[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOsPmD0NiWB8r1rHE8cAiIFZ57VjgOn2XdaGjYZ9pXAE":3,"$fbe0xTIeViJfPLsEGhEys35H6Fx-uo_pUDgFWSbdOii4":211,"$fy2fk0_DYrBPbAlJ4kPvkdRx01sn3RWdWOV6DpJcMaA8":216},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":77,"fingerprints":194},"ac-stop-content-copier","AC STOP Content Copier","1.0","Adapt Coder","https:\u002F\u002Fprofiles.wordpress.org\u002Fadaptcoder\u002F","\u003Cp>This plugin will help keep away programmatic content scrapers by protecting your VALUABLE CONTENT with a three layers of checks.\u003C\u002Fp>\n\u003Cp>Similar to Google: Show CAPTCHA for suspicious “visitors” and never lose the REAL ONES.\u003C\u002Fp>\n\u003Cp>Layer 1: This is the most basic stripping out programming languages user agents like cURL* (used by PHP and many others), libwww-perl (used by Perl language to scrape websites), scrappy (library used by Python, Ruby) and many others.\u003C\u002Fp>\n\u003Cp>Layer 2: A bot will always browse very fast and it will be able to “browse” a lot of your pages within a very low seconds range. The plugin detects this and shows a captcha to the “visitor” to make sure it isn’t a bot.\u003C\u002Fp>\n\u003Cp>Layer 3: Complex behaviour computation – a bot is set to crawl your site at the same time using a cronjob. We detect that by using a three day comparison. If such a scraper is detected, the guest is asked for a CAPTCHA to ensure it is legit!\u003Cbr \u002F>\nAlso, to keep you updated with what’s happening in the background, WP STOP CONTENT Copier is logging everything so you can analyze: IP addresses asked for CAPTCHA and the result: (COMPLETED CAPTCHA OR FAILED)\u003C\u002Fp>\n\u003Ch4>Start protecting your valuable content from thiefs and avoid having duplicates on search engines.\u003C\u002Fh4>\n","Content is king! Protect your unique work by using this plugin and BLOCK UNWANTED CONTENT SCRAPERS.",10,1964,0,"2014-10-20T20:41:00.000Z","4.0.38","3.0.1","",[19,20,21,22,23],"scrapers","scrapy","stop-copier","stop-copy","stop-thiefs","http:\u002F\u002Fadaptcoder.com\u002Fwp-stop-content-Copier","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fac-stop-content-copier.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"adaptcoder",1,30,84,"2026-05-20T00:16:21.762Z",[38,56],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":54,"download_link":55,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"antiscraper","AntiScraper","1.01","Lysis10","https:\u002F\u002Fprofiles.wordpress.org\u002Flysis10\u002F","\u003Cp>AntiScraper is a web service you connect to your blog to block web scrapers. Web scrapers are used to\u003Cbr \u002F>\ngrab your blog posts and post them on an “autopilot” blog. Stealing content harms your Google rank, and\u003Cbr \u002F>\nit costs you ad money and viewers.\u003C\u002Fp>\n\u003Cp>AntiScraper uses a community-based blacklist of known scrapers to block the “bot” from taking your content.\u003Cbr \u002F>\nThe web service is called, and if the website is a part of the blacklist, the scraper is blocked. This\u003Cbr \u002F>\ndoes not protect from someone manually copying and pasting your content to their blog, but it stops the\u003Cbr \u002F>\nbots, making it more difficult for people to steal your blog posts.\u003C\u002Fp>\n\u003Cp>Please support the effort to report scrapers and send a report at http:\u002F\u002Fantiscraper.com.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>AntiScraper does not affect posting or publishing blog content. Antiscraper is not responsible for lost\u003Cbr \u002F>\ncontent or stolen content related to attacks, malfunctions or other situations related to\u003Cbr \u002F>\nAntscraper functions and activities.\u003C\u002Fp>\n","AntiScraper blocks scrapers that steal content from your blogs. It has an internal blacklist provided by a community of writers and bloggers.",7622,"2010-11-21T19:05:00.000Z","4.3.34","2.0.2",[51,52,53],"block-scrapers","scraper","spam","http:\u002F\u002Fantiscraper.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fantiscraper.1.01.