[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdVDAODOvoPeqhuPM4TIg04wEakYxPHWhpX4U5fg5dOo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":72,"fingerprints":235},"astra-hooks","Astra Hooks","1.0.2","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Cp>Astra uses the WordPress Hooks API to insert actions throughout the theme. This plugin allows you to hook your custom content, shortcodes, or JavaScript code into various hook locations.\u003C\u002Fp>\n\u003Cp>Once installed, you will see a new tab in the Customizer. See screenshots for more information.\u003C\u002Fp>\n\u003Cp>To see all of the available hooks in Astra, visit this page.\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fdevelopers.wpastra.com\u002Ftheme-visual-hooks\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fdevelopers.wpastra.com\u002Ftheme-visual-hooks\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Need to add dynamic content with various conditions? Please consider the \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002F?utm_source=wp-org&utm_medium=readme&utm_campaign=astra-hooks\" rel=\"nofollow ugc\">Astra Pro Addon\u003C\u002Fa>. Custom Layouts module in Astra Pro Addon offers functionality so you can add dynamic content (PHP Code) easily.\u003C\u002Fp>\n","Add your content to Hooks in the Astra theme from the customizer.",20000,160661,90,6,"2025-12-01T09:45:00.000Z","6.9.4","4.4","",[4,20,21],"astra-theme","customizer-hooks","https:\u002F\u002Fwpastra.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fastra-hooks.1.0.2.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"brainstormforce",32,8627510,98,196,78,"2026-04-03T18:39:50.859Z",[38,53],{"slug":39,"name":40,"version":41,"author":7,"author_profile":8,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":49,"homepage":22,"download_link":52,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"reset-astra-customizer","Astra Customizer Reset","1.0.6","\u003Cp>Astra Customizer Reset plugin will reset all customizer settings in one click. The plugin will serve to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fastra\u002F\" rel=\"ugc\"> Astra \u003C\u002Fa>WordPress theme only.\u003C\u002Fp>\n\u003Cp>It provides a “Reset” button in the customizer. Clicking this button will set Astra theme customizer options to default.\u003C\u002Fp>\n\u003Ch4>When it can be used?\u003C\u002Fh4>\n\u003Cp>This is helpful when you experiment with various customizer options to explore the power of the theme and then want to start over. OR wish to set a new design line for the website.\u003C\u002Fp>\n\u003Cp>The reset button will take you back at the initial state with the theme.\u003C\u002Fp>\n\u003Cp>This will affect only customizer settings like layouts, typography, colors, buttons, etc.\u003C\u002Fp>\n","This plugin helps to reset customizer settings for the Astra theme in a single click.",40000,701339,96,4,"2025-12-01T09:52:00.000Z",[20,50,39,51],"customizer-reset","reset-astra-theme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freset-astra-customizer.1.0.6.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":24,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":18,"download_link":70,"security_score":71,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"neve-hooks","Neve Hooks","1.0.1","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Neve is built using WordPress Hooks which allows you to easily “hook” your own custom content in the theme’s designated locations.\u003C\u002Fp>\n\u003Cp>After installing and activating the theme, just navigate to Customizer, where you will have access to the Hooks panel.\u003C\u002Fp>\n\u003Cp>There you will be able to add your own content: HTML or shortcodes.\u003C\u002Fp>\n","Easily add your own content in Neve using the Hooks panel in customizer.",400,8981,2,"2020-08-14T14:45:00.000Z","5.5.18","4.0","5.6",[21,54,69],"neve-theme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fneve-hooks.zip",85,{"attackSurface":73,"codeSignals":179,"taintFlows":222,"riskAssessment":223,"analyzedAt":234},{"hooks":74,"ajaxHandlers":175,"restRoutes":176,"shortcodes":177,"cronEvents":178,"entryPointCount":25,"unprotectedCount":25},[75,81,87,90,95,99,102,106,110,114,118,122,126,129,133,137,141,145,149,153,157,161,165,168,170],{"type":76,"name":77,"callback":78,"file":79,"line":80},"action","after_setup_theme","astra_hooks_init","astra-hooks.php",55,{"type":82,"name":83,"callback":84,"file":85,"line":86},"filter","astra_theme_defaults","theme_defaults","classes\\class-astra-hooks-loader.php",42,{"type":76,"name":88,"callback":88,"file":85,"line":89},"customize_register",43,{"type":76,"name":91,"callback":92,"file":93,"line":94},"wp_head","hook_wp_head","classes\\class-astra-hooks-markup.php",40,{"type":76,"name":96,"callback":97,"file":93,"line":98},"astra_header_before","hook_header_before",41,{"type":76,"name":100,"callback":101,"file":93,"line":86},"astra_header_after","hook_header_after",{"type":76,"name":103,"callback":104,"file":93,"line":105},"astra_sidebars_before","hook_sidebars_before",45,{"type":76,"name":107,"callback":108,"file":93,"line":109},"astra_sidebars_after","hook_sidebars_after",46,{"type":76,"name":111,"callback":112,"file":93,"line":113},"astra_footer_before","hook_footer_before",49,{"type":76,"name":115,"callback":116,"file":93,"line":117},"astra_footer_after","hook_footer_after",50,{"type":76,"name":119,"callback":120,"file":93,"line":121},"wp_footer","hook_wp_footer",51,{"type":76,"name":123,"callback":124,"file":93,"line":125},"astra_content_before","hook_container_before",54,{"type":76,"name":127,"callback":128,"file":93,"line":80},"astra_primary_content_top","hook_before_main_content",{"type":76,"name":130,"callback":131,"file":93,"line":132},"astra_entry_top","hook_entry_top",56,{"type":76,"name":134,"callback":135,"file":93,"line":136},"astra_entry_content_before","hook_entry_content_before",57,{"type":76,"name":138,"callback":139,"file":93,"line":140},"astra_entry_content_after","hook_entry_content_after",58,{"type":76,"name":142,"callback":143,"file":93,"line":144},"astra_entry_bottom","hook_entry_bottom",59,{"type":76,"name":146,"callback":147,"file":93,"line":148},"astra_primary_content_bottom","hook_after_main_content",60,{"type":76,"name":150,"callback":151,"file":93,"line":152},"astra_content_after","hook_container_after",61,{"type":76,"name":154,"callback":155,"file":93,"line":156},"astra_comments_before","hook_comments_before",64,{"type":76,"name":158,"callback":159,"file":93,"line":160},"astra_comments_after","hook_comments_after",65,{"type":82,"name":162,"callback":163,"file":164,"line":132},"all_plugins","plugins_page","classes\\class-astra-hooks-white-label.php",{"type":82,"name":166,"callback":167,"file":164,"line":136},"astra_addon_branding_options","anonymous",{"type":76,"name":169,"callback":167,"file":164,"line":140},"astra_pro_white_label_add_form",{"type":82,"name":171,"callback":172,"priority":173,"file":164,"line":174},"plugin_row_meta","plugin_links",10,62,[],[],[],[],{"dangerousFunctions":180,"sqlUsage":181,"outputEscaping":183,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":221},[],{"prepared":25,"raw":25,"locations":182},[],{"escaped":47,"rawEcho":184,"locations":185},18,[186,189,191,192,193,195,197,199,201,203,205,207,209,211,213,215,217,219],{"file":93,"line":187,"context":188},74,"raw output",{"file":93,"line":190,"context":188},82,{"file":93,"line":13,"context":188},{"file":93,"line":33,"context":188},{"file":93,"line":194,"context":188},106,{"file":93,"line":196,"context":188},114,{"file":93,"line":198,"context":188},122,{"file":93,"line":200,"context":188},130,{"file":93,"line":202,"context":188},138,{"file":93,"line":204,"context":188},146,{"file":93,"line":206,"context":188},154,{"file":93,"line":208,"context":188},162,{"file":93,"line":210,"context":188},170,{"file":93,"line":212,"context":188},178,{"file":93,"line":214,"context":188},186,{"file":93,"line":216,"context":188},194,{"file":93,"line":218,"context":188},202,{"file":93,"line":220,"context":188},210,[],[],{"summary":224,"deductions":225},"The Astra Hooks plugin v1.0.2 exhibits a generally strong security posture based on the provided static analysis. The absence of entry points like AJAX handlers, REST API routes, shortcodes, and cron events, coupled with zero unprotected entry points, significantly limits the plugin's attack surface. Furthermore, the complete reliance on prepared statements for SQL queries and the lack of dangerous functions or external HTTP requests are excellent security practices.  The plugin also shows no recorded vulnerabilities, which suggests a history of stable and secure development.\n\nHowever, a significant concern arises from the low output escaping percentage (18%). This indicates that a substantial portion of dynamic output within the plugin might be vulnerable to cross-site scripting (XSS) attacks, especially if user-supplied data is not properly sanitized before being displayed. The lack of nonce and capability checks across all entry points also presents a potential weakness, as it might allow unauthorized actions if any implicit entry points were overlooked in the static analysis or if future versions introduce such points without proper checks.\n\nIn conclusion, while Astra Hooks v1.0.2 demonstrates commendable security by minimizing its attack surface and handling SQL queries securely, the low rate of output escaping and the absence of nonce\u002Fcapability checks are notable weaknesses that could be exploited. Addressing these issues, particularly output escaping, should be a priority to further strengthen its security.",[226,229,232],{"reason":227,"points":228},"Low output escaping percentage (18%)",8,{"reason":230,"points":231},"No nonce checks implemented",5,{"reason":233,"points":231},"No capability checks implemented","2026-03-16T17:27:26.581Z",{"wat":236,"direct":241},{"assetPaths":237,"generatorPatterns":238,"scriptPaths":239,"versionParams":240},[],[],[],[],{"cssClasses":242,"htmlComments":250,"htmlAttributes":251,"restEndpoints":254,"jsGlobals":255,"shortcodeOutput":256},[243,244,245,246,247,248,249],"branding-form","hndle","inside","form-wrap","form-field","placeholder","placeholder-active",[],[252,253],"aria-expanded","aria-hidden",[],[],[]]