[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fV4t-bWYE6KEcZUvbTtxPelbmnEamZQmz3LJ7gI4WSX8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":14,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":44,"crawl_stats":34,"alternatives":47,"analysis":48,"fingerprints":216},"dr-flex","Dr. Flex","2.0.1","sfaerber","https:\u002F\u002Fprofiles.wordpress.org\u002Fsfaerber\u002F","\u003Cp>Vergeben Sie Ihre Arzttermine direkt auf Ihrer WordPress Website. Das offizielle Dr. Flex Plug-in lässt sich schnell und einfach in Ihren Webauftritt integrieren.\u003C\u002Fp>\n\u003Cp>Der Patientenkalender erscheint auf Ihrer Praxiswebsite und kann kinderleicht konfiguriert werden, um vor dem Arzttermin alle für Sie relevanten Informationen abzufragen. So können Ihre Patient:innen in weniger als 30 Sek. Termine vereinbaren – ohne Registrierung oder Anmeldung.\u003Cbr \u002F>\nAlle Informationen werden DSGVO-konform an Ihre Praxissoftware übermittelt und dort angezeigt. Außerdem werden keine externen Skripte auf Ihre Website geladen, sodass keine Erwähnung von Dr. Flex im Cookie-Banner für Sie erforderlich ist.\u003Cbr \u002F>\nDas offizielle Terminvergabe-Tool bietet viele Features wie eine SMS-TAN-Verifizierung, Terminbestätigung via SMS, Schnittstellen zu 27+ Arztsoftware-Programmen und mehr – bereits ab 29€\u002FMonat, ohne Vertragslaufzeit und jederzeit kündbar.\u003Cbr \u002F>\nVereinbaren Sie Ihr erstes Beratungsgespräch mit uns!\u003C\u002Fp>\n","Das offizielle Dr. Flex® Wordpress Plugin zur einfachen Einbindung des Dr. Flex® Buchungstools auf Ihrer Website.",1000,6335,100,1,"2025-03-11T15:42:00.000Z","6.7.5","5.0","5.6.28",[20,21],"drflex","terminvereinbarung","https:\u002F\u002Fdr-flex.de\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdr-flex.2.0.1.zip",91,0,"2025-03-27 00:00:00","2026-03-15T15:16:48.613Z",[29],{"id":30,"url_slug":31,"title":32,"description":33,"plugin_slug":4,"theme_slug":34,"affected_versions":35,"patched_in_version":6,"severity":36,"cvss_score":37,"cvss_vector":38,"vuln_type":39,"published_date":26,"updated_date":40,"references":41,"days_to_patch":43},"CVE-2025-30850","dr-flex-authenticated-contributor-stored-cross-site-scripting","Dr. Flex \u003C= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Dr. Flex plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.0.0","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-02 15:31:27",[42],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7b107c5d-ff82-4422-b201-39b745c2f412?source=api-prod",7,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":43,"trust_score":45,"computed_at":46},94,"2026-04-05T02:00:29.502Z",[],{"attackSurface":49,"codeSignals":115,"taintFlows":170,"riskAssessment":197,"analyzedAt":215},{"hooks":50,"ajaxHandlers":107,"restRoutes":108,"shortcodes":109,"cronEvents":114,"entryPointCount":14,"unprotectedCount":25},[51,57,63,68,72,76,80,84,89,92,96,99,103],{"type":52,"name":53,"callback":54,"file":55,"line":56},"action","rest_api_init","drflex_register_custom_routes","components\\drflex_rest_api.php",50,{"type":58,"name":59,"callback":60,"priority":61,"file":55,"line":62},"filter","rest_pre_serve_request","drflex_serve_static_resources",11,179,{"type":52,"name":64,"callback":65,"file":66,"line":67},"plugins_loaded","drflex_load_plugin_textdomain","dr-flex.php",117,{"type":52,"name":69,"callback":70,"file":66,"line":71},"admin_enqueue_scripts","drflex_register_plugin_styles_and_scripts",151,{"type":52,"name":73,"callback":74,"file":66,"line":75},"wp_enqueue_scripts","drflex_register_styles_and_scripts",188,{"type":52,"name":77,"callback":78,"file":66,"line":79},"admin_init","drflex_register_plugin_settings",219,{"type":52,"name":81,"callback":82,"file":66,"line":83},"admin_menu","drflex_plugin_create_menu",223,{"type":52,"name":85,"callback":86,"priority":87,"file":66,"line":88},"add_option_drflex_api_key","drflex_update_api_key_option",10,430,{"type":52,"name":90,"callback":86,"priority":87,"file":66,"line":91},"update_option_drflex_api_key",431,{"type":52,"name":93,"callback":94,"priority":87,"file":66,"line":95},"add_option_drflex_callback_textarea","drflex_update_callback_option",433,{"type":52,"name":97,"callback":94,"priority":87,"file":66,"line":98},"update_option_drflex_callback_textarea",434,{"type":52,"name":100,"callback":101,"file":66,"line":102},"wp","drflex_update_resources",791,{"type":58,"name":104,"callback":105,"file":66,"line":106},"wp_nav_menu_items","drflex_replace_dr_flex_placeholer_menu_item",813,[],[],[110],{"tag":20,"callback":111,"file":112,"line":113},"drflex_simple_button_shortcode","components\\drflex_shortcode.php",106,[],{"dangerousFunctions":116,"sqlUsage":117,"outputEscaping":144,"fileOperations":168,"externalRequests":168,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":169},[],{"prepared":14,"raw":61,"locations":118},[119,123,126,128,130,132,134,136,138,140,142],{"file":120,"line":121,"context":122},"components\\drflex_cache.php",24,"$wpdb->get_results() with