[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNxfA6Fi1LNglxKs6CrYlXyTVKVUzTE9xZPtvU_-R_Yk":3,"$fM8-4UxWiggVuKWITuAFzIsIzWvgo-8nHlhrmf35NNh0":1052,"$f4tuWC4QKUh_KqqQuD79rrmQumt_0QWw5XGoAobpUk3E":1056},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":49,"crawl_stats":37,"alternatives":57,"analysis":164,"fingerprints":1030},"clockify-lite","Clockinator Lite","1.0.9","BeastThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeastthemes\u002F","\u003Cp>Clockinator Lite is a powerful and easy-to-use \u003Cstrong>employee and attendance management plugin\u003C\u002Fstrong> for WordPress.\u003Cbr \u002F>\nIt helps you manage attendance, employee records, shifts, and holidays from your WordPress dashboard.\u003C\u002Fp>\n\u003Ch4>Core Lite Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Employee management for administrator and employee roles\u003C\u002Fli>\n\u003Cli>Clock in\u002Fout with attendance history\u003C\u002Fli>\n\u003Cli>Shift and holiday management\u003C\u002Fli>\n\u003Cli>Department and designation management\u003C\u002Fli>\n\u003Cli>Monthly and past attendance reports\u003C\u002Fli>\n\u003Cli>Frontend employee dashboard\u003C\u002Fli>\n\u003Cli>Translation-ready interface\u003C\u002Fli>\n\u003Cli>And many other features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Clockinator Lite is suitable for small and medium teams that need a practical attendance workflow in WordPress.\u003C\u002Fp>\n\u003Ch3>🔑 Key Features (Lite Version)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>User Management (Admin \u002F Employee)\u003C\u002Fli>\n\u003Cli>Attendance & Holiday Management\u003C\u002Fli>\n\u003Cli>Real-time employee tracking\u003C\u002Fli>\n\u003Cli>Monthly & past attendance reports\u003C\u002Fli>\n\u003Cli>Admin notifications on clock in\u002Fout ( Email & SMS notifications )\u003C\u002Fli>\n\u003Cli>Employee self-service frontend dashboard\u003C\u002Fli>\n\u003Cli>Centralized admin dashboard\u003C\u002Fli>\n\u003Cli>Clean UI & translation ready\u003C\u002Fli>\n\u003Cli>And many other features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Upgrade to Pro\u003C\u002Fh3>\n\u003Cp>Unlock advanced HR features with \u003Cstrong>Clockinator Pro\u003C\u002Fstrong>, including:\u003Cbr \u002F>\n– Shift, leave, payroll & reimbursement management\u003Cbr \u002F>\n– Project & task management\u003Cbr \u002F>\n– Payslip & Payroll generation( partial & monthly wise )\u003Cbr \u002F>\n– Exportable reports (CSV)\u003Cbr \u002F>\n– Customizable email\u002FSMS notifications\u003Cbr \u002F>\n– Department & role-based access control\u003Cbr \u002F>\n– Frontend Dashboard for “Administrator” with all backend functionalities \u003Ca href=\"https:\u002F\u002Fbeastthemes.com\u002Four-plugins\u002Fclockinator-frontend-dashboard-addon\u002F\" rel=\"nofollow ugc\">Addon\u003C\u002Fa>\u003Cbr \u002F>\n– More robust dashboards for HR Managers & Department Heads\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fbeastthemes.com\u002Fplugins\u002Fclockify-pro\u002F\" rel=\"nofollow ugc\">Learn More\u003C\u002Fa>\u003Cbr \u002F>\n👉 \u003Ca href=\"https:\u002F\u002Fdemo.beastthemes.com\u002Fclockify-pro-wordpress-plugin\u002F\" rel=\"nofollow ugc\">View Demo\u003C\u002Fa>\u003Cbr \u002F>\n👉 \u003Ca href=\"https:\u002F\u002Fbeastthemes.com\u002Faccount\u002Fsignup\u002Fclockify-pro-plugin\" rel=\"nofollow ugc\">Buy Now\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>A complete HR and attendance management plugin for WordPress with clock in\u002Fout, shift tracking, leave management, and employee dashboards.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Clockinator Lite WordPress plugin, Copyright (C) 2021 Beastthemes\u003Cbr \u002F>\nLicensed under the GPL3 (https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.en.html).\u003C\u002Fp>\n","Clockinator Lite is a powerful and easy-to-use employee and attendance management plugin for WordPress.",100,7160,2,"2026-03-28T09:23:00.000Z","6.9.4","5.0","7.0",[19,20,21,22,23],"attendance-management","employee-management","hr-management","leave-management","shift-management","https:\u002F\u002Fbeastthemes.com\u002Fplugins\u002Fclockify-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.9.zip",79,1,"2025-04-01 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":37,"patch_diff_files":46,"patch_trac_url":37,"research_status":37,"research_verified":47,"research_rounds_completed":48,"research_plan":37,"research_summary":37,"research_vulnerable_code":37,"research_fix_diff":37,"research_exploit_outline":37,"research_model_used":37,"research_started_at":37,"research_completed_at":37,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":47,"poc_model_used":37,"poc_verification_depth":37},"CVE-2025-31777","clockinator-lite-missing-authorization","Clockinator Lite \u003C= 1.0.7 - Missing Authorization","The Clockinator Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.0.7. This makes it possible for unauthenticated attackers to perform an unauthorized action.",null,"\u003C=1.0.7","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-04-08 14:13:36",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4051a7f1-0564-41eb-8ef4-0ee1c8af57cb?source=api-prod",[],false,0,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":54,"trust_score":55,"computed_at":56},"beastthemes",3,180,88,30,86,"2026-05-19T21:21:01.808Z",[58,78,99,123,144],{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":13,"last_updated":69,"tested_up_to":15,"requires_at_least":70,"requires_php":70,"tags":71,"homepage":74,"download_link":75,"security_score":76,"vuln_count":13,"unpatched_count":13,"last_vuln_date":77,"fetched_at":29},"hr-management-lite","HR Management Lite","3.6","Weblizar - WordPress Themes & Plugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fweblizar\u002F","\u003Cp>HR Management is the wordPress Plugin for hrm, crm, erp and also manage the Projects,  Departments, Employees Attendance, Salary, Real Time Working Hours, Monthly Report Generation, Leaves, Notices, Holidays. HR Management is a HRM plugin for WordPress sites. That can manage staff\u002F employee related activities  in any organization and small type of business, corporation, companies. You can create unlimited staff, designations, shifts, events, holidays, notification, projects and  much more  option are available.\u003C\u002Fp>\n\u003Ch3>HR Management Lite Features You Will Get\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin dashboard\u003C\u002Fstrong> – HR Management dashboard attractive and responsive design. It can contain the all element in simple pattern.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shift Management\u003C\u002Fstrong> – You can create unlimited shifts and manage the according to your requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Staff Management\u003C\u002Fstrong> – Create unlimited Staff and manage the Staff related activities and details.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Designation\u003C\u002Fstrong> – Create unlimited Designation and manage the Designation according to requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logged-In IP info\u003C\u002Fstrong> –   Logged-In IP info you can set and restricted according your requirement. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role Management\u003C\u002Fstrong> –  Create unlimited roles according to requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attendance and Salary Reports\u003C\u002Fstrong> – Manage the staff\u002Femployee Attendance and Salary Reports.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hourly & Monthly Basis Salary\u003C\u002Fstrong> –  Manage salaries according to Hourly & Monthly Basis. Its powerful feature in this plugins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>unlimited Events\u003C\u002Fstrong> –  Create unlimited events and manage the events.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited Notices\u003C\u002Fstrong> – Create unlimited Notices and manage the Notices for the employees. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited Holiday Management\u003C\u002Fstrong> – Create unlimited Holiday and manage the Holiday according to your staffs. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Project & Tasks Management (Limited Options)\u003C\u002Fstrong> –  Crate the project and manage related activities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Template Customization(Limited Options)\u003C\u002Fstrong> – Email Template  option is available to design and send to your employee.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Portal Shortcode\u003C\u002Fstrong> – We Provide the shortcode to login and manage the activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong> –  plugin is completely translation ready.