[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYoYCQFGSOsAxLSo1QDMH8i4pd9bRV8V4IQZUUP2i7LE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":15,"tags":18,"homepage":23,"download_link":24,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":129,"fingerprints":340},"easy-custom-theme-options","Easy Custom Theme Options","1.1","iCoreThink Technologies","https:\u002F\u002Fprofiles.wordpress.org\u002Ficorethink\u002F","\u003Cp>Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User can upload and manage logo, favicon icon, admin login screen logo from admin panel only, the social media links, google analytics code, typography for theme as well as can add custom css code from admin panel.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Main Features:\u003Cbr \u002F>\n– Logo\u003Cbr \u002F>\n– Favicon Icon\u003Cbr \u002F>\n– Admin Panel Logo\u003Cbr \u002F>\n– Google Analytics Code\u003Cbr \u002F>\n– Typography for custom theme\u003Cbr \u002F>\n– Custom CSS Code\u003Cbr \u002F>\n– Many More..\u003C\u002Fp>\n","Easy Custom Theme Options plugin easy to manage your custom theme options like logo, favicon, admin panel logo, social media links, google analytics c &hellip;",0,1091,100,1,"","4.9.29","3.4",[19,20,4,21,22],"custom-css-code","custom-logo-upload","google-analytics-code","typography-of-custom-theme","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-custom-theme-options\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-custom-theme-options.zip",null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"icorethink",30,94,"2026-04-04T04:22:27.096Z",[34,59,78,98,115],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":58},"ga-in","GAinWP Google Analytics Integration for WordPress","5.4.6","tomdude","https:\u002F\u002Fprofiles.wordpress.org\u002Ftomdude\u002F","\u003Cp>The GAinWP Google Analytics Integration for WordPress plugin easily integrates Google Analytics tracking and dashboard reporting into your website in just minutes.\u003C\u002Fp>\n\u003Cp>It was created from the excellent Google Analytics Dashboard for WordPress (GADWP) plugin to maintain a simple, direct Google Analytics integration for those concerned about data privacy.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FaEr9B4wm4Po?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>In addition to a set of general Google Analytics stats, in-depth page reports and in-depth post reports allow further segmentation of your analytics data, providing performance details for each post or page from your website.\u003C\u002Fp>\n\u003Cp>The Google Analytics tracking code is fully customizable through options and hooks, allowing advanced data collection like custom dimensions and events.\u003C\u002Fp>\n\u003Ch4>Google Analytics Real-Time Stats\u003C\u002Fh4>\n\u003Cp>Google Analytics reports, in real-time, in your dashboard screen:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Real-time number of visitors\u003C\u002Fli>\n\u003Cli>Real-time acquisition channels\u003C\u002Fli>\n\u003Cli>Real-time traffic sources details \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Google Analytics Reports\u003C\u002Fh4>\n\u003Cp>The Google Analytics reports you need, on your dashboard, in your All Posts and All Pages screens, and on site’s frontend:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Sessions, organic searches, page views, bounce rate analytics stats\u003C\u002Fli>\n\u003Cli>Locations, pages, referrers, keywords, 404 errors analytics stats\u003C\u002Fli>\n\u003Cli>Traffic channels, social networks, traffic mediums, search engines analytics stats\u003C\u002Fli>\n\u003Cli>Device categories, browsers, operating systems, screen resolutions, mobile brands analytics stats\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, you can control who can view specific Google Analytics reports by setting permissions based on user roles.\u003C\u002Fp>\n\u003Ch4>Google Analytics Tracking\u003C\u002Fh4>\n\u003Cp>Installs the latest Google Analytics tracking code and allows full code customization:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Universal Google Analytics (analytics.js) tracking code\u003C\u002Fli>\n\u003Cli>Global Site Tag (gtag.js) tracking code\u003C\u002Fli>\n\u003Cli>Enhanced link attribution\u003C\u002Fli>\n\u003Cli>Remarketing, demographics and interests tracking\u003C\u002Fli>\n\u003Cli>Page Speed sampling rate control\u003C\u002Fli>\n\u003Cli>User sampling rate control\u003C\u002Fli>\n\u003Cli>Cross domain tracking\u003C\u002Fli>\n\u003Cli>Exclude user roles from tracking\u003C\u002Fli>\n\u003Cli>Accelerated Mobile Pages (AMP) support for Google