[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkvL2Ekn3QRDQM5zbCbor8sKVYwiFsyfJd0P1QuBzqks":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":146,"fingerprints":348},"wp-folksonomy","WP_Folksonomy","0.8","scottsm","https:\u002F\u002Fprofiles.wordpress.org\u002Fscottsm\u002F","\u003Cp>This plugin allows your readers (either registered users or all) to add tags to your posts. Tags can be held for approval or displayed immediately. An RSS feed for monitoring new tags is provided. Javascript autocompletion is available to help improve tagging consistency.\u003C\u002Fp>\n","This plugin allows your readers to add tags to your posts (like Flickr or del.icio.us).",10,2334,0,"2008-09-22T04:01:00.000Z","2.5.1","2.3","",[19,20,21,22,23],"collaborative","folksonomy","submitted","tags","user","http:\u002F\u002Fscott.sherrillmix.com\u002Fblog\u002Fprogrammer\u002Fweb\u002FWP_Folksonomy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-folksonomy.0.8.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},5,60,30,84,"2026-04-04T11:42:05.194Z",[37,61,83,105,126],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":59,"download_link":60,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"menu-by-user-roles","Menu By User Roles","2.0.4","kahnu044","https:\u002F\u002Fprofiles.wordpress.org\u002Fkahnu044\u002F","\u003Cp>Menu By User Roles is a WordPress plugin that allows you to control the visibility of menu items based on user roles. You can assign specific user roles to each menu item, ensuring that only users with those roles can see and access the corresponding links.\u003C\u002Fp>\n\u003Cp>For more information and usage instructions, visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkahnu044\u002Fmenu-by-user-roles\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support and inquiries, please \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkahnu044\u002Fmenu-by-user-roles\u002Fissues\" rel=\"nofollow ugc\">open an issue on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is released under the GPL-2.0+ License. See \u003Ccode>LICENSE\u003C\u002Fcode> for more information.\u003C\u002Fp>\n\u003Ch3>Author\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkahnu044\" rel=\"nofollow ugc\">Kahnu Charan Swain\u003C\u002Fa>\u003C\u002Fp>\n","Menu By User Roles allows you to control the visibility of menu items based on user roles.",1000,8453,100,3,"2025-10-02T15:41:00.000Z","6.8.5","5.0","7.0",[54,55,56,57,58],"access-control","role-based-menus","site-navigation","tags-menu-visibility","user-roles","https:\u002F\u002Fgithub.com\u002Fkahnu044\u002Fmenu-by-user-roles","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmenu-by-user-roles.2.0.4.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":17,"tags":76,"homepage":81,"download_link":82,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"fix-duplicates","Fix Duplicates","1.0.4","Stephen Cronin","https:\u002F\u002Fprofiles.wordpress.org\u002Fstephencronin\u002F","\u003Cp>Do you run a site with user submitted content? Do users submit the same post again and again? Use the \u003Ca href=\"http:\u002F\u002Fscratch99.com\u002Fproducts\u002Ffix-duplicates\u002F\" rel=\"nofollow ugc\">Fix Duplicates plugin\u003C\u002Fa> to find and delete duplicate posts.\u003C\u002Fp>\n\u003Cp>There is also a paid \u003Ca href=\"http:\u002F\u002Fscratch99.com\u002Fproducts\u002Ffix-duplicates\u002Fredirection\u002F\" rel=\"nofollow ugc\">Redirection extension\u003C\u002Fa> that preserves the link equity of removed duplicates by 301 redirecting them to the kept item.\u003C\u002Fp>\n\u003Ch4>Warning\u003C\u002Fh4>\n\u003Cp>The purpose of this plugin is to delete duplicates. Extensive testing has been carried out, but you should make sure you have a backup of your database, just in case.\u003C\u002Fp>\n\u003Ch4>Extensions\u003C\u002Fh4>\n\u003Cp>We currently offer the following premium extensions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fscratch99.com\u002Fproducts\u002Ffix-duplicates\u002Fredirection\u002F\" rel=\"nofollow ugc\">Redirection\u003C\u002Fa>: Gives you the ability to 301 redirect any duplicates being deleted, to the one being kept. This helps preserve your link equity, so that PageRank is passed to a single post rather than just being lost. Or to put it simply: Helps with SEO!