[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fQQRscJwrQUHbM0Bs8l9UPTFoVSnAAI3nFAPPC7tyTDc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":147,"fingerprints":231},"woo-customers-by-product-purchase","Customers by Product Purchase","0.1","Tareq Hasan","https:\u002F\u002Fprofiles.wordpress.org\u002Ftareq1988\u002F","\u003Cp>Sometimes we need to find out which customers has bought your certain products. It’s a easy way to find them.\u003C\u002Fp>\n\u003Ch4>Author\u003C\u002Fh4>\n\u003Cp>Brought to you by \u003Ca href=\"http:\u002F\u002Ftareq.co\" rel=\"nofollow ugc\">Tareq Hasan\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002Fwedevs.com\" rel=\"nofollow ugc\">weDevs\u003C\u002Fa>\u003C\u002Fp>\n","Find out which customers has bought your \"X\" product.",10,1799,0,"2020-03-14T06:10:00.000Z","5.4.19","3.6","",[19,20,21,22,23],"browser","browsers","ie","modernizer","reject","http:\u002F\u002Ftareq.wedevs.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-customers-by-product-purchase.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"tareq1988",9,370,30,84,"2026-04-04T13:14:06.964Z",[38,60,84,106,126],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":56,"download_link":57,"security_score":26,"vuln_count":58,"unpatched_count":13,"last_vuln_date":59,"fetched_at":28},"simplified-content","Simplified Content","1.0.1","Lucien Taylor","https:\u002F\u002Fprofiles.wordpress.org\u002Flucien-taylor\u002F","\u003Cp>Simplified Content, provides visitors with alternative ‘simplified’ content whenever they visit your website using any targeted browser.  Useful for website managers who wish to provide basic fallback for legacy browsers, e.g. simplified content for IE 8, or to block certain browsers for intranet systems.\u003C\u002Fp>\n\u003Cp>The plugin allows you to select one or more browsers from a settings page to target for alternative content.  The plugin requires a target Site Map page to use as a new root page for all website navigation.  The plugin provides the visitor with a simplified navigational system, moving from the site map to any page referenced in the site map, and a simple ‘back to site map’ link at the top of each page.\u003C\u002Fp>\n\u003Cp>WARNING: This is an aggressive plugin which provides very simple functionality for configured browsers.  Once set, any configured browsers will cease to function for administrative and normal wordpress operations.\u003Cbr \u002F>\nPlease ensure that you have other browsers available to use for administration and testing purposes.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Choose multiple browsers from a settings page.\u003C\u002Fli>\n\u003Cli>Automatic generation of simplified content.  Requires no editing of content. Note:  javascript, and media rich content is ignored by this plugin.\u003C\u002Fli>\n\u003Cli>Choose any page to target as the sitemap page.\u003C\u002Fli>\n\u003Cli>Easy to customize ‘welcome\u002Fapology message’, header, footer and styles of basic content.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Help and documentation:\u003C\u002Fh4>\n\u003Cp>The plugin product page is available at:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.oxil.uk\u002Fwordpress\u002Fwordpress-plugins\u002Fsimplified-content\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.oxil.uk\u002Fwordpress\u002Fwordpress-plugins\u002Fsimplified-content\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The plugin help pages are available at:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.oxil.uk\u002Fhelp\u002Fplugins\u002Fsimplified-content-help\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.oxil.uk\u002Fhelp\u002Fplugins\u002Fsimplified-content-help\u002F\u003C\u002Fa>\u003C\u002Fp>\n","A plugin which generates alternative 'simplified' content for a given set of browsers.  Useful legacy browser support and intranet systems.",1341,"2016-04-19T15:38:00.000Z","4.5.33","4.3.1",[51,52,53,54,55],"browser-block","content","ie-8","internet-explorer","legacy-browsers","http:\u002F\u002Fwww.oxil.uk\u002Fwordpress\u002Fwordpress-plugins\u002Fsimplified-content\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimplified-content.1.0.1.zip",1,"2016-02-09 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":17,"tags":75,"homepage":81,"download_link":82,"security_score":83,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"rebusted","reBusted!","1.2","Simon Prosser","https:\u002F\u002Fprofiles.wordpress.org\u002Fpross\u002F","\u003Cp>Saves you from asking “have you emptied your cache?”.\u003C\u002Fp>\n\u003Cp>Forked and updated for todays WordPress and PHP from the original plugin by Paul Clark.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Safe to leave running on live sites.\u003C\u002Fli>\n\u003Cli>Only refreshes browser cache for a file if it has been modified.\u003C\u002Fli>\n\u003Cli>Resolves Content Delivery Network (CDN) issues. No need to purge CDN cache.