[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3x_LZ0Bh5H8yYfALX-XJSvpeiCNUd3Wxr7Wyej4Pq2s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":37,"fingerprints":175},"wp-developer-tools","WP-Developer-Tools","1.1.1","PressPage Entertainment Inc","https:\u002F\u002Fprofiles.wordpress.org\u002Fphkcorp2005\u002F","\u003Cp>A needed plugin to help developers optimize their installation of wordpress. plugins and themes.\u003Cbr \u002F>\nThis plugin is an ongoing effort to incorporate tools to help the developer.\u003C\u002Fp>\n\u003Cp>The flagship tool to be incorporated first is a much needed PHP Profiler. Based on the open source code of the Quick PHP Profiler, as a nice but functional interface that helps to isolate the bootlenecks in your code. This code has been written to be safe for production deployment and can track issues such as database query time & results,page load time, variables, and a lot more.\u003Cbr \u002F>\nIs you WordPress installation taking too long to load pages?\u003C\u002Fp>\n\u003Cp>Are chasing bugs that you cannot find?\u003C\u002Fp>\n\u003Cp>Do you want to satisfy your curiousity of the performance of your wordpress installation?\u003C\u002Fp>\n\u003Cp>The WP-Developer-Tools is an ongoing collection of useful tools and components that assist the developer to fine tune and diagnose their wordpress installation. The first tool included is the migration of the PHP Quick Profiler (http:\u002F\u002Fparticletree.com\u002F) to a WordPress plugin.\u003C\u002Fp>\n\u003Cp>Using the WP-Developer-Tools PHP Quick Profiler, you will be able to see, in real time session information, load time, the database queries with the query time, the amount of memory used and the number of files loaded per page with their individual sizes.\u003C\u002Fp>\n\u003Cp>An added feature, this plugin is designed to be safe for production as the WP-Developer-Tools PHP Quick Profiler is ONLY active when the Administrator is logged in and the session active. Once the Administrator losgs out, the WP-Developer-Tools PHP Quick Profiler will automatically turn off and disable.\u003C\u002Fp>\n\u003Cp>The following publication, “WordPress High Availability: Configuration, Deployment, Maintenance Tips & Techniques” available on\u003Cbr \u002F>\nAmazon at (https:\u002F\u002Fwww.amazon.com\u002Fdp\u002FB00RAIMGAC) shows how to improved performance for high availability environments.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>We make honorable mention to anyone who helps make this plugin better!\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>Support is provided at https:\u002F\u002Fgithub.com\u002Fpresspage2018\u002Fwp-developer-tools\u002Fissues. You will require a free account on github.com\u003C\u002Fp>\n\u003Cp>Please contact presspage.entertainment@gmail.com or visit the above forum with questions, comments, or requests.\u003C\u002Fp>\n","A needed plugin to help developers optimize their installation of wordpress. plugins and themes.",10,5419,70,2,"2020-08-23T13:04:00.000Z","5.5.18","2.8.6","",[20,21],"php-quick-profiler","wordpress-developer-tools","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-developer-tools\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-developer-tools.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":33,"computed_at":35},"phkcorp2005",5,140,81,30,"2026-04-05T05:40:55.912Z",[],{"attackSurface":38,"codeSignals":69,"taintFlows":165,"riskAssessment":166,"analyzedAt":174},{"hooks":39,"ajaxHandlers":65,"restRoutes":66,"shortcodes":67,"cronEvents":68,"entryPointCount":25,"unprotectedCount":25},[40,45,50,53,57,61],{"type":41,"name":42,"callback":42,"file":43,"line":44},"filter","query","classes\\MySqlDatabase.php",34,{"type":46,"name":47,"callback":47,"file":48,"line":49},"action","admin_notices","wp-developer-tools.php",310,{"type":46,"name":51,"callback":51,"file":48,"line":52},"admin_menu",316,{"type":46,"name":54,"callback":55,"file":48,"line":56},"init","wpdt_init",320,{"type":46,"name":58,"callback":59,"file":48,"line":60},"wp_footer","wpdt_end",321,{"type":46,"name":62,"callback":63,"file":48,"line":64},"wp_logout","wpdt_logout",322,[],[],[],[],{"dangerousFunctions":70,"sqlUsage":71,"outputEscaping":74,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":14,"bundledLibraries":164},[],{"prepared":72,"raw":25,"locations":73},1,[],{"escaped":25,"rawEcho":75,"locations":76},43,[77,81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117,119,121,123,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162],{"file":78,"line":79,"context":80},"display.php",76,"raw