[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdYMNg-N1_OP7FDIWzRsfqbIV5X9tpmLaWCL4e6T6M9c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":64,"crawl_stats":37,"alternatives":72,"analysis":184,"fingerprints":850},"wps-bidouille","WPS Bidouille","1.33.3","NicolasKulka","https:\u002F\u002Fprofiles.wordpress.org\u002Fnicolaskulka\u002F","\u003Ch4>Français\u003C\u002Fh4>\n\u003Cp>WPS Bidouille fournit des informations sur votre WordPress et contient des outils d’optimisation.\u003C\u002Fp>\n\u003Cp>Vous pourrez ainsi tout connaitre de votre serveur, optimiser certains réglages et télécharger un rapport TXT de ces valeurs.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Masquer les erreurs de connexion\u003C\u002Fli>\n\u003Cli>Retirer les caractères spéciaux des medias téléversées\u003C\u002Fli>\n\u003Cli>Retirer la version de WordPress\u003C\u002Fli>\n\u003Cli>Supprimer le manifeste de Windows Live Writer\u003C\u002Fli>\n\u003Cli>Désactiver les emoji WordPress\u003C\u002Fli>\n\u003Cli>Restreindre le nombre de révisions\u003C\u002Fli>\n\u003Cli>Retirer H1 dans Tiny MCE\u003C\u002Fli>\n\u003Cli>Désactiver l’API REST\u003C\u002Fli>\n\u003Cli>Ajouter le format d’image “Medium Large”\u003C\u002Fli>\n\u003Cli>Désactiver la page auteur et le lien auteur\u003C\u002Fli>\n\u003Cli>Désactiver les utilisateurs dans le sitemap WordPress par défaut\u003C\u002Fli>\n\u003Cli>Supprimer le flux RSS\u003C\u002Fli>\n\u003Cli>Supprimer le flux RSS des commentaires\u003C\u002Fli>\n\u003Cli>Charger la dernière version de jQuery\u003C\u002Fli>\n\u003Cli>Améliorer la vitesse de WooCommerce\u003C\u002Fli>\n\u003Cli>Améliorer la vitesse de Contact Form 7\u003C\u002Fli>\n\u003Cli>Désactiver les endpoints utilisateur de l’API REST\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Ainsi que des outils complémentaires :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Déconnecter toutes les sessions\u003C\u002Fli>\n\u003Cli>Supprimer les données temporaires expirées\u003C\u002Fli>\n\u003Cli>Nettoyer les commentaires indésirables\u003C\u002Fli>\n\u003Cli>Vider les commentaires de la corbeille\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Vous pourrez également réparer et optimiser votre base de données directement depuis WPS Bidouille.\u003C\u002Fp>\n\u003Cp>Enfin, WPS Bidouille vous propose un centre de notifications amélioré permettant en un clin d’oeil de voir ce qu’il convient de mettre à jour, ce qu’il faut supprimer, corriger ou ajuster.\u003C\u002Fp>\n\u003Cp>Pour en savoir plus lisez l’article suivant : \u003Ca href=\"https:\u002F\u002Fwpformation.com\u002Fwps-bidouille\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpformation.com\u002Fwps-bidouille\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Ce plugin vous est gentiment proposé par \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpsbidouille\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> l’hébergeur spécialisé WordPress.\u003C\u002Fp>\n\u003Cp>Découvrez également nos autres extensions gratuites :\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"nofollow ugc\">WPS Limit Login\u003C\u002Fa> pour bloquer les attaques par force brute.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-hide-login\u002F\" rel=\"nofollow ugc\">WPS Hide Login\u003C\u002Fa> pour changer votre URL de connexion en ce que vous voulez.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"nofollow ugc\">WPS Cleaner\u003C\u002Fa> pour nettoyer votre site WordPress.\u003C\u002Fp>\n\u003Cp>Ce plugin est seulement maintenu, ce qui signifie que nous ne garantissons pas un support gratuit. Envisagez de signaler un problème et soyez patient.\u003C\u002Fp>\n\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>WPS Bidouille provides information about your WordPress and contains optimization tools.\u003C\u002Fp>\n\u003Cp>You will be able to know everything about your server, optimize certain settings and download a TXT report of these values.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide connection errors\u003C\u002Fli>\n\u003Cli>Remove special characters from uploaded media\u003C\u002Fli>\n\u003Cli>Remove the version of WordPress\u003C\u002Fli>\n\u003Cli>Remove Windows Live Writer Manifest\u003C\u002Fli>\n\u003Cli>Disable WordPress emoji\u003C\u002Fli>\n\u003Cli>Restrict revision number\u003C\u002Fli>\n\u003Cli>Remove H1 in Tiny MCE\u003C\u002Fli>\n\u003Cli>Disable the REST API\u003C\u002Fli>\n\u003Cli>Add the image format “Medium Large”\u003C\u002Fli>\n\u003Cli>Disable author page and author link\u003C\u002Fli>\n\u003Cli>Disable users in default WordPress sitemap\u003C\u002Fli>\n\u003Cli>Delete the RSS feed\u003C\u002Fli>\n\u003Cli>Remove RSS feed from comments\u003C\u002Fli>\n\u003Cli>Load the latest version of jQuery\u003C\u002Fli>\n\u003Cli>Improve the speed of WooCommerce\u003C\u002Fli>\n\u003Cli>Improve the speed of Contact Form 7\u003C\u002Fli>\n\u003Cli>Disable REST API user endpoints\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>As well as complementary tools:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disconnect all sessions\u003C\u002Fli>\n\u003Cli>Delete expired temporary data\u003C\u002Fli>\n\u003Cli>Clean up unwanted comments\u003C\u002Fli>\n\u003Cli>Empty comments from trash\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also repair and optimize your database directly from WPS Bidouille.\u003C\u002Fp>\n\u003Cp>Finally, WPS Bidouille offers you an enhanced notification center that allows you to see what needs to be updated, what to delete, correct or adjust.\u003C\u002Fp>\n\u003Cp>To learn more read the following article: \u003Ca href=\"https:\u002F\u002Fwpformation.com\u002Fwps-bidouille\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpformation.com\u002Fwps-bidouille\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin is kindly proposed by \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpsbidouille\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> the specialized WordPress web host.\u003C\u002Fp>\n\u003Cp>Discover also our other free extensions:\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"ugc\">WPS Limit Login\u003C\u002Fa> to block brute force attacks.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-hide-login\u002F\" rel=\"ugc\">WPS Hide Login\u003C\u002Fa> to change your login URL to whatever you want.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"ugc\">WPS Cleaner\u003C\u002Fa> to clean your WordPress site.\u003C\u002Fp>\n\u003Cp>This plugin is only maintained, which means we do not guarantee free support. Consider reporting a problem and be patient.\u003C\u002Fp>\n","WPS Bidouille provides information about your WordPress and contains optimization tools.",10000,255782,98,54,"2026-01-28T16:15:00.000Z","6.8.5","4.2","",[20,21,22,23,24],"admin","error","login","tools","transient","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwps-bidouille.1.33.3.zip",96,2,0,"2025-12-02 00:00:00","2026-03-15T15:16:48.613Z",[32,48],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-64238","wps-bidouille-missing-authorization","WPS Bidouille \u003C= 1.33.1 - Missing Authorization","The WPS Bidouille plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.33.