[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1N2piv4RnFZH6ude5j1QpkGHKLPXjFpQRDSU_KQMyWI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":124,"fingerprints":175},"gf-data-purge","Gravity Forms Data Purge","1.0.4","Andrew Dixon","https:\u002F\u002Fprofiles.wordpress.org\u002Faandrewdixon\u002F","\u003Cp>The plugin is very simple. It adds a setting to the Gravity Forms menu in the WP Admin called “Purge Data” and under this option you set the number of days you would like to retain Gravity Forms entries for, for all forms on your site.\u003C\u002Fp>\n\u003Cp>The default is to keep all entries forever, empty field, and a valid value is any number of days from 0 (zero) to X. Once an entry is that number of days old, it is removed.\u003C\u002Fp>\n\u003Cp>The cron task to delete the entries runs once per hour, so when set to 0, the maximum time an entry will be stored for is one hour.\u003C\u002Fp>\n\u003Cp>PLEASE NOTE: Entries are permanently deleted, so use with care.\u003C\u002Fp>\n","Simple plugin to purge data from Gravity Forms Entries that are older that a certain number of days.",60,2513,0,"2018-04-07T16:17:00.000Z","4.9.29","",[18,19,20],"data-protection","gdpr","gravity-forms","https:\u002F\u002Fgithub.com\u002Fmso-net\u002Fgravity-forms-data-purge\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgf-data-purge.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"aandrewdixon",1,30,84,"2026-04-05T09:23:30.330Z",[34,57,74,90,106],{"slug":19,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"GDPR","2.1.2","Trew Knowledge","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrewknowledge\u002F","\u003Cp>This plugin is meant to assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Collaboration\u003C\u002Fh3>\n\u003Cp>You can send your pull request at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002Fgdpr\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002Fgdpr\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Shortcodes & helper functions\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\u002FFunctions-&-Shortcodes\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\u002FFunctions-&-Shortcodes\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Consent management\u003C\u002Fli>\n\u003Cli>Privacy Preference management for Cookies with front-end preference UI & banner notifications\u003C\u002Fli>\n\u003Cli>Privacy Policy page configurations with version control and re-consent management\u003C\u002Fli>\n\u003Cli>Rights to erasure & deletion of website data with a double opt-in confirmation email\u003C\u002Fli>\n\u003Cli>Re-assignment of user data on erasure requests & pseudonymization of user website data\u003C\u002Fli>\n\u003Cli>Data Processor settings and publishing of contact information\u003C\u002Fli>\n\u003Cli>Right to access data by admin dashboard with email look up and export\u003C\u002Fli>\n\u003Cli>Right to access data by Data Subject with front-end requests button & double opt-in confirmation email\u003C\u002Fli>\n\u003Cli>Right to portability & export of data by Admin or Data Subject in XML or JSON formats\u003C\u002Fli>\n\u003Cli>Encrypted audit logs for the lifetime of Data Subject compliance activity\u003C\u002Fli>\n\u003Cli>Data Subject Secret Token for two-factor decryption and recovery of data\u003C\u002Fli>\n\u003Cli>Data breach notification logs and batch email notifications to Data Subjects\u003C\u002Fli>\n\u003Cli>Telemetry Tracker for visualizing plugins and website data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Settings\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>General\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>From the Settings options in the dashboard, you can select the Privacy Policy page for tracking and logging consent.\u003C\u002Fp>\n\u003Cp>On login, the user must consent to the Privacy Policy outlined on the site. If the user does not consent, the user will not be registered or logged in.\u003C\u002Fp>\n\u003Cp>If the site owner updates the Privacy Policy page content, the change will be logged and flagged to the admin that they must notify users on next login to seek re-consent. Additionally, the warning message can be dismissed in the event of a minor correction or mistake.\u003C\u002Fp>\n\u003Cp>Additionally, under General Settings the Admin can set the outgoing email limitation which would set the batch notification email limit per hour in the event of a Breach Notification.