[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDJAXSKmoVwadd5hfRX5Ukp1EN9xjZ1w_ISUVSOuccKI":3},{"slug":4,"name":4,"version":5,"author":4,"author_profile":6,"description":7,"short_description":8,"active_installs":9,"downloaded":10,"rating":11,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":132,"fingerprints":206},"bookingkit","1.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fbookingkit\u002F","\u003Cp>bookingkit is the smart, German engineered online booking solution for leisure time activity providers.\u003C\u002Fp>\n\u003Cp>You can setup your account on \u003Ca href=\"https:\u002F\u002Finfo.bookingkit.de\u002Fwordpress\" rel=\"nofollow ugc\">bookingkit.de\u003C\u002Fa> and create your events within a few minutes.\u003C\u002Fp>\n\u003Cp>=Why you should use bookingkit:=\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Make your services instantly bookable directly on your website. Sell more tickets through an easy-to-use booking solution for your customers to book and pay your events. All relevant payment-providers like PayPal are included.\u003C\u002Fli>\n\u003Cli>Smart interface for business and customer administration: Keep an overview of your reservations, your bookings, your customers and your income.\u003C\u002Fli>\n\u003Cli>Promote your services and acquire new clients: Advertise easily with marketing partners like TripAdvisor, GetYourGuide or CTS Eventim.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>=Requirements:=\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You need a bookingkit account to use this plugin. Plans start at 0 Euro per month and can be cancelled every month.\u003C\u002Fli>\n\u003C\u002Ful>\n","bookingkit allows you to easily make your events and tours bookable - instantly and directly on your website.",80,3789,98,9,"2016-10-27T15:07:00.000Z","4.6.30","4.0","",[18,19,20,21,22],"booking","booking-engine","booking-software","booking-system","booking-tool","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbookingkit\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbookingkit.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":4,"display_name":4,"profile_url":6,"plugin_count":31,"total_installs":9,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-03T21:28:39.105Z",[36,60,81,102,117],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":16,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":26,"last_vuln_date":59,"fetched_at":28},"beds24-online-booking","Beds24 Online Booking","2.0.30","markkinchin","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkkinchin\u002F","\u003Ch4>Powerful and Customisable Online Booking System\u003C\u002Fh4>\n\u003Cp>Beds24.com is a full featured online booking engine. The system is very flexible with many options for customization.\u003C\u002Fp>\n\u003Cp>The Beds24.com online booking system and channel manager is suitable for any type of accommodation such as hotels, motels, B&B’s, hostels, vacation rentals, holiday homes and campgrounds as well as selling extras like tickets or tours.\u003C\u002Fp>\n\u003Cp>The plugin is free to use but you do need an account with Beds24.com. A free trial account is available at http:\u002F\u002Fwww.beds24.com\u002Fjoin.html\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Real-time availability and commission free online bookings\u003C\u002Fli>\n\u003Cli>Customisable booking widgets\u003C\u002Fli>\n\u003Cli>Multiple rates and discounts\u003C\u002Fli>\n\u003Cli>Multi language booking page (30+languages)\u003C\u002Fli>\n\u003Cli>Online payments\u003C\u002Fli>\n\u003Cli>Optional channel manager\u003C\u002Fli>\n\u003Cli>Multi-language support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features for Property Managers, Hotel Groups and Agencies\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Agency seach box\u003C\u002Fli>\n\u003Cli>Subaccounts with access control\u003C\u002Fli>\n\u003C\u002Ful>\n","Accept commission free online bookings from your Wordpress website. Suitable for hotels, B&B's, holiday rentals, vacation rentals, apartments &hellip;",2000,98551,86,6,"2025-05-02T06:14:00.000Z","6.7.5","2.0.2",[19,21,52,53,54],"ibe","online-booking-engine","online-booking-system","https:\u002F\u002Fbeds24.