[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flKKJqS9dLVXGSOLEbPsPlZzGH1lXV2Km2fRV9O4YTQU":3,"$fLMfzqpynTZ_LhF-glqlRqUsWPb5PiQBTNh64z8fvvqY":364,"$f73AdU5nXNePDG6UksdCn60kQ3h_LpQKMz3d1qQnEgQU":368},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":38,"analysis":139,"fingerprints":347},"wp-peon","WP Peon","v1.0.0","soachishti","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoachishti\u002F","\u003Cp>WP Peon is specifically design for back end developer so that they can easily look, modify WordPress files you can say alternate WP Editor. Goal is to provide friendly access to most common WordPress action and filters.\u003C\u002Fp>\n\u003Ch4>Custom HTML\u003C\u002Fh4>\n\u003Cp>Add custom HTML in header, footer and blog posts.\u003C\u002Fp>\n\u003Ch4>Execute PHP\u003C\u002Fh4>\n\u003Cp>Help to run PHP code in WordPress posts and pages using shortcodes generated by Execute PHP. Usage Type in shortcode and type in PHP Code and then click save. To create new code just change the shortcode and add renew code below or refresh page to clear existing values.\u003C\u002Fp>\n\u003Ch4>WP Explorer\u003C\u002Fh4>\n\u003Cp>An alternate WordPress Source Editor. With directory list view and open folder and nice breadcrumbs.\u003C\u002Fp>\n\u003Ch4>Advance\u003C\u002Fh4>\n\u003Cp>Modify .htaccess file or wp-config.php from Advance page. You can also enable debugging with given step and view debug.log directly on page.\u003C\u002Fp>\n","An helper plugin for getting work done quickly from admin panel.",10,1909,60,2,"2016-01-30T19:42:00.000Z","4.4.34","3.0","",[20,21,22,23,24],"editor","execute","explorer","file-editor","htaccess","http:\u002F\u002Fexample.com\u002Fwp-peon-uri\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-peon.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},1,30,84,"2026-05-20T03:39:21.122Z",[39,61,85,103,122],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":59,"download_link":60,"security_score":49,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-htaccess-editor","Htaccess File Editor – Safely Edit Htaccess File","1.73","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwphtaccess.com\u002F\" rel=\"nofollow ugc\">WP Htaccess Editor\u003C\u002Fa> provides a \u003Cstrong>simple, safe & fast way\u003C\u002Fstrong> to edit, fix & test the site’s htaccess file from WP admin. Before saving, htaccess file can be tested for syntax errors. It also automatically creates a htaccess backup every time you make a change to the htaccess file. Htaccess backups can be restored directly from the plugin, or via FTP if the errors in htaccess file prevents WP from running normally. Great for fixing htaccess errors. For all questions, including support please use the official \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-htaccess-editor\" rel=\"ugc\">forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Access WP Htaccess Editor via WP Admin – Settings menu.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you’re having problems with SSL or HTTPS try our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-ssl\u002F\" rel=\"ugc\">WP Force SSL\u003C\u002Fa> plugin. It’s the easiest way to enable SSL and fix SSL problems.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Testing Htaccess Syntax\u003C\u002Fh4>\n\u003Cp>Use the “test before saving” button to test htaccess file syntax before saving. Please note that this test does not check the logic of your htaccess file, ie if the redirects work as intended. It only checks for syntax errors. If you need to fix htaccess file we suggest restoring it to the default version and then add custom code line by line.\u003C\u002Fp>\n\u003Ch4>Automatic Htaccess Backups\u003C\u002Fh4>\n\u003Cp>Htaccess Editor makes automatic backups of htaccess file every time you make a change to it. Backups are located in \u003Ccode>\u002Fwp-content\u002Fhtaccess-editor-backups\u002F\u003C\u002Fcode> and timestamped so you can easily find the latest htaccess backup and restore it.