[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFUBT03_jE7EplTxWZQueyrG92b5OxxyUFApvHOzA9Yc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":125,"fingerprints":296},"dummy-content-pack","Dummy Content Pack","1.1.3","Sohel Rana","https:\u002F\u002Fprofiles.wordpress.org\u002Fsohel2g\u002F","\u003Cp>Dummy Content Pack is a lightweight plugin that generates realistic placeholder content—posts, pages, media attachments, categories, tags, and users—so you can build, style, and test themes or plugins without hunting for sample data.\u003C\u002Fp>\n\u003Cp>Features\u003Cbr \u002F>\n* One-click generation of posts, pages, custom post types, and media.\u003Cbr \u002F>\n* Bulk-create users with Gravatar support.\u003Cbr \u002F>\n* Assign categories, tags, and featured images automatically.\u003Cbr \u002F>\n* Clean uninstall: remove everything the plugin created with a single click.\u003C\u002Fp>\n\u003Cp>Perfect for\u003Cbr \u002F>\n* Theme & plugin developers who need consistent test data.\u003Cbr \u002F>\n* Agencies building client demos.\u003Cbr \u002F>\n* Anyone learning WordPress who wants a sandbox full of content.\u003C\u002Fp>\n","Quickly populate your WordPress site with realistic dummy posts, pages, media, and users for testing or demonstration purposes.",0,344,"2025-12-06T04:36:00.000Z","6.9.4","5.0","",[18,19,20],"dummy-content","lorem-ipsum","sample-data","https:\u002F\u002Fsohel.dev\u002Fdummy-content-pack","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdummy-content-pack.1.1.3.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"sohel2g",4,2010,30,94,"2026-04-04T15:31:29.677Z",[35,54,73,91,109],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":23,"downloaded":43,"rating":23,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":16,"tags":48,"homepage":40,"download_link":52,"security_score":53,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"dummy-text-generator","Dummy Text Generator","2.2","Md. Naeem Ahmed Opu","https:\u002F\u002Fprofiles.wordpress.org\u002Fmnaopu\u002F","\u003Cp>This is a simple wordpress Dummy Text plugin. This plugin based on lorem ipsum dummy content.\u003C\u002Fp>\n\u003Cp>shortcode: [dummy-text]\u003C\u002Fp>\n","This is a simple WordPress Dummy Text Generator plugin. This plugin based on lorem ipsum dummy content.",8060,2,"2025-01-23T00:17:00.000Z","6.7.5","3.3",[18,49,50,51,19],"dummy-data","dummy-text","generator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdummy-text-generator.zip",92,{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":23,"downloaded":62,"rating":23,"num_ratings":63,"last_updated":64,"tested_up_to":46,"requires_at_least":65,"requires_php":16,"tags":66,"homepage":71,"download_link":72,"security_score":53,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"lorem-ipsum-by-webline","Lorem Ipsum by Webline","1.0.10","WeblineIndia","https:\u002F\u002Fprofiles.wordpress.org\u002Fweblineindia\u002F","\u003Cp>Lorem Ipsum by Webline is an easy to use plugin with Lorem Ipsum Shortcode Generator to generate dummy text using dynamic shortcode that you can use in any posts and pages.\u003C\u002Fp>\n\u003Cp>This plugin uses Lorem Ipsum API (http:\u002F\u002Floripsum.net\u002Fapi) to fetch lorem ipsum text which is free.\u003C\u002Fp>\n\u003Cp>No need of authentication such as password and API keys Generation for Lorem Ipsum API.\u003C\u002Fp>\n\u003Cp>We are not making any call backs to our server and not storing any data of user.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Control for specify number of paragraphs with paragraph length.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>You can also specify below extra parameters to get different output.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Decorate – Add bold, italic and marked text.\u003C\u002Fli>\n\u003Cli>Link – Add links.\u003C\u002Fli>\n\u003Cli>UL – Add unordered lists.\u003C\u002Fli>\n\u003Cli>OL – Add numbered lists.\u003C\u002Fli>\n\u003Cli>DL – Add description lists.\u003C\u002Fli>\n\u003Cli>BQ – Add blockquotes.\u003C\u002Fli>\n\u003Cli>CODE – Add code samples.\u003C\u002Fli>\n\u003Cli>Headers – Add headers.