[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNPKpxPXeq-njI_tDouJUhKX3JxvqW-Dnpez1KUp1F3Q":3,"$f2LoIvV-E6yD6MwlpjFz-ma1knKq1Cz5Lnkg1WSdsDWE":395,"$f33eLowA28H5JVgJlnNg0BDsp_Q2OIGUT7nT6lpAADYs":399},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":39,"analysis":152,"fingerprints":369},"encode-decode-tool","Encode Decode Tool","1.0.6","WeblineIndia","https:\u002F\u002Fprofiles.wordpress.org\u002Fweblineindia\u002F","\u003Cp>An Online Encode Decode Tool to convert content into ASCII character-set.\u003C\u002Fp>\n\u003Cp>Our tool uses in-built JavaScript function for encoding.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Admin can enable\u002Fdisable the plugin functionality.\u003C\u002Fli>\n\u003Cli>Admin can easily set button label text, button text and background colors.\u003C\u002Fli>\n\u003Cli>Can be used as a widget.\u003C\u002Fli>\n\u003Cli>Shortcode is also available to use the plugin anywhere in posts and pages.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>This plugin is an Open Source Software and we would be happy to have people contribute to our plugin. Please contact us here to talk to our \u003Ca href=\"https:\u002F\u002Fwww.weblineindia.com\u002Fcontact-us.html\" rel=\"nofollow ugc\">software development team\u003C\u002Fa>, if you would like to contribute to this plugin and help make it better.\u003C\u002Fp>\n\u003Cp>If you like this plugin then please rate our plugin to help us spread the word.\u003C\u002Fp>\n","A Free tool to Encode or Decode your content into ASCII character-set.",10,2867,0,"2024-12-10T12:25:00.000Z","6.7.5","3.5","",[19,20,21,22,23],"ascii-character","decode","encode","url-decoder","url-encoder","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fencode-decode-tool","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencode-decode-tool.1.0.6.zip",92,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"weblineindia",14,5100,91,54,82,"2026-05-20T05:16:24.769Z",[40,66,88,109,130],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":61,"download_link":62,"security_score":63,"vuln_count":64,"unpatched_count":13,"last_vuln_date":65,"fetched_at":28},"email-encoder-bundle","Email Encoder – Protect Email Addresses and Phone Numbers","2.4.6","Online Optimisation","https:\u002F\u002Fprofiles.wordpress.org\u002Fonlineoptimisation\u002F","\u003Cp>Full site protection for your email addresses from spam-bots, email harvesters and other robots. No configuration needed.\u003Cbr \u002F>\nIt also protects phone numbers or any other text using our integrated \u003Ccode>[eeb_protect_content]\u003C\u002Fcode> shortcode or href attribute encoding.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Full page protection for all of your emails\u003C\u002Fli>\n\u003Cli>Instant results (No confiruation needed)\u003C\u002Fli>\n\u003Cli>Protects mailto links, plain emails, email input fields, RSS feeds and much more\u003C\u002Fli>\n\u003Cli>Protect phone number links, ftp, skype, file and other custom link attributes\u003C\u002Fli>\n\u003Cli>Autmoatic protection technique detection (Our plugin chooses automatically the best protection technique for each email)\u003C\u002Fli>\n\u003Cli>Exclude posts and pages from protection\u003C\u002Fli>\n\u003Cli>Automatically convert plain emails to mailto-links\u003C\u002Fli>\n\u003Cli>Automatically convert plain emails to png images\u003C\u002Fli>\n\u003Cli>Supports rot13 encoing, escape encoding, CSS directions, entity encoding and much more\u003C\u002Fli>\n\u003Cli>Deactivate CSS directions manually for browser backwards compatibility\u003C\u002Fli>\n\u003Cli>Shortcode support: \u003Ccode>[eeb_protect_emails]\u003C\u002Fcode>, \u003Ccode>[eeb_protect_content]\u003C\u002Fcode>, \u003Ccode>[eeb_mailto]\u003C\u002Fcode>, \u003Ccode>[eeb_form]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Template