[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxhKfIu5Skm4r8VcoLA_i7Zfqx5AlqB9_fVLmTlNNExo":3,"$fohdwoLeHOX-TopwZRN0dGVvhaPyW6wsHm70l7UYQ2nw":373},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":114,"fingerprints":345},"california-state-grants","California State Grants","2.0.8","castatelibrary","https:\u002F\u002Fprofiles.wordpress.org\u002Fcastatelibrary\u002F","\u003Cp>The California Grants Portal, \u003Ca href=\"https:\u002F\u002Fwww.grants.ca.gov\u002F\" rel=\"nofollow ugc\">grants.ca.gov\u003C\u002Fa>, is managed and hosted by the California State Library. The \u003Ca href=\"http:\u002F\u002Fleginfo.legislature.ca.gov\u002Ffaces\u002FbillNavClient.xhtml?bill_id=201720180AB2252\" rel=\"nofollow ugc\">Grant Information Act of 2018\u003C\u002Fa> (Stats. 2018, Ch. 318) required the State Library to build one website by July 1, 2020, “that provides a centralized location … to find state grant opportunities.” State grantmaking agencies input and update their information into prescribed data fields to make all state grant opportunities searchable on \u003Ca href=\"https:\u002F\u002Fwww.grants.ca.gov\u002F\" rel=\"nofollow ugc\">grants.ca.gov\u003C\u002Fa>. The Grant Information Act requires state agencies to provide summaries of each of their grant or loan opportunities, including, among other items, information about how to apply and links that grantseekers can follow for more details. \u003Ca href=\"https:\u002F\u002Fleginfo.legislature.ca.gov\u002Ffaces\u002FbillNavClient.xhtml?bill_id=202120220AB132\" rel=\"nofollow ugc\">AB132\u003C\u002Fa> expanded the Grants Portal mission, requiring state grantmakers to submit post award data for all grants closing on or after July 1, 2022. This site was built in collaboration with our vendor \u003Ca href=\"https:\u002F\u002F10up.com\u002F\" rel=\"nofollow ugc\">10up\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The California State Grants Plugin is the official WordPress plugin allowing the state agencies to submit their grant information and post award information via the plugin and manage the grant data within their own WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Policies Related to the California Grants Portal\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.grants.ca.gov\u002Fuse-policy\u002F\" rel=\"nofollow ugc\">Use Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.grants.ca.gov\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Instructions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Please follow the detailed instructions provided in the \u003Ca href=\"https:\u002F\u002Fwww.grants.ca.gov\u002Fstate-grantmakers-guide\u002F\" rel=\"nofollow ugc\">State Grantmakers Guide\u003C\u002Fa> \u003Cstrong>(state agencies must log in prior to accessing this link)\u003C\u002Fstrong> to learn how to submit your grant opportunities to the Grants Portal.\u003C\u002Fp>\n","The California State Grants Plugin is the official WordPress plugin allowing you to manage your grant data within your own site running WordPress.",0,1712,"","6.0.11","5.0","7.4",[18,19,20,21,22],"california-grants-portal","grants","loans","state-government","submit-your-grants","https:\u002F\u002Fgithub.com\u002FCAStateLibrary\u002FCaliforniaStateGrantsPlugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcalifornia-state-grants.2.0.8.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,94,"2026-04-08T12:59:29.185Z",[35,58,77,96],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":25,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":13,"tags":49,"homepage":53,"download_link":54,"security_score":55,"vuln_count":45,"unpatched_count":11,"last_vuln_date":56,"fetched_at":57},"loan-comparison","Loan Comparison","2.0.2","Graham","https:\u002F\u002Fprofiles.wordpress.org\u002Faerin\u002F","\u003Cp>A lightweight responsive plugin that displays loan repayment information from an unlimited number of banks and other providers\u003C\u002Fp>\n\u003Cp>Using the settings you can manage the slider ranges, bank data, labels and notices.