\u003C\u002Fli>\n\u003Cli>All Caps – Use ALL CAPS.\u003C\u002Fli>\n\u003Cli>Prude – Prude version.\u003C\u002Fli>\n\u003Cli>Plaintext – Return plain text, no HTML. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Preview Text is also available to see your output.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","A Simple plugin to generate lorem ipsum dummy text using shortcode.",8018,1,"2024-12-10T12:58:00.000Z","3.5",[67,19,68,69,70],"dummy-content-generator","lorem-ipsum-generator","shortcode","shortcode-generator","http:\u002F\u002Fwww.weblineindia.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Florem-ipsum-by-webline.1.0.10.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":11,"num_ratings":11,"last_updated":83,"tested_up_to":14,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":89,"download_link":90,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"loremipsum","Lorem Ipsum – Block Editor Dummy Text Autocomplete","1.0.0","Plugin Pizza","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginpizza\u002F","\u003Cp>The Lorem Ipsum plugin allows you to quickly insert lorem ipsum dummy text or placeholder images into WordPress posts and pages via autocompletion. By typing ‘lorem’ in the block editor an autocompletion options modal is opened where you can select to insert lorem ipsum dummy text or a placeholder image.\u003C\u002Fp>\n\u003Cp>To use Lorem Ipsum, there are only two things you need to do: install and activate the plugin. An autocompleter to insert dummy text and placeholder images becomes available in the block editor without any extra configuration. Lorem Ipsum also works great as a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fdocumentation\u002Farticle\u002Fmust-use-plugins\u002F\" rel=\"ugc\">must-use plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Open the WordPress block editor.\u003C\u002Fli>\n\u003Cli>Type ‘lorem’ in the editor.\u003C\u002Fli>\n\u003Cli>An autocompletion options modal will appear.\u003C\u002Fli>\n\u003Cli>Select the desired lorem ipsum dummy text option or placeholder image type from the modal.\u003C\u002Fli>\n\u003Cli>The chosen dummy text or placeholder image will be inserted into the content.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Floremipsum\u002F?preview=1\" rel=\"ugc\">Try typing the word ‘lorem’ in a preview site\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Bug Reports\u003C\u002Fh3>\n\u003Cp>Do you want to report a bug or suggest a feature for Lorem Ipsum? Best to do so in the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginpizza\u002Floremipsum\u002F\" rel=\"nofollow ugc\">Lorem Ipsum repository on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Quickly insert lorem ipsum dummy text or placeholder images via autocompletion in the block editor.",90,1828,"2026-01-02T02:34:00.000Z","4.6","5.3",[87,18,50,19,88],"autocomplete","placeholder","https:\u002F\u002Fgithub.com\u002Fpluginpizza\u002Floremipsum\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floremipsum.1.0.0.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":11,"num_ratings":11,"last_updated":16,"tested_up_to":101,"requires_at_least":102,"requires_php":16,"tags":103,"homepage":106,"download_link":107,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":108},"dummy-text-shortcode","Dummy Text Shortcode","1.01","Andrew Norcross","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorcross\u002F","\u003Cp>Allows for dummy text to be placed in a post \u002F page with the [dummy] shortcode. Can easily be removed when no longer needed.\u003C\u002Fp>\n\u003Ch3>Potential Enhancements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Got a bug? Something look off? Hit me up.