[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fymosCJXpIEjx82R2nUOUt6OSVO8X6gYn0e-rBiEO4RM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":143,"fingerprints":278},"leadsquared-website-topbar","LeadSquared Website Topbar","1.5","LeadSquared","https:\u002F\u002Fprofiles.wordpress.org\u002Fleadsquared\u002F","\u003Cp>Website Topbar helps you direct your website visitors to a web page that matters to you. You can use it to direct your visitors to your product purchase page, your webinar registration page, your newsletter sign-up page or any landing page that matters. It is a very easy to use plugin with complete configuration of the text and colors of the bar. You can even control how long you want to display it. The help documentation is on http:\u002F\u002Fhelp.leadsquared.com\u002Fhow-can-i-use-leadsquareds-website-top-bar-plugin-for-wordpress\u002F\u003C\u002Fp>\n","Website Topbar helps you direct your website visitors to a web page that matters to you. You can use it to direct your visitors to your product purcha …",10,2393,80,3,"2014-04-11T02:00:00.000Z","3.7.41","3.0","",[20,21,22,23,24],"call-to-action","cta","lead-bar","tool-bar","top-bar","http:\u002F\u002Fhelp.leadsquared.com\u002Fhow-can-i-use-leadsquareds-website-top-bar-plugin-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fleadsquared-website-topbar.1.5.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"leadsquared",1,30,84,"2026-04-04T16:50:21.750Z",[39,63,84,105,124],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":35,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":34,"unpatched_count":28,"last_vuln_date":62,"fetched_at":30},"mobile-contact-bar","Mobile Contact Bar","3.0.5","Anna Bansaghi","https:\u002F\u002Fprofiles.wordpress.org\u002Fannabansaghi\u002F","\u003Cp>Mobile Contact Bar is a compact and highly customizable plugin, which allows your visitors to contact you directly via mobile phones, or access your site’s pages instantly.\u003C\u002Fp>\n\u003Cp>The settings page is available under the \u003Cem>Settings → Mobile Contact Bar\u003C\u002Fem> menu in the WordPress dashboard.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Icons for social media, call-to-actions, or any links to web pages\u003C\u002Fli>\n\u003Cli>Simple and intuitive styling with the aid of the Real-time Model\u003C\u002Fli>\n\u003Cli>Built-in icon picker with \u003Ca href=\"https:\u002F\u002Ffontawesome.com\u002F\" rel=\"nofollow ugc\">Font Awesome 6\u003C\u002Fa> integration\u003C\u002Fli>\n\u003Cli>Customizable URLs using query string parameters\u003C\u002Fli>\n\u003Cli>No data collection from your website’s visitors\u003C\u002Fli>\n\u003Cli>Super easy to use, no coding required!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Special Actions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Scroll to Top of the page\u003C\u002Fli>\n\u003Cli>WooCommerce Cart with Item Counter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Protocols\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>http\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>https\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>mailto\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>skype\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>sms\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>tel\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>viber\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Tested with\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Twenty Twenty-Four\u003C\u002Fli>\n\u003Cli>Twenty Twenty-Three\u003C\u002Fli>\n\u003Cli>Twenty Twenty-Two\u003C\u002Fli>\n\u003Cli>Twenty Twenty-One\u003C\u002Fli>\n\u003Cli>Twenty Twenty\u003C\u002Fli>\n\u003Cli>Twenty Nineteen\u003C\u002Fli>\n\u003Cli>Twenty Seventeen\u003C\u002Fli>\n\u003Cli>Twenty Sixteen\u003C\u002Fli>\n\u003Cli>Twenty Fifteen\u003C\u002Fli>\n\u003Cli>Twenty Fourteen\u003C\u002Fli>\n\u003Cli>Twenty