[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEFfyHqV90gD02skzyZnA9AXNYnt0rUvNr-r6N68-NyM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":149,"fingerprints":402},"wp-maintenance-vek","WP Maintenance-vek","0.2","veks","https:\u002F\u002Fprofiles.wordpress.org\u002Fveks\u002F","\u003Cp>Plugin WP Maintenance-vek allows administrators to close the site for maintenance. The plugin is easily configurable, easy to use.\u003C\u002Fp>\n\u003Ch3>The plugin includes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Authorization form\u003C\u002Fli>\n\u003Cli>Feedback\u003C\u002Fli>\n\u003Cli>Adding Subscribers\u003C\u002Fli>\n\u003Cli>Subscriber csv export\u003C\u002Fli>\n\u003Cli>Cleaning subscribers csv\u003C\u002Fli>\n\u003Cli>Google analytics field\u003C\u002Fli>\n\u003Cli>Countdown timer\u003C\u002Fli>\n\u003Cli>Social networks\u003C\u002Fli>\n\u003Cli>Open site for roles\u003C\u002Fli>\n\u003Cli>Edit text\u003C\u002Fli>\n\u003Cli>Use css styles\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Language support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fisvek.ru\u002Fplug-ins\u002Fwp-maintenance-vek\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fisvek.ru\u002Fplug-ins\u002Fwp-maintenance-vek\u002Fdemo\u002F\" rel=\"nofollow ugc\">View demo\u003C\u002Fa>\u003C\u002Fp>\n","Activate the plugin WP Maintenance-vek when your site is under repair",10,1697,0,"2015-12-09T14:51:00.000Z","4.2.39","4.1.1","",[19,20,21,22,23],"administration","countdown-timer","customize-page","login","maintenance","http:\u002F\u002Fisvek.ru\u002Fplug-ins-wordpress\u002Fwp-maintenance-vek","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maintenance-vek.0.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},3,10020,30,84,"2026-04-05T02:39:24.477Z",[37,62,86,108,129],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":13,"last_vuln_date":61,"fetched_at":28},"ws-force-login-page","WS Force Login Page","3.0.4","Silver Muru","https:\u002F\u002Fprofiles.wordpress.org\u002Fsilvermuru\u002F","\u003Cp>WS Force Login Page force users who are not logged in by redirect into login page, this way it is good tool for developers to install sites which are in development process by restrict access to site and its content. Or when you want to put all site articles under password this plugin will do this! Working also with domains what includes umlaut letters like ö, ä, õ, ü\u003C\u002Fp>\n\u003Cp>Suitable also for putting site to maintenance mode and show custom message in login view.\u003C\u002Fp>\n","Redirecting user to login page if not logged in, working also with domains what includes umlaut letters like ö, ä, õ, ü",400,15422,90,2,"2025-05-19T15:02:00.000Z","6.8.5","5.0",[19,53,54,55,56],"force-user-login","hidden","maintenance-mode","under-construction","https:\u002F\u002Fwww.silvermuru.ee\u002Fen\u002Fwordpress\u002Fplugins\u002Fws-force-login-page\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fws-force-login-page.3.0.4.zip",99,1,"2025-04-24 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":17,"download_link":82,"security_score":83,"vuln_count":84,"unpatched_count":13,"last_vuln_date":85,"fetched_at":28},"wp-maintenance-mode","LightStart – Maintenance Mode, Coming Soon and Landing Page Builder","2.6.20","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Add a maintenance page to your blog that lets visitors know your blog is down for maintenance, add a coming soon page for a new website or create a landing page for an existing site. User with admin rights gets full access to the blog including the front end.\u003C\u002Fp>\n\u003Cp>Activate the plugin and your blog is in maintenance-mode, works and only registered users with enough rights can see the front end. You can use a date with a countdown timer for visitor information or set a value and unit for information.\u003C\u002Fp>\n\u003Cp>Also works with WordPress Multisite installs (each blog from the network has its own maintenance settings).