[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHG_6OHZ0Jqlv4-cVoqaEOTCbZ76653JQTReG2ShkgtM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":34,"analysis":111,"fingerprints":211},"wishlist-member-api-testing","Wishlist Member API Testing","1.0.4","HappyPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fhappyplugins\u002F","\u003Cp>Wishlist Member API Testing allows you to check if your connection to Wishlist Member plugin internal & external API is working correctly in real time.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why would I want to test the API connection?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Here are only few of the reasons you would want to check your website’s connection to Wishlist Member’s API:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>To make sure Wishlist Member API is working and functioning correctly\u003C\u002Fli>\n\u003Cli>API connection error will make the 3rd party plugins not to work\u003C\u002Fli>\n\u003Cli>Shorten the time to troubleshoot any issues and problems with caused by Wishlist Member API problems.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How Wishlist Member API Testing plugin works?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Wishlist Member is required in order to use Wishlist Member API Testing plugin.\u003Cbr \u002F>\nHere are the steps to using Wishlist Member API Testing plugin:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Download the plugin from WordPress.org\u003C\u002Fli>\n\u003Cli>Install and activate it on your Wishlist Member membership site\u003C\u002Fli>\n\u003Cli>Go to the Tools menu > Wishlist Member API Testing\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Why Wishlist Member API sometimes do not work?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Wishlist Member external API is calling a specific URL that’s designed by Wishlist Member to accept API requests.\u003Cbr \u002F>In order not to accept just any request Wishlist Member need to authenticate the API call using the Wishlist Member API Key (which is defined in the Wishlist Member settings).\u003Cbr \u002F>After the API connection is established and authenticated an API request can be made.\u003C\u002Fp>\n\u003Cp>The Wishlist Member API call can fail from the main following reasons:\u003C\u002Fp>\n\u003Col>\n\u003Cli>The API was not authenticated correctly.\u003C\u002Fli>\n\u003Cli>The API call is getting a result from the cache and only the first API call succeed and all the following calls will fail.\u003C\u002Fli>\n\u003Cli>Plugin conflict with caching or security plugins that are installed on the WordPress installation or on your server. These plugins prevent  the URL call and cause the API request to fail.\u003C\u002Fli>\n\u003Cli>Server or PHP settings that prevent the API from being authenticated correctly.\u003C\u002Fli>\n\u003Cli>DNS servers or CDN services than can cache or redirect the API URL to an incorrect URL, causing the Wishlist Member API not to be authenticated correctly and fail.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>These are only few of the reasons that can cause a problem. Because it’s impossible to predict the results or isolate the cause in all cases we have created this plugin which identify that there is some kind of  problem with the Wishlist Member external API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Who is behind Wishlist Member API Testing plugin?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Wishlist Member API Testing was developed by \u003Ca href=\"https:\u002F\u002Fhappyplugins.com\u002Fdownloads\u002Fcategory\u002Fwishlist-member\u002F?utm_source=wordpress-repository&utm_medium=wlm-api-testing&utm_campaign=WishlistMemberCategory\" rel=\"nofollow ugc\">HappyPlugins\u003C\u002Fa> Company that developed hundreds of plugins for the Wishlist Member platform, both commercial and non-commercial.\u003Cbr \u002F>\nAll of our developers are Wishlist Member certified and are familiar with the Wishlist Member code and API from inside out.