[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fye8epj0m-nis4yQoZZo-sPfJnpX94ivi0dk088WwrCk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":138,"fingerprints":217},"amazon-reloaded-for-wordpress","Amazon Reloaded for WordPress","5.0.8","nickohrn","https:\u002F\u002Fprofiles.wordpress.org\u002Fnickohrn\u002F","\u003Cp>\u003Cem>Please note: \u003C\u002Fem>\u003Cem>PHP5\u003C\u002Fem> is required for this plugin due to the use of json_encode, the DOMDocument class, and the plugin code syntax.\u003C\u002Fp>\n\u003Cp>This plugin makes it easy for post authors to quickly search Amazon’s index from their WordPress post interface and grab\u003Cbr \u002F>\ntext links or images to place in their posts.  The text links can optionally contain an indivdual’s affiliate tag, if entered\u003Cbr \u002F>\non the settings screen.\u003C\u002Fp>\n\u003Cp>The blog administrator can choose which Amazon locale that they wish to use from a list of the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>United States\u003C\u002Fli>\n\u003Cli>United Kingdom\u003C\u002Fli>\n\u003Cli>Canada\u003C\u002Fli>\n\u003Cli>France\u003C\u002Fli>\n\u003Cli>Germany\u003C\u002Fli>\n\u003Cli>Japan\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The new version introduces support for Amazon’s new request signing requirements.  In addition, a credential checking system\u003Cbr \u002F>\nhas been put in place and the remote connection API used should work across more blogs and hosting setups.\u003C\u002Fp>\n\u003Ch3>How To\u003C\u002Fh3>\n\u003Cp>The Amazon Reloaded for WordPress plugin is amazingly simple to use\u003C\u002Fp>\n\u003Col>\n\u003Cli>Start writing a post or page and when you need to insert something, scroll down to the Amazon Reloaded meta box\u003C\u002Fli>\n\u003Cli>Enter your search term and press the Search Amazon button or hit enter\u003C\u002Fli>\n\u003Cli>You can optionally select a different search index if you’re having trouble finding what you’re looking for\u003C\u002Fli>\n\u003Cli>To insert a link, click the “Send Link to Editor” button. \u003C\u002Fli>\n\u003Cli>To insert an image, select the size you want to use and then click the adjacent “Send Image to Editor” button.\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin allows a post author to quickly and easily insert text and image links to Amazon product pages into posts.",100,56830,0,"2012-07-20T03:22:00.000Z","3.1.4","2.8.0","",[19,20,21,22,23],"admin","amazon","ecommerce","post","write","http:\u002F\u002Fplugin-developer.com\u002Fportfolio\u002Famazon-reloaded-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Famazon-reloaded-for-wordpress.5.0.8.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},12,760,86,30,84,"2026-04-05T01:53:54.537Z",[38,59,78,102,122],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":11,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":57,"download_link":58,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"html-special-characters-helper","HTML Special Characters Helper","2.2","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>Add an admin widget labeled “HTML Special Characters” that is present in the admin Add\u002FEdit Post and Add\u002FEdit Page pages. Clicking on any special character in the widget causes its character encoding to be inserted into the post body text field at the current cursor location (or at the end of the post if the cursor isn’t located in the post body field). Hovering over any of the special characters in the admin widget causes hover text to appear that shows the HTML entity encoding for the character as well as the name of the character.\u003C\u002Fp>\n\u003Cp>Note that when used in the visual editor mode the special character itself is added to the post body. Also note that the visual editor has its own special characters popup helper accessible via the advanced toolbar, which depending on your usage, may make this plugin unnecessary for you. In truth, the plugin is intended more for the non-visual (aka HTML) mode as that is the mode I (the plugin author) use.