[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFm66BUFF9M_X4QRp2ZvgiYXy6_PnM2zC-DVsoRDrWNM":3,"$fN7jH-8RArCJFZ0NMtzkay6NZ_xH0NmUOUzwrKlLq6XM":412,"$fD8FmffoJ__RoHBjdVLZsnjhGjPN93pjgFpPRvSzmsnU":416},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":37,"analysis":141,"fingerprints":394},"codechief","CodeChief","1.0.4","Mahedi Hasan","https:\u002F\u002Fprofiles.wordpress.org\u002Fmahedy150101\u002F","\u003Cp>CodeChief is an amazing multipurpose WordPress plugin where you can easily manage many options. It is easily customizable and easy to handle.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CodeChief Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Admin can change like button colors and options.\u003Cbr \u002F>\n2. Admin can add new user roles and permissions as many as he want.\u003Cbr \u002F>\n3. Admin can activate sending mail to author after publishinhg post.\u003Cbr \u002F>\n4. Admin can activate awesome profile widget.\u003Cbr \u002F>\n5. Admin can activate author profile box after post.\u003Cbr \u002F>\n6. Admin can disable automatic WordPress plugin updates.\u003Cbr \u002F>\n7. Admin can disable automatic WordPress theme updates.\u003Cbr \u002F>\n8. Admin can disable WordPress default theme comments system.\u003Cbr \u002F>\n9. Admin can activate codechief contact page template.\u003Cbr \u002F>\n10. Admin can activate codechief guest post. For guest post, no user registration and login is required.\u003Cbr \u002F>\n11. Admin can activate codechief contact page template. This contact page developed using Ajax request. Also validate with jQuery before submitting the form. You can easily customize this form design by placing your own custom css class via input box.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why use CodeChief?\u003C\u002Fstrong>\u003Cbr \u002F>\nEasy to customize and and easy to use.\u003C\u002Fp>\n","A awesome WordPress plugin to manage many user options and create many new features easily from admin panel.",0,7710,100,1,"2020-08-21T14:33:00.000Z","5.4.19","4.0","5.6",[20,21,22,23,24],"author-profile-widget","contact-form","like-button","post-like","user-roles-and-permission","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcodechief","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodechief.zip",85,null,"2026-03-15T15:16:48.613Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"mahedy150101",30,84,"2026-05-20T04:30:06.749Z",[38,60,78,97,118],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":17,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":59},"solid-post-likes","Solid Post Likes","1.0.8","oacstudio","https:\u002F\u002Fprofiles.wordpress.org\u002Foacstudio\u002F","\u003Cp>This plugin enables you to add a customizable like button to all post types. It supports all custom post types and all WooCommerce product types. Post comments are also supported.\u003C\u002Fp>\n\u003Cp>This button uses the same button for like and dislike. It has been tested with all major page builders.\u003C\u002Fp>\n\u003Cp>Scroll down for demo site link.\u003C\u002Fp>\n\u003Ch3>Feature list\u003C\u002Fh3>\n\u003Ch3>Scope:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Support for all post types.\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable likes per post type.\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable like text and counter.\u003C\u002Fli>\n\u003Cli>Like \u002F Unlike feature on the same button.\u003C\u002Fli>\n\u003Cli>WooCommerce supported.\u003C\u002Fli>\n\u003Cli>Supports all WooCommerce product types (i.e. WooCommerce Subscriptions, WooCommerce Bookings)\u003C\u002Fli>\n\u003Cli>Post comments supported.\u003C\u002Fli>\n\u003Cli>Post comments on custom post types supported.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Design:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>29 icons available for like and dislike.\u003C\u002Fli>\n\u003Cli>Choose different icon for like and dislike.\u003C\u002Fli>\n\u003Cli>Uses Icomoon for Icons.\u003C\u002Fli>\n\u003Cli>Choose different text for like and dislike.\u003C\u002Fli>\n\u003Cli>Set any text for like and unlike.\u003C\u002Fli>\n\u003Cli>Set any icon for like and unlike.\u003C\u002Fli>\n\u003Cli>Control icon and text size.