\u003C\u002Fp>\n\u003Ch4>WordPress Network (WPMU) Support\u003C\u002Fh4>\n\u003Cp>WP Htaccess Editor is fully compatible and tested with WP Network (WPMU). It shows up under the Settings menu in network admin. It’s not available in individual sites as there is only one htaccess file per network.\u003C\u002Fp>\n\u003Cp>The plugin was originally developed by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Flukenzi\" rel=\"nofollow ugc\">Lukenzi\u003C\u002Fa> in March of 2011.\u003C\u002Fp>\n\u003Ch4>GDPR compatibility\u003C\u002Fh4>\n\u003Cp>We are not lawyers. Please do not take any of the following as legal advice.\u003Cbr \u002F>\nWP Htaccess Editor does not track, collect or process any user data. Nothing is logged or pushed to any 3rd parties nor do we use any 3rd party services or CDNs. Based on that, we feel it’s GDPR compatible, but again, please, don’t take this as legal advice.\u003C\u002Fp>\n","A safe & simple htaccess file editor with automatic htaccess backups & htaccess file syntax testing.",40000,811818,100,102,"2025-12-03T19:33:00.000Z","6.9.4","4.0","5.2",[23,24,56,57,58],"htaccess-editor","htaccess-file","htaccess-file-editor","https:\u002F\u002Fwphtaccess.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-htaccess-editor.1.73.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":47,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":52,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":80,"download_link":81,"security_score":82,"vuln_count":83,"unpatched_count":28,"last_vuln_date":84,"fetched_at":30},"wpide","WPIDE – File Manager & Code Editor","3.5.5","XplodedThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fxplodedthemes\u002F","\u003Cp>\u003Cstrong>WPIDE\u003C\u002Fstrong> is an Advanced \u003Cstrong>File Manager\u003C\u002Fstrong> and \u003Cstrong>Code Editor\u003C\u002Fstrong> plugin for WordPress that you can use completely for free.\u003C\u002Fp>\n\u003Cp>The Code Editor lets you edit any file within your wp-content folder, not just plugins and themes.\u003C\u002Fp>\n\u003Cp>The included \u003Cstrong>code completion\u003C\u002Fstrong> will help you remember your WordPress\u002FPHP commands providing function reference along the way. Edit multiple files with the tabbed editor.\u003C\u002Fp>\n\u003Cp>The File Manager lets you copy, move, duplicate, create archives, download, upload, edit, delete, preview files & directories \u003Cstrong>without FTP or cPanel access\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>WPIDE uses a \u003Cstrong>very modern, clean and easy to use interface\u003C\u002Fstrong> to make managing and editing your files a breeze! It comes with 6 different themes and a dark mode to reduce blue light exposure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Did you know?\u003C\u002Fstrong>\u003Cbr \u002F>\nMore than \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fblog\u002F2020\u002F09\u002Fmillions-of-sites-targeted-in-file-manager-vulnerability-attacks\u002F\" rel=\"nofollow ugc\">700,000 WordPress websites\u003C\u002Fa> were attacked during September 2020.\u003Cbr \u002F>\nMalicious bots are looking to exploit vulnerable versions of WP file manager plugins.\u003C\u002Fp>\n\u003Cp>Fortunately, WPIDE is built with \u003Cstrong>security in mind\u003C\u002Fstrong> and comes with this vulnerability \u003Cstrong>fixed\u003C\u002Fstrong>! So rest assured! WPIDE poses no risk to you!