[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVULnegxw4YdEwkOkAqrSbDTnm4jdHm8MKJU5bJTscGE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":142,"fingerprints":361},"wpvivid-snapshot-database","Database Snapshots – WPvivid","0.9.4","wpvividplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpvividplugins\u002F","\u003Cp>WPvivid Database Snapshots allows you to quickly create snapshots of all tables in your WordPress database.\u003C\u002Fp>\n\u003Ch4>Why Use Database Snapshots?\u003C\u002Fh4>\n\u003Cp>Making a database snapshot is much faster than making a database backup. If you need a quicker rollback solution for safely testing WordPress database-related changes, use a snapshot.\u003C\u002Fp>\n\u003Cp>A snapshot contains database only. If you need to back up the full site or files, you can use our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpvivid-backuprestore\u002F\" rel=\"ugc\">WPvivid Backup Plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features Spotlight\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create a snapshot of WordPress database\u003C\u002Fli>\n\u003Cli>Create multiple snapshots\u003C\u002Fli>\n\u003Cli>Comment a snapshot\u003C\u002Fli>\n\u003Cli>Set up a retention for snapshots\u003C\u002Fli>\n\u003Cli>Restore the database from a snapshot\u003C\u002Fli>\n\u003Cli>More features are coming soon\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Minimum Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Character Encoding UTF-8\u003C\u002Fli>\n\u003Cli>PHP version 5.3\u003C\u002Fli>\n\u003Cli>MySQL version 4.1\u003C\u002Fli>\n\u003Cli>WordPress 4.5\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We offer free support at the support forum for WPvivid Database Snapshots on WordPress.org.\u003C\u002Fp>\n\u003Ch3>Installation and Uninstallation\u003C\u002Fh3>\n\u003Ch4>Install WPvivid Database Snapshot\u003C\u002Fh4>\n\u003Cp>1.Go to your sites admin dashboard.\u003Cbr \u002F>\n2.Navigate to Plugin Menu and search for WPvivid Database Snapshots.\u003Cbr \u002F>\n3.Click Install Now then click Activate Plugin.\u003C\u002Fp>\n\u003Ch4>Uninstall WPvivid Database Snapshot\u003C\u002Fh4>\n\u003Cp>1.Click Deactivate from the Plugin Menu.\u003Cbr \u002F>\n2.Click Delete.\u003C\u002Fp>\n\u003Ch3>Privacy Policy and GDPR Compliance\u003C\u002Fh3>\n\u003Cp>WPvivid Database Snapshots is created and operated with full respect and protection of users personal information, and is in full compliance with General Data Protection Regulation(GDPR). Check out the following content to know the details:\u003C\u002Fp>\n\u003Ch4>What personal data can WPvivid Database Snapshots access and how is the data processed?\u003C\u002Fh4>\n\u003Cp>The free version of WPvivid Database Snapshots is only available to download from WordPress plugin repository. Thus, all the data related to the updates of the versions as well as the support forum for WPvivid Database Snapshots on WordPress.org is held by WordPress.org.\u003Cbr \u002F>\nIn addition, the implementations of creating snapshots and restoring the database from snapshots happen completely on your website server, there are no data come across any of our servers in the whole process.\u003Cbr \u002F>\nThe only personal data currently we can access are the contact data when you contact us by email, which may include your name, email address and other contact details. The data will only be used for the purposes of handling and resolving your enquiry.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>WPvivid Database Snapshots is licensed under GPL version 3 or later.\u003Cbr \u002F>\nThis program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details:\u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.en.html\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.en.html\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contact us\u003C\u002Fh3>\n\u003Cp>Feel free to let us know how we can help using the support forum for WPvivid Database Snapshots on WordPress.org or our \u003Ca href=\"https:\u002F\u002Fwpvivid.com\u002Fcontact-us\" rel=\"nofollow ugc\">contact form\u003C\u002Fa>.