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeds24-online-booking.zip",94,7,"2025-05-07 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":31,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":79,"download_link":80,"security_score":70,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"sirvoy-booking-engine","Sirvoy Booking Engine","5.1","john@sirvoy","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnsirvoy\u002F","\u003Cp>With this plugin you can easily add the Sirvoy booking engine to your WordPress website and accept commission free online bookings.\u003Cbr \u002F>\nThe bookings will be registered in your Sirvoy account, which you can sign up for on \u003Ca href=\"https:\u002F\u002Fsirvoy.com\" rel=\"nofollow ugc\">https:\u002F\u002Fsirvoy.com\u003C\u002Fa>. Sirvoy is an online booking\u003Cbr \u002F>\nsystem for hotels, B&Bs, guest houses, inns and other accommodations. Besides allowing you to receive direct bookings and payments\u003Cbr \u002F>\nthrough your website, Sirvoy can also help you to connect and receive bookings from channels, manage and edit your bookings,\u003Cbr \u002F>\ncommunicate with your clients etc.\u003C\u002Fp>\n\u003Ch3>Booking engine features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Receive direct commission free bookings\u003C\u002Fli>\n\u003Cli>Customisable design\u003C\u002Fli>\n\u003Cli>Adjust rates and restrict availability\u003C\u002Fli>\n\u003Cli>Available in 28 different languages\u003C\u002Fli>\n\u003Cli>Receive online payments\u003C\u002Fli>\n\u003Cli>Connect to leading channels\u003C\u002Fli>\n\u003C\u002Ful>\n","Sirvoy booking engine - Non-Commission Direct Bookings from Your Website. Sirvoy can also help you to receive bookings from channels, and much more.",1000,10733,100,"2025-10-14T10:35:00.000Z","6.9.4","5.0","7.2",[76,19,21,77,78],"accommodation-booking","hotel-booking-system","sirvoy","https:\u002F\u002Fsirvoy.com\u002Ftopic\u002Fbooking-engine\u002Finstalling-on-your-website\u002Finstalling-the-booking-engine-on-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsirvoy-booking-engine.5.1.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":46,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":100,"download_link":101,"security_score":70,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"booking-system-edoobox","Online Buchungssystem – edoobox","3.4.1","edoobox","https:\u002F\u002Fprofiles.wordpress.org\u002Fedoobox\u002F","\u003Cp>The Edoobox booking system simplifies the planning and advertising of courses and events with the online booking solutions.\u003C\u002Fp>\n\u003Ch4>Online Booking System\u003C\u002Fh4>\n\u003Cp>edoobox is the clever online booking system. Customers can book and pay for courses, seminars and events around the clock in real time.\u003C\u002Fp>\n\u003Ch4>Promotion-Campaigns\u003C\u002Fh4>\n\u003Cp>With edoobox you choose a well-rounded online booking system. Efficient management of your courses, seminars, events, congresses and symposia. Increase your success.\u003C\u002Fp>\n\u003Ch4>Integration into your website\u003C\u002Fh4>\n\u003Cp>Integrate the booking system into your website and adapt the design to your web presence. All offer pages are optimised for smartphones, tablets and PC.\u003C\u002Fp>\n\u003Ch4>Participant management\u003C\u002Fh4>\n\u003Cp>Your participants are your most valuable asset. All customer details and offers can easily be viewed and changed anywhere at any time.\u003C\u002Fp>\n\u003Ch4>Payment systems\u003C\u002Fh4>\n\u003Cp>Your participants pay online by credit card or bank transfer, edoobox itself does not charge a discount. From the many payment systems provided you can activate the desired system and\u002For activate the automatic invoice generation.\u003C\u002Fp>\n\u003Ch4>Real-time price control\u003C\u002Fh4>\n\u003Cp>The online presence\u002Fattendee list is always available in real time. For optimal communication, the provider is informed by e-mail in case of changes.\u003C\u002Fp>\n","Simplify event and course management with Edoobox, an intuitive online booking system.",200,16590,8,"2025-11-25T22:08:00.000Z","6.8.5","6.0","8.2",[20,97,98,54,99],"course-administration","event-registration-system","seminar-registration","https:\u002F\u002Fwww.edoobox.com\u002Fwordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbooking-system-edoobox.3.4.1.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":70,"downloaded":110,"rating":70,"num_ratings":31,"last_updated":111,"tested_up_to":72,"requires_at_least":112,"requires_php":74,"tags":113,"homepage":115,"download_link":116,"security_score":70,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"mybooking-reservation-engine","MyBooking Reservation Engine","2.6.0","Juan","https:\u002F\u002Fprofiles.wordpress.org\u002Fjuanmiqueo\u002F","\u003Cp>Mybooking Reservation Engine WordPress plugin is designed for your vehicle, boats, properties or material rental.