[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feHmi8sWRm6hqCIAuuotsiWz3y7ouEQpI7ns73aCVgjg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":130,"fingerprints":364},"contentad","Content.ad","1.3.7","NewClarity","https:\u002F\u002Fprofiles.wordpress.org\u002Fnewclarity\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.content.ad\" rel=\"nofollow ugc\">Content.ad\u003C\u002Fa> is a content recommendation platform that helps site owners generate more time-on-site and monetize their content easily and unobtrusively.  Content.ad serves billions of impressions across thousands of sites every month. The WordPress plugin is the quickest and easiest way to get Content.ad up and running on your site.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Simple Setup\u003C\u002Fstrong> – Our 3-step guided installation gets you creating your first widget in minutes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Flexible Styling\u003C\u002Fstrong> – Our widget creation wizard makes customizing the look and feel of the widget simple and straightforward.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance Driven\u003C\u002Fstrong> – Our state-of-the-art algorithms learn what content is most popular with your users, lowering bounce rates and increasing overall site revenue. Also, since optimization takes place on Content.ad servers and the widget is loaded asynchronously, the plugin doesn’t slow down your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Powerful Options\u003C\u002Fstrong> – Free enterprise-level features let you control how the widget integrates into your site and what kind of content appears in it, all without leaving your WordPress admin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rich Reporting\u003C\u002Fstrong> – Use our robust reporting and graphing options to see exactly how well your widgets perform down to the hour.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Personalized Support\u003C\u002Fstrong> – Our US-based support staff is available to help you properly set up and optimize Content.ad to meet your needs.\u003C\u002Fp>\n\u003Cp>To learn more about Content.ad, visit our \u003Ca href=\"http:\u002F\u002Fhelp.content.ad\u002F\" rel=\"nofollow ugc\">publisher FAQ\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwww.content.ad\" rel=\"nofollow ugc\">visit our website\u003C\u002Fa>.\u003C\u002Fp>\n","Display popular content to your users from your own site and\u002For from our sponsored partners, increasing visitor engagement and revenue.",100,110288,76,16,"2020-11-03T00:17:00.000Z","5.5.18","3.0.6","",[20,21,22,23,24],"ads","advertising","engagement","related-content","revenue","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontentad\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontentad.1.3.7.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"newclarity",4,1120,87,3527,70,"2026-04-04T07:12:16.968Z",[41,55,74,94,111],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":10,"active_installs":48,"downloaded":49,"rating":28,"num_ratings":28,"last_updated":50,"tested_up_to":51,"requires_at_least":17,"requires_php":18,"tags":52,"homepage":53,"download_link":54,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"zool-viral-ads","Zool Viral Ads","1.1.1.13","zoolley","https:\u002F\u002Fprofiles.wordpress.org\u002Fzoolley\u002F","\u003Cp>Zool Viral Ads is a content recommendation platform which enables blog owners to display ads or related blog posts. The ads are dynamically sourced from the Zoolley.com system and it can be a good source of revenue.\u003C\u002Fp>\n\u003Cp>A few notes about the sections above:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin tracks the IP of the visitor with the help of 3rd party code from geoplugin.net and this information is then sent to zoolley server to help us to place country based content recommendation.\u003C\u002Fli>\n\u003Cli>This plugin does not requires any password but you need to get a free Zool Viral Ads Account, so as our system can identify the traffic sent by you. Once you install the plugin then the recommendation content is displayed automatically to the visitor based on this geographical location.\u003C\u002Fli>\n\u003Cli>The images and the content loaded in the recommendation area is directly sourced from zoolley.com server.\u003C\u002Fli>\n\u003Cli>These images are dynamic and we often update the images based on our advertiser’s demands.