\u003C\u002Fp>\n","Create snapshots of a WordPress database quickly.",1000,16055,100,2,"2023-04-11T02:24:00.000Z","6.2.9","4.5","5.3",[20,21,22,23,24],"database-restore","database-rollback","database-snapshot","rollback","snapshot","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpvivid-snapshot-database.0.9.4.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},4,921000,90,332,72,"2026-04-03T19:35:17.313Z",[40,59,82,103,125],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":28,"downloaded":48,"rating":28,"num_ratings":28,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"selmitec-quicksnap-restore","Selmitec QuickSnap Restore","1.0.4","selmitec","https:\u002F\u002Fprofiles.wordpress.org\u002Fselmitec\u002F","\u003Cp>Selmitec QuickSnap Restore lets you create a “snapshot” before updates or important changes and restore it when needed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key features (Free)\u003C\u002Fstrong>\u003Cbr \u002F>\n* One-click snapshot.\u003Cbr \u002F>\n* Custom name for each snapshot.\u003Cbr \u002F>\n* Restore with redirect back to the current admin page (stored location).\u003Cbr \u002F>\n* Auto-login of the current user after restore.\u003Cbr \u002F>\n* Saves and restores: database, plugins, and themes.\u003Cbr \u002F>\n* Minimal UI, admin-only.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Where snapshots are stored\u003C\u002Fstrong>\u003Cbr \u002F>\nSnapshots are saved under uploads:\u003Cbr \u002F>\n    wp-content\u002Fuploads\u002Fselmitec-quicksnap-restore\u002Fsnapshots\u002F\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin can optionally send notifications via Telegram.\u003C\u002Fp>\n\u003Cp>When enabled, it connects to the Telegram Bot API (api.telegram.org) to deliver messages about snapshot\u002Frestore events.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Service: Telegram Bot API (Telegram Messenger LLP \u002F Telegram FZ-LLC)\u003C\u002Fli>\n\u003Cli>What it is used for: sending optional admin notifications to a Telegram chat.\u003C\u002Fli>\n\u003Cli>What data is sent: the bot token (in the request URL), chat_id, and the notification text you configure (which may include your site URL if you choose to include it in the message).\u003C\u002Fli>\n\u003Cli>When data is sent: only when Telegram notifications are enabled in the plugin settings and a snapshot\u002Frestore event triggers a notification.\u003C\u002Fli>\n\u003Cli>Terms of Service: https:\u002F\u002Ftelegram.org\u002Ftos\u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Ftelegram.org\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n","Create one-click site snapshots and restore quickly from the WordPress admin area. Minimal UI and lightweight footprint.",125,"2026-02-22T22:57:00.000Z","6.9.4","6.0","7.4",[54,55,56,23,24],"backup","minimal","restore","https:\u002F\u002Fwww.selmitec.com\u002Fselmitec-quicksnap-restore\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fselmitec-quicksnap-restore.1.0.4.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":50,"requires_at_least":72,"requires_php":52,"tags":73,"homepage":78,"download_link":79,"security_score":80,"vuln_count":14,"unpatched_count":28,"last_vuln_date":81,"fetched_at":30},"wp-rollback","WP Rollback – Rollback Plugins and Themes","3.0.12","Devin Walker","https:\u002F\u002Fprofiles.wordpress.org\u002Fdlocc\u002F","\u003Cp>Quickly and easily rollback any theme or plugin from WordPress.org to any previous (or newer) version without any of the manual fuss. Works just like the plugin updater, except you’re rolling back (or forward) to a specific version. No need for manually downloading and FTPing the files or learning Subversion. This plugin takes care of the trouble for you.\u003C\u002Fp>\n\u003Ch4>🔙 Rollback WordPress.org Plugins and Themes\u003C\u002Fh4>\n\u003Cp>While it’s considered best practice to always keep your WordPress plugins and themes updated, we understand there are times you may need to quickly revert to a previous version. This plugin makes that process as easy as a few mouse clicks. Simply select the version of the plugin or theme that you’d like to rollback to, confirm, and in a few moments you’ll be using the version requested. No more fumbling to find the version, downloading, unzipping, FTPing, learning Subversion or hair pulling.