[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUrPUOsYDV4_NvTst3EsXysMARKSg-JHXs3NewgJn3h0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":14,"requires_at_least":14,"requires_php":14,"tags":15,"homepage":16,"download_link":17,"security_score":18,"vuln_count":13,"unpatched_count":13,"last_vuln_date":19,"fetched_at":20,"vulnerabilities":21,"developer":22,"crawl_stats":19,"alternatives":30,"analysis":31,"fingerprints":341},"business-hub-toolbox","Business Hub Toolbox","1.0.4","Rigorous Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpgaint\u002F","\u003Cp>Plugin to extend features of Business Hub Pro Theme. This plugin helps to add event, pricing table and testimonial and also shows twitter and instagram feeds for the Business Hub Pro theme.\u003C\u002Fp>\n\u003Ch3>Features include\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Show upcoming events\u003C\u002Fli>\n\u003Cli>Display events(pasts, future)\u003C\u002Fli>\n\u003Cli>Design options available to choose to display event list \u003C\u002Fli>\n\u003Cli>Shortcodes in tinymce and widgets available\u003C\u002Fli>\n\u003Cli>Unlimited features for pricing table\u003C\u002Fli>\n\u003Cli>Show twitter and instagram feed\u003C\u002Fli>\n\u003Cli>Fully Responsive- compatible with mobile devices\u003C\u002Fli>\n\u003C\u002Ful>\n","Tags: instagram, instagram widget, instagram feeds, twitter, twitter widget, twitter feeds, events, upcoming events, event speakers, event widget, pri &hellip;",10,1577,0,"",[],"https:\u002F\u002Frigorousthemes.com\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbusiness-hub-toolbox.1.0.4.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":23,"display_name":7,"profile_url":8,"plugin_count":24,"total_installs":25,"avg_security_score":26,"avg_patch_time_days":27,"trust_score":28,"computed_at":29},"wpgaint",4,90,89,30,86,"2026-04-04T06:52:40.436Z",[],{"attackSurface":32,"codeSignals":174,"taintFlows":332,"riskAssessment":333,"analyzedAt":340},{"hooks":33,"ajaxHandlers":153,"restRoutes":154,"shortcodes":155,"cronEvents":173,"entryPointCount":24,"unprotectedCount":13},[34,39,43,47,51,54,58,62,67,71,75,79,83,86,90,92,95,98,101,104,107,111,115,119,122,126,129,132,136,139,143,147,150],{"type":35,"name":36,"callback":37,"file":38,"line":28},"action","admin_init","bht_register_setting","business-hub-toolbox.php",{"type":35,"name":40,"callback":41,"file":38,"line":42},"admin_menu","bht_add_menu",87,{"type":35,"name":44,"callback":45,"file":38,"line":46},"admin_enqueue_scripts","bht_register_admin_assets",88,{"type":35,"name":48,"callback":49,"priority":50,"file":38,"line":26},"wp_enqueue_scripts","bht_register_frontend_assets",999,{"type":35,"name":52,"callback":53,"file":38,"line":25},"init","bht_register_post_type",{"type":35,"name":55,"callback":56,"file":38,"line":57},"add_meta_boxes","bht_add_event_details",91,{"type":35,"name":59,"callback":60,"priority":11,"file":38,"line":61},"save_post","bht_meta_event_save",92,{"type":63,"name":64,"callback":65,"file":38,"line":66},"filter","manage_bht-event_posts_columns","bht_event_new_columns",93,{"type":35,"name":68,"callback":69,"file":38,"line":70},"manage_bht-event_posts_custom_column","bht_event_custom_new_columns",94,{"type":63,"name":72,"callback":73,"file":38,"line":74},"mce_buttons","bht_register_tinymce_button",95,{"type":63,"name":76,"callback":77,"file":38,"line":78},"mce_external_plugins","bht_add_tinymce_button",96,{"type":63,"name":80,"callback":81,"file":38,"line":82},"single_template","bht_custom_template",97,{"type":63,"name":84,"callback":81,"file":38,"line":85},"archive_template",98,{"type":35,"name":87,"callback":88,"file":38,"line":89},"widgets_init","bht_register_widget",99,{"type":35