\u003C\u002Fli>\n\u003Cli>Once the visitor clicks on the recommended content then it is redirected to the zoolley server (so as we can calculate the number of hits from your and show your earning details on your Zool Dashboard) and then the visitor is further redirected to the main content site where visitor wants to go.\u003C\u002Fli>\n\u003Cli>This process takes microseconds and will not slow the speed of your website or the visitor flow to the content site.\u003C\u002Fli>\n\u003Cli>We believe in respecting your privacy and the information and data collected will be used only by us for the purpose of better content placement. \u003C\u002Fli>\n\u003Cli>We follow the guidlines of governing bodies of each country and never display any restricted items on your blogs via our plugin.\u003C\u002Fli>\n\u003Cli>Our content may contain “Non commercial”, “Advertorials” and “Advertisements”\u003C\u002Fli>\n\u003C\u002Ful>\n",10,1740,"2017-03-19T20:51:00.000Z","4.6.30",[20,21,22,23,24],"http:\u002F\u002Fwww.zoolley.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzool-viral-ads.1.1.1.13.zip",{"slug":56,"name":57,"version":58,"author":56,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":28,"num_ratings":28,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":71,"download_link":72,"security_score":73,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"hbagency","HBAgency","1.0.5","https:\u002F\u002Fprofiles.wordpress.org\u002Fhbagency\u002F","\u003Cp>The official HBAgency (https:\u002F\u002Fwww.hbagency.it) plugin makes the integration process effortless.\u003C\u002Fp>\n\u003Cp>With this plugin, you can:\u003Cbr \u002F>\n – Easily integrate your WordPress website with our advanced technology.\u003Cbr \u002F>\n – Automatically insert and update ads.txt, scripts, and ad placements.\u003Cbr \u002F>\n – Manage placements and edit additional lines in your ads.txt file with ease.\u003C\u002Fp>\n\u003Cp>Thank you for choosing our platform.\u003C\u002Fp>\n\u003Cp>By using this plugin you agree to our Terms and Conditions (https:\u002F\u002Fwww.hbagency.it\u002Fterms https:\u002F\u002Fwww.hbagency.ai\u002Fterms)\u003C\u002Fp>\n","Effortlessly integrate HBAgency on your website with our official plugin. Insert ads.txt, manage placements, and integrate our script seamlessly.",9000,9781,"2024-12-10T10:33:00.000Z","6.6.5","6.0","7.3",[20,21,56,69,70],"monetize","revenues","https:\u002F\u002Fhbagency.ai\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhbagency.1.0.5.zip",92,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":48,"downloaded":82,"rating":83,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":18,"download_link":93,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"codec-sponsored-content","CODEC Sponsored Content","3.0.0","codecprime","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodecprime\u002F","\u003Cp>\u003Cstrong>Premium Monetizing System\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>CODEC provides quality bloggers and publishers* with an additional revenue stream, as well as an increase in audience engagement. Monetize 100% of your traffic (CODEC is not blocked by any AdBlocks currently on the market) or use CODEC as a Fallback for your blocked ads to increase your current monetization by 40% on average.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enjoy:\u003C\u002Fstrong>\u003Cbr \u002F>\n    – top monetization rates of $4-$12 CPM.\u003Cbr \u002F>\n    – monthly payouts to your PayPal account, no minimum.\u003Cbr \u002F>\n    – real human support.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Only Quality Content\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>No obscenity, no violence, no video games. We 100% manually moderate CODEC content to ensure it’s always family-friendly. Monetize your content without compromising your integrity as well as your users’ experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Not Ad Blocked\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>CODEC ads are not adblocked, allowing you to monetize up to 100% of your traffic.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Your Readers Stay on Your Site\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Most monetization systems pay when your reader clicks on their headline, link or banner and leaves your site. You thus lose the hard-earned traffic. With CODEC, users don’t need to leave your site for you to earn. We pay CPM, which means every time a user sees the CODEC content on your site, you earn money.