[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fihP8nARkUjA1233OR8IrznXIN1PcnclCTRImw1Rx9VU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":131,"fingerprints":653},"direktt","Direktt","1.0","direkttwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fdirekttwp\u002F","\u003Cp>Direktt helps you seamlessly integrate your WordPress website with the \u003Ca href=\"https:\u002F\u002Fdirektt.com\u002F\" rel=\"nofollow ugc\">Direktt mobile customer care platform\u003C\u002Fa>. With this plugin, you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Access a wp-admin interface for Direktt settings, user management, and bulk messaging.\u003C\u002Fli>\n\u003Cli>Manage messaging templates and send announcements to your Direktt channel subscribers.\u003C\u002Fli>\n\u003Cli>View and manage user profiles, notes, and message history.\u003C\u002Fli>\n\u003Cli>Receive and act on user events such as subscriptions, messages, and activity from the Direktt mobile app.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For developers, Direktt provides a framework to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add custom hooks and actions for Direktt events.\u003C\u002Fli>\n\u003Cli>Access and authorize users or events from the Direktt app.\u003C\u002Fli>\n\u003Cli>Integrate with the Direktt panel or user profiles.\u003C\u002Fli>\n\u003Cli>Send messages to app users programmatically.\u003C\u002Fli>\n\u003Cli>Implement powerful Direktt automations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can find Developer documentation here: \u003Ca href=\"https:\u002F\u002Fdirektt.com\u002Fresources\u002Fdeveloper-guide-basic-concepts-platform-overview\u002F\" rel=\"nofollow ugc\">Direktt developer guides\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Data & External Service Disclosure\u003C\u002Fh3>\n\u003Cp>This plugin connects your website to the Direktt platform using secure API calls. No user tracking or personal data is automatically sent from your site to Direktt.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When certain user actions occur (such as subscribing or messaging), the Direktt platform sends the following minimal user data to your WordPress site via API:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Display name\u003C\u002Fli>\n\u003Cli>Avatar\u003C\u002Fli>\n\u003Cli>Channel-specific subscription ID\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>No personally identifiable or trackable data (such as email addresses) is shared with your or other channels or with any third-party platforms. All API calls are authenticated with your Direktt API key.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin API Endpoints Used:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe plugin communicates only during specific actions and uses the following Direktt API endpoints:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>https:\u002F\u002FgetDataForChannel-lnkonwpiwa-uc.a.run.app\u003Cbr \u002F>\n(Called when you view the Direktt dashboard in wp-admin to fetch current channel status)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>https:\u002F\u002Factivatechannel-lnkonwpiwa-uc.a.run.app\u003Cbr \u002F>\n(Called on channel activation)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>https:\u002F\u002Fgetsubscriptionsforchannel-lnkonwpiwa-uc.a.run.app\u003Cbr \u002F>\n(Called when channel user synchronization is initiated in the Direktt wp-admin settings)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>https:\u002F\u002Fsendbulkmessages-lnkonwpiwa-uc.a.run.app\u003Cbr \u002F>\n(Called when sending a message to channel subscribers)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>https:\u002F\u002Fsendadminmessage-lnkonwpiwa-uc.a.run.app\u003Cbr \u002F>\n(Called when sending a message to the channel admin)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>https:\u002F\u002FupdateMessage-lnkonwpiwa-uc.a.run.app\u003Cbr \u002F>\n(Called when updating a sent message)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>No calls are made automatically or in the background without user\u002Fadmin action.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For more details, please see:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Direktt Privacy Policy \u003Ca href=\"https:\u002F\u002Fdirektt.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">HERE\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Direktt Terms of Service \u003Ca href=\"https:\u002F\u002Fdirektt.com\u002Fterms-of-service\u002F\" rel=\"nofollow ugc\">HERE\u003C\u002Fa>  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Localization:\u003C\u002Fp>\n\u003Cp>Text Domain: direktt\u003Cbr \u002F>\nDomain Path: \u002Flanguages\u003Cbr \u002F>\nLearn more about Direktt at https:\u002F\u002Fdirektt.com\u003C\u002Fp>\n\u003Cp>Direktt plugin uses a number of third party libraries. They include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Vue.js – https:\u002F\u002Fgithub.com\u002Fvuejs\u002F\u003C\u002Fli>\n\u003Cli>Vuetify – https:\u002F\u002Fgithub.com\u002Fvuetifyjs\u002Fvuetify\u003C\u002Fli>\n\u003Cli>php-jwt – https:\u002F\u002Fgithub.com\u002Ffirebase\u002Fphp-jwt\u003C\u002Fli>\n\u003Cli>Html2Text – https:\u002F\u002Fgithub.com\u002Fmtibben\u002Fhtml2text\u003C\u002Fli>\n\u003C\u002Ful>\n","Connect your WordPress site to the Direktt mobile customer care platform for instant messaging and real-time user engagement.",0,81,"2026-02-06T15:44:00.000Z","6.9.4","5.4","8.0",[18,19,20,21,22],"customer-care","messaging","mobile-app","mobile-integration","push-notifications","https:\u002F\u002Fdirektt.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdirektt.1.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,94,"2026-04-05T02:58:16.662Z",[35,60,78,96,115],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":11,"last_vuln_date":59,"fetched_at":27},"facebook-messenger-customer-chat","Facebook Chat Plugin – Live Chat Plugin for WordPress","2.5","Facebook","https:\u002F\u002Fprofiles.wordpress.org\u002Ffacebook\u002F","\u003Cp>Communicate with customers on your website with Messenger-powered chat. Chat Plugin is a chat widget maintained by the Meta Business that enables live chat on your website.