[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGopTOPeovf0u07KtCgDbksuvBy2cs8DnIlIqUGDV9qs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":132,"fingerprints":240},"call-from-web","Call From Web – Click to Call & Live Support Button for WordPress","4.0.3","call_from_web","https:\u002F\u002Fprofiles.wordpress.org\u002Fcall_from_web\u002F","\u003Cp>Call From Web is the #1 Click-to-Call solution for WordPress websites, enabling instant communication between you and your visitors through free phone calls. This powerful plugin seamlessly integrates a professional call button into your website without modifying theme files, allowing visitors to connect with you directly from anywhere in the world!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.call-from-web.com?utm_source=wordpress&utm_medium=plugin&utm_content=description&utm_campaign=description\" rel=\"nofollow ugc\">Call From Web\u003C\u002Fa> revolutionizes customer support by providing real-time voice communication, eliminating the delays and frustrations of traditional contact forms.\u003C\u002Fp>\n\u003Ch4>Why Choose Call From Web?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🎯 \u003Cstrong>Direct Customer Connection\u003C\u002Fstrong>: Eliminate barriers between you and your customers\u003C\u002Fli>\n\u003Cli>💰 \u003Cstrong>Boost Sales\u003C\u002Fstrong>: Reduce cart abandonment and increase conversion rates\u003C\u002Fli>\n\u003Cli>⚡ \u003Cstrong>Instant Support\u003C\u002Fstrong>: Provide immediate assistance to your visitors\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>Customer Insights\u003C\u002Fstrong>: Track and analyze customer interactions\u003C\u002Fli>\n\u003Cli>🌍 \u003Cstrong>Global Reach\u003C\u002Fstrong>: Connect with customers worldwide\u003C\u002Fli>\n\u003Cli>🛠️ \u003Cstrong>Easy Integration\u003C\u002Fstrong>: No technical expertise required\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>📞 \u003Cstrong>Advanced Call Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Call History & Analytics\u003C\u002Fli>\n\u003Cli>Audio Recording\u003C\u002Fli>\n\u003Cli>Custom DID Numbers\u003C\u002Fli>\n\u003Cli>Working Hours Configuration\u003C\u002Fli>\n\u003Cli>Multiple Agent Support\u003C\u002Fli>\n\u003Cli>Smart Call Forwarding\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🔄 \u003Cstrong>Integration Capabilities\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>CRM System Integration\u003C\u002Fli>\n\u003Cli>Custom Webhooks\u003C\u002Fli>\n\u003Cli>Email Notifications\u003C\u002Fli>\n\u003Cli>SMS Alerts\u003C\u002Fli>\n\u003Cli>Browser-based Calling\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🎨 \u003Cstrong>Customization Options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customizable Call Button\u003C\u002Fli>\n\u003Cli>Branded Interface\u003C\u002Fli>\n\u003Cli>Flexible Placement\u003C\u002Fli>\n\u003Cli>Responsive Design\u003C\u002Fli>\n\u003Cli>Multi-language Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>E-commerce Stores\u003C\u002Fli>\n\u003Cli>Customer Support Teams\u003C\u002Fli>\n\u003Cli>Real Estate Agents\u003C\u002Fli>\n\u003Cli>Service Providers\u003C\u002Fli>\n\u003Cli>Consultants\u003C\u002Fli>\n\u003Cli>Sales Teams\u003C\u002Fli>\n\u003Cli>Support Centers\u003C\u002Fli>\n\u003Cli>Lead Generation\u003C\u002Fli>\n\u003C\u002Ful>\n","🚀 Transform Your Website into a Direct Communication Channel! Get FREE Calls from Visitors Worldwide. Boost Conversions & Customer Satisfaction. 