[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFzVVA-vpvUEdckHVPTNw8HdbDDydabnW8vWMQMoclps":3,"$f6aH3jWqeOTsZ6ZZSPmiFBqhvEkbbNFEIdQbQ7ljsocw":292,"$fhVR7z_PNwoz9HBBeQg9MzEoGjT3u3A-gJjTV-i0pvMw":296},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":5,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":39,"analysis":141,"fingerprints":259},"wp-configuration-and-status","WP Configuration and Status","0.0.3","klickonit","https:\u002F\u002Fprofiles.wordpress.org\u002Fklickonit\u002F","\u003Cp>WP Configuration and Status is a simple plugin which, once enabled, will allow easy access to key configuration parameters within your WordPress installation.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Shows the contents of php.info\u003C\u002Fli>\n\u003Cli>Shows the contents of .htaccess\u003C\u002Fli>\n\u003Cli>Shows the contents of wp-config.php\u003C\u002Fli>\n\u003C\u002Ful>\n",40,2618,80,1,"2017-12-05T03:17:00.000Z","4.9.29","3.8","5.4",[19,20,21,22,23],"configuration","htaccess","php-info","php-ini","wp-config","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-configuration-and-status.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},18,170,86,30,84,"2026-05-20T07:22:33.814Z",[40,58,78,104,124],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":27,"num_ratings":27,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":24,"tags":53,"homepage":56,"download_link":57,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wordless-extender","Wordless Extender","1.2.1","welaika","https:\u002F\u002Fprofiles.wordpress.org\u002Fwelaika\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwelaika\u002Fwordless\" rel=\"nofollow ugc\">Wordless\u003C\u002Fa> is the WP themes framework developed and used by \u003Ca href=\"http:\u002F\u002Fdev.welaika.com\" rel=\"nofollow ugc\">weLaika\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>As we wrote in the Wordless README:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>« Wordless is not meant to be a bloated, all-included tool.\nThis is why we recommend adding some other plugins\nto get the most out of your beautiful WP developer life »\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Wordless Extender\u003C\u002Fem> (WLE from now on) is a starting point for every Wordless theme.\u003Cbr \u002F>\nLet’s take a look in depth.\u003C\u002Fp>\n\u003Ch3>Plugin Manager\u003C\u002Fh3>\n\u003Cp>Never change a winning team! These are our \u003Cem>starred\u003C\u002Fem> plugins; with these we cover the 90% of our developing needs.\u003Cbr \u002F>\nYou’ll have a control panel inside WLE to list, enable, disable and upgrade plugins from the collection; never search that useful plugin crawling the WP.org repo and have team kickstart projects with always the same plugin set.\u003C\u002Fp>\n\u003Ch3>Config Constants\u003C\u002Fh3>\n\u003Cp>Manage WP constants (stored in your wp-config.php) directly within the WP backend.\u003C\u002Fp>\n\u003Cp>We got inspired by WordPress \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FEditing_wp-config.php\" rel=\"nofollow ugc\">guidelines\u003C\u002Fa> and we crafted this little control panel. It is intended for advanced users: we are not interested in making things easy, but we’d like to remember important\u002Fcomplex\u002Fabstruse settings and have them always just one click away.\u003C\u002Fp>\n\u003Cp>Everytime you’ll update these configs \u003Ccode>wp-config.php\u003C\u002Fcode> file will be backed-up in \u003Ccode>wp-config.php.orig\u003C\u002Fcode>. Keep in mind.\u003C\u002Fp>\n\u003Ch3>Security fixes\u003C\u002Fh3>\n\u003Cp>This is the most important section: improving security.\u003Cbr \u002F>\nMost of the tricks are directly from \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FHardening_WordPress\" rel=\"nofollow ugc\">Hardening WordPress\u003C\u002Fa> guide; others are tricks discovered on battlefield.\u003C\u002Fp>\n\u003Cp>You have to know what you are doing. Follow the comments in the panel if you are confused. Remind that when you’ll let the plugin rewrite your \u003Ccode>.htaccess\u003C\u002Fcode> file, it will take a backup copy of the last version in \u003Ccode>.htaccess.orig\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>If you are asking about the things are we doing with your \u003Ccode>.htaccess\u003C\u002Fcode> go read the template in \u003Ccode>resources\u002Fhtaccess.tpl\u003C\u002Fcode>.\u003Cbr \u002F>\nEssentially we’ll block access to various files and locations.