[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faSS9t1oza6yQjR_kIwXdNg-IeoRjcGiFfEup3FBLWOc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":32,"analysis":70,"fingerprints":271},"appgrade-nautica","Nautica AppGrade","1.7","appgrade","https:\u002F\u002Fprofiles.wordpress.org\u002Fappgrade\u002F","\u003Cp>Il plugin AppGrade consente di collegare il tuo sito e-commerce WordPress (con WooCommerce) al software \u003Ca href=\"https:\u002F\u002Fwww.app-grade.it\u002F\" rel=\"nofollow ugc\">Nautica AppGrade\u003C\u002Fa>.\u003Cbr \u002F>\nGrazie a questa integrazione, per ogni prodotto acquistato possono essere generati automaticamente uno o più dei seguenti elementi:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Corsi di tipo “Lezioni” – assegna al contatto l’accesso a uno o più corsi basati su lezioni.\u003C\u002Fli>\n\u003Cli>Corsi Prenotabili – assegna al contatto un credito per la prenotazione dei corsi prenotabili.\u003C\u002Fli>\n\u003Cli>Prodotti – inserisce i prodotti acquistati direttamente nel profilo del contatto, con la possibilità di gestire la fatturazione.\u003C\u002Fli>\n\u003Cli>Tipologia Quiz – consente di attivare il portale studenti e specificare quali tipi di quiz rendere disponibili.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>Questo plugin si connette all’API di Nautica AppGrade per inviare informazioni e creare clienti, ordini, fatture, prodotti e iscrizioni ai corsi.\u003C\u002Fp>\n","Il plugin AppGrade consente di collegare il tuo sito e-commerce WordPress (con WooCommerce) al software Nautica AppGrade.",0,232,"2026-01-28T11:40:00.000Z","6.8.5","5.2","7.0",[7,18,19,20],"nautica","nautica-appgrade","patente-nautica","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fappgrade-nautica.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,94,"2026-04-04T11:10:39.574Z",[33,53],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":23,"num_ratings":28,"last_updated":21,"tested_up_to":43,"requires_at_least":44,"requires_php":21,"tags":45,"homepage":50,"download_link":51,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":52},"nwa","Navionics WebAPI v2","0.2.0","navionicsdevelopers","https:\u002F\u002Fprofiles.wordpress.org\u002Fnavionicsdevelopers\u002F","\u003Cp>This plugin allows you to use the Navionics WebAPI v2 in your WordPress blog.\u003Cbr \u002F>\nYou can create a map component (for Ski or Boating) and a Full Navionics Products Catalog and visualise them into Pages or Blog article with a simple shortcode.\u003Cbr \u002F>\nOn Admin panel you will find simple forms where you can build your component following the same instructions present on https:\u002F\u002Fwebapiv2.navionics.com.\u003Cbr \u002F>\nWith the above procedure, you will generate the related shortcode to be used in tour article or posts… that’s it!\u003C\u002Fp>\n\u003Ch4>More Information\u003C\u002Fh4>\n\u003Cp>Visit the \u003Ca href=\"https:\u002F\u002Fwebapiv2.navionics.com\" rel=\"nofollow ugc\">Navionics WebAPIv2\u003C\u002Fa> website for documentation, support, and information on getting involved in the project.\u003C\u002Fp>\n\u003Cp>There’s a \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FNavionics\u002Fwebapi_wordpress_plugin\" rel=\"nofollow ugc\">GIT repository\u003C\u002Fa> too if you want to contribute a patch… you are welcome!\u003C\u002Fp>\n\u003Cp>We have an entire team of  Engineers ready to help you. Ask your questions in the support forum, or contact us directly.