\u003Cbr \u002F>\nIt also can be used for accommodation, transfers or tour and activities business.\u003C\u002Fp>\n\u003Cp>It’s easy to use and very powerful. You can manage offers, promotion codes and connect a payment gateway to charge\u003Cbr \u002F>\nfor your reservations. You can insert a search widget on your home page to start the reservation process. You can\u003Cbr \u002F>\nalso include a calendar in each of your products pages.\u003C\u002Fp>\n\u003Cp>This plugin provides a booking engine frontend in your WordPress site connecting to your mybooking account.\u003C\u002Fp>\n\u003Cp>It is very easy to set up:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create your products and prices on your mybooking account.\u003C\u002Fli>\n\u003Cli>Install and configure the plugin on your WordPress website.\u003C\u002Fli>\n\u003Cli>Start receiving and charging reservations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It has three modules for different reservation needs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Renting\u002FAccommation\u003C\u002Fli>\n\u003Cli>Activities\u002FAppointments\u003C\u002Fli>\n\u003Cli>Transfer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The reservation engine includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Search widgets to start the reservation process\u003C\u002Fli>\n\u003Cli>Calendar shortcodes to add a calendar to your product page\u003C\u002Fli>\n\u003Cli>Language context adapted to the different business\u003C\u002Fli>\n\u003Cli>Prices by hours and days (defined on your mybooking account)\u003C\u002Fli>\n\u003Cli>Prices by seasons (defined on your mybooking account)\u003C\u002Fli>\n\u003Cli>Offers (defined on your mybooking account)\u003C\u002Fli>\n\u003Cli>Promotion Code (defined on your mybooking accoount)\u003C\u002Fli>\n\u003Cli>Stop sales (defined on your mybooking account)\u003C\u002Fli>\n\u003Cli>Min and max reservation duration (defined on your mybooking account)\u003C\u002Fli>\n\u003Cli>Calendar to define delivery and collection times (defined on your mybooking account)\u003C\u002Fli>\n\u003Cli>Payment gateway connection. Paypal, Redsys and Addon Payments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The reservation engine can be used for the following businesses:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Vehicles rental (car rental, autocaravanning, motorcycle, scooters, bike)\u003C\u002Fli>\n\u003Cli>Boats rental\u003C\u002Fli>\n\u003Cli>Properties rental\u003C\u002Fli>\n\u003Cli>Sports material rental (Kayak, surf, paddle surf)\u003C\u002Fli>\n\u003Cli>Accommodation (hostels and hotels)\u003C\u002Fli>\n\u003Cli>Sport courts\u003C\u002Fli>\n\u003Cli>Coworking\u003C\u002Fli>\n\u003Cli>Escape Rooms\u003C\u002Fli>\n\u003Cli>Activities\u003C\u002Fli>\n\u003Cli>Tours\u003C\u002Fli>\n\u003Cli>Appointments\u003C\u002Fli>\n\u003Cli>Transfers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Notes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The plugin does not use iframes to build the reservation process. It works directly on your WordPress installation.\u003C\u002Fli>\n\u003Cli>It is ready to use in any theme. But you can customize the components to match your website look and feel\u003C\u002Fli>\n\u003C\u002Ful>\n","Mybooking Reservation Engine WordPress plugin.",10915,"2025-12-18T10:21:00.000Z","5.2",[19,21,114,53,54],"car-rental-reservation","https:\u002F\u002Fwww.mybooking.es\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmybooking-reservation-engine.2.6.0.zip",{"slug":20,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":32,"downloaded":124,"rating":26,"num_ratings":26,"last_updated":125,"tested_up_to":93,"requires_at_least":73,"requires_php":16,"tags":126,"homepage":130,"download_link":131,"security_score":70,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"Anolla – Appointment Scheduling and Booking Software","1.3.0","Developer","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevel0per\u002F","\u003Cp>Tired of managing appointments through endless phone calls and emails? The Anolla plugin is a complete \u003Cstrong>booking software\u003C\u002Fstrong> that transforms your WordPress website into an automated scheduling powerhouse, allowing your clients to book your services anytime, anywhere.