[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSyV00Vvd6-grizvxSnfvltsiPIdgRodn-hNjqBvNPU0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":52,"analysis":158,"fingerprints":1103},"formidablepro-2-pdf","Formidable PRO2PDF","3.23","alexandre67fr","https:\u002F\u002Fprofiles.wordpress.org\u002Falexandre67fr\u002F","\u003Cp>Formidable Form add-on plugin to map Formidable Form fields to PDF form fields. Then – with one simple shortcode – display a download link or button on any post, page, form, or view to the filled-in PDF document on your web user’s PC or mobile device.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Ch4>FREE VERSION\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Create Webform to PDF form Field Maps\u003C\u002Fli>\n\u003Cli>Shortcode to Fill and Download PDFs\u003C\u002Fli>\n\u003Cli>Import\u002FExport Pre-Made Templates\u003C\u002Fli>\n\u003Cli>Includes Complete Working Demo\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fformidablepro2pdf.com\u002Ftemplates\" rel=\"nofollow ugc\">Free Templates\u003C\u002Fa> on Plugin Site\u003C\u002Fli>\n\u003Cli>Automatic Downloads\u003C\u002Fli>\n\u003Cli>Flatten PDF Form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CONTRIBUTE VERSION\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Email PDF as Attachment\u003C\u002Fli>\n\u003Cli>Map Two Datasets to One PDF\u003C\u002Fli>\n\u003Cli>Password Protect PDF File\u003C\u002Fli>\n\u003Cli>Format PDF Fields\u003C\u002Fli>\n\u003Cli>Export to .docx file\u003C\u002Fli>\n\u003Cli>Works with all Formidable Field Types\u003C\u002Fli>\n\u003Cli>Works with Formidable Signature Addon\u003C\u002Fli>\n\u003Cli>Works with Formidable Repeatable Sections\u003C\u002Fli>\n\u003Cli>Works with Formidable Embedded Forms\u003C\u002Fli>\n\u003Cli>Unlimited Forms\u002FSites Available\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit the \u003Ca href=\"http:\u002F\u002Fwww.formidablepro2pdf.com\u002F\" rel=\"nofollow ugc\">Formidable PRO2PDF website\u003C\u002Fa> to compare versions, review documentation, and for support.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FzOA-rGyv-js?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Map web forms to PDF forms then with one simple shortcode - display a link on any post,  page, form, or view the merged PDF on a PC or mobile device.",1000,96180,94,16,"2025-09-08T17:42:00.000Z","6.8.5","3.0.1","",[20,21,22,23,24],"fpro2pdf","generation","pdf","pdftk","pro2pdf","http:\u002F\u002Fwww.formidablepro2pdf.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fformidablepro-2-pdf.3.23.zip",99,1,0,"2022-12-23 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2023-28663","formidable-pro2pdf-authenticated-admin-sql-injection","Formidable PRO2PDF \u003C= 3.09 - Authenticated (Admin+) SQL Injection","The Formidable PRO2PDF plugin for WordPress is vulnerable to SQL Injection via several parameters in versions up to, and including, 3.09 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers with administrative privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=3.09","3.10","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F63f6ca11-abfb-4f87-a9f7-0321f1de9abe?source=api-prod",396,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":48,"trust_score":50,"computed_at":51},78,"2026-04-04T21:13:40.765Z",[53,72,93,114,136],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":29,"num_ratings":29,"last_updated":63,"tested_up_to":64,"requires_at_least":17,"requires_php":18,"tags":65,"homepage":69,"download_link":70,"security_score":71,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"simple-pdf-bar","Simple PDF bar","1.0.2","andreasbutze","https:\u002F\u002Fprofiles.wordpress.org\u002Fandreasbutze\u002F","\u003Cp>Adds a lead generation bar to the top or bottom of your pdf documents by creating a new post type suited for this purpose. Include text and buttons specific to each individual PDF-document in order to guide traffic from your PDF files.\u003C\u002Fp>\n\u003Cp>To display PDF files in the browser, the user must of course have a PDF reader installed (e.g. Adobe Reader). Mobile users will load PDFs in their native PDF readers by default.\u003C\u002Fp>\n\u003Cp>This plugin is sponsored by \u003Ca href=\"http:\u002F\u002Fadapt.dk\u002F\" rel=\"nofollow ugc\">Adapt A\u002FS\u003C\u002Fa>\u003C\u002Fp>\n","Adds a lead generation bar to the top or bottom of your pdf documents",10,2107,"2015-06-08T15:08:00.000Z","4.2.39",[66,21,67,68,22],"bar","lead","lightweight","http:\u002F\u002Fadapt.dk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-pdf-bar.zip",85,{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":29,"downloaded":80,"rating":29,"num_ratings":29,"last_updated":18,"tested_up_to":81,"requires_at_least":82,"requires_php":83,"tags":84,"homepage":89,"download_link":90,"security_score":91,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":92},"document-download-manager","Document Download Manager","1.2.1","Gunjan Jaswal","https:\u002F\u002Fprofiles.wordpress.org\u002Fgunjanjaswal\u002F","\u003Cp>Document Download Manager is a powerful yet simple plugin that helps you manage your downloadable documents (Excel and PDF files) while collecting user information before allowing downloads.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multiple Document Types\u003C\u002Fstrong> – Support for Excel (.xlsx, .xls, .csv) and PDF (.pdf) files\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lead Generation\u003C\u002Fstrong> – Collect user information before allowing downloads\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Support\u003C\u002Fstrong> – Easy integration with shortcodes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Design\u003C\u002Fstrong> – Works on all devices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Compliant\u003C\u002Fstrong> – Clear consent for data collection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pro Version Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Mailchimp Integration\u003C\u002Fstrong> – Seamlessly connect with Mailchimp email marketing service\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic List Building\u003C\u002Fstrong> – Automatically add document downloaders to your email lists\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-Click Sync\u003C\u002Fstrong> – Sync existing download records to your Mailchimp list with one click\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Button Color Customization\u003C\u002Fstrong> – Change download button colors to match your brand\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Button Text\u003C\u002Fstrong> – Personalize button text for different documents\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modal Title Customization\u003C\u002Fstrong> – Customize the popup form title text\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Delete Records\u003C\u002Fstrong> – Ability to delete individual download records for GDPR compliance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export CSV\u003C\u002Fstrong> – Export all download records to CSV file for analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Support\u003C\u002Fstrong> – Priority support from our team\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcheckout.freemius.com\u002Fplugin\u002F19168\u002Fplan\u002F31773\u002F\" rel=\"nofollow ugc\">Upgrade to Pro\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fgunjanjaswal\" rel=\"nofollow ugc\">Buy Me a Coffee\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload your Excel or PDF documents\u003C\u002Fli>\n\u003Cli>Add the shortcode to any page or post\u003C\u002Fli>\n\u003Cli>When users click the download button, they’ll see a popup form\u003C\u002Fli>\n\u003Cli>After submitting their information, they’ll get access to the document\u003C\u002Fli>\n\u003Cli>All download information is stored in your WordPress database\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Shortcode Usage\u003C\u002Fh3>\n\u003Cp>Use the shortcode \u003Ccode>[docdownman_document_download]\u003C\u002Fcode> to display a download button for your documents.