[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVKH5lBhFpo1gH59mVCJ9d0Rcfa3PkHWDU1d_oITs3oA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":32,"analysis":130,"fingerprints":174},"veo-multisite-plugin-manager","VEO Multisite Plugin Manager","1.3.2","kebes","https:\u002F\u002Fprofiles.wordpress.org\u002Fkebes\u002F","\u003Cp>VEO Multisite Plugin Manager allows you to:\u003Cbr \u002F>\n– View which plugins are active globally.\u003Cbr \u002F>\n– See the sites where plugins are individually active.\u003Cbr \u002F>\n– Quickly navigate to the plugin pages of specific sites.\u003C\u002Fp>\n","Manage and monitor plugin activation across WordPress Multisite networks.",0,290,"2025-08-26T11:38:00.000Z","6.7.5","4.6","7.0",[18,19,20],"multisite","network","plugins","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fveo-multisite-plugin-manager.1.3.2.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,94,"2026-04-04T19:05:40.020Z",[33,53,73,96,113],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":23,"downloaded":41,"rating":42,"num_ratings":43,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":21,"tags":47,"homepage":21,"download_link":51,"security_score":52,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"plugin-activation-status","Plugin Activation Status","1.0.2.1","Curtiss Grymala","https:\u002F\u002Fprofiles.wordpress.org\u002Fcgrymala\u002F","\u003Cp>Plugin Activation Status makes it easier for owners of multisite and multi-network WordPress installations to perform plugin audits on their installations. The plugin generates a list of plugins that are not currently active on any sites or networks. It generates a separate list of plugins that are active somewhere within the installation, and provides details about where and how those plugins are activated.\u003C\u002Fp>\n\u003Cp>This plugin first retrieves a full list of all of the plugins that are network-activated throughout your installation. Then, it loops through all of the sites in your installation, retrieving a list of all of the active plugins on each site. Next, it runs a diff between the full list of installed plugins and the list of all active plugins.\u003C\u002Fp>\n\u003Cp>Once it retrieves all of that information, it outputs two separate lists.\u003C\u002Fp>\n\u003Cp>The first list is the list of Inactive Plugins; all plugins that are installed, but not activated anywhere within WordPress will be listed there. The second list shows all of the Active Plugins; all plugins that are installed and activated somewhere within WordPress are shown there.\u003C\u002Fp>\n\u003Cp>Within the Active Plugins list, each plugin also has a list of all of the places the plugin is active (at the top, a list of all of the places it’s network-active; at the bottom, all of the places it’s normally-activated).\u003C\u002Fp>\n\u003Cp>When the plugin generates the lists of plugins, it stores those lists as site options in the database, so the lists can be retrieved for reference without using any additional server resources. If you would like to remove those cached lists and generate new lists, you simply have to click the Continue button on the admin page.\u003C\u002Fp>\n","Scans a multisite or multi-network installation to identify all plugins that are active or not.",26167,92,14,"2018-04-03T19:04:00.000Z","4.9.29","3.8",[48,49,18,50,20],"active","multi-network","network-active","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-activation-status.1.0.2.1.zip",85,{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":23,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":71,"download_link":72,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"multisite-administration-tools","Multisite Administration Tools","1.21","Aaron Axelsen","https:\u002F\u002Fprofiles.wordpress.org\u002Faxelseaa\u002F","\u003Cp>The Multisite Administration Tools plugin adds additional columns to the Sites, Plugins and Themes tables in the Network Admin interface.\u003C\u002Fp>\n\u003Cp>On the Sites table, two additional columns are added to allow admins to easily view the theme of the site, and also any plugins that are enabled.\u003C\u002Fp>\n\u003Cp>On the Themes table, there is an additional column added which allows the administrator to see all sites that are actively using that theme.\u003C\u002Fp>\n\u003Cp>On the Plugins table, there is an additional column added which allows the administrator to see all sites that are actively using that plugin.