[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVNItGAnzmB2TnYe30EUaXxEV6QtxoSSWhXlYxK6ekeo":3,"$f-PtG260Y1k1QipZwFm9EFQg7jnPHw59aOtYHIzo2PIo":293,"$fo1Z4wPq5LIxbvhQkOfDTcrHGTZ4g2rb2NnI0n8ohFL4":297},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":64,"crawl_stats":36,"alternatives":72,"analysis":169,"fingerprints":262},"catch-dark-mode","Catch Dark Mode","2.2","Catch Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcatchthemes\u002F","\u003Cp>Catch Dark Mode is a Free Dark Mode WordPress plugin that allows you to enable the dark mode option on your WordPress site for your visitors. Your website will look absolutely gorgeous with the available dark and bold color schemes in Catch Dark Mode. The plugin comes with a handful of crucial customization options to make your site extra aesthetic with the dark mode. Features such as 3 different prebuilt ready-to-apply Color Schemes, Floating Switch, OS Awareness, 3 Switch Style Options, 2 Switch Position, and more are available in Catch Dark Mode. Moreover, you have the option to enable the dark mode on your site by default once you install and active the Catch Dark Mode plugin. Also, the plugin adds a responsive floating dark mode switch button on your site that allows your users to click and enable the dark mode version of your site according to their preference. Moreover, you can also enable dark mode by default as well. With all the amazing quick features included, Catch Dark Mode is the ultimate answer if you want to revamp your site with an aesthetic dark version and provide an eye-pleasing user experience. Activate the dark mode for your site with Catch Dark Mode!\u003C\u002Fp>\n","Catch Dark Mode is a Free Dark Mode WordPress plugin that allows you to enable the dark mode option on your WordPress site for your visitors.",20,10528,0,"2026-01-26T15:01:00.000Z","6.9.4","5.9","",[19,20,21,22],"color","css","dark","mode","https:\u002F\u002Fcatchplugins.com\u002Fplugins\u002Fcatch-dark-mode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.2.2.zip",95,2,"2025-09-16 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[31,49],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":27,"updated_date":43,"references":44,"days_to_patch":46,"patch_diff_files":47,"patch_trac_url":36,"research_status":36,"research_verified":48,"research_rounds_completed":13,"research_plan":36,"research_summary":36,"research_vulnerable_code":36,"research_fix_diff":36,"research_exploit_outline":36,"research_model_used":36,"research_started_at":36,"research_completed_at":36,"research_error":36,"poc_status":36,"poc_video_id":36,"poc_summary":36,"poc_steps":36,"poc_tested_at":36,"poc_wp_version":36,"poc_php_version":36,"poc_playwright_script":36,"poc_exploit_code":36,"poc_has_trace":48,"poc_model_used":36,"poc_verification_depth":36},"CVE-2025-10143","catch-dark-mode-authenticated-contributor-local-file-inclusion","Catch Dark Mode \u003C= 2.0 - Authenticated (Contributor+) Local File Inclusion","The Catch Dark Mode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0 via the 'catch_dark_mode' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.",null,"\u003C=2.0","2.0.1","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2025-09-17 01:49:15",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F46776cd5-5262-46ea-b56c-0cbf2b9ae43d?source=api-prod",1,[],false,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":36,"affected_versions":54,"patched_in_version":55,"severity":39,"cvss_score":56,"cvss_vector":57,"vuln_type":42,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62,"patch_diff_files":63,"patch_trac_url":36,"research_status":36,"research_verified":48,"research_rounds_completed":13,"research_plan":36,"research_summary":36,"research_vulnerable_code":36,"research_fix_diff":36,"research_exploit_outline":36,"research_model_used":36,"research_started_at":36,"research_completed_at":36,"research_error":36,"poc_status":36,"poc_video_id":36,"poc_summary":36,"poc_steps":36,"poc_tested_at":36,"poc_wp_version":36,"poc_php_version":36,"poc_playwright_script":36,"poc_exploit_code":36,"poc_has_trace":48,"poc_model_used":36,"poc_verification_depth":36},"CVE-2025-32154","catch-dark-mode-authenticated-contributor-local-file-inclusion-2","Catch Dark Mode \u003C= 2.0.1 - Authenticated (Contributor+) Local File Inclusion","The Catch Dark Mode plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.1. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.","\u003C=2.0.1","2.1",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","2025-04-04 00:00:00","2026-01-07 14:38:18",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6de6e95b-3ea3-4078-96cc-687d4f1191e8?source=api-prod",279,[],{"slug":65,"display_name":7,"profile_url":8,"plugin_count":66,"total_installs":67,"avg_security_score":68,"avg_patch_time_days":69,"trust_score":70,"computed_at":71},"catchthemes",156,226230,100,251,79,"2026-05-20T06:54:57.306Z",[73,94,113,133,153],{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":13,"downloaded":81,"rating":13,"num_ratings":13,"last_updated":82,"tested_up_to":15,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":91,"download_link":92,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":93},"color-theme-manager-for-divi","Color Theme Manager for Divi","1.3.10","divinous","https:\u002F\u002Fprofiles.wordpress.org\u002Fdivinous\u002F","\u003Cp>\u003Cstrong>Looking for a Divi Dark Mode solution or a way to manage Divi Colors from WordPress dashboard?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Color Theme Manager for Divi is the missing link for your design workflow. It provides a centralized dashboard to generate \u003Cstrong>Divi Color Palettes\u003C\u002Fstrong>, ensure \u003Cstrong>Divi Accessibility\u003C\u002Fstrong> compliance, and manage your Global Colors without opening the Visual Builder.\u003C\u002Fp>\n\u003Cp>Whether you need to fix a messy palette or generate a complete \u003Cstrong>Divi Dark Mode\u003C\u002Fstrong> theme, this plugin gives you total control.\u003C\u002Fp>\n\u003Cp>It allows you to add, edit, drag-and-drop reorder, re-activate, and safely delete global colors from one convenient screen.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✨ What You Get in the FREE Version\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Centralized Divi Colors:\u003C\u002Fstrong> A “single source of truth” to see and edit your entire Global Color Palette.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full CRUD Control:\u003C\u002Fstrong> Add new colors, edit existing ones (including their ID\u002Fslug), and organize your system.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Drag & Drop Reordering:\u003C\u002Fstrong> Instantly re-order your \u003Cstrong>Divi Color Palettes\u003C\u002Fstrong> just by dragging.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe Deletion & Reactivation:\u003C\u002Fstrong> “Soft-delete” (deactivae) colors that are in use, or permanently delete unused colors. Accidentally deleted a color in Divi? Reactivate it here!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save Divi Color Palettes (Snapshots):\u003C\u002Fstrong> Save your entire \u003Cem>current\u003C\u002Fem> color configuration as a “Palette” snapshot to restore at any time. Ideal for testing seasonal schemes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-Click Copy:\u003C\u002Fstrong> Instantly copy HEX, HSL, or RGB color values to your clipboard.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🚀 Go PRO for Divi Dark Mode & Accessibility\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>Premium version\u003C\u002Fstrong> turns this manager into a Theme Generator and \u003Cstrong>Divi Accessibility\u003C\u002Fstrong> tool. Learn more at \u003Ca href=\"https:\u002F\u002Fdivinous.com\" rel=\"nofollow ugc\">divinous.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Divi Dark Mode Generator:\u003C\u002Fstrong> Automatically create and switch between \u003Cstrong>Light, Dark, and Mixed Mode\u003C\u002Fstrong> themes using smart variables.