[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjF_ug271FVQDb1g6VNgIUwWLo_IU7K6dVcoa3n1JUEo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":149,"fingerprints":180},"defai","DefAI","0.2.0","heiglandreas","https:\u002F\u002Fprofiles.wordpress.org\u002Fheiglandreas\u002F","\u003Cp>Provide dedicated content just for AI bots\u003C\u002Fp>\n","Provide dedicated content just for AI bots",0,819,"2024-08-28T06:31:00.000Z","6.6.5","5.2","7.2",[18,19,20],"ai","copyright","privacy","https:\u002F\u002Fdefai.volkswAIgen.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdefai.0.2.0.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},3,5070,204,73,"2026-04-04T11:43:22.476Z",[34,60,84,105,129],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":11,"last_vuln_date":59,"fetched_at":25},"cryptx","CryptX","4.0.11","Ralf Weber","https:\u002F\u002Fprofiles.wordpress.org\u002Fd3395\u002F","\u003Cp>No more SPAM by spiders scanning your site for email addresses. With CryptX you can hide all your email addresses, with and without a mailto-link, by converting them using javascript or UNICODE.\u003C\u002Fp>\n\u003Cp>CryptX protects your email addresses from spambots while keeping them readable and functional for your visitors. The plugin automatically detects email addresses in your content and encrypts them using various methods including JavaScript encryption, Unicode conversion, and image replacement.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Email Detection\u003C\u002Fstrong> – Finds and encrypts email addresses in posts, pages, comments, and widgets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Encryption Methods\u003C\u002Fstrong> – JavaScript, Unicode, image replacement, and custom text options\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Support\u003C\u002Fstrong> – Works with text widgets and other widget content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSS Feed Control\u003C\u002Fstrong> – Option to disable encryption in RSS feeds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelist Support\u003C\u002Fstrong> – Exclude specific domains from encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per-Post Control\u003C\u002Fstrong> – Enable\u002Fdisable encryption on individual posts and pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Support\u003C\u002Fstrong> – Use \u003Ccode>[cryptx]email@example.com[\u002Fcryptx]\u003C\u002Fcode> for manual encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Template Functions\u003C\u002Fstrong> – Developer-friendly functions for theme integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fweber-nrw.de\u002Fwordpress\u002Fcryptx\u002F\" title=\"Plugin Homepage\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa>\u003C\u002Fp>\n","No more SPAM by spiders scanning your site for email addresses!",10000,280578,88,19,"2025-12-18T08:01:00.000Z","6.9.4","6.7","8.3",[51,52,53,20,54],"antispam","email-encryption","mail","spam-protection","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcryptx\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcryptx.4.0.11.zip",99,1,"2025-12-04 20:35:36",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":81,"download_link":82,"security_score":83,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"cryptex","Cryptex | E-Mail Address Protection","7.1","Andi Dittrich","https:\u002F\u002Fprofiles.wordpress.org\u002Fandi-dittrich\u002F","\u003Cp>\u003Cstrong>NOTE: this plugin is targeted to advanced users and professionals – it requires some configuration tasks and won’t work out-of-the-box!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin is used to display Email addresses \u003Cstrong>as an image\u003C\u002Fstrong> – automatically.\u003Cbr \u002F>\nThis will stop harvesters and crawlers from gathering sensitive data from your website.\u003Cbr \u002F>\nIt works with emails, telephone numbers, postal addresses or any other text-content.\u003Cbr \u002F>\nJust wrap your E-Mail-Address into a shortcode like \u003Ccode>[email]youraddress@example.com[\u002Femail]\u003C\u002Fcode> – that’s it.\u003Cbr \u002F>\nOr use the \u003Cstrong>Autodetect\u003C\u002Fstrong> filter to transform every E-Mail-Address on your page automatically into an image!\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Protects \u003Cstrong>Email Adresses\u003C\u002Fstrong>, \u003Cstrong>Telephone Numbers\u003C\u002Fstrong> or any other content\u003C\u002Fli>\n\u003Cli>Fully customizable appearance: you can configure font-family, font-size and font-color – everything looks like your theme style\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Retina\u002FHD\u002FHigh-Dpi Images\u003C\u002Fstrong> – best appearance on all devices (2x, 3x or 4x resolution enhancement)\u003C\u002Fli>\n\u003Cli>Shortcode and\u002For Autodetection usage!