\u003C\u002Fp>\n\u003Cp>For advanced features like premium plugin\u002Ftheme support (Envato, Kadence Pro, Astra Pro, etc.), comprehensive activity logging, multisite network support, and priority support, consider upgrading to \u003Ca href=\"https:\u002F\u002Fwprollback.com\u002F\" rel=\"nofollow ugc\">WP Rollback Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Muy Importante (Very Important): Always Test and Backup\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Important Disclaimer:\u003C\u002Fstrong> This plugin is not intended to be used without first taking the proper precautions to ensure zero data loss or site downtime. Always be sure you have first tested the rollback on a staging or development site prior to using WP Rollback on a live site.\u003C\u002Fp>\n\u003Cp>We provide no (zero) assurances, guarantees, or warranties that the plugin, theme, or WordPress version you are downgrading to will work as you expect. Use this plugin at your own risk.\u003C\u002Fp>\n\u003Ch4>Translation Ready\u003C\u002Fh4>\n\u003Cp>Do you speak another language? Want to contribute in a meaningful way to WP Rollback? There’s no better way than to help us translate the plugin. This plugin is translation ready. Simply header over to the WP Rollback \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-rollback\u002F\" rel=\"nofollow ugc\">translation project\u003C\u002Fa> that’s powered by WordPress.org volunteer translators. There you can contribute to the translation of the plugin into your language.\u003C\u002Fp>\n\u003Ch4>Support and Documentation\u003C\u002Fh4>\n\u003Cp>We answer all free user support requests \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-rollback\" rel=\"ugc\">on the WordPress.org support forum\u003C\u002Fa>. For pro users, please submit your questions to \u003Ca href=\"https:\u002F\u002Fwprollback.com\u002F?utm_campaign=free-plugin&utm_medium=free-plugin&utm_source=readme\" rel=\"nofollow ugc\">WP Rollback Pro support\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>WP Rollback was created to be as intuitive to the natural WordPress experience as possible. We believe that once you activate WP Rollback, you’ll quickly discover exactly how it works without question.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>BUT!!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>We do have documentation on our website. See \u003Ca href=\"https:\u002F\u002Fdocs.wprollback.com\u002F?utm_source=free-plugin&utm_medium=readme&utm_campaign=documentation\" rel=\"nofollow ugc\">WP Rollback Documentation\u003C\u002Fa>.\u003C\u002Fp>\n","Rollback (or forward) any WordPress.org plugin, theme, or block like a boss.",300000,4310141,98,213,"2026-02-27T18:26:00.000Z","6.5",[74,75,76,23,77],"downgrade","plugins","revert","version","https:\u002F\u002Fwprollback.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rollback.3.0.12.zip",99,"2015-06-28 00:00:00",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":16,"requires_at_least":95,"requires_php":25,"tags":96,"homepage":99,"download_link":100,"security_score":27,"vuln_count":101,"unpatched_count":28,"last_vuln_date":102,"fetched_at":30},"wp-downgrade","WP Downgrade | Specific Core Version","1.2.6","Reisetiger","https:\u002F\u002Fprofiles.wordpress.org\u002Freisetiger\u002F","\u003Ch4>WordPress Core Downgrade\u002FUpdate\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>EN:\u003C\u002Fstrong> The plugin “WP Downgrade” forces the WordPress update routine to perform the installation of a \u003Cstrong>specified\u003C\u002Fstrong> WordPress release. The Core Release you specify is then downloaded from wordpress.org and installed as would \u003Cstrong>any regular update\u003C\u002Fstrong>. You can permanently stay on a previous version of your choice or update selected.\u003C\u002Fp>\n\u003Cp>The user Gahapati describes it so much better than I can. (Thank you!)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cem>WP Downgrade | Specific Core Version\u003C\u002Fem> has the potential for becoming one of the best-loved plugins among those, who simply cannot update to the \u003Cem>latest\u003C\u002Fem> WP release.\u003C\u002Fp>\n\u003Cp>In the past the latest WP release was the only offering for WP’s Automatic Update routine. This left all those behind, who have to wait with Core updates, until their plugins become compatible with newer WP releases. When this finally happens, more often than not there has already been \u003Cem>yet another\u003C\u002Fem> Core update. In the end a dreaded, cumbersome, time-consuming and error-prone Manual Update used to be the only way to go.