[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fhJLFVdMqlwxQUK9cqwo8wM5pRYJ09769V5YVdxGD-Zo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":48,"fingerprints":131},"jquery-slider-with-text","Spin Interactive Slider","1.0","spininteractive","https:\u002F\u002Fprofiles.wordpress.org\u002Fspininteractive\u002F","\u003Cp>Beautify your pages by adding sliding pictures.\u003C\u002Fp>\n","Spin Interactive Slider is a jQuery Image Slider with text.",10,1380,0,"","3.9.40","3.0",[4,18],"spin-interactive","http:\u002F\u002Fwww.spin-interactive.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjquery-slider-with-text.1.0.zip",100,null,"2026-03-15T14:44:11.924Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},2,20,93,30,89,"2026-04-05T09:57:27.224Z",[33],{"slug":34,"name":35,"version":6,"author":7,"author_profile":8,"description":36,"short_description":37,"active_installs":11,"downloaded":38,"rating":21,"num_ratings":39,"last_updated":40,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":41,"homepage":19,"download_link":45,"security_score":46,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":47},"super-booking-calendar","Super Booking Calendar","\u003Cp>This plugin is based on fullcalendar (http:\u002F\u002Ffullcalendar.io).\u003C\u002Fp>\n","Nice calendar to mark important events.",1283,1,"2015-12-10T16:25:00.000Z",[42,43,44,18],"booking","calendar","reservation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-booking-calendar.1.0.zip",85,"2026-03-15T15:16:48.613Z",{"attackSurface":49,"codeSignals":70,"taintFlows":90,"riskAssessment":119,"analyzedAt":130},{"hooks":50,"ajaxHandlers":62,"restRoutes":63,"shortcodes":64,"cronEvents":69,"entryPointCount":39,"unprotectedCount":13},[51,56,59],{"type":52,"name":53,"callback":53,"file":54,"line":55},"action","init","spininteractive-slider.php",25,{"type":52,"name":57,"callback":57,"file":58,"line":55},"admin_menu","SpinSlider.php",{"type":52,"name":60,"callback":60,"file":58,"line":61},"admin_notices",26,[],[],[65],{"tag":66,"callback":67,"file":58,"line":68},"spinslider","spinslider_shortcode",33,[],{"dangerousFunctions":71,"sqlUsage":72,"outputEscaping":75,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":39,"bundledLibraries":89},[],{"prepared":73,"raw":13,"locations":74},9,[],{"escaped":13,"rawEcho":76,"locations":77},5,[78,82,83,84,87],{"file":79,"line":80,"context":81},"views\\default.php",34,"raw output",{"file":79,"line":80,"context":81},{"file":79,"line":80,"context":81},{"file":85,"line":86,"context":81},"views\\form.php",29,{"file":85,"line":88,"context":81},50,[],[91,109],{"entryPoint":92,"graph":93,"unsanitizedCount":39,"severity":108},"\u003Cdefault> (views\\default.php:0)",{"nodes":94,"edges":105},[95,100],{"id":96,"type":97,"label":98,"file":79,"line":99},"n0","source","$_GET['delete-id']",7,{"id":101,"type":102,"label":103,"file":79,"line":99,"wp_function":104},"n1","sink","query() [SQLi]","query",[106],{"from":96,"to":101,"sanitized":107},false,"high",{"entryPoint":110,"graph":111,"unsanitizedCount":39,"severity":108},"\u003Cform> (views\\form.php:0)",{"nodes":112,"edges":117},[113,115],{"id":96,"type":97,"label":114,"file":85,"line":99},"$_FILES",{"id":101,"type":102,"label":103,"file":85,"line":116,"wp_function":104},28,[118],{"from":96,"to":101,"sanitized":107},{"summary":120,"deductions":121},"The \"jquery-slider-with-text\" plugin v1.0 exhibits a mixed security posture.  On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and avoids external HTTP requests and file operations.  Crucially, there are no known vulnerabilities (CVEs) associated with this plugin, suggesting a history of stable and secure development.  However, significant concerns arise from the static and taint analysis.  The complete lack of output escaping for all detected outputs is a critical weakness, potentially leading to Cross-Site Scripting (XSS) vulnerabilities.  Furthermore, the taint analysis identified two flows with unsanitized paths, which, despite not being classified as critical or high severity in this specific analysis, represent a tangible risk of insecure data handling.  The absence of nonce checks is also a notable omission for potentially sensitive operations.",[122,125,128],{"reason":123,"points":124},"All detected outputs are unescaped",8,{"reason":126,"points":127},"Two taint flows with unsanitized paths",6,{"reason":129,"points":76},"Zero nonce checks detected","2026-03-16T23:33:26.968Z",{"wat":132,"direct":142},{"assetPaths":133,"generatorPatterns":136,"scriptPaths":137,"versionParams":139},[134,135],"\u002Fwp-content\u002Fplugins\u002Fjquery-slider-with-text\u002Finc\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fjquery-slider-with-text\u002Finc\u002Fscript.js",[],[138],"inc\u002Fscript.js",[140,141],"spininteractive_slider_css","spininteractive_slider_script",{"cssClasses":143,"htmlComments":149,"htmlAttributes":150,"restEndpoints":152,"jsGlobals":153,"shortcodeOutput":154},[144,145,146,147,148],"spininteractive-slider","description","arrows","arrow-left","arrow-right",[],[151],"data-url",[],[],[155,156,157],"\u003Cdiv class=\"spininteractive-slider\">\u003Cul>\u003Cli>\u003Cimg data-url=\"\" src=\"","\" \u002F>\u003Cdiv class=\"description\">","\u003C\u002Fdiv>\u003C\u002Fli>\u003C\u002Ful>\u003Cspan class=\"arrows arrow-left\">\u003C\u002Fspan>\u003Cspan class=\"arrows arrow-right\">\u003C\u002Fspan>\u003C\u002Fdiv>"]