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Employee And HR Management WordPress Plugin  Pro Demos\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdemo.weblizar.com\u002Femployee-and-hr-management\" rel=\"nofollow ugc\">Employee And HR Management Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdemo.weblizar.com\u002Femployee-and-hr-management\" rel=\"nofollow ugc\">Admin Login \u003C\u002Fa> : username \u002F Password  => manager \u002F 123456\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdemo.weblizar.com\u002Femployee-and-hr-management\" rel=\"nofollow ugc\">staff Login \u003C\u002Fa> :  username \u002F Password  => demostaff\u002F 123456\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Employee And HR Management Features & Upgrade\u003C\u002Fh4>\n\u003Cp>We offer the Employee And HR Management Pro version for business owners who need manage the his business with that features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Centralized Admin dashboard\u003C\u002Fstrong> – You have a centralized view so you can easly manage all option from one place easily you can view and check all update and control options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Departments Management\u003C\u002Fstrong> – You can create unlimited Departments.It will help you to manage their activities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Designation\u003C\u002Fstrong> – Create unlimited Designation and manage the Designation according to requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Staff Management\u003C\u002Fstrong> – Create unlimited Staff, edit.deletes or manage all your staff personal data, assign their shift, salary, leaves,permissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Leave request Management\u003C\u002Fstrong> – A Leave Management system automcates the leave request process, making it hassle-free for both the management and employees.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shift Management\u003C\u002Fstrong> – You can create unlimited shifts and manage the shifts according to your time of staff and significant role in the  organization resources and teams.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role Management\u003C\u002Fstrong> –  Create unlimited roles according to requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Generate Attendance Reports\u003C\u002Fstrong>– Manage full attendance of your staff. take action according to them. daily basis attendance. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Payroll Management\u003C\u002Fstrong> – You can Manage or get monthly basis payroll, list of and company’s employee and the amount of money they are to be paid.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Staff Working Hours Management\u003C\u002Fstrong> – It calculate the total working hours on daily basis and monthly basis also calculate salaries according to it.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hourly & Monthly Basis Salary\u003C\u002Fstrong> –  Manage salaries according to Hourly & Monthly Basis. Its powerful feature in this plugins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Events Management\u003C\u002Fstrong> –  Create unlimited events and manage the events.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Notices Management\u003C\u002Fstrong> – Create unlimited Notices and manage the Notices for the employees. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Holiday Management\u003C\u002Fstrong> – Create unlimited Holiday and manage the Holiday according to your staffs. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logged-In IP info\u003C\u002Fstrong> –   Logged-In IP info also check with staff login time. Staff which IP to login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Restriction\u003C\u002Fstrong> – You can restrict your staff\u002Femployee to login from an authorized location. They are not able to login outside. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>GEO Location\u003C\u002Fstrong> – You can set your GEO location. Staff can be login according to GEO location.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Project & Tasks Management\u003C\u002Fstrong> –  Crate the project and manage related activities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Template Customization\u003C\u002Fstrong> – Email Template  option is available to design and send to your employee.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Portal Shortcode\u003C\u002Fstrong> – we Provide the shortcode to login and manage the activity.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Translation Ready\u003C\u002Fstrong> –  plugin is completely translation ready.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fweblizar.com\u002Fplugins\u002Femployee-and-hr-management-wordpress-plugin\u002F\" rel=\"nofollow ugc\">You can learn more about Employee And HR Management Pro Plugin  here\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Docs & Support\u003C\u002Fh4>\n\u003Cp>You can find \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhr-management-lite\u002F\" rel=\"ugc\">docs\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.weblizar.com\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa> and more detailed information about HR Management Lite on \u003Ca href=\"http:\u002F\u002Fwww.weblizar.com\" rel=\"nofollow ugc\">Weblizar\u003C\u002Fa>. If you were unable to find the answer to your question on the FAQ or in any of the documentation, you should check the support forum on WordPress.org.\u003C\u002Fp>\n\u003Ch4>We Need Your Support\u003C\u002Fh4>\n\u003Cp>It is really hard to continue development and support for this free plugin without contributions from users like you. If you are enjoying using our Clock In Portal plugin and find it useful, then please consider \u003Ca href=\"http:\u002F\u002Fwww.weblizar.com\" rel=\"nofollow ugc\">\u003Cstrong>Making a Donation\u003C\u002Fstrong>\u003C\u002Fa>. Your donation will help us to encourage and support the plugin’s continued development and better user support.\u003C\u002Fp>\n\u003Ch4>Translators\u003C\u002Fh4>\n\u003Cp>Please contribute to translate our plugin.  Contact at \u003Ccode>lizarweb (at) gmail (dot) com\u003C\u002Fcode>.\u003C\u002Fp>\n","HR Plugin for WordPress to Manage the HR works and the Projects.",300,17694,70,"2026-02-23T12:02:00.000Z","",[72,21,22,73,23],"attendance","project-management","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhr-management-lite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhr-management-lite.3.6.zip",56,"2025-12-28 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":48,"num_ratings":48,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":98,"vuln_count":48,"unpatched_count":48,"last_vuln_date":37,"fetched_at":29},"employee-management-system","Employee Management System","1.0.3","Md. Maruf Khan","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarufmks\u002F","\u003Cp>Employee Management System is a powerful WordPress plugin designed to help businesses manage their employees and track sales performance efficiently. It provides both administrative and employee-facing features in a user-friendly interface.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Employee Management\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add and manage employee profiles\u003C\u002Fli>\n\u003Cli>Track employee status (active, inactive, blocked)`\u003C\u002Fli>\n\u003Cli>Store comprehensive employee information\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Manage employment details and history\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Dashboard & Analytics\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Real-time employee statistics\u003C\u002Fli>\n\u003Cli>Interactive sales charts\u003C\u002Fli>\n\u003Cli>Performance metrics\u003C\u002Fli>\n\u003Cli>Monthly sales trends\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Employee status distribution\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Employee Portal\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Secure employee login\u003C\u002Fli>\n\u003Cli>Personal sales statistics\u003C\u002Fli>\n\u003Cli>Monthly performance tracking\u003C\u002Fli>\n\u003Cli>Sales submission form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Individual performance metrics\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Administrative Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Comprehensive admin dashboard\u003C\u002Fli>\n\u003Cli>Employee status management\u003C\u002Fli>\n\u003Cli>Sales performance tracking\u003C\u002Fli>\n\u003Cli>Data export capabilities\u003C\u002Fli>\n\u003Cli>\n\u003Cp>User-friendly interface\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Security & Access Control\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Role-based access control\u003C\u002Fli>\n\u003Cli>Secure data handling\u003C\u002Fli>\n\u003Cli>WordPress user integration\u003C\u002Fli>\n\u003Cli>Protected employee data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin stores the following data:\u003Cbr \u002F>\n* Employee information (name, contact details, employment details)\u003Cbr \u002F>\n* Sales records and performance metrics\u003Cbr \u002F>\n* User access logs and activity data\u003C\u002Fp>\n\u003Cp>All data is stored securely in your WordPress database and can be exported or deleted through the plugin interface.