[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEdXOahjTmlSy4fgtWxXoyGF0sQ3FGD0uassPXFzjomM":3,"$fnEAYrrrn6iEppDmRDaWae1UXGicDqbxXfa1eKF1X0E0":87,"$fkwFEzghNtej-AUgE9Jv9wKHGd6SE5WxJPrLZWXNKaT8":92},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":19,"download_link":20,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":23,"discovery_status":24,"vulnerabilities":25,"developer":26,"crawl_stats":22,"alternatives":33,"analysis":34,"fingerprints":72},"gopherduct","Gopherduct","0.9.0","invisnet","https:\u002F\u002Fprofiles.wordpress.org\u002Finvisnet\u002F","\u003Cp>Almost all web browsers have abandoned Gopher; access to Gopherspace now requires a bridge – a Gopherduct.\u003C\u002Fp>\n\u003Cp>The plugin allows easy access to your Gopherhole from within WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This is a Beta version.\u003C\u002Fstrong> “It Works For Me”, but there are almost certainly bugs.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Gopherspace\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Gopherspace URL is appended to the HTTP URL (e.g. \u003Ccode>\u002Fgopherspace\u002F0\u002Fmy\u002Ffoo\u002Fbar.md\u003C\u002Fcode>) so you can link directly from HTTP-space.\u003C\u002Fp>\n\u003Cp>Gophermaps are rendered as a table with some basic styling; in future this will change to allow better integration with themes.\u003C\u002Fp>\n\u003Cp>Currently implements only the basics – File, Directory (local only), HTML.\u003C\u002Fp>\n\u003Cp>Next up will be Images, then Search.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Markdown\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Files with an \u003Ccode>.md\u003C\u002Fcode> extension will be rendered as Markdown – no configuration necessary!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>robots.txt\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Gopherduct doesn’t yet do anything clever with the Gopherspace \u003Ccode>robots.txt\u003C\u002Fcode> file; for now, please remember to adjust your WordPress \u003Ccode>robots.txt\u003C\u002Fcode> file to preserve any exclusions etc.\u003C\u002Fp>\n","noun. 1) a conduit for Gopher, 2) WordPress to Gopherspace bridge.",0,790,"2020-08-25T01:12:00.000Z","5.5.18","4.9","7.3",[18],"gopher","https:\u002F\u002Finvis.net\u002Fplugins\u002Fgopherduct\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgopherduct.0.9.0.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},8,75560,88,1793,71,"2026-05-19T23:27:12.702Z",[],{"attackSurface":35,"codeSignals":55,"taintFlows":63,"riskAssessment":64,"analyzedAt":71},{"hooks":36,"ajaxHandlers":47,"restRoutes":48,"shortcodes":49,"cronEvents":53,"entryPointCount":54,"unprotectedCount":11},[37,43],{"type":38,"name":39,"callback":40,"file":41,"line":42},"filter","query_vars","anonymous","gopherduct.php",73,{"type":38,"name":44,"callback":40,"priority":45,"file":41,"line":46},"redirect_canonical",10,90,[],[],[50],{"tag":51,"callback":40,"file":41,"line":52},"gopherspace",158,[],1,{"dangerousFunctions":56,"sqlUsage":57,"outputEscaping":59,"fileOperations":11,"externalRequests":54,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":62},[],{"prepared":11,"raw":11,"locations":58},[],{"escaped":60,"rawEcho":11,"locations":61},3,[],[],[],{"summary":65,"deductions":66},"The \"gopherduct\" plugin v0.9.0 exhibits a strong security posture based on the provided static analysis.  The code demonstrates excellent practices by exclusively using prepared statements for SQL queries and properly escaping all identified output. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its security profile.  A key positive is the lack of any recorded vulnerabilities (CVEs) and the minimal attack surface, with all entry points appearing to be secured against unauthenticated access.  This suggests a developer who is mindful of security best practices.\n\nHowever, there are areas for improvement. The plugin lacks nonce checks and capability checks for its entry points. While the static analysis reported no unauthenticated AJAX handlers or REST API routes, the absence of these fundamental security mechanisms is a concern. If any new entry points were introduced or if the existing ones were ever misconfigured, this could lead to vulnerabilities. The taint analysis also yielded no results, which, while seemingly positive, could also indicate limited testing or a lack of complex data flows that might expose vulnerabilities.\n\nIn conclusion, \"gopherduct\" v0.9.0 is currently in a good state of security due to its adherence to core coding practices like prepared statements and output escaping, and its clean vulnerability history. The primary weakness lies in the missing nonce and capability checks, which represent a potential risk that could be exploited if the attack surface were to expand or be misunderstood. Continued vigilance and addressing these missing checks would elevate its security further.",[67,69],{"reason":68,"points":27},"Missing nonce checks",{"reason":70,"points":27},"Missing capability checks","2026-04-16T13:51:05.744Z",{"wat":73,"direct":79},{"assetPaths":74,"generatorPatterns":76,"scriptPaths":77,"versionParams":78},[75],"\u002Fwp-content\u002Fplugins\u002Fgopherduct\u002Fgopherduct.css",[],[],[],{"cssClasses":80,"htmlComments":81,"htmlAttributes":82,"restEndpoints":83,"jsGlobals":84,"shortcodeOutput":85},[4],[],[],[],[],[86],"\u003Cdiv id=\"gopherduct\">",{"error":88,"url":89,"statusCode":90,"statusMessage":91,"message":91},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fgopherduct\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":54,"versions":93},[94],{"version":6,"download_url":20,"svn_tag_url":95,"released_at":22,"has_diff":96,"diff_files_changed":97,"diff_lines":22,"trac_diff_url":22,"vulnerabilities":98,"is_current":88},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgopherduct\u002Ftags\u002F0.9.0\u002F",false,[],[]]