[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0qP8-lo2CZnmRTtlCM8pqBQdQoN21Fu6clprAfdLCdE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":140,"fingerprints":223},"what-should-we-write-about-next","What should we write about next","1.0","Vladimir Prelovac","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreediver\u002F","\u003Cp>The idea behind this plugin is very simple – allow your visitors to leave a quick feedback about what would they want to read next on your site.\u003C\u002Fp>\n\u003Cp>This improves interaction, gives you topic ideas and makes your visitors feel useful. It’s a win-win plugin.\u003C\u002Fp>\n\u003Cp>Created by \u003Ca href=\"http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\" rel=\"nofollow ugc\">Vladimir Prelovac\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This file is part of What should we write about next.\u003C\u002Fp>\n\u003Cp>What should we write about next is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>What should we write about next is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with What should we write about next. If not, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","What should we write about next allows your users to quickly leave feedback at the end of your posts.",10,4685,0,"2014-12-22T13:59:00.000Z","4.2.39","2.5","",[19,20,21,22,23],"admin","dashboard","jquery","plugins","widget","http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\u002Fwordpress-plugins\u002Fwhat-should-we-write-about-next","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-should-we-write-about-next.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"freediver",20,1029680,87,2577,70,"2026-04-04T06:26:51.083Z",[39,52,76,100,122],{"slug":40,"name":41,"version":42,"author":7,"author_profile":8,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":32,"num_ratings":46,"last_updated":17,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":47,"homepage":48,"download_link":49,"security_score":50,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":51},"wp-quick-deploy","WP Quick Deploy","1.2.1","\u003Cp>WP Quick Deploy allows you to pick your favorite plugins and install them at once without hassle.\u003C\u002Fp>\n\u003Cp>WP Quick Deploy is one of the easiest ways to get many of the top plugins loaded after a fresh install of WordPress. There’s no need to manually hunt for them again, you can simply install them in bulk.\u003C\u002Fp>\n\u003Cp>It also allows you to activate\u002Fdeactivate, delete and update your plugins. Everything in one plugin!\u003C\u002Fp>\n\u003Cp>Check also  \u003Ca href=\"https:\u002F\u002Fmanagewp.org\u002Fplugins\u002Fbest\" rel=\"nofollow ugc\">Plugin discovery tool\u003C\u002Fa> on ManageWP.org.\u003C\u002Fp>\n\u003Cp>Created by \u003Ca href=\"http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\" rel=\"nofollow ugc\">Vladimir Prelovac\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This file is part of WP Quick Deploy.\u003C\u002Fp>\n\u003Cp>WP Quick Deploy is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>WP Quick Deploy is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with WP Quick Deploy. If not, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","WP Quick Deploy allows you to pick your favorite plugins and install them at once without hassle.",7898,1,[19,20,21,22,23],"http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\u002Fwordpress-plugins\u002Fwp-quick-deploy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quick-deploy.zip",100,"2026-03-15T14:44:11.924Z",{"slug":53,"name":54,"version":6,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":11,"downloaded":59,"rating":50,"num_ratings":46,"last_updated":60,"tested_up_to":61,"requires_at_least":62,"requires_php":17,"tags":63,"homepage":74,"download_link":75,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"admin-menu-slide","Admin Menu Slide","Maciej Krawczyk","https:\u002F\u002Fprofiles.wordpress.org\u002Fhelium-3\u002F","\u003Cp>Admin Menu Slide is a simple plugin that adds a feature to hide admin menu and make it slide when hovering on the edge of the screen. Works exactly like WordPress collapse menu – you can toggle the feature on\u002Foff by clicking a button, which is at the bottom of admin menu. When enabled, admin pages have full screen width.