[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIL5eVF1V-hur7L1kphWt2TBESBy06JbUjSNUUbURDIo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":71,"crawl_stats":38,"alternatives":77,"analysis":120,"fingerprints":638},"allwebmenus-wordpress-menu-plugin","AllWebMenus WordPress Menu Plugin","1.1.24","LiknoSoftware","https:\u002F\u002Fprofiles.wordpress.org\u002Fliknosoftware\u002F","\u003Cp>\u003Cstrong>Important Clarification Note:\u003C\u002Fstrong> AllWebMenus Pro is a \u003Cstrong>commercial\u003C\u002Fstrong> application (not free) and is required for this plugin. Click here for the \u003Ca href=\"https:\u002F\u002Fwww.likno.com\u002Fawmregister.php\" title=\"AllWebMenus Pro Order Page\" rel=\"nofollow ugc\">AllWebMenus Pro Order Page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>AllWebMenus WordPress Menu add-in & plugin\u003C\u002Fstrong> combination is designed to retrieve information from your blog (such as posts, pages, etc.) and import it into the AllWebMenus application to create stylish, feature-rich navigation menus, and not only! Apart from creating menu items derived from your blog’s structure, fully customize your menus adding your own non-wordpress menu items with external or internal links, html-rich content, colors, borders, effects, designs of your choice and many more!\u003C\u002Fp>\n\u003Cp>View \u003Ca href=\"https:\u002F\u002Fwww.likno.com\u002Fexamples.html\" title=\"examples of menus created with AllWebMenus\" rel=\"nofollow ugc\">examples of menus created with AllWebMenus\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>AllWebMenus\u003C\u002Fstrong> is a web menu builder that requires absolutely no DHTML or Javascript experience from you. It creates cross-browser navigation menus that work alike in all browsers supporting DHTML. A DHTML menu \u002F JavaScript menu can be designed with a simple, tree-like approach. You can then fully customize it by applying a vast available number of features through the Properties Pane or by choosing a predefined appearance from the Theme Gallery.\u003C\u002Fp>\n\u003Cp>For documentation, examples and screenshots, please refer to the official plugin page for \u003Ca href=\"https:\u002F\u002Fwww.likno.com\u002Faddins\u002Fwordpress-menu.html\" title=\"AllWebMenus WordPress Menu\" rel=\"nofollow ugc\">AllWebMenus WordPress Menu\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Major Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Full cross-browser support (Internet Explorer – including v8, all Mozilla based browsers (Firefox, etc), Opera, Safari, Google Chrome and many more)\u003C\u002Fli>\n\u003Cli>Optimized menu building with separate javascripts for different browsers\u003C\u002Fli>\n\u003Cli>Full Search Engine Optimization (SEO) support\u003C\u002Fli>\n\u003Cli>Edit CSS menu properties through a WYSIWYG interface\u003C\u002Fli>\n\u003Cli>Use your own HTML code on selected menu items to achieve enhanced formatting or advanced functionality\u003C\u002Fli>\n\u003Cli>“Auto Item Highlight”\u003C\u002Fli>\n\u003Cli>Vertical Scrollbar for vertical Groups with “Automatic Scroll on Mouse Over”\u003C\u002Fli>\n\u003Cli>Multiple Rows and Columns on submenus\u003C\u002Fli>\n\u003Cli>Responsive Menus for your Responsive Website Designs (RWD) or standard websites\u003C\u002Fli>\n\u003Cli>Floating Images can be added to any of your menu items\u003C\u002Fli>\n\u003Cli>Create any kind of web menu fast by using pre-designed menu themes from the Theme Gallery\u003C\u002Fli>\n\u003Cli>Can display all languages in the javascript menu text through full unicode support\u003C\u002Fli>\n\u003Cli>Use “separate” borders on any side (top, bottom, left, right) of Groups or Items\u003C\u002Fli>\n\u003Cli>Full documentation on all features and properties\u003C\u002Fli>\n\u003Cli>Use three flexible ways to position your menus\u003C\u002Fli>\n\u003Cli>Choose among many options on “How”, “When” and “Where” the submenus appear\u003C\u002Fli>\n\u003Cli>Choose among many options on “How”, “When” and “Where” the submenus disappear\u003C\u002Fli>\n\u003Cli>Use the Advanced Copy\u002FPaste  functionality to quickly transfer any value among menu items\u003C\u002Fli>\n\u003Cli>Use Sticky submenus. A sticky submenu does not close unless you move to another item that has a submenu or click on the page. This is how the Windows “Start” menu works.