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"http:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fhtml-special-characters-helper\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhtml-special-characters-helper\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cp>The plugin exposes two filters for hooking. Typically, code making use of filters should ideally be put into a mu-plugin or site-specific plugin (which is beyond the scope of this readme to explain).\u003C\u002Fp>\n\u003Ch4>c2c_html_special_characters (filter)\u003C\u002Fh4>\n\u003Cp>The ‘c2c_html_special_characters’ hook allows you to remove existing characters or entire groups of characters, and\u002For add new characters or groups of characters.\u003C\u002Fp>\n\u003Cp>Arguments:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>$codes (array) : An association array in which the keys are a grouping name and the values are associative arrays themselves with the code as the key and the human-friendly descriptions as the values.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F**\n * Add a new grouping of characters (accented 'A's).\n *\n * @param array $characters Default HTML special characters.\n * @return array\n *\u002F\nfunction more_html_special_characters( $characters ) {\n    $characters['accented_a'] = array(\n        'name'     => 'Accented A',\n        'À' => 'A grave accent',\n        'Á' => 'A accute accent',\n        'Â'  => 'A circumflex',\n        'Ã' => 'A tilde',\n        'Ä'   => 'A umlaut',\n        'Å'  => 'A ring',\n        'Æ'  => 'AE ligature',\n    );\n    return $characters; \u002F\u002F Important!\n}\nadd_filter( 'c2c_html_special_characters', 'more_html_special_characters' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>c2c_html_special_characters_post_type (filter)\u003C\u002Fh4>\n\u003Cp>The ‘c2c_html_special_characters_post_type’ hook allows you to specify which post_types for which the HTML Special Characters metabox should be shown.\u003C\u002Fp>\n\u003Cp>Arguments:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>$post_types (array) : An array of post types. By default, this value is \u003Ccode>array( 'page', 'post' )\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F**\n * Show HTML Special Characters Helper for additional post_types.\n *\n * @param array $post_types Arry of post types.\n * @return array\n *\u002F\nfunction more_html_special_characters_post_types( $post_types ) {\n    $post_types[] = 'products'; \u002F\u002F Show for products\n    unset( $post_types['page'] ); \u002F\u002F Don't show for pages\n    return $post_types;\n}\nadd_filter( 'c2c_html_special_characters_post_types', 'more_html_special_characters_post_types' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Admin widget on the Add\u002FEdit Post pages for inserting HTML encodings of special characters into the post.",200,38064,3,"2017-02-22T07:32:00.000Z","4.7.32","4.6",[53,54,55,22,56],"admin-widget","dbx","html-special-characters","write-post","http:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fhtml-special-characters-helper\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtml-special-characters-helper.2.2.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":11,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":17,"tags":73,"homepage":76,"download_link":77,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"unicode-character-keyboard","Unicode Character Keyboard","1.2","Terry O'Brien (HoosierDragon)","https:\u002F\u002Fprofiles.wordpress.org\u002Fhoosierdragon\u002F","\u003Cp>Admin widget on the Write Post or Write Page forms for inserting HTML encodings of Unicode characters into the edit window.\u003C\u002Fp>\n\u003Ch4>Acknowledgements\u003C\u002Fh4>\n\u003Cp>This plugin is based on “HTML Special Characters Helper”, an original design by Scott Reilly (aka coffee2code).