\u003C\u002Fli>\n\u003Cli>Multisite compatible.\u003C\u002Fli>\n\u003Cli>“Just works” – no configuration necessary.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Requires scripts use any of the below functions to load. Almost all files meet these requirements. The only case it doesn’t account for is when URLs are hard-coded. This shouldn’t ever be done, since it can break sites for other reasons.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fwp_enqueue_style\" rel=\"nofollow ugc\">wp_enqueue_style\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fwp_enqueue_script\" rel=\"nofollow ugc\">wp_enqueue_script\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_stylesheet_uri\" rel=\"nofollow ugc\">get_stylesheet_uri\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Force browsers to load the most recent file if modified.",6000,34186,100,11,"2024-10-10T14:16:00.000Z","6.7.5","3.4",[76,77,78,79,80],"browser-cache","clear","client","debug","develop","https:\u002F\u002Fgithub.com\u002FPross\u002FreBusted","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frebusted.1.2.zip",92,{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":68,"downloaded":92,"rating":70,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":104,"download_link":105,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"sql-buddy","SQL Buddy – Database Management Made Easy","1.0.0","WP Engine","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpengine\u002F","\u003Cp>\u003Cstrong>⚠️ WARNING\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>SQL Buddy is no longer actively maintained.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This software is still free to use under the license provided, but users should be aware that it is not currently maintained. No additional releases, including security releases, will be made available.\u003C\u002Fp>\n\u003Cp>Your one-stop solution for WordPress database management. Edit your table data with a clean and straightforward user interface.\u003C\u002Fp>\n\u003Cp>SQL Buddy is a WordPress plugin that makes it easy to manage your database table contents right from your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>The Dashboard screen gives you a detailed overview of all your WordPress tables, along with useful data like the number of records, and the size of the table.\u003C\u002Fp>\n\u003Cp>The Tables screen allows you to search for a specific table, or view the table rows. Clicking on a row presents options to edit and save the column values, or delete the row. You are also able to control which table columns to display, as well as options to filter the table data.\u003C\u002Fp>\n\u003Cp>Each screen has pagination controls for navigating through a large number of tables or rows.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>View a list of all your database tables, including details like number of records, data usage, and index usage per table.\u003C\u002Fli>\n\u003Cli>Navigate through table records quickly, or search for specific tables by name.\u003C\u002Fli>\n\u003Cli>Filter table records using custom query conditions\u003C\u002Fli>\n\u003Cli>Choose which table columns to display on a per-table basis\u003C\u002Fli>\n\u003Cli>View the full contents of a single table record with one click.\u003C\u002Fli>\n\u003Cli>Easily edit the record contents or delete a table record\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Use a Database Management Plugin?\u003C\u002Fh3>\n\u003Cp>While not common, there are often situations where you might need to make changes to your WordPress database. Perhaps you’ve moved from a staging environment to live, and you need to update your site URL, or you need to clean up some data left behind by a deleted plugin. Whatever the reason, a solid solution for browsing and editing your WordPress database is a vital tool in any site owner’s belt.\u003C\u002Fp>\n\u003Cp>You could use the database management tool your web host provides, which is typically based on PHPMyAdmin, but the user interface is clumsy and not all that intuitive. You could try an application like Navicat, SQLyog, or TablePlus, but these require you to know your database access credentials.\u003C\u002Fp>\n\u003Cp>SQL Buddy is the WordPress plugin that gives you the ability to manage your database directly from your WordPress dashboard, without needing to worry about database credentials, installing third-party applications, or navigating a confusing user interface.\u003C\u002Fp>\n\u003Ch3>Built by WordPress Database Experts\u003C\u002Fh3>\n\u003Cp>We’re Delicious Brains, the team behind \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-migrate-db\u002F\" rel=\"ugc\">WP Migrate DB\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fdeliciousbrains.com\u002Fwp-migrate-db-pro\u002F\" rel=\"nofollow ugc\">WP Migrate DB Pro\u003C\u002Fa>. For the last 15 years, we’ve helped WordPress developers migrate their database, site files and themes, and plugins between multiple different environments. We pride ourselves on being WordPress database experts, so you don’t have to be.