\u003C\u002Fli>\n\u003Cli>Use popup and hidden menus that appear on events specified by you\u003C\u002Fli>\n\u003Cli>Use static or animated images for both background and content\u003C\u002Fli>\n\u003Cli>Create effects by using different property values for three different item states: the “Normal”, “Mouse Over” and “Mouse Click” item states\u003C\u002Fli>\n\u003Cli>Floating menus: Keep the menu visible in the same position while scrolling using either smooth or immediate scroll. Specify Javascript Commands to be executed when any menu item gets clicked, when any submenu appears or disappears, when the Main Menu appears or disappears. This feature allows you to create fully extensible menus\u003C\u002Fli>\n\u003Cli>Use both vertical and horizontal submenus at any possible combination\u003C\u002Fli>\n\u003Cli>Use Header and Footer on the submenu groups and allow the user to drag the menu from its Header\u003C\u002Fli>\n\u003Cli>Use “Distances between menu items” and assign optional “Statusbar Text” for each item\u003C\u002Fli>\n\u003Cli>Use Custom Variables instead of actual text\u003C\u002Fli>\n\u003Cli>Use several unfolding effects for the submenus\u003C\u002Fli>\n\u003Cli>Add AJAX menu effects to your items\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>…and many more!\u003Cbr \u002F>\nFor more detailed features list visit the \u003Ca href=\"https:\u002F\u002Fwww.likno.com\u002Fallwebmenusinfo.html\" title=\"AllWebMenus PRO Features Page\" rel=\"nofollow ugc\">AllWebMenus PRO Features Page\u003C\u002Fa> in the Likno Web Site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Required Software\u003C\u002Fh3>\n\u003Cp>This plugin offers an integration for the AllWebMenus PRO software into a WordPress blog.\u003Cbr \u002F>\nAs such, \u003Cstrong>AllWebMenus PRO\u003C\u002Fstrong> (v5.3.926 and above) is required to be installed in your machine.\u003C\u002Fp>\n\u003Ch4>The “Yet Another Related Posts” Plugin\u003C\u002Fh4>\n\u003Cp>The AllWebMenus WordPress Menu Plugin offers the ability to add an item at the end of your menu that contains a submenu that displays the most relevant posts (or pages) of the post you are currently viewing (the item will appear only when you are viewing a single post).\u003C\u002Fp>\n\u003Cp>This feature is build on Yet Another Related Posts Plugin by mitcho (Michael Yoshitaka Erlewine).\u003Cbr \u002F>\nVisit the \u003Ca href=\"https:\u002F\u002Fmitcho.com\u002Fcode\u002Fyarpp\u002F\" title=\"YARPP plugin's site\" rel=\"nofollow ugc\">YARPP plugin’s site\u003C\u002Fa>.\u003C\u002Fp>\n","Requires commercial (paid) software: AllWebMenus PRO (v5.3.926+)",20,49348,74,12,"2019-01-07T22:04:00.000Z","5.0.25","3.0","",[20,21,22,23,24],"allwebmenus","dhtml-menu","drop-down-menu","javascript-menu","web-menu","https:\u002F\u002Fwww.likno.com\u002Faddins\u002Fwordpress-menu.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallwebmenus-wordpress-menu-plugin.1.1.24.zip",81,3,0,"2012-01-22 00:00:00","2026-03-15T15:16:48.613Z",[33,49,59],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2012-1011","allwebmenus-wordpress-menu-plugin-arbitrary-file-upload","AllWebMenus WordPress Menu Plugin \u003C= 1.1.8 - Arbitrary File Upload","The \"AllWebMenus WordPress Menu Plugin\" plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the actions.php file in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. In versions 1.1.8, it's required to set the HTTP_REFERER to a certain value in order to bypass the referer protection added in v1.1.8.",null,"\u003C=1.1.8","1.1.9","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5754ffd6-81bb-491b-9272-627e8c52a22c?source=api-prod",4384,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":55,"updated_date":45,"references":56,"days_to_patch":58},"CVE-2012-1010","allwebmenus-wordpress-menu-plugin-arbitrary-file-upload-2","AllWebMenus WordPress Menu Plugin \u003C 1.1.9 - Arbitrary File Upload","Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.9 