tag support: \u003Ccode>eeb_protect_emails()\u003C\u002Fcode>, \u003Ccode>eeb_protect_content()\u003C\u002Fcode>, \u003Ccode>eeb_mailto()\u003C\u002Fcode>, \u003Ccode>eeb_form()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Protect phone numbers (or any text or html)\u003C\u002Fli>\n\u003Cli>Also supports special chars, like Ã©, Ã¢, Ã¶, Chinese characters etcetera\u003C\u002Fli>\n\u003Cli>Use the Encoder Form to manually create encoded scripts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compatibilities\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The plugin works with mostly any theme and plugin. Some special ones need special treatment. Down below you can learn more about that.\u003C\u002Fli>\n\u003Cli>Compatible with the Maintenance plugin from WP Maintenance\u003C\u002Fli>\n\u003Cli>Divi Theme is fully integrated as well\u003C\u002Fli>\n\u003Cli>Jetpack Image carousel is compatible as well\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Website Check\u003C\u002Fh4>\n\u003Cp>We offer you a free tool to test if your website contains unprotected emails. You can use our website checker by \u003Ca href=\"https:\u002F\u002Fwpemailencoder.com\u002Femail-protection-checker\u002F\" rel=\"nofollow ugc\">clicking here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Easy to use\u003C\u002Fh4>\n\u003Cp>After activating the plugin all email addresses on your website will be protected out-of-the-box.\u003Cbr \u002F>\nWe also offer custom shortcodes and template functions to protect phone numbers or other text.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Documentation – After plugin activation, check the help tab on the plugin options page\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpemailencoder.com\u002F\" rel=\"nofollow ugc\">Documentation on wpemailencoder.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Femail-encoder-bundle\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Like this plugin?\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Femail-encoder-bundle\" rel=\"ugc\">Please Review it\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblueberryware.net\" rel=\"nofollow ugc\">Adam Hunter\u003C\u002Fa> for the encode method ‘JavaScript Escape’ which is taken from his plugin \u003Ca href=\"http:\u002F\u002Fblueberryware.net\u002F2008\u002F09\u002F14\u002Femail-spam-protection\u002F\" rel=\"nofollow ugc\">Email Spam Protection\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Frumkin.com\" rel=\"nofollow ugc\">Tyler Akins\u003C\u002Fa> for the encode method ‘JavaScript ASCII Mixer’\u003C\u002Fli>\n\u003Cli>Title icon on Admin Options Page was made by \u003Ca href=\"http:\u002F\u002Fwww.doublejdesign.co.uk\u002F\" rel=\"nofollow ugc\">Jack Cai\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect email addresses and phone numbers on your site and hide them from spambots. Easy to use & flexible.",90000,1852012,98,89,"2026-04-10T02:13:00.000Z","6.9.4","4.7","7.4",[57,21,58,59,60],"anti-spam","encrypt","hide","protect","https:\u002F\u002Fwpemailencoder.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-encoder-bundle.2.4.6.zip",95,9,"2026-04-21 00:00:00",{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":76,"num_ratings":77,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":17,"tags":81,"homepage":86,"download_link":87,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"motors-vin-decoder","Motors VIN Decoder","1.1.3","Stylemix","https:\u002F\u002Fprofiles.wordpress.org\u002Fstylemix\u002F","\u003Cp>Motors VIN Decoder & Vehicle History Check is free plugin to decode your vehicle VIN. Free version is based on USA National Highway Traffic Safety Administration (NHTSA) database. Decode a Vehicle Identification Number (VIN), obtain manufacturer data describing the vehicle basic information maintained by the USA government.