[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYWP041Wa8tTMCu2My5lC15ir9aPPAHroz2yj0WZBqww":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":46,"crawl_stats":36,"alternatives":50,"analysis":133,"fingerprints":210},"comicbookmanagementsystemweeklypicks","Comic Book Management System","2.2.0","Inksplat Web Design & Development","https:\u002F\u002Fprofiles.wordpress.org\u002Finksplat\u002F","\u003Cp>Comic Book Management System Weekly Picks allows user to display seven comic book, picks of the week in an animated display. Designed for for use with blogs, reviews sites and stores.\u003C\u002Fp>\n\u003Cp>Major features in Comic Book Management System include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add your seven picks of the week for display on your website\u003C\u002Fli>\n\u003Cli>Your chosen books move in an animated display \u003C\u002Fli>\n\u003Cli>The display is responsive to and adjusts to fit in any space you place it\u003C\u002Fli>\n\u003C\u002Ful>\n","Comic Book Management System Weekly Picks allows users to display seven comic book, picks of the week in an animated display.",10,1373,0,"2023-04-15T16:25:00.000Z","6.2.9","4.0","",[19,20,21,22,23],"comic-book-management-system-weekly-picks","comic-books","comics","ncbd","weekly-picks","https:\u002F\u002Fwww.inksplat.ie\u002Fcomic-book-management-system-weekly-picks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomicbookmanagementsystemweeklypicks.zip",83,1,"2022-11-14 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2022-3856","comic-book-management-system-authenticated-administrator-sql-injection","Comic Book Management System \u003C 2.2.0 - Authenticated (Administrator+) SQL Injection","The Comic Book Management System plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 2.2.0 due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level privileges or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C2.2.0","critical",9.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2024-01-22 19:56:02",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7c387a20-47dd-42d9-bf22-a28c613c5bde?source=api-prod",435,{"slug":47,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":45,"trust_score":48,"computed_at":49},"inksplat",67,"2026-04-04T21:02:32.783Z",[51,75,96,114],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":17,"tags":66,"homepage":72,"download_link":73,"security_score":74,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"cp2ce","ComicPress to Comic Easel Migrator","1.8","Frumph","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrumph\u002F","\u003Cp>This migrator plugin converts regular post type categories to the Comic Post type and attach images that correspond to the dates of the posts from the comics directory.\u003C\u002Fp>\n","Will convert Comic Categories from ComicPress and turn them into Comic Post Types for Comic Easel",300,11604,80,2,"2014-04-17T02:01:00.000Z","3.9.40","3.5",[67,68,69,70,71],"comic","comiceasel","easel","webcomic","webcomics","http:\u002F\u002Ffrumph.net\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcp2ce.zip",85,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":93,"download_link":94,"security_score":95,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"mangapress","Manga+Press Comic Manager","3.1.0","Jess","https:\u002F\u002Fprofiles.wordpress.org\u002Fardathksheyna\u002F","\u003Cp>Manga+Press is a webcomic management system for WordPress. Manga+Press uses WordPress posts, pages and categories to help you keep track of your comic posts. Manga+Press also includes its own custom template tags to help make creating themes easier.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>(c) 2008-2024 Jessica C. Green\u003C\u002Fp>\n\u003Cp>Found a bug? Or did you find a bug and figure out a fix? Visit http:\u002F\u002Fwww.manga-press.com\u002Fsupport\u002F. Please include screenshots, WordPress version, a list of any other plugins you might have installed, or code (if you figured out a fix). Be as detailed as possible.