[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fr9WG0k8lAWkAGXqV3WqLAZFvChWnI5_aMC0lSv0Lj9Q":3,"$fFYspB5bU7LcxSDsJXvUX8wRmkzyCdBixV_coiiBQZqw":248,"$fXVgJ8fFcxt_yQeyy42fYYvS1_SqlQ0rVngijcwB-VYk":252},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":50,"crawl_stats":37,"alternatives":57,"analysis":163,"fingerprints":226},"mihdan-public-post-preview","Mihdan: Public Post Preview","1.9.12.1","mihdan","https:\u002F\u002Fprofiles.wordpress.org\u002Fmihdan\u002F","\u003Cp>Позволяет просматривать посты по красивому URL у черновиков в WordPress\u003C\u002Fp>\n","Позволяет просматривать посты по красивому URL у черновиков в WordPress",10,2036,0,"2022-11-25T10:31:00.000Z","6.1.10","4.9","5.6.20",[19,20,21,22,23],"cpt","custom-post-types","post","posts","public-preview","https:\u002F\u002Fgithub.com\u002Fmihdan\u002Fmihdan-public-post-preview\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.12.1.zip",85,1,"2022-10-17 00:00:00","2026-04-06T09:54:40.288Z","no_bundle",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":28,"updated_date":44,"references":45,"days_to_patch":47,"patch_diff_files":48,"patch_trac_url":37,"research_status":37,"research_verified":49,"research_rounds_completed":13,"research_plan":37,"research_summary":37,"research_vulnerable_code":37,"research_fix_diff":37,"research_exploit_outline":37,"research_model_used":37,"research_started_at":37,"research_completed_at":37,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":49,"poc_model_used":37,"poc_verification_depth":37},"WF-bdb8cb7f-38fc-41d7-aa78-abe11c6402b6-mihdan-public-post-preview","mihdan-public-post-preview-missing-authorization","Mihdan: Public Post Preview \u003C= 1.9.9 - Missing Authorization","The Public Post Preview plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the mppp_toggle function in versions up to, and including, 1.9.9. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete post metadata.",null,"\u003C=1.9.9","1.9.10","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:N","Missing Authorization","2024-01-22 19:56:02",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbdb8cb7f-38fc-41d7-aa78-abe11c6402b6?source=api-prod",463,[],false,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":54,"trust_score":55,"computed_at":56},12,32130,90,224,72,"2026-05-20T08:05:30.121Z",[58,83,104,127,144],{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":79,"download_link":80,"security_score":81,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":82},"gravity-forms-custom-post-types","Gravity Forms + Custom Post Types","3.1.31","Dave from Gravity Wiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fspivurno\u002F","\u003Cp>This plugin is an add-on for \u003Ca href=\"http:\u002F\u002Fgravityforms.com\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa>. Make sure you visit \u003Ca href=\"http:\u002F\u002Fgravitywiz.com\u002Fplugins\u002F\" rel=\"nofollow ugc\">GravityWiz.com\u003C\u002Fa> for more \u003Cstrong>free\u003C\u002Fstrong> Gravity Forms resources. And if you’re looking to the largest collection of Gravity Forms plugins, check out \u003Ca href=\"http:\u002F\u002Fgravityperks.com\" rel=\"nofollow ugc\">Gravity Perks\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Gravity Forms allows you to create posts from a form submission using special Post Fields. By default, the submitted form will be created as a standard WordPress post. This plugin allows you to change the post type of the generated post. \u003Cstrong>No code required!\u003C\u002Fstrong> This plugin also provides the ability to assign the generated post to a custom taxonomy.\u003C\u002Fp>\n\u003Cp>Need to update posts? Learn \u003Ca href=\"https:\u002F\u002Fgravitywiz.com\u002Fhow-to-update-posts-with-gravity-forms\u002F\" rel=\"nofollow ugc\">how to update posts with Gravity Forms\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Map posts to a custom post type\u003C\u002Fli>\n\u003Cli>Map posts to a custom taxonomy (via Drop Down, Multi-select, Radio Button or Checkbox field)\u003C\u002Fli>\n\u003Cli>Map posts to multiple taxonomies\u003C\u002Fli>\n\u003Cli>Visual hierarchy support for hierarchical taxonomies (Drop Down field only)\u003C\u002Fli>\n\u003Cli>Populate a Drop Down with posts\u003C\u002Fli>\n\u003Cli>Assign parent post for generated post (Drop Down field only)\u003C\u002Fli>\n\u003Cli>Single Line Text field support for taxonomies (enter as a comma-delimited list: term a, term b, term c)\u003C\u002Fli>\n\u003Cli>Enhanced UI support for Single Line Text fields (see screenshots)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to map a form to a custom post type\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Add a Post Title field to your form and click on it to open the field settings.