[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvDbvVTsg97-VV_AK5lbYsINX-qwmtAX0GSHlQEBiZw8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":131,"fingerprints":288},"content-api","Content API","1.1.0","Poly Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fpolyplugins\u002F","\u003Cp>Content API offers a powerful and flexible solution for managing your site’s posts, products, SEO settings, and more through custom endpoints. By creating tailored REST API endpoints, the plugin enables you to perform actions such as updating product attributes, managing content, and even optimizing SEO all from external systems or custom-built applications.\u003C\u002Fp>\n\u003Cp>Whether you’re managing an eCommerce store, handling content on a blog, or controlling SEO configurations, this plugin provides the tools to do it efficiently. The custom API endpoints support secure, token-based authentication to ensure only authorized users can interact with your WordPress site.\u003C\u002Fp>\n\u003Cp>With features like bulk updates for product attributes, streamlined content management, and simplified SEO configurations, this plugin enhances the flexibility and automation of your WordPress site, making it easier to integrate with third-party tools and manage everything from a centralized platform.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.polyplugins.com\u002Fdocs\u002Fcontent-api\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create new posts\u003C\u002Fli>\n\u003Cli>Fetch products\u003C\u002Fli>\n\u003Cli>Update products\u003C\u002Fli>\n\u003Cli>Fetch attributes\u003C\u002Fli>\n\u003Cli>Update attributes\u003C\u002Fli>\n\u003Cli>Fetch terms\u003C\u002Fli>\n\u003Cli>Update terms\u003C\u002Fli>\n\u003Cli>Capability to add Yoast title, description, social titles, social descriptions, and social images when adding a post or updating a product\u003C\u002Fli>\n\u003Cli>Secure access through API tokens for authentication\u003C\u002Fli>\n\u003Cli>Admin page to manage the plugin settings, including the API token\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>GDPR\u003C\u002Fh3>\n\u003Cp>We are not lawyers and always recommend doing your own compliance research into third party plugins, libraries, ect, as we’ve seen other plugins not be in compliance with these regulations.\u003C\u002Fp>\n\u003Cp>This plugin uses the Bootstrap, BootStrap Icons, and SweetAlert2 3rd party libraries. These libraries are loaded locally to be compliant with data protection regulations.\u003C\u002Fp>\n\u003Cp>This plugin collects and stores certain data on your server to ensure proper functionality. This includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Storing plugin settings\u003C\u002Fli>\n\u003Cli>Remembering which notices have been dismissed\u003C\u002Fli>\n\u003C\u002Ful>\n","Manage posts, products, SEO, and more via custom WordPress endpoints.",10,892,0,"2026-01-18T03:42:00.000Z","6.8.5","6.5","7.4",[19,20,4,21,22],"api","content","creative","rest-api","https:\u002F\u002Fwww.polyplugins.com\u002Fcontact\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-api.1.1.0.zip",100,null,"2026-03-15T14:54:45.397Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"polyplugins",9,320,98,30,93,"2026-04-04T09:18:32.688Z",[38,61,80,95,114],{"slug":39,"name":40,"version":41,"author":40,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":25,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"automatik-blog","Automatik Blog","1.0.3","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomatik\u002F","\u003Cp>Automatik Blog plugin extends the WordPress REST API by providing custom endpoints for publishing articles, updating posts, uploading images, and managing categories. It is designed to facilitate integration between WordPress and the Automatik Blog application, allowing seamless content management and automated publishing of SEO-optimized articles.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Publish articles via custom REST API endpoints.\u003C\u002Fli>\n\u003Cli>Update existing posts and pages.\u003C\u002Fli>\n\u003Cli>Upload and manage images.\u003C\u002Fli>\n\u003Cli>Create and manage categories.\u003C\u002Fli>\n\u003Cli>Retrieve posts, pages, authors, tags, and categories.\u003C\u002Fli>\n\u003Cli>Secure API access with unique authorization codes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003C\u002Fp>\n\u003Cp>Copyright (C) 2024 Automatik Blog\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License, or any later version.