[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6ZmAOEZLAhKo2AxVt-DD_oQWUZ8F85No0OLds7GHS_c":3,"$fhWkHksrL6zxbDsBeA3wL30WSRyTN9zyi1sJL_ncyBuI":391,"$f06bB-U_GdpcXfUoEn-I7cCa36mJIbhi5TRPo7U0nI0Y":396},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":139,"fingerprints":367},"cotton-framework","Cotton Framework","0.1.3","w3prodigy","https:\u002F\u002Fprofiles.wordpress.org\u002Fw3prodigy\u002F","\u003Cp>This is a public beta.\u003C\u002Fp>\n\u003Cp>Cotton Framework comes with a complete XHTML \u002F CSS Theme for designers to style using Child Themes.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>W3C Standards Compliant XHTML and CSS\u003C\u002Fli>\n\u003Cli>Mobile \u002F Handheld device ready\u003C\u002Fli>\n\u003Cli>Print Friendly\u003C\u002Fli>\n\u003Cli>Cross Browser Compliant\u003C\u002Fli>\n\u003Cli>Google Web Site Verification\u003C\u002Fli>\n\u003Cli>Bing Web Site Verification\u003C\u002Fli>\n\u003Cli>Google Analytics Web Property ID Setting\u003C\u002Fli>\n\u003Cli>7 Standard Widget Areas\u003C\u002Fli>\n\u003Cli>14 Optional Advanced Widget Areas\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Included Optional Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Robots Generator – Improve framework for search engines with a robots file.\u003C\u002Fli>\n\u003Cli>Sitemap Generator – Improve framework for search engines with a sitemap file.\u003C\u002Fli>\n\u003Cli>Mobile Support – Enable support for Mobile \u002F Handheld Browsers.\u003C\u002Fli>\n\u003Cli>Google Hosted AJAX Libraries – Register Google’s hosted AJAX Libraries with WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Send Us Your Site\u003C\u002Fh4>\n\u003Cp>We’d like to see some examples of how the framework is being used. Send your live site examples to w3prodigy at gmail dot com.\u003C\u002Fp>\n\u003Ch4>Reporting Issues and Requesting Features\u003C\u002Fh4>\n\u003Cp>Please report any issues or feature requests to http:\u002F\u002Fcode.google.com\u002Fp\u002Fcotton-framework\u002Fissues\u002F using your google account.\u003C\u002Fp>\n","The Cotton Framework provides a Cross-Browser Standards Compliant XHTML \u002F CSS framework.",10,3783,0,"2010-07-25T17:13:00.000Z","3.0.5","3.0","",[19,20,21,22,23],"ajax","analytics","author","cotton","framework","http:\u002F\u002Fcode.google.com\u002Fp\u002Fcotton-framework\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcotton-framework.0.1.3.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},5,920,30,84,"2026-05-20T02:03:26.660Z",[38,63,80,98,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":32,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":58,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":13,"last_vuln_date":62,"fetched_at":28},"wpecounter","WP Views Counter","2.1.3","etruel","https:\u002F\u002Fprofiles.wordpress.org\u002Fetruel\u002F","\u003Cp>\u003Cstrong>WP Views Counter\u003C\u002Fstrong> is a lightweight, high-performance plugin that accurately tracks and displays post, page, and custom post type views — directly in the WordPress admin, via shortcode, or with a Gutenberg block.\u003C\u002Fp>\n\u003Cp>Built for bloggers, marketers, store owners, and developers, it works seamlessly across all post types — including WooCommerce and Easy Digital Downloads — with minimal impact on your site’s speed. No external scripts. No unnecessary bloat.\u003C\u002Fp>\n\u003Cp>This plugin does one job and does it exceptionally well: it tells you which content is getting the most attention.\u003C\u002Fp>\n\u003Ch4>Key Benefits\u003C\u002Fh4>\n\u003Cp>✅ \u003Cstrong>Accurate view counts\u003C\u002Fstrong> in admin columns, shortcode, or block\u003Cbr \u002F>\n✅ \u003Cstrong>Metabox per post\u003C\u002Fstrong> with real-time views and reset button\u003Cbr \u002F>\n✅ \u003Cstrong>Exclude views from logged-in users or specific roles\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ \u003Cstrong>Fully AJAX-powered\u003C\u002Fstrong> — no page reloads or slowdowns\u003Cbr \u002F>\n✅ \u003Cstrong>Works with all post types\u003C\u002Fstrong>, including EDD and WooCommerce\u003Cbr \u002F>\n✅ \u003Cstrong>Block to display popular posts\u003C\u002Fstrong> — no legacy widgets required\u003Cbr \u002F>\n✅ \u003Cstrong>Developer-friendly and fully translatable\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ \u003Cstrong>Import views from other plugins\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Whether you’re optimizing your content strategy or simply want to know what’s working, \u003Cstrong>WP Views Counter\u003C\u002Fstrong> is the simple and effective alternative to bloated analytics plugins.