Analytics\u003C\u002Fli>\n\u003Cli>Ecommerce support for Google Analytics\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>User privacy oriented features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>IP address anonymization\u003C\u002Fli>\n\u003Cli>option to follow Do Not Track (DNT) sent by browsers\u003C\u002Fli>\n\u003Cli>support for user tracking opt-out\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>GAinWP enables you to easily track events like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Downloads\u003C\u002Fli>\n\u003Cli>Emails \u003C\u002Fli>\n\u003Cli>Outbound links\u003C\u002Fli>\n\u003Cli>Affiliate links\u003C\u002Fli>\n\u003Cli>Fragment identifiers\u003C\u002Fli>\n\u003Cli>Telephone\u003C\u002Fli>\n\u003Cli>Page Scrolling Depth\u003C\u002Fli>\n\u003Cli>Custom event categories, actions and labels using annotated HTML elements\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>With GAinWP you can use custom dimensions to track:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Authors\u003C\u002Fli>\n\u003Cli>Publication year\u003C\u002Fli>\n\u003Cli>Publication month\u003C\u002Fli>\n\u003Cli>Categories\u003C\u002Fli>\n\u003Cli>Tags\u003C\u002Fli>\n\u003Cli>User engagement\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Actions and filters are available for further Google Analytics tracking code customization.\u003C\u002Fp>\n\u003Ch4>Google Tag Manager Tracking\u003C\u002Fh4>\n\u003Cp>As an alternative to Google Analytics tracking code, you can use Google Tag Manager for tracking:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Tag Manager code\u003C\u002Fli>\n\u003Cli>Data Layer variables: authors, publication year, publication month, categories, tags, user type\u003C\u002Fli>\n\u003Cli>Exclude user roles from tracking\u003C\u002Fli>\n\u003Cli>Accelerated Mobile Pages (AMP) support for Google Tag Manager\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Accelerated Mobile Pages (AMP) features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Google Tag Manager basic tracking\u003C\u002Fli>\n\u003Cli>Google Analytics basic tracking \u003C\u002Fli>\n\u003Cli>Automatically removes \u003Cem>amp\u002F\u003C\u002Fem> from Google Analytics tracking page URL\u003C\u002Fli>\n\u003Cli>Scrolling depth tracking\u003C\u002Fli>\n\u003Cli>Custom dimensions tracking\u003C\u002Fli>\n\u003Cli>User sampling rate control\u003C\u002Fli>\n\u003Cli>Form submit tracking\u003C\u002Fli>\n\u003Cli>File downloads tracking\u003C\u002Fli>\n\u003Cli>Affiliate links tracking\u003C\u002Fli>\n\u003Cli>Hashmarks, outbound links, telephones and e-mails tracking\u003C\u002Fli>\n\u003Cli>Custom event categories, actions and labels using annotated HTML elements\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>GAinWP on Multisite\u003C\u002Fh4>\n\u003Cp>This plugin is fully compatible with multisite network installs, allowing three setup modes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Mode 1: network activated using multiple Google Analytics accounts\u003C\u002Fli>\n\u003Cli>Mode 2: network activated using a single Google Analytics account\u003C\u002Fli>\n\u003Cli>Mode 3: network deactivated using multiple Google Analytics accounts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>GAinWP on GitHub\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can submit feature requests or bugs on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flevelten\u002Fga-in\" rel=\"nofollow ugc\">GAinWP\u003C\u002Fa> repository.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Why this Plugin\u003C\u002Fh3>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fintelligence\" rel=\"ugc\">IntelligenceWP\u003C\u002Fa> project leverages the GADWP plugin for core Google Analytics integrations.\u003C\u002Fp>\n\u003Cp>After the Google Analytics Dashboard for WordPress changed maintainers in April 2018, users expressed concern over the new auth process proving 3rd party access to Google API keys and analytics data.\u003C\u002Fp>\n\u003Cp>GAinWP implements a direct auth process where API keys only reside in your WordPress site eliminating 3rd party access.\u003C\u002Fp>\n\u003Cp>The long term goal of the project is to provide an open, standards based Google Analytics WordPress API to facilitate integration of Google Analytics data by other plugins and themes into WordPress.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plugin was originally created by \u003Ca href=\"https:\u002F\u002Fdeconf.com\" rel=\"nofollow ugc\">Alin Marcu\u003C\u002Fa> as the Google Analytics Dashboard for WordPress (GADWP)\u003C\u002Fp>\n\u003Ch3>Standard Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the full ga-in directory into your wp-content\u002Fplugins directory.