[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKYgfYFvPKZ2T1YUMH79HJhHB7cWCnw9IjAA7Y4p6Zvo":3},{"slug":4,"name":4,"version":5,"author":6,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":58,"crawl_stats":37,"alternatives":65,"analysis":170,"fingerprints":1142},"xili-dictionary","2.12.5.2","Michel - xiligroup dev","https:\u002F\u002Fprofiles.wordpress.org\u002Fmichelwppi\u002F","\u003Cp>\u003Cstrong>xili-dictionary is a dictionary storable in custom post type (CPT) and terms (custom taxonomy) to create, update and translate .po files or .mo files of current theme folder and of current plugins.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>xili-dictionary is a plugin (compatible with plugin xili-language) to build a multilingual dictionary saved in the post tables of WordPress as CPT to build .mo files (used online by WP website), .po files (file assigned to a language and used by translator, text format of compiled .mo), and now .pot files. A .pot file (of theme or plugin) can be generated from sources w\u002Fo importing entries in dictionary. Files are read and saved on the right place (languages sub-folder) but can also be download on your desktop computer.\u003C\u002Fli>\n\u003Cli>With this dictionary, collecting terms from taxonomies (title, description), from bloginfos, from wp_locale, from current theme – international terms with \u003Ccode>_e(), __() or _n() or _x(),  _ex(), _nx(),...\u003C\u002Fcode> and other functions as in I10n.php – , it is possible to create and update .mo file in the current theme folder and current plugins.\u003C\u002Fli>\n\u003Cli>By importing .mo files, it is possible to regenerate readable .po files and enrich translation tables.\u003C\u002Fli>\n\u003Cli>xili-dictionary is full compatible with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fxili-language\u002F\" rel=\"ugc\">xili-language\u003C\u002Fa> plugin and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fxili-tidy-tags\u002F\" rel=\"ugc\">xili-tidy-tags\u003C\u002Fa> plugin. Also compatible with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fxili-re-un-attach-media\u002F\" rel=\"ugc\">xili re\u002Fun-attach media\u003C\u002Fa> !\u003C\u002Fli>\n\u003Cli>xili-dictionary can be used w\u002Fo a multilingual plugin or with multilingual plugin based on taxonomy named ‘language’ (Polylang).\u003C\u002Fli>\n\u003Cli>As \u003Cem>educational plateform\u003C\u002Fem> in constant changing, xili-dictionary tries to use most of the WordPress Core functions and features (CPT, metabox, pointer, help, pomo libraries, …).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TESTERS WANTED\u003C\u002Fh4>\n\u003Cp>According some users, current versions can be stable with recent WP versions. BUT since 2 years, a new version is fully rewritten and tested in few websites. These new versions are available in Github and here in WP repository in tag \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fxili-dictionary\u002Fadvanced\u002F\" rel=\"ugc\">Advanced View\u003C\u002Fa>. Your feedback will be very valuable.\u003C\u002Fp>\n\u003Ch4>roadmap\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>code source renewed continiously with latest WP tools since WP 4.3\u003C\u002Fli>\n\u003Cli>readme rewritting\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Version 2.12.5.1 (updated 2025-03-06)\u003C\u002Fh4>\n\u003Ch4>Version 2.12.5.2 (updated 2025-05-31)\u003C\u002Fh4>\n\u003Cp>see \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fxili-dictionary\u002Fchangelog\u002F\" rel=\"ugc\">Changelog tab\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>More infos\u003C\u002Fh3>\n\u003Cp>This releases are for theme’s creator or designer with some knowledges in i18n. Help are more and more included inside help tabs of dashboard and each screen.\u003C\u002Fp>\n\u003Cp>The plugin post is frequently updated \u003Ca href=\"http:\u002F\u002Fwiki.xiligroup.org\u002Findex.php\u002FCategory:Xili-dictionary_plugin\" rel=\"nofollow ugc\">wiki.xiligroup.org\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>See \u003Ca href=\"http:\u002F\u002Fforum2.dev.xiligroup.com\u002Fforum.php?id=3\" rel=\"nofollow ugc\">dev.xiligroup forum plugins forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>See also the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fxili-dictionary\u002F\" rel=\"ugc\">WordPress plugins forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>© 2009-2016 MS – dev.xiligroup.com\u003C\u002Fp>\n","xili-dictionary is a multilingual dictionary storable in CPT and terms to create and translate .po files or .mo files and more (import, export...)",100,42722,66,3,"2025-06-01T12:34:00.000Z","4.9.29","3.6.1","",[19,20,21,22,23],"admin","dictionary","multilingual","pomo","taxonomy","http:\u002F\u002Fdev.xiligroup.com\u002Fxili-dictionary\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxili-dictionary.2.12.5.2.zip",77,2,1,"2025-06-23 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-52778","xili-dictionary-reflected-cross-site-scripting","xili-dictionary \u003C= 2.12.5.2 - Reflected Cross-Site Scripting","The xili-dictionary plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.12.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=2.12.5.2","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-07-01 17:33:25",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe4d61b69-f3de-4408-98f7-18027a47d168?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":51,"patched_in_version":52,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":53,"updated_date":54,"references":55,"days_to_patch":57},"CVE-2025-30840","xili-dictionary-reflected-cross-site-scripting-2","xili-dictionary \u003C= 2.12.5 - Reflected Cross-Site Scripting","The xili-dictionary plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.12.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=2.12.5","2.12.5.1","2025-03-27 00:00:00","2025-04-03 13:32:47",[56],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fff35d524-d97d-4fba-9f60-f40bb8aa2aa8?source=api-prod",8,{"slug":59,"display_name":6,"profile_url":7,"plugin_count":60,"total_installs":61,"avg_security_score":62,"avg_patch_time_days":63,"trust_score":12,"computed_at":64},"michelwppi",4,1870,69,83,"2026-04-05T09:28:13.172Z",[66,89,111,131,151],{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":10,"num_ratings":76,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":17,"tags":80,"homepage":84,"download_link":85,"security_score":86,"vuln_count":28,"unpatched_count":87,"last_vuln_date":88,"fetched_at":30},"radio-buttons-for-taxonomies","Radio Buttons for Taxonomies","2.4.7","HelgaTheViking","https:\u002F\u002Fprofiles.wordpress.org\u002Fhelgatheviking\u002F","\u003Cp>Replace the default taxonomy boxes with a custom metabox that uses radio buttons… effectively limiting each post to a single term in that taxonomy.