\u003C\u002Fp>\n","Adds information to the network admin sites, plugins and themes page. Allows you to easily see what theme and plugins are enabled on a site.",10,3393,2,"2025-12-21T16:29:00.000Z","6.9.4","5.8","7.2",[69,18,19,20,70],"admintools","themes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultisite-administration-tools\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-administration-tools.1.21.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":83,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":21,"tags":88,"homepage":92,"download_link":93,"security_score":94,"vuln_count":28,"unpatched_count":11,"last_vuln_date":95,"fetched_at":25},"unconfirmed","Unconfirmed","1.3.7","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>If you run a WordPress or BuddyPress installation, you probably know that some of the biggest administrative headaches come from the activation process. Activation emails may be caught by spam filters, deleted unwillingly, or simply not understood. Yet WordPress itself has no UI for viewing and managing unactivated members.\u003C\u002Fp>\n\u003Cp>Unconfirmed creates a Dashboard panel under the Users menu (Network Admin > Users on Multisite) that shows a list of unactivated user registrations. For each registration, you have the option of resending the original activation email, or manually activating the user.\u003C\u002Fp>\n\u003Cp>Note that the plugin works for the following configurations:\u003Cbr \u002F>\n1. Multisite, with or without BuddyPress\u003Cbr \u002F>\n2. Single site, with BuddyPress used for user registration\u003C\u002Fp>\n\u003Cp>There is currently no support for single-site WP registration without BuddyPress.\u003C\u002Fp>\n","Allows WordPress admins to manage unactivated users, by activating them manually, deleting their pending registrations, or resending the activation em …",2000,246166,90,47,"2023-12-04T19:58:00.000Z","6.4.8","3.1",[89,90,91,18,19],"activate","activation","email","http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Funconfirmed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funconfirmed.1.3.7.zip",84,"2014-04-11 00:00:00",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":23,"num_ratings":43,"last_updated":106,"tested_up_to":65,"requires_at_least":15,"requires_php":107,"tags":108,"homepage":111,"download_link":112,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"plugin-report","Plugin Report","2.2.2","Torsten Landsiedel","https:\u002F\u002Fprofiles.wordpress.org\u002Fzodiac1978\u002F","\u003Cp>A WordPress plugin that provides detailed information about currently installed plugins.\u003C\u002Fp>\n\u003Ch3>Plugin Report will allow you to:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Spot plugins that are no longer maintained.\u003C\u002Fli>\n\u003Cli>Get a quick overview of the “plugin health” of your site.\u003C\u002Fli>\n\u003Cli>Provide clients with a detailed report, right from their own dashboard, or as CSV spreadsheet.\u003C\u002Fli>\n\u003Cli>Find plugins that are no longer active on multisite installs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Thanks to Roy Tanck for trusting me to adopt this great plugin. Hartelijk bedankt!\u003C\u002Fp>\n\u003Cp>Special thanks go to \u003Ca href=\"http:\u002F\u002Ftristen.ca\u002F\" rel=\"nofollow ugc\">Tristen Forsythe Brown\u003C\u002Fa> for the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftristen\u002Ftablesort\" rel=\"nofollow ugc\">tablesort JavaScript library\u003C\u002Fa> licensed under the MIT License.\u003C\u002Fp>\n","A WordPress plugin that provides detailed information about currently installed plugins.",1000,26304,"2026-01-18T12:46:00.000Z","5.6",[109,18,110,20],"admin","plugin-info","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-report\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-report.2.2.2.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":94,"num_ratings":123,"last_updated":124,"tested_up_to":45,"requires_at_least":125,"requires_php":21,"tags":126,"homepage":128,"download_link":129,"security_score":52,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"multisite-plugin-manager","Multisite Plugin Manager","3.1.6","Aaron Edwards","https:\u002F\u002Fprofiles.wordpress.org\u002Fuglyrobot\u002F","\u003Cp>Plugin management for WordPress Multisite that supports the native plugins page and the WPMU DEV Pro Sites plugin! Used on thousands of multisite installs across the web.\u003Cbr \u002F>\nPreviously known as \u003Cstrong>WPMU Plugin Manager\u003C\u002Fstrong>, it uses a backend options page to adjust plugin permissions for all the sites in your network.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select what plugins sites have access to\u003C\u002Fli>\n\u003Cli>Choose plugins to Auto-Activate for all new blogs\u003C\u002Fli>\n\u003Cli>Mass activate\u002Fdeactivate a plugin on all sites in your network (Very Handy!)