[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcGP_E2qZfpX6gclrust7kBmme61cVZ6gFBDA8ll12gw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":136,"fingerprints":357},"easy-options-for-woocommerce","Easy Options for WooCommerce","1.6.2","Jeff Sherk","https:\u002F\u002Fprofiles.wordpress.org\u002Fjsherk\u002F","\u003Cp>Easy Options for WooCommerce will allow you to access some hidden options that are not normally available to you.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>CONFIRM LOGOUT: Allows you to disable to the Confirm Logout question on the WooCommerce My-Account page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>SHIPPING: Allows you to sort the shipping methods from least expensive to most expensive. Allows you to force the Local Pickup shipping method to be at the bottom as the last choice.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>PASSWORD STRENGTH METER: Allows you to hide or show the Password Strength Meter when new users are creating their password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>HIDE RELATED PRODUCTS: Allows you to hide the Related Products section on single product pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>EMPTY PRODUCT CATEGORIES: Let’s you choose to show or hide empty product categories on the Shop pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>HIDE CATEGORIES: Choose categories to hide from shop pages and widgets.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>PRODUCT CATEGORY TEXT: Let’s you choose to show or hide the title\u002Ftext that appears under each product category image on the Shop pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>PRODUCT CATEGORY COUNT: Let’s you choose to show or hide the count of items that appears under each product category image on the Shop pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>DISABLE NEW USER REGISTRATION: If you are using the WooCommerce registration pages on My-Account page and\u002For during checkout, you can choose to disable the new user registration form that appears on wp-login.php?action=register . This can help reduce spam bot sign ups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Tested with WooCommerce v3.2.3+   It may work with older versions of WooCommerce, but no guarantees.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Access hidden WooCommerce options such as: Disable Confirm Logout, Hide Password Strength Meter, Hide Categories from Shop Pages and Widgets, Show Emp &hellip;",100,9121,11,"2024-06-29T12:36:00.000Z","6.5.8","4.8","",[19,20,21,22,23],"confirm","disable","logout","minimum","password","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-options-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-options-for-woocommerce.1.6.2.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"jsherk",8,540,93,315,74,"2026-04-04T21:03:27.531Z",[40,59,78,100,120],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":11,"num_ratings":33,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":57,"download_link":58,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"disable-application-passwords","Disable Application Passwords","2.4","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>Does one thing: disables the “Application Passwords” feature.\u003C\u002Fp>\n\u003Cp>Activate this plugin to completely disable the new Application Passwords functionality (added in WP version 5.6). To re-enable Application Passwords, simply deactivate the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lightweight – only one line of code.\u003C\u002Fli>\n\u003Cli>Simple to use – activate and done.\u003C\u002Fli>\n\u003Cli>No settings to worry about.\u003C\u002Fli>\n\u003Cli>Easy peasy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Why is this useful?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Because not every website is the same. Not every website needs this feature. Also disabling application passwords helps to limit unnecessary exposure and eliminate unwanted functionality (i.e., bloat). Whatever the reason, it is your choice. That’s the beauty of WordPress. So if, for whatever reason, you decide that application passwords should be disabled, this plugin will do it with a click.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>More infos\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For more information about the new Application Passwords feature:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2020\u002F11\u002F05\u002Fapplication-passwords-integration-guide\u002F\" rel=\"nofollow ugc\">Application Passwords: Integration Guide\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fwordpress-disable-application-passwords\u002F\" rel=\"nofollow ugc\">Free Plugin: Disable Application Passwords\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.