\u003C\u002Fp>\n\u003Cp>A plugin options page allows the user can select which taxonomies she’d like to switch to using the custom radio-button style metabox.\u003C\u002Fp>\n\u003Cp>Originally based on the the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fstephenh1988\u002FRadio-Buttons-for-Taxonomies\" rel=\"nofollow ugc\">class by Stephen Harris\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Support is handled in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fradio-buttons-for-taxonomies\" rel=\"ugc\">WordPress forums\u003C\u002Fa>. Please note that support is limited and does not cover any custom implementation of the plugin. Before posting a question, read the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fradio-buttons-for-taxonomies\u002F#faq\" rel=\"ugc\">FAQ\u003C\u002Fa> and confirm that the problem still exists with a default theme and with all other plugins disabled.\u003C\u002Fp>\n\u003Cp>Please report any bugs, errors, warnings, code problems to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fhelgatheviking\u002FRadio-Buttons-for-Taxonomies\u002Fissues\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fp>\n","Replace the default taxonomy boxes with a custom metabox that uses radio buttons... effectively limiting each post to a single term in that taxonomy.",20000,335725,50,"2025-01-28T16:08:00.000Z","6.7.0","4.5.0",[19,81,82,23,83],"interface","post","ui","http:\u002F\u002Fwww.kathyisawesome.com\u002F441\u002Fradio-buttons-for-taxonomies","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fradio-buttons-for-taxonomies.2.4.7.zip",92,0,"2020-09-16 00:00:00",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":104,"tags":105,"homepage":109,"download_link":110,"security_score":10,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"bogo","Bogo","3.9.1","Rock Lobster Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Frocklobsterinc\u002F","\u003Cp>Bogo is a straight-forward multilingual plugin for WordPress.\u003C\u002Fp>\n\u003Cp>The core of WordPress itself has the built-in localization capability so you can use the dashboard and theme in one language other than English. Bogo expands this capability to let you easily build a multilingual blog on a single WordPress install.\u003C\u002Fp>\n\u003Cp>Here are some technical details for those interested. Bogo plugin assigns \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Farticle\u002Fmultilingual-wordpress\u002F#different-types-of-multilingual-plugins\" rel=\"ugc\">one language per post\u003C\u002Fa>. It plays nice with WordPress – Bogo does not create any additional custom table on your database, unlike some other plugins in this category. This design makes Bogo a solid, reliable and conflict-free multilingual plugin.\u003C\u002Fp>\n\u003Ch4>Getting started with Bogo\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>Install language packs\u003C\u002Fp>\n\u003Cp>First, install language packs for languages you use on the site. You can view and install language packs in the \u003Cstrong>Language Packs\u003C\u002Fstrong> screen (\u003Cstrong>Languages > Language Packs\u003C\u002Fstrong>).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Select your language for admin screen\u003C\u002Fp>\n\u003Cp>Bogo lets each logged-in user select a language for their admin screen UI. Select a language from the menu on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Farticle\u002Fadministration-screens\u002F#toolbar-keeping-it-all-together\" rel=\"ugc\">\u003Cstrong>Toolbar\u003C\u002Fstrong>\u003C\u002Fa>, or from the menu in the \u003Cstrong>Profile\u003C\u002Fstrong> screen (\u003Cstrong>Users > Your Profile\u003C\u002Fstrong>) if the \u003Cstrong>Toolbar\u003C\u002Fstrong> is invisible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Translate your posts and pages\u003C\u002Fp>\n\u003Cp>To create a translation post, go to the editor screen for the original post and find the \u003Cstrong>Language\u003C\u002Fstrong> box. Bogo does only make a copy of the post; translating the copied post is your task.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add language switcher widgets\u003C\u002Fp>\n\u003Cp>It would be useful for site visitors if you have a language switcher on your site. Bogo provides the \u003Cstrong>Language Switcher\u003C\u002Fstrong> widget in the \u003Cstrong>Widgets\u003C\u002Fstrong> screen (\u003Cstrong>Appearance > Widgets\u003C\u002Fstrong>).\u003C\u002Fp>\n\u003Cp>You can also use the \u003Ccode>[bogo]\u003C\u002Fcode> shortcode to put a language switcher inside a post content. If you want to use this shortcode in your theme’s template files, embed the following code into the template:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php echo do_shortcode( '[bogo]' ); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Privacy notices\u003C\u002Fh4>\n\u003Cp>With the default configuration, this plugin, in itself, does not:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>track users by stealth;\u003C\u002Fli>\n\u003Cli>write any user personal data to the database;\u003C\u002Fli>\n\u003Cli>send any data to external servers;\u003C\u002Fli>\n\u003Cli>use cookies.\u003C\u002Fli>\n\u003C\u002Ful>\n","A straight-forward multilingual plugin. No more double-digit custom DB tables or hidden HTML comments that could cause you headaches later on.",10000,250900,90,46,"2025-11-30T08:49:00.000Z","6.9.4","6.7","7.4",[19,106,107,108,21],"language","locale","localization","https:\u002F\u002Fcontactform7.com\u002F2025\u002F09\u002F23\u002Fmulti-language-wordpress-without-vendor-lock-in-risks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbogo.3.9.1.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":97,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":102,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":129,"download_link":130,"security_score":10,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"term-management-tools","Term Management Tools","2.0.2","scribu","https:\u002F\u002Fprofiles.wordpress.org\u002Fscribu\u002F","\u003Cp>\u003Cem>Please note this plugin requires at least PHP 7.1.