[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnlEXygaoXyuT0R4b-tJDzlio4VX5od3_MlZH5KWoks8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":131,"fingerprints":533},"envothemes-demo-import","EnvoThemes Demo Import","1.3.0","EnvoThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fenvothemes\u002F","\u003Cp>Import EnvoThemes official themes demo content, widgets and theme settings with just one click.\u003C\u002Fp>\n\u003Ch3>Supported Themes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fenvothemes.com\u002Ffree-envo-shopper\u002F\" rel=\"nofollow ugc\">Envo Shopper\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fenvothemes.com\u002Ffree-envo-marketplace\u002F\" rel=\"nofollow ugc\">Envo Marketplace\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fenvothemes.com\u002Ffree-envo-online-store\u002F\" rel=\"nofollow ugc\">Envo Online Store\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fenvo-shop\u002F\" rel=\"ugc\">Envo Shop\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fenvo-storefront\u002F\" rel=\"ugc\">Envo Storefront\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fenvo-ecommerce\u002F\" rel=\"ugc\">Envo eCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>EnvoThemes Demo Import bundles the following third-party resources:\u003C\u002Fp>\n\u003Cp>WordPress Importer, by wordpressdotorg\u003Cbr \u002F>\nLicense: GPL version 2 or later\u003Cbr \u002F>\nSource: https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwordpress-importer\u002F\u003C\u002Fp>\n","Import EnvoThemes official themes demo content, widgets and theme settings with just one click.",3000,408141,100,1,"2022-12-09T12:24:00.000Z","6.1.10","4.5","5.4.0",[20,21,22,23,24],"content","data","demo","import","wordpress","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenvothemes-demo-import.1.3.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"envothemes",16,89500,98,27,93,"2026-04-04T04:26:08.670Z",[41,63,78,94,114],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":59,"download_link":60,"security_score":61,"vuln_count":14,"unpatched_count":28,"last_vuln_date":62,"fetched_at":30},"rara-one-click-demo-import","Rara One Click Demo Import","1.3.4","Rara Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fraratheme\u002F","\u003Cp>Do you love the demos of the themes made by Rara Theme? Or, need a guideline for setting up the themes?\u003C\u002Fp>\n\u003Cp>Then, all you need is this plugin!\u003C\u002Fp>\n\u003Cp>Rara One Click Demo Import plugin will help you import the demo content, including settings of the widgets and the customizer, with a click.\u003C\u002Fp>\n\u003Cp>The demo content will make your website look like the preview of a theme so that you get a basic guideline for making your website.\u003C\u002Fp>\n\u003Cp>Once installed and activated, Rara One Click Demo Import will be accessible through \u003Cstrong>Appearance > Rara Demo Import\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>If you use Premium themes made by Rara Themes, go to Pro Theme Demo Import tab and just click on ‘Import Now’ button and your website will look like the demo of the activated theme in no time.\u003C\u002Fp>\n\u003Cp>If you use free themes made by Rara Themes, download the demo files from your \u003Ca href=\"https:\u002F\u002Frarathemes.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Theme Documentation\u003C\u002Fa> page, upload it using ‘Upload Demo File’ button on this plugin, and click Import Now. As simple as that.\u003C\u002Fp>\n\u003Cp>You can find the detail documentation \u003Ca href=\"https:\u002F\u002Frarathemes.com\u002Fblog\u002Fimport-demo-content-rara-themes\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you need help, contact our support team \u003Ca href=\"https:\u002F\u002Frarathemes.com\u002Fsupport-ticket\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is based on the ‘Theme Demo Import’ plugin by Themely, https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-demo-import\u002F\u003C\u002Fp>\n\u003Cp>As well as the improved WP Import 2.0 plugin by @humanmade, https:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWordPress-Importer.