[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fe9FrmaPEiHEPDtXzv_5TZ93tXDh0V1uH-vtQPyVKfvI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":119,"fingerprints":347},"aeroleads-contact-us-details","AeroLeads Contact Us Details","2.0.0","anurag722","https:\u002F\u002Fprofiles.wordpress.org\u002Fanurag722\u002F","\u003Cp>Bored of old textual contact details, that you give on a seperate page that visitors often ignore and move on.\u003C\u002Fp>\n\u003Cp>Give your contact details a more prominent space in your wordpress blog, place it in your sidebar. No more struggling with icons\u002Fimages for various components of your details.\u003C\u002Fp>\n\u003Cp>AeroLeads Contact Us Details lets you display contact details in your sidebar. Simply install the plugin, set your contact details in the form, use the widget to place it in your sidebar and Voila it displays your contact details to all your visitors.\u003C\u002Fp>\n\u003Cp>You want to embed your contact information in your posts\u002Fpages. No problemo!!, Use the shortcodes and share your contact info in your pages and posts.\u003C\u002Fp>\n\u003Cp>Designed on Google’s new material-design guidelines, AL-CUD(that’s what we call it), presents your visitors sleek and classy contact details widget.\u003C\u002Fp>\n\u003Cp>AeroLeads Contact Us Details is a free addon to \u003Ca href=\"http:\u002F\u002Faeroleads.com\u002F\" rel=\"nofollow ugc\">AeroLeads\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Finboundio.com\u002F\" rel=\"nofollow ugc\">Inboundio\u003C\u002Fa> Software, which is the next generation Marketing solution and the only white label marketing software on the web using which you can launch your marketing software or agency in just 1 day.\u003C\u002Fp>\n","AeroLeads Contact Us Details lets you add contact details in your sidebar as a widget. Simple yet effective.",70,11009,90,8,"2015-02-02T10:45:00.000Z","4.1.42","3.0.1","",[20,21,22,23,24],"address","contact","contact-us","leads","widget","http:\u002F\u002Faeroleads.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faeroleads-contact-us-details.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-04T14:58:25.997Z",[38,60,77,87,103],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"contact-information-widget","Contact Information Widget","1.5.0","Shital Marakana","https:\u002F\u002Fprofiles.wordpress.org\u002Fshital-patel\u002F","\u003Cp>Easily add a Contact Information (Company Name, Address, Phone No, Email Id) to your sidebar,footer and page. With this plugin you can add Contact Information to page,sidebar,footer.\u003C\u002Fp>\n\u003Cp>Note : If you like the plugin please rate it.\u003C\u002Fp>\n","Easily add a Contact Information Widget to your widgetable sidebar. With this plugin you can add a contact information.",3000,42928,86,7,"2024-04-13T05:50:00.000Z","6.5.8","3.5.0",[39,54,55,56],"contact-me-widget","contact-us-widget","contact-us-widget-plugin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-information-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-information-widget.zip",92,{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":34,"downloaded":68,"rating":28,"num_ratings":28,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":75,"download_link":76,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ct-contact","CT Contact","1.0.0","Contempo Creative Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fcontempoinc\u002F","\u003Cp>Want to display your personal or business contact information? Then this awesome lil’ contact widget plugin is for you. It includes Title, Company, Street, City, State, Postal, Country, Email & a View More Link.\u003C\u002Fp>\n","Want to display your personal or business contact information? Then this awesome lil' contact widget plugin is for you.",3911,"2016-07-27T22:45:00.000Z","4.6.30","3.3",[20,73,21,74,24],"business","personal","http:\u002F\u002Fcontemporealestatethemes.