,"name":52,"callback":53,"file":38,"line":91},107,{"type":35,"name":55,"callback":93,"file":38,"line":94},"bht_register_shortcode",108,{"type":35,"name":55,"callback":96,"file":38,"line":97},"bht_register_meta_details",109,{"type":35,"name":55,"callback":99,"file":38,"line":100},"bht_register_meta_boxes",110,{"type":35,"name":59,"callback":102,"file":38,"line":103},"bht_save_fields",111,{"type":35,"name":59,"callback":105,"file":38,"line":106},"bht_save_fields_details",112,{"type":63,"name":108,"callback":109,"file":38,"line":110},"manage_rws-pricing-table_posts_columns","bht_new_columns",113,{"type":35,"name":112,"callback":113,"file":38,"line":114},"manage_rws-pricing-table_posts_custom_column","bht_custom_new_columns",114,{"type":35,"name":48,"callback":116,"file":117,"line":118},"bht_insta_feed_style_enqueue","inc\\bht-insta-feeds.php",18,{"type":35,"name":87,"callback":120,"file":117,"line":121},"bht_insta_feeds_init",227,{"type":35,"name":52,"callback":123,"file":124,"line":125},"bht_testimonials","inc\\bht-testimonial.php",42,{"type":35,"name":55,"callback":127,"file":124,"line":128},"bht_testimonials_metabox",48,{"type":35,"name":59,"callback":130,"file":124,"line":131},"bht_testimonials_save",116,{"type":35,"name":48,"callback":133,"file":134,"line":135},"bht_twitter_feed_style_enqueue","inc\\bht-twitter-feeds.php",24,{"type":35,"name":87,"callback":137,"file":134,"line":138},"twitter_register_tweets_widgets",288,{"type":35,"name":44,"callback":140,"file":141,"line":142},"event_calendar_admin_enqueue_scripts","speakers\\event-metabox.php",429,{"type":35,"name":144,"callback":145,"file":141,"line":146},"admin_head","event_calendar_admin_head",430,{"type":35,"name":55,"callback":148,"file":141,"line":149},"event_calendar_add_box",431,{"type":35,"name":59,"callback":151,"file":141,"line":152},"event_calendar_save_box",432,[],[],[156,161,166,169],{"tag":157,"callback":158,"file":159,"line":160},"rwspt-pricing-table","bht_pricing_table","inc\\bht-price-table.php",2,{"tag":162,"callback":163,"file":164,"line":165},"rwsec-display-recent-event","bht_recent_event_listing","inc\\bht-shortcode.php",7,{"tag":167,"callback":168,"file":164,"line":61},"rwsec-display-all-event","bht_all_event_listing",{"tag":170,"callback":171,"file":164,"line":172},"rwsec-display-upcoming-events","bht_upcoming_event_listing",117,[],{"dangerousFunctions":175,"sqlUsage":176,"outputEscaping":178,"fileOperations":13,"externalRequests":329,"nonceChecks":330,"capabilityChecks":160,"bundledLibraries":331},[],{"prepared":160,"raw":13,"locations":177},[],{"escaped":179,"rawEcho":180,"locations":181},332,82,[182,185,187,189,191,193,195,197,199,201,203,205,206,208,210,212,214,216,218,219,221,223,225,227,229,231,233,234,236,237,239,240,242,244,246,249,250,251,252,253,254,256,258,260,262,264,266,268,270,271,272,273,274,275,277,278,280,281,283,284,286,288,290,291,293,295,297,299,301,303,305,307,309,311,313,315,317,319,321,323,325,327],{"file":38,"line":183,"context":184},160,"raw output",{"file":38,"line":186,"context":184},185,{"file":38,"line":188,"context":184},283,{"file":38,"line":190,"context":184},287,{"file":38,"line":192,"context":184},416,{"file":38,"line":194,"context":184},479,{"file":196,"line":100,"context":184},"inc\\archive-events.php",{"file":196,"line":198,"context":184},145,{"file":196,"line":200,"context":184},171,{"file":117,"line":202,"context":184},63,{"file":117,"line":204,"context":184},71,{"file":117,"line":18,"context":184},{"file":117,"line":207,"context":184},153,{"file":209,"line":61,"context":184},"inc\\bht-meta.php",{"file":209,"line":211,"context":184},137,{"file":159,"line":213,"context":184},59,{"file":164,"line":215,"context":184},44,{"file":