[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fXWpk5-Hwc5IOg12ZBaAd1gmuVlOE3xn0bO4uGNsZbyQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":32,"analysis":33,"fingerprints":76},"health-fitness-quotes-widget","Health & Fitness Quotes Widget","1.0.0","thefitterfemale","https:\u002F\u002Fprofiles.wordpress.org\u002Fthefitterfemale\u002F","\u003Cp>This widget will show a random health and fitness quote in your sidebar or footer on every page load. We are open to suggestions and will keep improving this plug-in. The quotes shown in this plugin are said by famous personalities, health experts, nutrionists and gym instructors. In the current version of health and fitness plugin there are more than 500 quotes.\u003Cbr \u002F>\nIt can be used on health and fitness websites to motivate the readers.\u003Cbr \u002F>\n** About us: **\u003Cbr \u002F>\nWe have a gym for females and specialize in providing guidance for \u003Ca href=\"thefitterfemale.com\" rel=\"nofollow ugc\">females to lose weight\u003C\u002Fa> in \u003Ca href=\"https:\u002F\u002Fthefitterfemale.com\u002Flexington-free-trial\u002F\" rel=\"nofollow ugc\">Lexington\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fthefitterfemale.com\u002Facton-free-trial\u002F\" rel=\"nofollow ugc\">Acton\u003C\u002Fa>.\u003C\u002Fp>\n","Generates a random quote from a list of 500+ health and fitness quotes on every page load.",10,1937,0,"2017-12-15T18:25:00.000Z","4.9.29","4.0","5.4",[19,20],"fitness-quotes","health-quotes","https:\u002F\u002Fthefitterfemale.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhealth-fitness-quotes-widget.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,84,"2026-04-03T20:31:47.707Z",[],{"attackSurface":34,"codeSignals":46,"taintFlows":64,"riskAssessment":65,"analyzedAt":75},{"hooks":35,"ajaxHandlers":42,"restRoutes":43,"shortcodes":44,"cronEvents":45,"entryPointCount":13,"unprotectedCount":13},[36],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","widgets_init","register_health_fitness_widget","health-fitness-quotes.php",104,[],[],[],[],{"dangerousFunctions":47,"sqlUsage":48,"outputEscaping":50,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":63},[],{"prepared":13,"raw":13,"locations":49},[],{"escaped":51,"rawEcho":52,"locations":53},8,4,[54,57,59,61],{"file":40,"line":55,"context":56},41,"raw output",{"file":40,"line":58,"context":56},43,{"file":40,"line":60,"context":56},50,{"file":40,"line":62,"context":56},51,[],[],{"summary":66,"deductions":67},"The \"health-fitness-quotes-widget\" plugin, version 1.0.0, exhibits a seemingly strong security posture based on the static analysis results.  The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface.  Furthermore, the code reports no dangerous functions, no direct SQL queries (all use prepared statements), no file operations, no external HTTP requests, and no taint flows with unsanitized paths. This indicates a generally well-written codebase in terms of these specific security concerns. However, the complete lack of nonce checks and capability checks on entry points, which are not present, represents a significant oversight if any were to be introduced. Additionally, the fact that 33% of output is not properly escaped, while not leading to a critical finding in this static analysis, still presents a potential risk for cross-site scripting (XSS) vulnerabilities should user-supplied data be reflected without proper sanitization. The plugin's vulnerability history is completely clean, which is a positive indicator of past development practices and the absence of known exploits.  Despite the clean history and limited attack surface, the lack of implemented security checks like nonces and capabilities, and the presence of unescaped output, suggests potential weaknesses that could be exploited if the plugin were to be extended or if user-input handling isn't robust.",[68,70,73],{"reason":69,"points":52},"Unescaped output detected",{"reason":71,"points":72},"No nonce checks implemented",5,{"reason":74,"points":72},"No capability checks implemented","2026-03-16T23:48:20.891Z",{"wat":77,"direct":86},{"assetPaths":78,"generatorPatterns":80,"scriptPaths":81,"versionParams":83},[79],"\u002Fwp-content\u002Fplugins\u002Fhealth-fitness-quotes-widget\u002Fcss\u002Fstyle.css",[],[82],"\u002Fwp-content\u002Fplugins\u002Fhealth-fitness-quotes-widget\u002Fjs\u002Fcustom.js",[84,85],"health-fitness-quotes-widget\u002Fcss\u002Fstyle.css?ver=","health-fitness-quotes-widget\u002Fjs\u002Fcustom.js?ver=",{"cssClasses":87,"htmlComments":89,"htmlAttributes":90,"restEndpoints":91,"jsGlobals":92,"shortcodeOutput":93},[88],"widget_health_fitness_widget",[],[],[],[],[]]