[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHLowhRnKUM-2_7PSdT4TbBsIejIncNRQgQgHXkeqlOk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":130,"fingerprints":180},"wp-tracy","WP Tracy","2.0.1","Martin Hlavac","https:\u002F\u002Fprofiles.wordpress.org\u002Fhlavacm\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnette\u002Ftracy\" rel=\"nofollow ugc\">Tracy\u003C\u002Fa> is an excellent PHP debugger bar from \u003Ca href=\"https:\u002F\u002Fnette.org\" rel=\"nofollow ugc\">Nette\u003C\u002Fa> PHP framework.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fktstudio\u002Fwp-tracy\" rel=\"nofollow ugc\">WP Tracy\u003C\u002Fa> is simple implementation and integration of Tracy into WordPress (for test environment).\u003Cbr \u002F>\nWhen it’s activated, it automatically shows Tracy bar and displays within global WP constants and their values.\u003Cbr \u002F>\nIt’s great for local(host) development.\u003Cbr \u002F>\nSimple setup is available in the Administration Tools menu and some constants are in the code.\u003C\u002Fp>\n","WP Tracy is a plugin that automatically inserts debugger (Nette) Tracy into WordPress.",100,4713,6,"2018-10-04T12:41:00.000Z","4.9.29","4.0","5.4.4",[19,20],"debugger","tracy","https:\u002F\u002Fgithub.com\u002Fktstudio\u002Fwp-tracy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-tracy.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"hlavacm",1,30,84,"2026-04-04T16:15:23.431Z",[35,58,78,96,116],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":11,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"debug-this","Debug This","0.6.7","Razvan Aldea","https:\u002F\u002Fprofiles.wordpress.org\u002Fraldea89\u002F","\u003Cp>For admins, developers, and support staff, \u003Cstrong>Debug This\u003C\u002Fstrong> provides a ton of information about your WordPress installation, all from the front-end admin bar.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>The current WP_Query object\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Blog info and options\u003C\u002Fli>\n\u003Cli>Embed providers\u003C\u002Fli>\n\u003Cli>Files in rendered HTML (CSS, images, JavaScript)\u003C\u002Fli>\n\u003Cli>Filters and actions\u003C\u002Fli>\n\u003Cli>Images sizes\u003C\u002Fli>\n\u003Cli>Globals and constants\u003C\u002Fli>\n\u003Cli>Menus\u003C\u002Fli>\n\u003Cli>Object cache stats\u003C\u002Fli>\n\u003Cli>Plugins, must-use plugins, and dropins\u003C\u002Fli>\n\u003Cli>Rewrite rules\u003C\u002Fli>\n\u003Cli>Queries\u003C\u002Fli>\n\u003Cli>PHP and server information\u003C\u002Fli>\n\u003Cli>Post attachments\u003C\u002Fli>\n\u003Cli>Post types\u003C\u002Fli>\n\u003Cli>Scripts and styles enqueued\u003C\u002Fli>\n\u003Cli>Shortcodes\u003C\u002Fli>\n\u003Cli>Sidebars and widgets\u003C\u002Fli>\n\u003Cli>Taxonomies and terms\u003C\u002Fli>\n\u003Cli>Themes\u003C\u002Fli>\n\u003Cli>Users\u003C\u002Fli>\n\u003Cli>WP cron schedules and jobs\u003C\u002Fli>\n\u003Cli>WP debug log\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Debug This\u003C\u002Fstrong> helps you save time and effort when trying to figure out what’s going on. Instead of hardcoding debug snippets or writing complex unit\u003Cbr \u002F>\ntests for small functionality, you can simply bring to the surface what you need right from the admin bar.\u003C\u002Fp>\n\u003Cp>For example, when viewing a single post, you can see:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>a list of post attachments,\u003C\u002Fli>\n\u003Cli>which menus and sidebars are being displayed,\u003C\u002Fli>\n\u003Cli>the post type, post fields, and meta data,\u003C\u002Fli>\n\u003Cli>the current query variables and query string,\u003C\u002Fli>\n\u003Cli>the rewrite rules applied,\u003C\u002Fli>\n\u003Cli>the author,\u003C\u002Fli>\n\u003Cli>the terms,\u003C\u002Fli>\n\u003Cli>and much more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extend\u003C\u002Fh3>\n\u003Ch4>Debug This Functions\u003C\u002Fh4>\n\u003Cp>New debug modes can be created easily:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_debug_extension(\n    $mode,\n    $menu_label,\n    $description,\n    $callback,\n    $group = 'General'\n);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Example\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_debug_extension(\n    'actions',\n    __('Actions', 'debug-this'),\n    __('$wp_actions contains all active registered actions', 'debug-this'),\n    'foo_callback',\n    'Filters And Actions'\n);\nfunction foo_callback($buffer, $template){\n    global $wp_actions;\n    $debug = print_r($wp_actions, true);\n    return $debug;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can add links to the header of a debug mode page. Place this code within your debug callback function.