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>As Easy as 1-2-3\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>It takes about 2 min to install and set up the plugin. Choose the location and the look of your widget. The rule of thumb is the bigger the widget you pick (6 unit plugin vs 3 unit plugin), the more revenue you’ll enjoy at the end of each month.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>We are here to help, so feel free to reach out to our support team at \u003Ca href='https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcodec-sponsored-content' rel=\"ugc\">CODEC\u002Fsupport\u003C\u002Fa> or at wp-support@codecprime.com\u003C\u002Fp>\n\u003Cp>*We advertise on family-friendly web properties. Websites are subject to approval for content guidance compliance. The monetization feature is currently available for English-language sites.\u003C\u002Fp>\n","Premium monetizing system for quality blogs & publications (English-language websites only.) Generate revenue by displaying a widget with manually &hellip;",2853,74,3,"2024-01-11T16:30:00.000Z","6.4.8","4.1","5.2.4",[90,91,21,92,24],"ad","adsense","monetization","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodec-sponsored-content.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":28,"downloaded":102,"rating":28,"num_ratings":28,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":106,"tags":107,"homepage":109,"download_link":110,"security_score":11,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"panxo-ai-monetization","Panxo AI Monetization","1.0.1","panxoai","https:\u002F\u002Fprofiles.wordpress.org\u002Fpanxoai\u002F","\u003Cp>Panxo AI Monetization is an enterprise-grade WordPress plugin that automatically integrates AI-powered programmatic advertising into your website. With zero configuration required, the plugin handles everything from registration to script integration.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Zero-Click Setup\u003C\u002Fstrong>: Automatically registers your site, creates your property, and integrates the Panxo script\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Script Integration\u003C\u002Fstrong>: Injects the optimized Panxo script into your site header\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ads.txt Management\u003C\u002Fstrong>: Automatically updates your ads.txt file with required Panxo entries\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Learning Phase Monitoring\u003C\u002Fstrong>: Track your site’s learning progress directly from WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enterprise-Grade\u003C\u002Fstrong>: Built with 50+ years of combined development experience\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy-First\u003C\u002Fstrong>: No persistent cookies, GDPR\u002FCCPA compliant\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>The plugin automatically registers your WordPress site with Panxo\u003C\u002Fli>\n\u003Cli>Your property is created and the learning process begins\u003C\u002Fli>\n\u003Cli>The Panxo script is automatically integrated into your site\u003C\u002Fli>\n\u003Cli>Your ads.txt file is updated with Panxo entries\u003C\u002Fli>\n\u003Cli>Monitor your learning progress from the WordPress dashboard\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.8 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>Active internet connection for API communication\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to Panxo’s external services for AI-powered advertising monetization. The connection to these services is required for the plugin to function.\u003C\u002Fp>\n\u003Ch4>Panxo API (api.panxo.ai)\u003C\u002Fh4>\n\u003Cp>The Panxo API handles automatic registration, property creation, script verification, and learning phase monitoring.