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fct-contact.zip",{"slug":78,"name":79,"version":63,"author":64,"author_profile":65,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":28,"num_ratings":28,"last_updated":84,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":85,"homepage":75,"download_link":86,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ct-social","CT Social","\u003Cp>An awesome social plugin, featuring all of the most popular social sites (31 to be exact). Choose from 16, 24 & 32px icons, all beautifully designed and pixel perfect.\u003C\u002Fp>\n","An awesome social plugin, featuring all of the most popular social sites.",10,2087,"2016-07-27T22:44:00.000Z",[20,73,21,74,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fct-social.zip",{"slug":88,"name":89,"version":63,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":28,"downloaded":94,"rating":28,"num_ratings":28,"last_updated":95,"tested_up_to":96,"requires_at_least":18,"requires_php":18,"tags":97,"homepage":100,"download_link":101,"security_score":102,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"callcontact","Callcontact","telestrada","https:\u002F\u002Fprofiles.wordpress.org\u002Ftelestrada\u002F","\u003Ch4>Generuj leady!\u003C\u002Fh4>\n\u003Cp>Dzięki słuchawce umieszczonej na Twojej stronie każdy użytkownik może zrealizować szybkie połączenie z Twoją firmą. Co więcej, każdy może pozostawić leada w postaci numeru telefonu w celu późniejszego oddzwonienia.\u003C\u002Fp>\n\u003Ch4>Jak to działa? To proste!\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Widget będzie widoczny na Twojej stronie internetowej.\u003C\u002Fli>\n\u003Cli>Klient wpisze swój numer telefonu.\u003C\u002Fli>\n\u003Cli>Aplikacja automatycznie połączy Klienta z Twoim pracownikiem.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Większa sprzedaż\u003C\u002Fh4>\n\u003Cp>Widoczna słuchawka na Twojej stronie wygeneruje jeszcze większą liczbę leadów od potencjalnych klientów\u003C\u002Fp>\n\u003Ch4>Oszczędność czasu\u003C\u002Fh4>\n\u003Cp>W biznesie każda minuta ma znaczenie, dlatego pozwól swoim klientom na szybki kontakt z Twoją firmą\u003C\u002Fp>\n\u003Ch4>Efektywność pracy\u003C\u002Fh4>\n\u003Cp>Miej pod kontrolą jakość pracy swoich Konsultantów, co wpłynie na efektywność ich pracy\u003C\u002Fp>\n\u003Ch4>Komfort pracy\u003C\u002Fh4>\n\u003Cp>Twoi klienci nie będą musieli czekać w kolejkach, wystarczy, że zamówią połączenie w wygodnym dla siebie terminie\u003C\u002Fp>\n\u003Ch3>Usługi Zewnętrzne\u003C\u002Fh3>\n\u003Cp>Ta wtyczka korzysta z usługi zewnętrznej \u003Ccode>CallContact\u003C\u002Fcode>, aby załadować i skonfigurować widget na Twojej stronie internetowej. Wtyczka komunikuje się z platformą \u003Ccode>CallContact\u003C\u002Fcode>, aby pobrać i zastosować ustawienia widgetu, w tym klucz widgetu skonfigurowany przez użytkownika.\u003C\u002Fp>\n\u003Cp>Aby uzyskać więcej informacji na temat usługi, odwiedź:\u003Cbr \u002F>\n– \u003Cstrong>Strona Usługi\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fuser.callcontact.eu\" rel=\"nofollow ugc\">CallContact\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Korzystając z tej wtyczki, wyrażasz zgodę na warunki i polityki określone przez usługę \u003Ccode>CallContact\u003C\u002Fcode>.\u003C\u002Fp>\n","Plugin dodający widget callconact do strony internetowej.",937,"2025-12-01T11:56:00.000Z","6.8.5",[98,99,88,23,24],"call-contact","call-widget","https:\u002F\u002Fuser.callcontact.eu\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcallcontact.1.0.0.zip",100,{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":28,"downloaded":111,"rating":28,"num_ratings":28,"last_updated":112,"tested_up_to":96,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":117,"download_link":118,"security_score":102,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-contact-us-form-widget","Simple Contact Us Form Widget","2.2.1","gregorybialowas","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregorybialowas\u002F","\u003Cp>A simple form that could be displayed on the sidebars or any part of footer area. It consists of the usual three input fields: name, email and the message. Emails are automatically sent to the WP Admin address.