\u003C\u002Fp>\n\u003Ch4>Languages Sets supported\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Devanagari (Sanskrit)\u003C\u002Fli>\n\u003Cli>Devanagari Transliteration\u003C\u002Fli>\n\u003Cli>Esperanto\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Greek\u003C\u002Fli>\n\u003Cli>Hirigana\u003C\u002Fli>\n\u003Cli>Katakana\u003C\u002Fli>\n\u003Cli>Myanmar (Burmese)\u003C\u002Fli>\n\u003Cli>Ogham\u003C\u002Fli>\n\u003Cli>Runic\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>Tifinagh\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Unicode Sets supported\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>APL\u003C\u002Fli>\n\u003Cli>Alchemical\u003C\u002Fli>\n\u003Cli>Arrows\u003C\u002Fli>\n\u003Cli>Astrology\u003C\u002Fli>\n\u003Cli>Braille\u003C\u002Fli>\n\u003Cli>Computers\u003C\u002Fli>\n\u003Cli>Counting Rods\u003C\u002Fli>\n\u003Cli>Currency\u003C\u002Fli>\n\u003Cli>Dingbats\u003C\u002Fli>\n\u003Cli>Drawing\u003C\u002Fli>\n\u003Cli>Emoji Pictographs\u003C\u002Fli>\n\u003Cli>Emoticons\u003C\u002Fli>\n\u003Cli>Games\u003C\u002Fli>\n\u003Cli>Gothic\u003C\u002Fli>\n\u003Cli>Latin Extended\u003C\u002Fli>\n\u003Cli>LetterLike\u003C\u002Fli>\n\u003Cli>Mathematics\u003C\u002Fli>\n\u003Cli>Mathematical Alphameric Symbols\u003C\u002Fli>\n\u003Cli>Punctuation\u003C\u002Fli>\n\u003Cli>Religious\u003C\u002Fli>\n\u003Cli>Roman Numerals\u003C\u002Fli>\n\u003Cli>Shapes\u003C\u002Fli>\n\u003Cli>Signs\u003C\u002Fli>\n\u003Cli>Small\u003C\u002Fli>\n\u003Cli>Spacing\u003C\u002Fli>\n\u003Cli>Subscripts\u003C\u002Fli>\n\u003Cli>Superscripts\u003C\u002Fli>\n\u003Cli>Symbols\u003C\u002Fli>\n\u003Cli>Technical\u003C\u002Fli>\n\u003C\u002Ful>\n","Admin widget on the Write Post or Write Page forms for inserting HTML encodings of Unicode characters into the edit window.",60,4162,2,"2015-11-11T20:52:00.000Z","4.3.34","2.7",[53,55,74,75,56],"post-widget","write-page","http:\u002F\u002Fwww.terryobrien.me\u002Fprogramming\u002Fwordpress\u002Fplugins\u002Funicode-character-keyboard\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funicode-character-keyboard.1.2.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":98,"download_link":99,"security_score":35,"vuln_count":100,"unpatched_count":13,"last_vuln_date":101,"fetched_at":28},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",70000,1319395,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4","7.0",[19,95,96,22,97],"import","media","uploads","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip",1,"2016-08-08 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":11,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":17,"tags":116,"homepage":120,"download_link":121,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"reveal-ids-for-wp-admin-25","Reveal IDs","1.6.2","wpseek","https:\u002F\u002Fprofiles.wordpress.org\u002Falphawolf\u002F","\u003Cp>With WordPress 2.5 being released, the IDs on all admin pages have been removed as it is. Propably due to the fact that the common user dont need them. However, for advanced WordPress Users\u002F developers those IDs were quite interesting for some plugins or template tags.\u003C\u002Fp>\n\u003Cp>What this plugin does is to reveal most removed entry IDs on admin pages, showing the entry IDs, as it was in versions prior to 2.5\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Sortable columns for WP 3.1 or higher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fx.com\u002Fwpseek\" title=\"Developer on X\" rel=\"nofollow ugc\">Developer on X\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fbsky.app\u002Fprofile\u002Fcyberblitzbirne.bsky.social\" title=\"Developer on Bluesky\" rel=\"nofollow ugc\">Developer on Bluesky\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Included languages:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German (de_DE) (Thanks to me ;-))\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese (pt_BR) (Thanks for contributing brazilian portuguese language goes to \u003Ca href=\"https:\u002F\u002Fwww.maujor.com\" rel=\"nofollow ugc\">Maurício Samy Silva\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Italian (it_IT) (Thanks for contributing italian language goes to Gianluca Urgese)\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) (Thanks for