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Color Palettes:\u003C\u002Fstrong> Create an entire theme (50+ colors) from a \u003Cem>single brand color\u003C\u002Fem> via \u003Ccode>websitestylekit.com\u003C\u002Fcode> integration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Preview & Mode Switcher:\u003C\u002Fstrong> Test your new themes in a live preview and add a front-end toggle so users can switch between Mixed, Light and \u003Cstrong>Divi Dark Mode\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Divi Accessibility Checker:\u003C\u002Fstrong> Automatically checks your palettes for WCAG contrast ratio problems to ensure ADA compliance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Import\u002FExport:\u003C\u002Fstrong> Backup and migrate your \u003Cstrong>Divi Colors\u003C\u002Fstrong> settings and palettes to any other site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Trademark Notice\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is an independent, third-party add-on for the Divi theme. It is not affiliated with, endorsed, or supported by Elegant Themes, Inc., the creators of Divi.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fgallery\u002Fdivi\u002F\" rel=\"nofollow ugc\">Divi\u003C\u002Fa> is a registered trademark of \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002F\" rel=\"nofollow ugc\">Elegant Themes, Inc\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Special Thanks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A special thanks to \u003Cstrong>Rino de Boer\u003C\u002Fstrong>, the creator of \u003Ca href=\"https:\u002F\u002Fwebsitestylekit.com\" rel=\"nofollow ugc\">websitestylekit.com\u003C\u002Fa>, for his fantastic color palette generator which inspired the premium theme generation feature.\u003C\u002Fp>\n","The ultimate manager for Divi Colors. Create accessible Divi Color Palettes, generate Divi Dark Mode themes, and fix WCAG contrast issues.",197,"2025-12-20T15:24:00.000Z","6.6","7.4",[86,87,88,89,90],"color-palette","dark-mode","divi","global-colors","theme-generator","https:\u002F\u002Fdivinous.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcolor-theme-manager-for-divi.1.3.10.zip","2026-03-15T15:16:48.613Z",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":13,"downloaded":102,"rating":68,"num_ratings":46,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":17,"tags":106,"homepage":111,"download_link":112,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":28},"customizable-dark-mode-toggle","Customizable Dark Mode Toggle","1.0.0","Kayyum Halai","https:\u002F\u002Fprofiles.wordpress.org\u002Fkayyumhalai\u002F","\u003Cp>Adds a Customizable Dark Mode Toggle for site visitors. Improve accessibility and user experience with a simple toggle button, user preference saving, and custom color schemes.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Toggle dark mode on the frontend\u003C\u002Fli>\n\u003Cli>Save user preference (localStorage)\u003C\u002Fli>\n\u003Cli>Customizable dark and button colors\u003C\u002Fli>\n\u003Cli>Custom CSS for dark mode\u003C\u002Fli>\n\u003Cli>Accessible toggle button\u003C\u002Fli>\n\u003C\u002Ful>\n","Simple Customizable Dark Mode Toggle with customizable colors and user preference saving.",303,"2025-09-01T18:20:00.000Z","6.8.5","5.0",[107,108,87,109,110],"accessibility","color-scheme","frontend","toggle","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustomizable-dark-mode-toggle\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomizable-dark-mode-toggle.1.0.0.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":13,"downloaded":121,"rating":68,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":17,"download_link":130,"security_score":131,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":132},"dark-mode-block","Dark Mode Block","0.1.1","Erik","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodekraft\u002F","\u003Cp>Dark Mode Block is a simple yet powerful WordPress block plugin that allows you to enable dark mode for your website, enhancing readability and reducing eye strain without altering your website’s colors. Give your users the flexibility to switch between light and dark modes seamlessly.\u003Cbr \u002F>\nDesigned to be lightweight and efficient the whole frontend script weights less than half of a kb gzipped 😉\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n– Toggle dark mode with a user-friendly icon.