\u003C\u002Fp>\n\u003Cp>Bespoke versions are available.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>READ THIS!\u003C\u002Fstrong> There will be no further updates to this plugin except to fix security bugs and ensure compatibility with the latest version of WordPress. The plugin isn’t going to be deleted but I have built a new Comparison Plugin that is so much easier to manage and update. \u003Ca href=\"https:\u002F\u002Fcomparisonplugin.com\" rel=\"nofollow ugc\">See the demo\u003C\u002Fa>. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomparisons\u002F\" rel=\"ugc\">Get the plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Uses any currency\u003C\u002Fli>\n\u003Cli>Set the max, min, initial and step values on the sliders\u003C\u002Fli>\n\u003Cli>Display monthly and total repayments\u003C\u002Fli>\n\u003Cli>Set interest rates and other bank data\u003C\u002Fli>\n\u003Cli>Change the labels on all outputs\u003C\u002Fli>\n\u003Cli>Show bank rating\u003C\u002Fli>\n\u003Cli>Add an optional admin fee to the total to pay\u003C\u002Fli>\n\u003Cli>Include a ‘more info’ section for each bank\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upgrade to Premium\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display up to 10 independent comparison tables\u003C\u002Fli>\n\u003Cli>Change and order the data outputs\u003C\u002Fli>\n\u003Cli>Bank page creator\u003C\u002Fli>\n\u003Cli>Bar charts\u003C\u002Fli>\n\u003Cli>Results filtering\u003C\u002Fli>\n\u003Cli>Sorting option\u003C\u002Fli>\n\u003Cli>Promo ribbons\u003C\u002Fli>\n\u003Cli>Features and checkboxes\u003C\u002Fli>\n\u003Cli>Add a message to show the number of results\u003C\u002Fli>\n\u003Cli>Limit the number of results to display (adds a button to show all results)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Developer’s plugin pages\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbankcomparisonplugin.com\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fbankcomparisonplugin.com\u002Fsettings\u002F\" rel=\"nofollow ugc\">Settings\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fbankcomparisonplugin.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fbankcomparisonplugin.com\u002Floan-application\u002F?amount=$1000&term=2%20Years&bank=Instabank\" rel=\"nofollow ugc\">Loan Application Form\u003C\u002Fa>\u003C\u002Fp>\n","A simple way to compare loans from banks and other providers. Uses sliders to set the amount and term and display the number of matching banks.",400,13492,3,"2025-12-23T09:12:00.000Z","6.9.4","6.0",[50,51,20,52],"banks","comparison","repayments","https:\u002F\u002Floanpaymentplugin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floan-comparison.2.0.2.zip",98,"2024-12-23 00:00:00","2026-04-06T09:54:40.288Z",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":11,"num_ratings":11,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":13,"tags":71,"homepage":74,"download_link":75,"security_score":76,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":57},"easy-mortgage-rates","Easy Mortgage Rates",".2","Sheldon","https:\u002F\u002Fprofiles.wordpress.org\u002Fhyperlinked\u002F","\u003Cp>This plugin will allow you to use [easy_mortgage_rates_table] as a template tag to insert a table of common real estate loan program interest rates into your posts and pages. You can also use your table as a widget. This plugin has a feature that allows for a generic mortgage rates widget from ERATE.COM to be displayed if your custom rates have not been updated within a set number of hours.\u003C\u002Fp>\n\u003Cp>To enter interest rates and edit settings, click on the “Easy Mortgage Rates” link under the Settings area of the Admin area. Most of the settings available should be self-explanatory.\u003C\u002Fp>\n\u003Cp>In the settings for Easy Mortgage Rates you may set the number of hours you want to pass before the generic rates from ERATE.COM are used instead of your custom rates. You can customize the generic rates displayed by the ERATE.COM widget by entering a state in the settings.