[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9_at9c2EhBBUJ3wKRk3Qs_Mn-Pb1VC6cjHQev2GI6WA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":75,"crawl_stats":38,"alternatives":82,"analysis":193,"fingerprints":437},"content-mask","Content Mask","1.8.5.3","Alex","https:\u002F\u002Fprofiles.wordpress.org\u002Falexdemchak\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fxhynk.com\u002Fcontent-mask\u002F\" rel=\"nofollow ugc\">Read More & View Demos Here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Embed Any Content†‡ Into Your WordPress Website\u003C\u002Fh4>\n\u003Cp>Content Mask allows you to embed any external content onto your own WordPress Pages, Posts, and Custom Post Types. The end result is fairly similar to setting up a \u003Ca href=\"http:\u002F\u002Fwww.networksolutions.com\u002Fsupport\u002Fwhat-is-web-forwarding-and-masking\u002F\" rel=\"nofollow ugc\">Domain Mask\u003C\u002Fa>, but the content is embedded into the front end of your website and is fully contained inside your WordPress permalink ecosystem.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cem>Example\u003C\u002Fem>: If you built a landing page on \u003Ccode>landing-page-builder.com\u002Fyour-landing-page\u002F\u003C\u002Fcode>, you can simply create a new Page on your website at \u003Ccode>your-site.com\u002Flanding-page\u002F\u003C\u002Fcode> and paste in the URL of your landing page. The Content Mask plugin will then download and cache of copy of your landing page directly on your website, so any visitors that come to \u003Ccode>your-site.com\u002Flanding-page\u002F\u003C\u002Fcode> will see the landing page you built. This allows you to keep all of your links integrated into your WordPress Website.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>† Do not use Content Mask to embed any content that you do not own or do not otherwise have license to share, embed, frame, or distribute.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Simple 2-Step UI\u003C\u002Fh4>\n\u003Cp>With a simple 2-Step UI, you can embed any external content into your website without any complicated URL Forwarding, DNS Records, or \u003Ccode>.htaccess\u003C\u002Fcode> rules to mess with.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Just enable the Content Mask on any Page, Post, or Custom Post type by clicking on the check mark.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Then put in the URL that contains the content you want to embed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>It’s that simple!\u003C\u002Fp>\n\u003Ch4>Powerful Embedding and Redirect Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Using the Download method (default) will fetch the content from the Content Mask URL, cache it on your website, and replace the current page request with that content. By default, this cache lasts 4 hours – but it can be changed anywhere from “Never Cache” all the way up to “Cache for 4 Weeks”. Caching prevents the need for additional requests that slow down your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Using the Iframe method will replace the current page request with a full width\u002Fheight, frameless iframe containing the host URL. This method is ideal if the URL you want to embed won’t serve scripts, styles, or images to other URLs or IP Addresses. If you use the Download Method, and links or images look broken, you can try the Iframe method instead.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Using the Redirect (301) method will simply redirect the visitor to the host URL.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Simple Integrated Vistor Tracking\u003C\u002Fh4>\n\u003Cp>In the Content Mask admin panel, you can enable tracking for Content Masked pages. This will allow you to see how many visitors are viewing these links. This is ideal for when you need to track acquisition, such as on a Landing Page.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>[Views] shows how many times that Content Mask page has been viewed by anybody (even logged in users)\u003C\u002Fli>\n\u003Cli>[Non-User] shows how many times it’s been viewed by visitors that are \u003Cem>not\u003C\u002Fem> logged in to the website.\u003C\u002Fli>\n\u003Cli>[Unique] shows how many times it’s been viewed by unique IP addresses. Note: IP addresses are one-way hashed and are not identifiable in any way.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Creating a Content Masked Page\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F_H7IWFwmVfo?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Using the Content Mask Admin Panel\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F5hEBMKSLHxI?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Notes:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Do \u003Cem>NOT\u003C\u002Fem> use Content Mask on any content you aren’t explicitly authorized to share or use. Please confirm you’re allowed to utilize and embed the content before embedding any particular URL.