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_debug_header_link('http:\u002F\u002Furltolink', 'Link Label');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Extensions can be removed as well using \u003Ccode>remove_debug_extension($mode);\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>No PRE Tags\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you don’t want your debug output to be enclosed in PRE tags, simply set the following in your extension:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Debug_This::$no_pre = true;\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Saved Queries and Execution Time\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Retrieve saved queries and execution time by using the following static properties:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>Debug_This::$execution_time\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>Debug_This::$queries\u003C\u002Fcode> – SAVEQUERIES must defined as true\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>URL Helpers\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>Debug_This::get_current_debug_url()\u003C\u002Fcode> – current URL with the debug query\u003C\u002Fli>\n\u003Cli>\u003Ccode>Debug_This::get_escape_url()\u003C\u002Fcode> – used for the debug escape link that links to original page URL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP Actions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>debug_this\u003C\u002Fcode> – receives the $mode arg – outputs the debug code sent from the extension modes. The default action is set to priority 5. This allows you to prepend or append any output without conflict using less or greater priorities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP Filters\u003C\u002Fh4>\n\u003Cp>There are a few filters you can use to customize Debug This to your needs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>debug_this_template\u003C\u002Fcode> – receives $template arg – Use your own template\u003C\u002Fli>\n\u003Cli>\u003Ccode>debug_this_default_mode\u003C\u002Fcode>  – receives $mode arg – Alters the mode for the parent DT admin bar button link.\u003C\u002Fli>\n\u003Cli>\u003Ccode>debug_this_output\u003C\u002Fcode> – receives $output, $mode args – Filter debug content before it’s rendered\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>JavaScript\u003C\u002Fh4>\n\u003Cp>To access the built-in Debug This JS functionality, enqueue your custom script with the dependency set to \u003Ccode>debug-this\u003C\u002Fcode>. Your script will inherit a jQuery dependency.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Object: debugThis\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>debugThis.mode\u003C\u002Fcode> – current mode\u003C\u002Fli>\n\u003Cli>\u003Ccode>debugThis.defaultMode\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>debugThis.template\u003C\u002Fcode> – current included template\u003C\u002Fli>\n\u003Cli>\u003Ccode>debugThis.queryVar\u003C\u002Fcode> – the defined query string variable\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Functions:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>isDebug()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>getDebugMode()\u003C\u002Fcode> – uses \u003Ccode>isDebug()\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Events:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A jQuery \u003Ccode>debug-this\u003C\u002Fcode> event is fired from the footer. You can hook into this event with the following;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>jQuery(document).bind('debug-this', function(event, debugThis){\n    console.log(debugThis);\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Helper Functions\u003C\u002Fh4>\n\u003Cp>There are three included functions to help you work with files.