[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkTIN_9J2NH9HWCYHc4XaGM0lYPg3ePkdUHPdOSRI008":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":35,"analysis":129,"fingerprints":319},"adfever-monetisation","Adfever Monétisation","1.0.2","adfever","https:\u002F\u002Fprofiles.wordpress.org\u002Fadfever\u002F","\u003Cp>Ce plugin permet à tous les éditeurs inscrits sur AdFever – \u003Ca href=\"http:\u002F\u002Fwww.Adfever.com\u002F\" title=\"Plateforme de monétisation AdFever\" rel=\"nofollow ugc\">AdFever.com\u003C\u002Fa> – d’ajouter simplement de nombreux formats de monétisation. Actuellement, les formats publicitaires disponibles sont : liens sponsorisés, liens texte, footer, site under et slide in.\u003C\u002Fp>\n\u003Cp>Pour que ce plugin fonctionne, vous devez posséder un compte éditeur AdFever et demander à editeurs@adfever.com  un identifiant pour chaque format.\u003Cbr \u002F>\nLes liens sponsorisés sont personnalisables (automatiquement ou manuellement), ils pourront être affichés automatiquement avant ou après vos articles. Les annonces affichées dépendent des tags associés à vos posts et du titre de vos posts.\u003C\u002Fp>\n","Plugin de monétisation pour les membres de la régie publicitaire AdFever.",10,5866,80,1,"2014-04-17T16:15:00.000Z","3.9.40","3.4","",[7,20,21,22,23],"advertising","monetization","publicite","sponsored-links","http:\u002F\u002Fwww.adfever.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadfever-monetisation.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},30,84,"2026-04-05T08:36:17.714Z",[36,58,71,92,109],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":27,"num_ratings":27,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":18,"download_link":55,"security_score":56,"vuln_count":14,"unpatched_count":27,"last_vuln_date":57,"fetched_at":29},"website-article-monetization-by-magenet","Website Article Monetization By MageNet","1.0.12","MageNet","https:\u002F\u002Fprofiles.wordpress.org\u002Fmagenet\u002F","\u003Cp>Article Plugin by MageNet is a free WordPress plugin that allows you to monetize your website through the automated placement of third-party content on your site.\u003C\u002Fp>\n\u003Cp>To install the Article Plugin, you need to \u003Ca href=\"https:\u002F\u002Fwww.magenet.com\u002F\" rel=\"nofollow ugc\">sign in\u002Fup\u003C\u002Fa> to your MageNet account and get your MageNet Key.\u003C\u002Fp>\n\u003Cp>Time-saving\u003Cbr \u002F>\nWith the Article Plugin, you’ll start getting new relevant content on your website automatically. After your approval, this plugin creates a new webpage on your site and place an article from your buyers.\u003C\u002Fp>\n\u003Cp>Full control\u003Cbr \u002F>\nYou have the total control over the content placed on your site even though the Article Plugin does all the content placement work for you. You can reject the task for the content placement if you don’t like the provided content or find it irrelevant to your website niche.\u003C\u002Fp>\n\u003Cp>Better chances to rank high in SERPs\u003Cbr \u002F>\nWith the Article Plugin, you’ll be able to regularly update your website with the new content. As a result, you’ll boost your chances to rank for new keywords in SERPs.\u003C\u002Fp>\n\u003Cp>Automated changes\u003Cbr \u002F>\nArticle Plugin will take control of any changes or amendments in the provided content if there will be any.\u003C\u002Fp>\n\u003Cp>Auto removal\u003Cbr \u002F>\nIf the buyer cancels the provided content, the Article Plugin will automatically remove such an article from your website as soon as possible.\u003C\u002Fp>\n\u003Cp>Error checking\u003Cbr \u002F>\nThe Article Plugin will save you from errors that might occur during manual content placement.