[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2jy531vGr9ues2rdgbZRkwzQ6jXSHArBCWyVauMMe_0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":128,"fingerprints":230},"formular-af-citizenone-journalsystem","Formular af CitizenOne journalsystem","1.4.0","AWORK Group A\u002FS","https:\u002F\u002Fprofiles.wordpress.org\u002Fawbot123\u002F","\u003Cul>\n\u003Cli>Customizable embed forms with color matching\u003C\u002Fli>\n\u003Cli>Real-time lead submission to CitizenOne dashboard\u003C\u002Fli>\n\u003Cli>Shortcode & Gutenberg block implementation\u003C\u002Fli>\n\u003Cli>“Formular af CitizenOne – Journalsystem med alt inklusiv” branding\u003C\u002Fli>\n\u003Cli>Mobile-responsive design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin utilizes the following third-party services to enhance functionality:\u003C\u002Fp>\n\u003Ch3>hCaptcha\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Optional spam protection for contact forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: User interaction data through hCaptcha’s API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: Only when site administrator has configured hCaptcha keys in plugin settings\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms\u003C\u002Fstrong>: https:\u002F\u002Fhcaptcha.com\u002Fterms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fhcaptcha.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CitizenOne API\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Processing form submissions and generating authentication tokens\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: Form submission data (as provided by users) and authentication tokens\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: When users submit forms through the contact form\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms\u003C\u002Fstrong>: https:\u002F\u002Fcitizenone.dk\u002Fvilkaarogbetingelser\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fcitizenone.dk\u002Fprivatlivspolitik\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","Embed customizable contact forms from CitizenOne on any WordPress site.",0,223,"2026-01-05T06:19:00.000Z","6.9.4","5.8","7.4",[18,19,20],"citizenone","contacts","leads","https:\u002F\u002Fgithub.com\u002FAWORK-AS\u002Fcontact-form-app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fformular-af-citizenone-journalsystem.1.4.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"awbot123",1,30,94,"2026-04-05T10:32:21.210Z",[34,53,72,90,109],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":23,"num_ratings":29,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":50,"download_link":51,"security_score":52,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"funnel","Funnel","1.4.2","ablancodev","https:\u002F\u002Fprofiles.wordpress.org\u002Feggemplo\u002F","\u003Cp>Create a conversion funnel in your wordpress.\u003Cbr \u002F>\nIt allows for seamless tracking and categorization of users based on their conversion states, providing valuable insights to optimize marketing strategies and enhance overall user engagement.\u003C\u002Fp>\n\u003Cp>You can create leads manually or automatically when register new users.\u003C\u002Fp>\n\u003Cp>Users can travel through the conversion funnel by visiting different pages.\u003C\u002Fp>\n\u003Cp>Referrer system ready with url param.\u003C\u002Fp>\n\u003Cp>If you need to notify them, you can use WordPress emails.\u003C\u002Fp>\n","Streamline Your Marketing: Effortlessly Navigate User Conversion Paths",20,3988,"2025-02-12T07:32:00.000Z","6.7.5","5.9","",[19,35,20,49],"marketing","https:\u002F\u002Ffunnelwpplugin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffunnel.1.4.2.zip",92,{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":42,"downloaded":61,"rating":23,"num_ratings":29,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":70,"download_link":71,"security_score":52,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"scuolasemplice-contacts","ScuolaSemplice Contacts","1.7","BluCloud Srl","https:\u002F\u002Fprofiles.wordpress.org\u002Fblucloudsrl\u002F","\u003Cp>This free plugin is provided together with the ScuolaSemplice educational activity management system and allows you to publish contact forms to acquire leads and student data that will be automatically imported into the software.\u003Cbr \u002F>\nThe plugin allows you to dynamically design the forms, also including custom fields defined in ScuolaSemplice, allowing you to create completely customizable contact formsThis free plugin is provided together with the ScuolaSemplice educational activity management system and allows you to publish contact forms to acquire leads and student data that will be automatically imported into the software.\u003Cbr \u002F>\nThe plugin allows you to dynamically design the forms, also including custom fields defined in ScuolaSemplice, allowing you to create completely customizable contact forms\u003C\u002Fp>\n\u003Ch3>\u003C\u002Fh3>\n\u003Ch3>ScuolaSemplice Contacts\u003C\u002Fh3>\n\u003Cp>Contributors: blucloud srl\u003Cbr \u002F>\nTags: ScuolaSemplice, crm, leads, contacts, dynamic forms\u003Cbr \u002F>\nRequires at least: 5.3\u003Cbr \u002F>\nTested up to: 5.3\u003Cbr \u002F>\nRequires PHP: 5.6\u003Cbr \u002F>\nStable tag: 0.1\u003Cbr \u002F>\nLicense: GPLv3\u003C\u002Fp>\n\u003Cp>Plugin that allows you to publish contact forms to acquire leads and student data that will be automatically imported into the ScuolaSemplice software\u003C\u002Fp>\n","Plugin that allows you to publish contact forms to acquire leads and student data that will be automatically imported into the ScuolaSemplice software",1359,"2024-12-06T22:54:00.000Z","5.3.21","5.3","5.6",[19,67,68,20,69],"crm","dynamic-forms","scuolasemplice","https:\u002F\u002Fwww.scuolasemplice.it\u002Fcontacts-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscuolasemplice-contacts.