\u003C\u002Fp>\n\u003Cp>📦 Start tracking your most popular content today — with clarity, speed and control.\u003C\u002Fp>\n\u003Cp>💡 Developer-friendly: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEtruel-Developments\u002Fwpecounter\u002Fissues\" rel=\"nofollow ugc\">Contribute on GitHub\u003C\u002Fa> — forks and pull requests welcome.\u003C\u002Fp>\n","Fast, lightweight post views counter. Display views in admin, blocks or shortcodes — no tracking scripts required.",2000,42469,100,"2025-12-19T18:09:00.000Z","6.9.4","3.1","7.0",[54,20,55,56,57],"ajax-counter","popular-posts","post-views","views-counter","https:\u002F\u002Fetruel.com\u002Fdownloads\u002Fwpecounter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpecounter.2.1.3.zip",98,2,"2025-12-14 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":11,"downloaded":71,"rating":13,"num_ratings":13,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":17,"tags":75,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ga-authors","GA Authors","1.0.2","mlazarov","https:\u002F\u002Fprofiles.wordpress.org\u002Fmlazarov\u002F","\u003Cp>Track page views by authors in Google Analytics account.\u003Cbr \u002F>\nAll you have to do is to add Your google analytics profile to the \u003Ccode>GA Authors\u003C\u002Fcode> config page\u003C\u002Fp>\n","Track page views by authors in Google Analytics account. All you have to do is to add Your google analytics profile to the GA Authors config page",1743,"2011-11-14T07:42:00.000Z","3.2.1","2.7",[76,77],"google-analytics","tracking-authors-post-views","http:\u002F\u002Fmarto.lazarov.org\u002Fplugins\u002Fga-authors","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fga-authors.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":13,"downloaded":88,"rating":13,"num_ratings":13,"last_updated":89,"tested_up_to":90,"requires_at_least":17,"requires_php":17,"tags":91,"homepage":96,"download_link":97,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"lolita-events","Lolita Events","0.1","therealguriev","https:\u002F\u002Fprofiles.wordpress.org\u002Ftherealguriev\u002F","\u003Cp>\nIn this screencast you can see how it works \u003Ca href=\"https:\u002F\u002Fdrive.google.com\u002Ffile\u002Fd\u002F1uB6v-m1sihD79OkAvRgkGc_1-QacoRCu\u002Fview?usp=sharing\" rel=\"nofollow ugc\">screencast\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Development team\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin was created by \u003Ca href=\"mailto:therealguriev@gmail.com\" rel=\"nofollow ugc\">Guriev Eugen\u003C\u002Fa>, who continues to lead the development.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Contributing\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Any help is appreciated. The project is open-source and we encourage you to participate. You can contribute to the project in multiple ways by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reporting a bug issue\u003C\u002Fli>\n\u003Cli>Suggesting features\u003C\u002Fli>\n\u003Cli>Sending a pull request with code fix or feature\u003C\u002Fli>\n\u003Cli>Following the project on GitHub\u003C\u002Fli>\n\u003Cli>Following us on Twitter\u003C\u002Fli>\n\u003Cli>Sharing the project around your community\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Links\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgcofficial\u002Fevents\" rel=\"nofollow ugc\">Repository\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Ftherealguriev\u002F\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"mailto:therealguriev@gmail.com\" rel=\"nofollow ugc\">Email\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress Event Calendar Plugin.",1037,"2019-08-07T10:09:00.000Z","5.2.24",[19,92,93,94,95],"calendar","events","lolita","lolitaframework","https:\u002F\u002Fexample.