[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flRklfyXcpn2t12fD2jbYVPn41nk1y0JYtebhG2m7JME":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":30,"analysis":68,"fingerprints":112},"elimina-diacritice","Elimina Diacritice","1.1.0","perfectpixelro","https:\u002F\u002Fprofiles.wordpress.org\u002Fperfectpixelro\u002F","\u003Cp>Acest modul a fost dezvoltat din nevoia eliminarii diacriticelor din textele in limba romana din editorul de text wordpress.\u003C\u002Fp>\n\u003Cp>Dupa instalare, un buton va fi adaugat in editorul de text wordpress care odata apasat, curata automat textul de diacritice.\u003C\u002Fp>\n","Elimina fara efort semnele cu diacritice din textele in limba romana adaugate prin editorul de text wordpress.",30,1852,0,"2024-02-25T08:23:00.000Z","6.4.8","4.0","",[19,4,20],"diacritice","scoate-diacritice","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Felimina-diacritice.1.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":11,"trust_score":28,"computed_at":29},1,84,"2026-04-04T14:46:17.876Z",[31,50],{"slug":32,"name":33,"version":34,"author":35,"author_profile":36,"description":17,"short_description":37,"active_installs":38,"downloaded":39,"rating":38,"num_ratings":40,"last_updated":41,"tested_up_to":42,"requires_at_least":43,"requires_php":17,"tags":44,"homepage":48,"download_link":49,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"ro-slugs","Plugin Name: RO Slugs","2.1","vali petcu","https:\u002F\u002Fprofiles.wordpress.org\u002Fzosolino\u002F","Cleans up over 30 problematic characters from your slugs that the original wordpress does not clean:",100,4425,2,"2013-01-13T21:47:00.000Z","3.5.2","2.0",[19,45,32,46,47],"permalinks","seo-slugs","slugs","http:\u002F\u002Fwww.zoso.ro\u002Fro-slugs-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fro-slugs.zip",{"slug":51,"name":52,"version":53,"author":54,"author_profile":55,"description":56,"short_description":57,"active_installs":58,"downloaded":59,"rating":13,"num_ratings":13,"last_updated":60,"tested_up_to":61,"requires_at_least":43,"requires_php":17,"tags":62,"homepage":66,"download_link":67,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"virgula-to-sedila","Virgulă To Sedilă","0.1.1","radubilei","https:\u002F\u002Fprofiles.wordpress.org\u002Fradubilei\u002F","\u003Cp>Înlocuieşte diacriticele “corecte”, cu virgulă, cu cele “incorecte”, cu sedilă, dar care se afişează corespunzător şi în Windows XP.\u003C\u002Fp>\n\u003Cp>Inspirat de plugin-ul lui John Kilroy, XHTML to HTML – http:\u002F\u002Fwww.kilroyjames.co.uk\u002F2008\u002F07\u002Fxhtml-to-html-wordpress-plugin\u002F\u003C\u002Fp>\n","Înlocuieşte diacriticele \"corecte\", cu virgulă, cu cele \"incorecte\", cu sedilă, dar care se afişează corespunzător şi în Windows X &hellip;",10,1556,"2009-12-19T19:37:00.000Z","2.9.2",[19,63,64,65],"romana","sedila","virgula","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fvirgula-to-sedila\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvirgula-to-sedila.zip",{"attackSurface":69,"codeSignals":90,"taintFlows":100,"riskAssessment":101,"analyzedAt":111},{"hooks":70,"ajaxHandlers":86,"restRoutes":87,"shortcodes":88,"cronEvents":89,"entryPointCount":13,"unprotectedCount":13},[71,77,80,83],{"type":72,"name":73,"callback":74,"file":75,"line":76},"action","init","load_textdomain","elimina-diacritice.php",35,{"type":72,"name":78,"callback":78,"file":75,"line":79},"admin_enqueue_scripts",36,{"type":72,"name":81,"callback":78,"file":75,"line":82},"elementor\u002Feditor\u002Fbefore_enqueue_scripts",37,{"type":72,"name":84,"callback":84,"priority":38,"file":75,"line":85},"media_buttons",38,[],[],[],[],{"dangerousFunctions":91,"sqlUsage":92,"outputEscaping":94,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":99},[],{"prepared":13,"raw":13,"locations":93},[],{"escaped":13,"rawEcho":27,"locations":95},[96],{"file":75,"line":97,"context":98},55,"raw output",[],[],{"summary":102,"deductions":103},"The \"elimina-diacritice\" plugin version 1.1.0 exhibits a generally strong security posture based on the static analysis provided.  The absence of known CVEs and a clean vulnerability history are positive indicators.  The plugin also scores well on several good security practices, including zero dangerous functions, SQL queries exclusively using prepared statements, no file operations, and no external HTTP requests.  However, a significant concern arises from the fact that 100% of the identified output operations are not properly escaped. This could lead to cross-site scripting (XSS) vulnerabilities if the output is user-controllable and displayed without proper sanitization.\n\nWhile the attack surface is reported as zero entry points, this assessment seems to be based on the absence of explicitly defined AJAX handlers, REST API routes, shortcodes, and cron events.  The lack of nonce and capability checks across all identified entry points is a significant weakness. If any unexpected or implicit entry points exist, they would be entirely unprotected. The taint analysis showing zero flows is also positive, but this could be less meaningful if the plugin has a very limited scope and minimal interaction with external data. Overall, the plugin demonstrates good development hygiene in some areas but has critical gaps in output sanitization and authorization checks that require immediate attention.",[104,107,109],{"reason":105,"points":106},"Output escaping is not properly implemented",8,{"reason":108,"points":58},"No nonce checks on entry points",{"reason":110,"points":58},"No capability checks on entry points","2026-03-16T22:30:32.407Z",{"wat":113,"direct":120},{"assetPaths":114,"generatorPatterns":116,"scriptPaths":117,"versionParams":118},[115],"\u002Fwp-content\u002Fplugins\u002Felimina-diacritice\u002Fjs\u002Fadmin.js",[],[115],[119],"elimina-diacritice\u002Fjs\u002Fadmin.js?ver=1.1.0",{"cssClasses":121,"htmlComments":123,"htmlAttributes":124,"restEndpoints":125,"jsGlobals":126,"shortcodeOutput":128},[122],"wpedr_button",[],[],[],[127],"WPEDRData",[129],"\u003Ca href=\"#\" class=\"button\" id=\"wpedr_button\" aria-label=\"Elimina Diacritice\">Elimina Diacritice\u003C\u002Fa>"]