\u003C\u002Fli>\n\u003Cli>Control icon and text color.\u003C\u002Fli>\n\u003Cli>Set icon and text padding to position each element as needed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcodes:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Free placement of like button via shortcodes.\u003C\u002Fli>\n\u003Cli>Like button shortcode [oacsspl] accepts post_id as argument.\u003C\u002Fli>\n\u003Cli>Show user liked posts via shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developer:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Use custom hook for posts.\u003C\u002Fli>\n\u003Cli>Use custom hook for WooCommerce likes.\u003C\u002Fli>\n\u003Cli>Caching support for all full page caching plugins.\u003C\u002Fli>\n\u003Cli>Ajax based like loading.\u003C\u002Fli>\n\u003Cli>Filter available for custom content before and after button.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>More:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>User post like are shown in backend user profile. Useful for admins.\u003C\u002Fli>\n\u003Cli>Disable Likes via post ID.\u003C\u002Fli>\n\u003Cli>Set or remove likes manually.\u003C\u002Fli>\n\u003Cli>Visitors likes can like as well.\u003C\u002Fli>\n\u003Cli>Shows on single posts only.\u003C\u002Fli>\n\u003Cli>Zero configuration required. Just activate and go.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Compatible with all themes that use WordPress the_content (should be almost all!)\u003C\u002Fli>\n\u003Cli>Multisite compatible.\u003C\u002Fli>\n\u003Cli>WPML compatible.\u003C\u002Fli>\n\u003Cli>Tested with all major page builders.\u003C\u002Fli>\n\u003Cli>Ready for localization .mo \u002F .po included.\u003C\u002Fli>\n\u003Cli>Works great on phones and tablets.\u003C\u002Fli>\n\u003Cli>All major browsers supported Chrome, Firefox, Safari, Opera, Edge, and Internet Explorer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Known Incompatibilities:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The Twenty Twenty-Three Default WordPress Theme does not work with the comment likes. Post likes work.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation and Support\u003C\u002Fh3>\n\u003Cp>More documentation:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Foacstudio.de\u002Fknowledgebase-category\u002Fsolid-post-likes\u002Finstallation\" rel=\"nofollow ugc\">https:\u002F\u002Foacstudio.de\u002Fknowledgebase-category\u002Fsolid-post-likes\u002Finstallation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Demo site: \u003Ca href=\"https:\u002F\u002Fspl-demo.oacstudio.de\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fspl-demo.oacstudio.de\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>user: demo@oacstudio.de\u003Cbr \u002F>\npass: demo@oacstudio.de1\u003C\u002Fp>\n","A like button for all post types. Solid and simple.",500,10398,98,8,"2024-07-24T09:17:00.000Z","6.5.8","",[54,22,55],"like","post-likes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsolid-post-likes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsolid-post-likes.1.0.8.zip",92,"2026-04-16T10:56:18.058Z",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":13,"num_ratings":70,"last_updated":71,"tested_up_to":51,"requires_at_least":72,"requires_php":52,"tags":73,"homepage":76,"download_link":77,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":59},"wp1-like","WP1 Like","1.2","wponeco","https:\u002F\u002Fprofiles.wordpress.org\u002Fwponeco\u002F","\u003Cp>WP1 Like is a simple Like button plugin for posts, pages, custom post types and WooCommerce products.\u003C\u002Fp>\n\u003Cp>Demo Links:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwp1.co\u002Fwp\u002Fblog\u002F\" title=\"Like button in Action\" rel=\"nofollow ugc\">Like button on single post\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwp1.co\u002Fwp\u002Florem-ipsum\u002F\" title=\"Like button in Action\" rel=\"nofollow ugc\">Like button on page\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwp1.co\u002Fwp\u002Fproduct\u002Fcap\u002F\" title=\"Like button in Action\" rel=\"nofollow ugc\">Like button on woocommerce product\u003C\u002Fa>\u003C\u002Fp>\n","Display Like button on posts, pages, custom post types and WooCommerce products.",40,2977,2,"2024-05-31T18:54:00.000Z","6.4",[54,22,23,74,75],"product-like","wp-like","http:\u002F\u002Fwp1.co\u002Fwp\u002Fblog\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp1-like.1.2.