Thirteen\u003C\u002Fli>\n\u003Cli>Twenty Twelve\u003C\u002Fli>\n\u003Cli>Twenty Eleven\u003C\u002Fli>\n\u003Cli>Twenty Ten\u003C\u002Fli>\n\u003C\u002Ful>\n","Allow your visitors to contact you via mobile phones, or access your site's pages instantly.",10000,145200,92,"2025-08-09T08:40:00.000Z","6.8.5","4.6","5.3",[20,55,56,57,58],"cta-button","icon","social-media","woocommerce-cart","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmobile-contact-bar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmobile-contact-bar.3.0.5.zip",99,"2025-03-03 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":49,"num_ratings":35,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":81,"download_link":82,"security_score":61,"vuln_count":34,"unpatched_count":28,"last_vuln_date":83,"fetched_at":30},"mailchimp-top-bar","MC4WP: Mailchimp Top Bar","1.7.4","Danny van Kooten","https:\u002F\u002Fprofiles.wordpress.org\u002Fdvankooten\u002F","\u003Cp>Adds a beautiful, customizable sign-up bar to the top or bottom of your WordPress site. This bar is guaranteed to get the attention of your visitor and\u003Cbr \u002F>\nincrease your Mailchimp subscribers.\u003C\u002Fp>\n\u003Cp>This plugin is an add-on for the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailchimp-for-wp\u002F\" rel=\"ugc\">Mailchimp for WordPress plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Mailchimp Top Bar adds a simple yet beautiful & customizable opt-in bar to the top or bottom of your WordPress site.\u003C\u002Fp>\n\u003Cp>Using this bar, people can subscribe to a Mailchimp audience of your choice.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Guaranteed to boost conversions.\u003C\u002Fli>\n\u003Cli>Unobtrusive, visitors can easily dismiss the bar.\u003C\u002Fli>\n\u003Cli>Easy to install & configure, just select a Mailchimp audience and you’re good to.\u003C\u002Fli>\n\u003Cli>Customizable, you can edit the bar text and colors from the plugin settings.\u003C\u002Fli>\n\u003Cli>The bar can be at the top or bottom of the visitor’s screen\u003C\u002Fli>\n\u003Cli>Lightweight, the plugin consists of just a single 2.6 kB JavaScript file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>More information\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailchimp-for-wp\u002F\" rel=\"ugc\">MC4WP: Mailchimp for WordPress on WordPress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.mc4wp.com\u002F\" rel=\"nofollow ugc\">MC4WP: Mailchimp for WordPress website\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the author\u003C\u002Fh4>\n\u003Cp>Mailchimp Top Bar is a plugin by \u003Ca href=\"https:\u002Fwww.ibericode.com\u002F\" rel=\"nofollow ugc\">ibericode\u003C\u002Fa>, a company from The Netherlands that you may know from other plugins like \u003Ca href=\"https:\u002F\u002Fwww.mc4wp.com\u002F\" rel=\"nofollow ugc\">Mailchimp for WordPress\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.boxzillaplugin.com\" rel=\"nofollow ugc\">Boxzilla Pop-ups\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.kokoanalytics.com\u002F\" rel=\"nofollow ugc\">Koko Analytics\u003C\u002Fa>.\u003C\u002Fp>\n","Adds a Mailchimp opt-in form to the top or bottom of your WordPress site.",7000,364678,"2026-02-23T12:13:00.000Z","6.9.4","4.9","7.4",[20,78,79,80,24],"form","mailchimp","subscribe","https:\u002F\u002Fwww.mc4wp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailchimp-top-bar.1.7.4.zip","2024-10-01 00:00:00",{"slug":85,"name":86,"version":66,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":74,"requires_at_least":96,"requires_php":76,"tags":97,"homepage":18,"download_link":101,"security_score":102,"vuln_count":103,"unpatched_count":34,"last_vuln_date":104,"fetched_at":30},"easy-sticky-sidebar","WP CTA – Sticky CTA Builder, Generate Leads, Promote Sales","Blend Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fblendmedia\u002F","\u003Cp>WP CTA: A powerful, easy-to-use plugin to create compelling call-to-actions. Drive conversions, increase sales, and generate leads effortlessly.