\u003C\u002Fp>\n","A plugin for integration with Automatik Blog, allowing automated publishing of SEO-optimized articles via REST API.",1000,4404,1,"2025-03-02T20:11:00.000Z","6.7.5","5.0","7.0",[53,54,55,56,22],"articles","categories","content-publishing","images","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatik-blog.zip",92,"2026-03-15T15:16:48.613Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":25,"num_ratings":71,"last_updated":72,"tested_up_to":51,"requires_at_least":50,"requires_php":17,"tags":73,"homepage":78,"download_link":79,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"wpraiz-content-api-tool","WPRaiz Content API Tool","2.0.0","José Ícaro - WPRaiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fzeicaro\u002F","\u003Cp>\u003Cstrong>WPRaiz Content API Tool\u003C\u002Fstrong> turns your WordPress site into a powerful content API. Create posts, manage categories, generate AI content, and connect AI agents — all via REST API or Model Context Protocol (MCP).\u003C\u002Fp>\n\u003Ch4>What You Can Do\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Create & Update Posts\u003C\u002Fstrong> — Full control over title, content, status, categories, tags, excerpt, featured images, and custom meta fields via REST API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Creation\u003C\u002Fstrong> — Create up to 50 posts in a single request (Pro).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Content Generation\u003C\u002Fstrong> — Generate full articles from a topic using Claude or OpenAI with your own API keys (Pro).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Rewrite\u003C\u002Fstrong> — Improve SEO, fix grammar, change tone, expand, or summarize existing posts (Pro).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-SEO\u003C\u002Fstrong> — Automatically generate SEO titles and meta descriptions when not provided. Supports SEOPress, Yoast SEO, and Rank Math.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MCP Server\u003C\u002Fstrong> — Connect AI agents (Claude Desktop, Cursor, Windsurf) directly to your site via Model Context Protocol.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Similar Post Search\u003C\u002Fstrong> — Find duplicate or related content using intelligent Levenshtein-based scoring.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Webhooks\u003C\u002Fstrong> — Get notified when posts are created or bulk operations complete, with HMAC signature verification.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JWT Authentication\u003C\u002Fstrong> — Secure token-based auth with configurable rate limiting.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free vs Pro\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Free\u003C\u002Fstrong> (this plugin):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create and update single posts via REST API\u003C\u002Fli>\n\u003Cli>Search similar posts\u003C\u002Fli>\n\u003Cli>List and manage categories\u003C\u002Fli>\n\u003Cli>JWT and Basic Auth (Application Passwords)\u003C\u002Fli>\n\u003Cli>SEO plugin auto-detection and meta writing\u003C\u002Fli>\n\u003Cli>Featured image upload from URL\u003C\u002Fli>\n\u003Cli>Rate limiting\u003C\u002Fli>\n\u003Cli>Legacy v1 endpoint compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Pro\u003C\u002Fstrong> ($49\u002Fyear at \u003Ca href=\"https:\u002F\u002Fwpraiz.com.br\u002Fpro\" rel=\"nofollow ugc\">wpraiz.com.br\u002Fpro\u003C\u002Fa>):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Everything in Free, plus:\u003C\u002Fli>\n\u003Cli>Bulk post creation (up to 50 per batch)\u003C\u002Fli>\n\u003Cli>AI content generation (BYOK — Claude or OpenAI)\u003C\u002Fli>\n\u003Cli>AI post rewriting (5 modes)\u003C\u002Fli>\n\u003Cli>Auto-SEO via AI\u003C\u002Fli>\n\u003Cli>MCP Server (HTTP + STDIO transports)\u003C\u002Fli>\n\u003Cli>Webhook notifications with HMAC signing\u003C\u002Fli>\n\u003Cli>Priority support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>MCP Server\u003C\u002Fh4>\n\u003Cp>The Model Context Protocol server lets AI agents interact with your WordPress site natively. Available via HTTP (REST API) or STDIO (WP-CLI).