\u003Cbr \u002F>\nWe are always at work to improve this section, so if you have some tips open an issue or send a pull request.\u003C\u002Fp>\n\u003Ch3>Wordless integration\u003C\u002Fh3>\n\u003Cp>WLE menu in the WP backend, will be integrated with the Wordless 0.4+ backend menu, creating \u003Cem>one place to rule them all!\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Need more tools?\u003C\u002Fh3>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwptools.it\" rel=\"nofollow ugc\">WordPress Tools\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Licence\u003C\u002Fh3>\n\u003Cp>(The MIT License)\u003C\u002Fp>\n\u003Cp>Copyright © 2014-2015 weLaika\u003C\u002Fp>\n\u003Cp>Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the ‘Software’), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and\u002For sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:\u003C\u002Fp>\n\u003Cp>The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\u003C\u002Fp>\n\u003Cp>THE SOFTWARE IS PROVIDED ‘AS IS’, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\u003C\u002Fp>\n","Wordless Extender is a starting point for everyone: list of commonly used plugins, wp-config.php \u002F .htaccess configuration and security improvements.",10,1815,"2017-09-28T13:36:00.000Z","4.7.33","4.0",[19,20,54,55,23],"security","wordless","https:\u002F\u002Fgithub.com\u002Fwelaika\u002Fwordless-extender","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordless-extender.1.2.1.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":13,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":76,"download_link":77,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"php-server-configuration","PHP Server Configuration","1.0","Ninetyseven Infotech","https:\u002F\u002Fprofiles.wordpress.org\u002Fsutharkaran10\u002F","\u003Ch3>Live Preview\u003C\u002Fh3>\n\u003Cp>You Can check below settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP Version\u003C\u002Fli>\n\u003Cli>max_execution_time\u003C\u002Fli>\n\u003Cli>max_file_uploads\u003C\u002Fli>\n\u003Cli>max_input_time\u003C\u002Fli>\n\u003Cli>upload_max_filesize\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003C\u002Fp>\n\u003Ch3>Live Preview\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fninetyseveninfotech.in\u002Fphp-info-nsi\" rel=\"nofollow ugc\">https:\u002F\u002Fninetyseveninfotech.in\u002Fphp-info-nsi\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003C\u002Fp>\n\u003Cp>\u003C\u002Fp>\n\u003Ch3>\u003C\u002Fh3>\n","A simple Light weight plugin to look up information about PHP Info and manage PHP configurations values.",500,6760,100,"2023-03-01T05:16:00.000Z","6.1.10","4.7","5.0",[74,21,75],"php-configuration","php-version","https:\u002F\u002Fninetyseveninfotech.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-server-configuration.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":99,"download_link":100,"security_score":101,"vuln_count":102,"unpatched_count":27,"last_vuln_date":103,"fetched_at":29},"redirection","Redirection","5.7.5","John Godley","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnny5\u002F","\u003Cp>Redirection is the most popular redirect manager for WordPress. With it you can easily manage 301 redirections, keep track of 404 errors, and generally tidy up any loose ends your site may have. This can help reduce errors and improve your site ranking.\u003C\u002Fp>\n\u003Cp>Redirection is designed to be used on sites with a few redirects to sites with thousands of redirects.\u003C\u002Fp>\n\u003Cp>It has been a WordPress plugin for over 10 years and has been recommended countless times. And it’s free!\u003C\u002Fp>\n\u003Cp>Full documentation can be found at \u003Ca href=\"https:\u002F\u002Fredirection.me\" rel=\"nofollow ugc\">https:\u002F\u002Fredirection.me\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Redirection is compatible with PHP from 7.4 to 8.4.\u003C\u002Fp>\n\u003Ch4>Redirect manager\u003C\u002Fh4>\n\u003Cp>Create and manage redirects quickly and easily without needing Apache or Nginx knowledge. If your WordPress supports permalinks then you can use Redirection to redirect any URL.\u003C\u002Fp>\n\u003Cp>There is full support for regular expressions so you can create redirect patterns to match any number of URLs. You can match query parameters and even pass them through to the target URL.\u003C\u002Fp>\n\u003Cp>The plugin can also be configured to monitor when post or page permalinks are changed and automatically create a redirect to the new URL.