[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7BY1t2laD4g1W1jmdtfCQOka3p7MCYtqoKTqJG_coVw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":142,"fingerprints":197},"wpmu-blog-name-restrictions-override","WPMU Blog Name Restrictions Override","2.0","DeannaS","https:\u002F\u002Fprofiles.wordpress.org\u002Fdeannas\u002F","\u003Cp>When non-site admins sign up for a new blog via the wp-signup.php page, they are subjected to the following restrictions on their site name (that site admins are not subjected to):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* No dashes are allowed.\n* No underscores are allowed.\n* The name can not be all numeric.\n* Name must be at least 4 characters long\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This plugin allows site admins to override each of those restrictions, toggling yes\u002Fno for the first three settings, and adding a minimum length for the name.\u003C\u002Fp>\n\u003Cp>This plugin only affects blog creation via the sign up page. It does not affect blog creation via site admin -> blogs -> new blog\u003C\u002Fp>\n","This plugin provides a way for site admins to allow blog creators more options for blog name (less restrictive than built-in defaults).",10,2850,0,"2010-07-06T14:29:00.000Z","3.0.5","2.7","",[19,20,21],"blog-name","site-admin-tools","wpmu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpmu-blog-name-restrictions-override.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"deannas",7,70,30,84,"2026-04-04T07:09:58.692Z",[35,61,81,103,122],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":13,"last_vuln_date":60,"fetched_at":25},"admin-menu-editor","Admin Menu Editor","1.15","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>Admin Menu Editor lets you manually edit the Dashboard menu. You can reorder the menus, show\u002Fhide specific items, change permissions, and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change menu titles, URLs, icons, CSS classes and so on.\u003C\u002Fli>\n\u003Cli>Organize menu items via drag & drop.\u003C\u002Fli>\n\u003Cli>Change menu permissions by setting the required capability or role.\u003C\u002Fli>\n\u003Cli>Move a menu item to a different submenu. \u003C\u002Fli>\n\u003Cli>Create custom menus that point to any part of the Dashboard or an external URL.\u003C\u002Fli>\n\u003Cli>Hide\u002Fshow any menu or menu item. A hidden menu is invisible to all users, including administrators.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The \u003Ca href=\"http:\u002F\u002Fw-shadow.com\u002FAdminMenuEditor\u002F\" rel=\"nofollow ugc\">Pro version\u003C\u002Fa> lets you set per-role menu permissions, hide a menu from everyone except a specific user, export your admin menu, drag items between menu levels, make menus open in a new window and more. \u003Ca href=\"http:\u002F\u002Famedemo.com\u002Fwpdemo\u002Fdemo.php\" rel=\"nofollow ugc\">Try online demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Additional Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Despite the name, this plugin is not limited to just editing the admin menu. You can also:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create login redirects and logout redirects.\u003C\u002Fli>\n\u003Cli>Allow\u002Fdeny access to specific posts based on user roles.\u003C\u002Fli>\n\u003Cli>Hide plugins on the \u003Cem>Plugins -> Installed Plugins\u003C\u002Fem> page from other users.\u003C\u002Fli>\n\u003Cli>Edit the display name, description, and other plugin details shown on the \u003Cem>Plugins -> Installed Plugins\u003C\u002Fem> page (e.g. for white-labelling).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Shortcodes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin provides a few utility shortcodes. These are mainly intended to help with creating login\u002Flogout redirects, but you can also use them in posts and pages.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[ame-wp-admin]\u003C\u002Fcode> – URL of the WordPress dashboard (with a trailing slash).\u003C\u002Fli>\n\u003Cli>\u003Ccode>[ame-home-url]\u003C\u002Fcode> – Site URL. Usually, this is the same as the URL in the “Site Address” field in \u003Cem>Settings -> General\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[ame-user-info field=\"...\"]\u003C\u002Fcode> – Information about the logged-in user. Parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>field\u003C\u002Fcode> – The part of user profile to display. Supported fields include: \u003Ccode>ID\u003C\u002Fcode>, \u003Ccode>user_login\u003C\u002Fcode>, \u003Ccode>display_name\u003C\u002Fcode>, \u003Ccode>locale\u003C\u002Fcode>, \u003Ccode>user_nicename\u003C\u002Fcode>, \u003Ccode>user_url\u003C\u002Fcode>, and so on.