[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdlpwBCwu9SN98VcUE_XTypvS0ZiAw_2pkzjct9H32qg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":15,"tags":18,"homepage":23,"download_link":24,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":137,"fingerprints":401},"multilingual-demo-data-creator","Demo Data Creator","0.1","Ayebare Mucunguzi Brooks","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrooksx\u002F","\u003Cp>This plugin is helpfull to theme testers, theme creators plugin developers and testers to rapidly populate a wordpress site or multisite with demo data in a given\u003Cbr \u002F>\nlanguage of choice.\u003C\u002Fp>\n\u003Cp>The plugin was inspiredby mrwiblog’s demodata plugin.\u003Cbr \u002F>\nAt the moment this plugin will serve you demo data in English, French, Russian.\u003Cbr \u002F>\nIn the next release which should be any time soon, we’ll add RTL languages like Arabic and hebrew.\u003Cbr \u002F>\nFor an open source translation management plugin to run a multilingual wordpress blog, try \u003Ca href=\"http:\u002F\u002Fzanto.org\" title=\"Zanto WordPress Translation Plugin\" rel=\"nofollow ugc\">zanto\u003C\u002Fa>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* Auto download of .mo files if they are missing for the language you want from svn.automattic.com where the offical wordpress language files are kept\n* Auto create sample blogs pre-populated with a chosen number of users\n* Language of sample data to download\n* Number of categories in each blog\n* Number of posts in each blog\n* Number of paragraphs in each blog post\n* Number of pages in each blog\n* Number of top-level pages\n* Number of levels to nest pages\n* Number of comments per post for each blog\n* Number of links in blogroll for each blog\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Post content and comment text is automatically generated from Lorem ipsum text, for post content it’s even HTML-formatted.\u003C\u002Fp>\n","Multilingual Demo Data Creator enables you to create demo users, blogs, posts, comments and blogroll links in different languages for a Wordpress site &hellip;",10,4065,100,1,"","3.7.41","2.7",[19,20,21,22],"data","demo","multilingual","wpmu","http:\u002F\u002Fzanto.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultilingual-demo-data-creator.0.1.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"brooksx",8,340,87,30,85,"2026-04-04T13:47:38.907Z",[38,57,79,95,117],{"slug":39,"name":5,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":17,"requires_php":15,"tags":51,"homepage":54,"download_link":55,"security_score":35,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":56},"demo-data-creator","1.3.4","Chris Taylor","https:\u002F\u002Fprofiles.wordpress.org\u002Fmrwiblog\u002F","\u003Cp>DO NOT USE THIS PLUGIN ON A PRODUCTION SITE, OR ON A SITE WHERE YOU NEED TO KEEP THE DATA.\u003C\u002Fp>\n\u003Cp>When deleting demo data your ENTIRE WordPress database will be reset, deleting ALL your posts, pages, comments and users. ONLY USE THIS PLUGIN ON A SITE WHERE YOU KNOW THE DATABASE CAN BE WIPED.\u003C\u002Fp>\n\u003Cp>If you develop WordPress websites it’s useful to have some demo data in your system while it’s being built. This allows you to check that lists of things are displaying as they should, and that themes are working when they get data in them.\u003C\u002Fp>\n\u003Cp>Historically it’s been a pain to add that data in. Either you need to take a backup of another site and use that data, or you need to tediously create multiple users and blogs yourself. No more, not now my Demo Data Creator is in town!\u003C\u002Fp>\n\u003Cp>This WordPress, WPMU\u002FMultiSite and BuddyPress plugin gives you a new admin screen where you can enter some parameters, click a button and (after a short wait) random demo data will be created. The parameter options include:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* Number of users to create\n* Number of blogs per user (for WPMU\u002FMultiSite)\n* Whether users must have a blog\n* Number of categories in each blog\n* Number of posts in each blog\n* Number of paragraphs in each blog post\n* Number of pages in each blog\n* Number of top-level pages\n* Number of levels to nest pages\n* Number of comments per post for each blog\n* Number of links in blogroll for each blog\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For BuddyPress you also have:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* Number of groups\n* Number of members per group\n* Number of wire posts for each group\n* Number of friends per user\n* Number of statuses for each user\n* Number of wire posts for each user\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Post content and comment text is automatically generated from Lorem ipsum text, for post content it’s even HTML-formatted.