[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvpF9uUriu7ygn8HLuVJOTMMnxuLM7zcgZVcD73fcZik":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":13,"download_link":20,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":128,"fingerprints":167},"vinvin-force-email","Vinvin Force Email","1.0.0.1","vinvin27","https:\u002F\u002Fprofiles.wordpress.org\u002Fvinvin27\u002F","\u003Cp>Vinvin Force Email is usefull for testing and development purposes. It force all email send from website to being send to one email.\u003Cbr \u002F>\nIt change the subject of mail adding the original email. You can setup the email into WordPress general settings.\u003Cbr \u002F>\nIm french \u003Ca href=\"https:\u002F\u002Fwww.vinvin.dev\u002Fdeveloppeur-wordpress-montreal\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> based in Montreal.\u003C\u002Fp>\n","Vinvin Force Email is usefull for testing and development purposes. It force all email send from website to being send to one email.",0,809,"","5.7.15","4.1","5.6",[18,19],"development","email","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvinvin-force-email.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},4,810,89,30,86,"2026-04-04T07:06:47.788Z",[33,51,73,90,109],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":21,"num_ratings":43,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":13,"tags":47,"homepage":48,"download_link":49,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":50},"stop-emails","Stop Emails","1.2.1","Sal Ferrarello","https:\u002F\u002Fprofiles.wordpress.org\u002Fsalcode\u002F","\u003Cp>Stops outgoing emails sent from WordPress.  This plugin stops\u003Cbr \u002F>\noutgoing emails generated by WordPress core, plugins, and themes.\u003Cbr \u002F>\nEmails sent using the \u003Ccode>wp_mail()\u003C\u002Fcode> function, will not be sent.\u003Cbr \u002F>\nIn the case where an author does not use the recommended \u003Ccode>wp_mail()\u003C\u002Fcode>\u003Cbr \u002F>\nfunction and instead sends the email using another mechanism, an email will\u003Cbr \u002F>\nstill be sent.\u003C\u002Fp>\n\u003Cp>This plugin allows you to suspend sending emails when doing development work.\u003Cbr \u002F>\nAny calls to \u003Ccode>wp_mail()\u003C\u002Fcode> will fail silently.  WordPress\u003Cbr \u002F>\nwill operate as if the email were sent successfully\u003Cbr \u002F>\nbut no email will actually be sent.\u003C\u002Fp>\n\u003Cp>On the admin menu page Settings > Stop Emails, there is the option\u003Cbr \u002F>\nto log all emails to the PHP error log.  By default this logging is\u003Cbr \u002F>\ndisabled.\u003C\u002Fp>\n\u003Cp>NOTE: If using the PHP \u003Ccode>mail()\u003C\u002Fcode> function directly, this\u003Cbr \u002F>\nplugin will NOT stop the emails.\u003C\u002Fp>\n\u003Cp>Built by \u003Ca href=\"http:\u002F\u002Fsalferrarello.com\u002F\" rel=\"nofollow ugc\">Sal Ferrarello\u003C\u002Fa> \u002F \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fsalcode\" rel=\"nofollow ugc\">@salcode\u003C\u002Fa>\u003C\u002Fp>\n","Stop all outgoing emails sent from WordPress.",5000,76809,12,"2026-01-13T02:08:00.000Z","6.9.4","3.6",[18,19],"http:\u002F\u002Fsalferrarello.com\u002Fstop-emails-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-emails.1.2.1.zip","2026-03-15T15:16:48.613Z",{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":21,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":13,"requires_php":13,"tags":64,"homepage":68,"download_link":69,"security_score":70,"vuln_count":71,"unpatched_count":11,"last_vuln_date":72,"fetched_at":50},"wp-reroute-email","WP Reroute Email","1.5.2","Sajjad Hossain","https:\u002F\u002Fprofiles.wordpress.org\u002Fmsh134\u002F","\u003Cp>This plugin intercepts all outgoing emails from a WordPress site, sent using the wp_mail() function, and reroutes them to a predefined configurable email address. This is useful in case where you do not want email sent from a WordPress site to reach the users. For an example, to resolve an issue you downloaded production database to your development site and you want no email is sent to production users when testing. You may enable this plugin in development server and reroute emails to your given email address.\u003C\u002Fp>\n\u003Cp>WP Reroute Email provides options for adding your own text or the recipients address at the bottom of the mail.\u003C\u002Fp>\n\u003Cp>You may also save a copy of the email to database and view them from the interface.\u003C\u002Fp>\n\u003Cp>Now, you will be able to disable rerouting based on the subject texts.\u003C\u002Fp>\n","This plugin reroutes all outgoing emails from a WordPress site (sent using the wp_mail() function) to a predefined configurable email address.",1000,28119,9,"2025-07-06T06:59:00.000Z","6.8.5",[65,66,19,67],"developer-tool","development-server","mail","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-reroute-email\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-reroute-email.1.5.2.zip",98,3,"2023-07-05 00:00:00",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":11,"num_ratings":11,"last_updated":83,"tested_up_to":63,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":13,"download_link":89,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":50},"test-email-redirector","Test Email Redirector","1.3.3","Zaib Makda","https:\u002F\u002Fprofiles.wordpress.org\u002Fconnectzaib\u002F","\u003Cp>The Test Email Redirector ensures no accidental emails reach real users during WordPress development, staging, or testing. Redirect’s all outgoing emails to a designated test address. Additional features include optional CC\u002FBCC addresses and the ability to include original recipient information in the forwarded email.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Redirect all outgoing emails to a test email address.\u003Cbr \u002F>\n– Add optional CC and BCC addresses.\u003Cbr \u002F>\n– Include original recipient information in the forwarded email.