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fully customizable (change colors, texts and backgrounds).\u003C\u002Fli>\n\u003Cli>Subscription form (export emails to .csv file).\u003C\u002Fli>\n\u003Cli>Countdown timer (remaining time).\u003C\u002Fli>\n\u003Cli>Contact form (receive emails from visitors).\u003C\u002Fli>\n\u003Cli>Coming soon page;\u003C\u002Fli>\n\u003Cli>Landing page templates;\u003C\u002Fli>\n\u003Cli>WordPress multisite;\u003C\u002Fli>\n\u003Cli>Responsive design;\u003C\u002Fli>\n\u003Cli>Social media icons;\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme;\u003C\u002Fli>\n\u003Cli>SEO options;\u003C\u002Fli>\n\u003Cli>Exclude URLs from maintenance;\u003C\u002Fli>\n\u003Cli>Bot functionality to collect the emails in a friendly and efficient way;\u003C\u002Fli>\n\u003Cli>GDPR Ready;\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bugs, technical hints or contribute\u003C\u002Fh4>\n\u003Cp>Please give us feedback, contribute and file technical bugs on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fandrianvaleanu\u002FWP-Maintenance-Mode\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fthemeisle.com\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptimole.com\u002F\" rel=\"nofollow ugc\">Optimole\u003C\u002Fa> – Optimole is your all-in-one image optimization solution for WordPress & beyond.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpshout.com\u002F\" rel=\"nofollow ugc\">WPShout\u003C\u002Fa> – In-Depth WordPress Tutorials for Developers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frevive.social\u002F\" rel=\"nofollow ugc\">Revive Social\u003C\u002Fa> – Revive Old Posts helps you keep your content alive and in front the audiences that matter.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.codeinwp.com\u002F\" rel=\"nofollow ugc\">CodeinWP\u003C\u002Fa> – CodeinWP stands for all-things-WordPress. From web design to freelancing and from development to business, your questions are covered.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdomainwheel.com\" rel=\"nofollow ugc\">DomainWheel\u003C\u002Fa> – Free Short Website name generator, with the help of AI, for instant ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check-out \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" title=\"Themeisle blog\" rel=\"nofollow ugc\">our blog\u003C\u002Fa> to learn from our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress\u002Freviews\u002F\" title=\"WordPress Reviews\" rel=\"nofollow ugc\">WordPress Reviews\u003C\u002Fa> and see other \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress-plugins\u002F\" title=\"WordPress Plugins Comparisons\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.",500000,19310486,86,859,"2025-12-10T19:23:00.000Z","6.9.4","4.7","7.1",[79,19,80,55,81],"admin","coming-soon","unavailable","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maintenance-mode.2.6.20.zip",96,6,"2024-01-05 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":101,"tags":102,"homepage":106,"download_link":107,"security_score":96,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"remove-dashboard-access-for-non-admins","Remove Dashboard Access","1.2.1","TrustedLogin","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrustedlogin\u002F","\u003Cp>The easiest and safest way to restrict access to your WordPress site’s Dashboard and administrative menus. Remove Dashboard Access is a lightweight plugin that automatically redirects users who shouldn’t have access to the Dashboard to a custom URL of your choosing. Redirects can also be configured on a per-role\u002Fper-capability basis, allowing you to keep certain users out of the Dashboard, while retaining access for others.