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":70,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":52,"tags":92,"homepage":95,"download_link":96,"security_score":27,"vuln_count":11,"unpatched_count":11,"last_vuln_date":28,"fetched_at":59},"kento-like-post","Kento Like Post","1.1","PluginsPoint","https:\u002F\u002Fprofiles.wordpress.org\u002Fkentothemes\u002F","\u003Cp>Post Like Button for wordPress Site like Facebook\u003C\u002Fp>\n\u003Cp>Live Preview: http:\u002F\u002Fkentothemes.com\u002Fdemo\u002Fkento-like-post\u002Fkento-like-post\u002F\u003C\u002Fp>\n\u003Cp>Plugin Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Like\u002FUnlike.\u003C\u002Fli>\n\u003Cli>Like Count.\u003C\u002Fli>\n\u003Cli>Display Thumbnail who like post.\u003C\u002Fli>\n\u003Cli>Popup Login Box if user not logged. \u003C\u002Fli>\n\u003Cli>Current like Marker for logged in user Like\u002FUnlike.\u003C\u002Fli>\n\u003Cli>Unique Like Count, if user Liked will not able to Like again on same post.\u003C\u002Fli>\n\u003C\u002Ful>\n","Facebook Style like button for WordPress with like count and user thumbnails.",10,3064,20,"2015-06-09T06:18:00.000Z","4.2.39","3.5",[22,23,93,94,75],"post-vote","wordpress-vote","http:\u002F\u002Fkentothemes.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkento-like-post.1.1.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":115,"download_link":116,"security_score":58,"vuln_count":49,"unpatched_count":11,"last_vuln_date":117,"fetched_at":59},"contact-form-7","Contact Form 7","6.1.5","Rock Lobster Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Frocklobsterinc\u002F","\u003Cp>Contact Form 7 is a plugin designed to be a practical tool for all WordPress users who embrace the philosophy of free and open source software. It employs sophisticatedly modularized architecture and its original \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Fschema-woven-validation\u002F\" rel=\"nofollow ugc\">Schema-Woven Validation\u003C\u002Fa> technology.\u003C\u002Fp>\n\u003Ch4>Docs and support\u003C\u002Fh4>\n\u003Cp>You can find \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">docs\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa> and more detailed information about Contact Form 7 on \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002F\" rel=\"nofollow ugc\">contactform7.com\u003C\u002Fa>. When you cannot find the answer to your question on the FAQ or in any of the documentation, check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcontact-form-7\u002F\" rel=\"ugc\">support forum\u003C\u002Fa> on WordPress.org. If you cannot locate any topics that pertain to your particular issue, post a new topic for it.\u003C\u002Fp>\n\u003Ch4>Contact Form 7 needs your support\u003C\u002Fh4>\n\u003Cp>It is hard to continue to maintain this plugin without support from users like you. There are several ways for you to \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Fcontributing\u002F\" rel=\"nofollow ugc\">contribute to the project\u003C\u002Fa>: testing, coding, translating it into your local languages, helping other users, financial donations, etc, etc. We equally welcome you regardless of the way you contribute.\u003C\u002Fp>\n\u003Ch4>Privacy notices\u003C\u002Fh4>\n\u003Cp>With the default configuration, this plugin, in itself, does not:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>track users by stealth;\u003C\u002Fli>\n\u003Cli>write any user personal data to the database;\u003C\u002Fli>\n\u003Cli>send any data to external servers;\u003C\u002Fli>\n\u003Cli>use cookies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you activate certain features in this plugin, the contact form submitter’s personal data, including their IP address, may be sent to the service provider. Thus, confirming the provider’s privacy policy is recommended. These features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>reCAPTCHA (\u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002F?hl=en\" rel=\"nofollow