💪",10,7882,74,3,"2025-05-07T03:36:00.000Z","6.8.5","3.0.1","",[20,21,22,23,24],"call-button","call-now-button","click-to-call","contact-button","convert","https:\u002F\u002Fwww.call-from-web.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcall-from-web.4.0.3.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,94,"2026-04-03T23:13:05.232Z",[38,59,76,96,116],{"slug":21,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":54,"download_link":55,"security_score":56,"vuln_count":57,"unpatched_count":28,"last_vuln_date":58,"fetched_at":30},"Call Now Button – The #1 Click to Call Button for WordPress","2.0.0","Jerry Rietveld","https:\u002F\u002Fprofiles.wordpress.org\u002Fjgrietveld\u002F","\u003Ch3>What does the plugin do?\u003C\u002Fh3>\n\u003Cp>This plugin places a Call Now Button (click-to-call button) to the bottom of the screen. Because your mobile visitors already have a phone in their hands this plugin will allow them to call you with one simple touch of the button.\u003Cbr \u002F>\nNo more navigating to the contact page and no more complicated copy\u002Fpasting or memorizing the phone number!\u003C\u002Fp>\n\u003Ch4>More actions\u003C\u002Fh4>\n\u003Cp>Connect to our \u003Cstrong>cloud service\u003C\u002Fstrong> to enable more action buttons such as \u003Cstrong>WhatsApp\u003C\u002Fstrong>, \u003Cstrong>Signal\u003C\u002Fstrong>, \u003Cstrong>Telegram\u003C\u002Fstrong>, \u003Cstrong>Messenger\u003C\u002Fstrong>, \u003Cstrong>SMS\u002FText\u003C\u002Fstrong>, \u003Cstrong>Email\u003C\u002Fstrong>, \u003Cstrong>Directions\u003C\u002Fstrong>, \u003Cstrong>Viber\u003C\u002Fstrong>, \u003Cstrong>Zalo\u003C\u002Fstrong>, \u003Cstrong>WeChat\u003C\u002Fstrong>, \u003Cstrong>Line\u003C\u002Fstrong> and more. Find a more complete overview below in the \u003Cem>Account\u003C\u002Fem> section.\u003C\u002Fp>\n\u003Ch3>Could not be easier!\u003C\u002Fh3>\n\u003Cp>The settings are very easy: enable and enter your phone number. That’s it!\u003C\u002Fp>\n\u003Cp>The label allows you to add some text to your button. Leaving the label empty will show a nice circular phone button to your visitors (take a look at the screenshots).\u003C\u002Fp>\n\u003Ch4>Presentation controls\u003C\u002Fh4>\n\u003Cp>Under the \u003Cstrong>Presentation tab\u003C\u002Fstrong> you can change the colors of the button, move it to a different screen position and limit the pages on which the button should be visible.\u003C\u002Fp>\n\u003Ch4>Settings\u003C\u002Fh4>\n\u003Cp>In the \u003Cstrong>Settings menu\u003C\u002Fstrong> you’ll find a bunch of features such as click tracking in Google Analytics, fire a conversion tag so a call is registered as a conversion in Google Ads, adjust the size of the button or move the button further backwards in case you want something else to sit on top of it (e.g. your privacy notice). Here you can also enable the connection to our \u003Cem>Cloud service\u003C\u002Fem>.\u003C\u002Fp>\n\u003Ch3>Connecting to NowButtons.com\u003C\u002Fh3>\n\u003Cp>Connect the plugin to our cloud service NowButtons.com to unlock more features. Here’s an overview:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>⚡ More actions: SMS\u002FText, Email, Maps, URLs, Scroll to point\u003C\u002Fli>\n\u003Cli>🤗 Social actions: WhatsApp, Messenger, Telegram, Signal, Zalo, Viber, Line, WeChat\u003C\u002Fli>\n\u003Cli>🆕 Create 5 different buttons (instead of 1)\u003C\u002Fli>\n\u003Cli>🎯 Create smarter rules to decide where buttons should appear\u003C\u002Fli>\n\u003Cli>👁️️ Live preview\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>NowButtons PRO\u003C\u002Fh3>\n\u003Cp>We also offer a paid version of NowButtons which you can try 14 days for free!