\u003C\u002Fp>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>The \u003Cstrong>Navionics WebAPIv2 WordPress plugin\u003C\u002Fstrong> is under GPLv2 License and it use the library \u003Cem>Navionics WebAPIv2\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>Navionics WebAPIv2 library\u003C\u002Fstrong> is under \u003Ca href=\"https:\u002F\u002Fwww.navionics.com\u002Fen\u002Fwebapi-download\" rel=\"nofollow ugc\">Web API Terms of Service\u003C\u002Fa> and it require one access token. Please refer  \u003Ca href=\"https:\u002F\u002Fwebapiv2.navionics.com\" rel=\"nofollow ugc\">Navionics WebAPIv2 site\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=1OHA-JDK6QU\" title=\"Navionics WebAPIv2 WordPress Plugin \" rel=\"nofollow ugc\">\u003C\u002Fa>\u003C\u002Fp>\n","Navionics WebAPIv2 WordPress plugin allows you to easily add Navionics maps to your Wordpress blog.",50,2392,"5.2.24","4.7.2",[46,47,48,49],"chart","maps","nautical","navionics","https:\u002F\u002Fwebapiv2.navionics.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnwa.0.2.0.zip","2026-03-15T10:48:56.248Z",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":11,"downloaded":61,"rating":11,"num_ratings":11,"last_updated":62,"tested_up_to":14,"requires_at_least":63,"requires_php":21,"tags":64,"homepage":21,"download_link":69,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"rockscience-enc-chart-viewer-for-noaa","RockScience Marine Chart Viewer for NOAA ENC","2025.09.1","Bob Damiano","https:\u002F\u002Fprofiles.wordpress.org\u002Frockscience\u002F","\u003Cp>\u003Cstrong>This is a SERVICE PLUGIN\u003C\u002Fstrong> that provides real-time access to official NOAA nautical charts by connecting to external government APIs. The plugin acts as a bridge between your WordPress site and NOAA’s Electronic Navigational Chart (ENC) services.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> Marine chart data is provided by NOAA and only covers U.S. coastal waters, Great Lakes, and U.S. territories. For areas outside NOAA coverage, only the base ocean map will be displayed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Real-time NOAA nautical chart data via official APIs\u003Cbr \u002F>\n* Interactive charts powered by ESRI ArcGIS mapping service\u003Cbr \u002F>\n* Live chart updates from government sources\u003Cbr \u002F>\n* No account registration required\u003Cbr \u002F>\n* Core API for other marine service plugins\u003Cbr \u002F>\n* Settings page for default coordinates\u003C\u002Fp>\n\u003Cp>\u003Cstrong>External Service Dependencies:\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin requires internet connectivity to function as it provides live chart data from:\u003Cbr \u002F>\n* NOAA Chart Services (official government charts)\u003Cbr \u002F>\n* ESRI ArcGIS API (mapping framework)\u003Cbr \u002F>\n* No personal data is collected or transmitted\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Chart Coverage:\u003C\u002Fstrong>\u003Cbr \u002F>\nMarine chart data is sourced from NOAA Electronic Navigational Charts (ENC) and covers:\u003Cbr \u002F>\n* U.S. coastal waters (Atlantic, Pacific, Gulf of Mexico)\u003Cbr \u002F>\n* Great Lakes\u003Cbr \u002F>\n* U.S. territories (Alaska, Hawaii, Puerto Rico, etc.)\u003Cbr \u002F>\n* Areas outside NOAA coverage will display base ocean maps only\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services to provide nautical chart functionality:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>ESRI ArcGIS API\u003C\u002Fstrong>\u003Cbr \u002F>\n– Service: https:\u002F\u002Fjs.arcgis.com\u002F\u003Cbr \u002F>\n– Purpose: Provides the mapping framework and JavaScript libraries needed to display interactive charts\u003Cbr \u002F>\n– Data sent: No personal data is transmitted to ESRI servers\u003Cbr \u002F>\n– Terms: https:\u002F\u002Fwww.esri.com\u002Fen-us\u002Flegal\u002Fterms\u002Ffull-master-agreement\u003Cbr \u002F>\n– Privacy: https:\u002F\u002Fwww.esri.com\u002Fen-us\u002Fprivacy\u002Foverview\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOAA Chart Services\u003C\u002Fstrong>\u003Cbr \u002F>\n– Service: https:\u002F\u002Fgis.charttools.noaa.gov\u002F\u003Cbr \u002F>\n– Purpose: Provides official NOAA Electronic Navigational Chart (ENC) data for display\u003Cbr \u002F>\n– Data sent: Chart tile requests based on map location and zoom level (no personal data)\u003Cbr \u002F>\n– Terms: https:\u002F\u002Fwww.noaa.gov\u002Finformation-technology\u002Fwebsite-policies\u003Cbr \u002F>\n– Privacy: https:\u002F\u002Fwww.noaa.gov\u002Fprivacy-policy\u003C\u002Fp>\n\u003Ch3>ArcGIS CDN Requirement and Licensing Notice\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> This plugin requires the ESRI ArcGIS JavaScript API, which must be loaded from the official ESRI CDN at https:\u002F\u002Fjs.arcgis.com\u002F per ESRI’s licensing terms.\u003Cbr \u002F>\nIt is \u003Cstrong>not legally permitted\u003C\u002Fstrong> to self-host or bundle the ArcGIS API with this plugin.\u003Cbr \u002F>\nReference: \u003Ca href=\"https:\u002F\u002Fdevelopers.arcgis.com\u002Fjavascript\u002Flatest\u002Fguide\u002Fusing-cdn\u002F\" rel=\"nofollow ugc\">ESRI ArcGIS JS API Terms\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The ArcGIS API is used solely to provide the mapping framework for NOAA chart display.\u003C\u002Fli>\n\u003Cli>No personal data is transmitted to ESRI.\u003C\u002Fli>\n\u003Cli>This requirement is due to ESRI’s license and is outside the control of this plugin’s author.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have questions about this requirement, please see the ESRI terms or contact the plugin author.\u003C\u002Fp>\n","Embed interactive NOAA nautical charts using official government APIs. Covers U.S. waters, Great Lakes, and territories.",155,"2025-09-23T12:32:00.000Z","5.0",[65,66,48,67,68],"boating","charts","noaa","sailing","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frockscience-enc-chart-viewer-for-noaa.2025.09.1.zip",{"attackSurface":71,"codeSignals":186,"taintFlows":202,"riskAssessment":259,"analyzedAt":270},{"hooks":72,"ajaxHandlers":170,"restRoutes":183,"shortcodes":184,"cronEvents":185,"entryPointCount":83,"unprotectedCount":83},[73,79,84,89,93,97,101,106,110,114,117,121,126,129,133,137,141,146,151,156,161,165],{"type":74,"name":75,"callback":76,"file":77,"line":78},"action","plugins_loaded","nautica_app_grade_update_db_check","appgrade-nautica.php",66,{"type":74,"name":80,"callback":81,"file":82,"line":83},"admin_footer","appgadenautica_custom_admin_js","src\\APPGRADENAUTICA_Action.php",4,{"type":85,"name":86,"callback":87,"file":82,"line":88},"filter","woocommerce_checkout_fields","appgadenautica_add_woocommerce_checkout_fields",15,{"type":85,"name":90,"callback":91,"file":82,"line":92},"woocommerce_checkout_update_order_meta","appgadenautica_add_woocommerce_checkout_update_order_meta",48,{"type":85,"name":94,"callback":95,"file":82,"line":96},"woocommerce_customer_meta_fields","appgadenautica_add_woocommerce_customer_meta_fields",67,{"type":74,"name":98,"callback":99,"file":82,"line":100},"woocommerce_checkout_shipping","appgadenautica_checkout_form_shipping",135,{"type":85,"name":102,"callback":103,"priority":104,"file":82,"line":105},"woocommerce_product_data_tabs","appgadenautica_woo_corsi_nautica_app_grade_tab",98,145,{"type":74,"name":107,"callback":108,"file":82,"line":109},"woocommerce_product_data_panels","appgadenautica_add_corsi_nautica_app_grade_fields",162,{"type":74,"name":111,"callback":112,"file":82,"line":113},"woocommerce_process_product_meta_simple","appgadenautica_save_corsi_nautica_app_grade_option_fields",372,{"type":74,"name":115,"callback":112,"file":82,"line":116},"woocommerce_process_product_meta_variable",373,{"type":74,"name":118,"callback":119,"file":82,"line":120},"woocommerce_order_status_changed","closure",379,{"type":74,"name":122,"callback":123,"priority":124,"file":82,"line":125},"woocommerce_admin_order_data_after_billing_address","appgadenautica_codice_fiscale_order_meta_admin",10,401,{"type":74,"name":122,"callback":127,"priority":124,"file":82,"line":128},"appgadenautica_altra_anagrafica_order_meta_admin",410,{"type":74,"name":130,"callback":131,"file":82,"line":132},"woocommerce_checkout_process","appgadenautica_required_cf_checkout_field_process",444,{"type":85,"name":134,"callback":135,"priority":124,"file":82,"line":136},"woocommerce_get_price_html","filter_woocommerce_get_price_html",459,{"type":74,"name":138,"callback":139,"file":82,"line":140},"woocommerce_before_add_to_cart_form","new_after_add_to_cart_btn",480,{"type":74,"name":142,"callback":143,"priority":144,"file":82,"line":145},"woocommerce_before_calculate_totals","add_custom_price",1000,550,{"type":74,"name":147,"callback":148,"priority":149,"file":82,"line":150},"woocommerce_before_add_to_cart_button","hidden_field_before_add_to_cart_button",5,602,{"type":85,"name":152,"callback":153,"priority":154,"file":82,"line":155},"woocommerce_add_cart_item_data","add_booking_config_to_cart_item_data",20,607,{"type":74,"name":157,"callback":158,"priority":159,"file":82,"line":160},"woocommerce_new_order_item","tp_add_custom_meta_to_order",99,622,{"type":85,"name":162,"callback":163,"priority":124,"file":82,"line":164},"woocommerce_order_item_get_formatted_meta_data","nap_woocommerce_order_item_get_formatted_meta_data_filter",673,{"type":74,"name":166,"callback":167,"file":168,"line":169},"admin_menu","setupAdminMenus","src\\APPGRADENAUTICA_Settings.php",21,[171,175,178,181],{"action":172,"nopriv":173,"callback":172,"hasNonce":173,"hasCapCheck":173,"file":82,"line":174},"frontend_action_appgadenautica_app_grade_get_book_day",false,498,{"action":172,"nopriv":176,"callback":172,"hasNonce":173,"hasCapCheck":173,"file":82,"line":177},true,499,{"action":179,"nopriv":173,"callback":179,"hasNonce":173,"hasCapCheck":173,"file":82,"line":180},"frontend_action_appgadenautica_app_grade_get_book_month",520,{"action":179,"nopriv":176,"callback":179,"hasNonce":173,"hasCapCheck":173,"file":82,"line":182},521,[],[],[],{"dangerousFunctions":187,"sqlUsage":188,"outputEscaping":190,"fileOperations":11,"externalRequests":28,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":201},[],{"prepared":83,"raw":11,"locations":189},[],{"escaped":191,"rawEcho":192,"locations":193},69,3,[194,197,199],{"file":82,"line":195,"context":196},515,"raw output",{"file":82,"line":198,"context":196},541,{"file":82,"line":200,"context":196},666,[],[203,220,229,240,251],{"entryPoint":204,"graph":205,"unsanitizedCount":28,"severity":219},"frontend_action_appgadenautica_app_grade_get_book_day (src\\APPGRADENAUTICA_Action.php:500)",{"nodes":206,"edges":217},[207,212],{"id":208,"type":209,"label":210,"file":82,"line":211},"n0","source","$_POST",502,{"id":213,"type":214,"label":215,"file":82,"line":195,"wp_function":216},"n1","sink","echo() [XSS]","echo",[218],{"from":208,"to":213,"sanitized":173},"medium",{"entryPoint":221,"graph":222,"unsanitizedCount":28,"severity":219},"frontend_action_appgadenautica_app_grade_get_book_month (src\\APPGRADENAUTICA_Action.php:522)",{"nodes":223,"edges":227},[224,226],{"id":208,"type":209,"label":210,"file":82,"line":225},525,{"id":213,"type":214,"label":215,"file":82,"line":198,"wp_function":216},[228],{"from":208,"to":213,"sanitized":173},{"entryPoint":230,"graph":231,"unsanitizedCount":238,"severity":239},"\u003CAPPGRADENAUTICA_Action> (src\\APPGRADENAUTICA_Action.php:0)",{"nodes":232,"edges":236},[233,235],{"id":208,"type":209,"label":234,"file":82,"line":211},"$_POST (x2)",{"id":213,"type":214,"label":215,"file":82,"line":195,"wp_function":216},[237],{"from":208,"to":213,"sanitized":173},2,"low",{"entryPoint":241,"graph":242,"unsanitizedCount":28,"severity":239},"settingsPage (src\\APPGRADENAUTICA_Settings.php:28)",{"nodes":243,"edges":249},[244,245],{"id":208,"type":209,"label":210,"file":168,"line":29},{"id":213,"type":214,"label":246,"file":168,"line":247,"wp_function":248},"update_option() [Settings Manipulation]",37,"update_option",[250],{"from":208,"to":213,"sanitized":173},{"entryPoint":252,"graph":253,"unsanitizedCount":28,"severity":239},"\u003CAPPGRADENAUTICA_Settings> (src\\APPGRADENAUTICA_Settings.php:0)",{"nodes":254,"edges":257},[255,256],{"id":208,"type":209,"label":210,"file":168,"line":29},{"id":213,"type":214,"label":246,"file":168,"line":247,"wp_function":248},[258],{"from":208,"to":213,"sanitized":173},{"summary":260,"deductions":261},"The appgrade-nautica plugin v1.7 exhibits a mixed security posture. On the positive side, it utilizes prepared statements for all SQL queries and demonstrates excellent output escaping, with 96% of outputs properly handled. There are no recorded vulnerabilities or CVEs, suggesting a generally well-maintained codebase in terms of known exploits. The absence of file operations and dangerous functions is also a positive indicator. \n\nHowever, significant security concerns arise from the plugin's attack surface. All four identified AJAX handlers lack authentication checks, presenting a substantial risk. The taint analysis indicates five flows with unsanitized paths, although these are not categorized as critical or high severity. The complete absence of nonce checks and capability checks on entry points, particularly the unprotected AJAX handlers, is a major weakness. While the vulnerability history is clean, this does not mitigate the immediate risks posed by the current implementation.\n\nIn conclusion, while the plugin demonstrates good practices in data sanitization for SQL and output, the lack of authentication and authorization on all AJAX endpoints creates a critical security gap. This makes it vulnerable to unauthorized actions if an attacker can trigger these AJAX calls. The taint analysis, while not flagged as critical, also warrants attention due to unsanitized paths.",[262,264,266,268],{"reason":263,"points":154},"AJAX handlers without auth checks",{"reason":265,"points":88},"Flows with unsanitized paths (5)",{"reason":267,"points":124},"No nonce checks",{"reason":269,"points":124},"No capability checks","2026-03-17T07:00:41.095Z",{"wat":272,"direct":278},{"assetPaths":273,"generatorPatterns":275,"scriptPaths":276,"versionParams":277},[274],"\u002Fwp-content\u002Fplugins\u002Fappgrade-nautica\u002Futility\u002Fjs\u002Fappgadenautica_custom_admin_js.js",[],[274],[],{"cssClasses":279,"htmlComments":283,"htmlAttributes":284,"restEndpoints":286,"jsGlobals":287,"shortcodeOutput":288},[280,281,282],"form-row-last","js_field-country","js_field-state",[],[285],"data-field_type=\"billing_codice_fiscale\"",[],[],[289],"\u003Cinput type=\"hidden\" name=\"appgadenautica_copy_billing\" value=\"\" id=\"appgadenautica_copy_billing\">"]