\u003C\u002Fli>\n\u003Cli>In WordPress select Plugins from your sidebar menu and activate the GAINWP – Google Analytics Integration for WordPress plugin.\u003C\u002Fli>\n\u003Cli>Open the plugin General Settings page, which is located under Google Analytics menu.\u003C\u002Fli>\n\u003Cli>Make sure Setup Mode is set to “Tracking & Reporting” (default).\u003C\u002Fli>\n\u003Cli>Click the Authorize Plugin button.\u003C\u002Fli>\n\u003Cli>Click the red Get Access Code link to open a new browser tab\u002Fwindow and follow the steps to generate the code.\u003C\u002Fli>\n\u003Cli>Back on your WordPress browser tab\u002Fwindow, copy and paste the access code into the Access Code input field.\u003C\u002Fli>\n\u003Cli>Click Save Access Code button.\u003C\u002Fli>\n\u003Cli>After the save, select the Tracking ID \u002F View for your site.\u003C\u002Fli>\n\u003Cli>Click the Save Changes button.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Reporting Only Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Complete steps 1-3 from the Standard Installation.\u003C\u002Fli>\n\u003Cli>Set Setup Mode to “Reporting only”.\u003C\u002Fli>\n\u003Cli>Click Save Changes.\u003C\u002Fli>\n\u003Cli>Complete steps 5-8 from the Standard Installation.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Tracking Only Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Follow setups 1-3 of the Standard Installation.\u003C\u002Fli>\n\u003Cli>Set Setup Mode to “Tracking only”.\u003C\u002Fli>\n\u003Cli>Copy and paste your Tracking ID from Google Analytics into the Tracking ID input.\u003C\u002Fli>\n\u003Cli>Click Save Changes.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Localization\u003C\u002Fh3>\n\u003Cp>You can translate GAinWP on \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fga-in\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>GAinWP it’s released under the GPLv2, you can use it free of charge on your personal or commercial website.\u003C\u002Fp>\n","Enable Google Analytics tracking and reporting dashboards in your WordPress site in just seconds.",9000,119303,96,126,"2020-09-10T00:30:00.000Z","5.5.18","3.5","5.2.4",[51,52,21,53,54],"analytics","google-analytics","google-analytics-dashboard","google-analytics-plugin","https:\u002F\u002Fintelligencewp.com\u002Fgoogle-analytics-in-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fga-in.5.4.6.zip",85,"2026-03-15T15:16:48.613Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":13,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":15,"tags":73,"homepage":76,"download_link":77,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":58},"evolution-google-analytics-code","AH Google Analytics Code","1.0.7","Andreas Hecht","https:\u002F\u002Fprofiles.wordpress.org\u002Fahecht\u002F","\u003Cp>With this plugin you can add the Google Analytics Code (or any other analytics code) in no time to the header or footer of your theme.\u003C\u002Fp>\n\u003Cp>DE: Das Plugin hilft Dir Deinen Google Analytics Code ruckzuck zum Header oder Footer Deines Themes hinzuzufügen. Du kannst auch jeden anderen Analytics Code (wie z.B. Piwik) verwenden.\u003C\u002Fp>\n\u003Ch3>How to use the plugin\u003C\u002Fh3>\n\u003Cp>Navigate to “Settings -> AH Google Analytics” and paste your code to the header or footer textarea. Hit the “Save” Button and you are ready.\u003C\u002Fp>\n\u003Cp>DE: Navigiere zu “Einstellungen => AH Google Analytics” und kopiere Deinen Analytics Code in das Textfeld für den Header oder den Footer. Speichere Deine Einstellungen und Du bist fertig.\u003C\u002Fp>\n","With this plugin you can add the Google Analytics Code in no time to the header or footer of your theme.",600,13794,5,"2017-09-23T16:20:00.000Z","4.8.28","4.7",[51,74,75,52,21],"analytics-code","google","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fevolution-google-analytics-code\u002Fdevelopers\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fevolution-google-analytics-code.1.0.7.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":13,"num_ratings":14,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":15,"tags":91,"homepage":96,"download_link":97,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":58},"cs-google-analytics-code","CS Google Analytics","1.0.2","catchsquare","https:\u002F\u002Fprofiles.wordpress.org\u002Fcatchsquare\u002F","\u003Cp>CS Google Analytics is the simple plugin which enables you to place your analytics code and verify your website from the admin panel.