\u003C\u002Fp>\n","Get additional income from your website or blog by placing text ads automatically.",20000,94404,"2025-05-21T08:32:00.000Z","6.8.5","4.9","5.2.4",[20,51,52,53,54],"contextual-ads","contextual-advertising","earn-money-online","website-monetization","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebsite-article-monetization-by-magenet.zip",100,"2024-03-19 00:00:00",{"slug":59,"name":60,"version":61,"author":40,"author_profile":41,"description":62,"short_description":43,"active_installs":44,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":47,"requires_at_least":67,"requires_php":18,"tags":68,"homepage":18,"download_link":69,"security_score":56,"vuln_count":14,"unpatched_count":27,"last_vuln_date":70,"fetched_at":29},"website-monetization-by-magenet","Website Monetization by MageNet","1.0.29.3","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.magenet.com\u002F\" rel=\"nofollow ugc\">Website Monetization Plugin by MageNet\u003C\u002Fa> is a WordPress plugin that allows you to sell contextual ads from your pages automatically and receive payments with PayPal.\u003C\u002Fp>\n\u003Cp>To get started \u003Ca href=\"http:\u002F\u002Fwww.magenet.com\u002F\" rel=\"nofollow ugc\">sign up\u003C\u002Fa> for a MageNet Key.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FNNgahP_4DOo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Hassle free\u003C\u002Fstrong>\u003Cbr \u002F>\nWe deal with the advertisers and offer relevant contextual ads to place. It’s free and easy to use.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Regular payouts\u003C\u002Fstrong>\u003Cbr \u002F>\nWithdraw your earnings with ease. Transfers are made via PayPal and WebMoney.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Full control\u003C\u002Fstrong>\u003Cbr \u002F>\nWe crawl all the pages of your site and list them for sales. You can set up the pages available or forbidden for advertising and set up the desired prices for your ads.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Safe and secure\u003C\u002Fstrong>\u003Cbr \u002F>\nAll your personal data is safe. Your websites will only be available to our trusted advertisers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Statistics\u003C\u002Fstrong>\u003Cbr \u002F>\nDetailed information on all your current ads and listed pages of your sites.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Affiliate\u003C\u002Fstrong>\u003Cbr \u002F>\nYou will have access to awesome affiliate program available to our publishers.\u003C\u002Fp>\n",236447,58,7,"2025-05-20T15:55:00.000Z","4.0",[20,51,52,53,54],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebsite-monetization-by-magenet.zip","2023-03-16 00:00:00",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":56,"num_ratings":81,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":90,"download_link":91,"security_score":56,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"actirise","Actirise — Advertising & Monetization","3.4.1","Actirise","https:\u002F\u002Fprofiles.wordpress.org\u002Factirise\u002F","\u003Ch3>🚀 Take your website monetization to the next level with Actirise\u003C\u002Fh3>\n\u003Cp>Instantly \u003Cstrong>transform your WordPress website into a revenue powerhouse\u003C\u002Fstrong>. The Actirise plugin offers effortless monetization with seamless onboarding, automatic ad integration, and advanced tools like ads.txt management, consent management, and analytics. It’s your personal site kit for monetization, handling all the heavy lifting.\u003C\u002Fp>\n\u003Cp>With our \u003Cstrong>self-service onboarding system\u003C\u002Fstrong>, you can go from plugin install to live monetization in just a few steps — no technical knowledge required. Access much more demand than relying solely on Google AdSense or Amazon Ads; we connect you directly to our premium SSP partners.\u003C\u002Fp>\n\u003Cp>Our powerful and intuitive real-time auction solution gives you complete control over pricing and performance optimization. Functioning like an ad inserter to dynamically place advanced ads or use shortcodes, Actirise ensures accurate integration. We use AI to optimize ad pressure, formats, price floors, and CTR, \u003Cstrong>ensuring high-growth revenue\u003C\u002Fstrong> and improving overall ad performance.\u003C\u002Fp>\n\u003Ch3>🛠️ Additional features\u003C\u002Fh3>\n\u003Cp>Everything you need to monetize your WordPress site — in one powerful, easy-to-use plugin and without writing a line of code.