\u003C\u002Fli>\n\u003Cli>Build-In \u003Cstrong>E-Mail-Address-Autodetection\u003C\u002Fstrong> – all addresses on your page are protected automatically (if you want it – you can also just use shortcodes!)\u003C\u002Fli>\n\u003Cli>Autodetection filters configurable for \u003Cstrong>the_content\u003C\u002Fstrong>, \u003Cstrong>the_excerpt\u003C\u002Fstrong>, \u003Cstrong>comments\u003C\u002Fstrong>, \u003Cstrong>comments_excerpt\u003C\u002Fstrong>, \u003Cstrong>text-widget\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Reversible Address-Autodetection Process – your content is modified as long as the plugin is activated\u003C\u002Fli>\n\u003Cli>Postal-addresses, telephone-numbers, names and other sensitive information`s can be protected too\u003C\u002Fli>\n\u003Cli>Protects E-Mail hyperlinks (mailto) by using javascript based \u003Cstrong>key-shifting encryption\u002Fdecryption\u003C\u002Fstrong> with dynamic keys – but you can use images only\u003C\u002Fli>\n\u003Cli>Suitable for high traffic sites – automated caching of dynamic generated images and CSS\u003C\u002Fli>\n\u003Cli>Automatic font-search (standard system font-paths)\u003C\u002Fli>\n\u003Cli>Supports the new modern UI style of WordPress 3.8\u003C\u002Fli>\n\u003Cli>Native support for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenlighter\u002F\" rel=\"ugc\">Enlighter Syntax Highlighter\u003C\u002Fa> to display E-Mail Addresses within highlighted content (requires Enlighter v2.7)\u003C\u002Fli>\n\u003Cli>Includes the \u003Ca href=\"https:\u002F\u002Ffedorahosted.org\u002Fliberation-fonts\u002F\" rel=\"nofollow ugc\">Liberation(tm) Fonts\u003C\u002Fa> package\u003C\u002Fli>\n\u003Cli>TrueType as well as OpenType Fonts are supported\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Text-Transformations\u003C\u002Fh4>\n\u003Cp>The @-sign as well as dot’s within the e-mail-addresses can be automatically replaced by different placeholders, e.g. \u003Ccode>mail(at)example{dot}org\u003C\u002Fcode>, to match your website’s corporate design.\u003C\u002Fp>\n\u003Ch4>Security Modes\u003C\u002Fh4>\n\u003Cp>Cryptex provides various obfuscation modes for E-Mail-Addresses:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Plain Text – only text-transformations are applied – no use of images\u003C\u002Fli>\n\u003Cli>Single Image – the e-mail-address is expressed as a single image \u003C\u002Fli>\n\u003Cli>Multipart Image – the e-mail-address is splitted into two images, seperated by the @-sign in plain text\u003C\u002Fli>\n\u003Cli>Advanced Multipart Image – the craziest one: each part (divided by dot’s and @ sign) is displayed as a seperate image, the dividers as plain text\u003C\u002Fli>\n\u003C\u002Ful>\n","Cryptex transforms plain-text E-Mail-Addresses into Images - automatically - No scrapers. No harvesters. No spambots. That's our goal!",900,19836,80,4,"2020-04-01T07:20:00.000Z","5.4.19","3.9","",[77,78,79,20,80],"e-mail","email","grabbing","robots","https:\u002F\u002Fgithub.com\u002FAndiDittrich\u002FWordPress.Cryptex","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcryptex.7.1.zip",85,{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":28,"last_updated":95,"tested_up_to":96,"requires_at_least":75,"requires_php":75,"tags":97,"homepage":102,"download_link":103,"security_score":104,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"dynamic-copyright-year","Dynamic Copyright Year","1.5.1","Rob @ 5 Star Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002F5starplugins\u002F","\u003Ch4>REALTIME NEW YEAR’S EVE COPYRIGHT UPDATE\u003C\u002Fh4>\n\u003Cp>Take year updates off your New Year’s list. New from 5 Star Plugins, Dynamic Copyright Year detects the copyright year in a site footer and updates it dynamically based on the visitor’s local timezone. Each visitor will see the year in their timezone.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>free Standard plugin\u003C\u002Fstrong> has everything you need to dynamically update the copyright every New Year. Try the \u003Cstrong>\u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fdynamic-copyright-year\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Premium plugin\u003C\u002Fa>\u003C\u002Fstrong> to add footer policy links and get  priority tech support.\u003C\u002Fp>\n\u003Ch3>EASY SETUP\u003C\u002Fh3>\n\u003Cp>Starts working instantly!\u003Cbr \u002F>\n1. If © YYYY text exists in your footer you are ready to go.\u003Cbr \u002F>\n2. Activate automatic updating under plugin options.\u003Cbr \u002F>\n3. Visit the site to watch the footer change from a past year to the current year.\u003C\u002Fp>\n\u003Cp>No shortcode or coding required. Clean and simple features with a user friendly interface.\u003C\u002Fp>\n\u003Ch3>Dynamic Year Updating\u003C\u002Fh3>\n\u003Cp>Automate your footer with a dynamic copyright year.