[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f89MuJ7_udjJFFKE8_93Ho_-ISoYCgECrmPsaS8dH0yY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":32,"analysis":139,"fingerprints":479},"cwsi-invites","Invitations and RSVPs","1.5.1","Charlene Copeland","https:\u002F\u002Fprofiles.wordpress.org\u002Fsjcope\u002F","\u003Cp>Invitations and RSVPs provides a frontend form for your users to respond to your event.\u003C\u002Fp>\n\u003Cp>Uninstalling the plugin will NOT remove the associated tables.\u003C\u002Fp>\n\u003Cp>Pre-requisites:\u003Cbr \u002F>\nNone\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Invited people can respond\u003C\u002Fli>\n\u003Cli>Administrators can manage responses.\u003C\u002Fli>\n\u003C\u002Ful>\n","Set up a an invitation and RSVP system on your WordPress site.",0,970,"2026-02-25T20:04:00.000Z","6.9.4","6.3","8.0",[18,19],"invitations","rsvps","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcwsi-invites.1.5.1.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"sjcope",3,30,94,"2026-04-05T08:50:37.036Z",[33,58,81,101,121],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":20,"tags":48,"homepage":53,"download_link":54,"security_score":55,"vuln_count":56,"unpatched_count":11,"last_vuln_date":57,"fetched_at":24},"invite-anyone","Invite Anyone","1.4.10","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>Invite Anyone has two components:\u003C\u002Fp>\n\u003Cp>1) The ability to invite members to the site by email. The plugin creates a tab on each member’s Profile page called “Send Invites”, which contains a form where users can invite outsiders to join the site. There is a field for a custom message. Also, inviters can optionally select any number of their groups, and when the invitee accepts the invitation he or she automatically receive invitations to join those groups.\u003C\u002Fp>\n\u003Cp>The email invitation part of the plugin is customizable by the BP administrator, via Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Cp>2) By default, BuddyPress only allows group admins to invite their friends to groups. In some communities, you might want members to be able to invite non-friends to groups as well. This plugin allows you to do so, by populating the invitation checklist with the entire membership of the site, rather than just a friend list.\u003C\u002Fp>\n\u003Cp>Because member lists can get very long and hard to navigate, this plugin adds a autosuggest search box to the Send Invites screen – the same one that appears on the Compose Message screen – which allows inviters to navigate directly to the members they want to invite.\u003C\u002Fp>\n\u003Cp>Invite Anyone features optional integration with CloudSponge http:\u002F\u002Fcloudsponge.com, a premium address book service, that allows your users to invite their friends to the site in a way that’s easy and fun. Enable it at Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Ch3>Translation credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Belarussian: Alexander Ovsov (\u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002Fscience\" rel=\"nofollow ugc\">Web Geek Science\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese: Celso Bessa\u003C\u002Fli>\n\u003Cli>Catalan: Mònica Grau and Toni Ginard\u003C\u002Fli>\n\u003Cli>Danish: Mort3n\u003C\u002Fli>\n\u003Cli>Dutch: Jesper Popma, Tim de Hoog\u003C\u002Fli>\n\u003Cli>French: Guillaume Coulon, Nicolas Mollet\u003C\u002Fli>\n\u003Cli>German: Lars Berning, Thorsten Wollenhöfer, Matthias Lunz\u003C\u002Fli>\n\u003Cli>Greek: Lena Stergatou\u003C\u002Fli>\n\u003Cli>Italian: Luca Camellini\u003C\u002Fli>\n\u003Cli>Norwegian: Stig Ulfsby\u003C\u002Fli>\n\u003Cli>Russian: Jettochkin, Roman