\u003C\u002Fp>\n\u003Cp>This version of the plugin uses NHTSA service to decode VIN numbers and provide vehicle information to a user. The service is free, and no extra setup needed. NHTSA — National Highway Traffic Safety Administration of US Department of Transportation provides FREE API Service for Car Specifications. Please note, NHTSA does not provide VIN History Data.\u003C\u002Fp>\n\u003Cp>⭐ \u003Ca href=\"https:\u002F\u002Fstylemixthemes.com\u002Fvin-decoder-plugin\u002F?utm_source=wporg-vin&utm_medium=en&utm_campaign=2021\" rel=\"nofollow ugc\">Motors VIN Decoder Pro\u003C\u002Fa>\u003Cbr \u002F>\n⭐ \u003Ca href=\"https:\u002F\u002Fvin-decoder.stylemixthemes.com\u002F\" rel=\"nofollow ugc\">VIN Decoder  Demo\u003C\u002Fa>\u003Cbr \u002F>\n⭐ \u003Ca href=\"https:\u002F\u002Fthemeforest.net\u002Fitem\u002Fmotors-automotive-cars-vehicle-boat-dealership-classifieds-wordpress-theme\u002F13987211\" rel=\"nofollow ugc\">Motors Premium Car Dealership & Classifieds Theme\u003C\u002Fa>\u003Cbr \u002F>\n⭐ \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fmotorstheme\u002F\" rel=\"nofollow ugc\">Join Motors Facebook Community\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>VIN Decoder Pro Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fstylemixthemes.com\u002Fvin-decoder-plugin\u002F?utm_source=wporg-vin&utm_medium=en&utm_campaign=2021\" rel=\"nofollow ugc\">Pro version\u003C\u002Fa>\u003C\u002Fstrong> of Motos VIN Decoder plugin supports more vehicle data providers and features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Decode VIN Number and vehicle trim\u003C\u002Fli>\n\u003Cli>Check Vehicle history (mileage\u002Fodometer, service records, road accidents and other issues)*\u003C\u002Fli>\n\u003Cli>Track Mileage\u002Fodometer*\u003C\u002Fli>\n\u003Cli>Service Records*\u003C\u002Fli>\n\u003Cli>Damage Check*\u003C\u002Fli>\n\u003Cli>Theft Check*\u003C\u002Fli>\n\u003Cli>Last Sale Price*\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features marked with asterisk (*) is subject for third party services that may be paid and available only in Pro version of the plugin.\u003C\u002Fp>\n\u003Ch3>Vhicle Data Providers Compatible with Motors VIN Decoder Pro\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>[VIN Audit](http:\u002F\u002Fwww.vinaudit.com\u002F\u003C\u002Fstrong>\u003Cbr \u002F>\nVIN Audit allows you to get reports, with enhanced coverage of critical issues, without much cost. This includes problem and damage checks, active theft checks, past sale listings, and open line checks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>MarketCheck\u003C\u002Fstrong>\u003Cbr \u002F>\nSimply sign up for an API key and start getting data right away. MarketCheck has 300 VIN requests per month. Get the records of the year, make, model and every change occurred. The service includes new, used, certified, lease car types.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Vincario\u003C\u002Fstrong>\u003Cbr \u002F>\nVindecoder.eu can decode make, model, model year, body, trim, engine, transmission and other car parts in Europe, US as well as on other markets.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Israel Vehicles Database\u003C\u002Fstrong>\u003Cbr \u002F>\nIsrael Ministry of Transport and Road Safety Vehicles Database – Free database to Decode a Vehicle Identification Number (VIN) registered in the State of Israel. Obtain a vehicle history records maintained by the government of Israel.