\u003C\u002Fp>\n\u003Cp>The plugin does not:\u003Cbr \u002F>\n* Share data with third parties\u003Cbr \u002F>\n* Track users across websites\u003Cbr \u002F>\n* Store sensitive payment information\u003C\u002Fp>\n\u003Cp>Source Code:\u003Cbr \u002F>\nThe source code for minified JavaScript and CSS files is available in the GitHub repository:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fmarufmks\u002Femployee-management-system\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support queries, please visit our GitHub repository at https:\u002F\u002Fgithub.com\u002Fmarufmks\u002Femployee-management-system\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by Maruf (https:\u002F\u002Fgithub.com\u002Fmarufmks)\u003C\u002Fp>\n","A comprehensive employee management system with sales tracking, reporting, and dashboard features for WordPress.",10,878,"2025-02-12T16:45:00.000Z","6.7.5","6.0","7.4",[93,20,21,94,95],"employee-dashboard","sales-tracking","staff-management","https:\u002F\u002Fgithub.com\u002Fmarufmks\u002Femployee-management-system","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femployee-management-system.1.0.3.zip",92,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":15,"requires_at_least":112,"requires_php":91,"tags":113,"homepage":118,"download_link":119,"security_score":120,"vuln_count":121,"unpatched_count":27,"last_vuln_date":122,"fetched_at":29},"wpschoolpress","School Management System – WPSchoolPress","2.2.36","Ronik@UnlimitedWP","https:\u002F\u002Fprofiles.wordpress.org\u002Fjdsofttech\u002F","\u003Cp>WPSchoolPress is currently a highly demanding WordPress plugin for the school management system in 2025-26. WPSchoolPress is a No.#1 School Management WordPress Plugin allows you to manage entities such as classes, students, sections, exams, timetables, results, ID Cards, teachers, staff, fee management, parent control, invoices, noticeboards, and more.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Role based access:Users like school admin, students, parents and teachers can easily login and access their respective user-friendly dashboards.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Student Attendance Management System:Admin and Teachers can do entire attendance management on daily basis of the students of each class. Students and parents can see date wise attendance report. Teacher can also add the reason for absence of each student. Whenever any student is absent, an automatic message is sent to the registered parent mentioning the day, date and reason of being absent. Automatic messages are sent only if the school has purchased our SMS add-on.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Class rooms and subjects:As a student managing plugin,WPSchoolPress has made simple for admin to create new classes and assign subjects. Eventually, teacher’s management can be done by assigning subjects and classes. For parents, their child information like class number, respective subjects and assigned teachers can be viewed when they login to their respective dashboards.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Student Grade Management System:As student report management system,WPSchoolPress has a feature by which admin and teachers can insert student grades\u002Fmarks on the bases of their class and subjects. Along with grades, teachers can also write remarks or student-reviews on student’s performance. Subject-wise grades will be visible on students and parent’s dashboards. Using our paid Import-Export add-on, teachers can import a .csv file with grades for quicker upload of marksin bulk. The students and parents can further print grade sheets.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>School Schedule Management System:Admin and teachers can create exam schedule for each subject of their respective class.Along with this, upcoming school event schedules like cultural festival schedule, sports tournament schedule, annual leaves management and likewise can be easily created. For sudden changes in acedemics, admin can notify teachers, students and parents by sending email-notifications(free) or sending messages through our paid SMS add-on.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>School Transportation Management System: Details regarding Public Transport bus, tram or School Private transport, routes and driver details can be provided on students, parents and teachers dashboards by admin. Also admin can send notifications in form of e-mail (free) or SMS (with use of paid add-on) to parents if there is a replacement in driver, transport bus, change in route, etc.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Constant feature updates:We are constantly trying to have feature updatesfor you to run the school operations smoothly. These updates are on the bases our customer suggestions and feature requirements. Check our website for any new updates and add-ons\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.2.33\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fixed   – Fixed issue of default user roles which vanished when plugin activate\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.2.34\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fixed   – teacher not able to edit students info. fixed it\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.2.35\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Updated – Make Class field mandatory when new student registered or existing student updated\u003C\u002Fli>\n\u003Cli>Fixed   – make validation such that same roll no is not used in same class\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.2.36\u003C\u002Fh3>\n\u003Cp>*Updated – Improved performance by optimizing AJAX loading, reducing unnecessary DB queries, adding caching.\u003C\u002Fp>\n","An extensive plugin for school management with features like attendance, class management, time table, exams, grades, student-teacher-parent notificat &hellip;",2000,198578,80,21,"2026-04-02T12:53:00.000Z","6.7",[19,114,115,116,117],"exam-schedule-management","staff-information-management","student-information-management","time-table-management","http:\u002F\u002Fwpschoolpress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpschoolpress.2.2.36.zip",60,14,"2026-02-13 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":11,"num_ratings":86,"last_updated":133,"tested_up_to":15,"requires_at_least":134,"requires_php":91,"tags":135,"homepage":140,"download_link":141,"security_score":142,"vuln_count":27,"unpatched_count":48,"last_vuln_date":143,"fetched_at":29},"vikappointments","VikAppointments Services Booking Calendar","1.2.18","e4jvikwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fe4jvikwp\u002F","\u003Ch4>Vik Appointments Services Booking Calendar for WordPress\u003C\u002Fh4>\n\u003Cp>The popular appointments booking calendar system is now available also for WordPress as a Native Plugin!\u003C\u002Fp>\n\u003Cp>If you are looking for a professional tool to schedule and manage both appointments and bookings of various services or employees, then this is definitely the right solution for your project.\u003C\u002Fp>\n\u003Cp>Vik Appointments is an experienced piece of software with thousands of tailored functions designed to fit the needs of several types of business, such as medical centers, doctors, lawyers, hair stylists, SPA services, escape games and much more.\u003Cbr \u002F>\nAccept online reservations and schedule the appointments for each employee in a smart and efficient way.\u003C\u002Fp>\n\u003Cp>Thanks to its key features, Vik Appointments is the perfect plugin for those kind of companies and service providers that have many employees:\u003Cbr \u002F>\nyou will be able to manage and let the employees to receive payments singularly; as well, each employee will be able to manage its working time and the services that he offers thanks to a dedicated personal area.\u003Cbr \u002F>\nAn “employee” can represent a person, an object, a room or anything else that could be scheduled to receive bookings.\u003C\u002Fp>\n\u003Cp>Those who need to offer\u002Fsell online services through meetings or video-conferences can use the complementary (not included) Zoom meetings plugin for Vik Appointments.\u003C\u002Fp>\n\u003Cp>Born for a different CMS than WordPress, the same powerful framework is now at the service of all webmasters, designers and web-agencies that build websites with WordPress.\u003C\u002Fp>\n\u003Cp>Do not look any further, the features of Vik Appointments will outnumber any other similar plugin!