[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fK3X_YfdDDTQbOr0aIPHQH5qCTqgUNBOn_ZCNQvlLToM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":36,"fingerprints":103},"easy-login-form","Easy Login Form","1.2","jokiruiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fjokioki\u002F","\u003Cp>The Easy Login Form is a WordPress plugin that allows you to change the styling of the login form.\u003C\u002Fp>\n\u003Cp>Using the Easy Login Form is really easy, just follow this steps:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Go to Settings -> Easy Login Form\u003C\u002Fli>\n\u003Cli>Specify your website logo location (inside your theme). For example: images\u002Flogo.png\u003C\u002Fli>\n\u003Cli>Set the Background page colour. Using the colour picker! you don’t need to know the colour code.\u003C\u002Fli>\n\u003Cli>Set the Background form colour, and the Front form colour.\u003C\u002Fli>\n\u003Cli>Press “save changes”.\u003C\u002Fli>\n\u003Cli>Check your result on “Preview”, and if you liked it, that’s it!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Enjoy! 🙂\u003C\u002Fp>\n\u003Cp>\u003Cem>Thank you for downloading! your feedback is well appreciated!\u003C\u002Fem>\u003C\u002Fp>\n","Make a nicer login screen",10,4773,100,2,"2015-11-02T11:36:00.000Z","4.3.34","3.0.1","",[20],"login-form-admin-style-form-user","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-login-style","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-login-form.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":23,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"jokioki",5,780,30,84,"2026-04-04T11:06:02.445Z",[],{"attackSurface":37,"codeSignals":58,"taintFlows":90,"riskAssessment":91,"analyzedAt":102},{"hooks":38,"ajaxHandlers":54,"restRoutes":55,"shortcodes":56,"cronEvents":57,"entryPointCount":24,"unprotectedCount":24},[39,45,48,51],{"type":40,"name":41,"callback":42,"file":43,"line":44},"action","admin_enqueue_scripts","anonymous","includes\\class-easy-login-form.php",94,{"type":40,"name":46,"callback":42,"file":43,"line":47},"admin_menu",96,{"type":40,"name":49,"callback":42,"file":43,"line":50},"admin_init",97,{"type":40,"name":52,"callback":42,"file":43,"line":53},"login_head",99,[],[],[],[],{"dangerousFunctions":59,"sqlUsage":60,"outputEscaping":62,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":89},[],{"prepared":24,"raw":24,"locations":61},[],{"escaped":24,"rawEcho":63,"locations":64},11,[65,69,72,74,76,78,80,82,84,85,87],{"file":66,"line":67,"context":68},"admin\\class-easy-login-form-admin.php",88,"raw output",{"file":70,"line":71,"context":68},"admin\\partials\\easy-login-form.php",103,{"file":70,"line":73,"context":68},112,{"file":70,"line":75,"context":68},121,{"file":70,"line":77,"context":68},130,{"file":70,"line":79,"context":68},143,{"file":70,"line":81,"context":68},144,{"file":70,"line":83,"context":68},147,{"file":70,"line":83,"context":68},{"file":70,"line":86,"context":68},198,{"file":70,"line":88,"context":68},203,[],[],{"summary":92,"deductions":93},"Based on the provided static analysis and vulnerability history, the \"easy-login-form\" plugin version 1.2 presents a mixed security posture.  The plugin demonstrates a strong adherence to some security best practices, notably the complete absence of dangerous functions, file operations, and external HTTP requests. Furthermore, all SQL queries are reportedly using prepared statements, and there are no recorded vulnerabilities or CVEs, indicating a clean history.  The attack surface appears minimal, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events without authentication or permission checks.\n\nHowever, a significant concern arises from the \"Output escaping\" signal. With 11 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-provided data that is displayed back to the user without proper sanitization and escaping can be exploited to inject malicious scripts. The complete absence of nonce checks and capability checks, while potentially acceptable given the zero unprotected entry points, still leaves room for potential privilege escalation or unauthorized actions if the attack surface were to expand or if the internal logic of the plugin were to be targeted in unexpected ways. The lack of taint analysis results is also noted, though this might simply reflect the limited scope of the analysis performed or the absence of exploitable taint flows.\n\nIn conclusion, while the plugin's history and infrastructure appear secure, the lack of output escaping is a critical weakness that significantly undermines its overall security. This single issue creates a substantial risk of XSS vulnerabilities. The absence of other common security measures like nonce and capability checks, while not directly exploitable with the current attack surface, should be viewed as areas for improvement to enhance resilience against future threats or evolving attack vectors. The current version is not recommended for production environments without addressing the output escaping issue.",[94,97,100],{"reason":95,"points":96},"0% output escaping",15,{"reason":98,"points":99},"0 Nonce checks",3,{"reason":101,"points":99},"0 Capability checks","2026-03-17T00:56:25.176Z",{"wat":104,"direct":111},{"assetPaths":105,"generatorPatterns":107,"scriptPaths":108,"versionParams":109},[106],"\u002Fwp-content\u002Fplugins\u002Feasy-login-form\u002Fadmin\u002Fcss\u002Fbootstrap.min.css",[],[],[110],"easy-login-form\u002Fadmin\u002Fcss\u002Fbootstrap.min.css?ver=",{"cssClasses":112,"htmlComments":113,"htmlAttributes":114,"restEndpoints":115,"jsGlobals":116,"shortcodeOutput":117},[],[],[],[],[],[]]