[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fayb8CAUo85FUguBXzMHnG-O1309tnswnbXNbtfaWW9k":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":142,"fingerprints":245},"wp-update-message","WP Update Message","1.2","Jenst","https:\u002F\u002Fprofiles.wordpress.org\u002Fjenst\u002F","\u003Cp>Add a short note about the latest changes in the current post or page.\u003C\u002Fp>\n\u003Cp>WP Update message adds a metabox in admin post or page section. If you updated a post or page with important information you can write a note about it here.\u003C\u002Fp>\n\u003Cp>There are a few optional settings, but the plugin works fine even without changing anything.\u003C\u002Fp>\n\u003Ch4>Settings\u003C\u002Fh4>\n\u003Cp>You can choose a style theme and more.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Published date format (if published date should be included)\u003C\u002Fli>\n\u003Cli>Updated date format (if updated date should be included)\u003C\u002Fli>\n\u003Cli>Position\u003C\u002Fli>\n\u003Cli>HTML\u003C\u002Fli>\n\u003Cli>New row replacement\u003C\u002Fli>\n\u003Cli>Style theme\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a short note about the latest changes in the current post or page.",10,3593,0,"2009-07-26T09:55:00.000Z","2.8","2.6","",[19,20,21,22,23],"admin","message","page","post","update","http:\u002F\u002Fwww.jenst.se\u002F2009\u002F06\u002F14\u002Fwp-update-message\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-update-message.1.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"jenst",7,280,30,84,"2026-04-04T11:39:51.806Z",[38,60,80,100,123],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":13,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":58,"download_link":59,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-quick-update-featured-image","WP Quick Update Featured Image","1.0","CMITEXPERTS SOFTECH LLP","https:\u002F\u002Fprofiles.wordpress.org\u002Fcmitexperts\u002F","\u003Cp>This plugin is used to add and update a post featured image from posts lisitng page in admin panel.\u003C\u002Fp>\n","Adds ability to make available payment method according IP address.",917,100,2,"2018-12-10T06:35:00.000Z","4.9.29","4.0","5.2.4",[54,55,56,57],"featured-image","posts","update-featured-image","update-featured-image-from-listing-page-in-admin-panel","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-quick-update-featured-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quick-update-featured-image.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":47,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":78,"download_link":79,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"reveal-ids-for-wp-admin-25","Reveal IDs","1.6.2","wpseek","https:\u002F\u002Fprofiles.wordpress.org\u002Falphawolf\u002F","\u003Cp>With WordPress 2.5 being released, the IDs on all admin pages have been removed as it is. Propably due to the fact that the common user dont need them. However, for advanced WordPress Users\u002F developers those IDs were quite interesting for some plugins or template tags.\u003C\u002Fp>\n\u003Cp>What this plugin does is to reveal most removed entry IDs on admin pages, showing the entry IDs, as it was in versions prior to 2.5\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Sortable columns for WP 3.1 or higher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fx.com\u002Fwpseek\" title=\"Developer on X\" rel=\"nofollow ugc\">Developer on X\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fbsky.app\u002Fprofile\u002Fcyberblitzbirne.bsky.social\" title=\"Developer on Bluesky\" rel=\"nofollow ugc\">Developer on Bluesky\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Included languages:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German (de_DE) (Thanks to me ;-))\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese (pt_BR) (Thanks for contributing brazilian portuguese language goes to \u003Ca href=\"https:\u002F\u002Fwww.maujor.com\" rel=\"nofollow ugc\">Maurício Samy Silva\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Italian (it_IT) (Thanks for contributing italian language goes to Gianluca Urgese)\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) (Thanks for contributing spanish language goes to \u003Ca href=\"https:\u002F\u002Fwww.es-xchange.com\" rel=\"nofollow ugc\">Karin Sequen\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) (Thanks for contributing russian language goes to \u003Ca href=\"https:\u002F\u002Fgrugl.me\" rel=\"nofollow ugc\">Dimitry German\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Belorussian (by_BY) (Thanks for contributing belorussian language goes to \u003Ca href=\"https:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">FatCow\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) (Thanks for contributing dutch language goes to \u003Ca href=\"https:\u002F\u002Fwpwebshop.com\u002Fpremium-wordpress-plugins\u002F\" rel=\"nofollow ugc\">wpwebshop.