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=1.33.1","1.33.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-01-05 14:37:06",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6f2b3c4a-8dc5-459b-ae55-d11fc988dbe8?source=api-prod",35,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"WF-8ddc4593-bdb4-4b01-be28-4317c76ae6b0-wps-bidouille","wps-bidouille-multiple-cross-site-request-forgery","WPS Bidouille \u003C= 1.12.2 - Multiple Cross-Site Request Forgery","The WPS Bidouille plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.2. This is due to missing or incorrect nonce validation on various functions in the '\u002Fclasses\u002Fplugin.php' file. This makes it possible for unauthenticated attackers to access otherwise restricted actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=1.12.2","1.12.4","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2019-07-23 00:00:00","2024-01-22 19:56:02",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8ddc4593-bdb4-4b01-be28-4317c76ae6b0?source=api-prod",1645,{"slug":65,"display_name":7,"profile_url":8,"plugin_count":66,"total_installs":67,"avg_security_score":68,"avg_patch_time_days":69,"trust_score":70,"computed_at":71},"nicolaskulka",9,149090,95,1444,76,"2026-04-04T02:44:29.763Z",[73,99,119,140,162],{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":13,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":87,"tags":88,"homepage":94,"download_link":95,"security_score":96,"vuln_count":97,"unpatched_count":28,"last_vuln_date":98,"fetched_at":30},"wpextended","The Ultimate WordPress Toolkit – WP Extended","3.2.4","WP Extended","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpextended\u002F","\u003Cp>\u003Cstrong>WP Extended is\u003C\u002Fstrong> an all-in-one WordPress management plugin designed to streamline your website administration with an array of powerful features. Ideal for both novice users and seasoned developers, WP Extended provides an intuitive interface that simplifies complex tasks, enhancing your WordPress experience.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FjSdEebTJab0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fr72I2rlS1Pk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fyvc4XgB2pg0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Key Free Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Indexing Notice\u003C\u002Fstrong>. Control the indexing status of your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Video Uploads\u003C\u002Fstrong>. Disable video uploads to save storage space.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Admin Bar\u003C\u002Fstrong>. Hide the admin bar for non-admin users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SMTP Email\u003C\u002Fstrong>. Configure SMTP for reliable email delivery.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rollback Manager\u003C\u002Fstrong>. Revert to previous plugin versions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export Posts & Pages\u003C\u002Fstrong>. Export your content with ease.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export Users\u003C\u002Fstrong>. Export user data easily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Duplicate Pages & Posts\u003C\u002Fstrong>. Quickly duplicate pages and posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Duplicate Menu\u003C\u002Fstrong>. Easily clone existing menus.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick Add Post\u003C\u002Fstrong>. Quickly add new posts from the admin bar.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Type Order\u003C\u002Fstrong>. Customize the order of post types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Code Snippets\u003C\u002Fstrong>. Add custom code to your site without editing theme files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Classic Editor\u003C\u002Fstrong>. Retain the classic editor for a familiar editing experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Profiles\u003C\u002Fstrong>. Simplify user profiles by removing unnecessary fields.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SVG File Upload\u003C\u002Fstrong>. Enable SVG file uploads.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menu Editor\u003C\u002Fstrong>. Menu Editor Nav module gives you advanced navigation menu control, ensuring clean, user-friendly website navigation by hiding or showing which menu items you show by user role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Type Switcher\u003C\u002Fstrong>. Switch between different post types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Attempts\u003C\u002Fstrong>. Limit login attempts to prevent brute force attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg Widgets\u003C\u002Fstrong>. Utilize Gutenberg blocks for enhanced design flexibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maintenance Mode\u003C\u002Fstrong>. Easily enable maintenance mode with a custom message.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Login URL\u003C\u002Fstrong>. Customize the URL of your login page for added security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable XML-RPC\u003C\u002Fstrong>. Disable XML-RPC to protect against certain types of attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide WP Version\u003C\u002Fstrong>. Hide your WordPress version for security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Enumeration\u003C\u002Fstrong>. Prevent user enumeration for enhanced security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Duplicate Pages\u002FPosts\u003C\u002Fstrong>. Quickly duplicate pages and posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pixel Tag Manager\u003C\u002Fstrong>. Manage all your tracking pixels in one place.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Last Login\u003C\u002Fstrong>. Track the last login time of your users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable RSS Feeds\u003C\u002Fstrong>.  Disable RSS feeds on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Obfuscate Author Slugs\u003C\u002Fstrong>. Enhance security by obfuscating author slugs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>404 to Homepage\u003C\u002Fstrong>. Redirect all 404 errors to the homepage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Open All External Links in New Tab\u003C\u002Fstrong>. Automatically open all external links in a new tab.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>External Permalinks\u003C\u002Fstrong>. Manage external permalinks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Switching\u003C\u002Fstrong>. Easily switch between user accounts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Nav Menu Visibility\u003C\u002Fstrong>. Control menu visibility based on user roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>And counting…\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin Column (Pro)\u003C\u002Fstrong>. Advanced customization of admin columns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP Admin Quick Search (Pro)\u003C\u002Fstrong>. Enhanced search capabilities within the admin panel.