[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNs0fHsrjruIzOzut4gG4zBPsMZVLo0I-1xSUS9wVOzY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":14,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":58,"fingerprints":642},"luntan","ForumHub论坛\u002F帖子\u002F问答\u002F社区\u002F话题插件","0.0.8","沃之涛","https:\u002F\u002Fprofiles.wordpress.org\u002Fkelerkgibo\u002F","\u003Cp>This plugin is part of our long-term WordPress engineering practice.\u003Cbr \u002F>\n主要功能是论坛\u002F帖子\u002F问答\u002F社区\u002F话题。包含登录、注册、邮箱系统、发布帖子、回复帖子、评论、点赞、踩、帖子分类、帖子审核、帖子管理（转移分类、删除帖子）等功能。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>温馨提示\u003C\u002Fstrong>：\u003Cbr \u002F>\n上述部分功能，都为初始版本如果出现BUG问题请及时联系我们网址：\u003Ca href=\"https:\u002F\u002Fwww.seoceo.cn\" title=\"沃之涛官网\" rel=\"friend nofollow ugc\">www.seoceo.cn\u003C\u002Fa>\u003Cbr \u002F>\n需要注意本插件需要依赖于第三方授权才可以正常使用授权地址：\u003Ca href=\"https:\u002F\u002Fwww.seoceo.cn\u002Fqxcp.html\" title=\"授权\" rel=\"friend nofollow ugc\">授权地址\u003C\u002Fa>\u003Cbr \u002F>\n在使用我们插件的同时请阅读我们的第三方用户服务协议条款：\u003Ca href=\"https:\u002F\u002Fwww.seoceo.cn\u002Findex\u002Findex\u002Fserver\" title=\"服务协议条款\" rel=\"friend nofollow ugc\">服务协议条款\u003C\u002Fa>\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.seoceo.cn\u002Fstatic\u002Findex\u002Fimages\u002Fmxl\u002Fwxqun_qrcode.png该地址是我们的插件微信客服地址,由于微信二维码会再7天内过期,所以我们需要放到远程通过人工进行定期更换\u003C\u002Fp>\n\u003Cp>\u003Cstrong>服务条款\u003C\u002Fstrong>\u003Cbr \u002F>\n用户协议：\u003Ca href=\"https:\u002F\u002Fwww.seoceo.cn\u002Findex\u002Findex\u002Fserver\" title=\"服务协议条款\" rel=\"friend nofollow ugc\">服务协议条款\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>论坛\u002F帖子\u002F问答\u002F社区\u002F话题插件是一款包含登录、注册、邮箱系统、发布帖子、回复帖子、评论、点赞、踩、帖子分类、帖子审核、帖子管理（转移分类、删除帖子）等功能的一个论坛插件。\u003C\u002Fp>\n\u003Cp>如果你在WordPress主题和插件上有更多的需求，也希望您可以向我们提出意见建议，我们将会记录下来并根据实际情况，推出更多符合大家需求的主题和插件。\u003C\u002Fp>\n\u003Cp>致谢！\u003C\u002Fp>\n","主要功能是论坛\u002F帖子\u002F问答\u002F社区\u002F话题。包含登录、注册、邮箱系统、发布帖子、回复帖子、评论、点赞、踩、帖子分类、帖子审核、帖子管理（转移分类、删除帖子）等功能。",10,767,0,"","6.9.4","5.3","7.4",[19,20,21,22,23],"%e7%a4%be%e5%8c%ba","%e9%97%ae%e7%ad%94","%e8%ae%ba%e5%9d%9b","%e8%af%9d%e9%a2%98","%e5%b8%96%e5%ad%90","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fluntan.0.0.8.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"kelerkgibo",8,1270,99,98,78,"2026-04-04T19:03:31.373Z",[38],{"slug":39,"name":40,"version":41,"author":39,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":14,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":57},"pinglunla","评论啦系统 Pinglunla Comment System","0.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fpinglunla\u002F","\u003Cp>评论啦可以帮助您实现更加便捷, 更富交互性的评论社区。\u003Cbr \u002F>\n通过评论啦提供的社会化功能, 网站主可以有效的提高用户的活跃度和回访率。\u003Cbr \u002F>\n用户使用评论啦, 可以存储、管理自己在互联网上的评论记录。\u003C\u002Fp>\n\u003Ch4>评论啦WordPress插件\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>可以直接在wordpress后台设置评论参数\u003C\u002Fli>\n\u003Cli>评论内容可以被搜索引擎收录(支持SEO)`\u003C\u002Fli>\n\u003Cli>可一键导入wordpress已有的评论内容\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>论啦功能特色\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>支持评论内容一键导入评论啦, 一键导回wordpress！