\u003Cbr \u002F>\n– Preserve your website’s color scheme while improving readability in low-light environments.\u003Cbr \u002F>\n– Enhanced user experience with reduced eye strain.\u003Cbr \u002F>\n– Customizable\u003C\u002Fp>\n\u003Cp>Make your website more accessible and user-friendly by offering a dark mode option. With Dark Mode Block, your users can enjoy your content without compromising on aesthetics.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>After activating the plugin, add the “Dark Mode” block to your WordPress page or post editor.\u003C\u002Fli>\n\u003Cli>Publish or update your content.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Customization\u003C\u002Fh3>\n\u003Cp>Unleash your creativity! This block is designed to be fully customizable graphically, and since it’s entirely CSS-based, it’s straightforward for anyone to modify and adapt it according to their own taste or template.\u003C\u002Fp>\n\u003Cp>You even have control over how the dark mode is applied! Currently, I’ve applied an invert filter on the background as I don’t know the variables in your template.\u003Cbr \u002F>\nHowever, you have the flexibility to make it even better by setting the text color as the background and vice versa.\u003C\u002Fp>\n\u003Cp>Here’s how to do it:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Add the following code to your functions.php file.\u003C\u002Fli>\n\u003Cli>Edit the $custom_css in order to fit your preferences\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>First dequeue the current style in this way:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_action( 'wp_enqueue_scripts', function () {\n    \u002F** dequeue the default dark mode *\u002F\n    wp_dequeue_style( 'codekraft-dark-mode-style' );\n}, 9 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Then add yours!\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_action( 'wp_head', function () {\n    \u002F** @var {string} $custom_css - your custom css for the dark mode *\u002F\n    $custom_css = \"html.dark-mode body {\n        --wp--preset--color--background: #232323;\n        --wp--preset--color--foreground: #f3f3f3;\n    }\n    .dark-mode-switch::before {\n        width: 1.6rem;\n        cursor: pointer;\n        display: flex;\n        font-size: 1.6rem;\n        line-height: 1.6rem;\n        content: '🌞'\n    }\n    .dark-mode .dark-mode-switch::before {\n        content: '🌚'\n    }\";\n    echo \"\u003Cstyle id='dark-mode-custom'>$custom_css\u003C\u002Fstyle>\";\n}, 20 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Please support the plugin posting your custom style and a screenshot in the WordPress support forum section!\u003C\u002Fp>\n","Dark Mode Block is a simple yet powerful WordPress block plugin that allows you to enable dark mode for your website, enhancing readability and reduci &hellip;",2588,4,"2024-03-06T20:05:00.000Z","6.4.8","5.7","5.6",[128,20,87,129],"block","theme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdark-mode-block.0.1.1.zip",85,"2026-04-06T09:54:40.288Z",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":13,"downloaded":141,"rating":13,"num_ratings":13,"last_updated":142,"tested_up_to":143,"requires_at_least":144,"requires_php":145,"tags":146,"homepage":151,"download_link":152,"security_score":131,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":132},"darkmode-ga","gaplugin-darkmode","0.01.00.00","GAUTIER Antoine","https:\u002F\u002Fprofiles.wordpress.org\u002Fgautierantoine\u002F","\u003Cp>After installing the plugin.\u003Cbr \u002F>\nYou’ll have a new menu in your admin page “GAPlugin”.\u003Cbr \u002F>\nIt will have a “darkmode” menu.\u003Cbr \u002F>\nHere you’ll be able to activate a test affecting the body of your website.\u003C\u002Fp>\n\u003Cp>You’ll be able to modify your CSS (Cascade Style Sheet) to manage your darktheme:\u003Cbr \u002F>\n– for the light theme :root\u003Cbr \u002F>\n– for the dark theme [data-theme=”dark”]\u003Cbr \u002F>\nYou can take a look in the test mode to see how to use it.