[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWIu8hNLvrD3dxo5KVJbJ0-MpeprNIH-iiBpyjBz2hn0":3,"$f1F19vbO-7QEeq4_VOSKXbOQr-NUNCXvkAQONahCDNkI":164,"$fcPa-U38rlrO96WkjWyDZ6n6g40zKOscF71VVBvBYPjg":168},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":36,"analysis":37,"fingerprints":142},"iknow-extra","Iknow Extra","1.2","Wow-Company","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpcalc\u002F","\u003Cp>Iknow Extra add extra features to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fiknow\u002F\" rel=\"ugc\">free WordPress Theme Iknow\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Addition\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Post voting\u003C\u002Fli>\n\u003Cli>Comment voting\u003C\u002Fli>\n\u003Cli>Category icon\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin helps you to add extra options to WordPress theme Iknow.",400,13356,0,"2023-08-07T06:27:00.000Z","6.3.8","4.5","5.3",[19,20,4],"iknow","iknow-addition","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fiknow-extra.1.2.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"wpcalc",26,97610,95,236,76,"2026-05-20T08:03:30.181Z",[],{"attackSurface":38,"codeSignals":102,"taintFlows":115,"riskAssessment":133,"analyzedAt":141},{"hooks":39,"ajaxHandlers":88,"restRoutes":99,"shortcodes":100,"cronEvents":101,"entryPointCount":73,"unprotectedCount":13},[40,46,50,54,61,65,70,75,80,84],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","admin_notices","iknow_theme_activated","iknow-extra.php",21,{"type":41,"name":47,"callback":48,"file":44,"line":49},"plugins_loaded","iknow_extra_language",32,{"type":41,"name":51,"callback":52,"file":44,"line":53},"wp_enqueue_scripts","iknow_extra_script",37,{"type":55,"name":56,"callback":57,"priority":58,"file":59,"line":60},"filter","iknow_category_icon","get_cat_icon",10,"inc\\class-category-extra-fields.php",33,{"type":41,"name":62,"callback":63,"file":59,"line":64},"iknow_category_description","get_cat_description",36,{"type":55,"name":66,"callback":67,"file":68,"line":69},"the_content","iknow_post_content_voting","inc\\voting.php",294,{"type":55,"name":71,"callback":72,"priority":73,"file":68,"line":74},"manage_posts_columns","iknow_post_columns_vote_head",4,306,{"type":41,"name":76,"callback":77,"priority":78,"file":68,"line":79},"manage_post_posts_custom_column","iknow_post_columns_vote_content",5,322,{"type":55,"name":81,"callback":82,"file":68,"line":83},"manage_edit-comments_columns","iknow_comment_columns",341,{"type":55,"name":85,"callback":86,"priority":58,"file":68,"line":87},"manage_comments_custom_column","iknow_comment_column_content",357,[89,93,94,97],{"action":90,"nopriv":91,"callback":90,"hasNonce":91,"hasCapCheck":92,"file":68,"line":73},"iknow_voting",true,false,{"action":90,"nopriv":92,"callback":90,"hasNonce":91,"hasCapCheck":92,"file":68,"line":78},{"action":95,"nopriv":91,"callback":95,"hasNonce":91,"hasCapCheck":92,"file":68,"line":96},"iknow_comment_voting",87,{"action":95,"nopriv":92,"callback":95,"hasNonce":91,"hasCapCheck":92,"file":68,"line":98},88,[],[],[],{"dangerousFunctions":103,"sqlUsage":104,"outputEscaping":106,"fileOperations":13,"externalRequests":13,"nonceChecks":113,"capabilityChecks":13,"bundledLibraries":114},[],{"prepared":13,"raw":13,"locations":105},[],{"escaped":107,"rawEcho":108,"locations":109},47,1,[110],{"file":44,"line":111,"context":112},18,"raw output",2,[],[116],{"entryPoint":117,"graph":118,"unsanitizedCount":13,"severity":132},"\u003Cvoting> (inc\\voting.php:0)",{"nodes":119,"edges":130},[120,124],{"id":121,"type":122,"label":123,"file":68,"line":111},"n0","source","$_POST (x6)",{"id":125,"type":126,"label":127,"file":68,"line":128,"wp_function":129},"n1","sink","echo() [XSS]",258,"echo",[131],{"from":121,"to":125,"sanitized":91},"low",{"summary":134,"deductions":135},"The iknow-extra plugin version 1.2 exhibits a strong security posture based on the provided static analysis. The absence of direct SQL queries, a high percentage of properly escaped output, and no identified dangerous functions or file operations are significant strengths. Furthermore, the plugin has no known past vulnerabilities, including no critical or high severity CVEs, which is a positive indicator of its development practices and ongoing maintenance.\n\nWhile the static analysis reveals no critical or high severity taint flows and a clean vulnerability history, there are areas for improvement. The plugin has 4 AJAX handlers, but only 2 nonce checks are present, leaving a potential gap in securing all entry points. Additionally, there are no capability checks implemented, which could be a concern if the AJAX actions perform sensitive operations. The overall attack surface is relatively small and appears to be well-controlled, but the lack of comprehensive capability checks on all AJAX endpoints could present a minor risk if not mitigated by other WordPress security layers or if the AJAX actions themselves are not inherently sensitive.",[136,139],{"reason":137,"points":138},"Missing capability checks on AJAX handlers",8,{"reason":140,"points":78},"Partial nonce checks on AJAX handlers","2026-03-16T19:42:18.459Z",{"wat":143,"direct":152},{"assetPaths":144,"generatorPatterns":147,"scriptPaths":148,"versionParams":149},[145,146],"\u002Fwp-content\u002Fplugins\u002Fiknow-extra\u002Fassets\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fiknow-extra\u002Fassets\u002Fscript.min.js",[],[145,146],[150,151],"iknow-extra\u002Fassets\u002Fscript.js?ver=","iknow-extra\u002Fassets\u002Fscript.min.js?ver=",{"cssClasses":153,"htmlComments":156,"htmlAttributes":159,"restEndpoints":160,"jsGlobals":161,"shortcodeOutput":163},[154,155],"cat_extra[cat_icon]","cat_extra[cat_desc]",[157,158],"\u003C!-- Add full description to category-->","\u003C!-- Add category Icon class-->",[155,154],[],[162],"iknow_ajax",[],{"error":91,"url":165,"statusCode":166,"statusMessage":167,"message":167},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fiknow-extra\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":113,"versions":169},[170,175],{"version":6,"download_url":22,"svn_tag_url":171,"released_at":24,"has_diff":92,"diff_files_changed":172,"diff_lines":24,"trac_diff_url":173,"vulnerabilities":174,"is_current":91},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fiknow-extra\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fiknow-extra%2Ftags%2F1.1&new_path=%2Fiknow-extra%2Ftags%2F1.2",[],{"version":176,"download_url":177,"svn_tag_url":178,"released_at":24,"has_diff":92,"diff_files_changed":179,"diff_lines":24,"trac_diff_url":24,"vulnerabilities":180,"is_current":92},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fiknow-extra.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fiknow-extra\u002Ftags\u002F1.1\u002F",[],[]]