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Basic Usage:\u003C\u002Fstrong>\u003Cbr \u002F>\n    [docdownman_document_download id=”document-1″]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom Button Text:\u003C\u002Fstrong>\u003Cbr \u002F>\n    [docdownman_document_download id=”your-document-id” text=”Get Your Free Copy”]\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin collects user information (name, email, phone) when they request to download a document. This information is stored in your WordPress database and is not shared with any third parties. The plugin includes a consent checkbox to ensure GDPR compliance.\u003C\u002Fp>\n","Manage Excel and PDF document downloads with user information collection via popup form.",380,"6.9.4","5.0","7.4",[85,86,87,88,22],"document","download","form","lead-generation","https:\u002F\u002Fgithub.com\u002Fgunjanjaswal\u002FDocument-Download-Manager-Free","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdocument-download-manager.1.2.1.zip",100,"2026-03-15T10:48:56.248Z",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":91,"num_ratings":103,"last_updated":104,"tested_up_to":81,"requires_at_least":105,"requires_php":106,"tags":107,"homepage":112,"download_link":113,"security_score":91,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"hostinger-reach","Hostinger Reach – AI-Powered Email Marketing for WordPress","1.4.0","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Reach is your all-in-one email marketing plugin, built for creators, small businesses, and website owners. It helps you grow your audience and stay connected through eye-catching, on-brand emails powered by AI and seamlessly integrated with your site.\u003C\u002Fp>\n\u003Ch4>🚀 Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>AI-powered email templates:\u003C\u002Fstrong> Describe your idea and let AI generate a ready-to-send email for you in seconds. Effortlessly tailor your templates and content to your brand look and voice.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Subscriber collection:\u003C\u002Fstrong> Create subscriber capture forms or connect popular plugins like Contact Form 7 or WPForms to start collecting contacts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic contact sync:\u003C\u002Fstrong> Reach syncs all subscribers to your dashboard in real time – no manual exports or spreadsheets needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email sending:\u003C\u002Fstrong> Use your domain and custom sender address for professional, trusted communication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email campaigns:\u003C\u002Fstrong> Launch targeted email campaigns to engage your audience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time analytics:\u003C\u002Fstrong> Monitor opens, clicks, and other key metrics as they happen to fine-tune performance with every send.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built-in deliverability:\u003C\u002Fstrong> Count on Hostinger’s proven infrastructure to ensure your emails land in inboxes, not spam folders.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔌 Seamless Integration\u003C\u002Fh4>\n\u003Cp>Reach lets you create forms directly within the native WordPress Block Editor – no extra plugins required.\u003C\u002Fp>\n\u003Cp>Reach is also fully compatible with these popular form builders and plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WPForms\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contact Form 7\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WS Form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sure Forms\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ninja Forms\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Forminator\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thrive Leads\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OptinMonster\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brave Popup Builder\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>More integrations are coming soon.\u003C\u002Fp>\n\u003Ch4>📬 Deliverability & Compliance: Handled for You\u003C\u002Fh4>\n\u003Cp>Reach takes care of the technical setup, ensuring your emails land in inboxes, not spam folders.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic SPF, DKIM, & DMARC setup\u003C\u002Fstrong> – Reach configures industry-standard email authentication protocols for you, so you don’t have to worry about deliverability issues.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Trusted infrastructure\u003C\u002Fstrong> – Reach sends your campaigns through reliable, high-reputation servers to keep your emails landing in inboxes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>100% compliant templates\u003C\u002Fstrong> – Our AI generates templates that fully comply with CAN-SPAM and GDPR, including sender information and unsubscribe options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-managed unsubscribes\u003C\u002Fstrong> – Every email includes an unsubscribe link that Reach handles automatically. When contacts unsubscribe, Reach removes them from future campaigns without any effort from you.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>💸 Plans & Pricing: Start Free, Grow Without Limits\u003C\u002Fh4>\n\u003Cp>Reach supports creators and businesses at every stage. Start for free, scale as your audience grows, and pay only when you need to.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reach offers a free plan for one year – perfect for getting started.\u003C\u002Fli>\n\u003Cli>Paid plans provide higher sending limits based on your contact list size and monthly email volume.\u003C\u002Fli>\n\u003Cli>Every paid plan removes the Reach logo from your emails and includes five free AI-generated messages each month.\u003C\u002Fli>\n\u003Cli>New customers get 20 free AI messages and can purchase more anytime – no subscriptions or bundles required.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🆓 What’s Included in the Free Plan?\u003C\u002Fh4>\n\u003Cp>Start your email marketing journey with our feature-rich free plan designed for beginners and small audiences:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email up to 100 unique subscribers\u002Fmonth\u003C\u002Fstrong> – Perfect for building your first list or staying in touch with your early subscribers. Your unique recipients limit resets on the 1st of every month.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Send up to 200 emails\u002Fmonth\u003C\u002Fstrong> – Enough to reach your audience and learn what works best. Your total email limit resets on the 1st of every month.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI content editor & visual builder\u003C\u002Fstrong> – Easily customize your emails’ content, images, and branding.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited contact storage\u003C\u002Fstrong> – Reach does not limit your contact list, so you can consistently grow your audience without worrying about lost data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress contact sync\u003C\u002Fstrong> – Seamlessly import subscribers from your site to your Reach mailing list.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>24\u002F7 customer support\u003C\u002Fstrong> – Get help anytime, even on the free plan.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Our free plan gives you everything you need to launch your first campaign, grow your audience, and see real results – no credit card required.\u003C\u002Fp>\n\u003Ch4>💡 Why Reach?\u003C\u002Fh4>\n\u003Cp>With over 20 years of experience helping people succeed online, Hostinger created Reach to make professional email marketing simple, fast, and effective – especially for beginners.\u003C\u002Fp>\n\u003Ch4>External services\u003C\u002Fh4>\n\u003Cp>This plugin connects to Hostinger Reach API service to collect and share the next information:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Collect your Reach account overview stats and show them in the wp-admin dashboard\u003C\u002Fli>\n\u003Cli>Automatically sync new subscribers from your site to Reach\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Authentication with Hostinger Reach to share ecrypted keys, secure, and protect the communication channel\u003C\u002Fp>\n\u003Cp>Hostinger Reach plugin goal is to offer a seamless integration within Hostinger Reach service. Hence, a communication\u003Cbr \u002F>\nbetween the plugin and Hostinger Reach service is a core functionality.