[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9owmVMCfE9324IaSa6hnR1Lez9Gee2OxDb8iuhi7ujw":3,"$fcFUcwK3_ARpzpcHkmciDl9X9_6T1vz3HkOQOHGn1G5U":543,"$f1fzg16rTB4CBIEaVvdCxOOZgak0-sp3nEJUEdVcM3dY":548},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":81,"crawl_stats":39,"alternatives":89,"analysis":188,"fingerprints":530},"just-writing-statistics","Just Writing Statistics","5.4","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>\u003Cstrong>Just Writing Statistics is a fork of WP Word Count\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Just Writing Statistics tells you exactly how many words you’ve written on your site with statistics by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Top Content\u003C\u002Fli>\n\u003Cli>All Content\u003C\u002Fli>\n\u003Cli>Month\u003C\u002Fli>\n\u003Cli>Year\u003C\u002Fli>\n\u003Cli>Author\u003C\u002Fli>\n\u003Cli>Tags\u003C\u002Fli>\n\u003Cli>Categories\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frequency (new!)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just Writing Statistics also has reading times for each post and page of your site. Find out how many hours of content you’ve written or let readers know how long your articles are. You can include reading time at the top of each of your posts automatically or use a shortcode.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Quickly see how many posts and pages you’ve created and how many total words they add up to.\u003C\u002Fli>\n\u003Cli>View and display estimated reading times for each piece of content on your site.\u003C\u002Fli>\n\u003Cli>Support for custom post types so you can monitor word counts from content created by your themes and plugins.\u003C\u002Fli>\n\u003Cli>View your writing output for each month broken down by post type.\u003C\u002Fli>\n\u003Cli>See all of your site author’s word counts with breakdowns by post type.\u003C\u002Fli>\n\u003C\u002Ful>\n","Calculate your writing statistics on your WordPress site.",1000,10514,100,4,"2025-02-26T02:47:00.000Z","6.7.5","4.6","",[20,21,22,23,24],"authors","reading-time","word-count","words","writing","https:\u002F\u002Ftoolstack.com\u002Fjust-writing-statistics","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.5.4.zip",90,3,0,"2025-03-27 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34,51,67],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":6,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48,"patch_diff_files":49,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2025-30803","just-writing-statistics-missing-authorization","Just Writing Statistics \u003C= 5.3 - Missing Authorization","The Just Writing Statistics plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 5.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=5.3","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-04-02 14:23:08",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc16e1fdc-63b3-4af0-8327-23175191f4ee?source=api-prod",7,[],false,{"id":52,"url_slug":53,"title":54,"description":55,"plugin_slug":4,"theme_slug":39,"affected_versions":56,"patched_in_version":57,"severity":41,"cvss_score":58,"cvss_vector":59,"vuln_type":60,"published_date":61,"updated_date":62,"references":63,"days_to_patch":65,"patch_diff_files":66,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-56250","just-writing-statistics-authenticated-administrator-sql-injection","Just Writing Statistics \u003C= 4.7 - Authenticated (Administrator+) SQL Injection","The Just Writing Statistics plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 4.