\u003Cbr \u002F>\n– Enable or disable email redirection without deactivating the plugin.\u003Cbr \u002F>\n– Fully configurable via the WordPress admin Tools menu.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">License URI\u003C\u002Fa> for details.\u003C\u002Fp>\n","Redirects all outgoing WordPress emails to a specified test address for development and testing purposes.",60,534,"2025-08-01T09:59:00.000Z","5.0","7.2",[18,19,87,88],"forward","testing","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftest-email-redirector.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":21,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":13,"tags":104,"homepage":106,"download_link":107,"security_score":108,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":50},"email-cop","Email Cop","0.1.1","Ashish Kumar (Ashfame)","https:\u002F\u002Fprofiles.wordpress.org\u002Fashfame\u002F","\u003Cp>Prevents WordPress from sending out emails and save them so that you can preview them without actually having to send them. Best for checking or designing emails in development environment.\u003C\u002Fp>\n\u003Cp>Please report any issues directly to Github repo – https:\u002F\u002Fgithub.com\u002Fashfame\u002Femail-cop\u002F\u003C\u002Fp>\n\u003Cp>Pull requests are welcome 🙂\u003C\u002Fp>\n\u003Cp>Icon Credit: Cop icon – http:\u002F\u002Fwww.aha-soft.com\u002F\u003C\u002Fp>\n","Prevents WordPress from sending out emails and save them so that you can preview them without actually having to send them.",20,3293,2,"2019-11-05T17:32:00.000Z","5.2.24","3.0.1",[18,19,105],"tools","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-cop\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-cop.zip",85,{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":11,"num_ratings":11,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":13,"tags":122,"homepage":126,"download_link":127,"security_score":108,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":50},"mail-debug","Mail Debug","1.4","Ben","https:\u002F\u002Fprofiles.wordpress.org\u002Fbforchhammer\u002F","\u003Cp>This plugin when activated automatically redirects all email sent through wp_mail\u002Fphpmailer to the user currently logged in or the site administrator.\u003C\u002Fp>\n\u003Cp>The redirected email contains information about where the original email would have been sent to.\u003C\u002Fp>\n\u003Cp>Use this plugin if you want to test email-sending features without actually sending emails our to anyone but yourself. I wrote this plugin to ease debugging with subscribe2.\u003C\u002Fp>\n\u003Cp>Since Version 1.2 you can choose whether to redirect all email to the currently logged in user (default), the site administrator (only wpmu) or the blog administrator.\u003C\u002Fp>\n","Redirects all email sent through wordpress to the user currently logged in or the site administrator.",10,4253,"2010-07-20T15:01:00.000Z","2.7.1","2.7",[123,18,19,124,125],"debug","phpmailer","wp_mail","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmail-debug\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmail-debug.1.4.zip",{"attackSurface":129,"codeSignals":144,"taintFlows":155,"riskAssessment":156,"analyzedAt":166},{"hooks":130,"ajaxHandlers":140,"restRoutes":141,"shortcodes":142,"cronEvents":143,"entryPointCount":11,"unprotectedCount":11},[131,136],{"type":132,"name":125,"callback":133,"file":134,"line":135},"action","vinvin_force_email_send","vinvin-force-email.php",13,{"type":132,"name":137,"callback":138,"file":134,"line":139},"admin_init","vinvin_force_email_send_settings",24,[],[],[],[],{"dangerousFunctions":145,"sqlUsage":146,"outputEscaping":148,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":154},[],{"prepared":11,"raw":11,"locations":147},[],{"escaped":11,"rawEcho":149,"locations":150},1,[151],{"file":134,"line":152,"context":153},43,"raw output",[],[],{"summary":157,"deductions":158},"The plugin \"vinvin-force-email\" v1.0.0.1 exhibits a mixed security posture.  On one hand, the static analysis reveals a remarkably small attack surface, with no AJAX handlers, REST API routes, shortcodes, or cron events.  Furthermore, there are no identified dangerous functions, file operations, or external HTTP requests.  The plugin also fully utilizes prepared statements for its SQL queries, which is a strong security practice.  However, a significant concern arises from the output escaping.  With 100% of its outputs unescaped, this presents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities if any user-controlled data is directly outputted to the browser without sanitization.\n\nThe vulnerability history for this plugin is clean, with no recorded CVEs. This, combined with the absence of critical taint flows and dangerous functions in the static analysis, suggests a generally well-written codebase in terms of avoiding common exploitable patterns.  The lack of nonce and capability checks is noted, but given the extremely limited attack surface and absence of AJAX\u002FREST endpoints that would typically require these, the immediate risk is mitigated. The primary and most pressing weakness identified is the unescaped output, which could allow attackers to inject malicious scripts into the WordPress site. Overall, the plugin demonstrates good practices in its limited scope but has a critical flaw in output handling that requires immediate attention.",[159,162,164],{"reason":160,"points":161},"All outputs are unescaped",8,{"reason":163,"points":100},"Missing nonce checks",{"reason":165,"points":100},"Missing capability checks","2026-03-17T05:54:08.419Z",{"wat":168,"direct":174},{"assetPaths":169,"generatorPatterns":171,"scriptPaths":172,"versionParams":173},[170],"\u002Fwp-content\u002Fplugins\u002Fvinvin-force-email\u002Fvinvin-force-email.php",[],[],[],{"cssClasses":175,"htmlComments":178,"htmlAttributes":179,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":187},[176,177],"regular-text","ltr",[],[180,181,182,183,184],"placeholder","type","id","name","value",[],[],[]]