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cookie Preference Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Similar to consent management, users can opt in or out of cookies that are being used on the site. There are 3 formats of cookies that can be created which include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Always Active:\u003C\u002Fstrong> Cookies that are always active or are required for the site to function.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Toggled:\u003C\u002Fstrong> Cookies that can be activated or blocked based on the user preference\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Opt-Out Link:\u003C\u002Fstrong> Cookies that require configuration from a third-party source in order to opt-out\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Depending on the user preference setting, you can use the \u003Ccode>is_allowed_cookie( $cookie )\u003C\u002Fcode> function to save and set the cookies. The cookie with the user approved cookies can be found at another cookie named \u003Ccode>gdpr_approved_cookies\u003C\u002Fcode>. There’s also a helper function called \u003Ccode>is_allowed_cookie( $cookie )\u003C\u002Fcode> that you can use to prevent setting up a cookie.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Consent Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Consents can be registered on the settings page. They can be optional or not. By default, this plugin comes with a Privacy Policy consent that users need to agree with on registration.\u003C\u002Fp>\n\u003Cp>For optional consents, there’s a wrapper function \u003Ccode>have_consent( $consent_id )\u003C\u002Fcode> to help you display or hide something on the site depending if the user gave consent or not.\u003C\u002Fp>\n\u003Cp>Consents are logged to the user record for auditing or for access purposes.\u003C\u002Fp>\n\u003Ch3>Requests Table & Rights of Data Subject\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Right to Erasure Requests\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>The Data Subject is able to submit a request to be erased from the site using a shortcode.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>When a request is made, the Data Subject will receive an email confirmation to confirm the deletion request.\u003C\u002Fp>\n\u003Col>\n\u003Cli>After email confirmation, the user request is added to the requests table for review by the Administrator. The Administrator can also add a user manually with an email look up and review.\u003C\u002Fli>\n\u003Cli>If the Data Subject has content published on the site for any post types or comments, they will be added to this table. If they do not have any content, they will receive a confirmation of erasure request and be provided a 6 digit Token for safekeeping after erasure in case of recover data needs.\u003C\u002Fli>\n\u003Cli>The requests table allows the Administrator to reassign any content to another user or delete it.\u003C\u002Fli>\n\u003Cli>In the event of comments, the Data Subject’s content would be made anonymous.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Admin can also manually add users to the erasure requests table with a manual email search\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Right to Access Data Request & User Data Portability\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>The Data Subject can place a request to download their data with the shortcode.\u003C\u002Fli>\n\u003Cli>After requesting their data, the user will receive a double opt-in confirmation email then the plugin will generate an XML or JSON file, which will be emailed to them for download with an expiration time of 48 hours.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Right to Rectify & Complaint Requests\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>The Data Subject can place a request to rectify data or file a complaint with the shortcode.\u003C\u002Fli>\n\u003Cli>After making their request, the user will receive a double opt-in confirmation email and then add them to the table for admin to handle the request.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Tools\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Access Data\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Access Data tool allows the Admin to look up a user email and view the data of a particular user. The Admin can download and export the data in a JSON or XML format and provide to the Data Subject if manually requested.\u003C\u002Fp>\n\u003Cp>NOTE: This method should not be used without the Data Subject confirming their identity.