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Limit Dashboard access to user roles:\n\u003Cul>\n\u003Cli>Admins only\u003C\u002Fli>\n\u003Cli>Admins + editors\u003C\u002Fli>\n\u003Cli>Admins, editors, and authors\u003C\u002Fli>\n\u003Cli>or restrict by specific user capability\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Choose your own redirect URL\u003C\u002Fli>\n\u003Cli>Optionally allow users to edit their profiles\u003C\u002Fli>\n\u003Cli>Display a message on the login screen so users know why they’re being redirected\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Blocking access to the Dashboard is a great way to prevent clients from breaking their sites, prevent users from seeing things they shouldn’t, and to keep your site’s backend more secure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Allow only users with roles or capabilities:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can restrict Dashboard access to Admins only, Editors or above, Authors or above, or by selecting a specific user capability.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Grant access to user profiles:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Optionally allow all users the ability to edit their profiles in the Dashboard. Users lacking the chosen capability won’t be able to access any other sections of the Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Show a custom login message:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Supply a message to display on the login screen. Leaving this blank disables the message.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.",30000,467245,92,78,"2024-11-29T20:13:00.000Z","6.7.5","3.1.0","5.3",[103,19,104,22,105],"access","dashboard","restrict","https:\u002F\u002Fwww.trustedlogin.com\u002Fremove-dashboard-access\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-dashboard-access-for-non-admins.1.2.1.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":94,"downloaded":116,"rating":117,"num_ratings":118,"last_updated":119,"tested_up_to":75,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":126,"download_link":127,"security_score":117,"vuln_count":60,"unpatched_count":13,"last_vuln_date":128,"fetched_at":28},"xo-security","XO Security","3.10.8","ishitaka","https:\u002F\u002Fprofiles.wordpress.org\u002Fishitaka\u002F","\u003Cp>XO Security is a plugin to enhance login related security.\u003Cbr \u002F>\nThis plugin does not write to .htaccess file. Besides Apache, LiteSpeed, Nginx and IIS also work.\u003C\u002Fp>\n\u003Ch4>Functions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Record login log.\u003C\u002Fli>\n\u003Cli>Limit login attempts.\u003C\u002Fli>\n\u003Cli>Add Captcha to the login form and comment form.\u003C\u002Fli>\n\u003Cli>Change the URL of the login page.\u003C\u002Fli>\n\u003Cli>Enable two-factor authentication (2FA) for login.\u003C\u002Fli>\n\u003Cli>Login Alert.\u003C\u002Fli>\n\u003Cli>Disable login by mail address.\u003C\u002Fli>\n\u003Cli>Disable login by user name.\u003C\u002Fli>\n\u003Cli>Change login error message.\u003C\u002Fli>\n\u003Cli>Disable XML-RPC and XML-RPC Pingback.\u003C\u002Fli>\n\u003Cli>Disable REST API.\u003C\u002Fli>\n\u003Cli>Disable author archive page.\u003C\u002Fli>\n\u003Cli>Remove comment author class of comments list.\u003C\u002Fli>\n\u003Cli>Remove the username from the oEmbed response data.\u003C\u002Fli>\n\u003Cli>WooCommerce login page protection.\u003C\u002Fli>\n\u003Cli>Anti-spam comment.\u003C\u002Fli>\n\u003Cli>Hide WordPress version information.\u003C\u002Fli>\n\u003Cli>Edit the author slug.\u003C\u002Fli>\n\u003Cli>Disable RSS and Atom feeds.\u003C\u002Fli>\n\u003Cli>Activate maintenance mode.\u003C\u002Fli>\n\u003Cli>Delete the readme.html file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress multisite considerations\u003C\u002Fh4>\n\u003Cp>If you set the login page separately for the main site and the subsite, you will not be able to use the password loss function of the subsite. We recommend that you set the login page to be common to all sites.