[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvCdLH7T1ovzljuewxMdkqhDq4ypZ6Uwkv30HB4m9khc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":46,"crawl_stats":36,"alternatives":54,"analysis":161,"fingerprints":275},"wp-update-mail-notification","Email Notifications for Updates","1.2.0","AWEOS GmbH","https:\u002F\u002Fprofiles.wordpress.org\u002Faweos\u002F","\u003Cp>Automatic E-mail notifications for outdated plugins. Select multiple recipients and use our beautiful E-mail layout with plugin thumbnails.\u003C\u002Fp>\n\u003Ch3>Automatic Notifications where you choose the schedule\u003C\u002Fh3>\n\u003Cp>Do you want to remind yourself or your clients that there are upcoming updates for a WordPress site? Try out this ‘WP Update Notification per Mail’ from AWEOS GmbH.\u003C\u002Fp>\n\u003Ch3>We build a highly customizable admin menu for you to fit the need of your clients\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Choose multiple recipients for the update notice\u003C\u002Fli>\n\u003Cli>Use a scheduled event to send your E-Mail every X days\u003C\u002Fli>\n\u003Cli>Insert your own logo at the top of your message\u003C\u002Fli>\n\u003Cli>Custom subject, subtitle, and header\u002Ffooter content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A beautiful table is shown where the plugins are displayed with the old and new version number and a icon directly grabbed from the WordPress market (if available)\u003C\u002Fp>\n\u003Cp>Let this plugin tell your clients that their need a plugin update and a site maintenance by a professional\u003C\u002Fp>\n\u003Ch3>How secure is your website?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Get information about plugins that need an update\u003C\u002Fli>\n\u003Cli>Hopefully fill a security gap with a simple update\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bug reports and feedback\u003C\u002Fh4>\n\u003Cp>Your feedback is important, if you find bugs or have suggestions write us an E-Mail support@aweos.de\u003C\u002Fp>\n\u003Cp>This plugin was developed by the advertising agency AWEOS.\u003Cbr \u002F>\nImprint \u002F Legal information (German): \u003Ca href=\"https:\u002F\u002Faweos.de\u002Fimpressum\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Faweos.de\u002Fimpressum\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Automatic E-mail notifications for outdated plugins. Select multiple recipients and use our beautiful E-mail layout with plugin thumbnails.",100,4142,0,"2025-04-02T11:09:00.000Z","6.6.5","4.7","7.0",[19,20,21,22,23],"e-mail","new-updates","notice","plugin-update","system","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-update-mail-notification.zip",90,1,"2025-04-04 13:05:55","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2025-2933","email-notifications-for-updates-missing-authorization-to-authenticated-subscriber-arbitrary-options-update","Email Notifications for Updates \u003C= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update","The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awun_import_settings() function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. CVE-2025-26741 is likely a duplicate of this issue.",null,"\u003C=1.1.6","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Missing Authorization","2025-04-22 19:10:37",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd52e644b-a58f-4e09-9e53-e9cbef75e34f?source=api-prod",18,{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":50,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"aweos",10,6220,93,13,89,"2026-04-04T06:25:59.435Z",[55,81,104,125,144],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":24,"tags":70,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":13,"last_vuln_date":80,"fetched_at":29},"wp-hide-backed-notices","Hide Dashboard Notifications","1.4.6","WP Republic","https:\u002F\u002Fprofiles.wordpress.org\u002Fwprepublic\u002F","\u003Cp>Warnings and notices can be helpful for developers as they notify them for debugging issues with their code. Though these notices can be sometimes informative, quite often they become frustrating, inconvenient and even spammy; especially since they are a way of promoting the additional services offered by some plugins. The end result is a bloated WordPress Dashboard where you have to spend a lot of time and energy to close all those nags in order to clear your WordPress website’s backend. Hide Dashboard Notifications allows you to easily turn off those nags and notifications & hide plugin updates. It also stores them under the Notifications Tab where you can review them later if you want to.\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>Save your WordPress Dashboard from Notifications Bloat! Hide all those annoying and spammy notices from your WordPress Dashboard. You can also enable the option to store and view them all together under the Notifications Tab.