\u003C\u002Fp>\n\u003Cp>You will find following option with plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Place your google UA code (UA-XXXXXXXX-X)\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple plugin to populate the google analytics code in the head section.",10,1526,"2019-09-26T13:19:00.000Z","5.2.24","4.5",[92,52,93,94,95],"ga-code","google-analytics-code-verifications","wordpress-google-analytics","wp-google-analytics","http:\u002F\u002Fcatchsquare.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcs-google-analytics-code.1.0.2.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":86,"downloaded":106,"rating":13,"num_ratings":14,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":15,"tags":110,"homepage":113,"download_link":114,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":58},"simple-google-analytics-by-webexpert","simple google analytics by webexpert","1.1.0","WebExpert","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebexpert888\u002F","\u003Cp>This is a very simple but powerful google analytics plugin where you can install you tracking code without editing the theme files. you have to just put the tracking code of you google analytics account and this plugin will attach you code into your website. And you can track you website activity in google analytics account. not only this if you want to remove analytics code from any pages any catagory or any blog post if you configure the exclusion setting. not only this there are also the enable disable option you can stop the tracking without disabling the plugin. and you can also add multiple ga code for different post type\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Following is a non comprehensive list of features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable\u002Fdisable the plugin from option panel.\u003C\u002Fli>\n\u003Cli>Enable plugin settings for administrators.\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable plugin functions disabling the entire plugin.\u003C\u002Fli>\n\u003Cli>Exclusion features for categories.\u003C\u002Fli>\n\u003Cli>Exclusion features for pages.\u003C\u002Fli>\n\u003Cli>Exclusion featres for posts.\u003C\u002Fli>\n\u003Cli>Add Multiple google analytics code.\u003C\u002Fli>\n\u003Cli>Track your post type by seperate GA code .\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.8.1+\u003C\u002Fli>\n\u003Cli>The theme should be wordpress standards compliant.\u003C\u002Fli>\n\u003Cli>Multilingual Support is included with the plugin and is fully compatible with WPML.\u003C\u002Fli>\n\u003C\u002Ful>\n","use the power of google analytics with simple google analytics by webexpert.",2548,"2016-10-10T23:21:00.000Z","4.6.30","1.0.1",[51,52,111,112,94],"google-analytics-pro","multiple-google-analytics-code","http:\u002F\u002Fwww.vtdesignz.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-google-analytics-by-webexpert.1.1.0.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":11,"downloaded":123,"rating":11,"num_ratings":11,"last_updated":124,"tested_up_to":47,"requires_at_least":125,"requires_php":49,"tags":126,"homepage":15,"download_link":128,"security_score":57,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":58},"really-simple-ga","Really Simple GA","1.0.0","Kuldeep Sathwara","https:\u002F\u002Fprofiles.wordpress.org\u002Finfotwsmedia\u002F","\u003Cp>There are number of plugins avaiable in market for adding google analytics in site but it also load extra hooks that loads on site. We made it easy to load only google analytics code using less hooks (which required only).\u003C\u002Fp>\n\u003Ch3>Rate This Plugin:\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Freally-simple-ga\u002Freviews\" rel=\"ugc\">Please rate Really Simple GA Plugin\u003C\u002Fa>\u003C\u002Fp>\n","There are number of plugins avaiable in market for adding google analytics in site but it also load extra hooks that loads on site.",883,"2020-11-22T15:42:00.000Z","3.7",[127,92,52,21,116],"ga","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freally-simple-ga.zip",{"attackSurface":130,"codeSignals":186,"taintFlows":298,"riskAssessment":326,"analyzedAt":339},{"hooks":131,"ajaxHandlers":169,"restRoutes":170,"shortcodes":171,"cronEvents":184,"entryPointCount":185,"unprotectedCount":11},[132,138,142,146,150,154,157,161,165],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","admin_init","ict_ecto_do_output_buffer","easy-custom-theme-options.php",44,{"type":133,"name":139,"callback":140,"file":136,"line":141},"admin_menu","ict_ecto_add_menu",45,{"type":133,"name":143,"callback":144,"file":136,"line":145},"admin_head","ict_ecto_admin_styles",46,{"type":133