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","\u003C=4.7","4.8",4.9,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2024-12-30 00:00:00","2025-01-08 20:43:32",[64],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F68f7caa7-e97a-41d9-b9e3-eb37f53fb0f9?source=api-prod",10,[],{"id":68,"url_slug":69,"title":70,"description":71,"plugin_slug":4,"theme_slug":39,"affected_versions":72,"patched_in_version":17,"severity":41,"cvss_score":73,"cvss_vector":74,"vuln_type":75,"published_date":76,"updated_date":77,"references":78,"days_to_patch":48,"patch_diff_files":80,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-35641","just-writing-statistics-authenticated-admin-stored-cross-site-scripting","Just Writing Statistics \u003C= 4.5 - Authenticated (Admin+) Stored Cross-Site Scripting","The Just Writing Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C=4.5",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-05-30 00:00:00","2024-06-05 14:16:35",[79],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffd7415b1-846f-41ad-a19f-73d0cee3965f?source=api-prod",[],{"slug":82,"display_name":7,"profile_url":8,"plugin_count":83,"total_installs":84,"avg_security_score":85,"avg_patch_time_days":86,"trust_score":87,"computed_at":88},"gregross",35,7520,87,39,79,"2026-05-20T06:57:26.889Z",[90,107,126,145,169],{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":65,"downloaded":98,"rating":29,"num_ratings":29,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":104,"download_link":105,"security_score":106,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"wordcounter","Word Counter","1.0.0","nearchx","https:\u002F\u002Fprofiles.wordpress.org\u002Fnearchx\u002F","\u003Cp>Word Counter is a simple plugin that shows the reading time and number of words in your posts.\u003C\u002Fp>\n\u003Cp>Learn more about the plugin at \u003Ca href=\"https:\u002F\u002Fwordcounter.world\u002Ftools\u002Fwordpress-plugin\" rel=\"nofollow ugc\">Word Counter\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Show the reading time.\u003C\u002Fli>\n\u003Cli>Show the number of words.\u003C\u002Fli>\n\u003Cli>Decide where in the page the information will be shown.\u003C\u002Fli>\n\u003C\u002Ful>\n","Show the reading time and number of words in your post.",1979,"2024-01-08T12:07:00.000Z","6.4.8","3.0.1","7.0",[20,21,22,23,24],"https:\u002F\u002Fwordcounter.world\u002Ftools\u002Fwordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordcounter.1.0.0.zip",85,{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":29,"downloaded":115,"rating":29,"num_ratings":29,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":123,"download_link":124,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":125},"sj-reading-time","SJ Reading Time","1.0.2","Janoy Vassell","https:\u002F\u002Fprofiles.wordpress.org\u002Fjanoyvassell\u002F","\u003Cp>SJ Reading Time is a simple content read time estimator. Our settings allow you to control how many words per minute (wpm) on average you would like to use to determine read time,\u003Cbr \u002F>\nas well as, if images should be part of this estimate.\u003C\u002Fp>\n\u003Cp>A shortcode is provided which gives complete control over where on your post you would like the estimate to be placed.\u003C\u002Fp>\n\u003Cp>For example:\u003Cbr \u002F>\n[sjrt_reading_time label=”Reading time:” postfix=”mins” postfix_singular=”min”]\u003C\u002Fp>\n\u003Cp>All the above attributes are optional and if not provided the default values will be shown which are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>label\u003C\u002Fcode> – Reading time\u003C\u002Fli>\n\u003Cli>\u003Ccode>postfix_singular\u003C\u002Fcode> – min\u003C\u002Fli>\n\u003Cli>\u003Ccode>postfix\u003C\u002Fcode> – mins\u003C\u002Fli>\n\u003C\u002Ful>\n","SJ Reading Time helps you to quickly estimate your content read time and insert using a shortcode.",1655,"2025-10-19T13:56:00.000Z","6.8.5","4.5","7.4",[121,21,22,122],"estimated-time","words-per-minute","https:\u002F\u002Fwww.syntaxjournal.com\u002Fread-time-calculator-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsj-reading-time.1.0.2.zip","2026-04-06T09:54:40.288Z",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":136,"num_ratings":137,"last_updated":138,"tested_up_to":16,"requires_at_least":101,"requires_php":18,"tags":139,"homepage":142,"download_link":143,"security_score":144,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"reading-time-wp","Reading Time WP","2.0.17","yingles","https:\u002F\u002Fprofiles.wordpress.org\u002Fyingles\u002F","\u003Cp>WP Reading Time let’s you easily add an estimated reading time to your WordPress posts. Activating the plugin will automatically add the reading time to the beginning of your post’s content. This can be deactivated in the Reading Time settings which can be accessed from your Dashboard’s Settings menu. You can also edit the label and postfix from this menu.