\u003C\u002Fli>\n\u003Cli>开通了微博同步功能（可自定义）和评论回流功能\u003C\u002Fli>\n\u003Cli>评论分享, 社交网络内广泛传播\u003C\u002Fli>\n\u003Cli>评论和回复的邮件通知\u003C\u002Fli>\n\u003Cli>评论关注, 找到志同道合的人\u003C\u002Fli>\n\u003Cli>评论里可插入多媒体内容\u003C\u002Fli>\n\u003Cli>强大的后台管理工具\u003C\u002Fli>\n\u003Cli>垃圾评论过滤, 黑名单设置\u003C\u002Fli>\n\u003Cli>支持社区小插件, 了解社区动态\u003C\u002Fli>\n\u003Cli>汇集来自各大SNS的用户, 形成大的讨论社区\u003C\u002Fli>\n\u003Cli>为网站带来活跃用户\u003C\u002Fli>\n\u003C\u002Ful>\n","评论啦, 功能强大的社会化评论系统, 提升活跃度, 带流量, 一起发现评论, 发现互联网",7601,"2012-06-07T04:51:00.000Z","3.3.2","2.0.2",[50,51,52,53,39],"%e7%a4%be%e4%bc%9a%e5%8c%96%e8%af%84%e8%ae%ba%e7%b3%bb%e7%bb%9f","%e8%af%84%e8%ae%ba","%e8%af%84%e8%ae%ba%e7%ae%a1%e7%90%86","%e8%af%84%e8%ae%ba%e5%95%a6","http:\u002F\u002Fwww.pinglunla.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpinglunla.zip",85,"2026-03-15T15:16:48.613Z",{"attackSurface":59,"codeSignals":244,"taintFlows":515,"riskAssessment":635,"analyzedAt":641},{"hooks":60,"ajaxHandlers":141,"restRoutes":241,"shortcodes":242,"cronEvents":243,"entryPointCount":211,"unprotectedCount":13},[61,67,70,73,77,81,85,89,92,96,100,104,108,111,114,116,121,124,127,129,133,137],{"type":62,"name":63,"callback":64,"file":65,"line":66},"action","admin_menu","luntan_addpages","inc\\index.php",7,{"type":62,"name":68,"callback":69,"file":65,"line":31},"admin_enqueue_scripts","luntan_ht_enqueue",{"type":62,"name":71,"callback":72,"file":65,"line":11},"init","luntan_menus",{"type":62,"name":74,"callback":75,"file":65,"line":76},"template_include","luntan_template",11,{"type":62,"name":78,"callback":79,"file":65,"line":80},"wp_enqueue_scripts","luntan_enqueue",12,{"type":62,"name":82,"callback":83,"file":65,"line":84},"wp_logout","closure",13,{"type":86,"name":87,"callback":87,"file":65,"line":88},"filter","luntan_dhdfkdksj",17,{"type":86,"name":90,"callback":90,"file":65,"line":91},"luntan_dssdd",18,{"type":86,"name":93,"callback":94,"priority":11,"file":65,"line":95},"login_redirect","luntan_custom_login_redirect",21,{"type":62,"name":97,"callback":98,"file":65,"line":99},"admin_init","luntan_redirect_subscribers_from_admin",22,{"type":86,"name":101,"callback":102,"priority":11,"file":65,"line":103},"sanitize_user","luntan_allow_chinese_username",23,{"type":86,"name":105,"callback":106,"file":65,"line":107},"registration_errors","luntan_chinese_username_error_message",24,{"type":86,"name":109,"callback":106,"file":65,"line":110},"user_registration_errors",25,{"type":86,"name":112,"callback":83,"priority":11,"file":65,"line":113},"script_loader_tag",422,{"type":86,"name":112,"callback":83,"priority":11,"file":65,"line":115},504,{"type":62,"name":117,"callback":118,"file":119,"line":120},"phpmailer_init","luntan_configure_smtp_mailer","inc\\post.php",42,{"type":62,"name":71,"callback":122,"file":123,"line":107},"luntan_plugin_activate","luntan.php",{"type":86,"name":74,"callback":125,"file":123,"line":126},"luntan_single_template",102,{"type":62,"name":78,"callback":83,"file":123,"line":128},103,{"type":86,"name":130,"callback":131,"priority":33,"file":123,"line":132},"block_template_directories","my_plugin_register_block_templates",136,{"type":62,"name":134,"callback":135,"file":123,"line":136},"login_enqueue_scripts","custom_login_styles",166,{"type":86,"name":138,"callback":139,"priority":11,"file":123,"line":140},"wp_new_user_notification_email","custom_password_set_email_template",175,[142,147,150,151,153,155,157,159,161,163,166,169,172,174,176,179,181,182,184,185,187,189,192,195,197,200,203,206,209,212,215,218,221,224,227,230,233,235,238],{"action":143,"nopriv":144,"callback":143,"hasNonce":145,"hasCapCheck":144,"file":119,"line