contributing spanish language goes to \u003Ca href=\"https:\u002F\u002Fwww.es-xchange.com\" rel=\"nofollow ugc\">Karin Sequen\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) (Thanks for contributing russian language goes to \u003Ca href=\"https:\u002F\u002Fgrugl.me\" rel=\"nofollow ugc\">Dimitry German\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Belorussian (by_BY) (Thanks for contributing belorussian language goes to \u003Ca href=\"https:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">FatCow\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) (Thanks for contributing dutch language goes to \u003Ca href=\"https:\u002F\u002Fwpwebshop.com\u002Fpremium-wordpress-plugins\u002F\" rel=\"nofollow ugc\">wpwebshop.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>European Portuguese (pt_PT) (Thanks for contributing european portuguese language goes to \u003Ca href=\"https:\u002F\u002Fthepatientcapacitor.com\u002F\" rel=\"nofollow ugc\">PL Monteiro\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Polish (pl_PL) (Thanks for contributing polish language goes to Simivar)\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO) (Thanks for contributing romanian language goes to \u003Ca href=\"https:\u002F\u002Fwww.jibo.ro\" rel=\"nofollow ugc\">Anunturi Jibo\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Georgian (ge_KA) (Thanks for contributing georgian language goes to \u003Ca href=\"https:\u002F\u002Fwww.onlinecasinobluebook.com\u002F\" rel=\"nofollow ugc\">Online Casino Bluebook\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Swedish (sv_SE) (Thanks for contributing swedish language goes to \u003Ca href=\"https:\u002F\u002Ffjellner.com\u002F\" rel=\"nofollow ugc\">Tor-Bjorn Fjellner\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Ukrainian (uk) (Thanks for contributing ukrainian language goes to \u003Ca href=\"https:\u002F\u002Fwww.everycloudtech.com\u002F\" rel=\"nofollow ugc\">Everycloud\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Looking for more WordPress plugins? Visit \u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Fportfolio\u002F\" rel=\"nofollow ugc\">www.schloebe.de\u002Fportfolio\u002F\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","What this plugin does is to reveal most removed IDs on admin pages, as it was in versions prior to 2.5.",40000,1137575,61,"2026-02-15T13:44:00.000Z","6.9.99","3.0",[117,96,118,22,119],"id","page","wp-admin","https:\u002F\u002Fwww.schloebe.de\u002Fwordpress\u002Freveal-ids-for-wp-admin-25-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freveal-ids-for-wp-admin-25.zip",{"slug":123,"name":124,"version":125,"author":82,"author_profile":83,"description":126,"short_description":127,"active_installs":110,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":17,"tags":134,"homepage":136,"download_link":137,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"revision-control","Revision Control","2.3.2","\u003Cp>** Support for this plugin is NOT offered, This plugin still however works. Please don’t expect support requests to be answered, or “This doesn’t work” reviews to be responded to. **\u003C\u002Fp>\n\u003Cp>Revision Control is a plugin for WordPress which gives the user more control over the Revision functionality.\u003C\u002Fp>\n\u003Cp>The plugin allows the user to set a site-global setting (Settings -> Revisions) for pages\u002Fposts to enable\u002Fdisable\u002Flimit the number of revisions which are saved for the page\u002Fpost. The user may change this setting on a per-page\u002Fpost basis from the Revisions Meta box.\u003C\u002Fp>\n\u003Cp>The plugin also allows the deletion of specific revisions via the Revisions post metabox.