[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKjtkVgtU1q7ZEb9TjLbWJVIpWbCzDLE67fGJq0xdI3w":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":135,"fingerprints":166},"wp-author-slug","WP Author Slug","5","Konstantin Obenland","https:\u002F\u002Fprofiles.wordpress.org\u002Fobenland\u002F","\u003Cp>This plugin replaces the author slug with a sanitized version of the user’s display name.\u003C\u002Fp>\n\u003Cp>This plugin will not prevent hackers from finding out your login name but the login name won’t be visible\u003Cbr \u002F>\nin the author archive’s URL, which works towards your friendly URLs with using your display name.\u003C\u002Fp>\n\u003Cp>DO NOT use this on a site with more than 1000 registered users, as updating all of their nicenames at once might break your site.\u003C\u002Fp>\n","Add a layer of security and prevent your login name from being shown in the author archive's URL.",2000,35171,96,19,"2025-09-09T01:07:00.000Z","6.8.5","3.0","",[20,21,22,23,24],"author","author-archive","security","slug","url","http:\u002F\u002Fen.wp.obenland.it\u002Fwp-author-slug\u002F?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp-author-slug","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-author-slug.5.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"obenland",13,22900,93,30,89,"2026-04-04T05:28:17.157Z",[41,65,85,100,117],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":17,"requires_php":55,"tags":56,"homepage":61,"download_link":62,"security_score":27,"vuln_count":63,"unpatched_count":28,"last_vuln_date":64,"fetched_at":30},"restrict-usernames-emails-characters","Restrict Usernames Emails Characters","4.1.2","Benaceur","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenaceur\u002F","\u003Cp>This plugin allows you to Restrict a particular or certain username, email addresses or symbols,\u003Cbr \u002F>\nor email from specific domain names in the form registration when registering for your site\u003Cbr \u002F>\nand you can allow to use a certain language (arabic cyrillic latin …)\u003Cbr \u002F>\nor all languages and characters and symbols, you can also control and modify all errors messages\u003Cbr \u002F>\nand allow certain characters (Symbols and characters accented as é û),\u003Cbr \u002F>\nand allowing you to change the author slug (defaults to the username of the author),\u003Cbr \u002F>\nand you can control and adjust all settings from the plugin settings page in admin Panel.\u003C\u002Fp>\n\u003Ch4>and here is all plugin settings in admin Panel:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>enable\u002Fdisable the plugin\u003C\u002Fli>\n\u003Cli>disallow to use the spaces in username\u003C\u002Fli>\n\u003Cli>disallow to use only numbers in username\u003C\u002Fli>\n\u003Cli>disallow all characters (Symbols) in username\u003C\u002Fli>\n\u003Cli>disallow characters (Symbols) permitted by wordpress in username: @ – . _\u003C\u002Fli>\n\u003Cli>allow certain characters (Symbols and characters accented as é û)\u003C\u002Fli>\n\u003Cli>restrict certain email addresses\u003C\u002Fli>\n\u003Cli>restrict certain username\u003C\u002Fli>\n\u003Cli>restrict certain domain names for example: yournamesite@com\u003C\u002Fli>\n\u003Cli>No\u002Fyes uppercase in username\u003C\u002Fli>\n\u003Cli>Compatible with single site, network (multi-site), buddypress and buddyboss.\u003C\u002Fli>\n\u003Cli>The possibility to:\u003C\u002Fli>\n\u003Cli>choose language (characters) in username (arabic cyrillic latin …) or all languages\u003C\u002Fli>\n\u003Cli>remove all settings and data of the plugin from database when the plugin is disabled\u003C\u002Fli>\n\u003Cli>reset default settings\u003C\u002Fli>\n\u003Cli>control and modify all errors messages\u003C\u002Fli>\n\u003Cli>restrict any name contains a part of word (partial matching)\u003C\u002Fli>\n\u003Cli>prevent the use of email in the username\u003C\u002Fli>\n\u003Cli>prevent the use of numbers more than letters and symbols in the user name.\u003C\u002Fli>\n\u003Cli>allowing you to change the author slug\u003C\u002Fli>\n\u003Cli>Author Slug Structure\u003C\u002Fli>\n\u003Cli>Update of the author’s slug for all users\u003C\u002Fli>\n\u003Cli>Limit the number of users to update (in batches) with every click, if your database is big\u003C\u002Fli>\n\u003Cli>Update or convert only names (author slug) not latin\u003C\u002Fli>\n\u003Cli>remove name field in buddypress.\u003C\u002Fli>\n\u003Cli>hide or change message (Must be at least 4 characters, letters and numbers only.) of multisite.