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>USA National Highway Traffic Safety Administration (NHTSA)\u003C\u002Fstrong>\u003Cbr \u002F>\nCompletely FREE tool to Decode a Vehicle Identification Number (VIN). Obtain manufacturer data describing the vehicle basic information and history maintained by the USA government.\u003C\u002Fp>\n\u003Ch3>More Awesome Free Plugins by Stylemix\u003C\u002Fh3>\n\u003Cp>⭐ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmasterstudy-lms-learning-management-system\u002F\" rel=\"ugc\">MasterStudy – All-in-One WordPress LMS Plugin\u003C\u002Fa>\u003Cbr \u002F>\n⭐ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcost-calculator-builder\u002F\" rel=\"ugc\">Cost Calculator & Price Estimation Plugin\u003C\u002Fa>\u003Cbr \u002F>\n⭐ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmotors-car-dealership-classified-listings\u002F\" rel=\"ugc\">Motors – Car Dealership & Classified Listings Plugin\u003C\u002Fa>\u003Cbr \u002F>\n⭐ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feroom-zoom-meetings-webinar\u002F\" rel=\"ugc\">Zoom Meetings and Webinars Plugin — eRoom\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>Insert the \u003Cstrong>[stm_motors_vin_decoders]\u003C\u002Fstrong> short code to page\u002Fpost to display Motors Vin Decoder Input Field\u003C\u002Fp>\n","Motors VIN Decoder & Vehicle History Check is free plugin to decode your vehicle VIN. Free version is based on USA National Highway Traffic Safety &hellip;",500,13903,40,5,"2025-04-15T12:41:00.000Z","6.4.8","4.6",[82,83,84,85],"automotive","car-dealership","vin-decoder","vin-history-check","https:\u002F\u002Fstylemixthemes.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmotors-vin-decoder.1.1.3.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":13,"num_ratings":13,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":17,"tags":101,"homepage":106,"download_link":107,"security_score":108,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"dbd-mailto-encoder","DBD Mailto Encoder","1.1","dubhunter","https:\u002F\u002Fprofiles.wordpress.org\u002Fdubhunter\u002F","\u003Cp>Spam is one of the most frustrating things about the internet.\u003Cbr \u002F>\nAnd, even more frustrating is how spiders scrape blogs and other sites for email addresses to spam.\u003Cbr \u002F>\nWouldn’t it be nice if you could put mailto links just how you were taught, without fear of spiders?\u003Cbr \u002F>\nWell now you can! With this plugin, all mailto links will be filtered on display and converted to their unicode counterparts.\u003C\u002Fp>\n","Spam is one of the most frustrating things about the internet.",100,6661,"2010-05-03T17:37:00.000Z","2.9.2","2.0",[102,21,103,104,105],"email","mailto","spam","spider","http:\u002F\u002Fwww.dontblinkdesign.com\u002Fwordpress-dbd-mailto-encoder","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdbd-mailto-encoder.1.1.zip",85,{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":96,"num_ratings":119,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":17,"tags":123,"homepage":128,"download_link":129,"security_score":108,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"jt-internet-explorer-url","JT Internet explorer URL","1.0","studio-jt","https:\u002F\u002Fprofiles.wordpress.org\u002Fstudiojt\u002F","\u003Cp>The plugin allow you display human readable URL on IE (Internet Explorer), the problem occur on permalinks write in a non English alphabet.