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>debug_this_get_file_ownership($file)\u003C\u002Fcode> – returns \u003Ccode>array('name' => $name, 'group' => $group)\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>debug_this_get_file_perms($file)\u003C\u002Fcode> – returns string – Example: 0775\u003C\u002Fli>\n\u003Cli>\u003Ccode>debug_this_convert_perms_to_rwx($perms)\u003C\u002Fcode> – returns string – converts permission number to RWX format – Example: 0755 folder becomes drwxr-xr-x\u003C\u002Fli>\n\u003C\u002Ful>\n","Peek under the hood with sixty debugging reports just one click away.",2000,158436,96,17,"2025-06-04T08:56:00.000Z","6.8.5","5.2","5.6",[52,19,53,54,55],"debug","developer","hooks","query","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebug-this.0.6.7.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":11,"downloaded":66,"rating":11,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"kint-php-debugger","Kint PHP Debugger","2.0.2","Tonya Mork","https:\u002F\u002Fprofiles.wordpress.org\u002Fhellofromtonya\u002F","\u003Cp>This WordPress plugin is a wrapper for the \u003Ca href=\"https:\u002F\u002Fkint-php.github.io\u002Fkint\u002F\" rel=\"nofollow ugc\">Kint\u003C\u002Fa> PHP Debugger utility version 1.x.  Now instead of using var_dump() or print_r(), you simply use d() with zero, nadda, no formatting required.\u003C\u002Fp>\n\u003Cp>Use this tool when you are debugging your website, in place of \u003Cstrong>\u003Ca href=\"http:\u002F\u002Fphp.net\u002Fmanual\u002Fen\u002Ffunction.var-dump.php\" rel=\"nofollow ugc\">var_dump()\u003C\u002Fa>\u003C\u002Fstrong>, \u003Cstrong>\u003Ca href=\"http:\u002F\u002Fphp.net\u002Fmanual\u002Fen\u002Ffunction.print-r.php\" rel=\"nofollow ugc\">print_r()\u003C\u002Fa>\u003C\u002Fstrong> and \u003Cstrong>\u003Ca href=\"http:\u002F\u002Fphp.net\u002Fmanual\u002Fen\u002Ffunction.debug-backtrace.php\" rel=\"nofollow ugc\">debug_backtrace()\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>Handy Tools\u003C\u002Fh4>\n\u003Cp>Some handy tools just for the PHP Developer:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>d( $var );\u003C\u002Fcode> to render a collapsible UI container which displays your variable data in “the most informative way”\u003C\u002Fli>\n\u003Cli>\u003Ccode>ddd( $var );\u003C\u002Fcode> same as d() except that it also executes \u003Ccode>die()\u003C\u002Fcode> to halt execution.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here are some variations of \u003Ccode>d()\u003C\u002Fcode> to give you the display you want:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>~d( $var );\u003C\u002Fcode> outputs in plain text format.\u003C\u002Fli>\n\u003Cli>\u003Ccode>+d( $var );\u003C\u002Fcode> disregards depth level limits and outputs everything\u003C\u002Fli>\n\u003Cli>\u003Ccode>!d( $var );\u003C\u002Fcode> shows expanded rich output\u003C\u002Fli>\n\u003Cli>\u003Ccode>-d( $var );\u003C\u002Fcode> attempts to ob_clean() the previous output (dump something inside of HTML)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Profiler\u003C\u002Fh4>\n\u003Cp>Kint even includes a naïve profiler, which can help you analyze which blocks of code take longer than others:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Kint::dump( microtime() ); \u002F\u002F just pass microtime()\nsleep( 1 );\nKint::dump( microtime(), 'after sleep(1)' );\nsleep( 2 );\nddd( microtime(), 'final call, after sleep(2)' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fkint-php-debugger\u002Fscreenshots\u002F\" rel=\"ugc\">screenshot 2\u003C\u002Fa> for what is rendered out in your browser.\u003C\u002Fp>\n\u003Ch3>Admin Bar\u003C\u002Fh3>\n\u003Cp>“KINT ACTIVE” indicator displays in the WordPress admin bar to alert you when the plugin is active.\u003C\u002Fp>\n","Kint is a modern and powerful PHP debugging helper, which requires zero-setup and replaces var_dump(), print_r() and debug_backtrace().",13073,12,"2019-03-11T17:29:00.000Z","5.1.22","3.5","5.3",[52,19,73,74,75],"kint","print_r","var_dump","https:\u002F\u002Fgithub.com\u002FKnowTheCode\u002Fkint-php-debugger","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkint-php-debugger.2.0.2.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":11,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":56,"tags":92,"homepage":94,"download_link":95,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"wp-dbug","wp-dBug","0.2","vhauri","https:\u002F\u002Fprofiles.wordpress.org\u002Fvhauri\u002F","\u003Cp>This plugin is basically a wrapper for the excellent dBug (http:\u002F\u002Fdbug.ospinto.com) class for PHP debugging, written by Kwaku Otchere..