\u003C\u002Fli>\n\u003Cli>Below the “Description” field setting, you will find the “Post Type” setting.\u003C\u002Fli>\n\u003Cli>Select the desired post type from the drop down (default is “Posts”).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>How to link a field to a custom taxonomy\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Add the desired field to which the custom taxonomy should be mapped. Drop Down, Multi Select, Radio Buttons and Checkboxes fields are current supported.\u003C\u002Fli>\n\u003Cli>Open the field settings by clicking on the field and click on the “Advanced” tab.\u003C\u002Fli>\n\u003Cli>Check the “Populate with a Taxonomy” checkbox.\u003C\u002Fli>\n\u003Cli>Select the desired taxonomy from the drop down that appears.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>How to link the saved post to taxonomies using a single line text field\u003C\u002Fh4>\n\u003Cp>Single Line Text fields are a great way to allow users to select existing taxonomy terms and to also add new terms.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Add a Single Line Text field to your form.\u003C\u002Fli>\n\u003Cli>Open the field settings by clicking on the field and click on the “Advanced” tab.\u003C\u002Fli>\n\u003Cli>Check the “Save to Taxonomy” checkbox.\u003C\u002Fli>\n\u003Cli>Select the desired taxonomy from the drop down that appears.\u003C\u002Fli>\n\u003Cli>(optional) Check the “Enable Enhanced UI” checkbox to enable an awesome tag-input style UI (see screenshots).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Note: If the user inputs exising term names, the generated post will be assigned these terms. If the user inputs term names that do not exist, these terms will be added to the selected taxonomy and the generated post will also be assigned these terms.\u003C\u002Fp>\n\u003Ch4>How to set a parent post with the drop down field\u003C\u002Fh4>\n\u003Cp>When populating a Drop Down field with a post type, you may wish to set the selected post as the parent post for the generated post.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Add A Drop Down field to your form.\u003C\u002Fli>\n\u003Cli>Click on the field to open the field settings. Then click on the “Advanced” tab.\u003C\u002Fli>\n\u003Cli>Check the “Populate with Post Type” checkbox.\u003C\u002Fli>\n\u003Cli>Select the desired post type from the drop down that appears. Be sure to select the \u003Cstrong>same post type\u003C\u002Fstrong> for which the post is being generated.\u003C\u002Fli>\n\u003C\u002Fol>\n","Map your Gravity-Forms-generated posts to a custom post type and\u002For custom taxonomies.",10000,527729,88,46,"2026-04-14T14:26:00.000Z","6.9.4","3.0.1","5.6",[20,75,76,77,78],"custom-taxonomy","gravity-forms","gravity-forms-posts","taxonomy","https:\u002F\u002Fgravitywiz.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgravity-forms-custom-post-types.3.1.31.zip",100,"2026-04-16T10:56:18.058Z",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":66,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":71,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":100,"download_link":101,"security_score":102,"vuln_count":27,"unpatched_count":13,"last_vuln_date":103,"fetched_at":82},"mb-custom-post-type","MB Custom Post Types & Custom Taxonomies","2.11.4","Anh Tran","https:\u002F\u002Fprofiles.wordpress.org\u002Frilwis\u002F","\u003Cp>\u003Cstrong>MB Custom Post Types & Custom Taxonomies\u003C\u002Fstrong> helps you to register and edit custom post types and custom taxonomies easily in WordPress by providing an easy-to-use UI in the admin area.\u003C\u002Fp>\n\u003Cp>The plugin allows you to handle all post type’s arguments and taxonomy’s arguments such as menu labels, admin bar label, exclude from search, disable archive page, etc. just in minutes. You don’t need to write custom PHP code to register custom post types anymore (using function \u003Ccode>register_post_type()\u003C\u002Fcode> and \u003Ccode>register_taxonomy()\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Meta Box Lite\u003C\u002Fstrong>\u003Cbr \u002F>\n  We recommend using \u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Flite\u002F\" rel=\"nofollow ugc\">Meta Box Lite\u003C\u002Fa>, a feature-rich free UI version of Meta Box that provides UI and all free features for managing custom fields and dynamic content on WordPress, including post types, taxonomies, custom fields, and relationships.