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Core Web Vitals optimizer\u003C\u002Fstrong> – Preserve your SEO by reducing layout shift with pre-sized ad slots \u003Cem>(Tip: We recommend enabling the PHP Tidy extension for optimal performance)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic ads.txt manager\u003C\u002Fstrong> – Automatically keep your ads.txt file updated, ensuring you’re always at the forefront of the advertising ecosystem.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Actirise Analytics\u003C\u002Fstrong> – Enable Actirise Analytics instantly for your website, and gain deep, real-time insights into your audience’s behavior.\n\u003Cul>\n\u003Cli>\u003Cstrong>Page type detection\u003C\u002Fstrong> – Automatically identify articles, homepages, categories, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom variables support\u003C\u002Fstrong> – Track your revenue in real time, segmented by post ID, author, category, and other native WordPress data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>FastCMP\u003C\u002Fstrong> – Our fully GDPR-compliant consent solution built for publishers\n\u003Cul>\n\u003Cli>\u003Cstrong>CMP customization\u003C\u002Fstrong> – Personalize your banner with your logo, brand colors, text, and vendor lists\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Consent Mode v2\u003C\u002Fstrong> – Enable privacy-compliant tracking based on user consent preferences\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>URL opt-out\u003C\u002Fstrong> – Exclude specific pages from monetization with a single click\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎨 Intuitive UI and streamlined configuration\u003C\u002Fh3>\n\u003Cp>Actirise’s user interface is designed to be clear and accessible for all types of users — from beginners to advanced publishers.\u003Cbr \u002F>\nStep-by-step guidance, helpful tooltips, and real-time validation make the entire setup process smooth and stress-free.\u003C\u002Fp>\n\u003Ch3>📋 Third-Party service usage disclosure\u003C\u002Fh3>\n\u003Cp>Our plugin may utilize third-party services under certain circumstances to enhance functionality. It is crucial for us to maintain transparency regarding the use of these services to ensure user awareness and legal compliance. Below are the details regarding third-party service usage:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>FlashBid (Actirise Advertisement System)\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>Service Description\u003C\u002Fem>: FlashBid, also known as Actirise Advertisement System, is utilized for specific advertising functionalities within the plugin.\u003Cbr \u002F>\n\u003Cem>Service Link\u003C\u002Fem>: \u003Ca href=\"https:\u002F\u002Fwww.actirise.com\u002F\" rel=\"nofollow ugc\">Actirise\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cem>Terms of Use and Privacy Policy\u003C\u002Fem>: \u003Ca href=\"https:\u002F\u002Fcorporate.sparteo.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">Actirise Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>FastCMP (Consent Management Platform)\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>Service Description\u003C\u002Fem>: FastCMP is utilized for managing consent and preferences regarding cookies and tracking scripts.\u003Cbr \u002F>\n\u003Cem>Service Link\u003C\u002Fem>: \u003Ca href=\"https:\u002F\u002Fcorporate.fastcmp.com\u002F\" rel=\"nofollow ugc\">FastCMP\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cem>Terms of Use and Privacy Policy\u003C\u002Fem>: \u003Ca href=\"https:\u002F\u002Fsparteo.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">FastCMP Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>It’s imperative for us to make you aware of our reliance on these third-party services and to provide access to their terms of use and privacy policies. This ensures that your usage of our plugin remains in compliance with legal requirements.\u003C\u002Fp>\n\u003Ch3>📘 Documentation & support\u003C\u002Fh3>\n\u003Cp>Need help or have questions?\u003C\u002Fp>\n\u003Cp>📚 Read the \u003Ca href=\"https:\u002F\u002Fdocs.actirise.com\u002F\" rel=\"nofollow ugc\">full documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>💬 Visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Factirise\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>\u003C\u002Fp>\n","Premium advertising solution to grow your WordPress site revenue with no code and real-time insights.",200,9669,11,"2026-03-03T13:20:00.000Z","6.9.4","4.7","5.6",[87,88,20,89,21],"ad-manager","ads","banner","https:\u002F\u002Fwww.actirise.