\u003C\u002Fp>\n\u003Cp>For updates, you can visit http:\u002F\u002Fwww.manga-press.com\u002F\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\u003C\u002Fp>\n","Manga+Press is a webcomic management system for WordPress.",100,28736,88,5,"2024-12-22T16:40:00.000Z","6.7.5","6.4","7.4",[92,21,71],"art","http:\u002F\u002Fwww.manga-press.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmangapress.3.1.0.zip",92,{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":11,"downloaded":104,"rating":83,"num_ratings":62,"last_updated":105,"tested_up_to":17,"requires_at_least":106,"requires_php":17,"tags":107,"homepage":112,"download_link":113,"security_score":74,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"kommiku","Kommiku","2.3","Anraiki","https:\u002F\u002Fprofiles.wordpress.org\u002Fanraiki\u002F","\u003Cp>A Online Media viewer. A plug-in that creates pages that can be used as a Manga, Comic, Movie, or Novel Viewer or a Portfolio. To simply put, Kommiku aims to be the ultimate media viewer.\u003C\u002Fp>\n\u003Ch4>Will not work on Windows Server!\u003C\u002Fh4>\n\u003Cp>Main Support site: http:\u002F\u002Fthetosho.com\u002F\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Credit\u003Cbr \u002F>\n(c) 2008-2011 Henry Tran\u003C\u002Fp>\n\u003Cp>Many thanks to Ngallery for sharing their code.\u003Cbr \u002F>\nAnd many other plugins as well.\u003C\u002Fp>\n\u003Cp>If you run into a bug (I am calling them kittens), report them to me. I will take care of them!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Language: English, Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Demo sites: \u003Ca href=\"http:\u002F\u002Fthetosho.com\u002F\" title=\"Anime, Manga, and Comic Library\" rel=\"nofollow ugc\">The Tosho\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Feslend.com\u002F\" title=\"Eslend: a web-manga | a web-comic\" rel=\"nofollow ugc\">Eslend\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Feclipse-scans.net\u002Feso\u002F\" title=\"Eclipse Scanlators\" rel=\"nofollow ugc\">Eclipse Scanlation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Stuck? Need further assistance? Have a Question? Want to do something Advance? Check out the \u003Ca href=\"http:\u002F\u002Fdotspiral.com\u002Fwiki\u002Findex.php?title=Main_Page\" title=\"Kommiku Wiki\" rel=\"nofollow ugc\">Wiki\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Fastest way to get support, email me!\u003Cbr \u002F>\nAnri.tora [@] gmail.com\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=GJ4QR9D5NPHQN\" rel=\"nofollow ugc\">Donate by Paypal\u003C\u002Fa>:\u003Cbr \u002F>\nAnraiki [@] gmail.com\u003C\u002Fp>\n\u003Cp>Want to listen to my Whining?\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fanraiki\" rel=\"nofollow ugc\">Follow me on Twitter\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Fastest way to get support, email me!\u003Cbr \u002F>\nAnri.tora [@] gmail.com\u003C\u002Fp>\n","A Online Media viewer. A plug-in that creates pages that can be used as a Manga, Comic, Movie, or Novel Viewer or a Portfolio.",11902,"2012-07-24T04:18:00.000Z","2.5",[21,108,109,110,111],"illustrations","manga","one-manga","stories","http:\u002F\u002Fdotspiral.com\u002Fkommiku\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkommiku.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":11,"downloaded":122,"rating":13,"num_ratings":13,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":17,"tags":126,"homepage":131,"download_link":132,"security_score":74,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"tides","Tides","1.0","theartifice","https:\u002F\u002Fprofiles.wordpress.org\u002Ftheartifice\u002F","\u003Cp>Do you publish posts about Anime, Film, TV, Animation, Manga, Comics, Games, Literature, Arts, or Writing?\u003C\u002Fp>\n\u003Cp>Whenever you publish a post, you will receive a reference code that you can use to submit it to The Artifice Tides.\u003C\u002Fp>\n\u003Cp>Once your post has been submitted to Tides, it will be available to a widespread audience.\u003C\u002Fp>\n\u003Cp>Everything is completely free.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n","Do you publish posts about Anime, Film, Animation, Manga, Comics, Games, Literature, Arts, or Writing? Submit to Tides to expand your readership.",1552,"2015-09-06T16:34:00.000Z","4.3.34","3.0.1",[127,21,128,129,130],"anime","exposure","film","marketing","http:\u002F\u002Fthe-artifice.