[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8D_3iujGAeVI2NzJ_qkDaIfXsrFU3xvSiJHfdINqfAU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":76,"fingerprints":151},"auto-meta-header","Auto Meta Header","1.0","Indra agustian","https:\u002F\u002Fprofiles.wordpress.org\u002Findraunib\u002F","\u003Cp>Auto Meta Description and Meta Keyword, Robot Meta Tag (index follow for home, single post, tag, and category – noindex follow for others – Base on Google webmaster guidelines)\u003C\u002Fp>\n\u003Cp>Related Link:\u003Cbr \u002F>\n* \u003Ca href=\"http:\u002F\u002Fwww.indra-agustian.com\u002F2011\u002F08\u002Fauto-meta-header-wordpress-plugin\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fauto-meta-header\" rel=\"ugc\">support forum\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fautodescription\" rel=\"ugc\">support forum\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fauto-keyword\" rel=\"ugc\">support forum\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fautokeyword\" rel=\"ugc\">support forum\u003C\u002Fa>\u003C\u002Fp>\n","Auto Meta Header plugin automatically add meta keywords, description to your WordPress blog, Also Friendly Search Engine Robot Meta Tag.",20,14210,0,"2011-08-04T19:20:00.000Z","3.2.1","2.5.0","",[19,20,21,4,22],"auto-description","auto-keyword","auto-meta","auto-meta-keyword","http:\u002F\u002Fwww.indra-agustian.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-meta-header.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"indraunib",1,30,84,"2026-04-04T14:41:18.888Z",[36,57],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":55,"download_link":56,"security_score":44,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"auto-meta-keywords","Auto Meta Keywords","1.0.4","mansurahamed","https:\u002F\u002Fprofiles.wordpress.org\u002Fmansurahamed\u002F","\u003Cp>This plugin automatically gets the keywords of your post\u002Fpage content and shows them in the meta keywords tag. Meta keywords tag can be used when determining the page relevance to search queries by the search engines.\u003Cbr \u002F>\nExample of meta keywords tag would be like this\u003C\u002Fp>\n\u003Cp>meta name=”keywords” content=”blogging, hiking, writing, skills”\u003C\u002Fp>\n\u003Cp>Its comptiable with popular page builders like Elementor, Divi, Wpbakery, Gutenberg editor etc. Super fast, doesn’t effect page load speed.\u003Cbr \u002F>\nUse the filter “amk_custom_keywords” to set custom keywords for any specific post.\u003C\u002Fp>\n\u003Cp>Official Developer: \u003Ca href=\"https:\u002F\u002Fwww.upwork.com\u002Ffreelancers\u002F~013259d08861bd5bd8\" rel=\"nofollow ugc\">Mansur Ahamed\u003C\u002Fa>\u003C\u002Fp>\n","This plugin automatically gets the keywords of your post\u002Fpage content and shows them in the meta keywords tag. Meta keywords tag can be used when dete …",100,4418,"2025-04-12T14:00:00.000Z","6.8.5","5.0","7.3",[51,52,53,54],"auto-keywords","meta-keywords","meta-tag","seo","https:\u002F\u002Fwww.mansurahamed.com\u002Fauto-meta-keywords\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-meta-keywords.1.0.4.zip",{"slug":58,"name":59,"version":6,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":17,"download_link":75,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"auto-add-image-attributes","Auto Add Image Attributes","Suraj Lulla","https:\u002F\u002Fprofiles.wordpress.org\u002Fsrjlulla\u002F","\u003Cp>Automatically add image’s Title, Caption, Alt Text and Description from image’s filename with this WordPress plugin.\u003C\u002Fp>\n\u003Cp>Just activate this plugin and it will automatically add image’s Title, Caption, Alt Text and Description from image’s filename for newly uploaded images.