\u003C\u002Fli>\n\u003C\u002Ful>\n","Allows for dummy text to be placed in a post \u002F page with the [dummy] shortcode.",10,2921,"3.3.2","2.5",[18,50,19,104,105],"markup-content","shortcodes","http:\u002F\u002Fandrewnorcross.com\u002Fplugins\u002Fdummy-text-shortcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdummy-text-shortcode.zip","2026-03-15T10:48:56.248Z",{"slug":110,"name":111,"version":76,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":11,"downloaded":116,"rating":11,"num_ratings":11,"last_updated":117,"tested_up_to":14,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":16,"download_link":124,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"bplugins-lorem-generator","Lorem Ipsum Generator","bPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fbplugins\u002F","\u003Cp>This is a custom Gutenberg block that allows users to generate complex block structures quickly using shorthand syntax (similar to Emmet in web development). When a user types an abbreviation and presses Tab or Enter.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Replaces itself with the generated content (default behavior)\u003C\u002Fli>\n\u003Cli>Inserts new blocks after itself (if enabled)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Abbreviation Syntax:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>p>lorem5 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Creates a paragraph with 5 word.\u003C\u002Fli>\n\u003Cli>h2>lorem5 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Creates a heading with 5 words.\u003C\u002Fli>\n\u003Cli>ul>li*3>lorem4 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Creates a bullet list with 3 items.\u003C\u002Fli>\n\u003Cli>table>tr\u003Cem>2>td\u003C\u002Fem>3>lorem4 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Generates a 2×3 table.\u003C\u002Fli>\n\u003Cli>group>h2>lorem5 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Creates a Group block with a heading.\u003C\u002Fli>\n\u003Cli>h2>Title, p>lorem20 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Creates a heading and a paragraph as sibling.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Converts HTML to Gutenberg Blocks:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Paragraph \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> core\u002Fparagraph\u003C\u002Fli>\n\u003Cli>Tables \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> core\u002Ftable\u003C\u002Fli>\n\u003Cli>Lists \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> core\u002Flist\u003C\u002Fli>\n\u003Cli>Headings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> core\u002Fheading\u003C\u002Fli>\n\u003Cli>Groups \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> core\u002Fgroup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to use Lorem Ipsum Generator\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>First, install the Lorem Ipsum Generator plugin from the WordPress dashboard.\u003C\u002Fli>\n\u003Cli>Add the Lorem Ipsum Generator from the block category called “widgets” in the Gutenberg editor.\u003C\u002Fli>\n\u003Cli>You can change block settings from the right-side settings sidebar.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Enjoy!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For installation help click on Installation Tab\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>– Did you like this plugin? Dislike it? Have a feature request? \u003Ca href=\"mailto:support@bplugins.com\" title=\"Send feedback\" rel=\"nofollow ugc\">Please share your feedback with us\u003C\u002Fa>\u003C\u002Fh4>\n\u003Ch3>Check out our other WordPress Plugins-\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fhtml5-audio-player\" rel=\"nofollow ugc\">Html5 Audio Player\u003C\u002Fa>\u003C\u002Fstrong> – Best audio player plugin for WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fhtml5-video-player\" rel=\"nofollow ugc\">Html5 Video Player\u003C\u002Fa>\u003C\u002Fstrong> – Best video player plugin for WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fpdf-poster\" rel=\"nofollow ugc\">PDF Poster\u003C\u002Fa>\u003C\u002Fstrong> – A fully-featured PDF Viewer Plugin for WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fdocument-embedder\" rel=\"nofollow ugc\">Document Embedder\u003C\u002Fa>\u003C\u002Fstrong> – Best WordPress Document Embedder Plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002F3d-viewer\" rel=\"nofollow ugc\">3D Viewer\u003C\u002Fa>\u003C\u002Fstrong> – Display interactive 3D models on the webs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fadvanced-post-block\" rel=\"nofollow ugc\">Advanced Post Block\u003C\u002Fa>\u003C\u002Fstrong> – Best Post Display Plugin for WordPress.