\u003C\u002Fp>\n\u003Ch3>Local Timezone Precision\u003C\u002Fh3>\n\u003Cp>Roll out New Year’s Eve in realtime. Displays year in visitor’s location.\u003C\u002Fp>\n\u003Ch3>Update Hard-To-Edit Footers\u003C\u002Fh3>\n\u003Cp>Works on hardcoded Themes, a footer socket or footer widget.\u003C\u002Fp>\n\u003Ch3>Footer Policy Links\u003C\u002Fh3>\n\u003Cp>Upgrade to Dynamic Copyright Year Premium to add tiny policy links next to the copyright year. De-clutter your main menu and solve hard-to-edit menus.\u003C\u002Fp>\n\u003Ch4>FROM TRUSTED EXPERTS\u003C\u002Fh4>\n\u003Cp>Dynamic Copyright Year was developed by \u003Ca href=\"https:\u002F\u002F5starplugins.com\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">5 Star Plugins\u003C\u002Fa> in the United States. Our technology goes through rigorous testing for the highest quality code written by \u003Cstrong>WordPress experts\u003C\u002Fstrong>. Standard plugin updates are free to maintain compatibility with the current version of WordPress, security fixes, and user improvements.\u003C\u002Fp>\n\u003Ch4>WORLD CLASS SUPPORT\u003C\u002Fh4>\n\u003Cp>Receive world-class support from our team of experts located in the United States. Whether it’s a question about the plugin or help troubleshooting we respond to every inquiry. Free standard plugin users can get answers in the community forum. Receive priority email support after purchasing Dynamic Copyright Year Premium. Premium support will put you in touch with a developer to get everything working perfectly.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Premium Benefits:\u003Cbr \u002F>\n  * \u003Cstrong>Add Footer Policy Links next to copyright year\u003C\u002Fstrong>\u003Cbr \u002F>\n  * \u003Cstrong>Premium Support\u003C\u002Fstrong>\u003Cbr \u002F>\n  * \u003Cstrong>Premium Updates\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>14-Day Trial: Install the standard plugin then start your trial.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>BUG REPORTS\u003C\u002Fh4>\n\u003Cp>Please do not post security concerns to the forum as it could heighten a real security threat. Login to your site to submit a bug report using “contact us” from our plugin menu. Visit our \u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fget-support\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Support Center\u003C\u002Fa> to learn more about bug reporting and support options.\u003C\u002Fp>\n\u003Ch4>MORE RESOURCES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fdynamic-copyright-year\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Official Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsupport.5starplugins.com\u002Fcollection\u002F238-dynamic-copyright-year\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fget-support\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Support Center\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Love this plugin?\u003C\u002Fstrong> We’d love your \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdynamic-copyright-year\u002Freviews\u002F?filter=5#new-post\" rel=\"ugc\">review\u003C\u002Fa>.\u003C\u002Fp>\n","Take year updates off your New Year’s list. This plugin dynamically updates copyright year in realtime with local timezone precision. No shortcode.",800,13588,60,"2025-11-12T05:53:00.000Z","6.8.5",[19,98,99,100,101],"dynamic","footer-links","localization","privacy-policy","http:\u002F\u002Fdynamic-copyright-year","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdynamic-copyright-year.1.5.1.zip",100,{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":92,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":125,"download_link":126,"security_score":127,"vuln_count":58,"unpatched_count":58,"last_vuln_date":128,"fetched_at":25},"e-mailit","WeShareAI – AI-Powered Share Buttons (formerly E-MAILiT)","13.0.0","NIKITAS GEORGOPOULOS","https:\u002F\u002Fprofiles.wordpress.org\u002Fe-mailit\u002F","\u003Cp>WeShareAI is a free, lightweight WordPress plugin that adds AI-powered, privacy-first share buttons to your website.\u003C\u002Fp>\n\u003Cp>Formerly known as E-MAILiT, WeShareAI builds on more than a decade of development in social sharing technology, now reimagined for modern publishers. The plugin is designed to load fast, respect user privacy, and work seamlessly with any WordPress theme — without heavy admin panels or intrusive tracking.\u003C\u002Fp>\n\u003Cp>Configuration is handled via the external WeShareAI Builder, allowing you to generate your share buttons, choose platforms, and optionally enable post-share monetization, all without bloating your WordPress admin area.