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.","\u003C1.1.9","2012-01-19 00:00:00",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd5ab090c-14fd-4d58-a915-fd68e5eaefe1?source=api-prod",4387,{"id":60,"url_slug":61,"title":62,"description":63,"plugin_slug":4,"theme_slug":38,"affected_versions":64,"patched_in_version":65,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":66,"published_date":67,"updated_date":45,"references":68,"days_to_patch":70},"CVE-2011-3981","allwebmenus-wordpress-menu-plugin-remote-file-inclusion","AllWebMenus WordPress Menu Plugin \u003C= 1.1.3 - Remote File Inclusion","PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.","\u003C=1.1.3","1.1.4","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2011-09-19 00:00:00",[69],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F45b6a72a-9aa9-4d77-b250-575d55538110?source=api-prod",4509,{"slug":72,"display_name":7,"profile_url":8,"plugin_count":73,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":74,"trust_score":75,"computed_at":76},"liknosoftware",1,4427,66,"2026-04-05T05:04:52.125Z",[78,101],{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":18,"tags":93,"homepage":98,"download_link":99,"security_score":100,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"codeflavors-floating-menu","CodeFlavors floating menu","1.1.5","Constantin Boiangiu","https:\u002F\u002Fprofiles.wordpress.org\u002Fconstantinboiangiu\u002F","\u003Cp>\u003Cstrong>CodeFlavors floating menu\u003C\u002Fstrong> creates an animated multidimensional menu on the left or right side of a WordPress blog. Menu can be assigned directly from WordPress Menus.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Available options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>menu animation on page scroll; can be fixed, no animation, or can smoothly scroll up and down when scrolling window;\u003C\u002Fli>\n\u003Cli>menu position (left or right side of your blog);\u003C\u002Fli>\n\u003Cli>top distance – minimum distance from top of the window;\u003C\u002Fli>\n\u003Cli>menu title – if left not empty, the first item from the menu will be the text entered into this option.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important links:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.codeflavors.com\u002Fdocuments\u002Ffloating-menu\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=cf-floating-menu-readme\" title=\"CodeFlavors Floating Menu for WordPress documentation\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> on plugin usage and CSS structure;\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.codeflavors.com\u002Fcodeflavors-forums\u002Fforum\u002Fcodeflavors-floating-menu-plugin-for-wordpress\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=cf-floating-menu-readme\" title=\"CodeFlavors Floating Menu forum\" rel=\"nofollow ugc\">Forum\u003C\u002Fa> (while we try to keep up with the forums here, please post any requests on our forums for a faster response);\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Cp>Plugin was tested using WordPress 3.4.1 with theme TwentyEleven in FireFox, Chrome and IE8. Other themes may not be CSS compatible with the plugin. If it’s your case, please post on \u003Ca href=\"http:\u002F\u002Fwww.codeflavors.com\u002Fcodeflavors-forums\u002F\" title=\"CodeFlavors Community Forums\" rel=\"nofollow ugc\">CodeFlavors forums\u003C\u002Fa> the theme you’re using, WordPress version and browser used to view the website.\u003C\u002Fp>\n","Create animated navigation menus on the left or right side of any WordPress blog.",300,34978,94,13,"2016-12-09T06:44:00.000Z","4.7.32","3.4",[94,22,95,96,97],"animation","floating-menu","menu","wordpress-menu","http:\u002F\u002Fwww.codeflavors.com\u002Fcodeflavors-floating-menu-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodeflavors-floating-menu.zip",85,{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":11,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":18,"tags":115,"homepage":118,"download_link":119,"security_score":100,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"css-menumaker","MenuMaker Lite","1.1.3","cssmenumaker","https:\u002F\u002Fprofiles.wordpress.org\u002Fcssmenumaker\u002F","\u003Cp>MenuMaker Lite allows you to create multi-level, responsive navigations without having to know all the CSS and jQuery.