[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUDJVL_CdIbDyybCPOmuPM9EY0EQyCl6fMEMd5xotz_A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":13,"requires_php":13,"tags":15,"homepage":13,"download_link":16,"security_score":17,"vuln_count":11,"unpatched_count":11,"last_vuln_date":18,"fetched_at":19,"vulnerabilities":20,"developer":21,"crawl_stats":18,"alternatives":29,"analysis":30,"fingerprints":185},"gospel-resource-hub","Gospel Resource Hub","1.0.3","David Jensen","https:\u002F\u002Fprofiles.wordpress.org\u002Fdkjensen\u002F","\u003Cp>Display resources easily that are pulled directly from the Gospel Resource Hub API. Comes with an easy to use widget for filtering, as well as an extendable codebase for developers.\u003C\u002Fp>\n\u003Cp>This plugin integrates with the third party Gospel Resource Hub API endpoint \u003Ccode>\u002F\u002Fgrh.devecl.io\u002Fapi\u002Fv1\u002F\u003C\u002Fcode>. Your information is not stored or shared with this service, the connection is only required to retrieve resources from the API.\u003C\u002Fp>\n\u003Cp>Powered by \u003Ca href=\"https:\u002F\u002Findigitous.org\" rel=\"nofollow ugc\">Indigitous\u003C\u002Fa>\u003C\u002Fp>\n","Integrates your WordPress website with Gospel Resource Hub API v1.",0,1164,"","4.7.32",[],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgospel-resource-hub.1.0.3.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":22,"display_name":7,"profile_url":8,"plugin_count":23,"total_installs":24,"avg_security_score":25,"avg_patch_time_days":26,"trust_score":27,"computed_at":28},"dkjensen",5,5000,94,30,90,"2026-04-04T05:39:29.439Z",[],{"attackSurface":31,"codeSignals":127,"taintFlows":154,"riskAssessment":181,"analyzedAt":184},{"hooks":32,"ajaxHandlers":115,"restRoutes":116,"shortcodes":117,"cronEvents":125,"entryPointCount":126,"unprotectedCount":11},[33,39,44,48,52,56,60,65,69,75,78,83,87,91,95,98,102,106,110],{"type":34,"name":35,"callback":36,"file":37,"line":38},"action","init","post_type_init","gospel-resource-hub.php",54,{"type":34,"name":40,"callback":41,"priority":42,"file":37,"line":43},"wp_loaded","load",1,55,{"type":45,"name":46,"callback":46,"file":37,"line":47},"filter","query_vars",57,{"type":34,"name":49,"callback":49,"file":50,"line":51},"admin_menu","includes\\admin\\class-gospel-resource-hub-settings.php",7,{"type":34,"name":53,"callback":54,"file":50,"line":55},"admin_init","save_settings",8,{"type":34,"name":57,"callback":58,"file":50,"line":59},"admin_enqueue_scripts","admin_scripts",9,{"type":34,"name":61,"callback":62,"file":63,"line":64},"pre_get_posts","parse_query","includes\\class-gospel-resource-hub.php",23,{"type":45,"name":66,"callback":66,"priority":67,"file":63,"line":68},"posts_results",10,125,{"type":45,"name":70,"callback":71,"priority":72,"file":73,"line":74},"post_link","grh_post_link",99,"includes\\template-filters.php",13,{"type":45,"name":76,"callback":71,"priority":72,"file":73,"line":77},"the_permalink",14,{"type":45,"name":79,"callback":80,"priority":81,"file":73,"line":82},"the_title","grh_post_title",15,44,{"type":45,"name":84,"callback":85,"priority":81,"file":73,"line":86},"body_class","grh_body_class",56,{"type":45,"name":88,"callback":89,"priority":81,"file":73,"line":90},"comments_open","grh_comments_open",68,{"type":45,"name":92,"callback":93,"priority":81,"file":73,"line":94},"the_excerpt","grh_post_excerpt",80,{"type":45,"name":96,"callback":93,"priority":81,"file":73,"line":97},"get_the_excerpt",81,{"type":45,"name":99,"callback":100,"priority":81,"file":73,"line":101},"post_thumbnail_html","grh_post_thumbnail",96,{"type":45,"name":103,"callback":104,"priority":81,"file":73,"line":105},"get_post_metadata","grh_post_meta",111,{"type":45,"name":107,"callback":108,"file":73,"line":109},"get_view_format","grh_post_view_format",121,{"type":34,"name":111,"callback":112,"file":113,"line":114},"widgets_init","grh_widget_filters","includes\\widgets\\widget-gospel-resource-hub-filters.php",164,[],[],[118,122],{"tag":4,"callback":119,"file":120,"line":121},"gospelrh_shortcode","includes\\shortcodes\\gospel-resource-hub-shortcode.php",64,{"tag":123,"callback":119,"file":120,"line":124},"gospelrh",65,[],2,{"dangerousFunctions":128,"sqlUsage":129,"outputEscaping":136,"fileOperations":11,"externalRequests":42,"nonceChecks":42,"capabilityChecks":55,"bundledLibraries":153},[],{"prepared":130,"raw":42,"locations":131},12,[132],{"file":133,"line":134,"context":135},"includes\\class-grh-query.php",830,"$wpdb->get_results() with