[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuPv5-fsQ0jPzwlQk5Jtg_vd_TwINaTb53vn-3IqPNus":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":59,"fingerprints":122},"contact-form-db-for-enfold","Contact Form DB for Enfold","2.0.2","doit","https:\u002F\u002Fprofiles.wordpress.org\u002Fdoctorwp\u002F","\u003Cp>Save the information compiled by the users of your website on Enfold Contact Forms. You will easily find it in a simple info panel.\u003C\u002Fp>\n","Save All Contact from Enfold Module Contact in DB",700,3916,100,2,"2019-11-21T10:00:00.000Z","5.2.24","4.8","7.1.16",[20,21,22,23],"enfold","enfold-by-kriesi","enfold-contact-form","enfold-module-contact","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-db-for-enfold.2.0.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"doctorwp",3,1100,71,30,74,"2026-04-04T18:31:44.787Z",[40],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":27,"num_ratings":27,"last_updated":50,"tested_up_to":16,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":24,"download_link":58,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"enfold-logo-per-page","Enfold logo per page","1.0","amitk06","https:\u002F\u002Fprofiles.wordpress.org\u002Famitk06\u002F","\u003Cp>This plugin useful for display different logo for different page (only for enfold theme)\u003C\u002Fp>\n","This plugin useful for display different logo for different page (only for enfold theme)",10,1193,"2019-06-17T05:37:00.000Z","4.4","5.6",[54,20,55,56,57],"display-logo","enfold-logo","logo","page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenfold-logo-per-page.zip",{"attackSurface":60,"codeSignals":81,"taintFlows":109,"riskAssessment":110,"analyzedAt":121},{"hooks":61,"ajaxHandlers":77,"restRoutes":78,"shortcodes":79,"cronEvents":80,"entryPointCount":27,"unprotectedCount":27},[62,68,72],{"type":63,"name":64,"callback":65,"file":66,"line":67},"action","plugins_loaded","ecf_load_textdomain","enfold-contact-form.php",15,{"type":63,"name":69,"callback":70,"file":66,"line":71},"admin_menu","ecf_add_option_page",55,{"type":73,"name":74,"callback":75,"priority":48,"file":66,"line":76},"filter","avf_form_send","ecf_saveFormData",59,[],[],[],[],{"dangerousFunctions":82,"sqlUsage":83,"outputEscaping":98,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":108},[],{"prepared":27,"raw":84,"locations":85},5,[86,90,93,95,97],{"file":87,"line":88,"context":89},"admin\\EnfoldListDb.php",8,"$wpdb->get_results() with variable interpolation",{"file":66,"line":91,"context":92},23,"$wpdb->get_var() with variable interpolation",{"file":66,"line":94,"context":89},25,{"file":66,"line":96,"context":89},39,{"file":66,"line":26,"context":89},{"escaped":27,"rawEcho":33,"locations":99},[100,104,106],{"file":101,"line":102,"context":103},"admin\\ecf_index.php",24,"raw output",{"file":101,"line":105,"context":103},31,{"file":101,"line":107,"context":103},35,[],[],{"summary":111,"deductions":112},"The static analysis of contact-form-db-for-enfold v2.0.2 reveals a generally positive security posture, with no direct vulnerabilities identified in the attack surface, dangerous functions, file operations, or external HTTP requests.  Furthermore, the vulnerability history shows no previously recorded CVEs, indicating a potentially stable and well-maintained codebase.\n\nHowever, significant concerns arise from the SQL query handling and output escaping.  The analysis indicates that 100% of the SQL queries are not using prepared statements, which presents a high risk of SQL injection vulnerabilities.  Additionally, none of the identified output points are properly escaped, leaving the plugin susceptible to Cross-Site Scripting (XSS) attacks. The absence of nonce and capability checks across the board, though not directly exploitable due to the lack of entry points in this specific analysis, points to a potential weakness if new AJAX handlers or REST API routes were to be introduced without proper security measures.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and a minimal attack surface in this version, the critical lack of prepared statements for SQL queries and proper output escaping are significant security weaknesses that require immediate attention to mitigate the risk of severe exploitation.",[113,115,117,119],{"reason":114,"points":48},"SQL queries without prepared statements",{"reason":116,"points":88},"Output not properly escaped",{"reason":118,"points":84},"No nonce checks",{"reason":120,"points":84},"No capability checks","2026-03-16T19:21:59.372Z",{"wat":123,"direct":132},{"assetPaths":124,"generatorPatterns":127,"scriptPaths":128,"versionParams":129},[125,126],"\u002Fwp-content\u002Fplugins\u002Fcontact-form-db-for-enfold\u002Fadmin\u002Fjs\u002Fecf_scripts.js","\u002Fwp-content\u002Fplugins\u002Fcontact-form-db-for-enfold\u002Fadmin\u002Fcss\u002Fecf_style.css",[],[125],[130,131],"contact-form-db-for-enfold\u002Fadmin\u002Fjs\u002Fecf_scripts.js?ver=","contact-form-db-for-enfold\u002Fadmin\u002Fcss\u002Fecf_style.css?ver=",{"cssClasses":133,"htmlComments":134,"htmlAttributes":136,"restEndpoints":137,"jsGlobals":138,"shortcodeOutput":139},[],[135],"\u003C!-- @deactivated_plugin -->",[],[],[],[]]