\u003C\u002Fp>\n\u003Ch3>▶️ VIDEO OVERVIEW\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FwF0PUz8wfRM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=wF0PUz8wfRM\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=wF0PUz8wfRM\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>⚡️ FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Advanced File Manager\u003C\u002Fli>\n\u003Cli>File Tree Browser\u003C\u002Fli>\n\u003Cli>Smart context menu\u003C\u002Fli>\n\u003Cli>Customizable Root Path\u003C\u002Fli>\n\u003Cli>Create new files and directories\u003C\u002Fli>\n\u003Cli>Download files \u002F folders (Batch support)\u003C\u002Fli>\n\u003Cli>Upload files \u002F folders using drag n drop (Batch support)\u003C\u002Fli>\n\u003Cli>Zip \u002F Unzip files and folders (Batch support)\u003C\u002Fli>\n\u003Cli>Deep search for files \u002F folders by keyword\u003C\u002Fli>\n\u003Cli>Calculate folder size\u003C\u002Fli>\n\u003Cli>Advanced File Editor\u003C\u002Fli>\n\u003Cli>Editor Line numbers\u003C\u002Fli>\n\u003Cli>Editor Find + Replace\u003C\u002Fli>\n\u003Cli>Editor Syntax highlighting\u003C\u002Fli>\n\u003Cli>Editor Highlight Matching Parentheses\u003C\u002Fli>\n\u003Cli>Editor Automatic Indentation + Code Folding\u003C\u002Fli>\n\u003Cli>Editor keyboard commands \u002F shortcuts\u003C\u002Fli>\n\u003Cli>Tabbed interface for editing multiple files\u003C\u002Fli>\n\u003Cli>WordPress and PHP code auto-completion\u003C\u002Fli>\n\u003Cli>PHP code parsing and validation\u003C\u002Fli>\n\u003Cli>PHP file backup before saving\u003C\u002Fli>\n\u003Cli>File Recovery Wizard\u003C\u002Fli>\n\u003Cli>Using WordPress filesystem API\u003C\u002Fli>\n\u003Cli>Beautiful Image Gallery\u003C\u002Fli>\n\u003Cli>Video \u002F Audio Media Player\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwpide.com\" rel=\"nofollow ugc\">👉 \u003Cstrong>WPIDE PRO\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fh3>\n\u003Ch3>⭐️ PRO FEATURES\u003C\u002Fh3>\n\u003Ch4>File Editor\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Auto Save\u003C\u002Fstrong> Feature: While editing, files will be auto saved every X seconds to a draft file. Original files are not affected. If you ever close the page by mistake without saving a file, you will be able to restore from the auto saved file.\u003C\u002Fli>\n\u003Cli>Auto Saved \u003Cstrong>Quick Diff\u003C\u002Fstrong>: You can view and compare differences between the auto saved and the current file using the Quick Diff Viewer, then decide if you wish to restore from the auto saved or keep the current file.\u003C\u002Fli>\n\u003Cli>Toggle \u003Cstrong>Full Screen\u003C\u002Fstrong>: This will allow you to toggle full screen the editor area by itself, giving you more space while editing on smaller screens.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>File Manager\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Advanced Mode Option: When enabled, all files and folders will be available for editing including \u003Cstrong>core WordPress files\u003C\u002Fstrong> and the \u003Cstrong>wp-config.php\u003C\u002Fstrong> file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Config Manager\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View all defined constants within wp-config.php\u003C\u002Fli>\n\u003Cli>Add \u002F Update \u002F Remove constants\u003C\u002Fli>\n\u003Cli>Prevent Duplicated Constants\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Image Editor\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Resize \u002F Crop Images\u003C\u002Fli>\n\u003Cli>Apply filters\u003C\u002Fli>\n\u003Cli>Add Frames \u002F Corners\u003C\u002Fli>\n\u003Cli>Add Text \u002F Stickers\u003C\u002Fli>\n\u003Cli>Add Patterns \u002F Gradients\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Database Manager\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View Tables\u003C\u002Fli>\n\u003Cli>Create New Tables\u003C\u002Fli>\n\u003Cli>Add \u002F Update \u002F Delete Rows\u003C\u002Fli>\n\u003Cli>Update Table Structure\u003C\u002Fli>\n\u003Cli>Update Column Indexes\u003C\u002Fli>\n\u003Cli>Safe Editing Enabled\u003C\u002Fli>\n\u003C\u002Ful>\n","WPIDE is a powerful file manager and code editor for WordPress with tabs, code completion, and full access to the entire wp-content folder.",902731,96,287,"2026-04-14T21:47:00.000Z","5.0","7.4.0",[76,23,77,78,79],"code-editor","file-manager","plugin-editor","theme-editor","https:\u002F\u002Fwpide.