\u003C\u002Fp>\n\u003Cp>Thanks to derscheinwelt for the suggestion and code to create random dates for posts, and Steve at http:\u002F\u002Fslipfire.com\u002F for the wp_insert_user() code.\u003C\u002Fp>\n","Demo Data Creator is a Wordpress and BuddyPress plugin that allows a Wordpress developer to create demo users, blogs, posts, comments and more.",90,62828,70,22,"2017-01-31T20:00:00.000Z","4.7.32",[52,19,20,53,22],"buddypress","example","http:\u002F\u002Fwww.stillbreathing.co.uk\u002Fwordpress\u002Fdemo-data-creator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdemo-data-creator.zip","2026-03-15T15:16:48.613Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":13,"num_ratings":14,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":15,"tags":70,"homepage":75,"download_link":76,"security_score":77,"vuln_count":14,"unpatched_count":25,"last_vuln_date":78,"fetched_at":56},"famethemes-demo-importer","FameTheme Demo Importer","1.1.11","FameThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Ffamethemes\u002F","\u003Cp>Import your demo content, widgets and theme settings with one click for \u003Ca href=\"https:\u002F\u002Fwww.famethemes.com\u002F\" rel=\"nofollow ugc\">FameThemes\u003C\u002Fa> official themes.\u003C\u002Fp>\n\u003Cp>Get free support at \u003Ca href=\"\u002F\u002Fwww.famethemes.com\u002F)\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.famethemes.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fw0OKnqnHYo4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Add Support for your themes.\u003C\u002Fh3>\n\u003Ch3>Change Default Demo GitHub Repository.\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>apply_filters( 'demo_contents_github_repo', self::$git_repo );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Add theme to listing preview\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>apply_filters( 'demo_contents_allowed_authors', array('famethemes' => 'FameThemes','daisy themes' => 'Daisy Themes'};\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Support demo for a theme.\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Create new theme demo dir in GitHub repo  \u003Ccode>username\u002Frepo-name\u002Ftheme-name\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support multiple demos for a theme.\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Create new theme demo dir in GitHub repo \u003Ccode>username\u002Frepo-name\u002Ftheme-name\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Create new json file and name it  \u003Ccode>demos.json\u003C\u002Fcode>, add list demos here.\u003C\u002Fli>\n\u003Cli>Crate new demo dir and name it \u003Ccode>demos\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Add your new demo in new dir \u003Ccode>child-demo\u003C\u002Fcode>, so we have full path like this: \u003Ccode>username\u002Frepo-name\u002Ftheme-name\u002Fdemos\u002Fchild-demo\u003C\u002Fcode> and put file \u003Ccode>dummy-data.xml\u003C\u002Fcode> and \u003Ccode>config.json\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Export Demo XML\u003C\u002Fh3>\n\u003Cp>In Admin screen go to Tools -> Export\u003C\u002Fp>\n\u003Ch3>Export config.json\u003C\u002Fh3>\n\u003Cp>In Admin if user has cap \u003Ccode>export\u003C\u002Fcode>, add ?demo_contents_export in current url.\u003Cbr \u002F>\nExample: https:\u002F\u002Fexample.com\u002Fwp-admin\u002F?demo_contents_export\u003C\u002Fp>\n","FameThemes Demo importer",30000,869929,"2025-04-16T01:01:00.000Z","6.8.5","4.5",[71,72,73,74],"demo-data","famethemes","import","oneclick","https:\u002F\u002Fgithub.com\u002FFameThemes\u002Ffamethemes-demo-importer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffamethemes-demo-importer.zip",99,"2024-04-26 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":65,"downloaded":87,"rating":25,"num_ratings":25,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":90,"tags":91,"homepage":15,"download_link":94,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":56},"keon-toolset","Keon Toolset","2.4.5","keonthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeonthemes\u002F","\u003Cp>A demo importer plugin that makes importing starter sites effortless for building your website!\u003C\u002Fp>\n\u003Ch3>Images License\u003C\u002Fh3>\n\u003Cp>https:\u002F\u002Fpxhere.com\u002Fen\u002Flicense [CCO License]\u003C\u002Fp>\n","Import dummy data for themes developed by Keon Themes.",1490109,"2026-01-07T05:31:00.000Z","6.9.4","4.6",[71,92,93],"demo-data-importer","one-click-demo-import","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkeon-toolset.2.4.5.zip",{"slug":96,"name":97,"version":40,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":105,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":109,"tags":110,"homepage":113,"download_link":114,"security_score":115,"vuln_count":14,"unpatched_count":25,"last_vuln_date":116,"fetched_at":56},"rara-one-click-demo-import","Rara One Click Demo Import","Rara Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fraratheme\u002F","\u003Cp>Do you love the demos of the themes made by Rara Theme? Or, need a guideline for setting up the themes?