[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNR3krPLAw6VtV1AzHgfAlGXfviMmHmR-6UMylXnT_b8":3,"$fO8VSSYoh-aTaBGFvqwjyXaHOjE9BA_BCLtvRFdCK2Ic":205,"$fsQCI0qZivTVoPoKghUkdqiEQnoTbN6PF0bAcwUO1S2o":210},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":38,"analysis":39,"fingerprints":177},"mc-audio-file-calculator","MC Audio File Calculator","2.1","Mike Hickcox","https:\u002F\u002Fprofiles.wordpress.org\u002Fmike-hickcox\u002F","\u003Cp>Online calculators to determine the size of MP3 and WAV files.\u003Cbr \u002F>\n* Creates an online MP3 file size calculator by providing running time and bit rate.\u003Cbr \u002F>\n* Creates an online WAV file size calculator with inputs for running time, channels, sample rate, and bit depth.\u003Cbr \u002F>\n* Each calculator shows the approximate file size that would be produced.\u003Cbr \u002F>\n* Add calculators to your website pages with these shortcodes: [mcafc-mp3] and [mcafc-wav].\u003Cbr \u002F>\n* Set the font size and button color of the calculators on the settings page.\u003C\u002Fp>\n","Online calculators to determine the size of MP3 and WAV files.",10,1436,0,"2025-11-25T21:35:00.000Z","6.8.5","4.7","7.0",[19,20,21,22],"audio-file-size","audio-file-size-calculator","mp3-size-calculator","wav-size-calculator","https:\u002F\u002FMid-Coast.com\u002Faudio-file-calculator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmc-audio-file-calculator.2.1.zip",100,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"mike-hickcox",6,240,99,30,93,"2026-05-20T01:13:50.478Z",[],{"attackSurface":40,"codeSignals":72,"taintFlows":123,"riskAssessment":162,"analyzedAt":176},{"hooks":41,"ajaxHandlers":59,"restRoutes":60,"shortcodes":61,"cronEvents":70,"entryPointCount":71,"unprotectedCount":13},[42,48,52,54],{"type":43,"name":44,"callback":45,"file":46,"line":47},"action","admin_menu","mc6397afc_create_settings","inc\\mcafc_options.php",8,{"type":43,"name":49,"callback":50,"file":46,"line":51},"admin_init","mc6397afc_setup_sections",9,{"type":43,"name":49,"callback":53,"file":46,"line":11},"mc6397afc_setup_fields",{"type":43,"name":55,"callback":56,"file":57,"line":58},"wp_enqueue_scripts","mc6397mp3_enqueue_style","mc-audio-file-calculator.php",36,[],[],[62,66],{"tag":63,"callback":64,"file":57,"line":65},"mcafc-mp3","mc6397afcmp3",123,{"tag":67,"callback":68,"file":57,"line":69},"mcafc-wav","mc6397afcwav",262,[],2,{"dangerousFunctions":73,"sqlUsage":74,"outputEscaping":76,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":122},[],{"prepared":13,"raw":13,"locations":75},[],{"escaped":32,"rawEcho":77,"locations":78},21,[79,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120],{"file":46,"line":80,"context":81},24,"raw output",{"file":57,"line":83,"context":81},71,{"file":57,"line":85,"context":81},78,{"file":57,"line":87,"context":81},80,{"file":57,"line":89,"context":81},85,{"file":57,"line":91,"context":81},86,{"file":57,"line":93,"context":81},107,{"file":57,"line":95,"context":81},112,{"file":57,"line":97,"context":81},113,{"file":57,"line":99,"context":81},157,{"file":57,"line":101,"context":81},164,{"file":57,"line":103,"context":81},166,{"file":57,"line":105,"context":81},171,{"file":57,"line":107,"context":81},172,{"file":57,"line":109,"context":81},189,{"file":57,"line":111,"context":81},190,{"file":57,"line":113,"context":81},225,{"file":57,"line":115,"context":81},226,{"file":57,"line":117,"context":81},245,{"file":57,"line":119,"context":81},250,{"file":57,"line":121,"context":81},251,[],[124,143,152],{"entryPoint":125,"graph":126,"unsanitizedCount":141,"severity":142},"mc6397afcmp3 (mc-audio-file-calculator.php:41)",{"nodes":127,"edges":138},[128,133],{"id":129,"type":130,"label":131,"file":57,"line":132},"n0","source","$_POST",45,{"id":134,"type":135,"label":136,"file":57,"line":97,"wp_function":137},"n1","sink","echo() [XSS]","echo",[139],{"from":129,"to":134,"sanitized":140},false,1,"medium",{"entryPoint":144,"graph":145,"unsanitizedCount":141,"severity":142},"mc6397afcwav (mc-audio-file-calculator.php:128)",{"nodes":146,"edges":150},[147,149],{"id":129,"type":130,"label":131,"file":57,"line":148},130,{"id":134,"type":135,"label":136,"file":57,"line":121,"wp_function":137},[151],{"from":129,"to":134,"sanitized":140},{"entryPoint":153,"graph":154,"unsanitizedCount":71,"severity":161},"\u003Cmc-audio-file-calculator> (mc-audio-file-calculator.php:0)",{"nodes":155,"edges":159},[156,158],{"id":129,"type":130,"label":157,"file":57,"line":132},"$_POST (x2)",{"id":134,"type":135,"label":136,"file":57,"line":97,"wp_function":137},[160],{"from":129,"to":134,"sanitized":140},"low",{"summary":163,"deductions":164},"The \"mc-audio-file-calculator\" plugin version 2.1 presents a mixed security posture.  On the positive side, there are no known vulnerabilities (CVEs), no dangerous functions, no file operations, no external HTTP requests, and all SQL queries are properly prepared. The attack surface is also relatively small and appears to have no unprotected entry points based on the static analysis.\n\nHowever, several significant concerns are raised by the static analysis. The most critical is the high percentage of unsanitized paths identified in the taint analysis, indicating potential for arbitrary file access or manipulation. Furthermore, a substantial portion of output is not properly escaped (22% escaped means 78% unescaped), which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is present in these outputs.\n\nThe absence of any recorded vulnerabilities in its history suggests a potentially stable code base or a lack of public discovery. Nevertheless, the identified code signals, particularly the unescaped output and taint flow issues, represent real, immediate risks that should be addressed. The plugin's strengths lie in its SQL handling and lack of historical vulnerabilities, but these are overshadowed by the critical unescaped outputs and unsanitized paths.",[165,168,171,174],{"reason":166,"points":167},"High percentage of unescaped output",15,{"reason":169,"points":170},"Flows with unsanitized paths",20,{"reason":172,"points":173},"No nonce checks found",5,{"reason":175,"points":173},"No capability checks found","2026-03-17T00:09:38.486Z",{"wat":178,"direct":184},{"assetPaths":179,"generatorPatterns":181,"scriptPaths":182,"versionParams":183},[180],"\u002Fwp-content\u002Fplugins\u002Fmc-audio-file-calculator\u002Fcss\u002Fbootstrap.css",[],[],[],{"cssClasses":185,"htmlComments":189,"htmlAttributes":191,"restEndpoints":198,"jsGlobals":199,"shortcodeOutput":200},[186,187,188],"mcafc_mp3result","custom-control-label","custom-control-input",[190],"Required meta tags",[192,193,194,195,196,197],"name=\"mp3Time\"","name=\"bitRate\"","name=\"wavTime\"","name=\"wavChannels\"","name=\"wavRate\"","name=\"wavBitDepth\"",[],[],[201,202,203,204],"\u003Cp class=\"mp3result\">","\u003Cstrong","\u003Cstrong>MP3 File Size Calculator\u003C\u002Fstrong>","\u003Cstrong>WAV File Size Calculator\u003C\u002Fstrong>",{"error":206,"url":207,"statusCode":208,"statusMessage":209,"message":209},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmc-audio-file-calculator\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":71,"versions":211},[212,217],{"version":6,"download_url":24,"svn_tag_url":213,"released_at":26,"has_diff":140,"diff_files_changed":214,"diff_lines":26,"trac_diff_url":215,"vulnerabilities":216,"is_current":206},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmc-audio-file-calculator\u002Ftags\u002F2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmc-audio-file-calculator%2Ftags%2F2.0&new_path=%2Fmc-audio-file-calculator%2Ftags%2F2.1",[],{"version":218,"download_url":219,"svn_tag_url":220,"released_at":26,"has_diff":140,"diff_files_changed":221,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":222,"is_current":140},"2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmc-audio-file-calculator.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmc-audio-file-calculator\u002Ftags\u002F2.0\u002F",[],[]]