[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fv8awsgQgNjZ28f_UcaKuzop-Is23FTlrCn6Vc8VDSOE":3,"$f_Yq4kRrWZGk4R4MX1F3mOkWYuXgrAILsuapXVWlkT_4":230,"$fyIN5lsY36IT-hHnKb3ZOY9rdPOjXZ9_9ZERKa13RFsE":235},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":145,"fingerprints":201},"wpml-edits","WPML Edits","1.0","SimonaIlie","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimonailie\u002F","\u003Cp>Allow in WordPress Admin area to change language code and name for WPML plugin\u003C\u002Fp>\n","Edit language code and name in WPML",10,3011,100,1,"2011-10-03T14:36:00.000Z","3.2.1","",[19,20,21],"change-language-code","change-language-name","wpml","http:\u002F\u002FURI_Of_Page_Describing_Plugin_and_Updates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpml-edits.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":24,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"simonailie",5,70,30,84,"2026-05-20T03:39:28.899Z",[38,60,81,103,125],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":17,"tags":53,"homepage":58,"download_link":59,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"wp-editor-widget","WP Editor Widget","0.6.0","feedmeastraycat","https:\u002F\u002Fprofiles.wordpress.org\u002Ffeedmeastraycat\u002F","\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin still works but it doesn’t really contain any major features that the native Text widget is missing. The plugin is no longer in active developement.\u003C\u002Fp>\n\u003Cp>This plugin adds a rich text widget where the content is edited using the standard WordPress visual editor which most users already are familiar with.\u003Cbr \u002F>\nIt uses the WP core function wp_editor() without adding a custom post type post for each widget making the widget quicker and simpler to edit.\u003C\u002Fp>\n\u003Cp>Feel free to help with developement or issue reporting on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffeedmeastraycat\u002Fwp-editor-widget\" rel=\"nofollow ugc\">Github\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Swedish\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Danish\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-editor-widget\" rel=\"nofollow ugc\">More translations\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Editor Widget adds a rich text widget where the content is edited using the standard WordPress visual editor.",10000,153536,92,18,"2020-11-07T22:20:00.000Z","5.5.18","3.5.1",[54,55,56,21,57],"editor","rich-text","widget","wysiwyg","https:\u002F\u002Fgithub.com\u002Ffeedmeastraycat\u002Fwp-editor-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-editor-widget.0.6.0.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":46,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":79,"download_link":80,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"wpml-widgets","WPML Widgets","1.0.6","Jeroen Sormani","https:\u002F\u002Fprofiles.wordpress.org\u002Fsormano\u002F","\u003Cp>WPML Widgets is a simple to use extension to add a language selector dropdown to your widgets.\u003C\u002Fp>\n\u003Cp>This plugin is the easiest way to add multilingual widgets to your website.\u003C\u002Fp>\n\u003Cp>WPML Widgets is a ultra lightweight plugin, so there will be (about) zero extra loading time.\u003C\u002Fp>\n","WPML Widgets is a simple to use extension to add a language selector dropdown to your widgets.",171964,98,36,"2017-11-28T08:13:00.000Z","4.7.33","3.6",[75,76,21,77,78],"wordpress-multilanguage","wordpress-multilanguage-widget","wpml-widget","wpml-widget-selector","http:\u002F\u002Fjeroensormani.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpml-widgets.1.0.6.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":48,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":101,"download_link":102,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"buddypress-multilingual","WPML Multilingual for BuddyPress and BuddyBoss","1.9.2","Amir Helzer","https:\u002F\u002Fprofiles.wordpress.org\u002Famirhelzer\u002F","\u003Cp>The plugin allows building multilingual \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" rel=\"ugc\">BuddyPress\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.buddyboss.com\u002F\" rel=\"nofollow ugc\">BuddyBoss\u003C\u002Fa> sites with \u003Ca href=\"http:\u002F\u002Fwpml.org\u002F\" rel=\"nofollow ugc\">WPML\u003C\u002Fa>. It works with single-site or multi-site installations. Both the main site and child blogs can run multilingual.