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Content embedded using the Download method is cached using the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTransients_API\" rel=\"nofollow ugc\">WordPress Transients API\u003C\u002Fa> for 4 hours by default. If the content on the external URL is updated and you would like a fresh copy, you may just click the “Update” button on the Page, Post, or Custom Post Type to refresh the transient, or click the “Refresh” link in the Content Mask Admin panel. You may also change the cache expiration timer per page anywhere from “Never” to “4 weeks”.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>You may use the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftransients-manager\u002F\" rel=\"ugc\">Transients Manager\u003C\u002Fa> plugin to manage transients stored with the Download method. All Content Mask related transients contain the prefix “content_mask-” plus a stripped version of the Content Mask URL, such as “content_mask-httpxhynkcom”.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>‡ Your site may be prevented from processing page requests for \u003Cem>any\u003C\u002Fem> reason; Reasons include, but are not limited to: masking unauthorized content, at the request of the masked URL site owner, masking hateful content, masking illegal content, circumventing IP bans, etc. A dual one-way encrypted hash of your masking URL may be used to check for infraction. No identifying information will be used for this check, and no information is saved other than as a transient to prevent unnecessary duplicate checks per site\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fxhynk.com\u002Fcontent-mask\u002F\" rel=\"nofollow ugc\">Read More About Content Mask\u003C\u002Fa>\u003C\u002Fp>\n","Embed any external content on a Page, Post, or Custom Post Type without the need to use complicated domain forwarding or domain masks.",1000,45427,100,9,"2025-10-16T16:15:00.000Z","6.8.5","4.7","5.4",[20,21,22,23,24],"domain-mask","embed","link","mask","redirect","http:\u002F\u002Fxhynk.com\u002Fcontent-mask\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-mask.1.8.5.3.zip",73,3,1,"2025-09-22 00:00:00","2026-03-15T15:16:48.613Z",[33,47,59],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":38},"CVE-2025-58012","content-mask-authenticated-author-insecure-direct-object-reference","Content Mask \u003C= 1.8.5.2 - Authenticated (Author+) Insecure Direct Object Reference","The Content Mask plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.8.5.2 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to perform an unauthorized action.",null,"\u003C=1.8.5.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Authorization Bypass Through User-Controlled Key","2025-09-26 19:15:49",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F309e0ebe-8873-46a1-ae82-d3bd05e68d00?source=api-prod",{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":52,"cvss_vector":53,"vuln_type":54,"published_date":30,"updated_date":55,"references":56,"days_to_patch":58},"CVE-2025-58011","content-mask-authenticated-contributor-server-side-request-forgery","Content Mask \u003C= 1.8.5.2 - Authenticated (Contributor+) Server-Side Request Forgery","The Content Mask plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.5.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Server-Side Request Forgery (SSRF)","2026-02-26 15:17:32",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd643e360-e2ae-4bcb-b02b-c4957853425a?source=api-prod",158,{"id":60,"url_slug":61,"title":62,"description":63,"plugin_slug":4,"theme_slug":38,"affected_versions":64,"patched_in_version":65,"severity":66,"cvss_score":67,"cvss_vector":68,"vuln_type":69,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2022-1203","content-mask-authenticated-subscriber-arbitrary-options-update","Content Mask \u003C= 1.8.4 - Authenticated (Subscriber+) Arbitrary Options Update","The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options","\u003C=1.8.4","1.8.4.1","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Missing Authorization","2022-05-03 00:00:00","2024-01-22 19:56:02",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F267d2b02-6365-4553-9809-bc3a8b070c7e?source=api-prod",630,{"slug":76,"display_name":7,"profile_url":8,"plugin_count":77,"total_installs":78,"avg_security_score":79,"avg_patch_time_days":80,"trust_score":27,"computed_at":81},"alexdemchak",6,1070,91,394,"2026-04-05T09:29:39.415Z",[83,107,130,150,170],{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":13,"num_ratings":93,"last_updated":94,"tested_up_to":16,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":96,"download_link":103,"security_score":104,"vuln_count":28,"unpatched_count":105,"last_vuln_date":106,"fetched_at":31},"affiliate-links","Affiliate Links – Link Cloaking and Management","3.2.0","wecantrack","https:\u002F\u002Fprofiles.wordpress.org\u002Fwecantrack\u002F","\u003Cp>Create any redirect links to any website from your WordPress Admin. Perfect for the affiliate links masking.\u003C\u002Fp>\n\u003Ch3>Affiliate Links 🚀\u003C\u002Fh3>\n\u003Cp>Affiliate Links is a powerful WordPress plugin acquired by wecantrack (Q4 2024), designed to help you create, cloak, and manage both internal and external links effortlessly. Perfect for affiliate\u003Cbr \u002F>\nmarketers, this plugin allows you to generate clean, user-friendly links like ‘mysite.com\u002Fgo\u002Flink’, while also boosting SEO, protecting your earnings, and increasing revenue. With Affiliate Links, seamless link management and optimization are just a few clicks away.