[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBGRSg4k-y7ZuoK8vhs3AZWofdkxnCMptGTUDLhZEPkQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":142,"fingerprints":179},"where","Where","1.0.1","Brad Parbs","https:\u002F\u002Fprofiles.wordpress.org\u002Fbradparbs\u002F","\u003Cp>Display your WordPress site’s environment type in the admin bar.\u003C\u002Fp>\n\u003Ch3>Available Filters\u003C\u002Fh3>\n\u003Cp>‘where_env_should_add_env_type’ – Defaults to true if the user is an admin and the admin bar is showing. Filter this to allow different roles to view as well.\u003Cbr \u002F>\n‘where_env_environment_type’ – Modify the environment type. You’ll also need to use this filter if you’re running an older version of WP that doesn’t have the ‘get_environment_type’ function.\u003Cbr \u002F>\n‘where_env_styles’ – An array of colors\u002Ficons to use for the different environment types.\u003C\u002Fp>\n","A WordPress plugin to display your site's environment type in the admin bar.",0,2888,100,1,"2021-08-26T01:23:00.000Z","5.8.13","5.2","5.6",[20,21,22,23,24],"admin","dev-tools","development-tools","environment","profile","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhere.1.0.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"bradparbs",16,3240,88,30,86,"2026-04-04T11:01:09.024Z",[40,64,84,106,124],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":25,"tags":55,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":11,"last_vuln_date":63,"fetched_at":29},"extra-user-details","Extra User Details","0.5.3","Vadym","https:\u002F\u002Fprofiles.wordpress.org\u002Fvadimk\u002F","\u003Cp>Extra User Details is the simple plugin that allows you to add extra fields to the user profile page (e.g. Facebook, Twitter, LinkedIn links etc).\u003C\u002Fp>\n\u003Cp>Extra fields can be easily accessed in your templates like a general wordpress author details:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php the_author_meta('meta_key'); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Plugin saves fields data in wp_usermeta table. You can add and edit extra fields at plugin options section in backend.\u003C\u002Fp>\n","Add extra fields to the user profile page, saved in WordPress' native way (in wp_usermeta).",1000,61124,94,10,"2024-10-12T23:08:00.000Z","6.6.5","3.3",[20,56,57,24,58],"fields","links","social","https:\u002F\u002Fvadimk.com\u002Fwordpress-plugins\u002Fextra-user-details\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fextra-user-details.0.5.3.zip",91,2,"2023-06-19 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":48,"downloaded":72,"rating":50,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":25,"tags":77,"homepage":82,"download_link":83,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29},"many-tips-together","Admin Tweaks","3.3.3","brasofilo","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrasofilo\u002F","\u003Cp>With Admin Tweaks you’ll be able to simplify and make \u003Cstrong>deep customizations\u003C\u002Fstrong> in the administrative interface.\u003Cbr \u002F>\nIt’s a compilation of hooks for enhancing, styling and reducing WordPress backend.\u003C\u002Fp>\n\u003Cp>Do you like to adjust and style the backend as much as the frontend?\u003Cbr \u002F>\nSo, we are together!\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Admin Bar: remove, add and modify menu items.\u003C\u002Fli>\n\u003Cli>Admin Menus: remove menu and submenu items; sort Settings menu; rename “Posts”.\u003C\u002Fli>\n\u003Cli>Appearance: hide general elements; create admin notices.\u003C\u002Fli>\n\u003Cli>Dashboard: remove and add widgets.\u003C\u002Fli>\n\u003Cli>General Settings: enable arcane Link Manager; privacy; other misc options.\u003C\u002Fli>\n\u003Cli>Listings: customize rows and columns for post types, users and plugins.\u003C\u002Fli>\n\u003Cli>Media: custom columns; re-attachment; sanitize filenames; jpeg quality; audio\u002Fphoto\u002Fvideo metadata.\u003C\u002Fli>\n\u003Cli>Plugins: many row modifications; live filter by keyword\u002Factive\u002Finactive; move plugins menus from the main menu into the Tools menu (Code Snippets, The SEO Framework, Hide Admin Notices).\u003C\u002Fli>\n\u003Cli>User Profile: remove almost everything; add custom CSS.\u003C\u002Fli>\n\u003Cli>Login: redirects; errors; modify almost everything; add custom CSS.\u003C\u002Fli>\n\u003Cli>Maintenance Mode: with minimum Role allowed and possibility to block only the backend.