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Customiser (Pro)\u003C\u002Fstrong>. Extensive customization options for the WordPress admin area.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post & Page Order Pro For Custom Post Types (Pro)\u003C\u002Fstrong>. The Post & Page Order Pro For Custom Post Types module extends your control over content arrangement, allowing you to dictate the order of custom post types beyond the default settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit Login Attempts Unblocking Feature (Pro)\u003C\u002Fstrong>. The Limit Login Attempts Unblocking Feature module provides a remedy for accidentally blocked IPs, offering an unblocking feature to restore access swiftly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick Image (Pro)\u003C\u002Fstrong>. Quickly insert images into posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Blog (Pro)\u003C\u002Fstrong>. Disable blogging features for non-blog sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Comments (Pro)\u003C\u002Fstrong>. Fully control comment settings and disable comments site-wide.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Auto Updates (Pro)\u003C\u002Fstrong>. Control automatic updates with precision.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menu Editor Pro User Control (Pro)\u003C\u002Fstrong>. Customize the WordPress admin menu.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Mode (Pro)\u003C\u002Fstrong>. Comprehensive debugging tools.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Username (Pro)\u003C\u002Fstrong>. Block specific usernames from being used.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Admin Notices (Pro)\u003C\u002Fstrong>. Hide admin notices for a cleaner interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media Trash (Pro)\u003C\u002Fstrong>. Advanced media management features.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media Replace (Pro)\u003C\u002Fstrong>. Replace media files without changing URLs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Dashboard (Pro)\u003C\u002Fstrong>. Customize and clean the WordPress dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpextended.io\u002F\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpextended.io\u002Fmodules\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpextended.io\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpextended.io\u002Fpricing\u002F\" rel=\"nofollow ugc\">Upgrade to Pro!\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwpextended\" rel=\"nofollow ugc\">Our Community\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>What Our Users Say About WP Extended\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>The essential plugin for most of my sites\u003C\u002Fstrong>\u003Cbr \u002F>\n“Great plugin with a multitude of features. Highly recommended.”\u003Cbr \u002F>\n– By @mbrauer\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Very lightweight and easy to use\u003C\u002Fstrong>\u003Cbr \u002F>\n“A rare exceptional plugin with an intuitive interface.”\u003Cbr \u002F>\n– By @AlexGraphicD\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Something for everyone\u003C\u002Fstrong>\u003Cbr \u002F>\n“Thrilled with the plugin, axed 4 others due to its versatility.”\u003Cbr \u002F>\n– By @csully\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Must-have plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n“A must-have with a great team, gets stronger with every update.”\u003Cbr \u002F>\n– By @efstratios\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>WPE is a game changer\u003C\u002Fstrong>\u003Cbr \u002F>\n“This plugin is a game changer for site management.”\u003Cbr \u002F>\n– By @codingmatt\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Nice plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n“Simple, effective, and does exactly what it promises.”\u003Cbr \u002F>\n– By @ronysar\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Unparalleled versatility\u003C\u002Fstrong>\u003Cbr \u002F>\n“Offers unmatched versatility and functionality.”\u003Cbr \u002F>\n– By @sundstedt\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Simply the best all-in-one plugin for agencies\u003C\u002Fstrong>\u003Cbr \u002F>\n“Ideal for agencies, simplifies numerous tasks.”\u003Cbr \u002F>\n– By @jaspercarrot\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>The plugin I always hoped for\u003C\u002Fstrong>\u003Cbr \u002F>\n“Perfect plugin that meets all expectations and needs.”\u003Cbr \u002F>\n– By @crikeymcd\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","SMTP Email, Maintenance Mode, Duplicate Posts & Pages, Duplicate menu, Code Snippets, SVG File upload, Disable Gutenberg, Limit Login Attempts &am …",700,34734,28,"2026-03-05T21:53:00.000Z","6.9.4","5.6","7.4",[89,90,91,92,93],"admin-menu-editor","admin-tools","custom-columns","login-designer","smtp","https:\u002F\u002Fwpextended.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpextended.3.2.4.zip",90,16,"2025-05-27 20:29:22",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":16,"requires_at_least":112,"requires_php":87,"tags":113,"homepage":18,"download_link":118,"security_score":109,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"hibiscus-login-as-customer","Hibiscus Login As Customer for WooCommerce","1.0.1","Hibiscus Technolab","https:\u002F\u002Fprofiles.wordpress.org\u002Fhibiscustechnolab\u002F","\u003Cp>Hibiscus Login As Customer for WooCommerce allows WordPress administrators to securely log in as any WooCommerce customer without needing their password. Ideal for store owners, support teams, and developers, it helps troubleshoot issues, review orders, test checkout flows, and provide personalized support.\u003Cbr \u002F>\nWith a single click, you can impersonate a customer and instantly return to your admin account.\u003C\u002Fp>\n\u003Cp>❤️ \u003Cstrong>Support Hibiscus Technolab!\u003C\u002Fstrong> Consider buying us a coffee to keep this plugin free and maintained:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fbuymeacoffee.com\u002Fhibiscustechnolab\" rel=\"nofollow ugc\">Buy Me a Coffee\u003C\u002Fa>\u003Cbr \u002F>\nHibiscus Login As Customer for WooCommerce – Full Documentation and Demo](https:\u002F\u002Fhibiscustechnolab.com\u002Fhibiscus-login-as-customer-for-woocommerce\u002F)\u003Cbr \u002F>\n\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Log in as any WooCommerce customer without a password.\u003Cbr \u002F>\n* One-click switch back to your admin account.\u003Cbr \u002F>\n* Test customer accounts, carts, and checkout processes.\u003Cbr \u002F>\n* Works with WooCommerce customers and standard WordPress users.\u003Cbr \u002F>\n* Lightweight, secure, and user-friendly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Requirements:\u003C\u002Fstrong>\u003Cbr \u002F>\n* WordPress 6.0 or higher\u003Cbr \u002F>\n* WooCommerce 7.0 or higher\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> If WooCommerce is not installed or active, the plugin will display a notice in the admin dashboard.