\u003C\u002Fp>\n\u003Cp>You just have to use the shortcode in your theme to display the checkbox for the darkmode.\u003Cbr \u002F>\nHere is the shortcode to use: [GAP-darkmode]\u003C\u002Fp>\n\u003Cp>Enjoy !\u003Cbr \u002F>\nTake a look at my website \u003Ca href=\"https:\u002F\u002Fgautierantoine.com\" rel=\"nofollow ugc\">GautierAntoine.com\u003C\u002Fa>\u003C\u002Fp>\n","Use a shortcode to create a light\u002Fdark mode.",4603,"2021-02-06T00:19:00.000Z","5.6.17","5.2","7.2",[147,21,148,149,150],"colors","darkmode","light","navigation","https:\u002F\u002Fgithub.com\u002FGautier-Antoine\u002Fgaplugin-darkmode","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdarkmode-ga.0.01.00.00.zip",{"slug":154,"name":155,"version":156,"author":157,"author_profile":158,"description":159,"short_description":160,"active_installs":13,"downloaded":161,"rating":13,"num_ratings":13,"last_updated":162,"tested_up_to":104,"requires_at_least":163,"requires_php":84,"tags":164,"homepage":167,"download_link":168,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":28},"easy-dark-mode","Easy Dark Mode","1.0.2","pencilwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fpencilwp\u002F","\u003Cp>Easy Dark Mode adds a floating toggle button to your WordPress website that allows visitors to switch between light and dark modes with just one click.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>One-click toggle between light and dark modes\u003C\u002Fli>\n\u003Cli>Customizable toggle button position (top-left, top-right, bottom-left, bottom-right)\u003C\u002Fli>\n\u003Cli>Multiple toggle button styles (circle, square, pill)\u003C\u002Fli>\n\u003Cli>Option to remember user preference between visits\u003C\u002Fli>\n\u003Cli>Default mode settings (light, dark, or auto based on system preference)\u003C\u002Fli>\n\u003Cli>Lightweight with minimal impact on page load speed\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme\u003C\u002Fli>\n\u003Cli>No configuration needed – works out of the box\u003C\u002Fli>\n\u003Cli>Admin settings page for customization\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a one-click dark mode toggle to your WordPress website - simple, lightweight, and customizable.",212,"2025-10-15T20:34:00.000Z","6.0",[108,87,165,166,110],"dark-theme","night-mode","https:\u002F\u002Fpencilwp.com\u002Fproduct\u002Feasy-dark-mode","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-dark-mode.1.0.2.zip",{"attackSurface":170,"codeSignals":237,"taintFlows":252,"riskAssessment":253,"analyzedAt":261},{"hooks":171,"ajaxHandlers":222,"restRoutes":229,"shortcodes":230,"cronEvents":235,"entryPointCount":236,"unprotectedCount":26},[172,178,181,183,186,189,193,196,199,201,203,206,209,214,217],{"type":173,"name":174,"callback":175,"file":176,"line":177},"action","plugins_loaded","anonymous","includes\\class-dark-mode.php",138,{"type":173,"name":179,"callback":175,"file":176,"line":180},"admin_enqueue_scripts",152,{"type":173,"name":179,"callback":175,"file":176,"line":182},153,{"type":173,"name":184,"callback":175,"file":176,"line":185},"admin_menu",155,{"type":173,"name":187,"callback":175,"file":176,"line":188},"admin_init",157,{"type":190,"name":191,"callback":175,"file":176,"line":192},"filter","plugin_action_links",159,{"type":190,"name":194,"callback":175,"file":176,"line":195},"plugin_row_meta",161,{"type":173,"name":197,"callback":175,"file":176,"line":198},"wp_enqueue_scripts",176,{"type":173,"name":197,"callback":175,"file":176,"line":200},177,{"type":173,"name":197,"callback":175,"file":176,"line":202},179,{"type":173,"name":204,"callback":175,"file":176,"line":205},"wp_footer",184,{"type":190,"name":207,"callback":175,"file":176,"line":208},"language_attributes",188,{"type":190,"name":210,"callback":211,"file":212,"line":213},"jetpack_implode_frontend_css","__return_false","includes\\jetpack-compatibility.php",8,{"type":173,"name":204,"callback":215,"priority":68,"file":212,"line":216},"catch_inifite_scroll_remove_jetpack_styles",17,{"type":173,"name":218,"callback":219,"file":220,"line":221},"admin_notices","closure","plugin.php",147,[223,226],{"action":224,"nopriv":48,"callback":175,"hasNonce":48,"hasCapCheck":48,"file":176,"line":225},"dynamic_css",180,{"action":224,"nopriv":227,"callback":175,"hasNonce":48,"hasCapCheck":48,"file":176,"line":228},true,181,[],[231],{"tag":232,"callback":233,"file":220,"line":234},"catch_dark_mode","render_switch",83,[],3,{"dangerousFunctions":238,"sqlUsage":239,"outputEscaping":241,"fileOperations":13,"externalRequests":13,"nonceChecks":26,"capabilityChecks":46,"bundledLibraries":251},[],{"prepared":13,"raw":13,"locations":240},[],{"escaped":242,"rawEcho":26,"locations":243},104,[244,248],{"file":245,"line":246,"context":247},"admin\\partials\\dashboard.php",186,"raw