\u003C\u002Fp>\n\u003Cp>For more information about Hostinger Reach and our terms and conditions visit:\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.hostinger.com\u002Femail-marketing\" rel=\"nofollow ugc\">Hostinger Reach\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.hostinger.com\u002Flegal\u002Funiversal-terms-of-service-agreement\" rel=\"nofollow ugc\">Hostinger Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compiled code\u003C\u002Fh4>\n\u003Cp>In order to optimize the plugin and reduce the size of the bundle we minify and compile our JavaScript files.\u003C\u002Fp>\n\u003Cp>For transparency and following the community guidelines you can find the source code inside the \u003Ccode>frontend\u003C\u002Fcode> folder.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>frontend\u002Fvue\u003C\u002Fcode>: Code for the Admin UI\u003C\u002Fli>\n\u003Cli>\u003Ccode>frontend\u002Fblocks\u003C\u002Fcode>: Code for Reach block\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>dist\u003C\u002Fcode>: compiled code\u003C\u002Fp>\n\u003Cp>We include also \u003Ccode>composer.json\u003C\u002Fcode> and \u003Ccode>package.json\u003C\u002Fcode> file showing the dependencies we use in the project.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.",1000000,232704,2,"2026-03-10T08:48:00.000Z","6.0","8.1",[108,88,109,110,111],"email-marketing","marketing","newsletter","subscription","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger-reach.1.4.0.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":13,"num_ratings":124,"last_updated":125,"tested_up_to":81,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":133,"download_link":134,"security_score":91,"vuln_count":28,"unpatched_count":29,"last_vuln_date":135,"fetched_at":31},"pdf-embedder","PDF Embedder","4.9.3","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Upload PDF files and embed them directly into your site’s posts and pages. It works as simple as adding images! Your PDF files will be automatically sized to their natural size and shape. You can also specify a width and the correct height will be calculated automatically. Our PDF Embedder plugin is fully responsive, so the embedded PDF will also look perfect, on any device. Additionally, the pdf embedder will automatically resize whenever the browser dimensions change.\u003C\u002Fp>\n\u003Cp>The plugin has a unique method for embedding PDF files with the immense flexibility over the appearance of your document.\u003C\u002Fp>\n\u003Cp>The PDF viewer has Next and Previous buttons to navigate the document, and zoom buttons if some areas of a PDF file are too small for your screen.\u003C\u002Fp>\n\u003Cp>Your PDF files are embedded within your existing WordPress pages so we have full control over appearance, and all Javascript and other files are served by your own server (not by Google or any other third-party who may not be able to guarantee their own reliability). This means your PDF files will load fast, without any speed penalty.\u003C\u002Fp>\n\u003Cp>Other PDF embedder plugins insert the PDF into an ‘iframe’ which means they do not get the flexibility over sizing. Ours does not and that is an incredible benefit to the overall viewing experience across all devices.\u003C\u002Fp>\n\u003Cp>In the free plugin, there is no button for users to download the PDF, but download options are available in the Premium versions along with other awesome features.\u003C\u002Fp>\n\u003Cp>Another Premium feature are Hyperlinks in your PDF being clickable. Links in the free plugin cannot be clicked.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>Once installed and Activated, click Add Media from any page or post, just like adding an image, but drag and drop a PDF file instead.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>In the Classic Editor when you insert into your post, it will appear in the editor as a ‘shortcode’ as follows:\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[pdf-embedder url=\"https:\u002F\u002Fexample.com\u002Fwp-content\u002Fuploads\u002F2024\u002F01\u002FPlan-Summary.pdf\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>You can change the default appearance – e.g. width, and toolbar position\u002Fappearance through \u003Cstrong>Settings -> PDF Embedder\u003C\u002Fstrong> and also shortcode or block attributes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>To override your site-wide defaults on an individual embed, see the \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Ffree-instructions\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Plugin Instructions\u003C\u002Fa> for information about sizing options plus other ways to customize the shortcodes.\u003C\u002Fp>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cp>Features available in the PDF Embedder Premium versions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Download button in the toolbar\u003C\u002Fli>\n\u003Cli>Continuous scroll between pages\u003C\u002Fli>\n\u003Cli>Hyperlinks are fully functional\u003C\u002Fli>\n\u003Cli>Full screen mode\u003C\u002Fli>\n\u003Cli>Edit page number to jump straight to page\u003C\u002Fli>\n\u003Cli>Track number of downloads and views\u003C\u002Fli>\n\u003Cli>Mobile-friendly\u003C\u002Fli>\n\u003Cli>Secure option – difficult to download original PDF\u003C\u002Fli>\n\u003Cli>Removes wp-pdf.com branding\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>See \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u003C\u002Fa> for details!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Mobile-friendly embedding using PDF Embedder Premium\u003C\u002Fh4>\n\u003Cp>The free version will work on most mobile browsers, but cannot position the document entirely within the screen.\u003C\u002Fp>\n\u003Cp>Our \u003Cstrong>PDF Embedder Premium\u003C\u002Fstrong> plugin solves this problem with an intelligent ‘full screen’ mode.\u003C\u002Fp>\n\u003Cp>When the document is smaller than a certain width, the document displays only as a ‘thumbnail’ with a large ‘View in Full Screen’ button for the user to click when they want to study your document.\u003C\u002Fp>\n\u003Cp>This opens up the document so it has the full focus of the mobile browser, and the user can move about the document without hitting other parts of the web page by mistake. Viewers can then Click Exit to return to the regular page.\u003C\u002Fp>\n\u003Cp>The user can also swipe continuously between all pages of the PDF which is more natural than clicking the navigation buttons to navigate.\u003C\u002Fp>\n\u003Cp>See our site \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Fpremium\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u003C\u002Fa> for more details and purchase options.\u003C\u002Fp>\n\u003Ch4>Protect your PDFs with our premium document embedder version\u003C\u002Fh4>\n\u003Cp>Our \u003Cstrong>PDF Embedder Premium\u003C\u002Fstrong> plugin on its Pro plan provides the same simple but elegant viewer as the Basic version, with the added protection that it is difficult for users to download or print the original PDF document.\u003C\u002Fp>\n\u003Cp>This means that your PDF is unlikely to be shared outside your site where you have no control over who views, prints, or shares it.\u003C\u002Fp>\n\u003Cp>Optionally, add a watermark containing any text, including the logged in user’s name or email address to discourage sharing of screenshots.\u003C\u002Fp>\n\u003Cp>See our site \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Fsecure\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u003C\u002Fa> for more details and purchase options.\u003C\u002Fp>\n\u003Ch4>PDF Thumbnails\u003C\u002Fh4>\n\u003Cp>Our \u003Cstrong>PDF Thumbnails\u003C\u002Fstrong> plugin automatically generates fixed image versions of all PDF files in your Media Library, to use on your site as you wish.\u003C\u002Fp>\n\u003Cp>You can use them as featured images in posts containing an embedded version of the PDF, or as a visual clickable link to download the PDF directly.\u003Cbr \u002F>\nIt also displays the thumbnail as the “icon” for the PDF in the Media Library, making it easy for authors to locate the PDFs they need to insert in a post.