[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fyxTCcp8WSZNe_d1-krGTZ_SV4MQYhPSmdKnYY6kdurE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":36,"analysis":133,"fingerprints":175},"hello-darth","Hello Darth","0.2","mclanea","https:\u002F\u002Fprofiles.wordpress.org\u002Fmclanea\u002F","\u003Cp>This little plugin is in homage to my geek friends who love to hate Lord Vader. When activated you will randomly see a quote from Darth Vader’s IMDB page in the upper right of your admin screen on every page. HT to Matt Mullenberg for the original code.\u003C\u002Fp>\n","This little plugin is in homage to my geek friends who love to hate Lord Vader.",10,11144,100,1,"2015-05-23T03:08:00.000Z","4.2.39","2.0.2","",[20,21,22,23,24],"admin-area","darth-vader","hello","humor","star-wars","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fhello-darth\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhello-darth.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},30,84,"2026-04-04T23:12:28.253Z",[37,53,70,89,111],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":13,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":17,"requires_php":18,"tags":49,"homepage":51,"download_link":52,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"hello-obi-wan","Hello Obi-Wan","0.3","kloptikus","https:\u002F\u002Fprofiles.wordpress.org\u002Fkloptikus\u002F","\u003Cp>Not just a plugin, but a symbol of hope and enthusiasm for an entire generation of Star Wars fans summed up most famously by Obi-Wan Kenobi: These are not the droids you’re looking for. When activated you will randomly see a quote from Obi-Wan Kenobi’s IMDB page in the upper right of your admin screen on every page. A tip of the hat to Matt Mullenweg for the original code.\u003C\u002Fp>\n","Not just a plugin, but a symbol of hope for an entire generation summed up famously by Obi-Wan: These are NOT the droids you're looking for.",1461,2,"2015-12-15T19:57:00.000Z","4.4.34",[20,22,23,50,24],"obi-wan-kenobi","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fhello-obi-wan\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhello-obi-wan.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":13,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":18,"tags":67,"homepage":18,"download_link":69,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"the-dude","The Dude","0.4","Kostas Vrouvas","https:\u002F\u002Fprofiles.wordpress.org\u002Fkosvrouvas\u002F","\u003Cp>That, or His Dudeness… Duder… or El Duderino, if, you know, you’re not into the whole brevity thing.\u003C\u002Fp>\n\u003Cp>When activated you will randomly see a quote from “The Big Lebowski” in the upper right of your admin screen on every page, h\u002Ft to Matt Mullenberg for the original code.\u003C\u002Fp>\n\u003Cp>Surprisingly featured in \u003Ca href=\"http:\u002F\u002Fwptavern.com\u002Fthe-dude-a-fun-alternative-to-hello-dolly\" rel=\"nofollow ugc\">WPTavern.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>RIP David Huddleston\u003C\u002Fp>\n","That, or His Dudeness… Duder… or El Duderino, if, you know, you're not into the whole brevity thing.",20,2093,7,"2021-12-09T11:13:00.000Z","5.8.13","3.0",[20,22,68,23,54],"his-dudeness","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-dude.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":61,"downloaded":78,"rating":79,"num_ratings":14,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":18,"tags":83,"homepage":87,"download_link":88,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"the-force","The Force","1.3","Rohit Motwani","https:\u002F\u002Fprofiles.wordpress.org\u002Frohittm\u002F","\u003Cp>Activate this Plugin & feel The Force in your Admin Dashboard. This Plugin is just similar to the WordPress’ Hello Dolly Plugin. Except when activated you will randomly see a quote from The Star Wars Series in the upper right of your admin screen on every page.\u003C\u002Fp>\n","This Plugin is Just Similar to the WordPress' Famous Hello Dolly Plugin. Except when activated you will randomly see a quote from The Star Wars S &hellip;",2298,80,"2016-12-07T19:28:00.000Z","4.7.32","3.0.1",[84,85,24,86],"force","hello-dolly","the-dark-side","http:\u002F\u002Fwww.RohitMotwani.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-force.zip",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":14,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":109,"download_link":110,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"hello-plus","Hello Plus","1.7.7","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>Hello+ is a free WordPress plugin designed to work seamlessly with Elementor’s \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F#content-themes\" rel=\"nofollow ugc\">Hello suite of themes\u003C\u002Fa>. It provides a solid foundation for crafting unique, purpose-driven websites using Elementor’s drag-and-drop site builder.\u003C\u002Fp>\n\u003Cp>Hello+ includes specialized Hello widgets such as a Header, Footer, Zigzag, Form Lite, and more. Hello widgets help you build faster and create polished, professional websites.\u003C\u002Fp>\n\u003Cp>To use Hello+, you’ll need to \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F#content-themes\" rel=\"nofollow ugc\">install one of Elementor’s Hello suite of themes\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>This Plugin, like WordPress, is distributed under the terms of GPL.