[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqFiNJMC6XpEcFBhOaw_GUs9MeiKePQJKDe1zPGqKxPc":3,"$fNYASA6Pv4GRFXT2cQMeGqcbY1jsogXvZ0pxZzjZasvo":200,"$fYeauwguLbdGir7o8tczAC12Ew_fG1jv-fRN1XGtVB0Q":205},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":33,"analysis":139,"fingerprints":187},"wp-sef-urls","WP SEF Urls","0.1","santiaga","https:\u002F\u002Fprofiles.wordpress.org\u002Fsantiaga\u002F","\u003Cp>Main features:\u003Cbr \u002F>\n1. Change or remove category url base.\u003Cbr \u002F>\n2. Change archives url.\u003Cbr \u002F>\n3. Change tags url base.\u003Cbr \u002F>\n4. Change pages url ex. http:\u002F\u002Fyoursite.com\u002Fpagename.html\u003Cbr \u002F>\n5. Change aurthor page url.\u003Cbr \u002F>\n6. Change posts url.\u003C\u002Fp>\n","Search Engine Friendly urls for Wordpress",30,3742,0,"2012-10-05T11:31:00.000Z","3.4.2","3.0.1","",[19,20],"rewrite-urls","sef","http:\u002F\u002Fcyber-notes.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sef-urls.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":11,"trust_score":31,"computed_at":32},3,50,84,"2026-05-20T08:04:47.910Z",[34,58,79,99,121],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":56,"download_link":57,"security_score":44,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"useful-blocks","Useful Blocks","1.9.0","Ryo","https:\u002F\u002Fprofiles.wordpress.org\u002Flooswebstudio\u002F","\u003Cp>This plugin adds “useful” Gutenberg blocks to the writing of blog posts.\u003C\u002Fp>\n\u003Ch4>How to use （For Block Editor）\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Open the “Useful Blocks” category of the Block Inserter.\u003C\u002Fli>\n\u003Cli>There are custom blocks.\u003C\u002Fli>\n\u003Cli>Just select the block you want to use.\u003C\u002Fli>\n\u003C\u002Ful>\n","It is a plugin that collects very convenient blocks.",20000,137681,100,1,"2026-03-31T17:28:00.000Z","6.9.4","6.0","7.0",[51,52,53,54,55],"block","editor","guternberg","ponhiro","useful","https:\u002F\u002Fponhiro.com\u002Fuseful-blocks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuseful-blocks.1.9.0.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":47,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":17,"download_link":78,"security_score":44,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"japanese-font-for-tinymce","Japanese font for WordPress(Previously: Japanese Font for TinyMCE)","4.30","raspi0124","https:\u002F\u002Fprofiles.wordpress.org\u002Fraspi0124\u002F","\u003Cp>Add Japanese font to Gutenberg and TinyMCE Advanced plugin’s font family selections.\u003Cbr \u002F>\nNow supports Gutenberg as option. Please enable gutenberg option in order to use it.\u003Cbr \u002F>\nFont to be added；\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fhp.vector.co.jp\u002Fauthors\u002FVA039499\u002F#hui\" rel=\"nofollow ugc\">ふい字\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Fget\u002Fnoto\u002F#sans-jpan\" rel=\"nofollow ugc\">Noto Sans Japanese\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Ftanukifont.com\u002Fesenapaj\u002F\" rel=\"nofollow ugc\">エセナパJ\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Ffont.gloomy.jp\u002Fhonoka-maru-gothic-dl.html\" rel=\"nofollow ugc\">ほのか丸ゴシック\u003C\u002Fa>\u003Cbr \u002F>\nand more..\u003Cbr \u002F>\nAnd If you want more font,please post a comment to page below.\u003C\u002Fp>\n\u003Cp>Please see \u003Ca href=\"https:\u002F\u002Fdiary.raspi0124.dev\u002Fpost-677\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> for more infomation.(Japanese)\u003Cbr \u002F>\nDevelopment for this plugin takes place at GitHub. To report bugs or feature requests, please use \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fraspi0124\u002FJapanese-font-for-TinyMCE\" rel=\"nofollow ugc\">Github\u003C\u002Fa> issues.\u003Cbr \u002F>\nThis plugin could not be exist without the creator of the fonts, the people who sacrificed huge amount of their time contributing to more freeer world.\u003Cbr \u002F>\nIf you would like to donate, or send message to those people who sacrificed huge amount of their private time making those fonts and pubishing them for free, feel free to checkout this list. It has all email\u002Fdonating destination I could collect.