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Site domain (to create and identify your property)\u003Cbr \u002F>\n* Admin email address (to create your publisher account)\u003Cbr \u002F>\n* Publisher ID and Property ID (for authentication and status checks)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* During initial plugin activation (automatic registration)\u003Cbr \u002F>\n* When verifying installation status\u003Cbr \u002F>\n* When checking learning phase progress\u003Cbr \u002F>\n* When updating ads.txt configuration\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service documentation:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Terms of Service: https:\u002F\u002Fpanxo.ai\u002Fterms\u002F\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fpanxo.ai\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Ch4>Panxo CDN (cdn.panxo.ai)\u003C\u002Fh4>\n\u003Cp>The Panxo CDN delivers the optimized monetization script to your website visitors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* No data is sent directly to the CDN. The script is loaded as a static resource.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When the script loads:\u003C\u002Fstrong>\u003Cbr \u002F>\n* On every page load when the plugin is active and enabled.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What the script does:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Detects AI traffic sources (ChatGPT, Claude, Perplexity, etc.)\u003Cbr \u002F>\n* Serves relevant advertisements to AI-referred visitors\u003Cbr \u002F>\n* Sends anonymous analytics to Panxo (page views, ad impressions)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service documentation:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Terms of Service: https:\u002F\u002Fpanxo.ai\u002Fterms\u002F\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fpanxo.ai\u002Fprivacy\u002F\u003C\u002Fp>\n","Automatically monetize your WordPress site with AI-powered programmatic advertising. Zero configuration required.",177,"2026-02-11T15:04:00.000Z","6.8.5","5.8","7.4",[20,21,108,92,24],"ai","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpanxo-ai-monetization\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpanxo-ai-monetization.1.0.1.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":73,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":106,"tags":125,"homepage":128,"download_link":129,"security_score":11,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ads-txt","Ads.txt Manager","1.4.6","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Create, manage, and validate your ads.txt and app-ads.txt from within WordPress, like any other content asset. Requires PHP 7.4+.\u003C\u002Fp>\n\u003Ch3>What is ads.txt?\u003C\u002Fh3>\n\u003Cp>Ads.txt is an initiative by the Interactive Advertising Bureau to enable publishers to take control over who can sell their ad inventory. Through our work at 10up with various publishers, we’ve created a way to manage and validate your ads.txt file from within WordPress, eliminating the need to upload a file. The validation baked into the plugin helps avoid malformed records, which can cause issues that end up cached for up to 24 hours and can lead to a drop in ad revenue.\u003C\u002Fp>\n\u003Ch3>Technical Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Requires PHP 7.4+.\u003C\u002Fli>\n\u003Cli>Ad blockers may break syntax highlighting and pre-save error checking on the edit screen.\u003C\u002Fli>\n\u003Cli>Rewrites need to be enabled. Without rewrites, WordPress cannot know to supply \u003Ccode>\u002Fads.txt\u003C\u002Fcode> when requested.\u003C\u002Fli>\n\u003Cli>Your site URL must not contain a path (e.g. \u003Ccode>https:\u002F\u002Fexample.com\u002Fsite\u002F\u003C\u002Fcode> or path-based multisite installs). While the plugin will appear to function in the admin, it will not display the contents at \u003Ccode>https:\u002F\u002Fexample.com\u002Fsite\u002Fads.txt\u003C\u002Fcode>. This is because the plugin follows the IAB spec, which requires that the ads.txt file be located at the root of a domain or subdomain.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What about ads.cert?\u003C\u002Fh3>\n\u003Cp>We’re closely monitoring continued developments in the ad fraud space, and see this plugin as not only a way to create and manage your ads.txt file but also be prepared for future changes and upgrades to specifications. Ads.cert is still in the extremely early stages so we don’t see any immediate concerns with implementing ads.txt.\u003C\u002Fp>\n\u003Ch3>Can I use this with multisite?\u003C\u002Fh3>\n\u003Cp>Yes! However, if you are using a subfolder installation it will only work for the main site. This is because you can only have one ads.txt for a given domain or subdomain per the \u003Ca href=\"https:\u002F\u002Fiabtechlab.com\u002Fads-txt\u002F\" rel=\"nofollow ugc\">ads.txt spec\u003C\u002Fa>.  