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Rara One Click Demo Import uses the script of\u003Cbr \u002F>\n‘Theme Demo Import’ plugin by Themely,\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-demo-import\u002F\u003Cbr \u002F>\nLicensed under the GNU General Public License v2.0,\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Cp>Rara One Click Demo Import uses ‘WordPress Importer’ plugin script\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWordPress-Importer\u003Cbr \u002F>\n(C) 2016 @humanmade\u003Cbr \u002F>\nLicensed under the GNU General Public License v2.0,\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>Rara One Click Demo Import is distributed under the terms of the GNU GPL.\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation; either version 2 of the License, or\u003Cbr \u002F>\nany later version (at your own risk).\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\u003Cbr \u002F>\nGNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along\u003Cbr \u002F>\nwith this program; if not, write to the Free Software Foundation, Inc.,\u003Cbr \u002F>\n51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.\u003C\u002Fp>\n","Make your website look like the live demo of the theme with a click!",20000,878760,54,7,"2024-11-21T11:28:00.000Z","6.7.5","6.0","7.4",[20,21,22,23,58],"widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frara-one-click-demo-import\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frara-one-click-demo-import.1.3.4.zip",91,"2022-04-21 13:36:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":13,"num_ratings":14,"last_updated":73,"tested_up_to":54,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":25,"download_link":77,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"tutormate","TutorMate","3.0.1","Themeum","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeum\u002F","\u003Cp>TutorMate is a Tutor Starter theme companion plugin to import predesigned stylish demo pages to eLearning sites powered by Tutor LMS plugin. If you want your eLearning sites built with Tutor Starter theme to look ready right from the start, you can import our demo pages easily with the TutorMate plugin.\u003C\u002Fp>\n\u003Ch3>Prerequisite\u003C\u002Fh3>\n\u003Cp>TutorStarter theme needs to be installed and activated in order to use TutorMate demo importer plugin.\u003C\u002Fp>\n","TutorMate is a Tutor Starter theme companion plugin to import predesigned stylish demo pages to eLearning sites powered by Tutor LMS plugin.",10000,178909,"2025-05-09T10:56:00.000Z","5.3","7.0",[20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftutormate.3.0.1.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":28,"num_ratings":28,"last_updated":88,"tested_up_to":89,"requires_at_least":25,"requires_php":90,"tags":91,"homepage":92,"download_link":93,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"skt-themes-demo-importer","SKT Themes Demo Import","1.7","sonalsinha21","https:\u002F\u002Fprofiles.wordpress.org\u002Fsonalsinha21\u002F","\u003Cp>Live demo content can be imported quickly in just one click including all widgets and settings. To establish a new website, this plugin provides a a basic layout plus it speed up the process of development.\u003C\u002Fp>\n\u003Cp>In \u003Cstrong>APPEARANCE > SKT Import Content\u003C\u002Fstrong>, it will built up the page.\u003C\u002Fp>\n\u003Cp>The three files upload inputs will be presented if you are using the theme that do not have any import filed predefined.\u003C\u002Fp>\n\u003Cp>Demo content XML file needs to be uploaded as first file is important, for the real demo import.