ugc\">Google\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Akismet (\u003Ca href=\"https:\u002F\u002Fautomattic.com\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Automattic\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.constantcontact.com\u002Flegal\u002Fprivacy-center\" rel=\"nofollow ugc\">Constant Contact\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.brevo.com\u002Flegal\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Brevo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fstripe.com\u002Fprivacy\" rel=\"nofollow ugc\">Stripe\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Turnstile (\u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fturnstile-privacy-policy\u002F\" rel=\"nofollow ugc\">Cloudflare\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n","Just another contact form plugin. Simple but flexible.",10000000,411657681,80,2161,"2026-02-08T09:32:00.000Z","6.9.4","6.7","7.4",[21,114],"schema-woven-validation","https:\u002F\u002Fcontactform7.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7.6.1.5.zip","2025-04-15 16:56:22",{"slug":119,"name":120,"version":18,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":110,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":137,"download_link":138,"security_score":139,"vuln_count":70,"unpatched_count":11,"last_vuln_date":140,"fetched_at":59},"akismet","Akismet Anti-spam: Spam Protection","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.\u003C\u002Fp>\n\u003Cp>Akismet checks your comments and contact form submissions against our global database of spam to prevent your site from publishing malicious content. You can review the comment spam it catches on your blog’s “Comments” admin screen.\u003C\u002Fp>\n\u003Cp>Major features in Akismet include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically checks all comments and filters out the ones that look like spam.\u003C\u002Fli>\n\u003Cli>Each comment has a status history, so you can easily see which comments were caught or cleared by Akismet and which were spammed or unspammed by a moderator.\u003C\u002Fli>\n\u003Cli>URLs are shown in the comment body to reveal hidden or misleading links.\u003C\u002Fli>\n\u003Cli>Moderators can see the number of approved comments for each user.\u003C\u002Fli>\n\u003Cli>A discard feature that outright blocks the worst spam, saving you disk space and speeding up your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PS: You’ll be prompted to get an Akismet.com API key to use it, once activated. Keys are free for personal blogs; paid subscriptions are available for businesses and commercial sites.\u003C\u002Fp>\n","The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.",6000000,387141886,94,1176,"2025-11-12T16:31:00.000Z","5.8","7.2",[133,134,135,21,136],"anti-spam","antispam","comments","spam","https:\u002F\u002Fakismet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fakismet.5.6.zip",99,"2015-10-13 00:00:00",{"attackSurface":142,"codeSignals":263,"taintFlows":351,"riskAssessment":376,"analyzedAt":393},{"hooks":143,"ajaxHandlers":236,"restRoutes":248,"shortcodes":249,"cronEvents":260,"entryPointCount":261,"unprotectedCount":262},[144,150,153,158,163,167,171,176,179,182,185,189,191,194,198,201,205,208,212,215,219,223,227,232],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_menu","codechief_save_role","base\\Admin\\AddNewUserRolesAndPermission.php",22,{"type":145,"name":146,"callback":151,"file":152,"line":88},"add_menu_page","base\\Admin\\AllOptionsPageForm.php",{"type":145,"name":154,"callback":155,"file":156,"line":157},"the_content","codechief_author_info_box","base\\Admin\\AuthorBoxAfterContent.php",32,{"type":145,"name":159,"callback":160,"file":161,"line":162},"admin_init","codechief_script_loaded","base\\Admin\\AuthorProfileWidget.php",28,{"type":145,"name":164,"callback":165,"file":161,"line":166},"widgets_init","codechief_author_box",168,{"type":145,"name":159,"callback":168,"file":169,"line":170},"codechief_load_contact_setting_data","base\\Admin\\ContactFormSettings.php",16,{"type":172,"name":173,"callback":174,"file":175,"line":68},"filter","auto_update_plugin","__return_false","base\\Admin\\ExtraSettings.php",{"type":172,"name":177,"callback":174,"file":175,"line":178