[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGnch9cfZcXorOnrlw5McvZvE1LQVq8EnWDQZUQ1l8uQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":13,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":45,"fingerprints":72},"begruessung-nach-der-tageszeit","Begrüßung nach Tageszeit","1.0","Benjamin Hagh Parast","https:\u002F\u002Fprofiles.wordpress.org\u002Fhaghs\u002F","\u003Cp>Mit diesem Plugin begrüßen Sie Ihre Website Besucher nach der Tageszeit. Von 00:00 Uhr bis 12:00 mit Guten Morgen, 12:00 Uhr bis 17:00 Uhr mit Guten Tag und von 17:00 Uhr bis 24:00 Uhr mit Guten Abend.\u003C\u002Fp>\n\u003Cp>This plugin allows you to use the shortcode [hallo] to address your website visitors as follows: good morning, good day and good evening. You can change the welcome text, translate or adapt it as you wish.\u003C\u002Fp>\n","Greet your website visitors by time of day with shortcode [hallo] on pages or posts.",10,886,100,1,"2026-01-09T16:43:00.000Z","6.9.4","6.9","8.0",[20],"greet-your-website-visitors-by-time-of-day","https:\u002F\u002Fwordtune.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbegruessung-nach-der-tageszeit.1.0.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":13,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"haghs",18,330,30,94,"2026-04-04T09:55:14.001Z",[35],{"slug":36,"name":37,"version":6,"author":7,"author_profile":8,"description":38,"short_description":39,"active_installs":13,"downloaded":40,"rating":13,"num_ratings":41,"last_updated":42,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":43,"homepage":21,"download_link":44,"security_score":13,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"greeting-by-day-time","Say hello","\u003Cp>This plugin allows you to use the shortcode to address your website visitors as follows: good morning, good day and good evening.\u003C\u002Fp>\n\u003Cp>Supported languages\u003C\u002Fp>\n\u003Cp>Arabic use [mrhban_ae]\u003C\u002Fp>\n\u003Cp>Chinese use [nihao_chn]\u003C\u002Fp>\n\u003Cp>English use [hello_en]\u003C\u002Fp>\n\u003Cp>Farsi use [dorud_irn]\u003C\u002Fp>\n\u003Cp>French use [bonjour_fr]\u003C\u002Fp>\n\u003Cp>German use [hallo_de]\u003C\u002Fp>\n\u003Cp>Greek use [chairete_grc]\u003C\u002Fp>\n\u003Cp>Irish use [heileo_ir]\u003C\u002Fp>\n\u003Cp>Italian use [ciao_it]\u003C\u002Fp>\n\u003Cp>Polish use [czesc_pol]\u003C\u002Fp>\n\u003Cp>Spanish use [hola_sp]\u003C\u002Fp>\n","Greet your website visitors by time of day with shortcode on pages or posts.",1446,2,"2026-01-09T18:09:00.000Z",[20],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgreeting-by-day-time.1.0.zip",{"attackSurface":46,"codeSignals":55,"taintFlows":62,"riskAssessment":63,"analyzedAt":71},{"hooks":47,"ajaxHandlers":48,"restRoutes":49,"shortcodes":50,"cronEvents":54,"entryPointCount":14,"unprotectedCount":23},[],[],[],[51],{"tag":52,"callback":52,"file":53,"line":31},"hallo","Hallo.php",[],{"dangerousFunctions":56,"sqlUsage":57,"outputEscaping":59,"fileOperations":23,"externalRequests":23,"nonceChecks":23,"capabilityChecks":23,"bundledLibraries":61},[],{"prepared":23,"raw":23,"locations":58},[],{"escaped":41,"rawEcho":23,"locations":60},[],[],[],{"summary":64,"deductions":65},"The \"begruessung-nach-der-tageszeit\" plugin version 1.0 exhibits a generally positive security posture based on the provided static analysis. The absence of dangerous functions, file operations, external HTTP requests, and the consistent use of prepared statements for SQL queries, alongside proper output escaping, are all strong indicators of secure coding practices. The plugin also has no recorded vulnerabilities or CVEs, which further contributes to its current perceived safety.\n\nHowever, there are specific areas for concern. The lack of nonce checks and capability checks across all entry points, particularly for its single shortcode, presents a potential risk. While the static analysis did not identify any direct taint flows or vulnerabilities, this absence of authorization checks means that any interaction with the shortcode could potentially be triggered by unauthenticated users. This could lead to unexpected behavior or be a stepping stone for more complex attacks if the shortcode's functionality is not inherently benign.\n\nIn conclusion, while the plugin demonstrates good fundamental security principles in its code, the missing authorization checks on its shortcode represent a notable weakness. The clean vulnerability history is encouraging, but it is crucial to address the potential for unauthorized execution of its functionality. A more robust implementation would include appropriate nonce and capability checks to ensure that the shortcode's actions are only performed by authenticated and authorized users.",[66,69],{"reason":67,"points":68},"Missing nonce checks on shortcode",8,{"reason":70,"points":68},"Missing capability checks on shortcode","2026-03-17T01:12:42.936Z",{"wat":73,"direct":78},{"assetPaths":74,"generatorPatterns":75,"scriptPaths":76,"versionParams":77},[],[],[],[],{"cssClasses":79,"htmlComments":80,"htmlAttributes":81,"restEndpoints":82,"jsGlobals":83,"shortcodeOutput":84},[],[],[],[],[],[85,86,87],"Guten Morgen","Guten Tag","Guten Abend"]