[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJL0XoYfXkFZlW4ERf-8W-KiqY9VM8NA7N62VURBSW9Y":3,"$fBCUw-tdGPCDPykYGNtzXbfiu7h79eYzL2LFr_cqGqn4":184,"$fHnNafdXyp1Ah_pqSRjZKrEW8-f33dtg0to8T3RxzVCs":189},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":139,"fingerprints":171},"wp-core-update-cleaner","WP Core Update Cleaner","1.2.0","Upperdog","https:\u002F\u002Fprofiles.wordpress.org\u002Fupperdog\u002F","\u003Cp>When WordPress is updated, it re-installs wp-config-sample.php, readme files, and license files even though you may have deleted them before. This plugin automatically removes these files when WordPress is manually or automatically updated. It also removes these files when activating the plugin for the first time. Removing these files is not mandatory, but you may want to if you don’t want them to expose your WordPress version or if you just like to keep things neat and clean.\u003C\u002Fp>\n\u003Cp>Files that are removed:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>License files, both default and localized\u003C\u002Fli>\n\u003Cli>Readme files, both default and localized\u003C\u002Fli>\n\u003Cli>wp-config-sample.php\u003C\u002Fli>\n\u003Cli>wp-admin\u002Finstall.php\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Cem>You may not want to install this plugin if you’re using a plugin or service to scans your site to verify checksums on the core files. When the removed files are missing it might result in warnings.\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Manual installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the \u003Ccode>wp-core-update-cleaner\u003C\u002Fcode> directory to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory.\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress.\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin automatically removes some files in the root folder, like wp-config-sample.php, readme and license files, when WordPress is manually or au …",900,9317,90,4,"2024-03-19T11:14:00.000Z","6.5.8","3.3","",[20,21,22],"core","update","upgrade","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-core-update-cleaner.1.2.0.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":13,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"upperdog",3,36900,30,87,"2026-05-20T08:23:43.836Z",[38,58,79,100,124],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":56,"download_link":57,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"easy-theme-and-plugin-upgrades","Easy Theme and Plugin Upgrades","2.0.2","Chris Jean","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrisjean\u002F","\u003Cp>WordPress has a built-in feature to install themes and plugins by supplying a zip file. Unfortunately, you cannot upgrade a theme or plugin using the same process. Instead, WordPress will say “destination already exists” when trying to upgrade using a zip file and will fail to upgrade the theme or plugin.\u003C\u002Fp>\n\u003Cp>Easy Theme and Plugin Upgrades fixes this limitation in WordPress by automatically upgrading the theme or plugin if it already exists.\u003C\u002Fp>\n\u003Cp>While upgrading, a backup copy of the old theme or plugin is first created. This allows you to install the old version in case of problems with the new version.\u003C\u002Fp>\n\u003Cp>Attention: Version 2.0.0 changed the functionality of the plugin. You are no longer required to select “Yes” from a drop down before the theme or plugin can be upgraded. The need for an upgrade is now detected automatically. So, if you are used to the old functionality of the plugin, do not be concerned about the absence of upgrade details on the theme and plugin upload pages. Simply upload the theme or plugin as if you were installing it, and the plugin will automatically handle upgrading as needed.\u003C\u002Fp>\n","Easily upgrade your themes and plugins using zip files without removing the theme or plugin first.",70000,1437431,94,117,"2022-04-20T03:40:00.000Z","5.7.15","4.4",[54,21,22,55],"theme","upload","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Feasy-theme-and-plugin-upgrades\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-theme-and-plugin-upgrades.2.0.2.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":48,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":77,"download_link":78,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"automatic-updater","Advanced Automatic Updates","1.0.2","Gary Pendergast","https:\u002F\u002Fprofiles.wordpress.org\u002Fpento\u002F","\u003Cp>Advanced Automatic Updates adds extra options to WordPress’ built-in Automatic Updates feature. On top of security updates, it also supports installing major releases, plugins, themes, or even regular SVN checkouts!\u003C\u002Fp>\n\u003Cp>If you’re working on a WordPress Multisite install, it will properly restrict the options page to your Network Admin.\u003C\u002Fp>\n\u003Cp>While this will be useful for the vast majority of sites, please exercise caution, particularly if you have any custom themes or plugins running on your site.