[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4unRAOxofDiGwaCUry2nrb1ceXNrE26qq3MMmLT35QM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":132,"fingerprints":215},"wp-hook-finder","WP Hook Finder","1.0.0","Matt Cohen","https:\u002F\u002Fprofiles.wordpress.org\u002Fmattyza\u002F","\u003Cp>WP Hook Finder is your assistant for developing on top of an advanced parent theme, theme framework or high-end WordPress plugin. Hook Finder scans a theme or plugin of your choice and lets you know of any custom actions or filters that have been added and which functions hook on to which actions or filters.\u003C\u002Fp>\n","Scan a WordPress theme or plugin for functions that are attached to hooks and filters and for any custom actions or filters that are added by the code &hellip;",10,2921,100,1,"2011-01-24T19:03:00.000Z","3.1.4","2.9","",[20,21,22,23,4],"actions","do_action","filters","utility","http:\u002F\u002Fmatty.co.za\u002Fplugins\u002Fwp-hook-finder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-hook-finder.1.0.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"mattyza",3,50,30,84,"2026-04-04T11:15:41.672Z",[39,61,79,99,115],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":59,"download_link":60,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"debug-bar-actions-and-filters-addon","Debug Bar Actions and Filters Addon","1.5.5","Subharanjan","https:\u002F\u002Fprofiles.wordpress.org\u002Fsubharanjan\u002F","\u003Cp>This plugin adds two more tabs in the Debug Bar to display hooks(Actions and Filters) attached to the current request. Actions tab displays the actions hooked to current request. Filters tab displays the filter tags along with the functions attached to it with respective priority.\u003C\u002Fp>\n\u003Ch4>Important\u003C\u002Fh4>\n\u003Cp>This plugin requires the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebug-bar\u002F\" rel=\"ugc\">Debug Bar\u003C\u002Fa> plugin to be installed and activated.\u003C\u002Fp>\n\u003Cp>Also note that this plugin should be used solely for debugging and\u002For in a development environment and is not intended for use on a production site.\u003C\u002Fp>\n\u003Cp>If you like this plugin, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fdebug-bar-actions-and-filters-addon\" rel=\"ugc\">rate and\u002For review\u003C\u002Fa> it. If you have ideas on how to make the plugin even better or if you have found any bugs, please report these in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdebug-bar-actions-and-filters-addon\" rel=\"ugc\">Support Forum\u003C\u002Fa> or in the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsubharanjanm\u002Fdebug-bar-actions-and-filters-addon\u002Fissues\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Displays all the hooks( Actions and Filters ) for the current request in Debug Bar panel.",500,136631,90,8,"2022-06-15T16:53:00.000Z","6.0.11","3.3","5.2.4",[20,56,57,58,22],"debug-bar","debug-bar-actions-display","debug-bar-filters-display","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebug-bar-actions-and-filters-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebug-bar-actions-and-filters-addon.1.5.5.zip",{"slug":62,"name":63,"version":6,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":35,"downloaded":68,"rating":13,"num_ratings":14,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":77,"download_link":78,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"facetwp-manipulator","FacetWP Manipulator","David Cramer","https:\u002F\u002Fprofiles.wordpress.org\u002Fdesertsnowman\u002F","\u003Cp>FacetWP comes with many filters which gives you the power to mould it to your needs. Generally, you would code these filters into your child theme in the functions.php file. This has drawbacks, however. If you do not use a child theme or you change to a new theme, you stand to loose functionality on updates.\u003C\u002Fp>\n\u003Cp>FacetWP Manipulator allows you to add code to specific filters to manipulate functionality without hard coding it to the themes files. This means that your functionality via filters can be activated or deactivated without touching the file system.