\u003C\u002Fp>\n\u003Cp>The second one is not that much important. however for widgets import you will be asked for a WIE or JSON file. With the help of this you can create a file \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-importer-exporter\u002F\" rel=\"ugc\">Widget Importer & Exporter\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>The third option is also not mandatory. thus the customizer settings will be imported, select the DAT file that can be easily generated from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustomizer-export-import\u002F\" rel=\"ugc\">Customizer Export\u002FImport\u003C\u002Fa> plugin (from the same theme if and only if the export file was created than only the customizer settings will be imported.).\u003C\u002Fp>\n","Live demo content can be imported quickly in just one click including all widgets and settings.",5000,48623,"2026-01-15T05:48:00.000Z","6.9.4","5.6",[20,21,22,23,58],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fskt-themes-demo-import\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fskt-themes-demo-importer.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":86,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":90,"tags":108,"homepage":109,"download_link":110,"security_score":111,"vuln_count":112,"unpatched_count":112,"last_vuln_date":113,"fetched_at":30},"theme-demo-import","Theme Demo Import","1.1.3","themely","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemely\u002F","\u003Cp>Quickly import demo content, widgets and settings for your new theme. This provides a basic layout to build your website and speed up the development process.\u003C\u002Fp>\n\u003Cp>This plugin will create a page in \u003Cstrong>APPEARANCE > Import Demo Content\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>If the theme you are using does not have any predefined import files, then you will be presented with three file upload inputs.\u003C\u002Fp>\n\u003Cp>First one is required and you will have to upload a demo content XML file, for the actual demo import.\u003C\u002Fp>\n\u003Cp>The second one is optional and will ask you for a WIE or JSON file for widgets import. You create that file using the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-importer-exporter\u002F\" rel=\"ugc\">Widget Importer & Exporter\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>The third one is also optional and will import the customizer settings, select the DAT file which you can generate from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustomizer-export-import\u002F\" rel=\"ugc\">Customizer Export\u002FImport\u003C\u002Fa> plugin (the customizer settings will be imported only if the export file was created from the same theme).\u003C\u002Fp>\n\u003Cp>This plugin is based off the ‘One Click Demo Import’ plugin by @capuderg and @cyman, https:\u002F\u002Fgithub.com\u002Fproteusthemes\u002Fone-click-demo-import.\u003C\u002Fp>\n\u003Cp>As well as the improved WP Import 2.0 plugin by @humanmade, https:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWordPress-Importer.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Theme Demo Import uses ‘One Click Demo Import’ plugin script\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fproteusthemes\u002Fone-click-demo-import\u003Cbr \u002F>\n(C) 2016 ProteusThemes.com\u003Cbr \u002F>\nLicensed under the GNU General Public License v2.0,\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Cp>Theme Demo Import uses ‘WordPress Importer’ plugin script\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWordPress-Importer\u003Cbr \u002F>\n(C) 2016 @humanmade\u003Cbr \u002F>\nLicensed under the GNU General Public License v2.0,\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>Theme Demo Import, Copyright 2016 Ishmael ‘Hans’ Desjarlais\u003C\u002Fp>\n\u003Cp>Theme Demo Import is distributed under the terms of the GNU GPL\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation; either version 2 of the License, or\u003Cbr \u002F>\n(at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\u003Cbr \u002F>\nGNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along\u003Cbr \u002F>\nwith this program; if not, write to the Free Software Foundation, Inc.,\u003Cbr \u002F>\n51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.