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Audit Log\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Everything the Data Subject does from registration, providing consent to the privacy policy, terms of service and other requests are logged and encrypted in a database. Data breach notifications are also logged to all Data Subjects upon confirmation by Controller.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Using the Data Subject’s email, you can look up and retrieve the user information and display it.\u003C\u002Fli>\n\u003Cli>If the Data Subject has been removed from the site, this encrypted log is deleted from the database and saved as an encrypted file inside the plugin folder.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If in the future, the Data Subject makes a complaint or there is a need to recover the data, the user can provide their email address and the 6 digit token they received from the deletion confirmation email to decrypt and retrieve the file.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Breach & Notifications\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In case of a data breach, the Admin can generate a Data Breach Notification to users by logging the information and confirm the breach through a double opt-in confirmation email. The following information would be recorded in the audit log:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Nature of the personal data breach\u003C\u002Fli>\n\u003Cli>Name and contact details of the data protection officer\u003C\u002Fli>\n\u003Cli>Likely consequences of the personal data breach\u003C\u002Fli>\n\u003Cli>Measures were taken or proposed to be taken\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Once the confirmation of the breach has been confirmed via email, the website will begin a batch email notification process to all users every hour until all users receive the notification.\u003C\u002Fp>\n\u003Ch3>Telemetry Tracker\u003C\u002Fh3>\n\u003Cp>The Telemetry Tracker feature will display all data that is being sent outside of your server to another destination. It will indicate the plugin or theme responsible, file and line where the data is being sent.\u003C\u002Fp>\n\u003Cp>WordPress Core and some plugins gather data from your install and send this data to an outside server.\u003C\u002Fp>\n\u003Cp>WordPress Plugin Repository does not allow plugins to do that, but premium plugins are able to do this because they are not bound by the Plugin repository rules. If you did not explicitly opt-in for this feature you should make a complaint.\u003C\u002Fp>\n\u003Ch3>Important!\u003C\u002Fh3>\n\u003Cp>Activating this plugin does not guarantee that an organization is successfully meeting its responsibilities and obligations of GDPR. Individual organizations should assess their unique responsibilities and ensure extra measures are taken to meet any obligations required by law and based on a data protection impact assessment (DPIA).\u003C\u002Fp>\n","This plugin is meant to assist with the GDPR obligations of a Data processor and Controller.",10000,371698,86,58,"2026-02-24T15:47:00.000Z","6.9.4","4.7","5.6",[50,19,51,52,53],"compliance","general-data-protection-regulation","law","privacy","https:\u002F\u002Ftrewknowledge.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr.2.1.2.zip",100,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":56,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":16,"tags":71,"homepage":72,"download_link":73,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"wider-gravity-forms-stop-entries","Wider Gravity Forms Stop Entries","1.0","wearewider","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearewider\u002F","\u003Cp>Gravity Forms is a wonderful plugin and each form submission is stored on your web server and is accessible through the admin area – which can be great if you have problems with the email address you have setup to receive form submissions.\u003C\u002Fp>\n\u003Cp>However, there is no easy way in the admin area to selectively stop entries being stored on your web server, it has to be done in code and is a bit of hassle – this plugin makes it easy to stop this potentially sensitive data being stored.\u003C\u002Fp>\n\u003Cp>Improve the privacy of your visitors form submissions and make your website comply with the GDPR – this plugin allows you to select individual Gravity Forms you have setup and stop these entries being stored through easy to use admin options.