\u003C\u002Fp>\n","Display User Friendly URL on Internet Explorer (for non English Alphabet).",90,2351,2,"2016-08-29T02:03:00.000Z","3.4.2","2.5.0",[124,125,126,127],"decode-url","ie","internet-explorer","url","http:\u002F\u002Fstudio-jt.co.kr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjt-internet-explorer-url.1.0.zip",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":138,"downloaded":139,"rating":140,"num_ratings":141,"last_updated":142,"tested_up_to":143,"requires_at_least":144,"requires_php":17,"tags":145,"homepage":150,"download_link":151,"security_score":108,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"base64-images","Base64 Images","1.1.5","macprawn","https:\u002F\u002Fprofiles.wordpress.org\u002Fmacprawn\u002F","\u003Cp>\u003Cstrong>NOTE\u003C\u002Fstrong>\u003Cbr \u002F>\n    I am moving away from WordPress development, focusing more on web app development, which means maintaining this plugin no longer makes sense for me.\u003Cbr \u002F>\n    It will no longer receive updates, unless someone wants to take over the code base? If you are interested, please reach out to me.\u003Cbr \u002F>\n    Thank you all for your interest and support!\u003C\u002Fp>\n\u003Cp>Base64 Images is a simple plugin to encode your media images on your site. Base64 encoding of images can have some \u003Ca href=\"https:\u002F\u002Fvarvy.com\u002Fpagespeed\u002Fbase64-images.html\" rel=\"nofollow ugc\">SEO benefits\u003C\u002Fa> for your site.\u003C\u002Fp>\n\u003Cp>The plugin is as unobtrusive as possible: activate it, and media images are encoded. Deactivate it, and they are not. No settings, no gunk left in your database. * It hooks into WordPress approved hooks and filters to do its job.\u003C\u002Fp>\n\u003Cp>(* There is some caching used for speed benefits, but the cached data will be totally removed when you uninstall the plugin completely.)\u003C\u002Fp>\n","Automatically base64 encodes media images on your site.",60,5513,86,3,"2020-11-28T14:57:00.000Z","5.5.18","4.0.0",[146,147,148,149],"base64","encoder","image","images","https:\u002F\u002Fbitbucket.org\u002FMacPrawn\u002Fbase64images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbase64-images.1.1.5.zip",{"attackSurface":153,"codeSignals":209,"taintFlows":233,"riskAssessment":359,"analyzedAt":368},{"hooks":154,"ajaxHandlers":193,"restRoutes":201,"shortcodes":202,"cronEvents":208,"entryPointCount":141,"unprotectedCount":119},[155,161,165,170,174,178,183,188],{"type":156,"name":157,"callback":158,"file":159,"line":160},"action","wp_head","ende_hook_js","admin\u002Fclass-encode-decode-tool-admin.php",8,{"type":156,"name":162,"callback":163,"file":159,"line":164},"admin_menu","ende_plugin_menu",11,{"type":166,"name":167,"callback":168,"file":159,"line":169},"filter","plugin_action_links_encode-decode-tool\u002Fencode-decode-tool.php","ende_add_action_links",19,{"type":156,"name":171,"callback":172,"file":159,"line":173},"admin_head","ende_admin_global_js_vars",22,{"type":156,"name":175,"callback":176,"file":159,"line":177},"admin_enqueue_scripts","ende_admin_enqueue_CSS_JS",25,{"type":166,"name":179,"callback":180,"priority":181,"file":159,"line":182},"admin_footer_text","ende_admin_footer",1,28,{"type":156,"name":184,"callback":185,"file":186,"line":187},"widgets_init","ende_register_en_de_widget","admin\u002Fclass-encode-decode-tool-widget.php",175,{"type":166,"name":189,"callback":190,"file":191,"line":192},"pre_set_site_transient_update_plugins","update_encode_decode_tool","encode-decode-tool.php",51,[194,199],{"action":195,"nopriv":196,"callback":197,"hasNonce":198,"hasCapCheck":198,"file":159,"line":33},"wli_en_de_tool",true,"ende_tool_callback",false,{"action":195,"nopriv":198,"callback":197,"hasNonce":198,"hasCapCheck":198,"file":159,"line":200},16,[],[203],{"tag":204,"callback":205,"file":206,"line":207},"encode_decode_tool","wli_get_en_de_widget","public\u002Fencode-decode-tool-public.php",37,[],{"dangerousFunctions":210,"sqlUsage":211,"outputEscaping":213,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":181,"bundledLibraries":232},[],{"prepared":13,"raw":13,"locations":212},[],{"escaped":214,"rawEcho":64,"locations":215},62,[216,219,221,222,223,225,227,229,231],{"file":159,"line":217,"context":218},115,"raw