[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f93j-ls6oLgGh8aTAQYG5VM-zGEI80WIhf4QlGxDKjco":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":139,"fingerprints":323},"browser-blocker","Browser Blocker","0.5.6","bdoga","https:\u002F\u002Fprofiles.wordpress.org\u002Fbdoga\u002F","\u003Cp>The Browser Blocker Plugin puts the power in your hands to control what browsers(versions) can access your website content and which ones cannot. For the browsers(versions) that you block, the user has control over the splash screen that their clients receive. There is a “simple” mode for those who just want to block some browsers with the default settings, and there is an “advanced” mode for those who want to have a little more control over what is displayed to their clients.\u003C\u002Fp>\n\u003Cp>If you would like to see more of our plugins feel free to drop by the \u003Ca href=\"http:\u002F\u002Fwww.macnative.com\u002Fdevelopment\u002Fbrowser-blocker\u002F\" rel=\"nofollow ugc\">Browser Blocker plugin page\u003C\u002Fa> or the \u003Ca href=\"http:\u002F\u002Fwww.macnative.com\u002F\" rel=\"nofollow ugc\">Macnative.com Homepage\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin utilizes the \u003Ca href=\"http:\u002F\u002Fchrisschuld.com\u002Fprojects\u002Fbrowser-php-detecting-a-users-browser-from-php\u002F\" rel=\"nofollow ugc\">Browser detection library\u003C\u002Fa> that was built by \u003Ca href=\"http:\u002F\u002Fchrisschuld.com\u002F\" rel=\"nofollow ugc\">Chris Schuld\u003C\u002Fa> A big thanks to him for his major contribution.\u003Cbr \u002F>\nA big thanks to Vistaicons.com for creating the Web Browsers Icon Set that is used with the plugin. \u003Ca href=\"http:\u002F\u002Fwww.vistaicons.com\u002F\" rel=\"nofollow ugc\">Follow the link to see more of their icons\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Another big thanks to Yusuke Kamiyamane for the use of many of his Fugue Icon set icons throughout the Plugins Administrator, \u003Ca href=\"http:\u002F\u002Fp.yusukekamiyamane.com\u002F\" rel=\"nofollow ugc\">please visit their homepage\u003C\u002Fa>.\u003C\u002Fp>\n","Browser Blocker allows you to pick and choose which browsers(versions) can access your web page and which ones are given a blocked splash screen.",60,11764,88,7,"2012-10-11T03:29:00.000Z","3.4.2","3.0","",[20,21,22,23,24],"browser","chrome","firefox","ie","internet-explorer","http:\u002F\u002Fwww.macnative.com\u002Fdevelopment\u002Fbrowser-blocker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrowser-blocker.0.5.6.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,70,30,84,"2026-04-04T16:24:16.053Z",[39,61,77,96,117],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":58,"download_link":59,"security_score":60,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"pushalert-web-push-notifications","PushAlert – Web Push Notifications for WordPress and WooCommerce","2.9.0","PushAlert","https:\u002F\u002Fprofiles.wordpress.org\u002Fpushalert\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fpushalert.co\" rel=\"nofollow ugc\">PushAlert\u003C\u002Fa> plugin for WordPress Web Push Notifications automates integration, and allows your users to subscribe to push notifications. It also adds an easy to use interface right next to the editor, which lets you push notifications automatically on publishing a post.\u003C\u002Fp>\n\u003Ch4>Benefits of PushAlert Browser Notifications for WordPress and WooCommerce:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Push Notifications have up to 10 times better click-through rate than traditional marketing methods like emails and very high visibility even without being clicked.\u003C\u002Fli>\n\u003Cli>Engaging visitors at the right time gets more clicks and increases your traffic instantly. It also helps in bringing back visitors to your website.\u003C\u002Fli>\n\u003Cli>Easier to get a lot of subscriptions as Push Notifications don’t require any personal information.\u003C\u002Fli>\n\u003Cli>WooCommerce stores also get (Only on PushAlert!) automated abandoned cart notifications, price-drop and product back in stock alerts to boost sales by as much as 30% as well as shipment notifications with tracking button.