\u003C\u002Fp>\n\u003Cp>Whether they’re on their computer or their phone, website visitors will be able to message you anytime by clicking on a small Messenger chat bubble in the lower right corner of your site.\u003C\u002Fp>\n\u003Cp>Key features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Website visitors can message you while browsing your site.\u003C\u002Fli>\n\u003Cli>Set up auto-replies and answers to common questions to serve customers when you’re not available.\u003C\u002Fli>\n\u003Cli>Continue the conversation with customers on Messenger even after they leave your website.\u003C\u002Fli>\n\u003Cli>Visitors without a Facebook Messenger account can ask you questions anonymously in Guest mode.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fbusiness\u002Fmessenger\u002Fget-started\" rel=\"nofollow ugc\">Messenger\u003C\u002Fa>’s familiar interface builds trust.\u003C\u002Fli>\n\u003Cli>No need to switch between apps to answer questions you get on the website.\u003C\u002Fli>\n\u003C\u002Ful>\n","The Facebook Chat Plugin makes it easy for your website visitors to chat with you and ask you questions, even if they don't have Messenger.",90000,1753271,70,303,"2022-07-05T23:01:00.000Z","5.9.13","3.9","5.2.4",[52,18,53,19,54],"chat","facebook","messenger","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffacebook-messenger-customer-chat.zip",84,2,"2020-08-04 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":25,"downloaded":68,"rating":25,"num_ratings":58,"last_updated":69,"tested_up_to":14,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"progressify","Progressify – All-in-One Progressive Web App (PWA) on Autopilot","1.1.1","DaftPlug","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaftplug\u002F","\u003Cp>Progressify is an all-in-one plugin that empowers your website with Progressive Web App (PWA) features, to make it faster, smoother, and feel like a real app. Let users install your site on their home screens and increase engagement, repeat visits, and sales.\u003C\u002Fp>\n\u003Ch3>🚀 Turn your site into Progressive Web App\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Add to Home Screen\u003C\u002Fstrong> – Let users install your site on their home screens in seconds, giving it a true app-like experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Installation Prompts\u003C\u002Fstrong> – Prompt users to install with banners, popups, overlays, buttons, or QR codes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>App-like UI Components\u003C\u002Fstrong> – Seamlessly integrate features such as loaders, pull-to-refresh, dark mode, navigation tabs, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Push Notifications\u003C\u002Fstrong> – Send push notifications manually or automatically to users’ devices to drive them back to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Offline Usage\u003C\u002Fstrong> – Keep your site available and accessible for users, even without an internet connection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Web Capabilities\u003C\u002Fstrong> – Easily enable advanced Web API features such as periodic background sync, content indexing, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Usage Tracking & Analytics\u003C\u002Fstrong> – Gain complete analytics on your web app, including how many users install and use it, which devices they’re using, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Configuration\u003C\u002Fstrong> – Easily configure and customize every aspect of your PWA features directly from the user-friendly settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Generate Mobile Apps (Pro)\u003C\u002Fstrong> – Optionally create real-time Android and iOS apps that mirror your website and publish them to app stores.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🗝️ Countless More Features\u003C\u002Fh4>\n\u003Cp>Progressify offers a wide range of state-of-the-art features and seamlessly integrates them into your website, delivering a smooth, app-like user experience:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Display Settings\u003C\u002Fstrong>: Display and startup behavior\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Offline Settings\u003C\u002Fstrong>: Offline cache and capabilities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Navigation Tab Bar\u003C\u002Fstrong>: Bottom navigation tab bar\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dark Mode\u003C\u002Fstrong>: Dark theme mode toggle\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pull Down Refresh\u003C\u002Fstrong>: Pull-down to refresh gesture\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Skeleton Loader\u003C\u002Fstrong>: Page skeleton loading animation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smooth Page Transitions\u003C\u002Fstrong>: No-reload page changes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Toast Messages\u003C\u002Fstrong>: Popup toast notifications\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Share Button\u003C\u002Fstrong>: Device native share button\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Background Sync\u003C\u002Fstrong>: Fetch data in background\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vibrations\u003C\u002Fstrong>: Haptic feedback on tap\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Screen Wake Lock\u003C\u002Fstrong>: Prevent screen dimming and locking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Idle Detection\u003C\u002Fstrong>: Detect inactivity and prompt updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shake Refresh\u003C\u002Fstrong>: Shake to refresh gesture\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Autosave Forms\u003C\u002Fstrong>: Persist values to prevent data loss\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Countless more features and options…\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎉 PWA Success Stories\u003C\u002Fh3>\n\u003Cp>PWA is actively implemented by big companies and they see amazing improvements regarding the performance and conversions\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>+150% User Traffic\u003C\u002Fstrong>: Trivago saw a 150% rise in engagement from home screen users, leading to a 97% increase in hotel offer click-outs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>+76% Total Conversions\u003C\u002Fstrong>: AliExpress upgraded to a PWA and saw a 76% boost in conversions and a 30% rise in monthly active Android users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>+44% Ad Revenue\u003C\u002Fstrong>: Pinterest new PWA boosted user-generated ad revenue by 44% and core engagement by 60%.