\u003C\u002Fp>\n","Add Japanese font to Gutenberg and TinyMCE Advanced plugin's font family selections.",10000,130870,76,6,"2025-12-04T09:06:00.000Z","5.1",[73,74,75,76,77],"font","fonts","japanese","japanesefont","tinymce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjapanese-font-for-tinymce.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":68,"num_ratings":69,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":17,"tags":92,"homepage":97,"download_link":98,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"mouseflow-for-wordpress","Mouseflow for WordPress","5.1.3","mouseflow","https:\u002F\u002Fprofiles.wordpress.org\u002Fmouseflow\u002F","\u003Cp>With Mouseflow for WordPress you can access everything Mouseflow has to offer – directly from your WordPress dashboard! Learn more about your visitors by analyzing heatmaps and recordings of user sessions, including mouse movements, clicks, scroll events and more. The plugin makes it quick and easy to install Mouseflow on your WordPress-site.\u003C\u002Fp>\n","Mouseflow gives you free and easy-to-use conversion and user experience analytics for your website. Analyze conversion funnels, heatmaps and even sess &hellip;",7000,89360,"2023-09-26T07:43:00.000Z","6.3.8","4.5.0",[93,94,83,95,96],"analytics","heatmaps","user-behaviour","ux","https:\u002F\u002Fmouseflow.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmouseflow-for-wordpress.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":45,"last_updated":110,"tested_up_to":47,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":119,"download_link":120,"security_score":44,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"ksef-for-flexible-invoices","Flexible Invoices for WooCommerce – KSeF Add-on","2.2.3","wpdesk","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdesk\u002F","\u003Cp>KSeF – invoice registration from Flexible Invoices is a WordPress plugin that lets you send invoices directly to KSeF (Polish National e-Invoice System). It works as an extension for Flexible Invoices and uses the official KSeF API provided by the Polish Ministry of Finance.\u003C\u002Fp>\n\u003Cp>The plugin allows you to submit invoices from WordPress and WooCommerce straight to KSeF, without exports or external systems. invoice status, KSeF reference numbers, and error messages are all available inside the WordPress dashboard.\u003C\u002Fp>\n\u003Cp>This plugin is an add-on for \u003Ca href=\"https:\u002F\u002Fwpdesk.link\u002Ffi-rm\" rel=\"nofollow ugc\">Flexible Invoices\u003C\u002Fa> and therefore requires the Flexible Invoices plugin in min. version min. 6.2.0.\u003Cbr \u002F>\nIf you also want to use automatic invoice generation, or issue invoices in the OSS standard, opt for the \u003Ca href=\"https:\u002F\u002Fwpdesk.link\u002Fksef-fi-rm\" rel=\"nofollow ugc\">Flexible Invoices PRO\u003C\u002Fa> in version 5.3.0 or higher.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Direct invoice registration to KSeF from Flexible Invoices\u003C\u002Fli>\n\u003Cli>One-click sending of individual invoices to KSeF\u003C\u002Fli>\n\u003Cli>Bulk invoice registration to the National e-Invoice System (KSeF)\u003C\u002Fli>\n\u003Cli>Clear KSeF status displayed in the invoice list\u003C\u002Fli>\n\u003Cli>Dedicated KSeF metabox showing:\n\u003Cul>\n\u003Cli>invoice registration status\u003C\u002Fli>\n\u003Cli>registration date\u003C\u002Fli>\n\u003Cli>KSeF reference ID\u003C\u002Fli>\n\u003Cli>KSeF API error messages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Integration with the official KSeF API\u003C\u002Fli>\n\u003Cli>Full compatibility with \u003Ca href=\"https:\u002F\u002Fwpdesk.link\u002Ffi-rm\" rel=\"nofollow ugc\">Flexible Invoices\u003C\u002Fa> and  \u003Ca href=\"https:\u002F\u002Fwpdesk.link\u002Fksef-fi-rm\" rel=\"nofollow ugc\">Flexible Invoices PRO\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How it works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflexible-invoices\u002F\" rel=\"ugc\">Flexible Invoices\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>After installing the plugin, go to Invoices \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Reports \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> KSeF to connect the store with the invoice system.