[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7f0btvPkR6BneF1iGRe0oV2ayQBg9ZlTNiYmiS9XaBg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":137,"fingerprints":279},"footer-links-commando","Footer Links Commando","1.0.3","Anthony Hayes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcommando-seo\u002F","\u003Cp>Creates links at the footer of your wordpress site in sections identical to what you can do with the blog roll in sidebar.\u003C\u002Fp>\n\u003Cp>Create as many links with anchor text in each section, you can change color scheme to match your own them and you can create as many sections as you like and edit them easily.\u003C\u002Fp>\n\u003Cp>Also option for choosing follow\u002Fno follow links\u003Cbr \u002F>\nExamples of using this could be creating sections for Press Room, Videos, Highlighting Your Best Content, Using For Outbound Authoprity Links and More.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FraZA0yWTw1g?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Creates links at the footer of your wordpress site in sections identical to what you can do with the blog roll in sidebar.",10,3744,60,2,"2014-12-01T06:41:00.000Z","3.9.40","3.0.1","",[20,21,22],"footer","links","tags","http:\u002F\u002Fanthonyhayes.me\u002Ffooter-traffic-commando","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffooter-links-commando.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"commando-seo",3,30,84,"2026-04-05T17:30:50.678Z",[37,62,80,104,121],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":26,"num_ratings":26,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":26,"last_vuln_date":61,"fetched_at":28},"acknowledgify","Acknowledgify","1.1.4","Made Neat","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadeneat\u002F","\u003Cp>\u003Cstrong>Give credit where it’s due!\u003C\u002Fstrong> Acknowledgify is a lightweight and flexible plugin that allows developers, freelancers, and agencies to showcase their contributions to a website.\u003C\u002Fp>\n\u003Cp>Key features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>humans.txt Generator\u003C\u002Fstrong> – Automatically create a virtual \u003Ccode>humans.txt\u003C\u002Fcode> file to recognize contributors such as developers, designers, and agencies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Meta Tags for Acknowledgment\u003C\u002Fstrong> – Insert author, designer, developer, and publisher meta tags dynamically into the \u003Ccode>\u003Chead>\u003C\u002Fcode> section.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Footer Link\u003C\u002Fstrong> – Add a discreet, styled acknowledgment link in the footer with flexible placement options:\n\u003Cul>\n\u003Cli>\u003Cstrong>Auto-Insert\u003C\u002Fstrong>: Automatically place the link at the bottom of the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode\u003C\u002Fstrong>: Use \u003Ccode>[acknowledgify_madeby_footer]\u003C\u002Fcode> in any post, page, or widget for custom placement.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP Snippet\u003C\u002Fstrong>: Manually insert the acknowledgment via \u003Ccode>\u003C?php if (function_exists('acknowledgify_display_madeby_footer')) { echo acknowledgify_display_madeby_footer(); } ?>\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight & Compatible\u003C\u002Fstrong> – Designed for performance, fully compatible with WordPress 6.0+ and PHP 8.0+.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built to be Translated\u003C\u002Fstrong> – Includes translations and supports further multilingual setups.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export\u002FImport Features\u003C\u002Fstrong> – Simplify plugin setup across multiple websites with seamless export and import functionality.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>With Acknowledgify, you can showcase your work in a non-intrusive way while maintaining flexibility over how and where the acknowledgment appears.\u003C\u002Fp>\n\u003Cp>Translation-Ready & Multilingual Support:\u003Cbr \u002F>\nAcknowledgify is fully \u003Cstrong>translation-ready\u003C\u002Fstrong> and supports multiple languages via WordPress.org’s translation system. Translations will be automatically downloaded based on your site’s language settings.