[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMI6owslkVSdu-oPjAzu59Pv-5t19hgOUbWPeiXT2Bi0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":39,"fingerprints":130},"icanwp-reservation-form-connector-for-choice-hotels","iCanWP Reservation Form Connector for Choice Hotels","1.4.2","WebSPI","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevcon1\u002F","\u003Cp>iCanWP Reservation Form Connector for Choice Hotels is developed for WordPress hosted ChoiceHotel websites to have own reservation form that connects to the dedicated hotel’s reservation page on ChoiceHotels.com. This feature makes the reservation process easier for the hotel’s customers and prevents them to go directly to the ChoiceHotels.com and compare against competitors. As of April 6th, 2018, it is confirmed to work with the following franchise of ChoiceHotels:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ascend Hotel Collection\u003C\u002Fli>\n\u003Cli>Cambria Hotels and Suites\u003C\u002Fli>\n\u003Cli>Comfort Inn\u003C\u002Fli>\n\u003Cli>Comfort Suites\u003C\u002Fli>\n\u003Cli>Sleep Inn\u003C\u002Fli>\n\u003Cli>Quality Inn\u003C\u002Fli>\n\u003Cli>Clarion\u003C\u002Fli>\n\u003Cli>MainStay Suites\u003C\u002Fli>\n\u003Cli>Suburban\u003C\u002Fli>\n\u003Cli>Econolodge\u003C\u002Fli>\n\u003Cli>Rodeway Inn\u003C\u002Fli>\n\u003Cli>Any other branches or franchise of ChoiceHotels using ChoiceHotels.com\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All saved options will be deleted from the database. Use disable plugin if you are going to use the plugin again.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin is provided as is without any warranty. However, this plugin will be tested and updated periodically to work with the ChoiceHotels’ reservation system and latest version of WordPress.\u003C\u002Fli>\n\u003Cli>All supports maybe available voluntarily by the development team.\u003C\u002Fli>\n\u003Cli>Any suggestions, complaints, support requests are happily accepted via email at support@icanwp.com\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Limitation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Please use only 1 reservation form per page or post to use it without any error.\u003C\u002Fli>\n\u003C\u002Ful>\n","Creates reservation form that connects with Choicehotels.com reservation system.",10,1707,100,1,"2018-04-06T19:08:00.000Z","4.9.29","3.0.1","",[20,21,22,23],"choice-hotel-booking","choice-hotel-reservation","choicehotels-booking","choicehotels-reservation","https:\u002F\u002Ficanwp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ficanwp-reservation-form-connector-for-choice-hotels.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":26,"computed_at":37},"devcon1",7,460,87,30,"2026-04-04T09:17:12.612Z",[],{"attackSurface":40,"codeSignals":81,"taintFlows":122,"riskAssessment":123,"analyzedAt":129},{"hooks":41,"ajaxHandlers":72,"restRoutes":73,"shortcodes":74,"cronEvents":80,"entryPointCount":14,"unprotectedCount":27},[42,48,51,53,56,59,62,64,67],{"type":43,"name":44,"callback":45,"file":46,"line":47},"action","plugins_loaded","anonymous","includes\\class-ch-reservation.php",140,{"type":43,"name":49,"callback":45,"file":46,"line":50},"admin_enqueue_scripts",155,{"type":43,"name":49,"callback":45,"file":46,"line":52},156,{"type":43,"name":54,"callback":45,"file":46,"line":55},"admin_menu",157,{"type":43,"name":57,"callback":45,"file":46,"line":58},"admin_init",158,{"type":43,"name":60,"callback":45,"file":46,"line":61},"wp_enqueue_scripts",173,{"type":43,"name":60,"callback":45,"file":46,"line":63},174,{"type":43,"name":65,"callback":45,"file":46,"line":66},"init",175,{"type":68,"name":69,"callback":70,"file":46,"line":71},"filter","widget_text","do_shortcode",178,[],[],[75],{"tag":76,"callback":77,"file":78,"line":79},"ch-reservation","ch_reservation_display","public\\class-ch-reservation-public.php",113,[],{"dangerousFunctions":82,"sqlUsage":83,"outputEscaping":85,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":121},[],{"prepared":27,"raw":27,"locations":84},[],{"escaped":86,"rawEcho":87,"locations":88},9,14,[89,93,95,97,99,101,103,105,108,110,112,114,116,118],{"file":90,"line":91,"context":92},"admin\\class-ch-reservation-admin.php",256,"raw output",{"file":90,"line":94,"context":92},262,{"file":90,"line":96,"context":92},268,{"file":90,"line":98,"context":92},273,{"file":90,"line":100,"context":92},278,{"file":90,"line":102,"context":92},284,{"file":90,"line":104,"context":92},311,{"file":106,"line":107,"context":92},"admin\\partials\\ch-reservation-admin-display.php",34,{"file":106,"line":109,"context":92},39,{"file":106,"line":111,"context":92},41,{"file":106,"line":113,"context":92},43,{"file":106,"line":115,"context":92},45,{"file":106,"line":117,"context":92},47,{"file":119,"line":120,"context":92},"public\\partials\\ch-reservation-public-display.php",109,[],[],{"summary":124,"deductions":125},"The `icanwp-reservation-form-connector-for-choice-hotels` plugin v1.4.2 demonstrates a generally good security posture based on the provided static analysis.  The absence of dangerous functions, external HTTP requests, file operations, and the exclusive use of prepared statements for SQL queries are strong indicators of secure coding practices.  Furthermore, the lack of known vulnerabilities in its history suggests a relatively mature and well-maintained codebase.  However, a significant concern arises from the limited output escaping, with only 39% of outputs being properly escaped. This leaves room for potential Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed.\n\nThe plugin's attack surface is minimal, with only one shortcode and no unprotected AJAX handlers or REST API routes. The absence of taint analysis flows with unsanitized paths is also a positive sign, indicating no immediately obvious code injection or path traversal vulnerabilities.  Despite the strengths in SQL handling and attack surface management, the insufficient output escaping represents a tangible risk that should be addressed to improve the plugin's overall security.",[126],{"reason":127,"points":128},"Insufficient output escaping",6,"2026-03-17T01:08:16.552Z",{"wat":131,"direct":141},{"assetPaths":132,"generatorPatterns":136,"scriptPaths":137,"versionParams":138},[133,134,135],"\u002Fwp-content\u002Fplugins\u002Ficanwp-reservation-form-connector-for-choice-hotels\u002Fassets\u002Fadmin-icon.png","\u002Fwp-content\u002Fplugins\u002Ficanwp-reservation-form-connector-for-choice-hotels\u002Fcss\u002Fch-reservation-admin.css","\u002Fwp-content\u002Fplugins\u002Ficanwp-reservation-form-connector-for-choice-hotels\u002Fjs\u002Fch-reservation-admin.js",[],[135],[139,140],"icanwp-reservation-form-connector-for-choice-hotels\u002Fcss\u002Fch-reservation-admin.css?ver=","icanwp-reservation-form-connector-for-choice-hotels\u002Fjs\u002Fch-reservation-admin.js?ver=",{"cssClasses":142,"htmlComments":143,"htmlAttributes":144,"restEndpoints":145,"jsGlobals":146,"shortcodeOutput":147},[],[],[],[],[],[]]