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpide.3.5.5.zip",95,4,"2024-10-14 10:52:09",{"slug":58,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":49,"num_ratings":14,"last_updated":94,"tested_up_to":52,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":99,"download_link":100,"security_score":101,"vuln_count":14,"unpatched_count":28,"last_vuln_date":102,"fetched_at":30},"Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file","1.0.22","WP Chill","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpchill\u002F","\u003Cp>Htaccess File Editor is a fast, safe and simple yet perfect to edit the WordPress site’s \u003Cem>.htaccess\u003C\u002Fem> file from admin panel. You can create a backup of your \u003Cem>.htaccess\u003C\u002Fem> file and can be restored from WordPress Dashboard.\u003Cbr \u002F>\nYou can create a Backup from Htaccess –> Backup Menu and you can edit .htaccess file from Htaccess Menu.\u003Cbr \u002F>\n\u003Cstrong>This plugin should be used only by experienced users!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Edit .htaccess file easily\u003C\u002Fli>\n\u003Cli>Create Backup of .htaccess file\u003C\u002Fli>\n\u003Cli>Restore  old .htaccess backup\u003C\u002Fli>\n\u003C\u002Fol>\n","Simple editor htaccess file without using FTP client.",10000,123634,"2025-12-02T11:01:00.000Z","6.5",[24,97,56,98],"htaccess-backup","htaccess-restore","https:\u002F\u002Fwpchill.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtaccess-file-editor.1.0.22.zip",99,"2025-01-14 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":49,"num_ratings":34,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":120,"download_link":121,"security_score":49,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-file-editor","Disable File Editor","1.7","Nikunj Soni","https:\u002F\u002Fprofiles.wordpress.org\u002Fnikunjsoni\u002F","\u003Cp>This plugin will disable file editing tool in your WordPress admin panel.\u003C\u002Fp>\n","This plugin will disable file editing tool in your WordPress admin panel.",500,6156,"2025-10-08T15:25:00.000Z","6.8.5","3.7",[20,117,23,118,119],"file","security","wp-admin","http:\u002F\u002Fwww.nikunjsoni.co.in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-file-editor.1.7.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":13,"downloaded":130,"rating":49,"num_ratings":34,"last_updated":131,"tested_up_to":52,"requires_at_least":17,"requires_php":18,"tags":132,"homepage":136,"download_link":137,"security_score":49,"vuln_count":34,"unpatched_count":28,"last_vuln_date":138,"fetched_at":30},"easy-digital-downloads-htaccess-editor","Easy Digital Downloads – htaccess Editor","1.0.2","DigitalME","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalmeactivecampaign\u002F","\u003Cp>A simple extension for Easy Digital Downloads which adds an htaccess file editor to the tools page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Follow this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FSection214\u002FEDD-htaccess-Editor\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Edit your htaccess file directly from EDD!",7973,"2026-02-03T20:23:00.000Z",[133,134,20,24,135],"easy-digital-downloads","edd","rules","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-digital-downloads-htaccess-editor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-digital-downloads-htaccess-editor.1.0.2.zip","2015-04-20 