,"name":147,"callback":148,"file":136,"line":149},"admin_footer","ict_ecto_admin_scripts",47,{"type":133,"name":151,"callback":152,"file":136,"line":153},"load-theme-settings","ict_ecto_save_options",48,{"type":133,"name":143,"callback":155,"file":136,"line":156},"ict_ecto_media_scripts",49,{"type":133,"name":158,"callback":159,"file":136,"line":160},"wp_head","ict_ecto_print_analytics_code_header",497,{"type":133,"name":162,"callback":163,"file":136,"line":164},"wp_footer","ict_ecto_custom_css_code_footer",552,{"type":133,"name":166,"callback":167,"file":136,"line":168},"login_enqueue_scripts","ict_ecto_login_logo",590,[],[],[172,176,180],{"tag":173,"callback":174,"file":136,"line":175},"tabs","ict_ecto_display_tab_function",563,{"tag":177,"callback":178,"file":136,"line":179},"social_media","ict_ecto_social_media_shortcode",577,{"tag":181,"callback":182,"file":136,"line":183},"sitelogo","ict_ecto_sitelogo_shortcode",602,[],3,{"dangerousFunctions":187,"sqlUsage":188,"outputEscaping":190,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":297},[],{"prepared":11,"raw":11,"locations":189},[],{"escaped":191,"rawEcho":192,"locations":193},33,52,[194,197,199,201,202,204,206,208,210,212,214,216,218,220,222,224,226,228,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295],{"file":136,"line":195,"context":196},38,"raw output",{"file":136,"line":198,"context":196},98,{"file":136,"line":200,"context":196},99,{"file":136,"line":13,"context":196},{"file":136,"line":203,"context":196},304,{"file":136,"line":205,"context":196},305,{"file":136,"line":207,"context":196},306,{"file":136,"line":209,"context":196},307,{"file":136,"line":211,"context":196},308,{"file":136,"line":213,"context":196},332,{"file":136,"line":215,"context":196},336,{"file":136,"line":217,"context":196},340,{"file":136,"line":219,"context":196},356,{"file":136,"line":221,"context":196},359,{"file":136,"line":223,"context":196},379,{"file":136,"line":225,"context":196},419,{"file":136,"line":227,"context":196},423,{"file":136,"line":227,"context":196},{"file":136,"line":230,"context":196},427,{"file":136,"line":232,"context":196},435,{"file":136,"line":234,"context":196},447,{"file":136,"line":236,"context":196},494,{"file":136,"line":238,"context":196},507,{"file":136,"line":240,"context":196},509,{"file":136,"line":242,"context":196},510,{"file":136,"line":244,"context":196},511,{"file":136,"line":246,"context":196},512,{"file":136,"line":248,"context":196},515,{"file":136,"line":250,"context":196},516,{"file":136,"line":252,"context":196},517,{"file":136,"line":254,"context":196},518,{"file":136,"line":256,"context":196},521,{"file":136,"line":258,"context":196},522,{"file":136,"line":260,"context":196},523,{"file":136,"line":262,"context":196},524,{"file":136,"line":264,"context":196},527,{"file":136,"line":266,"context":196},528,{"file":136,"line":268,"context":196},529,{"file":136,"line":270,"context":196},530,{"file":136,"line":272,"context":196},533,{"file":136,"line":274,"context":196},534,{"file":136,"line":276,"context":196},535,{"file":136,"line":278,"context":196},536,{"file":136,"line":280,"context":196},539,{"file":136,"line":282,"context":196},540,{"file":136,"line":284,"context":196},541,{"file":136,"line":286,"context":196},542,{"file":136,"line":288,"context":196},545,{"file":136,"line":290,"context":196},546,{"file":136,"line":292,"context":196},547,{"file":136,"line":294,"context":196},548,{"file":136,"line":296,"context":196},586,[],[299,318],{"entryPoint":300,"graph":301,"unsanitizedCount":14,"severity":317},"ict_ecto_save_options (easy-custom-theme-options.php:210)",{"nodes":302,"edges":314},[303,308],{"id":304,"type":305,"label":306,"file":136,"line":307},"n0","source","$_GET",262,{"id":309,"type":310,"label":311,"file":136,"line":312,"wp_function":313},"n1","sink","wp_redirect() [Open Redirect]",266,"wp_redirect",[315],{"from":304,"to":309,"sanitized":316},false,"medium",{"entryPoint":319,"graph":320,"unsanitizedCount":14,"severity":317},"\u003Ceasy-custom-theme-options> (easy-custom-theme-options.php:0)",{"nodes":321,"edges":324},[322,323],{"id":304,"type":305,"label":306,"file":136,"line":307},{"id":309,"type":310,"label":311,"file":136,"line":312,"wp_function":313},[325],{"from":304,"to":309,"sanitized":316},{"summary":327,"deductions":328},"The \"easy-custom-theme-options\" plugin v1.1 exhibits a mixed security posture. On the positive side, it has no known vulnerabilities (CVEs) and no reported issues in its history, suggesting a well-maintained or less complex plugin.  The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is also commendable.  