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Using \u003Cstrong>MB Custom Post Types & Custom Taxonomies\u003C\u002Fstrong>, you will be able to craft the WordPress content types and turn it into a professional CMS (Content Management Systems).\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Supports all arguments for creating custom post types (like \u003Ccode>register_post_type()\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Supports all arguments for creating custom taxonomies (like \u003Ccode>register_taxonomy()\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Supports \u003Cstrong>live editing mode\u003C\u002Fstrong>, which auto fill in all necessary labels for you!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export to PHP Code\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Clean code\u003C\u002Fli>\n\u003Cli>Registered custom post types can be exported\u002Fimported using default WordPress functionality (no more plugins!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Fplugins\u002Fcustom-post-type\u002F\" rel=\"nofollow ugc\">Project Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frilwis\u002Fmb-custom-post-type\u002F\" rel=\"nofollow ugc\">Github Repo\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is a free extension of \u003Ca href=\"https:\u002F\u002Fmetabox.io\" rel=\"nofollow ugc\">Meta Box\u003C\u002Fa> plugin, which is a powerful, professional solution to create custom meta boxes and custom fields for WordPress. Using \u003Cstrong>MB Custom Post Types & Custom Taxonomies\u003C\u002Fstrong> in combination with \u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Fplugins\u002F\" rel=\"nofollow ugc\">other Meta Box extensions\u003C\u002Fa> will help you manage any content types in WordPress easily and make your website more professional.\u003C\u002Fp>\n\u003Ch3>You might also like\u003C\u002Fh3>\n\u003Cp>If you like this plugin, you might also like our other WordPress products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpslimseo.com\" rel=\"nofollow ugc\">Slim SEO\u003C\u002Fa> – A fast, lightweight and full-featured SEO plugin for WordPress with minimal configuration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgretathemes.com\" rel=\"nofollow ugc\">GretaThemes\u003C\u002Fa> – Free and premium WordPress themes that clean, simple and just work.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpautolistings.com\" rel=\"nofollow ugc\">Auto Listings\u003C\u002Fa> – A car sale and dealership plugin for WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n","Create and manage custom post types and custom taxonomies with an easy-to-use UI in WordPress.",362711,94,13,"2026-03-24T07:37:00.000Z","6.5","7.2",[20,98,22,99],"custom-taxonomies","taxonomies","https:\u002F\u002Fmetabox.io\u002Fplugins\u002Fcustom-post-type\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmb-custom-post-type.2.11.4.zip",99,"2025-03-03 00:00:00",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":66,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":123,"download_link":124,"security_score":102,"vuln_count":125,"unpatched_count":13,"last_vuln_date":126,"fetched_at":82},"no-page-comment","No Page Comment","1.3.1","Seth Alling","https:\u002F\u002Fprofiles.wordpress.org\u002Fsethta\u002F","\u003Cp>Up until recently, WordPress gave two options: You could either disable comments and trackbacks by default for all pages and posts, or you could have them active by default. In WordPress version 4.3, this finally changed so comments are always disabled on new pages.\u003C\u002Fp>\n\u003Cp>While the new change makes it easier for many of the sites, it make it harder for people who need to get the reverse and enable comments on all pages, or if they need to change the default for a custom post type. This plugin allows you to choose whether comments are enabled or disabled by default on all new posts, pages and custom post types, while still giving the ability to individually enable comments on posts or pages.