[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faGq8XralmHkizSFSBfjiw7XZmi9W9UQ1f-6g1fCw8sk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":18,"download_link":19,"security_score":20,"vuln_count":11,"unpatched_count":11,"last_vuln_date":21,"fetched_at":22,"vulnerabilities":23,"developer":24,"crawl_stats":21,"alternatives":31,"analysis":32,"fingerprints":142},"easy-edit-products","Easy edit products","1.0.2","Hamid Alinia","https:\u002F\u002Fprofiles.wordpress.org\u002Fglboy\u002F","\u003Cp>** Woocommerce should be enable **\u003Cbr \u002F>\nEasy edit products for editing products prices and their variation easily\u003C\u002Fp>\n","** Woocommerce should be enable **",0,729,"2022-03-12T14:25:00.000Z","5.8.13","3.4","",[],"http:\u002F\u002Fidehweb.com\u002Feasy-edit-products","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-edit-products.1.0.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":25,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":20,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},"glboy",4,1010,140,69,"2026-04-04T06:25:30.202Z",[],{"attackSurface":33,"codeSignals":78,"taintFlows":101,"riskAssessment":129,"analyzedAt":141},{"hooks":34,"ajaxHandlers":56,"restRoutes":74,"shortcodes":75,"cronEvents":76,"entryPointCount":77,"unprotectedCount":77},[35,41,44,47,51],{"type":36,"name":37,"callback":38,"file":39,"line":40},"action","init","idehweb_eeproductstextdomain","easy-edit-products.php",19,{"type":36,"name":42,"callback":42,"file":39,"line":43},"admin_init",20,{"type":36,"name":45,"callback":45,"file":39,"line":46},"admin_menu",21,{"type":36,"name":48,"callback":49,"file":39,"line":50},"activated_plugin","eeproductsactivation_redirect",22,{"type":52,"name":53,"callback":54,"file":39,"line":55},"filter","pre_get_posts","my_search_pre_get_posts",33,[57,61,64,67,69,72],{"action":58,"nopriv":59,"callback":58,"hasNonce":59,"hasCapCheck":59,"file":39,"line":60},"idehweb_eep_products",false,24,{"action":58,"nopriv":62,"callback":58,"hasNonce":59,"hasCapCheck":59,"file":39,"line":63},true,25,{"action":65,"nopriv":59,"callback":65,"hasNonce":59,"hasCapCheck":59,"file":39,"line":66},"idehweb_eep_get_terms",27,{"action":65,"nopriv":62,"callback":65,"hasNonce":59,"hasCapCheck":59,"file":39,"line":68},28,{"action":70,"nopriv":59,"callback":70,"hasNonce":59,"hasCapCheck":59,"file":39,"line":71},"idehweb_eep_change_products",31,{"action":70,"nopriv":62,"callback":70,"hasNonce":59,"hasCapCheck":59,"file":39,"line":73},32,[],[],[],6,{"dangerousFunctions":79,"sqlUsage":80,"outputEscaping":82,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":97},[],{"prepared":11,"raw":11,"locations":81},[],{"escaped":40,"rawEcho":77,"locations":83},[84,87,89,91,93,95],{"file":39,"line":85,"context":86},128,"raw output",{"file":39,"line":88,"context":86},336,{"file":39,"line":90,"context":86},407,{"file":39,"line":92,"context":86},414,{"file":39,"line":94,"context":86},441,{"file":39,"line":96,"context":86},657,[98],{"name":99,"version":21,"knownCves":100},"DataTables",[],[102,120],{"entryPoint":103,"graph":104,"unsanitizedCount":118,"severity":119},"idehweb_eep_products (easy-edit-products.php:445)",{"nodes":105,"edges":116},[106,111],{"id":107,"type":108,"label":109,"file":39,"line":110},"n0","source","$_GET",472,{"id":112,"type":113,"label":114,"file":39,"line":96,"wp_function":115},"n1","sink","echo() [XSS]","echo",[117],{"from":107,"to":112,"sanitized":59},1,"medium",{"entryPoint":121,"graph":122,"unsanitizedCount":118,"severity":128},"\u003Ceasy-edit-products> (easy-edit-products.php:0)",{"nodes":123,"edges":126},[124,125],{"id":107,"type":108,"label":109,"file":39,"line":110},{"id":112,"type":113,"label":114,"file":39,"line":96,"wp_function":115},[127],{"from":107,"to":112,"sanitized":59},"low",{"summary":130,"deductions":131},"The \"easy-edit-products\" v1.0.2 plugin exhibits a concerning security posture, primarily due to its unprotected AJAX endpoints.  While the code analysis reveals no dangerous functions, all SQL queries use prepared statements, and a high percentage of output is properly escaped, the presence of six AJAX handlers without any authentication or capability checks presents a significant attack surface.  The taint analysis, though limited in scope, did identify flows with unsanitized paths, which could be a precursor to more severe vulnerabilities if exploited in conjunction with the unprotected entry points.  The plugin's clean vulnerability history is a positive sign, suggesting a lack of historical exploitation or well-handled past issues. However, this does not mitigate the immediate risks posed by the unprotected AJAX handlers, which are a critical weakness that could allow unauthorized actions if an attacker can trigger these endpoints.",[132,134,137,139],{"reason":133,"points":43},"Unprotected AJAX handlers",{"reason":135,"points":136},"Flows with unsanitized paths",10,{"reason":138,"points":136},"Missing nonce checks on AJAX",{"reason":140,"points":136},"Missing capability checks on AJAX","2026-03-17T06:30:18.029Z",{"wat":143,"direct":152},{"assetPaths":144,"generatorPatterns":149,"scriptPaths":150,"versionParams":151},[145,146,147,148],"\u002Fwp-content\u002Fplugins\u002Feasy-edit-products\u002Fstyles\u002Fjquery.dataTables.min.css","\u002Fwp-content\u002Fplugins\u002Feasy-edit-products\u002Fstyles\u002Feasy-edit-products-admin.css","\u002Fwp-content\u002Fplugins\u002Feasy-edit-products\u002Fscripts\u002Fjquery.dataTables.min.js","\u002Fwp-content\u002Fplugins\u002Feasy-edit-products\u002Fscripts\u002Feasy-edit-products-admin.js",[],[],[],{"cssClasses":153,"htmlComments":170,"htmlAttributes":171,"restEndpoints":173,"jsGlobals":175,"shortcodeOutput":177},[154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169],"eep-mgt-5","eep-form-all","eep-form-g","eep-mgt-1","eep-first-cat","eep-second-cat","eep-third-cat","eep-fourth-cat","eep-fourth-idid","eep-width100persent","eep-fixed-price","eep-percentage-price","eep-showhide-wrapper","eep-showhide","eep-list-of-sh","eep-toggle-vis",[],[172],"data-column",[174],"\u002Fwp-json\u002Fidehweb-eeproducts",[176],"idehweb_eeproducts_js",[]]