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>If you need to reorganize your tags and categories, this plugin will make it easier for you. It adds three new options to the Bulk Actions dropdown on term management pages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Merge – combine two or more terms into one\u003C\u002Fli>\n\u003Cli>Set Parent – set the parent for one or more terms (for hierarchical taxonomies)\u003C\u002Fli>\n\u003Cli>Change Taxonomy – convert terms from one taxonomy to another\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It works with tags, categories and \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FCustom_Taxonomies\" rel=\"nofollow ugc\">custom taxonomies\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to the taxonomy page containing terms you want to modify. For example, for categories go to \u003Ccode>WP-Admin \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Posts \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Categories\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Select the terms you want to reorganize\u003C\u002Fli>\n\u003Cli>Find the Bulk Actions dropdown, and select the task you’d like done.\u003C\u002Fli>\n\u003Cli>Disco.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>WPML\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpml.org\" rel=\"nofollow ugc\">WPML\u003C\u002Fa>-translated terms are partially supported. Currently only the “Change Taxonomy” task is WPML-aware. If a term with translations is moved to a new taxonomy, its translations are moved as well, and the translation relationships are preserved.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Currently only the “Change Taxonomy” task is WPML-aware\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Work on the WPML component was sponsored by the \u003Ca href=\"https:\u002F\u002Fwww.rainforest-alliance.org\u002F\" rel=\"nofollow ugc\">Rainforest Alliance\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Limited support is handled in the forum created for this purpose (see the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fterm-management-tools\u002F\" rel=\"ugc\">support\u003C\u002Fa> tab on wp.org).\u003C\u002Fp>\n\u003Cp>Find a problem? Fixes can be submitted on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FtheMikeD\u002Fwp-term-management-tools\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Upgrading from a previous version\u003C\u002Fh3>\n\u003Cp>Use the upgrade link in the Dashboard (Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Updates) to upgrade this plugin.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>Initial version of this plugin was by \u003Ca href=\"http:\u002F\u002Fscribu.net\u002F\" rel=\"nofollow ugc\">scribu\u003C\u002Fa>, with contributions from others. See full code history on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FtheMikeD\u002Fwp-term-management-tools\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fp>\n","Allows you to merge terms, move terms between taxonomies, and set term parents, individually or in bulk.",471365,98,76,"2025-12-11T16:11:00.000Z","4.2","7.1",[19,126,127,23,128],"category","tag","term","https:\u002F\u002Fwww.codenamemiked.com\u002Fplugins\u002Fterm-management-tools\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fterm-management-tools.2.0.2.zip",{"slug":132,"name":133,"version":134,"author":135,"author_profile":136,"description":137,"short_description":138,"active_installs":139,"downloaded":140,"rating":99,"num_ratings":141,"last_updated":142,"tested_up_to":143,"requires_at_least":144,"requires_php":17,"tags":145,"homepage":149,"download_link":150,"security_score":10,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"admin-taxonomy-filter","Admin Taxonomy Filter","1.0.5","Anh Tran","https:\u002F\u002Fprofiles.wordpress.org\u002Frilwis\u002F","\u003Cp>\u003Cstrong>Admin Taxonomy Filter\u003C\u002Fstrong> helps you to filter posts or custom post types in the admin area (the post list table) by custom taxonomies. It’s similar to filter posts by categories, which is supported by default.\u003C\u002Fp>\n\u003Cp>The plugin supports filter by multiple taxonomies and has settings to let you choose which taxonomies are filterable.\u003C\u002Fp>\n\u003Cp>The plugin is open source and hosted on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frilwis\u002Fadmin-taxonomy-filter\u002F\" rel=\"nofollow ugc\">Github\u003C\u002Fa>. If you have any problem or feedback, please open an issue.\u003C\u002Fp>\n\u003Ch3>You might also like\u003C\u002Fh3>\n\u003Cp>If you like this plugin, you might also like our other WordPress products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmetabox.io\" rel=\"nofollow ugc\">Meta Box\u003C\u002Fa> – A powerful WordPress plugin for creating custom post types and custom fields.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpslimseo.com\" rel=\"nofollow ugc\">Slim SEO\u003C\u002Fa> – A fast, lightweight and full-featured SEO plugin for WordPress with minimal configuration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgretathemes.com\" rel=\"nofollow ugc\">GretaThemes\u003C\u002Fa> – Free and premium WordPress themes that clean, simple and just work.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpautolistings.com\" rel=\"nofollow ugc\">Auto Listings\u003C\u002Fa> – A car sale and dealership plugin for WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n","Filter posts or custom post types in the admin area by custom taxonomies.",5000,56332,14,"2025-10-06T01:39:00.000Z","6.8.5","4.3",[19,146,147,23,148],"post-filter","post-list","taxonomy-filter","https:\u002F\u002Felightup.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-taxonomy-filter.1.0.5.zip",{"slug":152,"name":153,"version":154,"author":155,"author_profile":156,"description":157,"short_description":158,"active_installs":159,"downloaded":160,"rating":10,"num_ratings":161,"last_updated":162,"tested_up_to":102,"requires_at_least":163,"requires_php":104,"tags":164,"homepage":168,"download_link":169,"security_score":10,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"admin-category-filter","Post Category Filter (WP Admin)","1.7.3","Ivijan-Stefan Stipic","https:\u002F\u002Fprofiles.wordpress.org\u002Fivijanstefan\u002F","\u003Cp>Post Category Filter allows you to filter your post categories and custom taxonomies by adding a fast and intuitive search box on top of the term lists. As you type, the list updates instantly and shows only the categories or terms that match your query, making navigation quick even on sites with hundreds or thousands of entries.\u003C\u002Fp>\n\u003Cp>This plugin is designed for users who work with large WordPress websites, complex content structures, or extensive taxonomy sets. Instead of scrolling endlessly through long category lists, you can simply type a few letters and immediately locate the term you need. It provides a smoother editorial workflow and helps reduce time spent searching for the right category during post creation or editing.