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>This plugin requires WordPress 3.5 or above.\u003C\u002Fli>\n\u003Cli>I am not currently aware of any compatibility issues with any other WordPress plugins.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>The free version of this plugin is officially not supported, but if you leave a comment on the plugin’s support forum, I’ll try to help if I can. A much higher level of support is available for customers who purchase one of the premium extensions.\u003C\u002Fp>\n\u003Ch4>Disclaimer\u003C\u002Fh4>\n\u003Cp>This plugin is released under the \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fcopyleft\u002Fgpl.html\" rel=\"nofollow ugc\">GPL licence\u003C\u002Fa>. I do not accept any responsibility for any damages or losses, direct or indirect, that may arise from using the plugin or these instructions. This software is provided as is, with absolutely no warranty. Please refer to the full version of the GPL license for more information.\u003C\u002Fp>\n","Do you run a site with user submitted content? Do users submit the same post again and again? Use the Fix Duplicates plugin to find and delete duplica &hellip;",900,52189,86,12,"2017-11-28T16:59:00.000Z","4.6.30","3.5",[77,78,79,62,80],"duplicate-posts","duplicates","find-duplicates","user-submitted-posts","http:\u002F\u002Fscratch99.com\u002Fproducts\u002Ffix-duplicates\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffix-duplicates.1.0.4.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":47,"downloaded":91,"rating":13,"num_ratings":13,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":100,"download_link":101,"security_score":102,"vuln_count":103,"unpatched_count":13,"last_vuln_date":104,"fetched_at":28},"fast-flow-dashboard","Fast Flow","1.2.18","fastflow","https:\u002F\u002Fprofiles.wordpress.org\u002Ffastflow\u002F","\u003Cp>Data dashboard, user tagging and settings plugin for Fast Flow plugins system.\u003C\u002Fp>\n\u003Cp>FastFlow opens WordPress up to the world of sales and marketing automation giving you a powerful user tagging system with multiple data dashboards.\u003C\u002Fp>\n\u003Cp>At the heart of FastFlow are Fast Tags. Every user can have different Fast Tags applied and then these tags can be used to interact with both your WordPress site and your other apps and services.\u003C\u002Fp>\n\u003Cp>Using Fast Tags and our growing number of integrations you can apply tags to users at any stage of your marketing and sales process.\u003C\u002Fp>\n\u003Cp>FastFlow can then be used to sync your users across different platforms which would otherwise not be talking with each other and display data based on the tags your contacts have.\u003C\u002Fp>\n\u003Cp>Fast Flow is designed to work seamlessly with \u003Ca href=\"https:\u002F\u002Ffastmember.com\" rel=\"nofollow ugc\">Fast Member\u003C\u002Fa>, an all in one WordPress based membership platform for securely selling your digital content.\u003C\u002Fp>\n\u003Cp>You can find out more about Fast Member here\u003C\u002Fp>\n\u003Ch3>Serving A Global Community Since 2011\u003C\u002Fh3>\n\u003Cp>We’ve been actively developing WordPress plugins for over six years connecting with customers and clients across 6 continents (hey, if you’re already using our plugins in Antarctica let us know and we’ll make it 7!)\u003C\u002Fp>\n\u003Cp>Through this Fast Flow has been founded to serve the needs of the growing global community of awesome WordPress users.\u003C\u002Fp>\n\u003Cp>From digital music downloads to full scale membership sites with thousands of users, our plugins are used to sell a wide range of products online.\u003C\u002Fp>\n\u003Cp>As a result they are always designed and developed with modern digital marketing and eCommerce needs in mind.\u003C\u002Fp>\n\u003Ch3>Carefully Architected and Seamlessly Integrated\u003C\u002Fh3>\n\u003Cp>Through nearly a decade of experience selling with WordPress, the Fast Flow system is a collection of carefully architected plugins which integrate seamlessly with each other.