\u003C\u002Fp>\n\u003Cp>SQL Buddy is everything we require from a WordPress database management plugin. A beautiful, intuitive interface, coupled with straightforward yet powerful features.\u003C\u002Fp>\n","Your one-stop solution for easy WordPress database management",44408,14,"2025-06-16T13:13:00.000Z","6.4.8","5.3","5.6",[99,100,101,102,103],"database","database-browser","database-management","database-queries","sql","https:\u002F\u002Fdeliciousbrains.com\u002Fsql-buddy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsql-buddy.1.0.0.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":17,"tags":121,"homepage":124,"download_link":125,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-mobile-detect","WP Mobile Detect","2.0","Jesse Friedman","https:\u002F\u002Fprofiles.wordpress.org\u002Fprofessor44\u002F","\u003Cp>One of the hardest parts of building Responsive WordPress themes is maintaining responsive integrity after the site goes live. User Admins can have limited coding abilities which can prevent them from maintaining responsiveness in themes.\u003C\u002Fp>\n\u003Cp>WP Mobile Detect aims to make it extremely easy for anyone to wrap content in the editor with shortcodes which will hide content based on visitor device at the server level.\u003C\u002Fp>\n\u003Cp>No longer do we need to rely on display:none; or other techniques to hide content for mobile devices. Instead we can replace content with alternatives. When a full-size infographic in your post is unknowingly displayed on a visitors phone we can consider that an Non-user initiated download. In other words that visitor had no idea what they were getting into and you possibly just choked their bandwidth.\u003C\u002Fp>\n\u003Cp>WP Mobile detect gives you the ability to wrap that infographic in a [notdevice][\u002Fnotdevice] shortcode so at the server level WordPress will decide to show that content only if the user is NOT on a phone or tablet. Alternatively you can wrap a link and corresponding text to that info graphic in a [device][\u002Fdevice] shortcode as a way for the visitor to consume that content if they so choose.\u003C\u002Fp>\n\u003Cp>This plugin is based on the \u003Ca href=\"http:\u002F\u002Fcode.google.com\u002Fp\u002Fphp-mobile-detect\u002F\" rel=\"nofollow ugc\">PHP Mobile Detect class\u003C\u002Fa>\u003Cbr \u002F>\nWordPress Plugin written by \u003Ca href=\"http:\u002F\u002Fjes.se.com\" rel=\"nofollow ugc\">Jesse Friedman\u003C\u002Fa>\u003C\u002Fp>\n","WP Mobile Detect by Jesse Friedman creates an easy way for the User Admin to control when content is shown or hid based on visitor device or operating …",5000,89359,96,64,"2017-11-28T11:14:00.000Z","4.2.39","2.8.4",[20,122,123],"mobile","responsive","http:\u002F\u002Fjes.se.com\u002Fwp-mobile-detect","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mobile-detect.2.0.zip",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":70,"num_ratings":136,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":140,"tags":141,"homepage":145,"download_link":146,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tinywp-mobile-detect","Mobile Detect","3.1.1","Pothi Kalimuthu","https:\u002F\u002Fprofiles.wordpress.org\u002Fpothi\u002F","\u003Cp>Mobile detect plugin uses the open source \u003Ca href=\"http:\u002F\u002Fmobiledetect.net\u002F\" rel=\"nofollow ugc\">MobileDetect PHP library\u003C\u002Fa> to fine-tune the built-in WordPress function \u003Ccode>wp_is_mobile()\u003C\u002Fcode> in such a way that tablets are excluded from being detected as mobile!\u003C\u002Fp>\n\u003Cp>If you don’t understand the above one-liner, here is some explanation…\u003C\u002Fp>\n\u003Cp>If we serve different (cached) content for mobiles and desktops, iPads (and other tablets) are usually served with mobile version of the site. That means, iPad users see only the mobile version of the site. If you are in doubt, check your site now! There is nothing wrong with your iPad (or any other tablet). It is due to how WordPress treats iPads and other tablets. Currently, in WordPress, iPads (and other tablets) are considered as mobile! One day (in the future), tablets may be considered as desktops by WordPress internals. Until then, by using \u002F activating this plugin, tablets are served with desktop version of the site.\u003C\u002Fp>\n\u003Cp>If your site doesn’t serve different content for mobiles and desktops, please ignore this plugin. This plugin does nothing in that case.\u003C\u002Fp>\n\u003Cp>About Mobile Detect PHP Library:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Mobile Detect is a lightweight PHP class for detecting mobile devices (including tablets). It uses the User-Agent string combined with specific HTTP headers to detect the mobile environment.