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>+90% Storage Efficient\u003C\u002Fstrong>: Tinder native application was a whopping 30MB, but after transitioning to a PWA, they reduced the file size to just 2.8MB.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>⚡ Smart Features, No Hassle\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>No Coding Required\u003C\u002Fstrong>: The plugin offers ready-made, fully configurable features, enabling advanced web APIs without any technical expertise.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Updates\u003C\u002Fstrong>: Updates with fixes, new features and improvements are automatically pushed to your WordPress website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>High Quality\u003C\u002Fstrong>: The plugin is built with a modular design, ensuring fast, reliable performance without frequent bugs and failures.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Support\u003C\u002Fstrong>: Get support in the support forum from friendly professionals ready to answer your questions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌐 Fully Translatable\u003C\u002Fh4>\n\u003Cp>Progressify supports multiple languages, typography options, and RTL layouts. It’s fully translatable via POT files using tools like Poedit and Loco Translate and is compatible with WPML, Polylang, TranslatePress, Weglot, and more.\u003C\u002Fp>\n\u003Ch4>🔌 Compatible with All Themes &  Plugins\u003C\u002Fh4>\n\u003Cp>Progressify works out-of-the-box with any WordPress setup, theme, or plugin. Whether you’re running a blog, e-commerce store, forum, portfolio, membership site, or news portal, it integrates seamlessly without requiring extra configuration.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services to provide specific functionality. Below is a complete list of the services, what they do, when they are used, and what data may be transmitted.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Workbox CDN (storage.googleapis.com)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purpose: Loads Google’s Workbox service worker library so the offline cache and routing strategies can function.\u003C\u002Fli>\n\u003Cli>What is sent and when: The browser downloads a static JavaScript file (workbox-sw.js) when the service worker is installed\u002Fupdated. No user data is sent by this plugin as part of that request.\u003C\u002Fli>\n\u003Cli>Provider: Google. Terms: https:\u002F\u002Fpolicies.google.com\u002Fterms — Privacy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy — Workbox: https:\u002F\u002Fdeveloper.chrome.com\u002Fdocs\u002Fworkbox\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress.com MShots (s0.wp.com)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purpose: Generates a screenshot (thumbnail) of your site’s start page used by the plugin for the offline fallback page background and for certain preview\u002Ficon generation cases.\u003C\u002Fli>\n\u003Cli>What is sent and when: The browser requests a static image from https:\u002F\u002Fs0.wp.com\u002Fmshots\u002Fv1\u002F with your site URL included in the query string plus viewport parameters. As with any HTTP request, the visitor’s IP address and user agent are sent by the browser to the CDN. No additional user-specific data is sent by this plugin.\u003C\u002Fli>\n\u003Cli>Provider: Automattic (WordPress.com). Terms: https:\u002F\u002Fwordpress.com\u002Ftos — Privacy: https:\u002F\u002Fautomattic.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>GeoJS (get.geojs.io)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purpose: Resolves a visitor’s IP address to a country name\u002Fcode for anonymous PWA analytics (Dashboard) and push subscriber metadata.\u003C\u002Fli>\n\u003Cli>What is sent and when: The visitor’s IP address is looked up server‑side on first PWA open and when a user subscribes to push notifications. The response is used to store country information only.\u003C\u002Fli>\n\u003Cli>Provider: GeoJS. Website\u002FDocs: https:\u002F\u002Fwww.geojs.io\u002F — Privacy: https:\u002F\u002Fwww.geojs.io\u002Fprivacy\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>OneSignal SDK Worker (cdn.onesignal.com)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purpose: If the OneSignal plugin is active, the service worker imports OneSignal’s web push SDK worker to enable that plugin’s push features.\u003C\u002Fli>\n\u003Cli>What is sent and when: Requests the OneSignal SDK worker file. Any subsequent data flows are governed by the OneSignal plugin\u002Faccount configuration.\u003C\u002Fli>\n\u003Cli>Provider: OneSignal. Terms: https:\u002F\u002Fonesignal.com\u002Fterms-of-service — Privacy: https:\u002F\u002Fonesignal.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Webpushr Service Worker (cdn.webpushr.com)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purpose: If the Webpushr plugin is active, the service worker imports Webpushr’s worker to enable that plugin’s push features.\u003C\u002Fli>\n\u003Cli>What is sent and when: Requests the Webpushr worker file. Any subsequent data flows are governed by the Webpushr plugin\u002Faccount configuration.\u003C\u002Fli>\n\u003Cli>Provider: Webpushr. Terms: https:\u002F\u002Fwww.webpushr.com\u002Fterms-of-service — Privacy: https:\u002F\u002Fwww.webpushr.com\u002Fprivacy-policy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Notes:\u003Cbr \u002F>\n– OneSignal and Webpushr integrations are conditional and only load if those plugins are active on your site.\u003Cbr \u002F>\n– Web push delivery uses the standard browser push endpoints associated with each subscription (e.g., services operated by browser vendors). The specific endpoint domain varies per browser and is not controlled by this plugin.