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>European Portuguese (pt_PT) (Thanks for contributing european portuguese language goes to \u003Ca href=\"https:\u002F\u002Fthepatientcapacitor.com\u002F\" rel=\"nofollow ugc\">PL Monteiro\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Polish (pl_PL) (Thanks for contributing polish language goes to Simivar)\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO) (Thanks for contributing romanian language goes to \u003Ca href=\"https:\u002F\u002Fwww.jibo.ro\" rel=\"nofollow ugc\">Anunturi Jibo\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Georgian (ge_KA) (Thanks for contributing georgian language goes to \u003Ca href=\"https:\u002F\u002Fwww.onlinecasinobluebook.com\u002F\" rel=\"nofollow ugc\">Online Casino Bluebook\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Swedish (sv_SE) (Thanks for contributing swedish language goes to \u003Ca href=\"https:\u002F\u002Ffjellner.com\u002F\" rel=\"nofollow ugc\">Tor-Bjorn Fjellner\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Ukrainian (uk) (Thanks for contributing ukrainian language goes to \u003Ca href=\"https:\u002F\u002Fwww.everycloudtech.com\u002F\" rel=\"nofollow ugc\">Everycloud\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Looking for more WordPress plugins? Visit \u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Fportfolio\u002F\" rel=\"nofollow ugc\">www.schloebe.de\u002Fportfolio\u002F\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","What this plugin does is to reveal most removed IDs on admin pages, as it was in versions prior to 2.5.",40000,1137575,61,"2026-02-15T13:44:00.000Z","6.9.99","3.0",[75,76,21,22,77],"id","media","wp-admin","https:\u002F\u002Fwww.schloebe.de\u002Fwordpress\u002Freveal-ids-for-wp-admin-25-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freveal-ids-for-wp-admin-25.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":50,"requires_at_least":93,"requires_php":17,"tags":94,"homepage":96,"download_link":97,"security_score":98,"vuln_count":48,"unpatched_count":13,"last_vuln_date":99,"fetched_at":28},"wp-admin-ui-customize","WP Admin UI Customize","1.5.14","gqevu6bsiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fgqevu6bsiz\u002F","\u003Cul>\n\u003Cli>Dashboard\u003C\u002Fli>\n\u003Cli>Display options tab\u003C\u002Fli>\n\u003Cli>Output-meta site\u003C\u002Fli>\n\u003Cli>Admin bar (Toolbar)\u003C\u002Fli>\n\u003Cli>Admin menu (Side menu)\u003C\u002Fli>\n\u003Cli>Management of meta boxes\u003C\u002Fli>\n\u003Cli>Login screen\u003C\u002Fli>\n\u003Cli>Other features.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These to Customization is possible.\u003C\u002Fp>\n\u003Ch3>日本語でのご説明\u003C\u002Fh3>\n\u003Cp>このプラグインは、管理画面UIのカスタマイズをするプラグインです。\u003Cbr \u002F>\n「ダッシュボード」「オプションタブ」「サイトのメタタグ管理」「管理バー」「管理メニュー」「メタボックス」「ログイン画面」\u003Cbr \u002F>\nこれらのカスタマイズを、このプラグインひとつで出来ます。\u003C\u002Fp>\n","Customize the management screen UI.",30000,390623,92,59,"2024-11-20T02:52:00.000Z","4.2",[19,95,21,22,55],"option","http:\u002F\u002Fwpadminuicustomize.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-admin-ui-customize.1.5.14.zip",91,"2024-11-26 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":47,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":121,"download_link":122,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"last-modified-timestamp","Last Modified Timestamp","1.0.6","Evan Mattson","https:\u002F\u002Fprofiles.wordpress.org\u002Faaemnnosttv\u002F","\u003Cp>This plugin adds information to the admin interface about when each post\u002Fpage was last modified (including custom post types!).\u003C\u002Fp>\n\u003Cp>Enhanced areas:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Page\u002Fpost admin tables – added \u003Ccode>Last Modified\u003C\u002Fcode> column which is also sortable.