\u003C\u002Fp>\n","Securely log in as any WooCommerce customer and return to admin with one click.",10,193,100,1,"2025-10-03T17:01:00.000Z","6.0",[90,114,115,116,117],"customer-login","login-as-customer","support","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhibiscus-login-as-customer.1.0.1.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":107,"downloaded":127,"rating":109,"num_ratings":27,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":137,"download_link":138,"security_score":139,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"last-login-tracker-redirect-url","Last Login Tracker & Redirect URL","1.1.0","Khurram Sohail","https:\u002F\u002Fprofiles.wordpress.org\u002Fkhurram50\u002F","\u003Cp>Track the last login time of users and optionally redirect 404 pages to the homepage. Includes an admin settings page.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>✅ Tracks user last login\u003Cbr \u002F>\n✅ Displays last login time in WordPress Users list\u003Cbr \u002F>\n✅ Sortable Last Login column\u003Cbr \u002F>\n✅ Enable\u002FDisable login tracking\u003Cbr \u002F>\n✅ Redirect 404 pages to homepage\u003Cbr \u002F>\n✅ Lightweight & optimized\u003C\u002Fp>\n","Tracks user last login and allows redirection of 404 pages to the homepage.",539,"2025-03-29T20:06:00.000Z","6.7.5","5.0","7.2",[133,90,134,135,136],"404-redirect","last-login","login-tracking","user-activity","https:\u002F\u002Fkhurram.site\u002Fwordpress-plugins\u002Flast-login-tracker-redirect-url\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-login-tracker-redirect-url.1.1.0.zip",92,{"slug":141,"name":142,"version":143,"author":144,"author_profile":145,"description":146,"short_description":147,"active_installs":107,"downloaded":148,"rating":109,"num_ratings":110,"last_updated":149,"tested_up_to":150,"requires_at_least":151,"requires_php":18,"tags":152,"homepage":159,"download_link":160,"security_score":161,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"plug-and-play","Plug & Play","1.2","Bassem Rabia","https:\u002F\u002Fprofiles.wordpress.org\u002Fdjerba\u002F","\u003Cp>\u003Cstrong>Plug and Play\u003C\u002Fstrong> our feautures and turn your WordPress Blog into a \u003Cstrong>Highly Interactive, Elegant and Secure\u003C\u002Fstrong> Blog.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplug-and-play\u002F\" rel=\"ugc\">Read more\u003C\u002Fa> about with this plugin!\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Hide Admin Bar: Disable WordPress Admin bar for front end user, Speedup your web site loading.\u003C\u002Fli>\n\u003Cli>WP Generator Meta Tag Remover: Customize your own website loogin form logo.\u003C\u002Fli>\n\u003Cli>Security Tools:     It can be considered a security risk to make your wordpress version visible and public you should hide it.\u003C\u002Fli>\n\u003Cli>Versus: Shows recently viewed posts by visitor as a sidebar.\u003C\u002Fli>\n\u003Cli>Maintenance Mode: Easily create a maintenance mode page for your WordPress site.\u003C\u002Fli>\n\u003C\u002Ful>\n","Plug and Play our feautures and turn your WordPress Blog into a Highly Interactive, Elegant and Secure Blog.",1497,"2016-07-11T14:28:00.000Z","4.5.33","3.9.0",[153,154,155,156,157,158],"posts-comparator","wordpress-change-login-logo","wordpress-hide-admin-bar","wordpress-security-tools","wp-generator-meta-tag-remover","wp-recents-posts-shows","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplug-and-play\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplug-and-play.zip",85,{"slug":163,"name":164,"version":165,"author":166,"author_profile":167,"description":168,"short_description":169,"active_installs":170,"downloaded":171,"rating":26,"num_ratings":172,"last_updated":173,"tested_up_to":85,"requires_at_least":174,"requires_php":175,"tags":176,"homepage":179,"download_link":180,"security_score":181,"vuln_count":182,"unpatched_count":28,"last_vuln_date":183,"fetched_at":30},"loginizer","Loginizer","2.0.6","Softaculous","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftaculous\u002F","\u003Cp>Loginizer is a WordPress plugin which helps you fight against bruteforce attack by blocking login for the IP after it reaches maximum retries allowed. You can blacklist or whitelist IPs for login using Loginizer. You can use various other features like Two Factor Auth, reCAPTCHA, PasswordLess Login, etc. to improve security of your website.\u003C\u002Fp>\n\u003Cp>Loginizer is actively used by more than 1000000+ WordPress websites.\u003C\u002Fp>\n\u003Cp>You can find our official documentation at \u003Ca href=\"https:\u002F\u002Floginizer.com\u002Fdocs\" rel=\"nofollow ugc\">https:\u002F\u002Floginizer.com\u002Fdocs\u003C\u002Fa>. We are also active in our community support forums on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Floginizer\" rel=\"ugc\">wordpress.org\u003C\u002Fa> if you are one of our free users. Our Premium Support Ticket System is at \u003Ca href=\"https:\u002F\u002Floginizer.deskuss.com\" rel=\"nofollow ugc\">https:\u002F\u002Floginizer.deskuss.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Free Features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Brute force protection. IPs trying to brute force your website will be blocked for 15 minutes after 3 failed login attempts. After multiple lockouts the IP is blocked for 24 hours. This is the default configuration and can be changed from Loginizer -> Brute force page in WordPress admin panel.\u003C\u002Fli>\n\u003Cli>Failed login attempts logs.\u003C\u002Fli>\n\u003Cli>Blacklist IPs\u003C\u002Fli>\n\u003Cli>Whitelist IPs\u003C\u002Fli>\n\u003Cli>Custom error messages on failed login.\u003C\u002Fli>\n\u003Cli>Permission check for important files and folders.\u003C\u002Fli>\n\u003Cli>Allow only Trusted IP.\u003C\u002Fli>\n\u003Cli>Blocked Screen in place of the Login page.\u003C\u002Fli>\n\u003Cli>Email Notification on successful login.\u003C\u002Fli>\n\u003Cli>Let users login with LinkedIn\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get Support and Pro Features\u003C\u002Fh4>\n\u003Cp>Get professional support from our experts and pro features to take your site’s security to the next level with \u003Ca href=\"https:\u002F\u002Floginizer.com\u002Fpricing\" rel=\"nofollow ugc\">Loginizer-Security\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Pro Features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MD5 Checksum – of Core WordPress Files. The admin can check and ignore files as well.\u003C\u002Fli>\n\u003Cli>PasswordLess Login – At the time of Login, the username \u002F email address will be asked and an email will be sent to the email address of that account with a temporary link to login.\u003C\u002Fli>\n\u003Cli>Two Factor Auth via Email – On login, an email will be sent to the email address of that account with a temporary 6 digit code to complete the login.