\u003C\u002Fp>\n\u003Cp>If you wish to omit rate information for certain programs, leave the corresponding fields blank and the program will not be displayed in your custom rate table. You may also leave all APR fields blank if you wish to omit the APR column in your table.\u003C\u002Fp>\n","This plugin will allow you to use [easy_mortgage_rates_table] as a template tag to insert a table of common real estate loan program interest rates in &hellip;",10,1863,"2011-03-30T19:43:00.000Z","3.1.4","2.8",[20,72,73],"mortgage-rates","mortgages","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Feasy-mortgage-rates\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-mortgage-rates.zip",85,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":66,"downloaded":85,"rating":25,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":70,"requires_php":13,"tags":89,"homepage":94,"download_link":95,"security_score":76,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":57},"grants-for-nonprofits-widget","Grants for Nonprofits Widget","1.1","kutu62","https:\u002F\u002Fprofiles.wordpress.org\u002Fkutu62\u002F","\u003Cp>Imagine a widget that pulls in new grant opportunities from around the web and aggregates them into one place! This feed of grant opportunities (RFP) is nested into a widget you can easily add to the sidebar of your website. Well you can stop wishing, I’ve put together an aggregation of RSS feeds that serve you grant opportunities daily. The feed is updated multiple times per day so you’ll always see fresh grant request for proposals which your non profit can apply for.\u003C\u002Fp>\n\u003Cp>If you know of other RSS feed or ATOM feed sources which can be added to this widget please click the support link on this page and post the website or feed URL for consideration. Thanks to the guys at \u003Ca href=\"http:\u002F\u002Feasygrants.us\" rel=\"nofollow ugc\">Easy Grants\u003C\u002Fa> for supporting this project. Get the RSS feed \u003Ca href=\"http:\u002F\u002Ffeeds.feedburner.com\u002FEasyGrantsForNonProfitsAndBusinesses\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","The Grants for Nonprofits Widget is an aggregation of new grant opportunities for nonprofits and other organizations.",8533,2,"2014-09-30T12:50:00.000Z","4.0.38",[90,91,19,92,93],"501-c-3","feed","rss","widget","http:\u002F\u002Feasygrants.us","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgrants-for-nonprofits-widget.zip",{"slug":97,"name":98,"version":80,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":11,"downloaded":103,"rating":11,"num_ratings":11,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":13,"tags":107,"homepage":13,"download_link":113,"security_score":76,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":57},"skeps-pay-over-time","Skeps Pay-Over-Time","skepsdev","https:\u002F\u002Fprofiles.wordpress.org\u002Fskepsdev\u002F","\u003Cp>Skeps provides Pay-Over-Time options with monthly payment plans including no interest promos.\u003C\u002Fp>\n\u003Cp>Increase sales with our differentiated Pay-Over-Time platform. We serve all your customers with lower cost options from national U.S. banks. Skeps Pay-Over-Time offers can only be used with your business and we never cross-sell to your customers. Our solution works wherever your customers are, online, in-store, and over-the-phone. You can tailor specific financing offers based on your inventory (SKU-level) or geographical locations for promotional campaigns.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Increase sales and average order value – offer affordable payment plans.\u003Cbr \u002F>\n* Higher line sizes up to $25K exclusively for your business.\u003Cbr \u002F>\n* Keep your customers – Skeps never cross sells to your customers\u003Cbr \u002F>\n* More product options – interest based and 0% promotions.\u003Cbr \u002F>\n* Longer term loan options – up to 60 months for low monthly payments.\u003Cbr \u002F>\n* Configurable – run promotional campaigns at inventory-level.