\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Facknowledgify.com\u002F\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Facknowledgify.com\u002F\" rel=\"nofollow ugc\">Suggest Features\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhumanstxt.org\u002F\" rel=\"nofollow ugc\">humans.txt\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For documentation and support, visit:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Facknowledgify.com\" rel=\"nofollow ugc\">https:\u002F\u002Facknowledgify.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>License & Credits\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under \u003Cstrong>GPL-2.0+\u003C\u002Fstrong>.\u003Cbr \u002F>\nInspired by the \u003Cstrong>humans.txt initiative\u003C\u002Fstrong>.\u003C\u002Fp>\n","Acknowledgify lets agencies, freelancers, and developers add credits to WordPress sites via humans.txt, meta tags, and footer links.",100,1214,"2025-09-30T03:45:00.000Z","6.8.5","6.4","8.0",[52,53,54,55,56],"acknowledgments","credits","footer-links","humans-txt","meta-tags","https:\u002F\u002Facknowledgify.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facknowledgify.1.1.4.zip",99,1,"2025-10-16 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":13,"num_ratings":32,"last_updated":72,"tested_up_to":48,"requires_at_least":18,"requires_php":18,"tags":73,"homepage":78,"download_link":79,"security_score":45,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"dynamic-copyright-year","Dynamic Copyright Year","1.5.1","Rob @ 5 Star Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002F5starplugins\u002F","\u003Ch4>REALTIME NEW YEAR’S EVE COPYRIGHT UPDATE\u003C\u002Fh4>\n\u003Cp>Take year updates off your New Year’s list. New from 5 Star Plugins, Dynamic Copyright Year detects the copyright year in a site footer and updates it dynamically based on the visitor’s local timezone. Each visitor will see the year in their timezone.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>free Standard plugin\u003C\u002Fstrong> has everything you need to dynamically update the copyright every New Year. Try the \u003Cstrong>\u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fdynamic-copyright-year\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Premium plugin\u003C\u002Fa>\u003C\u002Fstrong> to add footer policy links and get  priority tech support.\u003C\u002Fp>\n\u003Ch3>EASY SETUP\u003C\u002Fh3>\n\u003Cp>Starts working instantly!\u003Cbr \u002F>\n1. If © YYYY text exists in your footer you are ready to go.\u003Cbr \u002F>\n2. Activate automatic updating under plugin options.\u003Cbr \u002F>\n3. Visit the site to watch the footer change from a past year to the current year.\u003C\u002Fp>\n\u003Cp>No shortcode or coding required. Clean and simple features with a user friendly interface.\u003C\u002Fp>\n\u003Ch3>Dynamic Year Updating\u003C\u002Fh3>\n\u003Cp>Automate your footer with a dynamic copyright year.\u003C\u002Fp>\n\u003Ch3>Local Timezone Precision\u003C\u002Fh3>\n\u003Cp>Roll out New Year’s Eve in realtime. Displays year in visitor’s location.\u003C\u002Fp>\n\u003Ch3>Update Hard-To-Edit Footers\u003C\u002Fh3>\n\u003Cp>Works on hardcoded Themes, a footer socket or footer widget.\u003C\u002Fp>\n\u003Ch3>Footer Policy Links\u003C\u002Fh3>\n\u003Cp>Upgrade to Dynamic Copyright Year Premium to add tiny policy links next to the copyright year. De-clutter your main menu and solve hard-to-edit menus.\u003C\u002Fp>\n\u003Ch4>FROM TRUSTED EXPERTS\u003C\u002Fh4>\n\u003Cp>Dynamic Copyright Year was developed by \u003Ca href=\"https:\u002F\u002F5starplugins.com\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">5 Star Plugins\u003C\u002Fa> in the United States. Our technology goes through rigorous testing for the highest quality code written by \u003Cstrong>WordPress experts\u003C\u002Fstrong>. Standard plugin updates are free to maintain compatibility with the current version of WordPress, security fixes, and user improvements.