output",{"file":249,"line":250,"context":247},"public\\class-public.php",165,[],[],{"summary":254,"deductions":255},"The \"catch-dark-mode\" v2.2 plugin exhibits a mixed security posture.  On the positive side, it demonstrates good practices in handling SQL queries exclusively with prepared statements and a very high percentage of properly escaped output, which significantly reduces the risk of common web vulnerabilities like SQL injection and cross-site scripting.  The absence of file operations and external HTTP requests further strengthens its security profile.\n\nHowever, there are notable areas of concern. The plugin has two AJAX handlers, and critically, both lack authentication checks. This presents a significant attack surface, as any unauthenticated user could potentially trigger these handlers, leading to unintended actions or information disclosure if not carefully implemented. The presence of two known high-severity vulnerabilities in its history, specifically related to \"Improper Control of the Filename for Include\u002FRequire Statement\" (PHP Remote File Inclusion), is a major red flag. While currently unpatched CVEs are zero, this historical pattern suggests a past susceptibility to critical vulnerabilities that could be exploited if a similar flaw is reintroduced in future versions or if the identified vulnerabilities were in fact severe and had significant impact.\n\nIn conclusion, while the plugin has strengths in its database and output handling, the lack of authentication on AJAX endpoints and the history of severe RFI vulnerabilities necessitate caution. The potential for an attacker to interact with critical functionality without proper authorization poses a direct and immediate risk. The historical vulnerability pattern, even if currently patched, indicates a potential for critical security flaws within the codebase that require ongoing vigilance. Further investigation into the specifics of past vulnerabilities and a thorough review of the unauthenticated AJAX handlers would be highly recommended.",[256,259],{"reason":257,"points":258},"Unprotected AJAX handlers found",10,{"reason":260,"points":11},"History of 2 high severity RFI vulnerabilities","2026-03-16T22:38:53.532Z",{"wat":263,"direct":275},{"assetPaths":264,"generatorPatterns":269,"scriptPaths":270,"versionParams":272},[265,266,267,268],"\u002Fwp-content\u002Fplugins\u002Fcatch-dark-mode\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fcatch-dark-mode\u002Fassets\u002Fcss\u002Fcatch-dark-mode.css","\u002Fwp-content\u002Fplugins\u002Fcatch-dark-mode\u002Fassets\u002Fjs\u002Fcatch-dark-mode.js","\u002Fwp-content\u002Fplugins\u002Fcatch-dark-mode\u002Fassets\u002Fjs\u002Fcatch-dark-mode-admin.js",[],[271],"https:\u002F\u002Fcatchplugins.com\u002Fplugins\u002Fcatch-dark-mode\u002Fassets\u002Fjs\u002Fcatch-dark-mode.js",[273,274],"catch-dark-mode\u002Fassets\u002Fcss\u002Fcatch-dark-mode.css?ver=","catch-dark-mode\u002Fassets\u002Fjs\u002Fcatch-dark-mode.js?ver=",{"cssClasses":276,"htmlComments":281,"htmlAttributes":284,"restEndpoints":287,"jsGlobals":288,"shortcodeOutput":291},[277,278,279,280],"catch-dark-mode-toggle","dark-mode-active","catch-dark-mode-wrap","catch-dark-mode-floating",[282,283],"\u003C!-- Catch Dark Mode Floating Switch -->","\u003C!