\u003Cbr \u002F>\nUse it as your springboard to building a site with \u003Cstrong>\u003Cem>Elementor\u003C\u002Fem>\u003C\u002Fstrong>.\u003C\u002Fp>\n","Hello+ is a free WordPress plugin designed to work seamlessly with Elementor’s Hello suite of themes.",80000,439115,60,"2025-09-18T11:37:00.000Z","6.8.5","6.0","7.4",[105,90,106,107,108],"elementor","hello-themes","themes","widgets","https:\u002F\u002Felementor.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhello-plus.1.7.7.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":34,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":131,"download_link":132,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"acf-gravityforms-add-on","Advanced Custom Fields: Gravity Forms Add-on","1.3.10","DannyvanHolten","https:\u002F\u002Fprofiles.wordpress.org\u002Fdannyvanholten\u002F","\u003Cp>Provides an Advanced Custom Field which allows a WordPress editorial user or administrator to select a Gravity Form as part of a field group configuration.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This plugin does not have any effect on the frontend of the website. It does not output the form, nor does it modify the output of existing forms. The plugin only adds a custom ACF field type for use in an ACF field group.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Full documentation can be found in the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FSayHelloGmbH\u002Facf-gravityforms-add-on\u002F\" rel=\"nofollow ugc\">plugin’s GitHub Repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>Version 1.3.2 added a plain HTML filter to the output of the field. This filter is not applied to fields in ACF version 4.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('acf-gravityforms-add-on\u002Ffield_html', string $field_html, array $field, string $field_options, string $multiple)\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Provides an Advanced Custom Field which allows a WordPress user to select a Gravity Form as part of a field group configuration.",30000,552315,14,"2025-12-02T17:20:00.000Z","6.9.0","4.6",[126,127,128,129,130],"acf","advanced-custom-fields","form","gravity-forms","sayhellogmbh","https:\u002F\u002Fgithub.com\u002Fsayhellogmbh\u002Facf-gravityforms-add-on","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-gravityforms-add-on.1.3.10.zip",{"attackSurface":134,"codeSignals":150,"taintFlows":162,"riskAssessment":163,"analyzedAt":174},{"hooks":135,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":28,"unprotectedCount":28},[136,142],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_notices","hello_darth","hello_darth.php",126,{"type":137,"name":143,"callback":144,"file":140,"line":145},"admin_head","darth_css",146,[],[],[],[],{"dangerousFunctions":151,"sqlUsage":152,"outputEscaping":154,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":161},[],{"prepared":28,"raw":28,"locations":153},[],{"escaped":28,"rawEcho":46,"locations":155},[156,159],{"file":140,"line":157,"context":158},122,"raw output",{"file":140,"line":160,"context":158},133,[],[],{"summary":164,"deductions":165},"The \"hello-darth\" plugin version 0.2 exhibits a generally strong security posture based on the provided static analysis. It boasts zero identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a minimal attack surface with no publicly accessible entry points. Furthermore, the plugin demonstrates good practice by utilizing prepared statements for all SQL queries, and there are no identified dangerous functions, file operations, or external HTTP requests. The vulnerability history is also clean, with no recorded CVEs, indicating a lack of known past security flaws.\n\nHowever, a significant concern arises from the output escaping. With two outputs identified and 0% properly escaped, this presents a substantial risk. Any user-supplied data rendered directly to the output without proper sanitization could lead to cross-site scripting (XSS) vulnerabilities. Additionally, the complete absence of nonce checks and capability checks on all potential entry points (though limited in number) means that if any entry points were to be introduced or revealed in future versions, they would be susceptible to unauthorized actions or manipulation without proper authentication and authorization safeguards.\n\nIn conclusion, while \"hello-darth\" v0.2 has a clean slate regarding known vulnerabilities and a small attack surface, the lack of output escaping is a critical weakness that needs immediate attention. The absence of nonce and capability checks also represents a latent risk if the plugin's functionality expands. Addressing the output escaping is paramount to mitigate XSS risks.",[166,169,172],{"reason":167,"points":168},"Unescaped output",8,{"reason":170,"points":171},"Missing nonce checks",5,{"reason":173,"points":171},"Missing capability checks","2026-03-16T23:59:22.375Z",{"wat":176,"direct":181},{"assetPaths":177,"generatorPatterns":178,"scriptPaths":179,"versionParams":180},[],[],[],[],{"cssClasses":182,"htmlComments":184,"htmlAttributes":185,"restEndpoints":186,"jsGlobals":187,"shortcodeOutput":188},[183],"darth",[],[],[],[],[]]