\u003C\u002Fp>\n","Adds a feature to hide admin menu and make it slide when hovering on the edge of the screen.",2382,"2015-07-30T13:50:00.000Z","4.3.34","3.8",[19,64,65,20,66,67,21,68,69,70,71,72,22,73],"administration","backend","free","javascript","menu","mobile","navigation","page","performance","sidebar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-menu-slide","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-menu-slide.1.0.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":98,"vuln_count":46,"unpatched_count":13,"last_vuln_date":99,"fetched_at":28},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",20000,631204,86,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5","7.4",[19,64,93,94,95],"dashboard-widget","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,"2019-02-25 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":91,"tags":115,"homepage":119,"download_link":120,"security_score":121,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-widget-disable","Widget Disable","3.0.1","required","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearerequired\u002F","\u003Cp>This simple plugin allows you to disable any sidebar and dashboard widget for the current WordPress site you are on. It provides a simple user interface available to users with \u003Ccode>edit_theme_options\u003C\u002Fcode> capabilities (usually Administrator role) available under Appearance -> Disable Widgets.\u003Cbr \u002F>\nAfter saving the settings, the sidebar and dashboard widgets are removed from and the user can’t see those widgets anymore.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer? Get to know the hooks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Have a look at the filters we provide:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_widget_disable_default_sidebar_widgets\u003C\u002Fcode> – Allows you to exclude certain sidebar widgets from being disabled.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_widget_disable_default_dashboard_widgets\u003C\u002Fcode> – Allows you to exclude certain dashboard widgets from being disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Contributions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you would like to contribute to this plugin, report an issue or anything like that, please note that we develop this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwearerequired\u002FWP-Widget-Disable\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Frequired.com\u002F\" title=\"Team of experienced web professionals from Switzerland & Germany\" rel=\"nofollow ugc\">required\u003C\u002Fa>\u003C\u002Fp>\n","Disable sidebar and dashboard widgets with an easy to use interface.",10000,185111,96,24,"2024-11-18T13:40:00.000Z","6.7.5","6.0",[19,20,116,117,118],"dashboard-widgets","sidebar-widgets","widgets","https:\u002F\u002Frequired.com\u002Fservices\u002Fwordpress-plugins\u002Fwp-widget-disable\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-widget-disable.3.0.1.zip",92,{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":11,"last_updated":133,"tested_up_to":89,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":138,"download_link":139,"security_score":50,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"server-info","Server Info","0.0.1","Usman Ali Qureshi","https:\u002F\u002Fprofiles.wordpress.org\u002Fusmanaliqureshi\u002F","\u003Cp>This plugin will show you useful information about the hosting server you are using e.g. PHP version, MySQL version, Server OS, Server Protocol, Server IP and other useful information. You can use the information displayed by this plugin to update any settings which is crucial for your website performance and other aspects.\u003C\u002Fp>\n\u003Cp>You will see the information about:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP Version\u003C\u002Fli>\n\u003Cli>Operating System\u003C\u002Fli>\n\u003Cli>Server IP\u003C\u002Fli>\n\u003Cli>Server Hostname\u003C\u002Fli>\n\u003Cli>MySQL Version\u003C\u002Fli>\n\u003Cli>System Uptime\u003C\u002Fli>\n\u003Cli>Active Theme\u003C\u002Fli>\n\u003Cli>Active Plugins\u003C\u002Fli>\n\u003Cli>Database Name\u003C\u002Fli>\n\u003Cli>Database Username\u003C\u002Fli>\n\u003Cli>Database Hostname\u003C\u002Fli>\n\u003Cli>Database Charset\u003C\u002Fli>\n\u003Cli>Database Collate\u003C\u002Fli>\n\u003Cli>WordPress Debugging (Enabled\u002FDisabled)\u003C\u002Fli>\n\u003Cli>WordPress Memory Limit\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please rate the Plugin if you find it useful, thanks.