\u003Cbr \u002F>\nBy utilising the Affiliate Links plugin, your clickouts will automatically be tracked on server-side by our standard wecantrack WP plugin. This will ensure the highest attribution coverage possible, since server-side events cannot get blocked by your website visitors.\u003C\u002Fp>\n\u003Ch4>Why You Need Affiliate Links Plugin:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🔍 Boost SEO: Cloak affiliate URLs to appear more trustworthy.\u003C\u002Fli>\n\u003Cli>💼 Protect Earnings: Conceal sensitive information from competitors.\u003C\u002Fli>\n\u003Cli>📈 Increase Revenue: Achieve higher click-through rates.\u003C\u002Fli>\n\u003Cli>⏰ Save Time: Manage links effortlessly with an intuitive interface.\u003C\u002Fli>\n\u003Cli>✅ Ad Network Friendly: Accepted by ad networks when the root domain is used.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features ✔\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>📊 Link Click Stats: Track each click with detailed insights, including browser type, language,\u003Cbr \u002F>\nand more.\u003C\u002Fli>\n\u003Cli>🔄 Conditional Redirects: Personalise redirects based on visitor behavior, such as language\u003Cbr \u002F>\nor platform.\u003C\u002Fli>\n\u003Cli>🔀 301\u002F302\u002F307 HTTP Redirects: Choose from multiple redirect options to fit your needs.\u003C\u002Fli>\n\u003Cli>👀 Nofollow & Noindex: Control link visibility with nofollow and noindex options.\u003C\u002Fli>\n\u003Cli>🗂 Link Categories & Slugs: Organise links into categories and include category slugs in\u003Cbr \u002F>\nURLs if desired.\u003C\u002Fli>\n\u003Cli>⚙️ HTML & Shortcode Generator: Easily embed links using the built-in generator.\u003C\u002Fli>\n\u003Cli>🛠 Widgets: Display recent and popular affiliate links with customisable categories and\u003Cbr \u002F>\ncounts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pro Features 💪\u003C\u002Fh3>\n\u003Cp>Elevate your affiliate marketing with advanced analytics and ad network integrations:\u003C\u002Fp>\n\u003Ch3>Analytics Platform Integrations:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🌐 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-sales-in-google-analytics\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Google Analytics Integration\u003C\u002Fa>: Track affiliate conversions as purchase conversions within\u003Cbr \u002F>\nGoogle Analytics, gaining transparency on the performance of any available dimension.\u003C\u002Fli>\n\u003Cli>📊 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-sales-in-looker-studio\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Google Looker Studio Integration\u003C\u002Fa>: Set up custom dashboards and reports with all your\u003Cbr \u002F>\ntraffic and affiliate conversion data in one dataset, keeping you updated at all times.\u003C\u002Fli>\n\u003Cli>💾 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Fzapier-affiliate-conversion-integration\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Zapier Integration\u003C\u002Fa>: Integrate Affiliate Conversions Across 6000 Platforms With Zapier\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Ad Network Integrations:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>📈 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-sales-in-google-ads\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Google Ads Integration\u003C\u002Fa>: Optimise your Google Ads campaigns by leveraging your\u003Cbr \u002F>\nconversion data, automating bid adjustments, and setting up relevant audiences to boost\u003Cbr \u002F>\nROAS.\u003C\u002Fli>\n\u003Cli>🔍 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Fmicrosoft-ads-affiliate-conversion-tracking\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Microsoft Ads Integration\u003C\u002Fa>: Integrate your affiliate conversion data with Microsoft Ads to\u003Cbr \u002F>\noptimise campaigns and audiences, enhancing your return on ad spend.\u003C\u002Fli>\n\u003Cli>🎯 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-conversion-tracking-in-facebook\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Facebook Ads Integration\u003C\u002Fa>: Feed conversion data to the Facebook Pixel to make your\u003Cbr \u002F>\ncampaigns profitable, building relevant audiences and utilizing Facebook’s AI to target the right\u003Cbr \u002F>\nusers.\u003C\u002Fli>\n\u003Cli>🎵 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-conversion-tracking-tiktok-ads\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">TikTok Ads Integration\u003C\u002Fa>: Optimise your TikTok campaigns based on ROAS or CPAs by\u003Cbr \u002F>\nintegrating all your affiliate sale and lead conversion data.\u003C\u002Fli>\n\u003Cli>📌 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-sales-tracking-in-pinterest-ads\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Pinterest Ads Integration\u003C\u002Fa>: Use your affiliate conversion data to optimise Pinterest Ads\u003Cbr \u002F>\ncampaigns, fully utilizing their machine learning capabilities.