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>AI-powered smart share buttons  \u003C\u002Fli>\n\u003Cli>Privacy-first architecture (no PII, no user profiling)  \u003C\u002Fli>\n\u003Cli>External builder – no heavy WordPress admin UI  \u003C\u002Fli>\n\u003Cli>Works with any WordPress theme  \u003C\u002Fli>\n\u003Cli>Optional post-share monetization (Thank You Page ads)  \u003C\u002Fli>\n\u003Cli>Universal Bypass: enhance existing share buttons  \u003C\u002Fli>\n\u003Cli>Lightweight, asynchronous loading  \u003C\u002Fli>\n\u003Cli>Free to use\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Generate your share button code via the WeShareAI Builder.\u003C\u002Fli>\n\u003Cli>Place the buttons on your site using shortcodes, widgets, or theme templates.\u003C\u002Fli>\n\u003Cli>Optionally enable post-share monetization features.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Privacy First\u003C\u002Fh3>\n\u003Cp>WeShareAI is built with privacy at its core.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No selling of user data  \u003C\u002Fli>\n\u003Cli>No personal user profiling  \u003C\u002Fli>\n\u003Cli>No invasive tracking  \u003C\u002Fli>\n\u003Cli>Fully GDPR-aware by design  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Your users share content — not their personal information.\u003C\u002Fp>\n","Free, AI-powered, privacy-first share buttons for WordPress with optional post-share monetization.",351813,86,65,"2026-01-15T14:54:00.000Z","6.7.5","4.5","5.6",[18,121,122,123,124],"privacy-first","share-buttons","social-sharing","wordpress","https:\u002F\u002Fwww.weshareapp.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fe-mailit.14.0.1.zip",78,"2025-09-26 00:00:00",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":137,"downloaded":138,"rating":23,"num_ratings":139,"last_updated":140,"tested_up_to":141,"requires_at_least":142,"requires_php":75,"tags":143,"homepage":147,"download_link":148,"security_score":83,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"wp-pgp-encrypted-emails","WP PGP Encrypted Emails","0.8.0","Meitar","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeitar\u002F","\u003Cp>WP PGP Encrypted Emails can automatically sign and encrypt any email that WordPress sends to your site’s admin email address or your users’s email addresses. You give it a copy of the recipient’s OpenPGP public key and\u002For their S\u002FMIME certificate, and it does the rest. You can even automatically generate an OpenPGP signing keypair for your site to use.\u003C\u002Fp>\n\u003Cp>Encrypting outgoing emails protects your user’s privacy by ensuring that emails intended for them can be read only by them, and them alone. Moreover, signing those emails helps your users verify that email they receive purporting to be from your site was \u003Cem>actually\u003C\u002Fem> sent by your server, and not some imposter. If you’re a plugin or theme developer, you can encrypt and\u002For sign \u003Cem>arbitrary data\u003C\u002Fem> using this plugin’s OpenPGP and S\u002FMIME APIs, which are both built with familiar, standard WordPress filter hooks. This enables you to develop highly secure communication and publishing tools fully integrated with your WordPress install. See the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails\u002F#readme\" rel=\"nofollow ugc\">\u003Ccode>README.markdown\u003C\u002Fcode>\u003C\u002Fa> file for details on cryptographic implementation and API usage.\u003C\u002Fp>\n\u003Cp>\u003Cem>Donations for this and my other free software plugins make up a chunk of my income. If you continue to enjoy this plugin, please consider \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WP%20PGP%20Encrypted%20Emails&item_number=wp-pgp-encrypted-emails&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>. 🙂 Thank you for your support!\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Plugin features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Processes \u003Cem>all\u003C\u002Fem> email your site generates, automatically and transparently.\u003C\u002Fli>\n\u003Cli>Configure outbound signing: sign email sent to \u003Cem>all\u003C\u002Fem> recipients, or just savvy ones.\u003C\u002Fli>\n\u003Cli>Per-user encryption keys and certificates; user manages their own OpenPGP keys and S\u002FMIME certificates.\u003C\u002Fli>\n\u003Cli>Compatible with thousands (yes, thousands) of third-party contact form plugins.\u003C\u002Fli>\n\u003Cli>Full interoperability with all standards-compliant OpenPGP and S\u002FMIME implementations.\u003C\u002Fli>\n\u003Cli>Options to enforce further privacy best practices (e.g., removing \u003Ccode>Subject\u003C\u002Fcode> lines).\u003C\u002Fli>\n\u003Cli>Fully multisite compatible, out of the box. No additional configuration for large networks!\u003C\u002Fli>\n\u003Cli>No binaries to install or configure; everything you need is in the plugin itself.\u003C\u002Fli>\n\u003Cli>Bells and whistles included! For instance, visitors can encrypt comments on posts so only the author can read them.