[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fv2NWmogGlwBNJavfk5kOhQ0NYBXOto-bney3jyATCmw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":54,"analysis":55,"fingerprints":192},"emarksheet","Online Marksheet Creator : eMarksheet","5.5.1","Aarvansh Infotech","https:\u002F\u002Fprofiles.wordpress.org\u002Frohitashv\u002F","\u003Cp>This is a simple and unique wordpress plugin to create a simple marksheet using wordpress. You can also give a link to your users to see the result and print it.\u003C\u002Fp>\n\u003Cp>In this you have to follow just simple steps :\u003C\u002Fp>\n\u003Cp>a) Add class\u003C\u002Fp>\n\u003Cp>b) Add Subject\u003C\u002Fp>\n\u003Cp>c) Enroll Student\u003C\u002Fp>\n\u003Cp>d) Add marks\u003C\u002Fp>\n\u003Cp>e) Print Marksheet\u003C\u002Fp>\n\u003Cp>These are the basic features.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Premium Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>1) Allows students to search result by roll no and DOB\u003C\u002Fp>\n\u003Cp>2) Students Details Update\u003C\u002Fp>\n\u003Cp>3) Update Institute Logo\u003C\u002Fp>\n\u003Cp>4) Update Students Marks\u003C\u002Fp>\n\u003Cp>5) Export results to excel\u003C\u002Fp>\n\u003Cp>6) Add Semester to class\u003C\u002Fp>\n\u003Cp>To See a Demo and purchase this\u003C\u002Fp>\n\u003Cp>Go to the site https:\u002F\u002Fmaes.mydailyquiz.in\u002Femarksheet\u002F\u003C\u002Fp>\n\u003Cp>For Support Go to Link :\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fmaes.mydailyquiz.in\u002Femarksheet\u002F\u003C\u002Fp>\n\u003Cp>or discuss more about it you can send a mail on aarvanshinfotech@gmail.com\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>This is a simple and unique wordpress plugin to create a simple marksheet using wordpress. You can also give a link to your users to see the result and print it.\u003C\u002Fp>\n","This is a simple and unique wordpress plugin to create a simple marksheet using wordpress. You can also give a link to your users to see the result an …",10,80257,80,7,"2025-04-18T15:04:00.000Z","6.7.5","4.1","",[20,4,21,22],"create-marksheet-online","online-marksheet","online-marksheet-creator","https:\u002F\u002Fmaes.mydailyquiz.in\u002Femarksheet\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femarksheet.5.5.1.zip",99,1,0,"2025-01-16 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-23599","online-marksheet-creator-emarksheet-reflected-cross-site-scripting","Online Marksheet Creator : eMarksheet \u003C= 5.4.3 - Reflected Cross-Site Scripting","The Online Marksheet Creator : eMarksheet plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 5.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=5.4.3","5.4.4","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-04 12:58:41",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb7fcaf39-bf37-4229-89ff-8e6e819017dc?source=api-prod",79,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":46,"trust_score":52,"computed_at":53},"rohitashv",2,20,100,88,"2026-04-05T07:04:08.054Z",[],{"attackSurface":56,"codeSignals":68,"taintFlows":100,"riskAssessment":181,"analyzedAt":191},{"hooks":57,"ajaxHandlers":64,"restRoutes":65,"shortcodes":66,"cronEvents":67,"entryPointCount":27,"unprotectedCount":27},[58],{"type":59,"name":60,"callback":61,"file":62,"line":63},"action","admin_menu","emarksheet_menu","emarksheet.php",17,[],[],[],[],{"dangerousFunctions":69,"sqlUsage":79,"outputEscaping":90,"fileOperations":27,"externalRequests":27,"nonceChecks":49,"capabilityChecks":27,"bundledLibraries":93},[70,75],{"fn":71,"file":72,"line":73,"context":74},"unserialize","menu-pages\\emark_add_marks.php",28,"$select_marks = unserialize($selectd_rowm[0]->marks);",{"fn":71,"file":76,"line":77,"context":78},"menu-pages\\print.php",35,"$marks = unserialize($marks);",{"prepared":80,"raw":81,"locations":82},83,3,[83,86,88],{"file":72,"line":84,"context":85},63,"$wpdb->get_results() with variable