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>3 Pre-built Templates\u003C\u002Fstrong>: Choose from banner, sticky sidebar, and HTML templates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Customization\u003C\u002Fstrong>: Customize colors, fonts, positioning, and content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Design\u003C\u002Fstrong>: Works perfectly on all devices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Page Targeting\u003C\u002Fstrong>: Display CTAs on specific pages or site-wide\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Development Mode\u003C\u002Fstrong>: Test your CTAs before going live\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Coding Required\u003C\u002Fstrong>: User-friendly interface for easy setup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>E-commerce websites\u003C\u002Fli>\n\u003Cli>Lead generation campaigns\u003C\u002Fli>\n\u003Cli>Affiliate marketing\u003C\u002Fli>\n\u003Cli>Content promotion\u003C\u002Fli>\n\u003Cli>Newsletter signups\u003C\u002Fli>\n\u003Cli>Product launches\u003C\u002Fli>\n\u003Cli>Special offers and discounts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Templates Included\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Banner Template\u003C\u002Fstrong>: Eye-catching top\u002Fbottom banners\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sticky Sidebar\u003C\u002Fstrong>: Persistent sidebar CTAs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>HTML Template\u003C\u002Fstrong>: Fully customizable HTML CTAs\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Easy Setup\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>Create your first CTA\u003C\u002Fli>\n\u003Cli>Choose a template\u003C\u002Fli>\n\u003Cli>Customize design and content\u003C\u002Fli>\n\u003Cli>Set display conditions\u003C\u002Fli>\n\u003Cli>Publish and track results\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Pro Version Available\u003C\u002Fh4>\n\u003Cp>Upgrade to \u003Ca href=\"https:\u002F\u002Fwpctapro.com\u002F\" rel=\"nofollow ugc\">WP CTA Pro\u003C\u002Fa> for advanced features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unlimited CTAs\u003C\u002Fli>\n\u003Cli>Advanced targeting options\u003C\u002Fli>\n\u003Cli>A\u002FB testing\u003C\u002Fli>\n\u003Cli>Click tracking and analytics\u003C\u002Fli>\n\u003Cli>Custom CSS editor\u003C\u002Fli>\n\u003Cli>Priority support\u003C\u002Fli>\n\u003Cli>And much more!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, please visit our \u003Ca href=\"https:\u002F\u002Fwpctapro.com\u002Fhelp\" rel=\"nofollow ugc\">support page\u003C\u002Fa> or contact us at support@wpctapro.com.\u003C\u002Fp>\n\u003Ch3>Pro Version\u003C\u002Fh3>\n\u003Cp>Upgrade to \u003Ca href=\"https:\u002F\u002Fwpctapro.com\u002F\" rel=\"nofollow ugc\">WP CTA Pro\u003C\u002Fa> for advanced features and priority support.\u003C\u002Fp>\n","WordPress Call To Action plugin to promote content, increase sales and leads. Easy to use and includes 3 professional, flexible templates.",2000,80117,88,7,"2026-02-11T18:56:00.000Z","4.0",[20,21,98,99,100],"lead-generation","sticky-cta","woocommerce-sales","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-sticky-sidebar.1.7.4.zip",72,5,"2026-03-03 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":91,"downloaded":113,"rating":114,"num_ratings":34,"last_updated":115,"tested_up_to":51,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":122,"download_link":123,"security_score":114,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"topbar-call-to-action","TopBar Call To Action","1.1.6","sharkthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fsharkthemes\u002F","\u003Cp>TopBar Call To Action provides you option to add clean and elegant topbar notification or call to action section in your website. This plugin adds beauty to your website as well as it plays a very important role to upsell your products or services to a huge extent. This plugin uses customizer api to edit or customize. It is very easy to use and easy to setup.