\u003C\u002Fp>\n\u003Cp>The PRO plan offers the following extras:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🧳 Create 100 unique buttons\u003C\u002Fli>\n\u003Cli>🤹🏽 Multiple buttons on a page\u003C\u002Fli>\n\u003Cli>🌼 Button templates\u003C\u002Fli>\n\u003Cli>💬 Live chat (beta)\u003C\u002Fli>\n\u003Cli>💬 WhatsApp chat window\u003C\u002Fli>\n\u003Cli>💬 Live Chat (beta)\u003C\u002Fli>\n\u003Cli>🗓️ Meeting Scheduler (coming soon)\u003C\u002Fli>\n\u003Cli>💬 Messenger Chat Widget\u003C\u002Fli>\n\u003Cli>🗂️ Multi action buttons\u003C\u002Fli>\n\u003Cli>🕘 Scheduler: create a weekly schedule for your buttons\u003C\u002Fli>\n\u003Cli>🎯 Advanced rules to decide where buttons should appear\u003C\u002Fli>\n\u003Cli>👋 Add extra attention grabbing animations\u003C\u002Fli>\n\u003Cli>🎨 Icon picker\u003C\u002Fli>\n\u003Cli>👽 3rd party integrations\u003C\u002Fli>\n\u003Cli>✨ Slide-in Content Windows\u003C\u002Fli>\n\u003Cli>📷 Use custom images on buttons\u003C\u002Fli>\n\u003Cli>🌍 Include and exclude countries\u003C\u002Fli>\n\u003Cli>\u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">↕\u003C\u002Fspan>️ Appear after scrolling\u003C\u002Fli>\n\u003Cli>🔌 Intercom integration\u003C\u002Fli>\n\u003C\u002Ful>\n","The web's #1 click to call button for your website! A simple and powerful plugin that adds a Call Now Button to your website.",200000,6779904,96,101,"2026-02-06T11:44:00.000Z","6.9.4","6.1","7.4",[20,21,22,23,24],"https:\u002F\u002Fcallnowbutton.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcall-now-button.2.0.0.zip",95,5,"2025-10-29 00:01:50",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":28,"downloaded":67,"rating":28,"num_ratings":28,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":73,"download_link":74,"security_score":75,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"call-center-online","Call Me Button for Call Center Online","1.0.3","Call Center Online","https:\u002F\u002Fprofiles.wordpress.org\u002Fcallcenteronline\u002F","\u003Ch3>What is this plugin for?\u003C\u002Fh3>\n\u003Cp>The plugin allows for integration via the API interface\u003Cbr \u002F>\nwith the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fcallcenteronline.pl\" rel=\"nofollow ugc\">Call Center Online\u003C\u002Fa>\u003C\u002Fstrong> platform.\u003C\u002Fp>\n\u003Ch3>How to configure the plugin?\u003C\u002Fh3>\n\u003Cp>The plug-in is configured in the Administration Panel (Settings > Call Center Online).\u003Cbr \u002F>\nFirst, you must enter the API access data. You will get this information from your commercial supervisor.\u003Cbr \u002F>\nYou can also enter all texts, button names and color.\u003C\u002Fp>\n\u003Ch3>Instalation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>From the WordPress Dashboard, go to “Plugins” > “Add New” and search for “Call Center Online”.\u003C\u002Fli>\n\u003Cli>Click “Install” under the “Call Center Online” plug-in.\u003C\u002Fli>\n\u003Cli>Click “Enable”\u003C\u002Fli>\n\u003Cli>Go to “Settings” > “Call Center Online” and fill in all the fields.\u003C\u002Fli>\n\u003Cli>Click “Save” and you’re done!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>or\u003C\u002Fp>\n\u003Col>\n\u003Cli>Download the “call-center-online” folder to the \u002Fwp-content\u002Fplugins-directory.\u003C\u002Fli>\n\u003Cli>Activate the plugin in the “Plugins” menu in WordPress.\u003C\u002Fli>\n\u003Cli>Go to “Settings” > “Call Center Online” and fill in all the fields.