\u003C\u002Fli>\n\u003Cli>Works on both Desktop and Mobile devices (without app) even when browser is closed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Here are some more features to give your website an instant boost:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Broader Reach\u003C\u002Fstrong>: PushAlert Web Push Notifications work on Chrome, Safari, Firefox, Edge and Opera on both desktop and mobile devices. It works across all major OS platforms including Windows, iOS 16.4+, iPadOS 16.4+, MacOS (OSX), Linux, ChromeOS as well as Android.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Audience Creator\u003C\u002Fstrong>: Target specific subscribers based on their interests, location, URL and other custom parameters for more effective re-engagement and higher conversions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Welcome Drip\u003C\u002Fstrong>: With the welcome drip campaign you can send a series of notifications to new subscribers. With these you can automate customer on-boarding, engagement and direct the way they navigate your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conversion Funnels\u003C\u002Fstrong>: Create a funnel playbook for your subscribers based on which products they visit on your store. With a browse abandoned funnel, you can not only bring more leads but also minimize drop-off from your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSS Push and NewsLetter\u003C\u002Fstrong>: You can now send automatic notifications whenever a post is published using your RSS feed. A recurring newsletter notification with the top posts of the day, can now also be sent at a scheduled time everyday, right from the PushAlert Dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Complete Localization with Multi-lingual Support\u003C\u002Fstrong>: PushAlert prompts can now be shown in any language and a single notification can be sent in multiple languages, automatically delivered in the subscriber’s language.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Timezone based scheduling\u003C\u002Fstrong>: Schedule notifications based on the timezone of your subscribers to reach them when they are active, resulting in more engagement and higher revenue.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>A\u002FB Notification\u003C\u002Fstrong>: By creating two variants of the same notification with different title, message and images; PushAlert’s intelligent algorithm determines which version works best and sends it for better conversion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Segmentation with Advanced Targeting\u003C\u002Fstrong>: With segments, you can personalize notifications for your customers based on their interests. We already have segments based on Location, Device, Browser and OS.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Schedule Notifications\u003C\u002Fstrong>: If you have any deals, announcement that needs to be sent at a particular time, you can easily schedule that beforehand.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Stats\u003C\u002Fstrong>: With our stats you can clearly see which notifications are fetching better engagement with real-time click-through rate.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PushAlert’s Fully Automated WooCommerce Marketing Solution:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Abandoned Cart Notifications\u003C\u002Fstrong>: On average, 70% of all carts are abandoned but most of them are recoverable by reaching out to customers at the right time. PushAlert lets you recover lost sales with automated and personalized abandoned cart notifications, when customers forget to checkout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>In-Stock Notifications\u003C\u002Fstrong>: Now you won’t loose any customer even when a product is out of stock, customers can subscribe to alerts and will get a direct notification (automated) on their phone or PC as soon as the product they wanted is back in stock with a direct Add to Cart button (Only on PushAlert!).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Price Drop Notifications\u003C\u002Fstrong>: You may have already spent a lot on marketing and bringing customers to your store, but many of them leave without making a purchase, sometimes a higher price than what they were willing to pay could be a reason. With PushAlert, your customers will automatically get to know when a product they like is on sale or at a discount with an Add to Cart button (Only on PushAlert!). In essence, no additional spending on marketing for promoting a sale.