\u003C\u002Fp>\n\u003Cp>Instead of var_dump or echo, you can call wp_dbug( $variable ) to get clear, dynamic debug output of strings, arrays, or objects.\u003C\u002Fp>\n\u003Cp>Thanks to @borkweb, the plugin is now compatible with the WP Debug Bar plugin (https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fdebug-bar\u002F) for extra debugging goodness!\u003C\u002Fp>\n","Plugin implements the awesome dBug class created by Kwaku Otchere for use in WordPress plugin debugging",70,6126,2,"2013-01-19T00:07:00.000Z","3.5.2","2.7",[93,52,19,75],"dbug","http:\u002F\u002Fneverblog.net\u002Fwp-dbug","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-dbug.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":11,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":56,"tags":110,"homepage":114,"download_link":115,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"dp-debug-menu","DP Debug Menu","1.0.1","Dan-Lucian Stefancu","https:\u002F\u002Fprofiles.wordpress.org\u002Fde-ce\u002F","\u003Cp>A fast\u002Fsmall debugger integrated into the WordPress Admin Bar, made for identifying the template used for displaying current page.\u003C\u002Fp>\n\u003Cp>It was built for fast debugging old projects or other people’s work.\u003C\u002Fp>\n\u003Cp>It adds some other  potentially useful informations in the dropdown list:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>the current theme (useful for child themes)\u003C\u002Fli>\n\u003Cli>total queries on current page\u003C\u002Fli>\n\u003Cli>execution time\u003C\u002Fli>\n\u003C\u002Ful>\n","Quickly shows the template used for current page, number of queries, and execution time for PHP code.",40,3621,3,"2021-02-10T11:13:00.000Z","5.6.17","3.0",[52,19,111,112,113],"menu","queries","template","https:\u002F\u002Fdreamproduction.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdp-debug-menu.zip",{"slug":117,"name":118,"version":99,"author":62,"author_profile":63,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":11,"num_ratings":123,"last_updated":124,"tested_up_to":69,"requires_at_least":125,"requires_php":50,"tags":126,"homepage":128,"download_link":129,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"debug-toolkit","Debug Toolkit","\u003Cp>Debug Toolkit makes debugging your code easier and more enjoyable.  It provides you with interactive and helpful tools:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Better PHP error interface from (\u003Ca href=\"http:\u002F\u002Ffilp.github.io\u002Fwhoops\u002F\" rel=\"nofollow ugc\">Whoops\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Better variable inspection – no need to use \u003Ccode>var_dump\u003C\u002Fcode>, \u003Ccode>print_r\u003C\u002Fcode>, or X-debug\u003C\u002Fli>\n\u003Cli>An interactive way to back trace the program’s execution order\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Better PHP Error Interface from Whoops\u003C\u002Fh3>\n\u003Cp>The built-in PHP error container is basic and not as helpful as it could be.  On top of that, it’s rather ugly. Wouldn’t you agree?\u003C\u002Fp>\n\u003Cp>Whoops gives you a cool interface that is helpful, interactive, and quite nice to look at.  Some features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Provides the error message and links to search Google, DuckDuckGo, and Stack Overflow.\u003C\u002Fli>\n\u003Cli>Shows the actual code where the error occurred.\u003C\u002Fli>\n\u003Cli>Provides an interactive call stack.  Click each and the actual code appears in the viewer panel.\u003C\u002Fli>\n\u003Cli>Environment and details including GET Data, POST Data, Files, Cookie, Session, Server\u002FRequest Data, Environment Variables, and Registered Handlers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See the tools in action in this video\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Introducing the Debug Toolkit Plugin for WordPress\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F322351688?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch3>Better Variable Inspection\u003C\u002Fh3>\n\u003Cp>Though X-debug is powerful, it can be difficult to set up and run.  For that reason, it’s common to dump or print out the variable to browser.  But the built-in display for the PHP \u003Ccode>var_dump\u003C\u002Fcode> and \u003Ccode>print_r\u003C\u002Fcode> is basic.