\u003Cbr \u002F>\nCreate a menu structure using the WordPress menu system and then use MenuMaker Lite to design a responsive, dynamic navigation for your website.\u003C\u002Fp>\n\u003Cp>Included in the plugin are 3 professionaly designed menu themes: Drop Down, Flyout, and Accordion. Select one of these themes and\u003Cbr \u002F>\ncustomize the appearance of your menu with and easy to use interface.\u003C\u002Fp>\n\u003Ch4>MenuMaker Pro\u003C\u002Fh4>\n\u003Cp>For more menu templates and advanced features, check out \u003Ca href=\"http:\u002F\u002Fcssmenumaker.com\u002Fwordpress-menu-plugin\" rel=\"nofollow ugc\">MenuMaker Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Integrates with your existing WordPress menu system\u003C\u002Fli>\n\u003Cli>Support for horizontal and vertical menus\u003C\u002Fli>\n\u003Cli>Support for up to 3 levels of submenus\u003C\u002Fli>\n\u003Cli>Use pure CSS or jQuery enhancements\u003C\u002Fli>\n\u003Cli>Menus integrate with WordPress widget system\u003C\u002Fli>\n\u003Cli>WordPress shortcodes supported\u003C\u002Fli>\n\u003Cli>Fully responsive menu themes included\u003C\u002Fli>\n\u003Cli>Tested to work on iPhone, iPad, iPod, and Android devices\u003C\u002Fli>\n\u003Cli>Every menu theme is easily customizable\u003C\u002Fli>\n\u003Cli>Easily change colors, menu width, font sizes, alignments, and text options\u003C\u002Fli>\n\u003Cli>Add your own custom CSS for even more control\u003C\u002Fli>\n\u003C\u002Ful>\n","MenuMaker Lite provides and easy way to create responsive drop down, flyout, and accordion menus.",8757,42,7,"2014-08-17T19:14:00.000Z","3.9.40","3.0.1",[22,96,116,117],"navigation","responsive-menu","http:\u002F\u002Fcssmenumaker.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcss-menumaker.zip",{"attackSurface":121,"codeSignals":178,"taintFlows":606,"riskAssessment":625,"analyzedAt":637},{"hooks":122,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":29,"unprotectedCount":29},[123,129,133,137,141,147,151,156,160,164,168],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","init","AWM_init_hook","allwebmenus-wordpress-menu.php",48,{"type":124,"name":130,"callback":131,"file":127,"line":132},"admin_init","AWM_addmin_hook",49,{"type":124,"name":134,"callback":135,"file":127,"line":136},"admin_menu","AWM_add_option_pages",50,{"type":124,"name":138,"callback":139,"file":127,"line":140},"widgets_init","registerWidgetAllWebMenus",54,{"type":142,"name":143,"callback":144,"priority":145,"file":127,"line":146},"filter","wp_nav_menu","awm_menu_position",10,1187,{"type":142,"name":148,"callback":149,"priority":145,"file":127,"line":150},"wp_nav_menu_args","awm_menu_args",1188,{"type":142,"name":152,"callback":153,"file":154,"line":155},"upload_mimes","addUploadMimes","include.php",536,{"type":124,"name":157,"callback":158,"file":159,"line":27},"plugins_loaded","wp_session_start","wp-session-manager-master\\wp-session.php",{"type":124,"name":161,"callback":162,"file":159,"line":163},"shutdown","wp_session_write_close",116,{"type":124,"name":165,"callback":166,"file":159,"line":167},"wp_session_garbage_collection","wp_session_cleanup",159,{"type":124,"name":169,"callback":170,"file":159,"line":171},"wp","wp_session_register_garbage_collection",169,[],[],[],[176],{"hook":165,"callback":165,"file":159,"line":177},166,{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":255,"fileOperations":604,"externalRequests":73,"nonceChecks":73,"capabilityChecks":29,"bundledLibraries":605},[],{"prepared":29,"raw":181,"locations":182},33,[183,187,190,192,194,196,198,200,202,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,236,238,240,242,244,246,249,251,253],{"file":184,"line":185,"context":186},"actions.php",47,"$wpdb->get_var() with variable interpolation",{"file":127,"line":188,"context":189},184,"$wpdb->get_results() with variable