[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fk-kkUeHcJAcemVxAl4eH0XRaGEPiaIdlyRfC5NNCiLA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":16,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":147,"fingerprints":265},"wp-getting-started","WP Getting Started","0.1.1","Mike Martel","https:\u002F\u002Fprofiles.wordpress.org\u002Fmike_cowobo\u002F","\u003Cp>WP Getting Started replaces the WordPress Welcome Panel (the one you see on the Dashboard after a fresh WP installation) with a simple 4 step walkthrough: choose and\u002For customize your theme, add pages and add posts.\u003C\u002Fp>\n\u003Cp>At every page in the walkthrough, users get a short explanation of what they are doing – for example what the difference between a page and a post is. When they have completed a step, they are automatically taken back to the walkthrough on the Dashboard.\u003C\u002Fp>\n\u003Cp>WP Getting Started is fully compatible with multisite networks, to give new users an easier introduction to the WordPress admin interface, and is no more intrusive than the original Welcome Panel in WordPress (further explanations only show up when the user follows the links from WP Getting Started).\u003C\u002Fp>\n\u003Cp>This plugin is fully compatible with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flive-theme-preview\u002F\" rel=\"ugc\">Live Theme Preview\u003C\u002Fa>, a drop-in replacement for WordPress’ native Themes interface.\u003C\u002Fp>\n\u003Cp>This plugin only works with WordPress version 3.4 or later.\u003C\u002Fp>\n\u003Cp>\u003Cem>This plugin is only freshly released, so use with care. Please leave any comments, bugs or suggestion in the Support section of the plugin page!\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cem>If you want to help develop this plugin, visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmgmartel\u002FWP-Getting-Started\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multisite compatible\u003C\u002Fli>\n\u003Cli>Easily extendible through hooks and actions\u003C\u002Fli>\n\u003Cli>Internationalized\u003C\u002Fli>\n\u003Cli>Non intrusive – one click to dismiss\u003C\u002Fli>\n\u003Cli>Big Icons, Single Workflow\u003Cbr \u002F>\nThe icons used in WP Getting Started come from the \u003Ca href=\"http:\u002F\u002Fwww.designshock.com\u002Fgoogle-plus-interface-icons\u002F\" rel=\"nofollow ugc\">“Google Plus Interface Icons”\u003C\u002Fa> icon pack by Design Shock, free for personal or commercial use. Original license file is included with the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n","Replace WordPress' Welcome Panel with a simple but effective walkthrough",10,2532,100,2,"2012-11-10T15:10:00.000Z","","3.4.2",[19,20,21,22,23],"getting-started","help","multisite","walkthrough","welcome-panel","http:\u002F\u002Ftrenvo.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-getting-started.0.1.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"mike_cowobo",7,70,89,30,86,"2026-04-04T14:37:13.680Z",[40,54,78,98,124],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":11,"downloaded":48,"rating":27,"num_ratings":27,"last_updated":49,"tested_up_to":17,"requires_at_least":50,"requires_php":16,"tags":51,"homepage":52,"download_link":53,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"hide-welcome-panel-for-multisite","Hide Welcome Panel for Multisite","1.0","Andrew Nacin","https:\u002F\u002Fprofiles.wordpress.org\u002Fnacin\u002F","\u003Cp>WordPress 3.3 introduced a new welcome panel designed to provide a better experience for new users installing WordPress for the first time. The panel would normally be shown to new owners of sites in a network, but this may not be desirable for all networks. This plugin dismisses the panel for new sites and users.\u003C\u002Fp>\n\u003Cp>This plugin applies only to multisite, and must be network activated.\u003C\u002Fp>\n","Prevent users from seeing the welcome panel (added in WordPress 3.3) on new sites in a network.",6480,"2011-12-12T01:40:00.000Z","3.3",[21,23],"http:\u002F\u002Fnacin.com\u002Ftag\u002Fhide-welcome-panel-for-multisite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-welcome-panel-for-multisite.1.0.