variable interpolation",{"file":120,"line":124,"context":125},120,"$wpdb->query() with variable interpolation",{"file":120,"line":127,"context":125},121,{"file":120,"line":129,"context":125},241,{"file":120,"line":131,"context":125},259,{"file":120,"line":133,"context":125},297,{"file":120,"line":135,"context":125},301,{"file":120,"line":137,"context":122},321,{"file":120,"line":139,"context":122},339,{"file":120,"line":141,"context":122},357,{"file":120,"line":143,"context":122},417,{"escaped":145,"rawEcho":61,"locations":146},13,[147,150,152,154,155,157,159,160,162,164,166],{"file":55,"line":148,"context":149},111,"raw output",{"file":55,"line":151,"context":149},159,{"file":66,"line":153,"context":149},229,{"file":66,"line":153,"context":149},{"file":66,"line":156,"context":149},256,{"file":66,"line":158,"context":149},279,{"file":66,"line":158,"context":149},{"file":66,"line":161,"context":149},302,{"file":66,"line":163,"context":149},378,{"file":66,"line":165,"context":149},379,{"file":66,"line":167,"context":149},383,2,[],[171,189],{"entryPoint":172,"graph":173,"unsanitizedCount":188,"severity":36},"drflex_serve_static_resources (components\\drflex_rest_api.php:68)",{"nodes":174,"edges":185},[175,180],{"id":176,"type":177,"label":178,"file":55,"line":179},"n0","source","$_SERVER (x3)",86,{"id":181,"type":182,"label":183,"file":55,"line":45,"wp_function":184},"n1","sink","header() [Header Injection]","header",[186],{"from":176,"to":181,"sanitized":187},false,3,{"entryPoint":190,"graph":191,"unsanitizedCount":188,"severity":36},"\u003Cdrflex_rest_api> (components\\drflex_rest_api.php:0)",{"nodes":192,"edges":195},[193,194],{"id":176,"type":177,"label":178,"file":55,"line":179},{"id":181,"type":182,"label":183,"file":55,"line":45,"wp_function":184},[196],{"from":176,"to":181,"sanitized":187},{"summary":198,"deductions":199},"The dr-flex v2.0.1 plugin exhibits a mixed security posture.  On the positive side, the static analysis reveals a small attack surface with no identified unprotected AJAX handlers or REST API routes. The absence of bundled libraries and external HTTP requests, along with a lack of critical or high-severity taint flows, are also encouraging signs. However, several areas warrant concern.  The SQL query usage is problematic, with only 8% of queries employing prepared statements, leaving a significant portion vulnerable to SQL injection. Furthermore, over half of the output operations are not properly escaped, creating a risk of cross-site scripting vulnerabilities. The complete absence of nonce and capability checks, particularly for the identified shortcode, is a critical oversight that could allow for unauthorized actions or data manipulation. The plugin's vulnerability history, while currently showing no unpatched CVEs, indicates a past medium-severity Cross-Site Scripting vulnerability, suggesting a recurring weakness in input sanitization or output escaping.  While the current version has no unpatched issues and a limited attack surface, the prevalence of unescaped output, raw SQL queries, and missing authorization checks for its entry points present significant security risks that need immediate attention.",[200,203,206,208,210,213],{"reason":201,"points":202},"High percentage of SQL queries not using prepared statements",8,{"reason":204,"points":205},"Significant portion of output not properly escaped",6,{"reason":207,"points":87},"No nonce checks on any entry points",{"reason":209,"points":87},"No capability checks on any entry points",{"reason":211,"points":212},"Vulnerability history includes Cross-site Scripting",5,{"reason":214,"points":43},"Flows with unsanitized paths found","2026-03-16T18:59:16.649Z",{"wat":217,"direct":234},{"assetPaths":218,"generatorPatterns":225,"scriptPaths":226,"versionParams":227},[219,220,221,222,223,224],"\u002Fwp-content\u002Fplugins\u002Fdr-flex\u002Fcss\u002Fcodemirror.css","\u002Fwp-content\u002Fplugins\u002Fdr-flex\u002Fcss\u002Fdrflex.css","\u002Fwp-content\u002Fplugins\u002Fdr-flex\u002Fjs\u002Fdrflex.js","\u002Fwp-content\u002Fplugins\u002Fdr-flex\u002Fjs\u002Fcodemirror.js","\u002Fwp-content\u002Fplugins\u002Fdr-flex\u002Fjs\u002Fjavascript.js","\u002Fwp-content\u002Fplugins\u002Fdr-flex\u002Fcss\u002Fdrflex-site.css",[],[221,222,223],[228,229,230,231,232,233],"dr-flex\u002Fcss\u002Fcodemirror.css?ver=","dr-flex\u002Fcss\u002Fdrflex.css?ver=","dr-flex\u002Fjs\u002Fdrflex.js?ver=","dr-flex\u002Fjs\u002Fcodemirror.js?ver=","dr-flex\u002Fjs\u002Fjavascript.js?ver=","dr-flex\u002Fcss\u002Fdrflex-site.css?ver=",{"cssClasses":235,"htmlComments":237,"htmlAttributes":238,"restEndpoints":240,"jsGlobals":242,"shortcodeOutput":245},[236],"drflex-button-wrapper",[],[239],"data-drflex-shortcode-id",[241],"\u002Fwp-json\u002Fdrflex\u002Fv1\u002Fshortcode",[243,244],"drflex_callback_function_file_name","drflex_callback_function_name",[246],"[drflex_booking_tool]"]