\u003C\u002Fp>\n\u003Cp>Also, this plugin provides a way to quickly disable all comments or pingbacks for a specific custom post type. It directly interacts with your database to modify the status, so it is highly recommended that you backup your database first. There shouldn’t be any issues using this feature, but it’s always good to play it safe.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\" title=\"No Page Comment Development on Github\" rel=\"nofollow ugc\">View No Page Comment Development on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\u002Fissues\" title=\"Report an Issue about No Page Comment on Github\" rel=\"nofollow ugc\">Please Report any Issues about No Page Comment on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=5WWP2EDSCAJR4\" title=\"Donate to support the No Page Comment Plugin development\" rel=\"nofollow ugc\">Donate to Support No Page Comment Development\u003C\u002Fa>\u003C\u002Fp>\n","An admin interface to control the default comment and trackback settings on new posts, pages and custom post types.",251285,96,23,"2025-11-17T15:09:00.000Z","6.8.5","6.2","7.4",[120,20,121,122,22],"comments","discussion","pages","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-page-comment.zip",2,"2022-09-21 00:00:00",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":66,"downloaded":135,"rating":81,"num_ratings":136,"last_updated":137,"tested_up_to":116,"requires_at_least":138,"requires_php":118,"tags":139,"homepage":142,"download_link":143,"security_score":81,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":82},"post-types-unlimited","Post Types Unlimited","1.2.8","wpexplorer","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpexplorer\u002F","\u003Cp>Post Types Unlimited is an easy way to add \u003Cstrong>custom post types\u003C\u002Fstrong> and \u003Cstrong>custom taxonomies\u003C\u002Fstrong> to your WordPress site (the right way). The plugin works with any theme and is easily translatable. With Post Types Unlimited you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create custom post types.\u003C\u002Fli>\n\u003Cli>Create custom taxonomies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Post Types Unlimited makes use of core WordPress functionality for the admin screens and post type, taxonomy registration. This means the plugin is fast, slim and uses the familiar WordPress UI.\u003C\u002Fp>\n\u003Cp>Additionally you won’t find any upsell or advertisements in the plugin because there isn’t a “Pro” version. It’s the perfect plugin for adding post types and\u002For taxonomies to any site (including your client sites) without worrying about extra bloat or annoying ads.\u003C\u002Fp>\n\u003Cp>The design of your post types and taxonomies created with the Post Types Unlimited plugin are controlled by your theme. The plugin doesn’t do any hacking or advanced modifications to your templates and thus works great with ANY theme.\u003C\u002Fp>\n\u003Cp>If you are using our amazing \u003Ca href=\"https:\u002F\u002Ftotalwptheme.com\u002F\" rel=\"nofollow ugc\">Total WordPress Theme\u003C\u002Fa> you will have access to many extra settings that will give you full control over the display of your post types and taxonomies.\u003C\u002Fp>\n\u003Cp>This plugin doesn’t have any upsells, banners or other marketing strategies. This makes it perfect for use with any site, including client websites.\u003C\u002Fp>\n","Create unlimited custom post types and custom taxonomies.",143480,9,"2025-05-20T01:25:00.000Z","5.7",[19,20,140,99,141],"post-types","types","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-types-unlimited\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-types-unlimited.1.2.8.zip",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":66,"downloaded":152,"rating":68,"num_ratings":153,"last_updated":154,"tested_up_to":155,"requires_at_least":156,"requires_php":123,"tags":157,"homepage":159,"download_link":160,"security_score":161,"vuln_count":27,"unpatched_count":13,"last_vuln_date":162,"fetched_at":82},"posts-in-page","Posts in Page","1.4.4","ivycat","https:\u002F\u002Fprofiles.wordpress.org\u002Fivycat\u002F","\u003Cp>Easily add one or more posts to any page using simple shortcodes.\u003C\u002Fp>\n\u003Cp>Supports categories, tags, custom post types, custom taxonomies, date ranges, post status, and much more.\u003C\u002Fp>\n\u003Cp>You can get all of the same functionality provided by this plugin by modifying your theme’s template files; this plugin just makes it easy for anyone to \u003Cem>pull\u003C\u002Fem> posts into other areas of the site without having to get their hands dirty with code.