[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBDKUVpFQgquIZoUlPoDKDhMm-3NCerysgdhO_JfRon0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":126,"fingerprints":177},"wpms-site-maintenance-mode","WPMS Site Maintenance Mode","1.0.3","Joshua Parker","https:\u002F\u002Fprofiles.wordpress.org\u002Fparkerj\u002F","\u003Cp>Plugin allows a super admin to put his\u002Fher entire network, main site, or subsites into maintenance mode.\u003C\u002Fp>\n","Provides an interface to make a WPMS network unavailable to everyone during maintenance, except the admin.",20,15535,100,1,"2012-08-27T18:19:00.000Z","3.4.2","3.0","",[20,21,22,23,24],"maintenance","multisite","shutdown","wpms","wpmu","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwpms-site-maintenance-mode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpms-site-maintenance-mode.1.0.3.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"parkerj",5,130,30,84,"2026-04-04T05:57:33.864Z",[40,56,74,93,111],{"slug":41,"name":42,"version":43,"author":7,"author_profile":8,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":28,"num_ratings":28,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":54,"download_link":55,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wpms-sidebar-login-widget","WPMS Sidebar Login Widget","1.9.4","\u003Cp>If you are running a WPMS (Multisite) blogging network, the issue with most login widgets that you add to the main site’s sidebar is that it doesn’t pull the user’s own blog info. That is why the WPMS Sidebar Login Widget was created. Instead of the user trying to remember the login page of their own site\u002Fblog, when a user logs into your main site, the widget will conveniently contain links to navigate to 3 different pages of the user’s blog: dashboard, new post page, and profile page.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Link to Network Admin page (only shows if user logged in is a super admin)\u003C\u002Fli>\n\u003Cli>Link to user’s dashboard\u003C\u002Fli>\n\u003Cli>Link to user’s new post page\u003C\u002Fli>\n\u003Cli>Link to user’s profile page\u003C\u002Fli>\n\u003Cli>Link to forums page\u003C\u002Fli>\n\u003Cli>Subblog registration detection\u003C\u002Fli>\n\u003Cli>Custom CSS settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To make sure it works, activate the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fuser-switching\u002F\" rel=\"ugc\">User Switching\u003C\u002Fa> plugin on the main site only to switch to a different user.\u003C\u002Fp>\n","Adds a sidebar widget to the main site of a WPMU\u002FWPMS install.",50,22785,"2012-02-19T04:23:00.000Z","3.3.2","2.8",[52,21,53,23,24],"login","widget","http:\u002F\u002Fwww.7mediaws.org\u002Fblog\u002Fwpms_sidebar_login_widget.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpms-sidebar-login-widget.1.9.4.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":28,"num_ratings":28,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":18,"tags":69,"homepage":72,"download_link":73,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"limit-blogs-per-user","Limit Blogs Per User","1.4","Brajesh","https:\u002F\u002Fprofiles.wordpress.org\u002Fwrite2brajesh\u002F","\u003Cp>This is a plugin for wpmu\u002Fwpmu+byddypress powered websites, where network administrators can limit the number of blogs a user can signup.\u003Cbr \u002F>\nIt is pretty simple and adds an option to NetworkAdmin->Dashboard->network settings page, where you can limit the number of blogs. No additional frills required.\u003C\u002Fp>\n\u003Cp>What It does\u003C\u002Fp>\n\u003Cp>It adds an option to the Network settings  page when you are logged in as site admin of the wpmu site(or wpmu+buddyppress site),Look at the bottom of options page,and You will see a text box like this asking for number of blogs allowed per user.If you set it to zero(which is the default),It will not restrict the blog registration then.\u003Cbr \u002F>\nFor any support or any questions,please leave a comment at my blog\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fbuddydev.com\u002Fbuddypress\u002Flimit-blogs-per-user-plugin-for-wpmu\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fbuddydev.com\u002Fbuddypress\u002Flimit-blogs-per-user-plugin-for-wpmu\u002F\u003C\u002Fa>\u003Cbr \u002F>\nAnd yeh did I mention \u003Ca href=\"http:\u002F\u002Fblog.strategy11.com\u002F\" rel=\"nofollow ugc\">Steph\u003C\u002Fa> has been very kind in reporting bugs and suggesting fixes.Many Thanks to Steph.\u003C\u002Fp>\n","This plugin is for WordPress Multisite and\u002For WordPress Multisite+buddypress based social network.It limits the number of blogs a user can create.",10,14683,"2011-09-29T07:47:00.000Z","3.2.1","2.5",[70,21,71,23,24],"buddypress","options","http:\u002F\u002Fbuddydev.com\u002Fbuddypress\u002Flimit-blogs-per-user-plugin-for-wpmu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flimit-blogs-per-user.1.4.