\u003C\u002Fp>\n\u003Cp>You will find the options under \u003Ccode>Settings > Gravity Forms Stop Entries\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>NOTE: Requires Gravity Forms v1.8 or newer!\u003C\u002Fp>\n","Selectively stop Gravity Forms entries being stored on your web server to comply with privacy and the GDPR.",700,5283,2,"2017-08-01T08:44:00.000Z","4.8.28","4.5",[19,20,53],"https:\u002F\u002Fwww.wider.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwider-gravity-forms-stop-entries.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":56,"num_ratings":67,"last_updated":84,"tested_up_to":85,"requires_at_least":47,"requires_php":48,"tags":86,"homepage":88,"download_link":89,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"gdpr-for-gravity-forms","Gravity Forms: GDPR Framework Add-On","2.0.0","Data443 Risk Mitigation, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdata443\u002F","\u003Cp>The easiest way to make your Gravity Forms GDPR compliant!\u003C\u002Fp>\n\u003Cp>This plugin is a service of \u003Ca href=\"https:\u002F\u002Fdata443.com\" rel=\"nofollow ugc\">Data443\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Data443 is a Data Security and Compliance company traded on the OTCMarkets as \u003Ca href=\"https:\u002F\u002Fwww.otcmarkets.com\u002Fstock\u002FATDS\u002Foverview\" rel=\"nofollow ugc\">ATDS\u003C\u002Fa>. We have been providing leading GDPR compliance products such as Global Privacy Manager (\u003Ca href=\"https:\u002F\u002Fwww.data443.com\u002Fglobal-privacy-manager\u002F\" rel=\"nofollow ugc\">Data443™ Global Privacy Manager\u003C\u002Fa>), Blockchain privacy, and enterprise cloud eDiscovery tools.\u003C\u002Fp>\n\u003Cp>This plugin adds new privacy features to Gravity Forms. Your visitors can download or delete their form submissions automatically or submit a request for the site admin to do so.\u003C\u002Fp>\n\u003Cp>Until WordPress releases their own GDPR compliance update, this plugin requires \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-framework\u002F\" rel=\"ugc\">The GDPR Framework\u003C\u002Fa> to function (it’s free!)\u003C\u002Fp>\n\u003Cp>Make sure to also read the guide! You don’t need to drown your customers in pointless acceptance checkboxes if you know what you’re doing!\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>Using Gravity Forms: GDPR Add-On does NOT guarantee compliance to GDPR. This plugin gives you general information and tools, but is NOT meant to serve as complete compliance package. Compliance to GDPR is risk-based ongoing process that involves your whole business. Data443 is not eligible for any claim or action based on any information or functionality provided by this plugin.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>How to use this plugin (practical guide): \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F28246137\" rel=\"nofollow ugc\">Making your Gravity Forms GDPR-compliant\u003C\u002Fa>\u003Cbr \u002F>\nHow to use this plugin (the legal stuff explained): \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2079293576\" rel=\"nofollow ugc\">Legal grounds for processing data\u003C\u002Fa>\u003Cbr \u002F>\nFull documentation: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2078998660\" rel=\"nofollow ugc\">The WordPress Site Owner’s Guide to GDPR\u003C\u002Fa>\u003Cbr \u002F>\nFor developers: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2082439194\" rel=\"nofollow ugc\">Developer Docs\u003C\u002Fa>\u003Cbr \u002F>\nKnowledge Base: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F192708653\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>☑ Allow both users and visitors without an account to view, export and delete their form submissions or request the site admin to do so;\u003Cbr \u002F>\n☑ Configure forms to be excluded from viewing, exporting or deleting.\u003Cbr \u002F>\n☑ Support for anonymization: allow admin to select which fields must be anonymized;\u003Cbr \u002F>\n☑ Track, manage and withdraw consent.\u003C\u002Fp>\n","The easiest way to make your Gravity Forms GDPR-compliant. Fully documented, extendable and developer-friendly.",400,18304,"2022-07-28T14:55:00.000Z","6.0.11",[50,19,20,53,87],"security","https:\u002F\u002Fwww.data443.com\u002Fgdpr-framework-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-for-gravity-forms.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":13,"num_ratings":13,"last_updated":100,"tested_up_to":15,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":104,"download_link":105,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"gf-privacy-addon","Gravity Forms Privacy AddOn","0.1.0","andytela","https:\u002F\u002Fprofiles.wordpress.org\u002Fandymoonshine\u002F","\u003Cp>When you use the “Export Personal Data” under tools in WP 4.9.6+, Gravity Forms data will be included in the export.