\u003C\u002Fli>\n\u003Cli>Page\u002Fpost edit screen (\u003Ccode>post.php\u003C\u002Fcode>) – added \u003Ccode>Last modified on: *timestamp*\u003C\u002Fcode> to \u003Ccode>Publish\u003C\u002Fcode> meta box.\u003C\u002Fli>\n\u003Cli>Admin messages after editing a page\u002Fpost – ie: \u003Ccode>Post updated. *timestamp* View Post\u003C\u002Fcode>,\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>No options currently available, but the output can be fully customized with filters and the shortcode can be easily customized using attributes!\u003C\u002Fp>\n\u003Ch3>Gutenberg, WordPress 5, and Beyond\u003C\u002Fh3>\n\u003Cp>This plugin does not yet enhance the new editor provided by Gutenberg and introduced as the default editor in WordPress 5.0. No plans exist to add support for this although it may be added in the future.\u003Cbr \u002F>\nOther areas of wp-admin enhanced by the plugin still work, as does the classic editor.\u003C\u002Fp>\n","Adds the last modified time to the admin interface as well as a [last-modified] shortcode to use on the front-end.",8000,83937,28,"2025-08-16T22:01:00.000Z","6.8.5","4.6","5.3",[116,117,118,119,120],"last-modified","modified-time","page-modified","post-modified","updated-at","https:\u002F\u002Fgithub.com\u002Faaemnnosttv\u002Flast-modified-timestamp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-modified-timestamp.1.0.6.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":113,"requires_php":17,"tags":137,"homepage":140,"download_link":141,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"admin-collapse-subpages","Admin Collapse Subpages","2.4","bravokeyl","https:\u002F\u002Fprofiles.wordpress.org\u002Fbravokeyl\u002F","\u003Cp>Simple plugin that allows you to collapse subpages in the Pages admin list also for custom post types that are heirarchial. Especially helpful if you have a ton of pages \u002Fcpt’s with heiararchial set to true. It uses a cookie to save the expand\u002Fcollapse status of your pages.\u003C\u002Fp>\n\u003Cp>This is loosely based on Collapse Sub-Pages by Dan Dietz, which broke with the 3.0 upgrade due to UI changes and hasn’t been updated. I’ve had to rewrite the jQuery to make it work with 3.x versions.\u003C\u002Fp>\n\u003Cp>Because this is a jQuery, it’s possible that they could make additional changes that would break it. I’ll do my best to stay on top of it, but let me know if it stops working.\u003C\u002Fp>\n\u003Ch3>Plugin in your Language\u003C\u002Fh3>\n\u003Cp>From version 2.3 our plugin supports internationalization, which means you can have plugin in your specified language.\u003C\u002Fp>\n\u003Cp>It’s currently available in US English ,UK English, Chinese, Telugu , Serbian.\u003C\u002Fp>\n\u003Ch3>Support us by Translating\u003C\u002Fh3>\n\u003Cp>Go \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fadmin-collapse-subpages\" rel=\"nofollow ugc\">here\u003C\u002Fa> and translate into your language.\u003C\u002Fp>\n\u003Ch3>Special Thanks\u003C\u002Fh3>\n\u003Cp>We specially thank \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Borisa Djuraskovic\u003C\u002Fa> for translating this plugin in Serbian Language.\u003C\u002Fp>\n\u003Cp>What’s new in Version 2.0 ?\u003C\u002Fp>\n\u003Cp>1)Fix en-queuing of scripts .\u003Cbr \u002F>\n2)Expand all , Collapse all links appear only on the pages list not on every list (like plugins ,posts etc.,)\u003Cbr \u002F>\n3)Updated jQuery.cookie.js to 1.4.0\u003C\u002Fp>\n","Using this plugin one can easily collapse\u002Fexpand pages with children and grand children.",4000,46956,98,20,"2019-07-09T17:11:00.000Z","5.2.24",[19,138,21,139,22],"links","pages","https:\u002F\u002Fbravokeyl.com\u002Fadmin-collapse-subpages\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-collapse-subpages.zip",{"attackSurface":143,"codeSignals":168,"taintFlows":194,"riskAssessment":236,"analyzedAt":244},{"hooks":144,"ajaxHandlers":164,"restRoutes":165,"shortcodes":166,"cronEvents":167,"entryPointCount":13,"unprotectedCount":13},[145,151,155,160],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","admin_menu","my_post_options_box","wp-update-message.php",11,{"type":146,"name":152,"callback":153,"file":149,"line":154},"save_post","update_message_save",12,{"type":156,"name":157,"callback":158,"file":149,"line":159},"filter","the_content","update_message_content",13,{"type":146,"name":161,"callback":162,"file":149,"line":163},"wp_head","update_message_style_theme",14,[],[],[],[],{"dangerousFunctions":169,"sqlUsage":170,"outputEscaping":172,"fileOperations":13,"externalRequests":13,"nonceChecks":192,"capabilityChecks":48,"bundledLibraries":193},[],{"prepared":13,"raw":13,"locations":171},[],{"escaped":13,"rawEcho":173,"locations":174},8,[175,178,180,182,184,186,188,190],{"file":149,"line":176,"context":177},34,"raw