[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBo4mCdTV4EyJcxt23V8zgtTx2v9fbAksuhxWd3qW8_g":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":36,"fingerprints":77},"easy-timeout-session","Easy Timeout Session","1.1","jokiruiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fjokioki\u002F","\u003Cp>The Easy Timeout Session WordPress plugin allows you to change the session\u003Cbr \u002F>\nduration for the WordPress user.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Open Timeout Session Page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Specify the session length (you can specify in seconds, hours or days)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Do you use worpdress admin with an iPad? Don´t worry, this plugin is fully\u003Cbr \u002F>\nadapted for tablets and smartphones.\u003C\u002Fp>\n\u003Cp>\u003Cem>Thank you for downloading! your feedback is well appreciated!\u003C\u002Fem>\u003C\u002Fp>\n","The Easy Timeout Session WordPress plugin allows you to change the session duration for the WordPress user.",200,6836,100,3,"2015-11-02T12:36:00.000Z","4.3.34","3.0.1","",[20],"timeout-session-cookie-user-wordpress-login-logout","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-timeout-session\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-timeout-session.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":23,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"jokioki",5,780,30,84,"2026-04-04T05:00:24.431Z",[],{"attackSurface":37,"codeSignals":58,"taintFlows":69,"riskAssessment":70,"analyzedAt":76},{"hooks":38,"ajaxHandlers":54,"restRoutes":55,"shortcodes":56,"cronEvents":57,"entryPointCount":24,"unprotectedCount":24},[39,45,48,51],{"type":40,"name":41,"callback":42,"file":43,"line":44},"action","admin_enqueue_scripts","anonymous","includes\\class-easy-timeout-session.php",95,{"type":40,"name":46,"callback":42,"file":43,"line":47},"admin_menu",97,{"type":40,"name":49,"callback":42,"file":43,"line":50},"admin_init",98,{"type":52,"name":53,"callback":42,"file":43,"line":13},"filter","auth_cookie_expiration",[],[],[],[],{"dangerousFunctions":59,"sqlUsage":60,"outputEscaping":62,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":68},[],{"prepared":24,"raw":24,"locations":61},[],{"escaped":63,"rawEcho":63,"locations":64},1,[65],{"file":66,"line":47,"context":67},"admin\\partials\\easy-timeout-session.php","raw output",[],[],{"summary":71,"deductions":72},"The \"easy-timeout-session\" v1.1 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code analysis reveals a lack of dangerous functions, all SQL queries utilizing prepared statements, and no file operations or external HTTP requests, all of which are excellent security practices.  The vulnerability history shows no known CVEs, indicating a generally well-maintained and secure plugin over time.\n\nHowever, there are minor concerns. The plugin has only two output operations, and 50% of them are not properly escaped. While the impact is likely low due to the limited output and lack of other vulnerabilities, unescaped output can still lead to cross-site scripting (XSS) vulnerabilities in certain contexts. Additionally, the complete absence of nonce checks and capability checks across all entry points (although there are zero entry points) is a notable observation. In a plugin with a larger attack surface, this would be a significant concern. For this specific plugin, the lack of entry points mitigates this risk substantially, but it's a practice to be aware of for future development.\n\nIn conclusion, \"easy-timeout-session\" v1.1 appears to be a highly secure plugin, primarily due to its very limited attack surface and positive coding practices. The only notable weakness is the partial lack of output escaping. The clean vulnerability history further reinforces its secure standing. While the absence of capability\u002Fnonce checks is a theoretical weakness, its practical impact is negligible given the current plugin structure.",[73],{"reason":74,"points":75},"Partial unescaped output found",4,"2026-03-16T20:28:20.847Z",{"wat":78,"direct":85},{"assetPaths":79,"generatorPatterns":81,"scriptPaths":82,"versionParams":83},[80],"\u002Fwp-content\u002Fplugins\u002Feasy-timeout-session\u002Fadmin\u002Fcss\u002Fbootstrap.min.css",[],[],[84],"easy-timeout-session\u002Fadmin\u002Fcss\u002Fbootstrap.min.css?ver=",{"cssClasses":86,"htmlComments":87,"htmlAttributes":88,"restEndpoints":89,"jsGlobals":90,"shortcodeOutput":91},[],[],[],[],[],[]]