\u003C\u002Fp>\n\u003Ch3>Hide Dashboard Notifications Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Disables showing Plugin & Theme Notifications on your WordPress Dashboard.\u003C\u002Fli>\n\u003Cli>Disables showing WordPress Notifications from the WordPress Dashboard & Admin Bar.\u003C\u002Fli>\n\u003Cli>Lets you choose if you want to Hide the Dashboard Notifications for administrators(by default) or all backend user roles.\u003C\u002Fli>\n\u003Cli>Shows blocked notifications under the Notifications Tab.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How it works:\u003C\u002Fh3>\n\u003Cp>As is the case with most WordPress sites the number of plugins installed is often quite big and so is the number of notifications popping up on your WordPress Dashboard. We are sure you are familiar with the chaos these can create while you work. As we understand how difficult it is for you to focus on such clutter, we have created the Hide Dashboard Notifications Plugin. It takes care of all plugin notifications for you and allows you to manage them successfully by silencing them so that you work undisturbed within a clear WordPress Dashboard. Hide WordPress Dashboard Notifications is the easiest and most convenient way to deal with dashboard notifications. This way you can declutter your dashboard and stay focused on your work. All you need to do is install the Hide WordPress Dashboard Notifications plugin and choose the settings that suit your needs best. You can choose to hide the notifications coming from the installed plugins so that you get to focus on your work and get things done. You can even opt for hiding the WordPress update notices. As new releases of updates are rolled out frequently, you can choose to silence those notifications for a certain amount of time, or until you finish the issue you are working on. You also have the option of hiding the dashboard notices for only the Administrators of your website. The rest of the users of the WordPress website will still be able to receive the notices. These pop-ups and notices are not deleted. They are simply put on hold. Should you wish to go through them you will find them all perched under the notifications tab of the plugin. This way, you will be able to sort them out at your own convenience,  tackling them successfully. Want to get rid of the annoying notices which is displayed when a new plugin is installed? Then you’re at the right place 🙂 Install our Hide Backend Notifications plugin and all your problem will be solved.\u003C\u002Fp>\n\u003Ch3>Reviews\u003C\u002Fh3>\n\u003Cp>If you have installed the Hide WordPress DashBoard Notifications plugin then go ahead and leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-hide-backed-notices\u002Freviews\u002F\" rel=\"ugc\">review\u003C\u002Fa>. We would be happy to receive your feedback and we will take it seriously into consideration.\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cp>If you find this useful and if you want to contribute, there are three ways:\u003C\u002Fp>\n\u003Col>\n\u003Cli>You can \u003Ca href=\"https:\u002F\u002Fwprepublic.com\u002Fcontact\" rel=\"nofollow ugc\">contact us\u003C\u002Fa> and submit your bug reports, suggestions and requests for features;\u003C\u002Fli>\n\u003Cli>If you want to translate it to your language (there are just a few lines of text), you can use the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-hide-backed-notices\" rel=\"nofollow ugc\">translation project\u003C\u002Fa>;\u003C\u002Fli>\n\u003Cli>Using the plugin is free, but if you want you can support my efforts by donating with Helen Keller International \u003Ca href=\"https:\u002F\u002Fsecure.givewell.org\u002F?charity=helen_keller_initiative\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","Warnings and notices can be helpful for developers as they notify them for debugging issues with their code. Though these notices can be sometimes inf …",20000,290551,78,33,"2026-03-03T21:48:00.000Z","6.7.5","3.0",[71,72,73,74,75],"hide-admin-notices","hide-admin-notifications","hide-dashboard-notifications","hide-nags","hide-wordpress-plugin-update","http:\u002F\u002Fwprepublic.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-hide-backed-notices.1.4.6.zip",99,2,"2024-06-20 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":24,"tags":96,"homepage":102,"download_link":103,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"disable-wp-notification","Disable WP Notification","3.4","Sourabh Agrawal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsourabhasct\u002F","\u003Cp>Showing the notifications related to plugins and themes is not a good idea for all the user roles. Disable WP Notification helps you to disable all the spammy notifications from the entire wordpress dashboard.