\u003Cbr \u002F>\n* Promote your brand and drive loyalty – your fully branded experience.\u003Cbr \u002F>\n* Connect where your business is – online, in-store, and over-the-phone.\u003C\u002Fp>\n\u003Ch3>Third-Party Service Details\u003C\u002Fh3>\n\u003Cp>This plugin relies on a third-party service for error tracking and monitoring. The service is provided by Sentry.\u003C\u002Fp>\n\u003Cp>When and why this service is used:\u003Cbr \u002F>\n– Error Tracking: Sentry is used to capture and report errors that may occur while using this plugin, helping us improve its reliability and performance.\u003C\u002Fp>\n\u003Ch3>Third-Party Service Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsentry.io\u002F\" rel=\"nofollow ugc\">Sentry\u003C\u002Fa>: Visit Sentry’s official website to learn more about their services.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsentry.io\u002Fterms\u002F\" rel=\"nofollow ugc\">Sentry Terms of Use\u003C\u002Fa>: Sentry’s terms of use for information on using their service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsentry.io\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Sentry Privacy Policy\u003C\u002Fa>: Sentry’s privacy policy to understand how they handle data.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Skeps provides Pay-Over-Time options with monthly payment plans including no interest promos.",577,"2024-02-22T13:41:00.000Z","6.3.8","3.2",[108,109,110,111,112],"buy-now-pay-later-bnpl","installment-loans","pay-over-time","payment-solutions","pos-financing","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fskeps-pay-over-time.zip",{"attackSurface":115,"codeSignals":292,"taintFlows":312,"riskAssessment":339,"analyzedAt":344},{"hooks":116,"ajaxHandlers":282,"restRoutes":289,"shortcodes":290,"cronEvents":291,"entryPointCount":86,"unprotectedCount":11},[117,123,127,131,135,138,142,146,148,154,157,160,165,169,173,178,181,185,189,193,196,200,204,207,210,213,218,221,224,226,230,236,240,243,247,250,253,257,259,262,264,267,269,273,275,278],{"type":118,"name":119,"callback":120,"priority":30,"file":121,"line":122},"action","admin_menu","register_admin_page","includes\\classes\\Admin\\BulkUploadPage.php",61,{"type":118,"name":124,"callback":125,"file":121,"line":126},"current_screen","maybe_handle_submit",62,{"type":118,"name":128,"callback":129,"file":121,"line":130},"admin_notices","maybe_show_notices",63,{"type":118,"name":128,"callback":132,"file":133,"line":134},"maybe_prompt_setup","includes\\classes\\Admin\\Notices.php",40,{"type":118,"name":128,"callback":136,"file":133,"line":137},"maybe_prompt_after_first_grant",41,{"type":118,"name":139,"callback":140,"file":141,"line":134},"admin_init","register_settings","includes\\classes\\Admin\\Settings.php",{"type":118,"name":119,"callback":143,"priority":30,"file":144,"line":145},"register_settings_page","includes\\classes\\Admin\\SettingsPage.php",53,{"type":118,"name":124,"callback":125,"file":144,"line":147},54,{"type":149,"name":150,"callback":151,"priority":66,"file":152,"line":153},"filter","ca_grants_taxonomy_args","hide_taxonomy_metabox","includes\\classes\\Admin\\Taxonomies.php",19,{"type":118,"name":119,"callback":155,"priority":30,"file":156,"line":145},"register_welcome_page","includes\\classes\\Admin\\WelcomePage.php",{"type":118,"name":139,"callback":158,"file":159,"line":122},"register_cron_jobs","includes\\classes\\Cron\\BulkAwardImport.php",{"type":118,"name":161,"callback":162,"file":163,"line":164},"trashed_post","schedule_trash_grant_awards","includes\\classes\\Cron\\GrantAwardsCleanup.php",49,{"type":118,"name":166,"callback":167,"file":163,"line":168},"untrashed_post","schedule_untrash_grant_awards",50,{"type":118,"name":170,"callback":171,"priority":66,"file":163,"line":172},"deleted_post","schedule_delete_grant_awards",51,{"type":118,"name":174,"callback":175,"file":176,"line":177},"init","register_post_type","includes\\classes\\PostTypes\\AwardUploads.php",261,{"type":118,"name":174,"callback":179,"file":176,"line":180},"register