[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJAsO848F1iAe2ea6QzEIGFF45i4DqWXBD7dc2sP_ryM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":58,"fingerprints":196},"free-vehicle-data-uk","Rapid Car Check Vehicle Data","2.0","Rapid Car Check","https:\u002F\u002Fprofiles.wordpress.org\u002Frapidcarcheck\u002F","\u003Cp>Add instant vehicle lookup to your website in minutes with the Rapid Car Check WordPress plugin – a fast, simple way to enable number plate searches without writing a single line of code. Powered by Rapid Car Check, this plugin gives your users access to trusted DVLA and MOT data, live on your site.\u003C\u002Fp>\n\u003Cp>You can test the plugin for free by turning on ‘sandbox mode’.\u003C\u002Fp>\n\u003Cp>The plugin includes:\u003Cbr \u002F>\n– A full setup guide below.\u003Cbr \u002F>\n– A complete shortcode list\u003Cbr \u002F>\n– Free sandbox access with live usage stats in your WordPress dashboard\u003C\u002Fp>\n\u003Cp>Flexible pricing to match your usage\u003Cbr \u002F>\nEvery account starts with monthly checks. If you expect to exceed your allowance, simply top up with one of the following monthly plans from your account dashboard:\u003C\u002Fp>\n\u003Cp>50 monthly checks at £4.99 +VAT\u003Cbr \u002F>\n100 monthly checks at £9.99 +VAT\u003Cbr \u002F>\n500 monthly checks at £14.99 +VAT\u003Cbr \u002F>\n1000 monthly checks at £27.99 +VAT\u003Cbr \u002F>\n2000 monthly checks at £54.99 +VAT\u003Cbr \u002F>\n5000 monthly checks at £129.99 +VAT\u003Cbr \u002F>\n10,000 monthly checks at £259.99 +VAT\u003Cbr \u002F>\nShortcodes for Rapid Car Check plugin: https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002FSupport\u002FShortCodeList.csv\u003C\u002Fp>\n\u003Cp>If you need something more flexible try our Developer’s API: https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002Fdeveloper-api\u002F\u003C\u002Fp>\n\u003Cp>Do you need specialised custom app or web design for your automotive business? Check out our services here: https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002Fcustom-app-website-api-technology\u002F\u003C\u002Fp>\n\u003Cp>New data points of the plugin\u003C\u002Fp>\n\u003Cp>Vehicle identification & description\u003C\u002Fp>\n\u003Cp>Registration number\u003Cbr \u002F>\nVIN (chassis number)\u003Cbr \u002F>\nManufacturer\u003Cbr \u002F>\nModel\u003Cbr \u002F>\nYear of manufacture\u003Cbr \u002F>\nBody type\u003Cbr \u002F>\nFuel type\u003Cbr \u002F>\nEngine number\u003Cbr \u002F>\nPreviously registered in Northern Ireland\u003Cbr \u002F>\nUsed before it was first registered\u003Cbr \u002F>\nRegistration & legal details\u003C\u002Fp>\n\u003Cp>Date first registered in the UK\u003Cbr \u002F>\nDate first registered (anywhere)\u003Cbr \u002F>\nNumber of V5 logbooks issued\u003Cbr \u002F>\nDate the current V5 was issued\u003Cbr \u002F>\nVehicle status\u003C\u002Fp>\n\u003Cp>Whether the vehicle is a non-EU import\u003Cbr \u002F>\nWhether the vehicle is imported\u003Cbr \u002F>\nWhether the vehicle is exported\u003Cbr \u002F>\nDate the vehicle was exported\u003Cbr \u002F>\nWhether the vehicle is scrapped\u003Cbr \u002F>\nDate the vehicle was scrapped\u003Cbr \u002F>\nTax and CO₂ details\u003C\u002Fp>\n\u003Cp>CO₂ emissions\u003Cbr \u002F>\nDVLA CO₂ band\u003Cbr \u002F>\nRoad tax cost for year 1 (12 months)\u003Cbr \u002F>\nRoad tax cost for years 2–6 (6 months, over £40k vehicles)\u003Cbr \u002F>\nRoad tax cost for years 2–6 (12 months, over £40k vehicles)\u003Cbr \u002F>\nRoad