\u003C\u002Fp>\n\u003Cp>Plugin is depending upon your theme’s styling; version 1.x of this plugin \u003Cem>does not\u003C\u002Fem> contain native styles.\u003C\u002Fp>\n\u003Cp>This is a minimal plugin, function over form. Give us feedback, suggestions, bug reports, and any other contributions on the in the plugin’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fivycat\u002Fposts-in-page\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Easily add one or more posts to any page using simple shortcodes.",377856,86,"2019-05-13T16:13:00.000Z","5.2.24","3.0",[20,122,22,158,78],"shortcode","https:\u002F\u002Fivycat.com\u002Fwordpress\u002Fwordpress-plugins\u002Fposts-in-page\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fposts-in-page.1.4.4.zip",84,"2017-02-13 00:00:00",{"attackSurface":164,"codeSignals":211,"taintFlows":219,"riskAssessment":220,"analyzedAt":225},{"hooks":165,"ajaxHandlers":203,"restRoutes":208,"shortcodes":209,"cronEvents":210,"entryPointCount":27,"unprotectedCount":13},[166,172,177,181,184,189,192,195,199],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","after_setup_theme","get_instance","mihdan-public-post-preview.php",37,{"type":167,"name":173,"callback":174,"priority":11,"file":175,"line":176},"add_meta_boxes","add_meta_box","src\u002FCore.php",91,{"type":167,"name":178,"callback":179,"file":175,"line":180},"admin_enqueue_scripts","enqueue_script",92,{"type":167,"name":182,"callback":183,"priority":11,"file":175,"line":92},"transition_post_status","remove_preview",{"type":167,"name":185,"callback":186,"priority":187,"file":175,"line":188},"wp_insert_post","fix_post_name",999,95,{"type":190,"name":191,"callback":191,"priority":11,"file":175,"line":113},"filter","posts_results",{"type":190,"name":193,"callback":193,"priority":11,"file":175,"line":194},"preview_post_link",97,{"type":190,"name":196,"callback":197,"priority":11,"file":175,"line":198},"display_post_states","draft_preview_post_states_mark",98,{"type":167,"name":200,"callback":201,"file":175,"line":202},"wp","closure",223,[204],{"action":205,"nopriv":49,"callback":205,"hasNonce":206,"hasCapCheck":206,"file":175,"line":207},"mppp_toggle",true,93,[],[],[],{"dangerousFunctions":212,"sqlUsage":213,"outputEscaping":215,"fileOperations":13,"externalRequests":13,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":218},[],{"prepared":13,"raw":13,"locations":214},[],{"escaped":216,"rawEcho":13,"locations":217},14,[],[],[],{"summary":221,"deductions":222},"The 'mihdan-public-post-preview' plugin v1.9.12.1 exhibits a generally strong security posture based on static analysis. The absence of dangerous functions, proper output escaping for all identified outputs, and the use of prepared statements for all SQL queries are significant strengths. Furthermore, the presence of nonce and capability checks on its single AJAX handler, and the complete lack of REST API routes, shortcodes, or cron events, contribute to a very limited and secured attack surface. Taint analysis yielded no critical or high severity issues, indicating no immediate concerns with unsanitized data flows within the analyzed code.\n\nHowever, the plugin's vulnerability history, specifically one known medium severity CVE related to 'Missing Authorization' and last patched in October 2022, represents a potential area of concern. While this vulnerability is marked as patched, the recurrence of this type of issue in the past suggests that authorization logic might be an area that requires ongoing vigilance or could be a recurring challenge for the plugin's developers. The plugin's current version appears to have addressed past vulnerabilities, but historical patterns of certain vulnerability types can indicate areas that are more prone to oversight.