\u003C\u002Fli>\n\u003Cli>Built-in, customizable integration with popular third-party plugins, such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">WooCommerce\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Always \u003Cstrong>FREE\u003C\u002Fstrong>. Replaces paid email encryption “upgrades,” and gets rid of yearly subscription fees. (\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WP%20PGP%20Encrypted%20Emails&item_number=wp-pgp-encrypted-emails&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted\" rel=\"nofollow ugc\">Donations\u003C\u002Fa> appreciated!)\u003C\u002Fli>\n\u003Cli>And \u003Cem>more\u003C\u002Fem>, of course. 😉\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin works transparently for \u003Cem>all email\u003C\u002Fem> your site generates, and will also sign and encrypt outgoing email generated by other plugins (such as contact form plugins) or the built-in WordPress notification emails. All you have to do is add one or more OpenPGP keys or an S\u002FMIME certificate to the Email Encryption screen (WordPress Admin Dashboard → Settings → Email Encryption). Each user can opt to also remove envelope information such as email subject lines, which encryption schemes cannot protect. With this plugin, there’s no longer any need to pay for the “pro” version of your favorite contact form plugin to get the benefit of email privacy.\u003C\u002Fp>\n\u003Cp>Each of your site’s users can supply their own, personal OpenPGP public key and\u002For X.509 S\u002FMIME certificate for their own email address to have WordPress automatically encrypt any email destined for them. (They merely need to update their user profile.) They can choose which encryption method to use. Once set up, all future emails WordPress sends to that user will be encrypted using the standards-based OpenPGP or S\u002FMIME technologies.\u003C\u002Fp>\n\u003Cp>The OpenPGP-encrypted emails can be decrypted by any OpenPGP-compatible mail client, such as \u003Ca href=\"https:\u002F\u002Fgpgtools.org\u002F\" rel=\"nofollow ugc\">MacGPG\u003C\u002Fa> (macOS), \u003Ca href=\"https:\u002F\u002Fwww.gpg4win.org\u002F\" rel=\"nofollow ugc\">GPG4Win\u003C\u002Fa> (Windows), \u003Ca href=\"https:\u002F\u002Fwww.enigmail.net\u002F\" rel=\"nofollow ugc\">Enigmail\u003C\u002Fa> (cross-platform), \u003Ca href=\"https:\u002F\u002Fopenkeychain.org\u002F\" rel=\"nofollow ugc\">OpenKeychain\u003C\u002Fa> (Android), or \u003Ca href=\"https:\u002F\u002Fipgmail.com\u002F\" rel=\"nofollow ugc\">iPGMail\u003C\u002Fa> (iPhone\u002FiOS). For more information on reading encrypted emails, generating keys, and other uses for OpenPGP-compatible encryption, consult any (or all!) of the following guides:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fssd.eff.org\u002Fen\u002Fmodule\u002Fintroduction-public-key-cryptography-and-pgp\" rel=\"nofollow ugc\">The Electronic Frontier Foundation’s Surveillance Self-Defense guide to PGP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhelp.riseup.net\u002Fen\u002Fgpg-best-practices\" rel=\"nofollow ugc\">RiseUp.net’s OpenPGP best practices guide\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.openpgp.org\u002F\" rel=\"nofollow ugc\">OpenPGP.org\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The S\u002FMIME-encrypted emails can be decrypted by any S\u002FMIME-compatible mail client. These include \u003Ca href=\"http:\u002F\u002Fsiber-sonic.com\u002Fmac\u002FMailSMIME\u002F\" rel=\"nofollow ugc\">Apple’s Mail on macOS\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fsupport.apple.com\u002Fen-au\u002FHT202345\" rel=\"nofollow ugc\">iOS for iPhone and iPad\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fsupport.office.com\u002Fen-us\u002Farticle\u002FEncrypt-messages-by-using-S-MIME-in-Outlook-Web-App-2E57E4BD-4CC2-4531-9A39-426E7C873E26\" rel=\"nofollow ugc\">Microsoft Outlook\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.claws-mail.org\u002Ffaq\u002Findex.php\u002FS\u002FMIME_howto\" rel=\"nofollow ugc\">Claws Mail for GNU\u002FLinux\u003C\u002Fa>, and more.\u003C\u002Fp>\n\u003Cp>For developers, WP PGP Encrypted Emails provides \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails\u002Fblob\u002Fdevelop\u002FREADME.markdown#openpgp-api\" rel=\"nofollow ugc\">an easy to use API to both OpenPGP\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails\u002Fblob\u002Fdevelop\u002FREADME.markdown#smime-api\" rel=\"nofollow ugc\">S\u002FMIME\u003C\u002Fa> encryption, decryption, and integrity validation operations through the familiar \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\" rel=\"nofollow ugc\">WordPress plugin API\u003C\u002Fa> so you can use this plugin’s simple filter hooks to build custom OpenPGP- or S\u002FMIME-based encryption functionality into your own plugins and themes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security Disclaimer\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security is a process, not a product. Using WP PGP Encrypted Emails does not guarantee that your site’s outgoing messages are invulnerable to every attacker, in every possible scenario, at all times. No single security measure, in isolation, can do that.