\u003C\u002Fli>\n\u003Cli>Two Factor Auth via App – The user can configure the account with a 2FA App like Google Authenticator, Authy, etc.\u003C\u002Fli>\n\u003Cli>Login Challenge Question – The user can setup a Challenge Question and Answer as an additional security layer. After Login, the user will need to answer the question to complete the login.\u003C\u002Fli>\n\u003Cli>reCAPTCHA – Google’s reCAPTCHA v3\u002Fv2, Cloudflare Turnstile, hCAPTCHA can be configured for the Login screen, Comments Section, Registration Form, etc. to prevent automated brute force attacks. Supports WooCommerce as well.\u003C\u002Fli>\n\u003Cli>Rename Login Page – The Admin can rename the login URL (slug) to something different from wp-login.php to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Rename WP-Admin URL – The Admin area in WordPress is accessed via wp-admin. With loginizer you can change it to anything e.g. site-admin\u003C\u002Fli>\n\u003Cli>CSRF Protection – This helps in preventing CSRF attacks as it updates the admin URL with a session string which makes it difficult and nearly impossible for the attacker to predict the URL.\u003C\u002Fli>\n\u003Cli>Rename Login with Secrecy – If set, then all Login URL’s will still point to wp-login.php and users will have to access the New Login Slug by typing it in the browser.\u003C\u002Fli>\n\u003Cli>Disable XML-RPC – An option to simply disable XML-RPC in WordPress. Most of the WordPress users don’t need XML-RPC and can disable it to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Rename XML-RPC – The Admin can rename the XML-RPC to something different from xmlrpc.php to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Username Auto Blacklist – Attackers generally use common usernames like admin, administrator, or variations of your domain name \u002F business name. You can specify such username here and Loginizer will auto-blacklist the IP Address(s) of clients who try to use such username(s).\u003C\u002Fli>\n\u003Cli>New Registration Domain Blacklist – If you would like to ban new registrations from a particular domain, you can use this utility to do so.\u003C\u002Fli>\n\u003Cli>Change the Admin Username – The Admin can rename the admin username to something more difficult.\u003C\u002Fli>\n\u003Cli>Auto Blacklist IPs – IPs will be auto blacklisted, if certain usernames saved by the Admin are used to login by malicious bots \u002F users.\u003C\u002Fli>\n\u003Cli>Disable Pingbacks – Simple way to disable PingBacks.\u003C\u002Fli>\n\u003Cli>SSO – Single Sign-on, let any user access to your WordPress Dashboard without the need to share username or password.\u003C\u002Fli>\n\u003Cli>Limit Concurrent Logins – It prevents user to login from different devices concurrently, you can define how many devices you want to allow, and how you want to restrict the user when concurrent limit is reached.\u003C\u002Fli>\n\u003Cli>Social Login – Users can login or register with their Google, Github, Facebook, X (Twitter), Discord, Twitch, LinkedIn, Microsoft with support for WooCommerce and Ultimate Member.\u003C\u002Fli>\n\u003Cli>Key Less Social Login – Use Loginizer’s Social Auth for easy key less Social login configuration, now supports Google, GitHub, X, LinkedIn more to be added later\u003C\u002Fli>\n\u003Cli>Country Blocking – Block IPs from specific countries to restrict access to your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features in Loginizer include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Blocks IP after maximum retries allowed\u003C\u002Fli>\n\u003Cli>Extended Lockout after maximum lockouts allowed\u003C\u002Fli>\n\u003Cli>Email notification to admin after max lockouts\u003C\u002Fli>\n\u003Cli>Blacklist IP\u002FIP range\u003C\u002Fli>\n\u003Cli>Whitelist IP\u002FIP range\u003C\u002Fli>\n\u003Cli>Check logs of failed attempts\u003C\u002Fli>\n\u003Cli>Create IP ranges\u003C\u002Fli>\n\u003Cli>Delete IP ranges\u003C\u002Fli>\n\u003Cli>Licensed under LGPLv2.1\u003C\u002Fli>\n\u003Cli>Safe & Secure\u003C\u002Fli>\n\u003C\u002Ful>\n","Loginizer is a WordPress security plugin which helps you fight against bruteforce attacks.",1000000,29791210,1020,"2026-03-02T12:38:00.000Z","3.0","5.5",[177,20,22,163,178],"access","security","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Floginizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floginizer.2.0.6.zip",87,8,"2024-11-04 00:00:00",{"attackSurface":185,"codeSignals":469,"taintFlows":776,"riskAssessment":833,"analyzedAt":849},{"hooks":186,"ajaxHandlers":428,"restRoutes":466,"shortcodes":467,"cronEvents":468,"entryPointCount":213,"unprotectedCount":110},[187,192,199,203,208,211,214,216,219,222,225,230,233,236,239,242,245,248,251,253,256,259,260,263,265,269,271,273,276,278,280,282,284,288,291,293,296,298,300,302,304,305,307,308,310,312,314,316,318,321,323,325,329,333,337,341,345,349,352,356,360,364,368,371,374,377,381,384,387,391,395,399,403,407,409,410,412,417,421,424],{"type":188,"name":189,"callback":190,"file":191,"line":107},"action","admin_init","change_db_prefix","classes\\db-prefix.php",{"type":193,"name":194,"callback":195,"priority":196,"file":197,"line":198},"filter","rest_authentication_errors","you_shall_not_pass",20,"classes\\disable-rest-api\\disable-rest-api.php",15,{"type":188,"name":200,"callback":201,"file":202,"line":107},"init","check_limit","classes\\helpers.php",{"type":188,"name":204,"callback":205,"file":206,"line":207},"login_enqueue_scripts","wps_login_enqueue_scripts","classes\\plugin.php",12,{"type":188,"name":209,"callback":209,"file":206,"line":210},"admin_head",13,{"type":188,"name":212,"callback":212,"file":206,"line":213},"admin_menu",14,{"type":188,"name":215,"callback":215,"file":206,"line":198},"admin_enqueue_scripts",{"type":188,"name":189,"callback":217,"file":206,"line":218},"download_report_system_template_redirect",24,{"type":188,"name":189,"callback":220,"file":206,"line":221},"delete_unuse_themes",25,{"type":188,"name":189,"callback":223,"file":206,"line":224},"delete_unuse_plugins",26,{"type":188,"name":226,"callback":227,"priority":228,"file":206,"line":229},"wp_before_admin_bar_render","wps_env",999,31,{"type":188,"name":200,"callback":231,"file":206,"line":232},"remove_allow_repair_wp_config",37,{"type":188,"name":234,"callback":234,"priority":107,"file":206,"line":235},"after_plugin_row",39,{"type":193,"name":237,"callback":237,"file":206,"line":238},"all_plugins",40,{"type":188,"name":189,"callback":240,"file":206,"line":241},"hide_notice_autoupdates",42,{"type":188,"name":243,"callback":243,"priority":107,"file":206,"line":244},"deleted_plugin",44,{"type":193,"name":246,"callback":246,"file":206,"line":247},"admin_footer",48,{"type":193,"name":249,"callback":249,"priority":110,"file":206,"line":250},"admin_footer_text",49,{"type":188,"name":212,"callback":212,"file":252,"line":107},"classes\\removefromcache.php",{"type":188,"name":226,"callback":254,"priority":255,"file":252,"line":207},"_wps_cache_admin_bar_render",99,{"type":188,"name":257,"callback":258,"priority":110,"file":252,"line":213},"wp_head","wps_rpfc_public",{"type":188,"name":257,"callback":257,"file":252