\u003Cbr \u002F>\nIf you want to, you can also add the form to any post or page by using a shortcode: [gbsimple_contact_us_widget style=”color_filter”].\u003Cbr \u002F>\nAvailable color filters: red, green, blue, white or black.\u003C\u002Fp>\n\u003Cp>!Important: In order to use it a a regular widget your theme must be supporting sidebar\u002Ffooter area.\u003Cbr \u002F>\nThere are no restrictions to use it a shortcode on any page\u002Fpost.\u003C\u002Fp>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>http:\u002F\u002Fgregbialowas.com\u002Fdonate\u003C\u002Fp>\n","Simple contact form (name, email, message) to be added to sidebars or footer area (as a widget), and\u002For any post or page (as a shortcode).",2946,"2025-05-29T13:45:00.000Z","4.3.1","5.6",[22,116,24],"form","https:\u002F\u002Fbitbucket.org\u002Fgregorybialowas\u002Fsimple-contact-us-widget\u002Fsrc\u002Fmaster\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-contact-us-form-widget.zip",{"attackSurface":120,"codeSignals":189,"taintFlows":328,"riskAssessment":329,"analyzedAt":346},{"hooks":121,"ajaxHandlers":172,"restRoutes":180,"shortcodes":181,"cronEvents":186,"entryPointCount":187,"unprotectedCount":188},[122,128,132,136,140,143,147,150,153,157,161,163,165,168,170],{"type":123,"name":124,"callback":125,"file":126,"line":127},"action","init","widget_textdomain","includes\\class-alcud-widget.php",50,{"type":123,"name":129,"callback":130,"file":126,"line":131},"admin_print_styles","register_admin_styles",67,{"type":123,"name":133,"callback":134,"file":126,"line":135},"admin_enqueue_scripts","register_admin_scripts",68,{"type":123,"name":137,"callback":138,"file":126,"line":139},"wp_enqueue_scripts","register_widget_styles",71,{"type":123,"name":137,"callback":141,"file":126,"line":142},"register_widget_scripts",72,{"type":123,"name":144,"callback":145,"file":126,"line":146},"save_post","flush_widget_cache",75,{"type":123,"name":148,"callback":145,"file":126,"line":149},"deleted_post",76,{"type":123,"name":151,"callback":145,"file":126,"line":152},"switch_theme",77,{"type":123,"name":154,"callback":155,"file":126,"line":156},"widgets_init","anonymous",289,{"type":123,"name":158,"callback":155,"file":159,"line":160},"plugins_loaded","includes\\class-alcud.php",141,{"type":123,"name":133,"callback":155,"file":159,"line":162},156,{"type":123,"name":133,"callback":155,"file":159,"line":164},157,{"type":123,"name":166,"callback":155,"file":159,"line":167},"admin_menu",161,{"type":123,"name":137,"callback":155,"file":159,"line":169},181,{"type":123,"name":137,"callback":155,"file":159,"line":171},182,[173,177],{"action":174,"nopriv":175,"callback":155,"hasNonce":175,"hasCapCheck":175,"file":159,"line":176},"add_details",false,163,{"action":178,"nopriv":175,"callback":155,"hasNonce":175,"hasCapCheck":175,"file":159,"line":179},"select_widget",164,[],[182],{"tag":183,"callback":184,"file":159,"line":185},"alcud","alcud_handler",79,[],3,2,{"dangerousFunctions":190,"sqlUsage":194,"outputEscaping":222,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":327},[191],{"fn":192,"file":126,"line":156,"context":193},"create_function","add_action( 'widgets_init', create_function( '', 'register_widget(\"Alcud_Widget\");' ) );",{"prepared":28,"raw":82,"locations":195},[196,200,202,205,207,210,214,216,218,220],{"file":197,"line":198,"context":199},"admin\\class-alcud-admin.php",123,"$wpdb->get_row() with variable