_post_status",262,{"type":118,"name":182,"callback":183,"file":176,"line":184},"admin_head","remove_submenu_pages",263,{"type":118,"name":186,"callback":187,"file":176,"line":188},"load-post-new.php","redirect_add_new_to_bulk_upload",264,{"type":118,"name":190,"callback":191,"file":176,"line":192},"admin_footer-post.php","append_post_status_list",267,{"type":118,"name":194,"callback":191,"file":176,"line":195},"admin_footer-edit.php",270,{"type":149,"name":197,"callback":198,"priority":66,"file":176,"line":199},"display_post_states","display_failed_post_states",272,{"type":118,"name":182,"callback":201,"file":202,"line":203},"maybe_hide_preview","includes\\classes\\PostTypes\\BaseEdit.php",87,{"type":118,"name":174,"callback":175,"file":205,"line":206},"includes\\classes\\PostTypes\\GrantAwards.php",38,{"type":118,"name":208,"callback":209,"file":205,"line":134},"restrict_manage_posts","add_post_filters",{"type":118,"name":211,"callback":212,"file":205,"line":137},"parse_query","filter_query",{"type":149,"name":214,"callback":215,"priority":216,"file":205,"line":217},"ep_indexable_post_types","include_in_es_index",20,43,{"type":149,"name":219,"callback":215,"priority":216,"file":205,"line":220},"ep_searchable_post_types",44,{"type":149,"name":222,"callback":223,"priority":66,"file":205,"line":168},"posts_clauses","meta_or_title_search_clauses",{"type":118,"name":174,"callback":175,"file":225,"line":206},"includes\\classes\\PostTypes\\Grants.php",{"type":149,"name":227,"callback":228,"priority":66,"file":225,"line":229},"use_block_editor_for_post_type","disable_block_editor",39,{"type":118,"name":231,"callback":232,"priority":233,"file":234,"line":235},"rest_api_init","register_routes",11,"includes\\classes\\REST\\AwardeeStatsEndpoint.php",80,{"type":149,"name":237,"callback":238,"priority":66,"file":239,"line":172},"rest_request_before_callbacks","authenticate_rest_request","includes\\classes\\REST\\BaseEndpoint.php",{"type":118,"name":231,"callback":232,"priority":233,"file":241,"line":242},"includes\\classes\\REST\\BulkUploadEndpoint.php",81,{"type":149,"name":244,"callback":245,"file":241,"line":246},"upload_dir","update_uploads_dir_path",416,{"type":149,"name":237,"callback":248,"priority":66,"file":249,"line":172},"grant_id_present_rest_request","includes\\classes\\REST\\GrantAwardsEndpoint.php",{"type":118,"name":231,"callback":232,"priority":233,"file":251,"line":252},"includes\\classes\\REST\\GrantAwardsValidation.php",79,{"type":118,"name":174,"callback":254,"file":255,"line":256},"anonymous","includes\\functions\\core.php",31,{"type":118,"name":174,"callback":254,"file":255,"line":258},32,{"type":118,"name":260,"callback":254,"file":255,"line":261},"wp_enqueue_scripts",33,{"type":118,"name":260,"callback":254,"file":255,"line":263},34,{"type":118,"name":265,"callback":254,"file":255,"line":266},"admin_enqueue_scripts",35,{"type":118,"name":265,"callback":254,"file":255,"line":268},36,{"type":118,"name":270,"callback":271,"file":255,"line":272},"post_edit_form_tag","closure",37,{"type":118,"name":274,"callback":254,"file":255,"line":220},"tiny_mce_before_init",{"type":149,"name":276,"callback":254,"priority":66,"file":255,"line":277},"script_loader_tag",47,{"type":118,"name":279,"callback":271,"file":280,"line":281},"after_setup_theme","plugin.php",150,[283,288],{"action":284,"nopriv":285,"callback":284,"hasNonce":286,"hasCapCheck":285,"file":287,"line":266},"get_fiscal_years_by_grant",false,true,"includes\\classes\\Meta\\FiscalYearAJAX.php",{"action":284,"nopriv":286,"callback":284,"hasNonce":286,"hasCapCheck":285,"file":287,"line":268},[],[],[],{"dangerousFunctions":293,"sqlUsage":294,"outputEscaping":297,"fileOperations":45,"externalRequests":86,"nonceChecks":310,"capabilityChecks":295,"bundledLibraries":311},[],{"prepared":295,"raw":11,"locations":296},4,[],{"escaped":298,"rawEcho":295,"locations":299},443,[300,303,305,307],{"file":144,"line":301,"context":302},163,"raw