[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9rULrweaawRC6aUUMOTJVCyYV5ncZh0KYJUw7m8ukVY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":6,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":32,"analysis":33,"fingerprints":151},"business-model-canvas","Business Canvas Model","1.0.0","zaheer01","https:\u002F\u002Fprofiles.wordpress.org\u002Fzaheer01\u002F","\u003Cp>While there are plenty of really great methodologies and frameworks, like open brainstorming and the Creative Matrix, designed specifically for ideation, the BMC can also be a really powerful tool to get the creative (ideation) juices flowing. The key to using the BMC for ideation is that it’s best to start with your current business model. In other words, if you’re starting from zero, there are probably better methods for ideation.\u003C\u002Fp>\n\u003Cp>Refrence: https:\u002F\u002Fdesignabetterbusiness.com\u002F2017\u002F11\u002F02\u002Fhow-to-use-the-business-model-canvas-for-innovation\u002F\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>There are 9 steps you can create to define you business flow that can be created from dashboard and can be display by using shortcode.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>To display business canvas model use shortcode [BMC].\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","While there are plenty of really great methodologies and frameworks, like open brainstorming and the Creative Matrix, designed specifically for ideati …",10,1732,0,"2019-06-25T09:24:00.000Z","5.2.24","5.6.20",[18,19],"business-plan","business-canvas-model","http:\u002F\u002Fwordpresswithzaheer.blogspot.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbusiness-model-canvas.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},2,20,30,84,"2026-04-04T16:49:10.832Z",[],{"attackSurface":34,"codeSignals":88,"taintFlows":137,"riskAssessment":138,"analyzedAt":150},{"hooks":35,"ajaxHandlers":62,"restRoutes":79,"shortcodes":80,"cronEvents":86,"entryPointCount":87,"unprotectedCount":13},[36,42,46,51,54,58],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","admin_menu","bmc_register_custom_page","bmc-dashboard\\bmc-choose-canvases.php",5,{"type":37,"name":43,"callback":44,"file":40,"line":45},"admin_init","bmc_register_plugin_settings",13,{"type":37,"name":47,"callback":48,"file":49,"line":50},"admin_enqueue_scripts","bmc_enqueue_script_admin","business-model-canvas.php",19,{"type":37,"name":52,"callback":53,"file":49,"line":28},"wp_enqueue_scripts","bmc_enqueue_script_frontend",{"type":37,"name":55,"callback":56,"file":49,"line":57},"init","bmc_start_from_here",21,{"type":37,"name":59,"callback":60,"file":49,"line":61},"plugins_loaded","bmc_load_textdomain",22,[63,69,70,73,74,78],{"action":64,"nopriv":65,"callback":64,"hasNonce":66,"hasCapCheck":65,"file":67,"line":68},"bmc_create_sticky_notes_by_textarea",false,true,"bmc-dashboard\\bmc-canvas-response.php",4,{"action":64,"nopriv":66,"callback":64,"hasNonce":66,"hasCapCheck":65,"file":67,"line":41},{"action":71,"nopriv":65,"callback":71,"hasNonce":66,"hasCapCheck":65,"file":72,"line":68},"bmc_delete_sticky_notes","bmc-dashboard\\bmc-delete-sticky-notes.php",{"action":71,"nopriv":66,"callback":71,"hasNonce":66,"hasCapCheck":65,"file":72,"line":41},{"action":75,"nopriv":65,"callback":75,"hasNonce":66,"hasCapCheck":65,"file":76,"line":77},"bmc_update_field_by_unique_id","bmc-dashboard\\bmc-update-fields.php",3,{"action":75,"nopriv":66,"callback":75,"hasNonce":66,"hasCapCheck":65,"file":76,"line":68},[],[81],{"tag":82,"callback":83,"file":84,"line":85},"BMC","bmc_display_contents_by_shortcode","bmc-dashboard\\bmc-shortcode.php",197,[],7,{"dangerousFunctions":89,"sqlUsage":90,"outputEscaping":133,"fileOperations":13,"externalRequests":13,"nonceChecks":77,"capabilityChecks":13,"bundledLibraries":136},[],{"prepared":91,"raw":50,"locations":92},1,[93,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130],{"file":40,"line":94,"context":95},64,"$wpdb->get_results() with variable interpolation",{"file":40,"line":97,"context":95},86,{"file":40,"line":99,"context":95},105,{"file":40,"line":101,"context":95},126,{"file":40,"line":103,"context":95},146,{"file":40,"line":105,"context":95},167,{"file":40,"line":107,"context":95},188,{"file":40,"line":109,"context":95},210,{"file":40,"line":111,"context":95},230,{"file":84,"line":113,"context":95},11,{"file":84,"line":115,"context":95},35,{"file":84,"line":117,"context":95},60,{"file":84,"line":119,"context":95},80,{"file":84,"line":121,"context":95},99,{"file":84,"line":123,"context":95},118,{"file":84,"line":125,"context":95},137,{"file":84,"line":127,"context":95},158,{"file":84,"line":129,"context":95},175,{"file":49,"line":131,"context":132},94,"$wpdb->get_var() with variable interpolation",{"escaped":134,"rawEcho":13,"locations":135},107,[],[],[],{"summary":139,"deductions":140},"The 'business-model-canvas' plugin v1.0.0 demonstrates a generally strong security posture with several positive indicators. Notably, there are no recorded vulnerabilities (CVEs) and the static analysis shows 100% of output is properly escaped, indicating good practices for preventing cross-site scripting (XSS) attacks.  