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shipment Alerts\u003C\u002Fstrong>: Want to let customers know that their order is on the way, PushAlert sends real-time automated notifications with tracking details.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Send Notification to Individual Customers\u003C\u002Fstrong>: Right from the WordPress Dashboard, you can directly target a single user with their email ID or user ID to send personalized notification.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can start with a \u003Ca href=\"https:\u002F\u002Fpushalert.co\u002Fpricing\" rel=\"nofollow ugc\">lifetime free account\u003C\u002Fa> with unlimited notifications and as you grow, move to one of the paid plans for more features. With PushAlert you can convert your visitors into customers and keep them coming back to your website. All online businesses, e-commerce stores and blogs are implementing push notifications, and it’s time you do too.\u003C\u002Fp>\n\u003Cp>If you’ve any query or issue, please get in touch with us at support@pushalert.co\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>Add the Website ID, Rest API Key, Configuration ID and FCM\u002FGCM Sender ID from the Integrate section of your PushAlert dashboard.\u003C\u002Fp>\n","A plugin by PushAlert to enable automated Push Notifications for your WordPress website and WooCommerce Store to increase traffic and sales.",1000,49146,92,8,"2025-12-01T11:37:00.000Z","6.9.4","2.7",[55,21,22,56,57],"browser-notification","push-notifications","pushalert","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpushalert-web-push-notifications\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpushalert-web-push-notifications.2.9.0.zip",100,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":35,"downloaded":69,"rating":60,"num_ratings":33,"last_updated":70,"tested_up_to":71,"requires_at_least":17,"requires_php":18,"tags":72,"homepage":75,"download_link":76,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"browser-update-ribbon","Browser Update Ribbon","1.4.3","duckinformatica","https:\u002F\u002Fprofiles.wordpress.org\u002Fduckinformatica\u002F","\u003Cp>Puts a ribbon on the website if the user browser is older than expected.\u003C\u002Fp>\n\u003Cp>Minimum browser versions are customizable in the Settings menu, along with the title and a custom link.\u003Cbr \u002F>\nNow you can set the position and the image of the ribbon.\u003Cbr \u002F>\nThis plugin has full support for translation into other languages\u003C\u002Fp>\n\u003Cp>For more informations: http:\u002F\u002Fwww.duckinformatica.it\u002Fprodotti-e-servizi\u002Ffree-wordpress-plugins\u002F\u003C\u002Fp>\n\u003Cp>This plugin uses the Browser detection library built by [Chris Schuld] https:\u002F\u002Fgithub.com\u002Fcbschuld\u002FBrowser.php\u003C\u002Fp>\n","Puts a ribbon on the website if the user browser is older than expected.",7885,"2016-01-18T09:04:00.000Z","4.4.34",[20,23,24,73,74],"ribbon","update","http:\u002F\u002Fwww.duckinformatica.it","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrowser-update-ribbon.1.4.3.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":35,"downloaded":85,"rating":28,"num_ratings":28,"last_updated":86,"tested_up_to":87,"requires_at_least":17,"requires_php":18,"tags":88,"homepage":94,"download_link":95,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ie6-support-for-2010-theme","IE6 Support for Twenty Ten Theme","1.0.1","Aleksei Tepljakov","https:\u002F\u002Fprofiles.wordpress.org\u002Ffirelord\u002F","\u003Cp>The following fixes are included:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Header drop-down menu fix (works as expected with first 5 levels of page includes, requires JavaScript enabled in IE6)\u003C\u002Fli>\n\u003Cli>Header menu width fix\u003C\u002Fli>\n\u003Cli>Incorrectly floating avatars in comments fix\u003C\u002Fli>\n\u003Cli>Font fixes\u003C\u002Fli>\n\u003Cli>Widget title fix\u003C\u002Fli>\n\u003Cli>Comment input form resizing bug fix\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If there is need to alter styles associated with these fixes (for example, for a child theme), one may edit the \u003Ccode>css\u002Fie6fix.css\u003C\u002Fcode> file included in this release.