\u003C\u002Fp>\n\u003Ch3>Source Code and Build Instructions\u003C\u002Fh3>\n\u003Cp>This plugin uses modern tooling (Tailwind CSS and esbuild) to produce minified assets for distribution. The human‑readable source code is included in the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Admin JS and CSS source: \u003Ccode>includes\u002Fadmin\u002F_src\u002F\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Build prerequisites: Node.js and npm.\u003C\u002Fp>\n\u003Cp>Basic development build:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install dev dependencies.\u003C\u002Fli>\n\u003Cli>Build assets in development mode.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Third‑party libraries used in compiled assets include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>esbuild – https:\u002F\u002Fesbuild.github.io\u002F\u003C\u002Fli>\n\u003Cli>Tailwind CSS – https:\u002F\u002Ftailwindcss.com\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The full, human‑readable sources for all minified files are present within the plugin as listed above. If you have any trouble locating sources, please open an issue in the WordPress.org support forum for this plugin.\u003C\u002Fp>\n","Turn your site into an app-like PWA with install prompts, offline use, push notifications, and more to boost engagement, repeat visits, and sales.",1169,"2026-03-09T11:20:00.000Z","5.0","7.4",[20,73,74,22,75],"native-app","progressive-web-app","pwa","https:\u002F\u002Fdaftplug.com\u002Fprogressify\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprogressify.1.1.1.zip",{"slug":79,"name":80,"version":81,"author":79,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":11,"num_ratings":11,"last_updated":87,"tested_up_to":88,"requires_at_least":55,"requires_php":71,"tags":89,"homepage":92,"download_link":93,"security_score":94,"vuln_count":30,"unpatched_count":11,"last_vuln_date":95,"fetched_at":27},"beyondcart","BeyondCart Connector","3.1.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeyondcart\u002F","\u003Cp>Turn One-time Shoppers into Reccuring Revenue\u003C\u002Fp>\n\u003Cp>Connector to BeyondCart – SaaS product that transform your eCommerce to a mobile app instantly and build customers for life! Analyze their behavior and drive repeat sales with targeted push notifications.\u003C\u002Fp>\n\u003Ch3>Build customersfor life\u003C\u002Fh3>\n\u003Cp>Make users stick around and drive repeat purchases with a Mobile Shopping App and Customer Engagement Platform\u003C\u002Fp>\n\u003Ch3>Boost your business with a Mobile Shopping App\u003C\u002Fh3>\n\u003Cp>Engage shoppers where they’re most likely to convert – their phone. Offer a personalized shopping experience that keep cusomers ready to buy.\u003C\u002Fp>\n\u003Cp>Offer users an ultimate experience that help them find easily what they want wherever they are.\u003Cbr \u002F>\nYour mobile shopping app is full with features that will retain your customers and will help you build community for a lifetime\u003C\u002Fp>\n\u003Ch3>Drive sustainable growth with Customer Engagment Platform\u003C\u002Fh3>\n\u003Cp>Use our customer engagement platform  to ultimate your targeting strategy and drive repeat sales with the power of push notifications.\u003C\u002Fp>\n\u003Cp>While users interact with your mobile shopping app our customer engagement platform records their in-app behaviour.\u003Cbr \u002F>\nThe details of every session logged are used to form the isights you need to drive sales\u003C\u002Fp>\n\u003Ch3>Push notifications center\u003C\u002Fh3>\n\u003Cp>Drive sales and repeat purchases by sending data-driven push notifications based on customer in-app behaviour, preferences and purchase patterns.\u003C\u002Fp>\n\u003Ch3>Beyond Cart is super easy to integrate with your online store\u003C\u002Fh3>\n\u003Cp>✔ \u003Cstrong>Our team of experts converts your store to a fully branded Android and iOS Shopping App\u003C\u002Fstrong>\u003Cbr \u002F>\n✔ \u003Cstrong>We handle the app submission and publishing process, so there is nothing new to figure out\u003C\u002Fstrong>\u003Cbr \u002F>\n✔ \u003Cstrong>After your app becomes available in the app stores we will support you to ensure the success of your project\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Our website:\u003C\u002Fh3>\n\u003Cp>Any questions? Visit our website \u003Ca href=\"https:\u002F\u002Fbeyondcart.com\u002F?utm_source=wordpress.org\" rel=\"nofollow ugc\">beyondcart.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on 3rd party services for its ‘Sign in with Apple’, ‘Login with Google’, and ‘Login with Facebook’ features:\u003C\u002Fp>\n\u003Ch4>Sign in with Apple\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Apple’s authentication servers are contacted to fetch public keys for verifying JSON Web Tokens (JWT) when users sign in with their Apple IDs.\u003C\u002Fli>\n\u003Cli>Apple’s authentication server URL: https:\u002F\u002Fappleid.apple.com\u002Fauth\u002Fkeys\u003C\u002Fli>\n\u003Cli>Apple’s Privacy Policy: https:\u002F\u002Fwww.apple.com\u002Flegal\u002Fprivacy\u002Fen-ww\u002F\u003C\u002Fli>\n\u003Cli>Apple’s Terms of Use: https:\u002F\u002Fwww.apple.com\u002Flegal\u002Finternet-services\u002Fterms\u002Fsite.html\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Login with Google\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Google’s authentication servers are contacted when users sign in with their Google accounts.\u003C\u002Fli>\n\u003Cli>Google API Console: https:\u002F\u002Fconsole.developers.google.com\u002F\u003C\u002Fli>\n\u003Cli>Google’s Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003Cli>Google’s Terms of Service: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Login with Facebook\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Facebook’s authentication servers are contacted when users sign in with their Facebook accounts.