[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foBtqVfzNKtFp3P9yAAbhQS6JP0lGmyMbDqCihZKzSPk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":33,"fingerprints":82},"gplus-publisher","Gplus Publisher","0.99","Francisco Torres","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrantorres\u002F","\u003Cp>The plugin puts the required code in the WITHOUT-AUTOR-pages of your blog (and JUST in them, is it supposed that in the with-autor-pages you have rel=”author” and rel=”me” codes to relate an author with a Google+ Profile) in order to get a “identified site” in reference to a Google+ Page.\u003C\u002Fp>\n","Puts rel=\"publisher\" code related to Google+ in the without-autor-pages of your blog.",10,1547,0,"2012-02-08T15:02:00.000Z","3.3.2","2.8","",[],"http:\u002F\u002Fgiga4.es\u002Fgplus-publisher.zip","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgplus-publisher.0.99.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":21,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"frantorres",2,60,30,84,"2026-04-04T13:45:49.849Z",[],{"attackSurface":34,"codeSignals":55,"taintFlows":69,"riskAssessment":70,"analyzedAt":81},{"hooks":35,"ajaxHandlers":51,"restRoutes":52,"shortcodes":53,"cronEvents":54,"entryPointCount":13,"unprotectedCount":13},[36,42,46],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","admin_menu","gplus_publisher_page","admin.php",5,{"type":37,"name":43,"callback":44,"file":40,"line":45},"admin_init","gplus_publisher_init",47,{"type":37,"name":47,"callback":48,"file":49,"line":50},"wp_head","gplus_publisher","gplus-publisher.php",18,[],[],[],[],{"dangerousFunctions":56,"sqlUsage":57,"outputEscaping":59,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":68},[],{"prepared":13,"raw":13,"locations":58},[],{"escaped":13,"rawEcho":60,"locations":61},3,[62,65,66],{"file":40,"line":63,"context":64},78,"raw output",{"file":40,"line":21,"context":64},{"file":49,"line":67,"context":64},27,[],[],{"summary":71,"deductions":72},"The gplus-publisher plugin version 0.99 exhibits a generally weak security posture despite the absence of known vulnerabilities and a clean taint analysis. While the static analysis reports no detected entry points like AJAX handlers, REST API routes, shortcodes, or cron events, and no dangerous functions or raw SQL queries are present, there are significant concerns regarding output escaping. A concerning 0% of the identified outputs are properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities if any of these outputs are ever exposed to user-supplied data.  The lack of nonce checks and capability checks on any potential (though not identified) entry points further compounds this risk. The plugin's vulnerability history is clean, which is positive, but it doesn't mitigate the immediate risks identified in the static analysis.  In conclusion, while the plugin has a seemingly small attack surface and no history of exploits, the critical flaw in output escaping presents a substantial and immediate security risk that could lead to widespread compromise.",[73,76,79],{"reason":74,"points":75},"No output escaping",12,{"reason":77,"points":78},"No nonce checks",8,{"reason":80,"points":78},"No capability checks","2026-03-17T01:30:33.096Z",{"wat":83,"direct":88},{"assetPaths":84,"generatorPatterns":85,"scriptPaths":86,"versionParams":87},[],[],[],[],{"cssClasses":89,"htmlComments":90,"htmlAttributes":92,"restEndpoints":94,"jsGlobals":95,"shortcodeOutput":96},[],[91],"\u003C!-- Gplus Publisher -->",[93],"rel=\"publisher\"",[],[],[]]