\u003C\u002Fli>\n\u003Cli>Enter your KSeF API credentials in the plugin settings.\u003C\u002Fli>\n\u003Cli>Send invoices to KSeF:\n\u003Cul>\n\u003Cli>individually with one click\u003C\u002Fli>\n\u003Cli>in bulk using bulk actions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Monitor invoice status and KSeF details directly in WordPress.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Data Use Policy\u003C\u002Fh3>\n\u003Cp>This plugin connects to the official KSeF API (provided by the Polish Ministry of Finance) to send invoices generated by the Flexible Invoices plugin.\u003C\u002Fp>\n\u003Cp>This connection is required to send and verify electronic invoices (FA(2)).\u003C\u002Fp>\n\u003Cp>When sending a document, the following data is transmitted:\u003Cbr \u002F>\n– Invoice data (required by law)\u003Cbr \u002F>\n– Your KSeF access token or credentials (configured in plugin settings)\u003C\u002Fp>\n\u003Cp>This service is provided by the Ministry of Finance of the Republic of Poland:\u003Cbr \u002F>\n1. \u003Ca href=\"https:\u002F\u002Fwww.podatki.gov.pl\u002Fksef\u002F\" rel=\"nofollow ugc\">API documentation\u003C\u002Fa>\u003Cbr \u002F>\n2. \u003Ca href=\"https:\u002F\u002Fwww.gov.pl\u002Fweb\u002Fgov\u002Fpolityka-prywatnosci\" rel=\"nofollow ugc\">Privacy policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>WP Desk plugins collect anonymous diagnostic and configuration data to enhance product quality, stability, and alignment with user needs. This data is securely transmitted once after plugin activation and once a week later on, to WP Desk’s servers at testsdata.wpdesk.org and data.wpdesk.org for statistical analysis, technical issue identification, and plugin performance optimization.\u003Cbr \u002F>\nAll data collection is conducted anonymously, without storing personal, financial, or sensitive business information. The application does not collect data without users knowledge. Data collection requires an users opt-in through the plugin settings.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpdesk.pl\u002Fsk\u002Fdocs-fi-ksef\" rel=\"nofollow ugc\">Learn more about it in docs\u003C\u002Fa>\u003C\u002Fp>\n","Easily send invoices from Flexible Invoices straight to KSeF using the official Ministry of Finance API.",400,4103,80,"2026-04-13T09:57:00.000Z","6.4","7.4",[114,115,116,117,118],"flexible-invoices","invoice","invoices","ksef","woocommerce","https:\u002F\u002Fwww.wpdesk.pl\u002Fsklep\u002Ffaktury-ksef\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fksef-for-flexible-invoices.2.2.3.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":44,"downloaded":129,"rating":130,"num_ratings":45,"last_updated":131,"tested_up_to":47,"requires_at_least":132,"requires_php":112,"tags":133,"homepage":137,"download_link":138,"security_score":44,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"nelio-session-recordings","Nelio Session Recordings","1.7.0","Nelio Software","https:\u002F\u002Fprofiles.wordpress.org\u002Fnelio\u002F","\u003Cp>\u003Cstrong>PLAYBACK YOUR VISITORS ACTIVITY RECORDINGS LIKE A VIDEO THAT YOU CAN WATCH\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fneliosoftware.com\u002Fsession-recordings\u002F?utm_source=wordpressorg&utm_medium=referral&utm_campaign=nelio-session-recordings\" rel=\"nofollow ugc\">Nelio Session Recordings\u003C\u002Fa> helps you watch recordings of real user behavior on your site, including mouse movements, clicks, scroll events, and more. Learn what frustrates users and resolve issues early.\u003C\u002Fp>\n\u003Cp>Automatically record everything your visitors do on your website. The sessions can be replayed, rewatched, and analyzed later. You can see exactly what they see, just like you’re sitting next to them.\u003C\u002Fp>\n\u003Cp>Watch a replay of people navigating your website to see what’s preventing them from converting. See how people interacted with products, what they added to cart, and what kept them from buying.