\u003C\u002Fli>\n\u003Cli>🛡 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-conversion-tracking-in-reddit-ads\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Reddit Ads Integration\u003C\u002Fa>: Analyse and optimise your Reddit Ads campaigns by integrating\u003Cbr \u002F>\nyour affiliate conversion data to boost ad revenue.\u003C\u002Fli>\n\u003Cli>👻 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-sales-tracking-in-snapchat-ads\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Snapchat Ads Integration\u003C\u002Fa>: Track and integrate your affiliate conversion data in Snapchat\u003Cbr \u002F>\nAds to automatically optimise your campaigns based on purchase events.\u003C\u002Fli>\n\u003Cli>🐦 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-conversion-tracking-in-twitter-ads\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">X Ads Integration\u003C\u002Fa>: Optimise your native ad campaigns with X Ads by integrating your\u003Cbr \u002F>\naffiliate sale and lead conversion data.\u003C\u002Fli>\n\u003Cli>🌍 \u003Ca href=\"https:\u002F\u002Fwecantrack.com\u002Faffiliate-sales-tracking-in-outbrain\u002F?utm_source=wordpress&utm_medium=links-plugin&utm_campaign=description\" rel=\"nofollow ugc\">Outbrain Integration\u003C\u002Fa>: Properly analyse and optimise your Outbrain native ad campaigns\u003Cbr \u002F>\nwith integrated affiliate conversion data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Performance Reports:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>📈 Advertiser Performance: Break down conversion performance per advertiser, comparing\u003Cbr \u002F>\ncurrent results with previous time ranges.\u003C\u002Fli>\n\u003Cli>🌐 Network Performance: Get a quick overview of your affiliate network accounts’ total\u003Cbr \u002F>\nperformance through our network report.\u003C\u002Fli>\n\u003Cli>📝 Content Performance: Discover which landing and click pages generate the most clicks,\u003Cbr \u002F>\nconversions, and commissions, allowing you to optimise content based on real data.\u003C\u002Fli>\n\u003Cli>🚦 Traffic Source Performance: Analyse the performance of your traffic sources, helping you\u003Cbr \u002F>\nemploy an omnichannel approach to avoid over-reliance on one source.\u003C\u002Fli>\n\u003Cli>📊 Campaign Performance: Accurately analyse your ad campaigns, ensuring your budget\u003Cbr \u002F>\nallocation maximises profits—no more guesswork!\u003C\u002Fli>\n\u003Cli>📝 Transaction Report: Access detailed transaction information, including subid parameters,\u003Cbr \u002F>\nstatus, and product details for certain partners.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get Started Today! 🌟\u003C\u002Fp>\n\u003Cp>With Affiliate Links, managing and optimising your affiliate links has never been easier. Whether\u003Cbr \u002F>\nyou want to clean up messy URLs, protect your earnings, or boost your SEO, this plugin offers a\u003Cbr \u002F>\ncomprehensive solution for all your link management needs.\u003C\u002Fp>\n","Create any redirect links to any website from your WordPress Admin. Perfect for the affiliate links masking.",3000,78278,10,"2025-06-28T00:30:00.000Z","4.0","",[98,99,100,101,102],"affiliate-link-manager","affiliate-link-masking","cloaking","link-redirects","pretty-links","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faffiliate-links.3.2.0.zip",96,0,"2025-04-10 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":118,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":96,"tags":122,"homepage":125,"download_link":126,"security_score":127,"vuln_count":128,"unpatched_count":105,"last_vuln_date":129,"fetched_at":31},"woocommerce-cloak-affiliate-links","Cloak Affiliate Links for WooCommerce","1.0.37","datafeedr","https:\u002F\u002Fprofiles.wordpress.org\u002Fdatafeedrcom\u002F","\u003Cp>The \u003Cem>Cloak Affiliate Links for WooCommerce\u003C\u002Fem> plugin allows you to mask all external links in your WooCommerce store.\u003C\u002Fp>\n\u003Cp>For example, change this…\u003Cbr \u002F>\n    merchant.com\u002Findex.php?aff_id=123&product_id=456\u003C\u002Fp>\n\u003Cp>… into this:\u003Cbr \u002F>\n    yoursite.com\u002Fgo\u002F123\u003C\u002Fp>\n\u003Cp>Configure the status code for the redirect to either 301, 302 or 307.\u003C\u002Fp>\n\u003Cp>The plugin also adds a “Disallow” to your robots.txt file to prevent bots from following those external links.\u003C\u002Fp>\n","Cloak your WooCommerce external & affiliate links.",2000,52608,86,12,"2025-09-15T13:22:00.000Z","6.7.5","4.7.0",[84,123,124,23,24],"cloak","external","https:\u002F\u002Fwww.datafeedr.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoocommerce-cloak-affiliate-links.1.0.37.zip",98,2,"2025-01-24 00:00:00",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":138,"downloaded":139,"rating":13,"num_ratings":140,"last_updated":141,"tested_up_to":142,"requires_at_least":17,"requires_php":18,"tags":143,"homepage":96,"download_link":148,"security_score":149,"vuln_count":105,"unpatched_count":105,"last_vuln_date":38,"fetched_at":31},"go-redirects","Go Redirects URL Forwarder","2.0.3","WPKube","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpkube\u002F","\u003Cp>Go Redirects is a URL forwarder plugin for WordPress that enables URLs like \u003Ccode>http:\u002F\u002Fmysite.com\u002Fgo\u002Ffar-far-away\u002F\u003C\u002Fcode> to forward to URLs like \u003Ccode>http:\u002F\u002Fsomeothersite.com\u002F\u003C\u002Fcode>. It’s a great way to create clean-looking affiliate links or provide permement links for remote URLs that may change over time. It includes analytics for the number of times a URL has been forwarded.