[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fE-hyi9KetfcKi4k0H8cv57b-o6ygSokfVuni93ArdQ0":3,"$fhkxMMspjkIiOUtJYFgGD2Llx2Dk6F817L1PK7sKt3i8":115,"$ff7O5_PA-h1-iNbaKQ-VcxQmYYk2inrnLE5qjYja0qss":120},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":35,"analysis":36,"fingerprints":85},"click-to-call-button-by-converzo-nl","Converzo Click-to-Call button","1.0","converzo","https:\u002F\u002Fprofiles.wordpress.org\u002Fconverzo\u002F","\u003Cp>With this plugin you add a click-to-call button to your responsive website in no-time.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple installation\u003C\u002Fli>\n\u003Cli>Setup can be found under: WP Call to action menu\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>This plugin requires PHP 5 or PHP 7 and WordPress 3.0 or greater. It works in standard WordPress environments. It is strongly recommended to use WordPress in the newest version.\u003C\u002Fp>\n\u003Ch4>Contact\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you have any suggestion, feel free to email me at info@converzo.nl.\u003C\u002Fli>\n\u003Cli>See also website: http:\u002F\u002Fconverzo.nl\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to Use\u003C\u002Fh3>\n\u003Cp>Check settings under > Converzo Click-to-Call menu\u003C\u002Fp>\n","With this plugin you add a click-to-call button to your responsive website in no-time.",0,1329,100,1,"2019-08-02T12:42:00.000Z","5.0.25","3.0","",[20],"add-a-click-to-call-button-to-responsive-website","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fconverzo-click-to-call\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclick-to-call-button-by-converzo-nl.1.0.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},2,10,93,30,89,"2026-05-20T03:59:10.416Z",[],{"attackSurface":37,"codeSignals":60,"taintFlows":77,"riskAssessment":78,"analyzedAt":84},{"hooks":38,"ajaxHandlers":56,"restRoutes":57,"shortcodes":58,"cronEvents":59,"entryPointCount":11,"unprotectedCount":11},[39,45,49,52],{"type":40,"name":41,"callback":42,"file":43,"line":44},"action","admin_menu","wp_cta_add_admin_menu","converzo-click-to-call.php",26,{"type":40,"name":46,"callback":47,"file":43,"line":48},"admin_enqueue_scripts","wp_cta_admin_scripts",27,{"type":40,"name":50,"callback":51,"file":43,"line":32},"admin_init","wp_cta_register_options_settings",{"type":40,"name":53,"callback":54,"priority":30,"file":43,"line":55},"wp_footer","wp_cta_add_buttons",33,[],[],[],[],{"dangerousFunctions":61,"sqlUsage":62,"outputEscaping":64,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":76},[],{"prepared":11,"raw":11,"locations":63},[],{"escaped":11,"rawEcho":65,"locations":66},4,[67,70,72,74],{"file":43,"line":68,"context":69},108,"raw output",{"file":43,"line":71,"context":69},129,{"file":43,"line":73,"context":69},136,{"file":43,"line":75,"context":69},209,[],[],{"summary":79,"deductions":80},"The static analysis of the 'click-to-call-button-by-converzo-nl' plugin v1.0 reveals a remarkably clean code base with no identified attack surface through AJAX, REST API, shortcodes, or cron events. The absence of dangerous functions, file operations, external HTTP requests, and reliance on prepared statements for SQL queries are all positive security indicators.  However, the complete lack of output escaping is a significant concern, suggesting that any dynamic data rendered to the user interface is not being properly sanitized, potentially leading to cross-site scripting (XSS) vulnerabilities if user-supplied data is incorporated into the output. The vulnerability history is also empty, indicating no known public exploits or past issues, which is a good sign of responsible development.\n\nDespite the lack of discovered vulnerabilities and a small attack surface, the critical oversight in output escaping presents a clear and present risk. While the plugin might not have exploitable entry points due to its limited functionality as indicated, the potential for XSS remains if any part of its rendering process handles user-controlled data. The absence of nonce and capability checks is noted but is less concerning given the zero attack surface; however, it indicates a lack of robust authorization practices that could become an issue if new entry points are introduced in future versions. Overall, the plugin demonstrates good practices in some areas but suffers from a critical deficiency in output sanitization.",[81],{"reason":82,"points":83},"0% output escaping",12,"2026-04-16T14:05:37.650Z",{"wat":86,"direct":95},{"assetPaths":87,"generatorPatterns":90,"scriptPaths":91,"versionParams":93},[88,89],"\u002Fwp-content\u002Fplugins\u002Fclick-to-call-button-by-converzo-nl\u002Fassets\u002Fcss\u002Fwp-cta-css.css","\u002Fwp-content\u002Fplugins\u002Fclick-to-call-button-by-converzo-nl\u002Fassets\u002Fjs\u002Fwp-cta-js.js",[],[92],"plugins\u002Fclick-to-call-button-by-converzo-nl\u002Fassets\u002Fjs\u002Fwp-cta-js.js",[94],"click-to-call-button-by-converzo-nl\u002Fassets\u002Fcss\u002Fwp-cta-css.css?ver=1.1.0",{"cssClasses":96,"htmlComments":99,"htmlAttributes":100,"restEndpoints":112,"jsGlobals":113,"shortcodeOutput":114},[97,98],"wp-cta-button","wp-cta-ph-circle",[],[101,102,103,104,105,106,107,108,109,110,111],"name=\"wp_cta_options[phone_number]\"","name=\"wp_cta_options[button_position]\"","name=\"wp_cta_options[circle_color]\"","name=\"wp_cta_options[button_color]\"","name=\"wp_cta_options[call_wave_effect]\"","name=\"wp_cta_options[call_shake_effect]\"","id=\"wp-call-button-effect\"","id=\"wp-call-button-shake-effect\"","id=\"wp-position-button-left\"","id=\"wp-position-button-right\"","class=\"colourme\"",[],[],[],{"error":116,"url":117,"statusCode":118,"statusMessage":119,"message":119},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fclick-to-call-button-by-converzo-nl\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":29,"versions":121},[122,130],{"version":123,"download_url":124,"svn_tag_url":125,"released_at":24,"has_diff":126,"diff_files_changed":127,"diff_lines":24,"trac_diff_url":128,"vulnerabilities":129,"is_current":126},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclick-to-call-button-by-converzo-nl.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclick-to-call-button-by-converzo-nl\u002Ftags\u002F1.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclick-to-call-button-by-converzo-nl%2Ftags%2F1.0&new_path=%2Fclick-to-call-button-by-converzo-nl%2Ftags%2F1.1",[],{"version":6,"download_url":22,"svn_tag_url":131,"released_at":24,"has_diff":126,"diff_files_changed":132,"diff_lines":24,"trac_diff_url":24,"vulnerabilities":133,"is_current":116},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclick-to-call-button-by-converzo-nl\u002Ftags\u002F1.0\u002F",[],[]]