\u003C\u002Fp>\n\u003Cp>See our site \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Fthumbnails\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u002Fthumbnails\u002F\u003C\u002Fa> for more details and purchase options.\u003C\u002Fp>\n\u003Cp>With thanks to the Mozilla team for developing the underlying \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmozilla\u002Fpdf.js\" rel=\"nofollow ugc\">pdf.js\u003C\u002Fa> technology used by this PDF documents viewer plugin.\u003C\u002Fp>\n","Seamlessly embed PDFs into your content, with customizations and intelligent responsive resizing, and no third-party services or iframes.",300000,4997233,477,"2025-12-30T11:09:00.000Z","6.1","7.2",[129,130,22,131,132],"block","embed-pdf","pdf-document","pdf-viewer","https:\u002F\u002Fwp-pdf.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-embedder.4.9.3.zip","2024-03-18 00:00:00",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":122,"downloaded":144,"rating":91,"num_ratings":145,"last_updated":146,"tested_up_to":81,"requires_at_least":147,"requires_php":83,"tags":148,"homepage":153,"download_link":154,"security_score":155,"vuln_count":156,"unpatched_count":29,"last_vuln_date":157,"fetched_at":31},"woocommerce-pdf-invoices-packing-slips","PDF Invoices & Packing Slips for WooCommerce","5.8.2","WP Overnight","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpovernight\u002F","\u003Cp>This WooCommerce extension automatically adds a PDF or XML invoice (e-invoicing) to the order confirmation emails sent out to your customers. Includes a basic template (additional templates are available from \u003Ca href=\"https:\u002F\u002Fwpovernight.com\u002Fdownloads\u002Fwoocommerce-pdf-invoices-packing-slips-bundle\u002F\" rel=\"nofollow ugc\">WP Overnight\u003C\u002Fa>) as well as the possibility to modify\u002Fcreate your own templates. In addition, you can choose to download or print invoices and packing slips from the WooCommerce order admin.\u003C\u002Fp>\n\u003Ch4>Main features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically attach invoice PDF or XML to WooCommerce emails of your choice\u003C\u002Fli>\n\u003Cli>Download the PDF or XML Invoice \u002F PDF Packing Slip from the order admin page\u003C\u002Fli>\n\u003Cli>Choose from a range of e‑document formats: UBL 2.1, Peppol BIS 3.0, CII D16B, Factur‑X 1.0, ZUGFeRD 1.0, and ZUGFeRD 2.0.\u003C\u002Fli>\n\u003Cli>Generate PDF invoices \u002F packing slips in bulk\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully customizable\u003C\u002Fstrong> HTML\u002FCSS invoice templates\u003C\u002Fli>\n\u003Cli>Download invoices from the My Account page\u003C\u002Fli>\n\u003Cli>Sequential invoice numbers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Available in:\u003C\u002Fstrong> Czech, Dutch, English, Finnish, French, German, Hungarian, Italian, Japanese (see FAQ for adding custom fonts!), Norwegian, Portuguese, Polish, Romanian, Russian, Slovak, Slovenian, Spanish, Swedish & Ukrainian\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free extensions\u003C\u002Fh4>\n\u003Cp>The following free extensions are available to add additional features to the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpovernight\u002Fwoocommerce-pdf-ips-mpdf\" rel=\"nofollow ugc\">PDF Invoices & Packing Slips for WooCommerce – mPDF\u003C\u002Fa>\u003C\u002Fstrong>: Adds support for RTL layout and Arabic script.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpovernight\u002Fwoocommerce-pdf-ips-mpdf-cjk\" rel=\"nofollow ugc\">PDF Invoices & Packing Slips for WooCommerce – mPDF CJK\u003C\u002Fa>\u003C\u002Fstrong>: Provides support for Chinese, Japanese, and Korean (CJK) fonts for the mPDF extension.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpovernight\u002Fwoocommerce-pdf-ips-unicode\" rel=\"nofollow ugc\">PDF Invoices & Packing Slips for WooCommerce – Unicode Language Pack\u003C\u002Fa>\u003C\u002Fstrong>: Adds support for Chinese, Japanese, and Korean scripts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpovernight\u002Fwcpdf-taxes-summary\" rel=\"nofollow ugc\">PDF Invoices & Packing Slips for WooCommerce – Taxes Summary\u003C\u002Fa>\u003C\u002Fstrong>: Adds a taxes summary table after the order details.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium extensions\u003C\u002Fh4>\n\u003Cp>In addition to this, we offer several premium extensions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create\u002Femail PDF Proforma Invoices, Credit Notes (for Refunds), email Packing Slips, automatic upload to Dropbox, Google Drive & more with \u003Ca href=\"https:\u002F\u002Fwpovernight.com\u002Fdownloads\u002Fwoocommerce-pdf-invoices-packing-slips-professional\u002F\" rel=\"nofollow ugc\">PDF Invoices & Packing Slips for WooCommerce Professional\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Get the complete feature set, including \u003Cstrong>Professional\u003C\u002Fstrong>, \u003Cstrong>Premium Templates\u003C\u002Fstrong>, and additional features with the \u003Ca href=\"https:\u002F\u002Fwpovernight.com\u002Fdownloads\u002Fwoocommerce-pdf-invoices-packing-slips-bundle\u002F\" rel=\"nofollow ugc\">WooCommerce PDF Invoices & Packing Slips Plus Bundle\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Add Peppol network delivery for WooCommerce invoices and credit notes right inside your invoicing workflow. \u003Ca href=\"https:\u002F\u002Fwpovernight.com\u002Fdownloads\u002Fwoocommerce-edocuments-peppol\u002F\" rel=\"nofollow ugc\">eDocuments for WooCommerce: Peppol\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Automatically send new orders or packing slips to your printer as soon as the customer orders! \u003Ca href=\"https:\u002F\u002Fwpovernight.com\u002Fdownloads\u002Fwoocommerce-automatic-order-printing-printnode\u002F\" rel=\"nofollow ugc\">WooCommerce Automatic Order Printing (PrintNode)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Enable EU VAT number collection, automatic validation and reverse-charge logic right in your WooCommerce store. \u003Ca href=\"https:\u002F\u002Fwpovernight.com\u002Fdownloads\u002Fwoocommerce-eu-vat-compliance\u002F\" rel=\"nofollow ugc\">WooCommerce European (EU\u002FUK\u002FNorway\u002FSwitzerland) VAT Compliance\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Fully customizable\u003C\u002Fh4>\n\u003Cp>In addition to a number of default settings (including a custom header\u002Flogo) and several layout fields that you can use out of the box, the plugin contains HTML\u002FCSS-based templates that allow for customization & full control over the PDF output. Copy the templates to your theme folder and you don’t have to worry that your customizations will be overwritten when you update the plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Insert customer header image\u002Flogo\u003C\u002Fli>\n\u003Cli>Modify shop data \u002F footer \u002F disclaimer etc. on the invoices & packing slips\u003C\u002Fli>\n\u003Cli>Select paper size (Letter or A4)\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003C\u002Ful>\n","Create, print & automatically email PDF or XML Invoices & PDF Packing Slips for WooCommerce orders.",21452882,1842,"2026-03-03T09:43:00.000Z","4.4",[149,150,22,151,152],"invoices","packing-slips","ubl","woocommerce","https:\u002F\u002Fwpovernight.com\u002Fdownloads\u002Fwoocommerce-pdf-invoices-packing-slips-bundle\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoocommerce-pdf-invoices-packing-slips.5.8.2.zip",88,12,"2026-02-17 