\n\nIn conclusion, 'mihdan-public-post-preview' v1.9.12.1 demonstrates good security practices in its current codebase, with a well-secured attack surface and robust code sanitization. The primary point of attention is the past medium severity vulnerability related to authorization, which, while seemingly patched, warrants a cautious approach. Users should ensure they are running the latest version to benefit from all security patches and monitor for any future updates.",[223],{"reason":224,"points":11},"Past medium severity CVE (Missing Authorization)","2026-04-16T11:36:30.622Z",{"wat":227,"direct":236},{"assetPaths":228,"generatorPatterns":231,"scriptPaths":232,"versionParams":233},[229,230],"\u002Fwp-content\u002Fplugins\u002Fmihdan-public-post-preview\u002Fadmin\u002Fassets\u002Fjs\u002Fapp.js","\u002Fwp-content\u002Fplugins\u002Fmihdan-public-post-preview\u002Fadmin\u002Fassets\u002Fcss\u002Fapp.css",[],[229],[234,235],"mihdan-public-post-preview\u002Fadmin\u002Fassets\u002Fjs\u002Fapp.js?ver=","mihdan-public-post-preview\u002Fadmin\u002Fassets\u002Fcss\u002Fapp.css?ver=",{"cssClasses":237,"htmlComments":239,"htmlAttributes":240,"restEndpoints":243,"jsGlobals":245,"shortcodeOutput":247},[238],"public-post-preview-toggle",[],[241,242],"data-mppp-toggle","data-mppp-post-id",[244],"\u002Fwp-json\u002Fmppp\u002Fv1\u002Ftoggle",[246],"mppp",[],{"error":206,"url":249,"statusCode":250,"statusMessage":251,"message":251},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmihdan-public-post-preview\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":253,"versions":254},8,[255,260,267,274,280,288,296,304],{"version":6,"download_url":25,"svn_tag_url":256,"released_at":37,"has_diff":49,"diff_files_changed":257,"diff_lines":37,"trac_diff_url":258,"vulnerabilities":259,"is_current":206},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.12.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.12&new_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.12.1",[],{"version":261,"download_url":262,"svn_tag_url":263,"released_at":37,"has_diff":49,"diff_files_changed":264,"diff_lines":37,"trac_diff_url":265,"vulnerabilities":266,"is_current":49},"1.9.12","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.12.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.12\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.11&new_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.12",[],{"version":268,"download_url":269,"svn_tag_url":270,"released_at":37,"has_diff":49,"diff_files_changed":271,"diff_lines":37,"trac_diff_url":272,"vulnerabilities":273,"is_current":49},"1.9.11","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.11.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.11\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.10&new_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.11",[],{"version":39,"download_url":275,"svn_tag_url":276,"released_at":37,"has_diff":49,"diff_files_changed":277,"diff_lines":37,"trac_diff_url":278,"vulnerabilities":279,"is_current":49},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.10.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.10\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.9&new_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.10",[],{"version":281,"download_url":282,"svn_tag_url":283,"released_at":37,"has_diff":49,"diff_files_changed":284,"diff_lines":37,"trac_diff_url":285,"vulnerabilities":286,"is_current":49},"1.9.9","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.9.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.9\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.8.1&new_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.9",[287],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":289,"download_url":290,"svn_tag_url":291,"released_at":37,"has_diff":49,"diff_files_changed":292,"diff_lines":37,"trac_diff_url":293,"vulnerabilities":294,"is_current":49},"1.9.8.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.8.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.8.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.7&new_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.8.1",[295],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":297,"download_url":298,"svn_tag_url":299,"released_at":37,"has_diff":49,"diff_files_changed":300,"diff_lines":37,"trac_diff_url":301,"vulnerabilities":302,"is_current":49},"1.9.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.5&new_path=%2Fmihdan-public-post-preview%2Ftags%2F1.9.7",[303],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":305,"download_url":306,"svn_tag_url":307,"released_at":37,"has_diff":49,"diff_files_changed":308,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":309,"is_current":49},"1.9.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmihdan-public-post-preview.1.9.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmihdan-public-post-preview\u002Ftags\u002F1.9.5\u002F",[],[310],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39}]