\u003C\u002Fli>\n\u003Cli>add an notice or text in registration form.\u003C\u002Fli>\n\u003Cli>etc…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TRANSLATED IN FOLLOWING LANGUAGES:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Arabic\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Direct support page:\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fbenaceur-php.com\u002F?p=2268\u003C\u002Fp>\n","Restrict the usernames, email addresses, characters and symbols or email from specific domain names or language in registration ...",1000,38817,90,25,"2025-12-01T20:58:00.000Z","6.9.4","5.3.19",[57,58,59,60,22],"anti-spam","author-slug","registration","restrict-user","https:\u002F\u002Fbenaceur-php.com\u002F?p=2268","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestrict-usernames-emails-characters.4.1.2.zip",1,"2024-01-31 00:00:00",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":27,"num_ratings":63,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":78,"tags":79,"homepage":82,"download_link":83,"security_score":84,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simply-change-author-url","Simply Change Author URL","1.1.2","Devi","https:\u002F\u002Fprofiles.wordpress.org\u002Fdev_vahid\u002F","\u003Cp>The plugin Changes wordpress user slug for security reasons, it prevents access to the usernames of registered users on your site.\u003C\u002Fp>\n\u003Cp>By using “Simply Change Author URL” The WordPress default users(authors) Slug and URL addresses will be changed automatically.\u003C\u002Fp>\n\u003Cp>By Default Author URL is: \u003Ccode>example.com\u002Fauthor\u002F[username]\u002F\u003C\u002Fcode>\u003Cbr \u002F>\nafter install this plugin URLs will be changed to: \u003Ccode>example.com\u002Fuser\u002F[user_id]\u002F\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>This will protects the usernames from being easily accessible by cyber attackers.\u003C\u002Fp>\n\u003Cp>This plugin also:\u003Cbr \u002F>\n1. Removes wordpress api user endpoints. (they contain information about users)\u003Cbr \u002F>\n1. Changes canonical links generated by yoast.\u003C\u002Fp>\n","Changes wordpress user slug for security, it prevents access to the usernames of registered users on your site.",40,1740,"2022-07-25T09:41:00.000Z","6.0.11","4.0.1","5.6.20",[20,80,58,81,22],"author-base","permalink","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimply-change-author-url\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimply-change-author-url.zip",85,{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":28,"num_ratings":28,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":18,"download_link":99,"security_score":84,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"modify-author-url","Plugin Name:       Modify Author URL","1.0","Jared Harbour","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaredharbour\u002F","\u003Cp>Ever want to change the url used to display your posts?  This plugin\u003Cbr \u002F>\nallows a blog administrator to change a users url slug from their edit profile page.\u003C\u002Fp>\n\u003Cp>The plugin allows for the creation of new author slugs, but also saves old slugs a user has used in the past.\u003C\u002Fp>\n","Allows administrators to modify a users author url from their profile page.",10,1728,"2011-02-23T04:56:00.000Z","3.1.4","3.0.1",[20,23,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmodify-author-url.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":28,"downloaded":108,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":16,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":114,"download_link":115,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":116},"custom-author-archive-by-sectorize","Sectorize – Custom Author Archives & Collective Authorship","0.2.1","Marg Choco","https:\u002F\u002Fprofiles.wordpress.org\u002Fturtlesoup\u002F","\u003Cp>Sectorize is an elegant, plug-and-play WordPress plugin that repurposes author archives into “sector”-based URLs using the required nickname field for username. It hides sensitive \u003Ccode>\u002Fauthor\u002Fusername\u003C\u002Fcode> slugs and redirects them to clean, secure \u003Ccode>\u002Fsector\u002F{nickname}\u003C\u002Fcode> URLs which improves privacy and branding. It also transforms author archives (pages SEO plugins often recommend disabling) into structured, sector-based archives.