\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fvikwp.com\u002F\" rel=\"nofollow ugc\">VikWP.com\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Some of its key features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customizable dashboard and analytics pages\u003C\u002Fli>\n\u003Cli>Custom types of service with custom durations and rates\u003C\u002Fli>\n\u003Cli>Employees management\u003C\u002Fli>\n\u003Cli>Employees personalized cost for services\u003C\u002Fli>\n\u003Cli>Extended working days with custom shifts\u003C\u002Fli>\n\u003Cli>Front-end smart appointments booking process\u003C\u002Fli>\n\u003Cli>Manual\u002Foffline reservations via back-end to keep the availability calendars up to date\u003C\u002Fli>\n\u003Cli>Calendars overview and reports\u003C\u002Fli>\n\u003Cli>Invoices generation\u003C\u002Fli>\n\u003Cli>Coupons to offer reservation discounts\u003C\u002Fli>\n\u003Cli>Status codes management\u003C\u002Fli>\n\u003Cli>Composite taxes\u003C\u002Fli>\n\u003Cli>WebHooks and API framework\u003C\u002Fli>\n\u003Cli>Search widget for the front-end to easily book an appointment\u003C\u002Fli>\n\u003Cli>A stunning widget to book the appointments without leaving the page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Some of the Pro version features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Full booking management from the back-end\u003C\u002Fli>\n\u003Cli>Front-end employees area\u003C\u002Fli>\n\u003Cli>Customers & documents management\u003C\u002Fli>\n\u003Cli>Services options and special rates\u003C\u002Fli>\n\u003Cli>Employees locations\u003C\u002Fli>\n\u003Cli>Packages purchase\u003C\u002Fli>\n\u003Cli>Employees subscription fees to build a portal\u003C\u002Fli>\n\u003Cli>Customers subscriptions e-commerce\u003C\u002Fli>\n\u003Cli>Custom fields management\u003C\u002Fli>\n\u003Cli>Payments to Service Providers or directly to the Employees\u003C\u002Fli>\n\u003Cli>Cart system to book multiple appointments at once\u003C\u002Fli>\n\u003Cli>Custom Payment Gateways (over 60 available on VikWP.com)\u003C\u002Fli>\n\u003Cli>SMS Gateways and Cron Jobs for automated notifications\u003C\u002Fli>\n\u003Cli>Various widgets to enhance the look of your front-end\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Zoom meetings & online video-conferences integration (Zoom.us)\u003C\u002Fli>\n\u003Cli>Google ReCaptcha forms validation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The following integrations may require some of our additional plugins, which might not be free in some cases. Please visit \u003Ca href=\"https:\u002F\u002Fvikwp.com\u002F\" rel=\"nofollow ugc\">VikWP\u003C\u002Fa> for further details.\u003C\u002Fp>\n\u003Ch4>Interested in, curious about the Pro version?\u003C\u002Fh4>\n\u003Cp>You should take a look with your own eyes at the demo website to see what you can do with Vik Appointments. Do not stop at the front-end though, make sure to visit the wp-admin section too.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvikwp.com\u002Fdemo\u002Fvikappointments\" rel=\"nofollow ugc\">Front-end Demo Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvikwp.com\u002Fdemo\u002Fvikappointments\u002Fwp-admin\" rel=\"nofollow ugc\">Admin Demo Website\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","A reliable tool for managing any kind of appointments, scheduling the bookings of various services, and organizing the calendars of several employees.",500,20271,"2026-02-06T13:35:00.000Z","4.7",[136,137,138,20,139],"appointment-booking","appointments","booking-calendar","zoom-meetings","https:\u002F\u002Fvikwp.com\u002Fplugin\u002Fvikappointments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvikappointments.1.2.18.zip",99,"2025-01-15 00:00:00",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":66,"downloaded":152,"rating":153,"num_ratings":154,"last_updated":155,"tested_up_to":15,"requires_at_least":70,"requires_php":70,"tags":156,"homepage":160,"download_link":161,"security_score":162,"vuln_count":51,"unpatched_count":51,"last_vuln_date":163,"fetched_at":29},"clock-in-portal","Clock In Portal- Staff & Attendance Management","2.4","Infigo Software","https:\u002F\u002Fprofiles.wordpress.org\u002Fvibhorp\u002F","\u003Cp>WordPress simple plugin for managing staff timings , attendance and salaries. This plugin helps you in creating salary-reports , Leave-Report for the staffs .\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features You Will Get\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Staff can clock in and out from shifts\u003Cbr \u002F>\n*   Staff can clock in and out from lunch breaks\u003Cbr \u002F>\n*   Staff can request for leave from panel.\u003Cbr \u002F>\n*   Admins can easily make new user accounts\u003Cbr \u002F>\n*   Admins can easily Approve \u002F Reject the leave.\u003Cbr \u002F>\n*   Admins can change the color and text of the time clock\u003Cbr \u002F>\n*   Admins can view the number of hours worked for each day\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>Clockin Portal Pro\u003C\u002Fh4>\n\u003Cp>We offer a Pro version of this plugin for business owners who need more features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Export Activity to CSV File\u003C\u002Fli>\n\u003Cli>IP Restriction for Unauthorised access \u003C\u002Fli>\n\u003Cli>Reporting – Salaries \u002F Attendance\u003C\u002Fli>\n\u003Cli>See how many users are currently working\u003C\u002Fli>\n\u003Cli>Log-in \u002F Log-out , Lunch breaks . \u003C\u002Fli>\n\u003Cli>Notice Manager \u003C\u002Fli>\n\u003Cli>Holidays Manager \u003C\u002Fli>\n\u003Cli>Leave  Manager \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Docs & Support\u003C\u002Fh4>\n\u003Cp>You can find [docs], and more detailed information about Clock In Portal. If you were unable to find the answer to your question on the FAQ or in any of the documentation, you should check the support forum on WordPress.org.\u003C\u002Fp>\n\u003Ch4>We Need Your Support\u003C\u002Fh4>\n\u003Cp>It is really hard to continue development and support for this free plugin without contributions from users like you. If you are enjoying using our Clock In Portal plugin and find it useful, then please consider [\u003Cstrong>Making a Donation\u003C\u002Fstrong>]. Your donation will help us to encourage and support the plugin’s continued development and better user support.\u003C\u002Fp>\n\u003Ch4>Translators\u003C\u002Fh4>\n\u003Cp>Please contribute to translate our plugin.  Contact at \u003Ccode>lizarweb (at) gmail (dot) com\u003C\u002Fcode>.\u003C\u002Fp>\n","Track the attendance of all registered employees with clock in or out system",21184,78,11,"2026-02-04T08:50:00.000Z",[72,157,22,158,159],"clock-in-and-out","scheduler","shift","https:\u002F\u002Fwww.infigosoftware.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclock-in-portal.zip",48,"2023-04-18 00:00:00",{"attackSurface":165,"codeSignals":499,"taintFlows":658,"riskAssessment":1013,"analyzedAt":1029},{"hooks":166,"ajaxHandlers":203,"restRoutes":460,"shortcodes":461,"cronEvents":497,"entryPointCount":498,"unprotectedCount":98},[167,173,177,181,185,190,194,199],{"type":168,"name":169,"callback":170,"file":171,"line":172},"action","admin_menu","btclite_create_menu","admin\\admin.php",19,{"type":168,"name":174,"callback":175,"file":171,"line":176},"init","btclite_initiate_tables",22,{"type":168,"name":178,"callback":179,"file":180,"line":172},"admin_notices","btclite_admin_notice__success","admin\\clock-admin-notice.php",{"type":168,"name":182,"callback":183,"file":180,"line":184},"admin_enqueue_scripts","btclite_admin_notice_assets",25,{"type":168,"name":186,"callback":187,"file":188,"line":189},"plugins_loaded","btclite_load_translation","public\\public.php",13,{"type":168,"name":191,"callback":192,"file":188,"line":193},"wp_enqueue_scripts","btclite_shortcode_enqueue_assets",16,{"type":195,"name":196,"callback":197,"file":188,"line":198},"filter","theme_page_templates","btclite_add_page_template_to_dropdown",33,{"type":195,"name":200,"callback":201,"file":188,"line":202},"page_template","btclite_catch_plugin_template",34,[204,207,210,214,215,219,221,225,227,231,233,237,239,243,244,248,249,253,255,259,260,264,266,270,271,275,277,281,282,286,287,291,293,296,297,301,303,307,309,313,315,319,321,325,327,331,333,337,339,343,345,349,351,355,357,361,364,368,370,374,376,380,382,386,388,392,394,398,400,404,406,410,411,414,415,419,421,425,427,431,433,436,437,440,441,443,444,447,449,453,455,458],{"action":205,"nopriv":47,"callback":206,"hasNonce":47,"hasCapCheck":47,"file":171,"line":184},"btcl-settings","btclite_save_settings",{"action":208,"nopriv":47,"callback":206,"hasNonce":47,"hasCapCheck":47,"file":171,"line":209},"btcl-strings-options",28,{"action":211,"nopriv":212,"callback":213,"hasNonce":47,"hasCapCheck":47,"file":171,"line":198},"btcl_save_shifts",true,"btclite_add_shifts",{"action":211,"nopriv":47,"callback":213,"hasNonce":47,"hasCapCheck":47,"file":171,"line":202},{"action":216,"nopriv":212,"callback":217,"hasNonce":47,"hasCapCheck":47,"file":171,"line":218},"btcl_edit_shifts","btclite_edit_shifts",37,{"action":216,"nopriv":47,"callback":217,"hasNonce":47,"hasCapCheck":47,"file":171,"line":220},38,{"action":222,"nopriv":212,"callback":223,"hasNonce":47,"hasCapCheck":47,"file":171,"line":224},"btcl_delete_shifts","btclite_delete_shifts",41,{"action":222,"nopriv":47,"callback":223,"hasNonce":47,"hasCapCheck":47,"file":171,"line":226},42,{"action":228,"nopriv":212,"callback":229,"hasNonce":47,"hasCapCheck":47,"file":171,"line":230},"btcl_update_shifts","btclite_update_shifts",45,{"action":228,"nopriv":47,"callback":229,"hasNonce":47,"hasCapCheck":47,"file":171,"line":232},46,{"action":234,"nopriv":212,"callback":235,"hasNonce":47,"hasCapCheck":47,"file":171,"line":236},"btcl_save_departments","btclite_add_departments",51,{"action":234,"nopriv":47,"callback":235,"hasNonce":47,"hasCapCheck":47,"file":171,"line":238},52,{"action":240,"nopriv":212,"callback":241,"hasNonce":47,"hasCapCheck":47,"file":171,"line":242},"btcl_edit_departments","btclite_edit_departments",55,{"action":240,"nopriv":47,"callback":241,"hasNonce":47,"hasCapCheck":47,"file":171,"line":76},{"action":245,"nopriv":212,"callback":246,"hasNonce":47,"hasCapCheck":47,"file":171,"line":247},"btcl_delete_departments","btclite_delete_departments",59,{"action":245,"nopriv":47,"