tax cost for years 2–6 (6 months)\u003Cbr \u002F>\nRoad tax cost for years 2–6 (12 months)\u003Cbr \u002F>\nColour details\u003C\u002Fp>\n\u003Cp>Current colour\u003Cbr \u002F>\nNumber of times the colour has changed\u003Cbr \u002F>\nOriginal colour\u003Cbr \u002F>\nMost recent colour\u003Cbr \u002F>\nDate the colour last changed\u003Cbr \u002F>\nKeeper history\u003C\u002Fp>\n\u003Cp>Number of previous owners\u003Cbr \u002F>\nDate the last owner changed\u003Cbr \u002F>\nPlate changes\u003C\u002Fp>\n\u003Cp>Current registration number\u003Cbr \u002F>\nType of registration transfer\u003Cbr \u002F>\nDate DVLA recorded the registration transfer\u003Cbr \u002F>\nPrevious registration number\u003Cbr \u002F>\nDate of cherished plate transfer\u003C\u002Fp>\n\u003Ch4>Docs and support\u003C\u002Fh4>\n\u003Cp>Shortcodes for Rapid Car Check plugin: https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002FSupport\u002FShortCodeList.csv\u003C\u002Fp>\n\u003Ch4>Privacy notices\u003C\u002Fh4>\n\u003Cp>This plugin relies on 3rd party API access from (\u003Ca href=\"https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002F\" rel=\"nofollow ugc\">Rapid Car Check\u003C\u002Fa>), this means when someone makes a vehicle lookup on your WordPress site, the Rapid Car Check API will be contacted, use of the Rapid Car Check API and plugin are subject to the terms and conditions \u002F privacy policy:\u003C\u002Fp>\n\u003Cp>(\u003Ca href=\"https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002Fapi-terms-and-conditions\u002F\" rel=\"nofollow ugc\">Terms and Conditions\u003C\u002Fa>)\u003C\u002Fp>\n\u003Cp>(\u003Ca href=\"https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002Fapi-privacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>)\u003C\u002Fp>\n\u003Ch4>Recommended plugins\u003C\u002Fh4>\n\u003Cp>The mileage chart short code requires the following plugin:\u003C\u002Fp>\n\u003Cp>(\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-charts-and-graphs\u002F\" rel=\"ugc\">WP Charts and Graphs – WordPress Chart Plugin\u003C\u002Fa>)\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>Add instant vehicle lookup to your website in minutes with the Rapid Car Check WordPress plugin – a fast, simple way to enable number plate searches without writing a single line of code. Powered by Rapid Car Check, this plugin gives your users access to trusted DVLA and MOT data, live on your site.\u003C\u002Fp>\n","Add instant vehicle lookup to your website in minutes with the Rapid Car Check WordPress plugin – a fast, simple way to enable number plate searches w &hellip;",200,17674,84,5,"2025-06-19T04:21:00.000Z","6.8.5","4.0","",[20,21,22,23,24],"car-registration-lookup","dvla-information","dvla-search","mot-search","vehicle-data","https:\u002F\u002Fwww.rapidcarcheck.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffree-vehicle-data-uk.2.0.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"rapidcarcheck",1,30,94,"2026-04-04T12:59:40.032Z",[39],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":28,"num_ratings":28,"last_updated":49,"tested_up_to":50,"requires_at_least":17,"requires_php":18,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"uk-vehicle-data-api","UK Vehicle Data","2.0.0","aidansheriff","https:\u002F\u002Fprofiles.wordpress.org\u002Faidansheriff\u002F","\u003Cp>UKVD is a leading supplier of UK Vehicle Information and Valuation Data. This plugin provides quick and easy integration with WordPress and the UKVD API.