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOTE: This plugin is only effective for Internet Explorer 6 with the Twenty Ten theme (and child themes). All the style fixes will be ignored by other browsers.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Alexei Teplyakov (Firelord): WordPress plugin and minor CSS fixes;\u003C\u002Fli>\n\u003Cli>Peter Nederlof (Peterned): Whatever:hover HTC script.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin brings Internet Explorer 6 support for the new default Wordpress theme Twenty Ten.",4940,"2011-09-05T19:47:00.000Z","3.2.1",[89,90,91,92,93],"2010","browser-support","ie6","internet-explorer-6","twenty-ten","http:\u002F\u002Ffirelords.net\u002Fwp-plugins\u002Fie6-support-2010\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fie6-support-for-2010-theme.1.0.1.zip",{"slug":97,"name":98,"version":80,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":28,"num_ratings":28,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":18,"tags":108,"homepage":113,"download_link":114,"security_score":27,"vuln_count":115,"unpatched_count":28,"last_vuln_date":116,"fetched_at":30},"simplified-content","Simplified Content","Lucien Taylor","https:\u002F\u002Fprofiles.wordpress.org\u002Flucien-taylor\u002F","\u003Cp>Simplified Content, provides visitors with alternative ‘simplified’ content whenever they visit your website using any targeted browser.  Useful for website managers who wish to provide basic fallback for legacy browsers, e.g. simplified content for IE 8, or to block certain browsers for intranet systems.\u003C\u002Fp>\n\u003Cp>The plugin allows you to select one or more browsers from a settings page to target for alternative content.  The plugin requires a target Site Map page to use as a new root page for all website navigation.  The plugin provides the visitor with a simplified navigational system, moving from the site map to any page referenced in the site map, and a simple ‘back to site map’ link at the top of each page.\u003C\u002Fp>\n\u003Cp>WARNING: This is an aggressive plugin which provides very simple functionality for configured browsers.  Once set, any configured browsers will cease to function for administrative and normal wordpress operations.\u003Cbr \u002F>\nPlease ensure that you have other browsers available to use for administration and testing purposes.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Choose multiple browsers from a settings page.\u003C\u002Fli>\n\u003Cli>Automatic generation of simplified content.  Requires no editing of content. Note:  javascript, and media rich content is ignored by this plugin.\u003C\u002Fli>\n\u003Cli>Choose any page to target as the sitemap page.\u003C\u002Fli>\n\u003Cli>Easy to customize ‘welcome\u002Fapology message’, header, footer and styles of basic content.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Help and documentation:\u003C\u002Fh4>\n\u003Cp>The plugin product page is available at:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.oxil.uk\u002Fwordpress\u002Fwordpress-plugins\u002Fsimplified-content\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.oxil.uk\u002Fwordpress\u002Fwordpress-plugins\u002Fsimplified-content\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The plugin help pages are available at:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.oxil.uk\u002Fhelp\u002Fplugins\u002Fsimplified-content-help\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.oxil.uk\u002Fhelp\u002Fplugins\u002Fsimplified-content-help\u002F\u003C\u002Fa>\u003C\u002Fp>\n","A plugin which generates alternative 'simplified' content for a given set of browsers.  Useful legacy browser support and intranet systems.",10,1341,"2016-04-19T15:38:00.000Z","4.5.33","4.3.1",[109,110,111,24,112],"browser-block","content","ie-8","legacy-browsers","http:\u002F\u002Fwww.oxil.uk\u002Fwordpress\u002Fwordpress-plugins\u002Fsimplified-content\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimplified-content.1.0.1.zip",1,"2016-02-09 00:00:00",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":60,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":18,"tags":131,"homepage":137,"download_link":138,"security_score":49,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"rebusted","reBusted!","1.2","Simon Prosser","https:\u002F\u002Fprofiles.wordpress.org\u002Fpross\u002F","\u003Cp>Saves you from asking “have you emptied your cache?”