callback":246,"hasNonce":47,"hasCapCheck":47,"file":171,"line":120},{"action":250,"nopriv":212,"callback":251,"hasNonce":47,"hasCapCheck":47,"file":171,"line":252},"btcl_update_departments","btclite_update_departments",63,{"action":250,"nopriv":47,"callback":251,"hasNonce":47,"hasCapCheck":47,"file":171,"line":254},64,{"action":256,"nopriv":212,"callback":257,"hasNonce":47,"hasCapCheck":47,"file":171,"line":258},"btcl_fetch_employees","btclite_fetch_user_data",69,{"action":256,"nopriv":47,"callback":257,"hasNonce":47,"hasCapCheck":47,"file":171,"line":68},{"action":261,"nopriv":212,"callback":262,"hasNonce":47,"hasCapCheck":47,"file":171,"line":263},"btcl_save_employees","btclite_add_employees",73,{"action":261,"nopriv":47,"callback":262,"hasNonce":47,"hasCapCheck":47,"file":171,"line":265},74,{"action":267,"nopriv":212,"callback":268,"hasNonce":47,"hasCapCheck":47,"file":171,"line":269},"btcl_edit_employees","btclite_edit_employees",77,{"action":267,"nopriv":47,"callback":268,"hasNonce":47,"hasCapCheck":47,"file":171,"line":153},{"action":272,"nopriv":212,"callback":273,"hasNonce":47,"hasCapCheck":47,"file":171,"line":274},"btcl_update_employees","btclite_update_employees",81,{"action":272,"nopriv":47,"callback":273,"hasNonce":47,"hasCapCheck":47,"file":171,"line":276},82,{"action":278,"nopriv":212,"callback":279,"hasNonce":47,"hasCapCheck":47,"file":171,"line":280},"btcl_delete_employees","btclite_delete_employees",85,{"action":278,"nopriv":47,"callback":279,"hasNonce":47,"hasCapCheck":47,"file":171,"line":55},{"action":283,"nopriv":212,"callback":284,"hasNonce":47,"hasCapCheck":47,"file":171,"line":285},"btcl_save_holidays","btclite_add_holidays",91,{"action":283,"nopriv":47,"callback":284,"hasNonce":47,"hasCapCheck":47,"file":171,"line":98},{"action":288,"nopriv":212,"callback":289,"hasNonce":47,"hasCapCheck":47,"file":171,"line":290},"btcl_edit_holidays","btclite_edit_holidays",95,{"action":288,"nopriv":47,"callback":289,"hasNonce":47,"hasCapCheck":47,"file":171,"line":292},96,{"action":294,"nopriv":212,"callback":295,"hasNonce":47,"hasCapCheck":47,"file":171,"line":142},"btcl_delete_holidays","btclite_delete_holidays",{"action":294,"nopriv":47,"callback":295,"hasNonce":47,"hasCapCheck":47,"file":171,"line":11},{"action":298,"nopriv":212,"callback":299,"hasNonce":47,"hasCapCheck":47,"file":171,"line":300},"btcl_update_holidays","btclite_update_holidays",103,{"action":298,"nopriv":47,"callback":299,"hasNonce":47,"hasCapCheck":47,"file":171,"line":302},104,{"action":304,"nopriv":212,"callback":305,"hasNonce":47,"hasCapCheck":47,"file":171,"line":306},"btcl_edit_requests","btclite_edit_requests",109,{"action":304,"nopriv":47,"callback":305,"hasNonce":47,"hasCapCheck":47,"file":171,"line":308},110,{"action":310,"nopriv":212,"callback":311,"hasNonce":47,"hasCapCheck":47,"file":171,"line":312},"btcl_update_requests","btclite_update_requests",113,{"action":310,"nopriv":47,"callback":311,"hasNonce":47,"hasCapCheck":47,"file":171,"line":314},114,{"action":316,"nopriv":212,"callback":317,"hasNonce":47,"hasCapCheck":47,"file":171,"line":318},"btcl_save_events","btclite_save_events",119,{"action":316,"nopriv":47,"callback":317,"hasNonce":47,"hasCapCheck":47,"file":171,"line":320},120,{"action":322,"nopriv":212,"callback":323,"hasNonce":47,"hasCapCheck":47,"file":171,"line":324},"btcl_edit_events","btclite_edit_events",123,{"action":322,"nopriv":47,"callback":323,"hasNonce":47,"hasCapCheck":47,"file":171,"line":326},124,{"action":328,"nopriv":212,"callback":329,"hasNonce":47,"hasCapCheck":47,"file":171,"line":330},"btcl_update_events","btclite_update_events",127,{"action":328,"nopriv":47,"callback":329,"hasNonce":47,"hasCapCheck":47,"file":171,"line":332},128,{"action":334,"nopriv":212,"callback":335,"hasNonce":47,"hasCapCheck":47,"file":171,"line":336},"btcl_delete_events","btclite_delete_events",131,{"action":334,"nopriv":47,"callback":335,"hasNonce":47,"hasCapCheck":47,"file":171,"line":338},132,{"action":340,"nopriv":212,"callback":341,"hasNonce":47,"hasCapCheck":47,"file":171,"line":342},"btcl_generate_staff_report","btclite_generate_staff_report",137,{"action":340,"nopriv":47,"callback":341,"hasNonce":47,"hasCapCheck":47,"file":171,"line":344},138,{"action":346,"nopriv":212,"callback":347,"hasNonce":47,"hasCapCheck":47,"file":171,"line":348},"btcl_edit_reports","btclite_edit_staff_report",141,{"action":346,"nopriv":47,"callback":347,"hasNonce":47,"hasCapCheck":47,"file":171,"line":350},142,{"action":352,"nopriv":212,"callback":353,"hasNonce":47,"hasCapCheck":47,"file":171,"line":354},"btcl_fetch_clock_reports","btclite_fetch_clock_details",145,{"action":352,"nopriv":47,"callback":353,"hasNonce":47,"hasCapCheck":47,"file":171,"line":356},146,{"action":358,"nopriv":212,"callback":359,"hasNonce":47,"hasCapCheck":47,"file":171,"line":360},"btcl_update_fetch_reports","bbtclite_update_reports",149,{"action":358,"nopriv":47,"callback":362,"hasNonce":47,"hasCapCheck":47,"file":171,"line":363},"btclite_update_reports",150,{"action":365,"nopriv":212,"callback":366,"hasNonce":47,"hasCapCheck":47,"file":171,"line":367},"btcl_delete_all_entries","btclite_delete_entries",155,{"action":365,"nopriv":47,"callback":366,"hasNonce":47,"hasCapCheck":47,"file":171,"line":369},156,{"action":371,"nopriv":212,"callback":372,"hasNonce":47,"hasCapCheck":47,"file":171,"line":373},"btcl_save_targets","btclite_add_targets",161,{"action":371,"nopriv":47,"callback":372,"hasNonce":47,"hasCapCheck":47,"file":171,"line":375},162,{"action":377,"nopriv":212,"callback":378,"hasNonce":47,"hasCapCheck":47,"file":171,"line":379},"btcl_edit_targets","btclite_edit_targets",165,{"action":377,"nopriv":47,"callback":378,"hasNonce":47,"hasCapCheck":47,"file":171,"line":381},166,{"action":383,"nopriv":212,"callback":384,"hasNonce":47,"hasCapCheck":47,"file":171,"line":385},"btcl_add_trecords","btclite_add_target_records",169,{"action":383,"nopriv":47,"callback":384,"hasNonce":47,"hasCapCheck":47,"file":171,"line":387},170,{"action":389,"nopriv":212,"callback":390,"hasNonce":47,"hasCapCheck":47,"file":171,"line":391},"btcl_delete_details","btclite_delete_task_details",173,{"action":389,"nopriv":47,"callback":390,"hasNonce":47,"hasCapCheck":47,"file":171,"line":393},174,{"action":395,"nopriv":212,"callback":396,"hasNonce":47,"hasCapCheck":47,"file":188,"line":397},"btcl_save_leaves","btclite_add_leaves",39,{"action":395,"nopriv":47,"callback":396,"hasNonce":47,"hasCapCheck":47,"file":188,"line":399},40,{"action":401,"nopriv":212,"callback":402,"hasNonce":47,"hasCapCheck":47,"file":188,"line":403},"btcl_edit_leaves","btclite_edit_leaves",43,{"action":401,"nopriv":47,"callback":402,"hasNonce":47,"hasCapCheck":47,"file":188,"line":405},44,{"action":407,"nopriv":212,"callback":408,"hasNonce":47,"hasCapCheck":47,"file":188,"line":409},"btcl_delete_leaves","btclite_delete_leaves",47,{"action":407,"nopriv":47,"callback":408,"hasNonce":47,"hasCapCheck":47,"file":188,"line":162},{"action":412,"nopriv":212,"callback":413,"hasNonce":47,"hasCapCheck":47,"file":188,"line":236},"btcl_update_leaves","btclite_update_leaves",{"action":412,"nopriv":47,"callback":413,"hasNonce":47,"hasCapCheck":47,"file":188,"line":238},{"action":416,"nopriv":212,"callback":417,"hasNonce":47,"hasCapCheck":47,"file":188,"line":418},"btcl_clock_in","btclite_add_clock_in",57,{"action":416,"nopriv":47,"callback":417,"hasNonce":47,"hasCapCheck":47,"file":188,"line":420},58,{"action":422,"nopriv":212,"callback":423,"hasNonce":47,"hasCapCheck":47,"file":188,"line":424},"btcl_clock_out","btclite_add_clock_out",61,{"action":422,"nopriv":47,"callback":423,"hasNonce":47,"hasCapCheck":47,"file":188,"line":426},62,{"action":428,"nopriv":212,"callback":429,"hasNonce":47,"hasCapCheck":47,"file":188,"line":430},"btcl_break_in","btclite_add_break_in",65,{"action":428,"nopriv":47,"callback":429,"hasNonce":47,"hasCapCheck":47,"file":188,"line":432},66,{"action":434,"nopriv":212,"callback":435,"hasNonce":47,"hasCapCheck":47,"file":188,"line":258},"btcl_break_out","btclite_add_break_out",{"action":434,"nopriv":47,"callback":435,"hasNonce":47,"hasCapCheck":47,"file":188,"line":68},{"action":438,"nopriv":212,"callback":439,"hasNonce":47,"hasCapCheck":47,"file":188,"line":263},"btcl_submit_report","btclite_submit_work_report",{"action":438,"nopriv":47,"callback":439,"hasNonce":47,"hasCapCheck":47,"file":188,"line":265},{"action":442,"nopriv":212,"callback":341,"hasNonce":47,"hasCapCheck":47,"file":188,"line":26},"btcl_generate_staff_reports",{"action":442,"nopriv":47,"callback":341,"hasNonce":47,"hasCapCheck":47,"file":188,"line":109},{"action":445,"nopriv":212,"callback":347,"hasNonce":47,"hasCapCheck":47,"file":188,"line":446},"btcl_edit_staff_reports",83,{"action":445,"nopriv":47,"callback":347,"hasNonce":47,"hasCapCheck":47,"file":188,"line":448},84,{"action":450,"nopriv":212,"callback":451,"hasNonce":47,"hasCapCheck":47,"file":188,"line":452},"btcl_save_profile","btclite_edit_save_profile",89,{"action":450,"nopriv":47,"callback":451,"hasNonce":47,"hasCapCheck":47,"file":188,"line":454},90,{"action":456,"nopriv":212,"callback":457,"hasNonce":47,"hasCapCheck":47,"file":188,"line":292},"btcl_fetch_target_details","btclite_display_target",{"action":456,"nopriv":47,"callback":457,"hasNonce":47,"hasCapCheck":47,"file":188,"line":459},97,[],[462