00:00:00",{"attackSurface":140,"codeSignals":175,"taintFlows":239,"riskAssessment":334,"analyzedAt":346},{"hooks":141,"ajaxHandlers":171,"restRoutes":172,"shortcodes":173,"cronEvents":174,"entryPointCount":28,"unprotectedCount":28},[142,148,151,153,156,159,161,164,167],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","plugins_loaded","anonymous","includes\\class-wp-peon.php",140,{"type":143,"name":149,"callback":145,"file":146,"line":150},"admin_enqueue_scripts",155,{"type":143,"name":149,"callback":145,"file":146,"line":152},156,{"type":143,"name":154,"callback":145,"file":146,"line":155},"admin_menu",159,{"type":143,"name":157,"callback":145,"file":146,"line":158},"wp_enqueue_scripts",173,{"type":143,"name":157,"callback":145,"file":146,"line":160},174,{"type":143,"name":162,"callback":145,"file":146,"line":163},"wp_head",176,{"type":143,"name":165,"callback":145,"file":146,"line":166},"wp_footer",177,{"type":168,"name":169,"callback":145,"file":146,"line":170},"filter","the_content",179,[],[],[],[],{"dangerousFunctions":176,"sqlUsage":177,"outputEscaping":179,"fileOperations":11,"externalRequests":28,"nonceChecks":237,"capabilityChecks":28,"bundledLibraries":238},[],{"prepared":28,"raw":28,"locations":178},[],{"escaped":28,"rawEcho":180,"locations":181},29,[182,186,187,189,192,194,196,197,200,201,203,205,206,209,211,212,214,216,218,220,221,222,224,226,229,231,232,234,236],{"file":183,"line":184,"context":185},"admin\\partials\\wp-peon-advance.php",52,"raw output",{"file":183,"line":13,"context":185},{"file":183,"line":188,"context":185},81,{"file":190,"line":191,"context":185},"admin\\partials\\wp-peon-custom-html.php",75,{"file":190,"line":193,"context":185},83,{"file":190,"line":195,"context":185},91,{"file":190,"line":101,"context":185},{"file":198,"line":199,"context":185},"admin\\partials\\wp-peon-execute.php",108,{"file":198,"line":199,"context":185},{"file":198,"line":202,"context":185},109,{"file":198,"line":204,"context":185},146,{"file":198,"line":150,"context":185},{"file":207,"line":208,"context":185},"admin\\partials\\wp-peon-explorer.php",54,{"file":207,"line":210,"context":185},98,{"file":207,"line":210,"context":185},{"file":207,"line":213,"context":185},117,{"file":207,"line":215,"context":185},147,{"file":207,"line":217,"context":185},149,{"file":207,"line":219,"context":185},172,{"file":207,"line":160,"context":185},{"file":207,"line":166,"context":185},{"file":207,"line":223,"context":185},180,{"file":207,"line":225,"context":185},182,{"file":227,"line":228,"context":185},"admin\\partials\\wp-peon-header.php",17,{"file":227,"line":230,"context":185},21,{"file":227,"line":230,"context":185},{"file":233,"line":27,"context":185},"public\\class-wp-peon-public.php",{"file":233,"line":235,"context":185},89,{"file":233,"line":49,"context":185},3,[],[240,283,300,315],{"entryPoint":241,"graph":242,"unsanitizedCount":281,"severity":282},"\u003Cwp-peon-explorer> (admin\\partials\\wp-peon-explorer.php:0)",{"nodes":243,"edges":275},[244,249,255,258,262,266,268,271],{"id":245,"type":246,"label":247,"file":207,"line":248},"n0","source","$_POST (x2)",51,{"id":250,"type":251,"label":252,"file":207,"line":253,"wp_function":254},"n1","sink","file_put_contents() [File Write]",53,"file_put_contents",{"id":256,"type":246,"label":257,"file":207,"line":248},"n2","$_POST",{"id":259,"type":251,"label":260,"file":207,"line":208,"wp_function":261},"n3","echo() [XSS]","echo",{"id":263,"type":246,"label":264,"file":207,"line":265},"n4","$_GET (x2)",144,{"id":267,"type":251,"label":260,"file":207,"line":215,"wp_function":261},"n5",{"id":269,"type":246,"label":270,"file":207,"line":265},"n6","$_GET",{"id":272,"type":251,"label":273,"file":207,"line":217,"wp_function":274},"n7","file_get_contents() [SSRF\u002FLFI]","file_get_contents",[276,278,279,280],{"from":245,"to":250,"sanitized":277},false,{"from":256,"to":259,"sanitized":277},{"from":263,"to":267,"sanitized":277},{"from":269,"to":272,"sanitized":277},6,"medium",{"entryPoint":284,"graph":285,"unsanitizedCount":28,"severity":299},"\u003Cwp-peon-advance> (admin\\partials\\wp-peon-advance.php:0)",{"nodes":286,"edges":295