\u003C\u002Fp>\n\u003Ch4>Conditional redirects\u003C\u002Fh4>\n\u003Cp>In addition to straightforward URL matching you can redirect based on other conditions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login status – redirect only if the user is logged in or logged out\u003C\u002Fli>\n\u003Cli>WordPress capability – redirect if the user is able to perform a certain capability\u003C\u002Fli>\n\u003Cli>Browser – redirect if the user is using a certain browser\u003C\u002Fli>\n\u003Cli>Referrer – redirect if the user visited the link from another page\u003C\u002Fli>\n\u003Cli>Cookies – redirect if a particular cookie is set\u003C\u002Fli>\n\u003Cli>HTTP headers – redirect based on a HTTP header\u003C\u002Fli>\n\u003Cli>Custom filter – redirect based on your own WordPress filter\u003C\u002Fli>\n\u003Cli>IP address – redirect if the client IP address matches\u003C\u002Fli>\n\u003Cli>Server – redirect another domain if also hosted on this server\u003C\u002Fli>\n\u003Cli>Page type – redirect if the current page is a 404\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Full logging\u003C\u002Fh4>\n\u003Cp>A configurable logging option allows to view all redirects occurring on your site, including information about the visitor, the browser used, and the referrer. A ‘hit’ count is maintained for each redirect so you can see if a URL is being used.\u003C\u002Fp>\n\u003Cp>Logs can be exported for external viewing, and can be searched and filtered for more detailed investigation.\u003C\u002Fp>\n\u003Cp>Display geographic information about an IP address, as well as a full user agent information, to try and understand who the visitor is.\u003C\u002Fp>\n\u003Cp>You are able to disable or reduce IP collection to meet the legal requirements of your geographic region, and can change the amount of information captured from the bare minimum to HTTP headers.\u003C\u002Fp>\n\u003Cp>You can also log any redirect happening on your site, including those performed outside of Redirection.\u003C\u002Fp>\n\u003Ch4>Add HTTP headers\u003C\u002Fh4>\n\u003Cp>HTTP headers can be added to redirects or your entire site that help reduce the impact of redirects or help increase security. You can also add your own custom headers.\u003C\u002Fp>\n\u003Ch4>Track 404 errors\u003C\u002Fh4>\n\u003Cp>Redirection will keep track of all 404 errors that occur on your site, allowing you to track down and fix problems.\u003C\u002Fp>\n\u003Cp>Errors can be grouped to show where you should focus your attention, and can be redirected in bulk.\u003C\u002Fp>\n\u003Ch4>Query parameter handling\u003C\u002Fh4>\n\u003Cp>You can match query parameters exactly, ignore them, and even pass them through to your target.\u003C\u002Fp>\n\u003Ch4>Migrate Permalinks\u003C\u002Fh4>\n\u003Cp>Changed your permalink structure? You can migrate old permalinks simply by entering the old permalink structure. Multiple migrations are supported.\u003C\u002Fp>\n\u003Ch4>Apache & Nginx support\u003C\u002Fh4>\n\u003Cp>By default Redirection will manage all redirects using WordPress. However you can configure it so redirects are automatically saved to a .htaccess file and handled by Apache itself.\u003C\u002Fp>\n\u003Cp>If you use Nginx then you can export redirects to an Nginx rewrite rules file.\u003C\u002Fp>\n\u003Ch4>Fine-grained permissions\u003C\u002Fh4>\n\u003Cp>Fine-grained permissions are available so you can customise the plugin for different users. This makes it particularly suitable for client sites where you may want to prevent certain actions, and remove functionality.\u003C\u002Fp>\n\u003Ch4>Import & Export\u003C\u002Fh4>\n\u003Cp>The plugin has a fully-featured import and export system and you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Import and export to Apache .htaccess\u003C\u002Fli>\n\u003Cli>Export to Nginx rewrite rules\u003C\u002Fli>\n\u003Cli>Copy redirects between sites using JSON\u003C\u002Fli>\n\u003Cli>Import and export to CSV for viewing in a spreadsheet\u003C\u002Fli>\n\u003Cli>Use WP CLI to automate import and export\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also import from the following plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple 301 Redirects\u003C\u002Fli>\n\u003Cli>SEO Redirection\u003C\u002Fli>\n\u003Cli>Safe Redirect Manager\u003C\u002Fli>\n\u003Cli>Rank Math\u003C\u002Fli>\n\u003Cli>WordPress old slug redirects\u003C\u002Fli>\n\u003Cli>Quick Post\u002FPages redirects\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Search Regex compatible\u003C\u002Fh4>\n\u003Cp>Redirection is compatible with \u003Ca href=\"https:\u002F\u002Fsearchregex.com\" rel=\"nofollow ugc\">Search Regex\u003C\u002Fa>, allowing you to bulk update your redirects.