[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcZfZrtLliI6kgxY3ygxfjpV14Yy9_SyBo0_nBveTxgQ":3,"$fERBXzc9T1TvBGBqfbOrcz2VkDPTtKmCe9zIMCXmtGAc":311,"$fHk-3X8esH0eEwx-84ZwdSXvzb5BrHb_tXYBQgDxpOOw":315},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":36,"analysis":136,"fingerprints":287},"allback-samlab","Сallback Samlab widget","1.1.0","wpdewlab","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamlab\u002F","\u003Cp>Плагин предназначен для легкого создания виджета контактной формы для Вашео сайта.\u003Cbr \u002F>\nЭтот виджет будет выполнять функцию “обратного звонка”. То есть на почту, указанную в настройках, Вам будет приходить номер телефона, который указал клиент в виджете на Вашем сайте.\u003C\u002Fp>\n","Плагин предназначен для легкого создания виджета контактной формы для Вашео сайта. Этот виджет будет выполнять функцию \"обратного звонка\".",10,1634,0,"2019-03-01T20:40:00.000Z","5.1.22","3.0.1","",[19,20,21,22],"call-back","callback","leads","widget","https:\u002F\u002Fvseprosto.top\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallback-samlab.1.1.0.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"samlab",1,30,84,"2026-05-19T21:15:47.814Z",[37,59,78,99,116],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"zvi-callback-widget","ZVI CallBack widget","1.0","zava75","https:\u002F\u002Fprofiles.wordpress.org\u002Fzava75\u002F","\u003Cp>ZVI CallBack widget WordPress (+ Support Contact Form 7 +Bot Telegram)\u003Cbr \u002F>\nCustomize CallBack widget WordPress (+ Support Contact Form 7 +Bot Telegram)\u003C\u002Fp>\n\u003Cp>Bot Telegram Integrations (Telegram Alert)\u003Cbr \u002F>\nContact Form 7 Integrations (Creating Your Own Form Tags (Shortcodes) – Contact Form 7)\u003Cbr \u002F>\nCustomize Your Forms to Look the Way You Want – Contact Form 7\u003Cbr \u002F>\nDefault form\u003C\u002Fp>\n\u003Cp>Setting the title and subtitle of the form\u003Cbr \u002F>\nChange in appearance\u003Cbr \u002F>\nPosition\u003Cbr \u002F>\nColour\u003Cbr \u002F>\n14 types icon\u003C\u002Fp>\n\u003Cp>E-mail for the form (E-mail Admin by default)\u003Cbr \u002F>\nURL redirect (after successful submission of the default form or Contact Form 7)\u003C\u002Fp>\n\u003Cp>Plugin language support:\u003Cbr \u002F>\n Arabic\u003Cbr \u002F>\n Danish\u003Cbr \u002F>\n German\u003Cbr \u002F>\n English (UK)\u003Cbr \u002F>\n English (United States)\u003Cbr \u002F>\n French (France)\u003Cbr \u002F>\n Spanish (Spain)\u003Cbr \u002F>\n Persian\u003Cbr \u002F>\n Hindi\u003Cbr \u002F>\n Italian\u003Cbr \u002F>\n Japanese\u003Cbr \u002F>\n Kazakh\u003Cbr \u002F>\n Polish\u003Cbr \u002F>\n Romanian\u003Cbr \u002F>\n Russian\u003Cbr \u002F>\n Swedish\u003Cbr \u002F>\n Thai\u003Cbr \u002F>\n Turkish\u003Cbr \u002F>\n Ukrainian\u003Cbr \u002F>\n Chinese (China)\u003C\u002Fp>\n\u003Cp>You can edit and add translations with the free Loco Translate plugin!\u003C\u002Fp>\n\u003Cp>Описание\u003Cbr \u002F>\nZVI CallBack виджет WordPress (+ контактная форма поддержки 7 + Bot Telegram)\u003Cbr \u002F>\nНастроить виджет CallBack для WordPress (+ контактная форма поддержки 7 + Bot Telegram)\u003C\u002Fp>\n\u003Cp>Бот Telegram Integrations (Telegram Alert)\u003Cbr \u002F>\nКонтактная форма 7 Интеграция (Создание собственных тегов формы (шорткоды) – Контактная форма 7)\u003Cbr \u002F>\nНастройте свои формы, чтобы выглядеть так, как вы хотите – контактная форма 7\u003Cbr \u002F>\nФорма по умолчанию\u003C\u002Fp>\n\u003Cp>Установка заголовка и подзаголовка формы\u003Cbr \u002F>\nИзменение внешнего вида\u003Cbr \u002F>\nПозиция\u003Cbr \u002F>\nЦвет\u003Cbr \u002F>\nЗначок 14 типов\u003C\u002Fp>\n\u003Cp>Электронная почта для формы (E-mail Admin по умолчанию)\u003Cbr \u002F>\nПеренаправление