\u003C\u002Fp>\n\u003Ch4>Customization and Flexibility\u003C\u002Fh4>\n\u003Cp>TopBar Call To Action offers you a very easy customization from customizer.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>TopBar Call To Action WordPress Plugin, Copyright 2019, Shark Themes\u003Cbr \u002F>\nLink: https:\u002F\u002Fwww.sharkthemes.com\u002Fdownloads\u002Ftopbar-call-to-action\u003C\u002Fp>\n\u003Cp>jquery.cookie – 1.4.1\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fcarhartl\u002Fjquery-cookie\u003Cbr \u002F>\nLicense: The MIT License (MIT) Copyright 2014 Klaus Hartl\u003Cbr \u002F>\nlicense Url : https:\u002F\u002Fgithub.com\u002Fcarhartl\u002Fjquery-cookie\u002Fblob\u002Fmaster\u002FMIT-LICENSE.txt\u003C\u002Fp>\n","Allow user to add upsales or any call to actions with TopBar Call To Action.",94598,100,"2025-06-29T17:08:00.000Z","5.0","5.6",[21,119,106,120,121],"topbar","topbar-cta","upsell","https:\u002F\u002Fwww.sharkthemes.com\u002Fdownloads\u002Ftopbar-call-to-action","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftopbar-call-to-action.1.1.6.zip",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":34,"last_updated":135,"tested_up_to":74,"requires_at_least":116,"requires_php":136,"tags":137,"homepage":141,"download_link":142,"security_score":114,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"call-to-action-block-wppool","Call to Action Block by WPPOOL","2.1.3","WPPOOL","https:\u002F\u002Fprofiles.wordpress.org\u002Fwppool\u002F","\u003Cp>A fully featured Gutenberg block plugin that has a call to action block with extended customization support and great design. It currently has 10+ separate call to action layouts along with options for background color, image, and gradient.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FcSxGaPWfPCQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>How to use as gutenberg block?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>While you are on the post\u002Fpage edit screen click on gutenberg plus icon to add a new gutenberg block\u003C\u002Fli>\n\u003Cli>Add “Call to action” from “Common” category\u003C\u002Fli>\n\u003Cli>Set link, layout, background etc from inspector control panel\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>🔥 More Awesome Plugins\u003C\u002Fh3>\n\u003Cp>If you like Call to Action Block, then consider checking out our other awesome projects:\u003C\u002Fp>\n\u003Cp>🌓 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-dark-mode\u002F\" rel=\"ugc\">WP Dark Mode\u003C\u002Fa>\u003C\u002Fstrong>  – Use WP Dark Mode plugin to create a stunning dark version for your WordPress website. WP Dark Mode works automatically without going into any complicated settings.\u003C\u002Fp>\n\u003Cp>🔄 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsheets-to-wp-table-live-sync\u002F\" rel=\"ugc\">Sheets To WP Table Live Sync\u003C\u002Fa>\u003C\u002Fstrong>  – Quick. Easy. Simple. Keep your Google Spreadsheet data always synced LIVE with the WordPress table. Responsive data tables with as many data you want to display – Sheets to WP Table Live Sync plugin got it all!\u003C\u002Fp>\n\u003Cp>🎥 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwebinar-and-video-conference-with-jitsi-meet\u002F\" rel=\"ugc\">Webinar & Video Conference with Jitsi Meet\u003C\u002Fa>\u003C\u002Fstrong>  – Experience WordPress video conference plugin and live video chat solution. Get shortcode support with WooCommerce and BuddyPress integration.