[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjpWUIP6_OgETvrDyCbaLuHB_drR2hpNvxYMXldzl53E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":109,"fingerprints":169},"dadevarzan-wp-book","Dadevarzan WordPress Book","1.2.4","Dadevarzan","https:\u002F\u002Fprofiles.wordpress.org\u002Fdadevarzan\u002F","\u003Cp>Dadevarzan Book Post Type\u003Cbr \u002F>\n– Book Post Type\u003Cbr \u002F>\n– Book Fields\u003Cbr \u002F>\n– Book Category\u003Cbr \u002F>\n– Book Capabilities\u003Cbr \u002F>\n– Registering theme layouts\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>[dv-book-filter]\u003Cbr \u002F>\n    \u003Ccode>- Book Table view shortcode\u003C\u002Fcode>\u003Cbr \u002F>\n[dv-book-table-view]\u003Cbr \u002F>\n    `\u003C\u002Fp>\n","Dadevarzan Book Post Type",10,1376,0,"2022-05-31T11:05:00.000Z","6.0.0","4.4.0","7.2",[19,20,21,22,23],"book","dadehvarzan","dadevarzan","wordpress","wp","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdadevarzan-wp-book","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdadevarzan-wp-book.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":21,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},19,2160,87,7,91,"2026-04-04T19:18:13.348Z",[38,56,71,84,98],{"slug":39,"name":40,"version":41,"author":7,"author_profile":8,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":16,"requires_php":48,"tags":49,"homepage":51,"download_link":52,"security_score":53,"vuln_count":54,"unpatched_count":13,"last_vuln_date":55,"fetched_at":28},"dadevarzan-common","Dadevarzan WordPress Common","2.2.3","\u003Cp>Dadevarzan Common Plugin\u003Cbr \u002F>\n– Add file ShortCode For ACF\u003Cbr \u002F>\n    \u003Ccode>[acf-file field=\"ACF_Field\" property=\"size\"]\u003Cbr \u002F>\n[acf-file field=\"ACF_Field\" property=\"url\"]\u003Cbr \u002F>\n[acf-file field=\"ACF_Field\" property=\"title\"]\u003Cbr \u002F>\n[acf-file field=\"ACF_Field\" property=\"filename\"]\u003Cbr \u002F>\n[acf-file field=\"ACF_Field\" property=\"type\"]\u003Cbr \u002F>\n[acf-file field=\"ACF_Field\" property=\"caption\"]\u003Cbr \u002F>\n[acf-file field=\"ACF_Field\" property=\"description\"]\u003C\u002Fcode>\u003Cbr \u002F>\n– Add ShortCode For Date Filter in Archives\u003Cbr \u002F>\n    \u003Ccode>[dv-date-filter post_type=\"post\"]\u003C\u002Fcode>\u003Cbr \u002F>\n– Add ShortCode to display All taxonomies hierarchically in an unordered list style\u003Cbr \u002F>\n    \u003Ccode>[dv-all-tax taxonomy=\"taxonomy_slug\"]\u003C\u002Fcode>\u003Cbr \u002F>\n– Add ShortCode to display related taxonomies to a specific post\u003Cbr \u002F>\n    \u003Ccode>[dv-tax slug='TAXONOMY_SLUG' field='term_id|name|slug' seperator=',']\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Display product attribute short codes for single page\u003Cbr \u002F>\n    \u003Ccode>[display_attribute attribute=\"color\"]\u003C\u002Fcode>    \u003C\u002Fli>\n\u003Cli>Enabled mega menu in beaver theme\u003C\u002Fli>\n\u003Cli>Allowed access to Appearance > Menu and Widgets to Editor & Shop manager roles\u003C\u002Fli>\n\u003Cli>Allowed access to Gravity forms to Editor & Shop manager roles\u003C\u002Fli>\n\u003Cli>Added Banner image, International title and Catalog file to WooCommerce product with ACF\u003C\u002Fli>\n\u003Cli>Added Banner image to WooCommerce product Category and Tag with ACF\u003C\u002Fli>\n\u003Cli>Added Ability to use shortcode in Beaver builder custom CSS class\u003C\u002Fli>\n\u003Cli>Added Dadevarzan Custom Font Icon to Beaver builder Icon set.\u003C\u002Fli>\n\u003Cli>Added lots of farsi\u002Fpersian Fonts to Beaver builder.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>Enhance your Dadevarzan WordPress site with custom shortcodes, Persian fonts, and WooCommerce enhancements. Supports ACF, taxonomy display, date filtering, and Beaver Builder integration.\u003C\u002Fp>\n","Dadevarzan Common Plugin",700,16502,"2025-08-25T12:45:00.000Z","6.8.5","7.4",[50,20,21,22,23],"common","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdadevarzan-common","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdadevarzan-common.zip",99,1,"2025-09-03 00:00:00",{"slug":57,"name":58,"version":59,"author":7,"author_profile":8,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":13,"num_ratings":13,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":17,"tags":67,"homepage":69,"download_link":70,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"dadevarzan-woo-common","Dadevarzan Common for Woocommerce","1.1.2","\u003Cp>Dadevarzan custom shortcodes and common functionalites for Woocommerce.