\u003C\u002Fp>\n\u003Cp>Together they give you a complete sales and marketing platform for WordPress, which adapts to your needs.\u003C\u002Fp>\n\u003Ch3>Future Proof Your Business\u003C\u002Fh3>\n\u003Cp>Each Fast Flow plugin is also powerful enough to work independently, allowing you to slot them into your business and then expand with your needs .\u003C\u002Fp>\n\u003Cp>Because all plugins are also designed and tested working as part of a bigger system, this removes the pain or worry of something breaking in the expansion process.\u003C\u002Fp>\n\u003Cp>When you know you have a reliable suite of tools to tap into at any time this future proofs your business.\u003C\u002Fp>\n\u003Ch3>Solid Architecture, Fanatical Support, Regular Updates\u003C\u002Fh3>\n\u003Cp>WordPress users need assurance a system is in place which will cover your needs for expansion, support and updates further down the line and FastFlow offers this.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Ffastflow.io\" rel=\"nofollow ugc\">Fast Flow\u003C\u002Fa> to find out more\u003C\u002Fp>\n","Data dashboard, user tagging and settings plugin for Fast Flow plugins system.",9438,"2025-02-17T14:29:00.000Z","6.7.5","6.5","7.4",[97,98,87,99],"dashboard","fast-flow","user-tags","https:\u002F\u002Ffastflow.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffast-flow-dashboard.zip",89,4,"2025-02-22 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":32,"downloaded":113,"rating":114,"num_ratings":103,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":17,"tags":118,"homepage":124,"download_link":125,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"empty-wp-blog-or-website","Empty WP Blog\u002FWebsite","1.1","Anoop M C","https:\u002F\u002Fprofiles.wordpress.org\u002Fanoopmmc\u002F","\u003Cp>One click solution for make your blog\u002Fwebsite empty. Delete all your posts, pages, media(images,videos,etc) , tags and categories.\u003C\u002Fp>\n","One click solution for make your blog\u002Fwebsite empty. Delete all your posts, pages, media(images,videos,etc) , tags and categories.",13792,56,"2015-05-08T15:41:00.000Z","4.2.39","2.0.2",[119,120,121,122,123],"delete-posts","delete-users","empty-pages","empty-tags","empty-wp","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fempty-wp-blog-or-website","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fempty-wp-blog-or-website.zip",{"slug":99,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":135,"num_ratings":136,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":140,"tags":141,"homepage":17,"download_link":145,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"User Taxonomy & Directory","2.0","Umesh Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Fumeshsingla\u002F","\u003Cp>The plugin offers a user-friendly solution to help you manage user taxonomies and create user directories on your WordPress site.\u003C\u002Fp>\n\u003Cp>Key Features:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Easy Taxonomy Management: Register and manage user taxonomies effortlessly, providing structure to your user base without unnecessary complexity.\nAdmin users with the edit_users capability can assign or un-assign categories from the User profile page, made even more flexible with the ut_render_taxonomy_dropdown filter to modify the check.\n\nTaxonomy Template Customization: Each taxonomy term generates its own archive featuring the list of assigned users. The plugin allows you to customize this template by simply creating a folder named template in your theme's root directory and add the custom template user-taxonomy-template.php.\"\nMake sure to refresh your permalinks after creating a new taxonomy to ensure that the template functions correctly.\n\nDynamic User Lists: user-directory block allows you to display user lists based on roles, with a variety of customizable fields and filters for your front-end design.