\u003C\u002Fp>\n\u003Ch4>WORLD CLASS SUPPORT\u003C\u002Fh4>\n\u003Cp>Receive world-class support from our team of experts located in the United States. Whether it’s a question about the plugin or help troubleshooting we respond to every inquiry. Free standard plugin users can get answers in the community forum. Receive priority email support after purchasing Dynamic Copyright Year Premium. Premium support will put you in touch with a developer to get everything working perfectly.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Premium Benefits:\u003Cbr \u002F>\n  * \u003Cstrong>Add Footer Policy Links next to copyright year\u003C\u002Fstrong>\u003Cbr \u002F>\n  * \u003Cstrong>Premium Support\u003C\u002Fstrong>\u003Cbr \u002F>\n  * \u003Cstrong>Premium Updates\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>14-Day Trial: Install the standard plugin then start your trial.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>BUG REPORTS\u003C\u002Fh4>\n\u003Cp>Please do not post security concerns to the forum as it could heighten a real security threat. Login to your site to submit a bug report using “contact us” from our plugin menu. Visit our \u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fget-support\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Support Center\u003C\u002Fa> to learn more about bug reporting and support options.\u003C\u002Fp>\n\u003Ch4>MORE RESOURCES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fdynamic-copyright-year\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Official Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsupport.5starplugins.com\u002Fcollection\u002F238-dynamic-copyright-year\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F5starplugins.com\u002Fget-support\u002F?utm_source=wordpress.org&utm_medium=directory&utm_campaign=dcy-free\" rel=\"nofollow ugc\">Support Center\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Love this plugin?\u003C\u002Fstrong> We’d love your \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdynamic-copyright-year\u002Freviews\u002F?filter=5#new-post\" rel=\"ugc\">review\u003C\u002Fa>.\u003C\u002Fp>\n","Take year updates off your New Year’s list. This plugin dynamically updates copyright year in realtime with local timezone precision. No shortcode.",800,13588,"2025-11-12T05:53:00.000Z",[74,75,54,76,77],"copyright","dynamic","localization","privacy-policy","http:\u002F\u002Fdynamic-copyright-year","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdynamic-copyright-year.1.5.1.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":48,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":101,"download_link":102,"security_score":59,"vuln_count":60,"unpatched_count":26,"last_vuln_date":103,"fetched_at":28},"wp-about-author","WP About Author","1.6.3","Jon Bishop","https:\u002F\u002Fprofiles.wordpress.org\u002Fjonbishop\u002F","\u003Cp>Display beautifully styled author bios below your posts with full control over layout, design, and social links. WP About Author integrates seamlessly with WordPress profiles and works instantly with minimal setup.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Multiple layout styles including left, right, and centered designs\u003C\u002Fli>\n\u003Cli>Border and background options to match your site’s theme\u003C\u002Fli>\n\u003Cli>Custom avatar sizing and optional circular display\u003C\u002Fli>\n\u003Cli>Toggle display on posts, pages, archives, search results, and more\u003C\u002Fli>\n\u003Cli>Choose between text or SVG icon social links for 20+ services\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The plugin also adds additional fields to user profiles for platforms like GitHub, LinkedIn, Threads, TikTok, YouTube, and more making it easy for readers to connect with your authors.\u003C\u002Fp>\n","Easily display customizable author bios below your posts",600,80454,90,17,"2025-05-25T06:37:00.000Z","5.6","7.4",[96,97,98,99,100],"author-bio","author-box","post-footer","social-links","user-profile","https:\u002F\u002Fjonbishop.com\u002Fdownloads\u002Fwordpress-plugins\u002Fwp-about-author\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-about-author.1.6.3.zip","2025-02-24 00:00:00",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":45,"downloaded":112,"rating":26,"num_ratings":26,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":18,"download_link":120,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"enhanced-linking","Enhanced Linking","1.0.5","Zemanta","https:\u002F\u002Fprofiles.wordpress.org\u002Fzemanta\u002F","\u003Cp>Once Enhanced Linking is installed, users will notice two new options: ability to add links from related articles and ability to search the web right from the window. This will let users find relevant fresh content from other bloggers and allow them to find anything on the web in a quick and easy fashion.