\u003C\u002Fp>\n\u003Cp>Simply connect your Anolla.com account using a secure widget ID, and embed a sleek, professional booking form directly onto your site with a simple shortcode. This powerful \u003Cstrong>online booking system\u003C\u002Fstrong> is the perfect solution for service professionals who want to save time, reduce no-shows, and provide a seamless booking experience for their clients.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Effortless Integration:\u003C\u002Fstrong> Add your booking form to any page, post, or widget area in seconds using a simple shortcode.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully Responsive & Mobile-Friendly:\u003C\u002Fstrong> Your booking form looks and works perfectly on all devices, from desktops to smartphones.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Powerful & Secure Anolla Backend:\u003C\u002Fstrong> All your bookings, schedules, and client data are securely managed in your Anolla.com dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multilingual Support:\u003C\u002Fstrong> Reach a global audience. The booking interface supports over 20 languages automatically.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highly Customizable:\u003C\u002Fstrong> Control your services, availability, and form appearance directly from your Anolla dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Who is this booking system for?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our plugin is a perfect fit for any business or individual that relies on appointments, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Consultants, coaches, and advisors\u003C\u002Fli>\n\u003Cli>Hair salons, barbers, and beauty professionals\u003C\u002Fli>\n\u003Cli>Massage therapists and wellness centers\u003C\u002Fli>\n\u003Cli>Fitness classes, gyms and sport clubs\u003C\u002Fli>\n\u003Cli>Tennis, padel and other racket courts\u003C\u002Fli>\n\u003Cli>Doctors, dentists, and healthcare providers\u003C\u002Fli>\n\u003Cli>Rental services for equipment, vehicles and rooms\u003C\u002Fli>\n\u003Cli>Schools, tutors, teachers, and driving instructors\u003C\u002Fli>\n\u003Cli>Coworking spaces, meeting rooms, and other venues\u003C\u002Fli>\n\u003Cli>Event organizers for meetings, weddings, and conferences\u003C\u002Fli>\n\u003Cli>Tours, escape rooms and leisure activities\u003C\u002Fli>\n\u003Cli>Cleaning, handymen and home services\u003C\u002Fli>\n\u003Cli>Car services, repair shops, and trade professionals\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Why Choose Anolla As Your Online Booking System?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>While there are many booking solutions, Anolla is built for simplicity and speed. Unlike other complex plugins, our \u003Cstrong>scheduling software\u003C\u002Fstrong> focuses on getting you more clients with less hassle. The setup is intuitive, and you get a powerful backend to manage everything, making it the ideal choice for any service professional on WordPress.\u003C\u002Fp>\n\u003Cp>Stop losing customers to busy signals. Start automating your growth with Anolla today!\u003C\u002Fp>\n\u003Ch3>Setup Instructions\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Create an Account:\u003C\u002Fstrong> Sign up for an Anolla account at \u003Ca href=\"https:\u002F\u002Fanolla.com\u002Fen\u002Fsoftware\" rel=\"nofollow ugc\">https:\u002F\u002Fanolla.com\u002Fen\u002Fsoftware\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activate the App:\u003C\u002Fstrong> In your Anolla dashboard, activate the Booking System client app.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Get your Widget ID:\u003C\u002Fstrong> Generate a new booking link to get your unique \u003Ccode>widget_id\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Anolla (anolla.com) service to function correctly. This connection is essential for displaying the booking widget on your website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Used:\u003C\u002Fstrong> Anolla Booking Software API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> When a page with the booking widget is loaded, the plugin sends a request containing the unique and non-personal \u003Ccode>widget_id\u003C\u002Fcode> to Anolla’s servers to fetch the latest widget code. No user or site data is transmitted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fanolla.com\u002Fapp\u002Flegal\u002Fterms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fanolla.com\u002Fapp\u002Flegal\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n","Online