\u003C\u002Fp>\n\u003Cp>This plugin includes both two very popular variable dumper tools:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsymfony.com\u002Fdoc\u002Fcurrent\u002Fcomponents\u002Fvar_dumper.html\" rel=\"nofollow ugc\">VarDumper from Symfony\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fkint-php.github.io\u002Fkint\u002F\" rel=\"nofollow ugc\">Kint – a modern and powerful PHP debugging helper\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>VarDumper provides a simple container that displays where you place it.\u003C\u002Fp>\n\u003Cp>On the other hand, Kint provides a more powerful interface that gives you more information such as printing out the expression that was passed into it, the data type, memory size, and the value.\u003C\u002Fp>\n\u003Cp>To make it even easier, the following utility functions are available for you to use in your code:\u003C\u002Fp>\n\u003Ch4>Available Functions for Inspecting Variable Values\u003C\u002Fh4>\n\u003Cp>Let’s explore the functions that are available for you through this plugin.  We’ll use the variable inspectors to dump \u003Ccode>global $post\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>Note: You can pass in any variable or function that returns a value.\u003C\u002Fp>\n\u003Cp>Dumps the given variable(s):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>global $post;\n\n\u002F\u002F VarDumper\nvdump( $post );\n\n\u002F\u002F Kint\ndump( $post );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Dumps the given variable(s) and then exits the program’s execution:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>global $post;\n\n\u002F\u002F VarDumper\nvdump_and_die( $post );\n\n\u002F\u002F Kint\ndump_and_die( $post );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>In addition, there are alias (shorthand) functions available for you if you prefer shorter function names:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>vd()\u003C\u002Fcode> is an alias for \u003Ccode>vdump()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>vdd()\u003C\u002Fcode> and \u003Ccode>vdd()\u003C\u002Fcode> are aliases for \u003Ccode>vdump_and_die()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>d()\u003C\u002Fcode> is an alias for \u003Ccode>dump()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>dd()\u003C\u002Fcode> and \u003Ccode>ddd()\u003C\u002Fcode> are aliases for \u003Ccode>dump_and_die()\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Tracing Call Stack\u003C\u002Fh3>\n\u003Cp>When debugging, there are times when you need to see the order in which functions were called that lead to a certain point in the program.  PHP offers a backtrace that traces back the execution order from the point when the function is invoked.\u003C\u002Fp>\n\u003Cp>To make backtracing easier, this plugin provides you with a \u003Ccode>trace()\u003C\u002Fcode> function and combines it with the variable inspect functions.\u003C\u002Fp>\n\u003Cp>For example, if you wanted to trace the call stack to the start of the loop in your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file, you could use this code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_action( 'loop_start', function() {\n    trace();\n} );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Available Trace Functions\u003C\u002Fh4>\n\u003Cp>Place these functions at the point where you want to trace the call stack.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>trace();\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>trace_vdump();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>vdump()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>trace_dump();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>dump()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>trace_vdump_and_die();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>vdump_and_die()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>trace_dump_and_die();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>dump_and_die()\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, there are alias (shorthand) functions available for you if you prefer shorter function names:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>tracevd();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>vd()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>traced();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>d()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>tracevdd();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>vdd()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>tracedd();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>dd()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>tracevddd();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>vddd()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>traceddd();\u003C\u002Fcode> – Combines \u003Ccode>trace()\u003C\u002Fcode> and \u003Ccode>ddd()\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Admin Bar\u003C\u002Fh3>\n\u003Cp>“DEBUG ACTIVE” indicator displays in the WordPress admin bar to alert you when the plugin is active.