\u003C\u002Fli>\n\u003Cli>Assign special plugin access permissions for specific sites in your network\u003C\u002Fli>\n\u003Cli>And as Super Admin, you can override all these to activate specific plugins on the sites you choose!\u003C\u002Fli>\n\u003Cli>Removes the plugin meta row links (Version, Author, Plugin) and any update messages for blog admins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Also, if you use the excellent \u003Ca href=\"https:\u002F\u002Fpremium.wpmudev.org\u002Fproject\u002Fpro-sites\u002F\" rel=\"nofollow ugc\">Pro Sites plugin from WPMU DEV\u003C\u002Fa> you will be able to charge for access to certain plugins!\u003C\u002Fp>\n\u003Cp>A free plugin by Aaron Edwards of \u003Ca href=\"http:\u002F\u002Fuglyrobot.com\u002F\" rel=\"nofollow ugc\">UglyRobot Web Development\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fuglyrobot\u002Fmultisite-plugin-manager\" rel=\"nofollow ugc\">Contribute on GitHub\u003C\u002Fa>\u003C\u002Fp>\n","The essential plugin for every multisite install! Manage plugin access permissions across your entire multisite network.",200,107575,23,"2020-08-18T01:52:00.000Z","3.7.3",[18,20,127],"wpmu","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmultisite-plugin-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-plugin-manager.3.1.6.zip",{"attackSurface":131,"codeSignals":147,"taintFlows":160,"riskAssessment":161,"analyzedAt":173},{"hooks":132,"ajaxHandlers":143,"restRoutes":144,"shortcodes":145,"cronEvents":146,"entryPointCount":11,"unprotectedCount":11},[133,139],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","admin_notices","closure","veo-multisite-plugin-manager.php",18,{"type":140,"name":141,"callback":136,"priority":61,"file":137,"line":142},"filter","plugin_row_meta",25,[],[],[],[],{"dangerousFunctions":148,"sqlUsage":149,"outputEscaping":154,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":159},[],{"prepared":11,"raw":28,"locations":150},[151],{"file":137,"line":152,"context":153},33,"$wpdb->get_results() with variable interpolation",{"escaped":63,"rawEcho":28,"locations":155},[156],{"file":137,"line":157,"context":158},19,"raw output",[],[],{"summary":162,"deductions":163},"The veo-multisite-plugin-manager v1.3.2 plugin presents a generally positive security posture based on the provided static analysis and vulnerability history. The absence of known CVEs, unpatched vulnerabilities, and critical or high-severity findings in the taint analysis is a strong indicator of good security practices in its development and maintenance. The plugin also demonstrates a clean attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that lack proper authentication or permission checks, which significantly reduces the potential for external exploitation.\n\nHowever, a notable area for concern is the handling of SQL queries. The analysis reveals that 100% of the single SQL query within the plugin does not utilize prepared statements. This significantly increases the risk of SQL injection vulnerabilities, especially if the query involves any form of user-supplied input, even if such input is not immediately apparent in the static analysis. While the output escaping is reasonably good (67% properly escaped), the unescaped outputs could still pose a risk for cross-site scripting (XSS) if they handle user-controlled data. The lack of nonce checks and capability checks on any entry points, although zero in number, means that if any were introduced in future versions without proper checks, they would be inherently vulnerable.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and a well-protected attack surface, the unmitigated SQL query represents a critical weakness. Developers should prioritize addressing this by implementing prepared statements for all database interactions. Addressing the potential for XSS through improved output escaping and ensuring robust nonce and capability checks on any future additions to the plugin's entry points would further solidify its security.",[164,166,169,171],{"reason":165,"points":61},"SQL queries not using prepared statements",{"reason":167,"points":168},"Unescaped output present",5,{"reason":170,"points":168},"No nonce checks on entry points",{"reason":172,"points":168},"No capability checks on entry points","2026-03-17T06:45:22.890Z",{"wat":175,"direct":180},{"assetPaths":176,"generatorPatterns":177,"scriptPaths":178,"versionParams":179},[],[],[],[],{"cssClasses":181,"htmlComments":184,"htmlAttributes":185,"restEndpoints":186,"jsGlobals":187,"shortcodeOutput":188},[182,183],"notice","notice-error",[],[],[],[],[]]