[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGaGdnIL3b2ZVjv5LcFEZqUTGczOprQ1FyCeqYDwp92s":3,"$f1xE3e8OJ9KbbiWr-jz8tL53l0SeHAoT74gJxoL72-Xg":207,"$fepnLUvLaZfAK_i7Ntd3GW2OAfs1zE1KVlMZq8uja68g":212},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":36,"fingerprints":155},"jalil-toolkit","Jalil Toolkit","1.0.0","jewel1994","https:\u002F\u002Fprofiles.wordpress.org\u002Fjewel1994\u002F","\u003Cp>Jalil Toolkit is a helper plugin for jalil theme.This plugin only used for the jalil theme.It is a required plugin for jalil theme.\u003C\u002Fp>\n","Jalil Toolkit is a helper plugin for jalil theme.This plugin only used for the jalil theme.It is a required plugin for jalil theme.",0,976,"2018-09-01T17:16:00.000Z","4.9.29","4.2","",[18,19,20,21,4],"helper-assets","helper-plugin","jalil-blog","jalil-helper-plugin","http:\u002F\u002Fjalil.thenextlevel.com.au\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjalil-toolkit.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},4,10,30,84,"2026-05-19T22:54:03.488Z",[],{"attackSurface":37,"codeSignals":134,"taintFlows":146,"riskAssessment":147,"analyzedAt":154},{"hooks":38,"ajaxHandlers":71,"restRoutes":72,"shortcodes":73,"cronEvents":132,"entryPointCount":133,"unprotectedCount":11},[39,45,50,55,59,63,67],{"type":40,"name":41,"callback":42,"file":43,"line":44},"action","init","jalil_toolkit_custom_post","inc\\jalil-toolkit-post-type.php",105,{"type":46,"name":47,"callback":48,"file":43,"line":49},"filter","post_updated_messages","jalil_toolkit_custom_post_message",191,{"type":46,"name":51,"callback":52,"file":53,"line":54},"widget_text","do_shortcode","jalil-toolkit.php",25,{"type":40,"name":56,"callback":57,"file":53,"line":58},"plugin_loaded","jalil_textdomain",50,{"type":40,"name":60,"callback":61,"file":53,"line":62},"wp_enqueue_scripts","jalil_toolkit_files",66,{"type":40,"name":41,"callback":64,"file":65,"line":66},"jalilIntegrateWithVC","kc-addons\\kc-blocks.php",8,{"type":40,"name":68,"callback":69,"file":65,"line":70},"admin_notices","jalilShowVcVersionNotice",14,[],[],[74,79,84,89,94,98,103,107,112,117,122,127],{"tag":75,"callback":76,"file":77,"line":78},"jalil_btn","jalil_btn_shortcode","theme-shortcodes\\btn-shortcode.php",26,{"tag":80,"callback":81,"file":82,"line":83},"jalil_count","jalil_count_shortcode","theme-shortcodes\\count-shortcode.php",43,{"tag":85,"callback":86,"file":87,"line":88},"jalil_posts","jalil_post_shortcode","theme-shortcodes\\post-shortcode.php",79,{"tag":90,"callback":91,"file":92,"line":93},"jalil_pricing","jalil_pricing_shortcode","theme-shortcodes\\pricing-table-shortcode.php",42,{"tag":95,"callback":96,"file":97,"line":54},"jalil_progress_bar","jalil_progress_bar_shortcode","theme-shortcodes\\progress-bar-shortcode.php",{"tag":99,"callback":100,"file":101,"line":102},"jalil_projects","jalil_project_shortcode","theme-shortcodes\\project-shortcode.php",45,{"tag":104,"callback":105,"file":106,"line":102},"jalil_service","jalil_service_shortcode","theme-shortcodes\\service-shortcode.php",{"tag":108,"callback":109,"file":110,"line":111},"jalil_teams","jalil_team_shortcode","theme-shortcodes\\team-shortcode.php",111,{"tag":113,"callback":114,"file":115,"line":116},"jalil_testimonials","jalil_testimonial_shortcode","theme-shortcodes\\testimonial-shortcode.php",97,{"tag":118,"callback":119,"file":120,"line":121},"jalil_slides","jalil_slide_shortcode","theme-shortcodes\\theme-slide.php",162,{"tag":123,"callback":124,"file":125,"line":126},"jalil_title","jalil_title_shortcode","theme-shortcodes\\title-shortcode.php",32,{"tag":128,"callback":129,"file":130,"line":131},"jalil_video","jalil_video_shortcode","theme-shortcodes\\video-shortcode.php",34,[],12,{"dangerousFunctions":135,"sqlUsage":136,"outputEscaping":138,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":145},[],{"prepared":11,"raw":11,"locations":137},[],{"escaped":139,"rawEcho":140,"locations":141},101,1,[142],{"file":65,"line":143,"context":144},36,"raw output",[],[],{"summary":148,"deductions":149},"The \"jalil-toolkit\" plugin v1.0.0 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, SQL queries, file operations, and external HTTP requests is commendable. Notably, all identified SQL queries utilize prepared statements, and the vast majority of output is properly escaped, significantly mitigating common web vulnerabilities like SQL injection and XSS. The lack of known vulnerabilities in its history further suggests a history of responsible development.