URL (после успешной отправки формы по умолчанию или контактной формы 7)\u003C\u002Fp>\n\u003Cp>Языковая поддержка плагинов:\u003Cbr \u002F>\n  арабский\u003Cbr \u002F>\n  датский\u003Cbr \u002F>\n  Немецкий\u003Cbr \u002F>\n  Английский (Великобритания)\u003Cbr \u002F>\n  Английский Соединенные Штаты)\u003Cbr \u002F>\n  Французский (франция)\u003Cbr \u002F>\n  Испанский (Испания)\u003Cbr \u002F>\n  персидский\u003Cbr \u002F>\n  хинди\u003Cbr \u002F>\n  итальянский\u003Cbr \u002F>\n  японский язык\u003Cbr \u002F>\n  казах\u003Cbr \u002F>\n  польский\u003Cbr \u002F>\n  румынский\u003Cbr \u002F>\n  русский\u003Cbr \u002F>\n  шведский\u003Cbr \u002F>\n  тайский\u003Cbr \u002F>\n  турецкий\u003Cbr \u002F>\n  украинец\u003Cbr \u002F>\n  Китайский (Китай)\u003C\u002Fp>\n\u003Cp>Вы можете редактировать и добавлять переводы с помощью бесплатного плагина Loco Translate!\u003C\u002Fp>\n","This plugin makes a simple widget for callback on your website.",100,3172,80,4,"2025-07-07T13:20:00.000Z","6.5.8","4.5","5.4",[19,20,54,55,56],"contact-form","contact-form-7","phone-widget","http:\u002F\u002Fstudio-f1.in.ua\u002Fproject03.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzvi-callback-widget.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":44,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":16,"requires_php":17,"tags":72,"homepage":76,"download_link":77,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"bazz-callback-widget","Bazz CallBack widget","3.23","glomberg","https:\u002F\u002Fprofiles.wordpress.org\u002Fglomberg\u002F","\u003Cp>The plugin is intended for easy creating a widget on your website.\u003Cbr \u002F>\nThe widget will be performing “call-back function”. That is, you will be recieving client’s phone which the client will have specified in the widget by your e-mail.\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n* RTL ready\u003C\u002Fp>\n\u003Cp>Supported languages:\u003Cbr \u002F>\n* 🇺🇸 English\u003Cbr \u002F>\n* 🇷🇺 Russian\u003Cbr \u002F>\n* 🇺🇦 Ukrainian\u003Cbr \u002F>\n* 🇫🇷 French\u003Cbr \u002F>\n* 🇮🇹 Italian\u003Cbr \u002F>\n* 🇪🇸 Spanish (Spain)\u003Cbr \u002F>\n* 🇲🇽 Spanish (Mexico)\u003Cbr \u002F>\n* 🇩🇪 German\u003Cbr \u002F>\n* 🇸🇪 Swedish\u003Cbr \u002F>\n* 🇷🇴 Romanian\u003Cbr \u002F>\n* 🇵🇱 Polish\u003Cbr \u002F>\n* 🇳🇱 Dutch\u003Cbr \u002F>\n* 🇬🇷 Greek\u003Cbr \u002F>\n* 🇮🇷 Persian\u003Cbr \u002F>\n* 🇨🇳 Chinese\u003C\u002Fp>\n",4000,107111,86,33,"2023-03-19T11:52:00.000Z","6.2.9",[73,74,19,75,20],"bazz","call","call-request","http:\u002F\u002Fviktor-web.ru","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbazz-callback-widget.3.23.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":13,"num_ratings":13,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":17,"download_link":96,"security_score":97,"vuln_count":32,"unpatched_count":32,"last_vuln_date":98,"fetched_at":27},"movylo-widget","Movylo Marketing Automation","2.0.7","Movylo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmovylo\u002F","\u003Cp>Build your Customer List by capturing leads from your website and social and then automatically convert the list into real sales.\u003C\u002Fp>\n\u003Ch3>Movylo Widget: Automated Customer Engagement and Sales Booster for Local Businesses\u003C\u002Fh3>\n\u003Cp>\u003Ca href='https:\u002F\u002Fwww.movylo.com\u002F?atc=movtwp02' rel=\"nofollow ugc\">Movylo\u003C\u002Fa> makes it easy for your business to grow by capturing leads from your WordPress website and turning them into real sales, whether in-store or online. With powerful tools like an AI chatbot and a lead-capturing pop-up widget, Movylo helps you build, nurture, and convert your customer list automatically.