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":35,"vuln_count":33,"unpatched_count":27,"last_vuln_date":77,"fetched_at":29},"code-snippets","Code Snippets","3.9.5","Code Snippets Pro","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodesnippetspro\u002F","\u003Cp>\u003Cstrong>✂ Code Snippets\u003C\u002Fstrong> provides an effortless way to enhance your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 Upgrade to Code Snippets Pro\u003C\u002Fstrong> for complete CSS, JavaScript, Gutenberg, Elementor and cloud synchronisation integrations. \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fcodesnippets.pro\u002Fpricing\" rel=\"nofollow ugc\">Elevate your snippets experience now!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Say goodbye to the hassle of tweaking your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file and downloading endless plugins – Code Snippets simplifies the process!\u003C\u002Fp>\n\u003Cp>A snippet is like a mini-plugin for your WordPress site, providing added functionality without the clutter.\u003C\u002Fp>\n\u003Cp>Unlike other solutions that involve dumping code into your \u003Ccode>functions.php\u003C\u002Fcode> file, Code Snippets offers an intuitive graphical interface for seamless integration and real-time execution. Managing snippets is as easy as activating and deactivating plugins, only without the bloat and overhead.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎥 Watch a quick overview by Imran Siddiq:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FuzND-wdSCMQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>☁️ Each copy of Code Snippets includes full integration with the community-powered \u003Ca href=\"https:\u002F\u002Fcodesnippets.cloud\u002F\" rel=\"nofollow ugc\">Code Snippets Cloud\u003C\u002Fa> platform, providing easy access to hundreds of tweaks and enhancements ready to power-up any WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🌐 Connect with us:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcode-snippets\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffacebook.com\u002Fgroups\u002Fcodesnippetsplugin\" rel=\"nofollow ugc\">Facebook Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsnipco.de\u002Fdiscord\" rel=\"nofollow ugc\">Discord Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodesnippetspro\u002Fcode-snippets\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🌟 Like our plugin? Find it useful? Please consider sharing your experience by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fcode-snippets\" rel=\"ugc\">leaving a review on WordPress.org\u003C\u002Fa>. Your feedback is instrumental to shaping our future growth!\u003C\u002Fp>\n\u003Cp>🌍 We’d like to thank the wonderful people who have helped contribute translations to allow Code Snippets to be used in different languages. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodesnippetspro\u002Fcode-snippets\u002Fblob\u002Fcore\u002FCREDITS.md#translators\" rel=\"nofollow ugc\">You can find a full list here\u003C\u002Fa>.\u003C\u002Fp>\n","An easy, clean and simple way to enhance your site with code snippets.",1000000,19655832,94,494,"2026-02-05T11:03:00.000Z","6.9.4","5.0","7.4",[71,72,21,73,74],"code","css","php","snippets","https:\u002F\u002Fcodesnippets.pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcode-snippets.3.9.5.zip","2026-02-05 19:33:02",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":67,"requires_at_least":91,"requires_php":69,"tags":92,"homepage":96,"download_link":97,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"user-switching","User Switching","1.11.2","John Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnbillion\u002F","\u003Cp>This plugin allows you to quickly swap between user accounts in WordPress at the click of a button. You’ll be instantly logged out and logged in as your desired user. This is handy for helping customers on WooCommerce sites, membership sites, testing environments, or for any site where administrators need to switch between multiple accounts.