\u003C\u002Fp>\n","Code debug made easier and more enjoyable.",20,8785,13,"2019-03-11T15:34:00.000Z","4.9",[127,52,19,74,75],"backtrace","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebug-toolkit","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebug-toolkit.1.0.1.zip",{"attackSurface":131,"codeSignals":153,"taintFlows":172,"riskAssessment":173,"analyzedAt":179},{"hooks":132,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":152,"entryPointCount":24,"unprotectedCount":24},[133,138,141,145],{"type":134,"name":135,"callback":136,"file":137,"line":106},"action","admin_menu","wp_tracy_admin_menu_action","admin.php",{"type":134,"name":139,"callback":140,"file":137,"line":121},"admin_init","wp_tracy_admin_init_action",{"type":134,"name":142,"callback":143,"priority":30,"file":144,"line":121},"admin_notices","wp_tracy_admin_notices_action","index.php",{"type":134,"name":146,"callback":147,"file":144,"line":148},"plugins_loaded","wp_tracy_plugins_loaded_action",58,[],[],[],[],{"dangerousFunctions":154,"sqlUsage":155,"outputEscaping":157,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":171},[],{"prepared":24,"raw":24,"locations":156},[],{"escaped":24,"rawEcho":158,"locations":159},5,[160,163,165,167,169],{"file":137,"line":161,"context":162},37,"raw output",{"file":137,"line":164,"context":162},55,{"file":144,"line":166,"context":162},28,{"file":144,"line":168,"context":162},35,{"file":144,"line":170,"context":162},50,[],[],{"summary":174,"deductions":175},"The \"wp-tracy\" v2.0.1 plugin exhibits a strong overall security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points, coupled with the complete avoidance of dangerous functions and file operations, indicates a well-contained and minimal attack surface.  Furthermore, all SQL queries are correctly implemented using prepared statements, which is a critical security practice for preventing SQL injection vulnerabilities.  The lack of external HTTP requests and the use of secure coding practices for database interactions are positive indicators.\n\nHowever, a significant concern arises from the output escaping analysis.  With 5 total outputs and 0% properly escaped, this represents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities.  Any dynamic data outputted by the plugin that is not properly escaped could be manipulated by attackers to inject malicious scripts, impacting users who interact with the affected content. The absence of recorded vulnerabilities in its history is a positive sign, suggesting a history of secure development or effective patching.  Despite the clean vulnerability history, the unescaped output remains a critical weakness that needs immediate attention.\n\nIn conclusion, while the \"wp-tracy\" plugin demonstrates good practices in attack surface reduction, SQL query handling, and avoiding dangerous functions, the critical flaw in output escaping presents a clear and present danger of XSS.  The strong foundation in other areas is overshadowed by this oversight. Addressing the unescaped output is paramount to improving the plugin's security.",[176],{"reason":177,"points":178},"0% output escaping",15,"2026-03-16T21:08:23.483Z",{"wat":181,"direct":192},{"assetPaths":182,"generatorPatterns":186,"scriptPaths":187,"versionParams":188},[183,184,185],"\u002Fwp-content\u002Fplugins\u002Fwp-tracy\u002Ftracy\u002Fbar.css","\u002Fwp-content\u002Fplugins\u002Fwp-tracy\u002Ftracy\u002Fdumper.css","\u002Fwp-content\u002Fplugins\u002Fwp-tracy\u002Ftracy\u002Ftracy.js",[],[185],[189,190,191],"wp-tracy\u002Ftracy.js?ver=","wp-tracy\u002Fbar.css?ver=","wp-tracy\u002Fdumper.css?ver=",{"cssClasses":193,"htmlComments":196,"htmlAttributes":197,"restEndpoints":198,"jsGlobals":199,"shortcodeOutput":201},[194,195],"tracy-bar","tracy-dumper",[],[],[],[200],"Tracy",[]]