\u003C\u002Fp>\n","XO Security is a plugin to enhance login related security.",351892,100,11,"2025-12-06T00:29:00.000Z","4.9","5.6",[123,22,23,124,125],"brute-force","security","two-factor","https:\u002F\u002Fxakuro.com\u002Fwordpress\u002Fxo-security\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxo-security.3.10.8.zip","2017-02-07 00:00:00",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":137,"downloaded":138,"rating":139,"num_ratings":140,"last_updated":141,"tested_up_to":75,"requires_at_least":142,"requires_php":143,"tags":144,"homepage":146,"download_link":147,"security_score":59,"vuln_count":48,"unpatched_count":13,"last_vuln_date":148,"fetched_at":28},"colorlib-coming-soon-maintenance","Coming Soon & Maintenance Mode by Colorlib","1.2.0","colorlibplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fcolorlibplugins\u002F","\u003Cp>\u003Cstrong>Coming Soon & Maintenance Mode by Colorlib\u003C\u002Fstrong> is a free WordPress plugin that lets you display a professional coming soon page, under construction page, or maintenance mode screen to your visitors while you work on your site behind the scenes. Set it up in minutes directly from the WordPress Live Customizer — no coding required.\u003C\u002Fp>\n\u003Cp>Choose from \u003Cstrong>15 fully responsive coming soon templates\u003C\u002Fstrong>, each pre-designed with modern layouts and fully customizable through the Customizer. Add your own logo, background image, heading text, countdown timer, and social media links. Collect email subscribers with the built-in MailChimp integration so you can build your audience before launch day.\u003C\u002Fp>\n\u003Cp>Logged-in users can browse and edit the site normally while non-logged-in visitors see only the coming soon or maintenance page. The plugin also blocks the WordPress REST API for visitors to prevent content exposure while your site is under construction.\u003C\u002Fp>\n\u003Ch4>Why Choose This Coming Soon Plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>100% free\u003C\u002Fstrong> — no premium version, no ads, no feature restrictions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>15 responsive templates\u003C\u002Fstrong> — professionally designed coming soon, maintenance mode, and under construction page layouts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Customizer\u003C\u002Fstrong> — customize everything in real time without touching code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Countdown timer\u003C\u002Fstrong> — display a launch countdown with configurable date and 12\u002F24-hour format\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MailChimp subscribe form\u003C\u002Fstrong> — collect emails and grow your list while in maintenance mode\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social media integration\u003C\u002Fstrong> — add links to Facebook, Twitter, Instagram, YouTube, Pinterest, and email\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom logo and background\u003C\u002Fstrong> — upload your brand logo and a custom background image\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Analytics 4\u003C\u002Fstrong> — track visitors to your coming soon page with GA4\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom CSS\u003C\u002Fstrong> — add your own styles for advanced customization\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API protection\u003C\u002Fstrong> — blocks public API access while the site is under construction\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer friendly\u003C\u002Fstrong> — use the \u003Ccode>ccsm_skip_redirect\u003C\u002Fcode> and \u003Ccode>ccsm_force_redirect\u003C\u002Fcode> filters to control redirect behavior\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with all WordPress themes\u003C\u002Fstrong> — self-contained templates run independently of your active theme\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR compliant\u003C\u002Fstrong> — collect visitor information while respecting privacy regulations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>Go to Appearance > Customize > Colorlib Coming Soon Settings\u003C\u002Fli>\n\u003Cli>Pick a template and customize the content, colors, images, and countdown timer\u003C\u002Fli>\n\u003Cli>Enable coming soon mode — visitors see your launch page, you keep working\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcolorlib.com\u002Fwp\u002Fforums\u002F\" rel=\"nofollow ugc\">Documentation and Support\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FColorlibHQ\u002Fcolorlib-coming-soon-maintenence\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is developed and maintained by \u003Ca href=\"https:\u002F\u002Fcolorlib.com\u002F\" rel=\"nofollow ugc\">Colorlib\u003C\u002Fa>. If you enjoy using it, please leave a review — it helps other WordPress users discover the plugin.