\u003C\u002Fp>\n","Revision Control allows finer control over the Post Revision system included with WordPress",557616,88,36,"2018-04-01T04:23:00.000Z","4.9.29","4.0",[19,22,135],"revisions","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Frevision-control\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frevision-control.2.3.2.zip",{"attackSurface":139,"codeSignals":163,"taintFlows":175,"riskAssessment":205,"analyzedAt":216},{"hooks":140,"ajaxHandlers":154,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":100,"unprotectedCount":100},[141,147,150],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","admin_menu","addAdministrativeInterfaceItems","amazon-reloaded-for-wordpress.php",29,{"type":142,"name":148,"callback":149,"file":145,"line":34},"admin_notices","addAdministrativeWarnings",{"type":142,"name":151,"callback":152,"file":145,"line":153},"admin_init","checkForSettingsSave",31,[155],{"action":156,"nopriv":157,"callback":158,"hasNonce":157,"hasCapCheck":157,"file":145,"line":159},"arfw",false,"handleAjaxSearchRequest",32,[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":13,"externalRequests":69,"nonceChecks":69,"capabilityChecks":69,"bundledLibraries":174},[],{"prepared":13,"raw":13,"locations":166},[],{"escaped":168,"rawEcho":69,"locations":169},6,[170,173],{"file":145,"line":171,"context":172},52,"raw output",{"file":145,"line":11,"context":172},[],[176,194],{"entryPoint":177,"graph":178,"unsanitizedCount":100,"severity":193},"handleAjaxSearchRequest (amazon-reloaded-for-wordpress.php:61)",{"nodes":179,"edges":191},[180,185],{"id":181,"type":182,"label":183,"file":145,"line":184},"n0","source","$_POST",62,{"id":186,"type":187,"label":188,"file":145,"line":189,"wp_function":190},"n1","sink","wp_remote_get() [SSRF]",67,"wp_remote_get",[192],{"from":181,"to":186,"sanitized":157},"medium",{"entryPoint":195,"graph":196,"unsanitizedCount":13,"severity":204},"\u003Camazon-reloaded-for-wordpress> (amazon-reloaded-for-wordpress.php:0)",{"nodes":197,"edges":201},[198,200],{"id":181,"type":182,"label":199,"file":145,"line":184},"$_POST (x2)",{"id":186,"type":187,"label":188,"file":145,"line":189,"wp_function":190},[202],{"from":181,"to":186,"sanitized":203},true,"low",{"summary":206,"deductions":207},"The \"amazon-reloaded-for-wordpress\" v5.0.8 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries, performing capability checks, and implementing nonce checks. The absence of any recorded vulnerabilities in its history is also a strong indicator of past security diligence. However, a significant concern arises from the presence of an unprotected AJAX handler, which represents a direct entry point for potential attackers. Furthermore, the taint analysis reveals one flow with an unsanitized path, although it's not categorized as critical or high severity, it still warrants attention as it could potentially lead to unexpected behavior or information disclosure.\n\nThe plugin's static analysis shows a relatively small attack surface, with only one AJAX handler identified. The fact that this handler lacks authentication checks is a primary security weakness. While there are no dangerous function calls, file operations, or vulnerable bundled libraries, the unprotected AJAX endpoint coupled with the unsanitized path flow creates a discernible risk. The plugin's history of zero CVEs is a positive sign, suggesting the developers have historically addressed security issues effectively. However, the identified unprotected entry point and taint flow highlight that vigilance is still required.",[208,211,214],{"reason":209,"points":210},"Unprotected AJAX handler",8,{"reason":212,"points":213},"Flow with unsanitized path",5,{"reason":215,"points":48},"Output escaping 75% proper","2026-03-16T21:02:45.609Z",{"wat":218,"direct":227},{"assetPaths":219,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[220,221],"\u002Fwp-content\u002Fplugins\u002Famazon-reloaded-for-wordpress\u002Fresources\u002Famazon-reloaded.css","\u002Fwp-content\u002Fplugins\u002Famazon-reloaded-for-wordpress\u002Fresources\u002Famazon-reloaded.js",[],[221],[225,226],"amazon-reloaded-for-wordpress\u002Fresources\u002Famazon-reloaded.css?ver=","amazon-reloaded-for-wordpress\u002Fresources\u002Famazon-reloaded.js?ver=",{"cssClasses":228,"htmlComments":229,"htmlAttributes":230,"restEndpoints":232,"jsGlobals":233,"shortcodeOutput":234},[4],[],[231],"data-amazon-reloaded-settings",[],[156],[]]