\u003C\u002Fp>\n\u003Cp>Guest blogs can choose their language and create multilingual contents. Additionally, each guest can choose the admin language individually .\u003C\u002Fp>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WPML 4.5.x or higher. You must enable ‘languages per directories’ or ‘languages per domain’.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Adds language switching to all BuddyPress\u002FBuddyBoss pages (Activity, Groups, Profile and Register page)\u003C\u002Fli>\n\u003Cli>Allows to select the language when viewing user profiles\u003C\u002Fli>\n\u003Cli>Keeps the language consistent when clicking on different links (by adding the language to links)\u003C\u002Fli>\n\u003Cli>Allows to translate email notifications\u003C\u002Fli>\n\u003Cli>Keeps the entire BuddyPress\u002FBuddyBoss workflow in the current language (create group, change avatars etc.)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need Support?\u003C\u002Fh4>\n\u003Cp>Please submit support requests to \u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwpml.org\u002Fforums\u002Fforum\u002Fenglish-support\u002F\" rel=\"nofollow ugc\">WPML forum\u003C\u002Fa>\u003C\u002Fstrong>. Remember to report:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The versions of BuddyPress\u002FBuddyBoss, WPML and WordPress that you’re using.\u003C\u002Fli>\n\u003Cli>A URL to your site, where we can see the problem happening.\u003C\u002Fli>\n\u003Cli>A description of what you expect to see and what you’re seeing in practice.\u003C\u002Fli>\n\u003C\u002Ful>\n","WPML Multilingual for BuddyPress and BuddyBoss allows BuddyPress and BuddyBoss sites to run fully multilingual using the WPML plugin.",7000,159967,37,"2026-03-17T16:50:00.000Z","6.9.4","4.7","7.2",[97,98,99,100,21],"buddyboss","buddypress","i18n","multilingual","http:\u002F\u002Fwpml.org\u002F?page_id=2890","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-multilingual.1.9.2.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":34,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":17,"tags":117,"homepage":122,"download_link":123,"security_score":13,"vuln_count":14,"unpatched_count":25,"last_vuln_date":124,"fetched_at":27},"simple-yearly-archive","Simple Yearly Archive","2.2.4","wpseek","https:\u002F\u002Fprofiles.wordpress.org\u002Falphawolf\u002F","\u003Cp>Simple Yearly Archive is a rather neat and simple WordPress plugin that allows you to \u003Cstrong>display your archives in a year-based list\u003C\u002Fstrong>. It works mostly like the usual WP archive, but displays all published posts seperated by their year of publication. That said, it’s also possible to restrict the output to certain categories, and much more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>See \u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Fwordpress\u002Fsimple-yearly-archive-plugin\u002F#tabwidget-27592\" title=\"Usage\" rel=\"nofollow ugc\">Usage\u003C\u002Fa> for examples, available parameters and more.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Included languages:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German (de_DE) (Thanks to me ;-))\u003C\u002Fli>\n\u003Cli>German (de_DE_formal) (Thanks for contributing formal german language goes to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpavog\" rel=\"nofollow ugc\">Paul Vogel\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Italian (it_IT) (Thanks for contributing italian language goes to \u003Ca href=\"https:\u002F\u002Fgidibao.net\" rel=\"nofollow ugc\">Gianni Diurno\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) (Thanks for contributing russian language goes to \u003Ca href=\"https:\u002F\u002Fgrugl.me\" rel=\"nofollow ugc\">Dimitry German\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Belorussian (by_BY) (Thanks for contributing belorussian language goes to \u003Ca href=\"https:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">Marcis Gasuns\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Uzbek (uz_UZ) (Thanks for contributing uzbek language goes to \u003Ca href=\"https:\u002F\u002Fwww.comfi.com\" rel=\"nofollow ugc\">Alexandra Bolshova\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>French (fr_FR) (Thanks for contributing french language goes to \u003Ca href=\"https:\u002F\u002Fwww.li-an.fr\u002Fblog\" rel=\"nofollow ugc\">Jean-Michel Meyer\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Chinese (zh_CN) (Thanks for contributing chinese language goes to \u003Ca