Leonov\u003C\u002Fli>\n\u003Cli>Serbo-Croatian: Anja Skrba\u003C\u002Fli>\n\u003Cli>Spanish: Mauricio Camayo, Gregor Gimmy\u003C\u002Fli>\n\u003Cli>Swedish: Alexander Berthelsen, Jan Anderson\u003C\u002Fli>\n\u003Cli>Ukrainian: \u003Ca href=\"http:\u002F\u002Fwww.coupofy.com\u002F\" rel=\"nofollow ugc\">Ivanka\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additional details about the plugin can be found in the following languages:\u003Cbr \u002F>\n* Serbo-Croatian: \u003Ca href=\"http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\" rel=\"nofollow ugc\">http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\u003C\u002Fa>\u003C\u002Fp>\n","Makes BuddyPress's invitation features more powerful.",1000,262018,86,26,"2024-08-19T17:09:00.000Z","6.6.5","3.2",[49,50,51,18,52],"buddypress","friends","group","invite","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Finvite-anyone\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvite-anyone.1.4.10.zip",83,6,"2024-08-16 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":44,"last_updated":69,"tested_up_to":14,"requires_at_least":70,"requires_php":20,"tags":71,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":11,"last_vuln_date":80,"fetched_at":24},"wp-ecards-invites","WP eCards – Branded Digital Greeting Cards","1.4.12","Tim from eCardWidget","https:\u002F\u002Fprofiles.wordpress.org\u002Ftimsayshey\u002F","\u003Cp>Add a branded eCard form or eCard gallery directly to your WordPress site with just a few clicks. Visitors can browse your collection of digital greeting cards, personalize a message, and send it instantly via email or social media — no coding required.\u003C\u002Fp>\n\u003Cp>Perfect for organizations, nonprofits, churches, and businesses looking to engage their community, show appreciation, or run creative campaigns with custom-designed cards.\u003C\u002Fp>\n\u003Cp>This plugin is powered by \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002F\" rel=\"nofollow ugc\">eCardWidget\u003C\u002Fa> — the leading platform for customizable digital greeting card forms used by top brands and mission-driven organizations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Add Digital Greeting Cards?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Boost engagement. Encourage sharing. Celebrate people. Whether it’s for volunteer appreciation, donor thank-yous, team recognition, or holiday outreach — eCards help you connect in a meaningful way.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Popular Use Cases\u003C\u002Fstrong>\u003Cbr \u002F>\nExplore how businesses, nonprofits, and churches are using eCards to boost engagement and grow impact: \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fexamples\u002F\" rel=\"nofollow ugc\">See real examples\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 New: Built-in WooCommerce Integration!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily sell digital eCards as WooCommerce products and let customers send cards right after checkout. No extra plugin required—it’s all built-in! Perfect for organizations, nonprofits, churches, and businesses who want to offer eCards with full e-commerce power.