[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fchp1YDpuz3IQChv9Pa0y4jN5J2HdSsk1gG0h1nyOsJk":3,"$fYIA_KMpg6Zs2eaAn9G55BOnIhYU_5kfchCG51ddhuhc":170,"$fFEwBasdQLwmhuU0QHDoBWjrs469hH33qDuYMV2p12N0":175},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":9,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":37,"analysis":38,"fingerprints":84},"debt-reduction-calculator-debt-relief-program-calculator-all-in-one","Debt Reduction Calculator + Debt Relief Program Calculator All-In-One","2.1","pauljpaquin","https:\u002F\u002Fprofiles.wordpress.org\u002Fpauljpaquin\u002F","","With the All-In-One Debt Reduction Calculator and Debt Relief Program Calculator Plug in, from Golden Financial Services, you can find out approximate &hellip;",20,3138,100,3,"2016-12-09T16:36:00.000Z","4.7.33","2.5",[19,20,21,22,23],"credit-card-calculator","credit-card-payoff-calculator","debt-payoff","debt-reduction-calculator","debt-relief-programs","http:\u002F\u002Fnomorecreditcards.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,30,84,"2026-05-20T13:43:18.186Z",[],{"attackSurface":39,"codeSignals":59,"taintFlows":71,"riskAssessment":72,"analyzedAt":83},{"hooks":40,"ajaxHandlers":51,"restRoutes":52,"shortcodes":53,"cronEvents":57,"entryPointCount":58,"unprotectedCount":27},[41,47],{"type":42,"name":43,"callback":44,"file":45,"line":46},"action","wp_enqueue_scripts","sb_calculate_styles","wc_credit_card_payoff_calculator.php",49,{"type":42,"name":48,"callback":49,"file":45,"line":50},"admin_menu","small_biz_all_add_page_fn",160,[],[],[54],{"tag":55,"callback":55,"file":45,"line":56},"debt_reduction_calculator",146,[],1,{"dangerousFunctions":60,"sqlUsage":61,"outputEscaping":63,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":70},[],{"prepared":27,"raw":27,"locations":62},[],{"escaped":27,"rawEcho":33,"locations":64},[65,68],{"file":45,"line":66,"context":67},143,"raw output",{"file":45,"line":69,"context":67},149,[],[],{"summary":73,"deductions":74},"The plugin 'debt-reduction-calculator-debt-relief-program-calculator-all-in-one' version 2.1 presents a generally good security posture with no known CVEs or recorded vulnerabilities. The static analysis reveals a minimal attack surface consisting of a single shortcode, with no identified AJAX handlers or REST API routes accessible without proper authentication checks. The code also avoids dangerous functions, file operations, and external HTTP requests, and it exclusively uses prepared statements for SQL queries, indicating sound development practices in these areas.\n\nHowever, there are significant concerns regarding output escaping. The analysis shows that 100% of the outputs are not properly escaped, which poses a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-provided data that is displayed on the frontend without proper sanitization could be exploited by attackers to inject malicious scripts. Furthermore, the complete absence of nonce checks and capability checks, while not directly linked to an exposed entry point in this specific analysis, represents a potential weakness that could be exploited if the attack surface were to expand or if other entry points were overlooked.\n\nThe lack of any taint analysis results is likely due to the limited nature of the analysis or the absence of user-controllable input reaching sensitive sinks within the analyzed code paths. The clean vulnerability history is a positive indicator, but it should not be taken as a guarantee of future security. The primary weakness identified is the unescaped output, which is a common entry point for attacks. A balanced conclusion would be that while the plugin has a good foundation in terms of avoiding common dangerous practices, the critical deficiency in output escaping makes it vulnerable to XSS attacks.",[75,78,81],{"reason":76,"points":77},"Unescaped output across all outputs",8,{"reason":79,"points":80},"No nonce checks",5,{"reason":82,"points":80},"No capability checks","2026-03-16T22:55:52.599Z",{"wat":85,"direct":114},{"assetPaths":86,"generatorPatterns":96,"scriptPaths":97,"versionParams":105},[87,88,89,90,91,92,93,94,95],"\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjquery.jqplot.min.js","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.barRenderer.min.js","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.categoryAxisRenderer.min.js","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.canvasAxisTickRenderer.min.js","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.canvasTextRenderer.min.js","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.pointLabels.min.js","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fdebt_relief_calculation.js","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fimages\u002Fcalculate.png",[],[98,99,100,101,102,103,104],"js\u002Fjquery.jqplot.min.js","js\u002Fjqplot.barRenderer.min.js","js\u002Fjqplot.categoryAxisRenderer.min.js","js\u002Fjqplot.canvasAxisTickRenderer.min.js","js\u002Fjqplot.canvasTextRenderer.min.js","js\u002Fjqplot.pointLabels.min.js","js\u002Fdebt_relief_calculation.js",[106,107,108,109,110,111,112,113],"\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fstyle.css?ver=","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjquery.jqplot.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.barRenderer.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.categoryAxisRenderer.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.canvasAxisTickRenderer.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.canvasTextRenderer.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fjqplot.pointLabels.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fjs\u002Fdebt_relief_calculation.js?ver=",{"cssClasses":115,"htmlComments":121,"htmlAttributes":129,"restEndpoints":148,"jsGlobals":149,"shortcodeOutput":166},[116,117,118,119,120],"currencyinput","clearIt","color","cuswidth","topRow",[122,123,124,125,126,127,128],"Copyright 2016  Paul Paquin  (email : paul@goldenfs.org)","This program is free software; you can redistribute it and\u002For modify","it under the terms of the GNU General Public License, version 2, as \n    published by the Free Software Foundation.","This program is distributed in the hope that it will be useful,\n    but WITHOUT ANY WARRANTY; without even the implied warranty of\n    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\n    GNU General Public License for more details.","\tYou should have received a copy of the GNU General Public License","along with this program; if not, write to the Free Software","Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA",[130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147],"id=\"wc_debt_mainWrapper\"","id=\"totalDebt\"","id=\"monthlyPay\"","id=\"interestPerc\"","id=\"calcu\"","id=\"calculation\"","id=\"tableWrap\"","id=\"td1\"","id=\"td2\"","id=\"td3\"","id=\"time1\"","id=\"time2\"","id=\"time3\"","id=\"interestPerc1\"","id=\"monthly_payment\"","id=\"payment\"","id=\"monthlyPay1\"","id=\"debtsettlement\"",[],[150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165],"window.calculate_func","window.totalDebt","window.monthlyPay","window.interestPerc","window.td1","window.td2","window.td3","window.time1","window.time2","window.time3","window.interestPerc1","window.monthly_payment","window.payment","window.monthlyPay1","window.debtsettlement","window.totalPayBack",[167,168,169],"\u003Cdiv id=\"wc_debt_mainWrapper\">","\u003Ca href=\"#\" id=\"calcu\" onClick=\"calculate_func();\">","\u003Cdiv id=\"calculation\" style=\"display:none;\">",{"error":171,"url":172,"statusCode":173,"statusMessage":174,"message":174},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fdebt-reduction-calculator-debt-relief-program-calculator-all-in-one\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":27,"versions":176},[]]