[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fO5DRiOvcCXE-yIUarcFZJdcTGQeLtxhq3j8UNPIaNpk":3,"$flRuw4HjcfYidxRmI-N2Qz04cG027ws_9NUfHEdnzSRw":128,"$fXmj6u93_X4p-wbGcbvJ_ZwaXjvPTrsfN04pZWqYYqVA":133},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":32,"analysis":33,"fingerprints":113},"fm-tools","FattoreMamma Tools","2.1.7","colorinside","https:\u002F\u002Fprofiles.wordpress.org\u002Fcolorinside\u002F","\u003Cp>This plugin is reserved to FattoreMamma Active’s users. This tool monitors blogposts performances, only if included in authorized FattoreMamma’s campaign identified by a campaign code.\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Monitoring FattoreMamma adv blogpost performances\u003C\u002Fli>\n\u003Cli>The plugin is reserved to FattoreMamma Active users, registered with email an blog url.\u003C\u002Fli>\n\u003Cli>The monitoring works with a ID code which is provided in Active after a blogger is involved in a specific campaign. \u003C\u002Fli>\n\u003Cli>Only Active – provided codes can be used, and they will be verified after each post save\u002Fupdate. \u003C\u002Fli>\n\u003Cli>This platform monitors post URLs where the code setting is active (not any other URL).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>We provide support for our plugin on https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffm-tools\u003C\u002Fp>\n","This plugin is reserved to FattoreMamma Active's users. This tool monitors blogposts performances, only if included in authorized FattoreMamma&#0 &hellip;",10,1506,0,"2019-11-06T11:09:00.000Z","5.2.24","4.0.0","",[19],"private-network-tools","https:\u002F\u002Fcolorinside.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffm-tools.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},2,30,84,"2026-07-15T06:14:16.543Z",[],{"attackSurface":34,"codeSignals":87,"taintFlows":103,"riskAssessment":104,"analyzedAt":112},{"hooks":35,"ajaxHandlers":79,"restRoutes":80,"shortcodes":81,"cronEvents":82,"entryPointCount":13,"unprotectedCount":13},[36,42,46,50,54,58,62,66,72,77],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","fm_tools_active_check_action","fm_tools_active_check","fm-tools.php",29,{"type":37,"name":43,"callback":44,"file":40,"line":45},"activated_plugin","activate_fm_tools",38,{"type":37,"name":47,"callback":48,"file":40,"line":49},"init","load_fm_tools_settings",39,{"type":37,"name":51,"callback":52,"file":40,"line":53},"admin_init","load_fm_tools_admin",40,{"type":37,"name":55,"callback":56,"file":40,"line":57},"template_redirect","load_fm_tools_public",41,{"type":37,"name":59,"callback":60,"priority":11,"file":40,"line":61},"upgrader_process_complete","fm_tools_upgrade_completed",42,{"type":37,"name":63,"callback":64,"file":65,"line":45},"publish_post","send_post_list","includes\u002Fclass-fm-tools-admin.php",{"type":67,"name":68,"callback":69,"file":70,"line":71},"filter","the_content","output","includes\u002Fclass-fm-tools-public.php",31,{"type":37,"name":73,"callback":74,"file":75,"line":76},"admin_menu","add_menu_item","includes\u002Fclass-fm-tools-settings.php",28,{"type":37,"name":51,"callback":78,"file":75,"line":41},"settings_init",[],[],[],[83,85],{"hook":38,"callback":38,"file":40,"line":84},57,{"hook":38,"callback":38,"file":40,"line":86},73,{"dangerousFunctions":88,"sqlUsage":89,"outputEscaping":91,"fileOperations":13,"externalRequests":92,"nonceChecks":101,"capabilityChecks":28,"bundledLibraries":102},[],{"prepared":13,"raw":13,"locations":90},[],{"escaped":28,"rawEcho":92,"locations":93},3,[94,97,99],{"file":75,"line":95,"context":96},99,"raw output",{"file":75,"line":98,"context":96},101,{"file":75,"line":100,"context":96},215,1,[],[],{"summary":105,"deductions":106},"The \"fm-tools\" plugin version 2.1.7 presents a generally good security posture, with no known vulnerabilities in its history and a strong adherence to security best practices in its code. The static analysis reveals no dangerous functions, no raw SQL queries, and all SQL queries utilize prepared statements, which is excellent.  Furthermore, the absence of critical or high severity taint flows is reassuring, indicating that data is likely handled safely within the plugin.\n\nHowever, there are a few areas that warrant attention.  The low percentage of properly escaped output (40%) is a concern, as this could potentially lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is directly outputted to the browser without adequate sanitization.  The presence of external HTTP requests also introduces a potential attack vector if not handled securely, though the analysis doesn't provide details on their purpose or validation.\n\nDespite these minor concerns, the overall security picture for \"fm-tools\" v2.1.7 is positive. The lack of historical vulnerabilities and the absence of critical code signals suggest a well-maintained and relatively secure plugin.  The developers have implemented nonce checks and capability checks, which are crucial for securing WordPress components.  The limited attack surface and zero unprotected entry points further contribute to its favorable security rating.",[107,110],{"reason":108,"points":109},"Low output escaping percentage",6,{"reason":111,"points":92},"External HTTP requests without detailed validation","2026-04-16T12:16:08.005Z",{"wat":114,"direct":119},{"assetPaths":115,"generatorPatterns":116,"scriptPaths":117,"versionParams":118},[],[],[],[],{"cssClasses":120,"htmlComments":121,"htmlAttributes":122,"restEndpoints":124,"jsGlobals":125,"shortcodeOutput":126},[],[],[123],"id=\"fm-tools-imprint\"",[],[],[127],"\u003Cdiv id=\"fm-tools-imprint\" style=\"display:none\">\u003Cimg alt=\"\" src=\"\u002F\u002Fm93.it\u002Fpv\u002Fview\u002F[blog_id]\u002F[post_id]\u002F[campaign_code]\u002F[host]\u002F[base64_encoded_permalink]\">\u003C\u002Fdiv>",{"error":129,"url":130,"statusCode":131,"statusMessage":132,"message":132},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ffm-tools\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":101,"versions":134},[135],{"version":136,"download_url":137,"svn_tag_url":138,"released_at":23,"has_diff":139,"diff_files_changed":140,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":141,"is_current":139},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffm-tools.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffm-tools\u002Ftags\u002F1.0\u002F",false,[],[]]