\u003C\u002Fp>\n\u003Ch3>AI Chatbot – 24\u002F7 Customer Support and Lead Capture\u003C\u002Fh3>\n\u003Cp>The integrated AI-powered chatbot acts as a virtual assistant available around the clock, answering customer questions and providing instant support. It engages with website visitors, captures their contact information, and helps convert them into valuable leads. The chatbot ensures that no customer inquiry is missed, enhancing the customer experience and maximizing lead generation.\u003C\u002Fp>\n\u003Cp>Try it out at: \u003Ca href='https:\u002F\u002Fwww.movylo.com\u002Fai\u002F' rel=\"nofollow ugc\">https:\u002F\u002Fwww.movylo.com\u002Fai\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Lead-Capturing Pop-Up Widget – Turn Visitors into Customers\u003C\u002Fh3>\n\u003Cp>The Movylo pop-up widget captures leads as they visit your website, collecting contact information and encouraging sign-ups. It works seamlessly with various sources, including Facebook, Google My Business, and Instagram, to grow your customer list. The pop-up widget is designed to grab attention and prompt visitors to take action, increasing the likelihood of converting them into paying customers.\u003C\u002Fp>\n\u003Ch3>Automated Nurturing and Sales Conversion\u003C\u002Fh3>\n\u003Cp>Once leads are captured, Movylo’s AutoPilot feature automatically nurtures them with personalized promotions, offers, and messages. The marketing automation tools engage with your customer list to help you convert more leads into sales, both online and in-store.\u003C\u002Fp>\n\u003Ch3>Loyalty Programs, Newsletters, and Promotions\u003C\u002Fh3>\n\u003Cp>With Movylo, you can easily create and manage loyalty programs, send newsletters, distribute coupons, and launch special promotions. These tools help keep customers engaged, build long-term loyalty, and drive repeat business.\u003C\u002Fp>\n\u003Ch3>Key Benefits\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>1. AI Chatbot\u003C\u002Fstrong>\u003Cbr \u002F>\nA virtual assistant available 24\u002F7 to engage with customers, answer questions, and capture leads.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Pop-Up Widget\u003C\u002Fstrong>\u003Cbr \u002F>\nAttracts website visitors’ attention and captures contact details to grow your customer list.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>3. Automated Lead Nurturing\u003C\u002Fstrong>\u003Cbr \u002F>\nMovylo’s AutoPilot engages with your list through marketing automation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>4. Multi-Channel Integration\u003C\u002Fstrong>\u003Cbr \u002F>\nCapture leads not just from your website, but also from social platforms like Facebook, Google My Business, and Instagram.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>5. Sales Boosting Tools\u003C\u002Fstrong>\u003Cbr \u002F>\nTurn leads into actual sales with targeted offers and personalized messages.\u003C\u002Fp>\n\u003Ch3>Conclusion\u003C\u002Fh3>\n\u003Cp>Movylo Widget helps you automate customer engagement and boost sales, making it the ideal tool for local businesses looking to grow their customer base effortlessly.\u003C\u002Fp>\n\u003Ch3>Video\u003C\u002Fh3>\n\u003Cp>\u003Ca href='https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=zOokRSaF0-I' rel=\"nofollow ugc\">Check our video here\u003C\u002Fa>\u003C\u002Fp>\n","Build your Customer List by capturing leads from your website and social and then automatically convert the list into real sales.",700,4119,"2024-10-29T14:14:00.000Z","6.7.5","5.5","7.4",[93,94,95,22],"capture-leads","monetize","movylo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmovylo-widget.2.0.7.zip",71,"2025-04-14 