[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPCd7yYPEffaISrhWDqbexPqsJlGjtL3Qza4nNNK8knM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":15,"download_link":17,"security_score":18,"vuln_count":11,"unpatched_count":11,"last_vuln_date":19,"fetched_at":20,"vulnerabilities":21,"developer":22,"crawl_stats":19,"alternatives":28,"analysis":29,"fingerprints":60},"hide-publish-button-until-scheduled","Disable Publish Button Until Scheduled","2.0.1","Nathan Bogan","https:\u002F\u002Fprofiles.wordpress.org\u002Fdudebrogan\u002F","\u003Cp>Posts can be saved as drafts, but must be scheduled in order to be posted.\u003Cbr \u002F>\nOnce a time is selected, the “Schedule” button will appear.\u003C\u002Fp>\n","This plugin allows users to prevent accidentally publishing a post before they are ready.",0,1125,"2018-01-25T20:52:00.000Z","4.8.28","",[],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-publish-button-until-scheduled.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":23,"display_name":7,"profile_url":8,"plugin_count":24,"total_installs":11,"avg_security_score":18,"avg_patch_time_days":25,"trust_score":26,"computed_at":27},"dudebrogan",1,30,84,"2026-04-05T15:00:43.056Z",[],{"attackSurface":30,"codeSignals":48,"taintFlows":55,"riskAssessment":56,"analyzedAt":59},{"hooks":31,"ajaxHandlers":44,"restRoutes":45,"shortcodes":46,"cronEvents":47,"entryPointCount":11,"unprotectedCount":11},[32,38,41],{"type":33,"name":34,"callback":35,"file":36,"line":37},"action","admin_head","disable_publish_button","publishDisable.php",9,{"type":33,"name":39,"callback":35,"file":36,"line":40},"wp_enqueue_scripts",10,{"type":33,"name":42,"callback":35,"file":36,"line":43},"admin_enqueue_scripts",11,[],[],[],[],{"dangerousFunctions":49,"sqlUsage":50,"outputEscaping":52,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":54},[],{"prepared":11,"raw":11,"locations":51},[],{"escaped":11,"rawEcho":11,"locations":53},[],[],[],{"summary":57,"deductions":58},"The static analysis of \"hide-publish-button-until-scheduled\" v2.0.1 indicates a very strong security posture. The plugin exhibits excellent security practices by having zero identified attack surface entry points, including AJAX handlers, REST API routes, shortcodes, and cron events, that are not properly secured. Furthermore, the code signals show no dangerous functions, all SQL queries are properly prepared, and all output is correctly escaped. The absence of file operations and external HTTP requests further minimizes potential risks. The vulnerability history is also clean, with no known CVEs, indicating a history of secure development.  While the plugin has no direct security flaws detected in this analysis and a clean history, the complete lack of any detected flows in the taint analysis, along with zero capability checks and zero nonce checks, while seemingly positive, could also suggest that the plugin's functionality might be very limited or that the analysis tools may not have been able to deeply inspect the code's interaction points if they exist in an unusual manner.  However, based solely on the provided data, the plugin appears to be extremely secure.",[],"2026-03-17T06:25:42.390Z",{"wat":61,"direct":67},{"assetPaths":62,"generatorPatterns":64,"scriptPaths":65,"versionParams":66},[63],"\u002Fwp-content\u002Fplugins\u002Fhide-publish-button-until-scheduled\u002FdisableButton.js",[],[63],[],{"cssClasses":68,"htmlComments":69,"htmlAttributes":70,"restEndpoints":71,"jsGlobals":72,"shortcodeOutput":73},[],[],[],[],[],[]]