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Tools:\u003C\u002Fstrong> create_post, update_post, search_similar, get_categories, generate_content, rewrite_post, bulk_create\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Resources:\u003C\u002Fstrong> site-info, recent-posts, categories, content-stats, seo-config\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Prompts:\u003C\u002Fstrong> publish_seo_article, content_series, seo_audit, refresh_old_content, internal_linking\u003C\u002Fp>\n\u003Cp>Add to your \u003Ccode>claude_desktop_config.json\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>{\n    \"mcpServers\": {\n        \"wpraiz\": {\n            \"command\": \"wp\",\n            \"args\": [\"wpraiz-mcp\", \"serve\", \"--path=\u002Fpath\u002Fto\u002Fwordpress\", \"--user=1\"]\n        }\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>REST API Endpoints\u003C\u002Fh4>\n\u003Cp>Base URL: \u003Ccode>https:\u002F\u002Fyoursite.com\u002Fwp-json\u002Fwpraiz\u002Fv2\u002F\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>  Endpoint\u003Cbr \u002F>\n  Method\u003Cbr \u002F>\n  Auth\u003Cbr \u002F>\n  Tier\u003C\u002Fp>\n\u003Cp>  create-post\u003Cbr \u002F>\n  POST\u003Cbr \u002F>\n  JWT\u002FBasic\u003Cbr \u002F>\n  Free\u003C\u002Fp>\n\u003Cp>  update-post\u003Cbr \u002F>\n  POST\u003Cbr \u002F>\n  JWT\u002FBasic\u003Cbr \u002F>\n  Free\u003C\u002Fp>\n\u003Cp>  create-posts\u003Cbr \u002F>\n  POST\u003Cbr \u002F>\n  JWT\u002FBasic\u003Cbr \u002F>\n  Pro\u003C\u002Fp>\n\u003Cp>  generate-content\u003Cbr \u002F>\n  POST\u003Cbr \u002F>\n  JWT\u002FBasic\u003Cbr \u002F>\n  Pro\u003C\u002Fp>\n\u003Cp>  rewrite-post\u003Cbr \u002F>\n  POST\u003Cbr \u002F>\n  JWT\u002FBasic\u003Cbr \u002F>\n  Pro\u003C\u002Fp>\n\u003Cp>  search-similar\u003Cbr \u002F>\n  GET\u003Cbr \u002F>\n  Public\u003Cbr \u002F>\n  Free\u003C\u002Fp>\n\u003Cp>  categories\u003Cbr \u002F>\n  GET\u003Cbr \u002F>\n  Public\u003Cbr \u002F>\n  Free\u003C\u002Fp>\n\u003Cp>  check-status\u003Cbr \u002F>\n  GET\u003Cbr \u002F>\n  Public\u003Cbr \u002F>\n  Free\u003C\u002Fp>\n\u003Cp>  auth\u002Ftoken\u003Cbr \u002F>\n  POST\u003Cbr \u002F>\n  Credentials\u003Cbr \u002F>\n  Free\u003C\u002Fp>\n\u003Ch4>Authentication\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>JWT Token:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. POST to \u003Ccode>auth\u002Ftoken\u003C\u002Fcode> with \u003Ccode>username\u003C\u002Fcode> and \u003Ccode>password\u003C\u002Fcode>\u003Cbr \u002F>\n2. Use the returned token as \u003Ccode>Authorization: Bearer \u003Ctoken>\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Basic Auth:\u003C\u002Fstrong>\u003Cbr \u002F>\nUse WordPress Application Passwords with standard HTTP Basic authentication.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.8+\u003C\u002Fli>\n\u003Cli>PHP 7.4+\u003C\u002Fli>\n\u003Cli>For AI features: Claude API key or OpenAI API key\u003C\u002Fli>\n\u003Cli>For MCP STDIO: WP-CLI installed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwpraiz.com.br\" rel=\"nofollow ugc\">wpraiz.com.br\u003C\u002Fa> or open an issue on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpraiz\u002Fwpraiz-content-api-tool\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","REST API + MCP Server for WordPress. Create, update, and manage posts programmatically. AI content generation with your own API keys (BYOK).",60,1382,3,"2026-03-14T08:02:00.000Z",[74,75,76,77,22],"ai-content","claude","content-automation","mcp","https:\u002F\u002Fwpraiz.com.br","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpraiz-content-api-tool.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":13,"num_ratings":13,"last_updated":90,"tested_up_to":15,"requires_at_least":50,"requires_php":17,"tags":91,"homepage":57,"download_link":94,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"publicator-helper","Publicator Helper","4.5","Mickael","https:\u002F\u002Fprofiles.wordpress.org\u002Ftimebot\u002F","\u003Cp>Publicator Helper est un plugin WordPress qui permet de connecter votre site à Publicator.fr, une plateforme de génération automatique de contenu optimisé SEO.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Fonctionnalités principales :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Création automatique d’articles via API REST\u003C\u002Fli>\n\u003Cli>Gestion des métadonnées Yoast SEO\u003C\u002Fli>\n\u003Cli>Support des catégories WordPress\u003C\u002Fli>\n\u003Cli>Mise à jour des méta-données après publication\u003C\u002Fli>\n\u003Cli>Chargement automatique de FontAwesome pour les icônes\u003C\u002Fli>\n\u003Cli>Protection des styles CSS intégrés au contenu\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Prérequis :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress 5.0 ou supérieur\u003C\u002Fli>\n\u003Cli>Authentification par mot de passe d’application WordPress\u003C\u002Fli>\n\u003Cli>Yoast SEO (recommandé pour les métadonnées SEO)\u003C\u002Fli>\n\u003C\u002Ful>\n","Connecteur indispensable pour Publicator.fr - Générateur de contenus optimisés SEO avec IA.",20,226,"2026-02-09T09:09:00.000Z",[19,20,22,92,93],"seo","yoast","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpublicator-helper.