\u003C\u002Fli>\n\u003Cli>PHP Mobile Detect is an open-source script released under \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fserbanghita\u002FMobile-Detect\u002Fblob\u002Fmaster\u002FLICENSE.txt\" rel=\"nofollow ugc\">MIT License\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Mobile Detect PHP Developer: \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fserbanghita\" rel=\"nofollow ugc\">Șerban Ghiță\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnicktacular\" rel=\"nofollow ugc\">Nick Ilyin\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Original author: \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fvictorstanciu\" rel=\"nofollow ugc\">Victor Stanciu\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Icon (and banner) created by: \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fgrafician\" rel=\"nofollow ugc\">Dragoș Gavrilă\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Fine-tunes wp_is_mobile function by excluding tablets (ex: iPad), from being detected as mobile! Uses MobileDetect PHP Library from mobiledetect.net!",3000,47319,7,"2026-03-06T09:27:00.000Z","6.9.4","3.0","7.4",[20,142,122,143,144],"ipad","mobiledetect","tablet","https:\u002F\u002Fwww.tinywp.in\u002Fwp_is_mobile-exclude-ipad\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftinywp-mobile-detect.3.1.1.zip",{"attackSurface":148,"codeSignals":164,"taintFlows":192,"riskAssessment":217,"analyzedAt":230},{"hooks":149,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":13,"unprotectedCount":13},[150,156],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","init","localization_setup","customers.php",61,{"type":157,"name":158,"callback":158,"file":154,"line":159},"filter","woocommerce_admin_reports",63,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":166,"outputEscaping":169,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":191},[],{"prepared":167,"raw":13,"locations":168},2,[],{"escaped":167,"rawEcho":71,"locations":170},[171,174,176,178,179,181,182,184,185,187,189],{"file":172,"line":71,"context":173},"view.php","raw output",{"file":172,"line":175,"context":173},19,{"file":172,"line":177,"context":173},58,{"file":172,"line":177,"context":173},{"file":172,"line":180,"context":173},59,{"file":172,"line":180,"context":173},{"file":172,"line":183,"context":173},60,{"file":172,"line":155,"context":173},{"file":172,"line":186,"context":173},62,{"file":172,"line":188,"context":173},70,{"file":172,"line":190,"context":173},74,[],[193],{"entryPoint":194,"graph":195,"unsanitizedCount":58,"severity":216},"\u003Cview> (view.php:0)",{"nodes":196,"edges":212},[197,202,206],{"id":198,"type":199,"label":200,"file":172,"line":201},"n0","source","$_GET",4,{"id":203,"type":204,"label":205,"file":172,"line":201},"n1","transform","→ get_users()",{"id":207,"type":208,"label":209,"file":154,"line":210,"wp_function":211},"n2","sink","get_results() [SQLi]",168,"get_results",[213,215],{"from":198,"to":203,"sanitized":214},false,{"from":203,"to":207,"sanitized":214},"high",{"summary":218,"deductions":219},"The \"woo-customers-by-product-purchase\" plugin v0.1 exhibits a mixed security posture. While the static analysis reveals no apparent direct entry points like AJAX handlers, REST API routes, or shortcodes that are unprotected, and all SQL queries are prepared, there are significant concerns.  The extremely low percentage of properly escaped output (15%) suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis identified one flow with an unsanitized path classified as high severity, indicating a potential pathway for malicious data to be processed without adequate cleaning. The absence of nonce and capability checks across the board is a critical oversight, as it leaves any potential entry points, even if currently zero, vulnerable to unauthorized actions.  The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign, suggesting it has historically been free of known exploits. However, this history is limited, especially for an early version like 0.1, and does not negate the risks identified in the current code analysis.",[220,222,225,228],{"reason":221,"points":136},"High percentage of unescaped output",{"reason":223,"points":224},"High severity taint flow with unsanitized path",12,{"reason":226,"points":227},"Zero nonce checks present",5,{"reason":229,"points":227},"Zero capability checks present","2026-03-17T00:39:37.144Z",{"wat":232,"direct":241},{"assetPaths":233,"generatorPatterns":236,"scriptPaths":237,"versionParams":238},[234,235],"\u002Fwp-content\u002Fplugins\u002Fwoo-customers-by-product-purchase\u002Fassets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwoo-customers-by-product-purchase\u002Fassets\u002Fjs\u002Fcustom.js",[],[235],[239,240],"woo-customers-by-product-purchase\u002Fassets\u002Fcss\u002Fstyle.css?ver=","woo-customers-by-product-purchase\u002Fassets\u002Fjs\u002Fcustom.js?ver=",{"cssClasses":242,"htmlComments":243,"htmlAttributes":244,"restEndpoints":245,"jsGlobals":246,"shortcodeOutput":247},[],[],[],[],[],[]]