\u003C\u002Fp>\n\u003Cp>If you’d prefer more control over where you add your reading time you can use the the [rt_reading_time] shortcode to insert the time into a post. This shortcode also excepts values for label and postfix. These are optional. Ex. [rt_reading_time label=”Reading Time:” postfix=”minutes” postfix_singular=”minute”].\u003C\u002Fp>\n","Reading Time WP creates an estimated reading time of your posts that is inserted above the content or by using a shortcode.",30000,427181,96,20,"2024-11-17T15:46:00.000Z",[121,140,21,141,22],"posts","time","https:\u002F\u002Fjasonyingling.me\u002Freading-time-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freading-time-wp.2.0.17.zip",92,{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":155,"num_ratings":65,"last_updated":156,"tested_up_to":157,"requires_at_least":158,"requires_php":119,"tags":159,"homepage":165,"download_link":166,"security_score":167,"vuln_count":28,"unpatched_count":29,"last_vuln_date":168,"fetched_at":31},"surferseo","Surfer – WordPress Plugin","1.6.8.626","Surfer","https:\u002F\u002Fprofiles.wordpress.org\u002Fsurferseo\u002F","\u003Cp>Connect Surfer’s Content Editor to WordPress and make writing content, discovering keywords, and optimizing your work for SEO a breeze.\u003C\u002Fp>\n\u003Ch3>SURFER’S OFFICIAL WORDPRESS PLUGIN\u003C\u002Fh3>\n\u003Cp>Surfer’s free WordPress plugin that connects your WordPress page to Surfer’s Content Editor. Surfer’s WP plugin just saved you a step (or 2!). Write, publish and start ranking.\u003C\u002Fp>\n\u003Ch3>EASY SETUP AND FAST INTEGRATION\u003C\u002Fh3>\n\u003Cp>It takes just a few minutes to download and install the plugin, and even less to publish your content!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Install the free WordPress plugin\u003C\u002Fli>\n\u003Cli>Write highly rankable content using Surfer’s trusted guidelines\u003C\u002Fli>\n\u003Cli>Research and find new keyword ideas\u003C\u002Fli>\n\u003Cli>Work in WordPress using Surfer’s Content Editor without any hassle\u003C\u002Fli>\n\u003Cli>Create a Content Editor directly in WordPress, or export it to Surfer\u003C\u002Fli>\n\u003Cli>Track how many clicks and impressions your posts generated directly in WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>AVOID FORMATTING ISSUES AND INCONSISTENCIES\u003C\u002Fh3>\n\u003Cp>CTRL + A, CTRL + C, CTRL + V, in two clicks! What you write in Surfer’s Content Editor is what you’ll get (and see) when you publish on WordPress.\u003C\u002Fp>\n\u003Cp>Headings, images and text are converted block by block and transferred seamlessly from Surfer’s interface to your WordPress site.\u003C\u002Fp>\n\u003Cp>Images are downloaded and stored on WordPress and are accessible in your media library versus an external link which improves performance and SEO!\u003C\u002Fp>\n\u003Cp>Surfer’s Plugin currently supports the two most widely used WordPress text editors: Gutenberg and Classic Editor (and can distinguish between the two!).\u003C\u002Fp>\n\u003Cp>V.1, V.2 V.3? \u003Cstrong>With Surfer plugin you always publish the current and correct version of your article without the copy-paste confusion.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>OPTIMIZE AND IMPROVE EXISTING ARTICLES\u003C\u002Fh3>\n\u003Cp>Keep your content relevant and competitive with periodic updates to keep climbing the SERPs!\u003C\u002Fp>\n\u003Cp>Use Surfer’s Content Editor to refresh your article and optimize its keywords for an even better performance.\u003C\u002Fp>\n\u003Cp>Finally, once you’re satisfied with the improvements, publish the updated piece on WP. You can also easily access all your WordPress articles in the Content Editor!\u003C\u002Fp>\n\u003Ch3>SURFER RESOURCES AND SUPPORT\u003C\u002Fh3>\n\u003Cp>Get your questions answered whenever you need help. Simply go to our \u003Ca href=\"https:\u002F\u002Fsurferseo.com\u002F\" rel=\"nofollow ugc\">website\u003C\u002Fa> and reach out to us via chat, or drop us an email at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsurferseo\u002Fsupport@surferseo.com\" rel=\"ugc\">support@surferseo.