Our recommendation is to only activate Ads.txt Manager per-site.\u003C\u002Fp>\n","Create, manage, and validate your ads.txt and app-ads.txt from within WordPress, like any other content asset.",100000,1903612,14,"2026-01-04T21:09:00.000Z","6.9.4","6.6",[126,20,112,21,127],"ad-manager","app-ads-txt","https:\u002F\u002Fgithub.com\u002F10up\u002Fads-txt","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fads-txt.1.4.6.zip",{"attackSurface":131,"codeSignals":247,"taintFlows":328,"riskAssessment":354,"analyzedAt":363},{"hooks":132,"ajaxHandlers":228,"restRoutes":239,"shortcodes":240,"cronEvents":244,"entryPointCount":84,"unprotectedCount":137},[133,140,145,149,152,154,158,162,165,167,170,174,177,180,183,186,189,192,195,197,201,204,207,211,214,217,220,223,225],{"type":134,"name":135,"callback":136,"priority":137,"file":138,"line":139},"filter","mce_buttons","my_add_next_page_button",1,"contentad.php",114,{"type":141,"name":142,"callback":143,"file":138,"line":144},"action","plugins_loaded","on_load",136,{"type":141,"name":146,"callback":146,"file":147,"line":148},"admin_menu","includes\\admin\\admin.class.php",12,{"type":141,"name":150,"callback":150,"file":147,"line":151},"admin_init",13,{"type":141,"name":153,"callback":153,"file":147,"line":121},"admin_notices",{"type":141,"name":155,"callback":156,"file":147,"line":157},"load-edit.php","load",46,{"type":134,"name":159,"callback":159,"file":160,"line":161},"parent_file","includes\\admin\\wp3-menu-fix.class.php",5,{"type":141,"name":163,"callback":163,"file":160,"line":164},"adminmenu",6,{"type":141,"name":146,"callback":146,"file":160,"line":166},7,{"type":141,"name":168,"callback":168,"file":169,"line":14},"init","includes\\init.class.php",{"type":141,"name":171,"callback":172,"file":169,"line":173},"ca_cron","run_ca_cron",17,{"type":141,"name":175,"callback":175,"file":169,"line":176},"widgets_init",18,{"type":141,"name":4,"callback":178,"priority":48,"file":169,"line":179},"plugin_shortcode",20,{"type":141,"name":181,"callback":181,"priority":48,"file":169,"line":182},"contentad_exitpop",22,{"type":141,"name":168,"callback":184,"file":169,"line":185},"check_installation_date",41,{"type":141,"name":187,"callback":187,"file":169,"line":188},"wp_head",43,{"type":134,"name":190,"callback":190,"priority":28,"file":169,"line":191},"the_content",44,{"type":141,"name":193,"callback":181,"file":169,"line":194},"wp_footer",45,{"type":134,"name":196,"callback":196,"priority":48,"file":169,"line":157},"plugin_row_meta",{"type":134,"name":198,"callback":199,"file":169,"line":200},"plugin_action_links_contentad\u002Fcontentad.php","plugin_action_links",47,{"type":141,"name":168,"callback":184,"file":202,"line":203},"includes\\plugin-review.class.php",31,{"type":141,"name":153,"callback":205,"file":202,"line":206},"display_admin_notice",52,{"type":141,"name":168,"callback":208,"file":209,"line":210},"content_ad_post_type","includes\\post-type.class.php",8,{"type":141,"name":212,"callback":212,"file":209,"line":213},"save_post",9,{"type":134,"name":215,"callback":216,"file":209,"line":191},"manage_edit-content_ad_widget_columns","manage_edit_content_ad_widget_columns",{"type":134,"name":218,"callback":219,"file":209,"line":157},"manage_content_ad_widget_posts_columns","legacy_add_custom_columns",{"type":141,"name":221,"callback":222,"priority":48,"file":209,"line":200},"manage_posts_custom_column","manage_content_ad_widget_posts_custom_column",{"type":134,"name":222,"callback":222,"priority":48,"file":209,"line":224},50,{"type":141,"name":226,"callback":226,"priority":48,"file":209,"line":227},"quick_edit_custom_box",53,[229,235],{"action":230,"nopriv":231,"callback":232,"hasNonce":233,"hasCapCheck":231,"file":169,"line":234},"edit_contentad_widget",false,"ajax_edit_widget",true,19,{"action":236,"nopriv":231,"callback":237,"hasNonce":231,"hasCapCheck":231,"file":169,"line":238},"track_registration_clicks","set_no_bug",42,[],[241],{"tag":4,"callback":242,"file":169,"line":243},"contentad_shortcode",21,[245],{"hook":171,"callback":171,"file":169,"line":246},38,{"dangerousFunctions":248,"sqlUsage":249,"outputEscaping":251,"fileOperations":326,"externalRequests":326,"nonceChecks":137,"capabilityChecks":84,"bundledLibraries":327},[],{"prepared":137,"raw":28,"locations":250},[],{"escaped":252,"rawEcho":253,"locations":254},15,36,[255,258,260,262,264,266,268,270,271,274,275,277,279,281,283,285,287,289,291,292,294,296,298,300,302,304,306,308,310,312,314,317,319,320,322,324],{"file":147,"line":256,"context":257},55,"raw