":146},"luntan_avatar",false,true,5,{"action":148,"nopriv":145,"callback":148,"hasNonce":145,"hasCapCheck":144,"file":119,"line":149},"luntan_sendemail",6,{"action":148,"nopriv":144,"callback":148,"hasNonce":145,"hasCapCheck":144,"file":119,"line":66},{"action":152,"nopriv":144,"callback":152,"hasNonce":145,"hasCapCheck":145,"file":119,"line":31},"luntan_get_user",{"action":152,"nopriv":145,"callback":152,"hasNonce":145,"hasCapCheck":145,"file":119,"line":154},9,{"action":156,"nopriv":144,"callback":156,"hasNonce":145,"hasCapCheck":144,"file":119,"line":11},"luntan_get_post",{"action":158,"nopriv":144,"callback":158,"hasNonce":145,"hasCapCheck":145,"file":119,"line":76},"luntan_delete_post",{"action":160,"nopriv":144,"callback":160,"hasNonce":145,"hasCapCheck":145,"file":119,"line":80},"luntan_add_cate",{"action":162,"nopriv":144,"callback":162,"hasNonce":145,"hasCapCheck":145,"file":119,"line":84},"luntan_update_cate",{"action":164,"nopriv":144,"callback":164,"hasNonce":145,"hasCapCheck":145,"file":119,"line":165},"luntan_delete_cate",14,{"action":167,"nopriv":144,"callback":167,"hasNonce":145,"hasCapCheck":145,"file":119,"line":168},"luntan_zhuanyi_cate",15,{"action":170,"nopriv":144,"callback":170,"hasNonce":145,"hasCapCheck":145,"file":119,"line":171},"luntan_get_cate",16,{"action":173,"nopriv":144,"callback":173,"hasNonce":145,"hasCapCheck":144,"file":119,"line":88},"luntan_manage_post",{"action":175,"nopriv":144,"callback":175,"hasNonce":145,"hasCapCheck":145,"file":119,"line":91},"luntan_shenhe_post",{"action":177,"nopriv":144,"callback":177,"hasNonce":145,"hasCapCheck":145,"file":119,"line":178},"luntan_zhuanyi_post",19,{"action":180,"nopriv":145,"callback":180,"hasNonce":145,"hasCapCheck":144,"file":119,"line":95},"luntan_cate_list",{"action":180,"nopriv":144,"callback":180,"hasNonce":145,"hasCapCheck":144,"file":119,"line":99},{"action":183,"nopriv":145,"callback":183,"hasNonce":145,"hasCapCheck":144,"file":119,"line":103},"luntan_post_list",{"action":183,"nopriv":144,"callback":183,"hasNonce":145,"hasCapCheck":144,"file":119,"line":107},{"action":186,"nopriv":145,"callback":186,"hasNonce":145,"hasCapCheck":144,"file":119,"line":110},"luntan_post_detail",{"action":186,"nopriv":144,"callback":186,"hasNonce":145,"hasCapCheck":144,"file":119,"line":188},26,{"action":190,"nopriv":144,"callback":190,"hasNonce":145,"hasCapCheck":144,"file":119,"line":191},"luntan_post_img",28,{"action":193,"nopriv":144,"callback":193,"hasNonce":145,"hasCapCheck":144,"file":119,"line":194},"luntan_comment_like",30,{"action":193,"nopriv":145,"callback":193,"hasNonce":145,"hasCapCheck":144,"file":119,"line":196},31,{"action":198,"nopriv":144,"callback":198,"hasNonce":145,"hasCapCheck":144,"file":119,"line":199},"luntan_delete_pl",32,{"action":201,"nopriv":144,"callback":201,"hasNonce":145,"hasCapCheck":145,"file":119,"line":202},"luntan_post_publish",34,{"action":204,"nopriv":144,"callback":204,"hasNonce":145,"hasCapCheck":144,"file":119,"line":205},"luntan_post_pl",36,{"action":207,"nopriv":144,"callback":207,"hasNonce":145,"hasCapCheck":144,"file":119,"line":208},"luntan_post_edit",38,{"action":210,"nopriv":144,"callback":210,"hasNonce":145,"hasCapCheck":144,"file":119,"line":211},"luntan_smtp_baocun",39,{"action":213,"nopriv":144,"callback":213,"hasNonce":145,"hasCapCheck":144,"file":119,"line":214},"luntan_