\u003C\u002Fli>\n\u003Cli>Click “Save” and you’re done!\u003C\u002Fli>\n\u003C\u002Fol>\n","A simple-to-use plugin that works with the Call Center Online platform. Adds a button to collect contacts on your website.",1077,"2021-05-10T14:11:00.000Z","5.7.15","4.9",[20,72,21,22,23],"call-me","https:\u002F\u002Fcallcenteronline.pl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcall-center-online.1.0.3.zip",85,{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":94,"download_link":95,"security_score":75,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"really-simple-click-to-call","Really Simple Click To Call Bar","1.0.6","Joe Nickdow","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoe-nickdow\u002F","\u003Cp>This plugin adds a customizable click to call bar\u002Fcall now button to the bottom of the window for mobile users. It will allow users to easily call you from their phone. It automatically adds events if you’re using Google Analytics Universal.\u003C\u002Fp>\n\u003Cp>Perfect for small businesses like restaurants, retail stores or any lead generation that relies on phone calls.\u003C\u002Fp>\n","A simple plugin that adds a click to call bar\u002Fcall now button for mobile visitors.",8000,47592,90,11,"2019-05-31T16:49:00.000Z","5.2.24","4.0.0",[20,92,21,22,93],"call-now","click-to-call-bar","http:\u002F\u002Fjoenickdow.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freally-simple-click-to-call.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":114,"download_link":115,"security_score":75,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"floating-click-to-contact-buttons","Floating Click to Contact Buttons","1.0","nhan772000","https:\u002F\u002Fprofiles.wordpress.org\u002Fnhan772000\u002F","\u003Cp>Đây là Plugin tạo các nút liên hệ tất cả chỉ trong một. Bao gồm nút Gọi ngay, nút chat zalo, nút chat messenger, nút để lại thông tin tư vấn, nút chỉ đường, nút tawkto. Ẩn các nút khi bấm vào mới hiện ra, hiệu ứng mượt. Trình bày gọn gàng.\u003C\u002Fp>\n\u003Cp>Chúng ta có thể thay đổi số điện thoại gọi đến, chữ trên nút gọi.\u003Cbr \u002F>\nCopy và Dán Mã code của TawkTo vào ổ Tawkto Code để hiện ra Chat TawkTo.\u003Cbr \u002F>\nCopy tên rút gọn của Fanpage Facebook vào ô Page ID để có chức năng Chat Messenger. Ví dụ: https:\u002F\u002Ffacebook.com\u002Fabc. Bạn ghi vào ô Page ID: abc.\u003Cbr \u002F>\nGhi số điện thoại Zalo để chức năng Chat Zalo hoạt động.\u003Cbr \u002F>\nCopy đường toàn bộ Link Google Map để liên kết đến Google Map. Ví dụ: https:\u002F\u002Fwww.google.com\u002Fmaps\u002Fplace\u002FMevivu+Technology\u002F@10.8397441,106.6471742,15z\u002Fdata=!4m2!3m1!1s0x0:0x73a2be67d900f176?sa=X&ved=2ahUKEwj16sflk-7mAhVX6nMBHZz6AdoQ_BIwDXoECAoQCA. Để có được đường link này bạn vào Google Map và Search như bình thường, sau đó Copy đường link sau khi đã search.\u003Cbr \u002F>\nĐể chức năng Để lại thông tin tư vấn hoạt động. Ta cần phải Cài Contact Form 7. Sau đó vào tạo 1 Form liên hệ và lấy Shortcode ghi vào ô Shortcode Contact Form 7.\u003Cbr \u002F>\nNếu ô nào trống thì nút đó sẽ không hiện ra.\u003C\u002Fp>\n","Tạo các nút gọi, nút chat Zalo, nút Chat messenger, nút để lại thông tin để tư vấn, nút chỉ đường. Trình bày các nút đẹp mắt ở góc phải dưới màn hình, &hellip;",2000,34152,86,4,"2020-01-10T05:32:00.000Z","5.3.21","3.5",[20,21,112,22,113],"call-to-action","quick-call-button","https:\u002F\u002Fmevivu.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffloating-click-to-contact-buttons.