[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHYusPumCQjNtHyBE9SRdN7-G9pDbLtT8upiaEDLu-3E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":19,"download_link":20,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":33,"analysis":34,"fingerprints":171},"feature-status-check","Feature Status Check","1.4","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>Feature status can be a hard thing to manage in your WordPress installation, sometimes plugins or themes get abandoned, or closed for security reasons and you have no way of knowing without visiting the WordPress feature page.\u003C\u002Fp>\n\u003Cp>Feature Status Check gives you a unified dashboard to view the status of all your installed plugins and themes, and highlights those that might have issues.\u003C\u002Fp>\n\u003Cp>Feature Status Check also integrates with the WordPress Site Health feature and highlights those features with possible issues.\u003C\u002Fp>\n\u003Cp>Finally, Feature Status Check also send out a change report to the site admin during the daily update via e-mail.\u003C\u002Fp>\n\u003Cp>This code is released under the GPL v2, see license.txt for details.\u003C\u002Fp>\n\u003Ch3>Roadmap\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>None at this time.\u003C\u002Fli>\n\u003C\u002Ful>\n","Checks to see if the plugins and themes you have on your site are still supported in the WordPress directories.",0,1357,"2023-12-03T02:47:00.000Z","6.4.8","5.2","7.0",[18],"admin-plugins-themes-status","http:\u002F\u002Ftoolstack.com\u002Ffeature-status-check","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeature-status-check.1.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"gregross",34,7510,88,39,80,"2026-04-04T12:12:12.014Z",[],{"attackSurface":35,"codeSignals":80,"taintFlows":158,"riskAssessment":159,"analyzedAt":170},{"hooks":36,"ajaxHandlers":67,"restRoutes":68,"shortcodes":69,"cronEvents":70,"entryPointCount":11,"unprotectedCount":11},[37,44,47,51,54,59,63],{"type":38,"name":39,"callback":40,"priority":41,"file":42,"line":43},"action","admin_menu","fsc_admin_menu",200,"feature-status-check.php",29,{"type":38,"name":39,"callback":45,"file":42,"line":46},"fsc_add_options_page",32,{"type":38,"name":48,"callback":49,"file":42,"line":50},"admin_enqueue_scripts","fsc_css_and_js",35,{"type":38,"name":52,"callback":52,"file":42,"line":53},"fsc_daily_event",38,{"type":55,"name":56,"callback":57,"file":42,"line":58},"filter","site_status_tests","fsc_add_plugin_status_test",43,{"type":55,"name":60,"callback":61,"file":42,"line":62},"site_health_navigation_tabs","fsc_add_status_tab",44,{"type":38,"name":64,"callback":65,"file":42,"line":66},"site_health_tab_content","fsc_add_status_tab_content",45,[],[],[],[71,74,77],{"hook":52,"callback":52,"file":72,"line":73},"includes\\admin-page.php",23,{"hook":52,"callback":52,"file":75,"line":76},"includes\\settings-page.php",47,{"hook":52,"callback":52,"file":78,"line":79},"includes\\system.php",11,{"dangerousFunctions":81,"sqlUsage":82,"outputEscaping":84,"fileOperations":11,"externalRequests":156,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":157},[],{"prepared":11,"raw":11,"locations":83},[],{"escaped":85,"rawEcho":50,"locations":86},40,[87,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,123,125,127,129,130,132,134,136,138,140,142,144,146,148,150,152,154],{"file":72,"line":88,"context":89},28,"raw