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You can also sign up for \u003Ca href=\"https:\u002F\u002Fsurferseo.com\u002Facademy\u002F\" rel=\"nofollow ugc\">Surfer Academy\u003C\u002Fa> and learn how to take advantage of Surfer with unlimited tips and tricks packaged into training videos and live sessions. For free!\u003C\u002Fp>\n\u003Ch3>READ MORE\u003C\u002Fh3>\n\u003Cp>Want more information about Search Engine Optimization and Surfer?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fseosurfers\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Find us on \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fsurfer\u002F\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fc\u002FSurferSEO\" rel=\"nofollow ugc\">YouTube\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Check our \u003Ca href=\"https:\u002F\u002Fdocs.surferseo.com\u002Fen\u002F\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Connect Surfer's Content Editor to WordPress. Write and optimize your articles for SEO, find new keyword ideas and publish straight to WordPress.",6000,142039,94,"2026-03-09T09:10:00.000Z","6.9.4","6.0",[160,161,162,163,164],"content","content-writing","keyword-research","keywords","seo","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsurferseo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsurferseo.1.6.8.626.zip",97,"2025-09-03 00:00:00",{"slug":170,"name":171,"version":172,"author":173,"author_profile":174,"description":175,"short_description":176,"active_installs":11,"downloaded":177,"rating":13,"num_ratings":178,"last_updated":179,"tested_up_to":117,"requires_at_least":180,"requires_php":119,"tags":181,"homepage":185,"download_link":186,"security_score":187,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31},"novelist","Novelist","1.3.0","Ashley","https:\u002F\u002Fprofiles.wordpress.org\u002Fnosegraze\u002F","\u003Cp>Novelist helps authors easily organize and display their portfolio of books.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All books are stored in their own “Books” area.\u003C\u002Fli>\n\u003Cli>Easy form for filling out book information.\u003C\u002Fli>\n\u003Cli>All book information is automatically formatted for you.\u003C\u002Fli>\n\u003Cli>Customizable templates.\u003C\u002Fli>\n\u003Cli>Easily create an archive of all your books.\u003C\u002Fli>\n\u003Cli>Developer-friendly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Available Book Info Fields:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Book Cover\u003C\u002Fli>\n\u003Cli>Series (name and number)\u003C\u002Fli>\n\u003Cli>Contributors\u003C\u002Fli>\n\u003Cli>Publisher\u003C\u002Fli>\n\u003Cli>Release Date\u003C\u002Fli>\n\u003Cli>Genres\u003C\u002Fli>\n\u003Cli>Pages\u003C\u002Fli>\n\u003Cli>Synopsis\u003C\u002Fli>\n\u003Cli>Goodreads Link\u003C\u002Fli>\n\u003Cli>Purchase Links (configure your own list of retail sites)\u003C\u002Fli>\n\u003Cli>ISBN13\u003C\u002Fli>\n\u003Cli>ASIN\u003C\u002Fli>\n\u003Cli>Excerpt\u003C\u002Fli>\n\u003Cli>Extra Text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Documentation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Extensive documentation is available at \u003Ca href=\"https:\u002F\u002Fnovelistplugin.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">novelistplugin.com\u002Fdocs\u003C\u002Fa>\u003C\u002Fp>\n","Easily organize and display your portfolio of