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":45,"num_ratings":32,"last_updated":109,"tested_up_to":110,"requires_at_least":16,"requires_php":17,"tags":111,"homepage":114,"download_link":115,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"leadback","LeadBack – Callback, Chatbot and Live Chat Widgets for WordPress sites","1.1","LeadBack","https:\u002F\u002Fprofiles.wordpress.org\u002Fleadbackru\u002F","\u003Cp>Every website visitor is a potential customer. LeadBack allows you to call your customer for free in 27 seconds. The LeadBack widget lets you call your website visitors and helps you gain an additional 30-125% leads on the phone.\u003C\u002Fp>\n\u003Cp>This plugin makes a simple widget for callback and live chat on your website. LeadBack its a services for the site, allowing you to increase the conversion to leads. Official LeadBack plugin.\u003C\u002Fp>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Visitors visit your website, click on a callback button, enter their phone number.\u003C\u002Fli>\n\u003Cli>The service quickly calls your company, and then immediately to the visitor himself.\u003C\u002Fli>\n\u003Cli>Within 27 seconds, your employee communicates with the client and makes a sale!\u003C\u002Fli>\n\u003Cli>The client is shocked by your promptness and is ready to spend the money.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FjkxWHU0vjg4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Supported languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English \u002F English Callback, Chatbot and Live Chat Plugin\u003C\u002Fli>\n\u003Cli>Russian \u002F Русский Плагин обратного звонка, чат и бот для сайта\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin makes a simple widget for callback and live chat on your website. Official LeadBack plugin.",600,4398,"2021-09-24T11:24:00.000Z","5.8.13",[20,112,100,113,22],"chat","livechat","https:\u002F\u002Fleadback.ru\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fleadback.1.1.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":16,"requires_php":17,"tags":130,"homepage":134,"download_link":135,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"aeroleads-contact-us-details","AeroLeads Contact Us Details","2.0.0","anurag722","https:\u002F\u002Fprofiles.wordpress.org\u002Fanurag722\u002F","\u003Cp>Bored of old textual contact details, that you give on a seperate page that visitors often ignore and move on.\u003C\u002Fp>\n\u003Cp>Give your contact details a more prominent space in your wordpress blog, place it in your sidebar. No more struggling with icons\u002Fimages for various components of your details.\u003C\u002Fp>\n\u003Cp>AeroLeads Contact Us Details lets you display contact details in your sidebar. Simply install the plugin, set your contact details in the form, use the widget to place it in your sidebar and Voila it displays your contact details to all your visitors.\u003C\u002Fp>\n\u003Cp>You want to embed your contact information in your posts\u002Fpages. No problemo!!, Use the shortcodes and share your contact info in your pages and posts.\u003C\u002Fp>\n\u003Cp>Designed on Google’s new material-design guidelines, AL-CUD(that’s what we call it), presents your visitors sleek and classy contact details widget.\u003C\u002Fp>\n\u003Cp>AeroLeads Contact Us Details is a free addon to \u003Ca href=\"http:\u002F\u002Faeroleads.com\u002F\" rel=\"nofollow ugc\">AeroLeads\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Finboundio.com\u002F\" rel=\"nofollow ugc\">Inboundio\u003C\u002Fa> Software, which is the next generation Marketing solution and the only white label marketing software on the web using which you can launch your marketing software or agency in just 1 day.