\u003C\u002Fp>\n","This plugin will show you very useful information about your hosting server such as PHP version, Server OS, Server IP etc.",3000,56532,72,"2025-05-19T05:40:00.000Z","5.2","7.3",[19,20,123,137,23],"server-status","https:\u002F\u002Fgithub.com\u002Fusmanaliqureshi\u002Fserver-info","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fserver-info.zip",{"attackSurface":141,"codeSignals":161,"taintFlows":178,"riskAssessment":213,"analyzedAt":222},{"hooks":142,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":13,"unprotectedCount":13},[143,149,153],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","admin_menu","mwp_quick_feedback_add_options","mwp-quick-feedback.php",12,{"type":150,"name":151,"callback":152,"file":147,"line":87},"filter","the_content","mwp_quick_feedback_form_content",{"type":144,"name":154,"callback":155,"file":147,"line":156},"wp_enqueue_scripts","mwp_quick_feedback_scripts",81,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":13,"externalRequests":13,"nonceChecks":46,"capabilityChecks":13,"bundledLibraries":177},[],{"prepared":13,"raw":13,"locations":164},[],{"escaped":13,"rawEcho":166,"locations":167},4,[168,171,173,175],{"file":147,"line":169,"context":170},33,"raw output",{"file":147,"line":172,"context":170},34,{"file":147,"line":174,"context":170},35,{"file":147,"line":176,"context":170},36,[],[179,203],{"entryPoint":180,"graph":181,"unsanitizedCount":46,"severity":202},"mwp_quick_feedback_options_page (mwp-quick-feedback.php:17)",{"nodes":182,"edges":198},[183,188,192],{"id":184,"type":185,"label":186,"file":147,"line":187},"n0","source","$_POST",21,{"id":189,"type":190,"label":191,"file":147,"line":187},"n1","transform","→ mwp_quick_feedback_save_options()",{"id":193,"type":194,"label":195,"file":147,"line":196,"wp_function":197},"n2","sink","update_option() [Settings Manipulation]",45,"update_option",[199,201],{"from":184,"to":189,"sanitized":200},false,{"from":189,"to":193,"sanitized":200},"low",{"entryPoint":204,"graph":205,"unsanitizedCount":46,"severity":202},"\u003Cmwp-quick-feedback> (mwp-quick-feedback.php:0)",{"nodes":206,"edges":210},[207,208,209],{"id":184,"type":185,"label":186,"file":147,"line":187},{"id":189,"type":190,"label":191,"file":147,"line":187},{"id":193,"type":194,"label":195,"file":147,"line":196,"wp_function":197},[211,212],{"from":184,"to":189,"sanitized":200},{"from":189,"to":193,"sanitized":200},{"summary":214,"deductions":215},"The \"what-should-we-write-about-next\" v1.0 plugin exhibits a seemingly secure initial posture with no identified vulnerabilities in its history and a clean bill of health regarding dangerous functions and external requests. The static analysis also reports zero AJAX handlers, REST API routes, shortcodes, or cron events, indicating a minimal attack surface and no unprotected entry points. Furthermore, all SQL queries are reported to use prepared statements, which is a strong security practice. However, a significant concern arises from the output escaping analysis, where 100% of the four identified output points are not properly escaped. This suggests a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, as unsanitized output can be exploited by attackers to inject malicious scripts into web pages viewed by other users. The taint analysis, while showing only two flows, indicates that these flows have unsanitized paths, further corroborating the XSS risk. The plugin's vulnerability history being entirely clean is a positive indicator of past development diligence, but it doesn't negate the immediate risks presented by the current code's output handling flaws. In conclusion, while the plugin demonstrates good practices in areas like SQL sanitization and a controlled attack surface, the complete lack of output escaping is a critical weakness that must be addressed to prevent XSS attacks.",[216,219],{"reason":217,"points":218},"All outputs are unescaped",8,{"reason":220,"points":221},"Taint flows with unsanitized paths",6,"2026-03-17T00:29:59.959Z",{"wat":224,"direct":233},{"assetPaths":225,"generatorPatterns":228,"scriptPaths":229,"versionParams":230},[226,227],"\u002Fwp-content\u002Fplugins\u002Fwhat-should-we-write-about-next\u002Fmwp-quick-feedback.css","\u002Fwp-content\u002Fplugins\u002Fwhat-should-we-write-about-next\u002Fmwp-quick-feedback.js",[],[227],[231,232],"what-should-we-write-about-next\u002Fmwp-quick-feedback.css?ver=","what-should-we-write-about-next\u002Fmwp-quick-feedback.js?ver=",{"cssClasses":234,"htmlComments":239,"htmlAttributes":240,"restEndpoints":242,"jsGlobals":243,"shortcodeOutput":245},[235,236,237,238],"mwp-quick-feedback-form","shadow3","mwp-quick-feedback-result","feedback_title",[],[241],"id=\"mwp-quick-feedback-form\"",[],[244],"mwp_qf_params",[]]