\u003C\u002Fp>\n","Use Emmet like abbreviations to quickly create dummy content in Gutenberg. supports custom lorem word counts and block replacement.",221,"2026-03-12T06:03:00.000Z","6.5","7.2",[121,122,18,123,19],"block","content-generator","emmet","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbplugins-lorem-generator.1.0.0.zip",{"attackSurface":126,"codeSignals":213,"taintFlows":227,"riskAssessment":282,"analyzedAt":295},{"hooks":127,"ajaxHandlers":171,"restRoutes":207,"shortcodes":208,"cronEvents":209,"entryPointCount":212,"unprotectedCount":212},[128,134,138,141,146,150,154,160,164,167],{"type":129,"name":130,"callback":131,"file":132,"line":133},"action","plugins_loaded","init","dummy-content-pack.php",57,{"type":129,"name":135,"callback":136,"file":132,"line":137},"admin_notices","wordpress_version_notice",70,{"type":129,"name":135,"callback":139,"file":132,"line":140},"woocommerce_version_notice",81,{"type":129,"name":142,"callback":143,"file":144,"line":145},"admin_menu","add_admin_menu","includes\\class-dummcopa-admin.php",20,{"type":129,"name":147,"callback":148,"file":144,"line":149},"admin_enqueue_scripts","enqueue_admin_scripts",21,{"type":129,"name":151,"callback":152,"file":144,"line":153},"admin_init","register_settings",22,{"type":155,"name":156,"callback":157,"file":158,"line":159},"filter","cron_schedules","dummcopa_cron_intervals","includes\\functions.php",351,{"type":129,"name":161,"callback":162,"file":158,"line":163},"dummcopa_scheduled_generation","dummcopa_handle_scheduled_generation",397,{"type":129,"name":135,"callback":165,"file":158,"line":166},"dummcopa_admin_notices",419,{"type":155,"name":168,"callback":169,"priority":99,"file":158,"line":170},"plugin_row_meta","dummcopa_plugin_row_meta",443,[172,177,180,184,188,192,195,199,203],{"action":173,"nopriv":174,"callback":175,"hasNonce":174,"hasCapCheck":174,"file":176,"line":149},"dummcopa_generate_content",false,"handle_generate_content","includes\\class-dummcopa-ajax.php",{"action":178,"nopriv":174,"callback":179,"hasNonce":174,"hasCapCheck":174,"file":176,"line":153},"dummcopa_remove_content","handle_remove_content",{"action":181,"nopriv":174,"callback":182,"hasNonce":174,"hasCapCheck":174,"file":176,"line":183},"dummcopa_save_preset","handle_save_preset",25,{"action":185,"nopriv":174,"callback":186,"hasNonce":174,"hasCapCheck":174,"file":176,"line":187},"dummcopa_load_presets","handle_load_presets",26,{"action":189,"nopriv":174,"callback":190,"hasNonce":174,"hasCapCheck":174,"file":176,"line":191},"dummcopa_delete_preset","handle_delete_preset",27,{"action":193,"nopriv":174,"callback":194,"hasNonce":174,"hasCapCheck":174,"file":176,"line":31},"dummcopa_save_schedule","handle_save_schedule",{"action":196,"nopriv":174,"callback":197,"hasNonce":174,"hasCapCheck":174,"file":176,"line":198},"dummcopa_load_logs","handle_load_logs",33,{"action":200,"nopriv":174,"callback":201,"hasNonce":174,"hasCapCheck":174,"file":176,"line":202},"dummcopa_clear_logs","handle_clear_logs",34,{"action":204,"nopriv":174,"callback":205,"hasNonce":174,"hasCapCheck":174,"file":176,"line":206},"dummcopa_save_settings","handle_save_settings",37,[],[],[210],{"hook":161,"callback":161,"file":176,"line":211},212,9,{"dangerousFunctions":214,"sqlUsage":215,"outputEscaping":223,"fileOperations":44,"externalRequests":11,"nonceChecks":63,"capabilityChecks":44,"bundledLibraries":226},[],{"prepared":216,"raw":44,"locations":217},58,[218,221],{"file":132,"line":219,"context":220},185,"$wpdb->query() with variable interpolation",{"file":222,"line":211,"context":220},"includes\\class-dummcopa-logger.php",{"escaped":224,"rawEcho":11,"locations":225},61,[],[],[228,246,266],{"entryPoint":229,"graph":230,"unsanitizedCount":29,"severity":245},"handle_save_schedule (includes\\class-dummcopa-ajax.php:195)",{"nodes":231,"edges":243},[232,237],{"id":233,"type":234,"label":235,"file":176,"line":236},"n0","source","$_POST (x4)",199,{"id":238,"type":239,"label":240,"file":176,"line":241,"wp_function":242},"n1","sink","update_option() [Settings