\u003C\u002Fp>\n","Quickly import demo content, widgets and settings in one click. Made for theme authors to simplify importing demo content for their users.",258193,60,4,"2024-07-03T11:04:00.000Z","6.5.8","4.7",[20,21,22,23,58],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-demo-import\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-demo-import.zip",49,2,"2023-08-09 00:00:00",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":28,"num_ratings":28,"last_updated":124,"tested_up_to":89,"requires_at_least":125,"requires_php":90,"tags":126,"homepage":25,"download_link":127,"security_score":128,"vuln_count":129,"unpatched_count":28,"last_vuln_date":130,"fetched_at":30},"fable-extra","Fable Extra","1.0.11","WPFable","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpfable\u002F","\u003Cp>Used for WP Fable Themes.\u003C\u002Fp>\n","Used for WP Fable Themes.",4000,33583,"2026-01-13T06:31:00.000Z","5.2",[20,21,22,23,58],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffable-extra.1.0.11.zip",92,3,"2025-04-25 00:00:00",{"attackSurface":132,"codeSignals":254,"taintFlows":400,"riskAssessment":524,"analyzedAt":532},{"hooks":133,"ajaxHandlers":213,"restRoutes":247,"shortcodes":248,"cronEvents":249,"entryPointCount":253,"unprotectedCount":28},[134,139,143,147,152,155,158,161,164,167,173,179,183,185,187,191,195,199,202,206,210],{"type":135,"name":136,"callback":137,"file":138,"line":13},"action","init","load_plugin_textdomain","envothemes-demo-import.php",{"type":135,"name":140,"callback":141,"file":138,"line":142},"admin_enqueue_scripts","scripts",103,{"type":135,"name":144,"callback":145,"file":138,"line":146},"admin_init","envothemes_plugin_redirect",214,{"type":135,"name":148,"callback":149,"file":150,"line":151},"admin_notices","envothemes_review_notice_message","includes\\notify\\notify.php",36,{"type":135,"name":144,"callback":153,"file":150,"line":154},"envothemes_review_notice",40,{"type":135,"name":148,"callback":156,"file":150,"line":157},"envothemes_pro_notice_message",153,{"type":135,"name":144,"callback":159,"file":150,"line":160},"envothemes_pro_notice",157,{"type":135,"name":148,"callback":162,"file":150,"line":163},"envothemes_enwoo_notice_message",239,{"type":135,"name":144,"callback":165,"file":150,"line":166},"envothemes_enwoo_notice",244,{"type":135,"name":168,"callback":169,"priority":170,"file":171,"line":172},"admin_menu","add_page",999,"includes\\panel\\classes\\class-install-demos.php",21,{"type":174,"name":175,"callback":176,"file":177,"line":178},"filter","import_post_meta_key","is_valid_meta_key","includes\\panel\\classes\\importers\\class-wordpress-importer.php",123,{"type":174,"name":180,"callback":181,"file":177,"line":182},"http_request_timeout","bump_request_timeout",124,{"type":135,"name":144,"callback":136,"file":184,"line":151},"includes\\panel\\demos.php",{"type":135,"name":140,"callback":141,"file":184,"line":186},39,{"type":174,"name":188,"callback":189,"file":184,"line":190},"upload_mimes","allow_xml_uploads",42,{"type":135,"name":192,"callback":193,"file":184,"line":194},"admin_footer","popup",45,{"type":135,"name":168,"callback":196,"file":197,"line":198},"add_envo_wizard_menu","includes\\wizard\\wizard.php",35,{"type":135,"name":144,"callback":200,"priority":201,"file":197,"line":151},"envo_wizard_setup",99,{"type":135,"name":203,"callback":204,"file":197,"line":205},"wp_loaded","remove_notice",37,{"type":135,"name":207,"callback":208,"file":197,"line":209},"admin_print_styles","add_notice",38,{"type":135,"name":211,"callback":212,"file":197,"line":186},"add_second_notice","install",[214,220,224,227,231,235,239,243],{"action":215,"nopriv":216,"callback":217,"hasNonce":218,