\u003C\u002Fp>\n\u003Ch4>Wait, it’s free?\u003C\u002Fh4>\n\u003Cp>Yes, it’s really free. There’s no premium version and no need to pay money to get access to features. This is a dedicated redirect management plugin.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Please submit bugs, patches, and feature requests to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fredirection\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fredirection\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please submit translations to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fredirection\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fredirection\u003C\u002Fa>\u003C\u002Fp>\n","Manage 301 redirects, track 404 errors, and improve your site. No knowledge of Apache or Nginx required.",2000000,71778834,88,693,"2026-03-01T07:42:00.000Z","6.9.4","6.5","7.4",[95,96,97,20,98],"301","404","apache","redirect","https:\u002F\u002Fredirection.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fredirection.5.7.5.zip",97,5,"2018-11-14 00:00:00",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":68,"num_ratings":114,"last_updated":115,"tested_up_to":91,"requires_at_least":52,"requires_php":116,"tags":117,"homepage":122,"download_link":123,"security_score":68,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-htaccess-editor","Htaccess File Editor – Safely Edit Htaccess File","1.73","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwphtaccess.com\u002F\" rel=\"nofollow ugc\">WP Htaccess Editor\u003C\u002Fa> provides a \u003Cstrong>simple, safe & fast way\u003C\u002Fstrong> to edit, fix & test the site’s htaccess file from WP admin. Before saving, htaccess file can be tested for syntax errors. It also automatically creates a htaccess backup every time you make a change to the htaccess file. Htaccess backups can be restored directly from the plugin, or via FTP if the errors in htaccess file prevents WP from running normally. Great for fixing htaccess errors. For all questions, including support please use the official \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-htaccess-editor\" rel=\"ugc\">forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Access WP Htaccess Editor via WP Admin – Settings menu.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you’re having problems with SSL or HTTPS try our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-ssl\u002F\" rel=\"ugc\">WP Force SSL\u003C\u002Fa> plugin. It’s the easiest way to enable SSL and fix SSL problems.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Testing Htaccess Syntax\u003C\u002Fh4>\n\u003Cp>Use the “test before saving” button to test htaccess file syntax before saving. Please note that this test does not check the logic of your htaccess file, ie if the redirects work as intended. It only checks for syntax errors. If you need to fix htaccess file we suggest restoring it to the default version and then add custom code line by line.\u003C\u002Fp>\n\u003Ch4>Automatic Htaccess Backups\u003C\u002Fh4>\n\u003Cp>Htaccess Editor makes automatic backups of htaccess file every time you make a change to it. Backups are located in \u003Ccode>\u002Fwp-content\u002Fhtaccess-editor-backups\u002F\u003C\u002Fcode> and timestamped so you can easily find the latest htaccess backup and restore it.\u003C\u002Fp>\n\u003Ch4>WordPress Network (WPMU) Support\u003C\u002Fh4>\n\u003Cp>WP Htaccess Editor is fully compatible and tested with WP Network (WPMU). It shows up under the Settings menu in network admin. It’s not available in individual sites as there is only one htaccess file per network.\u003C\u002Fp>\n\u003Cp>The plugin was originally developed by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Flukenzi\" rel=\"nofollow ugc\">Lukenzi\u003C\u002Fa> in March of 2011.\u003C\u002Fp>\n\u003Ch4>GDPR compatibility\u003C\u002Fh4>\n\u003Cp>We are not lawyers. Please do not take any of the following as legal advice.\u003Cbr \u002F>\nWP Htaccess Editor does not track, collect or process any user data. Nothing is logged or pushed to any 3rd parties nor do we use any 3rd party services or CDNs. Based on that, we feel it’s GDPR compatible, but again, please, don’t take this as legal advice.\u003C\u002Fp>\n","A safe & simple htaccess file editor with automatic htaccess backups & htaccess file syntax testing.",40000,811818,102,"2025-12-03T19:33:00.000Z","5.2",[118,20,119,120,121],"file-editor","htaccess-editor","htaccess-file","htaccess-file-editor","https:\u002F\u002Fwphtaccess.