\u003C\u002Fp>\n","Create a coming soon page or maintenance mode screen with 15 responsive templates, countdown timer, MailChimp subscribe form, and social media links.",7000,275180,94,42,"2026-02-06T14:03:00.000Z","6.0","7.4",[80,20,145,55,56],"landing-page","https:\u002F\u002Fcolorlib.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcolorlib-coming-soon-maintenance.1.2.0.zip","2024-03-19 00:00:00",{"attackSurface":150,"codeSignals":212,"taintFlows":333,"riskAssessment":388,"analyzedAt":401},{"hooks":151,"ajaxHandlers":177,"restRoutes":209,"shortcodes":210,"cronEvents":211,"entryPointCount":11,"unprotectedCount":13},[152,158,161,165,168,172],{"type":153,"name":154,"callback":155,"priority":60,"file":156,"line":157},"action","plugins_loaded","constants","Wp_Maintenance_vek.php",25,{"type":153,"name":154,"callback":159,"priority":48,"file":156,"line":160},"langss",26,{"type":153,"name":162,"callback":163,"file":156,"line":164},"admin_menu","add_plugin_menu",27,{"type":153,"name":154,"callback":166,"priority":31,"file":156,"line":167},"wp_vek_logout",37,{"type":153,"name":154,"callback":169,"priority":170,"file":156,"line":171},"view_html",4,38,{"type":173,"name":174,"callback":175,"file":156,"line":176},"filter","wp_mail_content_type","anonymous",307,[178,183,187,191,195,197,199,202,204,207],{"action":179,"nopriv":180,"callback":181,"hasNonce":182,"hasCapCheck":182,"file":156,"line":33},"Wp_save_update",false,"update_db",true,{"action":184,"nopriv":180,"callback":185,"hasNonce":182,"hasCapCheck":182,"file":156,"line":186},"Wp_default_reset","resets_db",31,{"action":188,"nopriv":180,"callback":189,"hasNonce":180,"hasCapCheck":182,"file":156,"line":190},"Wp_subscriber_email_csv","subscriber_email_csv",32,{"action":192,"nopriv":180,"callback":193,"hasNonce":180,"hasCapCheck":182,"file":156,"line":194},"Wp_subscriber_email_csv_del","subscriber_email_csv_del",33,{"action":22,"nopriv":180,"callback":22,"hasNonce":182,"hasCapCheck":180,"file":156,"line":196},40,{"action":22,"nopriv":182,"callback":22,"hasNonce":182,"hasCapCheck":180,"file":156,"line":198},41,{"action":200,"nopriv":180,"callback":200,"hasNonce":182,"hasCapCheck":180,"file":156,"line":201},"mail_form",43,{"action":200,"nopriv":182,"callback":200,"hasNonce":182,"hasCapCheck":180,"file":156,"line":203},44,{"action":205,"nopriv":180,"callback":205,"hasNonce":182,"hasCapCheck":180,"file":156,"line":206},"subscriber_email",46,{"action":205,"nopriv":182,"callback":205,"hasNonce":182,"hasCapCheck":180,"file":156,"line":208},47,[],[],[],{"dangerousFunctions":213,"sqlUsage":217,"outputEscaping":233,"fileOperations":60,"externalRequests":13,"nonceChecks":84,"capabilityChecks":331,"bundledLibraries":332},[214],{"fn":215,"file":156,"line":176,"context":216},"create_function","add_filter('wp_mail_content_type', create_function('', 'return \"text\u002Fhtml\";'));",{"prepared":84,"raw":218,"locations":219},5,[220,223,225,228,231],{"file":156,"line":221,"context":222},373,"$wpdb->get_var() with variable interpolation",{"file":156,"line":224,"context":222},409,{"file":156,"line":226,"context":227},444,"$wpdb->get_row() with variable interpolation",{"file":156,"line":229,"context":230},456,"$wpdb->get_results() with variable interpolation",{"file":156,"line":232,"context":227},509,{"escaped":234,"rawEcho":235,"locations":236},28,54,[237,240,241,242,244,245,247,248,249,250,251,253,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,289,291,293,294,295,297,299,300,302,304,306,308,310,311,312,314,315,317,319,321,323,325,327,329],{"file":238,"line":84,"context":239},"includes\\admin.php","raw