Manipulation]",220,"update_option",[244],{"from":233,"to":238,"sanitized":174},"low",{"entryPoint":247,"graph":248,"unsanitizedCount":63,"severity":265},"handle_save_preset (includes\\class-dummcopa-ajax.php:127)",{"nodes":249,"edges":262},[250,253,256],{"id":233,"type":234,"label":251,"file":176,"line":252},"$_POST",150,{"id":238,"type":254,"label":255,"file":176,"line":252},"transform","→ save_preset()",{"id":257,"type":239,"label":258,"file":259,"line":260,"wp_function":261},"n2","get_var() [SQLi]","includes\\class-dummcopa-presets.php",40,"get_var",[263,264],{"from":233,"to":238,"sanitized":174},{"from":238,"to":257,"sanitized":174},"high",{"entryPoint":267,"graph":268,"unsanitizedCount":63,"severity":265},"\u003Cclass-dummcopa-ajax> (includes\\class-dummcopa-ajax.php:0)",{"nodes":269,"edges":277},[270,271,272,273,275],{"id":233,"type":234,"label":235,"file":176,"line":236},{"id":238,"type":239,"label":240,"file":176,"line":241,"wp_function":242},{"id":257,"type":234,"label":251,"file":176,"line":252},{"id":274,"type":254,"label":255,"file":176,"line":252},"n3",{"id":276,"type":239,"label":258,"file":259,"line":260,"wp_function":261},"n4",[278,280,281],{"from":233,"to":238,"sanitized":279},true,{"from":257,"to":274,"sanitized":174},{"from":274,"to":276,"sanitized":174},{"summary":283,"deductions":284},"The plugin \"dummy-content-pack\" v1.1.3 exhibits a mixed security posture.  On the positive side, it demonstrates excellent practices regarding SQL query preparation (97%) and output escaping (100%), with no dangerous functions detected.  The absence of known CVEs in its history is also a strong indicator of responsible development. However, a significant concern arises from the substantial attack surface, specifically the presence of 9 AJAX handlers, all of which lack authentication checks. This creates a substantial risk of unauthorized actions if these handlers can be triggered by unauthenticated users. The taint analysis further highlights this by revealing 3 flows with unsanitized paths, two of which are classified as high severity. These unsanitized paths, combined with unprotected AJAX endpoints, strongly suggest potential vulnerabilities like cross-site scripting (XSS) or other forms of code injection if malicious data can be supplied through these paths.\n\nWhile the vulnerability history shows no past issues, this does not negate the current risks identified in the static and taint analysis. The plugin's strengths lie in its secure handling of SQL and output, but the lack of authentication on a significant number of AJAX endpoints, coupled with identified unsanitized taint flows, presents a critical weakness. The potential for exploitation of these unprotected entry points is high, and the high-severity taint flows indicate that malicious input could lead to significant security compromises. Therefore, while the plugin has good underlying coding practices in some areas, the unprotected attack surface poses a notable risk.",[285,287,290,293],{"reason":286,"points":99},"Unprotected AJAX handlers",{"reason":288,"points":289},"High severity unsanitized taint flows",12,{"reason":291,"points":292},"Unsanitized paths in taint flows",8,{"reason":294,"points":29},"Low number of capability checks","2026-03-17T06:25:53.475Z",{"wat":297,"direct":306},{"assetPaths":298,"generatorPatterns":301,"scriptPaths":302,"versionParams":303},[299,300],"\u002Fwp-content\u002Fplugins\u002Fdummy-content-pack\u002Fassets\u002Fcss\u002Fdummy-content-pack-admin.css","\u002Fwp-content\u002Fplugins\u002Fdummy-content-pack\u002Fassets\u002Fjs\u002Fdummy-content-pack-admin.js",[],[300],[304,305],"dummy-content-pack\u002Fassets\u002Fcss\u002Fdummy-content-pack-admin.css?ver=","dummy-content-pack\u002Fassets\u002Fjs\u002Fdummy-content-pack-admin.js?ver=",{"cssClasses":307,"htmlComments":311,"htmlAttributes":312,"restEndpoints":315,"jsGlobals":316,"shortcodeOutput":318},[308,309,310],"dummcopa-admin-page","dummcopa-generate-button","dummcopa-settings-field",[],[313,314],"data-dummcopa-action","data-dummcopa-nonce",[],[317],"dummcopa_ajax_object",[]]