,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":31,"downloaded":128,"rating":11,"num_ratings":11,"last_updated":129,"tested_up_to":70,"requires_at_least":130,"requires_php":54,"tags":131,"homepage":136,"download_link":137,"security_score":44,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":138},"all-in-one-utilities","All-in-One Utilities","2ByteCode","https:\u002F\u002Fprofiles.wordpress.org\u002F2bytecode\u002F","\u003Cp>All-in-One Utilities is a versatile plugin that allows administrators to streamline their WordPress site by enabling only the necessary features. Reduce site overhead and manage user roles and settings efficiently with these key features.\u003C\u002Fp>\n\u003Cp>This plugin consolidates the functionality of several popular plugins into one lightweight package:\u003Cbr \u002F>\n– Default Featured Image\u003Cbr \u002F>\n– Easy Username Updater\u003Cbr \u002F>\n– Multiple Roles\u003Cbr \u002F>\n– Disable Everything\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Multiple Roles:\u003C\u002Fstrong> Assign multiple roles to users during creation or editing.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Username Updater:\u003C\u002Fstrong> Easily update usernames for users via a dedicated action in the Users list table, with optional email notification.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Default Featured Image:\u003C\u002Fstrong> Choose a fallback featured image in Media Settings that is applied when posts\u002Fpages lack one.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Unnecessary Features:\u003C\u002Fstrong> Toggle off various WordPress features (e.g., author archives, application passwords, adjacent posts, embeds, emojis) to streamline and speed up your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003C\u002Fp>\n","A must use plugin for any WordPress site with necessary features.",625,"2025-08-22T12:57:00.000Z","4.0.0",[132,133,134,58,135],"disable-features","featured-image","multiple-roles","utilities","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fall-in-one-utilities","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fall-in-one-utilities.1.0.0.zip","2026-03-15T14:54:45.397Z",{"attackSurface":140,"codeSignals":176,"taintFlows":183,"riskAssessment":184,"analyzedAt":191},{"hooks":141,"ajaxHandlers":165,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":30,"unprotectedCount":30},[142,148,151,153,156,159,162],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","plugins_loaded","anonymous","includes\\class-username-update.php",133,{"type":143,"name":149,"callback":145,"file":146,"line":150},"admin_enqueue_scripts",148,{"type":143,"name":149,"callback":145,"file":146,"line":152},149,{"type":143,"name":154,"callback":145,"file":146,"line":155},"show_user_profile",151,{"type":143,"name":157,"callback":145,"file":146,"line":158},"edit_user_profile",152,{"type":143,"name":160,"callback":145,"file":146,"line":161},"personal_options_update",153,{"type":143,"name":163,"callback":145,"file":146,"line":164},"edit_user_profile_update",154,[166,171],{"action":167,"nopriv":168,"callback":145,"hasNonce":169,"hasCapCheck":169,"file":146,"line":170},"user_name_update",true,false,156,{"action":167,"nopriv":169,"callback":145,"hasNonce":169,"hasCapCheck":169,"file":146,"line":172},157,[],[],[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":180,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":45,"bundledLibraries":182},[],{"prepared":11,"raw":11,"locations":179},[],{"escaped":30,"rawEcho":11,"locations":181},[],[],[],{"summary":185,"deductions":186},"The username-update plugin v1.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices in its SQL query handling, exclusively using prepared statements, and ensuring all output is properly escaped, which mitigates common injection and XSS vulnerabilities. The absence of file operations and external HTTP requests further reduces its attack surface. However, a significant concern is the presence of two AJAX handlers that lack any authentication or capability checks. This creates a direct entry point for unauthenticated users to interact with plugin functionality, potentially leading to unauthorized actions if the logic within these handlers is exploitable.\n\nThe static analysis did not reveal any dangerous functions, raw SQL queries, or taint flows indicative of immediate critical vulnerabilities. The plugin's vulnerability history is also clean, with no recorded CVEs, suggesting a potentially well-maintained or less targeted codebase. Despite the lack of historical vulnerabilities and the good practices in data handling, the unprotected AJAX endpoints represent a clear and present risk. This is a common oversight that can be exploited by attackers to trigger actions they are not authorized to perform, especially if the logic is simple enough or relies on predictable inputs.\n\nIn conclusion, while the plugin adheres to sound security principles in data sanitization and query execution, the unprotected AJAX endpoints are a critical weakness. The clean vulnerability history is encouraging but does not negate the risks posed by the exposed attack surface. Recommendations should focus on immediately implementing nonce and capability checks for all AJAX handlers to secure these entry points.",[187,189],{"reason":188,"points":31},"AJAX handlers without auth checks",{"reason":190,"points":31},"AJAX handlers without capability checks","2026-03-17T06:36:45.164Z",{"wat":193,"direct":202},{"assetPaths":194,"generatorPatterns":197,"scriptPaths":198,"versionParams":199},[195,196],"\u002Fwp-content\u002Fplugins\u002Fusername-update\u002Fcss\u002Fusername-update-admin.css","\u002Fwp-content\u002Fplugins\u002Fusername-update\u002Fjs\u002Fusername-update-admin.js",[],[196],[200,201],"username-update\u002Fcss\u002Fusername-update-admin.css?ver=","username-update\u002Fjs\u002Fusername-update-admin.js?ver=",{"cssClasses":203,"htmlComments":205,"htmlAttributes":206,"restEndpoints":208,"jsGlobals":209,"shortcodeOutput":210},[4,204],"username_side_button",[],[207],"data-username-update",[],[21],[]]