[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5OLwrmmb3ZFn7dOyNznz1uMa8aFH8pzHTBonMS-p7uY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":34,"fingerprints":70},"fancy-e-newsletter-wpmudev","Fancy e-Newsletter wpmudev","1.0","diegpl","https:\u002F\u002Fprofiles.wordpress.org\u002Fdiegpl\u002F","\u003Cp>Some jquery and css adjustments for e-Newsletter, the wpmudev plugin for email marketing and newsletter that has a drag-n-drop design builder!\u003C\u002Fp>\n\u003Cp>Our sites:\u003Cbr \u002F>\nhttp:\u002F\u002Fuserdev.com.br\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwpsoftwares.com\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwpsoft.com.br\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Ch3>Markdown\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Get your own newsletter system\u003C\u002Fli>\n\u003Cli>Be fancy!\u003C\u002Fli>\n\u003C\u002Fol>\n","Some jquery and css adjustments for e-Newsletter, the wpmudev plugin for email marketing and newsletter that has a drag-n-drop design builder!",10,1437,0,"2014-05-17T00:19:00.000Z","3.7.41","3.0.1","",[19,20],"e-newsletter-wpmudev","e-newsletter-fancy-e-newsletter","http:\u002F\u002Fwpsoft.com.br","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffancy-e-newsletter-wpmudev.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},5,50,30,84,"2026-04-05T01:04:29.696Z",[],{"attackSurface":35,"codeSignals":47,"taintFlows":62,"riskAssessment":63,"analyzedAt":69},{"hooks":36,"ajaxHandlers":43,"restRoutes":44,"shortcodes":45,"cronEvents":46,"entryPointCount":13,"unprotectedCount":13},[37],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","wp_footer","fancyEnewsletter","insert-it-at-head.php",20,[],[],[],[],{"dangerousFunctions":48,"sqlUsage":49,"outputEscaping":51,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":61},[],{"prepared":13,"raw":13,"locations":50},[],{"escaped":13,"rawEcho":52,"locations":53},3,[54,57,59],{"file":41,"line":55,"context":56},13,"raw output",{"file":41,"line":58,"context":56},15,{"file":41,"line":60,"context":56},16,[],[],{"summary":64,"deductions":65},"The plugin \"fancy-e-newsletter-wpmudev\" v1.0 exhibits a generally positive security posture based on the provided static analysis. The absence of any detected AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points indicates a well-contained attack surface. Furthermore, the complete absence of dangerous functions, raw SQL queries, and external HTTP requests suggests careful coding practices.  However, a significant concern arises from the 100% of output not being properly escaped. This means that any data processed and displayed by the plugin is vulnerable to cross-site scripting (XSS) attacks, as user-supplied input could be rendered directly in the browser without sanitization. The plugin's vulnerability history is clean, with no recorded CVEs, which is a strong positive indicator. Despite the lack of known vulnerabilities, the unescaped output represents a critical weakness that must be addressed to ensure user safety.",[66],{"reason":67,"points":68},"Output is not properly escaped",8,"2026-03-17T01:17:37.377Z",{"wat":71,"direct":82},{"assetPaths":72,"generatorPatterns":76,"scriptPaths":77,"versionParams":78},[73,74,75],"\u002Fwp-content\u002Fplugins\u002Ffancy-e-newsletter-wpmudev\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Ffancy-e-newsletter-wpmudev\u002Ffancy-e-newsletter.js","\u002Fwp-content\u002Fplugins\u002Ffancy-e-newsletter-wpmudev\u002Fwatermark\u002Fjquery.watermark.js",[],[74,75],[79,80,81],"fancy-e-newsletter-wpmudev\u002Fstyle.css?ver=","fancy-e-newsletter-wpmudev\u002Ffancy-e-newsletter.js?ver=","fancy-e-newsletter-wpmudev\u002Fwatermark\u002Fjquery.watermark.js?ver=",{"cssClasses":83,"htmlComments":84,"htmlAttributes":85,"restEndpoints":86,"jsGlobals":87,"shortcodeOutput":88},[],[],[],[],[],[]]