[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6lfcfex-G9tAp7LEcHnNphYjJqbxVzShE00L5izOqw4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":32,"analysis":106,"fingerprints":261},"keon-toolset","Keon Toolset","2.4.5","keonthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeonthemes\u002F","\u003Cp>A demo importer plugin that makes importing starter sites effortless for building your website!\u003C\u002Fp>\n\u003Ch3>Images License\u003C\u002Fh3>\n\u003Cp>https:\u002F\u002Fpxhere.com\u002Fen\u002Flicense [CCO License]\u003C\u002Fp>\n","Import dummy data for themes developed by Keon Themes.",30000,1490109,0,"2026-01-07T05:31:00.000Z","6.9.4","4.6",[18,19,20],"demo-data","demo-data-importer","one-click-demo-import","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkeon-toolset.2.4.5.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,94,"2026-04-04T01:06:08.270Z",[33,50,65,76,92],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":13,"num_ratings":13,"last_updated":43,"tested_up_to":15,"requires_at_least":44,"requires_php":45,"tags":46,"homepage":21,"download_link":49,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"blockskit","Blockskit","1.2.2","BlockskitDev","https:\u002F\u002Fprofiles.wordpress.org\u002Fblockskitdev\u002F","\u003Cp>An easy plugin to import starter sites and add different effects to the image.\u003C\u002Fp>\n","An easy plugin to import starter sites and add different effects to the image.",8000,88023,"2025-12-21T10:23:00.000Z","5.9","7.4.9",[47,18,19,48,20],"block","image-block","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblockskit.1.2.2.zip",{"slug":51,"name":52,"version":53,"author":54,"author_profile":55,"description":56,"short_description":57,"active_installs":58,"downloaded":59,"rating":13,"num_ratings":13,"last_updated":60,"tested_up_to":61,"requires_at_least":16,"requires_php":16,"tags":62,"homepage":21,"download_link":63,"security_score":64,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"kortez-toolset","Kortez Toolset","1.1.2","kortezthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fkortezthemes\u002F","\u003Cp>A easy plugin to import dummy data for themes by Kortez Themes.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Kortez Toolset is inspired by Keon Toolset. Some of the codes used in this plugin are used from Keon Toolset as they are under GPL license.\u003C\u002Fp>\n\u003Ch3>Images License\u003C\u002Fh3>\n\u003Cp>https:\u002F\u002Fpxhere.com\u002Fen\u002Flicense [CCO License]\u003C\u002Fp>\n","Import dummy data for themes developed by Kortez Themes.",1000,19408,"2024-09-06T13:09:00.000Z","6.4.8",[18,19,20],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkortez-toolset.zip",92,{"slug":66,"name":67,"version":68,"author":37,"author_profile":38,"description":69,"short_description":70,"active_installs":23,"downloaded":71,"rating":13,"num_ratings":13,"last_updated":72,"tested_up_to":61,"requires_at_least":16,"requires_php":16,"tags":73,"homepage":21,"download_link":74,"security_score":75,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"blockskit-import","Blockskit Import","0.0.6","\u003Cp>A easy plugin to import starter sites.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Blockskit Import is inspired by Keon Toolset. Some of the codes used in this plugin are used from Keon Toolset as they are under GPL license.\u003C\u002Fp>\n\u003Ch3>Images License\u003C\u002Fh3>\n\u003Cp>https:\u002F\u002Fpxhere.com\u002Fen\u002Flicense [CCO License]\u003C\u002Fp>\n","A easy plugin to import starter sites.",5891,"2024-02-12T12:03:00.000Z",[18,19,20],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblockskit-import.zip",85,{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":13,"num_ratings":13,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":21,"download_link":91,"security_score":64,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"cyclone-demo-importer","Cyclone Demo Importer","2.9.60","Cyclone Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyclonetheme\u002F","\u003Cp>A easy plugin to import dummy data for themes by Cyclone Themes.\u003C\u002Fp>\n","Import Dummy data for themes developed by Cyclone Themes.",10000,537787,"2024-06-18T09:59:00.000Z","6.5.8","4.9","5.6",[18,20],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcyclone-demo-importer.2.9.60.