\u003C\u002Fp>\n\u003Cp>Then, all you need is this plugin!\u003C\u002Fp>\n\u003Cp>Rara One Click Demo Import plugin will help you import the demo content, including settings of the widgets and the customizer, with a click.\u003C\u002Fp>\n\u003Cp>The demo content will make your website look like the preview of a theme so that you get a basic guideline for making your website.\u003C\u002Fp>\n\u003Cp>Once installed and activated, Rara One Click Demo Import will be accessible through \u003Cstrong>Appearance > Rara Demo Import\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>If you use Premium themes made by Rara Themes, go to Pro Theme Demo Import tab and just click on ‘Import Now’ button and your website will look like the demo of the activated theme in no time.\u003C\u002Fp>\n\u003Cp>If you use free themes made by Rara Themes, download the demo files from your \u003Ca href=\"https:\u002F\u002Frarathemes.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Theme Documentation\u003C\u002Fa> page, upload it using ‘Upload Demo File’ button on this plugin, and click Import Now. As simple as that.\u003C\u002Fp>\n\u003Cp>You can find the detail documentation \u003Ca href=\"https:\u002F\u002Frarathemes.com\u002Fblog\u002Fimport-demo-content-rara-themes\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you need help, contact our support team \u003Ca href=\"https:\u002F\u002Frarathemes.com\u002Fsupport-ticket\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is based on the ‘Theme Demo Import’ plugin by Themely, https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-demo-import\u002F\u003C\u002Fp>\n\u003Cp>As well as the improved WP Import 2.0 plugin by @humanmade, https:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWordPress-Importer.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Rara One Click Demo Import uses the script of\u003Cbr \u002F>\n‘Theme Demo Import’ plugin by Themely,\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-demo-import\u002F\u003Cbr \u002F>\nLicensed under the GNU General Public License v2.0,\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Cp>Rara One Click Demo Import uses ‘WordPress Importer’ plugin script\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWordPress-Importer\u003Cbr \u002F>\n(C) 2016 @humanmade\u003Cbr \u002F>\nLicensed under the GNU General Public License v2.0,\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>Rara One Click Demo Import is distributed under the terms of the GNU GPL.\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation; either version 2 of the License, or\u003Cbr \u002F>\nany later version (at your own risk).\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\u003Cbr \u002F>\nGNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along\u003Cbr \u002F>\nwith this program; if not, write to the Free Software Foundation, Inc.,\u003Cbr \u002F>\n51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.\u003C\u002Fp>\n","Make your website look like the live demo of the theme with a click!",20000,878760,54,7,"2024-11-21T11:28:00.000Z","6.7.5","6.0","7.4",[111,19,20,73,112],"content","widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frara-one-click-demo-import\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frara-one-click-demo-import.1.3.4.zip",91,"2022-04-21 13:36:00",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":25,"num_ratings":25,"last_updated":127,"tested_up_to":68,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":15,"download_link":136,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":56},"acme-demo-setup","Acme Demo Setup","2.1.2","Acme Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Facmethemes\u002F","\u003Cp>Setup your site theme from \u003Ca href=\"https:\u002F\u002Fwww.acmethemes.com\u002F\" rel=\"nofollow ugc\">Acme Themes\u003C\u002Fa> site with template library dummy data easily. Import settings, widgets and content with one click. Acme Demo Setup requires \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-import\u002F\" rel=\"ugc\">Advanced Import\u003C\u002Fa> Plugin to work normally.\u003C\u002Fp>\n\u003Cp>While you use Acme Demo Setup to import demo starter site, Images and demo files are fetches from respected theme Demo Sites form Acme Themes. This helps you to import starter dmeo site with a single click. You must accept \u003Ca href=\"https:\u002F\u002Fwww.acmethemes.com\u002Fterms-and-conditions\u002F\" rel=\"nofollow ugc\">terms\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.acmethemes.