output",{"file":147,"line":259,"context":257},59,{"file":147,"line":261,"context":257},151,{"file":147,"line":263,"context":257},159,{"file":147,"line":265,"context":257},179,{"file":147,"line":267,"context":257},181,{"file":147,"line":269,"context":257},204,{"file":160,"line":14,"context":257},{"file":272,"line":273,"context":257},"includes\\exitpop.class.php",49,{"file":272,"line":224,"context":257},{"file":169,"line":276,"context":257},29,{"file":169,"line":278,"context":257},33,{"file":169,"line":280,"context":257},335,{"file":202,"line":282,"context":257},69,{"file":202,"line":284,"context":257},83,{"file":209,"line":286,"context":257},95,{"file":209,"line":288,"context":257},123,{"file":209,"line":290,"context":257},142,{"file":209,"line":263,"context":257},{"file":209,"line":293,"context":257},165,{"file":209,"line":295,"context":257},172,{"file":209,"line":297,"context":257},187,{"file":209,"line":299,"context":257},201,{"file":209,"line":301,"context":257},209,{"file":209,"line":303,"context":257},222,{"file":209,"line":305,"context":257},226,{"file":209,"line":307,"context":257},228,{"file":209,"line":309,"context":257},285,{"file":209,"line":311,"context":257},339,{"file":209,"line":313,"context":257},402,{"file":315,"line":316,"context":257},"includes\\widget.class.php",26,{"file":315,"line":318,"context":257},30,{"file":315,"line":191,"context":257},{"file":315,"line":321,"context":257},48,{"file":315,"line":323,"context":257},58,{"file":315,"line":325,"context":257},63,2,[],[329,345],{"entryPoint":330,"graph":331,"unsanitizedCount":137,"severity":344},"save_post (includes\\post-type.class.php:234)",{"nodes":332,"edges":342},[333,337],{"id":334,"type":335,"label":336,"file":209,"line":309},"n0","source","$_POST['post_tag']",{"id":338,"type":339,"label":340,"file":209,"line":309,"wp_function":341},"n1","sink","echo() [XSS]","echo",[343],{"from":334,"to":338,"sanitized":231},"medium",{"entryPoint":346,"graph":347,"unsanitizedCount":28,"severity":353},"\u003Cpost-type.class> (includes\\post-type.class.php:0)",{"nodes":348,"edges":351},[349,350],{"id":334,"type":335,"label":336,"file":209,"line":309},{"id":338,"type":339,"label":340,"file":209,"line":309,"wp_function":341},[352],{"from":334,"to":338,"sanitized":233},"low",{"summary":355,"deductions":356},"The 'contentad' plugin version 1.3.7 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and has no recorded past vulnerabilities, suggesting a generally secure development history. However, there are significant concerns related to its attack surface and data sanitization. The presence of an unprotected AJAX handler represents a direct entry point that could be exploited without proper authentication. Furthermore, a taint analysis revealed a flow with unsanitized paths, indicating a potential for vulnerabilities if user-supplied data is not handled carefully. While the code signals for dangerous functions and SQL are clean, the insufficient output escaping (only 29% properly escaped) is a notable weakness, increasing the risk of cross-site scripting (XSS) vulnerabilities.",[357,359,361],{"reason":358,"points":210},"Unprotected AJAX handler",{"reason":360,"points":166},"Flow with unsanitized paths",{"reason":362,"points":164},"Low output escaping percentage","2026-03-16T20:54:12.426Z",{"wat":365,"direct":376},{"assetPaths":366,"generatorPatterns":370,"scriptPaths":371,"versionParams":372},[367,368,369],"\u002Fwp-content\u002Fplugins\u002Fcontentad\u002Fincludes\u002Fassets\u002Fcss\u002Fadmin\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fcontentad\u002Fincludes\u002Fassets\u002Fjs\u002Fadmin\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fcontentad\u002Fincludes\u002Fassets\u002Fjs\u002Fadmin\u002Ftinymce-plugin.js",[],[368,369],[373,374,375],"contentad\u002Fincludes\u002Fassets\u002Fcss\u002Fadmin\u002Fadmin.css?ver=","contentad\u002Fincludes\u002Fassets\u002Fjs\u002Fadmin\u002Fadmin.js?ver=","contentad\u002Fincludes\u002Fassets\u002Fjs\u002Fadmin\u002Ftinymce-plugin.js?ver=",{"cssClasses":377,"htmlComments":379,"htmlAttributes":380,"restEndpoints":385,"jsGlobals":386,"shortcodeOutput":388},[378],"contentad_instructions_help",[],[381,382,383,384],"data-contentad-preview-url","data-contentad-preview-url-type","data-contentad-preview-id","data-contentad-preview-post-type",[],[387],"contentad_admin_params",[]]