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Switch user: Instantly switch to any user account from the \u003Cem>Users\u003C\u002Fem> screen.\u003C\u002Fli>\n\u003Cli>Switch back: Instantly switch back to your originating account.\u003C\u002Fli>\n\u003Cli>Switch off: Log out of your account but retain the ability to instantly switch back in again.\u003C\u002Fli>\n\u003Cli>Compatible with Multisite, WooCommerce, BuddyPress, and bbPress.\u003C\u002Fli>\n\u003Cli>Compatible with most membership and user management plugins.\u003C\u002Fli>\n\u003Cli>Compatible with most two-factor authentication solutions (see the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for more info).\u003C\u002Fli>\n\u003Cli>Approved for use on enterprise-grade WordPress platforms such as \u003Ca href=\"https:\u002F\u002Fwww.altis-dxp.com\u002F\" rel=\"nofollow ugc\">Altis\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwpvip.com\u002F\" rel=\"nofollow ugc\">WordPress VIP\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: User Switching supports versions of WordPress up to three years old, and PHP version 7.4 or higher.\u003C\u002Fp>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Only users with the ability to edit other users can switch user accounts. By default this is only Administrators on single site installations, and Super Admins on Multisite installations.\u003C\u002Fli>\n\u003Cli>Passwords are not (and cannot be) revealed.\u003C\u002Fli>\n\u003Cli>Uses the cookie authentication system in WordPress when remembering the account(s) you’ve switched from and when switching back.\u003C\u002Fli>\n\u003Cli>Implements the nonce security system in WordPress, meaning only those who intend to switch users can switch.\u003C\u002Fli>\n\u003Cli>Full support for user session validation where appropriate.\u003C\u002Fli>\n\u003Cli>Full support for HTTPS.\u003C\u002Fli>\n\u003Cli>Backed by \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fvdp\u002Fuser-switching\" rel=\"nofollow ugc\">the Patchstack Vulnerability Disclosure Program\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit the \u003Cem>Users\u003C\u002Fem> menu in WordPress and you’ll see a \u003Cem>Switch To\u003C\u002Fem> link in the list of action links for each user.\u003C\u002Fli>\n\u003Cli>Click this and you will immediately switch into that user account.\u003C\u002Fli>\n\u003Cli>You can switch back to your originating account via the \u003Cem>Switch back\u003C\u002Fem> link on each dashboard screen or in your profile menu in the WordPress toolbar.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for information about the \u003Cem>Switch Off\u003C\u002Fem> feature.\u003C\u002Fp>\n\u003Ch3>Other Plugins\u003C\u002Fh3>\n\u003Cp>I maintain several other plugins for developers. Check them out:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquery-monitor\u002F\" rel=\"ugc\">Query Monitor\u003C\u002Fa> is the developer tools panel for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-crontrol\u002F\" rel=\"ugc\">WP Crontrol\u003C\u002Fa> lets you view and control what’s happening in the WP-Cron system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Statement\u003C\u002Fh3>\n\u003Cp>User Switching does not send data to any third party, nor does it include any third party resources, nor will it ever do so.\u003C\u002Fp>\n\u003Cp>User Switching makes use of browser cookies in order to allow users to switch to another account. Its cookies operate using the same mechanism as the authentication cookies in WordPress core, which means their values contain the user’s \u003Ccode>user_login\u003C\u002Fcode> field in plain text which should be treated as potentially personally identifiable information (PII) for privacy and regulatory reasons (GDPR, CCPA, etc). The names of the cookies are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wordpress_user_sw_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_secure_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wordpress_user_sw_olduser_{COOKIEHASH}\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See also the FAQ for some questions relating to privacy and safety when switching between users.