\u003C\u002Fp>\n\u003Cp>Do not rely solely on this plugin for the security or privacy of your webserver. See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-pgp-encrypted-emails\u002Ffaq\u002F\" rel=\"ugc\">Frequently Asked Questions\u003C\u002Fa> for more security advice and for more information about the rationale for this plugin.\u003Cbr \u002F>\nIf you like this plugin, \u003Cstrong>please consider \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WP%20PGP%20Encrypted%20Emails&item_number=wp-pgp-encrypted-emails&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa> for your use of the plugin\u003C\u002Fstrong> or, better yet, contributing directly to \u003Ca href=\"http:\u002F\u002FCyberbusking.org\u002F\" rel=\"nofollow ugc\">my Cyberbusking fund\u003C\u002Fa>. Your support is appreciated!\u003C\u002Fp>\n\u003Ch4>Themeing\u003C\u002Fh4>\n\u003Cp>Theme authors can use the following code snippets to integrate a WordPress theme with this plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>To link to a site’s OpenPGP signing public key: \u003Ccode>\u003C?php print admin_url( 'admin-ajax.php?action=download_pgp_signing_public_key' ); ?>\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin hooks\u003C\u002Fh4>\n\u003Cp>This plugin offers additional functionality intended for other plugin developers or theme authors to make use of. This functionality is documented here.\u003C\u002Fp>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Ch4>`wp_user_encryption_method`\u003C\u002Fh4>\n\u003Cp>Gets the user’s preferred encryption method (either \u003Ccode>pgp\u003C\u002Fcode> or \u003Ccode>smime\u003C\u002Fcode>), if they have provided both an OpenPGP public key and an S\u002FMIME certificate.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>WP_User\u003C\u002Fcode> \u003Ccode>$user\u003C\u002Fcode> – The WordPress user object. Defaults to the current user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`wp_openpgp_user_key`\u003C\u002Fh4>\n\u003Cp>Gets the user’s saved OpenPGP public key from their WordPress profile data, immediately usable in other \u003Ccode>openpgp_*\u003C\u002Fcode> filters.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>WP_User\u003C\u002Fcode> \u003Ccode>$user\u003C\u002Fcode> – The WordPress user object. Defaults to the current user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`openpgp_enarmor`\u003C\u002Fh4>\n\u003Cp>Gets an ASCII-armored representation of an OpenPGP data structure (like a key, or an encrypted message).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The data to be armored.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Optional parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$marker\u003C\u002Fcode> – The marker of the block (the text that follows \u003Ccode>-----BEGIN\u003C\u002Fcode>). Defaults to \u003Ccode>MESSAGE\u003C\u002Fcode>, but you should set this to a more appropriate value. If you are armoring a PGP public key, for instance, set this to \u003Ccode>PGP PUBLIC KEY BLOCK\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>string[]\u003C\u002Fcode> \u003Ccode>$headers\u003C\u002Fcode> – An array of strings to apply as headers to the ASCII-armored block, usually used to insert comments or identify the OpenPGP client used. Defaults to \u003Ccode>array()\u003C\u002Fcode> (no headers).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: ASCII-armor a binary public key.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$ascii_key = apply_filters('openpgp_enarmor', $public_key, 'PGP PUBLIC KEY BLOCK');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_key`\u003C\u002Fh4>\n\u003Cp>Gets a binary OpenPGP public key for use in later PGP operations from an ASCII-armored representation of that key.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$key\u003C\u002Fcode> – The ASCII-armored PGP public key block.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Get a key saved as an ASCII string in the WordPress database option \u003Ccode>my_plugin_pgp_public_key\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$key = apply_filters('openpgp_key', get_option('my_plugin_pgp_public_key'));\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_sign`\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.gnupg.org\u002Fgph\u002Fen\u002Fmanual\u002Fx135.html#AEN152\" rel=\"nofollow ugc\">Clearsigns\u003C\u002Fa> a message using a given private key.