\u003C\u002Fp>\n\u003Cp>Post Category Filter works seamlessly inside the WordPress admin interface and supports all public taxonomies, including custom taxonomies created by themes or plugins. It does not modify your categories or database in any way. It simply adds an efficient, lightweight search layer to help you manage and assign terms more effectively.\u003C\u002Fp>\n\u003Cp>If you maintain a high volume of content, run news or magazine style websites, or organize your posts through detailed taxonomies, this plugin can significantly improve your daily publishing workflow. It is a simple but powerful solution for anyone looking to optimize category management, streamline content editing, and enhance usability in the WordPress admin area.\u003C\u002Fp>\n\u003Ch4>Want to contribute?\u003C\u002Fh4>\n\u003Cp>You can follow the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FInfinitumForm\u002Fpost-category-filter\" rel=\"nofollow ugc\">Github repository\u003C\u002Fa> and submit issues or pull requests.\u003C\u002Fp>\n\u003Ch3>Adoption Notice\u003C\u002Fh3>\n\u003Cp>This plugin represents the continued development of the original “Admin Category Filter” created by Javier Villanueva (@jahvi).\u003C\u002Fp>\n\u003Cp>The project has been revived with the intention of ensuring long-term stability, modern compatibility, and responsible maintenance while preserving the core functionality that made the original plugin widely used.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Original author: Javier Villanueva (jahvi)\u003Cbr \u002F>\nMaintainer and current developer: Ivijan Stefan Stipic (INFINITUM FORM)\u003C\u002Fp>\n\u003Ch3>Legal Notice\u003C\u002Fh3>\n\u003Cp>This plugin retains the original GPLv2 license from the upstream version authored by Javier Villanueva (@jahvi).\u003C\u002Fp>\n\u003Cp>All new contributions are © 2025 Ivijan Stefan Stipic and released under the same GPLv2-or-later license.\u003C\u002Fp>\n","Quickly search and filter categories and taxonomies inside the WordPress admin.",1000,42764,25,"2026-03-02T08:55:00.000Z","6.0",[19,165,166,167,23],"categories","filter","posts","https:\u002F\u002Finfinitumform.com\u002Fprojects\u002Fadmin-category-filter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-category-filter.1.7.3.zip",{"attackSurface":171,"codeSignals":420,"taintFlows":868,"riskAssessment":1127,"analyzedAt":1141},{"hooks":172,"ajaxHandlers":400,"restRoutes":417,"shortcodes":418,"cronEvents":419,"entryPointCount":60,"unprotectedCount":87},[173,179,182,185,188,191,194,197,200,203,206,210,215,218,221,226,230,234,238,242,246,250,254,258,262,266,269,273,277,281,285,289,293,297,301,305,309,313,316,319,323,327,331,335,339,342,346,350,355,359,363,367,371,375,379,383,387,391,395],{"type":174,"name":175,"callback":176,"file":177,"line":178},"action","admin_menu","dictionary_menus_pages","xili-dictionary.php",237,{"type":174,"name":175,"callback":180,"file":177,"line":181},"admin_sub_menus_hide",238,{"type":174,"name":183,"callback":183,"file":177,"line":184},"admin_init",242,{"type":174,"name":183,"callback":186,"file":177,"line":187},"ext_style_init",243,{"type":174,"name":183,"callback":189,"file":177,"line":190},"xd_erasing_init_settings",244,{"type":174,"name":183,"callback":192,"file":177,"line":193},"xd_importing_init_settings",245,{"type":174,"name":183,"callback":195,"file":177,"line":196},"xd_download_init_settings",246,{"type":174,"name":183,"callback":198,"file":177,"line":199},"download_file_if",247,{"type":174,"name":201,"callback":201,"file":177,"line":202},"admin_head",250,{"type":174,"name":201,"callback":204,"file":177,"line":205},"check_post_type_and_remove_media_buttons",251,{"type":174,"name":207,"callback":208,"file":177,"line":209},"add_meta_boxes","add_custom_box_in_post_msg",259,{"type":174,"name":211,"callback":212,"priority":213,"file":177,"line":214},"init","set_roles_capabilities",9,261,{"type":174,"name":211,"callback":216,"priority":213,"file":177,"line":217},"post_type_msg",262,{"type":174,"name":211,"callback":219,"file":177,"line":220},"xili_dictionary_register_taxonomies",263,{"type":166,"name":222,"callback":223,"priority":224,"file":177,"line":225},"plugin_locale","get_plugin_domain_array",10,265,{"type":166,"name":227,"callback":228,"priority":213,"file":177,"line":229},"manage_posts_columns","xili_manage_column_name",268,{"type":166,"name":231,"callback":232,"priority":213,"file":177,"line":233},"manage_pages_custom_column","xili_manage_column_row",269,{"type":166,"name":235,"callback":236,"file":177,"line":237},"request","msgcontent_column_orderby",271,{"type":174,"name":239,"callback":240,"file":177,"line":241},"restrict_manage_posts","restrict_manage_languages_posts",274,{"type":174,"name":243,"callback":244,"file":177,"line":245},"category_add_form","add_content_in_taxonomy_edit_form",278,{"type":166,"name":247,"callback":248,"priority":224,"file":177,"line":249},"manage_category_custom_column","xili_manage_tax_column",279,{"type":174,"name":251,"callback":252,"file":177,"line":253},"after-category-table","add_import_in_XD_button",280,{"type":174,"name":255,"callback":256,"file":177,"line":257},"parse_query","show_imported_msgs_in_xdmg_list",281,{"type":166,"name":259,"callback":260,"file":177,"line":261},"query_vars","keywords_addQueryVar",282,{"type":174,"name":239,"callback":263,"priority":264,"file":177,"line":265},"restrict_manage_writer_posts",11,285,{"type":174,"name":239,"callback":267,"priority":224,"file":177,"line":268},"restrict_manage_origin_posts",286,{"type":174,"name":270,"callback":271,"file":177,"line":272},"pre_get_posts","wpse6066_pre_get_posts",287,{"type":174,"name":274,"callback":275,"priority":224,"file":177,"line":276},"category_edit_form_fields","show_translation_msgstr",290,{"type":174,"name":278,"callback":279,"priority":27,"file":177,"line":280},"wp_print_scripts","auto_save_unsetting",292,{"type":166,"name":282,"callback":283,"file":177,"line":284},"user_can_richedit","disable_richedit_for_cpt",294,{"type":166,"name":286,"callback":287,"priority":224,"file":177,"line":288},"page_row_actions","remove_quick_edit",297,{"type":174,"name":290,"callback":291,"priority":264,"file":177,"line":292},"save_post","custom_post_type_title",299,{"type":174,"name":290,"callback":294,"priority":295,"file":177,"line":296},"msgid_post_new_create",12,300,{"type":174,"name":290,"callback":298,"priority":299,"file":177,"line":300},"update_msg_comments",13,301,{"type":166,"name":302,"callback":303,"file":177,"line":304},"post_updated_messages","msg_post_messages",302,{"type":174,"name":306,"callback":307,"file":177,"line":308},"before_delete_post","msgid_post_links_delete",304,{"type":174,"name":310,"callback