\u003C\u002Fp>\n\u003Cp>With \u003Cem>WP Downgrade | Specific Core Version\u003C\u002Fem> this is now a thing of the past. Anyone who lags behind the latest WP release is now able to use Automatic Updates even to lower WP versions. What WP Downgrade does simply is to make WP believe that the version you want to update to \u003Cem>actually is\u003C\u002Fem> the latest version. Because of this, there is no difference to updating to the latest version.\u003C\u002Fp>\n\u003Cp>For security reasons I think this is a must-have plugin for anyone running a “seasoned” WP installation, and it actually should be a Core feature to be able to update not to the \u003Cem>latest\u003C\u002Fem> WP release exclusively but instead to have a choice among \u003Cem>secure\u003C\u002Fem> releases.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>New advanced option: You are now able to manually edit the download link, if necessary. This allows, for example, a change of language for wp-core. Or you can get the release from another source.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>DE:\u003C\u002Fstrong> Das Plugin “WP Downgrade” zwingt die WordPress-interne Update-Funktion, ein \u003Cstrong>bestimmtes\u003C\u002Fstrong> WordPress-Release zu installieren. Das definierte Core-Release wird \u003Cstrong>wie ein reguläres Update\u003C\u002Fstrong> von wordpress.org bezogen und direkt installiert.\u003Cbr \u002F>\nDas klappt wie gewohnt per Update-Button im Admin-Bereich oder per Auto-Update. Die Versionsnummer kann sowohl \u003Cstrong>höher\u003C\u002Fstrong> als auch \u003Cstrong>niedriger\u003C\u002Fstrong> sein als die aktuell installierte Version. Somit ist also auch ein Rollback auf frühere Releases möglich. Dein WordPress wird solange auf dieser Version bleiben, bis du eine neue Versionsnummer in WP-Downgrade hinterlegst (oder bis du die Versionsnummer leerst oder das Plugin deaktivierst).\u003C\u002Fp>\n\u003Ch4>Achtung: Nutzung auf eigene Gefahr!\u003C\u002Fh4>\n\u003Cp>WP-Downgrade funktioniert normalerweise prima. Trotzdem ist ein Versionswechsel immer ein riskanter Eingriff! Du solltest auf jeden Fall vorher ein Backup deiner Dateien und der Datenbank anlegen! Ich übernehme keinerlei Gewähr für deine Installation und werde auch keinen Support leisten.\u003C\u002Fp>\n\u003Ch4>Plugin hilfreich? Sag Danke!\u003C\u002Fh4>\n\u003Cp>Ich stelle das Plugin kostenlos zur Verfügung, freue mich aber sehr über Spenden oder einen Link auf meinen Reiseblog \u003Ca href=\"https:\u002F\u002Fwww.reisetiger.net\" title=\"Reisetiger\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.reisetiger.net\u003C\u002Fa>! 🙂\u003Cbr \u002F>\n\u003Cstrong>Bitte bewerte WP Downgrade, wenn es für dich nützlich ist!\u003C\u002Fstrong>\u003C\u002Fp>\n","Automatically downgrad or update to any WordPress version you want directly from the backend.",100000,1635333,96,169,"2023-05-08T20:42:00.000Z","3.0.1",[97,74,23,77,98],"core","wp-core","https:\u002F\u002Fwww.reisetiger.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-downgrade.1.2.6.zip",1,"2022-03-22 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":92,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":122,"download_link":123,"security_score":124,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"change-admin-email-setting-without-outbound-email","Change Admin Email","4.1","johndeebdd","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohndeebdd\u002F","\u003Cp>This plugin allows an administrator to change the “site admin email”, without sending a confirmation email from the server. This can be useful for testing purposes, localhost setups, or any other situation where outbound email is disabled on the site. A new “feature” of WordPress 4.9 is that the administrator cannot change the site admin email without outgoing email setup on the server. This plugin restores the administrator’s ability to change this setting without sending a confirmation email. Note that the “site admin email” is the global email used for admin purposes on the site. It is the “from” address when the site sends an email. The “site admin email” may be different from the administrator’s personal user email, which is associated with the administrator’s user account.