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Nelio Session Recordings\u003C\u002Fstrong> is a great solution for UX designers, marketing professionals, customer support teams, and everyone who works with websites.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fneliosoftware.com\u002Fsession-recordings\u002F?utm_source=wordpressorg&utm_medium=referral&utm_campaign=nelio-session-recordings\" rel=\"nofollow ugc\">MORE INFORMATION\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fnelio-session-recordings\u002F\" rel=\"ugc\">SUPPORT FORUM\u003C\u002Fa>\u003C\u002Fp>\n","Record everything visitors do on your website and learn more about your users",3530,20,"2026-04-08T08:55:00.000Z","6.6",[93,134,83,135,136],"insights","recordings","sessions","https:\u002F\u002Fneliosoftware.com\u002Fsession-recordings\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnelio-session-recordings.1.7.0.zip",{"attackSurface":140,"codeSignals":164,"taintFlows":174,"riskAssessment":175,"analyzedAt":186},{"hooks":141,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":13,"unprotectedCount":13},[142,148,152,156],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_menu","wp_sefurls_options","wp-sef-urls.php",28,{"type":143,"name":149,"callback":150,"file":146,"line":151},"init","sefulr_links_rewrite",74,{"type":153,"name":154,"callback":155,"file":146,"line":23},"filter","user_trailingslashit","remcat_function",{"type":153,"name":154,"callback":157,"priority":158,"file":146,"line":159},"sefurl_slash",10,93,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":166,"outputEscaping":168,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":173},[],{"prepared":13,"raw":13,"locations":167},[],{"escaped":13,"rawEcho":45,"locations":169},[170],{"file":146,"line":171,"context":172},51,"raw output",[],[],{"summary":176,"deductions":177},"The \"wp-sef-urls\" plugin v0.1 exhibits a seemingly strong security posture based on the provided static analysis. It boasts zero identified entry points from common attack vectors like AJAX handlers, REST API routes, shortcodes, and cron events. Furthermore, the absence of dangerous functions, file operations, external HTTP requests, and any recorded vulnerabilities in its history are positive indicators.  The plugin also appears to be diligent in its use of prepared statements for SQL queries.\n\nHowever, a significant concern arises from the complete lack of output escaping. This means that any data displayed to users, even if it doesn't originate from a direct user input, could potentially be injected with malicious content.  The absence of nonce and capability checks across all potential (though currently zero) entry points also represents a potential weakness. While there are no reported vulnerabilities, this can sometimes indicate a lack of thorough security testing rather than inherent security.  Therefore, while the plugin demonstrates good practices in some areas, the unescaped output is a critical oversight that introduces a tangible risk of cross-site scripting (XSS) vulnerabilities.\n\nIn conclusion, \"wp-sef-urls\" v0.1 has a very limited attack surface and appears to handle database interactions securely. The lack of vulnerability history is a positive sign. Nevertheless, the critical omission of output escaping represents a significant security flaw that requires immediate attention. The absence of explicit authorization checks on any potential future entry points also suggests a potential for insecure development practices if the plugin's functionality expands.",[178,181,184],{"reason":179,"points":180},"100% of outputs are not properly escaped",8,{"reason":182,"points":183},"No capability checks found",4,{"reason":185,"points":183},"No nonce checks found","2026-04-16T11:20:50.867Z",{"wat":188,"direct":193},{"assetPaths":189,"generatorPatterns":190,"scriptPaths":191,"versionParams":192},[],[],[],[],{"cssClasses":194,"htmlComments":195,"htmlAttributes":196,"restEndpoints":197,"jsGlobals":198,"shortcodeOutput":199},[],[],[],[],[],[],{"error":201,"url":202,"statusCode":203,"statusMessage":204,"message":204},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-sef-urls\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":206},[]]