Furthermore, the presence of 100% prepared SQL statements indicates good database security practices.\n\nHowever, significant concerns arise from the static analysis. The low percentage of properly escaped output (39%) presents a considerable risk of Cross-Site Scripting (XSS) vulnerabilities.  While the total number of output points isn't extremely high, a large proportion of them being unescaped is a serious oversight.  The taint analysis revealing \"flows with unsanitized paths\" is also concerning, even if no critical or high severity issues were identified. This indicates potential avenues for data manipulation or injection if not handled carefully, especially when combined with the unescaped output.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and secure database practices, the weak output escaping and identified unsanitized data flows are critical weaknesses that could be exploited. The lack of nonce checks and capability checks on its entry points (shortcodes) also leaves it vulnerable to various attacks if user-supplied data is not rigorously sanitized and validated within the shortcode functions themselves. Addressing the output escaping and investigating the taint flows further is paramount for improving its security.",[329,332,334,337],{"reason":330,"points":331},"Low output escaping percentage (39%)",15,{"reason":333,"points":86},"Unsanitized paths in taint flows",{"reason":335,"points":336},"No nonce checks on entry points",8,{"reason":338,"points":336},"No capability checks on entry points","2026-03-17T05:58:36.175Z",{"wat":341,"direct":349},{"assetPaths":342,"generatorPatterns":346,"scriptPaths":347,"versionParams":348},[343,344,345],"\u002Fwp-content\u002Fplugins\u002Feasy-custom-theme-options\u002Fimages\u002Fadd.png","\u002Fwp-content\u002Fplugins\u002Feasy-custom-theme-options\u002Fimages\u002Fimage_icon.png","\u002Fwp-content\u002Fplugins\u002Feasy-custom-theme-options\u002Fimages\u002Fdelete.png",[],[],[],{"cssClasses":350,"htmlComments":365,"htmlAttributes":386,"restEndpoints":416,"jsGlobals":417,"shortcodeOutput":420},[135,140,144,148,152,155,351,352,353,354,52,355,356,357,358,359,360,361,362,363,364],"theme_options","tHead","custom-css","typography","social-media","general-options","addnewrow","deleterow","sitebtn","parent","child1","child2","child3","note",[366,367,368,369,370,371,372,373,374,375,376,377,378,379,380,381,382,383,384,385],"Easy Custom Theme Options plugin easy to manage your custom theme options like logo, favicon, social media links, typography, google analytics code, custom css code etc.","Copyright 2018 iCoreThink Technologies (email: info@icorethink.com)","This program is free software; you can redistribute it and\u002For modify","it under the terms of the GNU General Public License, version 2, as","published by the Free Software Foundation.","This program is distributed in the hope that it will be useful,","but WITHOUT ANY WARRANTY; without even the implied warranty of","MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the","GNU General Public License for more details.","You should have received a copy of the GNU General Public License","along with this program; if not, write to the Free Software","Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA","Initially PHP version competibility check.","PHP version competibility check.","Initiate actions by calling functions for Easy Custom Theme Options.","Initially it will buffer the theme options.","This function is used to add Easy Custom Theme Setting in menu.","This function is used to add style for Easy Custom Theme Setting Page in admin.","This function is used to add media scripts in admin for Easy Custom Theme Options settings page.","This function is used to add JS scripts in admin for Easy Custom Theme Options settings page.",[387,388,389,390,391,392,393,394,395,389,390,391,392,393,396,397,398,390,390,390,399,400,401,401,400,402,403,404,403,403,405,406,407,408,409,410,411,412,413,414,415],"id=\"myTable\"","class=\"submit-btn\"","class=\"custom-css\"","class=\"typography\"","class=\"google-analytics\"","class=\"social-media\"","class=\"general-options\"","class=\"theme_options\"","class=\"tHead\"","class=\"addnewrow\"","class=\"deleterow\"","class=\"sitebtn\"","class=\"header\"","class=\"main_header\"","class=\"mLabel\"","class=\"tbody\"","class=\"bInput\"","class=\"fInput\"","class=\"parent\"","class=\"child1\"","class=\"child2\"","class=\"child3\"","class=\"note\"","id=\"message\"","style=\"width:94%\"","class=\"message error\"","class=\"logoadd\"","class=\"faviconadd\"","class=\"adminlogoadd\"",[],[418,419],"window.send_to_editor","tb_remove",[]]