href=\"https:\u002F\u002Fmarianama.net\" rel=\"nofollow ugc\">Mariana Ma\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Japanese (ja) (Thanks for contributing japanese language goes to \u003Ca href=\"https:\u002F\u002Fstaff.blog.bng.net\" rel=\"nofollow ugc\">Chestnut\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Portuguese Brazil (pt_BR) (Thanks for contributing portuguese brazil language goes to LucasTolle)\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) (Thanks for contributing dutch language goes to Bart Verkerk)\u003C\u002Fli>\n\u003Cli>Spanish (es) (Spanish translation by \u003Ca href=\"https:\u002F\u002Fwww.ibidemgroup.com\" rel=\"nofollow ugc\">Ibidem Group\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Farchiv\u002F\" title=\"Click here for a demo\" rel=\"nofollow ugc\">Click here for a demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fx.com\u002Fwpseek\" title=\"Developer on X\" rel=\"nofollow ugc\">Developer on X\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fbsky.app\u002Fprofile\u002Fcyberblitzbirne.bsky.social\" title=\"Developer on Bluesky\" rel=\"nofollow ugc\">Developer on Bluesky\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Looking for more WordPress plugins? Visit \u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Fportfolio\u002F\" rel=\"nofollow ugc\">www.schloebe.de\u002Fportfolio\u002F\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Simple Yearly Archive is a rather neat and simple Wordpress plugin that allows you to display your archives in a year-based list.",6000,189638,94,"2026-02-15T14:05:00.000Z","6.9.99","3.7",[118,119,120,21,121],"archive","archives","gettext","wp_query","https:\u002F\u002Fwww.schloebe.de\u002Fwordpress\u002Fsimple-yearly-archive-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-yearly-archive.zip","2023-02-13 00:00:00",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":111,"downloaded":133,"rating":13,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":143,"download_link":144,"security_score":48,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"wpml-to-polylang","WPML to Polylang","0.6","Chouby","https:\u002F\u002Fprofiles.wordpress.org\u002Fchouby\u002F","\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Imports languages and WPML options (when the same options exist in Polylang).\u003C\u002Fli>\n\u003Cli>Imports posts and terms languages as well as translations (including for custom post types and custom taxonomies).\u003C\u002Fli>\n\u003Cli>Imports multilingual nav menus.\u003C\u002Fli>\n\u003Cli>Imports strings translations.\u003C\u002Fli>\n\u003Cli>Does not delete WPML data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Important\u003C\u002Fh4>\n\u003Cp>Although WPML data should not be corrupted, as Polylang data are created without deleting anything, \u003Cstrong>make a database backup before proceeding\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>How to proceed?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>De-activate WPML\u003C\u002Fli>\n\u003Cli>Activate Polylang or \u003Ca href=\"https:\u002F\u002Fpolylang.pro\" rel=\"nofollow ugc\">Polylang Pro\u003C\u002Fa> and WPML to Polylang. Do \u003Cstrong>not\u003C\u002Fstrong> create any language with Polylang (they will be imported).\u003C\u002Fli>\n\u003Cli>Go to Tools -> WPML Importer.\u003C\u002Fli>\n\u003Cli>If all checks are passed, then you can click on ‘Import’.\u003C\u002Fli>\n\u003Cli>De-activate WPML to Polylang (You can even delete it).\u003C\u002Fli>\n\u003Cli>Setup a language switcher either as a widget or in nav menus.\u003C\u002Fli>\n\u003Cli>Check that everything is OK.\u003C\u002Fli>\n\u003Cli>If something went wrong and you want to revert to WPML, you can delete Polylang using the red link in the Plugins table. To delete all data created for Polylang, Please read \u003Ca href=\"https:\u002F\u002Fpolylang.pro\u002Fdoc\u002Fhow-to-uninstall-polylang\u002F\" rel=\"nofollow ugc\">how\u003C\u002Fa> \u003Cstrong>before\u003C\u002Fstrong> deleting Polylang. Finally you can re-activate WPML.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>This plugin does not include error management. It has however been tested successfully to migrate a site with about 9,000 posts and media.