output",{"file":72,"line":91,"context":89},90,{"file":72,"line":93,"context":89},91,{"file":72,"line":95,"context":89},92,{"file":72,"line":97,"context":89},93,{"file":72,"line":99,"context":89},94,{"file":72,"line":101,"context":89},95,{"file":72,"line":103,"context":89},96,{"file":72,"line":105,"context":89},97,{"file":72,"line":107,"context":89},98,{"file":72,"line":109,"context":89},99,{"file":72,"line":111,"context":89},205,{"file":72,"line":113,"context":89},214,{"file":72,"line":115,"context":89},217,{"file":72,"line":117,"context":89},226,{"file":75,"line":119,"context":89},72,{"file":75,"line":121,"context":89},79,{"file":75,"line":31,"context":89},{"file":75,"line":124,"context":89},84,{"file":75,"line":126,"context":89},86,{"file":75,"line":128,"context":89},87,{"file":75,"line":107,"context":89},{"file":75,"line":131,"context":89},102,{"file":75,"line":133,"context":89},105,{"file":75,"line":135,"context":89},108,{"file":75,"line":137,"context":89},110,{"file":75,"line":139,"context":89},114,{"file":75,"line":141,"context":89},120,{"file":75,"line":143,"context":89},127,{"file":75,"line":145,"context":89},131,{"file":75,"line":147,"context":89},133,{"file":75,"line":149,"context":89},145,{"file":75,"line":151,"context":89},149,{"file":75,"line":153,"context":89},177,{"file":75,"line":155,"context":89},191,1,[],[],{"summary":160,"deductions":161},"The \"feature-status-check\" plugin v1.4 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs and a lack of critical or high-severity findings in the vulnerability history are positive indicators. The code analysis also shows strengths, with all SQL queries using prepared statements and a complete lack of dangerous functions, file operations, and external HTTP requests that could pose direct security risks. This suggests a development team that is likely aware of common WordPress security pitfalls.\n\nHowever, there are areas for improvement. A significant concern is the low percentage of properly escaped output (53%). This means that a substantial portion of the data displayed to users is not being sanitized, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled carefully within these unescaped outputs. Additionally, the plugin lacks nonce and capability checks for all entry points analyzed. While the static analysis indicates a small attack surface with no unprotected entry points, the absence of these fundamental WordPress security mechanisms is a weakness that could be exploited if any entry points are inadvertently exposed or if future updates increase the attack surface without implementing these checks.\n\nIn conclusion, while the plugin has a strong foundation with no known vulnerabilities and secure handling of sensitive operations like SQL queries, the prevalent issue of unescaped output and the absence of nonce\u002Fcapability checks on all entry points represent notable security risks. Addressing the output escaping and ensuring proper authorization checks on all interaction points are crucial for strengthening the plugin's overall security.",[162,165,168],{"reason":163,"points":164},"Low percentage of properly escaped output",8,{"reason":166,"points":167},"No nonce checks on entry points",5,{"reason":169,"points":167},"No capability checks on entry points","2026-03-17T06:47:18.089Z",{"wat":172,"direct":187},{"assetPaths":173,"generatorPatterns":178,"scriptPaths":179,"versionParams":181},[174,175,176,177],"\u002Fwp-content\u002Fplugins\u002Ffeature-status-check\u002Fcss\u002Ffsc.css","\u002Fwp-content\u002Fplugins\u002Ffeature-status-check\u002Fcss\u002Fjquery-ui-1.10.4.custom.css","\u002Fwp-content\u002Fplugins\u002Ffeature-status-check\u002Fcss\u002Fjquery-ui-tabs.css","\u002Fwp-content\u002Fplugins\u002Ffeature-status-check\u002Fcss\u002Fsortable-base.min.css",[],[180],"\u002Fwp-content\u002Fplugins\u002Ffeature-status-check\u002Fjs\u002Fsortable.js",[182,183,184,185,186],"feature-status-check\u002Fcss\u002Ffsc.css?ver=","feature-status-check\u002Fcss\u002Fjquery-ui-1.10.4.custom.css?ver=","feature-status-check\u002Fcss\u002Fjquery-ui-tabs.css?ver=","feature-status-check\u002Fcss\u002Fsortable-base.min.css?ver=","feature-status-check\u002Fjs\u002Fsortable.js?ver=",{"cssClasses":188,"htmlComments":192,"htmlAttributes":193,"restEndpoints":195,"jsGlobals":196,"shortcodeOutput":198},[189,190,191],"fsc-wrap","fsc-status-wrap","fsc-plugin-status-container",[],[194],"data-fsc-plugin-status",[],[197],"fsc_pretty_status",[]]