[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIU9jn7rXjoVbIfmMpnD3v31UjqpdxJUu_LPRZQTWv2I":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":13,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":35,"fingerprints":115},"atec-web-map-service","atec web-map-service","1.7.29","docjojo","https:\u002F\u002Fprofiles.wordpress.org\u002Fdocjojo\u002F","\u003Cp>This plugin integrates a NO cookies, NO logging, NO Tracking web map into a designated page.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Ch3>Integrity check\u003C\u002Fh3>\n\u003Cp>Once, when activating the plugin, an integrity check is requested from our server – if you give your permission.\u003Cbr \u002F>\nSource: https:\u002F\u002Fatecplugins.com\u002F\u003Cbr \u002F>\nPrivacy policy: https:\u002F\u002Fatecplugins.com\u002Fprivacy-policy\u002F\u003C\u002Fp>\n\u003Cp>To configure and show the map on your site, this plugin requests a map data from https:\u002F\u002Fatecmap.com\u002F.\u003Cbr \u002F>\nPrivacy policy: https:\u002F\u002Fatecmap.com\u002Fdocs_en.php\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>If you want to place a marker on your map, please visit https:\u002F\u002Fatecmap.com\u002Fdocs_en.php and get an APIkey.\u003C\u002Fp>\n","The atecmap.com web map can be incorporated into any page. The map comes with a customizable location icon and is fully GDPR conform.",20,4457,100,2,"2026-01-08T13:22:00.000Z","6.9.4","4.9","7.4",[20,21],"fully-gdpr-conform","incorporated-the-atecmap-com-web-map-into-any-page","https:\u002F\u002Fatecmap.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fatec-web-map-service.1.7.29.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":31,"computed_at":33},16,2730,99,1,"2026-04-04T13:45:41.178Z",[],{"attackSurface":36,"codeSignals":73,"taintFlows":107,"riskAssessment":108,"analyzedAt":114},{"hooks":37,"ajaxHandlers":60,"restRoutes":67,"shortcodes":68,"cronEvents":72,"entryPointCount":14,"unprotectedCount":32},[38,44,47,51,54,58],{"type":39,"name":40,"callback":41,"file":42,"line":43},"action","admin_menu","closure","atec-web-map-service.php",31,{"type":39,"name":45,"callback":41,"file":42,"line":46},"admin_init",33,{"type":39,"name":48,"callback":41,"file":49,"line":50},"admin_enqueue_scripts","includes\\ATEC\\INIT.php",564,{"type":39,"name":52,"callback":41,"file":49,"line":53},"admin_notices",647,{"type":39,"name":55,"callback":41,"priority":56,"file":49,"line":57},"admin_footer",10,688,{"type":39,"name":52,"callback":41,"file":49,"line":59},720,[61],{"action":62,"nopriv":63,"callback":64,"hasNonce":63,"hasCapCheck":63,"file":65,"line":66},"atec_admin_notice_dismiss",false,"dismiss_notice","includes\\ATEC\\LOADER.php",109,[],[69],{"tag":70,"callback":41,"file":42,"line":71},"atec_wpwms_shortcode",43,[],{"dangerousFunctions":74,"sqlUsage":75,"outputEscaping":77,"fileOperations":104,"externalRequests":32,"nonceChecks":14,"capabilityChecks":105,"bundledLibraries":106},[],{"prepared":24,"raw":24,"locations":76},[],{"escaped":78,"rawEcho":79,"locations":80},315,11,[81,85,87,89,92,95,98,99,100,101,102],{"file":82,"line":83,"context":84},"includes\\ATEC\\CHECK.php",73,"raw output",{"file":82,"line":86,"context":84},111,{"file":82,"line":88,"context":84},124,{"file":90,"line":91,"context":84},"includes\\ATEC\\SVG.php",557,{"file":93,"line":94,"context":84},"includes\\ATEC\\TOOLS.php",1211,{"file":96,"line":97,"context":84},"includes\\atec-wpwms-settings.php",13,{"file":96,"line":97,"context":84},{"file":96,"line":97,"context":84},{"file":96,"line":97,"context":84},{"file":96,"line":97,"context":84},{"file":96,"line":103,"context":84},51,14,5,[],[],{"summary":109,"deductions":110},"The 'atec-web-map-service' v1.7.29 plugin exhibits a generally good security posture with some notable areas of concern. The plugin demonstrates strong adherence to secure coding practices by exclusively using prepared statements for SQL queries and properly escaping a high percentage of its output. The absence of known vulnerabilities in its history and the limited scope of taint analysis further contribute to a positive impression. However, the presence of an unprotected AJAX handler represents a significant potential entry point for attackers. While the plugin implements a reasonable number of nonce and capability checks, the lack of authentication on one of its entry points is a critical oversight that could lead to unauthorized actions or information disclosure if that handler performs sensitive operations.\n\nDespite the plugin's strengths in areas like SQL handling and output sanitization, the single unprotected AJAX endpoint is a clear risk. The vulnerability history shows no past issues, which is excellent, but this does not negate the immediate risk presented by the current code. Future analysis should focus on understanding the functionality of this unprotected handler to fully assess the potential impact. In conclusion, while the plugin is built on a solid foundation of secure coding, this specific omission needs immediate attention to mitigate potential security threats.",[111],{"reason":112,"points":113},"Unprotected AJAX handler",8,"2026-03-16T23:10:05.691Z",{"wat":116,"direct":125},{"assetPaths":117,"generatorPatterns":120,"scriptPaths":121,"versionParams":122},[118,119],"\u002Fwp-content\u002Fplugins\u002Fatec-web-map-service\u002Fassets\u002Fjs\u002Fatec.js","\u002Fwp-content\u002Fplugins\u002Fatec-web-map-service\u002Fassets\u002Fcss\u002Fatec.css",[],[118],[123,124],"atec-web-map-service\u002Fassets\u002Fjs\u002Fatec.js?ver=","atec-web-map-service\u002Fassets\u002Fcss\u002Fatec.css?ver=",{"cssClasses":126,"htmlComments":127,"htmlAttributes":128,"restEndpoints":135,"jsGlobals":137,"shortcodeOutput":139},[],[],[129,130,131,132,133,134],"data-atec-wpwms-width","data-atec-wpwms-height","data-atec-wpwms-key","data-atec-wpwms-mono","data-atec-wpwms-lat","data-atec-wpwms-lng",[136],"\u002Fwp-json\u002Fatec-web-map-service\u002Fv1\u002Fsettings",[138],"atec_wpwms_ajax_cb",[140,141,142,143,144,145,146],"\u003Ciframe style=\"display: block; border:none; width:","; height:","\" src=\"https:\u002F\u002Fatecmap.com?apikey=","&mono=","&lat=","&lon=","\" sandbox=\"allow-scripts allow-popups\">\u003C\u002Fiframe>"]