[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f33UMDFtwbeRphvaODgV_2-fmvuLzG3OnQbEnN_UDW3A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":40,"fingerprints":95},"devvn-tet-holiday","DevVN – Trang trí Tết Việt Nam","1.0.10","Le Van Toan","https:\u002F\u002Fprofiles.wordpress.org\u002Flevantoan\u002F","\u003Cp>Trang trí Tết cho website của bạn. Có hoa mai, hoa đào, câu đối 2 bên và pháo hoa bắn cực đẹp\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Chọn kiểu hiển thị câu đối 2 bên: Có 6 kiểu và tương lai còn nhiều hơn nữa. Có thể tắt\u003C\u002Fli>\n\u003Cli>Chọn kiểu chân trang: Có 2 kiểu và có thể ẩn. Tương lai còn nhiều hơn nữa\u003C\u002Fli>\n\u003Cli>Bật\u002FTắt bắn pháo hoa\u003C\u002Fli>\n\u003Cli>Bật\u002FTắt âm thanh khi bắn pháo hoa\u003C\u002Fli>\n\u003Cli>Bật\u002FTắt hiệu ứng hoa đào, hoa mai bay trên web\u003C\u002Fli>\n\u003Cli>Có tuỳ chọn kích thước màn hình để ẩn các trang trí đi\u003Cbr \u002F>\nVà còn nhiều option khác. Các bạn sử dụng và khám phá tiếp nhé\u003C\u002Fli>\n\u003C\u002Ful>\n","Trang trí Tết cho website của bạn. Có hoa mai, hoa đào, câu đối 2 bên và pháo hoa bắn cực đẹp",500,10209,100,2,"2026-01-01T17:53:00.000Z","6.9.4","4.3","",[20,21,22,23,24],"cau-doi","hoa-mai","hoa-dao","tet-holiday","trang-tri-tet","https:\u002F\u002Flevantoan.com\u002Fsan-pham\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdevvn-tet-holiday.1.0.10.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"levantoan",8,43660,94,85,84,"2026-04-04T13:47:26.024Z",[],{"attackSurface":41,"codeSignals":75,"taintFlows":84,"riskAssessment":85,"analyzedAt":94},{"hooks":42,"ajaxHandlers":71,"restRoutes":72,"shortcodes":73,"cronEvents":74,"entryPointCount":27,"unprotectedCount":27},[43,49,53,58,62,66],{"type":44,"name":45,"callback":46,"file":47,"line":48},"action","init","devvn_tet_load_textdomain","devvn-tet-holiday.php",22,{"type":44,"name":50,"callback":51,"file":47,"line":52},"wp_enqueue_scripts","devvn_tet_holiday_custom_scripts",103,{"type":44,"name":54,"callback":55,"priority":56,"file":47,"line":57},"wp_footer","devvn_tet_holiday",999,105,{"type":44,"name":59,"callback":60,"file":47,"line":61},"admin_init","devvn_tet_holiday_register_mysettings",536,{"type":44,"name":63,"callback":64,"file":47,"line":65},"admin_menu","devvn_tet_holiday_admin_menu",636,{"type":67,"name":68,"callback":69,"file":47,"line":70},"filter","devvn_tet_holiday_imgs","closure",1210,[],[],[],[],{"dangerousFunctions":76,"sqlUsage":77,"outputEscaping":79,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":82,"bundledLibraries":83},[],{"prepared":27,"raw":27,"locations":78},[],{"escaped":80,"rawEcho":27,"locations":81},211,[],1,[],[],{"summary":86,"deductions":87},"The 'devvn-tet-holiday' plugin v1.0.10 exhibits a very strong security posture based on the provided static analysis.  The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface.  Furthermore, the code analysis reveals a clean bill of health with no dangerous functions, no file operations, no external HTTP requests, and crucially, 100% of SQL queries utilizing prepared statements and all output being properly escaped. The presence of only one capability check, while minimal, suggests a controlled approach to sensitive operations. The plugin also has no recorded vulnerability history, which is a positive indicator of its security diligence over time.\n\nWhile the static analysis indicates an extremely secure implementation, the complete lack of taint analysis flows and the absence of nonce checks are notable. Although the attack surface is zero, the absence of nonce checks is generally a concern for any WordPress plugin that might interact with user input in the future, even if currently it does not. The limited capability check might also become a weakness if new features are added without corresponding security checks. However, given the current state and lack of historical vulnerabilities, the overall risk is assessed as very low. The plugin demonstrates excellent adherence to secure coding practices within its current scope.",[88,91],{"reason":89,"points":90},"No nonce checks present",5,{"reason":92,"points":93},"Only 1 capability check found",3,"2026-03-16T19:39:01.393Z",{"wat":96,"direct":120},{"assetPaths":97,"generatorPatterns":116,"scriptPaths":117,"versionParams":118},[98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115],"\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fleft-1.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fright-1.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fleft-2.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fright-2.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fleft-3.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fright-3.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fleft-4.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fright-4.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fleft-5.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fright-5.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fthin-1.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fthin-2.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fleft-ngo.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fright-ngo.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fbottom-1.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fbottom-2.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fhoadao.png","\u002Fwp-content\u002Fplugins\u002Fdevvn-tet-holiday\u002Fimages\u002Fhoamai.png",[],[],[119],"devvn-tet-holiday\u002Fstyle.css?ver=",{"cssClasses":121,"htmlComments":126,"htmlAttributes":127,"restEndpoints":148,"jsGlobals":149,"shortcodeOutput":150},[122,123,124,125],"tet_left","tet_right","firework","tet_bottom",[],[128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147],"data-zindex","data-container_width","data-bottom_style","data-bottom_full","data-bottom_left","data-bottom_w","data-enable_firework","data-firework_color","data-firework_speed_mobile","data-firework_speed_pc","data-firework_timer","data-enable_hoamaidao","data-enable_audio","data-style","data-left_width","data-right_width","data-left_url","data-right_url","data-left_banner","data-right_banner",[],[],[]]