\u003C\u002Fp>\n","Adds extra options to WordPress' built-in Automatic Updates feature.",30000,255477,61,"2021-06-04T00:46:00.000Z","5.0.25","3.7",[20,73,74,75,76],"plugins","stable","themes","updates","http:\u002F\u002Fpento.net\u002Fprojects\u002Fautomatic-updater-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-updater.1.0.2.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":48,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":97,"download_link":98,"security_score":99,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"core-rollback","Core Rollback","1.4.2","Andy Fragen","https:\u002F\u002Fprofiles.wordpress.org\u002Fafragen\u002F","\u003Cp>Seamless rollback of WordPress Core to latest release or any outdated, secure release using the Core Update API and core update methods. Only latest release and outdated, secure releases are offered. Refer to https:\u002F\u002Fapi.wordpress.org\u002Fcore\u002Fstable-check\u002F1.0\u002F Logo from a meme generator. \u003Ca href=\"http:\u002F\u002Fhyperboleandahalf.blogspot.com\u002F2010\u002F06\u002Fthis-is-why-ill-never-be-adult.html\" rel=\"nofollow ugc\">Original artwork\u003C\u002Fa> by Allie Brosh.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>From the Tools menu select \u003Ccode>Rollback Core\u003C\u002Fcode>, select the version you wish to rollback to from the dropdown and click \u003Ccode>Rollback\u003C\u002Fcode>. You will be directed to the \u003Ccode>update-core.php\u003C\u002Fcode> page where you should see a button to \u003Ccode>Re-install\u003C\u002Fcode> your specified version.  If you move away from the \u003Ccode>update-core.php\u003C\u002Fcode> page before clicking the \u003Ccode>Re-install\u003C\u002Fcode> button you will have 15 seconds to return and complete the process or you will need to start over.\u003C\u002Fp>\n\u003Cp>In multisite use the Settings menu.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WARNING:\u003C\u002Fstrong> Downgrading WordPress Core may leave your site in an unusable state requiring a complete reinstall or a forced reinstall using WP-CLI, \u003Ccode>wp core update --force --version=5.5.3\u003C\u002Fcode>. It may also leave your site broken due to a plugin or theme incompatibility. \u003Cstrong>Use at your own risk.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Rollbacks use your current locale.\u003C\u002Fp>\n\u003Cp>PRs are welcome.\u003C\u002Fp>\n","Seamless rollback of WordPress Core to latest release or any outdated, secure release using the Core Update API and core update methods.",10000,156923,15,"2026-03-29T18:32:00.000Z","6.9.4","4.1","5.6",[20,95,96,22],"downgrade","rollback","https:\u002F\u002Fgithub.com\u002Fafragen\u002Fcore-rollback","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcore-rollback.1.4.2.zip",100,{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":87,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":18,"tags":114,"homepage":120,"download_link":121,"security_score":99,"vuln_count":122,"unpatched_count":25,"last_vuln_date":123,"fetched_at":27},"disable-update-notifications","Disable WordPress Update Notifications and auto-update Email Notifications","2.4.2","Prem Tiwari","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreewebmentor\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.premtiwari.in\u002F\" rel=\"nofollow ugc\">Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-update-notifications\u002F#installation\" rel=\"ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-update-notifications\u002Freviews\u002F#new-post\" rel=\"ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin will completely disables the Plugins, Themes, and WordPress core update notifications displayed by WordPress based on your plugin settings. Apart from this it will also disable auto-update Email Notifications.\u003C\u002Fp>\n\u003Ch3>🎉 Disable auto-update Email Notifications\u003C\u002Fh3>\n\u003Cp>Since WordPress 5.5 version, if you have enabled plugin and theme auto-update you will receive an automated email notifications when any plugin or theme auto-update is successful or failed.\u003C\u002Fp>\n\u003Cp>If you manage a dozen of websites, then the you will receive the constant stream of auto-update notifications emails and may be it annoying you.\u003C\u002Fp>\n\u003Cp>I have added a new feature to cure the problem by automatically Disable auto-update Email Notifications for plugins and themes auto-update email notifications.\u003C\u002Fp>\n\u003Cp>👉 Most importantly, This plugin is free and always will be free.\u003C\u002Fp>\n","Disables WordPress core update notification and plugins update notification update checks and notifications.",77450,88,18,"2025-06-10T02:21:00.000Z","6.8.5","5.0",[115,116,117,118,119],"core-update","disable","hide-warnings","plugin-update","update-notifications","https:\u002F\u002Fwww.premtiwari.in\u002Fdisable-wordpress-update-notifications\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-update-notifications.2.4.2.zip",1,"2023-05-30 00:00:00",{"slug":125,"name":126,"version":82,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":87,"downloaded":131,"rating":132,"num_ratings":14,"last_updated":133,"tested_up_to":91,"requires_at_least":134,"requires_php":93,"tags":135,"homepage":137,"download_link":138,"security_score":99,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"disable-updates","Disable Updates for WordPress Core, Plugins and Themes","Johan van der Wijk","https:\u002F\u002Fprofiles.wordpress.org\u002Fvanderwijk\u002F","\u003Cp>This plugin disables all WordPress updates (core, plugins and themes). This can be useful if you have multiple environments such as a live and staging server and you don’t want your users to use the update functionality.