\u003C\u002Fp>\n\u003Cp>Disable Application Passwords is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Activate this plugin to disable the Application Passwords feature that was added in WP v5.6.",2000,43845,"2026-01-28T20:29:00.000Z","6.9.4","5.6","5.6.20",[55,20,56],"application","passwords","https:\u002F\u002Fperishablepress.com\u002Fwordpress-disable-application-passwords\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-application-passwords.2.4.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":17,"download_link":76,"security_score":77,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"disable-password-reset","Disable Password Reset","1.0","Dugonja","https:\u002F\u002Fprofiles.wordpress.org\u002Fh3llas\u002F","\u003Cp>This plugin will enhance security of your WordPress site by disabling password reset function over email of WordPress.\u003Cbr \u002F>\nUse with caution since otherwise if you forgot your user password you will need to reset the password directly in the database with phpmyadmin or similar tool.\u003Cbr \u002F>\nAdittionally this plugin will hide notice which say what is wrong “password” or “username” on WordPress login page.\u003C\u002Fp>\n","Enhance security of your blogs by preventing password reset over email function.",1000,10582,80,4,"2016-11-10T18:05:00.000Z","4.6.30","3.1",[20,23,75],"reset","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-password-reset.zip",85,{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":67,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":17,"tags":92,"homepage":95,"download_link":96,"security_score":97,"vuln_count":98,"unpatched_count":27,"last_vuln_date":99,"fetched_at":29},"protected-posts-logout-button","Protected Posts Logout Button","1.4.6","Nate Reist","https:\u002F\u002Fprofiles.wordpress.org\u002Fnatereist\u002F","\u003Cp>This plugin simply adds a logout button to the content of any password protected post. Sometimes clients want a password protected page to share information with privileged individuals and the default 10 days for the cookie to expire is too long for their liking. So I wrote a little plugin to do this with AJAX and set the cookie to expire immediately, well actually 10 days in the past.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works logged in or out as a WordPress user.\u003C\u002Fli>\n\u003Cli>Uses the same functionality WordPress uses to set post cookies.\u003C\u002Fli>\n\u003Cli>Has a simple settings page to make everything easier.\u003C\u002Fli>\n\u003Cli>Allows you to alert user they have logged out.\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically adds a logout button to your password protected content.",33408,98,13,"2023-02-16T00:46:00.000Z","6.1.10","2.8",[21,93,94],"password-protected-posts-logout-button","wordpress-security","http:\u002F\u002Fmindutopia.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotected-posts-logout-button.1.4.6.zip",84,3,"2023-02-20 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":11,"num_ratings":110,"last_updated":111,"tested_up_to":51,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":118,"download_link":119,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"disable-woocom-logout-confirmation","Disable woocommerce logout confirmation","1.2","Hem Thapa","https:\u002F\u002Fprofiles.wordpress.org\u002Fhemthapa\u002F","\u003Cp>This lightweight plugin disables woocommerce logout confirmation!\u003C\u002Fp>\n\u003Cp>If you have any queries, issues or feedback regarding the plugin, please contact developer at \u003Ca href=\"http:\u002F\u002Fhemthapa.com?wcdislogout\" rel=\"nofollow ugc\">hemthapa.com\u003C\u002Fa>\u003C\u002Fp>\n","This lightweight plugin disables woocommerce logout confirmation!",700,8109,6,"2026-01-23T07:19:00.000Z","4.0","7.3",[115,116,117],"logout-confirmation","my-account","woocommerce","http:\u002F\u002Fhemthapa.com?ref=woodisdowmenu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-woocom-logout-confirmation.1.2.zip",{"slug":121,"name":122,"version":62,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":108,"downloaded":127,"rating":27,"num_ratings":27,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":17,"download_link":135,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"simply-disable-password-reset","Simply Disable Password Reset","Boopathi Rajan","https:\u002F\u002Fprofiles.wordpress.org\u002Fboopathi0001\u002F","\u003Cp>Its a very simple plugin to disable the password reset in the wordpress.\u003C\u002Fp>\n\u003Cp>If a user attempts to reset their password they will receive the error message\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Password reset is not allowed for this user\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Kindly let us know your feedback or comments to add more features in this plugin.