The absence of file operations and external HTTP requests further reduces potential attack vectors.\n\nHowever, the code analysis does reveal areas for improvement.  While there are no raw SQL queries without prepared statements identified, the fact that only 5% of the 20 total SQL queries use prepared statements is a significant concern. This leaves the remaining 95% vulnerable to SQL injection if the data used in those queries originates from untrusted sources. Furthermore, there are no capability checks on the identified entry points, which, combined with a lack of nonce checks on some AJAX handlers, could allow unauthorized users to perform actions they shouldn't be able to. The total absence of taint analysis results is also a weakness, as it suggests this security measure may not have been thoroughly implemented or reviewed.\n\nIn conclusion, the plugin benefits from a clean vulnerability history and good output escaping. However, the heavy reliance on non-prepared SQL statements and the lack of robust authorization checks on its entry points represent substantial security risks that need to be addressed. The lack of comprehensive taint analysis is also a missed opportunity for proactive security assessment.",[141,144,146,148],{"reason":142,"points":143},"High percentage of SQL queries not using prepared statements",15,{"reason":145,"points":11},"No capability checks on entry points",{"reason":147,"points":41},"Missing nonce checks on some AJAX handlers",{"reason":149,"points":41},"No taint analysis performed","2026-03-17T00:08:37.642Z",{"wat":152,"direct":169},{"assetPaths":153,"generatorPatterns":162,"scriptPaths":163,"versionParams":164},[154,155,156,157,158,159,160,161],"\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fcss\u002Fbmc_dashboard_style.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Ffont-awesome-4.7.0\u002Fcss\u002Ffont-awesome.min.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fjs\u002Fjquery.nicescroll.min.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fjs\u002Fbootstrap.min.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fjs\u002Fbmc_dashboard_script.js","\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fcss\u002Fbmc_frontend_style.css","\u002Fwp-content\u002Fplugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fjs\u002Fbmc_frontend_script.js",[],[157,158,159,161],[165,166,167,168],"plugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fcss\u002Fbmc_dashboard_style.css?ver=1.0.0","plugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fjs\u002Fbmc_dashboard_script.js?ver=1.0.0","plugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fcss\u002Fbmc_frontend_style.css?ver=1.0.0","plugins\u002Fbusiness-model-canvas\u002Fbmc-dashboard\u002Fjs\u002Fbmc_frontend_script.js?ver=1.0.0",{"cssClasses":170,"htmlComments":186,"htmlAttributes":187,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":192},[171,172,173,174,175,176,177,178,179,180,181,182,183,184,185],"bmcRocks","b-widget","key_partners","bc","key_activities","key_resources","value_propositions","customer_relationships","channels","cost_structure","revenue_streams","stickynote","notes","stickyValues","bc_wrap",[],[188],"data-name",[],[191],"ajax_object",[193,194,195,196,197,198,199,200,201,202,203,204],"\u003Cdiv class=\"bmcRocks\">","\u003Cdiv class=\"columns key_partners\" id=\"bc\">","\u003Cdiv class=\"stickynote notes\"","\u003Cdiv class=\"stickyValues\"","\u003Cdiv class=\"bc_wrap\"","\u003Cdiv class=\"columns key_activities\" id=\"bc\"","\u003Cdiv class=\"columns key_resources\" id=\"bc\"","\u003Cdiv class=\"columns value_propositions\" id=\"bc\"","\u003Cdiv class=\"columns customer_relationships\" id=\"bc\"","\u003Cdiv class=\"columns channels\" id=\"bc\"","\u003Cdiv class=\"columns cost_structure\" id=\"bc\"","\u003Cdiv class=\"columns revenue_streams\" id=\"bc\""]