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":27,"num_ratings":33,"last_updated":126,"tested_up_to":50,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":18,"download_link":131,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"mobile-call-buttons","Mobile Call Buttons","1.0.5","Magnathorax","https:\u002F\u002Fprofiles.wordpress.org\u002Fmagnathorax\u002F","\u003Cp>Mobile Call Buttons is a lightweight WordPress plugin that displays two fixed call buttons on every mobile page, making it easy for visitors to get in touch instantly. Customize each button with your own text, color, icon (choose from a set of preset icons or upload your own), and link (tel, https, mailto, etc.) to match your brand and boost conversions.\u003C\u002Fp>\n\u003Cp>Designed with ease-of-use in mind, the plugin provides an intuitive admin interface that lets you configure the buttons in just a few clicks. By offering immediate access to contact options, Mobile Call Buttons helps drive engagement and improve conversion rates, ensuring that your mobile visitors take action.\u003C\u002Fp>\n\u003Cp>Fully responsive and compatible with any WordPress theme, Mobile Call Buttons is the perfect solution to enhance your site’s mobile experience and increase your overall conversion performance.\u003C\u002Fp>\n","Lightweight plugin that displays two fixed call buttons on mobile devices to boost conversions.",300,1535,"2025-12-04T05:52:00.000Z","5.5",[20,22,23,129,130],"phone","whatsapp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmobile-call-buttons.1.0.5.zip",{"attackSurface":133,"codeSignals":171,"taintFlows":186,"riskAssessment":226,"analyzedAt":239},{"hooks":134,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":28,"unprotectedCount":28},[135,141,144,146,149,152,155,157,159,162,164],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","plugins_loaded","anonymous","includes\\class-call-from-web.php",145,{"type":136,"name":142,"callback":138,"file":139,"line":143},"admin_enqueue_scripts",161,{"type":136,"name":142,"callback":138,"file":139,"line":145},162,{"type":136,"name":147,"callback":138,"file":139,"line":148},"admin_notices",164,{"type":136,"name":150,"callback":138,"file":139,"line":151},"admin_init",166,{"type":136,"name":153,"callback":138,"file":139,"line":154},"wp_loaded",168,{"type":136,"name":153,"callback":138,"file":139,"line":156},169,{"type":136,"name":153,"callback":138,"file":139,"line":158},170,{"type":136,"name":160,"callback":138,"file":139,"line":161},"wp_enqueue_scripts",185,{"type":136,"name":160,"callback":138,"file":139,"line":163},186,{"type":136,"name":165,"callback":138,"file":139,"line":166},"wp_footer",188,[],[],[],[],{"dangerousFunctions":172,"sqlUsage":173,"outputEscaping":175,"fileOperations":28,"externalRequests":33,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":185},[],{"prepared":28,"raw":28,"locations":174},[],{"escaped":28,"rawEcho":176,"locations":177},2,[178,182],{"file":179,"line":180,"context":181},"admin\\class-call-from-web-admin.php",136,"raw output",{"file":183,"line":184,"context":181},"public\\class-call-from-web-public.php",122,[],[187,215],{"entryPoint":188,"graph":189,"unsanitizedCount":14,"severity":214},"store_pairing_token_and_redirect (admin\\class-call-from-web-admin.php:180)",{"nodes":190,"edges":210},[191,196,202,206],{"id":192,"type":193,"label":194,"file":179,"line":195},"n0","source","$_GET (x2)",191,{"id":197,"type":198,"label":199,"file":179,"line":200,"wp_function":201},"n1","sink","update_option() [Settings