interpolation",{"file":127,"line":191,"context":189},537,{"file":127,"line":193,"context":189},1099,{"file":127,"line":195,"context":189},1118,{"file":154,"line":197,"context":186},155,{"file":154,"line":199,"context":186},190,{"file":154,"line":201,"context":186},253,{"file":154,"line":203,"context":204},254,"$wpdb->query() with variable interpolation",{"file":154,"line":206,"context":204},255,{"file":154,"line":208,"context":186},257,{"file":154,"line":210,"context":186},265,{"file":154,"line":212,"context":204},266,{"file":154,"line":214,"context":204},267,{"file":154,"line":216,"context":204},268,{"file":154,"line":218,"context":186},275,{"file":154,"line":220,"context":204},276,{"file":154,"line":222,"context":204},277,{"file":154,"line":224,"context":186},288,{"file":154,"line":226,"context":204},304,{"file":154,"line":228,"context":186},549,{"file":154,"line":230,"context":204},612,{"file":154,"line":232,"context":189},652,{"file":234,"line":235,"context":189},"menu_helper.php",117,{"file":234,"line":237,"context":189},134,{"file":234,"line":239,"context":189},141,{"file":234,"line":241,"context":189},149,{"file":234,"line":243,"context":189},411,{"file":234,"line":245,"context":189},489,{"file":247,"line":248,"context":186},"widgetClass.php",21,{"file":247,"line":250,"context":186},52,{"file":159,"line":252,"context":189},133,{"file":159,"line":254,"context":204},152,{"escaped":73,"rawEcho":256,"locations":257},177,[258,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,316,318,320,322,324,326,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355,357,359,361,363,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,397,399,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,443,445,447,449,451,453,455,457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,557,559,561,563,565,567,568,570,572,574,576,577,578,580,582,583,584,585,586,588,590,592,594,596,598,600,602],{"file":127,"line":259,"context":260},178,"raw output",{"file":127,"line":262,"context":260},179,{"file":127,"line":264,"context":260},189,{"file":127,"line":266,"context":260},200,{"file":127,"line":268,"context":260},214,{"file":127,"line":270,"context":260},236,{"file":127,"line":272,"context":260},250,{"file":127,"line":274,"context":260},279,{"file":127,"line":276,"context":260},291,{"file":127,"line":278,"context":260},313,{"file":127,"line":280,"context":260},351,{"file":127,"line":282,"context":260},355,{"file":127,"line":284,"context":260},358,{"file":127,"line":286,"context":260},359,{"file":127,"line":288,"context":260},363,{"file":127,"line":290,"context":260},399,{"file":127,"line":292,"context":260},402,{"file":127,"line":294,"context":260},403,{"file":127,"line":296,"context":260},407,{"file":127,"line":298,"context":260},428,{"file":127,"line":300,"context":260},430,{"file":127,"line":302,"context":260},432,{"file":127,"line":304,"context":260},434,{"file":127,"line":306,"context":260},440,{"file":127,"line":308,"context":260},448,{"file":127,"line":310,"context":260},449,{"file":127,"line":312,"context":260},450,{"file":127,"line":314,"context":260},451,{"file":127,"line":314,"context":260},{"file":127,"line":317,"context":260},452,{"file":127,"line":319,"context":260},455,{"file":127,"line":321,"context":260},457,{"file":127,"line":323,"context":260},458,{"file":127,"line":325,"context":260},462,{"file":127,"line":325,"context":260},{"file":127,"line":328,"context":260},463,{"file":127,"line":330,"context":260},466,{"file":127,"line":332,"context":260},468,{"file":127,"line":334,"context":260},470,{"file":127,"line":336,"context":260},480,{"file":127,"line":338,"context":260},486,{"file":127,"line":340,"context":260},492,{"file":127,"line":342,"context":260},493,{"file":127,"line":344,"context":260},494,{"file":127,"line":346,"context":260},495,{"file":127,"line":348,"context":260},496,{"file":127,"line":350,"context":260},502,{"file":127,"line":352,"context":260},513,{"file":127,"line":354,"context":260},520,{"file":127,"line":356,"context":260},521,{"file":127,"line":358,"context":260},529,{"file":127,"line":360,"context":260},534,{"file":127,"line":362,"context":260},535,{"file":127,"line":364,"context":260},546,{"file":127,"line":366,"context":260},563,{"file":127,"line":