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":58,"downloaded":100,"rating":13,"num_ratings":13,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":16,"tags":104,"homepage":21,"download_link":105,"security_score":64,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"candid-advanced-toolset","Candid Advanced Toolset","1.1.0","candidthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcandidthemes\u002F","\u003Cp>A easy plugin to import dummy data for themes by Candid Themes.\u003C\u002Fp>\n\u003Ch3>Images License\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All the images used on the plugins are GPL compatible\u003C\u002Fli>\n\u003C\u002Ful>\n","Import Dummy data for themes developed by Candid Themes.",45719,"2025-03-10T10:20:00.000Z","6.7.5","6.3",[18,20],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcandid-advanced-toolset.zip",{"attackSurface":107,"codeSignals":239,"taintFlows":254,"riskAssessment":255,"analyzedAt":260},{"hooks":108,"ajaxHandlers":219,"restRoutes":235,"shortcodes":236,"cronEvents":237,"entryPointCount":238,"unprotectedCount":28},[109,116,119,124,129,133,137,141,145,148,151,154,157,160,165,171,174,176,181,184,187,191,196,199,201,203,208,212,215],{"type":110,"name":111,"callback":112,"priority":113,"file":114,"line":115},"action","admin_enqueue_scripts","enqueue_styles",10,"demo\\base-install\\base-install.php",18,{"type":110,"name":111,"callback":117,"priority":113,"file":114,"line":118},"enqueue_scripts",19,{"type":110,"name":120,"callback":121,"file":122,"line":123},"switch_theme","flush_transient","demo\\functions.php",31,{"type":125,"name":126,"callback":127,"file":122,"line":128},"filter","advanced_export_include_options","export_include_options",32,{"type":110,"name":130,"callback":131,"file":122,"line":132},"advanced_import_before_complete_screen","update_elementskit_mega_menu_post",33,{"type":125,"name":134,"callback":135,"file":122,"line":136},"advanced_import_update_value_elementskit_options","update_elementskit_options",34,{"type":110,"name":111,"callback":138,"file":139,"line":140},"keon_toolset_bosa_store","includes\\admin-notices.php",11,{"type":110,"name":142,"callback":143,"file":139,"line":144},"admin_init","keon_toolset_notice_dismissed",71,{"type":110,"name":142,"callback":146,"file":139,"line":147},"keon_toolset_gutener_notice_dismissed",82,{"type":110,"name":120,"callback":149,"file":139,"line":150},"flush_admin_notices_dismiss_status",95,{"type":110,"name":111,"callback":152,"file":153,"line":140},"admin_scripts","includes\\class-bosa-pro-upgrade-notice.php",{"type":110,"name":142,"callback":155,"file":153,"line":156},"check_pro_install",12,{"type":110,"name":158,"callback":159,"file":153,"line":128},"admin_notices","admin_notice_bosa_pro",{"type":125,"name":161,"callback":162,"file":163,"line":164},"gutentor_advanced_import_templates","add_keon_template","includes\\class-template-library-base.php",62,{"type":110,"name":166,"callback":167,"priority":168,"file":169,"line":170},"customize_register","upsell_customize_register",99,"includes\\theme-check-functions.php",9,{"type":110,"name":158,"callback":172,"file":169,"line":173},"gutener_upsell_admin_notice",14,{"type":110,"name":158,"callback":175,"file":169,"line":118},"keon_store_admin_notice",{"type":110,"name":177,"callback":178,"file":179,"line":180},"customize_controls_enqueue_scripts","keon_toolset_customize_enqueue","includes\\upsell.php",16,{"type":110,"name":166,"callback":182,"priority":28,"file":179,"line":183},"remove_gutener_customize_register",26,{"type":110,"name":166,"callback":185,"priority":28,"file":179,"line":186},"remove_bosa_customize_register",36,{"type":125,"name":188,"callback":189,"file":179,"line":190},"st_woo_ai_rel_products_pro_link","keon_toolset_smart_related_products_affiliation",189,{"type":125,"name":192,"callback":193,"priority":113,"file":194,"line":195},"advanced_import_demo_lists","keon_toolset_demo_import_lists","keon-toolset.php",61,{"type":125,"name":197,"callback":198,"priority":113,"file":194,"line":164},"admin_menu","import_menu",{"type":125,"name":111,"callback":112,"priority":113,"file":194,"line":200},64,{"type":125,"name":111,"callback":117,"priority":113,"file":194,"line":202},65,{"type":110,"name":204,"callback":205,"priority":206,"file":194,"line":207},