\u003C\u002Fp>\n","FacetWP Manipulator allows you to add code to specific FacetWP filters and Actions to manipulate functionality without hard coding it to the theme.",6111,"2017-01-17T23:45:00.000Z","4.7.32","3.6",[73,74,75,76],"facetwp","facetwp-actions","facetwp-filters","facetwp-hooks","https:\u002F\u002Fcramer.co.za","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffacetwp-manipulator.1.0.0.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":11,"downloaded":87,"rating":27,"num_ratings":27,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":98,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"captain-hooks","Captain Hooks","1.0.2","David Beja","https:\u002F\u002Fprofiles.wordpress.org\u002Fdbeja\u002F","\u003Cp>Captain Hooks is a robust WordPress plugin designed to give developers an in-depth look at all the hooks available in their WordPress environment. Explore actions, filters, and shortcodes like never before!\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Comprehensive Hook Listing\u003C\u002Fstrong>: Easily list and search all hooks (actions and filters) across any theme or plugin installed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Insight\u003C\u002Fstrong>: View all shortcodes, along with their parameters.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Code Implementation Viewer\u003C\u002Fstrong>: Quickly pinpoint where the hooks and shortcodes are implemented within the code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sample Codes\u003C\u002Fstrong>: Not sure how to use a hook? Get code samples instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Mode\u003C\u002Fstrong>: An advanced feature to monitor actions or filters in real-time and log all its parameters for better debugging.\u003C\u002Fli>\n\u003C\u002Ful>\n","Captain Hooks is a WordPress plugin that provides developers with a comprehensive view of all actions, filters, and shortcodes of their environment.",1396,"2025-03-10T17:17:00.000Z","6.7.5","5.7","7.2",[20,93,22,94,95],"admin","hooks","shortcodes","https:\u002F\u002Fgithub.com\u002Fdbkode\u002Fcaptain-hooks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptain-hooks.1.0.2.zip",92,{"slug":94,"name":94,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":11,"downloaded":105,"rating":27,"num_ratings":27,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":113,"download_link":114,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"1.1.0","Dejan Batanjac","https:\u002F\u002Fprofiles.wordpress.org\u002Fdejan-batanjac\u002F","\u003Cp>Simple WordPress plugin that displays WordPress information about the hooks. It only displays do_action and apply_filters hooks. It lists the do_action and apply_filters occurances in every PHP plugin file in every WordPress plugin. No matter if the plugin is activated or not. MU plugins are not included in the analysis since these are in the separate folder.\u003C\u002Fp>\n","Displays info about WordPress actions and filters inside plugins.",2600,"2016-11-01T21:14:00.000Z","4.2.39","3.0",[110,21,111,94,112],"apply_filters","hook","plugins","https:\u002F\u002Fprogramming-review.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhooks.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":11,"downloaded":123,"rating":13,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":130,"download_link":131,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"prioritize-hooks","Prioritize Hooks","1.2","Jon Weatherhead","https:\u002F\u002Fprofiles.wordpress.org\u002Fjweathe\u002F","\u003Cp>Prioritize Hooks allows the overriding of the priority of various filters and actions hooked by plugins and themes.\u003Cbr \u002F>\nA list of non-core actions and filters registered before the \u003Ccode>admin_init\u003C\u002Fcode> action will be shown in the\u003Cbr \u002F>\nPrioritize Hooks settings page, with the option of overriding the priority of any that you should so wish. At the moment,\u003Cbr \u002F>\nthe hook cannot be changed, just the priority of that callback within its respective hook. Note that priorities will not\u003Cbr \u002F>\nbe overridden until the \u003Ccode>wp_loaded\u003C\u002Fcode> action is run. To disabled a hook, use hyphen(-) as the priority.\u003Cbr \u002F>\nLeave a priority blank to reset it.