\u003C\u002Fp>\n\u003Ch3>Accessibility Statement\u003C\u002Fh3>\n\u003Cp>User Switching aims to be fully accessible to all of its users. It implements best practices for web accessibility, outputs semantic and structured markup, adheres to the default styles and accessibility guidelines of WordPress, uses the accessibility APIs provided by WordPress and web browsers where appropriate, and is fully accessible via keyboard.\u003C\u002Fp>\n\u003Cp>User Switching should adhere to Web Content Accessibility Guidelines (WCAG) 2.0 at level AA when used with a recent version of WordPress where its admin area itself adheres to these guidelines. If you’ve experienced or identified an accessibility issue in User Switching, please open a thread in \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fuser-switching\u002F\" rel=\"ugc\">the User Switching plugin support forum\u003C\u002Fa> and I’ll address it swiftly.\u003C\u002Fp>\n","Instant switching between user accounts in WordPress and WooCommerce.",200000,5499975,98,239,"2026-02-27T00:17:00.000Z","6.1",[93,21,79,94,95],"fast-user-switching","users","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-switching.1.11.2.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":120,"download_link":121,"security_score":64,"vuln_count":122,"unpatched_count":27,"last_vuln_date":123,"fetched_at":29},"wp-live-chat-support","3CX Free Live Chat, Calls & Messaging","10.0.17","WP-LiveChat","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp-livechat\u002F","\u003Cp>Increase your online conversions with the free \u003Ca href=\"https:\u002F\u002Fwww.3cx.com\u002Fsignup\u002Flive-chat\u002F?src=livechatwpplugin\" rel=\"nofollow ugc\">3CX Live Chat\u003C\u002Fa> plugin. Chat and call with your website visitors in real-time, and not only!\u003C\u002Fp>\n\u003Cp>The plugin includes a complete communications system for your business – for free. Call, chat, conference and collaborate with your teams and customers from your office, home or smartphone.\u003C\u002Fp>\n\u003Cp>Zero cost business communications from one central hub. Receive WhatsApp, Facebook and SMS messages on the same dashboard as your live chats and calls.\u003C\u002Fp>\n\u003Cp>Tried and tested with more than 100,000 active installations, 3CX Live Chat is a reliable free live chat solution for WordPress.\u003C\u002Fp>\n\u003Ch4>NO HIDDEN COSTS\u003C\u002Fh4>\n\u003Cp>The plugin is \u003Ca href=\"https:\u002F\u002Fwww.3cx.com\u002Fsignup\u002Flive-chat\u002F?src=livechatwpplugin\" rel=\"nofollow ugc\">free\u003C\u002Fa>, forever. It’s not a free trial and we don’t ask you for your credit card details.\u003Cbr \u002F>\nSimply create an account on the 3CX.com website, receive your account details, login and start chatting!\u003C\u002Fp>\n\u003Ch4>VOICE, WHATSAPP & FACEBOOK!\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Receive and respond to WhatsApp messages \u003C\u002Fli>\n\u003Cli>Facebook and Text messaging too!\u003C\u002Fli>\n\u003Cli>Free calls – voice calls directly to and from the browser\u003C\u002Fli>\n\u003Cli>Answer, transfer and resolve customer queries on one platform across multiple agents\u003C\u002Fli>\n\u003Cli>Move to a new cloud phone system for free\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>YOUR #1 LIVE CHAT SOLUTION\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Website Live Chat (and Call)\u003C\u002Fli>\n\u003Cli>Inbound WhatsApp, Facebook, Text\u003C\u002Fli>\n\u003Cli>Video Conferencing\u003C\u002Fli>\n\u003Cli>3CX Talk \u002F Meet Links\u003C\u002Fli>\n\u003Cli>Mobile & Desktop Apps\u003C\u002Fli>\n\u003Cli>Hosted on Cloud\u003C\u002Fli>\n\u003Cli>Choose your SIP Trunk\u003C\u002Fli>\n\u003Cli>Ring Group\u003C\u002Fli>\n\u003Cli>Auto Attendant\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Video: 3CX Free Live Chat, Calls & Messaging\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmtqHP_ef-2c?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Video: How to Set Up 3CX Free and Live Chat\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FM6b23DJ2b90?