[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYHTmiFbwgXAloYs3dkuyIGEHwJU4VwMQjTg7NlLcHjo":3,"$fuPN7tlCptw-aXMY9Rp74fFtp1m65wYXpzi4TDl-4VKY":130,"$fPmKJIoBvj49KxZUjLsPLPOYV-wfxA-Aa8qMD_emTBeE":135},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":37,"analysis":58,"fingerprints":114},"exchange-rate-privatbank","Курс валют ПриватБанка","2.0","Maksym Marko","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkomaksym\u002F","\u003Cp>Плагін дозволяє вивести курс валют від Приват Банку на сайті в за допомогою Гутенберг блока.\u003C\u002Fp>\n","Плагін дозволяє вивести курс валют від Приват Банку на сайті в за допомогою Гутенберг блока.",20,1660,0,"2023-08-24T16:15:00.000Z","6.3.8","5.5","",[19,20,21],"%d0%ba%d1%83%d1%80%d1%81-%d0%b2%d0%b0%d0%bb%d1%8e%d1%82","%d0%ba%d1%83%d1%80%d1%81-%d0%b2%d0%b0%d0%bb%d1%8e%d1%82-%d0%bf%d1%80%d0%b8%d0%b2%d0%b0%d1%82%d0%b1%d0%b0%d0%bd%d0%ba","%d0%bf%d1%80%d0%b8%d0%b2%d0%b0%d1%82-%d0%b1%d0%b0%d0%bd%d0%ba","https:\u002F\u002Fgithub.com\u002FMaxim-us\u002Fexchange-rate-privatbank","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexchange-rate-privatbank.2.0.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"markomaksym",12,1100,82,881,66,"2026-05-20T19:26:13.850Z",[38],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":13,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":17,"download_link":57,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"rk-currency-rates","RK currency rates","1.0","Abu Bakr","https:\u002F\u002Fprofiles.wordpress.org\u002Fbotyk87\u002F","\u003Cp>Информация о курсах обмена валюты, установленных Национальный банк РК (www.nationalbank.kz). Все данные берет с сайта www.nationalbank.kz (XML)\u003C\u002Fp>\n","Курс валют национальный банк РК",10,1222,"2018-06-28T04:53:00.000Z","4.9.29","4.9.6","5.2.4",[53,54,55,19,56],"currency","%d0%b2%d0%b0%d0%bb%d1%8e%d1%82%d0%b0","%d0%ba%d0%b0%d0%b7%d0%b0%d1%85%d1%81%d1%82%d0%b0%d0%bd","%d0%bd%d0%b0%d1%86%d0%b8%d0%be%d0%bd%d0%b0%d0%bb%d1%8c%d0%bd%d1%8b%d0%b9-%d0%b1%d0%b0%d0%bd%d0%ba","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frk-currency-rates.zip",{"attackSurface":59,"codeSignals":85,"taintFlows":101,"riskAssessment":102,"analyzedAt":113},{"hooks":60,"ajaxHandlers":81,"restRoutes":82,"shortcodes":83,"cronEvents":84,"entryPointCount":13,"unprotectedCount":13},[61,67,72,76],{"type":62,"name":63,"callback":64,"file":65,"line":66},"action","plugins_loaded","mxerp_translate","exchange-rate-privatbank.php",72,{"type":62,"name":68,"callback":69,"file":70,"line":71},"admin_enqueue_scripts","mxerp_enqueue","includes\\admin\\class-admin-main.php",30,{"type":62,"name":73,"callback":69,"file":74,"line":75},"enqueue_block_assets","includes\\frontend\\class-frontend-main.php",15,{"type":62,"name":77,"callback":78,"file":79,"line":80},"init","serverSideRendering","includes\\gutenberg\\gutenberg-main.php",13,[],[],[],[],{"dangerousFunctions":86,"sqlUsage":87,"outputEscaping":89,"fileOperations":99,"externalRequests":99,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":100},[],{"prepared":13,"raw":13,"locations":88},[],{"escaped":13,"rawEcho":90,"locations":91},3,[92,95,97],{"file":79,"line":93,"context":94},73,"raw output",{"file":79,"line":96,"context":94},74,{"file":79,"line":98,"context":94},75,1,[],[],{"summary":103,"deductions":104},"The 'exchange-rate-privatbank' v2.0 plugin exhibits a generally strong security posture based on the provided static analysis. The plugin reports zero attack surface entry points, no dangerous functions, and all SQL queries utilize prepared statements, which are excellent security practices.  However, a significant concern arises from the complete lack of output escaping (0% properly escaped). This indicates that any data rendered by the plugin could potentially be vulnerable to cross-site scripting (XSS) attacks if the data originates from an untrusted source. Additionally, the absence of nonce checks and capability checks, while not directly exploitable given the zero attack surface, suggests a potential lack of robust authorization and integrity protection mechanisms should any entry points be discovered or introduced in future versions.  The plugin also has no recorded vulnerability history, which is a positive indicator of past security diligence.  Despite the absence of direct exploitable vulnerabilities in the static analysis and history, the unescaped output presents a clear, albeit potential, risk that should be addressed.",[105,108,111],{"reason":106,"points":107},"Output escaping is not implemented",8,{"reason":109,"points":110},"No nonce checks implemented",5,{"reason":112,"points":110},"No capability checks implemented","2026-03-16T22:29:23.841Z",{"wat":115,"direct":123},{"assetPaths":116,"generatorPatterns":118,"scriptPaths":119,"versionParams":120},[117],"\u002Fwp-content\u002Fplugins\u002Fexchange-rate-privatbank\u002Fincludes\u002Ffrontend\u002Fassets\u002Fcss\u002Fstyle.css",[],[],[121,122],"exchange-rate-privatbank\u002Fstyle.css?ver=","exchange-rate-privatbank\u002Fscript.js?ver=",{"cssClasses":124,"htmlComments":125,"htmlAttributes":126,"restEndpoints":127,"jsGlobals":128,"shortcodeOutput":129},[],[],[],[],[],[],{"error":131,"url":132,"statusCode":133,"statusMessage":134,"message":134},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fexchange-rate-privatbank\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":90,"versions":136},[137,143,150],{"version":6,"download_url":23,"svn_tag_url":138,"released_at":25,"has_diff":139,"diff_files_changed":140,"diff_lines":25,"trac_diff_url":141,"vulnerabilities":142,"is_current":131},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fexchange-rate-privatbank\u002Ftags\u002F2.0\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fexchange-rate-privatbank%2Ftags%2F1.1&new_path=%2Fexchange-rate-privatbank%2Ftags%2F2.0",[],{"version":144,"download_url":145,"svn_tag_url":146,"released_at":25,"has_diff":139,"diff_files_changed":147,"diff_lines":25,"trac_diff_url":148,"vulnerabilities":149,"is_current":139},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexchange-rate-privatbank.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fexchange-rate-privatbank\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fexchange-rate-privatbank%2Ftags%2F1.0&new_path=%2Fexchange-rate-privatbank%2Ftags%2F1.1",[],{"version":41,"download_url":151,"svn_tag_url":152,"released_at":25,"has_diff":139,"diff_files_changed":153,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":154,"is_current":139},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexchange-rate-privatbank.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fexchange-rate-privatbank\u002Ftags\u002F1.0\u002F",[],[]]