368,"context":260},564,{"file":127,"line":370,"context":260},572,{"file":127,"line":372,"context":260},582,{"file":127,"line":374,"context":260},601,{"file":127,"line":376,"context":260},602,{"file":127,"line":378,"context":260},606,{"file":127,"line":380,"context":260},610,{"file":127,"line":382,"context":260},615,{"file":127,"line":384,"context":260},617,{"file":127,"line":386,"context":260},624,{"file":127,"line":388,"context":260},625,{"file":127,"line":390,"context":260},630,{"file":127,"line":392,"context":260},631,{"file":127,"line":394,"context":260},637,{"file":127,"line":396,"context":260},638,{"file":127,"line":398,"context":260},640,{"file":127,"line":400,"context":260},653,{"file":127,"line":402,"context":260},654,{"file":127,"line":404,"context":260},658,{"file":127,"line":406,"context":260},662,{"file":127,"line":408,"context":260},666,{"file":127,"line":410,"context":260},668,{"file":127,"line":412,"context":260},674,{"file":127,"line":414,"context":260},675,{"file":127,"line":416,"context":260},682,{"file":127,"line":418,"context":260},683,{"file":127,"line":420,"context":260},689,{"file":127,"line":422,"context":260},690,{"file":127,"line":424,"context":260},692,{"file":127,"line":426,"context":260},703,{"file":127,"line":428,"context":260},704,{"file":127,"line":430,"context":260},708,{"file":127,"line":432,"context":260},712,{"file":127,"line":434,"context":260},718,{"file":127,"line":436,"context":260},720,{"file":127,"line":438,"context":260},723,{"file":127,"line":440,"context":260},724,{"file":127,"line":442,"context":260},728,{"file":127,"line":444,"context":260},729,{"file":127,"line":446,"context":260},732,{"file":127,"line":448,"context":260},733,{"file":127,"line":450,"context":260},735,{"file":127,"line":452,"context":260},738,{"file":127,"line":454,"context":260},742,{"file":127,"line":456,"context":260},743,{"file":127,"line":458,"context":260},749,{"file":127,"line":460,"context":260},750,{"file":127,"line":462,"context":260},756,{"file":127,"line":464,"context":260},757,{"file":127,"line":466,"context":260},759,{"file":127,"line":468,"context":260},777,{"file":127,"line":470,"context":260},781,{"file":127,"line":472,"context":260},785,{"file":127,"line":474,"context":260},797,{"file":127,"line":476,"context":260},798,{"file":127,"line":478,"context":260},804,{"file":127,"line":480,"context":260},812,{"file":127,"line":482,"context":260},820,{"file":127,"line":484,"context":260},821,{"file":127,"line":486,"context":260},822,{"file":127,"line":488,"context":260},829,{"file":127,"line":490,"context":260},830,{"file":127,"line":492,"context":260},831,{"file":127,"line":494,"context":260},838,{"file":127,"line":496,"context":260},839,{"file":127,"line":498,"context":260},840,{"file":127,"line":500,"context":260},849,{"file":127,"line":502,"context":260},863,{"file":127,"line":504,"context":260},878,{"file":127,"line":506,"context":260},906,{"file":127,"line":508,"context":260},907,{"file":127,"line":510,"context":260},908,{"file":127,"line":512,"context":260},926,{"file":127,"line":514,"context":260},927,{"file":127,"line":516,"context":260},935,{"file":127,"line":518,"context":260},944,{"file":127,"line":520,"context":260},948,{"file":127,"line":522,"context":260},956,{"file":127,"line":524,"context":260},988,{"file":127,"line":526,"context":260},995,{"file":127,"line":528,"context":260},1004,{"file":127,"line":530,"context":260},1005,{"file":127,"line":532,"context":260},1006,{"file":127,"line":534,"context":260},1007,{"file":127,"line":536,"context":260},1045,{"file":127,"line":538,"context":260},1070,{"file":127,"line":540,"context":260},1071,{"file":127,"line":542,"context":260},1101,{"file":127,"line":544,"context":260},1129,{"file":127,"line":546,"context":260},1131,{"file":127,"line":548,"context":260},1132,{"file":127,"line":550,"context":260},1139,{"file":127,"line":552,"context":260},1140,{"file":127,"line":554,"context":260},1157,{"file":127,"line":556,"context":260},1175,{"file":127,"line":558,"context":260},1176,{"file":127,"line":560,"context":260},1177,{"file":127,"line":562,"context":260},1178,{"file":127,"line":564,"context":260},1180,{"file