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Displaying Woocommerce Product Gallery images\u003Cbr \u002F>\n[dv_wc_product_images count=’1′ size=’medium’]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Woocommerce sorting product selectbox\u003Cbr \u002F>\n[dv_display_product_sorting]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Woocommerce variation swatches based on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-variation-swatches\u002F\" rel=\"ugc\">Variation Swatches for WooCommerce\u003C\u002Fa>,\u003Cbr \u002F>\n[dv_wc_product_variation_swatches term=’ATTRIBUTE-SLUG’ type=’color|image|button’]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Attribute Table outside of default WooCommerce tabs\u003Cbr \u002F>\n[dv_product_additional_information]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Product Review outside of default WooCommerce tabs\u003Cbr \u002F>\n[dv_display_product_review]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Woocommerce Compaire based on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-smart-compare\u002F\" rel=\"ugc\">WPC Smart Compare for WooCommerce\u003C\u002Fa>,\u003Cbr \u002F>\n[dv_product_compaire]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Woocommerce Wishlist based on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-smart-wishlist\u002F\" rel=\"ugc\">WPC Smart Wishlist for WooCommerce\u003C\u002Fa>,\u003Cbr \u002F>\n[dv_product_wishlist]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Woocommerce Product Discount budge if os sales,\u003Cbr \u002F>\n[dv_display_product_discount]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying Woocommerce stock status based on \u003Ca href=\"https:\u002F\u002Fdocs.wpbeaverbuilder.com\u002Fbeaver-themer\u002Ffield-connections\u002Fuse-conditional-shortcode-to-test-for-presence-of-content-themer\u002F\" rel=\"nofollow ugc\">this article\u003C\u002Fa>,\u003Cbr \u002F>\n[wpbb-if  post:custom_field key=’_stock_status’ exp=’equals’ value=’outofstock’]\u003Cbr \u002F>\n\u003Cdiv class=\"dv-stock_status dv-outofstock\">ناموجود\u003C\u002Fdiv>\u003Cbr \u002F>\n[wpbb-else]\u003Cbr \u002F>\n\u003Cdiv class=\"dv-stock_status dv-instock\">موجود\u003C\u002Fdiv>\u003Cbr \u002F>\n[\u002Fwpbb-if]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Added \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-variation-swatches\u002F\" rel=\"ugc\">Variation and Swatches\u003C\u002Fa> to \u003Ca href=\"https:\u002F\u002Fsearchandfilter.com\u002F\" rel=\"nofollow ugc\">Search & Filter Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Dadevarzan custom shortcodes and common functionalites for Woocommerce.",200,2624,"2023-01-02T11:51:00.000Z","6.1.10","5.0.0",[20,21,68,22,23],"woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdadevarzan-woo-common","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdadevarzan-woo-common.zip",{"slug":72,"name":73,"version":74,"author":7,"author_profile":8,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":13,"num_ratings":13,"last_updated":79,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":80,"homepage":82,"download_link":83,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"dadevarzan-wp-gallery","Dadevarzan WordPress Gallery","1.2.3","\u003Cp>Dadevarzan Gallery Post Type\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Gallery Post Type\u003C\u002Fli>\n\u003Cli>Gallery custom Fields\u003C\u002Fli>\n\u003Cli>Gallery Capabilities\u003C\u002Fli>\n\u003Cli>Registering theme layouts\u003C\u002Fli>\n\u003C\u002Ful>\n","Dadevarzan Gallery Post Type",100,2488,"2022-05-31T11:43:00.000Z",[20,21,81,22,23],"gallery","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdadevarzan-wp-gallery","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdadevarzan-wp-gallery.zip",{"slug":85,"name":86,"version":87,"author":7,"author_profile":8,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":13,"num_ratings":13,"last_updated":92,"tested_up_to":93,"requires_at_least":16,"requires_php":17,"tags":94,"homepage":96,"download_link":97,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"dadevarzan-wp-tender","Dadevarzan WordPress Tender","1.2.7","\u003Cp>Dadevarzan Tender Post Type\u003Cbr \u002F>\n– Tender Post Type\u003Cbr \u002F>\n– Tender Fields\u003Cbr \u002F>\n– Tender Category\u003Cbr \u002F>\n– Tender Capabilities\u003Cbr \u002F>\n– Registering theme layouts\u003C\u002Fp>\n","Dadevarzan Tender Post Type",90,3456,"2023-01-30T08:59:00.000Z","6.1.0",[20,21,95,22,23],"tender","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdadevarzan-wp-tender","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdadevarzan-wp-tender.zip",{"slug":99,"name":100,"version":74,"author":7,"author_profile":8,"description":101,"short_description":102,"active_installs":90,"downloaded":103,"rating":13,"num_ratings":13,"last_updated":104,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":105,"homepage":107,"download_link":108,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"dadevarzan-wp-video","Dadevarzan