\u003C\u002Fp>\n","A URL forwarder for WordPress.",900,25321,4,"2021-08-04T08:09:00.000Z","5.8.13",[144,145,24,146,147],"affiliate","affiliate-link","redirects","url-mask","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgo-redirects.zip",85,{"slug":151,"name":152,"version":153,"author":154,"author_profile":155,"description":156,"short_description":157,"active_installs":13,"downloaded":158,"rating":105,"num_ratings":105,"last_updated":159,"tested_up_to":160,"requires_at_least":161,"requires_php":162,"tags":163,"homepage":166,"download_link":167,"security_score":168,"vuln_count":29,"unpatched_count":29,"last_vuln_date":169,"fetched_at":31},"link-hopper","Link Hopper","3.0","Anthony","https:\u002F\u002Fprofiles.wordpress.org\u002Fajferg\u002F","\u003Cp>Easily set up links like \u002Fhop\u002Fgoogle\u002F to redirect users to www.google.com.  This can be useful in masking your affiliate links.\u003C\u002Fp>\n\u003Cp>If your affiliate link needs to change, you can just change the HOP values in a single place, without having to search your site for outdated links.\u003C\u002Fp>\n","Link Hopper lets you set up tidy link redirection to other websites.",16056,"2026-03-08T04:30:00.000Z","6.9.4","6.0","8.3",[144,164,165,24],"links","masking","http:\u002F\u002Fwww.fergusweb.net\u002Fsoftware\u002Flinkhopper\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flink-hopper.3.0.zip",78,"2026-02-13 18:33:52",{"slug":171,"name":172,"version":173,"author":174,"author_profile":175,"description":176,"short_description":177,"active_installs":178,"downloaded":179,"rating":180,"num_ratings":181,"last_updated":182,"tested_up_to":16,"requires_at_least":183,"requires_php":184,"tags":185,"homepage":189,"download_link":190,"security_score":191,"vuln_count":28,"unpatched_count":105,"last_vuln_date":192,"fetched_at":31},"custom-permalinks","Custom Permalinks","3.1.2","Sami Ahmed Siddiqui","https:\u002F\u002Fprofiles.wordpress.org\u002Fsasiddiqui\u002F","\u003Cp>You want to take control of your WordPress site’s URLs? The \u003Cstrong>Custom Permalinks\u003C\u002Fstrong> plugin gives you the power to set unique, custom URLs for any post, page, tag, or category. This means you can design your site’s structure exactly how you envision it, rather than being limited by WordPress’s default settings. When you set a custom permalink, the original post URL will be automatically redirected to your new, customized URL.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Individual Permalink Control\u003C\u002Fstrong>: Assign unique URLs to any post, page, tag, or category.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site Structure Control\u003C\u002Fstrong>: Gain ultimate control over how your site’s URLs are organized.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Type Permalink Structures (v3.0.0+)\u003C\u002Fstrong>: Define custom permalink structures for each public Post Type using predefined tags, automatically generating URLs upon content creation. You can still manually edit any permalink. If left empty, default settings will apply.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Getting Started: Plugin Settings\u003C\u002Fh3>\n\u003Cp>You can configure Custom Permalinks by navigating to \u003Cstrong>Settings > Custom Permalinks\u003C\u002Fstrong> in your WordPress Dashboard.\u003C\u002Fp>\n\u003Ch3>Available Tags for Permalink Structures\u003C\u002Fh3>\n\u003Cp>When setting up your custom permalink structures, you can use a variety of tags that will dynamically populate the URL. Here’s a breakdown of what’s available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>%year%\u003C\u002Fstrong>: The year of the post in four digits, eg: 2025\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%monthnum%\u003C\u002Fstrong>: Month the post was published, in two digits, eg: 01\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%day%\u003C\u002Fstrong>: Day the post was published in two digits, eg: 02\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%hour%\u003C\u002Fstrong>: Hour of the day, the post was published, eg: 15\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%minute%\u003C\u002Fstrong>: Minute of the hour, the post was published, eg: 43\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%second%\u003C\u002Fstrong>: Second of the minute, the post was published, eg: 33\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%post_id%\u003C\u002Fstrong>: The unique ID of the post, eg: 123\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%category%\u003C\u002Fstrong>: A clean version of the category name (its slug). Nested sub-categories will appear as nested directories in the URL..\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%author%\u003C\u002Fstrong>: A sanitized version of the post author’s name.