164,"line":217,"context":184},62,{"file":164,"line":202,"context":184},{"file":164,"line":220,"context":184},101,{"file":164,"line":222,"context":184},156,{"file":164,"line":224,"context":184},174,{"file":164,"line":226,"context":184},178,{"file":164,"line":228,"context":184},179,{"file":164,"line":230,"context":184},181,{"file":134,"line":232,"context":184},103,{"file":134,"line":106,"context":184},{"file":134,"line":235,"context":184},144,{"file":134,"line":226,"context":184},{"file":238,"line":118,"context":184},"inc\\bht-widget.php",{"file":238,"line":135,"context":184},{"file":238,"line":241,"context":184},28,{"file":238,"line":243,"context":184},32,{"file":238,"line":245,"context":184},56,{"file":247,"line":248,"context":184},"inc\\single-event.php",54,{"file":247,"line":213,"context":184},{"file":247,"line":202,"context":184},{"file":247,"line":202,"context":184},{"file":247,"line":202,"context":184},{"file":141,"line":125,"context":184},{"file":141,"line":255,"context":184},46,{"file":141,"line":257,"context":184},50,{"file":141,"line":259,"context":184},55,{"file":141,"line":261,"context":184},60,{"file":141,"line":263,"context":184},64,{"file":141,"line":265,"context":184},73,{"file":141,"line":267,"context":184},74,{"file":141,"line":269,"context":184},80,{"file":141,"line":180,"context":184},{"file":141,"line":46,"context":184},{"file":141,"line":46,"context":184},{"file":141,"line":25,"context":184},{"file":141,"line":74,"context":184},{"file":141,"line":276,"context":184},115,{"file":141,"line":172,"context":184},{"file":141,"line":279,"context":184},124,{"file":141,"line":279,"context":184},{"file":141,"line":282,"context":184},127,{"file":141,"line":282,"context":184},{"file":141,"line":285,"context":184},133,{"file":141,"line":287,"context":184},135,{"file":141,"line":289,"context":184},141,{"file":141,"line":235,"context":184},{"file":141,"line":292,"context":184},157,{"file":141,"line":294,"context":184},161,{"file":141,"line":296,"context":184},175,{"file":141,"line":298,"context":184},177,{"file":141,"line":300,"context":184},188,{"file":141,"line":302,"context":184},190,{"file":141,"line":304,"context":184},194,{"file":141,"line":306,"context":184},200,{"file":141,"line":308,"context":184},207,{"file":141,"line":310,"context":184},212,{"file":141,"line":312,"context":184},222,{"file":141,"line":314,"context":184},253,{"file":141,"line":316,"context":184},254,{"file":141,"line":318,"context":184},269,{"file":141,"line":320,"context":184},493,{"file":141,"line":322,"context":184},502,{"file":141,"line":324,"context":184},542,{"file":141,"line":326,"context":184},549,{"file":141,"line":328,"context":184},554,1,5,[],[],{"summary":334,"deductions":335},"The business-hub-toolbox plugin v1.0.4 exhibits a generally good security posture based on the provided static analysis and vulnerability history.  There are no recorded CVEs, and the code signals indicate responsible development practices, such as the absence of dangerous functions and the proper use of prepared statements for SQL queries. A significant majority of output is properly escaped, and capability checks and nonce checks are present, suggesting an awareness of common WordPress security pitfalls. The plugin also avoids bundling libraries, which can sometimes introduce outdated or vulnerable components. The absence of taint analysis findings further strengthens the impression of secure coding. \n\nHowever, a closer examination reveals some potential areas for improvement. While the attack surface is small and all entry points appear to have some form of protection, the plugin does utilize shortcodes, which can sometimes be a vector for vulnerabilities if not handled