[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fP3mNsksc19lKptRVFmM_iFHmunSloyencqaJWjw9goA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":20,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":35,"analysis":36,"fingerprints":118},"easy-ip-blocker","Easy IP Blocker","1.0.4","Carl Alberto","https:\u002F\u002Fprofiles.wordpress.org\u002Fcarl-alberto\u002F","\u003Cp>Easily blocks IPs from the WP dashboard\u003C\u002Fp>\n","Easily blocks IPs from the WP dashboard",200,5502,100,1,"2022-10-24T14:16:00.000Z","6.0.11","5.0","",[],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-ip-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-ip-blocker.1.0.4.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"carl-alberto",6,400,88,30,86,"2026-04-05T03:36:23.020Z",[],{"attackSurface":37,"codeSignals":65,"taintFlows":79,"riskAssessment":108,"analyzedAt":117},{"hooks":38,"ajaxHandlers":61,"restRoutes":62,"shortcodes":63,"cronEvents":64,"entryPointCount":23,"unprotectedCount":23},[39,46,50,54,58],{"type":40,"name":41,"callback":42,"priority":43,"file":44,"line":45},"action","init","init_settings",11,"includes\\class-easy-ip-blocker-settings.php",64,{"type":40,"name":47,"callback":48,"file":44,"line":49},"admin_init","register_settings",67,{"type":40,"name":51,"callback":52,"file":44,"line":53},"admin_menu","add_menu_item",70,{"type":40,"name":41,"callback":55,"priority":23,"file":56,"line":57},"load_localisation","includes\\class-easy-ip-blocker.php",153,{"type":40,"name":41,"callback":59,"priority":23,"file":56,"line":60},"eib_blocklist",155,[],[],[],[],{"dangerousFunctions":66,"sqlUsage":67,"outputEscaping":69,"fileOperations":23,"externalRequests":23,"nonceChecks":14,"capabilityChecks":23,"bundledLibraries":78},[],{"prepared":23,"raw":23,"locations":68},[],{"escaped":70,"rawEcho":71,"locations":72},20,2,[73,76],{"file":44,"line":74,"context":75},283,"raw output",{"file":44,"line":77,"context":75},354,[],[80,98],{"entryPoint":81,"graph":82,"unsanitizedCount":14,"severity":97},"settings_page (includes\\class-easy-ip-blocker-settings.php:291)",{"nodes":83,"edges":94},[84,89],{"id":85,"type":86,"label":87,"file":44,"line":88},"n0","source","$_GET",300,{"id":90,"type":91,"label":92,"file":44,"line":77,"wp_function":93},"n1","sink","echo() [XSS]","echo",[95],{"from":85,"to":90,"sanitized":96},false,"medium",{"entryPoint":99,"graph":100,"unsanitizedCount":23,"severity":107},"\u003Cclass-easy-ip-blocker-settings> (includes\\class-easy-ip-blocker-settings.php:0)",{"nodes":101,"edges":104},[102,103],{"id":85,"type":86,"label":87,"file":44,"line":88},{"id":90,"type":91,"label":92,"file":44,"line":77,"wp_function":93},[105],{"from":85,"to":90,"sanitized":106},true,"low",{"summary":109,"deductions":110},"The easy-ip-blocker v1.0.4 plugin exhibits a generally good security posture based on the provided static analysis. The absence of identified dangerous functions, raw SQL queries, and external HTTP requests is commendable. Furthermore, the high percentage of properly escaped output and the presence of nonce checks suggest developers have implemented some common security best practices.\n\nHowever, a notable concern arises from the taint analysis, which revealed one flow with an unsanitized path. While no critical or high severity issues were flagged, an unsanitized path presents a potential vector for manipulation, especially if user-supplied input reaches this point. The lack of identified capability checks on any entry points is also a weakness, as it means authorization might not be granularly enforced, though the absence of entry points mitigates this immediate risk.\n\nWith no recorded historical vulnerabilities, the plugin's past indicates a stable security record. In conclusion, while the plugin has strengths in its sanitized SQL and output escaping, the single unsanitized path flow and the absence of capability checks represent areas that could be strengthened to achieve a more robust security profile.",[111,114],{"reason":112,"points":113},"Flow with unsanitized path found",15,{"reason":115,"points":116},"No capability checks on entry points",5,"2026-03-16T20:11:12.066Z",{"wat":119,"direct":127},{"assetPaths":120,"generatorPatterns":123,"scriptPaths":124,"versionParams":125},[121,122],"\u002Fwp-content\u002Fplugins\u002Feasy-ip-blocker\u002Fincludes\u002Fcss\u002Fsettings.css","\u002Fwp-content\u002Fplugins\u002Feasy-ip-blocker\u002Fincludes\u002Fjs\u002Fsettings.js",[],[122],[126],"easy-ip-blocker\u002Fincludes\u002Fjs\u002Fsettings.js?ver=1.0.0",{"cssClasses":128,"htmlComments":129,"htmlAttributes":130,"restEndpoints":132,"jsGlobals":133,"shortcodeOutput":135},[],[],[131],"data-token=\"easy-ip-blocker\"",[],[134],"easy_ip_blocker_settings_params",[]]