\u003C\u002Fp>\n","Automatically add image's Title, Caption, Alt Text and Description from image's filename with this WordPress plugin.",10,1357,"2017-06-14T15:14:00.000Z","4.7.32","4.2",[70,71,72,73,74],"add-image-attributes","add-image-caption-from-file-name","auto-add-image-caption","image-auto-caption","image-auto-description","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-add-image-attributes.zip",{"attackSurface":77,"codeSignals":93,"taintFlows":140,"riskAssessment":141,"analyzedAt":150},{"hooks":78,"ajaxHandlers":89,"restRoutes":90,"shortcodes":91,"cronEvents":92,"entryPointCount":13,"unprotectedCount":13},[79,85],{"type":80,"name":81,"callback":82,"file":83,"line":84},"action","admin_menu","metaheader_add_menu","auto-meta-header.php",12,{"type":80,"name":86,"callback":87,"file":83,"line":88},"admin_init","metaheader_reg_function",13,[],[],[],[],{"dangerousFunctions":94,"sqlUsage":95,"outputEscaping":97,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":31,"bundledLibraries":139},[],{"prepared":13,"raw":13,"locations":96},[],{"escaped":13,"rawEcho":98,"locations":99},19,[100,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137],{"file":83,"line":101,"context":102},42,"raw output",{"file":83,"line":104,"context":102},46,{"file":83,"line":106,"context":102},50,{"file":83,"line":108,"context":102},54,{"file":83,"line":110,"context":102},58,{"file":83,"line":112,"context":102},62,{"file":83,"line":114,"context":102},66,{"file":83,"line":116,"context":102},70,{"file":83,"line":118,"context":102},74,{"file":83,"line":120,"context":102},78,{"file":83,"line":122,"context":102},133,{"file":83,"line":124,"context":102},139,{"file":83,"line":126,"context":102},142,{"file":83,"line":128,"context":102},144,{"file":83,"line":130,"context":102},149,{"file":83,"line":132,"context":102},152,{"file":83,"line":134,"context":102},155,{"file":83,"line":136,"context":102},158,{"file":83,"line":138,"context":102},160,[],[],{"summary":142,"deductions":143},"The \"auto-meta-header\" plugin version 1.0 exhibits a generally strong security posture based on the provided static analysis. The absence of identified dangerous functions, raw SQL queries, file operations, external HTTP requests, and taint analysis findings are positive indicators. The plugin also correctly uses prepared statements for its SQL queries.  However, the analysis reveals a critical weakness: 100% of its 19 output operations are not properly escaped. This presents a significant risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the WordPress frontend, potentially leading to session hijacking, defacement, or further compromise.  Furthermore, the complete lack of nonce checks across all entry points, combined with a single capability check, suggests a potential for privilege escalation or unauthorized actions if any of the entry points were to be exploited.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs. This is a positive sign, but it cannot entirely mitigate the risks identified in the code analysis. The lack of historical vulnerabilities might be due to the plugin's limited complexity, recent release, or simply good fortune. The primary concern remains the unescaped output, which is a fundamental security best practice that has been overlooked. The plugin's strengths lie in its secure handling of SQL and the absence of common attack vectors like raw SQL and external requests. Its weakness is directly tied to its insufficient output sanitization, making it vulnerable to XSS attacks.",[144,147],{"reason":145,"points":146},"100% of output not properly escaped",15,{"reason":148,"points":149},"No nonce checks on any entry points",5,"2026-03-16T23:00:36.009Z",{"wat":152,"direct":157},{"assetPaths":153,"generatorPatterns":154,"scriptPaths":155,"versionParams":156},[],[],[],[],{"cssClasses":158,"htmlComments":159,"htmlAttributes":160,"restEndpoints":161,"jsGlobals":162,"shortcodeOutput":163},[],[],[],[],[],[164,165,166],"\u003Cmeta name=\"description\" content=\"","\u003Cmeta name=\"keywords\" content=\"","\u003Cmeta name=\"robots\" content=\""]