booking system for salons, wellness, clinics, fitness, education, events, rentals, restaurants, tours and activities.",1215,"2025-10-01T21:03:00.000Z",[127,20,21,128,129],"appointments","calendar","scheduling-software","https:\u002F\u002Fanolla.com\u002Fen\u002Fsoftware","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbooking-software.1.3.0.zip",{"attackSurface":133,"codeSignals":181,"taintFlows":194,"riskAssessment":195,"analyzedAt":205},{"hooks":134,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":180,"entryPointCount":31,"unprotectedCount":26},[135,141,145,149,153,157,161,166,170],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","plugins_loaded","load_bookingkit_textdomain","bookingkit.php",232,{"type":136,"name":142,"callback":143,"file":139,"line":144},"init","bookingkit_register_shortcode",234,{"type":136,"name":146,"callback":147,"file":139,"line":148},"admin_init","bookingkit_register_settings",235,{"type":136,"name":150,"callback":151,"file":139,"line":152},"admin_menu","add_bookingkit_menu",236,{"type":136,"name":154,"callback":155,"file":139,"line":156},"add_meta_boxes","bookingkit_add_custom_box",237,{"type":136,"name":158,"callback":159,"file":139,"line":160},"save_post","bookingkit_save_postdata",238,{"type":162,"name":163,"callback":164,"file":139,"line":165},"filter","the_content","bookingkit_content",239,{"type":136,"name":167,"callback":168,"file":139,"line":169},"wp_enqueue_scripts","bookingkit_add_script",240,{"type":136,"name":171,"callback":172,"file":139,"line":173},"wp_print_scripts","bookingkit_dequeue_script",241,[],[],[177],{"tag":4,"callback":178,"file":139,"line":179},"bookingkit_shortcode",189,[],{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":185,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":193},[],{"prepared":26,"raw":26,"locations":184},[],{"escaped":186,"rawEcho":186,"locations":187},2,[188,191],{"file":139,"line":189,"context":190},95,"raw output",{"file":139,"line":192,"context":190},142,[],[],{"summary":196,"deductions":197},"The bookingkit plugin v1.0, based on the provided static analysis, exhibits a generally good security posture.  The absence of known CVEs and the use of prepared statements for all SQL queries are strong indicators of secure development practices. Furthermore, the limited attack surface, with only one shortcode identified and no AJAX handlers or REST API routes exposed without authorization, suggests a conscious effort to minimize potential entry points for attackers. The plugin also avoids dangerous functions and file operations, which further bolsters its security.\n\nHowever, several areas warrant attention. The fact that only 50% of output is properly escaped means that there is a potential for cross-site scripting (XSS) vulnerabilities if the unescaped output is rendered in a context where it can be interpreted as code. Additionally, the complete absence of nonce checks and capability checks across all entry points is a significant concern. This lack of authorization checks means that any user, regardless of their role or permissions, could potentially interact with or manipulate the plugin's functionality through its shortcode, opening the door to unauthorized actions. While the taint analysis found no issues, this is largely due to the analyzed flows being zero, making it impossible to draw definitive conclusions about its effectiveness in detecting sophisticated attacks.\n\nIn conclusion, bookingkit v1.0 presents a mixed security profile. Its strengths lie in its clean code regarding SQL, avoidance of known vulnerabilities, and a small attack surface. The primary weaknesses are the potential for XSS due to partial output escaping and, more critically, the complete lack of nonce and capability checks on its sole entry point. Addressing these authorization and output sanitization issues would significantly improve the plugin's overall security.",[198,200,203],{"reason":199,"points":47},"Unescaped output",{"reason":201,"points":202},"Missing nonce checks",10,{"reason":204,"points":202},"Missing capability checks","2026-03-16T21:30:54.030Z",{"wat":207,"direct":213},{"assetPaths":208,"generatorPatterns":209,"scriptPaths":210,"versionParams":212},[],[],[211],"\u002Fwp-content\u002Fplugins\u002Fbookingkit\u002Fbookingkit.php",[],{"cssClasses":214,"htmlComments":215,"htmlAttributes":216,"restEndpoints":217,"jsGlobals":218,"shortcodeOutput":219},[],[],[],[],[],[220],"\u003Cdiv id='bookingKitContainer'>\u003C\u002Fdiv>"]