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Security-first: prevents exposure of login-based author slugs\u003C\u002Fli>\n\u003Cli>Zero configuration: Install, activate, and it works immediately\u003C\u002Fli>\n\u003Cli>Collective authorship: uses the site name in Schema.org markup so all content is attributed to the collective brand\u003C\u002Fli>\n\u003Cli>Sector-based bylines: display sector nicknames in place of author names — ideal for single-author sites or when contributors prefer anonymity\u003C\u002Fli>\n\u003Cli>Governance-safe: clear admin guidance; never change login\u002Fusername, only nicknames\u003C\u002Fli>\n\u003Cli>SEO-ready: automatic schema markup, optimized titles, and canonical URLs\u003C\u002Fli>\n\u003Cli>Smart redirects: 301 redirects from \u003Ccode>\u002Fauthor\u002Fusername\u003C\u002Fcode> to \u003Ccode>\u002Fsector\u002Fnickname\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Admin UI: settings page with one-click rewrite flush and success notices\u003C\u002Fli>\n\u003Cli>User management: adds “Sector Nickname” column to the Users table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Content creators: organize posts by sector (e.g. “Insights”, “Reviews”) without exposing author logins\u003C\u002Fli>\n\u003Cli>Corporate sites: group content by department (“Marketing”, “Support”) with sector archives\u003C\u002Fli>\n\u003Cli>Industry portals: create thematic sectors (“Finance”, “Technology”, “Healthcare”)\u003C\u002Fli>\n\u003Cli>Regional content: build geographic sectors (“North America”, “Europe”, “Asia Pacific”)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Live Example\u003C\u002Fh3>\n\u003Cp>Sectorize is actively used on \u003Ca href=\"https:\u002F\u002Fictstart.com\" rel=\"nofollow ugc\">ICTStart.com\u003C\u002Fa>:\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fictstart.com\u002Fsector\u002Farticle\u002F\" rel=\"nofollow ugc\">Article sector\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fictstart.com\u002Fsector\u002Freview\u002F\" rel=\"nofollow ugc\">Review sector\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fictstart.com\u002Fsector\u002Finsight\u002F\" rel=\"nofollow ugc\">Insights sector\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>In WordPress Admin:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Manage sector users via Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Sectorize\u003Cbr \u002F>\n– The Author dropdown in the post editor shows sector nicknames\u003Cbr \u002F>\n– The Author column in post lists displays sector nicknames\u003C\u002Fp>\n\u003Cp>\u003Cstrong>On Your Website:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Author names are replaced with sector nicknames automatically\u003Cbr \u002F>\n– Archive pages organize content by sector at \u002Fsector\u002F{nickname}\u002F\u003Cbr \u002F>\n– Schema.org markup attributes content to the site name for collective branding\u003C\u002Fp>\n\u003Ch3>Additional Information\u003C\u002Fh3>\n\u003Cp>Sectorize customizes author archives and collective authorship in WordPress. The plugin organizes and displays content but does not replace the systems required for professional news or magazine sites.\u003C\u002Fp>\n\u003Cp>Publishing at scale demands attention to:\u003Cbr \u002F>\n* Editorial workflows (clear roles for writing, editing, and approval)\u003Cbr \u002F>\n* Legal responsibility (accountability for all published content)\u003Cbr \u002F>\n* Theme configuration (design and functionality tailored to the site’s needs)\u003Cbr \u002F>\n* Security and compliance (protection for the site and its users)\u003C\u002Fp>\n\u003Cp>Sectorize manages authorship metadata. Site governance, accuracy, and liability remain the responsibility of the publisher.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>GPLv2 or later\u003C\u002Fp>\n\u003Ch3>Donate\u003C\u002Fh3>\n\u003Cp>If you find Sectorize useful, consider supporting development:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fictstart\" rel=\"nofollow ugc\">Buy me a coffee.\u003C\u002Fa>\u003C\u002Fp>\n","Transform author archives into elegant sector-based content organization with automatic SEO optimization. ---",114,"6.0","7.4",[112,20,113,22],"archive","custom-urls","https:\u002F\u002Fgithub.com\u002Francidbluecheese\u002Fsectorize","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-author-archive-by-sectorize.0.2.1.zip","2026-03-15T10:48:56.248Z",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":13,"num_ratings":127,"last_updated":128,"tested_up_to":16,"requires_at_least":129,"requires_php":110,"tags":130,"homepage":133,"download_link":134,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"edit-author-slug","Edit Author Slug","1.9.2","Brandon Allen","https:\u002F\u002Fprofiles.wordpress.org\u002Fcnorris23\u002F","\u003Cp>This plugin allows full control of your user permalinks, allowing you to change both the author base (the ‘\u002Fauthor\u002F’ portion of the author URLs), and the author slug (defaults to the username of the author). You can set the author base globally, or you can set it to be user-specific based on a user’s role. You now have the power to craft the perfect URL structure for you Author pages.