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Factirise.3.4.1.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":56,"downloaded":100,"rating":56,"num_ratings":14,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":49,"tags":104,"homepage":107,"download_link":108,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"the-publisher-desk-ads-txt","The Publisher Desk ads.txt","1.5.0","PublisherDesk","https:\u002F\u002Fprofiles.wordpress.org\u002Fthepublisherdesk\u002F","\u003Cp>This is a WordPress plugin for clients of The Publisher Desk, intended to automatically propagate changes made to The Publisher Desk’s ads.txt file to client websites, while letting them add\u002Fretain custom lines as desired.\u003C\u002Fp>\n\u003Ch3>Functionality\u003C\u002Fh3>\n\u003Cp>This plugin provides management of the ads.txt file (Authorized Digital Sellers), an initiative from IAB Technology Laboratory, geared towards client of The Publisher Desk. Because the administration of a file outside the wordpress directory can pose challenges depending on the WP\u002FServer configuration, the plugin decides on installation whether to use an actual ads.txt file in the root of the domain, or a quasi-ads.txt file built through a WP option and responding to a server request for “\u002Fads.txt” by providing the contents of that option (containing both custom lines and those associated with TPD’s centralalized list).\u003C\u002Fp>\n\u003Cp>Troubleshooting an installation:\u003Cbr \u002F>\nIf you already have an ads.txt file present on your site, the plugin will rename it to ads-txt-original.txt on installation, and re-rename that file back on de-installation. If your site’s wordpress instance doesn’t have access to files outside of its installation directory and you already have an ads.txt file, the plugin won’t be able to dislodge the existing file and allow the management of the one it creates. You can check whether this has happened if you check your site’s ads.txt file directly (site.com\u002Fads.txt) and there’s no line reading:\u003Cbr \u002F>\n    “### END TPD ADS TXT ###”\u003Cbr \u002F>\na line that is used by the plugin to demarcate custom entries and The Publisher Desk’s. If this is the case, please deactivate the plugin, rename or remove your existing file, re-activate, and check the file again (you might have to refresh several times depending on caching). If you still don’t see that line and the file looks the same as before the update, please reach out to TPD for assistance.\u003C\u002Fp>\n\u003Cp>Final Note: it’s good practice to have a backup of your custom ads.txt lines. We have functionality for retaining your custom lines on plugin updates\u002Fre-installs, but it’s good to make sure since it can be a big pain to recollect entries if you lose them.\u003C\u002Fp>\n","Ads.txt management tool for publishers in The Publisher Desk portfolio.",5252,"2022-08-18T13:27:00.000Z","6.0.11","3.0",[88,105,20,21,106],"ads-txt","publishing","https:\u002F\u002Fwww.publisherdesk.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-publisher-desk-ads-txt.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":119,"num_ratings":120,"last_updated":121,"tested_up_to":122,"requires_at_least":103,"requires_php":18,"tags":123,"homepage":126,"download_link":127,"security_score":128,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"native-ads-adnow","Adnow Native Widget","2.0.3","vbadnow","https:\u002F\u002Fprofiles.wordpress.org\u002Fvbadnow\u002F","\u003Cp>This plugin enables WordPress users to easily integrate Adnow’s native ads widgets on their site.\u003Cbr \u002F>\nGenerate high income on your website by showing native ads with high CTR to your visitors.\u003C\u002Fp>\n\u003Ch3>3rd party service\u003C\u002Fh3>\n\u003Cp>Our plugin uses an api service to get a list of widgets created in your personal account at adnow.com.\u003Cbr \u002F>\nThe service is located at https:\u002F\u002Fwp_plug.adnow.com\u002Fwp_aadb.php\u003Cbr \u002F>\nThe response is text in the JSON format that contains a list of your widgets.