":311,"file":177,"line":312},"admin_print_styles-post.php","print_styles_xdmsg_edit",306,{"type":174,"name":314,"callback":311,"file":177,"line":315},"admin_print_styles-post-new.php",307,{"type":174,"name":310,"callback":317,"file":177,"line":318},"admin_enqueue_styles",309,{"type":174,"name":320,"callback":321,"file":177,"line":322},"admin_print_scripts-post.php","admin_enqueue_scripts",310,{"type":174,"name":324,"callback":325,"file":177,"line":326},"admin_print_styles-edit.php","print_styles_xdmsg_list",312,{"type":174,"name":328,"callback":329,"file":177,"line":330},"admin_print_styles-edit-tags.php","print_styles_edit_tags",313,{"type":174,"name":332,"callback":333,"file":177,"line":334},"admin_print_styles-xdmsg_page_dictionary_page","print_styles_xdmsg_tool",315,{"type":174,"name":336,"callback":337,"file":177,"line":338},"admin_print_styles-xdmsg_page_erase_dictionary_page","print_styles_new_ui",316,{"type":174,"name":340,"callback":337,"file":177,"line":341},"admin_print_styles-xdmsg_page_import_dictionary_page",317,{"type":166,"name":343,"callback":344,"priority":224,"file":177,"line":345},"plugin_action_links","xilidict_filter_plugin_actions",323,{"type":174,"name":347,"callback":348,"file":177,"line":349},"switch_theme","xd_theme_switched",326,{"type":166,"name":351,"callback":352,"priority":353,"file":177,"line":354},"gettext","detect_plugin_frontent_msg",5,330,{"type":174,"name":356,"callback":357,"priority":10,"file":177,"line":358},"wp","start_detect_plugin_msg",333,{"type":174,"name":360,"callback":361,"file":177,"line":362},"shutdown","end_detect_plugin_msg",335,{"type":174,"name":364,"callback":365,"file":177,"line":366},"export_filters","message_export_limited",337,{"type":174,"name":368,"callback":369,"priority":224,"file":177,"line":370},"contextual_help","add_help_text",339,{"type":166,"name":372,"callback":373,"file":177,"line":374},"other_multilingual_plugin_filter_terms","Polylang_language_terms_compat",489,{"type":166,"name":376,"callback":377,"file":177,"line":378},"other_multilingual_plugin_filter_term","Polylang_language_one_term_compat",490,{"type":174,"name":380,"callback":381,"file":177,"line":382},"edit_form_top","msg_subtitle",641,{"type":174,"name":384,"callback":385,"file":177,"line":386},"admin_print_footer_scripts","print_the_pointers_js",3226,{"type":166,"name":388,"callback":389,"priority":224,"file":177,"line":390},"xd-pot-scanning-project","xd_pot_scanning_xili_project",8869,{"type":166,"name":392,"callback":393,"file":177,"line":394},"upload_dir","xili_change_upload_subdir",9925,{"type":174,"name":396,"callback":397,"priority":398,"file":177,"line":399},"plugins_loaded","xili_dictionary_start",20,9947,[401,407,411,414],{"action":402,"nopriv":403,"callback":404,"hasNonce":405,"hasCapCheck":403,"file":177,"line":406},"xd_erasing_process",false,"erasing_process_callback",true,254,{"action":408,"nopriv":403,"callback":409,"hasNonce":405,"hasCapCheck":403,"file":177,"line":410},"xd_importing_process","importing_process_callback",255,{"action":412,"nopriv":403,"callback":412,"hasNonce":405,"hasCapCheck":403,"file":177,"line":413},"xd_live_state_file",256,{"action":415,"nopriv":403,"callback":415,"hasNonce":405,"hasCapCheck":403,"file":177,"line":416},"xd_from_file_exists",257,[],[],[],{"dangerousFunctions":421,"sqlUsage":435,"outputEscaping":438,"fileOperations":213,"externalRequests":87,"nonceChecks":863,"capabilityChecks":295,"bundledLibraries":864},[422,426,428,432],{"fn":423,"file":177,"line":424,"context":425},"unserialize",486,"$desc_array = unserialize( $language->description );",{"fn":423,"file":177,"line":427,"context":425},509,{"fn":429,"file":177,"line":430,"context":431},"exec",8202,"@exec( \"gzip $diskfile\" );",{"fn":423,"file":177,"line":433,"context":434},9477,"$strings = unserialize($post->post_content);",{"prepared":436,"raw":87,"locations":437},15,[],{"escaped":439,"rawEcho":440,"locations":441},45,213,[442,445,447,449,451,453,455,457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,557,559,561,563,565,567,569,571,573,575,577,579,581,583,585,587,589,591,593,595,597,599,601,603,605,607,609,611,613,615,617,619,621,623,625,627,629,631,633,635,637,639,641,643,645,647,649,651,653,655,657,659,661,663,665,667,669,671,673,675,677,679,681,683,685,687,689,691,693,695,696,698,699,701,703,705,707,709,711,713,715,717,719,721,723,725,727,729,731,733,735,737,738,740,741,743,745,747,749,751,753,755,757,759,761,763,765,767,769,771,773,775,777,779,781,783,785,787,789,791,793,795,797,798,800,802,804,806,808,810,812,814,816,818,820,822,824,826,828,830,832,834,836,838,840,842,844,846,847,849,851,853,855,857,859,861],{"file":177,"line":443,"context":444},654,"raw output",{"file":177,"line":446,"context":444},655,{"file":177,"line":448,"context":444},656,{"file":177,"line":450,"context":444},657,{"file":177,"line":452,"context":444},662,{"file":177,"line":454,"context":444},667,{"file":177,"line":456,"context":444},674,{"file":177,"line":458,"context":444},784,{"file":177,"line":460,"context":444},832,{"file":177,"line":462,"context":444},1230,{"file":177,"line":464,"context":444},1231,{"file":177,"line":466,"context":444},1234,{"file":177,"line":468,"context":444},1236,{"file":177,"line":470,"context":444},1239,{"file":177,"line":472,"context":444},1243,{"file":177,"line":474,"context":444},1246,{"file":177,"line":476,"context":444},1248,{"file":177,"line":478,"context":444},1254,{"file":177,"line":480,"context":444},1259,{"file":177,"line":482,"context":444},1270,{"file":177,"line":484,"context":444},1271,{"file":177,"line":486,"context":444},1441,{"file":177,"line":488,"context":444},1450,{"file":177,"line":490,"context":444},1451,{"file":177,"line":492,"context":444},1509,{"file":177,"line":494,"context":444},1522,{"file":177,"line":496,"context":444},1547,{"file":177,"line":498,"context":444},1554,{"file":177,"line":500,"context":444},1568,{"file":177,"line":502,"context":444},1573,{"file":177,"line":504,"context":444},1937,{"file":177,"line":506,"context":444},1941,{"file":177,"line":508,"context":444},1944,{"file":177,"line":510,"context":444},1981,{"file":177,"line":512,"context":444},2024,{"file":177,"line":514,"context":444},2063,{"file":177,"line":516,"context":444},2067,{"file":177,"line":518,"context":444},2070,{"file":177,"line":520,"context":444},2074,{"file":177,"line":522,"context":444},2077,{"file":177,"line":524,"context":444},2104,{"file":177,"line":526,"context":444},2110,{"file":177,"line":528,"context":444},2119,{"file":177,"line":530,"context":444},2250,{"file":177,"line":532,"context":444},2252,{"file":177,"line":534,"context":444},2266,{"file":177,"line":536,"context":444},2268,{"file":177,"line":538,"context