\u003C\u002Fp>\n\u003Cp>I know sometimes it is require to get the notifications, so considering this, Our experienced developers provide you the following options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable all notifications\u003C\u002Fli>\n\u003Cli>Disable Notifications for all users\u003C\u002Fli>\n\u003Cli>Disable Notifications for all users except admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Disable WP Notification Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Disable all the spammy notifications and clean the Dashboard.\u003C\u002Fli>\n\u003Cli>A panel to show all the disabled notifications.\u003C\u002Fli>\n\u003Cli>Disable the notifications for all the users including admin.\u003C\u002Fli>\n\u003Cli>Disable the notifications for all the users excluding admin. That means, except admin this will work only on the other users.\u003C\u002Fli>\n\u003Cli>Disable theme updates and notification.\u003C\u002Fli>\n\u003Cli>Disable plugin updates.\u003C\u002Fli>\n\u003Cli>Only Admin can manage the settings.\u003C\u002Fli>\n\u003C\u002Ful>\n","Best wordpress plugin to remove all the admin panel notifications in just one click. Including the theme and plugin update notification.",10000,65716,86,12,"2026-03-10T05:53:00.000Z","6.9.4","6.0",[97,98,99,100,101],"disable-admin-notices","disable-dashboard-notifications","disable-plugin-update","disable-theme-update","remove-unwanted-notification","https:\u002F\u002Fsourabhagrawal.com\u002Fdisable-wp-notification","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-wp-notification.3.4.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":11,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":69,"requires_php":24,"tags":117,"homepage":24,"download_link":123,"security_score":124,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"hide-updates","Hide Updates","1.1.5","Upperdog","https:\u002F\u002Fprofiles.wordpress.org\u002Fupperdog\u002F","\u003Cp>This plugin hides update notifications for core, plugin, and theme updates in the WordPress admin. It’s useful for developers and agencies who manage updates through Composer or remote management services like ManageWP, and therefore wants to hide update notices for other users.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Hides WordPress core update notices.\u003C\u002Fli>\n\u003Cli>Hides plugin update notices.\u003C\u002Fli>\n\u003Cli>Hides theme update notices.\u003C\u002Fli>\n\u003Cli>Hides updates link in admin menu and admin bar.\u003C\u002Fli>\n\u003Cli>Blocks access to the updates page for users who are not allowed to see updates.\u003C\u002Fli>\n\u003Cli>Enables developers to specify which users can see updates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Worth noting\u003C\u002Fh3>\n\u003Cp>This plugin is intended for developers and agencies who have good reasons for hiding the updates, for example if they manage updates through Composer or remote management services like ManageWP. This plugin has been tested with ManageWP and ManageWP needs to connect to the site with a user account that is allowed to see updates.\u003C\u002Fp>\n\u003Ch3>Specify allowed users\u003C\u002Fh3>\n\u003Cp>By default, the plugin allows the first registered user (the one who installed the site) to see updates. Developers can use the \u003Ccode>hide_updates_allowed_users\u003C\u002Fcode> filter to specify which users are allowed to see update notifications.\u003C\u002Fp>\n\u003Cp>The following example will allow only users with usernames bill and melinda to see updates:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function site_hide_updates_allowed_users() {\n    $allowed_users = array( 'charlotte', 'bob' );\n    return $allowed_users;\n}\nadd_filter( 'hide_updates_allowed_users', 'site_hide_updates_allowed_users' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","This plugin hides update notifications for core, plugin, and theme updates in the WordPress admin for all everyone except specified users.",6000,41934,4,"2024-03-19T11:14:00.000Z","6.5.8",[118,119,120,121,122],"core-updates","notices","plugin-updates","update","updates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-updates.1.1.5.zip",85,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":26,"downloaded":133,"rating":11,"num_ratings":79,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":24,"tags":137,"homepage":142,"download_link":143,"security_score":124,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"manage-customized-plugin-updates","Manage Customized Plugin Updates","3.2","wsxplugindev","https:\u002F\u002Fprofiles.wordpress.org\u002Fwsxplugindev\u002F","\u003Cp>Are you a web developer or website design company who has installed \u002F customized plugins for your clients and you’re having a hard time managing plugin upgrades? Maybe your client tries to upgrade plugins themselves and you end up losing all the customization done to that plugin.