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":91,"download_link":92,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"advanced-export-for-wp-wpmu","Advanced Export for WP & WPMU","2.9","Ron Rennick","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmuguru\u002F","\u003Cp>\u003Cem>The functionality in this plugin was incorporated into the built in export feature in WordPress 3.0\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Working with a single large export file can be difficult. Use this plugin to create multiple export files that contain sections of your blog. This plugin has been tested on WP  & WPMU versions 2.7 – 2.8.4. The plugin may work on earlier versions of WP\u002FWPMU.\u003C\u002Fp>\n\u003Cp>All restriction options provided in the plugin are \u003Cem>optional\u003C\u002Fem>. If no restrictions are selected, this plugin generates the same export file as the export feature built into WP & WPMU.\u003C\u002Fp>\n\u003Cp>\u003Cem>Features\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Export by any optional combination of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>Date Range\u003C\u002Fem> – Start & end month\u002Fyear\u003C\u002Fli>\n\u003Cli>\u003Cem>Author\u003C\u002Fem> – Same as WP\u002FWPMU built-in export\u003C\u002Fli>\n\u003Cli>\u003Cem>Category\u003C\u002Fem> – Export a specific category\u003C\u002Fli>\n\u003Cli>\u003Cem>Content type\u003C\u002Fem> – Choose either posts or pages\u003C\u002Fli>\n\u003Cli>\u003Cem>Post status\u003C\u002Fem> – Choose Draft, Published, Scheduled or Private\u003C\u002Fli>\n\u003Cli>\u003Cem>Blog Tag\u002FCategory Terms\u003C\u002Fem> – Choose whether to include the blog’s complete list of Tags and\u002For Categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support can be obtained through:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fadvanced-export-for-wp-wpmu?forum_id=10#postform\" rel=\"ugc\">WordPress Forums\u003C\u002Fa>\u003C\u002Fp>\n","Adds an Advanced Export to the Tools menu which allows selective exporting of pages, posts, specific categories and\u002For post statuses by date.",800,52833,74,3,"2015-08-10T12:29:00.000Z","4.8.28","2.7",[90,21,24],"export","http:\u002F\u002Fwpmututorials.com\u002Fplugins\u002Fadvanced-export\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-export-for-wp-wpmu.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":37,"num_ratings":103,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":109,"download_link":110,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"multisite-plugin-manager","Multisite Plugin Manager","3.1.6","Aaron Edwards","https:\u002F\u002Fprofiles.wordpress.org\u002Fuglyrobot\u002F","\u003Cp>Plugin management for WordPress Multisite that supports the native plugins page and the WPMU DEV Pro Sites plugin! Used on thousands of multisite installs across the web.\u003Cbr \u002F>\nPreviously known as \u003Cstrong>WPMU Plugin Manager\u003C\u002Fstrong>, it uses a backend options page to adjust plugin permissions for all the sites in your network.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select what plugins sites have access to\u003C\u002Fli>\n\u003Cli>Choose plugins to Auto-Activate for all new blogs\u003C\u002Fli>\n\u003Cli>Mass activate\u002Fdeactivate a plugin on all sites in your network (Very Handy!)\u003C\u002Fli>\n\u003Cli>Assign special plugin access permissions for specific sites in your network\u003C\u002Fli>\n\u003Cli>And as Super Admin, you can override all these to activate specific plugins on the sites you choose!\u003C\u002Fli>\n\u003Cli>Removes the plugin meta row links (Version, Author, Plugin) and any update messages for blog admins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Also, if you use the excellent \u003Ca href=\"https:\u002F\u002Fpremium.wpmudev.org\u002Fproject\u002Fpro-sites\u002F\" rel=\"nofollow ugc\">Pro Sites plugin from WPMU DEV\u003C\u002Fa> you will be able to charge for access to certain plugins!\u003C\u002Fp>\n\u003Cp>A free plugin by Aaron Edwards of \u003Ca href=\"http:\u002F\u002Fuglyrobot.com\u002F\" rel=\"nofollow ugc\">UglyRobot Web Development\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fuglyrobot\u002Fmultisite-plugin-manager\" rel=\"nofollow ugc\">Contribute on GitHub\u003C\u002Fa>\u003C\u002Fp>\n","The essential plugin for every multisite install! Manage plugin access permissions across your entire multisite network.",200,107575,23,"2020-08-18T01:52:00.000Z","4.9.29","3.7.3",[21,108,24],"plugins","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmultisite-plugin-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-plugin-manager.3.1.6.