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Embed branded eCard galleries or individual cards anywhere using a simple shortcode\u003C\u002Fli>\n\u003Cli>Fully customizable card designs, branding, and messaging\u003C\u002Fli>\n\u003Cli>Add your logo, links, and custom background\u003C\u002Fli>\n\u003Cli>Choose from a professional template library or upload your own artwork\u003C\u002Fli>\n\u003Cli>Track sent cards and export sender\u002Frecipient emails (CSV)\u003C\u002Fli>\n\u003Cli>Reliable email delivery with spam protection\u003C\u002Fli>\n\u003Cli>Emoji and animated GIF support\u003C\u002Fli>\n\u003Cli>Responsive design, mobile-friendly\u003C\u002Fli>\n\u003Cli>BCC all outgoing eCards for recordkeeping\u003C\u002Fli>\n\u003Cli>Change layouts, fonts, and colors to match your site\u003C\u002Fli>\n\u003Cli>Custom CSS support\u003C\u002Fli>\n\u003Cli>Send eCards to Facebook friends\u003C\u002Fli>\n\u003Cli>Built-in analytics to track card engagement\u003C\u002Fli>\n\u003Cli>Multilingual support (French, German, Dutch, Spanish, Hebrew, Polish, and more)\u003C\u002Fli>\n\u003Cli>And many more features!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Live Examples\u003C\u002Fh3>\n\u003Cp>See how others are using WP eCards:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Business \u002F Marketing\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fraising_canes.html\" rel=\"nofollow ugc\">Raising Cane’s\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fmanagrams.html\" rel=\"nofollow ugc\">Teremana Tequila\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Nonprofits & Fundraising\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fhabitforhumanity.html\" rel=\"nofollow ugc\">Habitat for Humanity\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fmdfoodbank.html\" rel=\"nofollow ugc\">Maryland Food Bank\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Churches\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fvineyardnorthphoenix.html\" rel=\"nofollow ugc\">Vineyard North Phoenix\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Employee Recognition\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fapp.ecardwidget.com\u002Fwidget\u002F5095\" rel=\"nofollow ugc\">Modivcare\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fcircalogica.html\" rel=\"nofollow ugc\">Circalogica\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>View more at \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fexamples\u002F\" rel=\"nofollow ugc\">ecardwidget.com\u002Fexamples\u003C\u002Fa>\u003C\u002Fp>\n","Add interactive digital greeting cards to your WordPress site — fully branded, customizable, and shareable by visitors through email or social media.",400,11882,88,"2025-12-06T14:57:00.000Z","3.0.1",[72,73,18,74,75],"ecards","evites","invites","recognition","http:\u002F\u002Fecardwidget.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-ecards-invites.zip",99,1,"2024-12-03 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":29,"downloaded":89,"rating":90,"num_ratings":56,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":20,"tags":94,"homepage":98,"download_link":99,"security_score":100,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"invitations-for-slack","Invitations for Slack","1.0.2","rheinardkorf","https:\u002F\u002Fprofiles.wordpress.org\u002Frheinardkorf\u002F","\u003Cp>Invitations for Slack lets you use convenient shortcodes to show “Join us on Slack.” buttons or Slack badges. Just add\u003Cbr \u002F>\nyour Slack token and use the shortcodes wherever you want your visitors to be able to invite themselves from.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy to use:\n\u003Cul>\n\u003Cli>Visit \u003Ca href=\"https:\u002F\u002Fapi.slack.com\u002Fweb\" rel=\"nofollow ugc\">https:\u002F\u002Fapi.slack.com\u002Fweb\u003C\u002Fa> to generate your Slack token.\u003C\u002Fli>\n\u003Cli>Add the token to the plugin settings.\u003C\u002Fli>\n\u003Cli>Use the [invitations_for_slack] or [invitations_for_slack_badge] shortcodes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Invitations are performed using the WP REST API which in turn communicates with the Slack API. No page reloads.