\u003C\u002Fp>\n","AeroLeads Contact Us Details lets you add contact details in your sidebar as a widget. Simple yet effective.",70,11086,90,8,"2015-02-02T10:45:00.000Z","4.1.42",[131,132,133,21,22],"address","contact","contact-us","http:\u002F\u002Faeroleads.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faeroleads-contact-us-details.zip",{"attackSurface":137,"codeSignals":210,"taintFlows":276,"riskAssessment":277,"analyzedAt":286},{"hooks":138,"ajaxHandlers":171,"restRoutes":194,"shortcodes":195,"cronEvents":207,"entryPointCount":208,"unprotectedCount":209},[139,145,150,155,159,164,168],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_menu","add_options_page","admin\u002Fclass-submenu.php",41,{"type":140,"name":146,"callback":147,"file":148,"line":149},"plugins_loaded","samlab_сallback_settings","callback-settings.php",58,{"type":140,"name":151,"callback":152,"priority":153,"file":148,"line":154},"wp_footer","samlab_сallback_add_script",999,165,{"type":140,"name":156,"callback":157,"file":148,"line":158},"admin_init","samlab_сallback_settings_init",197,{"type":140,"name":160,"callback":161,"priority":162,"file":148,"line":163},"admin_print_footer_scripts","samlab_сallback_addjavascript",99,203,{"type":140,"name":165,"callback":166,"file":148,"line":167},"wp_dashboard_setup","samlab_сallback_adddashboardwidgets",208,{"type":140,"name":160,"callback":169,"file":148,"line":170},"samlab_сallback_addquicktags",210,[172,177,180,184,186,190],{"action":173,"nopriv":174,"callback":175,"hasNonce":174,"hasCapCheck":174,"file":148,"line":176},"getformsamlab",false,"samlab_сallback_getform",60,{"action":173,"nopriv":178,"callback":175,"hasNonce":174,"hasCapCheck":174,"file":148,"line":179},true,61,{"action":181,"nopriv":178,"callback":182,"hasNonce":174,"hasCapCheck":174,"file":148,"line":183},"sampostmessage","samlab_сallback_postmessage",63,{"action":181,"nopriv":174,"callback":182,"hasNonce":174,"hasCapCheck":174,"file":148,"line":185},64,{"action":187,"nopriv":174,"callback":188,"hasNonce":174,"hasCapCheck":174,"file":148,"line":189},"samlabdellrecord","samlab_сallback_dellrecord",199,{"action":191,"nopriv":174,"callback":192,"hasNonce":174,"hasCapCheck":174,"file":148,"line":193},"samlabgettable","samlab_сallback_gettable",201,[],[196,199,203],{"tag":197,"callback":197,"file":148,"line":198},"samlab_callback_form",492,{"tag":200,"callback":201,"file":148,"line":202},"samlab_callback","samlab_callback_widget",519,{"tag":204,"callback":205,"file":148,"line":206},"samlab_callback_button","samlab_callback_widget_button",547,[],9,6,{"dangerousFunctions":211,"sqlUsage":212,"outputEscaping":215,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":268},[],{"prepared":213,"raw":13,"locations":214},3,[],{"escaped":216,"rawEcho":217,"locations":218},5,24,[219,223,225,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266],{"file":220,"line":221,"context":222},"admin\u002Fclass-submenu-page.php",312,"raw output",{"file":148,"line":224,"context":222},74,{"file":148,"line":224,"context":222},{"file":148,"line":227,"context":222},75,{"file":148,"line":229,"context":222},78,{"file":148,"line":231,"context":222},91,{"file":148,"line":233,"context":222},92,{"file":148,"line":235,"context":222},101,{"file":148,"line":237,"context":222},102,{"file":148,"line":239,"context":222},110,{"file":148,"line":241,"context":222},111,{"file":148,"line":243,"context":222},127,{"file":148,"line":245,"context":222},138,{"file":148,"line":247,"context":222},147,{"file":148,"line":249,"context":222},154,{"file":148,"line":251,"context":222},158,{"file":148,"line":253,"context":222},221,{"file":148,"line":255,"context":222},223,{"file":148,"line":257,"context":222},294,{"file":148,"line":259,"context":222},307,{"file":148,"line":261,"context":222},333,{"file":148,"line":263,"context":222},345,{"file":148,"line":265,"context":222},460,{"file":148,"line":267,"context":222},474,[269,272],{"name":270,"version":26,"knownCves":271},"DataTables",[],{"name":273,"version":274,"knownCves":275},"jQuery","1.12.4",[],[],{"summary":278,"deductions":279},"The \"allback-samlab\" v1.1.0 plugin exhibits a mixed security posture.  