\u003C\u002Fli>\n\u003Cli>\u003Ccode>placeholder\u003C\u002Fcode> – Optional. Text that will be shown if the visitor is not logged in.\u003C\u002Fli>\n\u003Cli>\u003Ccode>encoding\u003C\u002Fcode> – Optional. How to encode or escape the output. This is useful if you want to use the shortcode in your own HTML or JS code. Supported values: \u003Ccode>auto\u003C\u002Fcode> (default), \u003Ccode>html\u003C\u002Fcode>, \u003Ccode>attr\u003C\u002Fcode>, \u003Ccode>js\u003C\u002Fcode>, \u003Ccode>none\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Notes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If you delete any of the default menus they will reappear after saving. This is by design. To get rid of a menu for good, either hide it or change it’s access permissions.\u003C\u002Fli>\n\u003Cli>In the free version, it’s not possible to give a role access to a menu item that it couldn’t see before. You can only restrict menu access further.\u003C\u002Fli>\n\u003Cli>In case of emergency, you can reset the menu configuration back to the default by going to http:\u002F\u002Fexample.com\u002Fwp-admin\u002F?reset_admin_menu=1 (replace example.com with your site URL). You must be logged in as an Administrator to do this.\u003C\u002Fli>\n\u003C\u002Ful>\n","Lets you edit the WordPress admin menu. You can re-order, hide or rename menus, add custom menus and more.",400000,7768111,92,311,"2026-02-20T11:36:00.000Z","6.9.4","5.9","7.4",[52,53,54,55,21],"admin","dashboard","menu","security","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2008\u002F12\u002F20\u002Fadmin-menu-editor-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-menu-editor.1.15.zip",98,2,"2025-09-05 15:11:45",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":11,"last_updated":72,"tested_up_to":73,"requires_at_least":16,"requires_php":17,"tags":74,"homepage":79,"download_link":80,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"disable-user-gravatar","Disable User Gravatar","3.1","Marcus (aka @msykes)","https:\u002F\u002Fprofiles.wordpress.org\u002Fnetweblogic\u002F","\u003Cp>This is a very simple and lightweight plugin that anonymizes default avatars and prevents the user’s gravatar being automatically obtained from gravatar.com based on their registered email. This would be useful for sites where users require an extra layer of privacy, or if you just want to prevent potentially silly or embarrasing avatar accidents.\u003C\u002Fp>\n\u003Cp>If you’re using Identicons or any other generated default avatar, the user should keep a consistent avatar unless they change their registered email.\u003C\u002Fp>\n\u003Cp>You can also disable Gravatar completely and choose a default image to display.\u003C\u002Fp>\n\u003Cp>This plugin is also compatible with other avatar customization plugins such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Favatar-manager\u002F\" rel=\"ugc\">Avatar Manager\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" rel=\"ugc\">BuddyPress\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadd-new-default-avatar\u002F\" rel=\"ugc\">Add New Default Avatar\u003C\u002Fa>, since this plugin specifically prevents the gravatar of a specific user email being used and reverts to the default or user-defined avatar.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important 3.0 Update – BuddyPress users should visit the Settings > Discussion page on your dashboard and choose one of the Disable Gravatar options to restore previous behavior.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have any issues or suggestions, please visit our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-user-gravatar\" rel=\"ugc\">support forums\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you find this plugin useful and would like to say thanks, please leave us a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fdisable-user-gravatar?filter=5\" rel=\"ugc\">5 star review\u003C\u002Fa>!\u003C\u002Fp>\n","Stops WordPress from grabbing a user avatar using their registrated email from gravatar.com.",3000,40294,100,"2022-11-01T16:00:00.000Z","6.1.10",[75,76,77,78,21],"activity-stream","avatar","gravatar","wordpress-mu","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-user-gravatar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-user-gravatar.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":71,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":17,"tags":95,"homepage":98,"download_link":99,"security_score":100,"vuln_count":101,"unpatched_count":101,"last_vuln_date":102,"fetched_at":25},"bp-disable-activation-reloaded","BP Disable Activation Reloaded","1.2.1","Damian","https:\u002F\u002Fprofiles.wordpress.org\u002Ftimersys\u002F","\u003Cp>Based on crashutah, apeatling https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbp-disable-activation\u002F Disables the activation email and automatically activates new users in BuddyPress under a standard WP install and WPMU (multisite).  