\u003C\u002Fp>\n\u003Cp>Here is a plugin that can help you better manage customized plugins. It displays a message to your clients warning them about doing the upgrade.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Mark any plugin as being customized\u003C\u002Fli>\n\u003Cli>Tags to identify customized plugins on the WordPress plugin page\u003C\u002Fli>\n\u003Cli>Alert to show the customization notes\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>Here’s a plugin that can help you better manage customized plugins and display a message to your clients warning them about doing the upgrade.\u003C\u002Fp>\n","Are you a web developer or website design company who has installed \u002F customized plugins for your clients and you're having a hard time managing  …",12046,"2023-02-10T10:46:00.000Z","6.1.10","4.7.5",[138,139,126,140,141],"block-plugin-update","customized-plugins","plugin-upgrade-custom-notice","restrict-plugin-upgrade","https:\u002F\u002Fwww.webstix.com\u002Fwordpress-plugin-development","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanage-customized-plugin-updates.zip",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":13,"downloaded":152,"rating":13,"num_ratings":13,"last_updated":153,"tested_up_to":135,"requires_at_least":154,"requires_php":155,"tags":156,"homepage":159,"download_link":160,"security_score":124,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"ach-updates-manager","ACh Updates and Notices Manager","1.0.2","ACh","https:\u002F\u002Fprofiles.wordpress.org\u002Fach1992\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fach.li\" rel=\"nofollow ugc\">Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fach-updates-manager\u002F#installation\" rel=\"ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fach-updates-manager\u002Freviews\u002F#new-post\" rel=\"ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>ACh Updates and Notices Manager\u003C\u002Fstrong> is an easy way to manage all your WordPress updates and notifications with one click! for example, Disable all updates or notifications, Disable automatic updates, Hide errors and warnings messages, Update themes and plugins from the zip file and etc.\u003C\u002Fp>\n\u003Ch3>ACh Updates Manager Features You’ll Absolutely love\u003C\u002Fh3>\n\u003Ch4>Disable all WordPress updates and notifications\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>Disable all WordPress core, themes, plugins, and translations updates and notifications.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Hide all notices from WordPress dashboard\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>Disable all notices from the WordPress dashboard. e.g. errors, updates, warning, rate us, license, dismissible and etc.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Disable plugins updates and notifications\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>Disable the WordPress plugins updates and notifications.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Disable themes updates and notifications\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>Disable the WordPress themes updates and notifications.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Disable WordPress core update and notifications\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>Disable the WordPress core update and notifications.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Hide WordPress core update notice\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>Hide WordPress core update notice from the WP dashboard.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Update theme and plugin from zip file\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>This feature allows you to update plugins and themes using a zip file. While upgrading, a backup copy of the old theme or plugin is first created. This allows you to install the old version in case of problems with the new version.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>What Makes The ACh Updates Manager Different?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Powerful free updates and notices manager.\u003C\u002Fli>\n\u003Cli>Easy-To-Setup User Interface.\u003C\u002Fli>\n\u003Cli>It won’t break your website.\u003C\u002Fli>\n\u003Cli>All features in one place! – the only WordPress Plugin that you can manage updates, notices and update plugin from zip file.\u003C\u002Fli>\n\u003Cli>Professional support – if you need any help you can send an email or open a support ticket on the support forum.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>If you want to contribute to the translation, \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fach-updates-manager\" rel=\"nofollow ugc\">please visit our translation section\u003C\u002Fa>. We appreciate all the translation help we can get.