[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fmUEArBpfuREdaFBuVsW7zz-4S-GtGz0CXNFgDXNc0is":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":39,"fingerprints":73},"devicons","Devicons","1.0","Ryder Damen","https:\u002F\u002Fprofiles.wordpress.org\u002Fryderdamen\u002F","\u003Cp>Devicons is a plugin that allows you to easily display Devicons (Software and Web Developer icons) on your WordPress site. Show off your skills by including them in a graphical way. This plugin is based on the \u003Ca href=\"http:\u002F\u002Fkonpa.github.io\u002Fdevicon\u002F\" rel=\"nofollow ugc\">Devicon project by Julien Monty\u003C\u002Fa>.\u003C\u002Fp>\n","Display Devicons (Software and Web Developer Icons) on your WordPress site.",10,1266,100,1,"","4.9.29","3.5.1","5.6",[20,21,4,22,23],"development-icons","devicon","html5-icon","software-icons","http:\u002Fryderdamen.com\u002Fprojects\u002Fdevicons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdevicons.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"ryderdamen",4,50,89,30,86,"2026-04-05T01:48:28.754Z",[],{"attackSurface":40,"codeSignals":54,"taintFlows":61,"riskAssessment":62,"analyzedAt":72},{"hooks":41,"ajaxHandlers":42,"restRoutes":43,"shortcodes":44,"cronEvents":52,"entryPointCount":53,"unprotectedCount":26},[],[],[],[45,49],{"tag":4,"callback":46,"file":47,"line":48},"devicons_shortcode","Devicons.php",13,{"tag":21,"callback":50,"file":47,"line":51},"devicon_singular_shortcode",14,[],2,{"dangerousFunctions":55,"sqlUsage":56,"outputEscaping":58,"fileOperations":53,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":60},[],{"prepared":26,"raw":26,"locations":57},[],{"escaped":53,"rawEcho":26,"locations":59},[],[],[],{"summary":63,"deductions":64},"The \"devicons\" plugin v1.0 exhibits a strong security posture based on the provided static analysis. The code analysis reveals no dangerous functions, SQL queries are all prepared, and all identified outputs are properly escaped.  The absence of external HTTP requests and the handling of file operations are also positive indicators.  Crucially, there are no recorded vulnerabilities (CVEs) for this plugin, suggesting a history of secure development or a lack of past discovery.\n\nDespite the generally good static analysis results, there are a few areas that warrant attention. The presence of two shortcodes as entry points, while not currently unprotected, represents a potential attack surface that could become a concern if vulnerabilities are introduced in the future.  Furthermore, the complete absence of nonce checks and capability checks is a significant oversight. While the current code might not directly lead to exploitable issues, these are fundamental security mechanisms in WordPress that should be implemented to protect against various cross-site scripting and privilege escalation attacks. The lack of taint analysis results (0 flows analyzed) makes it impossible to assess potential data sanitization issues within the plugin's code pathways.\n\nIn conclusion, \"devicons\" v1.0 appears to be a relatively secure plugin due to its clean code regarding dangerous functions, SQL, and output escaping, coupled with a clean vulnerability history. However, the lack of comprehensive security checks like nonces and capability checks, along with the limited scope of the taint analysis, presents a notable weakness.  The plugin would be significantly more robust with these fundamental security layers implemented.",[65,67,69],{"reason":66,"points":11},"Missing nonce checks",{"reason":68,"points":11},"Missing capability checks",{"reason":70,"points":71},"Taint analysis incomplete",5,"2026-03-16T23:13:19.818Z",{"wat":74,"direct":81},{"assetPaths":75,"generatorPatterns":78,"scriptPaths":79,"versionParams":80},[76,77],"\u002Fwp-content\u002Fplugins\u002Fdevicons\u002Fcss\u002Fmain.css","\u002Fwp-content\u002Fplugins\u002Fdevicons\u002Fcss\u002Fdevicon.min.css",[],[],[],{"cssClasses":82,"htmlComments":87,"htmlAttributes":88,"restEndpoints":89,"jsGlobals":90,"shortcodeOutput":91},[83,84,85,86],"devicon-","colored","devicons-container","wp-devicon",[],[],[],[],[92,93,94,95,96,97],"\u003Ci class=\"devicon-"," colored","\" title=\"","\">\u003C\u002Fi> ","\u003Cdiv class=\"devicons-container\">","\u003C\u002Fdiv>"]