get_smtp_baocun",40,{"action":216,"nopriv":144,"callback":216,"hasNonce":145,"hasCapCheck":144,"file":119,"line":217},"luntan_smtp_baocun_cs",41,{"action":219,"nopriv":144,"callback":219,"hasNonce":145,"hasCapCheck":145,"file":119,"line":220},"luntan_post_top",43,{"action":222,"nopriv":144,"callback":222,"hasNonce":145,"hasCapCheck":144,"file":119,"line":223},"luntan_get_vip",45,{"action":225,"nopriv":144,"callback":225,"hasNonce":145,"hasCapCheck":144,"file":119,"line":226},"luntan_vip",46,{"action":228,"nopriv":144,"callback":228,"hasNonce":145,"hasCapCheck":145,"file":119,"line":229},"luntan_xieyi",48,{"action":231,"nopriv":144,"callback":231,"hasNonce":145,"hasCapCheck":144,"file":119,"line":232},"luntan_get_xieyi",50,{"action":231,"nopriv":145,"callback":231,"hasNonce":145,"hasCapCheck":144,"file":119,"line":234},51,{"action":236,"nopriv":144,"callback":236,"hasNonce":145,"hasCapCheck":144,"file":119,"line":237},"luntan_url_guanli",53,{"action":239,"nopriv":144,"callback":239,"hasNonce":145,"hasCapCheck":144,"file":119,"line":240},"luntan_get_url_guanli",55,[],[],[],{"dangerousFunctions":245,"sqlUsage":246,"outputEscaping":265,"fileOperations":13,"externalRequests":66,"nonceChecks":199,"capabilityChecks":171,"bundledLibraries":514},[],{"prepared":247,"raw":149,"locations":248},47,[249,253,256,258,261,263],{"file":250,"line":251,"context":252},"archive_block.php",145,"$wpdb->get_var() with variable interpolation",{"file":250,"line":254,"context":255},182,"$wpdb->get_results() with variable interpolation",{"file":119,"line":257,"context":255},519,{"file":119,"line":259,"context":260},670,"$wpdb->query() with variable interpolation",{"file":119,"line":262,"context":255},791,{"file":264,"line":229,"context":255},"luntan_single.php",{"escaped":266,"rawEcho":267,"locations":268},536,123,[269,272,274,276,278,279,281,283,285,287,289,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388,390,392,394,396,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,468,470,472,474,476,478,480,482,484,486,488,490,492,494,496,498,500,502,504,506,508,510,512],{"file":119,"line":270,"context":271},62,"raw output",{"file":119,"line":273,"context":271},74,{"file":119,"line":275,"context":271},92,{"file":119,"line":277,"context":271},96,{"file":119,"line":126,"context":271},{"file":119,"line":280,"context":271},105,{"file":119,"line":282,"context":271},112,{"file":119,"line":284,"context":271},126,{"file":119,"line":286,"context":271},128,{"file":119,"line":288,"context":271},131,{"file":119,"line":132,"context":271},{"file":119,"line":291,"context":271},163,{"file":119,"line":293,"context":271},165,{"file":119,"line":295,"context":271},169,{"file":119,"line":297,"context":271},186,{"file":119,"line":299,"context":271},199,{"file":119,"line":301,"context":271},203,{"file":119,"line":303,"context":271},205,{"file":119,"line":305,"context":271},217,{"file":119,"line":307,"context":271},219,{"file":119,"line":309,"context":271},225,{"file":119,"line":311,"context":271},244,{"file":119,"line":313,"context":271},258,{"file":119,"line":315,"context":271},260,{"file":119,"line":317,"context":271},296,{"file":119,"line":319,"context":271},298,{"file":119,"line":321,"context":271},330,{"file":119,"line":323,"context":271},332,{"file":119,"line":325,"context":271},337,{"file":119,"line":327,"context":271},384,{"file":119,"line