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>The banner and icon were designed by \u003Ca href=\"http:\u002F\u002Fwww.alexlopez.rocks\u002F\" rel=\"nofollow ugc\">Alex Lopez\u003C\u002Fa>\u003C\u002Fp>\n","Import multilingual data from WPML into Polylang.",152736,20,"2024-11-04T16:05:00.000Z","6.7.5","5.8","5.6",[140,141,100,142,21],"bilingual","importer","polylang","https:\u002F\u002Fpolylang.pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpml-to-polylang.0.6.zip",{"attackSurface":146,"codeSignals":162,"taintFlows":189,"riskAssessment":190,"analyzedAt":200},{"hooks":147,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":25,"unprotectedCount":25},[148,154],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","wp_enqueue_scripts","wpml_edits_scripts_method","wml-edits.php",44,{"type":149,"name":155,"callback":156,"file":152,"line":157},"admin_menu","wpml_edits_admin_menus",53,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":185},[],{"prepared":134,"raw":25,"locations":165},[],{"escaped":25,"rawEcho":167,"locations":168},7,[169,172,175,178,180,182,183],{"file":152,"line":170,"context":171},68,"raw output",{"file":173,"line":174,"context":171},"wpml-edits-ajax.php",29,{"file":176,"line":177,"context":171},"wpml-edits-functions.php",4,{"file":176,"line":179,"context":171},33,{"file":176,"line":181,"context":171},35,{"file":176,"line":91,"context":171},{"file":176,"line":184,"context":171},40,[186],{"name":187,"version":26,"knownCves":188},"jQuery",[],[],{"summary":191,"deductions":192},"The \"wpml-edits\" plugin v1.0 exhibits a mixed security posture. On the positive side, the static analysis reveals no discovered dangerous functions, no file operations, no external HTTP requests, and all SQL queries are performed using prepared statements, which are strong indicators of good security practices for database interactions. Furthermore, the absence of any recorded vulnerabilities in its history, including CVEs of any severity, suggests a generally stable and well-maintained codebase.  However, there are significant areas of concern. The plugin lacks any nonce checks and capability checks, meaning that actions performed by the plugin, if they existed at any entry points, could potentially be exploited by unauthorized users or even through cross-site request forgery if entry points were present. Crucially, 100% of the output escaping is missing, posing a high risk of cross-site scripting (XSS) vulnerabilities if any dynamic data is rendered to the user. The taint analysis also yielded no flows, which is positive but doesn't negate the other identified risks. The limited attack surface (0 entry points) currently mitigates some of these risks, but any future addition of features without addressing the output escaping and authorization checks would significantly increase the plugin's vulnerability.\n\nIn conclusion, while the \"wpml-edits\" plugin v1.0 shows promise with its secure handling of SQL and lack of historical vulnerabilities, the complete absence of output escaping is a critical flaw that leaves it highly susceptible to XSS attacks. The lack of nonce and capability checks also presents a significant security gap. The current low attack surface offers a temporary buffer, but a thorough review and remediation of these identified weaknesses are essential before the plugin can be considered secure for production environments. The strengths lie in its database interactions and historical stability, but the weaknesses in output sanitization and authorization are severe.",[193,196,198],{"reason":194,"points":195},"All output escaping is missing",15,{"reason":197,"points":32},"No nonce checks found",{"reason":199,"points":32},"No capability checks found","2026-04-16T12:52:37.491Z",{"wat":202,"direct":209},{"assetPaths":203,"generatorPatterns":206,"scriptPaths":207,"versionParams":208},[204,205],"\u002Fwp-content\u002Fplugins\u002Fwpml-edits\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwpml-edits\u002Fjs\u002Fscripts.js",[],[205],[],{"cssClasses":210,"htmlComments":214,"htmlAttributes":215,"restEndpoints":226,"jsGlobals":227,"shortcodeOutput":229},[211,212,213],"wpml_error_msgs","wpml_success_msgs","wpml_code_and_name_holder",[],[216,217,218,219,220,221,222,223,224,225],"id=\"old_code_row\"","id=\"new_code_row\"","id=\"old_name_row\"","id=\"new_name_row\"","id=\"old_code_both\"","id=\"new_code_both\"","id=\"old_name_both\"","id=\"new_name_both\"","id=\"edit_wpml_action\"","id=\"wpml_edits_info\"",[],[228],"var we_plugin_url",[],{"error":231,"url":232,"statusCode":233,"statusMessage":234,"message":234},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwpml-edits\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":25,"versions":236},[]]