WordPress Video","\u003Cp>Dadevarzan Video Post Type\u003Cbr \u002F>\n– Video Post Type\u003Cbr \u002F>\n– Video Fields\u003Cbr \u002F>\n– Video Category\u003Cbr \u002F>\n– Video Capabilities\u003Cbr \u002F>\n– Registering theme layouts\u003C\u002Fp>\n","Dadevarzan Video Post Type",2150,"2022-05-31T11:57:00.000Z",[20,21,106,22,23],"video","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdadevarzan-wp-video","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdadevarzan-wp-video.zip",{"attackSurface":110,"codeSignals":151,"taintFlows":159,"riskAssessment":160,"analyzedAt":168},{"hooks":111,"ajaxHandlers":138,"restRoutes":139,"shortcodes":140,"cronEvents":149,"entryPointCount":150,"unprotectedCount":13},[112,118,122,125,128,131,134],{"type":113,"name":114,"callback":115,"file":116,"line":117},"action","plugins_loaded","dadevarzanWpBook::load_text_domain","dadevarzan-wp-book.php",28,{"type":113,"name":119,"callback":120,"file":116,"line":121},"init","dadevarzanWpBook::add_post_type",29,{"type":113,"name":119,"callback":123,"file":116,"line":124},"dadevarzanWpBook::add_fields",30,{"type":113,"name":119,"callback":126,"file":116,"line":127},"dadevarzanWpBook::add_taxonomy",31,{"type":113,"name":119,"callback":129,"file":116,"line":130},"dadevarzanWpBook::add_role_caps",32,{"type":113,"name":114,"callback":132,"file":116,"line":133},"dadevarzanWpBook::load_templates",33,{"type":113,"name":135,"callback":136,"file":116,"line":137},"pre_get_posts","dadevarzanWpBook::filter_books",34,[],[],[141,145],{"tag":142,"callback":143,"file":116,"line":144},"dv-book-filter","dadevarzanWpBook::filter_archive",36,{"tag":146,"callback":147,"file":116,"line":148},"dv-book-table-view","dadevarzanWpBook::table_view_shortcode",38,[],2,{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":155,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":158},[],{"prepared":13,"raw":13,"locations":154},[],{"escaped":156,"rawEcho":13,"locations":157},9,[],[],[],{"summary":161,"deductions":162},"The dadevarzan-wp-book v1.2.4 plugin exhibits a generally strong security posture based on the provided static analysis.  All identified entry points (shortcodes) appear to be free of direct vulnerabilities in terms of dangerous functions, SQL injection (all queries use prepared statements), and output escaping.  The absence of file operations, external HTTP requests, and taint analysis findings further reinforces this positive assessment. The plugin also has a clean vulnerability history with no known CVEs, indicating a lack of publicly disclosed security flaws.\n\nHowever, a significant concern arises from the complete lack of nonce checks and capability checks. While the static analysis did not reveal immediate exploitable flaws within the current code, the absence of these fundamental WordPress security mechanisms means that any functionality exposed by the shortcodes is effectively unprotected from unauthorized access or manipulation by unauthenticated users. This creates a potential avenue for Cross-Site Request Forgery (CSRF) attacks or other privilege escalation vectors if the shortcode's functionality were to be exploited in conjunction with other vulnerabilities or by manipulating requests. The plugin's attack surface, though small, is entirely unprotected in this regard, which is a critical oversight.\n\nIn conclusion, while the code itself seems well-written with good practices like prepared statements and proper output escaping, the omission of nonce and capability checks is a glaring security weakness. The plugin is functionally secure in terms of known vulnerabilities and code-level data handling, but its overall security is compromised by the lack of authorization and CSRF protection mechanisms for its shortcode-based functionality.",[163,166],{"reason":164,"points":165},"Missing nonce checks",15,{"reason":167,"points":165},"Missing capability checks","2026-03-16T23:53:37.082Z",{"wat":170,"direct":179},{"assetPaths":171,"generatorPatterns":174,"scriptPaths":175,"versionParams":176},[172,173],"\u002Fwp-content\u002Fplugins\u002Fdadevarzan-wp-book\u002Fassets\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fdadevarzan-wp-book\u002Fassets\u002Fscript.js",[],[173],[177,178],"dadevarzan-wp-book\u002Fassets\u002Fstyle.css?ver=","dadevarzan-wp-book\u002Fassets\u002Fscript.js?ver=",{"cssClasses":180,"htmlComments":182,"htmlAttributes":183,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":188},[181],"dv-book-filter-wrap",[],[184],"data-dv-book-filter",[],[187],"dadevarzan_wp_book_filter",[189,190,191,192,193],"\u003Cdiv class=\"dv-book-filter-wrap\" data-dv-book-filter='{","\u003C\u002Fdiv>","\u003Ctable class=\"dv-book-table\">","\u003Cth scope=\"col\">","\u003Ctd scope=\"col\">"]