\u003C\u002Fp>\n\u003Cp>This plugin not only disables the update mechanism for the core, plugins and themes, but it also removes the update menu item from the left navigation menu in the admin dashboard.\u003C\u002Fp>\n","Disables the WordPress update checking and notification system for all core, plugin and theme updates.",109940,96,"2025-12-01T15:45:00.000Z","4.6",[115,125,118,136,76],"theme-update","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-updates\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-updates.1.4.2.zip",{"attackSurface":140,"codeSignals":155,"taintFlows":162,"riskAssessment":163,"analyzedAt":170},{"hooks":141,"ajaxHandlers":151,"restRoutes":152,"shortcodes":153,"cronEvents":154,"entryPointCount":25,"unprotectedCount":25},[142,147],{"type":143,"name":144,"callback":144,"file":145,"line":146},"action","admin_init","wp-core-update-cleaner.php",41,{"type":143,"name":148,"callback":149,"file":145,"line":150},"_core_updated_successfully","core_update_cleaner",42,[],[],[],[],{"dangerousFunctions":156,"sqlUsage":157,"outputEscaping":159,"fileOperations":122,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":161},[],{"prepared":25,"raw":25,"locations":158},[],{"escaped":25,"rawEcho":25,"locations":160},[],[],[],{"summary":164,"deductions":165},"The \"wp-core-update-cleaner\" v1.2.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code signals indicate good development practices, with no dangerous functions, all SQL queries using prepared statements, and all outputs properly escaped. The plugin also avoids external HTTP requests, which can be a common vector for vulnerabilities.\n\nThe taint analysis reports zero flows, suggesting that user-supplied data is not being processed in a way that could lead to common vulnerabilities like path traversal or command injection. The clean vulnerability history, with zero recorded CVEs of any severity, further reinforces the impression of a secure plugin. The lack of nonces and capability checks, while typically a concern, is less critical here given the minimal attack surface and the plugin's likely function of performing background cleanup tasks that may not require explicit user interaction or fine-grained permissions.\n\nIn conclusion, this plugin appears to be well-secured with no immediate exploitable vulnerabilities identified in the static analysis or its history. Its strengths lie in its limited attack surface and adherence to secure coding practices for the operations it performs. The only potential area for improvement, though not a critical risk in this context, would be the implementation of capability checks if its functionality were to expand in the future.",[166,168],{"reason":167,"points":32},"Missing nonce checks",{"reason":169,"points":32},"Missing capability checks","2026-03-16T19:08:02.041Z",{"wat":172,"direct":177},{"assetPaths":173,"generatorPatterns":174,"scriptPaths":175,"versionParams":176},[],[],[],[],{"cssClasses":178,"htmlComments":179,"htmlAttributes":180,"restEndpoints":181,"jsGlobals":182,"shortcodeOutput":183},[],[],[],[],[],[],{"error":185,"url":186,"statusCode":187,"statusMessage":188,"message":188},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-core-update-cleaner\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":32,"versions":190},[191,197,204],{"version":6,"download_url":23,"svn_tag_url":192,"released_at":26,"has_diff":193,"diff_files_changed":194,"diff_lines":26,"trac_diff_url":195,"vulnerabilities":196,"is_current":185},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-core-update-cleaner\u002Ftags\u002F1.2.0\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-core-update-cleaner%2Ftags%2F1.1.0&new_path=%2Fwp-core-update-cleaner%2Ftags%2F1.2.0",[],{"version":198,"download_url":199,"svn_tag_url":200,"released_at":26,"has_diff":193,"diff_files_changed":201,"diff_lines":26,"trac_diff_url":202,"vulnerabilities":203,"is_current":193},"1.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-core-update-cleaner.1.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-core-update-cleaner\u002Ftags\u002F1.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-core-update-cleaner%2Ftags%2F1.0&new_path=%2Fwp-core-update-cleaner%2Ftags%2F1.1.0",[],{"version":205,"download_url":206,"svn_tag_url":207,"released_at":26,"has_diff":193,"diff_files_changed":208,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":209,"is_current":193},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-core-update-cleaner.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-core-update-cleaner\u002Ftags\u002F1.0\u002F",[],[]]