":444},2383,{"file":177,"line":540,"context":444},2395,{"file":177,"line":542,"context":444},2436,{"file":177,"line":544,"context":444},2448,{"file":177,"line":546,"context":444},2472,{"file":177,"line":548,"context":444},2632,{"file":177,"line":550,"context":444},2647,{"file":177,"line":552,"context":444},2730,{"file":177,"line":554,"context":444},2789,{"file":177,"line":556,"context":444},2815,{"file":177,"line":558,"context":444},2834,{"file":177,"line":560,"context":444},2836,{"file":177,"line":562,"context":444},2848,{"file":177,"line":564,"context":444},2850,{"file":177,"line":566,"context":444},2881,{"file":177,"line":568,"context":444},2889,{"file":177,"line":570,"context":444},2896,{"file":177,"line":572,"context":444},2898,{"file":177,"line":574,"context":444},2900,{"file":177,"line":576,"context":444},2902,{"file":177,"line":578,"context":444},2905,{"file":177,"line":580,"context":444},2983,{"file":177,"line":582,"context":444},2984,{"file":177,"line":584,"context":444},2986,{"file":177,"line":586,"context":444},3001,{"file":177,"line":588,"context":444},3003,{"file":177,"line":590,"context":444},3005,{"file":177,"line":592,"context":444},3014,{"file":177,"line":594,"context":444},3016,{"file":177,"line":596,"context":444},3091,{"file":177,"line":598,"context":444},3097,{"file":177,"line":600,"context":444},3102,{"file":177,"line":602,"context":444},3103,{"file":177,"line":604,"context":444},3110,{"file":177,"line":606,"context":444},3128,{"file":177,"line":608,"context":444},3130,{"file":177,"line":610,"context":444},3132,{"file":177,"line":612,"context":444},3134,{"file":177,"line":614,"context":444},3413,{"file":177,"line":616,"context":444},3418,{"file":177,"line":618,"context":444},3421,{"file":177,"line":620,"context":444},3427,{"file":177,"line":622,"context":444},3430,{"file":177,"line":624,"context":444},3454,{"file":177,"line":626,"context":444},3458,{"file":177,"line":628,"context":444},3478,{"file":177,"line":630,"context":444},3515,{"file":177,"line":632,"context":444},3516,{"file":177,"line":634,"context":444},3552,{"file":177,"line":636,"context":444},3564,{"file":177,"line":638,"context":444},3565,{"file":177,"line":640,"context":444},3569,{"file":177,"line":642,"context":444},3612,{"file":177,"line":644,"context":444},3613,{"file":177,"line":646,"context":444},3614,{"file":177,"line":648,"context":444},3623,{"file":177,"line":650,"context":444},3625,{"file":177,"line":652,"context":444},3627,{"file":177,"line":654,"context":444},3672,{"file":177,"line":656,"context":444},3685,{"file":177,"line":658,"context":444},3686,{"file":177,"line":660,"context":444},3693,{"file":177,"line":662,"context":444},3695,{"file":177,"line":664,"context":444},3697,{"file":177,"line":666,"context":444},3699,{"file":177,"line":668,"context":444},3774,{"file":177,"line":670,"context":444},3778,{"file":177,"line":672,"context":444},3804,{"file":177,"line":674,"context":444},3810,{"file":177,"line":676,"context":444},3815,{"file":177,"line":678,"context":444},3817,{"file":177,"line":680,"context":444},3826,{"file":177,"line":682,"context":444},3828,{"file":177,"line":684,"context":444},3830,{"file":177,"line":686,"context":444},3832,{"file":177,"line":688,"context":444},3868,{"file":177,"line":690,"context":444},3870,{"file":177,"line":692,"context":444},3902,{"file":177,"line":694,"context":444},3903,{"file":177,"line":694,"context":444},{"file":177,"line":697,"context":444},3904,{"file":177,"line":697,"context":444},{"file":177,"line":700,"context":444},3905,{"file":177,"line":702,"context":444},3909,{"file":177,"line":704,"context":444},3915,{"file":177,"line":706,"context":444},3919,{"file":177,"line":708,"context":444},3922,{"file":177,"line":710,"context":444},3954,{"file":177,"line":712,"context":444},3956,{"file":177,"line":714,"context":444},3958,{"file":177,"line":716,"context":444},3959,{"file":177,"line":718,"context":444},3960,{"file":177,"line":720,"context":444},3984,{"file":177,"line":722,"context":444},4061,{"file":177,"line":724,"context":444},4065,{"file":177,"line":726,"context":444},4804,{"file":177,"line":728,"context":444},4814,{"file":177,"line":730,"context":444},4815,{"file":177,"line":732,"context":444},4821,{"file":177,"line":734,"context":444},4823,{"file":177,"line":736,"context":444},4824,{"file":177,"line":736,"context":444},{"file":177,"line":739,"context":444},4828,{"file":177,"line":739,"context":444},{"file":177,"line":742,"context":444},4854,{"file":177,"line":744,"context":444},5077,{"file":177,"line":746,"context":444},5083,{"file":177,"line":748,"context":444},6767,{"file":177,"line":750,"context":444},6852,{"file":177,"line":752,"context":444},6982,{"file":177,"line":754,"context":444},7004,{"file":177,"line":756,"context":444},7086,{"file":177,"line":758,"context":444},7293,{"file":177,"line":760,"context":444},7322,{"file":177,"line":762,"context":444},7362,{"file":177,"line":764,"context":444},7391,{"file":177,"line":766,"context":444},7417,{"file":177,"line":768,"context":444},7448,{"file":177,"line":770,"context":444},7510,{"file":177,"line":772,"context":444},7643,{"file":177,"line":774,"context":444},7943,{"file":177,"line":776,"context":444},7944,{"file":177,"line":778,"context":444},7948,{"file":177,"line":780,"context":444},7951,{"file":177,"line":782,"context":444},7956,{"file":177,"line":784,"context":444},7988,{"file":177,"line":786,"context":444},8025,{"file":177,"line":788,"context":444},8060,{"file":177,"line":790,"context":444},8062,{"file":177,"line":792,"context":444},8064,{"file":177,"line":794,"context":444},8066,{"file":177,"line":796,"context":444},8321,{"file":177,"line":796,"context":444},{"file":177,"line":799,"context":444},8323,{"file":177,"line":801,"context":444},8333,{"file":177,"line":803,"context":444},8335,{"file":177,"line":805,"context":444},8337,{"file":177,"line":807,"context":444},8339,{"file":177,"line":809,"context":444},8368,{"file":177,"line":811,"context":444},8605,{"file":177,"line":813,"context":444},8634,{"file":177,"line":815,"context":444},8635,{"file":177,"line":817,"context":444},8712,{"file":177,"line":819,"context":444},8747,{"file":177,"line":821,"context":444},8762,{"file":177,"line":823,"context":444},8763,{"file":177,"line":825,"context":444},8804,{"file":177,"line":827,"context":444},8807,{"file":177,"line":829,"context":444},8808,{"file":177,"line":831,"context":444},8809,{"file":177,"line":833,"context":444},9537,{"file":177,"line":835,"context":444},9539,{"file":177,"line":837,"context":444},9551,{"file":177,"line":839,"context":444},9555,{"file":177,"line":841,"context":444},9559,{"file":177,"line":843,"context":444},9564,{"file":177,"line":845,"context":444},9837,{"file":177,"line":845,"context":444},{"file":177,"line":848,"context":444},9841,{"file":177,"line":850,"context":444},9842,{"file":177,"line":852,"context":444},9843,{"file":177,"line":854,"context":444},9844,{"file":177,"line":856,"context":444},9845,{"file":177,"line":858,"context":444},9846,{"file":177,"line":860,"context":444},9847,{"file":177,"line":862,"context":444},9851,22,[865],{"name":866,"version":37,"knownCves":867},"DataTables",[],[869,885,894,903,927,937,946,955,995,1005,1026],{"entryPoint":870,"graph":871,"unsanitizedCount":28,"severity":39},"msg_untranslated_list_box (xili-dictionary.php:1407)",{"nodes":872,"edges":883},[873,878],{"id":874,"type":875,"label":876,"file":177,"line":877},"n0","source","$_GET",1436,{"id":879,"type":880,"label":881,"file":177,"line":486,"wp_function":882},"n1","sink","echo() [XSS]","echo",[884],{"from":874,"to":879,"sanitized":403},{"entryPoint":886,"graph":887,"unsanitizedCount":28,"severity":39},"restrict_manage_languages_posts (xili-dictionary.php:2014)",{"nodes":888,"edges":892},[889,891],{"id":874,"type":875,"label":876,"file":177,"line":890},2023,{"id":879,"type":880,"label":881,"file":177,"line":512,"wp_function":882},[893],{"from":874,"to":879,"sanitized":403},{"entryPoint":895,"graph":896,"unsanitizedCount":28,"severity":39},"xd_sub_selection__setting_callback_row (xili-dictionary.php:6967)",{"nodes":897,"edges":901},[898,900],{"id":874,"type":875,"label":876,"file":177,"line":899},6981,{"id":879,"type":880,"label":881,"file":177,"line":752,"wp_function":882},[902],{"from":874,"to":879,"sanitized":403},{"entryPoint":904,"graph":905,"unsanitizedCount":28,"severity":39},"erasing_process_callback (xili-dictionary.php:7533)",{"nodes":906,"edges":923},[907,910,914,917,921],{"id":874,"type":875,"label":908,"file":177,"line":909},"$_POST",7552,{"id":879,"type":880,"label":911,"file":177,"line":912,"wp_function":913},"update_option() [Settings Manipulation]",7599,"update_option",{"id":915,"type":875,"label":908,"file":177,"line":916},"n2",7619,{"id":918,"type":919,"label":920,"file":177,"line":916},"n3","transform","→ looping_output()",{"id":922,"type":880,"label":881,"file":177,"line":772,"wp_function":882},"n4",[924,925,926],{"from":874,"to":879,"sanitized":405},{"from":915,"to":918,"sanitized":403},{"from":918,"to":922,"sanitized":403},{"entryPoint":928,"graph":929,"unsanitizedCount":27,"severity":39},"xili_dictionary_download (xili-dictionary.php:7929)",{"nodes":930,"edges":935},[931,934],{"id":874,"type":875,"label":932,"file":177,"line":933},"$_POST (x2)",7946,{"id":879,"type":880,"label":881,"file":177,"line":778,"wp_function":882},[936],{"from":874,"to":879,"sanitized":403},{"entryPoint":938,"graph":939,"unsanitizedCount":28,"severity":39},"xd_file_download_setting_callback_row (xili-dictionary.php:7991)",{"nodes":940,"edges":944},[941,943],{"id":874,"type":875,"label":876,"file":177,"line":942},8024,{"id":879,"type":880,"label":881,"file":177,"line":786,"wp_function":882},[945],{"from":874,"to":879,"sanitized":403},{"entryPoint":947,"graph":948,"unsanitizedCount":28,"severity":39},"xd_file_importing_setting_callback_row (xili-dictionary.php:8644)",{"nodes":949,"edges":953},[950,952],{"id":874,"type":875,"label":876,"file":177,"line":951},8711,{"id":879,"type":880,"label":881,"file":177,"line":817,"wp_function":882},[954],{"from":874,"to":879,"sanitized":403},{"entryPoint":956,"graph":957,"unsanitizedCount":994,"severity":39},"importing_process_callback (xili-dictionary.php:8817)",{"nodes":958,"edges":986},[959,961,963,965,967,969,972,975,978,982,984],{"id":874,"type":875,"label":932,"file":177,"line":960},8848,{"id":879,"type":880,"label":911,"file":177,"line":962,"wp_function":913},8879,{"id":915,"type":875,"label":908,"file":177,"line":964},8867,{"id":918,"type":919,"label":966,"file":177,"line":964},"→ caching_file()",{"id":922,"type":880,"label":911,"file":177,"line":968,"wp_function":913},9277,{"id":970,"type":875,"label":908,"file":177,"line":971},"n5",8870,{"id":973,"type":919,"label":974,"file":177,"line":971},"n6","→ caching_pot_obj()",{"id":976,"type":880,"label":911,"file":177,"line":977,"wp_function":913},"n7",9236,{"id":979,"type":875,"label":980,"file":177,"line":981},"n8","$_POST (x5)",8871,{"id":983,"type":919,"label":920,"file":177,"line":981},"n9",{"id":985,"type":880,"label":881,"file":177,"line":772,"wp_function":882},"n10",[987,988,989,990,991,992,993],{"from":874,"to":879,"sanitized":405},{"from":915,"to":918,"sanitized":403},{"from":918,"to":922,"sanitized":403},{"from":970,"to":973,"sanitized":403},{"from":973,"to":976,"sanitized":403},{"from":979,"to":983,"sanitized":403},{"from":983,"to":985,"sanitized":403},7,{"entryPoint":996,"graph":997,"unsanitizedCount":87,"severity":1004},"msg_status_display (xili-dictionary.php:2547)",{"nodes":998,"edges":1002},[999,1001],{"id":874,"type":875,"label":876,"file":177,"line":1000},2574,{"id":879,"type":880,"label":881,"file":177,"line":548,"wp_function":882},[1003],{"from":874,"to":879,"sanitized":405},"low",{"entryPoint":1006,"graph":1007,"unsanitizedCount":28,"severity":1025},"xili_dictionary_settings (xili-dictionary.php:4095)",{"nodes":1008,"edges":1021},[1009,1011,1013,1015,1017],{"id":874,"type":875,"label":908,"file":177,"line":1010},4598,{"id":879,"type":880,"label":911,"file":177,"line":1012,"wp_function":913},4607,{"id":915,"type":875,"label":908,"file":177,"line":1014},4227,{"id":918,"type":919,"label":1016,"file":177,"line":1014},"→ safe_lang_term_creation()",{"id":922,"type":880,"label":1018,"file":177,"line":1019,"wp_function":1020},"get_row() [SQLi]",970,"get_row",[1022,1023,1024],{"from":874,"to":879,"sanitized":405},{"from":915,"to":918,"sanitized":403},{"from":918,"to":922,"sanitized":403},"high",{"entryPoint":1027,"graph":1028,"unsanitizedCount":299,"severity":1025},"\u003Cxili-dictionary> (xili-dictionary.php:0)",{"nodes":1029,"edges":1106},[1030,1032,1033,1036,1037,1038,1039,1041,1045,1047,1049,1050,1055,1057,1059,1061,1063,1065,1067,1070,1073,1075,1077,1079,1081,1083,1085,1087,1090,1093,1098,1101,1104],{"id":874,"type":875,"label":1031,"file":177,"line":877},"$_GET (x12)",{"id":879,"type":880,"label":881,"file":177,"line":486,"wp_function":882},{"id":915,"type":875,"label":1034,"file":177,"line":1035},"$_POST (x6)",1131,{"id":918,"type":880,"label":881,"file":177,"line":502,"wp_function":882},{"id":922,"type":875,"label":1034,"file":177,"line":1010},{"id":970,"type":880,"label":911,"file":177,"line":1012,"wp_function":913},{"id":973,"type":875,"label":908,"file":177,"line":1040},8121,{"id":976,"type":880,"label":1042,"file":177,"line":1043,"wp_function":1044},"file_get_contents() [SSRF\u002FLFI]",8218,"file_get_contents",{"id":979,"type":875,"label":908,"file":177,"line":1046},8843,{"id":983,"type":880,"label":1048,"file":177,"line":433,"wp_function":423},"unserialize() [Object