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Chat with your website visitors in real-time for free! Engage with your customers and increase sales.",100000,3901154,92,821,"2025-08-25T09:22:00.000Z","6.8.5","5.3","5.4",[115,116,117,118,119],"free-live-chat","live-chat","live-help","live-support","wordpress-live-chat","https:\u002F\u002Fwww.3cx.com\u002Flive-chat\u002Ffree-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-live-chat-support.10.0.17.zip",15,"2022-04-28 00:00:00",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":64,"num_ratings":134,"last_updated":135,"tested_up_to":67,"requires_at_least":136,"requires_php":69,"tags":137,"homepage":143,"download_link":144,"security_score":13,"vuln_count":145,"unpatched_count":27,"last_vuln_date":146,"fetched_at":29},"safe-redirect-manager","Safe Redirect Manager","2.2.2","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Safely manage your site’s redirects the WordPress way. There are many redirect plugins available. Most of them store redirects in the options table or in custom tables. Most of them provide tons of unnecessary options. Some of them have serious performance implications (404 error logging). Safe Redirect Manager stores redirects as Custom Post Types. This makes your data portable and your website scalable. Safe Redirect Manager is built to handle enterprise level traffic and is used on major publishing websites. The plugin comes with only what you need following the WordPress mantra, decisions not options. Actions and filters make the plugin very extensible.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002F10up\u002Fsafe-redirect-manager\" rel=\"nofollow ugc\">Fork the plugin on GitHub.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>There are no overarching settings for this plugin. To manage redirects, navigate to the administration panel (“Tools” > “Safe Redirect Manager”).\u003C\u002Fp>\n\u003Cp>Each redirect contains a few fields that you can utilize:\u003C\u002Fp>\n\u003Ch3>“Redirect From”\u003C\u002Fh3>\n\u003Cp>This should be a path relative to the root of your WordPress installation. When someone visits your site with a path that matches this one, a redirect will occur. If your site is located at \u003Ccode>http:\u002F\u002Fexample.com\u002Fwp\u002F\u003C\u002Fcode> and you wanted to redirect \u003Ccode>http:\u002F\u002Fexample.com\u002Fwp\u002Fabout\u003C\u002Fcode> to \u003Ccode>http:\u002F\u002Fexample.com\u003C\u002Fcode>, your “Redirect From” would be \u003Ccode>\u002Fabout\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>Clicking the “Enable Regex” checkbox allows you to use regular expressions in your path. There are many \u003Ca href=\"http:\u002F\u002Fwww.regular-expressions.info\" rel=\"nofollow ugc\">great tutorials\u003C\u002Fa> on regular expressions.\u003C\u002Fp>\n\u003Cp>You can also use wildcards in your “Redirect From” paths. By adding an \u003Ccode>*\u003C\u002Fcode> at the end of a URL, your redirect will match any request that starts with your “Redirect From”. Wildcards support replacements. This means if you have a wildcard in your from path that matches a string, you can have that string replace a wildcard character in your “Redirect To” path. For example, if your “Redirect From” is \u003Ccode>\u002Ftest\u002F*\u003C\u002Fcode>, your “Redirect To” is \u003Ccode>http:\u002F\u002Fgoogle.com\u002F*\u003C\u002Fcode>, and the requested path is \u003Ccode>\u002Ftest\u002Fstring\u003C\u002Fcode>, the user would be redirect to \u003Ccode>http:\u002F\u002Fgoogle.com\u002Fstring\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch3>“Redirect To”\u003C\u002Fh3>\n\u003Cp>This should be a path (i.e. \u003Ccode>\u002Ftest\u003C\u002Fcode>) or a URL (i.e. \u003Ccode>http:\u002F\u002Fexample.com\u002Fwp\u002Ftest\u003C\u002Fcode>). If a requested path matches “Redirect From”, they will be redirected here. “Redirect To” supports wildcard and regular expression replacements.