\u003C\u002Fli>\n\u003Cli>Facebook for Developers: https:\u002F\u002Fdevelopers.facebook.com\u002F\u003C\u002Fli>\n\u003Cli>Facebook’s Data Policy: https:\u002F\u002Fwww.facebook.com\u002Fpolicy.php\u003C\u002Fli>\n\u003Cli>Facebook’s Terms of Service: https:\u002F\u002Fwww.facebook.com\u002Fterms.php\u003C\u002Fli>\n\u003C\u002Ful>\n","Transform your eCommerce to a mobile app instantly and build customers for life! Analyze their behavior and drive repeat sales with targeted push noti &hellip;",20,2514,"2025-11-20T16:29:00.000Z","6.8.5",[79,90,20,91,22],"engagement-platform","mobile-app-for-woocommerce","https:\u002F\u002Fbeyondcart.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeyondcart.3.1.2.zip",95,"2025-09-10 18:48:51",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":25,"num_ratings":58,"last_updated":106,"tested_up_to":107,"requires_at_least":70,"requires_php":70,"tags":108,"homepage":112,"download_link":113,"security_score":114,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"prompty-web-push-notifications","Prompty Web Push Notifications","1.0.2","Prompty","https:\u002F\u002Fprofiles.wordpress.org\u002Fprompty\u002F","\u003Cp>This is Prompty’s official plugin for WordPress web push notifications. Prompty is the easiest way to allow your users to subscribe and receive \u003Ca href=\"https:\u002F\u002Fwww.prompty.io\u002F\" rel=\"nofollow ugc\">web push notifications\u003C\u002Fa> from your WordPress-powered website. This plugin makes integration effortless and allows you to control which pages you do (and do not) want your web push notification permission prompts to be displayed on.\u003C\u002Fp>\n\u003Cp>To start using this plugin, you’ll need to \u003Ca href=\"https:\u002F\u002Fapp.prompty.io\u002Fregister\" rel=\"nofollow ugc\">signup for an account\u003C\u002Fa> – which is free, does not expire and does not limit the amount of notifications you can send. (When you grow, we make it easy to switch to a paid account that supports a greater number of subscribers.) Then simply follow the brief instructions on the plugin’s settings page to get started.\u003C\u002Fp>\n\u003Cp>For more information on how to use Prompty to send web push notifications with WordPress, see our \u003Ca href=\"https:\u002F\u002Fwww.prompty.io\u002Fhow-it-works\u002F\" rel=\"nofollow ugc\">How it Works\u003C\u002Fa> page.\u003C\u002Fp>\n\u003Cp>Prompty is a third-party web push notification service for WordPress. Use of Prompty is subject to our \u003Ca href=\"https:\u002F\u002Fapp.prompty.io\u002Fterms\" rel=\"nofollow ugc\">terms of service\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you have any issues, comments, or concerns, please \u003Ca href=\"https:\u002F\u002Fwww.prompty.io\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">contact us\u003C\u002Fa>.\u003C\u002Fp>\n","Easily integrate the Prompty web push notification service with your WordPress site.",10,1278,"2023-02-12T07:00:00.000Z","6.1.10",[109,19,110,22,111],"alerts","notifications","web-push-notifications","https:\u002F\u002Fwww.prompty.io\u002Fpush-notification-plugin-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprompty-web-push-notifications.1.0.2.zip",85,{"slug":116,"name":117,"version":6,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":11,"downloaded":122,"rating":11,"num_ratings":11,"last_updated":123,"tested_up_to":124,"requires_at_least":55,"requires_php":50,"tags":125,"homepage":129,"download_link":130,"security_score":114,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"appifire-for-mobile-apps","AppiFire for Mobile Apps","Zain","https:\u002F\u002Fprofiles.wordpress.org\u002Fappifire\u002F","\u003Cp>This plugin is developed for AppiFire app users. AppiFire product convert your WordPress website into Android & iOS app. An app that is easy to use, has a blazingly fast performance and design that you will fall in love with.\u003C\u002Fp>\n\u003Cp>You can watch AppiFire product overview on YouTube or visit website https:\u002F\u002FAppiFire.com\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FouNthL_88NQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>This plugin provides an extension of “OneSignal – Free Web Push Notifications” plugin and its url is https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fonesignal-free-web-push-notifications\u002F\u003C\u002Fp>\n\u003Cp>How does our plugin work?\u003Cbr \u002F>\nOur plugin code sends an additional push notification to OneSignal via API call https:\u002F\u002Fonesignal.com\u002Fapi\u002Fv1\u002Fnotifications OneSignal then sends the message to Android & iOS users.\u003C\u002Fp>\n\u003Cp>This plugin won’t work without installing “OneSignal – Free Web Push Notifications” plugin. You need to install the plugin first. We are only providing an extension of their code and not collecting any data. You can read their privacy policy on https:\u002F\u002Fonesignal.com\u002Fprivacy_policy and own how they would be using your information.\u003C\u002Fp>\n\u003Cp>More features will be added soon in this plugin which will include AppiFire custom API and other supporting features which are used in AppiFire app.\u003C\u002Fp>\n","This plugin is developed for AppiFire app users. AppiFire product convert your WordPress website into Android & iOS app.",1377,"2018-11-28T07:29:00.000Z","5.0.25",[126,127,20,128,22],"api","appifire","onesignal","https:\u002F\u002Fappifire.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fappifire-for-mobile-apps.zip",{"attackSurface":132,"codeSignals":382,"taintFlows":499,"riskAssessment":643,"analyzedAt":652},{"hooks":133,"ajaxHandlers":262,"restRoutes":306,"shortcodes":358,"cronEvents":380,"entryPointCount":31,"unprotectedCount":381},[134,141,145,148,153,156,158,159,161,164,167,170,173,175,177,179,181,184,186,188,190,192,194,196,199,201,203,206,209,212,214,217,220,223,225,227,230,233,236,239,242,245,248,251,255,259],{"type":135,"name":136,"callback":137,"priority":138,"file":139,"line":140},"filter","wp_mail","closure",99,"admin\\class-direktt-admin.php",1077,{"type":135,"name":142,"callback":137,"file":143,"line":144},"wp_plugin_check_ignore_directories","direktt.php",36,{"type":135,"name":146,"callback":137,"file":143,"line":147},"wp_plugin_check_ignore_files",46,{"type":149,"name":150,"callback":151,"file":152,"line":12},"action","init","anonymous","includes\\class-direktt.php",{"type":149,"name":154,"callback":151,"file":152,"line":155},"wp",82,{"type":149,"name":157,"callback":151,"file":152,"line":57},"wp_enqueue_scripts",{"type":149,"name":150,"callback":151,"file":152,"line":114},{"type":149,"name":150,"callback":151,"file":152,"line":160},86,{"type":149,"name":162,"callback":151,"file":152,"line":163},"direktt\u002Faction\u002Fpair_code",88,{"type":149,"name":165,"callback":151,"file":152,"line":166},"direktt_enqueue_public_scripts",89,{"type":135,"name":168,"callback":151,"file":152,"line":169},"body_class",91,{"type":149,"name":171,"callback":151,"file":152,"line":172},"rest_api_init",96,{"type":149,"name":150,"callback":151,"file":152,"line":174},103,{"type":149,"name":150,"callback":151,"file":152,"line":176},104,{"type":149,"name":150,"callback":151,"file":152,"line":178},105,{"type":149,"name":157,"callback":151,"file":152,"line":180},106,{"type":149,"name":182,"callback":151,"file":152,"line":183},"direktt_setup_profile_bar",109,{"type":149,"name":182,"callback":151,"file":152,"line":185},112,{"type":149,"name":182,"callback":151,"file":152,"line":187},115,{"type":149,"name":165,"callback":151,"file":152,"line":189},120,{"type":149,"name":150,"callback":151,"file":152,"line":191},121,{"type":149,"name":165,"callback":151,"file":152,"line":193},124,{"type":149,"name":150,"callback":151,"file":152,"line":195},125,{"type":149,"name":197,"callback":151,"file":152,"line":198},"admin_menu",132,{"type":149,"name":197,"callback":151,"file":152,"line":200},133,{"type":149,"name":197,"callback":151,"file":152,"line":202},134,{"type":149,"name":204,"callback":151,"file":152,"line":205},"direktt_setup_admin_menu",136,{"type":149,"name":207,"callback":151,"file":152,"line":208},"parent_file",138,{"type":149,"name":210,"callback":151,"file":152,"line":211},"admin_enqueue_scripts",139,{"type":149,"name":150,"callback":151,"file":152,"line":213},140,{"type":149,"name":215,"callback":151,"file":152,"line":216},"add_meta_boxes",142,{"type":149,"name":218,"callback":151,"file":152,"line":219},"add_meta_boxes_page",144,{"type":149,"name":221,"callback":151,"file":152,"line":222},"save_post",146,{"type":149,"name":221,"callback":151,"file":152,"line":224},147,{"type":149,"name":215,"callback":151,"file":152,"line":226},149,{"type":149,"name":228,"callback":151,"file":152,"line":229},"direktt\u002Fevent\u002Fchat\u002Fmessage_sent",153,{"type":149,"name":231,"callback":151,"file":152,"line":232},"show_user_profile",157,{"type":149,"name":234,"callback":151,"file":152,"line":235},"edit_user_profile",158,{"type":149,"name":237,"callback":151,"file":152,"line":238},"personal_options_update",160,{"type":149,"name":240,"callback":151,"file":152,"line":241},"edit_user_profile_update",161,{"type":149,"name":243,"callback":151,"file":152,"line":244},"pre_wp_mail",163,{"type":135,"name":246,"callback":151,"file":152,"line":247},"direktt\u002Fmessage\u002Ftemplate\u002Fdirektt_display_name",184,{"type":135,"name":249,"callback":151,"file":152,"line":250},"direktt\u002Fmessage\u002Ftemplate\u002Fdirektt_channel_name",185,{"type":149,"name":252,"callback":137,"file":253,"line":254},"wp_head","public\\class-direktt-profile.php",87,{"type":135,"name":256,"callback":151,"file":257,"line":258},"upload_dir","public\\profile-bar\\class-direktt-notes-tool.php",194,{"type":135,"name":260,"callback":151,"file":257,"line":261},"wp_handle_upload_prefilter",204,[263,267,270,273,276,278,281,284,287,290,293,296,299,301,304],{"action":264,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":266},"direktt_quill_upload_image",false,116,{"action":264,"nopriv":268,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":269},true,117,{"action":271,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":272},"direktt_get_settings",192,{"action":274,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":275},"direktt_get_dashboard",193,{"action":277,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":258},"direktt_get_activation_data",{"action":279,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":280},"direktt_save_settings",195,{"action":282,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":283},"direktt_sync_users",196,{"action":285,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":286},"direktt_get_marketing_consent",197,{"action":288,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":289},"direktt_get_user_events",198,{"action":291,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":292},"direktt_get_mtemplates_taxonomies",201,{"action":294,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":295},"direktt_send_mtemplates_message",202,{"action":297,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":298},"direktt_get_mtemplates_profile_message",205,{"action":297,"nopriv":268,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":300},206,{"action":302,"nopriv":265,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":303},"direktt_get_users_taxonomy_service",207,{"action":302,"nopriv":268,"callback":151,"hasNonce":265,"hasCapCheck":265,"file":152,"line":305},208,[307,316,320,325,330,335,340,344,348,353],{"namespace":308,"route":309,"methods":310,"callback":312,"permissionCallback":313,"file":314,"line":315},"direktt\u002Fv1","\u002FactivateChannel\u002F",[311],"POST","activate_channel","api_validate_api_key","public\\class-direktt-api.php",19,{"namespace":308,"route":317,"methods":318,"callback":319,"permissionCallback":313,"file":314,"line":31},"\u002FonChannelNameChange\u002F",[311],"change_channel_name",{"namespace":308,"route":321,"methods":322,"callback":323,"permissionCallback":313,"file":314,"line":324},"\u002FonNewSubscription\u002F",[311],"on_new_subscription",41,{"namespace":308,"route":326,"methods":327,"callback":328,"permissionCallback":313,"file":314,"line":329},"\u002FonChangeAvatarUrl\u002F",[311],"on_change_avatar_url",52,{"namespace":308,"route":331,"methods":332,"callback":333,"permissionCallback":313,"file":314,"line":334},"\u002FonChangeDisplayName\u002F",[311],"on_change_display_name",63,{"namespace":308,"route":336,"methods":337,"callback":338,"permissionCallback":313,"file":314,"line":339},"\u002FdoAction\u002F",[311],"do_direktt_action",74,{"namespace":308,"route":341,"methods":342,"callback":343,"permissionCallback":313,"file":314,"line":114},"\u002FonSetAdminUser\u002F",[311],"on_set_admin_user",{"namespace":308,"route":345,"methods":346,"callback":347,"permissionCallback":313,"file":314,"line":172},"\u002FonUnsubscribe\u002F",[311],"on_unsubscribe",{"namespace":308,"route":349,"methods":350,"callback":351,"permissionCallback":313,"file":314,"line":352},"\u002FonMarketingConsentUpdate\u002F",[311],"on_marketing_consent_update",107,{"namespace":308,"route":354,"methods":355,"callback":356,"permissionCallback":313,"file":314,"line":357},"\u002FrecordEvent\u002F",[311],"record_event",118,[359,362,367,371,376],{"tag":360,"callback":360,"file":253,"line":361},"direktt_user_profile",24,{"tag":363,"callback":364,"file":365,"line":366},"direktt_pairing_code","direktt_pairing_code_shortcode","public\\class-direktt-public.php",418,{"tag":368,"callback":369,"file":365,"line":370},"direktt_qr_pairing_code","direktt_qr_pairing_code_shortcode",460,{"tag":372,"callback":373,"file":374,"line":375},"direktt_bulk_messaging_service","direktt_bulk_messaging_service_shortcode","public\\tools-services\\class-direktt-bulk-messaging-service.php",14,{"tag":377,"callback":378,"file":379,"line":375},"direktt_edit_taxonomies_service","direktt_taxonomies_service_shortcode","public\\tools-services\\class-direktt-taxonomies-service.php",[],15,{"dangerousFunctions":383,"sqlUsage":384,"outputEscaping":387,"fileOperations":11,"externalRequests":495,"nonceChecks":496,"capabilityChecks":497,"bundledLibraries":498},[],{"prepared":385,"raw":11,"locations":386},5,[],{"escaped":388,"rawEcho":389,"locations":390},278,54,[391,394,396,398,400,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,444,446,447,449,450,452,454,456,458,460,462,464,466,468,470,472,474,476,479,480,482,483,484,486,487,489,491,493],{"file":139,"line":392,"context":393},514,"raw output",{"file":139,"line":395,"context":393},526,{"file":139,"line":397,"context":393},616,{"file":139,"line":399,"context":393},621,{"file":139,"line":399,"context":393},{"file":139,"line":402,"context":393},632,{"file":139,"line":404,"context":393},640,{"file":139,"line":406,"context":393},644,{"file":139,"line":408,"context":393},653,{"file":139,"line":410,"context":393},660,{"file":139,"line":412,"context":393},664,{"file":139,"line":414,"context":393},780,{"file":139,"line":416,"context":393},784,{"file":139,"line":418,"context":393},787,{"file":139,"line":420,"context":393},792,{"file":139,"line":422,"context":393},817,{"file":139,"line":424,"context":393},826,{"file":139,"line":426,"context":393},828,{"file":139,"line":428,"context":393},911,{"file":139,"line":430,"context":393},913,{"file":139,"line":432,"context":393},914,{"file":139,"line":434,"context":393},915,{"file":139,"line":436,"context":393},916,{"file":139,"line":438,"context":393},923,{"file":139,"line":440,"context":393},927,{"file":442,"line":443,"context":393},"includes\\dependencies\\Html2Text\\Html2Text.php",314,{"file":253,"line":445,"context":393},131,{"file":253,"line":200,"context":393},{"file":253,"line":448,"context":393},135,{"file":253,"line":213,"context":393},{"file":253,"line":451,"context":393},155,{"file":253,"line":453,"context":393},290,{"file":365,"line":455,"context":393},393,{"file":365,"line":457,"context":393},402,{"file":365,"line":459,"context":393},408,{"file":365,"line":461,"context":393},432,{"file":365,"line":463,"context":393},442,{"file":365,"line":465,"context":393},450,{"file":365,"line":467,"context":393},502,{"file":365,"line":469,"context":393},508,{"file":365,"line":471,"context":393},522,{"file":365,"line":473,"context":393},528,{"file":365,"line":475,"context":393},529,{"file":477,"line":478,"context":393},"public\\profile-bar\\class-direktt-messaging-tool.php",129,{"file":257,"line":94,"context":393},{"file":481,"line":25,"context":393},"public\\profile-bar\\class-direktt-taxonomies-tool.php",{"file":481,"line":266,"context":393},{"file":481,"line":200,"context":393},{"file":379,"line":485,"context":393},203,{"file":379,"line":303,"context":393},{"file":379,"line":488,"context":393},224,{"file":379,"line":490,"context":393},247,{"file":379,"line":492,"context":393},264,{"file":379,"line":494,"context":393},289,8,18,12,[],[500,517,535,544,557,570,581,592,602,610,629],{"entryPoint":501,"graph":502,"unsanitizedCount":58,"severity":516},"render_admin_settings (admin\\class-direktt-admin.php:500)",{"nodes":503,"edges":514},[504,509],{"id":505,"type":506,"label":507,"file":139,"line":508},"n0","source","$_SERVER (x2)",509,{"id":510,"type":511,"label":512,"file":139,"line":395,"wp_function":513},"n1","sink","echo() [XSS]","echo",[515],{"from":505,"to":510,"sanitized":265},"medium",{"entryPoint":518,"graph":519,"unsanitizedCount":534,"severity":516},"direktt_user_profile (public\\class-direktt-profile.php:69)",{"nodes":520,"edges":531},[521,523,524,528],{"id":505,"type":506,"label":522,"file":253,"line":138},"$_GET (x5)",{"id":510,"type":511,"label":512,"file":253,"line":176,"wp_function":513},{"id":525,"type":506,"label":526,"file":253,"line":527},"n2","$_SERVER (x3)",229,{"id":529,"type":511,"label":512,"file":253,"line":530,"wp_function":513},"n3",266,[532,533],{"from":505,"to":510,"sanitized":268},{"from":525,"to":529,"sanitized":265},3,{"entryPoint":536,"graph":537,"unsanitizedCount":11,"severity":543},"\u003Cclass-direktt-admin> (admin\\class-direktt-admin.php:0)",{"nodes":538,"edges":541},[539,540],{"id":505,"type":506,"label":507,"file":139,"line":508},{"id":510,"type":511,"label":512,"file":139,"line":395,"wp_function":513},[542],{"from":505,"to":510,"sanitized":268},"low",{"entryPoint":545,"graph":546,"unsanitizedCount":11,"severity":543},"ajax_get_user_events (admin\\class-direktt-ajax.php:240)",{"nodes":547,"edges":555},[548,552],{"id":505,"type":506,"label":549,"file":550,"line":551},"$_POST (x2)","admin\\class-direktt-ajax.php",252,{"id":510,"type":511,"label":553,"file":550,"line":530,"wp_function":554},"get_results() [SQLi]","get_results",[556],{"from":505,"to":510,"sanitized":268},{"entryPoint":558,"graph":559,"unsanitizedCount":11,"severity":543},"ajax_save_settings (admin\\class-direktt-ajax.php:289)",{"nodes":560,"edges":568},[561,564],{"id":505,"type":506,"label":562,"file":550,"line":563},"$_POST (x8)",295,{"id":510,"type":511,"label":565,"file":550,"line":566,"wp_function":567},"update_option() [Settings Manipulation]",326,"update_option",[569],{"from":505,"to":510,"sanitized":268},{"entryPoint":571,"graph":572,"unsanitizedCount":11,"severity":543},"\u003Cclass-direktt-ajax> (admin\\class-direktt-ajax.php:0)",{"nodes":573,"edges":578},[574,575,576,577],{"id":505,"type":506,"label":549,"file":550,"line":551},{"id":510,"type":511,"label":553,"file":550,"line":530,"wp_function":554},{"id":525,"type":506,"label":562,"file":550,"line":563},{"id":529,"type":511,"label":565,"file":550,"line":566,"wp_function":567},[579,580],{"from":505,"to":510,"sanitized":268},{"from":525,"to":529,"sanitized":268},{"entryPoint":582,"graph":583,"unsanitizedCount":534,"severity":543},"\u003Cclass-direktt-profile> (public\\class-direktt-profile.php:0)",{"nodes":584,"edges":589},[585,586,587,588],{"id":505,"type":506,"label":522,"file":253,"line":138},{"id":510,"type":511,"label":512,"file":253,"line":176,"wp_function":513},{"id":525,"type":506,"label":526,"file":253,"line":527},{"id":529,"type":511,"label":512,"file":253,"line":530,"wp_function":513},[590,591],{"from":505,"to":510,"sanitized":268},{"from":525,"to":529,"sanitized":265},{"entryPoint":593,"graph":594,"unsanitizedCount":11,"severity":543},"render_user_notes (public\\profile-bar\\class-direktt-notes-tool.php:56)",{"nodes":595,"edges":600},[596,598],{"id":505,"type":506,"label":597,"file":257,"line":169},"$_GET (x2)",{"id":510,"type":511,"label":512,"file":257,"line":599,"wp_function":513},126,[601],{"from":505,"to":510,"sanitized":268},{"entryPoint":603,"graph":604,"unsanitizedCount":11,"severity":543},"\u003Cclass-direktt-notes-tool> (public\\profile-bar\\class-direktt-notes-tool.php:0)",{"nodes":605,"edges":608},[606,607],{"id":505,"type":506,"label":597,"file":257,"line":169},{"id":510,"type":511,"label":512,"file":257,"line":599,"wp_function":513},[609],{"from":505,"to":510,"sanitized":268},{"entryPoint":611,"graph":612,"unsanitizedCount":11,"severity":543},"direktt_taxonomies_service_shortcode (public\\tools-services\\class-direktt-taxonomies-service.php:48)",{"nodes":613,"edges":625},[614,615,616,618,620,623],{"id":505,"type":506,"label":597,"file":379,"line":250},{"id":510,"type":511,"label":512,"file":379,"line":272,"wp_function":513},{"id":525,"type":506,"label":507,"file":379,"line":617},268,{"id":529,"type":511,"label":512,"file":379,"line":619,"wp_function":513},284,{"id":621,"type":506,"label":622,"file":379,"line":195},"n4","$_POST (x4)",{"id":624,"type":511,"label":512,"file":379,"line":619,"wp_function":513},"n5",[626,627,628],{"from":505,"to":510,"sanitized":268},{"from":525,"to":529,"sanitized":268},{"from":621,"to":624,"sanitized":268},{"entryPoint":630,"graph":631,"unsanitizedCount":11,"severity":543},"\u003Cclass-direktt-taxonomies-service> (public\\tools-services\\class-direktt-taxonomies-service.php:0)",{"nodes":632,"edges":639},[633,634,635,636,637,638],{"id":505,"type":506,"label":597,"file":379,"line":250},{"id":510,"type":511,"label":512,"file":379,"line":272,"wp_function":513},{"id":525,"type":506,"label":507,"file":379,"line":617},{"id":529,"type":511,"label":512,"file":379,"line":619,"wp_function":513},{"id":621,"type":506,"label":622,"file":379,"line":195},{"id":624,"type":511,"label":512,"file":379,"line":619,"wp_function":513},[640,641,642],{"from":505,"to":510,"sanitized":268},{"from":525,"to":529,"sanitized":268},{"from":621,"to":624,"sanitized":268},{"summary":644,"deductions":645},"The direktt plugin v1.0 exhibits a mixed security posture.  It demonstrates good practices in several areas, notably the complete avoidance of dangerous functions, 100% usage of prepared statements for SQL queries, and a high percentage of properly escaped output.  The absence of any recorded vulnerabilities or CVEs is also a positive indicator. However, a significant concern arises from the large attack surface, with 15 AJAX handlers lacking authentication checks. This presents a substantial risk of unauthorized actions being performed if an attacker can trigger these handlers. While no critical or high severity taint flows were identified, the presence of 3 flows with unsanitized paths suggests a potential for vulnerabilities that might not have been fully realized in the analysis or could be triggered under specific conditions. The plugin also includes a notable number of external HTTP requests, which could be a vector for information leakage or supply chain attacks if not handled with care.  The lack of vulnerability history, while good, can also mean the plugin has not been extensively tested or subjected to the same scrutiny as more popular plugins, making the absence of past issues less of a guarantee of future security.\n\nIn conclusion, the plugin has a solid foundation in secure coding practices concerning database interactions and output handling. The primary weakness lies in the unprotected AJAX endpoints, which represent a significant security gap. While the taint analysis did not flag critical issues, the unsanitized paths warrant caution. The plugin's security relies heavily on the robustness of its internal logic and the absence of undiscovered vulnerabilities, given its clean vulnerability history.  For production environments, addressing the unprotected AJAX handlers should be a top priority. The relatively small number of total entry points and the good handling of SQL and output are positive, but the unprotected AJAX points overshadow these strengths.",[646,648,650],{"reason":647,"points":104},"AJAX handlers without auth checks",{"reason":649,"points":385},"Flows with unsanitized paths",{"reason":651,"points":534},"External HTTP requests","2026-03-17T06:33:10.352Z",{"wat":654,"direct":663},{"assetPaths":655,"generatorPatterns":658,"scriptPaths":659,"versionParams":660},[656,657],"\u002Fwp-content\u002Fplugins\u002Fdirektt\u002Fcss\u002Fdirektt.css","\u002Fwp-content\u002Fplugins\u002Fdirektt\u002Fjs\u002Fdirektt.js",[],[657],[661,662],"direktt\u002Fcss\u002Fdirektt.css?ver=","direktt\u002Fjs\u002Fdirektt.js?ver=",{"cssClasses":664,"htmlComments":665,"htmlAttributes":666,"restEndpoints":667,"jsGlobals":668,"shortcodeOutput":669},[],[],[],[],[],[]]