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Recommended Resources:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fhappyplugins.com\u002Fdownloads\u002Fcategory\u002Fwishlist-member\u002F?utm_source=wordpress-repository&utm_medium=wlm-api-testing&utm_campaign=WishlistMemberCategory\" rel=\"nofollow ugc\">HappyPlugins.com\u002FWishlist-Member\u003C\u002Fa> – Wishlist Member Dedicated Plugins\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwishlistmemberplugins.net\u002Fwishlist-member-tips-list\" rel=\"nofollow ugc\">WishlistMemberPlugins.net\u003C\u002Fa> – Our Free Wishlist Member Tips Series\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwishlistmemberdevelopers.com\" rel=\"nofollow ugc\">WishlistMemberDevelopers.com\u003C\u002Fa> – Services for Wishlist Member Users\u003C\u002Fp>\n","Test Wishlist Member API on your server",10,1675,0,"","4.4.34","4.4",[18,19],"membership-platforms","wishlist-member","https:\u002F\u002Fhappyplugins.com\u002Fdownloads\u002Fwishlist-member-easy-digital-downloads-plus\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwishlist-member-api-testing.1.0.4.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"happyplugins",6,2060,88,30,86,"2026-04-05T02:59:32.526Z",[35,58,74,91],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":22,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":14,"tags":49,"homepage":52,"download_link":53,"security_score":54,"vuln_count":55,"unpatched_count":13,"last_vuln_date":56,"fetched_at":57},"better-wlm-api","Better WishList API","1.1.5","rickonline_nl","https:\u002F\u002Fprofiles.wordpress.org\u002Frickonline_nl\u002F","\u003Cp>A better version of the WishList Member API. Created to make the connection to external services like ActiveCampaign and Autorespond a lot easier. Also gives option to send email notifications after succesfully adding an user through the API.\u003C\u002Fp>\n\u003Cp>This version is currently only available in the Dutch language. A translation to English is in the works.\u003C\u002Fp>\n\u003Cp>With this plugin you have the option to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force the API to check if the user already exists. With the original Simple WLM API in combination with an external service, the user is often not recognized as existing user. As a result, the Autoresponder tries to add a new user, which will fail. Better WishList API will check if the user exists, and, if so, overrules the Autoresponder’s request to create a new user. Instead, it will add the level to the existing user.\u003C\u002Fli>\n\u003Cli>Get notifications by email of added users and levels. This way you don’t have to check if a transaction completed succesfully.\u003C\u002Fli>\n\u003Cli>Also register your user’s first name and last name. The original Simple WLM API is not able to handle the user’s name\u003C\u002Fli>\n\u003Cli>Log requests and see the results\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin also gives you detailed instructions how to use the API in conjunction with Autorespond en ActiveCampaign.\u003C\u002Fp>\n","A better version of the WishList Member API. Created to make the connection to external services like ActiveCampaign and Autorespond a lot easier.",200,14127,1,"2025-03-08T12:50:00.000Z","6.7.5","4.0",[50,51,19],"api","autorespond","http:\u002F\u002Fwww.bureauram.nl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-wlm-api.1.1.5.zip",90,2,"2025-03-27 00:00:00","2026-03-15T15:16:48.613Z",{"slug":59,"name":60,"version":61,"author":7,"author_profile":8,"description":62,"short_description":63,"active_installs":11,"downloaded":64,"rating":13,"num_ratings":13,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":14,"tags":68,"homepage":71,"download_link":72,"security_score":73,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":57},"wishlist-auto-protect","Wishlist Member AutoProtect","1.1.0","\u003Cp>\u003Ca href=\"happyplugins.com\" rel=\"nofollow ugc\">HappyPlugins\u003C\u002Fa> present \u003Ca href=\"http:\u002F\u002Fwlmp.info\u002Fwlm\" rel=\"nofollow ugc\">Wishlist Member\u003C\u002Fa> Auto Protect plugin.\u003C\u002Fp>\n\u003Cp>Wishlist AutoProtect is a Wishlist Member plugin that will give you the ability to protect your content in an automated way.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FnHW4qbVP5og?