"hasCapCheck":218,"file":184,"line":219},"envo_ajax_get_demo_data",false,"ajax_demo_data",true,56,{"action":221,"nopriv":216,"callback":222,"hasNonce":216,"hasCapCheck":218,"file":184,"line":223},"envo_ajax_required_plugins_activate","ajax_required_plugins_activate",57,{"action":225,"nopriv":216,"callback":226,"hasNonce":218,"hasCapCheck":218,"file":184,"line":103},"envo_ajax_get_import_data","ajax_get_import_data",{"action":228,"nopriv":216,"callback":229,"hasNonce":218,"hasCapCheck":218,"file":184,"line":230},"envo_ajax_import_xml","ajax_import_xml",63,{"action":232,"nopriv":216,"callback":233,"hasNonce":218,"hasCapCheck":218,"file":184,"line":234},"envo_ajax_import_theme_settings","ajax_import_theme_settings",66,{"action":236,"nopriv":216,"callback":237,"hasNonce":218,"hasCapCheck":218,"file":184,"line":238},"envo_ajax_import_widgets","ajax_import_widgets",69,{"action":240,"nopriv":216,"callback":241,"hasNonce":218,"hasCapCheck":218,"file":184,"line":242},"envo_after_import","ajax_after_import",72,{"action":244,"nopriv":216,"callback":217,"hasNonce":218,"hasCapCheck":216,"file":245,"line":246},"envo_wizard_ajax_get_demo_data","includes\\wizard\\classes\\WizardAjax.php",9,[],[],[250,251],{"hook":211,"callback":211,"file":197,"line":61},{"hook":211,"callback":211,"file":197,"line":252},636,8,{"dangerousFunctions":255,"sqlUsage":261,"outputEscaping":263,"fileOperations":172,"externalRequests":112,"nonceChecks":397,"capabilityChecks":398,"bundledLibraries":399},[256],{"fn":257,"file":258,"line":259,"context":260},"unserialize","includes\\panel\\classes\\importers\\class-settings-importer.php",25,"$data = @unserialize( $raw );",{"prepared":104,"raw":28,"locations":262},[],{"escaped":264,"rawEcho":265,"locations":266},175,71,[267,269,270,272,274,276,278,280,282,284,286,288,289,291,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,339,340,342,344,346,348,350,352,354,355,356,358,360,362,363,365,366,367,369,371,373,375,377,379,380,382,384,386,388,390,391,393,395],{"file":150,"line":230,"context":268},"raw output",{"file":150,"line":242,"context":268},{"file":150,"line":271,"context":268},78,{"file":150,"line":273,"context":268},90,{"file":150,"line":275,"context":268},178,{"file":150,"line":277,"context":268},188,{"file":150,"line":279,"context":268},266,{"file":150,"line":281,"context":268},280,{"file":283,"line":209,"context":268},"includes\\panel\\classes\\importers\\class-parsers.php",{"file":283,"line":285,"context":268},41,{"file":283,"line":287,"context":268},44,{"file":283,"line":194,"context":268},{"file":177,"line":290,"context":268},152,{"file":177,"line":157,"context":268},{"file":177,"line":293,"context":268},161,{"file":177,"line":295,"context":268},196,{"file":177,"line":297,"context":268},197,{"file":177,"line":299,"context":268},212,{"file":177,"line":301,"context":268},216,{"file":177,"line":303,"context":268},225,{"file":177,"line":305,"context":268},279,{"file":177,"line":307,"context":268},281,{"file":177,"line":309,"context":268},327,{"file":177,"line":311,"context":268},337,{"file":177,"line":313,"context":268},340,{"file":177,"line":315,"context":268},348,{"file":177,"line":317,"context":268},357,{"file":177,"line":319,"context":268},408,{"file":177,"line":321,"context":268},460,{"file":177,"line":323,"context":268},505,{"file":177,"line":325,"context":268},560,{"file":177,"line":327,"context":268},753,{"file":177,"line":329,"context":268},786,{"file":177,"line":331,"context":268},1175,{"file":177,"line":333,"context":268},1197,{"file":177,"line":335,"context":268},1198,{"file":337,"line":151,"context":268},"includes\\panel\\classes\\importers\\parsers\\class-wxr-parser.php",{"file":337,"line":186,"context":268},{"file":337,"line":190,"context":268},{"file":337,"line":341,"context":268},43,{"file":184,"line":343,"context":268},386,{"file":184,"line":345,"context":268},403,{"file":184,"line":347,"context":268},581,{"file":184,"line":349,"context":268},644,{"file