output",{"file":238,"line":84,"context":239},{"file":238,"line":84,"context":239},{"file":238,"line":243,"context":239},21,{"file":238,"line":243,"context":239},{"file":238,"line":246,"context":239},22,{"file":238,"line":246,"context":239},{"file":238,"line":171,"context":239},{"file":238,"line":208,"context":239},{"file":238,"line":235,"context":239},{"file":238,"line":252,"context":239},89,{"file":238,"line":47,"context":239},{"file":238,"line":255,"context":239},110,{"file":238,"line":257,"context":239},111,{"file":238,"line":259,"context":239},112,{"file":238,"line":261,"context":239},141,{"file":238,"line":263,"context":239},171,{"file":238,"line":265,"context":239},172,{"file":238,"line":267,"context":239},186,{"file":238,"line":269,"context":239},196,{"file":238,"line":271,"context":239},225,{"file":238,"line":273,"context":239},237,{"file":238,"line":275,"context":239},249,{"file":238,"line":277,"context":239},261,{"file":238,"line":279,"context":239},273,{"file":238,"line":281,"context":239},285,{"file":283,"line":203,"context":239},"includes\\home.php",{"file":283,"line":285,"context":239},56,{"file":283,"line":287,"context":239},66,{"file":283,"line":287,"context":239},{"file":283,"line":290,"context":239},83,{"file":283,"line":292,"context":239},93,{"file":283,"line":83,"context":239},{"file":283,"line":59,"context":239},{"file":283,"line":296,"context":239},102,{"file":283,"line":298,"context":239},136,{"file":283,"line":261,"context":239},{"file":283,"line":301,"context":239},144,{"file":283,"line":303,"context":239},145,{"file":283,"line":305,"context":239},146,{"file":283,"line":307,"context":239},151,{"file":283,"line":309,"context":239},230,{"file":283,"line":275,"context":239},{"file":283,"line":275,"context":239},{"file":283,"line":313,"context":239},255,{"file":283,"line":277,"context":239},{"file":283,"line":316,"context":239},268,{"file":283,"line":318,"context":239},269,{"file":283,"line":320,"context":239},270,{"file":283,"line":322,"context":239},283,{"file":283,"line":324,"context":239},291,{"file":156,"line":326,"context":239},386,{"file":156,"line":328,"context":239},387,{"file":156,"line":330,"context":239},388,9,[],[334,350,362,375],{"entryPoint":335,"graph":336,"unsanitizedCount":60,"severity":349},"\u003Chome> (includes\\home.php:0)",{"nodes":337,"edges":347},[338,342],{"id":339,"type":340,"label":341,"file":283,"line":275},"n0","source","$_SERVER['REQUEST_URI']",{"id":343,"type":344,"label":345,"file":283,"line":275,"wp_function":346},"n1","sink","echo() [XSS]","echo",[348],{"from":339,"to":343,"sanitized":180},"low",{"entryPoint":351,"graph":352,"unsanitizedCount":13,"severity":349},"wp_vek_logout (Wp_Maintenance_vek.php:321)",{"nodes":353,"edges":360},[354,357],{"id":339,"type":340,"label":355,"file":156,"line":356},"$_SERVER['HTTP_REFERER']",326,{"id":343,"type":344,"label":358,"file":156,"line":356,"wp_function":359},"wp_redirect() [Open Redirect]","wp_redirect",[361],{"from":339,"to":343,"sanitized":182},{"entryPoint":363,"graph":364,"unsanitizedCount":13,"severity":349},"subscriber_email (Wp_Maintenance_vek.php:403)",{"nodes":365,"edges":373},[366,369],{"id":339,"type":340,"label":367,"file":156,"line":368},"$_POST",411,{"id":343,"type":344,"label":370,"file":156,"line":371,"wp_function":372},"get_row() [SQLi]",416,"get_row",[374],{"from":339,"to":343,"sanitized":182},{"entryPoint":376,"graph":377,"unsanitizedCount":13,"severity":349},"\u003CWp_Maintenance_vek> (Wp_Maintenance_vek.php:0)",{"nodes":378,"edges":385},[379,380,381,383],{"id":339,"type":340,"label":355,"file":156,"line":356},{"id":343,"type":344,"label":358,"file":156,"line":356,"wp_function":359},{"id":382,"type":340,"label":367,"file":156,"line":368},"n2",{"id":384,"type":344,"label":370,"file":156,"line":371,"wp_function":372},"n3",[386,387],{"from":339,"to":343,"sanitized":182},{"from":382,"to":384,"sanitized":182},{"summary":389,"deductions":390},"The \"wp-maintenance-vek\" plugin v0.2 presents a mixed security posture. On the positive side, it has a clean vulnerability history with no known CVEs.  