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%postname%\u003C\u002Fstrong>: A clean version of the post or page title (its slug). For example, “This Is A Great Post!” becomes \u003Ccode>this-is-a-great-post\u003C\u002Fcode> in the URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%parent_postname%\u003C\u002Fstrong>: Similar to \u003Ccode>%postname%\u003C\u002Fcode>, but uses the immediate parent page’s slug if a parent is selected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%parents_postnames%\u003C\u002Fstrong>: Similar to \u003Ccode>%postname%\u003C\u002Fcode>, but includes all parent page slugs if parents are selected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%title%\u003C\u002Fstrong>: The title of the post, converted to a slug. For example, “This Is A Great Post!” becomes \u003Ccode>this-is-a-great-post\u003C\u002Fcode>. Unlike \u003Ccode>%postname%\u003C\u002Fcode> which is set once, \u003Ccode>%title%\u003C\u002Fcode> automatically updates in the permalink if the post title changes (unless the post is published or the permalink is manually edited).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%ctax_TAXONOMY_NAME%\u003C\u002Fstrong>: A clean version of a custom taxonomy’s name. Replace \u003Ccode>TAXONOMY_NAME\u003C\u002Fcode> with the actual taxonomy name. You can also provide a default slug for when no category\u002Ftaxonomy is selected by using \u003Ccode>??\u003C\u002Fcode> (e.g., \u003Ccode>%ctax_type??sales%\u003C\u002Fcode> will use “sales” as a default).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%ctax_parent_TAXONOMY_NAME%\u003C\u002Fstrong>: Similar to \u003Ccode>%ctax_TAXONOMY_NAME%\u003C\u002Fcode>, but includes the immediate parent category\u002Ftag slug in the URL if a parent is selected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%ctax_parents_TAXONOMY_NAME%\u003C\u002Fstrong>: Similar to \u003Ccode>%ctax_TAXONOMY_NAME%\u003C\u002Fcode>, but includes all parent category\u002Ftag slugs in the URL if parents are selected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>%custom_permalinks_TAG_NAME%\u003C\u002Fstrong>: Developers have the flexibility to define their own custom tags(replace \u003Ccode>_TAG_NAME\u003C\u002Fcode> with your desired name). To ensure these tags resolve to the correct permalinks, simply apply the \u003Ccode>custom_permalinks_post_permalink_tag\u003C\u002Fcode> filter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important Note:\u003C\u002Fstrong> For new posts, Custom Permalinks will keep updating the permalink while the post is in draft mode, assuming a structure is defined in the plugin settings. Once the post is published or its permalink is manually updated, the plugin will stop automatic updates for that specific post.\u003C\u002Fp>\n\u003Ch3>Custom Permalinks: Fine-Tuning with Filters\u003C\u002Fh3>\n\u003Cp>Custom Permalinks offers a range of \u003Cstrong>filters\u003C\u002Fstrong> that empower developers to precisely control its behavior. You can explore all available filters, complete with example code snippets, in our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsamiahmedsiddiqui\u002Fcustom-permalinks\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For Assistance:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Premium Users:\u003C\u002Fstrong> If you need assistance implementing these filters, please don’t hesitate to reach out to us via our \u003Ca href=\"https:\u002F\u002Fwww.custompermalinks.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">Premium contact support\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Other Users:\u003C\u002Fstrong> You can also directly reach out to the plugin author via \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsami-ahmed-siddiqui\u002F\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Need Help or Found a Bug?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Support:\u003C\u002Fstrong> For one-on-one email support, consider purchasing \u003Ca href=\"https:\u002F\u002Fwww.custompermalinks.com\u002F#pricing-section\" rel=\"nofollow ugc\">Custom Permalinks Premium\u003C\u002Fa>. While some basic support may be provided on the WordPress.org forums, email support is prioritized for premium users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bug Reports:\u003C\u002Fstrong> If you encounter a bug, please report it on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsamiahmedsiddiqui\u002Fcustom-permalinks\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Make sure to provide complete information to reproduce the issue. GitHub is for bug reports, not general support questions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you experience any site-breaking issues after upgrading, please report them on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcustom-permalinks\u002F\" rel=\"ugc\">WordPress Forum\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsamiahmedsiddiqui\u002Fcustom-permalinks\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> with detailed information. You can always revert to an older version by downloading it from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-permalinks\u002Fadvanced\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-permalinks\u002Fadvanced\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","A powerful WordPress plugin for full URL control. Set custom permalinks, auto-redirects, and use dynamic tags for ideal site structure and SEO.",100000,2526567,82,116,"2025-10-08T12:56:00.000Z","2.6","7.0",[186,22,187,24,188],"address","permalink","url","https:\u002F\u002Fwww.custompermalinks.