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":11,"downloaded":103,"rating":13,"num_ratings":13,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":17,"tags":107,"homepage":112,"download_link":113,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"fetchwire","FetchWire","1.0.0","Kasirye Arthur","https:\u002F\u002Fprofiles.wordpress.org\u002Fthehopemonger\u002F","\u003Cp>FetchWire is the ultimate solution for website owners who want to aggregate and display content from other WordPress-powered sites seamlessly. Whether you’re managing a university portal, a corporate news hub, or a niche blog network, FetchWire gives you the tools to pull the latest posts from any WordPress REST API source and present them beautifully on your own site.\u003C\u002Fp>\n\u003Cp>Built specifically for Elementor, FetchWire provides a custom widget that eliminates the need for complex RSS feeds or manual content updates. Simply enter a source URL, and FetchWire handles the rest — fetching titles, featured images, excerpts, and dates in real time.\u003C\u002Fp>\n\u003Cp>Why Choose FetchWire?\u003C\u002Fp>\n\u003Cp>Universal Compatibility — Works with any WordPress site that has the REST API enabled (default in WP 4.7+)\u003C\u002Fp>\n\u003Cp>Performance First — Uses the Transients API for smart caching to keep your site fast\u003C\u002Fp>\n\u003Cp>Complete Design Freedom — Style your feed via Elementor controls\u003C\u002Fp>\n\u003Cp>Responsive by Default — Looks great on desktop, tablet, and mobile\u003C\u002Fp>\n\u003Cp>Key Features\u003C\u002Fp>\n\u003Cp>Grid layouts: 1–4 columns\u003C\u002Fp>\n\u003Cp>Force image aspect ratios (16:9, 4:3, square)\u003C\u002Fp>\n\u003Cp>Filter by category or tag ID\u003C\u002Fp>\n\u003Cp>Adjustable excerpt length\u003C\u002Fp>\n\u003Cp>Adjustable caching window (15 minutes to 24 hours)\u003C\u002Fp>\n\u003Cp>Clean, developer-friendly code\u003C\u002Fp>\n\u003Cp>Transform your site into a dynamic content hub with FetchWire—the simplest way to connect and share WordPress news.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by KasiryeLabs\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.kasiryelabs.com\u003C\u002Fp>\n","Fetch and display news from any WordPress site using a powerful, highly customizable Elementor widget.",147,"2026-01-10T06:17:00.000Z","6.9.4","5.8",[108,109,110,111,22],"content-aggregator","elementor","fetch","news","https:\u002F\u002Fwww.kasiryelabs.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffetchwire.1.0.0.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":11,"downloaded":122,"rating":13,"num_ratings":13,"last_updated":123,"tested_up_to":49,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":57,"download_link":130,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"journalai","JournalAi","1.0","matiasbarrera90","https:\u002F\u002Fprofiles.wordpress.org\u002Fmatiasbarrera90\u002F","\u003Cp>JournalAi enhances WordPress functionality by creating secure REST API endpoints for:\u003Cbr \u002F>\n– Authentication (login and token management).\u003Cbr \u002F>\n– Media uploads and image handling.\u003Cbr \u002F>\n– Blog post creation with metadata.\u003Cbr \u002F>\n– User and category data retrieval.\u003C\u002Fp>\n\u003Cp>This plugin integrates with external services to automate blog content creation using:\u003Cbr \u002F>\n1. \u003Cstrong>OpenAI API\u003C\u002Fstrong>: For generating text content.\u003Cbr \u002F>\n2. \u003Cstrong>Pexels API\u003C\u002Fstrong>: For retrieving high-quality images.\u003Cbr \u002F>\n3. \u003Cstrong>SerpAPI\u003C\u002Fstrong>: For performing Google searches.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin is designed specifically for JournalAi’s automation system and may not work independently.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following third-party services:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>OpenAI API\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Generates text-based content for blog posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: Prompts for text generation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fopenai.com\u002Fterms\" rel=\"nofollow ugc\">OpenAI Terms\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fopenai.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Pexels API\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Fetches royalty-free images for posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: Search queries for images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.pexels.com\u002Fterms-of-service\u002F\" rel=\"nofollow ugc\">Pexels Terms\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.pexels.