17:18:34",{"attackSurface":159,"codeSignals":295,"taintFlows":612,"riskAssessment":1090,"analyzedAt":1102},{"hooks":160,"ajaxHandlers":236,"restRoutes":275,"shortcodes":276,"cronEvents":293,"entryPointCount":294,"unprotectedCount":29},[161,167,173,177,182,186,190,195,198,202,206,211,215,220,224,229,233],{"type":162,"name":163,"callback":164,"priority":61,"file":165,"line":166},"filter","frm_match_xml_form","fpropdf_frm_match_xml_form","backups.php",46,{"type":168,"name":169,"callback":170,"file":171,"line":172},"action","admin_enqueue_scripts","formidable_shortcode_wp_admin_style","formidable-shortcode.php",28,{"type":168,"name":174,"callback":175,"file":171,"line":176},"wp_enqueue_scripts","formidable_shortcode_name_scripts",36,{"type":168,"name":178,"callback":179,"file":180,"line":181},"admin_head","fpropdf_admin_head","fpropdf.php",163,{"type":168,"name":183,"callback":184,"file":180,"line":185},"init","fpropdf_set_charset",237,{"type":162,"name":187,"callback":188,"priority":61,"file":180,"line":189},"pre_set_site_transient_update_plugins","fpropdf_pre_update",276,{"type":168,"name":191,"callback":192,"priority":193,"file":180,"line":194},"install_plugins_pre_plugin-information","fpropdf_changelog",9,310,{"type":162,"name":196,"callback":196,"file":180,"line":197},"fpropdf_wpfx_extract_fields",842,{"type":168,"name":199,"callback":200,"file":180,"line":201},"admin_init","wpfx_init",2600,{"type":168,"name":203,"callback":204,"file":180,"line":205},"admin_menu","wpfx_menu",2603,{"type":168,"name":207,"callback":208,"priority":209,"file":180,"line":210},"frm_after_create_entry","cache_entry",20,2656,{"type":162,"name":212,"callback":213,"priority":61,"file":180,"line":214},"frm_notification_attachment","fpropdf_add_my_attachment",2707,{"type":162,"name":216,"callback":217,"priority":218,"file":180,"line":219},"frm_importing_xml","importing_fields_meta_fix",5,2798,{"type":168,"name":221,"callback":222,"priority":61,"file":180,"line":223},"frm_notification","fpropdf_remove_my_attachment",2840,{"type":168,"name":207,"callback":225,"priority":226,"file":227,"line":228},"fpropdf2_frm_after_create_entry",30,"settings.php",27,{"type":162,"name":230,"callback":231,"file":227,"line":232},"frm_pre_create_entry","fpropdf2_frm_pre_create_entry",41,{"type":168,"name":199,"callback":234,"file":227,"line":235},"register_fpropdf_settings",45,[237,243,247,251,255,259,263,265,268,270],{"action":238,"nopriv":239,"callback":240,"hasNonce":241,"hasCapCheck":239,"file":180,"line":242},"wpfx_get_dataset",false,"wpfx_getdataset",true,2606,{"action":244,"nopriv":239,"callback":245,"hasNonce":241,"hasCapCheck":239,"file":180,"line":246},"wpfx_get_layout","wpfx_peeklayout",2607,{"action":248,"nopriv":239,"callback":249,"hasNonce":241,"hasCapCheck":239,"file":180,"line":250},"wpfx_del_layout","wpfx_killlayout",2608,{"action":252,"nopriv":239,"callback":253,"hasNonce":241,"hasCapCheck":239,"file":180,"line":254},"wpfx_dup_layout","wpfx_duplayout",2609,{"action":256,"nopriv":239,"callback":257,"hasNonce":241,"hasCapCheck":239,"file":180,"line":258},"fpropdf_remove_pdf","wpfx_fpropdf_remove_pdf",2610,{"action":260,"nopriv":239,"callback":261,"hasNonce":239,"hasCapCheck":241,"file":180,"line":262},"wpfx_generate","wpfx_generate_pdf",2613,{"action":260,"nopriv":241,"callback":261,"hasNonce":239,"hasCapCheck":241,"file":180,"line":264},2614,{"action":266,"nopriv":239,"callback":266,"hasNonce":241,"hasCapCheck":239,"file":180,"line":267},"wpfx_preview_pdf",2638,{"action":266,"nopriv":241,"callback":266,"hasNonce":241,"hasCapCheck":239,"file":180,"line":269},2639,{"action":271,"nopriv":239,"callback":272,"hasNonce":241,"hasCapCheck":239,"file":273,"line":274},"fpropdf_export_file","fpropdf_generate_export_file","templates.php",26,[],[277,281,285,289],{"tag":278,"callback":279,"file":171,"line":280},"formidable-download","formidable_shortcode_download",132,{"tag":282,"callback":283,"file":171,"line":284},"formidable-download-in-list","formidable_shortcode_download_in_list",142,{"tag":286,"callback":287,"file":171,"line":288},"formidable-pdf-key","formidable_secret_key",149,{"tag":290,"callback":291,"file":171,"line":292},"fpro2pdf-date","fpro2pdf_date",158,[],14,{"dangerousFunctions":296,"sqlUsage":427,"outputEscaping":536,"fileOperations":609,"externalRequests":294,"nonceChecks":610,"capabilityChecks":28,"bundledLibraries":611},[297,301,304,307,312,315,318,322,324,327,330,332,335,337,339,341,344,346,348,350,352,354,356,358,361,364,367,370,373,376,379,382,385,388,391,394,397,399,402,405,409,412,415,418,421,424],{"fn":298,"file":165,"line":299,"context":300},"unserialize",179,"$data = @unserialize($data);",{"fn":298,"file":165,"line":302,"context":303},180,"$formats = @unserialize($formats);",{"fn":298,"file":165,"line":305,"context":306},398,"\u003Ctd>\u003C?php echo @count(@unserialize($file['data']['data']['data'])); ?>\u003C\u002Ftd>",{"fn":308,"file":309,"line":310,"context":311},"shell_exec","debug.php",66,"$debug[] = function_exists('shell_exec') && is_callable('shell_exec') ? str_replace(array(\"\\n\", \"\\r\"",{"fn":308,"file":309,"line":313,"context":314},68,"$debug[] = 'PDFTK: ' . fpropdf_print(function_exists('shell_exec') && is_callable('shell_exec') && s",{"fn":308,"file":309,"line":316,"context":317},69,"$debug[] = 'ImageMagick: ' . fpropdf_print(function_exists('shell_exec') && is_callable('shell_exec'",{"fn":298,"file":319,"line":320,"context":321},"format.php",156,"$field_options = @unserialize($row2['field_options']);",{"fn":298,"file":319,"line":292,"context":323},"$_tmp = @unserialize($v);",{"fn":298,"file":319,"line":325,"context":326},305,"$opts = @unserialize($row2['options']);",{"fn":298,"file":319,"line":328,"context":329},346,"$v = @unserialize($v);",{"fn":298,"file":319,"line":331,"context":329},419,{"fn":298,"file":319,"line":333,"context":334},446,"$_tmp = @unserialize($val_label);",{"fn":298,"file":319,"line":336,"context":326},460,{"fn":298,"file":319,"line":338,"context":334},464,{"fn":298,"file":319,"line":340,"context":326},471,{"fn":298,"file":319,"line":342,"context":343},472,"$_tmp = @unserialize($val);",{"fn":298,"file":319,"line":345,"context":343},498,{"fn":298,"file":319,"line":347,"context":343},504,{"fn":298,"file":319,"line":349,"context":321},511,{"fn":298,"file":319,"line":351,"context":343},513,{"fn":298,"file":319,"line":353,"context":343},532,{"fn":298,"file":319,"line":355,"context":329},712,{"fn":298,"file":319,"line":357,"context":329},744,{"fn":298,"file":180,"line":359,"context":360},586,"$field_options = @unserialize($data['field_options']);",{"fn":298,"file":180,"line":362,"context":363},604,"$files = @unserialize($row['value']);",{"fn":298,"file":180,"line":365,"context":366},670,"$description_data = isset($row['description']) && $row['description'] ? @unserialize($row['descripti",{"fn":298,"file":180,"line":368,"context":369},1149,"$fpropdfSignatures = unserialize($tmpFDF['signatures']);",{"fn":298,"file":180,"line":371,"context":372},1828,"$formats = @unserialize($result['formats']);",{"fn":298,"file":180,"line":374,"context":375},1833,"$data = isset($result['data']) ? unserialize($result['data']) : array();",{"fn":298,"file":180,"line":377,"context":378},1997,"$assocData = @unserialize($data['data']);",{"fn":298,"file":180,"line":380,"context":381},2186,"foreach (unserialize($layout['data']) as $values) {",{"fn":298,"file":180,"line":383,"context":384},2216,"$description_data = @unserialize($entry->description);",{"fn":308,"file":180,"line":386,"context":387},2349,"shell_exec('which pdftk')",{"fn":308,"file":180,"line":389,"context":390},2351,"$fields_data = shell_exec('pdftk ' . escapeshellarg($file) . ' dump_data_fields_utf8 2> \u002Fdev\u002Fnull');",{"fn":298,"file":180,"line":392,"context":393},2419,"$field_options = @unserialize($row->field_options);",{"fn":298,"file":180,"line":395,"context":396},2436,"$_opts = @unserialize($row->options);",{"fn":298,"file":180,"line":398,"context":300},2448,{"fn":308,"file":400,"line":401,"context":387},"generate-pdf.php",181,{"fn":308,"file":400,"line":403,"context":404},185,"shell_exec(\"pdftk \" . escapeshellarg($desired) . \" fill_form \" . escapeshellarg($actual) . \" output ",{"fn":406,"file":400,"line":407,"context":408},"passthru",192,"passthru($command);",{"fn":308,"file":400,"line":410,"context":411},195,"if ($real_flatten && shell_exec('which convert')) {",{"fn":308,"file":400,"line":413,"context":414},201,"shell_exec('convert -background white -alpha remove -density 300 ' . escapeshellarg($tmpPdf) . ' ' .",{"fn":308,"file":400,"line":416,"context":417},218,"shell_exec('convert ' . escapeshellarg($fileTmp) . ' ' . escapeshellarg($fileTmp . '.pdf'));",{"fn":308,"file":400,"line":419,"context":420},222,"$buffer = shell_exec('pdftk ' . implode(' ', $filesTmp) . ' cat output - ');",{"fn":308,"file":400,"line":422,"context":423},228,"$data = shell_exec('pdftk ' . escapeshellarg($tmpPdf) . ' output - ' . $encrypt);",{"fn":308,"file":400,"line":425,"context":426},418,"$debug = shell_exec(\"$command 2>&1\");",{"prepared":428,"raw":429,"locations":430},82,51,[431,434,437,439,441,443,445,447,449,451,453,455,457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533],{"file":180,"line":432,"context":433},209,"$wpdb->query() with