output",{"file":144,"line":304,"context":302},174,{"file":144,"line":306,"context":302},181,{"file":308,"line":309,"context":302},"includes\\classes\\Meta\\Field.php",448,5,[],[313,331],{"entryPoint":314,"graph":315,"unsanitizedCount":30,"severity":330},"wp_safe_remote_post_multipart (includes\\functions\\core.php:380)",{"nodes":316,"edges":328},[317,322],{"id":318,"type":319,"label":320,"file":255,"line":321},"n0","source","$_FILES",382,{"id":323,"type":324,"label":325,"file":255,"line":326,"wp_function":327},"n1","sink","file_get_contents() [SSRF\u002FLFI]",409,"file_get_contents",[329],{"from":318,"to":323,"sanitized":285},"medium",{"entryPoint":332,"graph":333,"unsanitizedCount":30,"severity":330},"\u003Ccore> (includes\\functions\\core.php:0)",{"nodes":334,"edges":337},[335,336],{"id":318,"type":319,"label":320,"file":255,"line":321},{"id":323,"type":324,"label":325,"file":255,"line":326,"wp_function":327},[338],{"from":318,"to":323,"sanitized":285},{"summary":340,"deductions":341},"The \"california-state-grants\" v2.0.8 plugin exhibits a generally strong security posture based on the provided static analysis.  The absence of identified critical or high-severity taint flows, coupled with the extensive use of prepared statements for SQL queries, proper output escaping in the vast majority of cases, and the presence of nonce and capability checks on its entry points, are all positive indicators.  The plugin also boasts a history free of known CVEs, suggesting a pattern of responsible development and maintenance.  However, the presence of two flows with unsanitized paths, despite not reaching critical or high severity in the taint analysis, warrants attention as a potential area for subtle vulnerabilities. The small attack surface is a positive, but the existence of any unsanitized paths, however minor the current detected impact, always represents a risk.\n\nWhile the plugin performs well in many security-critical areas, the two identified unsanitized path flows are the primary concern. Although the taint analysis did not classify these as critical or high, they represent potential vectors for exploitation if an attacker can manipulate input to influence file paths or operations. The lack of known vulnerabilities in its history is reassuring, but it's important to remember that this doesn't guarantee future immunity.  The plugin demonstrates good practices in its general implementation, but the presence of even low-severity unsanitized path issues means it's not entirely without risk.  Overall, the plugin appears to be well-secured, but the identified path issues should be investigated and remediated to further strengthen its security.",[342],{"reason":343,"points":310},"Flows with unsanitized paths identified","2026-03-17T05:43:57.596Z",{"wat":346,"direct":360},{"assetPaths":347,"generatorPatterns":354,"scriptPaths":355,"versionParams":359},[348,349,350,351,352,353],"\u002Fwp-content\u002Fplugins\u002Fcalifornia-state-grants\u002Fdist\u002Fjs\u002Fshared.js","\u002Fwp-content\u002Fplugins\u002Fcalifornia-state-grants\u002Fdist\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fcalifornia-state-grants\u002Fdist\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fcalifornia-state-grants\u002Fdist\u002Fcss\u002Fshared.css","\u002Fwp-content\u002Fplugins\u002Fcalifornia-state-grants\u002Fdist\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fcalifornia-state-grants\u002Fdist\u002Fcss\u002Fadmin.css",[],[356,357,358],"dist\u002Fjs\u002Fshared.js","dist\u002Fjs\u002Ffrontend.js","dist\u002Fjs\u002Fadmin.js",[],{"cssClasses":361,"htmlComments":363,"htmlAttributes":364,"restEndpoints":365,"jsGlobals":371,"shortcodeOutput":372},[362],"form--validate",[],[],[366,367,368,369,370],"\u002Fwp-json\u002Fcsl-grants\u002Fv2\u002Fgrant-awards","\u002Fwp-json\u002Fcsl-grants\u002Fv2\u002Fbulk-upload","\u002Fwp-json\u002Fcsl-grants\u002Fv2\u002Fgrant-awards-validation","\u002Fwp-json\u002Fcsl-grants\u002Fv2\u002Fawardee-stats","\u002Fwp-json\u002Fcsl-grants\u002Fv2\u002Fgrants",[],[],{"slug":4,"current_version":6,"total_versions":11,"versions":374},[]]