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SerpAPI\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Performs Google searches for data enrichment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: Search queries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fserpapi.com\u002Flegal\" rel=\"nofollow ugc\">SerpAPI Terms\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fserpapi.com\u002Fsecurity\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>JournalAi.pro API\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Backend service for data handling and advanced processing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: User authentication details, blog metadata.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms\u003C\u002Fstrong>: Refer to \u003Ca href=\"https:\u002F\u002Fjournalai.pro\u002Fterms\" rel=\"nofollow ugc\">JournalAi Terms\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fjournalai.pro\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","JournalAi provides a custom REST API for WordPress, enabling advanced functionality for blog automation and AI integration.",586,"2025-01-22T05:31:00.000Z","4.7","7.2",[127,76,128,129,22],"ai","custom-plugin","openai","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjournalai.1.0.zip",{"attackSurface":132,"codeSignals":265,"taintFlows":277,"riskAssessment":278,"analyzedAt":287},{"hooks":133,"ajaxHandlers":152,"restRoutes":153,"shortcodes":262,"cronEvents":263,"entryPointCount":264,"unprotectedCount":13},[134,140,144,148],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","rest_api_init","register_endpoints","content-api.php",38,{"type":135,"name":141,"callback":142,"file":138,"line":143},"admin_menu","register_settings_page",39,{"type":135,"name":145,"callback":146,"file":138,"line":147},"admin_init","settings_page_init",40,{"type":135,"name":149,"callback":150,"file":138,"line":151},"admin_notices","maybe_display_last_accessed_notice",41,[],[154,162,168,173,177,182,186,190,194,198,203,207,212,216,221,225,230,235,239,243,247,250,253,258],{"namespace":155,"route":156,"methods":157,"callback":159,"permissionCallback":160,"file":138,"line":161},"content-api\u002Fv1","\u002Fpost\u002F",[158],"POST","create_post","has_permission",50,{"namespace":155,"route":163,"methods":164,"callback":166,"permissionCallback":160,"file":138,"line":167},"\u002Fproduct\u002F",[165],"GET","get_product",56,{"namespace":155,"route":163,"methods":169,"callback":171,"permissionCallback":160,"file":138,"line":172},[170],"PATCH","update_product",62,{"namespace":155,"route":163,"methods":174,"callback":175,"permissionCallback":160,"file":138,"line":176},[158],"create_product",68,{"namespace":155,"route":178,"methods":179,"callback":180,"permissionCallback":160,"file":138,"line":181},"\u002Fproduct-category\u002F",[165],"get_product_category",74,{"namespace":155,"route":178,"methods":183,"callback":184,"permissionCallback":160,"file":138,"line":185},[170],"update_product_category",80,{"namespace":155,"route":178,"methods":187,"callback":188,"permissionCallback":160,"file":138,"line":189},[158],"create_product_category",86,{"namespace":155,"route":191,"methods":192,"callback":193,"permissionCallback":160,"file":138,"line":59},"\u002Fproduct-ids\u002F",[165],"get_all_product_ids",{"namespace":155,"route":195,"methods":196,"callback":197,"permissionCallback":160,"file":138,"line":33},"\u002Fproduct-categories\u002F",[165],"get_all_product_categories",{"namespace":155,"route":199,"methods":200,"callback":201,"permissionCallback":160,"file":138,"line":202},"\u002Fproduct\u002Fcategories\u002F",[165],"get_product_categories",104,{"namespace":155,"route":199,"methods":204,"callback":205,"permissionCallback":160,"file":138,"line":206},[170],"update_product_categories",110,{"namespace":155,"route":208,"methods":209,"callback":210,"permissionCallback":160,"file":138,"line":211},"\u002Fterms\u002F",[165],"get_terms",116,{"namespace":155,"route":208,"methods":213,"callback":214,"permissionCallback":160,"file":138,"line":215},[165],"update_terms",122,{"namespace":155,"route":217,"methods":218,"callback":219,"permissionCallback":160,"file":138,"line":220},"\u002Fattributes\u002F",[165],"get_attributes",128,{"namespace":155,"route":217,"methods":222,"callback":223,"permissionCallback":160,"file":138,"line":224},[165],"update_attributes",134,{"namespace":155,"route":226,"methods":227,"callback":228,"permissionCallback":160,"file":138,"line":229},"\u002Fproduct\u002Fattributes\u002F",[165],"get_product_attributes",140,{"namespace":155,"route":231,"methods":232,"callback":233,"permissionCallback":160,"file":138,"line":234},"\u002Fproduct-brand\u002F",[165],"get_brand",146,{"namespace":155,"route":231,"methods":236,"callback":237,"permissionCallback":160,"file":138,"line":238},[170],"update_brand",152,{"namespace":155,"route":231,"methods":240,"callback":241,"permissionCallback":160,"file":138,"line":242},[158],"create_brand",158,{"namespace":155,"route":244,"methods":245,"callback":233,"permissionCallback":160,"file":138,"line":246},"\u002Ftaxonomy\u002Fbrand\u002F",[165],164,{"namespace":155,"route":244,"methods":248,"callback":237,"permissionCallback":160,"file":138,"line":249},[170],170,{"namespace":155,"route":244,"methods":251,"callback":241,"permissionCallback":160,"file":138,"line":252},[158],176,{"namespace":155,"route":254,"methods":255,"callback":256,"permissionCallback":160,"file":138,"line":257},"\u002Fproduct\u002Fbrands\u002F",[165],"get_product_brands",182,{"namespace":155,"route":254,"methods":259,"callback":260,"permissionCallback":160,"file":138,"line":261},[170],"update_product_brands",188,[],[],24,{"dangerousFunctions":266,"sqlUsage":267,"outputEscaping":270,"fileOperations":268,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":276},[],{"prepared":268,"raw":13,"locations":269},2,[],{"escaped":271,"rawEcho":47,"locations":272},157,[273],{"file":138,"line":274,"context":275},2466,"raw output",[],[],{"summary":279,"deductions":280},"The 'content-api' plugin version 1.1.0 exhibits a generally strong security posture based on the static analysis. The absence of any critical or high severity taint flows, along with a high percentage of properly escaped output and the exclusive use of prepared statements for SQL queries, indicates good coding practices. The lack of any recorded vulnerabilities in its history further strengthens this positive assessment, suggesting a mature and well-maintained codebase.  However, the complete absence of nonce checks and capability checks across all entry points, including the 24 REST API routes, presents a significant concern. While the static analysis reports no unprotected entry points (likely meaning permission callbacks exist, though not explicitly detailed as capability checks), the explicit mention of zero nonce checks and zero capability checks is a critical oversight. This could leave the plugin susceptible to various forms of attacks if the permission callbacks are not robust enough or if the REST API endpoints are not sufficiently secured against unauthorized access or manipulation. The file operations are also a potential area for scrutiny, as without further context, two file operations could introduce risks depending on their nature. Despite the promising lack of historical vulnerabilities and good data sanitization, the lack of fundamental security checks like nonces and capability checks on its extensive REST API surface introduces a notable risk factor that requires further investigation and remediation.",[281,283,285],{"reason":282,"points":11},"Missing nonce checks across entry points",{"reason":284,"points":11},"Missing capability checks across entry points",{"reason":286,"points":71},"File operations present potential risk","2026-03-16T23:34:37.345Z",{"wat":289,"direct":298},{"assetPaths":290,"generatorPatterns":293,"scriptPaths":294,"versionParams":295},[291,292],"\u002Fwp-content\u002Fplugins\u002Fcontent-api\u002Fcss\u002Fsettings.css","\u002Fwp-content\u002Fplugins\u002Fcontent-api\u002Fjs\u002Fsettings.js",[],[292],[296,297],"content-api\u002Fcss\u002Fsettings.css?ver=","content-api\u002Fjs\u002Fsettings.js?ver=",{"cssClasses":299,"htmlComments":300,"htmlAttributes":301,"restEndpoints":302,"jsGlobals":314,"shortcodeOutput":315},[],[],[],[303,304,305,306,307,308,309,310,311,312,313],"\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fpost\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fproduct\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fproduct-category\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fproduct-ids\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fproduct-categories\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fterms\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fattributes\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fproduct\u002Fattributes\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fproduct-brand\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Ftaxonomy\u002Fbrand\u002F","\u002Fwp-json\u002Fcontent-api\u002Fv1\u002Fproduct\u002Fbrands\u002F",[],[]]