"advanced_import_replace_term_ids","replace_term_ids",20,66,{"type":110,"name":209,"callback":210,"priority":29,"file":194,"line":211},"advanced_import_replace_post_ids","replace_attachment_ids",67,{"type":110,"name":213,"callback":214,"file":194,"line":144},"advanced_import_after_complete_screen","kt_advance_import",{"type":110,"name":216,"callback":217,"file":194,"line":218},"advanced_import_after_content_screen","kt_advance_import_transient",72,[220,225,228,231],{"action":221,"nopriv":222,"callback":221,"hasNonce":223,"hasCapCheck":223,"file":114,"line":224},"install_base_theme",false,true,17,{"action":226,"nopriv":222,"callback":226,"hasNonce":223,"hasCapCheck":223,"file":153,"line":227},"remind_me_later_bosa_pro",13,{"action":229,"nopriv":222,"callback":230,"hasNonce":223,"hasCapCheck":223,"file":153,"line":173},"upgrade_bosa_pro_notice_dismiss","upgrade_dismiss",{"action":232,"nopriv":222,"callback":233,"hasNonce":222,"hasCapCheck":222,"file":194,"line":234},"keon_toolset_getting_started","install_advanced_import",63,[],[],[],4,{"dangerousFunctions":240,"sqlUsage":241,"outputEscaping":243,"fileOperations":13,"externalRequests":251,"nonceChecks":252,"capabilityChecks":252,"bundledLibraries":253},[],{"prepared":13,"raw":13,"locations":242},[],{"escaped":244,"rawEcho":245,"locations":246},51,2,[247,250],{"file":169,"line":248,"context":249},55,"raw output",{"file":169,"line":75,"context":249},8,6,[],[],{"summary":256,"deductions":257},"The keon-toolset plugin v2.4.5 exhibits a generally good security posture, with a notable absence of known vulnerabilities and a strong adherence to secure coding practices in several areas. The code analysis reveals a low attack surface with a majority of entry points secured. SQL queries are exclusively handled through prepared statements, and a high percentage of output is properly escaped, indicating diligent effort to prevent common web vulnerabilities. The plugin also demonstrates good usage of nonce and capability checks for its identified entry points.\n\nHowever, a significant concern arises from the presence of one AJAX handler that lacks authentication checks. This represents a direct pathway for unauthenticated attackers to potentially interact with the plugin's backend functionality, which could lead to unauthorized actions or information disclosure if not properly mitigated by other layers of defense within the application. The absence of reported CVEs and historical vulnerabilities is a positive indicator, suggesting a history of secure development or at least a lack of publicly discovered flaws. Nonetheless, the single unprotected AJAX endpoint is a critical oversight that warrants immediate attention.\n\nIn conclusion, while keon-toolset v2.4.5 has strong foundations in secure coding, the unprotected AJAX handler introduces a tangible risk. The plugin's historical lack of vulnerabilities is commendable, but it does not negate the immediate threat posed by the identified code weakness. Addressing this specific vulnerability is paramount to maintaining a secure environment.",[258],{"reason":259,"points":113},"Unprotected AJAX handler","2026-03-16T17:23:18.232Z",{"wat":262,"direct":271},{"assetPaths":263,"generatorPatterns":266,"scriptPaths":267,"versionParams":268},[264,265],"\u002Fwp-content\u002Fplugins\u002Fkeon-toolset\u002Fdemo\u002Fbase-install\u002Fassets\u002Fbase-install.css","\u002Fwp-content\u002Fplugins\u002Fkeon-toolset\u002Fdemo\u002Fbase-install\u002Fassets\u002Fbase-install.js",[],[265],[269,270],"keon-toolset\u002Fdemo\u002Fbase-install\u002Fassets\u002Fbase-install.css?ver=","keon-toolset\u002Fdemo\u002Fbase-install\u002Fassets\u002Fbase-install.js?ver=",{"cssClasses":272,"htmlComments":284,"htmlAttributes":285,"restEndpoints":289,"jsGlobals":290,"shortcodeOutput":293},[273,274,275,276,277,278,279,280,281,282,283],"kt-base-install-notice-wrapper","kt-base-install-notice","kt-base-install-notice-icon","kt-base-install-notice-content","kt-base-install-notice-title","kt-base-install-notice-description","kt-base-install-buttons","kt-install-theme-btn","kt-install-theme-btn-link","kt-deactivate-theme-btn","kt-deactivate-theme-btn-link",[],[286,287,288],"data-kt-install-theme","data-kt-install-plugin","data-kt-activate-plugin",[],[291,292],"kt_base_install","direct_install",[]]