\u003C\u002Fp>\n","Its a very simple plugin to disable the password reset in the wordpress.",3255,"2024-07-31T07:16:00.000Z","6.6.5","4.3","5.2.4",[60,133,134],"disable-rest","wordpress-password-reset","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimply-disable-password-reset.1.0.zip",{"attackSurface":137,"codeSignals":202,"taintFlows":323,"riskAssessment":351,"analyzedAt":356},{"hooks":138,"ajaxHandlers":198,"restRoutes":199,"shortcodes":200,"cronEvents":201,"entryPointCount":27,"unprotectedCount":27},[139,146,151,155,159,163,167,171,175,179,183,187,191,194],{"type":140,"name":141,"callback":142,"priority":143,"file":144,"line":145},"filter","plugin_row_meta","jdseowc_add_meta_to_admin_plugins_page",10,"easy-options-for-woocommerce.php",78,{"type":147,"name":148,"callback":149,"file":144,"line":150},"action","admin_menu","jdseowc_add_admin_settings_menu",87,{"type":147,"name":152,"callback":153,"file":144,"line":154},"template_redirect","jdseowc_disable_confirm_logout",105,{"type":140,"name":156,"callback":157,"priority":143,"file":144,"line":158},"woocommerce_product_subcategories_hide_empty","jdseowc_show_empty_categories",123,{"type":140,"name":160,"callback":161,"file":144,"line":162},"woocommerce_min_password_strength","jdseowc_set_min_password_strength",145,{"type":147,"name":164,"callback":165,"priority":11,"file":144,"line":166},"wp_print_scripts","jdseowc_set_min_password_strength_disable_meter",162,{"type":147,"name":168,"callback":169,"file":144,"line":170},"wp_head","jdseowc_product_category_css_settings",196,{"type":140,"name":172,"callback":173,"file":144,"line":174},"wp_mail","jdseowc_disable_admin_new_user_notification_email",260,{"type":140,"name":176,"callback":177,"file":144,"line":178},"option_users_can_register","jdseowc_disable_wplogin_registration_page",278,{"type":140,"name":180,"callback":181,"priority":143,"file":144,"line":182},"woocommerce_package_rates","jdseowc_sort_woocommerce_available_shipping_methods",331,{"type":147,"name":184,"callback":185,"file":144,"line":186},"init","jdseowc_remove_related_product",343,{"type":140,"name":188,"callback":189,"file":144,"line":190},"woocommerce_product_categories_widget_dropdown_args","jdseowc_hide_categories_from_widget",377,{"type":140,"name":192,"callback":189,"file":144,"line":193},"woocommerce_product_categories_widget_args",378,{"type":140,"name":195,"callback":196,"priority":143,"file":144,"line":197},"get_terms","jdseowc_hide_these_categories_from_shop_page",440,[],[],[],[],{"dangerousFunctions":203,"sqlUsage":204,"outputEscaping":206,"fileOperations":27,"externalRequests":27,"nonceChecks":321,"capabilityChecks":321,"bundledLibraries":322},[],{"prepared":27,"raw":27,"locations":205},[],{"escaped":207,"rawEcho":208,"locations":209},24,71,[210,213,214,215,217,219,220,221,223,225,226,227,229,231,232,233,235,237,239,240,241,243,245,247,248,249,251,253,255,256,257,259,261,262,263,265,267,268,269,271,273,275,276,277,279,281,282,283,285,287,289,290,291,293,295,296,297,299,301,303,304,305,307,309,311,312,313,315,317,318,319],{"file":144,"line":211,"context":212},471,"raw output",{"file":144,"line":211,"context":212},{"file":144,"line":211,"context":212},{"file":144,"line":216,"context":212},472,{"file":144,"line":218,"context":212},631,{"file":144,"line":218,"context":212},{"file":144,"line":218,"context":212},{"file":144,"line":222,"context":212},632,{"file":144,"line":224,"context":212},644,{"file":144,"line":224,"context":212},{"file":144,"line":224,"context":212},{"file":144,"line":228,"context":212},645,{"file":144,"line":230,"context":212},655,{"file":144,"line":230,"context":212},{"file":144,"line":230,"context":212},{"file":144,"line":234,"context":212},656,{"file":144,"line":236,"context":212},666,{"file":144,"line":238,"context":212},667,{"file":144,"line":238,"context":212},{"file":144,"line":238,"context":212},{"file":144,"line":242,"context":212},668,{"file":144,"line":244,"context":212},679,{"file":144,"line":246,"context":212},680,{"file":144,"line":246,"context":212},{"file":144,"line":246,"context":212},{"file":144,"line":250,"context":212},681,{"file":144,"line":252,"context":212},688,{"file":144,"line":254,"context":212},689,{"file":144,"line":254,"context":212},{"file":144,"line":254,"context":212},{"file":144,"line":258,"context":212},697,{"file":144,"line":260,"context":212},698,{"file":144,"line":260,"context":212},{"file":144,"line":260,"context":212},{"file":144,"line":264,"context":212},711,{"file":144,"line":266,"context":212},712,{"file":144,"line":266,"context":212},{"file":144,"line":266,"context":212},{"file":144,"line":270,"context":212},713,{"file":144