":184,"line":351,"context":268},681,{"file":184,"line":353,"context":268},718,{"file":245,"line":287,"context":268},{"file":245,"line":111,"context":268},{"file":197,"line":357,"context":268},209,{"file":197,"line":359,"context":268},210,{"file":197,"line":361,"context":268},211,{"file":197,"line":299,"context":268},{"file":197,"line":364,"context":268},213,{"file":197,"line":146,"context":268},{"file":197,"line":166,"context":268},{"file":197,"line":368,"context":268},384,{"file":197,"line":370,"context":268},412,{"file":197,"line":372,"context":268},470,{"file":197,"line":374,"context":268},471,{"file":197,"line":376,"context":268},478,{"file":197,"line":378,"context":268},521,{"file":197,"line":378,"context":268},{"file":197,"line":381,"context":268},523,{"file":197,"line":383,"context":268},525,{"file":197,"line":385,"context":268},534,{"file":197,"line":387,"context":268},540,{"file":197,"line":389,"context":268},562,{"file":197,"line":389,"context":268},{"file":197,"line":392,"context":268},564,{"file":197,"line":394,"context":268},566,{"file":197,"line":396,"context":268},575,14,15,[],[401,418,428,437,447,458,466,476,484,510],{"entryPoint":402,"graph":403,"unsanitizedCount":129,"severity":417},"envothemes_review_notice_message (includes\\notify\\notify.php:45)",{"nodes":404,"edges":415},[405,410],{"id":406,"type":407,"label":408,"file":150,"line":409},"n0","source","$_SERVER (x3)",47,{"id":411,"type":412,"label":413,"file":150,"line":242,"wp_function":414},"n1","sink","echo() [XSS]","echo",[416],{"from":406,"to":411,"sanitized":216},"medium",{"entryPoint":419,"graph":420,"unsanitizedCount":14,"severity":417},"envothemes_pro_notice_message (includes\\notify\\notify.php:162)",{"nodes":421,"edges":426},[422,425],{"id":406,"type":407,"label":423,"file":150,"line":424},"$_SERVER",164,{"id":411,"type":412,"label":413,"file":150,"line":277,"wp_function":414},[427],{"from":406,"to":411,"sanitized":216},{"entryPoint":429,"graph":430,"unsanitizedCount":14,"severity":417},"envothemes_enwoo_notice_message (includes\\notify\\notify.php:249)",{"nodes":431,"edges":435},[432,434],{"id":406,"type":407,"label":423,"file":150,"line":433},251,{"id":411,"type":412,"label":413,"file":150,"line":281,"wp_function":414},[436],{"from":406,"to":411,"sanitized":216},{"entryPoint":438,"graph":439,"unsanitizedCount":28,"severity":446},"\u003Cnotify> (includes\\notify\\notify.php:0)",{"nodes":440,"edges":444},[441,443],{"id":406,"type":407,"label":442,"file":150,"line":409},"$_SERVER (x5)",{"id":411,"type":412,"label":413,"file":150,"line":242,"wp_function":414},[445],{"from":406,"to":411,"sanitized":218},"low",{"entryPoint":448,"graph":449,"unsanitizedCount":28,"severity":446},"ajax_demo_data (includes\\panel\\demos.php:351)",{"nodes":450,"edges":456},[451,454],{"id":406,"type":407,"label":452,"file":184,"line":453},"$_GET",369,{"id":411,"type":412,"label":413,"file":184,"line":455,"wp_function":414},430,[457],{"from":406,"to":411,"sanitized":218},{"entryPoint":459,"graph":460,"unsanitizedCount":28,"severity":446},"\u003Cdemos> (includes\\panel\\demos.php:0)",{"nodes":461,"edges":464},[462,463],{"id":406,"type":407,"label":452,"file":184,"line":453},{"id":411,"type":412,"label":413,"file":184,"line":455,"wp_function":414},[465],{"from":406,"to":411,"sanitized":218},{"entryPoint":467,"graph":468,"unsanitizedCount":28,"severity":446},"ajax_demo_data (includes\\wizard\\classes\\WizardAjax.php:12)",{"nodes":469,"edges":474},[470,472],{"id":406,"type":407,"label":452,"file":245,"line":471},30,{"id":411,"type":412,"label":413,"file":245,"line":473,"wp_function":414},73,[475],{"from":406,"to":411,"sanitized":218},{"entryPoint":477,"graph":478,"unsanitizedCount":28,"severity":446},"\u003CWizardAjax> (includes\\wizard\\classes\\WizardAjax.php:0)",{"nodes":479,"edges":482},[480,481],{"id":406,"type":407,"label":452,"file":245,"line":471},{"id":411,"type":412,"label":413,"file":245,"line":473,"wp_function":414},[483],{"from":406,"to":411,"sanitized":218},{"entryPoint":485,"graph":486,"unsanitizedCount":28,"severity":446},"save_envo_customize (includes\\wizard\\wizard.php:585)",{"nodes":487,"edges":506},[488,491,494,498,500,504],{"id":406,"type":407,"label":489,"file":197,"line":490},"$_POST['envo-site-title']",592,{"id":411,"type":412,"label":492,"file":197,"line":490,"wp_function":493},"update_option() [Settings Manipulation]","update_option",{"id":495,"type":407,"label":496,"file":197,"line":497},"n2","$_POST['envo-tagline']",595,{"id":499,"type":412,"label":492,"file":197,"line":497,"wp_function":493},"n3",{"id":501,"type":407,"label":502,"file":197,"line":503},"n4","$_POST['envo-favicon']",598,{"id":505,"type":412,"label":492,"file":197,"line":503,"wp_function":493},"n5",[507,508,509],{"from":406,"to":411,"sanitized":218},{"from":495,"to":499,"sanitized":218},{"from":501,"to":505,"sanitized":218},{"entryPoint":511,"graph":512,"unsanitizedCount":28,"severity":446},"\u003Cwizard> (includes\\wizard\\wizard.php:0)",{"nodes":513,"edges":520},[514,515,516,517,518,519],{"id":406,"type":407,"label":489,"file":197,"line":490},{"id":411,"type":412,"label":492,"file":197,"line":490,"wp_function":493},{"id":495,"type":407,"label":496,"file":197,"line":497},{"id":499,"type":412,"label":492,"file":197,"line":497,"wp_function":493},{"id":501,"type":407,"label":502,"file":197,"line":503},{"id":505,"type":412,"label":492,"file":197,"line":503,"wp_function":493},[521,522,523],{"from":406,"to":411,"sanitized":218},{"from":495,"to":499,"sanitized":218},{"from":501,"to":505,"sanitized":218},{"summary":525,"deductions":526},"The plugin \"envothemes-demo-import\" v1.3.0 exhibits a generally strong security posture based on the provided static analysis.  The absence of known CVEs and a clean vulnerability history is a significant positive indicator, suggesting a well-maintained and secure codebase.  The plugin also demonstrates good practices with 100% of SQL queries using prepared statements and a respectable 71% of output properly escaped. Furthermore, the presence of numerous capability and nonce checks across its entry points is commendable.\n\nHowever, there are a few areas of concern. The presence of the `unserialize` function, while not explicitly shown to be vulnerable in this analysis, is a known attack vector if not handled with extreme caution and sanitization, especially when dealing with user-supplied input. The taint analysis revealing \"flows with unsanitized paths\" is also a red flag, even if no critical or high severity issues were identified. This indicates potential pathways for malicious data to enter the application without proper validation, which could lead to unexpected behavior or vulnerabilities in other contexts.  The total number of file operations (21) is also notable and warrants careful review in conjunction with the unsanitized paths.\n\nIn conclusion, while the plugin has a strong foundation with no known exploitable vulnerabilities and good coding practices for SQL and output handling, the `unserialize` function and the identified unsanitized paths represent potential weaknesses.  These areas, if not rigorously secured and monitored, could become points of exploitation. The lack of historical vulnerabilities is a good sign, but the static analysis signals these specific code patterns require continued scrutiny.",[527,529],{"reason":528,"points":52},"Dangerous function unserialize present",{"reason":530,"points":531},"Flows with unsanitized paths found",10,"2026-03-16T18:21:02.333Z",{"wat":534,"direct":540},{"assetPaths":535,"generatorPatterns":537,"scriptPaths":538,"versionParams":539},[536],"\u002Fwp-content\u002Fplugins\u002Fenvothemes-demo-import\u002Fincludes\u002Fpanel\u002Fassets\u002Fcss\u002Fnotify.css",[],[],[],{"cssClasses":541,"htmlComments":543,"htmlAttributes":544,"restEndpoints":545,"jsGlobals":546,"shortcodeOutput":547},[542],"install-demos",[],[],[],[],[]]