},"auto_update_theme",52,{"type":172,"name":180,"callback":174,"priority":86,"file":175,"line":181},"comments_open",71,{"type":172,"name":183,"callback":174,"priority":88,"file":175,"line":184},"pings_open",72,{"type":172,"name":186,"callback":187,"priority":86,"file":175,"line":188},"comments_array","__return_empty_array",78,{"type":145,"name":146,"callback":190,"file":175,"line":27},"codechief_remove_comment_menu_from_admin_panel",{"type":145,"name":159,"callback":192,"file":193,"line":170},"codechief_manage_auto_update","base\\Admin\\ExtraSettingsPage.php",{"type":145,"name":159,"callback":195,"file":196,"line":197},"codechief_manage_settings_page","base\\Admin\\LikeButtonSettingPage.php",23,{"type":145,"name":159,"callback":199,"file":200,"line":170},"codechief_manage_options_email_page","base\\Admin\\SendEmailToAuthorPage.php",{"type":145,"name":202,"callback":203,"file":204,"line":86},"publish_post","CodechiefSendMailToAuthorAfterPublishingPost","base\\Admin\\SendMailToAuthorAfterPublishPost.php",{"type":172,"name":154,"callback":206,"file":207,"line":170},"add_like_button_after_post_content","base\\Admin\\ShowLikeButtonAfterPostPage.php",{"type":145,"name":159,"callback":209,"file":210,"line":211},"codechief_user_profile_options","base\\Admin\\UserProfileOptionsPage.php",17,{"type":145,"name":159,"callback":213,"file":214,"line":211},"codechief_add_new_user_role_permissions","base\\Admin\\UserRoleAndCapabilitiesPage.php",{"type":145,"name":216,"callback":217,"file":218,"line":88},"admin_enqueue_scripts","codechief_backend_register_styles","base\\Enqueue\\LoadFrontendAndAdminScript.php",{"type":145,"name":220,"callback":221,"file":218,"line":222},"wp_enqueue_scripts","codechief_frontend_register_styles",31,{"type":145,"name":159,"callback":224,"file":225,"line":226},"codechief_redirect_after_installation","base\\Plugin\\PluginActivated.php",13,{"type":172,"name":228,"callback":229,"file":230,"line":231},"theme_page_templates","codechief_custom_template","base\\Template\\LoadTemplate.php",55,{"type":172,"name":233,"callback":234,"file":230,"line":235},"template_include","codechief_load_template",56,[237,241,244,247],{"action":238,"nopriv":239,"callback":238,"hasNonce":239,"hasCapCheck":239,"file":240,"line":170},"codechief_like_ajax_post_request",false,"base\\Ajax\\AjaxServiceProvider.php",{"action":238,"nopriv":242,"callback":238,"hasNonce":239,"hasCapCheck":239,"file":240,"line":243},true,21,{"action":245,"nopriv":239,"callback":245,"hasNonce":239,"hasCapCheck":239,"file":240,"line":246},"codechief_submit_contact_form_request",26,{"action":245,"nopriv":242,"callback":245,"hasNonce":239,"hasCapCheck":239,"file":240,"line":222},[],[250,254,257],{"tag":251,"callback":252,"file":230,"line":253},"codechief_contact","codechief_contact_page",57,{"tag":255,"callback":252,"file":230,"line":256},"codechief_guestpost",58,{"tag":255,"callback":258,"file":230,"line":259},"codechief_guest_post_page",77,[],7,4,{"dangerousFunctions":264,"sqlUsage":265,"outputEscaping":272,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":350},[],{"prepared":14,"raw":70,"locations":266},[267,269],{"file":240,"line":231,"context":268},"$wpdb->get_var() with variable interpolation",{"file":240,"line":270,"context":271},101,"$wpdb->get_results() with variable interpolation",{"escaped":13,"rawEcho":273,"locations":274},41,[275,278,280,281,282,284,286,288,290,292,294,295,296,297,299,301,303,305,307,309,311,313,315,317,319,321,323,325,327,329,331,332,334,336,337,339,340,342,344,346,348],{"file":161,"line":276,"context":277},48,"raw output",{"file":161,"line":279,"context":277},49,{"file":161,"line":235,"context":277},{"file":161,"line":235,"context":277},{"file":161,"line":283,"context":277},69,{"file":161,"line":285,"context":277},70,{"file":161,"line":287,"context":277},81,{"file":161,"line":289,"context":277},82,{"file":161,"line":291,"context":277},88,{"file":161,"line":293,"context":277},90,{"file":161,"line":293,"context":277},{"file":161,"line":139,"context":277},{"file":161,"line":13,"context":277},{"file":161,"line":298,"context":277},110,{"file":161,"line":300,"context":277},111,{"file":161,"line":302,"context":277},121,{"file":161,"line":304,"context":277},122,{"file":169,"line