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>User List Features:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Simple Search: Find users easily by name.\n\nFiltering: Use taxonomies to refine user lists, with the option to activate multiple taxonomy filters via block settings.\n\nFlexible Fields: User Name is included by default, but you can add more fields like Bio and Images, all configured with the block settings along with an option to filter it.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin is compatible with multisite environment.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fjustintadlock.com\u002Farchives\u002F2011\u002F10\u002F20\u002Fcustom-user-taxonomies-in-wordpress\" rel=\"nofollow ugc\">Justin Tadlock\u003C\u002Fa>\u003C\u002Fp>\n","User Taxonomy & Directory helps you effortlessly manage user taxonomies on your WordPress website. With a user-friendly interface, it simplifies t &hellip;",50,57259,92,13,"2023-09-26T07:12:00.000Z","6.3.8","6.0","7.2",[22,142,143,99,144],"taxonomies","user-directory","user-taxonomy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-tags.2.0.zip",{"attackSurface":147,"codeSignals":176,"taintFlows":260,"riskAssessment":332,"analyzedAt":347},{"hooks":148,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":13,"unprotectedCount":13},[149,155,159,164,168],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","admin_menu","wp_folksonomy_menu","wp_folksonomy.php",19,{"type":150,"name":156,"callback":157,"file":153,"line":158},"pre_get_posts","wp_folksonomy_add_tag",21,{"type":150,"name":160,"callback":161,"priority":162,"file":153,"line":163},"init","wp_folksonomy_controller",99,281,{"type":150,"name":165,"callback":166,"file":153,"line":167},"wp_print_scripts","wp_folksonomy_add_js_libs",421,{"type":150,"name":169,"callback":170,"file":153,"line":171},"wp_head","wp_folksonomy_head",431,[],[],[],[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":206,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":48,"bundledLibraries":259},[],{"prepared":179,"raw":11,"locations":180},7,[181,184,187,190,193,195,197,199,201,203],{"file":153,"line":182,"context":183},69,"$wpdb->get_row() with variable interpolation",{"file":153,"line":185,"context":186},158,"$wpdb->get_results() with variable interpolation",{"file":153,"line":188,"context":189},265,"$wpdb->get_col() with variable interpolation",{"file":153,"line":191,"context":192},296,"$wpdb->query() with variable interpolation",{"file":153,"line":194,"context":192},297,{"file":153,"line":196,"context":186},328,{"file":153,"line":198,"context":192},333,{"file":153,"line":200,"context":192},343,{"file":153,"line":202,"context":186},351,{"file":153,"line":204,"context":205},392,"$wpdb->get_var() with variable interpolation",{"escaped":103,"rawEcho":207,"locations":208},25,[209,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258],{"file":153,"line":210,"context":211},133,"raw output",{"file":153,"line":213,"context":211},192,{"file":153,"line":215,"context":211},217,{"file":153,"line":217,"context":211},226,{"file":153,"line":219,"context":211},229,{"file":153,"line":221,"context":211},231,{"file":153,"line":223,"context":211},248,{"file":153,"line":225,"context":211},249,{"file":153,"line":227,"context":211},250,{"file":153,"line":229,"context":211},251,{"file":153,"line":231,"context":211},252,{"file":153,"line":233,"context":211},253,{"file":153,"line":235,"context":211},266,{"file":153,"line":237,"context":211},336,{"file":153,"line":239,"context":211},344,{"file":153,"line":241,"context":211},357,{"file":153,"line":243,"context":211},360,{"file":153,"line":245,"context":211},367,{"file":153,"line":247,"context":211},385,{"file":153,"line":249,"context":211},389,{"file":153,"line":251,"context":211},394,{"file":153,"line":253,"context":211},396,{"file":153,"line":255,"context":211},399,{"file":153,"line":257,"context":211},407,{"file":153,"line":257,"context":211},[],[261,279,312,323],{"entryPoint":262,"graph":263,"unsanitizedCount":13,"severity":278},"wp_folksonomy_subpanel (wp_folksonomy.php:305)",{"nodes":264,"edges":275},[265,270],{"id":266,"type":267,"label":268,"file":153,"line":269},"n0","source","$_GET (x2)",388,{"id":271,"type":272,"label":273,"file":153,"line":249,"wp_function":274},"n1","sink","echo() [XSS]","echo",[276],{"from":266,"to":271,"sanitized":277},true,"low",{"entryPoint":280,"graph":281,"unsanitizedCount":13,"severity":278},"\u003Cwp_folksonomy> (wp_folksonomy.php:0)",{"nodes":282,"edges":307},[283,286,290,294,299,301,303,305],{"id":266,"type":267,"label":284,"file":153,"line":285},"$_SERVER",58,{"id":271,"type":272,"label":287,"file":153,"line":288,"wp_function":289},"query() [SQLi]",59,"query",{"id":291,"type":267,"label":292,"file":153,"line":293},"n2","$_SERVER (x2)",73,{"id":295,"type":272,"label":296,"file":153,"line":297,"wp_function":298},"n3","get_var() [SQLi]",74,"get_var",{"id":300,"type":267,"label":284,"file":153,"line":285},"n4",{"id":302,"type":272,"label":273,"file":153,"line":235,"wp_function":274},"n5",{"id":304,"type":267,"label":268,"file":153,"line":269},"n6",{"id":306,"type":272,"label":273,"file":153,"line":249,"wp_function":274},"n7",[308,309,310,311],{"from":266,"to":271,"sanitized":277},{"from":291,"to":295,"sanitized":277},{"from":300,"to":302,"sanitized":277},{"from":304,"to":306,"sanitized":277},{"entryPoint":313,"graph":314,"unsanitizedCount":321,"severity":322},"wp_folksonomy_add_tag (wp_folksonomy.php:31)",{"nodes":315,"edges":318},[316,317],{"id":266,"type":267,"label":284,"file":153,"line":285},{"id":271,"type":272,"label":287,"file":153,"line":288,"wp_function":289},[319],{"from":266,"to":271,"sanitized":320},false,1,"high",{"entryPoint":324,"graph":325,"unsanitizedCount":331,"severity":322},"wp_folksonomy_tagcheck (wp_folksonomy.php:66)",{"nodes":326,"edges":329},[327,328],{"id":266,"type":267,"label":292,"file":153,"line":293},{"id":271,"type":272,"label":296,"file":153,"line":297,"wp_function":298},[330],{"from":266,"to":271,"sanitized":320},2,{"summary":333,"deductions":334},"The wp-folksonomy plugin v0.8 exhibits a mixed security posture. On the positive side, there are no known CVEs, the attack surface appears to be minimal with no exposed AJAX handlers, REST API routes, shortcodes, or cron events, and there are no file operations or external HTTP requests, reducing potential points of compromise. The presence of capability checks, though limited, is a good practice.\n\nHowever, significant concerns arise from the static analysis. A substantial 60% of SQL queries do not utilize prepared statements, introducing a high risk of SQL injection vulnerabilities. Furthermore, only 14% of output is properly escaped, indicating a strong possibility of cross-site scripting (XSS) vulnerabilities. The taint analysis reveals two high-severity flows with unsanitized paths, which could lead to critical security issues if these paths are exploitable. The absence of nonce checks on any entry points, combined with a lack of robust authorization checks on the limited entry points, further exacerbates these risks.\n\nWhile the plugin has no historical vulnerabilities, this could be due to its limited exposure or a lack of thorough security auditing. The current code analysis, however, points to specific, actionable security weaknesses that need immediate attention. In conclusion, the plugin has strengths in its limited attack surface and lack of historical issues, but the significant risks identified in SQL query handling, output escaping, and taint flows, coupled with the absence of nonce checks, indicate a vulnerable state.",[335,337,338,341,343,345],{"reason":336,"points":72},"High severity unsanitized paths in taint analysis",{"reason":336,"points":72},{"reason":339,"points":340},"Significant number of SQL queries not using prepared statements",8,{"reason":342,"points":179},"Low percentage of properly escaped output",{"reason":344,"points":31},"Missing nonce checks on entry points",{"reason":346,"points":48},"Limited capability checks","2026-03-17T01:32:43.858Z",{"wat":349,"direct":354},{"assetPaths":350,"generatorPatterns":351,"scriptPaths":352,"versionParams":353},[],[],[],[],{"cssClasses":355,"htmlComments":356,"htmlAttributes":357,"restEndpoints":358,"jsGlobals":359,"shortcodeOutput":360},[],[],[],[],[],[]]