\u003C\u002Fp>\n\u003Cp>👍 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-video-reviews\u002F\" rel=\"ugc\">Easy Video Reviews\u003C\u002Fa>\u003C\u002Fstrong>  – Easy Video Reviews is a user-friendly video review plugin for WordPress. Your customers can record and send video testimonials right from their browser, and you can manage and showcase anywhere on your WordPress website.\u003C\u002Fp>\n\u003Cp>💹 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fstock-sync-with-google-sheet-for-woocommerce\u002F\" rel=\"ugc\">Stock Sync with Google Sheets for WooCommerce\u003C\u002Fa>\u003C\u002Fstrong> – Auto-sync WooCommerce products from Google Sheets. An easy and powerful solution for WooCommerce inventory management, stock management, and bulk edit.\u003C\u002Fp>\n","Add a stunning call to action (CTA) block to your WordPress post or page using 10+ prebuilt call to action layouts for Gutenberg.",1000,28538,20,"2025-12-09T09:08:00.000Z","5.4",[138,139,20,21,140],"block","button","gutenberg","https:\u002F\u002Fblock-cta.wppool.dev\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcall-to-action-block-wppool.2.1.3.zip",{"attackSurface":144,"codeSignals":171,"taintFlows":245,"riskAssessment":265,"analyzedAt":277},{"hooks":145,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":28,"unprotectedCount":28},[146,152,156,160,163],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_enqueue_scripts","scripts_for_admin_page","index.php",18,{"type":147,"name":153,"callback":154,"file":150,"line":155},"init","adding_jquery",19,{"type":147,"name":157,"callback":158,"file":150,"line":159},"wp_enqueue_scripts","leadsquared_scripts_enqueue",59,{"type":147,"name":161,"callback":162,"file":150,"line":13},"wp_head","print_on_which_page",{"type":147,"name":164,"callback":165,"file":150,"line":166},"admin_menu","leadsquare_top_bar_nav_page",119,[],[],[],[],{"dangerousFunctions":172,"sqlUsage":173,"outputEscaping":175,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":244},[],{"prepared":28,"raw":28,"locations":174},[],{"escaped":28,"rawEcho":176,"locations":177},41,[178,182,183,185,186,187,189,191,192,193,194,196,198,199,201,203,206,208,210,212,213,215,217,218,219,220,221,222,223,225,227,229,230,232,233,235,236,238,239,241,242],{"file":179,"line":180,"context":181},"inc\\page_html.php",27,"raw output",{"file":179,"line":180,"context":181},{"file":179,"line":184,"context":181},32,{"file":179,"line":184,"context":181},{"file":179,"line":184,"context":181},{"file":179,"line":188,"context":181},33,{"file":179,"line":190,"context":181},35,{"file":179,"line":190,"context":181},{"file":179,"line":190,"context":181},{"file":179,"line":190,"context":181},{"file":179,"line":195,"context":181},38,{"file":179,"line":197,"context":181},40,{"file":179,"line":176,"context":181},{"file":179,"line":200,"context":181},42,{"file":179,"line":202,"context":181},43,{"file":204,"line":205,"context":181},"inc\\top_nav_bar_admin_page_sttings.php",60,{"file":204,"line":207,"context":181},63,{"file":204,"line":209,"context":181},64,{"file":204,"line":211,"context":181},65,{"file":204,"line":211,"context":181},{"file":204,"line":214,"context":181},67,{"file":204,"line":216,"context":181},69,{"file":204,"line":216,"context":181},{"file":204,"line":216,"context":181},{"file":204,"line":216,"context":181},{"file":204,"line":216,"context":181},{"file":204,"line":13,"context":181},{"file":204,"line":93,"context":181},{"file":204,"line":224,"context":181},89,{"file":204,"line":226,"context":181},97,{"file":204,"line":228,"context":181},215,{"file":204,"line":228,"context":181},{"file":204,"line":231,"context":181},216,{"file":204,"line":231,"context":181},{"file":204,"line":234,"context":181},223,{"file":204,"line":234,"context":181},{"file":204,"line":237,"context":181},224,{"file":204,"line":237,"context":181},{"file":204,"line":240,"context":181},231,{"file":204,"line":240,"context":181},{"file":204,"line":243,"context":181},267,[],[246],{"entryPoint":247,"graph":248,"unsanitizedCount":34,"severity":264},"\u003Ctop_nav_bar_admin_page_sttings> (inc\\top_nav_bar_admin_page_sttings.php:0)",{"nodes":249,"edges":261},[250,255],{"id":251,"type":252,"label":253,"file":204,"line":254},"n0","source","$_POST",21,{"id":256,"type":257,"label":258,"file":204,"line":259,"wp_function":260},"n1","sink","update_option() [Settings