output",{"file":159,"line":220,"context":218},366,{"file":186,"line":173,"context":218},{"file":186,"line":177,"context":218},{"file":186,"line":224,"context":218},27,{"file":186,"line":226,"context":218},139,{"file":186,"line":228,"context":218},152,{"file":186,"line":230,"context":218},153,{"file":186,"line":230,"context":218},[],[234,321],{"entryPoint":235,"graph":236,"unsanitizedCount":164,"severity":320},"ende_tool_callback (admin\u002Fclass-encode-decode-tool-admin.php:388)",{"nodes":237,"edges":308},[238,243,248,252,254,258,260,264,266,270,272,276,278,282,284,288,290,294,296,300,302,306],{"id":239,"type":240,"label":241,"file":159,"line":242},"n0","source","$_POST['WLI_plugin_status']",393,{"id":244,"type":245,"label":246,"file":159,"line":242,"wp_function":247},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":249,"type":240,"label":250,"file":159,"line":251},"n2","$_POST['wli_encode_btn_txt']",396,{"id":253,"type":245,"label":246,"file":159,"line":251,"wp_function":247},"n3",{"id":255,"type":240,"label":256,"file":159,"line":257},"n4","$_POST['wli_encode_btn_txt_color']",399,{"id":259,"type":245,"label":246,"file":159,"line":257,"wp_function":247},"n5",{"id":261,"type":240,"label":262,"file":159,"line":263},"n6","$_POST['wli_encode_btn_bg_color']",402,{"id":265,"type":245,"label":246,"file":159,"line":263,"wp_function":247},"n7",{"id":267,"type":240,"label":268,"file":159,"line":269},"n8","$_POST['wli_decode_btn_txt']",405,{"id":271,"type":245,"label":246,"file":159,"line":269,"wp_function":247},"n9",{"id":273,"type":240,"label":274,"file":159,"line":275},"n10","$_POST['wli_decode_btn_txt_color']",408,{"id":277,"type":245,"label":246,"file":159,"line":275,"wp_function":247},"n11",{"id":279,"type":240,"label":280,"file":159,"line":281},"n12","$_POST['wli_decode_btn_bg_color']",411,{"id":283,"type":245,"label":246,"file":159,"line":281,"wp_function":247},"n13",{"id":285,"type":240,"label":286,"file":159,"line":287},"n14","$_POST['wli_ende_select_btn_txt']",414,{"id":289,"type":245,"label":246,"file":159,"line":287,"wp_function":247},"n15",{"id":291,"type":240,"label":292,"file":159,"line":293},"n16","$_POST['wli_ende_select_txt_color']",417,{"id":295,"type":245,"label":246,"file":159,"line":293,"wp_function":247},"n17",{"id":297,"type":240,"label":298,"file":159,"line":299},"n18","$_POST['wli_ende_select_bg_color']",420,{"id":301,"type":245,"label":246,"file":159,"line":299,"wp_function":247},"n19",{"id":303,"type":240,"label":304,"file":159,"line":305},"n20","$_POST['wli_ende_short_title_txt']",423,{"id":307,"type":245,"label":246,"file":159,"line":305,"wp_function":247},"n21",[309,310,311,312,313,314,315,316,317,318,319],{"from":239,"to":244,"sanitized":198},{"from":249,"to":253,"sanitized":198},{"from":255,"to":259,"sanitized":198},{"from":261,"to":265,"sanitized":198},{"from":267,"to":271,"sanitized":198},{"from":273,"to":277,"sanitized":198},{"from":279,"to":283,"sanitized":198},{"from":285,"to":289,"sanitized":198},{"from":291,"to":295,"sanitized":198},{"from":297,"to":301,"sanitized":198},{"from":303,"to":307,"sanitized":198},"low",{"entryPoint":322,"graph":323,"unsanitizedCount":13,"severity":320},"\u003Cclass-encode-decode-tool-admin> (admin\u002Fclass-encode-decode-tool-admin.php:0)",{"nodes":324,"edges":347},[325,326,327,328,329,330,331,332,333,334,335,336,337,338,339,340,341,342,343,344,345,346],{"id":239,"type":240,"label":241,"file":159,"line":242},{"id":244,"type":245,"label":246,"file":159,"line":242,"wp_function":247},{"id":249,"type":240,"label":250,"file":159,"line":251},{"id":253,"type":