,465,468,472,476,479,483,487,490,494],{"tag":463,"callback":464,"file":188,"line":172},"btcl-dashboard","btclite_front_dashboard",{"tag":466,"callback":467,"file":188,"line":176},"btcl-last-day-wotking-hours","btclite_last_day_working_hours",{"tag":469,"callback":470,"file":188,"line":471},"btcl-total-attendance","btclite_total_attendance",23,{"tag":473,"callback":474,"file":188,"line":475},"btcl-total-absents","btclite_total_absents",24,{"tag":477,"callback":478,"file":188,"line":184},"btcl-clockin-buttons","btclite_clockin_buttons",{"tag":480,"callback":481,"file":188,"line":482},"btcl-attendance-reports","btclite_attendance_reports",26,{"tag":484,"callback":485,"file":188,"line":486},"btcl-leave-requests","btclite_leave_requests",27,{"tag":488,"callback":489,"file":188,"line":209},"btcl-holiday-list","btclite_all_holidays",{"tag":491,"callback":492,"file":188,"line":493},"btcl-upcoming-holidays","btclite_upcoming_holidays",29,{"tag":495,"callback":496,"file":188,"line":54},"btcl-upcoming-events","btclite_upcoming_events",[],102,{"dangerousFunctions":500,"sqlUsage":562,"outputEscaping":599,"fileOperations":48,"externalRequests":27,"nonceChecks":224,"capabilityChecks":48,"bundledLibraries":654},[501,506,509,512,515,519,523,525,528,531,533,536,539,541,543,546,549,552,554,557,560],{"fn":502,"file":503,"line":504,"context":505},"unserialize","admin\\inc\\actions\\clock-employees-actions.php",234,"$extra      = unserialize( BTCLite_Helper::btclite_verify_value( $data->extra ) );",{"fn":502,"file":503,"line":507,"context":508},235,"$bank       = unserialize( BTCLite_Helper::btclite_verify_value( $data->bank ) );",{"fn":502,"file":510,"line":387,"context":511},"admin\\inc\\actions\\clock-reports-actions.php","$breaks_data   = ! empty( $reports_data->breaks ) ? unserialize( $reports_data->breaks ) : '';",{"fn":502,"file":513,"line":52,"context":514},"admin\\inc\\actions\\clock-target-actions.php","$feedback = unserialize( $targetd->feedback );",{"fn":502,"file":516,"line":517,"context":518},"admin\\inc\\controllers\\clock-employees-panel.php",659,"$employer_extra = unserialize( BTCLite_Helper::btclite_verify_value( $users->extra ) );",{"fn":502,"file":520,"line":521,"context":522},"admin\\inc\\helpers\\clock-helper.php",541,"$feedback = unserialize( $target->feedback );",{"fn":502,"file":520,"line":524,"context":522},553,{"fn":502,"file":520,"line":526,"context":527},1011,"$breaks_data = unserialize( $report->breaks );",{"fn":502,"file":520,"line":529,"context":530},1193,"$breaks_data = ! empty( $report->breaks ) ? unserialize( $report->breaks ) : '';",{"fn":502,"file":520,"line":532,"context":527},1236,{"fn":502,"file":520,"line":534,"context":535},1282,"$extra = unserialize( $extra );",{"fn":502,"file":520,"line":537,"context":538},1312,"$request = unserialize( $request['body'] );",{"fn":502,"file":520,"line":540,"context":530},1356,{"fn":502,"file":542,"line":154,"context":522},"admin\\inc\\views\\target\\target.php",{"fn":502,"file":544,"line":356,"context":545},"public\\inc\\actions\\clock-btn-actions.php","$breaks_data = unserialize( $breaks );",{"fn":502,"file":544,"line":547,"context":548},202,"$breaks_data  = unserialize( $breaks_data );",{"fn":502,"file":550,"line":110,"context":551},"public\\inc\\actions\\clock-profile-actions.php","$employer_extra = unserialize( BTCLite_Helper::btclite_verify_value( $employer_data->extra ) );",{"fn":502,"file":553,"line":373,"context":511},"public\\inc\\actions\\clock-reports-actions.php",{"fn":502,"file":555,"line":556,"context":551},"public\\inc\\views\\clock-profile.php",6,{"fn":502,"file":555,"line":558,"context":559},7,"$employer_bank  = unserialize( BTCLite_Helper::btclite_verify_value( $employer_data->bank ) );",{"fn":502,"file":561,"line":154,"context":522},"public\\inc\\views\\targets\\target.php",{"prepared":280,"raw":563,"locations":564},20,[565,568,571,572,574,576,577,579,580,582,584,586,588,589,590,591,592,593,595,597],{"file":566,"line":397,"context":567},"admin\\inc\\controllers\\clock-install-tables.php","$wpdb->get_var() with variable interpolation",{"file":566,"line":569,"context":570},76,"$wpdb->query() with variable interpolation",{"file":566,"line":290,"context":570},{"file":566,"line":573,"context":570},115,{"file":566,"line":575,"context":570},140,{"file":566,"line":375,"context":570},{"file":566,"line":578,"context":570},181,{"file":566,"line":547,"context":570},{"file":566,"line":581,"context":570},236,{"file":566,"line":583,"context":570},263,{"file":566,"line":585,"context":570},308,{"file":520,"line":252,"context":587},"$wpdb->get_results() with variable interpolation",{"file":520,"line":68,"context":587},{"file":520,"line":269,"context":587},{"file":520,"line":448,"context":587},{"file":520,"line":285,"context":587},{"file":520,"line":338,"context":587},{"file":520,"line":594,"context":587},139,{"file":520,"line":596,"context":587},383,{"file":520,"line":598,"context":587},397,{"escaped":600,"rawEcho":601,"locations":602},809,31,[603,607,608,610,613,615,617,619,620,621,622,623,624,625,626,627,628,630,631,633,635,637,639,641,643,646,647,648,649,650,653],{"file":604,"line":605,"context":606},"admin\\inc\\controllers\\clock-dashboard-panel.php",35,"raw output",{"file":604,"line":224,"context":606},{"file":516,"line":609,"context":606},650,{"file":611,"line":612,"context":606},"admin\\inc\\controllers\\clock-shifts-panel.php",183,{"file":611,"line":614,"context":606},188,{"file":616,"line":558,"context":606},"admin\\inc\\views\\nav\\nav.php",{"file":616,"line":618,"context":606},8,{"file":616,"line":189,"context":606},{"file":616,"line":486,"context":606},{"file":616,"line":198,"context":606},{"file":616,"line":397,"context":606},{"file":616,"line":230,"context":606},{"file":616,"line":236,"context":606},{"file":616,"line":418,"context":606},{"file":616,"line":252,"context":606},{"file":616,"line":258,"context":606},{"file":616,"line":629,"context":606},75,{"file":616,"line":274,"context":606},{"file":632,"line":300,"context":606},"public\\clock-shortcode.php",{"file":632,"line":634,"context":606},427,{"file":632,"line":636,"context":606},435,{"file":632,"line":638,"context":606},470,{"file":632,"line":640,"context":606},496,{"file":642,"line":51,"context":606},"public\\inc\\templates\\dashboard-template.php",{"file":644,"line":645,"context":606},"public\\inc\\views\\clock-dashboard.php",53,{"file":644,"line":252,"context":606},{"file":644,"line":314,"context":606},{"file":644,"line":344,"context":606},{"file":644,"line":363,"context":606},{"file":651,"line":652,"context":606},"public\\inc\\views\\clock-holiday.php",17,{"file":651,"line":184,"context":606},[655],{"name":656,"version":37,"knownCves":657},"DataTables",[],[659,677,685,702,713,724,732,741,749,762,775,785,802,813,821,830,838,846,854,866,874,882,894,907,919,928,936,947,958,969,980,998],{"entryPoint":660,"graph":661,"unsanitizedCount":48,"severity":676},"btclite_edit_departments (admin\\inc\\actions\\clock-department-actions.php:45)",{"nodes":662,"edges":674},[663,669],{"id":664,"type":665,"label":666,"file":667,"line":668},"n0","source","$_POST","admin\\inc\\actions\\clock-department-actions.php",50,{"id":670,"type":671,"label":672,"file":667,"line":645,"wp_function":673},"n1","sink","get_row() [SQLi]","get_row",[675],{"from":664,"to":670,"sanitized":212},"low",{"entryPoint":678,"graph":679,"unsanitizedCount":48,"severity":676},"\u003Cclock-department-actions> (admin\\inc\\actions\\clock-department-actions.php:0)",{"nodes":680,"edges":683},[681,682],{"id":664,"type":665,"label":666,"file":667,"line":668},{"id":670,"type":671,"label":672,"file":667,"line":645,"wp_function":673},[684],{"from":664,"to":670,"sanitized":212},{"entryPoint":686,"graph":687,"unsanitizedCount":48,"severity":676},"btclite_edit_employees (admin\\inc\\actions\\clock-employees-actions.php:223)",{"nodes":688,"edges":699},[689,691,693,696],{"id":664,"type":665,"label":666,"file":503,"line":690},228,{"id":670,"type":671,"label":672,"file":503,"line":692,"wp_function":673},231,{"id":694,"type":665,"label":695,"file":503,"line":690},"n2","$_POST (x2)",{"id":697,"type":671,"label":698,"file":503,"line":504,"wp_function":502},"n3","unserialize() [Object Injection]",[700,701],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":703,"graph":704,"unsanitizedCount":48,"severity":676},"\u003Cclock-employees-actions> (admin\\inc\\actions\\clock-employees-actions.php:0)",{"nodes":705,"edges":710},[706,707,708,709],{"id":664,"type":665,"label":666,"file":503,"line":690},{"id":670,"type":671,"label":672,"file":503,"line":692,"wp_function":673},{"id":694,"type":665,"label":695,"file":503,"line":690},{"id":697,"type":671,"label":698,"file":503,"line":504,"wp_function":502},[711,712],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":714,"graph":715,"unsanitizedCount":48,"severity":676},"btclite_edit_events (admin\\inc\\actions\\clock-events-actions.php:63)",{"nodes":716,"edges":722},[717,720],{"id":664,"type":665,"label":666,"file":718,"line":719},"admin\\inc\\actions\\clock-events-actions.php",68,{"id":670,"type":671,"label":672,"file":718,"line":721,"wp_function":673},71,[723],{"from":664,"to":670,"sanitized":212},{"entryPoint":725,"graph":726,"unsanitizedCount":48,"severity":676},"\u003Cclock-events-actions> (admin\\inc\\actions\\clock-events-actions.php:0)",{"nodes":727,"edges":730},[728,729],{"id":664,"type":665,"label":666,"file":718,"line":719},{"id":670,"type":671,"label":672,"file":718,"line":721,"wp_function":673},[731],{"from":664,"to":670,"sanitized":212},{"entryPoint":733,"graph":734,"unsanitizedCount":48,"severity":676},"btclite_edit_holidays (admin\\inc\\actions\\clock-holidays-actions.php:60)",{"nodes":735,"edges":739},[736,738],{"id":664,"type":665,"label":666,"file":737,"line":430},"admin\\inc\\actions\\clock-holidays-actions.php",{"id":670,"type":671,"label":672,"file":737,"line":719,"wp_function":673},[740],{"from":664,"to":670,"sanitized":212},{"entryPoint":742,"graph":743,"unsanitizedCount":48,"severity":676},"\u003Cclock-holidays-actions> (admin\\inc\\actions\\clock-holidays-actions.php:0)",{"nodes":744,"edges":747},[745,746],{"id":664,"type":665,"label":666,"file":737,"line":430},{"id":670,"type":671,"label":672,"file":737,"line":719,"wp_function":673},[748],{"from":664,"to":670,"sanitized":212},{"entryPoint":750,"graph":751,"unsanitizedCount":48,"severity":676},"btclite_generate_staff_report (admin\\inc\\actions\\clock-reports-actions.php:10)",{"nodes":752,"edges":759},[753,754,755,756],{"id":664,"type":665,"label":666,"file":510,"line":121},{"id":670,"type":671,"label":672,"file":510,"line":486,"wp_function":673},{"id":694,"type":665,"label":666,"file":510,"line":121},{"id":697,"type":671,"label":757,"file":510,"line":220,"wp_function":758},"get_results() [SQLi]","get_results",[760,761],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":763,"graph":764,"unsanitizedCount":48,"severity":676},"btclite_edit_staff_report (admin\\inc\\actions\\clock-reports-actions.php:141)",{"nodes":765,"edges":772},[766,768,770,771],{"id":664,"type":665,"label":666,"file":510,"line":767},147,{"id":670,"type":671,"label":672,"file":510,"line":769,"wp_function":673},154,{"id":694,"type":665,"label":666,"file":510,"line":767},{"id":697,"type":671,"label":698,"file":510,"line":387,"wp_function":502},[773,774],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":776,"graph":777,"unsanitizedCount":48,"severity":676},"btclite_fetch_clock_details (admin\\inc\\actions\\clock-reports-actions.php:265)",{"nodes":778,"edges":783},[779,781],{"id":664,"type":665,"label":666,"file":510,"line":780},270,{"id":670,"type":671,"label":672,"file":510,"line":782,"wp_function":673},273,[784],{"from":664,"to":670,"sanitized":212},{"entryPoint":786,"graph":787,"unsanitizedCount":48,"severity":676},"\u003Cclock-reports-actions> (admin\\inc\\actions\\clock-reports-actions.php:0)",{"nodes":788,"edges":798},[789,791,792,793,794,796],{"id":664,"type":665,"label":790,"file":510,"line":121},"$_POST (x3)",{"id":670,"type":671,"label":672,"file":510,"line":486,"wp_function":673},{"id":694,"type":665,"label":666,"file":510,"line":121},{"id":697,"type":671,"label":757,"file":510,"line":220,"wp_function":758},{"id":795,"type":665,"label":666,"file":510,"line":767},"n4",{"id":797,"type":671,"label":698,"file":510,"line":387,"wp_function":502},"n5",[799,800,801],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"from":795,"to":797,"sanitized":212},{"entryPoint":803,"graph":804,"unsanitizedCount":48,"severity":676},"btclite_edit_requests (admin\\inc\\actions\\clock-requests-actions.php:10)",{"nodes":805,"edges":811},[806,809],{"id":664,"type":665,"label":666,"file":807,"line":808},"admin\\inc\\actions\\clock-requests-actions.php",15,{"id":670,"type":671,"label":672,"file":807,"line":810,"wp_function":673},18,[812],{"from":664,"to":670,"sanitized":212},{"entryPoint":814,"graph":815,"unsanitizedCount":48,"severity":676},"\u003Cclock-requests-actions> (admin\\inc\\actions\\clock-requests-actions.php:0)",{"nodes":816,"edges":819},[817,818],{"id":664,"type":665,"label":666,"file":807,"line":808},{"id":670,"type":671,"label":672,"file":807,"line":810,"wp_function":673},[820],{"from":664,"to":670,"sanitized":212},{"entryPoint":822,"graph":823,"unsanitizedCount":48,"severity":676},"btclite_edit_shifts (admin\\inc\\actions\\clock-shift-actions.php:53)",{"nodes":824,"edges":828},[825,827],{"id":664,"type":665,"label":666,"file":826,"line":420},"admin\\inc\\actions\\clock-shift-actions.php",{"id":670,"type":671,"label":672,"file":826,"line":424,"wp_function":673},[829],{"from":664,"to":670,"sanitized":212},{"entryPoint":831,"graph":832,"unsanitizedCount":48,"severity":676},"\u003Cclock-shift-actions> (admin\\inc\\actions\\clock-shift-actions.php:0)",{"nodes":833,"edges":836},[834,835],{"id":664,"type":665,"label":666,"file":826,"line":420},{"id":670,"type":671,"label":672,"file":826,"line":424,"wp_function":673},[837],{"from":664,"to":670,"sanitized":212},{"entryPoint":839,"graph":840,"unsanitizedCount":48,"severity":676},"btclite_add_target_records (admin\\inc\\actions\\clock-target-actions.php:154)",{"nodes":841,"edges":844},[842,843],{"id":664,"type":665,"label":666,"file":513,"line":373},{"id":670,"type":671,"label":698,"file":513,"line":52,"wp_function":502},[845],{"from":664,"to":670,"sanitized":212},{"entryPoint":847,"graph":848,"unsanitizedCount":48,"severity":676},"\u003Cclock-target-actions> (admin\\inc\\actions\\clock-target-actions.php:0)",{"nodes":849,"edges":852},[850,851],{"id":664,"type":665,"label":666,"file":513,"line":373},{"id":670,"type":671,"label":698,"file":513,"line":52,"wp_function":502},[853],{"from":664,"to":670,"sanitized":212},{"entryPoint":855,"graph":856,"unsanitizedCount":48,"severity":676},"\u003Cedit> (admin\\inc\\views\\target\\edit.php:0)",{"nodes":857,"edges":864},[858,861],{"id":664,"type":665,"label":859,"file":860,"line":51},"$_GET (x6)","admin\\inc\\views\\target\\edit.php",{"id":670,"type":671,"label":862,"file":860,"line":482,"wp_function":863},"echo() [XSS]","echo",[865],{"from":664,"to":670,"sanitized":212},{"entryPoint":867,"graph":868,"unsanitizedCount":48,"severity":676},"btclite_add_clock_in (public\\inc\\actions\\clock-btn-actions.php:10)",{"nodes":869,"edges":872},[870,871],{"id":664,"type":665,"label":666,"file":544,"line":193},{"id":670,"type":671,"label":672,"file":544,"line":810,"wp_function":673},[873],{"from":664,"to":670,"sanitized":212},{"entryPoint":875,"graph":876,"unsanitizedCount":48,"severity":676},"btclite_add_clock_out (public\\inc\\actions\\clock-btn-actions.php:70)",{"nodes":877,"edges":880},[878,879],{"id":664,"type":665,"label":666,"file":544,"line":569},{"id":670,"type":671,"label":672,"file":544,"line":109,"wp_function":673},[881],{"from":664,"to":670,"sanitized":212},{"entryPoint":883,"graph":884,"unsanitizedCount":48,"severity":676},"btclite_add_break_in (public\\inc\\actions\\clock-btn-actions.php:126)",{"nodes":885,"edges":891},[886,887,889,890],{"id":664,"type":665,"label":666,"file":544,"line":338},{"id":670,"type":671,"label":672,"file":544,"line":888,"wp_function":673},135,{"id":694,"type":665,"label":666,"file":544,"line":338},{"id":697,"type":671,"label":698,"file":544,"line":356,"wp_function":502},[892,893],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":895,"graph":896,"unsanitizedCount":48,"severity":676},"btclite_add_break_out (public\\inc\\actions\\clock-btn-actions.php:191)",{"nodes":897,"edges":904},[898,900,902,903],{"id":664,"type":665,"label":666,"file":544,"line":899},197,{"id":670,"type":671,"label":672,"file":544,"line":901,"wp_function":673},200,{"id":694,"type":665,"label":666,"file":544,"line":899},{"id":697,"type":671,"label":698,"file":544,"line":547,"wp_function":502},[905,906],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":908,"graph":909,"unsanitizedCount":48,"severity":676},"\u003Cclock-btn-actions> (public\\inc\\actions\\clock-btn-actions.php:0)",{"nodes":910,"edges":916},[911,913,914,915],{"id":664,"type":665,"label":912,"file":544,"line":193},"$_POST (x4)",{"id":670,"type":671,"label":672,"file":544,"line":810,"wp_function":673},{"id":694,"type":665,"label":695,"file":544,"line":338},{"id":697,"type":671,"label":698,"file":544,"line":356,"wp_function":502},[917,918],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":920,"graph":921,"unsanitizedCount":48,"severity":676},"btclite_edit_leaves (public\\inc\\actions\\clock-leaves-actions.php:63)",{"nodes":922,"edges":926},[923,925],{"id":664,"type":665,"label":666,"file":924,"line":719},"public\\inc\\actions\\clock-leaves-actions.php",{"id":670,"type":671,"label":672,"file":924,"line":721,"wp_function":673},[927],{"from":664,"to":670,"sanitized":212},{"entryPoint":929,"graph":930,"unsanitizedCount":48,"severity":676},"\u003Cclock-leaves-actions> (public\\inc\\actions\\clock-leaves-actions.php:0)",{"nodes":931,"edges":934},[932,933],{"id":664,"type":665,"label":666,"file":924,"line":719},{"id":670,"type":671,"label":672,"file":924,"line":721,"wp_function":673},[935],{"from":664,"to":670,"sanitized":212},{"entryPoint":937,"graph":938,"unsanitizedCount":48,"severity":676},"btclite_edit_save_profile (public\\inc\\actions\\clock-profile-actions.php:10)",{"nodes":939,"edges":944},[940,941,942,943],{"id":664,"type":665,"label":666,"file":550,"line":193},{"id":670,"type":671,"label":672,"file":550,"line":563,"wp_function":673},{"id":694,"type":665,"label":666,"file":550,"line":193},{"id":697,"type":671,"label":698,"file":550,"line":110,"wp_function":502},[945,946],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":948,"graph":949,"unsanitizedCount":48,"severity":676},"\u003Cclock-profile-actions> (public\\inc\\actions\\clock-profile-actions.php:0)",{"nodes":950,"edges":955},[951,952,953,954],{"id":664,"type":665,"label":666,"file":550,"line":193},{"id":670,"type":671,"label":672,"file":550,"line":563,"wp_function":673},{"id":694,"type":665,"label":666,"file":550,"line":193},{"id":697,"type":671,"label":698,"file":550,"line":110,"wp_function":502},[956,957],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":959,"graph":960,"unsanitizedCount":48,"severity":676},"btclite_edit_staff_report (public\\inc\\actions\\clock-reports-actions.php:133)",{"nodes":961,"edges":966},[962,963,964,965],{"id":664,"type":665,"label":666,"file":553,"line":594},{"id":670,"type":671,"label":672,"file":553,"line":356,"wp_function":673},{"id":694,"type":665,"label":666,"file":553,"line":594},{"id":697,"type":671,"label":698,"file":553,"line":373,"wp_function":502},[967,968],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":970,"graph":971,"unsanitizedCount":48,"severity":676},"\u003Cclock-reports-actions> (public\\inc\\actions\\clock-reports-actions.php:0)",{"nodes":972,"edges":977},[973,974,975,976],{"id":664,"type":665,"label":666,"file":553,"line":594},{"id":670,"type":671,"label":672,"file":553,"line":356,"wp_function":673},{"id":694,"type":665,"label":666,"file":553,"line":594},{"id":697,"type":671,"label":698,"file":553,"line":373,"wp_function":502},[978,979],{"from":664,"to":670,"sanitized":212},{"from":694,"to":697,"sanitized":212},{"entryPoint":981,"graph":982,"unsanitizedCount":13,"severity":997},"\u003Ctarget> (admin\\inc\\views\\target\\target.php:0)",{"nodes":983,"edges":993},[984,987,988,989,990,992],{"id":664,"type":665,"label":985,"file":542,"line":986},"$_GET",5,{"id":670,"type":671,"label":698,"file":542,"line":154,"wp_function":502},{"id":694,"type":665,"label":985,"file":542,"line":986},{"id":697,"type":671,"label":672,"file":542,"line":176,"wp_function":673},{"id":795,"type":665,"label":991,"file":542,"line":986},"$_GET (x9)",{"id":797,"type":671,"label":862,"file":542,"line":232,"wp_function":863},[994,995,996],{"from":664,"to":670,"sanitized":47},{"from":694,"to":697,"sanitized":47},{"from":795,"to":797,"sanitized":212},"high",{"entryPoint":999,"graph":1000,"unsanitizedCount":13,"severity":997},"\u003Ctarget> (public\\inc\\views\\targets\\target.php:0)",{"nodes":1001,"edges":1009},[1002,1003,1004,1005,1006,1008],{"id":664,"type":665,"label":985,"file":561,"line":986},{"id":670,"type":671,"label":698,"file":561,"line":154,"wp_function":502},{"id":694,"type":665,"label":985,"file":561,"line":986},{"id":697,"type":671,"label":672,"file":561,"line":176,"wp_function":673},{"id":795,"type":665,"label":1007,"file":561,"line":986},"$_GET (x8)",{"id":797,"type":671,"label":862,"file":561,"line":397,"wp_function":863},[1010,1011,1012],{"from":664,"to":670,"sanitized":47},{"from":694,"to":697,"sanitized":47},{"from":795,"to":797,"sanitized":212},{"summary":1014,"deductions":1015},"The clockify-lite v1.0.8 plugin presents a mixed security posture. On the positive side, it demonstrates good practices in output escaping, with 96% of outputs properly escaped, and a high percentage (81%) of SQL queries utilizing prepared statements. It also shows a good number of nonce checks (41).\n\nHowever, significant concerns arise from the extensive attack surface, particularly the 92 AJAX handlers that lack authentication checks. This represents a substantial risk, as any unauthenticated user could potentially trigger these handlers. The presence of 2 flows with unsanitized paths identified by taint analysis, even if rated as high severity rather than critical, indicates potential for injection vulnerabilities. The use of the `unserialize` function, a known vector for remote code execution if used with untrusted input, is also a concern.\n\nThe plugin's vulnerability history, with one medium severity CVE and a pattern of missing authorization, reinforces the concerns about its authentication and authorization mechanisms. While the last vulnerability was in the past, the nature of past issues (missing authorization) aligns with the static analysis findings of numerous unprotected AJAX handlers. Overall, while some good security practices are evident, the high number of unprotected AJAX endpoints, taint analysis findings, and historical vulnerability patterns create significant security risks that require immediate attention.",[1016,1018,1021,1023,1025,1027],{"reason":1017,"points":86},"Numerous unprotected AJAX handlers",{"reason":1019,"points":1020},"Taint analysis: 2 high severity flows",12,{"reason":1022,"points":808},"Vulnerability history: 1 medium unpatched CVE",{"reason":1024,"points":986},"Dangerous function: unserialize",{"reason":1026,"points":86},"Capability checks: 0",{"reason":1028,"points":51},"Bundled library: DataTables (potential for known vulns if outdated)","2026-03-16T21:10:45.251Z",{"wat":1031,"direct":1037},{"assetPaths":1032,"generatorPatterns":1034,"scriptPaths":1035,"versionParams":1036},[1033],"\u002Fwp-content\u002Fplugins\u002Fclockify-lite\u002Fadmin\u002Fcss\u002Fclock-admin-notice.css",[],[],[],{"cssClasses":1038,"htmlComments":1043,"htmlAttributes":1044,"restEndpoints":1045,"jsGlobals":1046,"shortcodeOutput":1051},[1039,1040,1041,1042],"btcl-notice","btcl-notice__content","btcl-notice__actions","btcl-button",[],[],[],[1047,1048,1049,1050],"BTCLite_PLUGIN_URL","BTCLite_PLUGIN_DIR_PATH","BTCLite_PLUGIN_BASENAME","BTCLite_PLUGIN_FILE",[],{"error":212,"url":1053,"statusCode":1054,"statusMessage":1055,"message":1055},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fclockify-lite\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":86,"versions":1057},[1058,1064,1072,1080,1088,1096,1104,1111,1119,1127],{"version":6,"download_url":25,"svn_tag_url":1059,"released_at":37,"has_diff":47,"diff_files_changed":1060,"diff_lines":37,"trac_diff_url":1061,"vulnerabilities":1062,"is_current":212},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.9\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.8&new_path=%2Fclockify-lite%2Ftags%2F1.0.9",[1063],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1065,"download_url":1066,"svn_tag_url":1067,"released_at":37,"has_diff":47,"diff_files_changed":1068,"diff_lines":37,"trac_diff_url":1069,"vulnerabilities":1070,"is_current":47},"1.0.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.7&new_path=%2Fclockify-lite%2Ftags%2F1.0.8",[1071],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1073,"download_url":1074,"svn_tag_url":1075,"released_at":37,"has_diff":47,"diff_files_changed":1076,"diff_lines":37,"trac_diff_url":1077,"vulnerabilities":1078,"is_current":47},"1.0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.6&new_path=%2Fclockify-lite%2Ftags%2F1.0.7",[1079],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1081,"download_url":1082,"svn_tag_url":1083,"released_at":37,"has_diff":47,"diff_files_changed":1084,"diff_lines":37,"trac_diff_url":1085,"vulnerabilities":1086,"is_current":47},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.5&new_path=%2Fclockify-lite%2Ftags%2F1.0.6",[1087],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1089,"download_url":1090,"svn_tag_url":1091,"released_at":37,"has_diff":47,"diff_files_changed":1092,"diff_lines":37,"trac_diff_url":1093,"vulnerabilities":1094,"is_current":47},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.4&new_path=%2Fclockify-lite%2Ftags%2F1.0.5",[1095],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1097,"download_url":1098,"svn_tag_url":1099,"released_at":37,"has_diff":47,"diff_files_changed":1100,"diff_lines":37,"trac_diff_url":1101,"vulnerabilities":1102,"is_current":47},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.3&new_path=%2Fclockify-lite%2Ftags%2F1.0.4",[1103],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":81,"download_url":1105,"svn_tag_url":1106,"released_at":37,"has_diff":47,"diff_files_changed":1107,"diff_lines":37,"trac_diff_url":1108,"vulnerabilities":1109,"is_current":47},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.2&new_path=%2Fclockify-lite%2Ftags%2F1.0.3",[1110],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1112,"download_url":1113,"svn_tag_url":1114,"released_at":37,"has_diff":47,"diff_files_changed":1115,"diff_lines":37,"trac_diff_url":1116,"vulnerabilities":1117,"is_current":47},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0.1&new_path=%2Fclockify-lite%2Ftags%2F1.0.2",[1118],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1120,"download_url":1121,"svn_tag_url":1122,"released_at":37,"has_diff":47,"diff_files_changed":1123,"diff_lines":37,"trac_diff_url":1124,"vulnerabilities":1125,"is_current":47},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fclockify-lite%2Ftags%2F1.0&new_path=%2Fclockify-lite%2Ftags%2F1.0.1",[1126],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":1128,"download_url":1129,"svn_tag_url":1130,"released_at":37,"has_diff":47,"diff_files_changed":1131,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":1132,"is_current":47},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclockify-lite.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fclockify-lite\u002Ftags\u002F1.0\u002F",[],[1133],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37}]