},[287,290,291,294],{"id":245,"type":246,"label":288,"file":183,"line":289},"$_POST['htaccess']",22,{"id":250,"type":251,"label":252,"file":183,"line":289,"wp_function":254},{"id":256,"type":246,"label":292,"file":183,"line":293},"$_POST['config']",23,{"id":259,"type":251,"label":252,"file":183,"line":293,"wp_function":254},[296,298],{"from":245,"to":250,"sanitized":297},true,{"from":256,"to":259,"sanitized":297},"low",{"entryPoint":301,"graph":302,"unsanitizedCount":28,"severity":299},"\u003Cwp-peon-custom-html> (admin\\partials\\wp-peon-custom-html.php:0)",{"nodes":303,"edges":312},[304,306,309,311],{"id":245,"type":246,"label":257,"file":190,"line":305},27,{"id":250,"type":251,"label":307,"file":190,"line":180,"wp_function":308},"update_option() [Settings Manipulation]","update_option",{"id":256,"type":246,"label":310,"file":190,"line":305},"$_POST (x4)",{"id":259,"type":251,"label":260,"file":190,"line":191,"wp_function":261},[313,314],{"from":245,"to":250,"sanitized":297},{"from":256,"to":259,"sanitized":297},{"entryPoint":316,"graph":317,"unsanitizedCount":28,"severity":299},"\u003Cwp-peon-execute> (admin\\partials\\wp-peon-execute.php:0)",{"nodes":318,"edges":330},[319,321,323,326,327,329],{"id":245,"type":246,"label":247,"file":198,"line":320},24,{"id":250,"type":251,"label":252,"file":198,"line":322,"wp_function":254},31,{"id":256,"type":246,"label":324,"file":198,"line":325},"$_GET['shortcode']",67,{"id":259,"type":251,"label":273,"file":198,"line":325,"wp_function":274},{"id":263,"type":246,"label":264,"file":198,"line":328},69,{"id":267,"type":251,"label":260,"file":198,"line":204,"wp_function":261},[331,332,333],{"from":245,"to":250,"sanitized":297},{"from":256,"to":259,"sanitized":297},{"from":263,"to":267,"sanitized":297},{"summary":335,"deductions":336},"The wp-peon plugin version 1.0.0 exhibits a mixed security posture.  On the positive side, the plugin demonstrates good practices by having no known CVEs in its history and a clean slate regarding critical or high-severity vulnerabilities. The static analysis also indicates no dangerous functions, all SQL queries are prepared, and there are no external HTTP requests, which are all favorable indicators. However, significant concerns arise from the complete lack of output escaping, with 0% of identified outputs being properly escaped. This represents a substantial risk for cross-site scripting (XSS) vulnerabilities. Additionally, while there's one unsanitized path identified in the taint analysis, it is not currently flagged as critical or high severity, which warrants further investigation but does not immediately present a high risk based on the provided data.  The plugin also has a relatively low attack surface with zero identified entry points requiring authentication, which is positive, but the complete absence of capability checks is a weakness that could be exploited if new entry points are introduced or if existing ones are implicitly insecure.",[337,340,343],{"reason":338,"points":339},"No output escaping",18,{"reason":341,"points":342},"Flows with unsanitized paths (not critical\u002Fhigh)",5,{"reason":344,"points":345},"No capability checks",8,"2026-03-17T01:23:54.560Z",{"wat":348,"direct":357},{"assetPaths":349,"generatorPatterns":352,"scriptPaths":353,"versionParams":354},[350,351],"\u002Fwp-content\u002Fplugins\u002Fwp-peon\u002Fcss\u002Fwp-peon-admin.css","\u002Fwp-content\u002Fplugins\u002Fwp-peon\u002Fjs\u002Fwp-peon-admin.js",[],[351],[355,356],"wp-peon-admin.css?ver=","wp-peon-admin.js?ver=",{"cssClasses":358,"htmlComments":359,"htmlAttributes":360,"restEndpoints":361,"jsGlobals":362,"shortcodeOutput":363},[],[],[],[],[],[],{"error":297,"url":365,"statusCode":366,"statusMessage":367,"message":367},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-peon\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":28,"versions":369},[]]