Injection]",{"id":985,"type":875,"label":908,"file":177,"line":1046},{"id":1051,"type":880,"label":1052,"file":177,"line":1053,"wp_function":1054},"n11","get_var() [SQLi]",9504,"get_var",{"id":1056,"type":875,"label":908,"file":177,"line":1014},"n12",{"id":1058,"type":919,"label":1016,"file":177,"line":1014},"n13",{"id":1060,"type":880,"label":1018,"file":177,"line":1019,"wp_function":1020},"n14",{"id":1062,"type":875,"label":1034,"file":177,"line":916},"n15",{"id":1064,"type":919,"label":920,"file":177,"line":916},"n16",{"id":1066,"type":880,"label":881,"file":177,"line":772,"wp_function":882},"n17",{"id":1068,"type":875,"label":908,"file":177,"line":1069},"n18",8172,{"id":1071,"type":919,"label":1072,"file":177,"line":1069},"n19","→ transfer_file()",{"id":1074,"type":880,"label":1042,"file":177,"line":1043,"wp_function":1044},"n20",{"id":1076,"type":875,"label":908,"file":177,"line":964},"n21",{"id":1078,"type":919,"label":966,"file":177,"line":964},"n22",{"id":1080,"type":880,"label":911,"file":177,"line":968,"wp_function":913},"n23",{"id":1082,"type":875,"label":908,"file":177,"line":971},"n24",{"id":1084,"type":919,"label":974,"file":177,"line":971},"n25",{"id":1086,"type":880,"label":911,"file":177,"line":977,"wp_function":913},"n26",{"id":1088,"type":875,"label":932,"file":177,"line":1089},"n27",9006,{"id":1091,"type":919,"label":1092,"file":177,"line":1089},"n28","→ find_files()",{"id":1094,"type":880,"label":1095,"file":177,"line":1096,"wp_function":1097},"n29","call_user_func() [RCE]",6708,"call_user_func",{"id":1099,"type":875,"label":908,"file":177,"line":1100},"n30",9474,{"id":1102,"type":919,"label":1103,"file":177,"line":1100},"n31","→ get_id()",{"id":1105,"type":880,"label":1052,"file":177,"line":1053,"wp_function":1054},"n32",[1107,1108,1109,1110,1111,1112,1113,1114,1115,1116,1117,1118,1119,1120,1121,1122,1123,1124,1125,1126],{"from":874,"to":879,"sanitized":405},{"from":915,"to":918,"sanitized":405},{"from":922,"to":970,"sanitized":405},{"from":973,"to":976,"sanitized":405},{"from":979,"to":983,"sanitized":405},{"from":985,"to":1051,"sanitized":405},{"from":1056,"to":1058,"sanitized":403},{"from":1058,"to":1060,"sanitized":403},{"from":1062,"to":1064,"sanitized":403},{"from":1064,"to":1066,"sanitized":403},{"from":1068,"to":1071,"sanitized":403},{"from":1071,"to":1074,"sanitized":403},{"from":1076,"to":1078,"sanitized":403},{"from":1078,"to":1080,"sanitized":403},{"from":1082,"to":1084,"sanitized":403},{"from":1084,"to":1086,"sanitized":403},{"from":1088,"to":1091,"sanitized":403},{"from":1091,"to":1094,"sanitized":403},{"from":1099,"to":1102,"sanitized":403},{"from":1102,"to":1105,"sanitized":403},{"summary":1128,"deductions":1129},"The xili-dictionary plugin v2.12.5.2 exhibits a mixed security posture. While it demonstrates strengths in SQL query sanitization and a robust use of nonces and capability checks, significant concerns arise from its static analysis results and vulnerability history.  The presence of dangerous functions like 'unserialize' and 'exec' coupled with a high number of flows with unsanitized paths, particularly two high-severity taint flows, indicates potential for serious vulnerabilities. The high percentage of improperly escaped output further exacerbates these risks, suggesting a strong likelihood of cross-site scripting (XSS) vulnerabilities. The plugin's vulnerability history, featuring two known CVEs with one currently unpatched and both classified as medium severity, with a common pattern of XSS, reinforces these concerns. This suggests a recurring issue with input sanitization and output encoding that has not been fully resolved. Despite a low entry point count and the absence of unauthenticated AJAX handlers, the underlying code quality, particularly regarding unsanitized paths and output handling, coupled with an unpatched vulnerability, presents a notable risk.",[1130,1133,1135,1137,1139],{"reason":1131,"points":1132},"Unpatched CVE",18,{"reason":1134,"points":295},"High severity taint flows",{"reason":1136,"points":57},"Low percentage of properly escaped output",{"reason":1138,"points":994},"Dangerous functions found (unserialize, exec)",{"reason":1140,"points":353},"Unsanitized paths in taint flows","2026-03-16T20:54:53.554Z",{"wat":1143,"direct":1162},{"assetPaths":1144,"generatorPatterns":1152,"scriptPaths":1153,"versionParams":1154},[1145,1146,1147,1148,1149,1150,1151],"\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fcss\u002Fxdmsg-backend.css","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fcss\u002Fxdmsg-frontend.css","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fcss\u002Fxdmsg-style.css","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-backend.js","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-functions.js","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-importer.js","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-shortcode.js",[],[1148,1149,1150,1151],[1155,1156,1157,1158,1159,1160,1161],"\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fcss\u002Fxdmsg-backend.css?ver=","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fcss\u002Fxdmsg-frontend.css?ver=","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fcss\u002Fxdmsg-style.css?ver=","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-backend.js?ver=","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-functions.js?ver=","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-importer.js?ver=","\u002Fwp-content\u002Fplugins\u002Fxili-dictionary\u002Fjs\u002Fxdmsg-shortcode.js?ver=",{"cssClasses":1163,"htmlComments":1177,"htmlAttributes":1185,"restEndpoints":1191,"jsGlobals":1192,"shortcodeOutput":1194},[1164,1165,1166,1167,1168,1169,1170,1171,1172,1173,1174,1175,1176],"xdmsg-admin-list-table","xdmsg-backend-form","xdmsg-btn-add","xdmsg-field-label","xdmsg-field-wrapper","xdmsg-importer-box","xdmsg-lang-selector","xdmsg-meta-box","xdmsg-new-msg-form","xdmsg-search-form","xdmsg-shortcode-preview","xdmsg-translator-box","xdmsg-warning",[1178,1179,1180,1181,1182,1183,1184],"\u003C!-- init-import-js -->","\u003C!-- end-import-js -->","\u003C!-- init-shortcode-js -->","\u003C!-- end-shortcode-js -->","\u003C!-- init-backend-js -->","\u003C!-- end-backend-js -->","\u003C!-- xdmsg_shortcode_list -->",[1186,1187,1188,1189,1190],"data-xdmsg-action","data-xdmsg-id","data-xdmsg-nonce","data-xdmsg-parent-id","data-xdmsg-type",[],[1193],"xili_dictionary_params",[1195,1196,1197],"[xili_dictionary_importer]","[xili_dictionary_list]","[xili_dictionary_translator]"]