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwishlistautoprotect.com\" rel=\"nofollow ugc\">Wishlist AutoProtect\u003C\u002Fa> plugin works Wishlist member plugin an automation to the protection process.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cp>Protect content automatically after specific number of days that you define\u003Cbr \u002F>\nProtect your content at a specific date and time\u003Cbr \u002F>\nMove your content between protection levels automatically\u003Cbr \u002F>\nSupport multiple level selections\u003Cbr \u002F>\nFull integration with Wishlist Members Levels\u003Cbr \u002F>\nAbility to create disappearing content within just 2 clicks\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwlmp.info\u002Fwlm\" rel=\"nofollow ugc\">Wishlist Member\u003C\u002Fa> is required to use Wishlist AutoProtect\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdiscoverwp.co\" rel=\"nofollow ugc\">DiscoverWP – Find & Compare WordPress Plugins\u003C\u002Fa>\u003Cbr \u002F>\nDiscoverWP was created in thing in mind and that to help every WordPress user to find the right product for his needs.\u003C\u002Fp>\n","This plugin adds option to automatically protect any post or page in WishList Member after a special period of time or on a specific date.",2348,"2015-04-02T06:29:00.000Z","4.1.42","3.0.1",[69,70,19],"automatic-protection","membership","http:\u002F\u002Fwislistautoprotect.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwishlist-auto-protect.1.1.0.zip",85,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":11,"downloaded":82,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":83,"requires_at_least":48,"requires_php":14,"tags":84,"homepage":88,"download_link":89,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":90},"wishlist-member-show-all-levels","WishList Member: Show All Levels","1.5.2","macbookandrew","https:\u002F\u002Fprofiles.wordpress.org\u002Fmacbookandrew\u002F","\u003Cp>Have you ever wanted a way to show all the content a member is allowed to access? This plugin gives you a simple shortcode that lists all the pages a user is allowed to access, grouped by level.\u003C\u002Fp>\n","Provides a shortcode that outputs all levels a member is allowed to access.",1935,"4.5.33",[85,86,70,87,19],"authorized","level","wishlist","https:\u002F\u002Fgithub.com\u002Fmacbookandrew\u002Fwishlist-member-show-all-levels","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwishlist-member-show-all-levels.1.5.2.zip","2026-03-15T14:44:11.924Z",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":13,"downloaded":99,"rating":13,"num_ratings":13,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":109,"download_link":110,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":57},"member-profile-fields-for-wlm-and-gf-user-registration","Member Profile Fields for WishList Member and Gravity Forms User Registration Add-On","1.04","Jonathan Horowitz","https:\u002F\u002Fprofiles.wordpress.org\u002Fjhorowitz\u002F","\u003Cp>Allows WishList Member Fields (including custom fields) to be populated automatically from data collected in Gravity Forms, using Gravity Forms User Registration Add-On.\u003C\u002Fp>\n\u003Cp>Note, this plugin requires Gravity Forms, Gravity Forms User Registration Add-On plugin, and WishList Member plugin version 2 or above.\u003C\u002Fp>\n","Allows setting WishList Member Fields when users are automatically created using Gravity Forms User Registration Add-On.",1401,"2026-02-03T18:50:00.000Z","6.9.4","3.5","5.6",[105,106,107,108,19],"custom-fields","gravity-forms","user-profile","user-fields","https:\u002F\u002Faod-tech.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmember-profile-fields-for-wlm-and-gf-user-registration.1.04.zip",{"attackSurface":112,"codeSignals":137,"taintFlows":168,"riskAssessment":194,"analyzedAt":210},{"hooks":113,"ajaxHandlers":133,"restRoutes":134,"shortcodes":135,"cronEvents":136,"entryPointCount":13,"unprotectedCount":13},[114,120,124,128,131],{"type":115,"name":116,"callback":117,"file":118,"line":119},"action","admin_menu","add_menu_page","includes\\wlm-api-test.class.php",16,{"type":115,"name":121,"callback":122,"file":118,"line":123},"wp_print_scripts","scripts",19,{"type":115,"name":125,"callback":126,"file":118,"line":127},"admin_init","member_registration",22,{"type":115,"name":125,"callback":129,"file":118,"line":130},"load_scripts",24,{"type":115,"name":121,"callback":122,"file":118,"line":132},35,[],[],[],[],{"dangerousFunctions":138,"sqlUsage":153,"outputEscaping":155,"fileOperations":13,"externalRequests":45,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":167},[139,143,146,150],{"fn":140,"file":118,"line":141,"context":142},"unserialize",76,"$this->member_registration_results['external'] = unserialize($this->RegisterMemberExternalAPI($test_",{"fn":140,"file":118,"line":144,"context":145},110,"$response = unserialize($response);",{"fn":140,"file":147,"line":148,"context":149},"includes\\wlmapiclass.php",137,"$output = unserialize( $this->_request( 'GET', '\u002Fauth' ) );",{"fn":140,"file":147,"line":151,"context":152},148,"$output = unserialize( $this->_request( 'POST', '\u002Fauth', $data ) );",{"prepared":45,"raw":13,"locations":154},[],{"escaped":13,"rawEcho":156,"locations":157},4,[158,161,163,165],{"file":118,"line":159,"context":160},98,"raw output",{"file":118,"line":162,"context":160},166,{"file":118,"line":164,"context":160},196,{"file":118,"line":166,"context":160},227,[],[169,186],{"entryPoint":170,"graph":171,"unsanitizedCount":45,"severity":185},"member_registration (includes\\wlm-api-test.class.php:55)",{"nodes":172,"edges":182},[173,178],{"id":174,"type":175,"label":176,"file":118,"line":177},"n0","source","$_POST",66,{"id":179,"type":180,"label":181,"file":118,"line":141,"wp_function":140},"n1","sink","unserialize() [Object Injection]",[183],{"from":174,"to":179,"sanitized":184},false,"high",{"entryPoint":187,"graph":188,"unsanitizedCount":45,"severity":185},"\u003Cwlm-api-test.class> (includes\\wlm-api-test.class.php:0)",{"nodes":189,"edges":192},[190,191],{"id":174,"type":175,"label":176,"file":118,"line":177},{"id":179,"type":180,"label":181,"file":118,"line":141,"wp_function":140},[193],{"from":174,"to":179,"sanitized":184},{"summary":195,"deductions":196},"The \"wishlist-member-api-testing\" plugin v1.0.4 presents a mixed security posture.  On the positive side, its attack surface is remarkably small, with no detected AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all SQL queries appear to be properly prepared, and there's no history of known vulnerabilities, which is a strong indicator of developer diligence.  However, significant concerns arise from the static analysis. The presence of four dangerous function calls, specifically `unserialize`, is a major red flag. This function is notoriously insecure when used with untrusted input, as it can lead to arbitrary code execution.  The taint analysis revealing two high-severity flows with unsanitized paths, combined with the `unserialize` function, strongly suggests a critical vulnerability related to deserialization.  Additionally, the complete lack of output escaping for all detected outputs is another serious weakness, potentially opening the door to cross-site scripting (XSS) vulnerabilities. The absence of nonce and capability checks on any entry points, while the attack surface is zero, means that if any were to be introduced in the future without proper checks, they would be unprotected.",[197,200,202,205,208],{"reason":198,"points":199},"High severity taint flows with unsanitized paths",12,{"reason":201,"points":11},"Dangerous function call: unserialize",{"reason":203,"points":204},"All outputs are unescaped",7,{"reason":206,"points":207},"No nonce checks",5,{"reason":209,"points":207},"No capability checks","2026-03-16T23:28:47.768Z",{"wat":212,"direct":221},{"assetPaths":213,"generatorPatterns":216,"scriptPaths":217,"versionParams":218},[214,215],"\u002Fwp-content\u002Fplugins\u002Fwishlist-member-api-testing\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwishlist-member-api-testing\u002Fjs\u002Fwlmtest_toggle.js",[],[215],[219,220],"wishlist-member-api-testing\u002Fcss\u002Fstyle.css?ver=","wishlist-member-api-testing\u002Fjs\u002Fwlmtest_toggle.js?ver=",{"cssClasses":222,"htmlComments":227,"htmlAttributes":228,"restEndpoints":230,"jsGlobals":231,"shortcodeOutput":234},[223,224,225,226],"wlmtest_success","wlmtest_fail","wlmtest_toogle_trigger","wlmtest_toogle",[],[229],"data-wlmtest_level_id",[],[232,233],"wlmtest_toggle","wlmapi_get_levels",[]]