\u003C\u002Fp>\n\u003Cp>WordPress default structure \u003Cem>http:\u002F\u002Fexample.com\u002Fauthor\u002Fusername\u002F\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Edit Author Slug allows for \u003Cem>http:\u002F\u002Fexample.com\u002Fninja\u002Fmaster-ninja\u002F\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Using a role-based author base would allow for \u003Cem>http:\u002F\u002Fexample.com\u002Fida\u002Fmaster-splinter\u002F\u003C\u002Fem> (for an Administrator Role), or \u003Cem>http:\u002F\u002Fexample.com\u002Fkoga\u002Fleonardo\u002F\u003C\u002Fem> (for a Subscriber Role).\u003C\u002Fp>\n\u003Cp>Development of this plugin takes place on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthebrandonallen\u002Fedit-author-slug\u002F\" title=\"Edit Author Slug on Github\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Pull requests are always welcome!\u003C\u002Fp>\n\u003Cp>Translations should be submitted to \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fedit-author-slug\" rel=\"nofollow ugc\">Translate WordPress\u003C\u002Fa>.\u003C\u002Fp>\n","Allows an admin (or capable user) to edit the author slug of a user, and change the author base.",100000,1525613,84,"2025-05-27T04:15:00.000Z","5.8",[20,80,58,131,132],"nicename","user-nicename","https:\u002F\u002Fgithub.com\u002Fthebrandonallen\u002Fedit-author-slug\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-author-slug.1.9.2.zip",{"attackSurface":136,"codeSignals":142,"taintFlows":159,"riskAssessment":160,"analyzedAt":165},{"hooks":137,"ajaxHandlers":138,"restRoutes":139,"shortcodes":140,"cronEvents":141,"entryPointCount":28,"unprotectedCount":28},[],[],[],[],[],{"dangerousFunctions":143,"sqlUsage":144,"outputEscaping":146,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":63,"bundledLibraries":158},[],{"prepared":28,"raw":28,"locations":145},[],{"escaped":147,"rawEcho":148,"locations":149},20,3,[150,154,156],{"file":151,"line":152,"context":153},"class-obenland-wp-author-slug.php",97,"raw output",{"file":151,"line":155,"context":153},98,{"file":151,"line":157,"context":153},119,[],[],{"summary":161,"deductions":162},"The plugin \"wp-author-slug\" v5 exhibits a generally strong security posture based on the provided static analysis. The absence of direct attack surface entry points like AJAX handlers, REST API routes, shortcodes, and cron events significantly limits immediate exploitation vectors.  Furthermore, the code demonstrates good practices with 100% of SQL queries using prepared statements and a high percentage (87%) of output being properly escaped. The plugin also correctly implements capability checks, indicating a consideration for WordPress's access control mechanisms.\n\nHowever, a notable concern is the complete lack of nonce checks. While the attack surface is currently zero, this absence leaves the plugin vulnerable to cross-site request forgery (CSRF) attacks should any new entry points be introduced or if existing ones become exposed in the future. The taint analysis also shows zero flows, which is positive but could be a result of a very limited code scope or potentially incomplete analysis if the scope was not fully captured.\n\nThe plugin's vulnerability history is clean, with zero recorded CVEs. This, coupled with the clean taint analysis and absence of dangerous functions, suggests a well-maintained and secure codebase. In conclusion, \"wp-author-slug\" v5 is likely secure for its current functionality, but the missing nonce checks represent a significant potential weakness that should be addressed to ensure future resilience against CSRF attacks.",[163],{"reason":164,"points":93},"Missing nonce checks for potential entry points","2026-03-16T18:27:48.191Z",{"wat":167,"direct":172},{"assetPaths":168,"generatorPatterns":169,"scriptPaths":170,"versionParams":171},[],[],[],[],{"cssClasses":173,"htmlComments":174,"htmlAttributes":175,"restEndpoints":176,"jsGlobals":177,"shortcodeOutput":178},[],[],[],[],[],[]]