Manipulation]",194,"update_option",{"id":203,"type":193,"label":204,"file":179,"line":205},"n2","$_GET['continue_to']",197,{"id":207,"type":198,"label":208,"file":179,"line":205,"wp_function":209},"n3","wp_redirect() [Open Redirect]","wp_redirect",[211,213],{"from":192,"to":197,"sanitized":212},false,{"from":203,"to":207,"sanitized":212},"medium",{"entryPoint":216,"graph":217,"unsanitizedCount":14,"severity":214},"\u003Cclass-call-from-web-admin> (admin\\class-call-from-web-admin.php:0)",{"nodes":218,"edges":223},[219,220,221,222],{"id":192,"type":193,"label":194,"file":179,"line":195},{"id":197,"type":198,"label":199,"file":179,"line":200,"wp_function":201},{"id":203,"type":193,"label":204,"file":179,"line":205},{"id":207,"type":198,"label":208,"file":179,"line":205,"wp_function":209},[224,225],{"from":192,"to":197,"sanitized":212},{"from":203,"to":207,"sanitized":212},{"summary":227,"deductions":228},"The 'call-from-web' plugin v4.0.3 exhibits a generally good security posture concerning direct attack vectors and traditional vulnerabilities. The static analysis reveals no AJAX handlers, REST API routes, shortcodes, or cron events, resulting in zero entry points. Furthermore, there are no identified dangerous functions or SQL queries that are not using prepared statements. The plugin also has no recorded CVEs, indicating a history of secure development or diligent patching.\n\nHowever, the analysis highlights significant concerns regarding output escaping and taint analysis. With 100% of its outputs not properly escaped and two flows identified with unsanitized paths, there's a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce checks and capability checks on any potential, albeit currently undiscovered, entry points further compounds this risk. The presence of an external HTTP request also warrants attention, as it could be a vector for further compromise if not handled securely.\n\nIn conclusion, while the plugin avoids common attack surfaces and has a clean vulnerability history, the unescaped outputs and unsanitized taint flows represent critical weaknesses. These issues could be exploited to inject malicious scripts or manipulate plugin behavior, potentially leading to data theft or site defacement. The lack of explicit authentication checks for any potential future entry points is also a concern for future extensibility.",[229,232,235,237],{"reason":230,"points":231},"Output escaping is not implemented",6,{"reason":233,"points":234},"Taint flows with unsanitized paths",12,{"reason":236,"points":57},"No nonce checks",{"reason":238,"points":57},"No capability checks","2026-03-17T01:23:34.734Z",{"wat":241,"direct":256},{"assetPaths":242,"generatorPatterns":247,"scriptPaths":248,"versionParams":251},[243,244,245,246],"\u002Fwp-content\u002Fplugins\u002Fcall-from-web\u002Fcss\u002Fcall-from-web-admin.css","\u002Fwp-content\u002Fplugins\u002Fcall-from-web\u002Fjs\u002Fcall-from-web-admin.js","\u002Fwp-content\u002Fplugins\u002Fcall-from-web\u002Fjs\u002Fcall-from-web.js","\u002Fwp-content\u002Fplugins\u002Fcall-from-web\u002Fcss\u002Fcall-from-web.css",[],[249,250],"js\u002Fcall-from-web-admin.js","js\u002Fcall-from-web.js",[252,253,254,255],"call-from-web-admin.css?ver=","call-from-web-admin.js?ver=","call-from-web.js?ver=","call-from-web.css?ver=",{"cssClasses":257,"htmlComments":259,"htmlAttributes":260,"restEndpoints":266,"jsGlobals":267,"shortcodeOutput":269},[258],"cfw-button",[],[261,262,263,264,265],"data-cfw-button-id","data-cfw-widget-id","data-cfw-company-id","data-cfw-caller-id","data-cfw-widget-url",[],[268],"call_from_web_data",[]]