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>A Slack team and the team’s access token.\u003C\u002Fli>\n\u003Cli>A self-hosted WordPress website (Not a WordPress.com website.)\u003C\u002Fli>\n\u003C\u002Ful>\n","Build a Slack community by allowing your visitors (or registered users) to invite themselves to your Slack team.",5728,76,"2016-01-29T01:14:00.000Z","4.4.34","4.4",[95,18,74,96,97],"community","join","slack","http:\u002F\u002Frheinard.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvitations-for-slack.zip",85,{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":11,"num_ratings":11,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":20,"tags":114,"homepage":20,"download_link":119,"security_score":100,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":120},"eventish","Eventish WP Widget","1.2.3","Armen Margarian","https:\u002F\u002Fprofiles.wordpress.org\u002Feventish\u002F","\u003Cp>Eventish Events Plug-in automatically lists your events in your WordPress based website or blog.\u003Cbr \u002F>\nThis plug-in updates your event listing in real time whenever you add or remove your events on \u003Ca href=\"http:\u002F\u002Fwww.eventish.com\u002F\" rel=\"nofollow ugc\">Eventish.com\u003C\u002Fa> or whenever your events expire.\u003C\u002Fp>\n\u003Cp>By simply installing this plug-in you will be able to integrate your events, previously posted on \u003Ca href=\"http:\u002F\u002Fwww.eventish.com\u002F\" rel=\"nofollow ugc\">Eventish.com\u003C\u002Fa>, with your website.\u003Cbr \u002F>\nThis way you will no longer have to post the same events several times and will be able to significantly increase their visibly.\u003C\u002Fp>\n\u003Cp>Eventish Events Plug-in is still in an active development stage, with new features coming out on a regular basis.\u003C\u002Fp>\n\u003Cp>Go ahead to give this hassle-free plug-in a try!\u003C\u002Fp>\n\u003Cp>About Eventish.com\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.eventish.com\u002F\" rel=\"nofollow ugc\">Eventish.com\u003C\u002Fa> offers online event registration and management solutions for RSVP, General Admission and Banquet type events. Due to its useful features and innovative solutions (Banquet Room Designer) Eventish makes event marketing and ticketing easier and more affordable as never before!\u003C\u002Fp>\n","This plugin displays your www.eventish.com events list in your Wordpress based website as a sidebar widget.",10,3117,"2011-11-22T13:53:00.000Z","3.2.1","2.5.2",[115,102,116,117,118],"email-invitations","events","online-registration","sell-tickets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feventish.zip","2026-03-15T14:54:45.397Z",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":109,"downloaded":129,"rating":11,"num_ratings":11,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":20,"tags":133,"homepage":137,"download_link":138,"security_score":100,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"wp-social-invites","WP Social Invites","1.0.0","manishbhojwani3","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanishbhojwani3\u002F","\u003Cp>WP Social Invites allow your visitors to invite their social network friends directly into your WordPress site. This plugin has no conflict with any Plugin.\u003C\u002Fp>\n\u003Cp>Demo link:\u003Cbr \u002F>\nhttp:\u002F\u002Fwebtanner.com\u002Fprojects\u002Fdemos\u002Fwp-social-invites\u002F\u003C\u002Fp>\n\u003Cp>Key Feature:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Send invitation personally in form of personalized text.\u003C\u002Fli>\n\u003Cli>Page and Popup supportive.\u003C\u002Fli>\n\u003Cli>Supports widgets.\u003C\u002Fli>\n\u003Cli>Supports shortcode.\u003C\u002Fli>\n\u003Cli>Default slider layout.\u003C\u002Fli>\n\u003Cli>Responsive popups.