Also, automatically logs in the new user since the account is already active.\u003C\u002Fp>\n\u003Cp>Basically i updated the plugin and added some features like:\u003C\u002Fp>\n\u003Cp>-Option to turn off automatic login\u003Cbr \u002F>\n-Redirect options after account creation\u003C\u002Fp>\n\u003Cp>Known Bugs:\u003Cbr \u002F>\n-Doesn’t do the automatic login if you allow blog creation during the user creation in WPMU (multisite)\u003C\u002Fp>\n\u003Ch4>Install Multiple plugins at once with WpFavs\u003C\u002Fh4>\n\u003Cp>Bulk plugin installation tool, import WP favorites and create your own lists (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwpfavs\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwpfavs\u002F\u003C\u002Fa>)\u003C\u002Fp>\n\u003Ch4>Increase your twitter followers\u003C\u002Fh4>\n\u003Cp>Increase your Twitter followers with Twitter likebox Plugin (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftwitter-like-box-reloaded\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftwitter-like-box-reloaded\u002F\u003C\u002Fa>)\u003C\u002Fp>\n\u003Ch4>WordPress Social Invitations\u003C\u002Fh4>\n\u003Cp>Enhance your site by letting your users send Social Invitations (\u003Ca href=\"http:\u002F\u002Fwp.timersys.com\u002Fwordpress-social-invitations\u002F?utm_source=social-popup&utm_medium=readme\" rel=\"nofollow ugc\">http:\u002F\u002Fwp.timersys.com\u002Fwordpress-social-invitations\u002F\u003C\u002Fa>)\u003C\u002Fp>\n","Based on crashutah, apeatling plugin Disables the activation email and automatically activates new users in BuddyPress under a standard WP install and &hellip;",900,26606,19,"2014-08-14T15:54:00.000Z","3.9.40","3.6",[96,97,21],"activation","buddypress","http:\u002F\u002Fwww.timersys.com\u002Fplugins-wordpress\u002Fbp-disable-activation-reloaded","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-disable-activation-reloaded.1.2.1.zip",63,1,"2025-09-22 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":16,"requires_php":17,"tags":117,"homepage":120,"download_link":121,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"advanced-export-for-wp-wpmu","Advanced Export for WP & WPMU","2.9","Ron Rennick","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmuguru\u002F","\u003Cp>\u003Cem>The functionality in this plugin was incorporated into the built in export feature in WordPress 3.0\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Working with a single large export file can be difficult. Use this plugin to create multiple export files that contain sections of your blog. This plugin has been tested on WP  & WPMU versions 2.7 – 2.8.4. The plugin may work on earlier versions of WP\u002FWPMU.\u003C\u002Fp>\n\u003Cp>All restriction options provided in the plugin are \u003Cem>optional\u003C\u002Fem>. If no restrictions are selected, this plugin generates the same export file as the export feature built into WP & WPMU.\u003C\u002Fp>\n\u003Cp>\u003Cem>Features\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Export by any optional combination of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>Date Range\u003C\u002Fem> – Start & end month\u002Fyear\u003C\u002Fli>\n\u003Cli>\u003Cem>Author\u003C\u002Fem> – Same as WP\u002FWPMU built-in export\u003C\u002Fli>\n\u003Cli>\u003Cem>Category\u003C\u002Fem> – Export a specific category\u003C\u002Fli>\n\u003Cli>\u003Cem>Content type\u003C\u002Fem> – Choose either posts or pages\u003C\u002Fli>\n\u003Cli>\u003Cem>Post status\u003C\u002Fem> – Choose Draft, Published, Scheduled or Private\u003C\u002Fli>\n\u003Cli>\u003Cem>Blog Tag\u002FCategory Terms\u003C\u002Fem> – Choose whether to include the blog’s complete list of Tags and\u002For Categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support can be obtained through:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fadvanced-export-for-wp-wpmu?forum_id=10#postform\" rel=\"ugc\">WordPress Forums\u003C\u002Fa>\u003C\u002Fp>\n","Adds an Advanced Export to the Tools menu which allows selective exporting of pages, posts, specific categories and\u002For post statuses by date.",800,52833,74,3,"2015-08-10T12:29:00.000Z","4.8.28",[118,119,21],"export","multisite","http:\u002F\u002Fwpmututorials.com\u002Fplugins\u002Fadvanced-export\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-export-for-wp-wpmu.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":71,"num_ratings":101,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":17,"tags":135,"homepage":140,"download_link":141,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"activate-update-services","Activate Update Services","1.0.7","feedmeastraycat","https:\u002F\u002Fprofiles.wordpress.org\u002Ffeedmeastraycat\u002F","\u003Cp>WordPress removes the Update Services ability (Settings – Writing) when you create a network (aka enables WordPress MU\u002FMultisite).