.\u003C\u002Fp>\n\u003Cp>Forked and updated for todays WordPress and PHP from the original plugin by Paul Clark.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Safe to leave running on live sites.\u003C\u002Fli>\n\u003Cli>Only refreshes browser cache for a file if it has been modified.\u003C\u002Fli>\n\u003Cli>Resolves Content Delivery Network (CDN) issues. No need to purge CDN cache.\u003C\u002Fli>\n\u003Cli>Multisite compatible.\u003C\u002Fli>\n\u003Cli>“Just works” – no configuration necessary.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Requires scripts use any of the below functions to load. Almost all files meet these requirements. The only case it doesn’t account for is when URLs are hard-coded. This shouldn’t ever be done, since it can break sites for other reasons.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fwp_enqueue_style\" rel=\"nofollow ugc\">wp_enqueue_style\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fwp_enqueue_script\" rel=\"nofollow ugc\">wp_enqueue_script\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_stylesheet_uri\" rel=\"nofollow ugc\">get_stylesheet_uri\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Force browsers to load the most recent file if modified.",6000,34186,11,"2024-10-10T14:16:00.000Z","6.7.5","3.4",[132,133,134,135,136],"browser-cache","clear","client","debug","develop","https:\u002F\u002Fgithub.com\u002FPross\u002FreBusted","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frebusted.1.2.zip",{"attackSurface":140,"codeSignals":165,"taintFlows":273,"riskAssessment":310,"analyzedAt":322},{"hooks":141,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":28,"unprotectedCount":28},[142,147,150,154,157],{"type":143,"name":144,"callback":145,"file":146,"line":35},"action","admin_menu","BrowserBlocker_Add_Option_Menu","browser_blocker.php",{"type":143,"name":144,"callback":148,"file":146,"line":149},"BrowserBlocker_DefaultSettings",31,{"type":143,"name":151,"callback":152,"file":146,"line":153},"init","BrowserBlocker_Splash",621,{"type":143,"name":155,"callback":152,"file":146,"line":156},"wp",623,{"type":143,"name":151,"callback":158,"priority":159,"file":146,"line":160},"init_sessions",5,746,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":272},[],{"prepared":28,"raw":28,"locations":168},[],{"escaped":28,"rawEcho":170,"locations":171},52,[172,175,177,179,181,183,185,187,189,191,193,195,197,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,230,232,233,234,236,238,239,242,244,245,247,249,251,253,255,257,259,261,263,265,267,269,270],{"file":173,"line":14,"context":174},"advanced.php","raw output",{"file":173,"line":176,"context":174},18,{"file":173,"line":178,"context":174},29,{"file":173,"line":180,"context":174},33,{"file":173,"line":182,"context":174},42,{"file":173,"line":184,"context":174},46,{"file":173,"line":186,"context":174},55,{"file":173,"line":188,"context":174},59,{"file":173,"line":190,"context":174},68,{"file":173,"line":192,"context":174},72,{"file":173,"line":194,"context":174},79,{"file":173,"line":196,"context":174},90,{"file":173,"line":198,"context":174},94,{"file":173,"line":200,"context":174},103,{"file":173,"line":202,"context":174},143,{"file":173,"line":204,"context":174},154,{"file":173,"line":206,"context":174},179,{"file":173,"line":208,"context":174},191,{"file":173,"line":210,"context":174},240,{"file":173,"line":212,"context":174},242,{"file":173,"line":214,"context":174},252,{"file":146,"line":216,"context":174},135,{"file":146,"line":218,"context":174},138,{"file":146,"line":220,"context":174},140,{"file":146,"line":222,"context":174},536,{"file":146,"line":224,"context":174},566,{"file":146,"line":226,"context":174},576,{"file":146,"line":228,"context":174},591,{"file":146,"line":228,"context":174},{"file":231,"line":14,"context":174},"simple.php",{"file":231,"line":176,"context":174},{"file":231,"line":178,"context":174},{"file":231,"line":235,"context":174},81,{"file":231,"line":237,"context":174},83,{"file":231,"line