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":11,"downloaded":64,"rating":13,"num_ratings":13,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":68,"homepage":74,"download_link":75,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":76},"rss-injection","RSSInjection","3.2.48f","DCoda","https:\u002F\u002Fprofiles.wordpress.org\u002Fdcoda\u002F","\u003Cp>This plugin is only supported on PHP 5.2 or greater.\u003C\u002Fp>\n\u003Cp>\u003C!--description-->\u003Cbr \u002F>\nRSSInjection allows you to modify the post for your RSS feed.\u003Cbr \u002F>\nYou may be able think of you own reasons for doing this, but it was originally designed to add a copyright message and link to the feed to show the posts origins should a blog scraper republish your feed on their own blog.\u003Cbr \u002F>\nAnother possible use is to add extra content to your feed to entice users to subscribe, which this is mind you can now add a message that will only display in the blog to promote this offer.\u003Cbr \u002F>\n\u003C!--description-->\u003C\u002Fp>\n\u003Cp>If you are having trouble and cannot find the answers in the \u003Ca href=\"http:\u002F\u002Frssinjection.dcoda.co.uk\u002Fhelp\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa> you can post your support questions to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Frss-injection\" rel=\"ugc\">WordPress Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you find RSSInjection useful please rate it at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Frss-injection\u002F\" rel=\"ugc\">wordpress.org\u003C\u002Fa> and please consider making a \u003Ca href=\"http:\u002F\u002Frssinjection.dcoda.co.uk\u002Fdonate\u002F\" rel=\"nofollow ugc\">donation\u003C\u002Fa> to help us set aside more hours to maintain RSSInjection\u003C\u002Fp>\n\u003Cp>RSSInjection is written by \u003Ca href='http:\u002F\u002Fdcoda.co.uk' rel=\"nofollow ugc\">dcoda\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can check out our other plugins \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fusers\u002Fdcoda\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you require a custom plugin you can contact us \u003Ca href=\"http:\u002F\u002Fdcoda.co.uk\u002Fcontact\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> and maybe we could write it for you.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>(c) Copyright DCoda Limited, 2007 -, All Rights Reserved.\u003C\u002Fp>\n\u003Cp>This code is released under the GPL license version 2, available here:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl.txt\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl.txt\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>There are so many possibly configurations of installation the plugin can be installed on we limit testing to a PHP 5.2+ Linux platform running the latest version of WordPress at the time of release but it is released WITHOUT ANY WARRANTY;\u003Cbr \u002F>\n without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n","Inject content into your RSS feed to entice people to subscribe or allow you to add a message so if the feed it aggregated onto another site it is at  …",5708,"2012-06-04T14:31:00.000Z","3.3.2","3.0.0",[69,70,71,72,73],"added-content","content-scrapers","header","post","seo","http:\u002F\u002Fredactor.dcoda.co.uk\u002Fdonate\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-injection.3.2.48f.zip","2026-04-16T10:56:18.058Z",{"attackSurface":78,"codeSignals":109,"taintFlows":150,"riskAssessment":177,"analyzedAt":193},{"hooks":79,"ajaxHandlers":101,"restRoutes":102,"shortcodes":103,"cronEvents":108,"entryPointCount":33,"unprotectedCount":13},[80,86,89,93,97],{"type":81,"name":82,"callback":83,"file":84,"line":85},"action","init","start_session","ac-stop-content-stealers.php",41,{"type":81,"name":82,"callback":87,"file":84,"line":88},"logVisit",44,{"type":81,"name":90,"callback":91,"file":84,"line":92},"template_redirect","show_captcha",47,{"type":81,"name":94,"callback":95,"file":84,"line":96},"admin_print_scripts","loadCSS",53,{"type":81,"name":98,"callback":99,"file":84,"line":100},"admin_menu","settings",56,[],[],[104],{"tag":105,"callback":106,"file":84,"line":107},"acbd_show_captcha","shortcode",50,[],{"dangerousFunctions":110,"sqlUsage":116,"outputEscaping":130,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":149},[111],{"fn":112,"file":113,"line":114,"context":115},"unserialize","simple-php-captcha-master\\simple-php-captcha.php",112,"$captcha_config = unserialize($_SESSION['_CAPTCHA']['config']);",{"prepared":117,"raw":118,"locations":119},2,4,[120,123,126,128],{"file":84,"line":121,"context":122},116,"$wpdb->query() with variable interpolation",{"file":84,"line":124,"context":125},259,"$wpdb->get_var() with variable interpolation",{"file":84,"line":127,"context":125},260,{"file":84,"line":129,"context":125},261,{"escaped":131,"rawEcho":132,"locations":133},3,7,[134,137,139,141,143,145,147],{"file":84,"line":135,"context":136},192,"raw output",{"file":84,"line":138,"context":136},247,{"file":84,"line":140,"context":136},269,{"file":84,"line":142,"context":136},276,{"file":144,"line":131,"context":136},"inc\\settings.php",{"file":144,"line":146,"context":136},13,{"file":144,"line":148,"context":136},49,[],[151,169],{"entryPoint":152,"graph":153,"unsanitizedCount":33,"severity":168},"plugin_options (ac-stop-content-stealers.php:144)",{"nodes":154,"edges":165},[155,160],{"id":156,"type":157,"label":158,"file":84,"line":159},"n0","source","$_POST['acbd-seconds']",147,{"id":161,"type":162,"label":163,"file":84,"line":159,"wp_function":164},"n1","sink","update_option() [Settings Manipulation]","update_option",[166],{"from":156,"to":161,"sanitized":167},false,"low",{"entryPoint":170,"graph":171,"unsanitizedCount":33,"severity":168},"\u003Cac-stop-content-stealers> (ac-stop-content-stealers.php:0)",{"nodes":172,"edges":175},[173,174],{"id":156,"type":157,"label":158,"file":84,"line":159},{"id":161,"type":162,"label":163,"file":84,"line":159,"wp_function":164},[176],{"from":156,"to":161,"sanitized":167},{"summary":178,"deductions":179},"The \"ac-stop-content-copier\" plugin v1.0 presents a mixed security posture.  On the positive side, the plugin has a very small attack surface with only one shortcode as an entry point.  It also avoids external HTTP requests and file operations, and has no recorded vulnerability history, suggesting a history of secure development or at least no publicly disclosed issues. However, the static analysis reveals significant concerns. The presence of the `unserialize` function is a critical risk, especially when used without strict input validation, as it can lead to arbitrary code execution if malicious data is unserialized.  Furthermore, the analysis shows that only 30% of output is properly escaped, leaving potential for cross-site scripting (XSS) vulnerabilities. The taint analysis also indicates that all flows analyzed involved unsanitized paths, which, while not reaching critical or high severity in this instance, highlights a general lack of input sanitization.  The complete absence of nonce and capability checks on its entry points means that any user, regardless of their role or authenticated status, could potentially interact with the plugin's functionality, although the extent of this risk is mitigated by the limited attack surface.",[180,183,186,188,191],{"reason":181,"points":182},"Dangerous function: unserialize found",15,{"reason":184,"points":185},"Only 30% of output properly escaped",6,{"reason":187,"points":11},"Taint analysis: 2 flows with unsanitized paths",{"reason":189,"points":190},"No nonce checks on entry points",5,{"reason":192,"points":190},"No capability checks on entry points","2026-03-17T00:12:30.272Z",{"wat":195,"direct":201},{"assetPaths":196,"generatorPatterns":198,"scriptPaths":199,"versionParams":200},[197],"\u002Fwp-content\u002Fplugins\u002Fac-stop-content-copier\u002Fstatic\u002Facbd.css",[],[],[],{"cssClasses":202,"htmlComments":203,"htmlAttributes":204,"restEndpoints":206,"jsGlobals":207,"shortcodeOutput":209},[],[],[205],"data-custom-attribute",[],[208],"AC_Stop_Content_Copier",[210],"[acbd_show_captcha]",{"error":212,"url":213,"statusCode":214,"statusMessage":215,"message":215},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fac-stop-content-copier\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":217},[]]