\u003C\u002Fp>\n","The ACh Updates and Notices Manager is an easy way to manage all your WordPress updates and notifications with one click!",1404,"2022-11-02T23:29:00.000Z","4.6","5.6",[157,158,119,120,121],"disable-notices","disable-updates","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fach-updates-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fach-updates-manager.zip",{"attackSurface":162,"codeSignals":219,"taintFlows":258,"riskAssessment":259,"analyzedAt":274},{"hooks":163,"ajaxHandlers":200,"restRoutes":206,"shortcodes":207,"cronEvents":208,"entryPointCount":27,"unprotectedCount":27},[164,170,175,180,183,187,191,196],{"type":165,"name":166,"callback":167,"file":168,"line":169},"action","admin_enqueue_scripts","awun_admin_enqueue","enqueue.php",11,{"type":165,"name":171,"callback":172,"file":173,"line":174},"awun-scheduled","awun_send_email","mailing.php",56,{"type":176,"name":177,"callback":178,"file":173,"line":179},"filter","awun-mail-subject","awun_mail_text_filter",147,{"type":176,"name":181,"callback":178,"file":173,"line":182},"awun-mail-content",148,{"type":165,"name":184,"callback":185,"file":186,"line":45},"admin_init","awun_register_setting","options-page\\options-page.php",{"type":165,"name":188,"callback":189,"file":186,"line":190},"admin_menu","awun_create_menu",21,{"type":176,"name":192,"callback":193,"file":194,"line":195},"cron_schedules","awun_user_defined_schedule","plugin.php",96,{"type":165,"name":197,"callback":198,"file":194,"line":199},"plugins_loaded","awun_load_textdomain",125,[201],{"action":202,"nopriv":203,"callback":204,"hasNonce":203,"hasCapCheck":203,"file":194,"line":205},"awun-send-test-email",false,"awun_send_test_email",119,[],[],[209,211,213,215,217],{"hook":171,"callback":171,"file":186,"line":210},30,{"hook":171,"callback":171,"file":186,"line":212},34,{"hook":171,"callback":171,"file":186,"line":214},38,{"hook":171,"callback":171,"file":186,"line":216},42,{"hook":171,"callback":171,"file":186,"line":218},46,{"dangerousFunctions":220,"sqlUsage":221,"outputEscaping":223,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":257},[],{"prepared":13,"raw":13,"locations":222},[],{"escaped":13,"rawEcho":224,"locations":225},15,[226,230,232,233,234,237,239,241,243,245,247,249,251,253,255],{"file":227,"line":228,"context":229},"options-page\\export.php",26,"raw output",{"file":231,"line":51,"context":229},"options-page\\import.php",{"file":231,"line":216,"context":229},{"file":231,"line":218,"context":229},{"file":235,"line":236,"context":229},"options-page\\options-page-render.php",23,{"file":235,"line":238,"context":229},47,{"file":235,"line":240,"context":229},83,{"file":235,"line":242,"context":229},112,{"file":235,"line":244,"context":229},144,{"file":235,"line":246,"context":229},173,{"file":235,"line":248,"context":229},189,{"file":235,"line":250,"context":229},213,{"file":235,"line":252,"context":229},219,{"file":186,"line":254,"context":229},75,{"file":194,"line":256,"context":229},115,[],[],{"summary":260,"deductions":261},"The wp-update-mail-notification plugin v1.2.0 exhibits a concerning security posture primarily due to a significant lack of authorization checks and a history of past vulnerabilities. While the static analysis indicates no dangerous functions or SQL injection risks due to prepared statements, the presence of unprotected AJAX handlers presents a direct entry point for potential attackers. The complete absence of output escaping on 15 identified outputs is a critical weakness, meaning that any data processed by these outputs could be rendered directly in the browser, opening the door for cross-site scripting (XSS) attacks. The plugin also lacks nonce and capability checks, further exacerbating the risk associated with its unprotected entry points. The vulnerability history, including a past high-severity vulnerability related to missing authorization, suggests a pattern of insecure coding practices. Although there are no currently unpatched vulnerabilities, the past incidents and the current code analysis highlight a need for significant security improvements to mitigate the risks of unauthorized access and data manipulation.",[262,265,267,270,272],{"reason":263,"points":264},"1 unprotected AJAX handler",8,{"reason":266,"points":48},"0% of outputs properly escaped",{"reason":268,"points":269},"0 nonce checks",7,{"reason":271,"points":269},"0 capability checks",{"reason":273,"points":224},"1 past high severity vulnerability","2026-03-16T20:41:56.979Z",{"wat":276,"direct":283},{"assetPaths":277,"generatorPatterns":279,"scriptPaths":280,"versionParams":281},[278],"\u002Fwp-content\u002Fplugins\u002Fwp-update-mail-notification\u002Foptions-page\u002Foptions-page.js",[],[],[282],"wp-update-mail-notification\u002Foptions-page\u002Foptions-page.js?ver=",{"cssClasses":284,"htmlComments":285,"htmlAttributes":286,"restEndpoints":287,"jsGlobals":288,"shortcodeOutput":290},[],[],[],[],[289],"awun-options-page",[]]