":198,"context":174},{"file":240,"line":241,"context":174},"splash.php",86,{"file":240,"line":243,"context":174},87,{"file":240,"line":198,"context":174},{"file":240,"line":246,"context":174},97,{"file":240,"line":248,"context":174},110,{"file":240,"line":250,"context":174},113,{"file":240,"line":252,"context":174},126,{"file":240,"line":254,"context":174},129,{"file":240,"line":256,"context":174},142,{"file":240,"line":258,"context":174},145,{"file":240,"line":260,"context":174},158,{"file":240,"line":262,"context":174},161,{"file":240,"line":264,"context":174},181,{"file":240,"line":266,"context":174},182,{"file":240,"line":268,"context":174},183,{"file":240,"line":268,"context":174},{"file":240,"line":271,"context":174},202,[],[274,291,300],{"entryPoint":275,"graph":276,"unsanitizedCount":33,"severity":290},"BB_STYLE (browser_blocker.php:162)",{"nodes":277,"edges":287},[278,282],{"id":279,"type":280,"label":281,"file":146,"line":228},"n0","source","$_GET['page'] (x2)",{"id":283,"type":284,"label":285,"file":146,"line":228,"wp_function":286},"n1","sink","echo() [XSS]","echo",[288],{"from":279,"to":283,"sanitized":289},false,"medium",{"entryPoint":292,"graph":293,"unsanitizedCount":33,"severity":299},"\u003Cbrowser_blocker> (browser_blocker.php:0)",{"nodes":294,"edges":297},[295,296],{"id":279,"type":280,"label":281,"file":146,"line":228},{"id":283,"type":284,"label":285,"file":146,"line":228,"wp_function":286},[298],{"from":279,"to":283,"sanitized":289},"low",{"entryPoint":301,"graph":302,"unsanitizedCount":115,"severity":299},"\u003Csplash> (splash.php:0)",{"nodes":303,"edges":308},[304,307],{"id":279,"type":280,"label":305,"file":240,"line":306},"$_SERVER",176,{"id":283,"type":284,"label":285,"file":240,"line":268,"wp_function":286},[309],{"from":279,"to":283,"sanitized":289},{"summary":311,"deductions":312},"The \"browser-blocker\" plugin v0.5.6 exhibits a mixed security posture.  On the positive side, it has no recorded vulnerability history, no dangerous function calls, no file operations, and all SQL queries are properly prepared.  It also doesn't make external HTTP requests.  However, the static analysis reveals significant concerns.  A critical weakness is that 100% of its output is unescaped, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities.  Furthermore, the taint analysis indicates three flows with unsanitized paths, suggesting potential for vulnerabilities that could be exploited if these paths were exposed, although the severity was not classified as critical or high. The lack of any apparent capability checks, nonce checks, or authentication checks on its minimal attack surface (0 entry points without auth) is also noteworthy, though the limited attack surface mitigates immediate risk.\n\nWhile the plugin has no known CVEs and a clean vulnerability history, this does not guarantee future safety. The identified unescaped outputs and unsanitized taint flows are significant code-level risks that require immediate attention. The absence of protection mechanisms like nonce and capability checks, even on a small attack surface, indicates a potential lack of robust security practices.  Therefore, while the plugin has a clean historical record, its current code analysis points to serious potential vulnerabilities that could be exploited, particularly XSS, and requires significant remediation.",[313,316,318,320],{"reason":314,"points":315},"0% of outputs properly escaped",15,{"reason":317,"points":103},"3 flows with unsanitized paths",{"reason":319,"points":159},"0 capability checks",{"reason":321,"points":159},"0 nonce checks","2026-03-16T21:48:43.681Z",{"wat":324,"direct":330},{"assetPaths":325,"generatorPatterns":327,"scriptPaths":328,"versionParams":329},[326],"\u002Fwp-content\u002Fplugins\u002Fbrowser-blocker\u002Fimages\u002Fbb-32.png",[],[],[],{"cssClasses":331,"htmlComments":340,"htmlAttributes":341,"restEndpoints":342,"jsGlobals":343,"shortcodeOutput":350},[332,333,334,335,336,337,338,339],"bb_disabled","bb_ids_box","bb_nocheckbox","bb_example","bb_example2","bb_floater","bb_tabbed","bb_blocked_ver",[],[],[],[344,345,148,145,346,347,348,349],"BrowserBlocker_Add_Settings_Link","BrowserBlocker_Activate","BrowserBlocker_Options_Page","BrowserBlocker_GetBlocked","BrowserBlocker_Make_Select","BB_STYLE",[]]