":127,"line":566,"context":260},1183,{"file":234,"line":248,"context":260},{"file":234,"line":569,"context":260},185,{"file":234,"line":571,"context":260},187,{"file":234,"line":573,"context":260},233,{"file":234,"line":575,"context":260},242,{"file":234,"line":208,"context":260},{"file":234,"line":210,"context":260},{"file":234,"line":579,"context":260},352,{"file":234,"line":581,"context":260},367,{"file":234,"line":308,"context":260},{"file":234,"line":312,"context":260},{"file":234,"line":319,"context":260},{"file":234,"line":354,"context":260},{"file":234,"line":587,"context":260},522,{"file":234,"line":589,"context":260},569,{"file":234,"line":591,"context":260},584,{"file":247,"line":593,"context":260},28,{"file":247,"line":595,"context":260},30,{"file":247,"line":597,"context":260},31,{"file":247,"line":599,"context":260},61,{"file":247,"line":601,"context":260},62,{"file":247,"line":603,"context":260},69,11,[],[607],{"entryPoint":608,"graph":609,"unsanitizedCount":29,"severity":624},"\u003Cactions> (actions.php:0)",{"nodes":610,"edges":621},[611,616],{"id":612,"type":613,"label":614,"file":184,"line":615},"n0","source","$_POST['ref'] (x11)",82,{"id":617,"type":618,"label":619,"file":184,"line":615,"wp_function":620},"n1","sink","wp_redirect() [Open Redirect]","wp_redirect",[622],{"from":612,"to":617,"sanitized":623},true,"low",{"summary":626,"deductions":627},"The \"allwebmenus-wordpress-menu-plugin\" v1.1.24 exhibits a concerning security posture, primarily due to its outdated vulnerability history and significant code-level weaknesses. While the static analysis reports a seemingly small attack surface and a lack of immediate critical taint flows, this is overshadowed by the critical historical vulnerabilities, specifically \"Unrestricted Upload of File with Dangerous Type\" and \"PHP Remote File Inclusion.\" The fact that these critical vulnerabilities are present, even if currently patched (indicated by 0 unpatched CVEs), suggests a history of severe insecure coding practices within the plugin. The code analysis further reveals a lack of output escaping (only 1% properly escaped) and no capability checks for a cron event, which, when combined with the historical RFI vulnerabilities, presents a substantial risk. The heavy reliance on raw SQL queries without prepared statements is another significant concern, increasing the susceptibility to SQL injection attacks. Despite the absence of reported critical taint flows in the *current* analysis, the plugin's past and ongoing coding deficiencies make it a high-risk component. Users should exercise extreme caution, prioritize updating to a version that has addressed these fundamental issues, and consider replacing the plugin if these issues persist in newer versions.",[628,630,633,635],{"reason":629,"points":145},"No capability checks on cron events",{"reason":631,"points":632},"Severe lack of output escaping",15,{"reason":634,"points":11},"100% of SQL queries use raw statements",{"reason":636,"points":11},"3 historical critical CVEs (RFI, Unrestricted Upload)","2026-03-16T23:08:33.554Z",{"wat":639,"direct":651},{"assetPaths":640,"generatorPatterns":646,"scriptPaths":647,"versionParams":648},[641,642,643,644,645],"\u002Fwp-content\u002Fplugins\u002Fallwebmenus-wordpress-menu-plugin\u002FwidgetClass.php","\u002Fwp-content\u002Fplugins\u002Fallwebmenus-wordpress-menu-plugin\u002Fmenu_helper.php","\u002Fwp-content\u002Fplugins\u002Fallwebmenus-wordpress-menu-plugin\u002Finclude.php","\u002Fwp-content\u002Fplugins\u002Fallwebmenus-wordpress-menu-plugin\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fallwebmenus-wordpress-menu-plugin\u002Fstylesheet.css",[],[644],[649,650],"allwebmenus-wordpress-menu-plugin\u002Fscript.js?ver=","allwebmenus-wordpress-menu-plugin\u002Fstylesheet.css?ver=",{"cssClasses":652,"htmlComments":655,"htmlAttributes":656,"restEndpoints":660,"jsGlobals":661,"shortcodeOutput":665},[653,654],"AWM_welcome_title","AWM_welcome_title_info",[],[657,658,659],"id=\"AWM_welcome_title\"","id=\"AWM_welcome_title_info\"","id=\"awm_upload_anchor\"",[],[662,663,664],"awm_set_path","AWM_total_tabs","awm_show_welcome",[]]