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-htaccess-editor.1.73.zip",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":12,"num_ratings":102,"last_updated":134,"tested_up_to":135,"requires_at_least":52,"requires_php":24,"tags":136,"homepage":24,"download_link":140,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"spiderblocker","Spider Blocker","1.3.7","Niteo","https:\u002F\u002Fprofiles.wordpress.org\u002Fniteoweb\u002F","\u003Cp>Spider Blocker blocks most common bots that consume bandwidth and slow down your blog.\u003Cbr \u002F>\nIt accomplishes this by using .htaccess file to minimize impact on your website. It’s hidden from external scanners.\u003C\u002Fp>\n\u003Cp>Spider Blocker is specifically designed for Apache servers with mod_rewrite enabled, allowing you to effortlessly safeguard your website from the most prevalent bots that hamper performance and drain resources.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block Unlimited bots from viewing your site\u003C\u002Fli>\n\u003Cli>Easy Export\u002FImport rules (comes with most common list of bots)\u003C\u002Fli>\n\u003Cli>Zero Footprint\u003C\u002Fli>\n\u003C\u002Ful>\n","SpiderBlocker will block most common bots that consume bandwidth and slow down your blog.",20000,613211,"2024-05-07T13:39:00.000Z","6.5.8",[97,137,138,20,139],"block","bots","seo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspiderblocker.1.3.7.zip",{"attackSurface":142,"codeSignals":180,"taintFlows":252,"riskAssessment":253,"analyzedAt":258},{"hooks":143,"ajaxHandlers":170,"restRoutes":177,"shortcodes":178,"cronEvents":179,"entryPointCount":13,"unprotectedCount":27},[144,150,155,159,162,166],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","all_admin_notices","show_admin_dashboard_notice","includes\u002Fclass-klick-cs-dashboard.php",43,{"type":145,"name":151,"callback":152,"file":153,"line":154},"admin_menu","init_dashboard","wp_configuration_and_staus.php",64,{"type":145,"name":156,"callback":157,"file":153,"line":158},"plugins_loaded","setup_translation",66,{"type":145,"name":156,"callback":160,"file":153,"line":161},"setup_loggers",68,{"type":145,"name":163,"callback":164,"file":153,"line":165},"wp_footer","klick_cs_ui_scripts",70,{"type":145,"name":167,"callback":168,"file":153,"line":169},"wp_head","klick_cs_ui_css",72,[171],{"action":172,"nopriv":173,"callback":174,"hasNonce":175,"hasCapCheck":173,"file":153,"line":176},"klick_cs_ajax",false,"klick_cs_ajax_handler",true,62,[],[],[],{"dangerousFunctions":181,"sqlUsage":182,"outputEscaping":184,"fileOperations":13,"externalRequests":27,"nonceChecks":13,"capabilityChecks":250,"bundledLibraries":251},[],{"prepared":27,"raw":27,"locations":183},[],{"escaped":185,"rawEcho":186,"locations":187},6,37,[188,191,193,195,198,201,203,205,207,210,211,212,214,217,219,220,222,223,224,225,227,228,229,230,232,234,236,238,240,241,242,243,244,245,246,247,248],{"file":148,"line":189,"context":190},124,"raw output",{"file":148,"line":192,"context":190},207,{"file":148,"line":194,"context":190},209,{"file":196,"line":197,"context":190},"templates\u002Fklick-cs-tab-htaccess.php",8,{"file":199,"line":200,"context":190},"templates\u002Fklick-cs-tab-our-other-plugins.php",26,{"file":199,"line":202,"context":190},27,{"file":204,"line":197,"context":190},"templates\u002Fklick-cs-tab-php-info.php",{"file":206,"line":197,"context":190},"templates\u002Fklick-cs-tab-wp-config.php",{"file":208,"line":209,"context":190},"templates\u002Fklick-cs-tabs-header.php",15,{"file":208,"line":209,"context":190},{"file":208,"line":209,"context":190},{"file":208,"line":213,"context":190},20,{"file":215,"line":216,"context":190},"templates\u002Fnotices-templates\u002Fhorizontal-notice.php",4,{"file":215,"line":218,"context":190},9,{"file":215,"line":209,"context":190},{"file":215,"line":221,"context":190},19,{"file":215,"line":221,"context":190},{"file":215,"line":221,"context":190},{"file":215,"line":221,"context":190},{"file":215,"line":226,"context":190},21,{"file":215,"line":226,"context":190},{"file":215,"line":226,"context":190},{"file":215,"line":226,"context":190},{"file":215,"line":231,"context":190},28,{"file":233,"line":216,"context":190},"templates\u002Fnotices-templates\u002Fmain-dashboard-notices.php",{"file":233,"line":235,"context":190},7,{"file":233,"line":237,"context":190},13,{"file":233,"line":239,"context":190},17,{"file":233,"line":239,"context":190},{"file":233,"line":239,"context":190},{"file":233,"line":239,"context":190},{"file":233,"line":221,"context":190},{"file":233,"line":221,"context":190},{"file":233,"line":221,"context":190},{"file":233,"line":221,"context":190},{"file":233,"line":200,"context":190},{"file":153,"line":249,"context":190},254,2,[],[],{"summary":254,"deductions":255},"The