\u003Cbr \u002F>\nActivate this plugin to get it back.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This is only for WordPress setups with a network, aka multiple sites, aka multisites,\u003Cbr \u002F>\naka WPMU in WordPress 3 and later.\u003C\u002Fp>\n\u003Cp>This plugin \u003Cem>might\u003C\u002Fem> work with older WordPress MU sites. I haven’t tested it though. If you do, please\u003Cbr \u002F>\nlet me know how it turned out.\u003C\u002Fp>\n\u003Ch3>Files\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u002Factivate-update-services\u002Factivate-update-services.php\u003C\u002Fli>\n\u003Cli>\u002Factivate-update-services\u002FREADME.txt\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress removes the Update Services ability when you create a network. Activate this plugin to get it back.",200,39787,"2016-05-21T21:05:00.000Z","4.5.33","3.0.0",[136,137,138,139,21],"multiusers","network","ping","update-service","http:\u002F\u002Fwww.feedmeastraycat.net\u002Fprojects\u002Frandom-wordpress-plugins\u002Factivate-update-services\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Factivate-update-services.1.0.7.zip",{"attackSurface":143,"codeSignals":170,"taintFlows":183,"riskAssessment":184,"analyzedAt":196},{"hooks":144,"ajaxHandlers":166,"restRoutes":167,"shortcodes":168,"cronEvents":169,"entryPointCount":13,"unprotectedCount":13},[145,152,158,162],{"type":146,"name":147,"callback":148,"priority":149,"file":150,"line":151},"filter","wpmu_validate_blog_signup","validator",9,"cets_blog_name_restrictions_override.php",45,{"type":153,"name":154,"callback":155,"priority":156,"file":150,"line":157},"action","wpmu_options","add_options",5,46,{"type":153,"name":159,"callback":160,"priority":156,"file":150,"line":161},"update_wpmu_options","process_options",47,{"type":153,"name":163,"callback":164,"file":150,"line":165},"plugins_loaded","anonymous",217,[],[],[],[],{"dangerousFunctions":171,"sqlUsage":175,"outputEscaping":177,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":182},[172],{"fn":173,"file":150,"line":165,"context":174},"create_function","add_action( 'plugins_loaded', create_function( '', 'global $cets_Blog_Name_Restrictions_Override; $c",{"prepared":13,"raw":13,"locations":176},[],{"escaped":13,"rawEcho":101,"locations":178},[179],{"file":150,"line":180,"context":181},184,"raw output",[],[],{"summary":185,"deductions":186},"The plugin \"wpmu-blog-name-restrictions-override\" v2.0 exhibits a generally good security posture in terms of its attack surface and data handling, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events. The absence of known vulnerabilities in its history is also a positive indicator. However, the static analysis reveals significant concerns that detract from its overall safety.  The presence of the `create_function` function is a critical red flag, as it's deprecated and can be a vector for code injection if used with user-supplied input, although the analysis does not show any explicit taint flows originating from it. Furthermore, the complete lack of output escaping is highly problematic, meaning any content rendered by the plugin could be vulnerable to cross-site scripting (XSS) attacks if it incorporates any dynamic data. The absence of nonce and capability checks, while not directly exploitable due to the limited attack surface, indicates a lack of robust security practices in general. While the plugin appears to handle SQL queries securely and has no external dependencies, the use of `create_function` and the complete failure to escape output represent substantial risks.",[187,190,192,194],{"reason":188,"points":189},"Dangerous function used (create_function)",15,{"reason":191,"points":29},"100% of outputs are not properly escaped",{"reason":193,"points":156},"0 Nonce checks",{"reason":195,"points":156},"0 Capability checks","2026-03-17T00:15:06.346Z",{"wat":198,"direct":203},{"assetPaths":199,"generatorPatterns":200,"scriptPaths":201,"versionParams":202},[],[],[],[],{"cssClasses":204,"htmlComments":210,"htmlAttributes":211,"restEndpoints":222,"jsGlobals":223,"shortcodeOutput":224},[205,206,207,208,209],"cets_bnro_allowdashes","cets_bnro_allowunderscores","cets_bnro_allownumeric","cets_bnro_allowupper","cets_bnro_minlength",[],[212,213,214,215,216,217,218,219,220,221],"name=\"cets_bnro_allowdashes\"","id=\"cets_bnro_allowdashes\"","name=\"cets_bnro_allowunderscores\"","id=\"cets_bnro_allowunderscores\"","name=\"cets_bnro_allownumeric\"","id=\"cets_bnro_allownumeric\"","name=\"cets_bnro_allowupper\"","id=\"cets_bnro_allowupper\"","name=\"cets_bnro_minlength\"","id=\"cets_bnro_minlenth\"",[],[],[]]