\u003C\u002Fp>\n\u003Cp>Simply install, generate a results page, update the options under your administration control panel, insert the widget into your pages and allow your customers to search easily within your own WordPress website.\u003C\u002Fp>\n","UKVD is a leading supplier of UK Vehicle Information and Valuation Data. This plugin provides quick and easy integration with Wordpress and the UKVD A &hellip;",10,1546,"2018-03-29T10:33:00.000Z","4.8.28",[21,52,53,54],"uk-vehicle-data","ukvd","vehicle-valuation","https:\u002F\u002Fukvehicledata.co.uk\u002FApiDocumentation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuk-vehicle-data-api.2.0.0.zip",85,{"attackSurface":59,"codeSignals":122,"taintFlows":131,"riskAssessment":185,"analyzedAt":195},{"hooks":60,"ajaxHandlers":83,"restRoutes":104,"shortcodes":105,"cronEvents":120,"entryPointCount":47,"unprotectedCount":121},[61,66,70,75,78],{"type":62,"name":63,"callback":64,"file":65,"line":47},"action","admin_menu","RegisterOptionsPage","classes\\Admin.php",{"type":62,"name":67,"callback":68,"file":65,"line":69},"admin_init","RegisterSettings",11,{"type":62,"name":71,"callback":72,"priority":73,"file":74,"line":47},"wp_enqueue_scripts","IncludeAssets",9999,"classes\\Assets.php",{"type":62,"name":76,"callback":77,"priority":73,"file":74,"line":69},"admin_enqueue_scripts","IncludeAdminAssets",{"type":62,"name":79,"callback":80,"file":81,"line":82},"init","fvd_language_load","fvd.php",37,[84,91,92,96,98,102],{"action":85,"nopriv":86,"callback":87,"hasNonce":88,"hasCapCheck":88,"file":89,"line":90},"FVD_CreatePages",true,"CreatePages",false,"classes\\Ajax.php",9,{"action":85,"nopriv":88,"callback":87,"hasNonce":88,"hasCapCheck":88,"file":89,"line":47},{"action":93,"nopriv":86,"callback":94,"hasNonce":88,"hasCapCheck":88,"file":89,"line":95},"FVD_ClearSearchLogs","ClearSearchLogs",12,{"action":93,"nopriv":88,"callback":94,"hasNonce":88,"hasCapCheck":88,"file":89,"line":97},13,{"action":99,"nopriv":86,"callback":100,"hasNonce":88,"hasCapCheck":88,"file":89,"line":101},"FVD_ClearImages","ClearImages",15,{"action":99,"nopriv":88,"callback":100,"hasNonce":88,"hasCapCheck":88,"file":89,"line":103},16,[],[106,110,113,116],{"tag":107,"callback":108,"file":109,"line":69},"fvd_calljson","CallJson","classes\\Shortcodes.php",{"tag":111,"callback":112,"file":109,"line":95},"fvd_searchbox","DisplaySearchBox",{"tag":114,"callback":115,"file":109,"line":97},"fvd_getdata","GetData",{"tag":117,"callback":118,"file":109,"line":119},"fvd_returnmotrecord","GetMOT2",14,[],6,{"dangerousFunctions":123,"sqlUsage":124,"outputEscaping":126,"fileOperations":47,"externalRequests":129,"nonceChecks":34,"capabilityChecks":28,"bundledLibraries":130},[],{"prepared":28,"raw":28,"locations":125},[],{"escaped":127,"rawEcho":28,"locations":128},36,[],3,[],[132,159,170],{"entryPoint":133,"graph":134,"unsanitizedCount":157,"severity":158},"CallJson (classes\\Shortcodes.php:502)",{"nodes":135,"edges":154},[136,141,147,149],{"id":137,"type":138,"label":139,"file":109,"line":140},"n0","source","$_GET",509,{"id":142,"type":143,"label":144,"file":109,"line":145,"wp_function":146},"n1","sink","wp_remote_get() [SSRF]",513,"wp_remote_get",{"id":148,"type":138,"label":139,"file":109,"line":140},"n2",{"id":150,"type":143,"label":151,"file":109,"line":152,"wp_function":153},"n3","file_put_contents() [File