\u003Cbr \u002F>\nIf you “Erase Personal Data” this will remove the entries from the relevant entries table in Gravity Forms.\u003C\u002Fp>\n","Add Gravity Forms data to the \"Export Personal Data\" and \"Erase Personal Data\" tools.",70,2591,"2018-05-24T16:58:00.000Z","4.9.6","7.0",[19,20,53],"http:\u002F\u002Fwww.tela.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgf-privacy-addon.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":13,"num_ratings":13,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":16,"tags":119,"homepage":16,"download_link":123,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"gdpr-easycloud","GDPR Easycloud","1.0.6","EMNOISE","https:\u002F\u002Fprofiles.wordpress.org\u002Fcristal88\u002F","\u003Cp>GDPR Easycloud is the plugin that allows you to easily manage cookies in compliance with the general data protection regulations (GDPR).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>GDPR control\u003C\u002Fli>\n\u003Cli>Text and style customizable\u003C\u002Fli>\n\u003Cli>Shortcode to include link to edit cookie\u003C\u002Fli>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Italian\u003C\u002Fli>\n\u003C\u002Ful>\n","GDPR Easycloud is the plugin that allows you to easily manage cookies in compliance with the general data protection regulations (GDPR).",20,1305,"2019-02-12T15:04:00.000Z","5.0.25","3.3",[120,19,121,107,122],"cookie","gdpr-compliant","general-data-protection-regulament","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-easycloud.zip",{"attackSurface":125,"codeSignals":152,"taintFlows":162,"riskAssessment":163,"analyzedAt":174},{"hooks":126,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":13,"unprotectedCount":13},[127,133,138,142],{"type":128,"name":129,"callback":130,"file":131,"line":132},"action","admin_init","gfdp_register_settings","gravity-forms-data-purge.php",18,{"type":134,"name":135,"callback":136,"file":131,"line":137},"filter","gform_addon_navigation","create_menu",21,{"type":128,"name":139,"callback":140,"file":131,"line":141},"gfdp_check_for_expired_entries","gfdp_checkForExpiredEntries",46,{"type":128,"name":143,"callback":144,"file":131,"line":145},"wp","gfdp_activateCheckForExpiredEntries",54,[],[],[],[150],{"hook":139,"callback":139,"file":131,"line":151},50,{"dangerousFunctions":153,"sqlUsage":154,"outputEscaping":156,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":161},[],{"prepared":13,"raw":13,"locations":155},[],{"escaped":13,"rawEcho":29,"locations":157},[158],{"file":131,"line":159,"context":160},37,"raw output",[],[],{"summary":164,"deductions":165},"The \"gf-data-purge\" plugin v1.0.4 presents a mixed security posture.  On the positive side, the static analysis reveals no dangerous functions, no direct SQL queries (all use prepared statements), no file operations, no external HTTP requests, and no taint flows, which are all excellent indicators. Furthermore, the plugin has no recorded vulnerability history, suggesting a history of safe development. However, a significant concern arises from the output escaping. With 100% of outputs not properly escaped, this plugin has a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data processed or displayed by the plugin that is not inherently safe could be injected with malicious scripts.  The absence of nonce checks and capability checks on entry points, while seemingly low risk due to the zero entry points listed, still represents a potential gap if the plugin's functionality were to expand or if the static analysis missed any indirect entry points.",[166,169,172],{"reason":167,"points":168},"100% of outputs not properly escaped",8,{"reason":170,"points":171},"No nonce checks on entry points",3,{"reason":173,"points":171},"No capability checks on entry points","2026-03-16T21:45:58.939Z",{"wat":176,"direct":185},{"assetPaths":177,"generatorPatterns":180,"scriptPaths":181,"versionParams":182},[178,179],"\u002Fwp-content\u002Fplugins\u002Fgf-data-purge\u002Fgfdp-admin.js","\u002Fwp-content\u002Fplugins\u002Fgf-data-purge\u002Fgfdp-admin.css",[],[178],[183,184],"gf-data-purge\u002Fgfdp-admin.js?ver=","gf-data-purge\u002Fgfdp-admin.css?ver=",{"cssClasses":186,"htmlComments":187,"htmlAttributes":188,"restEndpoints":191,"jsGlobals":192,"shortcodeOutput":193},[],[],[189,190],"id=\"gfdp_option_name\"","name=\"gfdp_option_name\"",[],[],[]]