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flolita-events.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":13,"downloaded":106,"rating":13,"num_ratings":13,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":115,"download_link":116,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"searchjet-instant-search","SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress","1.3.6","Maidul","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaidulcu\u002F","\u003Cp>🔎 \u003Ca href=\"https:\u002F\u002Fsearchjetengine.com\u002F\" rel=\"nofollow ugc\">SearchJet Engine\u003C\u002Fa> transforms your WordPress content into a fast, intelligent search experience that your visitors will love.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎉 Forever Free Plan Available!\u003C\u002Fstrong>\u003Cbr \u002F>\nGet started with SearchJetEngine’s generous free tier that includes 10,000 monthly searches and up to 1,000 indexed pages – perfect for most WordPress sites!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How SearchJetEngine Works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>🔍 \u003Cstrong>1. Indexing Your Content\u003C\u002Fstrong>\u003Cbr \u002F>\n* Automatically crawls your WordPress content (posts, pages, products)\u003Cbr \u002F>\n* Extracts and structures your data for optimal search performance\u003Cbr \u002F>\n* Builds a search-optimized index that updates in real-time\u003C\u002Fp>\n\u003Cp>🤖 \u003Cstrong>2. Processing Searches\u003C\u002Fstrong>\u003Cbr \u002F>\n* Understands the meaning behind user queries with AI\u003Cbr \u002F>\n* Corrects spelling mistakes automatically\u003Cbr \u002F>\n* Ranks results by relevance and returns them in milliseconds\u003C\u002Fp>\n\u003Cp>🎯 \u003Cstrong>3. Displaying Results\u003C\u002Fstrong>\u003Cbr \u002F>\n* Shows typo-tolerant matching with highlighted text\u003Cbr \u002F>\n* Provides smart filtering and mobile-optimized interface\u003Cbr \u002F>\n* Delivers instant results as users type\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightning-Fast Search\u003C\u002Fstrong> – Instant AJAX results with typo tolerance and AI-enhanced relevance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Ready\u003C\u002Fstrong> – Product search with SKU, price, category matching, and stock status\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Analytics\u003C\u002Fstrong> – Track top searches, zero-result queries, and comprehensive usage metrics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Plan Management\u003C\u002Fstrong> – Intelligent quota tracking with usage analytics and performance caching\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Hardened\u003C\u002Fstrong> – Log injection protection, secure cryptographic implementations, and input validation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance Optimized\u003C\u002Fstrong> – Memory leak prevention, API call caching, atomic operations, and WordPress standards compliance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable UI\u003C\u002Fstrong> – Multiple themes, colors, and display options with live preview\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Indexing\u003C\u002Fstrong> – Auto-sync with content updates, exclusion rules, and memory-efficient processing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong> – REST API, webhooks, automation framework, and comprehensive error handling\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Forever Free\u003C\u002Fstrong> – 10,000 searches\u002Fmonth, 1,000 pages, no credit card required\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003Cbr \u002F>\n* E-commerce stores needing fast product search\u003Cbr \u002F>\n* Content sites with large libraries\u003Cbr \u002F>\n* Developers requiring search APIs\u003Cbr \u002F>\n* Sites needing search analytics\u003Cbr \u002F>\n* Anyone