245,"label":246,"file":159,"line":251,"wp_function":247},{"id":255,"type":240,"label":256,"file":159,"line":257},{"id":259,"type":245,"label":246,"file":159,"line":257,"wp_function":247},{"id":261,"type":240,"label":262,"file":159,"line":263},{"id":265,"type":245,"label":246,"file":159,"line":263,"wp_function":247},{"id":267,"type":240,"label":268,"file":159,"line":269},{"id":271,"type":245,"label":246,"file":159,"line":269,"wp_function":247},{"id":273,"type":240,"label":274,"file":159,"line":275},{"id":277,"type":245,"label":246,"file":159,"line":275,"wp_function":247},{"id":279,"type":240,"label":280,"file":159,"line":281},{"id":283,"type":245,"label":246,"file":159,"line":281,"wp_function":247},{"id":285,"type":240,"label":286,"file":159,"line":287},{"id":289,"type":245,"label":246,"file":159,"line":287,"wp_function":247},{"id":291,"type":240,"label":292,"file":159,"line":293},{"id":295,"type":245,"label":246,"file":159,"line":293,"wp_function":247},{"id":297,"type":240,"label":298,"file":159,"line":299},{"id":301,"type":245,"label":246,"file":159,"line":299,"wp_function":247},{"id":303,"type":240,"label":304,"file":159,"line":305},{"id":307,"type":245,"label":246,"file":159,"line":305,"wp_function":247},[348,349,350,351,352,353,354,355,356,357,358],{"from":239,"to":244,"sanitized":196},{"from":249,"to":253,"sanitized":196},{"from":255,"to":259,"sanitized":196},{"from":261,"to":265,"sanitized":196},{"from":267,"to":271,"sanitized":196},{"from":273,"to":277,"sanitized":196},{"from":279,"to":283,"sanitized":196},{"from":285,"to":289,"sanitized":196},{"from":291,"to":295,"sanitized":196},{"from":297,"to":301,"sanitized":196},{"from":303,"to":307,"sanitized":196},{"summary":360,"deductions":361},"The encode-decode-tool plugin v1.0.6 presents a mixed security posture. On the positive side, it demonstrates good practices by not containing dangerous functions, avoiding file operations, and using prepared statements exclusively for SQL queries.  The majority of its output is also properly escaped, and it has no recorded vulnerability history, suggesting a generally stable codebase. However, significant concerns arise from its attack surface. The plugin exposes two AJAX handlers, both of which lack authentication checks. This is a critical oversight, as it allows any user, including unauthenticated ones, to trigger these functions, potentially leading to unauthorized actions or information disclosure.\n\nThe taint analysis indicates one flow with an unsanitized path, which, while not rated as critical or high severity, still represents a potential risk if it interacts with sensitive data or operations. The absence of nonce checks on the unprotected AJAX handlers exacerbates this risk. While the plugin has a single capability check, it's not applied to all entry points, leaving the unprotected AJAX handlers vulnerable. The lack of known CVEs is a positive indicator of past security diligence, but the current analysis highlights immediate risks that need to be addressed for a more secure implementation.",[362,364,366],{"reason":363,"points":11},"Unprotected AJAX handlers",{"reason":365,"points":77},"Flow with unsanitized path",{"reason":367,"points":11},"Missing nonce checks on