\n\nHowever, there are a few areas for improvement. The plugin has 12 shortcodes, which, while not directly flagged as unprotected in the analysis, represent potential entry points that could be leveraged in conjunction with other vulnerabilities if they were to arise. The complete absence of nonce and capability checks across all code signals, despite having these entry points, is a significant concern. While no direct taint flows with unsanitized paths were found, this lack of input validation and authorization checks creates a wide gap in security, leaving the plugin vulnerable to potential CSRF attacks or privilege escalation if any of the shortcodes' functionalities were to be exploited.\n\nIn conclusion, \"jalil-toolkit\" v1.0.0 demonstrates good practices in terms of secure coding for SQL and output handling. Its clean vulnerability history is a positive indicator. The primary weakness lies in the absence of robust authorization and input validation mechanisms, particularly for its shortcodes, which presents a latent risk that should be addressed to achieve a more secure state.",[150,152],{"reason":151,"points":31},"Missing nonce checks on shortcodes",{"reason":153,"points":31},"Missing capability checks on shortcodes","2026-03-17T06:45:13.966Z",{"wat":156,"direct":183},{"assetPaths":157,"generatorPatterns":169,"scriptPaths":170,"versionParams":171},[158,159,160,161,162,163,164,165,166,167,168],"\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fcss\u002Fanimate.min.css","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fcss\u002Fowl.theme.default.css","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fcss\u002Fowl.carousel.css","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fcss\u002Fmagnific-popup.css","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fcss\u002Fjalil-toolkit.css","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fjs\u002Fowl.carousel.min.js","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fjs\u002Fwow.min.js","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fjs\u002Fjquery.counterup.min.js","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fjs\u002Fwaypoints.min.js","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fjs\u002Fjquery.magnific-popup.min.js","\u002Fwp-content\u002Fplugins\u002Fjalil-toolkit\u002Fassets\u002Fjs\u002Factive.js",[],[163,164,165,166,167,168],[172,173,174,175,176,177,178,179,180,181,182],"jalil-toolkit\u002Fassets\u002Fcss\u002Fanimate.min.css?ver=","jalil-toolkit\u002Fassets\u002Fcss\u002Fowl.theme.default.css?ver=","jalil-toolkit\u002Fassets\u002Fcss\u002Fowl.carousel.css?ver=","jalil-toolkit\u002Fassets\u002Fcss\u002Fmagnific-popup.css?ver=","jalil-toolkit\u002Fassets\u002Fcss\u002Fjalil-toolkit.css?ver=","jalil-toolkit\u002Fassets\u002Fjs\u002Fowl.carousel.min.js?ver=","jalil-toolkit\u002Fassets\u002Fjs\u002Fwow.min.js?ver=","jalil-toolkit\u002Fassets\u002Fjs\u002Fjquery.counterup.min.js?ver=","jalil-toolkit\u002Fassets\u002Fjs\u002Fwaypoints.min.js?ver=","jalil-toolkit\u002Fassets\u002Fjs\u002Fjquery.magnific-popup.min.js?ver=","jalil-toolkit\u002Fassets\u002Fjs\u002Factive.js?ver=",{"cssClasses":184,"htmlComments":197,"htmlAttributes":198,"restEndpoints":201,"jsGlobals":202,"shortcodeOutput":203},[75,185,186,187,188,189,190,191,192,193,194,195,196],"button","primary","call-to-action","static-single","icon","s-info","number","counter","blog-main-","single-blog","blog-head","blog-info",[],[199,200],"data-animate","data-delay",[],[76,81,86],[204,205,206],"[jalil_btn]","[jalil_count]","[jalil_post]",{"error":208,"url":209,"statusCode":210,"statusMessage":211,"message":211},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fjalil-toolkit\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":213},[]]