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftides.zip",{"attackSurface":134,"codeSignals":156,"taintFlows":194,"riskAssessment":195,"analyzedAt":209},{"hooks":135,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":155,"entryPointCount":27,"unprotectedCount":13},[136,141,145],{"type":137,"name":138,"callback":139,"file":140,"line":86},"action","admin_enqueue_scripts","enqueueAdmin","class.cbms_weekly_picks_admin_panel.php",{"type":137,"name":142,"callback":143,"file":140,"line":144},"wp_enqueue_scripts","enqueue",6,{"type":137,"name":146,"callback":147,"file":140,"line":148},"admin_menu","cbms_weeklypicks_AdminMenu",7,[],[],[152],{"tag":153,"callback":153,"file":140,"line":154},"display_weekly_picks",144,[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":171,"fileOperations":27,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":193},[],{"prepared":13,"raw":159,"locations":160},4,[161,165,167,169],{"file":162,"line":163,"context":164},"class.cbms_weekly_picks.php",93,"$wpdb->get_results() with variable interpolation",{"file":162,"line":166,"context":164},122,{"file":162,"line":168,"context":164},145,{"file":170,"line":86,"context":164},"includes\\cbms_display_weekly_picks.php",{"escaped":159,"rawEcho":172,"locations":173},9,[174,177,178,179,181,183,185,188,190],{"file":170,"line":175,"context":176},39,"raw output",{"file":170,"line":175,"context":176},{"file":170,"line":175,"context":176},{"file":180,"line":11,"context":176},"includes\\cbms_weeklypicks_add.php",{"file":180,"line":182,"context":176},11,{"file":180,"line":184,"context":176},15,{"file":186,"line":187,"context":176},"includes\\cbms_weeklypicks_admin.php",16,{"file":186,"line":189,"context":176},18,{"file":191,"line":192,"context":176},"includes\\cbms_weeklypicks_header.php",14,[],[],{"summary":196,"deductions":197},"The plugin \"comicbookmanagementsystemweeklypicks\" v2.2.0 exhibits a concerning security posture despite a relatively small attack surface.  While there are no identified AJAX handlers or REST API routes without authentication, and no taint analysis revealed critical or high severity issues, the static analysis flags significant weaknesses. The complete lack of prepared statements for SQL queries is a major red flag, suggesting a high likelihood of SQL injection vulnerabilities. Furthermore, the low percentage of properly escaped output indicates potential for Cross-Site Scripting (XSS) attacks.  The vulnerability history, featuring one critical CVE for SQL injection, reinforces these concerns and suggests a pattern of insecure coding practices related to database interactions. The absence of nonce and capability checks on its single shortcode is also a notable oversight that could be exploited.",[198,200,203,205,207],{"reason":199,"points":184},"All SQL queries lack prepared statements",{"reason":201,"points":202},"Only 31% of output is properly escaped",8,{"reason":204,"points":148},"No nonce checks on entry points",{"reason":206,"points":148},"No capability checks on entry points",{"reason":208,"points":189},"1 critical CVE historically","2026-03-17T00:57:14.279Z",{"wat":211,"direct":223},{"assetPaths":212,"generatorPatterns":217,"scriptPaths":218,"versionParams":219},[213,214,215,216],"\u002Fwp-content\u002Fplugins\u002Fcomicbookmanagementsystemweeklypicks\u002Fcss\u002Fcbms_weeklypicks_admin.css","\u002Fwp-content\u002Fplugins\u002Fcomicbookmanagementsystemweeklypicks\u002Fjs\u002Fcbms_weeklypicks.js","\u002Fwp-content\u002Fplugins\u002Fcomicbookmanagementsystemweeklypicks\u002Fcss\u002Fcbms_weeklypicks.css","\u002Fwp-content\u002Fplugins\u002Fcomicbookmanagementsystemweeklypicks\u002Fimg\u002Ficon.png",[],[214],[220,221,222],"comicbookmanagementsystemweeklypicks\u002Fcss\u002Fcbms_weeklypicks_admin.css?ver=","comicbookmanagementsystemweeklypicks\u002Fjs\u002Fcbms_weeklypicks.js?ver=","comicbookmanagementsystemweeklypicks\u002Fcss\u002Fcbms_weeklypicks.css?ver=",{"cssClasses":224,"htmlComments":225,"htmlAttributes":226,"restEndpoints":227,"jsGlobals":228,"shortcodeOutput":229},[],[],[],[],[],[230],"[display_weekly_picks]"]