meticulously. The fact that 20% of outputs are not properly escaped, while not classified as critical by this analysis, represents a potential XSS risk that could be exploited by a determined attacker. The single external HTTP request also warrants scrutiny to ensure it is handled securely and doesn't expose the site to risks from external sources. Overall, the plugin is robust but could benefit from addressing the minor output escaping gaps and ensuring the external HTTP request is as secure as possible.",[336,338],{"reason":337,"points":11},"Outputs not properly escaped",{"reason":339,"points":330},"External HTTP requests","2026-03-16T23:27:09.814Z",{"wat":342,"direct":373},{"assetPaths":343,"generatorPatterns":357,"scriptPaths":358,"versionParams":359},[344,345,346,347,348,349,350,351,352,353,354,355,356],"\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fadmin\u002Fcss\u002Fbht-repeater.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fadmin\u002Fcss\u002Fjquery.datetimepicker.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-event-custom-jquery.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-repeater.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-shortcode-button.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-widget-customizer.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fjquery.datetimepicker.full.min.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fpublic\u002Fcss\u002Fbht-event-style-personal.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fpublic\u002Fcss\u002Fbht-event_style.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fpublic\u002Fcss\u002Fbht-style.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fpublic\u002Fjs\u002Fbht-event-custom.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fpublic\u002Fjs\u002Fbht-simplecalendar.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-hub-toolbox\u002Fassets\u002Fpublic\u002Fjs\u002FeasyResponsiveTabs.js",[],[346,347,348,349,350,354,355,356],[360,361,362,363,364,365,366,367,368,369,370,371,372],"business-hub-toolbox\u002Fassets\u002Fadmin\u002Fcss\u002Fbht-repeater.css?ver=","business-hub-toolbox\u002Fassets\u002Fadmin\u002Fcss\u002Fjquery.datetimepicker.css?ver=","business-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-event-custom-jquery.js?ver=","business-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-repeater.js?ver=","business-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-shortcode-button.js?ver=","business-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fbht-widget-customizer.js?ver=","business-hub-toolbox\u002Fassets\u002Fadmin\u002Fjs\u002Fjquery.datetimepicker.full.min.js?ver=","business-hub-toolbox\u002Fassets\u002Fpublic\u002Fcss\u002Fbht-event-style-personal.css?ver=","business-hub-toolbox\u002Fassets\u002Fpublic\u002Fcss\u002Fbht-event_style.css?ver=","business-hub-toolbox\u002Fassets\u002Fpublic\u002Fcss\u002Fbht-style.css?ver=","business-hub-toolbox\u002Fassets\u002Fpublic\u002Fjs\u002Fbht-event-custom.js?ver=","business-hub-toolbox\u002Fassets\u002Fpublic\u002Fjs\u002Fbht-simplecalendar.js?ver=","business-hub-toolbox\u002Fassets\u002Fpublic\u002Fjs\u002FeasyResponsiveTabs.js?ver=",{"cssClasses":374,"htmlComments":384,"htmlAttributes":385,"restEndpoints":386,"jsGlobals":387,"shortcodeOutput":397},[375,376,377,378,379,380,381,382,383],"bht-event-custom-jquery","bht-repeater","bht-shortcode-button","bht-widget-customizer","bht-simplecalendar","easyResponsiveTabs","bht-event-style-personal","bht-event_style","bht-style",[],[],[],[388,389,390,391,392,393,394,395,396],"BHP_DIR","BHP_URI","ECA_IMAGE_DIR","ECA_JS_DIR","ECA_CSS_DIR","ECP_IMAGE_DIR","ECP_JS_DIR","ECP_CSS_DIR","BHT_Class",[]]