":329,"context":271},386,{"file":119,"line":331,"context":271},390,{"file":119,"line":333,"context":271},408,{"file":119,"line":335,"context":271},410,{"file":119,"line":337,"context":271},418,{"file":119,"line":339,"context":271},420,{"file":119,"line":341,"context":271},450,{"file":119,"line":343,"context":271},457,{"file":119,"line":345,"context":271},461,{"file":119,"line":347,"context":271},466,{"file":119,"line":349,"context":271},478,{"file":119,"line":351,"context":271},480,{"file":119,"line":353,"context":271},484,{"file":119,"line":355,"context":271},598,{"file":119,"line":357,"context":271},600,{"file":119,"line":359,"context":271},836,{"file":119,"line":361,"context":271},839,{"file":119,"line":363,"context":271},856,{"file":119,"line":365,"context":271},858,{"file":119,"line":367,"context":271},864,{"file":119,"line":369,"context":271},869,{"file":119,"line":371,"context":271},874,{"file":119,"line":373,"context":271},879,{"file":119,"line":375,"context":271},887,{"file":119,"line":377,"context":271},890,{"file":119,"line":379,"context":271},894,{"file":119,"line":381,"context":271},910,{"file":119,"line":383,"context":271},912,{"file":119,"line":385,"context":271},919,{"file":119,"line":387,"context":271},935,{"file":119,"line":389,"context":271},937,{"file":119,"line":391,"context":271},944,{"file":119,"line":393,"context":271},963,{"file":119,"line":395,"context":271},965,{"file":119,"line":397,"context":271},971,{"file":119,"line":399,"context":271},1009,{"file":119,"line":401,"context":271},1011,{"file":119,"line":403,"context":271},1017,{"file":119,"line":405,"context":271},1026,{"file":119,"line":407,"context":271},1032,{"file":119,"line":409,"context":271},1058,{"file":119,"line":411,"context":271},1087,{"file":119,"line":413,"context":271},1092,{"file":119,"line":415,"context":271},1095,{"file":119,"line":417,"context":271},1108,{"file":119,"line":419,"context":271},1111,{"file":119,"line":421,"context":271},1123,{"file":119,"line":423,"context":271},1134,{"file":119,"line":425,"context":271},1137,{"file":119,"line":427,"context":271},1140,{"file":119,"line":429,"context":271},1147,{"file":119,"line":431,"context":271},1150,{"file":119,"line":433,"context":271},1160,{"file":119,"line":435,"context":271},1166,{"file":119,"line":437,"context":271},1180,{"file":119,"line":439,"context":271},1183,{"file":119,"line":441,"context":271},1186,{"file":119,"line":443,"context":271},1192,{"file":119,"line":445,"context":271},1195,{"file":119,"line":447,"context":271},1204,{"file":119,"line":449,"context":271},1209,{"file":119,"line":451,"context":271},1212,{"file":119,"line":453,"context":271},1215,{"file":119,"line":455,"context":271},1221,{"file":119,"line":457,"context":271},1224,{"file":119,"line":459,"context":271},1234,{"file":119,"line":461,"context":271},1246,{"file":119,"line":463,"context":271},1248,{"file":119,"line":465,"context":271},1250,{"file":119,"line":467,"context":271},1256,{"file":119,"line":469,"context":271},1259,{"file":119,"line":471,"context":271},1267,{"file":119,"line":473,"context":271},1288,{"file":119,"line":475,"context":271},1291,{"file":119,"line":477,"context":271},1294,{"file":119,"line":479,"context":271},1301,{"file":119,"line":481,"context":271},1336,{"file":119,"line":483,"context":271},1338,{"file":119,"line":485,"context":271},1341,{"file":119,"line