[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faTq493SaNMYKrTMbtyzO-aS3V5IxCsp9JGGTqt0aTks":3,"$fpiIk6ieF_tE3uhEDiP_auj7oZhUFOMiNhewFxl9jF1I":110,"$fRiJCUHeu6wO48o3rpQn2KXSZaqit7I1VGA0UCHZt_KA":114},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":16,"download_link":18,"security_score":19,"vuln_count":11,"unpatched_count":11,"last_vuln_date":20,"fetched_at":21,"discovery_status":22,"vulnerabilities":23,"developer":24,"crawl_stats":20,"alternatives":30,"analysis":31,"fingerprints":80},"age-verification-simple","Age Verification – simple","1.3.0","symplax","https:\u002F\u002Fprofiles.wordpress.org\u002Fsymplax\u002F","\u003Cp>With this module you will know that each user is an adult and uses the site with his consent.\u003Cbr \u002F>\nIf user does not confirm popup, module will ask you to leave page.\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n– template-independent integration\u003Cbr \u002F>\n– plug and play (simple to install)\u003Cbr \u002F>\n– SEO friendly\u003Cbr \u002F>\n– fast\u003Cbr \u002F>\n– popup without jquery (vanilla js)\u003Cbr \u002F>\n– this version do not have customization options\u003C\u002Fp>\n","With this module you will know that each user is an adult and uses the site with his consent.",0,898,"2024-11-04T13:03:00.000Z","6.6.5","6.5.4","",[],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fage-verification-simple.1.3.0.zip",92,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":25,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":27,"trust_score":28,"computed_at":29},2,96,30,91,"2026-05-20T10:11:36.308Z",[],{"attackSurface":32,"codeSignals":59,"taintFlows":72,"riskAssessment":73,"analyzedAt":79},{"hooks":33,"ajaxHandlers":48,"restRoutes":56,"shortcodes":57,"cronEvents":58,"entryPointCount":25,"unprotectedCount":11},[34,39,44],{"type":35,"name":36,"callback":36,"file":37,"line":38},"action","init","age_verification__simple.php",19,{"type":35,"name":40,"callback":41,"file":42,"line":43},"wp_body_open","inject","classes\\controller.php",60,{"type":35,"name":45,"callback":46,"file":42,"line":47},"wp_enqueue_scripts","wp_get_inline_style",65,[49,54],{"action":50,"nopriv":51,"callback":50,"hasNonce":51,"hasCapCheck":52,"file":42,"line":53},"xhr_get",true,false,70,{"action":50,"nopriv":52,"callback":50,"hasNonce":51,"hasCapCheck":52,"file":42,"line":55},71,[],[],[],{"dangerousFunctions":60,"sqlUsage":61,"outputEscaping":63,"fileOperations":11,"externalRequests":11,"nonceChecks":70,"capabilityChecks":11,"bundledLibraries":71},[],{"prepared":11,"raw":11,"locations":62},[],{"escaped":64,"rawEcho":65,"locations":66},11,1,[67],{"file":42,"line":68,"context":69},148,"raw output",3,[],[],{"summary":74,"deductions":75},"The \"age-verification-simple\" plugin v1.3.0 demonstrates a generally good security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, critical taint flows, raw SQL queries, file operations, or external HTTP requests is a significant strength. The plugin also appears to implement proper output escaping for the vast majority of its outputs and utilizes prepared statements for all SQL queries.  The presence of nonce checks is also a positive indicator of security awareness.\n\nHowever, a notable area for improvement is the complete lack of capability checks for its AJAX handlers. While the total number of entry points is low and none are immediately exposed without authentication, the absence of capability checks means that any authenticated user, regardless of their role or permissions, could potentially interact with these AJAX handlers. This could lead to unintended actions or information disclosure if the functionality within these handlers is not sufficiently restricted by other means. The taint analysis showing zero flows is reassuring, but the lack of capability checks is a missed opportunity to harden the attack surface further.\n\nIn conclusion, \"age-verification-simple\" v1.3.0 is a relatively secure plugin with a clean vulnerability history and good coding practices in key areas like SQL and output escaping. The main weakness lies in the missing capability checks for its AJAX handlers, which introduces a potential risk for privilege escalation or unauthorized actions by authenticated users. Addressing this would significantly enhance the plugin's overall security.",[76],{"reason":77,"points":78},"Missing capability checks on AJAX handlers",15,"2026-03-17T06:40:48.136Z",{"wat":81,"direct":91},{"assetPaths":82,"generatorPatterns":88,"scriptPaths":89,"versionParams":90},[83,84,85,86,87],"\u002Fwp-content\u002Fplugins\u002Fage-verification-simple\u002Fassets\u002Finline\u002Fcss.php","\u002Fwp-content\u002Fplugins\u002Fage-verification-simple\u002Fassets\u002Finline\u002Fjs.php","\u002Fwp-content\u002Fplugins\u002Fage-verification-simple\u002Ftpl\u002Fpopup.php","\u002Fwp-content\u002Fplugins\u002Fage-verification-simple\u002Ftpl\u002Fpopup_inject.php","\u002Fwp-content\u002Fplugins\u002Fage-verification-simple\u002Ftpl\u002Fpopup_deny.php",[],[],[],{"cssClasses":92,"htmlComments":100,"htmlAttributes":102,"restEndpoints":105,"jsGlobals":107,"shortcodeOutput":109},[93,94,95,96,97,98,99],"avs-popup-wrapper","avs-popup-content","avs-popup-buttons","avs-popup-deny-redirect","avs-popup-apply-button","avs-popup-deny-button","avs-popup-close",[101],"\u003C!-- AGE VERIFICATION SIMPLE - Popup -->",[103,104],"data-avs-settings","data-avs-vars",[106],"\u002Fwp-json\u002Fage-verification-simple\u002Fv1\u002Fxhr_get",[108],"AgeVerificationSimple",[],{"error":51,"url":111,"statusCode":112,"statusMessage":113,"message":113},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fage-verification-simple\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":65,"versions":115},[116],{"version":6,"download_url":18,"svn_tag_url":117,"released_at":20,"has_diff":52,"diff_files_changed":118,"diff_lines":20,"trac_diff_url":20,"vulnerabilities":119,"is_current":51},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fage-verification-simple\u002Ftags\u002F1.3.0\u002F",[],[]]