AJAX","2026-04-16T12:13:32.887Z",{"wat":370,"direct":379},{"assetPaths":371,"generatorPatterns":376,"scriptPaths":377,"versionParams":378},[372,373,374,375],"\u002Fwp-content\u002Fplugins\u002Fencode-decode-tool\u002Fassets\u002Fadmin\u002Fed-tool-admin-notices.css","\u002Fwp-content\u002Fplugins\u002Fencode-decode-tool\u002Fassets\u002Fjs\u002Finstall_plugin_edt.js","\u002Fwp-content\u002Fplugins\u002Fencode-decode-tool\u002Fassets\u002Fjs\u002Fwli_en_de.js","\u002Fwp-content\u002Fplugins\u002Fencode-decode-tool\u002Fassets\u002Fcss\u002Fstyle.css",[],[373,374],[],{"cssClasses":380,"htmlComments":387,"htmlAttributes":388,"restEndpoints":391,"jsGlobals":392,"shortcodeOutput":394},[381,382,383,384,385,386],"ed-tool-plugin-cta","ed-tool-heading","custom-bullet","wrap-ed-tool","inner-ed-tool","left-box-ed-tool",[],[389,390],"id=\"xml-plugin-banner\"","id=\"open-install-edt\"",[],[393],"admin_ajax_params",[],{"error":196,"url":396,"statusCode":397,"statusMessage":398,"message":398},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fencode-decode-tool\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":400,"versions":401},7,[402,407,414,421,428,435,442],{"version":6,"download_url":25,"svn_tag_url":403,"released_at":27,"has_diff":198,"diff_files_changed":404,"diff_lines":27,"trac_diff_url":405,"vulnerabilities":406,"is_current":196},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fencode-decode-tool\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fencode-decode-tool%2Ftags%2F1.0.5&new_path=%2Fencode-decode-tool%2Ftags%2F1.0.6",[],{"version":408,"download_url":409,"svn_tag_url":410,"released_at":27,"has_diff":198,"diff_files_changed":411,"diff_lines":27,"trac_diff_url":412,"vulnerabilities":413,"is_current":198},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencode-decode-tool.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fencode-decode-tool\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fencode-decode-tool%2Ftags%2F1.0.4&new_path=%2Fencode-decode-tool%2Ftags%2F1.0.5",[],{"version":415,"download_url":416,"svn_tag_url":417,"released_at":27,"has_diff":198,"diff_files_changed":418,"diff_lines":27,"trac_diff_url":419,"vulnerabilities":420,"is_current":198},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencode-decode-tool.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fencode-decode-tool\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fencode-decode-tool%2Ftags%2F1.0.3&new_path=%2Fencode-decode-tool%2Ftags%2F1.0.4",[],{"version":422,"download_url":423,"svn_tag_url":424,"released_at":27,"has_diff":198,"diff_files_changed":425,"diff_lines":27,"trac_diff_url":426,"vulnerabilities":427,"is_current":198},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencode-decode-tool.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fencode-decode-tool\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fencode-decode-tool%2Ftags%2F1.0.2&new_path=%2Fencode-decode-tool%2Ftags%2F1.0.3",[],{"version":429,"download_url":430,"svn_tag_url":431,"released_at":27,"has_diff":198,"diff_files_changed":432,"diff_lines":27,"trac_diff_url":433,"vulnerabilities":434,"is_current":198},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencode-decode-tool.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fencode-decode-tool\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fencode-decode-tool%2Ftags%2F1.0.1&new_path=%2Fencode-decode-tool%2Ftags%2F1.0.2",[],{"version":436,"download_url":437,"svn_tag_url":438,"released_at":27,"has_diff":198,"diff_files_changed":439,"diff_lines":27,"trac_diff_url":440,"vulnerabilities":441,"is_current":198},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencode-decode-tool.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fencode-decode-tool\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fencode-decode-tool%2Ftags%2F1.0.0&new_path=%2Fencode-decode-tool%2Ftags%2F1.0.1",[],{"version":443,"download_url":444,"svn_tag_url":445,"released_at":27,"has_diff":198,"diff_files_changed":446,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":447,"is_current":198},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencode-decode-tool.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fencode-decode-tool\u002Ftags\u002F1.0.0\u002F",[],[]]