Manipulation]",25,"update_option",[262],{"from":251,"to":256,"sanitized":263},false,"low",{"summary":266,"deductions":267},"The plugin 'leadsquared-website-topbar' v1.5 exhibits a mixed security posture. On one hand, the absence of known CVEs and a clean vulnerability history is a positive sign, suggesting a generally well-maintained codebase. The static analysis also indicates no direct use of dangerous functions, no file operations, and no external HTTP requests, which reduces common attack vectors. Furthermore, all SQL queries are utilizing prepared statements, a crucial practice for preventing SQL injection vulnerabilities. However, a significant concern arises from the output escaping, with 0% of 41 total outputs being properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected into the website through the plugin's output. The taint analysis also revealed one flow with unsanitized paths, which, although not classified as critical or high severity, warrants attention. The complete lack of nonce and capability checks on entry points, coupled with no documented security checks on AJAX handlers or REST API routes, further exacerbates the XSS risk and opens the door to potential unauthorized actions if an attacker can find a way to bypass these missing checks.",[268,270,273,275],{"reason":269,"points":94},"Unescaped output",{"reason":271,"points":272},"Flows with unsanitized paths",4,{"reason":274,"points":103},"No nonce checks",{"reason":276,"points":103},"No capability checks","2026-03-17T00:12:59.316Z",{"wat":279,"direct":304},{"assetPaths":280,"generatorPatterns":290,"scriptPaths":291,"versionParams":294},[281,282,283,284,285,286,287,288,289],"\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fcss\u002Fjquery-ui-timepicker-addon.css","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fcss\u002Finnerstyle.css","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fjs\u002Fdatetimepicker\u002Fjquery-ui-timepicker-addon.js","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fjs\u002Fjscolor\u002Fjscolor.js","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fjs\u002Fadmin_script.js","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fjs\u002Flscookie.js","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fjs\u002Four_script.js","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fcss\u002Fnav_bar_style.css","\u002Fwp-content\u002Fplugins\u002Fleadsquared-website-topbar\u002Fcss\u002Fstyle.css",[],[292,293],"http:\u002F\u002Fcode.jquery.com\u002Fui\u002F1.10.3\u002Fthemes\u002Fsmoothness\u002Fjquery-ui.css","http:\u002F\u002Fcode.jquery.com\u002Fui\u002F1.10.3\u002Fjquery-ui.js",[295,296,297,298,299,300,301,302,303],"leadsquared-website-topbar\u002Fcss\u002Fjquery-ui-timepicker-addon.css?ver=","leadsquared-website-topbar\u002Fcss\u002Finnerstyle.css?ver=","leadsquared-website-topbar\u002Fjs\u002Fdatetimepicker\u002Fjquery-ui-timepicker-addon.js?ver=","leadsquared-website-topbar\u002Fjs\u002Fjscolor\u002Fjscolor.js?ver=","leadsquared-website-topbar\u002Fjs\u002Fadmin_script.js?ver=","leadsquared-website-topbar\u002Fjs\u002Flscookie.js?ver=","leadsquared-website-topbar\u002Fjs\u002Four_script.js?ver=","leadsquared-website-topbar\u002Fcss\u002Fnav_bar_style.css?ver=","leadsquared-website-topbar\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":305,"htmlComments":307,"htmlAttributes":310,"restEndpoints":313,"jsGlobals":314,"shortcodeOutput":316},[306],"ls-sticky-bar",[308,309],"\u003C!--LeadSquared Website Top Bar Starts Here-->","\u003C!--LeadSquared Website Top Bar Ends Here-->",[311,312],"data-ls-id","data-ls-expiry",[],[7,315],"lsq_global_cookie_duration",[]]