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Acknowledgments\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Everything changed after \u003Ca href=\"https:\u002F\u002Fwordpress.stackexchange.com\u002F\" rel=\"nofollow ugc\">WordPress Stack Exchange\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Plugin interface using @bainternet’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbainternet\u002FAdmin-Page-Class\" rel=\"nofollow ugc\">Admin Page Class\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>CSS for hiding help texts adapted from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-expert-mode\u002F\" rel=\"ugc\">Admin Expert Mode\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Everything started with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadminimize\u002F\" rel=\"ugc\">Adminimize\u003C\u002Fa>, by Frank Büeltge, which does an awesome job hiding WordPress elements, but I wanted more, and these are some of the great resources where I found many snippets: \u003Ca href=\"https:\u002F\u002Fwordpress.stackexchange.com\u002Fquestions\u002F1567\u002Fbest-collection-of-code-for-your-functions-php-file\" rel=\"nofollow ugc\">Stack Exchange\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwpengineer.com\" rel=\"nofollow ugc\">WPengineer\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\" rel=\"nofollow ugc\">wpbeginner\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fcss-tricks.com\" rel=\"nofollow ugc\">CSS-TRICKS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwp.smashingmagazine.com\" rel=\"nofollow ugc\">Smashing Magazine\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fjustintadlock.com\" rel=\"nofollow ugc\">Justin Tadlock\u003C\u002Fa>…\u003C\u002Fli>\n\u003Cli>The option to hide the help texts from many areas of WordPress uses the CSS file of the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-expert-mode\u002F\" rel=\"ugc\">Admin Expert Mode\u003C\u002Fa>, by Scott Reilly.\u003C\u002Fli>\n\u003C\u002Ful>\n","Customize various aspects of WordPress backend. Create a clean and easier admin area for the users.",42635,33,"2025-04-16T19:44:00.000Z","6.8.5","5.0",[78,79,80,81,24],"admin-interface","customize","login","maintenance-mode","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmany-tips-together","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmany-tips-together.3.3.3.zip",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":13,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":103,"download_link":104,"security_score":13,"vuln_count":14,"unpatched_count":11,"last_vuln_date":105,"fetched_at":29},"contextual-adminbar-color","Contextual Adminbar Color","0.3.1","Jb Audras","https:\u002F\u002Fprofiles.wordpress.org\u002Faudrasjb\u002F","\u003Cp>This plugins provides custom admin bar colors to differentiate environments (staging, preprod, production). It’s really \u003Cstrong>easy to use\u003C\u002Fstrong> and \u003Cstrong>developer-friendly\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The plugin provides a settings screen which several options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>choose between several color predefined schemes.\u003C\u002Fli>\n\u003Cli>use a favicon to better differentiate your environments in your browser’s tabs.\u003C\u002Fli>\n\u003Cli>add a custom message in your admin bar, like “Production website”, “staging version” or whatever your want.\u003C\u002Fli>\n\u003Cli>choose the user roles that will see the color scheme (other roles will see the default admin bar).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It also offers few PHP constants you can use in your \u003Ccode>wp-config.php\u003C\u002Fcode> file (see Frequently Asked Questions below).\u003C\u002Fp>\n\u003Cp>Since WordPress Core will probably deprecate alternate admin color schemes in mid-term, this plugin is meant to be use by those who rely on colors to know is they are in staging, preproduction or production environment.\u003C\u002Fp>\n\u003Cp>Last but not least, all provided color schemes are accessibility-ready!\u003C\u002Fp>\n","Use custom admin bar colors and favicons to differentiate your environments (staging\u002Fprod)",500,9418,8,"2025-11-27T08:50:00.000Z","6.9.4","5.4",[99,100,23,101,102],"adminbar","color","preprod","scheme","https:\u002F\u002Fjeanbaptisteaudras.com\u002Fen\u002Fcontextual-adminbar-color-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontextual-adminbar-color.0.3.1.zip","2020-01-17 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":92,"downloaded":114,"rating":115,"num_ratings":116,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":25,"tags":120,"homepage":25,"download_link":123,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29},"expire-passwords","Expire Passwords","0.6.0","Frankie Jarrett","https:\u002F\u002Fprofiles.wordpress.org\u002Ffjarrett\u002F","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fexpire-passwords\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Harden the security of your site by preventing unauthorized access to stale user accounts.