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">privacy\u003C\u002Fa> to use Acme Demo Setup Plugin.\u003C\u002Fp>\n","Easily set up your site with dummy data. Import settings, widgets, and content in one click using Advanced Import.",10000,625996,"2025-04-18T07:00:00.000Z","4.8","5.6.20",[131,132,133,134,135],"acmethemes","advanced-import","demo-import","dummydata","oneclick-demo-import","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facme-demo-setup.2.1.2.zip",{"attackSurface":138,"codeSignals":177,"taintFlows":280,"riskAssessment":379,"analyzedAt":400},{"hooks":139,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":25,"unprotectedCount":25},[140,146,150,153,157,160,165,169],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","init","mo_files_functions","demodata.php",36,{"type":141,"name":147,"callback":148,"file":144,"line":149},"admin_menu","wmdd_do_ajax",41,{"type":141,"name":147,"callback":151,"file":144,"line":152},"wmdd_add_menu_items",68,{"type":141,"name":154,"callback":155,"file":144,"line":156},"admin_head","wmdd_css",161,{"type":141,"name":154,"callback":158,"file":144,"line":159},"wmdd_js",162,{"type":161,"name":162,"callback":163,"file":144,"line":164},"filter","upload_dir","mo_upload_dir",1482,{"type":161,"name":166,"callback":167,"file":144,"line":168},"upload_mimes","add_custom_mimes",1520,{"type":161,"name":170,"callback":171,"file":144,"line":172},"locale","wmdd_get_locale",1554,[],[],[],[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":194,"fileOperations":278,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":279},[],{"prepared":180,"raw":181,"locations":182},21,4,[183,186,189,191],{"file":144,"line":184,"context":185},324,"$wpdb->get_var() with variable interpolation",{"file":144,"line":187,"context":188},980,"$wpdb->get_results() with variable interpolation",{"file":144,"line":190,"context":185},1022,{"file":144,"line":192,"context":193},1406,"$wpdb->get_col() with variable interpolation",{"escaped":181,"rawEcho":195,"locations":196},40,[197,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276],{"file":144,"line":198,"context":199},225,"raw output",{"file":144,"line":201,"context":199},269,{"file":144,"line":203,"context":199},383,{"file":144,"line":205,"context":199},390,{"file":144,"line":207,"context":199},402,{"file":144,"line":209,"context":199},459,{"file":144,"line":211,"context":199},475,{"file":144,"line":213,"context":199},487,{"file":144,"line":215,"context":199},494,{"file":144,"line":217,"context":199},541,{"file":144,"line":219,"context":199},548,{"file":144,"line":221,"context":199},598,{"file":144,"line":223,"context":199},605,{"file":144,"line":225,"context":199},697,{"file":144,"line":227,"context":199},704,{"file":144,"line":229,"context":199},758,{"file":144,"line":231,"context":199},765,{"file":144,"line":233,"context":199},827,{"file":144,"line":235,"context":199},834,{"file":144,"line":237,"context":199},982,{"file":144,"line":239,"context":199},1039,{"file":144,"line":241,"context":199},1065,{"file":144,"line":243,"context":199},1072,{"file":144,"line":245,"context":199},1084,{"file":144,"line":247,"context":199},1091,{"file":144,"line":249,"context":199},1098,{"file":144,"line":251,"context":199},1105,{"file":144,"line":253,"context":199},1112,{"file":144,"line":255,"context":199},1120,{"file":144,"line":257,"context":199},1129,{"file":144,"line":259,"context":199},1140,{"file":144,"line":261,"context":199},1144,{"file":144,"line":263,"context":199},1153,{"file":144,"line":265,"context":199},1160,{"file":144,"line":267,"context":199},1163,{"file":144,"line":269,"context":199},1226,{"file":144,"line":271,"context":199},1264,{"file":144,"line":273,"context":199},1307,{"file":144,"line":275,"context":199},1373,{"file":144,"line":277,"context":199},1393,3,[],[281,299,309,322,332],{"entryPoint":282,"graph":283,"unsanitizedCount":14,"severity":298},"wmdd_create_users (demodata.php:288)",{"nodes":284,"edges":295},[285,290],{"id":286,"type":287,"label":288,"file":144,"line":289},"n0","source","$_POST",303,{"id":291,"type":292,"label":293,"file":144,"line":205,"wp_function":294},"n1","sink","echo() [XSS]","echo",[296],{"from":286,"to":291,"sanitized":297},false,"medium",{"entryPoint":300,"graph":301,"unsanitizedCount":14,"severity":298},"wmdd_form (demodata.php:1200)",{"nodes":302,"edges":307},[303,306],{"id":286,"type":287,"label":304,"file":144,"line":305},"$_SERVER",1223,{"id":291,"type":292,"label":293,"file":144,"line":271,"wp_function":294},[308],{"from":286,"to":291,"sanitized":297},{"entryPoint":310,"graph":311,"unsanitizedCount":14,"severity":321},"wmdd_create (demodata.php:101)",{"nodes":312,"edges":319},[313,315],{"id":286,"type":287,"label":288,"file":144,"line":314},136,{"id":291,"type":292,"label":316,"file":144,"line":317,"wp_function":318},"query() [SQLi]",139,"query",[320],{"from":286,"to":291,"sanitized":297},"high",{"entryPoint":323,"graph":324,"unsanitizedCount":14,"severity":321},"wmdd_create_blogs (demodata.php:411)",{"nodes":325,"edges":330},[326,328],{"id":286,"type":287,"label":288,"file":144,"line":327},417,{"id":291,"type":292,"label":316,"file":144,"line":329,"wp_function":318},469,[331],{"from":286,"to":291,"sanitized":297},{"entryPoint":333,"graph":334,"unsanitizedCount":378,"severity":321},"\u003Cdemodata> (demodata.php:0)",{"nodes":335,"edges":370},[336,338,339,342,344,347,351,353,357,359,361,364,368],{"id":286,"type":287,"label":337,"file":144,"line":314},"$_POST (x2)",{"id":291,"type":292,"label":316,"file":144,"line":317,"wp_function":318},{"id":340,"type":287,"label":341,"file":144,"line":289},"n2","$_POST (x3)",{"id":343,"type":292,"label":293,"file":144,"line":205,"wp_function":294},"n3",{"id":345,"type":287,"label":288,"file":144,"line":346},"n4",128,{"id":348,"type":292,"label":349,"file":144,"line":187,"wp_function":350},"n5","get_results() [SQLi]","get_results",{"id":352,"type":287,"label":288,"file":144,"line":346},"n6",{"id":354,"type":292,"label":355,"file":144,"line":190,"wp_function":356},"n7","get_var() [SQLi]","get_var",{"id":358,"type":287,"label":304,"file":144,"line":305},"n8",{"id":360,"type":292,"label":293,"file":144,"line":271,"wp_function":294},"n9",{"id":362,"type":287,"label":288,"file":144,"line":363},"n10",447,{"id":365,"type":366,"label":367,"file":144,"line":363},"n11","transform","→ wmdd_create_blog()",{"id":369,"type":292,"label":293,"file":144,"line":237,"wp_function":294},"n12",[371,372,373,374,375,376,377],{"from":286,"to":291,"sanitized":297},{"from":340,"to":343,"sanitized":297},{"from":345,"to":348,"sanitized":297},{"from":352,"to":354,"sanitized":297},{"from":358,"to":360,"sanitized":297},{"from":362,"to":365,"sanitized":297},{"from":365,"to":369,"sanitized":297},9,{"summary":380,"deductions":381},"The \"multilingual-demo-data-creator\" plugin version 0.1 exhibits a mixed security posture. On the positive side, there are no known CVEs associated with the plugin, and the static analysis found no dangerous functions or external HTTP requests. The majority of SQL queries utilize prepared statements, which is a good practice. However, several significant concerns emerge from the analysis.  The plugin lacks any nonce checks or capability checks, which is a major vulnerability. Furthermore, the taint analysis reveals multiple flows with unsanitized paths, three of which are flagged as high severity. The extremely low percentage of properly escaped output (9%) indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. File operations are also present without clear security controls.\n\nWhile the plugin has no recorded vulnerability history, this may be due to its low version number and potentially limited usage. The absence of auth checks for AJAX handlers, REST API routes, shortcodes, and cron events, combined with the critical taint flows and poor output escaping, paints a concerning picture. The 5 unsanitized path flows, with 3 of high severity, are particularly alarming and suggest potential path traversal or file inclusion vulnerabilities. The complete lack of nonce and capability checks leaves the plugin's functionalities open to unauthorized access and manipulation.",[382,385,387,389,391,393,396,398],{"reason":383,"points":384},"High severity unsanitized taint flows",15,{"reason":386,"points":31},"Unescaped output (9% properly escaped)",{"reason":388,"points":11},"No nonce checks",{"reason":390,"points":11},"No capability checks",{"reason":392,"points":105},"Unsanitized path flows (5 total)",{"reason":394,"points":395},"File operations present without context",5,{"reason":397,"points":395},"No AJAX auth checks",{"reason":399,"points":395},"No REST API permission callbacks","2026-03-16T23:28:01.582Z",{"wat":402,"direct":411},{"assetPaths":403,"generatorPatterns":406,"scriptPaths":407,"versionParams":408},[404,405],"\u002Fwp-content\u002Fplugins\u002Fmultilingual-demo-data-creator\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fmultilingual-demo-data-creator\u002Fwmdd.js",[],[405],[409,410],"multilingual-demo-data-creator\u002Fstyle.css?ver=","multilingual-demo-data-creator\u002Fwmdd.js?ver=",{"cssClasses":412,"htmlComments":416,"htmlAttributes":417,"restEndpoints":422,"jsGlobals":423,"shortcodeOutput":425},[413,414,415],"wmddpending","spinner","promo",[],[418,419,420,421],"id=\"wmdd_results\"","class=\"wmdd\"","id=\"delete\"output","id=\"delete\"form",[],[424],"jQuery",[]]