books.",30945,9,"2025-08-02T14:58:00.000Z","5.0",[20,182,183,184,24],"books","goodreads","publishing","https:\u002F\u002Fnovelistplugin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnovelist.zip",98,{"attackSurface":189,"codeSignals":249,"taintFlows":517,"riskAssessment":518,"analyzedAt":529},{"hooks":190,"ajaxHandlers":226,"restRoutes":230,"shortcodes":231,"cronEvents":246,"entryPointCount":247,"unprotectedCount":248},[191,197,200,202,205,207,210,213,217,220,223],{"type":192,"name":193,"callback":194,"file":195,"line":196},"action","plugins_loaded","anonymous","includes\\class-jws.php",125,{"type":192,"name":198,"callback":194,"file":195,"line":199},"admin_init",139,{"type":192,"name":193,"callback":194,"file":195,"line":201},140,{"type":192,"name":203,"callback":194,"file":195,"line":204},"admin_enqueue_scripts",144,{"type":192,"name":203,"callback":194,"file":195,"line":206},145,{"type":192,"name":208,"callback":194,"file":195,"line":209},"admin_menu",148,{"type":192,"name":211,"callback":194,"file":195,"line":212},"save_post",151,{"type":214,"name":215,"callback":194,"file":195,"line":216},"filter","post_row_actions",179,{"type":214,"name":218,"callback":194,"file":195,"line":219},"page_row_actions",180,{"type":192,"name":221,"callback":194,"file":195,"line":222},"init",194,{"type":214,"name":224,"callback":194,"file":195,"line":225},"the_content",195,[227],{"action":228,"nopriv":50,"callback":194,"hasNonce":50,"hasCapCheck":50,"file":195,"line":229},"jws_calculate",142,[],[232,237,239,243],{"tag":233,"callback":234,"file":235,"line":236},"justwritingstatistics","jws_shortcode","public\\class-jws-public.php",71,{"tag":4,"callback":234,"file":235,"line":238},72,{"tag":240,"callback":241,"file":235,"line":242},"justwritingstatistics-reading-time","jws_shortcode_reading_time",109,{"tag":244,"callback":241,"file":235,"line":245},"just-writing-statistics-reading-time",110,[],5,1,{"dangerousFunctions":250,"sqlUsage":251,"outputEscaping":261,"fileOperations":29,"externalRequests":29,"nonceChecks":248,"capabilityChecks":253,"bundledLibraries":516},[],{"prepared":252,"raw":253,"locations":254},19,2,[255,259],{"file":256,"line":257,"context":258},"includes\\class-jws-deactivator.php",30,"$wpdb->query() with variable interpolation",{"file":256,"line":260,"context":258},31,{"escaped":144,"rawEcho":262,"locations":263},147,[264,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,301,303,305,307,309,311,312,314,316,318,320,322,324,326,328,331,333,335,337,338,340,341,343,345,347,348,349,351,353,355,357,360,362,364,366,367,369,370,372,374,376,378,379,380,382,384,386,388,391,392,394,395,397,398,400,401,403,404,406,407,409,410,412,413,415,416,417,418,420,421,422,423,424,426,427,429,430,431,433,435,436,437,438,439,440,441,442,443,444,445,446,447,450,451,453,454,456,458,459,460,462,463,465,467,468,469,470,472,474,476,478,480,482,484,486,489,490,492,494,496,499,501,503,505,506,508,509,511,513,515],{"file":265,"line":266,"context":267},"admin\\class-jws-admin.php",288,"raw output",{"file":265,"line":269,"context":267},298,{"file":265,"line":271,"context":267},308,{"file":265,"line":273,"context":267},309,{"file":265,"line":275,"context":267},310,{"file":265,"line":277,"context":267},328,{"file":265,"line":279,"context":267},348,{"file":265,"line":281,"context":267},369,{"file":265,"line":283,"context":267},377,{"file":265,"line":285,"context":267},388,{"file":265,"line":287,"context":267},410,{"file":265,"line":289,"context":267},433,{"file":265,"line":291,"context":267},454,{"file":265,"line":293,"context":267},555,{"file":265,"line":295,"context":267},568,{"file":265,"line":297,"context":267},1418,{"file":299,"line":300,"context":267},"admin\\partials\\jws-statistics-all.php",61,{"file":299,"line":302,"context":267},65,{"file":299,"line":304,"context":267},70,{"file":299,"line":306,"context":267},75,{"file":299,"line":308,"context":267},86,{"file":299,"line":310,"context":267},121,{"file":299,"line":196,"context":267},{"file":299,"line":313,"context":267},130,{"file":299,"line":315,"context":267},135,{"file":299,"line":317,"context":267},146,{"file":299,"line":319,"context":267},178,{"file":299,"line":321,"context":267},184,{"file":299,"line":323,"context":267},186,{"file":299,"line":325,"context":267},189,{"file":299,"line":327,"context":267},193,{"file":329,"line":330,"context":267},"admin\\partials\\jws-statistics-author.php",55,{"file":329,"line":332,"context":267},59,{"file":329,"line":334,"context":267},62,{"file":329,"line":336,"context":267},74,{"file":329,"line":106,"context":267},{"file":329,"line":339,"context":267},89,{"file":329,"line":144,"context":267},{"file":329,"line":342,"context":267},104,{"file":329,"line":344,"context":267},116,{"file