[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fW9Cu5V7PLCwl-v8Qnzwd77PDhsBx1mvLy0fSmKIs-_c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":38,"fingerprints":190},"booster-for-wpforms","Booster for WPForms","1.2","wpmonks","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmonks\u002F","\u003Cp>\u003Cstrong>WPForms is a great form builder plugin but it misses some of the features\u003C\u002Fstrong>. Booster for WPForms brings those missing features and enhances your experiecnce with WPForms.\u003C\u002Fp>\n\u003Cp>Here is the list of features that are added by Booster for WPForms\u003Cbr \u002F>\n* Ability to mark fields as readonly\u003Cbr \u002F>\n* Prevent browser autocomplete for forms\u003Cbr \u002F>\n* Show remaining entries at top of form\u003Cbr \u002F>\n* Option to set Max characters for input and textarea fields\u003Cbr \u002F>\n* Option to set values for checkbox, radio and dropdown fields\u003Cbr \u002F>\n* Min and Max range for numbers field\u003Cbr \u002F>\n* Ability to change validation message per field\u003C\u002Fp>\n\u003Ch4>Booster for WPForms Premium Addons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Frange-slider-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Range Slider for WPForms\u003C\u002Fstrong> \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fpopup-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Popup for WPForms\u003C\u002Fstrong> \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fconfirmation-step-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Submission Preview for WPForms\u003C\u002Fstrong> \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Faddress-autocomplete-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Address Autocomplete for WPForms\u003C\u002Fstrong> \u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We are constantly adding new features. If you have any feature that you think will be useful then feel free to send us a message using the \u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\"> contact form here \u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Premium Addons to Extend the Functionality\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Frange-slider-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Range Slider\u003C\u002Fstrong> \u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Adds a range slider field in WPForms editor\u003C\u002Fstrong>. You can set custom steps, fixed start values , add prefix and suffix for values, fill color, enable grid\u002Fpips\u002Fscale, enable second handle set start value for second handle and a lot more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fpopup-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Popup for WPForms\u003C\u002Fstrong> \u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>With this addon you can show WPForms in Popup\u002Fmodal\u003C\u002Fstrong>. You can create unlimited popups for different forms or with different settings for same form. The popup can be opened automatically or on click of button. The design and layout of popup can be easily customized without any coding.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fconfirmation-step-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Submission Preview\u003C\u002Fstrong> \u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>With this addon you can show submission preview of all data filled by users\u003C\u002Fstrong>. It can act as a confirmation step so, that they can check everything they have entered at one place. They can also go back and fix if any field is not filled correctly. This will prevent mistakes in form submission.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Faddress-autocomplete-for-wpforms\u002F\" rel=\"nofollow ugc\"> \u003Cstrong>Address Autocomplete for WPForms\u003C\u002Fstrong> \u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>With this addon you can enable address autocomplete feature for single line text and address fields\u003C\u002Fstrong>. User will start getting relevant address suggestions as they type in the fields.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Extend WPForms by adding some of the most requested functionalties which aren't avaiable in it.",800,7884,20,1,"2024-04-03T05:03:00.000Z","6.5.8","4.0","",[20,21,22],"wpforms-booster","wpforms-functionality","wpforms-snippets","https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fcustom-themes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbooster-for-wpforms.1.2.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},6,70930,95,30,91,"2026-04-03T21:28:56.260Z",[],{"attackSurface":39,"codeSignals":119,"taintFlows":137,"riskAssessment":180,"analyzedAt":189},{"hooks":40,"ajaxHandlers":115,"restRoutes":116,"shortcodes":117,"cronEvents":118,"entryPointCount":26,"unprotectedCount":26},[41,47,52,57,59,63,66,70,73,78,81,84,87,91,94,98,101,104,107,110],{"type":42,"name":43,"callback":44,"file":45,"line":46},"filter","pre_set_site_transient_update_plugins","check_update","admin-menu\\EDD_SL_Plugin_Updater.php",62,{"type":42,"name":48,"callback":49,"priority":50,"file":45,"line":51},"plugins_api","plugins_api_filter",10,63,{"type":53,"name":54,"callback":55,"file":45,"line":56},"action","admin_init","show_changelog",66,{"type":42,"name":43,"callback":44,"file":45,"line":58},198,{"type":53,"name":60,"callback":61,"file":62,"line":31},"admin_menu","register_menu","admin-menu\\licenses.php",{"type":53,"name":54,"callback":64,"file":62,"line":65},"setting_fields