\u003C\u002Fp>\n\u003Cp>This plugin is also ideal for sites needing to meet certain industry security compliances – such as government, banking or healthcare.\u003C\u002Fp>\n\u003Cp>In the plugin settings you can set the maximum number of days users are allowed to use the same password (90 days by default), as well as which user roles will be required to reset their passwords regularly (non-Administrators by default).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Czech\u003C\u002Fli>\n\u003Cli>Español\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fexpire-passwords\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fexpire-passwords\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Require certain users to change their passwords on a regular basis.",26466,98,9,"2017-01-05T15:45:00.000Z","4.7.32","4.0",[20,80,121,122,24],"membership","passwords","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-passwords.0.6.0.zip",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":13,"num_ratings":62,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":25,"tags":137,"homepage":25,"download_link":141,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29},"buddypress-admin-only-profile-fields","BuddyPress Admin Only Profile Fields","1.2","A5hleyRich","https:\u002F\u002Fprofiles.wordpress.org\u002Fa5hleyrich\u002F","\u003Cp>Easily set the visibility of BuddyPress profile fields to hidden, allowing only admin users to edit and view them.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GitHub\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you would like to contribute to the plugin, you can do so on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FA5hleyRich\u002FBuddyPress-Admin-Only-Profile-Fields\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Easily set the visibility of BuddyPress profile fields to hidden, allowing only admin users to edit and view them.",200,7208,"2015-11-03T21:00:00.000Z","4.3.34","4.3.1",[20,138,139,140,24],"buddypress","field","hidden","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-admin-only-profile-fields.1.2.zip",{"attackSurface":143,"codeSignals":164,"taintFlows":171,"riskAssessment":172,"analyzedAt":178},{"hooks":144,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":11,"unprotectedCount":11},[145,151,154,157],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","init","anonymous","where.php",17,{"type":146,"name":152,"callback":148,"file":149,"line":153},"admin_bar_menu",24,{"type":146,"name":155,"callback":148,"file":149,"line":156},"admin_enqueue_scripts",25,{"type":146,"name":158,"callback":148,"file":149,"line":159},"wp_enqueue_scripts",26,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":166,"outputEscaping":168,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":14,"bundledLibraries":170},[],{"prepared":11,"raw":11,"locations":167},[],{"escaped":11,"rawEcho":11,"locations":169},[],[],[],{"summary":173,"deductions":174},"The \"where\" plugin v1.0.1 exhibits a strong security posture based on the provided static analysis. The plugin impressively demonstrates adherence to best practices with no identified dangerous functions, all SQL queries utilizing prepared statements, and 100% of output properly escaped. Furthermore, the absence of file operations and external HTTP requests minimizes potential attack vectors.  The plugin also boasts a clean vulnerability history with no known CVEs, suggesting a consistent commitment to security by its developers.\n\nHowever, the analysis also reveals a potential area for improvement.  The lack of any identified AJAX handlers, REST API routes, shortcodes, or cron events, while contributing to a minimal attack surface, could indicate a plugin with limited functionality or one that relies on external integration methods not captured in this analysis.  The single capability check is positive, but the absence of explicit nonce checks on any entry points (though there are no entry points identified) is a minor concern. Overall, the plugin is currently very secure, but a deeper dive into its actual functionality and integration methods would be beneficial to confirm the lack of latent vulnerabilities.",[175],{"reason":176,"points":177},"No identified nonce checks on entry points",5,"2026-03-17T07:16:08.204Z",{"wat":180,"direct":185},{"assetPaths":181,"generatorPatterns":182,"scriptPaths":183,"versionParams":184},[],[],[],[],{"cssClasses":186,"htmlComments":188,"htmlAttributes":189,"restEndpoints":190,"jsGlobals":191,"shortcodeOutput":192},[187],"wp-admin-bar-where",[],[],[],[],[]]