[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWHgXDa5AIHB1i9S_EuOYRturKlqCQkOgWC-tFQsFhOE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":79,"fingerprints":136},"anhlinh-call-button","Anhlinh Contact List, Messages, Zalo, Email, Call Button","1.0.0","thanhansoft","https:\u002F\u002Fprofiles.wordpress.org\u002Fthanhansoft\u002F","\u003Cp>List icon button for hotline, messenger, zalo, email. A very simple yet very effective plugin that adds a Call Now button to your website for every device (mobile, table and desktop).\u003C\u002Fp>\n\u003Cp>Optimized CSS inline, icon svg, in activate, deactivate, and uninstall plugins.\u003C\u002Fp>\n\u003Ch3>Arbitrary section 1\u003C\u002Fh3>\n","List icon button for hotline, messenger, zalo, email. A very simple yet very effective plugin that adds a Call Now button to your website for every de &hellip;",100,1885,2,"2021-08-14T01:55:00.000Z","5.8.13","3.3","",[19,20,21,22],"anh-linh-contact-list","hotline-button-web","list-contact-on-web","phonering","https:\u002F\u002Fthanhansoft.com\u002Fanhlinh-contact-list","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanhlinh-call-button.1.0.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":13,"total_installs":31,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},140,30,84,"2026-04-05T15:18:00.155Z",[36,58],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":11,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":17,"requires_php":49,"tags":50,"homepage":56,"download_link":57,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"hotline-phone-ring","Hotline Phone Ring","2.0.6","Nam Truong","https:\u002F\u002Fprofiles.wordpress.org\u002Fnamncn\u002F","\u003Cp>Fixed Hotline on the screen.\u003C\u002Fp>\n\u003Ch3>From within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit ‘Plugins > Add New’\u003C\u002Fli>\n\u003Cli>Search for ‘Hotline Phone Ring’\u003C\u002Fli>\n\u003Cli>Activate Hotline Phone Ring from your Plugins page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the \u003Ccode>hotline-phone-ring\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the Hotline Phone Ring plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Go to “after activation” below.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Others Plugins\u003C\u002Fh3>\n\u003Cp>Yes we do plugins and we’ve got some popular ones 🙂\u003C\u002Fp>\n\u003Cp>Main plugins from Nam Truong:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fslider-hero-with-elementor\u002F\" rel=\"friend ugc\">Slider Hero with Elementor:\u003C\u002Fa> Create unlimited beautiful sliders with Elementor Page Builder.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-for-elementor\u002F\" rel=\"friend ugc\">WooCommerce For Elementor:\u003C\u002Fa> Add new Woocommerce Widgets that are specifically designed to be used in conjunction with the Elementor Page Builder.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetter-categories-images\u002F\" rel=\"friend ugc\">Better Categories Images:\u003C\u002Fa> The Better Categories Images Plugin allow you to add image with any category or taxonomy.\u003C\u002Fli>\n\u003C\u002Ful>\n","Fixed Hotline on the screen.",9000,58403,3,"2021-06-02T07:58:00.000Z","5.2.24","5.6.2",[51,52,53,54,55],"dien-thoai-rung","fixed","hotline","phone","wp-phonering","https:\u002F\u002Fnamncn.com\u002Fplugins\u002Fhotline-phone-ring\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhotline-phone-ring.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":11,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":77,"download_link":78,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"echbay-phonering-alo","EchBay Phonering Alo","1.3.1","Dao Quoc Dai","https:\u002F\u002Fprofiles.wordpress.org\u002Fitvn9online\u002F","\u003Cp>Add Phonering Alo button to your website. A very simple yet very effective plugin that adds a Call Now button to your website for every device (mobile, table and desktop).