":329,"line":346,"context":267},143,{"file":329,"line":317,"context":267},{"file":329,"line":262,"context":267},{"file":329,"line":350,"context":267},150,{"file":329,"line":352,"context":267},156,{"file":329,"line":354,"context":267},163,{"file":329,"line":356,"context":267},170,{"file":358,"line":359,"context":267},"admin\\partials\\jws-statistics-category.php",54,{"file":358,"line":361,"context":267},58,{"file":358,"line":363,"context":267},63,{"file":358,"line":365,"context":267},68,{"file":358,"line":306,"context":267},{"file":358,"line":368,"context":267},81,{"file":358,"line":187,"context":267},{"file":358,"line":371,"context":267},127,{"file":358,"line":373,"context":267},128,{"file":358,"line":375,"context":267},131,{"file":358,"line":377,"context":267},137,{"file":358,"line":204,"context":267},{"file":358,"line":212,"context":267},{"file":381,"line":252,"context":267},"admin\\partials\\jws-statistics-frequency.php",{"file":381,"line":383,"context":267},76,{"file":381,"line":385,"context":267},77,{"file":381,"line":387,"context":267},133,{"file":389,"line":390,"context":267},"admin\\partials\\jws-statistics-menu.php",21,{"file":389,"line":390,"context":267},{"file":389,"line":393,"context":267},22,{"file":389,"line":393,"context":267},{"file":389,"line":396,"context":267},23,{"file":389,"line":396,"context":267},{"file":389,"line":399,"context":267},24,{"file":389,"line":399,"context":267},{"file":389,"line":402,"context":267},25,{"file":389,"line":402,"context":267},{"file":389,"line":405,"context":267},26,{"file":389,"line":405,"context":267},{"file":389,"line":408,"context":267},27,{"file":389,"line":408,"context":267},{"file":389,"line":411,"context":267},28,{"file":389,"line":411,"context":267},{"file":389,"line":414,"context":267},29,{"file":389,"line":414,"context":267},{"file":389,"line":257,"context":267},{"file":389,"line":257,"context":267},{"file":419,"line":330,"context":267},"admin\\partials\\jws-statistics-monthly.php",{"file":419,"line":332,"context":267},{"file":419,"line":385,"context":267},{"file":419,"line":144,"context":267},{"file":419,"line":136,"context":267},{"file":419,"line":425,"context":267},114,{"file":419,"line":313,"context":267},{"file":419,"line":428,"context":267},157,{"file":419,"line":354,"context":267},{"file":419,"line":356,"context":267},{"file":419,"line":432,"context":267},177,{"file":434,"line":359,"context":267},"admin\\partials\\jws-statistics-tags.php",{"file":434,"line":361,"context":267},{"file":434,"line":363,"context":267},{"file":434,"line":365,"context":267},{"file":434,"line":306,"context":267},{"file":434,"line":368,"context":267},{"file":434,"line":187,"context":267},{"file":434,"line":371,"context":267},{"file":434,"line":373,"context":267},{"file":434,"line":375,"context":267},{"file":434,"line":377,"context":267},{"file":434,"line":204,"context":267},{"file":434,"line":212,"context":267},{"file":448,"line":449,"context":267},"admin\\partials\\jws-statistics-top.php",57,{"file":448,"line":300,"context":267},{"file":448,"line":452,"context":267},66,{"file":448,"line":236,"context":267},{"file":448,"line":455,"context":267},82,{"file":448,"line":457,"context":267},112,{"file":448,"line":344,"context":267},{"file":448,"line":310,"context":267},{"file":448,"line":461,"context":267},126,{"file":448,"line":377,"context":267},{"file":448,"line":464,"context":267},169,{"file":448,"line":466,"context":267},175,{"file":448,"line":432,"context":267},{"file":448,"line":219,"context":267},{"file":448,"line":321,"context":267},{"file":471,"line":332,"context":267},"admin\\partials\\jws-statistics-totals.php",{"file":471,"line":473,"context":267},64,{"file":471,"line":475,"context":267},113,{"file":471,"line":477,"context":267},118,{"file":471,"line":479,"context":267},168,{"file":471,"line":481,"context":267},173,{"file":471,"line":483,"context":267},223,{"file":471,"line":485,"context":267},228,{"file":487,"line":488,"context":267},"admin\\partials\\jws-statistics-word-to-posts.php",38,{"file":487,"line":86,"context":267},{"file":487,"line":491,"context":267},45,{"file":487,"line":493,"context":267},49,{"file":487,"line":495,"context":267},53,{"file":497,"line":498,"context":267},"admin\\partials\\jws-statistics-yearly.php",56,{"file":497,"line":500,"context":267},60,{"file":497,"line":502,"context":267},78,{"file":497,"line":504,"context":267},93,{"file":497,"line":167,"context":267},{"file":497,"line":507,"context":267},115,{"file":497,"line":375,"context":267},{"file":497,"line":510,"context":267},158,{"file":497,"line":512,"context":267},164,{"file":497,"line":514,"context":267},171,{"file":497,"line":319,"context":267},[],[],{"summary":519,"deductions":520},"The \"just-writing-statistics\" plugin v5.4 exhibits a mixed security posture. While it shows positive signs like a high percentage of SQL queries using prepared statements and the absence of dangerous functions or file operations, significant concerns remain. The presence of one AJAX handler without any authentication checks is a critical oversight, creating a direct entry point for potential attackers. Furthermore, the plugin has a history of three medium-severity vulnerabilities, including SQL injection and cross-site scripting, indicating a recurring pattern of input validation and authorization issues. Although these past vulnerabilities are currently patched, the historical data combined with the unauthenticated AJAX endpoint suggests a need for ongoing vigilance and improvement in the plugin's security practices.",[521,523,526],{"reason":522,"points":65},"AJAX handler without authentication check",{"reason":524,"points":525},"Historical medium severity vulnerabilities (x3)",15,{"reason":527,"points":528},"Output escaping concerns (only 38% properly escaped)",8,"2026-03-16T18:46:00.150Z",{"wat":531,"direct":536},{"assetPaths":532,"generatorPatterns":533,"scriptPaths":534,"versionParams":535},[],[],[],[],{"cssClasses":537,"htmlComments":538,"htmlAttributes":539,"restEndpoints":540,"jsGlobals":541,"shortcodeOutput":542},[],[],[],[],[],[],{"error":544,"url":545,"statusCode":546,"statusMessage":547,"message":547},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fjust-writing-statistics\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":549,"versions":550},14,[551,556,564,572,580,587,594,603,611,620,630,640,650,660],{"version":6,"download_url":26,"svn_tag_url":552,"released_at":39,"has_diff":50,"diff_files_changed":553,"diff_lines":39,"trac_diff_url":554,"vulnerabilities":555,"is_current":544},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F5.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F5.3&new_path=%2Fjust-writing-statistics%2Ftags%2F5.4",[],{"version":557,"download_url":558,"svn_tag_url":559,"released_at":39,"has_diff":50,"diff_files_changed":560,"diff_lines":39,"trac_diff_url":561,"vulnerabilities":562,"is_current":50},"5.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.5.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F5.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F5.2&new_path=%2Fjust-writing-statistics%2Ftags%2F5.3",[563],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":565,"download_url":566,"svn_tag_url":567,"released_at":39,"has_diff":50,"diff_files_changed":568,"diff_lines":39,"trac_diff_url":569,"vulnerabilities":570,"is_current":50},"5.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.5.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F5.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F5.1&new_path=%2Fjust-writing-statistics%2Ftags%2F5.2",[571],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":573,"download_url":574,"svn_tag_url":575,"released_at":39,"has_diff":50,"diff_files_changed":576,"diff_lines":39,"trac_diff_url":577,"vulnerabilities":578,"is_current":50},"5.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.5.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F5.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F5.0&new_path=%2Fjust-writing-statistics%2Ftags%2F5.1",[579],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":180,"download_url":581,"svn_tag_url":582,"released_at":39,"has_diff":50,"diff_files_changed":583,"diff_lines":39,"trac_diff_url":584,"vulnerabilities":585,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.5.