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The message data to sign.\u003C\u002Fli>\n\u003Cli>\u003Ccode>OpenPGP_SecretKeyPacket\u003C\u002Fcode> \u003Ccode>$signing_key\u003C\u002Fcode> – The signing key to use, obtained by passing the ASCII-armored private key through the \u003Ccode>openpgp_key\u003C\u002Fcode> filter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Sign a short string.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$message = 'This is a message to sign.';\n$signing_key = apply_filters('openpgp_key', $ascii_key);\n$signed_message = apply_filters('openpgp_sign', $message, $signing_key);\n\u002F\u002F $signed_message is now a clearsigned message\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_encrypt`\u003C\u002Fh4>\n\u003Cp>Encrypts data to one or more PGP public keys or passphrases.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – Data to encrypt.\u003C\u002Fli>\n\u003Cli>\u003Ccode>array|string\u003C\u002Fcode> \u003Ccode>$keys\u003C\u002Fcode> – Passphrases or keys to use to encrypt the data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Encrypt the content of a blog post.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F\u002F First, get the PGP public key(s) of the recipient(s)\n$ascii_key = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n[...snipped for length...]\n-----END PGP PUBLIC KEY BLOCK-----';\n$encryption_key = apply_filters('openpgp_key', $ascii_key);\n$encrypted_post = apply_filters('openpgp_encrypt', $post->post_content, $encryption_key);\n\u002F\u002F Now you can safely send or display $encrypted_post anywhere you like and only\n\u002F\u002F those who control the corresponding private key(s) can decrypt it.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_sign`\u003C\u002Fh4>\n\u003Cp>Signs a message (arbitrary data) with the given private key.\u003C\u002Fp>\n\u003Cp>Note that if your plugin uses the built-in WordPress core \u003Ccode>wp_mail()\u003C\u002Fcode> function and this plugin is active, your plugin’s outgoing emails are already automatically signed so you do not need to do anything. This filter is intended for use by plugin developers who want to create custom, trusted communiques between WordPress and some other system.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The data to sign.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>OpenPGP_SecretKeyPacket\u003C\u002Fcode> \u003Ccode>$privatekey\u003C\u002Fcode> – The private key used for signing the message. The default is to use the private key automatically generated during plugin activation. The automatically generated keypair is intended to be a low-trust, single-purpose keypair for your website itself, so you probably do not need or want to use this argument yourself.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Send a signed, encrypted JSON payload to a remote, insecure server.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$comment_data = get_comment(2); \u002F\u002F get a WP_Comment object with comment ID 2\n\u002F\u002F Create JSON payload\n$json = array('success' => true, 'action' => 'new_comment', 'data' => $comment_data);\n$url = 'http:\u002F\u002Finsecure.example.com\u002F';\n$response = wp_safe_remote_post($url, array(\n));\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_sign_and_encrypt`\u003C\u002Fh4>\n\u003Cp>A convenience filter that applies \u003Ccode>openpgp_sign\u003C\u002Fcode> and then \u003Ccode>openpgp_encrypt\u003C\u002Fcode> to the result.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The data to sign and encrypt.\u003C\u002Fli>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$signing_key\u003C\u002Fcode> – The signing key to use.\u003C\u002Fli>\n\u003Cli>\u003Ccode>array|string\u003C\u002Fcode> \u003Ccode>$recipient_keys_and_passphrases\u003C\u002Fcode> – Public key(s) of the recipient(s), or passphrases to encrypt to.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`wp_openpgp_user_key`\u003C\u002Fh4>\n\u003Cp>Gets the user’s saved S\u002FMIME public certificate from their WordPress profile data, immediately usable in other \u003Ccode>smime_*\u003C\u002Fcode> filters.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>WP_User\u003C\u002Fcode> \u003Ccode>$user\u003C\u002Fcode> – The WordPress user object. Defaults to the current user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`smime_certificate`\u003C\u002Fh4>\n\u003Cp>Gets a PHP resource handle to an X.509 Certificate.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>mixed\u003C\u002Fcode> \u003Ccode>$cert\u003C\u002Fcode> – The certificate, either as a string to a file, or raw PEM-encoded certificate data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`smime_certificate_pem_encode`\u003C\u002Fh4>\n\u003Cp>Encodes (“exports”) a given X.509 certificate as PEM format.