,"line":198},{"type":188,"name":189,"callback":261,"file":252,"line":262},"register_wps_tools_settings",18,{"type":188,"name":189,"callback":189,"file":252,"line":264},19,{"type":193,"name":266,"callback":267,"priority":107,"file":252,"line":268},"pre_update_option","update_option_select2_wps_posts",21,{"type":193,"name":266,"callback":270,"priority":107,"file":252,"line":224},"update_option_wps_cpt_remove_from_cache",{"type":193,"name":266,"callback":272,"priority":107,"file":252,"line":229},"update_option_wps_archive_cpt_remove_from_cache",{"type":188,"name":189,"callback":274,"file":252,"line":275},"delete_post_exclud_cache",36,{"type":188,"name":189,"callback":277,"file":252,"line":232},"delete_all_posts_exclud_cache",{"type":188,"name":279,"callback":279,"file":252,"line":235},"add_meta_boxes",{"type":188,"name":281,"callback":281,"priority":110,"file":252,"line":238},"save_post",{"type":193,"name":283,"callback":283,"file":252,"line":241},"wps_not_purge_auto",{"type":188,"name":285,"callback":286,"priority":27,"file":252,"line":287},"send_headers","add_header_nocache",166,{"type":188,"name":257,"callback":289,"file":252,"line":290},"add_browser_nocache",167,{"type":188,"name":212,"callback":212,"file":292,"line":107},"classes\\suggest-plugins-themes.php",{"type":188,"name":294,"callback":294,"file":292,"line":295},"admin_page",11,{"type":193,"name":297,"callback":297,"file":292,"line":210},"install_plugins_tabs",{"type":193,"name":299,"callback":297,"file":292,"line":213},"install_themes_tabs",{"type":193,"name":301,"callback":301,"file":292,"line":198},"install_plugins_table_api_args_wps_bidouille",{"type":188,"name":212,"callback":212,"file":303,"line":107},"classes\\suggestions.php",{"type":188,"name":294,"callback":294,"file":303,"line":295},{"type":188,"name":212,"callback":212,"file":306,"line":107},"classes\\tools.php",{"type":188,"name":294,"callback":294,"file":306,"line":295},{"type":188,"name":189,"callback":309,"file":306,"line":207},"clear_all_sessions",{"type":188,"name":189,"callback":311,"file":306,"line":210},"delete_expired_transients",{"type":188,"name":189,"callback":313,"file":306,"line":213},"delete_spam_comments",{"type":188,"name":189,"callback":315,"file":306,"line":198},"delete_trashed_comments",{"type":188,"name":189,"callback":317,"file":306,"line":97},"delete_revisions",{"type":188,"name":189,"callback":319,"file":306,"line":320},"reinitialize",17,{"type":188,"name":189,"callback":322,"file":306,"line":264},"register_wps_settings_tools",{"type":188,"name":200,"callback":324,"file":306,"line":196},"wpinit",{"type":193,"name":326,"callback":327,"priority":107,"file":306,"line":328},"wp_sitemaps_add_provider","remove_author_category_pages_from_sitemap",22,{"type":193,"name":330,"callback":331,"file":306,"line":332},"tiny_mce_plugins","disable_emojis_tinymce",306,{"type":193,"name":334,"callback":335,"priority":107,"file":306,"line":336},"wp_resource_hints","disable_emojis_remove_dns_prefetch",307,{"type":193,"name":338,"callback":339,"priority":107,"file":306,"line":340},"wp_revisions_to_keep","wps_restrict_number_revision",351,{"type":193,"name":342,"callback":343,"file":306,"line":344},"tiny_mce_before_init","modify_editor_buttons",361,{"type":188,"name":346,"callback":347,"file":306,"line":348},"wp_enqueue_scripts","replace_core_jquery_version",365,{"type":188,"name":346,"callback":350,"priority":255,"file":306,"line":351},"manage_woocommerce_styles",383,{"type":188,"name":353,"callback":354,"file":306,"line":355},"wp_print_styles","remove_cf7_css",421,{"type":188,"name":357,"callback":358,"file":306,"line":359},"wp_print_scripts","remove_cf7_js",422,{"type":193,"name":361,"callback":362,"file":306,"line":363},"login_errors","__return_empty_string",456,{"type":193,"name":365,"callback":366,"file":306,"line":367},"json_enabled","__return_false",490,{"type":193,"name":369,"callback":366,"file":306,"line":370},"json_jsonp_enabled",491,{"type":193,"name":372,"callback":366,"file":306,"line":373},"rest_enabled",494,{"type":193,"name":375,"callback":366,"file":306,"line":376},"rest_jsonp_enabled",495,{"type":193,"name":378,"callback":379,"file":306,"line":380},"rest_endpoints","closure",507,{"type":193,"name":382,"callback":366,"file":306,"line":383},"feed_links_show_posts_feed",524,{"type":193,"name":385,"callback":366,"file":306,"line":386},"feed_links_show_comments_feed",531,{"type":193,"name":388,"callback":389,"file":306,"line":390},"image_size_names_choose","add_medium_large",535,{"type":188,"name":392,"callback":393,"file":306,"line":394},"template_redirect","remove_author_pages_page",558,{"type":193,"name":396,"callback":397,"file":306,"line":398},"author_link","remove_author_pages_link",559,{"type":193,"name":400,"callback":401,"priority":107,"file":306,"line":402},"sanitize_file_name_chars","wps_sanitize_file_name_chars",583,{"type":193,"name":404,"callback":405,"priority":107,"file":306,"line":406},"sanitize_file_name","wps_sanitize_file_name",584,{"type":188,"name":212,"callback":212,"file":408,"line":107},"classes\\whitelabel.php",{"type":188,"name":189,"callback":261,"file":408,"line":210},{"type":193,"name":266,"callback":411,"priority":255,"file":408,"line":198},"update_option_select2_wps_users",{"type":188,"name":413,"callback":414,"file":415,"line":416},"plugins_loaded","plugins_loaded_wps_bidouille_plugin","wps-bidouille.php",38,{"type":188,"name":418,"callback":419,"priority":107,"file":415,"line":420},"update_option_list_post_without_cache","rocket_after_update_single_options",64,{"type":188,"name":418,"callback":422,"priority":107,"file":415,"line":423},"wpserveur_flush_cache",86,{"type":193,"name":425,"callback":426,"file":415,"line":427},"rocket_cache_reject_uri","rocket_exlude_wps_bidouille_page",106,[429,433,436,439,442,444,447,449,451,453,455,458,460,464],{"action":430,"nopriv":431,"callback":430,"hasNonce":432,"hasCapCheck":431,"file":206,"line":83},"dismiss_admin_notice",false,true,{"action":434,"nopriv":431,"callback":434,"hasNonce":432,"hasCapCheck":431,"file":206,"line":435},"count_notif",29,{"action":437,"nopriv":431,"callback":437,"hasNonce":432,"hasCapCheck":431,"file":206,"line":438},"add_option_wps_display",33,{"action":440,"nopriv":431,"callback":440,"hasNonce":432,"hasCapCheck":431,"file":206,"line":441},"delete_option_wps_display",34,{"action":443,"nopriv":431,"callback":443,"hasNonce":432,"hasCapCheck":431,"file":206,"line":275},"add_allow_repair_wp_config",{"action":445,"nopriv":431,"callback":445,"hasNonce":432,"hasCapCheck":432,"file":206,"line":446},"wpsbidouille_rated",50,{"action":448,"nopriv":431,"callback":448,"hasNonce":432,"hasCapCheck":431,"file":252,"line":320},"wps_get_posts",{"action":450,"nopriv":431,"callback":450,"hasNonce":432,"hasCapCheck":431,"file":292,"line":196},"download_plugins_premium",{"action":452,"nopriv":431,"callback":452,"hasNonce":432,"hasCapCheck":431,"file":292,"line":268},"download_themes_premium",{"action":454,"nopriv":431,"callback":454,"hasNonce":432,"hasCapCheck":431,"file":292,"line":328},"update_plugin_premium",{"action":456,"nopriv":431,"callback":456,"hasNonce":432,"hasCapCheck":431,"file":292,"line":457},"update_theme_premium",23,{"action":459,"nopriv":431,"callback":459,"hasNonce":432,"hasCapCheck":431,"file":292,"line":218},"delete_transient_premium",{"action":461,"nopriv":431,"callback":462,"hasNonce":432,"hasCapCheck":431,"file":306,"line":463},"save_settings_wps","wp_ajax_save_settings_wps",27,{"action":465,"nopriv":431,"callback":465,"hasNonce":431,"hasCapCheck":431,"file":408,"line":295},"wps_get_users",[],[],[],{"dangerousFunctions":470,"sqlUsage":471,"outputEscaping":503,"fileOperations":770,"externalRequests":771,"nonceChecks":224,"capabilityChecks":218,"bundledLibraries":772},[],{"prepared":66,"raw":207,"locations":472},[473,477,479,482,484,487,489,491,493,496,499,501],{"file":474,"line":475,"context":476},"admin_page\\remove_from_cache.php",59,"$wpdb->get_results() with