wanting better search without monthly fees\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* AI-enhanced relevance scoring\u003Cbr \u002F>\n* Multilingual support (WPML\u002FPolylang)\u003Cbr \u002F>\n* Zero-result burst detection\u003Cbr \u002F>\n* Custom post type support\u003Cbr \u002F>\n* Mobile-optimized interface\u003Cbr \u002F>\n* SEO-friendly implementation\u003C\u002Fp>\n\u003Cp>🔎 \u003Ca href=\"https:\u002F\u002Fwww.searchjetengine.com\u002Fvector-search-demo\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> | 📘 \u003Ca href=\"https:\u002F\u002Fsearchjetengine.com\u002Fdocs\u002Fguides\u002Fget-started\u002Fwhat-is-searchjet\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>SearchJet collects only necessary data for search indexing and analytics. No sensitive data like passwords or admin content is stored. All data transmission is encrypted. View our \u003Ca href=\"https:\u002F\u002Fsearchjetengine.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa> for details.\u003C\u002Fp>\n","AI-powered instant search for WordPress & WooCommerce with typo tolerance and real-time analytics.",1094,"2026-01-28T18:56:00.000Z","6.8.5","5.5","7.4",[19,20,112,113,114],"instant","search","woocommerce","https:\u002F\u002Fsearchjetengine.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsearchjet-instant-search.1.3.6.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":35,"num_ratings":127,"last_updated":128,"tested_up_to":52,"requires_at_least":129,"requires_php":110,"tags":130,"homepage":135,"download_link":136,"security_score":48,"vuln_count":137,"unpatched_count":13,"last_vuln_date":138,"fetched_at":28},"google-site-kit","Site Kit by Google – Analytics, Search Console, AdSense, Speed","1.176.0","Google","https:\u002F\u002Fprofiles.wordpress.org\u002Fgoogle\u002F","\u003Cp>Site Kit is the official WordPress plugin from Google for insights about how people find and use your site. Site Kit is the one-stop solution to deploy, manage, and get insights from critical Google tools to make the site successful on the web. It provides authoritative, up-to-date insights from multiple Google products directly on the WordPress dashboard for easy access, all for free.\u003C\u002Fp>\n\u003Ch4>Bringing the best of Google tools to WordPress\u003C\u002Fh4>\n\u003Cp>Site Kit includes powerful features that make using these Google products seamless and flexible:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy-to-understand stats directly on your WordPress dashboard\u003C\u002Fli>\n\u003Cli>Official stats from multiple Google tools, all in one dashboard\u003C\u002Fli>\n\u003Cli>Quick setup for multiple Google tools without having to edit the source code of your site\u003C\u002Fli>\n\u003Cli>Metrics for your entire site and for individual posts\u003C\u002Fli>\n\u003Cli>Easy-to-manage, granular permissions across WordPress and different Google products\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Google tools\u003C\u002Fh4>\n\u003Cp>Site Kit shows key metrics and insights from different Google products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Search Console:\u003C\u002Fstrong> Understand how Google Search discovers and displays your pages in Google Search. Track how many people saw your site in Search results, and what query they used to search for your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics:\u003C\u002Fstrong> Explore how users navigate your site and track goals you’ve set up for your users to complete.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AdSense:\u003C\u002Fstrong> Keep track of how much your site is earning you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PageSpeed Insights:\u003C\u002Fstrong> See how your pages perform compared to other real-world sites. Improve performance with actionable tips from PageSpeed Insights.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tag Manager:\u003C\u002Fstrong> Use Site Kit to easily set up Tag Manager- no code editing required. Then, manage your tags in Tag Manager.