\u003Cbr \u002F>\nBelow links to our terms and privacy policy\u003Cbr \u002F>\nhttps:\u002F\u002Fadnow.com\u002Fterms\u003Cbr \u002F>\nhttps:\u002F\u002Fadnow.com\u002Fprivacy-policy\u003C\u002Fp>\n","Use the Adnow widget to monetize your website successfully with high quality native ads",60,26606,70,4,"2025-03-27T16:28:00.000Z","6.7.5",[124,20,21,125],"ad-network","native-ads","https:\u002F\u002Fadnow.com\u002Fwordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnative-ads-adnow.2.0.4.zip",92,{"attackSurface":130,"codeSignals":187,"taintFlows":257,"riskAssessment":304,"analyzedAt":318},{"hooks":131,"ajaxHandlers":174,"restRoutes":183,"shortcodes":184,"cronEvents":185,"entryPointCount":186,"unprotectedCount":186},[132,138,141,145,149,153,157,160,163,166,170],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","admin_menu","AF_add_admin_menu","adfever-monetisation.php",29,{"type":133,"name":139,"callback":140,"file":136,"line":32},"admin_enqueue_scripts","AF_load_admin_scripts",{"type":133,"name":142,"callback":143,"file":136,"line":144},"admin_init","AF_register_settings",31,{"type":133,"name":146,"callback":147,"file":136,"line":148},"admin_notices","AF_admin_notices",32,{"type":133,"name":150,"callback":151,"file":136,"line":152},"wp_print_scripts","adfever_add_my_stylesheets",39,{"type":133,"name":154,"callback":155,"file":136,"line":156},"wp_head","adfever_generate_css",40,{"type":133,"name":154,"callback":158,"file":136,"line":159},"AF_footer",42,{"type":133,"name":154,"callback":161,"file":136,"line":162},"AF_siteunder",45,{"type":133,"name":154,"callback":164,"file":136,"line":165},"AF_slidein",48,{"type":133,"name":167,"callback":168,"file":136,"line":169},"the_content","AF_add_outer",52,{"type":133,"name":171,"callback":172,"file":136,"line":173},"wp_footer","AF_lienstexte",55,[175,180],{"action":176,"nopriv":177,"callback":178,"hasNonce":177,"hasCapCheck":177,"file":136,"line":179},"AFajax",false,"AFajaxcallback",21,{"action":176,"nopriv":181,"callback":178,"hasNonce":177,"hasCapCheck":177,"file":136,"line":182},true,22,[],[],[],2,{"dangerousFunctions":188,"sqlUsage":189,"outputEscaping":192,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":256},[],{"prepared":190,"raw":27,"locations":191},5,[],{"escaped":27,"rawEcho":193,"locations":194},34,[195,198,200,202,203,205,207,208,210,211,213,215,216,218,220,221,223,225,227,228,230,232,233,235,237,239,240,242,244,246,248,250,252,254],{"file":136,"line":196,"context":197},63,"raw output",{"file":136,"line":199,"context":197},68,{"file":136,"line":201,"context":197},73,{"file":136,"line":13,"context":197},{"file":136,"line":204,"context":197},234,{"file":136,"line":206,"context":197},376,{"file":136,"line":206,"context":197},{"file":136,"line":209,"context":197},394,{"file":136,"line":209,"context":197},{"file":136,"line":212,"context":197},413,{"file":136,"line":214,"context":197},428,{"file":136,"line":214,"context":197},{"file":136,"line":217,"context":197},448,{"file":136,"line":219,"context":197},463,{"file":136,"line":219,"context":197},{"file":136,"line":222,"context":197},483,{"file":136,"line":224,"context":197},493,{"file":136,"line":226,"context":197},535,{"file":136,"line":226,"context":197},{"file":136,"line":229,"context":197},545,{"file":136,"line":231,"context":197},573,{"file":136,"line":231,"context":197},{"file":136,"line":234,"context":197},609,{"file":136,"line":236,"context":197},631,{"file":136,"line":238,"context":197},640,{"file":136,"line":238,"context":197},{"file":136,"line":241,"context":197},824,{"file":136,"line":243,"context":197},851,{"file":136,"line":245,"context":197},874,{"file":136,"line":247,"context":197},880,{"file":136,"line":249,"context":197},894,{"file":136,"line":251,"context":197},895,{"file":136,"line":253,"context":197},920,{"file":136,"line":255,"context":197},926,[],[258,289],{"entryPoint":259,"graph":260,"unsanitizedCount":186,"severity":288},"AFajaxcallback (adfever-monetisation.php:705)",{"nodes":261,"edges":283},[262,267,271,276,279,281],{"id":263,"type":264,"label":265,"file":136,"line":266},"n0","source","$_POST['theID']",708,{"id":268,"type":269,"label":270,"file":136,"line":266},"n1","transform","→ adfever_links()",{"id":272,"type":273,"label":274,"file":136,"line":249,"wp_function":275},"n2","sink","echo() [XSS]","echo",{"id":277,"type":264,"label":278,"file":136,"line":266},"n3","$_POST['options']",{"id":280,"type":269,"label":270,"file":136,"line":266},"n4",{"id":282,"type":273,"label":274,"file":136,"line":255,"wp_function":275},"n5",[284,285,286,287],{"from":263,"to":268,"sanitized":177},{"from":268,"to":272,"sanitized":177},{"from":277,"to":280,"sanitized":177},{"from":280,"to":282,"sanitized":177},"medium",{"entryPoint":290,"graph":291,"unsanitizedCount":186,"severity":288},"\u003Cadfever-monetisation> (adfever-monetisation.php:0)",{"nodes":292,"edges":299},[293,294,295,296,297,298],{"id":263,"type":264,"label":265,"file":136,"line":266},{"id":268,"type":269,"label":270,"file":136,"line":266},{"id":272,"type":273,"label":274,"file":136,"line":249,"wp_function":275},{"id":277,"type":264,"label":278,"file":136,"line":266},{"id":280,"type":269,"label":270,"file":136,"line":266},{"id":282,"type":273,"label":274,"file":136,"line":255,"wp_function":275},[300,301,302,303],{"from":263,"to":268,"sanitized":177},{"from":268,"to":272,"sanitized":177},{"from":277,"to":280,"sanitized":177},{"from":280,"to":282,"sanitized":177},{"summary":305,"deductions":306},"The adfever-monetisation plugin v1.0.2 exhibits a concerning security posture primarily due to its unprotected entry points and lack of output escaping.  While it utilizes prepared statements for SQL queries and has no recorded vulnerability history, these positives are overshadowed by significant risks. The presence of two AJAX handlers without any authentication checks creates a substantial attack surface, potentially allowing unauthorized actions or information disclosure if these handlers are not inherently restricted by other WordPress mechanisms.  Furthermore, the complete absence of output escaping on 34 identified outputs means that any data processed or displayed by the plugin is vulnerable to Cross-Site Scripting (XSS) attacks. The taint analysis revealing unsanitized paths, although not reaching a critical or high severity in this specific scan, further highlights the potential for data manipulation and injection vulnerabilities.\n\nIn conclusion, the plugin's strengths lie in its SQL query handling and lack of historical vulnerabilities. However, the critical weaknesses in authentication for AJAX handlers and the pervasive lack of output escaping present immediate and significant security risks. The absence of nonce and capability checks on these entry points exacerbates the situation. Until these issues are addressed, the plugin should be considered high risk for any WordPress site.",[307,310,312,314,316],{"reason":308,"points":309},"AJAX handlers without auth checks",8,{"reason":311,"points":65},"Output escaping not properly implemented",{"reason":313,"points":190},"Flows with unsanitized paths",{"reason":315,"points":190},"Nonce checks missing",{"reason":317,"points":190},"Capability checks missing","2026-03-17T01:41:59.567Z",{"wat":320,"direct":330},{"assetPaths":321,"generatorPatterns":325,"scriptPaths":326,"versionParams":329},[322,323,324],"\u002Fwp-content\u002Fplugins\u002Fadfever-monetisation\u002Fcss\u002Fadfever_styles.css","\u002Fwp-content\u002Fplugins\u002Fadfever-monetisation\u002Fjs\u002Fadmin_scripts.js","\u002Fwp-content\u002Fplugins\u002Fadfever-monetisation\u002Fjs\u002Fscripts.js",[],[327,328],"http:\u002F\u002Fc.ad6media.fr\u002Fl.js","http:\u002F\u002Fadfever.fr.intellitxt.com\u002Fintellitxt\u002Ffront.asp?ipid=",[],{"cssClasses":331,"htmlComments":333,"htmlAttributes":340,"restEndpoints":343,"jsGlobals":345,"shortcodeOutput":347},[332],"icon32",[334,335,336,337,338,339],"\u003C!-- encart 100% Footer 2 - 2013-10-31 -->","\u003C!-- encart 100% Footer 2 -->","\u003C!-- encart Site-under 1 - 2013-10-31 -->","\u003C!-- encart Site-under 1 -->","\u003C!-- encart Slide-In 1 - 2013-10-31 -->","\u003C!-- encart Slide-In 1 -->",[341,342],"name=\"AF_options[AF_SID]\"","name=\"AF_options[AF_AID]\"",[344],"\u002Fwp-json\u002Fwp\u002Fv2\u002Fposts",[346],"ajax_object",[]]