interpolation",{"file":197,"line":201,"context":199},145,{"file":197,"line":203,"context":204},199,"$wpdb->get_var() with variable interpolation",{"file":197,"line":206,"context":204},243,{"file":208,"line":209,"context":204},"includes\\class-alcud-activator.php",66,{"file":211,"line":212,"context":213},"includes\\class-alcud-deactivator.php",35,"$wpdb->query() with variable interpolation",{"file":211,"line":215,"context":213},38,{"file":126,"line":217,"context":199},122,{"file":126,"line":219,"context":204},144,{"file":159,"line":221,"context":199},235,{"escaped":33,"rawEcho":223,"locations":224},64,[225,228,230,233,235,236,238,239,240,241,243,245,247,249,251,253,254,256,258,260,263,265,267,269,271,272,274,276,279,280,281,282,284,286,287,288,289,291,293,295,297,298,299,301,303,305,307,309,310,311,312,313,314,315,317,318,319,320,321,322,323,324,325,326],{"file":197,"line":226,"context":227},213,"raw output",{"file":197,"line":229,"context":227},229,{"file":231,"line":232,"context":227},"admin\\partials\\alcud-admin-display.php",32,{"file":231,"line":234,"context":227},41,{"file":231,"line":127,"context":227},{"file":231,"line":237,"context":227},59,{"file":231,"line":135,"context":227},{"file":231,"line":152,"context":227},{"file":231,"line":48,"context":227},{"file":231,"line":242,"context":227},125,{"file":231,"line":244,"context":227},128,{"file":231,"line":246,"context":227},148,{"file":231,"line":248,"context":227},151,{"file":231,"line":250,"context":227},178,{"file":231,"line":252,"context":227},188,{"file":231,"line":203,"context":227},{"file":231,"line":255,"context":227},210,{"file":126,"line":257,"context":227},116,{"file":126,"line":259,"context":227},166,{"file":261,"line":262,"context":227},"shortcodes\\alcud-shortcode-flat.php",11,{"file":261,"line":264,"context":227},14,{"file":261,"line":266,"context":227},22,{"file":261,"line":268,"context":227},28,{"file":261,"line":270,"context":227},34,{"file":261,"line":270,"context":227},{"file":261,"line":273,"context":227},40,{"file":261,"line":275,"context":227},46,{"file":277,"line":278,"context":227},"shortcodes\\alcud-shortcodes.php",6,{"file":277,"line":264,"context":227},{"file":277,"line":266,"context":227},{"file":277,"line":34,"context":227},{"file":277,"line":283,"context":227},37,{"file":277,"line":285,"context":227},39,{"file":277,"line":285,"context":227},{"file":277,"line":275,"context":227},{"file":277,"line":275,"context":227},{"file":277,"line":290,"context":227},52,{"file":277,"line":292,"context":227},58,{"file":294,"line":187,"context":227},"widget\\views\\admin.php",{"file":294,"line":296,"context":227},4,{"file":294,"line":296,"context":227},{"file":294,"line":296,"context":227},{"file":300,"line":296,"context":227},"widget\\views\\widget.php",{"file":300,"line":302,"context":227},18,{"file":300,"line":304,"context":227},24,{"file":300,"line":306,"context":227},31,{"file":300,"line":308,"context":227},33,{"file":300,"line":308,"context":227},{"file":300,"line":273,"context":227},{"file":300,"line":273,"context":227},{"file":300,"line":275,"context":227},{"file":300,"line":290,"context":227},{"file":300,"line":292,"context":227},{"file":316,"line":296,"context":227},"widget\\views\\widget2.php",{"file":316,"line":302,"context":227},{"file":316,"line":304,"context":227},{"file":316,"line":306,"context":227},{"file":316,"line":308,"context":227},{"file":316,"line":308,"context":227},{"file":316,"line":273,"context":227},{"file":316,"line":273,"context":227},{"file":316,"line":275,"context":227},{"file":316,"line":290,"context":227},{"file":316,"line":292,"context":227},[],[],{"summary":330,"deductions":331},"The aeroleads-contact-us-details v2.0.0 plugin exhibits a concerning security posture due to several identified weaknesses in its static analysis. A significant attack surface is exposed through two AJAX handlers, both of which lack proper authentication checks, making them prime targets for unauthorized access and execution of potentially harmful operations. Furthermore, the complete absence of nonce checks on these entry points exacerbates this risk, allowing for easier Cross-Site Request Forgery (CSRF) attacks.