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sign in with Google:\u003C\u002Fstrong> Allows visitors to sign up and log in to your site with their existing Google account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reader Revenue Manager:\u003C\u002Fstrong> Helps you grow, retain, and engage your site visitors via subscription, contribution, newsletters, surveys, and custom prompts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ads:\u003C\u002Fstrong> Get customers and sell more with targeted traffic from Google Ads.\u003C\u002Fli>\n\u003C\u002Ful>\n","Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.",5000000,249668864,986,"2026-04-06T18:50:00.000Z","5.2",[131,20,132,133,134],"adsense","google","pagespeed-insights","search-console","https:\u002F\u002Fsitekit.withgoogle.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoogle-site-kit.1.176.0.zip",1,"2020-05-21 00:00:00",{"attackSurface":140,"codeSignals":220,"taintFlows":315,"riskAssessment":354,"analyzedAt":366},{"hooks":141,"ajaxHandlers":216,"restRoutes":217,"shortcodes":218,"cronEvents":219,"entryPointCount":13,"unprotectedCount":13},[142,147,150,153,157,160,163,166,169,172,174,175,179,182,184,186,188,191,194,197,200,203,204,208,211,213],{"type":143,"name":144,"callback":144,"file":145,"line":146},"action","admin_init","cotton-settings.php",58,{"type":143,"name":148,"callback":148,"file":145,"line":149},"admin_menu",59,{"type":143,"name":151,"callback":151,"priority":11,"file":145,"line":152},"plugin_action_links",60,{"type":143,"name":154,"callback":154,"file":155,"line":156},"init","plugins\\cotton-mobile\\cotton-mobile.php",22,{"type":143,"name":158,"callback":158,"file":155,"line":159},"wp_footer",23,{"type":143,"name":161,"callback":161,"file":155,"line":162},"cotton_body_id",24,{"type":143,"name":154,"callback":154,"file":164,"line":165},"plugins\\cotton-register-script\\cotton-register-script.php",35,{"type":143,"name":167,"callback":167,"file":168,"line":159},"generate_rewrite_rules","plugins\\cotton-robots\\cotton-robots.php",{"type":170,"name":171,"callback":171,"file":168,"line":162},"filter","robots_txt",{"type":143,"name":154,"callback":154,"file":173,"line":159},"plugins\\cotton-sitemap\\cotton-sitemap.php",{"type":143,"name":167,"callback":167,"file":173,"line":162},{"type":170,"name":176,"callback":176,"file":177,"line":178},"wp_title","themes\\cotton-framework\\functions-filters.php",20,{"type":170,"name":180,"callback":180,"file":177,"line":181},"body_class",21,{"type":170,"name":183,"callback":183,"file":177,"line":156},"post_class",{"type":170,"name":185,"callback":185,"file":177,"line":159},"mce_css",{"type":170,"name":187,"callback":187,"file":177,"line":162},"wp_nav_menu_args",{"type":170,"name":189,"callback":189,"file":177,"line":190},"the_author_posts_link",25,{"type":143,"name":154,"callback":154,"file":192,"line":193},"themes\\cotton-framework\\functions-hooks.php",26,{"type":143,"name":195,"callback":195,"file":192,"line":196},"template_redirect",27,{"type":143,"name":198,"callback":198,"file":192,"line":199},"wp_print_styles",28,{"type":143,"name":201,"callback":201,"file":192,"line":202},"wp_head",29,{"type":143,"name":158,"callback":158,"file":192,"line":34},{"type":143,"name":205,"callback":206,"file":207,"line":190},"cotton_header","header","themes\\cotton-framework\\functions.php",{"type":143,"name":209,"callback":210,"file":207,"line":193},"cotton_footer","footer",{"type":143,"name":161,"callback":212,"file":207,"line":196},"body_id",{"type":143,"name":214,"callback":215,"file":207,"line":199},"cotton_paginate_links","paginate_links",[],[],[],[],{"dangerousFunctions":221,"sqlUsage":222,"outputEscaping":224,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":314},[],{"prepared":13,"raw":13,"locations":223},[],{"escaped":61,"rawEcho":225,"locations":226},51,[227,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,265,266,267,268,269,270,271,272,273,274,276,278,279,280,282,283,284,286,288,290,291,293,295,297,299,301,304,306,307,308,309,310,311],{"file":145,"line":228,"context":229},132,"raw