\u003C\u002Fp>\n","Prioritize Hooks allows the overriding of the priority of various filters and actions hooked by plugins and themes.",2383,2,"2013-12-30T06:10:00.000Z","3.7.41","3.2",[20,22,94,129],"override","http:\u002F\u002Fportfolio.planetjon.ca\u002Fprojects\u002Fprioritize-hooks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprioritize-hooks.1.2.zip",{"attackSurface":133,"codeSignals":155,"taintFlows":179,"riskAssessment":198,"analyzedAt":214},{"hooks":134,"ajaxHandlers":151,"restRoutes":152,"shortcodes":153,"cronEvents":154,"entryPointCount":27,"unprotectedCount":27},[135,141,144,147],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","admin_menu","admin_screen_register","classes\\hookfinder.class.php",35,{"type":136,"name":142,"callback":142,"file":139,"line":143},"admin_notices",38,{"type":136,"name":145,"callback":145,"priority":11,"file":139,"line":146},"contextual_help",41,{"type":136,"name":148,"callback":149,"file":139,"line":150},"init","load_translations",44,[],[],[],[],{"dangerousFunctions":156,"sqlUsage":157,"outputEscaping":159,"fileOperations":124,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":178},[],{"prepared":27,"raw":27,"locations":158},[],{"escaped":160,"rawEcho":160,"locations":161},7,[162,166,168,170,172,174,176],{"file":163,"line":164,"context":165},"screens\\screen.php",58,"raw output",{"file":163,"line":167,"context":165},66,{"file":163,"line":169,"context":165},123,{"file":163,"line":171,"context":165},128,{"file":163,"line":173,"context":165},157,{"file":163,"line":175,"context":165},161,{"file":163,"line":177,"context":165},167,[],[180],{"entryPoint":181,"graph":182,"unsanitizedCount":14,"severity":197},"\u003Cscreen> (screens\\screen.php:0)",{"nodes":183,"edges":194},[184,189],{"id":185,"type":186,"label":187,"file":163,"line":188},"n0","source","$_POST",13,{"id":190,"type":191,"label":192,"file":163,"line":177,"wp_function":193},"n1","sink","echo() [XSS]","echo",[195],{"from":185,"to":190,"sanitized":196},false,"low",{"summary":199,"deductions":200},"The wp-hook-finder v1.0.0 plugin exhibits a generally good security posture due to the absence of known vulnerabilities and a complete lack of dangerous functions. The code also demonstrates responsible database interaction by utilizing prepared statements for all SQL queries, which is a significant strength. However, there are notable areas of concern arising from the static analysis. The presence of one flow with unsanitized paths, despite a critical severity of 0, indicates a potential risk of path traversal vulnerabilities if user-supplied input is not properly validated and sanitized before being used in file operations. Furthermore, the plugin's file operations, while limited in number, are a potential entry point for attackers if not handled with extreme care. The output escaping is also a concern, with only 50% of outputs being properly escaped, leaving room for cross-site scripting (XSS) vulnerabilities. The lack of nonce checks and capability checks on any entry points, coupled with the absence of AJAX handlers, REST API routes, shortcodes, and cron events, means the attack surface is currently minimal, but this absence of checks on the limited file operations is a weakness.",[201,204,207,209,212],{"reason":202,"points":203},"Flow with unsanitized paths",15,{"reason":205,"points":206},"50% of outputs not properly escaped",6,{"reason":208,"points":11},"File operations present without auth checks",{"reason":210,"points":211},"No nonce checks implemented",5,{"reason":213,"points":211},"No capability checks implemented","2026-03-17T00:31:15.928Z",{"wat":216,"direct":225},{"assetPaths":217,"generatorPatterns":220,"scriptPaths":221,"versionParams":222},[218,219],"\u002Fwp-content\u002Fplugins\u002Fwp-hook-finder\u002Fassets\u002Fcss\u002Fhookfinder.css","\u002Fwp-content\u002Fplugins\u002Fwp-hook-finder\u002Fassets\u002Fjs\u002Fhookfinder.js",[],[219],[223,224],"wp-hook-finder\u002Fassets\u002Fcss\u002Fhookfinder.css?ver=","wp-hook-finder\u002Fassets\u002Fjs\u002Fhookfinder.js?ver=",{"cssClasses":226,"htmlComments":228,"htmlAttributes":229,"restEndpoints":231,"jsGlobals":233,"shortcodeOutput":236},[227],"hookfinder-results",[],[230],"data-hookfinder-nonce",[232],"\u002Fwp-json\u002Fwp-hook-finder\u002Fv1\u002Fget-hooks",[234,235],"WP_HookFinder_AJAX_URL","WP_HookFinder_Nonce",[237],"[wp_hook_finder]"]