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":11,"num_ratings":11,"last_updated":47,"tested_up_to":63,"requires_at_least":82,"requires_php":47,"tags":83,"homepage":87,"download_link":88,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":89},"wp-contacts-slim","WP Contacts Slim","1.0.0","scripthat","https:\u002F\u002Fprofiles.wordpress.org\u002Fscripthat\u002F","\u003Cp>WP Contacts is an excellent WordPress Plugin that allows you to manage your leads, contacts (or anything else) in WordPress.  Easy to install, intuitive to work with frontend management system, WP Contacts gives you excellent tools for organizing your contacts.  With WP Contacts you can set images for your contacts, create your own custom fields (as many as you want), upload files to associate with contacts, add notes, export and import contacts.\u003C\u002Fp>\n\u003Cp>WP Contacts is a multi-user and multi-role system allowing you to set detailed permissions for who can access your contacts along with a great many other features!  WP Contacts is built to be responsive on all of your devices and is extremely versatile.\u003C\u002Fp>\n\u003Cp>Detailed documentation can be found in our \u003Ca href=\"https:\u002F\u002Fwww.scripthat.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">online documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Installation video of WP Contacts\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FeWkLnXzQvUY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Take complete control of your own leads and contacts right in your WordPress installation, powerful features and easy to use.",10,1197,"4.9",[84,19,20,85,86],"contact-database","leads-database","personal-database","https:\u002F\u002Fwww.wpcontacts.co","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-contacts-slim.zip","2026-03-15T10:48:56.248Z",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":11,"downloaded":98,"rating":11,"num_ratings":11,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":65,"tags":102,"homepage":106,"download_link":107,"security_score":108,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"business-contacts-authentic-verifiable-business-leads","Get Telephone Contacts of Prospective Customers","1.0","Requested","https:\u002F\u002Fprofiles.wordpress.org\u002Frequested\u002F","\u003Cp>Authentic & verifiable telephone contacts of prospective customers in different sectors, countries & states). We help to fetch verifiable business contacts around the world that could be beneficiary to your business!\u003C\u002Fp>\n\u003Cp>Imagine you set up a company that produces bread flour, and you wanted to let all bread factories in your town to know about your business? That’s where we can help. Using powerful tools we can get you contacts that might be interested in your products. These are similar customers for other businesses like yours. When you don’t find a sector you want – you can simply request it! \u003Ca href=\"https:\u002F\u002Frequested.live\" rel=\"nofollow ugc\">product website\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>With contacts, you can send bulk SMS to them or WhatsApp messages or even a cold call announcing your products.\u003C\u002Fp>\n","Authentic & verifiable telephone contacts of prospective customers in different sectors, countries & states). We help to fetch verifiable busi &hellip;",754,"2022-10-19T18:05:00.000Z","6.0.11","3.8",[103,19,20,104,105],"business","numbers","telephone","https:\u002F\u002Frequested.live\u002Fwpplugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbusiness-contacts-authentic-verifiable-business-leads.1.0.zip",85,{"slug":110,"name":111,"version":75,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":11,"downloaded":116,"rating":11,"num_ratings":11,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":125,"download_link":126,"security_score":108,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":127},"easy-leads-free","Easy Leads Free","butteff","https:\u002F\u002Fprofiles.wordpress.org\u002Fbutteff\u002F","\u003Cp>Easy Leads Free – collect leads and contacts from your website to the database. Send mails to your leads from the admin panel after.\u003C\u002Fp>\n\u003Cp>All the leads, collected from the form, will be stored inside your database. You can manage Leads and send mails to them with your own texts.\u003C\u002Fp>\n","Easy Leads Free - collect leads and contacts from your website to the database. Send mails to your leads from the admin panel after.",7395,"2020-10-28T17:12:00.000Z","5.5.18","3.0.1","5.4",[19,122,20,123,124],"form","mails","shortcode","https:\u002F\u002Fgithub.com\u002Fbutteff\u002Feasy_leads_free_wordpress_plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-leads-free.zip","2026-03-15T14:54:45.397Z",{"attackSurface":129,"codeSignals":150,"taintFlows":192,"riskAssessment":220,"analyzedAt":229},{"hooks":130,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":11,"unprotectedCount":11},[131,137,140,142],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","admin_notices","closure","formular-af-citizenone-journalsystem.php",49,{"type":132,"name":133,"callback":138,"file":135,"line":139},"print_notice",86,{"type":132,"name":141,"callback":134,"file":135,"line":31},"enqueue_block_assets",{"type":132,"name":143,"callback":144,"file":135,"line":145},"init","facioj_initialize_plugin",114,[],[],[],[],{"dangerousFunctions":151,"sqlUsage":152,"outputEscaping":154,"fileOperations":29,"externalRequests":11,"nonceChecks":11,"capabilityChecks":190,"bundledLibraries":191},[],{"prepared":11,"raw":11,"locations":153},[],{"escaped":155,"rawEcho":156,"locations":157},3,14,[158,162,165,168,171,173,175,177,179,181,183,185,187,189],{"file":159,"line":160,"context":161},"backend\\class-impexp.php",70,"raw