\n\nThe code analysis reveals a critical reliance on dangerous functions, specifically `create_function`, which is known to be a significant security risk. The plugin also performs a substantial number of SQL queries without any form of prepared statements, indicating a high likelihood of SQL injection vulnerabilities. Compounding these issues is the extremely poor output escaping, with only 2% of outputs being properly handled, leaving the plugin susceptible to Cross-Site Scripting (XSS) attacks. While the plugin has no recorded vulnerability history, this can be misleading; the absence of past CVEs does not guarantee current security. The combination of these code-level flaws presents a substantial risk.\n\nIn conclusion, despite a clean vulnerability history, the static analysis of aeroleads-contact-us-details v2.0.0 reveals critical security flaws. The unprotected AJAX handlers, lack of nonce and capability checks, use of `create_function`, unescaped output, and raw SQL queries create a highly vulnerable plugin. Users should exercise extreme caution and consider disabling or replacing this plugin until these significant security deficiencies are addressed.",[332,334,336,339,341,343],{"reason":333,"points":82},"AJAX handlers without auth checks",{"reason":335,"points":82},"Missing nonce checks on AJAX",{"reason":337,"points":338},"Dangerous function: create_function",15,{"reason":340,"points":14},"Raw SQL without prepared statements",{"reason":342,"points":49},"Poor output escaping",{"reason":344,"points":345},"No capability checks",5,"2026-03-16T21:38:49.877Z",{"wat":348,"direct":366},{"assetPaths":349,"generatorPatterns":355,"scriptPaths":356,"versionParams":360},[350,351,352,353,354],"\u002Fwp-content\u002Fplugins\u002Faeroleads-contact-us-details\u002Fcss\u002Fslick.css","\u002Fwp-content\u002Fplugins\u002Faeroleads-contact-us-details\u002Fcss\u002Falcud-admin.css","\u002Fwp-content\u002Fplugins\u002Faeroleads-contact-us-details\u002Fjs\u002Fjquery_serializeJSON.js","\u002Fwp-content\u002Fplugins\u002Faeroleads-contact-us-details\u002Fjs\u002Fslick.min.js","\u002Fwp-content\u002Fplugins\u002Faeroleads-contact-us-details\u002Fjs\u002Falcud-admin.js",[],[357,358,359],"js\u002Fjquery_serializeJSON.js","js\u002Fslick.min.js","js\u002Falcud-admin.js",[361,362,363,364,365],"aeroleads-contact-us-details\u002Fcss\u002Fslick.css?ver=","aeroleads-contact-us-details\u002Fcss\u002Falcud-admin.css?ver=","aeroleads-contact-us-details\u002Fjs\u002Fjquery_serializeJSON.js?ver=","aeroleads-contact-us-details\u002Fjs\u002Fslick.min.js?ver=","aeroleads-contact-us-details\u002Fjs\u002Falcud-admin.js?ver=",{"cssClasses":367,"htmlComments":369,"htmlAttributes":388,"restEndpoints":390,"jsGlobals":391,"shortcodeOutput":393},[368],"alcud-admin-display",[370,371,372,373,370,371,374,375,376,375,376,377,378,379,370,371,380,381,380,381,382,383,370,371,384,385,370,371,386,387,378,379,370,371,374,375,376,375,376,377,370,371,384,385,378,379,382,383,370,371,378,379,370,371],"\u003C!-- wp:paragraph -->","\u003C!-- \u002Fwp:paragraph -->","\u003C!-- wp:heading -->","\u003C!-- \u002Fwp:heading -->","\u003C!-- wp:columns -->","\u003C!-- wp:column -->","\u003C!-- \u002Fwp:column -->","\u003C!-- \u002Fwp:columns -->","\u003C!-- wp:separator -->","\u003C!-- \u002Fwp:separator -->","\u003C!-- wp:group -->","\u003C!-- \u002Fwp:group -->","\u003C!-- wp:image -->","\u003C!-- \u002Fwp:image -->","\u003C!-- wp:spacer -->","\u003C!-- \u002Fwp:spacer -->","\u003C!-- wp:gallery -->","\u003C!-- \u002Fwp:gallery -->",[389],"data-post-id",[],[392],"alcud_admin_object",[]]