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once activated, an administrator can change the admin email from the Settings >> General page. You can request a test email be sent to the new email address. The test email is sent from our servers. You can view our privacy policy here: at https:\u002F\u002Fgeneralchicken.guru\u002Fprivacy-policy-2\u002F .\u003C\u002Fp>\n","This plugin allows an administrator to change the \"site admin email\", without sending a confirmation email from the server.",50000,389556,137,"2024-10-07T17:30:00.000Z","6.6.5","4.9","5.6",[119,120,121,23],"admin_email","change_admin_email","email","https:\u002F\u002Fgeneralchicken.guru\u002Fchange-admin-email\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchange-admin-email-setting-without-outbound-email.4.1.zip",92,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":135,"num_ratings":136,"last_updated":137,"tested_up_to":50,"requires_at_least":106,"requires_php":117,"tags":138,"homepage":140,"download_link":141,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"core-rollback","Core Rollback","1.4.1","Andy Fragen","https:\u002F\u002Fprofiles.wordpress.org\u002Fafragen\u002F","\u003Cp>Seamless rollback of WordPress Core to latest release or any outdated, secure release using the Core Update API and core update methods. Only latest release and outdated, secure releases are offered. Refer to https:\u002F\u002Fapi.wordpress.org\u002Fcore\u002Fstable-check\u002F1.0\u002F Logo from a meme generator. \u003Ca href=\"http:\u002F\u002Fhyperboleandahalf.blogspot.com\u002F2010\u002F06\u002Fthis-is-why-ill-never-be-adult.html\" rel=\"nofollow ugc\">Original artwork\u003C\u002Fa> by Allie Brosh.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>From the Tools menu select \u003Ccode>Rollback Core\u003C\u002Fcode>, select the version you wish to rollback to from the dropdown and click \u003Ccode>Rollback\u003C\u002Fcode>. You will be directed to the \u003Ccode>update-core.php\u003C\u002Fcode> page where you should see a button to \u003Ccode>Re-install\u003C\u002Fcode> your specified version.  If you move away from the \u003Ccode>update-core.php\u003C\u002Fcode> page before clicking the \u003Ccode>Re-install\u003C\u002Fcode> button you will have 15 seconds to return and complete the process or you will need to start over.\u003C\u002Fp>\n\u003Cp>In multisite use the Settings menu.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WARNING:\u003C\u002Fstrong> Downgrading WordPress Core may leave your site in an unusable state requiring a complete reinstall or a forced reinstall using WP-CLI, \u003Ccode>wp core update --force --version=5.5.3\u003C\u002Fcode>. It may also leave your site broken due to a plugin or theme incompatibility. \u003Cstrong>Use at your own risk.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Rollbacks use your current locale.\u003C\u002Fp>\n\u003Cp>PRs are welcome.\u003C\u002Fp>\n","Seamless rollback of WordPress Core to latest release or any outdated, secure release using the Core Update API and core update methods.",10000,147715,94,15,"2025-12-09T23:09:00.000Z",[97,74,23,139],"upgrade","https:\u002F\u002Fgithub.com\u002Fafragen\u002Fcore-rollback","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcore-rollback.1.4.1.zip",{"attackSurface":143,"codeSignals":239,"taintFlows":300,"riskAssessment":347,"analyzedAt":360},{"hooks":144,"ajaxHandlers":206,"restRoutes":235,"shortcodes":236,"cronEvents":237,"entryPointCount":238,"unprotectedCount":238},[145,152,158,161,166,169,173,177,181,186,190,194,198,202],{"type":146,"name":147,"callback":148,"priority":149,"file":150,"line":151},"filter","wpvivid_merge_query_lock","query_lock",9999,"includes\\class-wpvivid-snapshot-function.php",312,{"type":153,"name":154,"callback":155,"file":156,"line":157},"action","network_admin_menu","add_admin_menu","includes\\class-wpvivid-snapshot.php",27,{"type":153,"name":159,"callback":155,"file":156,"line":160},"admin_menu",31,{"type":153,"name":162,"callback":163,"priority":164,"file":156,"line":165},"admin_enqueue_scripts","enqueue_styles",11,34,{"type":153,"name":162,"callback":167,"priority":164,"file":156,"line":168},"enqueue_scripts",35,{"type":146,"name":170,"callback":171,"priority":149,"file":156,"line":172},"wpvivid_snapshot_get_screen_ids","get_screen_ids",36,{"type":146,"name":174,"callback":175,"priority":164,"file":156,"line":176},"wpvivid_get_toolbar_menus","get_toolbar_menus",38,{"type":146,"name":178,"callback":179,"file":156,"line":180},"wpvivid_check_create_snapshot","check_create_snapshot",48,{"type":153,"name":182,"callback":183,"priority":184,"file":156,"line":185},"wpvivid_create_snapshot","create_snapshot_ex",10,49,{"type":153,"name":187,"callback":188,"file":156,"line":189},"wpvivid_snapshot_add_sidebar","add_sidebar",53,{"type":153,"name":191,"callback":192,"priority":13,"file":156,"line":193},"admin_bar_menu","add_toolbar_items",61,{"type":153,"name":195,"callback":196,"file":156,"line":197},"admin_footer","quick_snapshot",62,{"type":146,"name":199,"callback":200,"priority":149,"file":156,"line":201},"wpvivid_snapshot_get_main_admin_menus","get_main_admin_menus",121,{"type":146,"name":203,"callback":204,"file":156,"line":205},"wpvivid_added_quick_snapshot","added_quick_snapshot",204,[207,211,215,219,223,227,231],{"action":182,"nopriv":208,"callback":209,"hasNonce":208,"hasCapCheck":208,"file":156,"line":210},false,"create_snapshot",40,{"action":212,"nopriv":208,"callback":213,"hasNonce":208,"hasCapCheck":208,"file":156,"line":214},"wpvivid_get_snapshot_progress","get_snapshot_progress",41,{"action":216,"nopriv":208,"callback":217,"hasNonce":208,"hasCapCheck":208,"file":156,"line":218},"wpvivid_resume_create_snapshot","resume_create_snapshot",43,{"action":220,"nopriv":208,"callback":221,"hasNonce":208,"hasCapCheck":208,"file":156,"line":222},"wpvivid_restore_snapshot","restore_snapshot",44,{"action":224,"nopriv":208,"callback":225,"hasNonce":208,"hasCapCheck":208,"file":156,"line":226},"wpvivid_get_restore_snapshot_status","get_restore_snapshot_status",45,{"action":228,"nopriv":208,"callback":229,"hasNonce":208,"hasCapCheck":208,"file":156,"line":230},"wpvivid_delete_snapshot","delete_snapshot",46,{"action":232,"nopriv":208,"callback":233,"hasNonce":208,"hasCapCheck":208,"file":156,"line":234},"wpvivid_set_snapshot_setting","set_setting",51,[],[],[],7,{"dangerousFunctions":240,"sqlUsage":241,"outputEscaping":273,"fileOperations":28,"externalRequests":28,"nonceChecks":101,"capabilityChecks":14,"bundledLibraries":299},[],{"prepared":164,"raw":242,"locations":243},13,[244,247,249,251,253,255,257,259,261,263,265,267,269],{"file":150,"line":245,"context":246},105,"$wpdb->query() with variable interpolation",{"file":150,"line":248,"context":246},106,{"file":150,"line":250,"context":246},107,{"file":150,"line":252,"context":246},108,{"file":150,"line":254,"context":246},164,{"file":150,"line":256,"context":246},165,{"file":150,"line":258,"context":246},166,{"file":150,"line":260,"context":246},167,{"file":150,"line":262,"context":246},364,{"file":150,"line":264,"context":246},371,{"file":150,"line":266,"context":246},372,{"file":150,"line":268,"context":246},439,{"file":270,"line":271,"context":272},"includes\\class-wpvivid-snapshot-options.php",22,"$wpdb->get_var() with variable interpolation",{"escaped":201,"rawEcho":164,"locations":274},[275,278,280,282,284,286,288,290,292,294,297],{"file":156,"line":276,"context":277},211,"raw output",{"file":156,"line":279,"context":277},1258,{"file":156,"line":281,"context":277},1278,{"file":156,"line":283,"context":277},1310,{"file":156,"line":285,"context":277},1334,{"file":156,"line":287,"context":277},1379,{"file":156,"line":289,"context":277},1410,{"file":156,"line":291,"context":277},1464,{"file":156,"line":293,"context":277},1487,{"file":295,"line":296,"context":277},"includes\\class-wpvivid-snapshots-list.php",279,{"file":295,"line":298,"context":277},337,[],[301,318,327,336],{"entryPoint":302,"graph":303,"unsanitizedCount":101,"severity":317},"create_snapshot (includes\\class-wpvivid-snapshot.php:1221)",{"nodes":304,"edges":315},[305,310],{"id":306,"type":307,"label":308,"file":156,"line":309},"n0","source","$_POST",1227,{"id":311,"type":312,"label":313,"file":156,"line":279,"wp_function":314},"n1","sink","echo() [XSS]","echo",[316],{"from":306,"to":311,"sanitized":208},"medium",{"entryPoint":319,"graph":320,"unsanitizedCount":101,"severity":317},"restore_snapshot (includes\\class-wpvivid-snapshot.php:1314)",{"nodes":321,"edges":325},[322,324],{"id":306,"type":307,"label":308,"file":156,"line":323},1320,{"id":311,"type":312,"label":313,"file":156,"line":285,"wp_function":314},[326],{"from":306,"to":311,"sanitized":208},{"entryPoint":328,"graph":329,"unsanitizedCount":101,"severity":317},"delete_snapshot (includes\\class-wpvivid-snapshot.php:1383)",{"nodes":330,"edges":334},[331,333],{"id":306,"type":307,"label":308,"file":156,"line":332},1389,{"id":311,"type":312,"label":313,"file":156,"line":289,"wp_function":314},[335],{"from":306,"to":311,"sanitized":208},{"entryPoint":337,"graph":338,"unsanitizedCount":28,"severity":346},"\u003Cclass-wpvivid-snapshot> (includes\\class-wpvivid-snapshot.php:0)",{"nodes":339,"edges":343},[340,342],{"id":306,"type":307,"label":341,"file":156,"line":309},"$_POST (x8)",{"id":311,"type":312,"label":313,"file":156,"line":279,"wp_function":314},[344],{"from":306,"to":311,"sanitized":345},true,"low",{"summary":348,"deductions":349},"The wpvivid-snapshot-database plugin v0.9.4 exhibits a concerning security posture primarily due to a significant number of unprotected AJAX handlers. The static analysis reveals 7 AJAX handlers, all of which lack authentication checks. This creates a substantial attack surface, allowing any user, including unauthenticated ones, to potentially trigger these functions. While the plugin shows strengths in other areas, such as a lack of dangerous functions, no file operations, no external HTTP requests, and a high percentage of output escaping, the unprotected AJAX handlers represent a critical weakness. The taint analysis, though limited in scope with only 4 flows analyzed, did identify 3 flows with unsanitized paths, indicating potential risks that were not classified as critical or high. The absence of any recorded vulnerabilities in its history is a positive sign, suggesting a generally stable codebase, but it does not negate the immediate risks identified in the current version's code. The presence of only one nonce check and two capability checks further highlights the inadequate security measures for its entry points.",[350,353,355,358],{"reason":351,"points":352},"7 unprotected AJAX handlers",20,{"reason":354,"points":136},"3 flows with unsanitized paths",{"reason":356,"points":357},"Only 1 nonce check",5,{"reason":359,"points":357},"Only 2 capability checks","2026-03-16T19:05:09.859Z",{"wat":362,"direct":371},{"assetPaths":363,"generatorPatterns":366,"scriptPaths":367,"versionParams":368},[364,365],"\u002Fwp-content\u002Fplugins\u002Fwpvivid-snapshot-database\u002Fassets\u002Fcss\u002Fwpvivid-snapshot.css","\u002Fwp-content\u002Fplugins\u002Fwpvivid-snapshot-database\u002Fassets\u002Fjs\u002Fwpvivid-snapshot.js",[],[365],[369,370],"wpvivid-snapshot-database\u002Fassets\u002Fcss\u002Fwpvivid-snapshot.css?ver=","wpvivid-snapshot-database\u002Fassets\u002Fjs\u002Fwpvivid-snapshot.js?ver=",{"cssClasses":372,"htmlComments":374,"htmlAttributes":375,"restEndpoints":376,"jsGlobals":386,"shortcodeOutput":396},[373],"wpvivid-quick-create-snapshot",[],[],[377,378,379,380,381,382,383,384,385],"\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fcreate","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fget_progress","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fresume_create","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Frestore","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fget_restore_status","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fdelete","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fcheck_create","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fcreate_ex","\u002Fwp-json\u002Fwpvivid-snapshot\u002Fv1\u002Fset_setting",[387,388,389,390,391,392,393,394,395],"wpvivid_snapshot_create_snapshot_ajax_object","wpvivid_snapshot_get_snapshot_progress_ajax_object","wpvivid_snapshot_resume_create_snapshot_ajax_object","wpvivid_snapshot_restore_snapshot_ajax_object","wpvivid_snapshot_get_restore_snapshot_status_ajax_object","wpvivid_snapshot_delete_snapshot_ajax_object","wpvivid_snapshot_check_create_snapshot_ajax_object","wpvivid_snapshot_create_snapshot_ex_ajax_object","wpvivid_snapshot_set_snapshot_setting_ajax_object",[]]