\u003C\u002Fp>\n\u003Ch3>“HTTP Status Code”\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.w3.org\u002FProtocols\u002Frfc2616\u002Frfc2616-sec10.html\" rel=\"nofollow ugc\">HTTP status codes\u003C\u002Fa> are numbers that contain information about a request (i.e. whether it was successful, unauthorized, not found, etc). You should almost always use either 302 (temporarily moved) or 301 (permanently moved).\u003C\u002Fp>\n\u003Cp>\u003Cem>Note:\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Redirects are cached using the Transients API. Cache busts occur when redirects are added, updated, and deleted so you shouldn’t be serving stale redirects.\u003C\u002Fli>\n\u003Cli>By default the plugin only allows at most 1000 redirects to prevent performance issues. There is a filter \u003Ccode>srm_max_redirects\u003C\u002Fcode> that you can utilize to up this number.\u003C\u002Fli>\n\u003Cli>“Redirect From” and requested paths are case insensitive by default.\u003C\u002Fli>\n\u003Cli>Developers can use \u003Ccode>srm_additional_status_codes\u003C\u002Fcode> filter to add status codes if needed.\u003C\u002Fli>\n\u003Cli>Rules set with 403 and 410 status codes are handled by applying the HTTP status code and render the default WordPress \u003Ccode>wp_die\u003C\u002Fcode> screen with an optional message.\u003C\u002Fli>\n\u003Cli>Rules set with a 404 status code will apply the status code and render the 404 template.\u003C\u002Fli>\n\u003Cli>Browsers heavily cache 301 (permanently moved) redirects. It’s recommended to test your permanent redirects using the 302 (temporarily moved) status code before changing them to 301 permanently moved.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developer Documentation\u003C\u002Fh3>\n\u003Cp>Safe Redirect Manager includes a number of actions and filters developers can make use of. These are documented on the \u003Ca href=\"http:\u002F\u002F10up.github.io\u002Fsafe-redirect-manager\u002F\" rel=\"nofollow ugc\">Safe Redirect Manager developer documentation\u003C\u002Fa> micro-site.\u003C\u002Fp>\n","Safely manage your website's HTTP redirects.",40000,1922446,78,"2026-01-04T21:19:00.000Z","6.5",[138,139,140,141,142],"http-redirects","multisite-redirects","redirect-manager","safe-http-redirection","url-redirection","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsafe-redirect-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafe-redirect-manager.2.2.2.zip",1,"2022-06-19 00:00:00",{"attackSurface":148,"codeSignals":227,"taintFlows":253,"riskAssessment":254,"analyzedAt":264},{"hooks":149,"ajaxHandlers":223,"restRoutes":224,"shortcodes":225,"cronEvents":226,"entryPointCount":27,"unprotectedCount":27},[150,156,160,164,168,171,177,181,185,188,191,195,199,203,207,211,215,219],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","admin_enqueue_scripts","set_pointers","wp-getting-started.php",77,{"type":151,"name":157,"callback":158,"file":154,"line":159},"customize_controls_print_footer_scripts","change_customizer_activate_redirect",96,{"type":151,"name":161,"callback":162,"file":154,"line":163},"customize_controls_init","change_customizer_close_redirect",99,{"type":151,"name":165,"callback":166,"file":154,"line":167},"submitpage_box","add_wpgs_hidden_field",102,{"type":151,"name":169,"callback":166,"file":154,"line":170},"submitpost_box",103,{"type":172,"name":173,"callback":174,"priority":175,"file":154,"line":176},"filter","redirect_post_location","redirect_post_dashboard",20,104,{"type":151,"name":178,"callback":179,"file":154,"line":180},"bfee_new_post_redirect","add_wpgs_param",107,{"type":151,"name":182,"callback":183,"file":154,"line":184},"wp_ltp_init","change_ltp_close_redirect",110,{"type":172,"name":186,"callback":179,"file":154,"line":187},"wp_ltp_editurl",113,{"type":172,"name":189,"callback":179,"file":154,"line":190},"wp_ltp_activateurl",114,{"type":172,"name":192,"callback":193,"priority":11,"file":154,"line":194},"theme_action_links","modify_theme_action_links",117,{"type":172,"name":196,"callback":197,"file":154,"line":198},"clean_url","modify_theme_action_urls",118,{"type":151,"name":200,"callback":201,"file":154,"line":202},"wp_redirect","modify_switch_theme_redirect",119,{"type":151,"name":204,"callback":205,"file":154,"line":206},"welcome_panel","