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-permalinks.3.1.2.zip",97,"2024-08-23 00:00:00",{"attackSurface":194,"codeSignals":268,"taintFlows":328,"riskAssessment":423,"analyzedAt":436},{"hooks":195,"ajaxHandlers":264,"restRoutes":265,"shortcodes":266,"cronEvents":267,"entryPointCount":105,"unprotectedCount":105},[196,202,206,209,213,217,221,225,228,232,235,241,245,248,253,257,260],{"type":197,"name":198,"callback":199,"priority":29,"file":200,"line":201},"action","template_redirect","process_page_request","content-mask.php",233,{"type":197,"name":203,"callback":204,"priority":93,"file":200,"line":205},"save_post","save_meta",236,{"type":197,"name":207,"callback":207,"priority":29,"file":200,"line":208},"add_meta_boxes",237,{"type":197,"name":210,"callback":211,"file":200,"line":212},"admin_menu","register_admin_menu",238,{"type":197,"name":214,"callback":215,"file":200,"line":216},"admin_head","add_nonce",239,{"type":197,"name":218,"callback":219,"file":200,"line":220},"admin_notices","display_admin_notices",240,{"type":197,"name":222,"callback":223,"file":200,"line":224},"admin_enqueue_scripts","exclusive_admin_assets",241,{"type":197,"name":222,"callback":226,"file":200,"line":227},"global_admin_assets",242,{"type":197,"name":229,"callback":230,"priority":93,"file":200,"line":231},"manage_posts_custom_column","content_mask_column_content",243,{"type":197,"name":233,"callback":230,"priority":93,"file":200,"line":234},"manage_pages_custom_column",244,{"type":236,"name":237,"callback":238,"priority":239,"file":200,"line":240},"filter","admin_body_class","add_admin_body_classes",27,249,{"type":236,"name":242,"callback":243,"file":200,"line":244},"manage_posts_columns","content_mask_column",250,{"type":236,"name":246,"callback":243,"file":200,"line":247},"manage_pages_columns",251,{"type":197,"name":249,"callback":250,"priority":251,"file":200,"line":252},"wp","closure",11,258,{"type":197,"name":254,"callback":250,"priority":255,"file":200,"line":256},"wp_head",9999,1696,{"type":197,"name":258,"callback":250,"file":200,"line":259},"wp_footer",1973,{"type":197,"name":261,"callback":262,"file":200,"line":263},"plugins_loaded","get_instance",2319,[],[],[],[],{"dangerousFunctions":269,"sqlUsage":270,"outputEscaping":272,"fileOperations":105,"externalRequests":325,"nonceChecks":28,"capabilityChecks":326,"bundledLibraries":327},[],{"prepared":105,"raw":105,"locations":271},[],{"escaped":273,"rawEcho":274,"locations":275},285,23,[276,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,309,312,315,317,320,322,323],{"file":200,"line":277,"context":278},525,"raw output",{"file":200,"line":280,"context":278},694,{"file":200,"line":282,"context":278},942,{"file":200,"line":284,"context":278},1019,{"file":200,"line":286,"context":278},1661,{"file":200,"line":288,"context":278},1692,{"file":200,"line":290,"context":278},1693,{"file":200,"line":292,"context":278},1733,{"file":200,"line":294,"context":278},1778,{"file":200,"line":296,"context":278},1780,{"file":200,"line":298,"context":278},1783,{"file":200,"line":300,"context":278},1784,{"file":200,"line":302,"context":278},1795,{"file":200,"line":304,"context":278},1870,{"file":200,"line":306,"context":278},1871,{"file":200,"line":308,"context":278},1873,{"file":310,"line":311,"context":278},"inc\\admin-buttons.php",105,{"file":313,"line":314,"context":278},"inc\\admin-panel.php",337,{"file":313,"line":316,"context":278},338,{"file":318,"line":319,"context":278},"inc\\metabox.php",61,{"file":318,"line":321,"context":278},139,{"file":318,"line":216,"context":278},{"file":318,"line":324,"context":278},253,5,14,[],[329,360,403,413],{"entryPoint":330,"graph":331,"unsanitizedCount":29,"severity":40},"get_page_iframe (content-mask.php:1745)",{"nodes":332,"edges":354},[333,338,344,348,352],{"id":334,"type":335,"label":336,"file":200,"line":337},"n0","source","$_GET",1759,{"id":339,"type":340,"label":341,"file":200,"line":342,"wp_function":343},"n1","sink","echo() [XSS]",1781,"echo",{"id":345,"type":335,"label":346,"file":200,"line":347},"n2","$_SERVER['HTTP_REFERER']",1788,{"id":349,"type":350,"label":351,"file":200,"line":347},"n3","transform","→ return_link()",{"id":353,"type":340,"label":341,"file":200,"line":302,"wp_function":343},"n4",[355,357,359],{"from":334,"to":339,"sanitized":356},true,{"from":345,"to":349,"sanitized":358},false,{"from":349,"to":353,"sanitized":358},{"entryPoint":361,"graph":362,"unsanitizedCount":128,"severity":40},"\u003Ccontent-mask> (content-mask.php:0)",{"nodes":363,"edges":395},[364,367,371,373,374,375,380,382,384,386,390,393],{"id":334,"type":335,"label":365,"file":200,"line":366},"$_POST (x4)",1273,{"id":339,"type":340,"label":368,"file":200,"line":369,"wp_function":370},"update_option() [Settings