Write]",527,"file_put_contents",[155,156],{"from":137,"to":142,"sanitized":88},{"from":148,"to":150,"sanitized":88},2,"medium",{"entryPoint":160,"graph":161,"unsanitizedCount":157,"severity":158},"\u003CShortcodes> (classes\\Shortcodes.php:0)",{"nodes":162,"edges":167},[163,164,165,166],{"id":137,"type":138,"label":139,"file":109,"line":140},{"id":142,"type":143,"label":144,"file":109,"line":145,"wp_function":146},{"id":148,"type":138,"label":139,"file":109,"line":140},{"id":150,"type":143,"label":151,"file":109,"line":152,"wp_function":153},[168,169],{"from":137,"to":142,"sanitized":88},{"from":148,"to":150,"sanitized":88},{"entryPoint":171,"graph":172,"unsanitizedCount":28,"severity":184},"\u003Cmember> (templates\\admin\\member.php:0)",{"nodes":173,"edges":182},[174,178],{"id":137,"type":138,"label":175,"file":176,"line":177},"$_POST","templates\\admin\\member.php",33,{"id":142,"type":143,"label":179,"file":176,"line":180,"wp_function":181},"update_option() [Settings Manipulation]",34,"update_option",[183],{"from":137,"to":142,"sanitized":86},"low",{"summary":186,"deductions":187},"The 'free-vehicle-data-uk' v2.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for all SQL queries and properly escaping all output. This significantly mitigates risks related to common database injection and cross-site scripting vulnerabilities that stem from these areas.\n\nHowever, there are notable concerns primarily stemming from the attack surface. The plugin exposes six AJAX handlers without any authentication or capability checks, creating a significant entry point for potential unauthorized actions or information disclosure. While no critical or high-severity taint flows were identified, the presence of two flows with unsanitized paths warrants attention, as these could potentially lead to vulnerabilities if exploited in conjunction with other weaknesses.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the strong practices in SQL and output handling, suggests a developer who is attentive to fundamental security principles. Nevertheless, the unprotected AJAX endpoints represent a clear and present risk that needs to be addressed to improve the plugin's overall security.",[188,190,193],{"reason":189,"points":47},"Unprotected AJAX handlers",{"reason":191,"points":192},"Taint flows with unsanitized paths",8,{"reason":194,"points":14},"Limited capability checks","2026-03-16T20:26:07.561Z",{"wat":197,"direct":212},{"assetPaths":198,"generatorPatterns":204,"scriptPaths":205,"versionParams":206},[199,200,201,202,203],"\u002Fwp-content\u002Fplugins\u002Ffree-vehicle-data-uk\u002Fassets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Ffree-vehicle-data-uk\u002Fassets\u002Fcss\u002Ftoastr.css","\u002Fwp-content\u002Fplugins\u002Ffree-vehicle-data-uk\u002Fassets\u002Fjs\u002Ftoastr.js","\u002Fwp-content\u002Fplugins\u002Ffree-vehicle-data-uk\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Ffree-vehicle-data-uk\u002Fassets\u002Fjs\u002Fadmin.js",[],[201,203],[207,208,209,210,211],"free-vehicle-data-uk\u002Fassets\u002Fcss\u002Ftoastr.css?ver=","free-vehicle-data-uk\u002Fassets\u002Fjs\u002Ftoastr.js?ver=","free-vehicle-data-uk\u002Fassets\u002Fcss\u002Fadmin.css?ver=","free-vehicle-data-uk\u002Fassets\u002Fjs\u002Fadmin.js?ver=","free-vehicle-data-uk\u002Fassets\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":213,"htmlComments":214,"htmlAttributes":215,"restEndpoints":216,"jsGlobals":217,"shortcodeOutput":219},[],[],[],[],[218,80,218],"FreeVehicleData",[220,221,222,223],"[fvd_calljson]","[fvd_searchbox]","[fvd_getdata]","[fvd_returnmotrecord]"]