While it demonstrates good practices by using prepared statements for all SQL queries and having no recorded vulnerabilities or dangerous functions, it suffers from a significant lack of security checks on its entry points.  A large portion of its attack surface, specifically all 6 AJAX handlers, lacks any form of authentication or capability checks. This leaves them entirely open to unauthorized access and potential exploitation.\n\nThe static analysis reveals a substantial concern with the unprotected AJAX handlers. Although taint analysis did not reveal any immediate exploitable flows, the absence of nonces and capability checks on these handlers means that an attacker could potentially trigger them with malicious input, leading to unexpected behavior or the execution of unintended actions.  The output escaping also appears to be a weak point, with only 17% of outputs being properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities if data processed by these handlers is not meticulously sanitized before display.\n\nThe plugin's clean vulnerability history is a positive sign, suggesting a generally careful development approach. However, this does not negate the immediate risks identified in the current code. The combination of a significant unprotected attack surface and insufficient output escaping presents a clear risk. The plugin needs to implement robust authentication and authorization checks on its AJAX handlers and improve its output sanitization to significantly strengthen its security.",[280,282,284],{"reason":281,"points":127},"AJAX handlers without authentication\u002Fauthorization",{"reason":283,"points":209},"Low percentage of properly escaped output",{"reason":285,"points":213},"Bundled outdated jQuery library","2026-04-16T12:47:16.146Z",{"wat":288,"direct":293},{"assetPaths":289,"generatorPatterns":290,"scriptPaths":291,"versionParams":292},[],[],[],[],{"cssClasses":294,"htmlComments":296,"htmlAttributes":297,"restEndpoints":298,"jsGlobals":300,"shortcodeOutput":307},[295],"btn-green",[],[],[299],"\u002Fwp-json\u002Fcallback-samlab\u002Fv1",[301,302,152,303,304,305,157,169,147,306],"samlab_callback_activate","samlab_callback_drop_tables","сallbackFunk","poss","callme","samlab_сallback_dashhelp",[308,309,310],"[samlab_callback]","[samlab_callback_button]","[samlab_callback_form]",{"error":178,"url":312,"statusCode":313,"statusMessage":314,"message":314},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fallback-samlab\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":316,"versions":317},2,[318,323],{"version":6,"download_url":24,"svn_tag_url":319,"released_at":26,"has_diff":174,"diff_files_changed":320,"diff_lines":26,"trac_diff_url":321,"vulnerabilities":322,"is_current":178},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fallback-samlab\u002Ftags\u002F1.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fallback-samlab%2Ftags%2F1.0.0&new_path=%2Fallback-samlab%2Ftags%2F1.1.0",[],{"version":324,"download_url":325,"svn_tag_url":326,"released_at":26,"has_diff":174,"diff_files_changed":327,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":328,"is_current":174},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallback-samlab.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fallback-samlab\u002Ftags\u002F1.0.0\u002F",[],[]]