",7,{"type":42,"name":67,"callback":67,"file":68,"line":69},"wpforms_settings_tabs","booster-for-wpforms.php",35,{"type":42,"name":71,"callback":71,"file":68,"line":72},"wpforms_settings_defaults",37,{"type":53,"name":74,"callback":75,"priority":76,"file":68,"line":77},"wpforms_field_options_bottom_advanced-options","field_options",100,39,{"type":42,"name":79,"callback":79,"priority":76,"file":68,"line":80},"wpforms_field_properties",41,{"type":42,"name":82,"callback":82,"file":68,"line":83},"wpforms_address_schemes",43,{"type":42,"name":85,"callback":85,"file":68,"line":86},"wpforms_fields_show_options_setting",46,{"type":53,"name":88,"callback":89,"file":68,"line":90},"wpforms_frontend_output_before","show_remaining_entries",49,{"type":53,"name":92,"callback":92,"file":68,"line":93},"wpforms_form_settings_general",52,{"type":42,"name":95,"callback":96,"priority":50,"file":68,"line":97},"wpforms_frontend_form_atts","disable_form_autocomplete",55,{"type":53,"name":99,"callback":99,"priority":13,"file":68,"line":100},"wpforms_builder_after_panel_content",58,{"type":42,"name":102,"callback":102,"priority":50,"file":68,"line":103},"wpforms_builder_settings_sections",61,{"type":42,"name":105,"callback":105,"file":68,"line":106},"wpforms_frontend_strings",64,{"type":53,"name":108,"callback":108,"file":68,"line":109},"wpforms_frontend_js",67,{"type":53,"name":111,"callback":112,"priority":113,"file":68,"line":114},"wpforms_loaded","booster_for_wpforms",1000,763,[],[],[],[],{"dangerousFunctions":120,"sqlUsage":121,"outputEscaping":123,"fileOperations":26,"externalRequests":135,"nonceChecks":26,"capabilityChecks":135,"bundledLibraries":136},[],{"prepared":26,"raw":26,"locations":122},[],{"escaped":124,"rawEcho":125,"locations":126},12,3,[127,130,132],{"file":45,"line":128,"context":129},205,"raw output",{"file":45,"line":131,"context":129},467,{"file":133,"line":134,"context":129},"includes\\admin\\bfwpf-readonly-fields.php",13,2,[],[138,162],{"entryPoint":139,"graph":140,"unsanitizedCount":14,"severity":161},"show_changelog (admin-menu\\EDD_SL_Plugin_Updater.php:399)",{"nodes":141,"edges":157},[142,147,151],{"id":143,"type":144,"label":145,"file":45,"line":146},"n0","source","$_REQUEST",462,{"id":148,"type":149,"label":150,"file":45,"line":146},"n1","transform","→ set_version_info_cache()",{"id":152,"type":153,"label":154,"file":45,"line":155,"wp_function":156},"n2","sink","update_option() [Settings Manipulation]",499,"update_option",[158,160],{"from":143,"to":148,"sanitized":159},false,{"from":148,"to":152,"sanitized":159},"low",{"entryPoint":163,"graph":164,"unsanitizedCount":14,"severity":161},"\u003CEDD_SL_Plugin_Updater> (admin-menu\\EDD_SL_Plugin_Updater.php:0)",{"nodes":165,"edges":175},[166,169,170,171,173],{"id":143,"type":144,"label":167,"file":45,"line":168},"$_REQUEST (x2)",421,{"id":148,"type":153,"label":154,"file":45,"line":155,"wp_function":156},{"id":152,"type":144,"label":145,"file":45,"line":146},{"id":172,"type":149,"label":150,"file":45,"line":146},"n3",{"id":174,"type":153,"label":154,"file":45,"line":155,"wp_function":156},"n4",[176,178,179],{"from":143,"to":148,"sanitized":177},true,{"from":152,"to":172,"sanitized":159},{"from":172,"to":174,"sanitized":159},{"summary":181,"deductions":182},"Based on the static analysis, the \"booster-for-wpforms\" plugin version 1.2 exhibits a generally good security posture. The absence of any identified CVEs in its vulnerability history, combined with the fact that all SQL queries utilize prepared statements and there are no file operations or dangerous functions, indicates a commitment to secure coding practices.  The presence of capability checks further strengthens its defense mechanisms.\n\nHowever, there are areas for concern. The analysis reveals two flows with unsanitized paths, which, while not resulting in critical or high severity issues according to the taint analysis, represent potential entry points for malicious input.  Furthermore, the lack of nonce checks across all identified entry points (entry points are listed as 0, but the lack of nonce checks is a specific code signal) is a significant weakness.  While the attack surface appears minimal with zero AJAX handlers, REST API routes, shortcodes, and cron events directly exposed without authentication, any newly introduced functionality could be susceptible if proper nonce validation isn't implemented. The 20% of improperly escaped output also poses a risk of cross-site scripting (XSS) vulnerabilities.\n\nIn conclusion, while the plugin has strengths in its SQL handling and vulnerability history, the presence of unsanitized paths, a complete absence of nonce checks, and some unescaped output are critical areas that require immediate attention. Addressing these weaknesses will significantly improve the overall security of the plugin.",[183,185,187],{"reason":184,"points":50},"Flows with unsanitized paths",{"reason":186,"points":50},"Lack of nonce checks",{"reason":188,"points":31},"Unescaped output (20% of 15)","2026-03-16T19:17:26.277Z",{"wat":191,"direct":198},{"assetPaths":192,"generatorPatterns":194,"scriptPaths":195,"versionParams":196},[193],"\u002Fwp-content\u002Fplugins\u002Fbooster-for-wpforms\u002Fcss\u002Fpublic.css",[],[],[197],"booster-for-wpforms\u002Fcss\u002Fpublic.css?ver=",{"cssClasses":199,"htmlComments":202,"htmlAttributes":203,"restEndpoints":205,"jsGlobals":206,"shortcodeOutput":207},[200,201],"bfwpf-autocomplete-off","bfwpf-entry-count",[],[204],"data-bfwpf-autocomplete-off",[],[],[]]