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":13,"downloaded":119,"rating":28,"num_ratings":28,"last_updated":120,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":121,"homepage":124,"download_link":125,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"buddypress-russian-months","BuddyPress Russian Months","0.4","Slava Abakumov","https:\u002F\u002Fprofiles.wordpress.org\u002Fslaffik\u002F","\u003Cp>Plugin will transform wrong months’ cases (in date) to proper ones (according Russian grammar rules).\u003C\u002Fp>\n\u003Cp>Examples:\u003Cbr \u002F>\n* not “28 September” but “28 сентября” (Eng->Ru);\u003Cbr \u002F>\n* not “28 Сентябрь” but “28 сентября” (incorrect Ru->correct RU)\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fcosydale.com\" rel=\"nofollow ugc\">CosyDale.com\u003C\u002Fa> for more information.\u003C\u002Fp>\n","Plugin will transform wrong months' cases (in date) to proper ones (according Russian grammar rules).",10094,"2011-04-21T20:34:00.000Z",[70,122,123,23,24],"grammar","months","http:\u002F\u002Fcosydale.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-russian-months.0.4.zip",{"attackSurface":127,"codeSignals":143,"taintFlows":164,"riskAssessment":165,"analyzedAt":176},{"hooks":128,"ajaxHandlers":139,"restRoutes":140,"shortcodes":141,"cronEvents":142,"entryPointCount":28,"unprotectedCount":28},[129,135],{"type":130,"name":131,"callback":132,"priority":14,"file":133,"line":134},"action","init","wpms_sitemaint_init","wpms-site-maintenance-mode.php",34,{"type":130,"name":136,"callback":137,"file":133,"line":138},"network_admin_menu","add_admin_subpanel",35,[],[],[],[],{"dangerousFunctions":144,"sqlUsage":145,"outputEscaping":150,"fileOperations":28,"externalRequests":28,"nonceChecks":14,"capabilityChecks":28,"bundledLibraries":163},[],{"prepared":28,"raw":14,"locations":146},[147],{"file":133,"line":148,"context":149},108,"$wpdb->query() with variable interpolation",{"escaped":151,"rawEcho":152,"locations":153},2,4,[154,157,159,161],{"file":133,"line":155,"context":156},128,"raw output",{"file":133,"line":158,"context":156},143,{"file":133,"line":160,"context":156},166,{"file":133,"line":162,"context":156},168,[],[],{"summary":166,"deductions":167},"The \"wpms-site-maintenance-mode\" v1.0.3 plugin exhibits a strong security posture based on the provided static analysis.  The absence of direct attack vectors such as AJAX handlers, REST API routes, shortcodes, and cron events is commendable.  Furthermore, the code signals indicate a general adherence to secure coding practices, with no dangerous functions, file operations, or external HTTP requests identified.  The presence of a nonce check, even with a limited attack surface, is a positive sign.\n\nHowever, there are areas for improvement that introduce minor risks.  The single SQL query is not using prepared statements, which could be a vulnerability if the query involves user-supplied data, albeit the lack of other entry points mitigates this risk significantly.  The output escaping is also not fully implemented, with only 33% of outputs properly escaped, leaving a potential for cross-site scripting (XSS) vulnerabilities if the unescaped outputs are rendered with user-controllable data.  The complete lack of capability checks is a concern for any plugin that might handle sensitive operations, though in this specific case, the limited functionality might render this less critical.  The vulnerability history being clear of any known CVEs is a significant strength, suggesting the plugin has been relatively well-maintained or has not attracted significant security scrutiny in the past.\n\nIn conclusion, the plugin is generally secure due to its minimal attack surface and the absence of critical coding flaws. The primary concerns lie in the non-prepared SQL query and the incomplete output escaping.  The lack of vulnerability history is a positive indicator of stability. Developers should address the identified output escaping issues and consider preparing the SQL query to further harden the plugin.",[168,171,174],{"reason":169,"points":170},"SQL query not using prepared statements",7,{"reason":172,"points":173},"Only 33% of outputs properly escaped",6,{"reason":175,"points":34},"No capability checks found","2026-03-16T22:51:27.242Z",{"wat":178,"direct":187},{"assetPaths":179,"generatorPatterns":182,"scriptPaths":183,"versionParams":184},[180,181],"\u002Fwp-content\u002Fplugins\u002Fwpms-site-maintenance-mode\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwpms-site-maintenance-mode\u002Fimages\u002Fcoffee_machine-256.png",[],[],[185,186],"wpms-site-maintenance-mode\u002Fcss\u002Fstyle.css?ver=","wpms-site-maintenance-mode\u002Fimages\u002Fcoffee_machine-256.png?ver=",{"cssClasses":188,"htmlComments":190,"htmlAttributes":191,"restEndpoints":192,"jsGlobals":193,"shortcodeOutput":194},[189],"motivation-maker",[],[],[],[],[]]