Manipulation]",1297,"update_option",{"id":345,"type":335,"label":372,"file":200,"line":337},"$_GET (x5)",{"id":349,"type":340,"label":341,"file":200,"line":342,"wp_function":343},{"id":353,"type":335,"label":336,"file":200,"line":337},{"id":376,"type":340,"label":377,"file":200,"line":378,"wp_function":379},"n5","wp_redirect() [Open Redirect]",1872,"wp_redirect",{"id":381,"type":335,"label":346,"file":200,"line":347},"n6",{"id":383,"type":350,"label":351,"file":200,"line":347},"n7",{"id":385,"type":340,"label":341,"file":200,"line":302,"wp_function":343},"n8",{"id":387,"type":335,"label":388,"file":200,"line":389},"n9","$_POST",2278,{"id":391,"type":350,"label":392,"file":200,"line":389},"n10","→ echo_svg()",{"id":394,"type":340,"label":341,"file":200,"line":282,"wp_function":343},"n11",[396,397,398,399,400,401,402],{"from":334,"to":339,"sanitized":356},{"from":345,"to":349,"sanitized":356},{"from":353,"to":376,"sanitized":356},{"from":381,"to":383,"sanitized":358},{"from":383,"to":385,"sanitized":358},{"from":387,"to":391,"sanitized":358},{"from":391,"to":394,"sanitized":358},{"entryPoint":404,"graph":405,"unsanitizedCount":105,"severity":412},"update_content_mask_option (content-mask.php:1266)",{"nodes":406,"edges":410},[407,409],{"id":334,"type":335,"label":408,"file":200,"line":366},"$_POST (x2)",{"id":339,"type":340,"label":368,"file":200,"line":369,"wp_function":370},[411],{"from":334,"to":339,"sanitized":356},"low",{"entryPoint":414,"graph":415,"unsanitizedCount":105,"severity":412},"toggle_content_mask_option (content-mask.php:1390)",{"nodes":416,"edges":421},[417,419],{"id":334,"type":335,"label":388,"file":200,"line":418},1393,{"id":339,"type":340,"label":368,"file":200,"line":420,"wp_function":370},1418,[422],{"from":334,"to":339,"sanitized":356},{"summary":424,"deductions":425},"The \"content-mask\" plugin v1.8.5.3 exhibits a mixed security posture.  On the positive side, it demonstrates good practices regarding SQL query handling, with 100% using prepared statements, and a high percentage (93%) of output being properly escaped. The static analysis also reveals no identified dangerous functions, file operations, or significant attack surface exposed without authentication. However, the presence of 5 external HTTP requests warrants further investigation, as these can be a vector for SSRF or other network-based attacks if not handled with extreme care. The taint analysis indicates 2 flows with unsanitized paths, which could potentially lead to vulnerabilities if these paths are reachable and not properly validated at runtime.\n\nThe vulnerability history for this plugin is a significant concern. With 3 known CVEs and 1 currently unpatched, particularly a high-severity one related to Authorization Bypass Through User-Controlled Key, Server-Side Request Forgery (SSRF), and Missing Authorization, the plugin has a demonstrated history of critical security flaws. The pattern of these past vulnerabilities suggests a recurring issue with input validation and authorization mechanisms. While the current version might have addressed some of these, the persistent history indicates a need for rigorous and ongoing security auditing.\n\nIn conclusion, while \"content-mask\" v1.8.5.3 shows some positive security developments in its static analysis, particularly in SQL handling and output escaping, the significant vulnerability history, including an unpatched high-severity issue and the taint analysis findings, present substantial risks. Users should exercise extreme caution and prioritize updating to a version that has demonstrably addressed all historical vulnerabilities.",[426,429,431,432,434],{"reason":427,"points":428},"Unpatched High Severity Vulnerability",18,{"reason":430,"points":93},"Taint flow with unsanitized path",{"reason":430,"points":93},{"reason":433,"points":325},"External HTTP requests",{"reason":435,"points":93},"Medium severity vulnerability history (x2)","2026-03-16T19:06:54.320Z",{"wat":438,"direct":449},{"assetPaths":439,"generatorPatterns":443,"scriptPaths":444,"versionParams":445},[440,441,442],"\u002Fwp-content\u002Fplugins\u002Fcontent-mask\u002Fadmin\u002Fcss\u002Fadmin-styles.css","\u002Fwp-content\u002Fplugins\u002Fcontent-mask\u002Fadmin\u002Fjs\u002Fadmin-scripts.js","\u002Fwp-content\u002Fplugins\u002Fcontent-mask\u002Fpublic\u002Fcss\u002Fcontent-mask-public.css",[],[441],[446,447,448],"content-mask\u002Fadmin\u002Fcss\u002Fadmin-styles.css?ver=","content-mask\u002Fadmin\u002Fjs\u002Fadmin-scripts.js?ver=","content-mask\u002Fpublic\u002Fcss\u002Fcontent-mask-public.css?ver=",{"cssClasses":450,"htmlComments":455,"htmlAttributes":459,"restEndpoints":463,"jsGlobals":465,"shortcodeOutput":468},[451,452,453,454],"content-mask-admin-wrap","content-mask-form-field","content-mask-enabled-indicator","content-mask-disabled-indicator",[456,457,458],"\u003C!-- Content Mask Meta Box -->","\u003C!-- Content Mask Admin Wrap -->","\u003C!-- Content Mask Form Fields -->",[460,461,462],"data-content-mask-id","data-content-mask-url","data-content-mask-enable",[464],"\u002Fwp-json\u002Fcontent-mask\u002Fv1\u002Fmasks",[466,467],"contentMaskAdmin","contentMaskAjax",[]]