Furthermore, the static analysis indicates that all identified entry points (AJAX handlers) are protected by nonce and capability checks, which is a strong indicator of good security practice for user-facing functionality. The absence of REST API routes, shortcodes, and cron events further limits the potential attack surface.\n\nHowever, the code analysis does reveal some areas of concern. The presence of the `create_function` is a significant red flag, as it can be a vector for code injection if used with unsanitized input. While the taint analysis showed no critical or high severity flows, the single flow with an unsanitized path is concerning, especially in conjunction with the low percentage of properly escaped outputs.  This suggests a potential for cross-site scripting (XSS) vulnerabilities if data flowing through that unsanitized path is later rendered without proper encoding.  The moderate use of prepared statements for SQL queries is acceptable but could be improved.\n\nOverall, while the plugin benefits from a lack of past vulnerabilities and a seemingly secure approach to its public interfaces, the identified code quality issues, particularly `create_function` and unsanitized paths combined with poor output escaping, introduce a non-negligible risk.  It's crucial to address these specific code concerns to solidify its security.",[391,394,396,399],{"reason":392,"points":393},"Use of dangerous function: create_function",15,{"reason":395,"points":11},"Flow with unsanitized path",{"reason":397,"points":398},"Low percentage of properly escaped outputs",8,{"reason":400,"points":218},"SQL queries not using prepared statements","2026-03-17T00:53:50.873Z",{"wat":403,"direct":424},{"assetPaths":404,"generatorPatterns":413,"scriptPaths":414,"versionParams":415},[405,406,407,408,409,410,411,412],"\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fcss\u002Ffont-awesome.css","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fcss\u002Fdatetimepicker-master\u002Fjquery.datetimepicker.css","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fcss\u002Fadmin\u002Fstyle-admin.css","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fjs\u002Fbootstrap.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fjs\u002Fjquery.noty\u002Fjquery.noty.packaged.js","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fjs\u002Fdatetimepicker-master\u002Fjquery.datetimepicker.js","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-vek\u002Fassets\u002Fjs\u002Fsave.js",[],[],[416,417,418,419,420,421,422,423],"wp-maintenance-vek\u002Fassets\u002Fcss\u002Fbootstrap.min.css?ver=","wp-maintenance-vek\u002Fassets\u002Fcss\u002Ffont-awesome.css?ver=","wp-maintenance-vek\u002Fassets\u002Fcss\u002Fdatetimepicker-master\u002Fjquery.datetimepicker.css?ver=","wp-maintenance-vek\u002Fassets\u002Fcss\u002Fadmin\u002Fstyle-admin.css?ver=","wp-maintenance-vek\u002Fassets\u002Fjs\u002Fbootstrap.min.js?ver=","wp-maintenance-vek\u002Fassets\u002Fjs\u002Fjquery.noty\u002Fjquery.noty.packaged.js?ver=","wp-maintenance-vek\u002Fassets\u002Fjs\u002Fdatetimepicker-master\u002Fjquery.datetimepicker.js?ver=","wp-maintenance-vek\u002Fassets\u002Fjs\u002Fsave.js?ver=",{"cssClasses":425,"htmlComments":426,"htmlAttributes":433,"restEndpoints":438,"jsGlobals":442,"shortcodeOutput":444},[],[427,428,429,430,431,432],"\u003C!-- CSS -->","\u003C!-- JS -->","\u003C!-- Main -->","\u003C!-- Login -->","\u003C!-- subscriber -->","\u003C!-- Subscriber -->",[434,435,436,437],"data-target=#loginModal","data-dismiss=modal","data-toggle=modal","data-target=#subscriberModal",[439,440,441],"\u002Fwp-json\u002Fwp-maintenance-vek\u002Fv1\u002Flogin","\u002Fwp-json\u002Fwp-maintenance-vek\u002Fv1\u002Fmail_form","\u002Fwp-json\u002Fwp-maintenance-vek\u002Fv1\u002Fsubscriber_email",[443],"admin_save",[]]