interpolation",{"file":76,"line":87,"context":85},125,{"file":76,"line":89,"context":85},134,{"escaped":91,"rawEcho":27,"locations":92},213,[],[94,97],{"name":95,"version":36,"knownCves":96},"DataTables",[],{"name":98,"version":36,"knownCves":99},"jQuery",[],[101,139,149,166],{"entryPoint":102,"graph":103,"unsanitizedCount":27,"severity":138},"\u003Cemark_add_class> (menu-pages\\emark_add_class.php:0)",{"nodes":104,"edges":133},[105,111,116,120,125,128],{"id":106,"type":107,"label":108,"file":109,"line":110},"n0","source","$_POST (x2)","menu-pages\\emark_add_class.php",16,{"id":112,"type":113,"label":114,"file":109,"line":63,"wp_function":115},"n1","sink","query() [SQLi]","query",{"id":117,"type":107,"label":118,"file":109,"line":119},"n2","$_GET",42,{"id":121,"type":113,"label":122,"file":109,"line":123,"wp_function":124},"n3","get_results() [SQLi]",43,"get_results",{"id":126,"type":107,"label":127,"file":109,"line":119},"n4","$_GET (x2)",{"id":129,"type":113,"label":130,"file":109,"line":131,"wp_function":132},"n5","echo() [XSS]",48,"echo",[134,136,137],{"from":106,"to":112,"sanitized":135},true,{"from":117,"to":121,"sanitized":135},{"from":126,"to":129,"sanitized":135},"low",{"entryPoint":140,"graph":141,"unsanitizedCount":27,"severity":138},"\u003Cemark_add_marks> (menu-pages\\emark_add_marks.php:0)",{"nodes":142,"edges":147},[143,145],{"id":106,"type":107,"label":118,"file":72,"line":144},6,{"id":112,"type":113,"label":130,"file":72,"line":146,"wp_function":132},19,[148],{"from":106,"to":112,"sanitized":135},{"entryPoint":150,"graph":151,"unsanitizedCount":27,"severity":138},"\u003Cemark_add_student_list> (menu-pages\\emark_add_student_list.php:0)",{"nodes":152,"edges":163},[153,156,158,161],{"id":106,"type":107,"label":118,"file":154,"line":155},"menu-pages\\emark_add_student_list.php",39,{"id":112,"type":113,"label":130,"file":154,"line":157,"wp_function":132},54,{"id":117,"type":107,"label":159,"file":154,"line":160},"$_POST",21,{"id":121,"type":113,"label":130,"file":154,"line":162,"wp_function":132},131,[164,165],{"from":106,"to":112,"sanitized":135},{"from":117,"to":121,"sanitized":135},{"entryPoint":167,"graph":168,"unsanitizedCount":27,"severity":138},"\u003Cemark_add_sub> (menu-pages\\emark_add_sub.php:0)",{"nodes":169,"edges":178},[170,173,175,176],{"id":106,"type":107,"label":118,"file":171,"line":172},"menu-pages\\emark_add_sub.php",41,{"id":112,"type":113,"label":130,"file":171,"line":174,"wp_function":132},52,{"id":117,"type":107,"label":159,"file":171,"line":11},{"id":121,"type":113,"label":130,"file":171,"line":177,"wp_function":132},68,[179,180],{"from":106,"to":112,"sanitized":135},{"from":117,"to":121,"sanitized":135},{"summary":182,"deductions":183},"The 'emarksheet' plugin v5.5.1 demonstrates several positive security practices, including comprehensive output escaping and a high rate of prepared statements for SQL queries. The static analysis reveals no obvious entry points like AJAX handlers, REST API routes, or shortcodes that are unprotected, which significantly reduces the external attack surface. Furthermore, the taint analysis found no unsanitized flows, indicating a good effort to prevent data corruption or manipulation issues from user input.",[184,186,188],{"reason":185,"points":11},"Dangerous function: unserialize usage detected",{"reason":187,"points":11},"Past medium vulnerability: XSS",{"reason":189,"points":190},"No capability checks on entry points",15,"2026-03-16T23:57:10.300Z",{"wat":193,"direct":201},{"assetPaths":194,"generatorPatterns":198,"scriptPaths":199,"versionParams":200},[195,196,197],"\u002Fwp-content\u002Fplugins\u002Femarksheet\u002Fbootstrap\u002Fcss\u002Fbootstrap.css","\u002Fwp-content\u002Fplugins\u002Femarksheet\u002Fbootstrap\u002Fcss\u002Fdatatables.min.css","\u002Fwp-content\u002Fplugins\u002Femarksheet\u002Fbootstrap\u002Fjs\u002Fdatatables.min.js",[],[],[],{"cssClasses":202,"htmlComments":203,"htmlAttributes":204,"restEndpoints":205,"jsGlobals":206,"shortcodeOutput":207},[],[],[],[],[],[]]