wp-configuration-and-status plugin v0.0.3 exhibits a generally positive security posture based on the provided static analysis. The plugin has a very small attack surface with a single AJAX handler, which, crucially, appears to have proper authentication and capability checks. The absence of dangerous functions, external HTTP requests, and the exclusive use of prepared statements for SQL queries are all strong indicators of secure coding practices. The vulnerability history also shows no recorded CVEs, further reinforcing its current perceived safety.\n\nHowever, a significant concern arises from the low percentage of properly escaped output. With 43 total outputs and only 14% properly escaped, there is a substantial risk of cross-site scripting (XSS) vulnerabilities. Any data processed or displayed by this plugin that is not correctly escaped could be exploited by attackers to inject malicious scripts. While the plugin has passed taint analysis with no identified unsanitized paths, the lack of output escaping remains a critical weakness that could be exploited through the identified AJAX endpoint if it were to handle user-supplied input in certain contexts.\n\nIn conclusion, while the plugin demonstrates good security hygiene in areas like SQL injection prevention and a minimal attack surface, the inadequate output escaping is a major security flaw. The vulnerability history suggests a low risk of previously known exploits, but the static analysis highlights a clear and present danger due to insufficient output sanitization. Prioritizing proper output escaping is essential to mitigate potential XSS risks.",[256],{"reason":257,"points":197},"Low percentage of properly escaped output","2026-04-16T11:13:10.052Z",{"wat":260,"direct":273},{"assetPaths":261,"generatorPatterns":266,"scriptPaths":267,"versionParams":268},[262,263,264,265],"\u002Fwp-content\u002Fplugins\u002Fwp-configuration-and-status\u002Fassets\u002Fcss\u002Fbackend.css","\u002Fwp-content\u002Fplugins\u002Fwp-configuration-and-status\u002Fassets\u002Fjs\u002Fbackend.js","\u002Fwp-content\u002Fplugins\u002Fwp-configuration-and-status\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fwp-configuration-and-status\u002Fassets\u002Fjs\u002Ffrontend.js",[],[263,265],[269,270,271,272],"wp-configuration-and-status\u002Fassets\u002Fcss\u002Fbackend.css?ver=","wp-configuration-and-status\u002Fassets\u002Fjs\u002Fbackend.js?ver=","wp-configuration-and-status\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","wp-configuration-and-status\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":274,"htmlComments":275,"htmlAttributes":288,"restEndpoints":289,"jsGlobals":290,"shortcodeOutput":291},[],[276,277,278,279,280,281,282,283,284,285,286,287],"\u003C!-- This plugin developed by klick-on-it.com -->","\u003C!-- Copyright 2017 klick on it (http:\u002F\u002Fklick-on-it.com) -->","\u003C!-- This program is free software; you can redistribute it and\u002For modify -->","\u003C!-- under the terms of the GNU General Public License (Version 3 - GPLv3) -->","\u003C!-- as published by the Free Software Foundation. -->","\u003C!-- This program is distributed in the hope that it will be useful, -->","\u003C!-- but WITHOUT ANY WARRANTY; without even the implied warranty of -->","\u003C!-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the -->","\u003C!-- GNU General Public License for more details. -->","\u003C!-- You should have received a copy of the GNU General Public License -->","\u003C!-- along with this program; if not, write to the Free Software -->","\u003C!-- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA -->",[],[],[],[],{"error":175,"url":293,"statusCode":294,"statusMessage":295,"message":295},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-configuration-and-status\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":297},[298],{"version":299,"download_url":300,"svn_tag_url":301,"released_at":28,"has_diff":173,"diff_files_changed":302,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":303,"is_current":173},"0.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-configuration-and-status.0.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-configuration-and-status\u002Ftags\u002F0.0.2\u002F",[],[]]