\u003C\u002Fp>\n","Add Phonering Alo button to your website. A very simple yet very effective plugin that adds a Call Now button to your website for every device (mobile &hellip;",1000,26219,1,"2025-11-28T02:59:00.000Z","6.9.4","4.8",[73,74,75,22,76],"call","contact","customers","sales","https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwordpresseb","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fechbay-phonering-alo.zip",{"attackSurface":80,"codeSignals":108,"taintFlows":124,"riskAssessment":125,"analyzedAt":135},{"hooks":81,"ajaxHandlers":104,"restRoutes":105,"shortcodes":106,"cronEvents":107,"entryPointCount":26,"unprotectedCount":26},[82,88,92,97,100,102],{"type":83,"name":84,"callback":85,"file":86,"line":87},"action","admin_menu","settingMenu","admin.php",11,{"type":83,"name":89,"callback":90,"file":86,"line":91},"admin_init","register_setting_and_fields",12,{"type":83,"name":93,"callback":94,"file":95,"line":96},"wp_head","closure","public.php",16,{"type":83,"name":98,"callback":94,"file":95,"line":99},"wp_footer",19,{"type":83,"name":93,"callback":94,"file":95,"line":101},26,{"type":83,"name":98,"callback":94,"file":95,"line":103},40,[],[],[],[],{"dangerousFunctions":109,"sqlUsage":110,"outputEscaping":112,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":123},[],{"prepared":26,"raw":26,"locations":111},[],{"escaped":113,"rawEcho":46,"locations":114},13,[115,118,121],{"file":95,"line":116,"context":117},51,"raw output",{"file":119,"line":120,"context":117},"views\\setting-page.php",6,{"file":119,"line":122,"context":117},7,[],[],{"summary":126,"deductions":127},"The anhlinh-call-button plugin version 1.0.0 demonstrates a generally strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the code signals are positive, with no dangerous functions identified, all SQL queries utilizing prepared statements, and no file operations or external HTTP requests. This indicates a conscientious approach to secure coding practices.\n\nHowever, a significant concern arises from the complete lack of nonce checks and capability checks. This omission means that any functionality the plugin might expose, even if currently minimal or nonexistent in the analyzed entry points, would be entirely unprotected from unauthorized execution. While the taint analysis found no issues, this is likely due to the lack of any discernible data flows or entry points to analyze. The plugin's vulnerability history being empty is a positive sign, suggesting no past exploits or discoveries, but it doesn't mitigate the inherent risk of the missing authorization checks.\n\nIn conclusion, while the current implementation appears clean and free of immediate exploitable flaws based on the limited scope of analysis, the absence of nonce and capability checks represents a critical security oversight. This leaves the plugin vulnerable to potential privilege escalation or unauthorized action if any functionality were to be added or discovered in the future. The plugin's strengths lie in its minimal attack surface and secure handling of database operations, but its weaknesses are substantial due to the lack of fundamental authorization mechanisms.",[128,131,133],{"reason":129,"points":130},"Missing Nonce Checks",15,{"reason":132,"points":130},"Missing Capability Checks",{"reason":134,"points":120},"High percentage of unescaped output (19%)","2026-03-16T20:41:44.721Z",{"wat":137,"direct":146},{"assetPaths":138,"generatorPatterns":141,"scriptPaths":142,"versionParams":143},[139,140],"\u002Fwp-content\u002Fplugins\u002Fanhlinh-call-button\u002Fassets\u002Fcss\u002Fcall-button.css","\u002Fwp-content\u002Fplugins\u002Fanhlinh-call-button\u002Fassets\u002Fjs\u002Fcall-button.js",[],[140],[144,145],"anhlinh-call-button\u002Fassets\u002Fcss\u002Fcall-button.css?ver=","anhlinh-call-button\u002Fassets\u002Fjs\u002Fcall-button.js?ver=",{"cssClasses":147,"htmlComments":157,"htmlAttributes":158,"restEndpoints":160,"jsGlobals":161,"shortcodeOutput":163},[148,149,150,151,152,153,154,155,156],"al-hotline","al-cta-icon","cta-left","al-cta-phone","al-cta-zalo","al-ico-phone","al-ico-messenger","al-ico-zalo","al-ico-email",[],[159],"data-call-button-id",[],[162],"al_cta_options",[164],"[anhlinh_contact_button]"]