":306,"context":277},102,{"file":169,"line":308,"context":277},113,{"file":193,"line":310,"context":277},146,{"file":193,"line":312,"context":277},158,{"file":193,"line":314,"context":277},169,{"file":193,"line":316,"context":277},180,{"file":193,"line":318,"context":277},191,{"file":196,"line":320,"context":277},149,{"file":196,"line":322,"context":277},163,{"file":196,"line":324,"context":277},176,{"file":196,"line":326,"context":277},190,{"file":196,"line":328,"context":277},203,{"file":196,"line":330,"context":277},216,{"file":200,"line":291,"context":277},{"file":207,"line":333,"context":277},39,{"file":210,"line":335,"context":277},87,{"file":210,"line":48,"context":277},{"file":214,"line":338,"context":277},156,{"file":214,"line":322,"context":277},{"file":214,"line":341,"context":277},174,{"file":214,"line":343,"context":277},186,{"file":214,"line":345,"context":277},198,{"file":214,"line":347,"context":277},209,{"file":349,"line":246,"context":277},"base\\Pages\\contact.php",[],[352,368],{"entryPoint":353,"graph":354,"unsanitizedCount":14,"severity":367},"codechief_like_ajax_post_request (base\\Ajax\\AjaxServiceProvider.php:44)",{"nodes":355,"edges":365},[356,360],{"id":357,"type":358,"label":359,"file":240,"line":178},"n0","source","$_POST",{"id":361,"type":362,"label":363,"file":240,"line":231,"wp_function":364},"n1","sink","get_var() [SQLi]","get_var",[366],{"from":357,"to":361,"sanitized":239},"high",{"entryPoint":369,"graph":370,"unsanitizedCount":14,"severity":367},"\u003CAjaxServiceProvider> (base\\Ajax\\AjaxServiceProvider.php:0)",{"nodes":371,"edges":374},[372,373],{"id":357,"type":358,"label":359,"file":240,"line":178},{"id":361,"type":362,"label":363,"file":240,"line":231,"wp_function":364},[375],{"from":357,"to":361,"sanitized":239},{"summary":377,"deductions":378},"The \"codechief\" plugin v1.0.4 exhibits a concerning security posture due to a significant number of unprotected entry points. While the plugin avoids the use of dangerous functions, file operations, and external HTTP requests, its static analysis reveals 4 out of 7 total entry points (AJAX handlers) lack authentication checks. This directly exposes these handlers to unauthorized access and potential exploitation. The taint analysis further exacerbates these concerns, indicating 2 flows with unsanitized paths classified as high severity. This suggests that user-supplied data is not being properly validated or neutralized before being used in potentially sensitive operations.\n\nThe plugin's vulnerability history is currently clean, with no recorded CVEs. This is a positive indicator and suggests a lack of previously discovered exploitable flaws. However, this absence of historical issues should not be mistaken for inherent security. The presence of high-severity taint flows and a large number of unprotected AJAX handlers are immediate, actionable risks that need to be addressed regardless of past vulnerability records. In conclusion, while the plugin has some strengths in avoiding certain risky coding practices, the critical weaknesses in authentication for its AJAX handlers and the high-severity unsanitized taint flows present a substantial risk that requires immediate attention.",[379,381,384,387,389,391],{"reason":380,"points":86},"AJAX handlers without auth checks",{"reason":382,"points":383},"High severity taint flows",15,{"reason":385,"points":386},"SQL queries without prepared statements",5,{"reason":388,"points":386},"Output escaping below 80%",{"reason":390,"points":86},"Missing nonce checks",{"reason":392,"points":86},"Missing capability checks","2026-03-17T06:46:29.516Z",{"wat":395,"direct":401},{"assetPaths":396,"generatorPatterns":398,"scriptPaths":399,"versionParams":400},[397],"\u002Fwp-content\u002Fplugins\u002Fcodechief\u002Fassets\u002Fcustom.js",[],[397],[],{"cssClasses":402,"htmlComments":405,"htmlAttributes":406,"restEndpoints":408,"jsGlobals":409,"shortcodeOutput":411},[403,404],"image_er_link","image_show",[],[407],"data-codechief",[],[410,5],"custom-js",[],{"error":242,"url":413,"statusCode":414,"statusMessage":415,"message":415},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcodechief\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":417},[]]