\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Social Invites allows your visitors to invite their social friends on your website.",1593,"2017-03-21T17:11:00.000Z","4.8.28","3.4",[18,74,134,135,136],"social-invitation","wordpress-social-invitation","wordpress-social-invites","http:\u002F\u002Fwebtanner.com\u002Fprojects\u002Fweb-slider\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-invites.zip",{"attackSurface":140,"codeSignals":176,"taintFlows":233,"riskAssessment":470,"analyzedAt":478},{"hooks":141,"ajaxHandlers":164,"restRoutes":165,"shortcodes":166,"cronEvents":174,"entryPointCount":175,"unprotectedCount":11},[142,148,150,153,156,158],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_enqueue_scripts","anonymous","includes\\class-cwsi-invites.php",133,{"type":143,"name":144,"callback":145,"file":146,"line":149},134,{"type":143,"name":151,"callback":145,"file":146,"line":152},"admin_menu",135,{"type":143,"name":154,"callback":145,"file":146,"line":155},"wp_enqueue_scripts",149,{"type":143,"name":154,"callback":145,"file":146,"line":157},150,{"type":143,"name":159,"callback":160,"priority":161,"file":162,"line":163},"init","init_shortcodes",20,"public\\class-cwsi-invites-public.php",54,[],[],[167,171],{"tag":168,"callback":169,"file":162,"line":170},"cwsiInviteAnswerForm","cwsiinviteanswerform_func",82,{"tag":172,"callback":173,"file":162,"line":55},"cwsiInviteShowResponses","cwsiinviteshowresponses_func",[],2,{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":207,"fileOperations":79,"externalRequests":79,"nonceChecks":227,"capabilityChecks":11,"bundledLibraries":228},[],{"prepared":179,"raw":180,"locations":181},36,11,[182,186,188,190,192,194,196,200,202,203,205],{"file":183,"line":184,"context":185},"admin\\class-cwsi-invites-admin.php",716,"$wpdb->get_results() with variable interpolation",{"file":183,"line":187,"context":185},760,{"file":183,"line":189,"context":185},785,{"file":183,"line":191,"context":185},810,{"file":183,"line":193,"context":185},1730,{"file":183,"line":195,"context":185},2009,{"file":197,"line":198,"context":199},"cwsi-invites.php",96,"$wpdb->query() with variable interpolation",{"file":197,"line":201,"context":199},98,{"file":197,"line":22,"context":199},{"file":197,"line":204,"context":199},102,{"file":162,"line":206,"context":185},152,{"escaped":208,"rawEcho":209,"locations":210},330,7,[211,214,216,218,221,223,225],{"file":183,"line":212,"context":213},194,"raw output",{"file":183,"line":215,"context":213},216,{"file":183,"line":217,"context":213},239,{"file":219,"line":220,"context":213},"admin\\partials\\cwsi-invites-admin-display.php",145,{"file":219,"line":222,"context":213},238,{"file":219,"line":224,"context":213},328,{"file":219,"line":226,"context":213},500,13,[229],{"name":230,"version":231,"knownCves":232},"Freemius","1.0",[],[234,269,292,316,338,357,369,382],{"entryPoint":235,"graph":236,"unsanitizedCount":175,"severity":268},"cwsiEvents_page (admin\\class-cwsi-invites-admin.php:247)",{"nodes":237,"edges":262},[238,243,247,253,256,259],{"id":239,"type":240,"label":241,"file":183,"line":242},"n0","source","$_POST",286,{"id":244,"type":245,"label":246,"file":183,"line":242},"n1","transform","→ cwsiShowAddEventPage()",{"id":248,"type":249,"label":250,"file":219,"line":251,"wp_function":252},"n2","sink","echo() [XSS]",250,"echo",{"id":254,"type":240,"label":241,"file":183,"line":255},"n3",287,{"id":257,"type":245,"label":258,"file":183,"line":255},"n4","→ cwsiShowEventsPage()",{"id":260,"type":249,"label":250,"file":219,"line":261,"wp_function":252},"n5",310,[263,265,266,267],{"from":239,"to":244,"sanitized":264},false,{"from":244,"to":248,"sanitized":264},{"from":254,"to":257,"sanitized":264},{"from":257,"to":260,"sanitized":264},"medium",{"entryPoint":270,"graph":271,"unsanitizedCount":291,"severity":268},"cwsiInvites_page (admin\\class-cwsi-invites-admin.php:299)",{"nodes":272,"edges":286},[273,276,278,280,283,285],{"id":239,"type":240,"label":274,"file":183,"line":275},"$_POST (x2)",373,{"id":244,"type":245,"label":277,"file":183,"line":275},"→ cwsiShowAddInvitesPage()",{"id":248,"type":249,"label":250,"file":219,"line":279,"wp_function":252},37,{"id":254,"type":240,"label":281,"file":183,"line":282},"$_POST (x3)",379,{"id":257,"type":245,"label":284,"file":183,"line":282},"→ cwsiShowInvitesResponsesPage()",{"id":260,"type":249,"label":250,"file":219,"line":220,"wp_function":252},[287,288,289,290],{"from":239,"to":244,"sanitized":264},{"from":244,"to":248,"sanitized":264},{"from":254,"to":257,"sanitized":264},{"from":257,"to":260,"sanitized":264},5,{"entryPoint":293,"graph":294,"unsanitizedCount":175,"severity":268},"cwsiinvitesuploads_page (admin\\class-cwsi-invites-admin.php:394)",{"nodes":295,"edges":311},[296,299,301,305,307,309],{"id":239,"type":240,"label":297,"file":183,"line":298},"$_FILES",407,{"id":244,"type":245,"label":300,"file":183,"line":298},"→ cwsiSaveInvitesImport()",{"id":248,"type":249,"label":302,"file":183,"line":303,"wp_function":304},"wp_remote_get() [SSRF]",1204,"wp_remote_get",{"id":254,"type":240,"label":297,"file":183,"line":306},416,{"id":257,"type":245,"label":308,"file":183,"line":306},"→ cwsiShowInvitesUpload()",{"id":260,"type":249,"label":250,"file":219,"line":310,"wp_function":252},428,[312,313,314,315],{"from":239,"to":244,"sanitized":264},{"from":244,"to":248,"sanitized":264},{"from":254,"to":257,"sanitized":264},{"from":257,"to":260,"sanitized":264},{"entryPoint":317,"graph":318,"unsanitizedCount":337,"severity":268},"cwsiinvitedesigninviteemail_page (admin\\class-cwsi-invites-admin.php:426)",{"nodes":319,"edges":332},[320,322,324,326,328,330],{"id":239,"type":240,"label":281,"file":183,"line":321},474,{"id":244,"type":245,"label":323,"file":183,"line":321},"→ cwsiAdminInviteShowInviteSettings()",{"id":248,"type":249,"label":250,"file":219,"line":325,"wp_function":252},1132,{"id":254,"type":240,"label":241,"file":183,"line":327},481,{"id":257,"type":245,"label":329,"file":183,"line":327},"→ cwsiAdminShowSendTestInviteEmail()",{"id":260,"type":249,"label":250,"file":219,"line":331,"wp_function":252},1236,[333,334,335,336],{"from":239,"to":244,"sanitized":264},{"from":244,"to":248,"sanitized":264},{"from":254,"to":257,"sanitized":264},{"from":257,"to":260,"sanitized":264},4,{"entryPoint":339,"graph":340,"unsanitizedCount":337,"severity":268},"cwsiinvitedesignconfirmationemail_page (admin\\class-cwsi-invites-admin.php:494)",{"nodes":341,"edges":352},[342,344,346,348,350,351],{"id":239,"type":240,"label":281,"file":183,"line":343},542,{"id":244,"type":245,"label":345,"file":183,"line":343},"→ cwsiAdminInviteShowConfirmationSettings()",{"id":248,"type":249,"label":250,"file":219,"line":347,"wp_function":252},1372,{"id":254,"type":240,"label":241,"file":183,"line":349},549,{"id":257,"type":245,"label":329,"file":183,"line":349},{"id":260,"type":249,"label":250,"file":219,"line":331,"wp_function":252},[353,354,355,356],{"from":239,"to":244,"sanitized":264},{"from":244,"to":248,"sanitized":264},{"from":254,"to":257,"sanitized":264},{"from":257,"to":260,"sanitized":264},{"entryPoint":358,"graph":359,"unsanitizedCount":28,"severity":268},"cwsiinvitessendemails_page (admin\\class-cwsi-invites-admin.php:562)",{"nodes":360,"edges":366},[361,363,365],{"id":239,"type":240,"label":281,"file":183,"line":362},602,{"id":244,"type":245,"label":364,"file":183,"line":362},"→ cwsiShowInvitesSendEmails()",{"id":248,"type":249,"label":250,"file":219,"line":226,"wp_function":252},[367,368],{"from":239,"to":244,"sanitized":264},{"from":244,"to":248,"sanitized":264},{"entryPoint":370,"graph":371,"unsanitizedCount":28,"severity":268},"cwsiinvitesviewresponses_page (admin\\class-cwsi-invites-admin.php:617)",{"nodes":372,"edges":379},[373,375,377],{"id":239,"type":240,"label":281,"file":183,"line":374},652,{"id":244,"type":245,"label":376,"file":183,"line":374},"→ cwsiShowInvitesViewResponses()",{"id":248,"type":249,"label":250,"file":219,"line":378,"wp_function":252},590,[380,381],{"from":239,"to":244,"sanitized":264},{"from":244,"to":248,"sanitized":264},{"entryPoint":383,"graph":384,"unsanitizedCount":469,"severity":268},"\u003Cclass-cwsi-invites-admin> (admin\\class-cwsi-invites-admin.php:0)",{"nodes":385,"edges":446},[386,387,388,389,390,391,392,394,396,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444],{"id":239,"type":240,"label":241,"file":183,"line":242},{"id":244,"type":245,"label":246,"file":183,"line":242},{"id":248,"type":249,"label":250,"file":219,"line":251,"wp_function":252},{"id":254,"type":240,"label":241,"file":183,"line":255},{"id":257,"type":245,"label":258,"file":183,"line":255},{"id":260,"type":249,"label":250,"file":219,"line":261,"wp_function":252},{"id":393,"type":240,"label":274,"file":183,"line":275},"n6",{"id":395,"type":245,"label":277,"file":183,"line":275},"n7",{"id":397,"type":249,"label":250,"file":219,"line":279,"wp_function":252},"n8",{"id":399,"type":240,"label":281,"file":183,"line":282},"n9",{"id":401,"type":245,"label":284,"file":183,"line":282},"n10",{"id":403,"type":249,"label":250,"file":219,"line":220,"wp_function":252},"n11",{"id":405,"type":240,"label":297,"file":183,"line":298},"n12",{"id":407,"type":245,"label":300,"file":183,"line":298},"n13",{"id":409,"type":249,"label":302,"file":183,"line":303,"wp_function":304},"n14",{"id":411,"type":240,"label":297,"file":183,"line":306},"n15",{"id":413,"type":245,"label":308,"file":183,"line":306},"n16",{"id":415,"type":249,"label":250,"file":219,"line":310,"wp_function":252},"n17",{"id":417,"type":240,"label":281,"file":183,"line":321},"n18",{"id":419,"type":245,"label":323,"file":183,"line":321},"n19",{"id":421,"type":249,"label":250,"file":219,"line":325,"wp_function":252},"n20",{"id":423,"type":240,"label":274,"file":183,"line":327},"n21",{"id":425,"type":245,"label":329,"file":183,"line":327},"n22",{"id":427,"type":249,"label":250,"file":219,"line":331,"wp_function":252},"n23",{"id":429,"type":240,"label":281,"file":183,"line":343},"n24",{"id":431,"type":245,"label":345,"file":183,"line":343},"n25",{"id":433,"type":249,"label":250,"file":219,"line":347,"wp_function":252},"n26",{"id":435,"type":240,"label":281,"file":183,"line":362},"n27",{"id":437,"type":245,"label":364,"file":183,"line":362},"n28",{"id":439,"type":249,"label":250,"file":219,"line":226,"wp_function":252},"n29",{"id":441,"type":240,"label":281,"file":183,"line":374},"n30",{"id":443,"type":245,"label":376,"file":183,"line":374},"n31",{"id":445,"type":249,"label":250,"file":219,"line":378,"wp_function":252},"n32",[447,448,449,450,451,452,453,454,455,456,457,458,459,460,461,462,463,464,465,466,467,468],{"from":239,"to":244,"sanitized":264},{"from":244,"to":248,"sanitized":264},{"from":254,"to":257,"sanitized":264},{"from":257,"to":260,"sanitized":264},{"from":393,"to":395,"sanitized":264},{"from":395,"to":397,"sanitized":264},{"from":399,"to":401,"sanitized":264},{"from":401,"to":403,"sanitized":264},{"from":405,"to":407,"sanitized":264},{"from":407,"to":409,"sanitized":264},{"from":411,"to":413,"sanitized":264},{"from":413,"to":415,"sanitized":264},{"from":417,"to":419,"sanitized":264},{"from":419,"to":421,"sanitized":264},{"from":423,"to":425,"sanitized":264},{"from":425,"to":427,"sanitized":264},{"from":429,"to":431,"sanitized":264},{"from":431,"to":433,"sanitized":264},{"from":435,"to":437,"sanitized":264},{"from":437,"to":439,"sanitized":264},{"from":441,"to":443,"sanitized":264},{"from":443,"to":445,"sanitized":264},23,{"summary":471,"deductions":472},"The \"cwsi-invites\" v1.5.1 plugin exhibits a generally strong security posture, with a notable absence of known vulnerabilities and a high percentage of properly escaped output and prepared SQL statements. The static analysis reveals good coding practices, such as the presence of 13 nonce checks, which are crucial for preventing CSRF attacks.  The limited attack surface, consisting only of two shortcodes with no unprotected entry points, further contributes to its security. However, a significant concern arises from the taint analysis, which identified 8 flows with unsanitized paths. While no critical or high severity issues were flagged, this indicates a potential for cross-site scripting (XSS) or other injection vulnerabilities if these paths are not handled with extreme care by the developer, even if the direct impact isn't immediately obvious from the static analysis alone.\n\nThe plugin's vulnerability history is remarkably clean, with zero known CVEs. This, combined with the high percentage of secure coding practices, suggests a developer who is either very diligent or has not yet encountered significant security challenges. Nevertheless, the presence of unsanitized paths in the taint analysis warrants attention, as it represents a latent risk. The bundled Freemius library, version 1.0, is also an area of potential concern as it might be outdated and contain its own undiscovered vulnerabilities.  In conclusion, \"cwsi-invites\" v1.5.1 is in a strong security position due to its clean vulnerability history and good implementation of common security measures. The primary weakness lies in the identified unsanitized paths from the taint analysis and the potentially outdated bundled library, which require developer attention to fully mitigate any latent risks.",[473,476],{"reason":474,"points":475},"Taint flows with unsanitized paths found",15,{"reason":477,"points":28},"Bundled Freemius v1.0 library","2026-03-17T06:48:00.755Z",{"wat":480,"direct":495},{"assetPaths":481,"generatorPatterns":486,"scriptPaths":487,"versionParams":490},[482,483,484,485],"\u002Fwp-content\u002Fplugins\u002Fcwsi-invites\u002Fcss\u002Fcwsi-invites-admin.css","\u002Fwp-content\u002Fplugins\u002Fcwsi-invites\u002Fjs\u002Fcwsi-invites-admin.js","\u002Fwp-content\u002Fplugins\u002Fcwsi-invites\u002Fpublic\u002Fcss\u002Fcwsi-invites-public.css","\u002Fwp-content\u002Fplugins\u002Fcwsi-invites\u002Fpublic\u002Fjs\u002Fcwsi-invites-public.js",[],[488,489],"admin\u002Fjs\u002Fcwsi-invites-admin.js","public\u002Fjs\u002Fcwsi-invites-public.js",[491,492,493,494],"cwsi-invites-admin.css?ver=","cwsi-invites-admin.js?ver=","cwsi-invites-public.css?ver=","cwsi-invites-public.js?ver=",{"cssClasses":496,"htmlComments":501,"htmlAttributes":503,"restEndpoints":507,"jsGlobals":508,"shortcodeOutput":510},[497,498,499,500],"cwsi-invite-form-wrapper","cwsi-invite-success-message","cwsi-event-list-table","cwsi-invitee-form",[502],"This file is read by WordPress to generate the plugin information in the plugin\n * admin area. This file also includes all of the dependencies used by the plugin,\n * registers the activation and deactivation functions, and defines a function\n * that starts the plugin.",[504,505,506],"data-event-id","data-invite-id","data-nonce",[],[509],"cwsi_invite_ajax_object",[511,512],"[cwsi-invite-form]","[cwsi-event-list]"]