output",{"file":145,"line":231,"context":229},134,{"file":145,"line":233,"context":229},156,{"file":145,"line":235,"context":229},159,{"file":145,"line":237,"context":229},184,{"file":145,"line":239,"context":229},186,{"file":145,"line":241,"context":229},192,{"file":145,"line":243,"context":229},208,{"file":145,"line":245,"context":229},219,{"file":145,"line":247,"context":229},232,{"file":145,"line":249,"context":229},234,{"file":145,"line":251,"context":229},244,{"file":145,"line":253,"context":229},246,{"file":145,"line":255,"context":229},256,{"file":145,"line":257,"context":229},267,{"file":145,"line":259,"context":229},278,{"file":173,"line":261,"context":229},37,{"file":263,"line":264,"context":229},"themes\\cotton-framework\\author.php",19,{"file":263,"line":181,"context":229},{"file":263,"line":156,"context":229},{"file":263,"line":159,"context":229},{"file":263,"line":159,"context":229},{"file":263,"line":159,"context":229},{"file":263,"line":162,"context":229},{"file":263,"line":190,"context":229},{"file":263,"line":193,"context":229},{"file":263,"line":196,"context":229},{"file":263,"line":275,"context":229},31,{"file":277,"line":165,"context":229},"themes\\cotton-framework\\comments.php",{"file":277,"line":165,"context":229},{"file":277,"line":261,"context":229},{"file":277,"line":281,"context":229},40,{"file":277,"line":281,"context":229},{"file":277,"line":281,"context":229},{"file":277,"line":285,"context":229},43,{"file":277,"line":287,"context":229},48,{"file":277,"line":289,"context":229},53,{"file":277,"line":146,"context":229},{"file":207,"line":292,"context":229},102,{"file":207,"line":294,"context":229},125,{"file":207,"line":296,"context":229},130,{"file":207,"line":298,"context":229},182,{"file":207,"line":300,"context":229},194,{"file":302,"line":303,"context":229},"themes\\cotton-framework\\header.php",17,{"file":305,"line":196,"context":229},"themes\\cotton-framework\\loop.php",{"file":305,"line":196,"context":229},{"file":305,"line":196,"context":229},{"file":305,"line":261,"context":229},{"file":305,"line":225,"context":229},{"file":305,"line":225,"context":229},{"file":312,"line":313,"context":229},"themes\\cotton-framework\\sidebar.php",16,[],[316,342],{"entryPoint":317,"graph":318,"unsanitizedCount":61,"severity":341},"submenu_page (cotton-settings.php:142)",{"nodes":319,"edges":337},[320,325,330,333],{"id":321,"type":322,"label":323,"file":145,"line":324},"n0","source","$_POST[?]",154,{"id":326,"type":327,"label":328,"file":145,"line":324,"wp_function":329},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":331,"type":322,"label":332,"file":145,"line":235},"n2","$_SERVER['PHP_SELF']",{"id":334,"type":327,"label":335,"file":145,"line":235,"wp_function":336},"n3","echo() [XSS]","echo",[338,340],{"from":321,"to":326,"sanitized":339},false,{"from":331,"to":334,"sanitized":339},"medium",{"entryPoint":343,"graph":344,"unsanitizedCount":61,"severity":353},"\u003Ccotton-settings> (cotton-settings.php:0)",{"nodes":345,"edges":350},[346,347,348,349],{"id":321,"type":322,"label":323,"file":145,"line":324},{"id":326,"type":327,"label":328,"file":145,"line":324,"wp_function":329},{"id":331,"type":322,"label":332,"file":145,"line":235},{"id":334,"type":327,"label":335,"file":145,"line":235,"wp_function":336},[351,352],{"from":321,"to":326,"sanitized":339},{"from":331,"to":334,"sanitized":339},"low",{"summary":355,"deductions":356},"The cotton-framework plugin, at version 0.1.3, exhibits a generally positive security posture based on the provided static analysis and vulnerability history. The absence of any recorded CVEs, coupled with a lack of critical or high-severity issues identified in the taint analysis, suggests a well-maintained codebase. The plugin also demonstrates good practices by having no direct SQL queries and zero external HTTP requests, minimizing common attack vectors.