,"line":272,"context":212},722,{"file":144,"line":274,"context":212},723,{"file":144,"line":274,"context":212},{"file":144,"line":274,"context":212},{"file":144,"line":278,"context":212},724,{"file":144,"line":280,"context":212},754,{"file":144,"line":280,"context":212},{"file":144,"line":280,"context":212},{"file":144,"line":284,"context":212},755,{"file":144,"line":286,"context":212},756,{"file":144,"line":288,"context":212},770,{"file":144,"line":288,"context":212},{"file":144,"line":288,"context":212},{"file":144,"line":292,"context":212},771,{"file":144,"line":294,"context":212},782,{"file":144,"line":294,"context":212},{"file":144,"line":294,"context":212},{"file":144,"line":298,"context":212},783,{"file":144,"line":300,"context":212},794,{"file":144,"line":302,"context":212},795,{"file":144,"line":302,"context":212},{"file":144,"line":302,"context":212},{"file":144,"line":306,"context":212},796,{"file":144,"line":308,"context":212},807,{"file":144,"line":310,"context":212},808,{"file":144,"line":310,"context":212},{"file":144,"line":310,"context":212},{"file":144,"line":314,"context":212},809,{"file":144,"line":316,"context":212},815,{"file":144,"line":316,"context":212},{"file":144,"line":316,"context":212},{"file":144,"line":320,"context":212},816,1,[],[324,343],{"entryPoint":325,"graph":326,"unsanitizedCount":27,"severity":342},"jdseowc_show_plugin_options (easy-options-for-woocommerce.php:444)",{"nodes":327,"edges":339},[328,333],{"id":329,"type":330,"label":331,"file":144,"line":332},"n0","source","$_POST (x12)",507,{"id":334,"type":335,"label":336,"file":144,"line":337,"wp_function":338},"n1","sink","update_option() [Settings Manipulation]",508,"update_option",[340],{"from":329,"to":334,"sanitized":341},true,"low",{"entryPoint":344,"graph":345,"unsanitizedCount":27,"severity":342},"\u003Ceasy-options-for-woocommerce> (easy-options-for-woocommerce.php:0)",{"nodes":346,"edges":349},[347,348],{"id":329,"type":330,"label":331,"file":144,"line":332},{"id":334,"type":335,"label":336,"file":144,"line":337,"wp_function":338},[350],{"from":329,"to":334,"sanitized":341},{"summary":352,"deductions":353},"The \"easy-options-for-woocommerce\" v1.6.2 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of any known CVEs and a clean vulnerability history is a strong indicator of historical security diligence. The code analysis reveals a small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, no unprotected entry points.  Furthermore, the plugin utilizes prepared statements for all SQL queries, has no file operations or external HTTP requests, and includes both nonce and capability checks, which are good security practices.\n\nHowever, a significant concern arises from the output escaping analysis. With 25% of outputs properly escaped out of 95 total, it suggests a substantial portion of dynamic content may be susceptible to Cross-Site Scripting (XSS) vulnerabilities. While taint analysis did not reveal any critical or high-severity flows, the lack of robust output escaping creates an indirect risk. The plugin's strengths lie in its minimal attack surface and secure data handling for SQL. The primary weakness is the potentially insufficient output sanitization, which could be exploited if user-provided data is ever rendered directly on the frontend without proper escaping.\n\nIn conclusion, the plugin has a solid foundation in terms of preventing common attack vectors like SQL injection and unauthorized access. The absence of historical vulnerabilities further boosts confidence. Nevertheless, the identified issue with output escaping warrants attention. Addressing this could significantly improve the plugin's overall security by mitigating the risk of XSS attacks.  Users should be aware of this potential weakness, although the overall risk appears moderate given the other security measures in place.",[354],{"reason":355,"points":110},"Low percentage of properly escaped output","2026-03-16T20:39:28.861Z",{"wat":358,"direct":366},{"assetPaths":359,"generatorPatterns":363,"scriptPaths":364,"versionParams":365},[360,361,362],"\u002Fwp-content\u002Fplugins\u002Feasy-options-for-woocommerce\u002Fdbut.png","\u002Fwp-content\u002Fplugins\u002Feasy-options-for-woocommerce\u002Fdbut-small.png","\u002Fwp-content\u002Fplugins\u002Feasy-options-for-woocommerce\u002Fstars-small.png",[],[],[],{"cssClasses":367,"htmlComments":370,"htmlAttributes":375,"restEndpoints":376,"jsGlobals":377,"shortcodeOutput":378},[368,369],"woocommerce-loop-category__title","products",[371,372,373,374],"NOTE: This feature is currently DISABLED because password strength does not seem to work at all.","Have left feature of turning the the password strength meter on\u002Foff only.","REVIEW & DONATE","DONATE",[],[],[],[]]