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>resource\u003C\u002Fcode> \u003Ccode>$cert\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`smime_encrypt`\u003C\u002Fh4>\n\u003Cp>Encrypts a message as an S\u002FMIME email given a public certificate.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$message\u003C\u002Fcode> – The message contents to encrypt.\u003C\u002Fli>\n\u003Cli>\u003Ccode>string|string[]\u003C\u002Fcode> \u003Ccode>$headers\u003C\u002Fcode> – The message headers for the encrypted part.\u003C\u002Fli>\n\u003Cli>\u003Ccode>resource|array\u003C\u002Fcode> \u003Ccode>$certificates\u003C\u002Fcode> – The recipient’s certificate, or an array of recipient certificates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This filter returns an array with two keys, \u003Ccode>headers\u003C\u002Fcode> and \u003Ccode>message\u003C\u002Fcode>, wherein the message is encrypted.\u003C\u002Fp>\n\u003Cp>Example: send an encrypted email via \u003Ccode>wp_mail()\u003C\u002Fcode>. (You do not need to do this if the recipient is registered as your site’s user, because this plugin does that automatically. Only do this if you need to send S\u002FMIME encrypted email to an address not stored in WordPress’s own database.)\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$cert = apply_filters( 'smime_certificate', get_option( 'my_plugin_smime_certificate' ) );\n$body = 'This is a test email message body.';\n$head = array(\n    'From' => get_option( 'admin_email' ),\n);\n$smime_data = apply_filters( 'smime_encrypt', $body, $head, $cert );\nif ( $smime_data ) {\n    wp_mail(\n        'recipient@example.com',\n        'Test message.',\n        $smime_data['message'], \u002F\u002F message is sent encrypted\n        $smime_data['headers']\n    );\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Signs and encrypts emails using PGP\u002FGPG keys or X.509 certificates. Provides OpenPGP and S\u002FMIME functions via WordPress plugin API.",400,25921,16,"2021-05-25T19:04:00.000Z","5.7.15","4.4",[78,144,145,20,146],"encryption","pgp","security","https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-pgp-encrypted-emails.0.8.0.zip",{"attackSurface":150,"codeSignals":162,"taintFlows":169,"riskAssessment":170,"analyzedAt":179},{"hooks":151,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":11,"unprotectedCount":11},[152],{"type":153,"name":154,"callback":155,"file":156,"line":157},"action","parse_request","anonymous","src\\DefAI.php",57,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":168},[],{"prepared":11,"raw":11,"locations":165},[],{"escaped":11,"rawEcho":11,"locations":167},[],[],[],{"summary":171,"deductions":172},"The \"defai\" plugin version 0.2.0 demonstrates a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events, coupled with a complete lack of identified dangerous functions, file operations, external HTTP requests, and taint flows, indicates a very limited attack surface.  Furthermore, the analysis shows 100% adherence to best practices regarding SQL query preparation and output escaping, which are critical for preventing common web vulnerabilities.  The plugin's vulnerability history is also clear, with zero recorded CVEs, suggesting a lack of previously discovered security flaws.\n\nWhile the current analysis paints a positive picture, the complete absence of certain security mechanisms like nonce checks and capability checks is a notable concern. Although the current entry points are zero, as the plugin evolves and new features are added, the lack of these fundamental security checks could expose future functionality to vulnerabilities.  The fact that there are no capability checks at all means that if any functionality were to be added that could be exposed via an entry point, it would be completely unprotected by WordPress's role-based access control.\n\nIn conclusion, the \"defai\" plugin v0.2.0 is currently very secure due to its minimal functionality and robust implementation of SQL prepared statements and output escaping. However, the absence of nonce and capability checks represents a significant weakness that needs to be addressed as the plugin develops to prevent potential security risks in the future. This plugin's current strength lies in its limited scope, but its future security will depend on the implementation of more comprehensive access control mechanisms.",[173,176],{"reason":174,"points":175},"No nonce checks implemented",5,{"reason":177,"points":178},"No capability checks implemented",10,"2026-03-17T06:27:10.815Z",{"wat":181,"direct":188},{"assetPaths":182,"generatorPatterns":183,"scriptPaths":184,"versionParams":185},[],[],[],[186,187],"defai\u002Fstyle.css?ver=","defai\u002Fscript.js?ver=",{"cssClasses":189,"htmlComments":190,"htmlAttributes":191,"restEndpoints":192,"jsGlobals":193,"shortcodeOutput":194},[],[],[],[],[],[]]