variable interpolation",{"file":180,"line":435,"context":436},216,"$wpdb->get_results() with variable interpolation",{"file":180,"line":438,"context":433},367,{"file":180,"line":440,"context":433},370,{"file":180,"line":442,"context":433},385,{"file":180,"line":444,"context":433},395,{"file":180,"line":446,"context":433},414,{"file":180,"line":448,"context":433},424,{"file":180,"line":450,"context":433},427,{"file":180,"line":452,"context":433},430,{"file":180,"line":454,"context":433},433,{"file":180,"line":456,"context":433},436,{"file":180,"line":458,"context":433},439,{"file":180,"line":460,"context":433},442,{"file":180,"line":462,"context":433},445,{"file":180,"line":464,"context":433},448,{"file":180,"line":466,"context":433},451,{"file":180,"line":468,"context":433},452,{"file":180,"line":470,"context":433},454,{"file":180,"line":472,"context":433},470,{"file":180,"line":474,"context":433},480,{"file":180,"line":476,"context":436},1791,{"file":180,"line":478,"context":436},1807,{"file":180,"line":480,"context":433},1915,{"file":180,"line":482,"context":433},1917,{"file":180,"line":484,"context":433},1918,{"file":180,"line":486,"context":433},1921,{"file":180,"line":488,"context":433},1924,{"file":180,"line":490,"context":433},1927,{"file":180,"line":492,"context":433},1930,{"file":180,"line":494,"context":433},1933,{"file":180,"line":496,"context":433},1936,{"file":180,"line":498,"context":433},1939,{"file":180,"line":500,"context":433},1942,{"file":180,"line":502,"context":433},2063,{"file":180,"line":504,"context":433},2065,{"file":180,"line":506,"context":433},2066,{"file":180,"line":508,"context":433},2069,{"file":180,"line":510,"context":433},2072,{"file":180,"line":512,"context":433},2075,{"file":180,"line":514,"context":433},2078,{"file":180,"line":516,"context":433},2081,{"file":180,"line":518,"context":433},2084,{"file":180,"line":520,"context":433},2087,{"file":180,"line":522,"context":433},2090,{"file":273,"line":524,"context":436},126,{"file":526,"line":209,"context":433},"uninstall.php",{"file":526,"line":528,"context":433},21,{"file":526,"line":530,"context":433},23,{"file":526,"line":532,"context":433},24,{"file":526,"line":534,"context":535},52,"$wpdb->get_col() with variable interpolation",{"escaped":537,"rawEcho":176,"locations":538},215,[539,542,544,546,548,550,552,554,556,558,560,562,564,566,568,570,572,574,576,578,580,582,584,586,588,590,592,594,596,598,599,600,602,604,605,607],{"file":165,"line":540,"context":541},393,"raw output",{"file":165,"line":543,"context":541},394,{"file":165,"line":545,"context":541},401,{"file":165,"line":547,"context":541},402,{"file":180,"line":549,"context":541},159,{"file":180,"line":551,"context":541},323,{"file":180,"line":553,"context":541},324,{"file":180,"line":555,"context":541},1248,{"file":180,"line":557,"context":541},1278,{"file":180,"line":559,"context":541},1279,{"file":180,"line":561,"context":541},1280,{"file":180,"line":563,"context":541},1281,{"file":180,"line":565,"context":541},1282,{"file":180,"line":567,"context":541},1283,{"file":180,"line":569,"context":541},1284,{"file":180,"line":571,"context":541},1311,{"file":180,"line":573,"context":541},1370,{"file":180,"line":575,"context":541},1399,{"file":180,"line":577,"context":541},1427,{"file":180,"line":579,"context":541},1454,{"file":180,"line":581,"context":541},1477,{"file":180,"line":583,"context":541},1533,{"file":180,"line":585,"context":541},1547,{"file":180,"line":587,"context":541},1562,{"file":180,"line":589,"context":541},1775,{"file":180,"line":591,"context":541},2168,{"file":180,"line":593,"context":541},2309,{"file":180,"line":595,"context":541},2523,{"file":400,"line":597,"context":541},431,{"file":400,"line":454,"context":541},{"file":400,"line":468,"context":541},{"file":227,"line":601,"context":541},226,{"file":227,"line":603,"context":541},294,{"file":273,"line":428,"context":541},{"file":273,"line":606,"context":541},92,{"file":273,"line":608,"context":541},117,70,15,[],[613,636,698,720,734,748,766,785,798,808,828,838,934,964,975],{"entryPoint":614,"graph":615,"unsanitizedCount":28,"severity":635},"wpfx_killlayout (fpropdf.php:2528)",{"nodes":616,"edges":632},[617,622,626],{"id":618,"type":619,"label":620,"file":180,"line":621},"n0","source","$_POST",2534,{"id":623,"type":624,"label":625,"file":180,"line":621},"n1","transform","→ wpfx_backup_layout()",{"id":627,"type":628,"label":629,"file":180,"line":630,"wp_function":631},"n2","sink","file_put_contents() [File Write]",2049,"file_put_contents",[633,634],{"from":618,"to":623,"sanitized":239},{"from":623,"to":627,"sanitized":239},"medium",{"entryPoint":637,"graph":638,"unsanitizedCount":697,"severity":635},"\u003Cgenerate-pdf> (generate-pdf.php:0)",{"nodes":639,"edges":687},[640,643,645,646,649,653,658,660,663,665,669,673,676,680,683,685],{"id":618,"type":619,"label":641,"file":400,"line":642},"$_POST (x2)",34,{"id":623,"type":628,"label":644,"file":400,"line":403,"wp_function":308},"shell_exec() [RCE]",{"id":627,"type":619,"label":620,"file":400,"line":642},{"id":647,"type":628,"label":648,"file":400,"line":407,"wp_function":406},"n3","passthru() [RCE]",{"id":650,"type":619,"label":651,"file":400,"line":652},"n4","$_SERVER",261,{"id":654,"type":628,"label":655,"file":400,"line":656,"wp_function":657},"n5","file_get_contents() [SSRF\u002FLFI]",340,"file_get_contents",{"id":659,"type":619,"label":620,"file":400,"line":50},"n6",{"id":661,"type":628,"label":629,"file":400,"line":662,"wp_function":631},"n7",388,{"id":664,"type":619,"label":620,"file":400,"line":50},"n8",{"id":666,"type":628,"label":667,"file":400,"line":468,"wp_function":668},"n9","echo() [XSS]","echo",{"id":670,"type":619,"label":671,"file":400,"line":672},"n10","$_REQUEST (x2)",160,{"id":674,"type":624,"label":675,"file":400,"line":672},"n11","→ fpropdf_header()",{"id":677,"type":628,"label":678,"file":400,"line":530,"wp_function":679},"n12","header() [Header Injection]","header",{"id":681,"type":619,"label":620,"file":400,"line":682},"n13",449,{"id":684,"type":624,"label":675,"file":400,"line":682},"n14",{"id":686,"type":628,"label":678,"file":400,"line":530,"wp_function":679},"n15",[688,689,690,691,692,693,694,695,696],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":241},{"from":650,"to":654,"sanitized":241},{"from":659,"to":661,"sanitized":241},{"from":664,"to":666,"sanitized":241},{"from":670,"to":674,"sanitized":239},{"from":674,"to":677,"sanitized":239},{"from":681,"to":684,"sanitized":239},{"from":684,"to":686,"sanitized":239},3,{"entryPoint":699,"graph":700,"unsanitizedCount":103,"severity":635},"\u003Cpreview> (preview.php:0)",{"nodes":701,"edges":715},[702,706,708,709,710,712,714],{"id":618,"type":619,"label":703,"file":704,"line":705},"$_GET (x2)","preview.php",22,{"id":623,"type":628,"label":655,"file":704,"line":707,"wp_function":657},43,{"id":627,"type":619,"label":703,"file":704,"line":705},{"id":647,"type":628,"label":629,"file":704,"line":606,"wp_function":631},{"id":650,"type":619,"label":703,"file":704,"line":711},56,{"id":654,"type":624,"label":713,"file":704,"line":711},"→ fpropdf_readfile()",{"id":659,"type":628,"label":678,"file":704,"line":610,"wp_function":679},[716,717,718,719],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":241},{"from":650,"to":654,"sanitized":239},{"from":654,"to":659,"sanitized":239},{"entryPoint":721,"graph":722,"unsanitizedCount":28,"severity":635},"fpropdf_generate_export_file (templates.php:6)",{"nodes":723,"edges":730},[724,725,726,728,729],{"id":618,"type":619,"label":671,"file":273,"line":193},{"id":623,"type":628,"label":678,"file":273,"line":294,"wp_function":679},{"id":627,"type":619,"label":727,"file":273,"line":61},"$_REQUEST",{"id":647,"type":624,"label":625,"file":273,"line":61},{"id":650,"type":628,"label":629,"file":180,"line":630,"wp_function":631},[731,732,733],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":239},{"from":647,"to":650,"sanitized":239},{"entryPoint":735,"graph":736,"unsanitizedCount":28,"severity":635},"fpropdf_templates_page (templates.php:28)",{"nodes":737,"edges":745},[738,741,743],{"id":618,"type":619,"label":739,"file":273,"line":740},"$_FILES",75,{"id":623,"type":624,"label":742,"file":273,"line":740},"→ fpropdf_restore_backup()",{"id":627,"type":628,"label":629,"file":165,"line":744,"wp_function":631},281,[746,747],{"from":618,"to":623,"sanitized":239},{"from":623,"to":627,"sanitized":239},{"entryPoint":749,"graph":750,"unsanitizedCount":103,"severity":635},"\u003Ctemplates> (templates.php:0)",{"nodes":751,"edges":760},[752,753,754,755,756,757,758,759],{"id":618,"type":619,"label":671,"file":273,"line":193},{"id":623,"type":628,"label":678,"file":273,"line":294,"wp_function":679},{"id":627,"type":619,"label":727,"file":273,"line":61},{"id":647,"type":624,"label":625,"file":273,"line":61},{"id":650,"type":628,"label":629,"file":180,"line":630,"wp_function":631},{"id":654,"type":619,"label":739,"file":273,"line":740},{"id":659,"type":624,"label":742,"file":273,"line":740},{"id":661,"type":628,"label":629,"file":165,"line":744,"wp_function":631},[761,762,763,764,765],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":239},{"from":647,"to":650,"sanitized":239},{"from":654,"to":659,"sanitized":239},{"from":659,"to":661,"sanitized":239},{"entryPoint":767,"graph":768,"unsanitizedCount":29,"severity":784},"wpfx_getdataset (fpropdf.php:2134)",{"nodes":769,"edges":781},[770,772,776,777],{"id":618,"type":619,"label":620,"file":180,"line":771},2139,{"id":623,"type":628,"label":773,"file":180,"line":774,"wp_function":775},"get_row() [SQLi]",2143,"get_row",{"id":627,"type":619,"label":641,"file":180,"line":771},{"id":647,"type":628,"label":778,"file":180,"line":779,"wp_function":780},"get_results() [SQLi]",2153,"get_results",[782,783],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":241},"low",{"entryPoint":786,"graph":787,"unsanitizedCount":29,"severity":784},"wpfx_generate_pdf (fpropdf.php:2616)",{"nodes":788,"edges":796},[789,792],{"id":618,"type":619,"label":790,"file":180,"line":791},"$_GET",2621,{"id":623,"type":628,"label":793,"file":180,"line":794,"wp_function":795},"wp_redirect() [Open Redirect]",2627,"wp_redirect",[797],{"from":618,"to":623,"sanitized":241},{"entryPoint":799,"graph":800,"unsanitizedCount":29,"severity":784},"wpfx_preview_pdf (fpropdf.php:2641)",{"nodes":801,"edges":806},[802,804],{"id":618,"type":619,"label":790,"file":180,"line":803},2646,{"id":623,"type":628,"label":667,"file":180,"line":805,"wp_function":668},2647,[807],{"from":618,"to":623,"sanitized":241},{"entryPoint":809,"graph":810,"unsanitizedCount":193,"severity":41},"fpropdf_format_field (format.php:133)",{"nodes":811,"edges":824},[812,815,817,820,821,823],{"id":618,"type":619,"label":813,"file":319,"line":814},"$_POST (x3)",365,{"id":623,"type":628,"label":816,"file":319,"line":331,"wp_function":298},"unserialize() [Object Injection]",{"id":627,"type":619,"label":818,"file":319,"line":819},"$_format",133,{"id":647,"type":628,"label":773,"file":319,"line":466,"wp_function":775},{"id":650,"type":619,"label":822,"file":319,"line":819},"$_format (x5)",{"id":654,"type":628,"label":816,"file":319,"line":336,"wp_function":298},[825,826,827],{"from":618,"to":623,"sanitized":239},{"from":627,"to":647,"sanitized":239},{"from":650,"to":654,"sanitized":239},{"entryPoint":829,"graph":830,"unsanitizedCount":837,"severity":41},"\u003Cformat> (format.php:0)",{"nodes":831,"edges":835},[832,834],{"id":618,"type":619,"label":833,"file":319,"line":814},"$_POST (x4)",{"id":623,"type":628,"label":816,"file":319,"line":331,"wp_function":298},[836],{"from":618,"to":623,"sanitized":239},4,{"entryPoint":839,"graph":840,"unsanitizedCount":218,"severity":41},"wpfx_admin (fpropdf.php:913)",{"nodes":841,"edges":916},[842,844,846,849,851,854,856,858,860,861,862,864,866,868,870,872,874,879,882,885,887,890,893,896,899,902,907,910,913],{"id":618,"type":619,"label":739,"file":180,"line":843},927,{"id":623,"type":628,"label":655,"file":180,"line":845,"wp_function":657},929,{"id":627,"type":619,"label":847,"file":180,"line":848},"$_GET (x5)",942,{"id":647,"type":628,"label":667,"file":180,"line":850,"wp_function":668},944,{"id":650,"type":619,"label":852,"file":180,"line":853},"$_FILES (x5)",1089,{"id":654,"type":628,"label":667,"file":180,"line":855,"wp_function":668},1097,{"id":659,"type":619,"label":620,"file":180,"line":857},1115,{"id":661,"type":628,"label":773,"file":180,"line":859,"wp_function":775},1139,{"id":664,"type":619,"label":620,"file":180,"line":857},{"id":666,"type":628,"label":816,"file":180,"line":368,"wp_function":298},{"id":670,"type":619,"label":863,"file":180,"line":857},"$_POST (x10)",{"id":674,"type":628,"label":667,"file":180,"line":865,"wp_function":668},1160,{"id":677,"type":619,"label":867,"file":180,"line":843},"$_FILES (x2)",{"id":681,"type":628,"label":778,"file":180,"line":869,"wp_function":780},1600,{"id":684,"type":619,"label":641,"file":180,"line":871},965,{"id":686,"type":624,"label":873,"file":180,"line":871},"→ fpropdf_check_code()",{"id":875,"type":628,"label":876,"file":180,"line":877,"wp_function":878},"n16","update_option() [Settings Manipulation]",885,"update_option",{"id":880,"type":619,"label":620,"file":180,"line":881},"n17",1117,{"id":883,"type":624,"label":884,"file":180,"line":881},"n18","→ wpfx_readlayout()",{"id":886,"type":628,"label":816,"file":180,"line":374,"wp_function":298},"n19",{"id":888,"type":619,"label":813,"file":180,"line":889},"n20",1124,{"id":891,"type":624,"label":892,"file":180,"line":889},"n21","→ wpfx_extract()",{"id":894,"type":628,"label":773,"file":180,"line":895,"wp_function":775},"n22",762,{"id":897,"type":619,"label":620,"file":180,"line":898},"n23",1234,{"id":900,"type":624,"label":901,"file":180,"line":898},"n24","→ wpfx_updatelayout()",{"id":903,"type":628,"label":904,"file":180,"line":905,"wp_function":906},"n25","get_var() [SQLi]",2095,"get_var",{"id":908,"type":619,"label":620,"file":180,"line":909},"n26",1236,{"id":911,"type":624,"label":912,"file":180,"line":909},"n27","→ wpfx_writelayout()",{"id":914,"type":628,"label":773,"file":180,"line":915,"wp_function":775},"n28",1896,[917,918,919,920,921,922,923,924,925,926,927,928,929,930,931,932,933],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":241},{"from":650,"to":654,"sanitized":241},{"from":659,"to":661,"sanitized":241},{"from":664,"to":666,"sanitized":241},{"from":670,"to":674,"sanitized":241},{"from":677,"to":681,"sanitized":241},{"from":684,"to":686,"sanitized":239},{"from":686,"to":875,"sanitized":239},{"from":880,"to":883,"sanitized":239},{"from":883,"to":886,"sanitized":239},{"from":888,"to":891,"sanitized":239},{"from":891,"to":894,"sanitized":241},{"from":897,"to":900,"sanitized":239},{"from":900,"to":903,"sanitized":239},{"from":908,"to":911,"sanitized":239},{"from":911,"to":914,"sanitized":239},{"entryPoint":935,"graph":936,"unsanitizedCount":28,"severity":41},"wpfx_peeklayout (fpropdf.php:2314)",{"nodes":937,"edges":956},[938,940,941,942,944,945,947,948,950,951,952,954,955],{"id":618,"type":619,"label":620,"file":180,"line":939},2319,{"id":623,"type":628,"label":644,"file":180,"line":389,"wp_function":308},{"id":627,"type":619,"label":620,"file":180,"line":939},{"id":647,"type":628,"label":773,"file":180,"line":943,"wp_function":775},2394,{"id":650,"type":619,"label":620,"file":180,"line":939},{"id":654,"type":628,"label":778,"file":180,"line":946,"wp_function":780},2409,{"id":659,"type":619,"label":620,"file":180,"line":939},{"id":661,"type":628,"label":655,"file":180,"line":949,"wp_function":657},2489,{"id":664,"type":619,"label":620,"file":180,"line":939},{"id":666,"type":628,"label":667,"file":180,"line":595,"wp_function":668},{"id":670,"type":619,"label":620,"file":180,"line":953},2322,{"id":674,"type":624,"label":884,"file":180,"line":953},{"id":677,"type":628,"label":816,"file":180,"line":374,"wp_function":298},[957,958,959,960,961,962,963],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":241},{"from":650,"to":654,"sanitized":241},{"from":659,"to":661,"sanitized":241},{"from":664,"to":666,"sanitized":241},{"from":670,"to":674,"sanitized":239},{"from":674,"to":677,"sanitized":239},{"entryPoint":965,"graph":966,"unsanitizedCount":28,"severity":41},"wpfx_duplayout (fpropdf.php:2541)",{"nodes":967,"edges":972},[968,970,971],{"id":618,"type":619,"label":620,"file":180,"line":969},2547,{"id":623,"type":624,"label":884,"file":180,"line":969},{"id":627,"type":628,"label":816,"file":180,"line":374,"wp_function":298},[973,974],{"from":618,"to":623,"sanitized":239},{"from":623,"to":627,"sanitized":239},{"entryPoint":976,"graph":977,"unsanitizedCount":193,"severity":41},"\u003Cfpropdf> (fpropdf.php:0)",{"nodes":978,"edges":1060},[979,980,981,983,984,985,986,987,988,989,990,992,993,994,995,997,998,999,1000,1001,1003,1004,1005,1006,1007,1008,1009,1010,1011,1012,1014,1017,1020,1022,1024,1026,1028,1030,1032,1034,1036,1038,1040,1042,1044,1046,1048,1050,1052,1054,1056,1058],{"id":618,"type":619,"label":867,"file":180,"line":843},{"id":623,"type":628,"label":655,"file":180,"line":845,"wp_function":657},{"id":627,"type":619,"label":982,"file":180,"line":848},"$_GET (x6)",{"id":647,"type":628,"label":667,"file":180,"line":850,"wp_function":668},{"id":650,"type":619,"label":852,"file":180,"line":853},{"id":654,"type":628,"label":667,"file":180,"line":855,"wp_function":668},{"id":659,"type":619,"label":833,"file":180,"line":857},{"id":661,"type":628,"label":773,"file":180,"line":859,"wp_function":775},{"id":664,"type":619,"label":641,"file":180,"line":857},{"id":666,"type":628,"label":816,"file":180,"line":368,"wp_function":298},{"id":670,"type":619,"label":991,"file":180,"line":857},"$_POST (x11)",{"id":674,"type":628,"label":667,"file":180,"line":865,"wp_function":668},{"id":677,"type":619,"label":867,"file":180,"line":843},{"id":681,"type":628,"label":778,"file":180,"line":869,"wp_function":780},{"id":684,"type":619,"label":703,"file":180,"line":996},1447,{"id":686,"type":628,"label":816,"file":180,"line":371,"wp_function":298},{"id":875,"type":619,"label":867,"file":180,"line":843},{"id":880,"type":628,"label":816,"file":180,"line":377,"wp_function":298},{"id":883,"type":619,"label":739,"file":180,"line":843},{"id":886,"type":628,"label":773,"file":180,"line":1002,"wp_function":775},2006,{"id":888,"type":619,"label":739,"file":180,"line":843},{"id":891,"type":628,"label":629,"file":180,"line":630,"wp_function":631},{"id":894,"type":619,"label":813,"file":180,"line":771},{"id":897,"type":628,"label":778,"file":180,"line":779,"wp_function":780},{"id":900,"type":619,"label":620,"file":180,"line":939},{"id":903,"type":628,"label":644,"file":180,"line":389,"wp_function":308},{"id":908,"type":619,"label":620,"file":180,"line":939},{"id":911,"type":628,"label":655,"file":180,"line":949,"wp_function":657},{"id":914,"type":619,"label":790,"file":180,"line":791},{"id":1013,"type":628,"label":793,"file":180,"line":794,"wp_function":795},"n29",{"id":1015,"type":619,"label":620,"file":180,"line":1016},"n30",1114,{"id":1018,"type":628,"label":629,"file":180,"line":1019,"wp_function":631},"n31",2790,{"id":1021,"type":619,"label":790,"file":180,"line":996},"n32",{"id":1023,"type":628,"label":629,"file":180,"line":1019,"wp_function":631},"n33",{"id":1025,"type":619,"label":641,"file":180,"line":871},"n34",{"id":1027,"type":624,"label":873,"file":180,"line":871},"n35",{"id":1029,"type":628,"label":876,"file":180,"line":877,"wp_function":878},"n36",{"id":1031,"type":619,"label":833,"file":180,"line":881},"n37",{"id":1033,"type":624,"label":884,"file":180,"line":881},"n38",{"id":1035,"type":628,"label":816,"file":180,"line":374,"wp_function":298},"n39",{"id":1037,"type":619,"label":833,"file":180,"line":889},"n40",{"id":1039,"type":624,"label":892,"file":180,"line":889},"n41",{"id":1041,"type":628,"label":773,"file":180,"line":895,"wp_function":775},"n42",{"id":1043,"type":619,"label":620,"file":180,"line":898},"n43",{"id":1045,"type":624,"label":901,"file":180,"line":898},"n44",{"id":1047,"type":628,"label":904,"file":180,"line":905,"wp_function":906},"n45",{"id":1049,"type":619,"label":620,"file":180,"line":909},"n46",{"id":1051,"type":624,"label":912,"file":180,"line":909},"n47",{"id":1053,"type":628,"label":773,"file":180,"line":915,"wp_function":775},"n48",{"id":1055,"type":619,"label":620,"file":180,"line":621},"n49",{"id":1057,"type":624,"label":625,"file":180,"line":621},"n50",{"id":1059,"type":628,"label":629,"file":180,"line":630,"wp_function":631},"n51",[1061,1062,1063,1064,1065,1066,1067,1068,1069,1070,1071,1072,1073,1074,1075,1076,1077,1078,1079,1080,1081,1082,1083,1084,1085,1086,1087,1088,1089],{"from":618,"to":623,"sanitized":241},{"from":627,"to":647,"sanitized":241},{"from":650,"to":654,"sanitized":241},{"from":659,"to":661,"sanitized":241},{"from":664,"to":666,"sanitized":241},{"from":670,"to":674,"sanitized":241},{"from":677,"to":681,"sanitized":241},{"from":684,"to":686,"sanitized":241},{"from":875,"to":880,"sanitized":241},{"from":883,"to":886,"sanitized":241},{"from":888,"to":891,"sanitized":241},{"from":894,"to":897,"sanitized":241},{"from":900,"to":903,"sanitized":241},{"from":908,"to":911,"sanitized":241},{"from":914,"to":1013,"sanitized":241},{"from":1015,"to":1018,"sanitized":241},{"from":1021,"to":1023,"sanitized":241},{"from":1025,"to":1027,"sanitized":239},{"from":1027,"to":1029,"sanitized":239},{"from":1031,"to":1033,"sanitized":239},{"from":1033,"to":1035,"sanitized":239},{"from":1037,"to":1039,"sanitized":239},{"from":1039,"to":1041,"sanitized":241},{"from":1043,"to":1045,"sanitized":239},{"from":1045,"to":1047,"sanitized":239},{"from":1049,"to":1051,"sanitized":239},{"from":1051,"to":1053,"sanitized":239},{"from":1055,"to":1057,"sanitized":239},{"from":1057,"to":1059,"sanitized":239},{"summary":1091,"deductions":1092},"The \"formidablepro-2-pdf\" v3.23 plugin exhibits a mixed security posture. While it has a relatively small attack surface with all identified entry points secured by authentication checks, the static analysis reveals several concerning code signals. The presence of 46 dangerous functions, including `unserialize`, `shell_exec`, and `passthru`, is a significant red flag, indicating potential for severe vulnerabilities if not handled with extreme care. Furthermore, the taint analysis shows 12 flows with unsanitized paths and 6 high-severity issues, suggesting that user-supplied data might be processed in an insecure manner, potentially leading to code execution or other compromises.\n\nThe plugin's vulnerability history, while currently showing no unpatched CVEs, does include a past high-severity SQL injection vulnerability. This history, coupled with the static analysis findings, suggests a pattern where input sanitization and secure function usage might be inconsistent. While the majority of SQL queries use prepared statements and most outputs are escaped, the critical taint flows and presence of dangerous functions point to areas where these good practices may be overlooked.\n\nIn conclusion, \"formidablepro-2-pdf\" v3.23 has strengths in its secured entry points and a recent lack of unpatched vulnerabilities. However, the significant number of dangerous functions, high-severity taint flows with unsanitized paths, and past SQL injection history collectively present a notable risk. Developers should prioritize a thorough audit of how user input interacts with dangerous functions and ensure robust sanitization across all data flows.",[1093,1095,1098,1100],{"reason":1094,"points":156},"High severity taint flows",{"reason":1096,"points":1097},"Unsanitized paths in taint flows",8,{"reason":1099,"points":610},"Dangerous functions (unserialize, shell_exec, passthru)",{"reason":1101,"points":610},"Past high severity CVE (SQL Injection)","2026-03-16T19:02:40.727Z",{"wat":1104,"direct":1118},{"assetPaths":1105,"generatorPatterns":1110,"scriptPaths":1112,"versionParams":1113},[1106,1107,1108,1109],"\u002Fwp-content\u002Fplugins\u002Fformidablepro-2-pdf\u002Fassets\u002Fcss\u002Fbackend.css","\u002Fwp-content\u002Fplugins\u002Fformidablepro-2-pdf\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fformidablepro-2-pdf\u002Fassets\u002Fjs\u002Fbackend.js","\u002Fwp-content\u002Fplugins\u002Fformidablepro-2-pdf\u002Fassets\u002Fjs\u002Ffrontend.js",[1111],"Formidable PRO2PDF v3.23",[1108,1109],[1114,1115,1116,1117],"formidablepro-2-pdf\u002Fassets\u002Fcss\u002Fbackend.css?ver=","formidablepro-2-pdf\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","formidablepro-2-pdf\u002Fassets\u002Fjs\u002Fbackend.js?ver=","formidablepro-2-pdf\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":1119,"htmlComments":1121,"htmlAttributes":1123,"restEndpoints":1128,"jsGlobals":1129,"shortcodeOutput":1131},[1120],"fpropdf-admin-css",[1122],"\u003C!-- fpropdfTmpFile -->",[1124,1125,1126,1127],"data-fpropdf-form","data-fpropdf-field-id","data-fpropdf-field-type","data-fpropdf-entry-id",[],[1130],"window.fpropdfAdditionalFormatting",[]]