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F5.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.8&new_path=%2Fjust-writing-statistics%2Ftags%2F5.0",[586],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":57,"download_url":588,"svn_tag_url":589,"released_at":39,"has_diff":50,"diff_files_changed":590,"diff_lines":39,"trac_diff_url":591,"vulnerabilities":592,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.7&new_path=%2Fjust-writing-statistics%2Ftags%2F4.8",[593],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":595,"download_url":596,"svn_tag_url":597,"released_at":39,"has_diff":50,"diff_files_changed":598,"diff_lines":39,"trac_diff_url":599,"vulnerabilities":600,"is_current":50},"4.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.6&new_path=%2Fjust-writing-statistics%2Ftags%2F4.7",[601,602],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":17,"download_url":604,"svn_tag_url":605,"released_at":39,"has_diff":50,"diff_files_changed":606,"diff_lines":39,"trac_diff_url":607,"vulnerabilities":608,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.5&new_path=%2Fjust-writing-statistics%2Ftags%2F4.6",[609,610],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":118,"download_url":612,"svn_tag_url":613,"released_at":39,"has_diff":50,"diff_files_changed":614,"diff_lines":39,"trac_diff_url":615,"vulnerabilities":616,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.4&new_path=%2Fjust-writing-statistics%2Ftags%2F4.5",[617,618,619],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":68,"url_slug":69,"title":70,"severity":41,"cvss_score":73,"vuln_type":75,"patched_in_version":17},{"version":621,"download_url":622,"svn_tag_url":623,"released_at":39,"has_diff":50,"diff_files_changed":624,"diff_lines":39,"trac_diff_url":625,"vulnerabilities":626,"is_current":50},"4.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.3&new_path=%2Fjust-writing-statistics%2Ftags%2F4.4",[627,628,629],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":68,"url_slug":69,"title":70,"severity":41,"cvss_score":73,"vuln_type":75,"patched_in_version":17},{"version":631,"download_url":632,"svn_tag_url":633,"released_at":39,"has_diff":50,"diff_files_changed":634,"diff_lines":39,"trac_diff_url":635,"vulnerabilities":636,"is_current":50},"4.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.2&new_path=%2Fjust-writing-statistics%2Ftags%2F4.3",[637,638,639],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":68,"url_slug":69,"title":70,"severity":41,"cvss_score":73,"vuln_type":75,"patched_in_version":17},{"version":641,"download_url":642,"svn_tag_url":643,"released_at":39,"has_diff":50,"diff_files_changed":644,"diff_lines":39,"trac_diff_url":645,"vulnerabilities":646,"is_current":50},"4.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.1&new_path=%2Fjust-writing-statistics%2Ftags%2F4.2",[647,648,649],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":68,"url_slug":69,"title":70,"severity":41,"cvss_score":73,"vuln_type":75,"patched_in_version":17},{"version":651,"download_url":652,"svn_tag_url":653,"released_at":39,"has_diff":50,"diff_files_changed":654,"diff_lines":39,"trac_diff_url":655,"vulnerabilities":656,"is_current":50},"4.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fjust-writing-statistics%2Ftags%2F4.0&new_path=%2Fjust-writing-statistics%2Ftags%2F4.1",[657,658,659],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":68,"url_slug":69,"title":70,"severity":41,"cvss_score":73,"vuln_type":75,"patched_in_version":17},{"version":661,"download_url":662,"svn_tag_url":663,"released_at":39,"has_diff":50,"diff_files_changed":664,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":665,"is_current":50},"4.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-writing-statistics.4.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjust-writing-statistics\u002Ftags\u002F4.0\u002F",[],[666,667,668],{"id":52,"url_slug":53,"title":54,"severity":41,"cvss_score":58,"vuln_type":60,"patched_in_version":57},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":68,"url_slug":69,"title":70,"severity":41,"cvss_score":73,"vuln_type":75,"patched_in_version":17}]