\u003C\u002Fp>\n\u003Ch3>Terms of Service\u003C\u002Fh3>\n\u003Cp>The plugin source code is released under GPLv2. Usage of plugin is governed by \u003Ca href=\"http:\u002F\u002Fwww.zemanta.com\u002Flegal\u002Fterms-of-service\u002F\" rel=\"nofollow ugc\">Zemanta Terms of Service\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Fwww.zemanta.com\u002Flegal\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Zemanta Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin enhances the Insert\u002FEdit Link dialogue by letting users select and find additional content from their blog and external web.",8613,"2016-08-18T12:21:00.000Z","4.0.38","3.6",[117,118,119,21,22],"articles","images","keywords","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenhanced-linking.1.0.5.zip",{"slug":122,"name":123,"version":6,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":45,"downloaded":128,"rating":45,"num_ratings":60,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":18,"tags":132,"homepage":18,"download_link":136,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"relative-url-for-img-and-a-tags","Relative URL for Img and A Tags","Edesa Cabang","https:\u002F\u002Fprofiles.wordpress.org\u002Fedesac\u002F","\u003Cp>This plugin will remove the root of the domain from links and image sources. This means that it will leave the relative URL on your image and links. This is useful if you are installing your wordpress website on a subfolder which you will move on the main domain.\u003C\u002Fp>\n\u003Cp>You can move your site to a different subdomain, subfolder, parent folder, etc., without having to edit image sources and link URLs.\u003C\u002Fp>\n\u003Cp>So, \u003Cstrong>http:\u002F\u002Fwebdev-tuts.com\u002Fwp-content\u002Fuploads\u002F2016\u002F05\u002Fsvggraph-pie-graph.jpg\u003C\u002Fstrong> would become \u003Cstrong>\u002Fwp-content\u002Fuploads\u002F2016\u002F05\u002Fsvggraph-pie-graph.jpg\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Note: We haven’t tested the plugin on any page builder yet.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>removes the the domain name on links for internal links\u003C\u002Fli>\n\u003Cli>removes domain from on image sources for images located in the server\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin will filter the content of your posts and pages to remove the root of the domain from links and image sources.",4697,"2020-11-22T21:28:00.000Z","5.5.18","4.5.3",[133,134,135],"relative-image-source","relative-links","remove-root-url-from-image-link-tags","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelative-url-for-img-and-a-tags.1.0.3.zip",{"attackSurface":138,"codeSignals":171,"taintFlows":245,"riskAssessment":263,"analyzedAt":278},{"hooks":139,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":26,"unprotectedCount":26},[140,146,149,152,156,161,165],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_menu","activation_menu_b3c4","footer-links-commando.php",20,{"type":141,"name":142,"callback":142,"file":147,"line":148},"oo\\FLC.php",37,{"type":141,"name":150,"callback":20,"file":147,"line":151},"wp_footer",38,{"type":141,"name":153,"callback":153,"file":154,"line":155},"admin_init","oo\\FLCDash.php",293,{"type":141,"name":157,"callback":158,"file":159,"line":160},"add_meta_boxes","add_meta_box","oo\\FLCMetabox.php",8,{"type":141,"name":162,"callback":163,"file":159,"line":164},"publish_page","save",9,{"type":141,"name":166,"callback":163,"file":159,"line":11},"publish_post",[],[],[],[],{"dangerousFunctions":172,"sqlUsage":180,"outputEscaping":183,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":32,"bundledLibraries":244},[173,177],{"fn":174,"file":147,"line":175,"context":176},"unserialize",49,"$data = unserialize(base64_decode(get_option($this->plugin_options)));",{"fn":174,"file":147,"line":178,"context":179},55,"$data = unserialize(base64_decode(get_option( $this->plugin_options )));",{"prepared":181,"raw":26,"locations":182},5,[],{"escaped":26,"rawEcho":184,"locations":185},32,[186,189,192,194,196,197,198,200,203,205,206,208,209,211,213,215,218,220,221,222,223,224,226,228,229,230,233,235,237,239,241,242],{"file":144,"line":187,"context":188},35,"raw output",{"file":190,"line":191,"context":188},"views\\add-link.php",12,{"file":190,"line":193,"context":188},19,{"file":190,"line":195,"context":188},25,{"file":190,"line":151,"context":188},{"file":190,"line":151,"context":188},{"file":199,"line":164,"context":188},"views\\add-section.php",{"file":201,"line":202,"context":188},"views\\edit-link.php",24,{"file":201,"line":204,"context":188},31,{"file":201,"line":148,"context":188},{"file":201,"line":207,"context":188},50,{"file":201,"line":207,"context":188},{"file":210,"line":145,"context":188},"views\\edit-section.php",{"file":210,"line":212,"context":188},27,{"file":210,"line":214,"context":188},33,{"file":216,"line":217,"context":188},"views\\footer.php",18,{"file":216,"line":219,"context":188},23,{"file":216,"line":219,"context":188},{"file":216,"line":219,"context":188},{"file":216,"line":219,"context":188},{"file":216,"line":219,"context":188},{"file":216,"line":225,"context":188},28,{"file":216,"line":227,"context":188},34,{"file":216,"line":227,"context":188},{"file":216,"line":178,"context":188},{"file":231,"line":232,"context":188},"views\\links.php",6,{"file":234,"line":232,"context":188},"views\\metabox.php",{"file":236,"line":232,"context":188},"views\\sections.php",{"file":238,"line":219,"context":188},"views\\settings.php",{"file":238,"line":240,"context":188},29,{"file":238,"line":187,"context":188},{"file":238,"line":243,"context":188},41,[],[246],{"entryPoint":247,"graph":248,"unsanitizedCount":14,"severity":262},"\u003Cadd-link> (views\\add-link.php:0)",{"nodes":249,"edges":259},[250,254],{"id":251,"type":252,"label":253,"file":190,"line":160},"n0","source","$_GET (x2)",{"id":255,"type":256,"label":257,"file":190,"line":193,"wp_function":258},"n1","sink","echo() [XSS]","echo",[260],{"from":251,"to":255,"sanitized":261},false,"low",{"summary":264,"deductions":265},"The 'footer-links-commando' plugin version 1.0.3 presents a mixed security profile. On the positive side, there are no known CVEs, the plugin utilizes prepared statements for all its SQL queries, and it does not perform file operations or external HTTP requests, which are common vectors for vulnerabilities.  The limited attack surface with zero AJAX handlers, REST API routes, shortcodes, or cron events is also a good indicator. However, significant concerns arise from the static analysis. The presence of two 'unserialize' calls without any accompanying nonce or capability checks on the code paths where they are used represents a critical security risk. Furthermore, a concerning 100% of output appears to be unescaped, making it highly susceptible to Cross-Site Scripting (XSS) attacks. The single taint flow identified as having unsanitized paths, even if not classified as critical or high, combined with unescaped output, further exacerbates the XSS risk.  The absence of any vulnerability history is a positive sign, suggesting the plugin has historically been secure or has not been targeted. However, this does not mitigate the direct risks identified in the current code analysis.",[266,269,271,274,276],{"reason":267,"points":268},"Dangerous function 'unserialize' used without checks",15,{"reason":270,"points":11},"100% of output unescaped",{"reason":272,"points":273},"Taint flow with unsanitized paths",7,{"reason":275,"points":181},"No nonce checks",{"reason":277,"points":32},"Limited capability checks for dangerous functions","2026-03-17T01:37:00.405Z",{"wat":280,"direct":287},{"assetPaths":281,"generatorPatterns":283,"scriptPaths":284,"versionParams":285},[282],"\u002Fwp-content\u002Fplugins\u002Ffooter-links-commando\u002Foo\u002FFLC.php",[],[],[286],"footer-links-commando\u002Fstyle.css?ver=1.0.3",{"cssClasses":288,"htmlComments":291,"htmlAttributes":292,"restEndpoints":293,"jsGlobals":294,"shortcodeOutput":295},[289,290],"af-form-fb-1981928789","af-form-1981928789",[],[],[],[],[]]