variable interpolation",{"file":191,"line":478,"context":476},91,{"file":191,"line":480,"context":481},111,"$wpdb->query() with variable interpolation",{"file":191,"line":483,"context":481},135,{"file":202,"line":485,"context":486},651,"$wpdb->get_var() with variable interpolation",{"file":202,"line":488,"context":486},654,{"file":202,"line":490,"context":486},658,{"file":202,"line":492,"context":486},661,{"file":494,"line":495,"context":476},"classes\\systemreport.php",108,{"file":306,"line":497,"context":498},122,"$wpdb->get_col() with variable interpolation",{"file":306,"line":500,"context":498},147,{"file":306,"line":502,"context":498},172,{"escaped":504,"rawEcho":505,"locations":506},253,163,[507,511,513,515,516,518,520,522,524,526,528,530,531,532,533,535,536,537,538,539,540,542,544,546,548,549,550,553,555,557,560,562,565,566,568,569,571,572,573,574,575,577,579,580,582,583,585,586,588,589,590,591,593,594,595,597,599,601,602,604,605,607,609,610,612,614,616,618,620,622,623,625,627,629,631,633,635,637,639,641,643,645,647,649,651,653,656,657,658,660,663,665,667,670,672,673,675,676,677,679,680,681,682,683,684,685,687,688,690,692,694,696,698,699,700,702,703,704,705,706,708,709,711,712,713,714,716,717,719,720,721,722,723,724,725,726,727,729,730,731,732,733,734,735,736,738,739,740,742,744,746,748,750,752,753,755,757,758,760,762,764,766,768],{"file":508,"line":509,"context":510},"admin_page\\plugin.php",7,"raw output",{"file":474,"line":512,"context":510},63,{"file":474,"line":514,"context":510},72,{"file":474,"line":96,"context":510},{"file":474,"line":517,"context":510},93,{"file":474,"line":519,"context":510},117,{"file":474,"line":521,"context":510},119,{"file":474,"line":523,"context":510},120,{"file":474,"line":525,"context":510},139,{"file":474,"line":527,"context":510},142,{"file":529,"line":264,"context":510},"admin_page\\suggest_plugins_themes.php",{"file":529,"line":196,"context":510},{"file":529,"line":268,"context":510},{"file":529,"line":328,"context":510},{"file":534,"line":221,"context":510},"admin_page\\tools.php",{"file":534,"line":438,"context":510},{"file":534,"line":232,"context":510},{"file":534,"line":416,"context":510},{"file":534,"line":250,"context":510},{"file":534,"line":446,"context":510},{"file":534,"line":541,"context":510},61,{"file":534,"line":543,"context":510},62,{"file":534,"line":545,"context":510},73,{"file":534,"line":547,"context":510},74,{"file":534,"line":161,"context":510},{"file":534,"line":13,"context":510},{"file":551,"line":552,"context":510},"admin_page\\white_label.php",60,{"file":554,"line":238,"context":510},"blocks\\check_cache.php",{"file":554,"line":556,"context":510},41,{"file":558,"line":559,"context":510},"blocks\\check_old_plugins.php",78,{"file":558,"line":561,"context":510},82,{"file":563,"line":564,"context":510},"blocks\\db_prefix.php",69,{"file":563,"line":545,"context":510},{"file":567,"line":457,"context":510},"blocks\\logs.php",{"file":567,"line":435,"context":510},{"file":570,"line":107,"context":510},"blocks\\menu.php",{"file":570,"line":264,"context":510},{"file":570,"line":83,"context":510},{"file":570,"line":441,"context":510},{"file":570,"line":238,"context":510},{"file":576,"line":463,"context":510},"blocks\\mysql.php",{"file":576,"line":578,"context":510},32,{"file":576,"line":556,"context":510},{"file":576,"line":581,"context":510},47,{"file":576,"line":581,"context":510},{"file":576,"line":584,"context":510},52,{"file":576,"line":584,"context":510},{"file":587,"line":207,"context":510},"blocks\\notifications.php",{"file":587,"line":213,"context":510},{"file":587,"line":198,"context":510},{"file":587,"line":97,"context":510},{"file":592,"line":463,"context":510},"blocks\\optimisations.php",{"file":592,"line":435,"context":510},{"file":592,"line":556,"context":510},{"file":592,"line":596,"context":510},43,{"file":592,"line":598,"context":510},55,{"file":592,"line":600,"context":510},57,{"file":592,"line":564,"context":510},{"file":592,"line":603,"context":510},71,{"file":592,"line":561,"context":510},{"file":592,"line":606,"context":510},84,{"file":592,"line":608,"context":510},94,{"file":592,"line":26,"context":510},{"file":592,"line":611,"context":510},107,{"file":592,"line":613,"context":510},109,{"file":592,"line":615,"context":510},121,{"file":592,"line":617,"context":510},123,{"file":592,"line":619,"context":510},134,{"file":592,"line":621,"context":510},136,{"file":592,"line":500,"context":510},{"file":592,"line":624,"context":510},149,{"file":592,"line":626,"context":510},159,{"file":592,"line":628,"context":510},161,{"file":592,"line":630,"context":510},171,{"file":592,"line":632,"context":510},173,{"file":592,"line":634,"context":510},185,{"file":592,"line":636,"context":510},187,{"file":592,"line":638,"context":510},199,{"file":592,"line":640,"context":510},201,{"file":592,"line":642,"context":510},213,{"file":592,"line":644,"context":510},215,{"file":592,"line":646,"context":510},227,{"file":592,"line":648,"context":510},229,{"file":592,"line":650,"context":510},240,{"file":592,"line":652,"context":510},242,{"file":654,"line":655,"context":510},"blocks\\pub.php",196,{"file":654,"line":655,"context":510},{"file":654,"line":655,"context":510},{"file":654,"line":659,"context":510},197,{"file":661,"line":662,"context":510},"blocks\\pub_wpboutik.php",207,{"file":661,"line":664,"context":510},211,{"file":666,"line":221,"context":510},"blocks\\report_system.php",{"file":668,"line":669,"context":510},"blocks\\server_information.php",46,{"file":668,"line":671,"context":510},51,{"file":668,"line":584,"context":510},{"file":668,"line":674,"context":510},58,{"file":668,"line":512,"context":510},{"file":668,"line":420,"context":510},{"file":668,"line":678,"context":510},66,{"file":668,"line":603,"context":510},{"file":668,"line":514,"context":510},{"file":668,"line":559,"context":510},{"file":668,"line":606,"context":510},{"file":668,"line":96,"context":510},{"file":668,"line":517,"context":510},{"file":668,"line":686,"context":510},97,{"file":668,"line":109,"context":510},{"file":668,"line":689,"context":510},104,{"file":691,"line":669,"context":510},"blocks\\settings_autoupdate.php",{"file":693,"line":244,"context":510},"blocks\\ssl.php",{"file":695,"line":207,"context":510},"blocks\\suggest\\plugin_premiums.php",{"file":695,"line":697,"context":510},45,{"file":695,"line":250,"context":510},{"file":695,"line":446,"context":510},{"file":695,"line":701,"context":510},56,{"file":695,"line":552,"context":510},{"file":695,"line":541,"context":510},{"file":695,"line":543,"context":510},{"file":695,"line":543,"context":510},{"file":707,"line":247,"context":510},"blocks\\suggest\\themes.php",{"file":707,"line":584,"context":510},{"file":707,"line":710,"context":510},53,{"file":707,"line":475,"context":510},{"file":707,"line":512,"context":510},{"file":707,"line":420,"context":510},{"file":707,"line":715,"context":510},65,{"file":707,"line":678,"context":510},{"file":718,"line":207,"context":510},"blocks\\suggest\\theme_premiums.php",{"file":718,"line":697,"context":510},{"file":718,"line":250,"context":510},{"file":718,"line":446,"context":510},{"file":718,"line":701,"context":510},{"file":718,"line":552,"context":510},{"file":718,"line":541,"context":510},{"file":718,"line":543,"context":510},{"file":718,"line":543,"context":510},{"file":728,"line":241,"context":510},"blocks\\update_traduction.php",{"file":728,"line":697,"context":510},{"file":728,"line":697,"context":510},{"file":728,"line":669,"context":510},{"file":728,"line":250,"context":510},{"file":728,"line":250,"context":510},{"file":728,"line":250,"context":510},{"file":728,"line":446,"context":510},{"file":737,"line":218,"context":510},"blocks\\user_info.php",{"file":737,"line":83,"context":510},{"file":737,"line":578,"context":510},{"file":202,"line":741,"context":510},234,{"file":202,"line":743,"context":510},236,{"file":202,"line":745,"context":510},311,{"file":202,"line":747,"context":510},313,{"file":202,"line":749,"context":510},534,{"file":206,"line":751,"context":510},88,{"file":206,"line":478,"context":510},{"file":206,"line":754,"context":510},586,{"file":206,"line":756,"context":510},676,{"file":252,"line":478,"context":510},{"file":252,"line":759,"context":510},276,{"file":252,"line":761,"context":510},454,{"file":292,"line":763,"context":510},572,{"file":292,"line":765,"context":510},577,{"file":494,"line":767,"context":510},336,{"file":408,"line":769,"context":510},67,5,3,[773],{"name":774,"version":37,"knownCves":775},"jQuery",[],[777,793,806,815,825],{"entryPoint":778,"graph":779,"unsanitizedCount":110,"severity":792},"\u003Ccheck_cache> (blocks\\check_cache.php:0)",{"nodes":780,"edges":790},[781,785],{"id":782,"type":783,"label":784,"file":554,"line":457},"n0","source","$_POST",{"id":786,"type":787,"label":788,"file":554,"line":556,"wp_function":789},"n1","sink","echo() [XSS]","echo",[791],{"from":782,"to":786,"sanitized":431},"low",{"entryPoint":794,"graph":795,"unsanitizedCount":28,"severity":792},"delete_post_exclud_cache (classes\\removefromcache.php:381)",{"nodes":796,"edges":804},[797,800],{"id":782,"type":783,"label":798,"file":252,"line":799},"$_GET",391,{"id":786,"type":787,"label":801,"file":252,"line":802,"wp_function":803},"update_option() [Settings Manipulation]",392,"update_option",[805],{"from":782,"to":786,"sanitized":432},{"entryPoint":807,"graph":808,"unsanitizedCount":28,"severity":792},"\u003Cremovefromcache> (classes\\removefromcache.php:0)",{"nodes":809,"edges":813},[810,812],{"id":782,"type":783,"label":811,"file":252,"line":799},"$_GET (x3)",{"id":786,"type":787,"label":801,"file":252,"line":802,"wp_function":803},[814],{"from":782,"to":786,"sanitized":432},{"entryPoint":816,"graph":817,"unsanitizedCount":28,"severity":792},"wp_ajax_save_settings_wps (classes\\tools.php:617)",{"nodes":818,"edges":823},[819,821],{"id":782,"type":783,"label":784,"file":306,"line":820},620,{"id":786,"type":787,"label":801,"file":306,"line":822,"wp_function":803},621,[824],{"from":782,"to":786,"sanitized":432},{"entryPoint":826,"graph":827,"unsanitizedCount":28,"severity":792},"\u003Ctools> (classes\\tools.php:0)",{"nodes":828,"edges":831},[829,830],{"id":782,"type":783,"label":784,"file":306,"line":820},{"id":786,"type":787,"label":801,"file":306,"line":822,"wp_function":803},[832],{"from":782,"to":786,"sanitized":432},{"summary":834,"deductions":835},"The \"wps-bidouille\" plugin, version 1.33.3, presents a moderate security risk. While it demonstrates several positive security practices, such as a reasonable number of nonce and capability checks, and a majority of its SQL queries using prepared statements and output being properly escaped, there are significant concerns. The presence of an unprotected AJAX handler creates a direct attack vector that could be exploited by unauthenticated users. This is exacerbated by the plugin's history of vulnerabilities, particularly a high-severity missing authorization flaw and a medium-severity CSRF issue. Although there are no currently unpatched CVEs, the recurring patterns of authorization and CSRF vulnerabilities suggest potential weaknesses in how user actions are validated and secured. The single unsanitized path flow, while not classified as critical or high severity in the static analysis, also warrants attention as it could potentially lead to path traversal or file manipulation if exploited in conjunction with other vulnerabilities.",[836,838,840,842,844,846],{"reason":837,"points":107},"AJAX handler without authentication check",{"reason":839,"points":198},"Vulnerability history: 1 high severity CVE",{"reason":841,"points":509},"Vulnerability history: 1 medium severity CVE",{"reason":843,"points":182},"Taint flow with unsanitized path",{"reason":845,"points":770},"SQL queries: 43% prepared statements (potential for raw SQL)",{"reason":847,"points":848},"Output escaping: 61% properly escaped (potential for XSS)",4,"2026-03-16T17:49:14.143Z",{"wat":851,"direct":866},{"assetPaths":852,"generatorPatterns":858,"scriptPaths":859,"versionParams":860},[853,854,855,856,857],"\u002Fwp-content\u002Fplugins\u002Fwps-bidouille\u002Fassets\u002Fcss\u002Fwps-bidouille-admin.css","\u002Fwp-content\u002Fplugins\u002Fwps-bidouille\u002Fassets\u002Fjs\u002Fwps-bidouille-admin.js","\u002Fwp-content\u002Fplugins\u002Fwps-bidouille\u002Fassets\u002Fcss\u002Fwps-bidouille.css","\u002Fwp-content\u002Fplugins\u002Fwps-bidouille\u002Fassets\u002Fjs\u002Fwps-bidouille.js","\u002Fwp-content\u002Fplugins\u002Fwps-bidouille\u002Fassets\u002Fcss\u002Fwps-bidouille-login.css",[],[854,856],[861,862,863,864,865],"wps-bidouille\u002Fassets\u002Fcss\u002Fwps-bidouille-admin.css?ver=","wps-bidouille\u002Fassets\u002Fjs\u002Fwps-bidouille-admin.js?ver=","wps-bidouille\u002Fassets\u002Fcss\u002Fwps-bidouille.css?ver=","wps-bidouille\u002Fassets\u002Fjs\u002Fwps-bidouille.js?ver=","wps-bidouille\u002Fassets\u002Fcss\u002Fwps-bidouille-login.css?ver=",{"cssClasses":867,"htmlComments":869,"htmlAttributes":872,"restEndpoints":874,"jsGlobals":876,"shortcodeOutput":879},[868],"wps-bidouille-dashboard-widget",[870,871],"\u003C!-- Hide menu WPS -->","\u003C!-- Exclude WPS_BIDOUILLE from caching WP Rocket -->",[873],"data-wps-bidouille-rated",[875],"\u002Fwp-json\u002Fwps-bidouille\u002Fv1\u002Fsettings",[877,878],"wps_bidouille_data","wps_bidouille_ajax_object",[]]