the_welcome_panel",244,{"type":151,"name":208,"callback":209,"file":154,"line":210},"wp_after_welcome_panel","the_instruction_panel",245,{"type":151,"name":212,"callback":213,"file":154,"line":214},"admin_print_styles","enqueue_welcome_style",247,{"type":151,"name":216,"callback":217,"file":154,"line":218},"admin_notices","admin_notice",250,{"type":151,"name":220,"callback":221,"file":154,"line":222},"admin_init","init",655,[],[],[],[],{"dangerousFunctions":228,"sqlUsage":229,"outputEscaping":231,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":252},[],{"prepared":27,"raw":27,"locations":230},[],{"escaped":232,"rawEcho":233,"locations":234},4,8,[235,238,240,242,244,246,248,250],{"file":154,"line":236,"context":237},187,"raw output",{"file":154,"line":239,"context":237},576,{"file":154,"line":241,"context":237},582,{"file":154,"line":243,"context":237},595,{"file":154,"line":245,"context":237},606,{"file":154,"line":247,"context":237},610,{"file":154,"line":249,"context":237},620,{"file":154,"line":251,"context":237},624,[],[],{"summary":255,"deductions":256},"The wp-getting-started plugin v0.1.1 exhibits a generally strong security posture at first glance, with no reported vulnerabilities or known CVEs. The static analysis reveals a remarkably small attack surface, with no AJAX handlers, REST API routes, shortcodes, or cron events. This lack of direct entry points significantly reduces the opportunities for external attackers to interact with the plugin. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests are positive indicators. The plugin also demonstrates good practices by using prepared statements for all its SQL queries, a crucial step in preventing SQL injection vulnerabilities.\n\nHowever, a significant concern arises from the output escaping. With only 33% of the 12 outputs properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data displayed by the plugin without proper sanitization could be exploited by attackers to inject malicious scripts into the user's browser. The absence of nonce checks and capability checks on any potential (though currently unstated) entry points is also a notable weakness, as these are fundamental security mechanisms for preventing unauthorized actions and CSRF attacks.\n\nIn conclusion, while the plugin benefits from a minimal attack surface and secure database interaction, the prevalent unescaped output presents a clear and present danger. The lack of documented vulnerability history is encouraging, but it may simply reflect the limited scope of analysis or the early stage of the plugin's development. The focus should immediately be on addressing the output escaping issues to mitigate the XSS risk, and if any entry points are added in the future, robust authentication and authorization checks must be implemented.",[257,259,262],{"reason":258,"points":233},"Unescaped output detected (67%)",{"reason":260,"points":261},"Missing nonce checks",5,{"reason":263,"points":261},"Missing capability checks","2026-03-17T00:57:28.182Z",{"wat":266,"direct":278},{"assetPaths":267,"generatorPatterns":272,"scriptPaths":273,"versionParams":274},[268,269,270,271],"\u002Fwp-content\u002Fplugins\u002Fwp-getting-started\u002Flib\u002Fclass.wp-help-pointers.php","\u002Fwp-content\u002Fplugins\u002Fwp-getting-started\u002F_inc\u002Fcss\u002Fwp-getting-started.css","\u002Fwp-content\u002Fplugins\u002Fwp-getting-started\u002F_inc\u002Fjs\u002Fwp-getting-started.js","\u002Fwp-content\u002Fplugins\u002Fwp-getting-started\u002Flib\u002Fwp-getting-started.js",[],[270,271],[275,276,277],"wp-getting-started\u002F_inc\u002Fcss\u002Fwp-getting-started.css?ver=","wp-getting-started\u002F_inc\u002Fjs\u002Fwp-getting-started.js?ver=","wp-getting-started\u002Flib\u002Fwp-getting-started.js?ver=",{"cssClasses":279,"htmlComments":283,"htmlAttributes":285,"restEndpoints":289,"jsGlobals":290,"shortcodeOutput":292},[280,281,282],"wpgs-welcome-panel","wpgs-instruction-panel","wp-getting-started-main-wrap",[284],"\u003C!-- wp-getting-started -->",[286,287,288],"data-wpgs-id","data-wpgs-title","data-wpgs-content",[],[291],"wpGettingStarted",[]]