\n\nHowever, there are significant areas for concern. The extremely low percentage of properly escaped output (4%) is a major red flag, indicating a high likelihood of cross-site scripting (XSS) vulnerabilities. While the static analysis found no direct SQL injection or other obvious critical flaws, the prevalence of unsanitized paths in taint flows, even if not rated critical or high, points to potential security weaknesses. Furthermore, the complete lack of nonce checks and capability checks on all identified entry points (though none were found) is a considerable security gap if any such entry points were to be introduced or discovered later.\n\nIn conclusion, while the plugin has avoided documented vulnerabilities and uses some secure coding practices, the poor output escaping and the presence of unsanitized paths in taint analysis represent substantial risks. The lack of security checks on entry points is a significant oversight that could lead to vulnerabilities if the attack surface grows. The plugin's security would be greatly improved by addressing the output escaping issues.",[357,360,362,364],{"reason":358,"points":359},"Poor output escaping (4% proper)",15,{"reason":361,"points":11},"Unsanitized paths in taint flows",{"reason":363,"points":11},"No nonce checks",{"reason":365,"points":11},"No capability checks","2026-03-16T23:18:23.623Z",{"wat":368,"direct":379},{"assetPaths":369,"generatorPatterns":376,"scriptPaths":377,"versionParams":378},[370,371,372,373,374,375],"\u002Fwp-content\u002Fplugins\u002Fcotton-framework\u002Fplugins\u002Fcotton-mobile\u002Fcotton-mobile.css","\u002Fwp-content\u002Fplugins\u002Fcotton-framework\u002Fplugins\u002Fcotton-mobile\u002Fcotton-mobile.js","\u002Fwp-content\u002Fplugins\u002Fcotton-framework\u002Fthemes\u002Fcotton-framework\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fcotton-framework\u002Fthemes\u002Fcotton-framework\u002Fcss\u002Fie.css","\u002Fwp-content\u002Fplugins\u002Fcotton-framework\u002Fthemes\u002Fcotton-framework\u002Fcss\u002Fprint.css","\u002Fwp-content\u002Fplugins\u002Fcotton-framework\u002Fthemes\u002Fcotton-framework\u002Fcss\u002Fresponsive.css",[],[371],[],{"cssClasses":380,"htmlComments":381,"htmlAttributes":383,"restEndpoints":386,"jsGlobals":387,"shortcodeOutput":390},[],[382],"\u003C!-- Handles WordPress Natural Hooks -->",[384,385],"id='handheld'","id='screen'",[],[388,389],"width_handler","resizeTimer",[],{"error":392,"url":393,"statusCode":394,"statusMessage":395,"message":395},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcotton-framework\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":397,"versions":398},4,[399,404,411,418],{"version":6,"download_url":25,"svn_tag_url":400,"released_at":27,"has_diff":339,"diff_files_changed":401,"diff_lines":27,"trac_diff_url":402,"vulnerabilities":403,"is_current":392},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcotton-framework\u002Ftags\u002F0.1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcotton-framework%2Ftags%2F0.1.2&new_path=%2Fcotton-framework%2Ftags%2F0.1.3",[],{"version":405,"download_url":406,"svn_tag_url":407,"released_at":27,"has_diff":339,"diff_files_changed":408,"diff_lines":27,"trac_diff_url":409,"vulnerabilities":410,"is_current":339},"0.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcotton-framework.0.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcotton-framework\u002Ftags\u002F0.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcotton-framework%2Ftags%2F0.1.1&new_path=%2Fcotton-framework%2Ftags%2F0.1.2",[],{"version":412,"download_url":413,"svn_tag_url":414,"released_at":27,"has_diff":339,"diff_files_changed":415,"diff_lines":27,"trac_diff_url":416,"vulnerabilities":417,"is_current":339},"0.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcotton-framework.0.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcotton-framework\u002Ftags\u002F0.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcotton-framework%2Ftags%2F0.1&new_path=%2Fcotton-framework%2Ftags%2F0.1.1",[],{"version":83,"download_url":419,"svn_tag_url":420,"released_at":27,"has_diff":339,"diff_files_changed":421,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":422,"is_current":339},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcotton-framework.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcotton-framework\u002Ftags\u002F0.1\u002F",[],[]]