-- Catch Dark Mode Admin Settings -->",[285,286],"data-catch-dark-mode-floating-switch","data-catch-dark-mode-position",[],[289,290],"catch_dark_mode_admin_params","catch_dark_mode_params",[292],"[catch_dark_mode]",{"error":227,"url":294,"statusCode":295,"statusMessage":296,"message":296},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcatch-dark-mode\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":258,"versions":298},[299,304,310,317,326,335,344,353,362,371],{"version":6,"download_url":24,"svn_tag_url":300,"released_at":36,"has_diff":48,"diff_files_changed":301,"diff_lines":36,"trac_diff_url":302,"vulnerabilities":303,"is_current":227},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F2.1&new_path=%2Fcatch-dark-mode%2Ftags%2F2.2",[],{"version":55,"download_url":305,"svn_tag_url":306,"released_at":36,"has_diff":48,"diff_files_changed":307,"diff_lines":36,"trac_diff_url":308,"vulnerabilities":309,"is_current":48},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F2.0.1&new_path=%2Fcatch-dark-mode%2Ftags%2F2.1",[],{"version":38,"download_url":311,"svn_tag_url":312,"released_at":36,"has_diff":48,"diff_files_changed":313,"diff_lines":36,"trac_diff_url":314,"vulnerabilities":315,"is_current":48},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.2.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F2.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F2.0&new_path=%2Fcatch-dark-mode%2Ftags%2F2.0.1",[316],{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55},{"version":318,"download_url":319,"svn_tag_url":320,"released_at":36,"has_diff":48,"diff_files_changed":321,"diff_lines":36,"trac_diff_url":322,"vulnerabilities":323,"is_current":48},"2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F1.2.1&new_path=%2Fcatch-dark-mode%2Ftags%2F2.0",[324,325],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55},{"version":327,"download_url":328,"svn_tag_url":329,"released_at":36,"has_diff":48,"diff_files_changed":330,"diff_lines":36,"trac_diff_url":331,"vulnerabilities":332,"is_current":48},"1.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.1.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F1.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F1.2&new_path=%2Fcatch-dark-mode%2Ftags%2F1.2.1",[333,334],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55},{"version":336,"download_url":337,"svn_tag_url":338,"released_at":36,"has_diff":48,"diff_files_changed":339,"diff_lines":36,"trac_diff_url":340,"vulnerabilities":341,"is_current":48},"1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F1.1&new_path=%2Fcatch-dark-mode%2Ftags%2F1.2",[342,343],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55},{"version":345,"download_url":346,"svn_tag_url":347,"released_at":36,"has_diff":48,"diff_files_changed":348,"diff_lines":36,"trac_diff_url":349,"vulnerabilities":350,"is_current":48},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F1.0&new_path=%2Fcatch-dark-mode%2Ftags%2F1.1",[351,352],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55},{"version":354,"download_url":355,"svn_tag_url":356,"released_at":36,"has_diff":48,"diff_files_changed":357,"diff_lines":36,"trac_diff_url":358,"vulnerabilities":359,"is_current":48},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F0.0.2&new_path=%2Fcatch-dark-mode%2Ftags%2F1.0",[360,361],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55},{"version":363,"download_url":364,"svn_tag_url":365,"released_at":36,"has_diff":48,"diff_files_changed":366,"diff_lines":36,"trac_diff_url":367,"vulnerabilities":368,"is_current":48},"0.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.0.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F0.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcatch-dark-mode%2Ftags%2F0.0.1&new_path=%2Fcatch-dark-mode%2Ftags%2F0.0.2",[369,370],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55},{"version":372,"download_url":373,"svn_tag_url":374,"released_at":36,"has_diff":48,"diff_files_changed":375,"diff_lines":36,"trac_diff_url":36,"vulnerabilities":376,"is_current":48},"0.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-dark-mode.0.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcatch-dark-mode\u002Ftags\u002F0.0.1\u002F",[],[377,378],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"id":50,"url_slug":51,"title":52,"severity":39,"cvss_score":56,"vuln_type":42,"patched_in_version":55}]