":487,"context":271},1348,{"file":119,"line":489,"context":271},1352,{"file":119,"line":491,"context":271},1361,{"file":119,"line":493,"context":271},1372,{"file":119,"line":495,"context":271},1374,{"file":119,"line":497,"context":271},1377,{"file":119,"line":499,"context":271},1465,{"file":119,"line":501,"context":271},1467,{"file":119,"line":503,"context":271},1492,{"file":119,"line":505,"context":271},1495,{"file":264,"line":507,"context":271},204,{"file":264,"line":509,"context":271},309,{"file":264,"line":511,"context":271},934,{"file":264,"line":513,"context":271},1126,[],[516,532,543,555,574,588,606],{"entryPoint":517,"graph":518,"unsanitizedCount":13,"severity":531},"luntan_xieyi (inc\\post.php:98)",{"nodes":519,"edges":529},[520,524],{"id":521,"type":522,"label":523,"file":119,"line":267},"n0","source","$_POST['luntan_xieyi']",{"id":525,"type":526,"label":527,"file":119,"line":267,"wp_function":528},"n1","sink","update_option() [Settings Manipulation]","update_option",[530],{"from":521,"to":525,"sanitized":145},"low",{"entryPoint":533,"graph":534,"unsanitizedCount":13,"severity":531},"luntan_smtp_baocun (inc\\post.php:221)",{"nodes":535,"edges":541},[536,539],{"id":521,"type":522,"label":537,"file":119,"line":538},"$_POST",237,{"id":525,"type":526,"label":527,"file":119,"line":540,"wp_function":528},250,[542],{"from":521,"to":525,"sanitized":145},{"entryPoint":544,"graph":545,"unsanitizedCount":13,"severity":531},"luntan_post_list (inc\\post.php:635)",{"nodes":546,"edges":553},[547,549],{"id":521,"type":522,"label":537,"file":119,"line":548},642,{"id":525,"type":526,"label":550,"file":119,"line":551,"wp_function":552},"query() [SQLi]",664,"query",[554],{"from":521,"to":525,"sanitized":145},{"entryPoint":556,"graph":557,"unsanitizedCount":13,"severity":531},"luntan_get_post (inc\\post.php:939)",{"nodes":558,"edges":571},[559,562,566,568],{"id":521,"type":522,"label":560,"file":119,"line":561},"$_POST (x2)",948,{"id":525,"type":526,"label":563,"file":119,"line":564,"wp_function":565},"get_results() [SQLi]",954,"get_results",{"id":567,"type":522,"label":537,"file":119,"line":561},"n2",{"id":569,"type":526,"label":550,"file":119,"line":570,"wp_function":552},"n3",955,[572,573],{"from":521,"to":525,"sanitized":145},{"from":567,"to":569,"sanitized":145},{"entryPoint":575,"graph":576,"unsanitizedCount":13,"severity":531},"luntan_manage_post (inc\\post.php:967)",{"nodes":577,"edges":585},[578,580,582,583],{"id":521,"type":522,"label":537,"file":119,"line":579},973,{"id":525,"type":526,"label":550,"file":119,"line":581,"wp_function":552},975,{"id":567,"type":522,"label":560,"file":119,"line":579},{"id":569,"type":526,"label":563,"file":119,"line":584,"wp_function":565},979,[586,587],{"from":521,"to":525,"sanitized":145},{"from":567,"to":569,"sanitized":145},{"entryPoint":589,"graph":590,"unsanitizedCount":13,"severity":531},"luntan_vip (inc\\post.php:1469)",{"nodes":591,"edges":603},[592,595,599,601],{"id":521,"type":522,"label":593,"file":119,"line":594},"$_SERVER",1473,{"id":525,"type":526,"label":596,"file":119,"line":597,"wp_function":598},"wp_remote_get() [SSRF]",1482,"wp_remote_get",{"id":567,"type":522,"label":537,"file":119,"line":600},1471,{"id":569,"type":526,"label":527,"file":119,"line":602,"wp_function":528},1488,[604,605],{"from":521,"to":525,"sanitized":145},{"from":567,"to":569,"sanitized":145},{"entryPoint":607,"graph":608,"unsanitizedCount":13,"severity":531},"\u003Cpost> (inc\\post.php:0)",{"nodes":609,"edges":629},[610,611,612,614,615,617,619,622,624,627],{"id":521,"type":522,"label":523,"file":119,"line":267},{"id":525,"type":526,"label":527,"file":119,"line":267,"wp_function":528},{"id":567,"type":522,"label":613,"file":119,"line":538},"$_POST (x3)",{"id":569,"type":526,"label":527,"file":119,"line":540,"wp_function":528},{"id":616,"type":522,"label":613,"file":119,"line":548},"n4",{"id":618,"type":526,"label":550,"file":119,"line":551,"wp_function":552},"n5",{"id":620,"type":522,"label":621,"file":119,"line":561},"n6","$_POST (x4)",{"id":623,"type":526,"label":563,"file":119,"line":564,"wp_function":565},"n7",{"id":625,"type":522,"label":537,"file":119,"line":626},"n8",996,{"id":628,"type":526,"label":596,"file":119,"line":597,"wp_function":598},"n9",[630,631,632,633,634],{"from":521,"to":525,"sanitized":145},{"from":567,"to":569,"sanitized":145},{"from":616,"to":618,"sanitized":145},{"from":620,"to":623,"sanitized":145},{"from":625,"to":628,"sanitized":145},{"summary":636,"deductions":637},"The \"luntan\" plugin v0.0.8 exhibits a generally strong security posture based on the provided static analysis. The plugin has a significant attack surface with 39 AJAX handlers, but the absence of unprotected entry points is a positive indicator, suggesting that most, if not all, of these handlers have implemented authentication checks.  The code signals also show good practices, with a high percentage of SQL queries using prepared statements (89%) and a considerable number of outputs being properly escaped (81%). The presence of 32 nonce checks and 16 capability checks further reinforces the attempt to secure these entry points.\n\nHowever, a few areas warrant attention. The plugin makes 7 external HTTP requests, which can introduce risks if the target servers are compromised or if data transmitted is not handled securely. While no critical or high-severity taint flows were identified, the analysis of only 7 total flows might not be exhaustive, and it's always prudent to consider the potential for unforeseen vulnerabilities in complex interactions.  The plugin's vulnerability history is completely clean, with no recorded CVEs. This, combined with the relatively good code hygiene observed, suggests a low risk of known exploits.\n\nIn conclusion, \"luntan\" v0.0.8 appears to be a well-developed plugin from a security perspective, with a strong emphasis on input validation and output sanitization. The main areas of potential concern are the external HTTP requests and the possibility of undiscovered vulnerabilities within the analyzed taint flows. Nevertheless, its lack of historical vulnerabilities and good implementation of common security practices provide a good foundation.",[638],{"reason":639,"points":640},"External HTTP requests detected",3,"2026-03-16T23:20:47.848Z",{"wat":643,"direct":651},{"assetPaths":644,"generatorPatterns":647,"scriptPaths":648,"versionParams":649},[645,646],"\u002Fwp-content\u002Fplugins\u002Fluntan\u002FwztTheme.css","\u002Fwp-content\u002Fplugins\u002Fluntan\u002FwztTheme.js",[],[646],[650],"ver=0.0.8",{"cssClasses":652,"htmlComments":653,"htmlAttributes":654,"restEndpoints":655,"jsGlobals":656,"shortcodeOutput":658},[],[],[],[],[657],"wp_vars",[]]