output",{"file":163,"line":164,"context":161},"backend\\class-settings-page.php",345,{"file":166,"line":167,"context":161},"engine\\class-initialize.php",297,{"file":169,"line":170,"context":161},"internals\\views\\class-form-renderer.php",34,{"file":169,"line":172,"context":161},36,{"file":169,"line":174,"context":161},67,{"file":169,"line":176,"context":161},68,{"file":169,"line":178,"context":161},118,{"file":169,"line":180,"context":161},121,{"file":169,"line":182,"context":161},122,{"file":169,"line":184,"context":161},123,{"file":169,"line":186,"context":161},194,{"file":169,"line":188,"context":161},211,{"file":169,"line":188,"context":161},2,[],[193,212],{"entryPoint":194,"graph":195,"unsanitizedCount":11,"severity":211},"settings_import (backend\\class-impexp.php:81)",{"nodes":196,"edges":208},[197,202],{"id":198,"type":199,"label":200,"file":159,"line":201},"n0","source","$_FILES",104,{"id":203,"type":204,"label":205,"file":159,"line":206,"wp_function":207},"n1","sink","file_get_contents() [SSRF\u002FLFI]",111,"file_get_contents",[209],{"from":198,"to":203,"sanitized":210},true,"low",{"entryPoint":213,"graph":214,"unsanitizedCount":11,"severity":211},"\u003Cclass-impexp> (backend\\class-impexp.php:0)",{"nodes":215,"edges":218},[216,217],{"id":198,"type":199,"label":200,"file":159,"line":201},{"id":203,"type":204,"label":205,"file":159,"line":206,"wp_function":207},[219],{"from":198,"to":203,"sanitized":210},{"summary":221,"deductions":222},"The plugin 'formular-af-citizenone-journalsystem' v1.4.0 exhibits a generally positive security posture with no known vulnerabilities or critical security findings in the static analysis. The absence of external HTTP requests and the exclusive use of prepared statements for SQL queries are strong indicators of good development practices. The limited attack surface, with no identified AJAX handlers, REST API routes, or shortcodes, further reduces the potential for exploitation. However, a significant concern arises from the low percentage of properly escaped output (18%). This suggests a considerable risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or internal data could be injected into the HTML output without proper sanitization. While no taint flows were flagged, the general lack of output escaping is a widespread weakness that could be exploited.\n\nThe plugin's vulnerability history is clean, indicating a lack of past security issues. This, coupled with the absence of critical findings in the static analysis, paints a picture of a plugin that is likely well-maintained and developed with security in mind. The presence of capability checks also suggests an attempt to enforce authorization, although the effectiveness of these checks is not fully detailed. The sole file operation is a point of interest that warrants further investigation, as uncontrolled file operations can lead to arbitrary file read\u002Fwrite vulnerabilities. Overall, the plugin has strong fundamentals but a notable weakness in output escaping that needs to be addressed.",[223,226],{"reason":224,"points":225},"Low percentage of properly escaped output",15,{"reason":227,"points":228},"One file operation identified",5,"2026-03-17T06:31:32.938Z",{"wat":231,"direct":248},{"assetPaths":232,"generatorPatterns":239,"scriptPaths":240,"versionParams":241},[233,234,235,236,237,238],"\u002Fwp-content\u002Fplugins\u002Fformular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-admin.css","\u002Fwp-content\u002Fplugins\u002Fformular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-settings.css","\u002Fwp-content\u002Fplugins\u002Fformular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-admin.js","\u002Fwp-content\u002Fplugins\u002Fformular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-settings.js","\u002Fwp-content\u002Fplugins\u002Fformular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-block.css","\u002Fwp-content\u002Fplugins\u002Fformular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-block.js",[],[],[242,243,244,245,246,247],"formular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-admin.css?ver=","formular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-settings.css?ver=","formular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-admin.js?ver=","formular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-settings.js?ver=","formular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-block.css?ver=","formular-af-citizenone-journalsystem\u002Fassets\u002Fbuild\u002Fplugin-block.js?ver=",{"cssClasses":249,"htmlComments":250,"htmlAttributes":251,"restEndpoints":252,"jsGlobals":253,"shortcodeOutput":263},[],[],[],[],[254,255,256,257,258,259,260,261,262],"window.FACIOJ_PLUGIN_ABSOLUTE","window.FACIOJ_PLUGIN_ROOT","window.FACIOJ_TEXTDOMAIN","window.FACIOJ_VERSION","window.FACIOJ_MIN_PHP_VERSION","window.FACIOJ_WP_VERSION","window.FACIOJ_PLUGIN_API_URL","window.FACIOJ_PLUGIN_API_NAME","window.FACIOJ_NAME",[]]