[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxpsmLDlwOC7iz5TR09bHhhtIAalcvPMnT8EVAxQ3y5g":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":33,"fingerprints":153},"brightslider","BrightSlider","1.1.0","ThemeBright","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemebright\u002F","\u003Cp>The slider that powers ThemeBright themes. If you bought a theme from ThemeBright, you’ll need to install this to make it work.\u003C\u002Fp>\n","The ThemeBright slider.",60,4573,0,"2016-02-14T07:18:00.000Z","4.4.34","3.6","",[],"http:\u002F\u002Fthemebright.com\u002Fgo\u002Fbrightslider\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrightslider.1.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":21,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"themebright",2,460,30,84,"2026-04-05T15:49:43.477Z",[],{"attackSurface":34,"codeSignals":90,"taintFlows":118,"riskAssessment":146,"analyzedAt":152},{"hooks":35,"ajaxHandlers":86,"restRoutes":87,"shortcodes":88,"cronEvents":89,"entryPointCount":13,"unprotectedCount":13},[36,42,47,52,55,59,64,68,71,74,78,81],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","admin_notices","brightslider_theme_support_notice","includes\\admin\\admin-support.php",28,{"type":37,"name":43,"callback":44,"file":45,"line":46},"admin_init","brightslider_add_meta_box_slide_settings","includes\\admin\\slide-fields.php",36,{"type":37,"name":48,"callback":49,"file":50,"line":51},"load-post-new.php","setup","includes\\library\\ct-meta-box\\ct-meta-box.php",61,{"type":37,"name":53,"callback":49,"file":50,"line":54},"load-post.php",62,{"type":37,"name":56,"callback":57,"file":50,"line":58},"add_meta_boxes","add",138,{"type":37,"name":60,"callback":61,"priority":62,"file":50,"line":63},"save_post","save",10,141,{"type":37,"name":65,"callback":66,"file":50,"line":67},"admin_enqueue_scripts","enqueue_styles",144,{"type":37,"name":65,"callback":69,"file":50,"line":70},"enqueue_scripts",147,{"type":37,"name":65,"callback":72,"file":50,"line":73},"localize_scripts",150,{"type":37,"name":75,"callback":76,"file":50,"line":77},"admin_head","hide",175,{"type":37,"name":75,"callback":79,"file":50,"line":80},"page_template_fields",178,{"type":37,"name":82,"callback":83,"file":84,"line":85},"init","brightslider_register_post_type_slide","includes\\post-types.php",45,[],[],[],[],{"dangerousFunctions":91,"sqlUsage":92,"outputEscaping":95,"fileOperations":13,"externalRequests":13,"nonceChecks":93,"capabilityChecks":116,"bundledLibraries":117},[],{"prepared":93,"raw":13,"locations":94},1,[],{"escaped":96,"rawEcho":97,"locations":98},35,9,[99,102,104,106,107,109,110,112,114],{"file":50,"line":100,"context":101},211,"raw output",{"file":50,"line":103,"context":101},212,{"file":50,"line":105,"context":101},251,{"file":50,"line":105,"context":101},{"file":50,"line":108,"context":101},253,{"file":50,"line":108,"context":101},{"file":50,"line":111,"context":101},547,{"file":50,"line":113,"context":101},565,{"file":50,"line":115,"context":101},578,3,[],[119,138],{"entryPoint":120,"graph":121,"unsanitizedCount":13,"severity":137},"sanitize_field_value (includes\\library\\ct-meta-box\\ct-meta-box.php:732)",{"nodes":122,"edges":134},[123,128],{"id":124,"type":125,"label":126,"file":50,"line":127},"n0","source","$_POST",737,{"id":129,"type":130,"label":131,"file":50,"line":132,"wp_function":133},"n1","sink","call_user_func() [RCE]",861,"call_user_func",[135],{"from":124,"to":129,"sanitized":136},true,"low",{"entryPoint":139,"graph":140,"unsanitizedCount":13,"severity":137},"\u003Cct-meta-box> (includes\\library\\ct-meta-box\\ct-meta-box.php:0)",{"nodes":141,"edges":144},[142,143],{"id":124,"type":125,"label":126,"file":50,"line":127},{"id":129,"type":130,"label":131,"file":50,"line":132,"wp_function":133},[145],{"from":124,"to":129,"sanitized":136},{"summary":147,"deductions":148},"The brightslider plugin version 1.1.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points suggests a very limited attack surface. Furthermore, the code analysis reveals good security practices, including 100% of SQL queries using prepared statements and a high rate (80%) of properly escaped output. The presence of nonce and capability checks also contributes to its secure design. Taint analysis shows no identified flows with unsanitized paths, indicating a lack of readily exploitable vulnerabilities in how data is processed.  The vulnerability history further reinforces this positive assessment, with zero recorded CVEs, indicating a history of robust security. This plugin appears to have been developed with security in mind, demonstrating a proactive approach to mitigating common WordPress plugin vulnerabilities.",[149],{"reason":150,"points":151},"Output escaping is not 100% proper",4,"2026-03-16T21:40:27.208Z",{"wat":154,"direct":177},{"assetPaths":155,"generatorPatterns":165,"scriptPaths":166,"versionParams":167},[156,157,158,159,160,161,162,163,164],"\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fcss\u002Fbrightslider.css","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fjs\u002Fbrightslider.js","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fjs\u002Fjquery.fancybox.pack.js","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fcss\u002Ffancybox.css","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fjs\u002Fjquery.bxslider.min.js","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fcss\u002Fjquery.bxslider.css","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fjs\u002Fwaypoints.min.js","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fjs\u002Fjquery.animate-enhanced.min.js","\u002Fwp-content\u002Fplugins\u002Fbrightslider\u002Fjs\u002Fbrightslider-admin.js",[],[157,158,160,162,163,164],[168,169,170,171,172,173,174,175,176],"brightslider\u002Fcss\u002Fbrightslider.css?ver=","brightslider\u002Fjs\u002Fbrightslider.js?ver=","brightslider\u002Fjs\u002Fjquery.fancybox.pack.js?ver=","brightslider\u002Fcss\u002Ffancybox.css?ver=","brightslider\u002Fjs\u002Fjquery.bxslider.min.js?ver=","brightslider\u002Fcss\u002Fjquery.bxslider.css?ver=","brightslider\u002Fjs\u002Fwaypoints.min.js?ver=","brightslider\u002Fjs\u002Fjquery.animate-enhanced.min.js?ver=","brightslider\u002Fjs\u002Fbrightslider-admin.js?ver=",{"cssClasses":178,"htmlComments":187,"htmlAttributes":190,"restEndpoints":197,"jsGlobals":198,"shortcodeOutput":200},[4,179,180,181,182,183,184,185,186],"brightslider-viewport","brightslider-caption","brightslider-nav","brightslider-nav-prev","brightslider-nav-next","brightslider-pagination","brightslider-pagination-current","brightslider-pagination-total",[188,189],"\u003C!-- Start BrightSlider -->","\u003C!-- End BrightSlider -->",[191,192,193,194,195,196],"data-brightslider-speed","data-brightslider-transition","data-brightslider-navigation","data-brightslider-pagination","data-brightslider-autoplay","data-brightslider-loop",[],[5,199],"brightslider_init",[201],"[brightslider]"]