output",{"file":149,"line":179,"context":177},47,{"file":149,"line":181,"context":177},49,{"file":149,"line":183,"context":177},113,{"file":149,"line":185,"context":177},190,{"file":149,"line":187,"context":177},198,{"file":149,"line":189,"context":177},231,{"file":149,"line":191,"context":177},252,1,[],[195,223],{"entryPoint":196,"graph":197,"unsanitizedCount":221,"severity":222},"wpudma_options (wp-update-message.php:156)",{"nodes":198,"edges":217},[199,204,210,213],{"id":200,"type":201,"label":202,"file":149,"line":203},"n0","source","$_POST",167,{"id":205,"type":206,"label":207,"file":149,"line":208,"wp_function":209},"n1","sink","update_option() [Settings Manipulation]",169,"update_option",{"id":211,"type":201,"label":212,"file":149,"line":203},"n2","$_POST (x4)",{"id":214,"type":206,"label":215,"file":149,"line":185,"wp_function":216},"n3","echo() [XSS]","echo",[218,220],{"from":200,"to":205,"sanitized":219},false,{"from":211,"to":214,"sanitized":219},5,"medium",{"entryPoint":224,"graph":225,"unsanitizedCount":13,"severity":235},"\u003Cwp-update-message> (wp-update-message.php:0)",{"nodes":226,"edges":231},[227,228,229,230],{"id":200,"type":201,"label":202,"file":149,"line":203},{"id":205,"type":206,"label":207,"file":149,"line":208,"wp_function":209},{"id":211,"type":201,"label":212,"file":149,"line":203},{"id":214,"type":206,"label":215,"file":149,"line":185,"wp_function":216},[232,234],{"from":200,"to":205,"sanitized":233},true,{"from":211,"to":214,"sanitized":233},"low",{"summary":237,"deductions":238},"The \"wp-update-message\" v1.2 plugin exhibits a generally positive security posture, particularly concerning its limited attack surface and the absence of known vulnerabilities.  The plugin correctly avoids using dangerous functions and all SQL queries are secured with prepared statements.  Furthermore, it implements nonce and capability checks, which are essential for protecting against unauthorized actions.\n\nHowever, a significant concern arises from the output escaping analysis. With 8 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied or dynamic data displayed by the plugin without proper sanitization could be leveraged by attackers to inject malicious scripts. The taint analysis also revealed one flow with an unsanitized path, which, while not classified as critical or high, warrants attention as it suggests a potential vector for unexpected behavior or exploitation if not properly handled downstream.\n\nThe plugin's vulnerability history shows no recorded CVEs, which is a strong indicator of good security practices in the past.  Despite the concerning output escaping, the lack of historical vulnerabilities suggests that developers have been attentive to security.  Overall, the plugin is strong in its architectural defenses and lack of historical issues, but the complete lack of output escaping is a critical weakness that needs immediate remediation.",[239,242],{"reason":240,"points":241},"0% output escaping",15,{"reason":243,"points":221},"1 unsanitized path flow","2026-03-17T00:25:30.246Z",{"wat":246,"direct":255},{"assetPaths":247,"generatorPatterns":252,"scriptPaths":253,"versionParams":254},[248,249,250,251],"\u002Fwp-content\u002Fplugins\u002Fwp-update-message\u002Fstyle-themes\u002Fgreen.css","\u002Fwp-content\u002Fplugins\u002Fwp-update-message\u002Fstyle-themes\u002Fblue.css","\u002Fwp-content\u002Fplugins\u002Fwp-update-message\u002Fstyle-themes\u002Fred.css","\u002Fwp-content\u002Fplugins\u002Fwp-update-message\u002Fstyle-themes\u002Forange.css",[],[],[],{"cssClasses":256,"htmlComments":258,"htmlAttributes":261,"restEndpoints":262,"jsGlobals":263,"shortcodeOutput":264},[257],"update_message",[259,260],"\u003C!-- WP Updated Message - START -->","\u003C!-- WP Updated Message - END -->",[],[],[],[265],"\u003Cdiv class=\"update_message\">\n\t\t\t\u003Csmall>Updated: %ud%\u003C\u002Fsmall>\n\t\t\t\u003Cp>%ut%\u003C\u002Fp>\n\t\t\u003C\u002Fdiv>"]