variable interpolation",{"escaped":137,"rawEcho":138,"locations":139},51,6,[140,142,145,147,149,151],{"file":50,"line":72,"context":141},"raw output",{"file":143,"line":144,"context":141},"includes\\template-functions.php",40,{"file":113,"line":146,"context":141},32,{"file":113,"line":148,"context":141},34,{"file":113,"line":150,"context":141},102,{"file":113,"line":152,"context":141},104,[],[155,173],{"entryPoint":156,"graph":157,"unsanitizedCount":11,"severity":172},"save_settings (includes\\admin\\class-gospel-resource-hub-settings.php:127)",{"nodes":158,"edges":169},[159,164],{"id":160,"type":161,"label":162,"file":50,"line":163},"n0","source","$_POST['gospelrh']",132,{"id":165,"type":166,"label":167,"file":50,"line":163,"wp_function":168},"n1","sink","update_option() [Settings Manipulation]","update_option",[170],{"from":160,"to":165,"sanitized":171},true,"low",{"entryPoint":174,"graph":175,"unsanitizedCount":11,"severity":172},"\u003Cclass-gospel-resource-hub-settings> (includes\\admin\\class-gospel-resource-hub-settings.php:0)",{"nodes":176,"edges":179},[177,178],{"id":160,"type":161,"label":162,"file":50,"line":163},{"id":165,"type":166,"label":167,"file":50,"line":163,"wp_function":168},[180],{"from":160,"to":165,"sanitized":171},{"summary":182,"deductions":183},"The 'gospel-resource-hub' plugin v1.0.3 exhibits a strong security posture based on the provided static analysis. The plugin utilizes prepared statements for the vast majority of its SQL queries and properly escapes most of its output, indicating good development practices regarding common web vulnerabilities.  Furthermore, the absence of file operations and external HTTP requests reduces the attack surface. The plugin also demonstrates awareness of WordPress security by including capability checks and a nonce check, although the limited number of entry points (2 shortcodes) and their apparent lack of direct authentication bypass vulnerabilities are positive indicators.\n\nThe vulnerability history is entirely clean, with no known CVEs or past security issues recorded. This suggests a commitment to security or, at the the very least, a lack of exploitable vulnerabilities discovered to date.  However, it's important to note that the attack surface is minimal with only two shortcodes, and the analysis did not reveal any critical or high-severity taint flows. The presence of only one external HTTP request is also a positive sign.  Overall, this plugin appears to be well-secured with good practices in place, though the limited scope of the static analysis and the small number of entry points mean that comprehensive assurance would require further, broader security testing.",[],"2026-03-17T05:42:34.492Z",{"wat":186,"direct":193},{"assetPaths":187,"generatorPatterns":189,"scriptPaths":190,"versionParams":191},[188],"\u002Fwp-content\u002Fplugins\u002Fgospel-resource-hub\u002Fassets\u002Fadmin\u002Fjs\u002Fgrh-admin-scripts.js",[],[188],[192],"gospel-resource-hub\u002Fassets\u002Fadmin\u002Fjs\u002Fgrh-admin-scripts.js?ver=",{"cssClasses":194,"htmlComments":205,"htmlAttributes":206,"restEndpoints":211,"jsGlobals":212,"shortcodeOutput":215},[195,196,197,198,199,200,201,202,203,204],"grh-list-table","grh-title","grh-lang-id","grh-lang-name","grh-country-name","grh-media-type","grh-organization","grh-thumb","grh-thumbnail","grh-thumb-options",[],[207,208,209,210],"name=\"gospelrh[archive]\"","id=\"gospelrh[default_thumbnail]\"","name=\"gospelrh[default_thumbnail]\"","value=\"save_settings\"",[],[213,214],"GRH_PLUGIN_URL","GRH_VERSION",[216],"[gospel-resource-hub]"]