output",{"file":78,"line":82,"context":80},146,{"file":78,"line":84,"context":80},150,{"file":78,"line":86,"context":80},154,{"file":78,"line":88,"context":80},158,{"file":78,"line":90,"context":80},162,{"file":78,"line":92,"context":80},175,{"file":78,"line":94,"context":80},189,{"file":78,"line":96,"context":80},193,{"file":78,"line":98,"context":80},196,{"file":78,"line":100,"context":80},199,{"file":78,"line":102,"context":80},202,{"file":78,"line":104,"context":80},221,{"file":78,"line":106,"context":80},230,{"file":78,"line":108,"context":80},232,{"file":78,"line":110,"context":80},250,{"file":78,"line":112,"context":80},260,{"file":78,"line":114,"context":80},263,{"file":78,"line":116,"context":80},271,{"file":78,"line":118,"context":80},288,{"file":78,"line":120,"context":80},297,{"file":78,"line":122,"context":80},298,{"file":78,"line":52,"context":80},{"file":78,"line":125,"context":80},325,{"file":48,"line":127,"context":80},510,{"file":48,"line":129,"context":80},517,{"file":48,"line":131,"context":80},531,{"file":48,"line":133,"context":80},538,{"file":48,"line":135,"context":80},555,{"file":48,"line":137,"context":80},562,{"file":48,"line":139,"context":80},586,{"file":48,"line":141,"context":80},593,{"file":48,"line":143,"context":80},609,{"file":48,"line":145,"context":80},625,{"file":48,"line":147,"context":80},641,{"file":48,"line":149,"context":80},657,{"file":48,"line":151,"context":80},664,{"file":48,"line":153,"context":80},680,{"file":48,"line":155,"context":80},696,{"file":48,"line":157,"context":80},712,{"file":48,"line":159,"context":80},731,{"file":48,"line":161,"context":80},742,{"file":48,"line":163,"context":80},753,[],[],{"summary":167,"deductions":168},"The \"wp-developer-tools\" plugin version 1.1.1 exhibits a generally positive security posture based on the static analysis. The absence of known CVEs and the absence of any identified critical or high-severity issues in the vulnerability history are strong indicators of a well-maintained and secure plugin. Furthermore, the static analysis reports no exploitable attack surface, no dangerous functions, and no file operations or external HTTP requests, which significantly reduces the potential for common web vulnerabilities.\n\nHowever, there are notable areas of concern within the code analysis. The most significant is that 100% of the 43 identified output operations are not properly escaped. This presents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected into the plugin's output and executed in the user's browser. While the taint analysis found no unsanitized paths, the lack of output escaping means that even clean data, if user-supplied or indirectly influenced, could become a vector for XSS.\n\nIn conclusion, the plugin benefits from a clean vulnerability history and a minimal attack surface. The primary weakness lies in the complete lack of output escaping, which demands immediate attention to mitigate XSS risks. The presence of capability checks is a positive sign, but the unescaped output is a critical flaw that needs to be addressed to ensure the plugin's overall security.",[169,172],{"reason":170,"points":171},"All output operations are unescaped",8,{"reason":173,"points":31},"No nonce checks on any entry points","2026-03-16T23:42:05.980Z",{"wat":176,"direct":185},{"assetPaths":177,"generatorPatterns":182,"scriptPaths":183,"versionParams":184},[178,179,180,181],"\u002Fwp-content\u002Fplugins\u002Fwp-developer-tools\u002Fclasses\u002FPhpQuickProfiler.php","\u002Fwp-content\u002Fplugins\u002Fwp-developer-tools\u002Fclasses\u002FMySqlDatabase.php","\u002Fwp-content\u002Fplugins\u002Fwp-developer-tools\u002Fclasses\u002FConsole.php","\u002Fwp-content\u002Fplugins\u002Fwp-developer-tools\u002Fdisplay.php",[],[],[],{"cssClasses":186,"htmlComments":187,"htmlAttributes":188,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":191},[],[],[],[],[],[]]