[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2e3rHUbIrtHdhzPfxMmrDYaIGEuSNM7FM90TcGpgt-c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":89,"crawl_stats":38,"alternatives":95,"analysis":191,"fingerprints":403},"nps-computy","NPS computy","2.8.4","calliko","https:\u002F\u002Fprofiles.wordpress.org\u002Fcalliko\u002F","\u003Cp>About NPS.\u003Cbr \u002F>\nThe founder of the method is Frederic Reicheld, who first announced the method in the article The One Number You Need to\u003Cbr \u002F>\n Grow, published in Harvard Business Review  in December 2003. In 2006, he released a book entitled\u003Cbr \u002F>\n The Ultimate Question: Driving Good Profits and True Growth.\u003Cbr \u002F>\nLink to the article “The One Number You Need to Grow”: https:\u002F\u002Fhbr.org\u002F2003\u002F12\u002Fthe-one-number-you-need-to-grow\u003Cbr \u002F>\nDescription of the system: https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FNet_Promoter\u003Cbr \u002F>\nNet Promoter Score this is just a concept and you can use it at your discretion.\u003C\u002Fp>\n\u003Cp>Specifically to determine the degree of customer loyalty to your project, the NPS index was created. What is the NPS customer loyalty index?\u003Cbr \u002F>\nThe Customer Loyalty Index (NPS) (Net Promoter Score) is a metric that companies use to determine the attitude of their customers.\u003Cbr \u002F>\nCompanies with high NPS have more opportunities to grow and make a profit in the long term.\u003Cbr \u002F>\nTo calculate the NPS index, you need to conduct a simple survey of your customers. The survey consists of one question:\u003Cbr \u002F>\nHow likely would you advise this company to a friend?\u003Cbr \u002F>\nThe answers are based on a ten-point scale.\u003C\u002Fp>\n\u003Ch3>Testing\u003C\u002Fh3>\n\u003Cp>You can test the plugin on \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fnps-computy\" rel=\"nofollow ugc\">\u003Cstrong>this page\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n","Free monitoring of the NPS (Net Promoter Score) index for your business.",50,6729,96,5,"2026-01-02T03:39:00.000Z","6.9.4","4.5","7.4",[20,21,22,23,24],"nps","promoter","score","seo","statistic","https:\u002F\u002Fcomputy.ru\u002Fblog\u002Fplagin-nps-indeks-loyalnosti-klientov-dlya-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnps-computy.2.8.4.zip",93,4,0,"2026-02-04 00:00:00","2026-03-15T15:16:48.613Z",[33,49,64,79],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-67984","nps-computy-unauthenticated-stored-cross-site-scripting","NPS computy \u003C= 2.8.2 - Unauthenticated Stored Cross-Site Scripting","The NPS computy plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.8.2","2.8.3","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-02-09 20:59:25",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4e0baa10-f576-48f5-ad7f-2cbae9d0abd0?source=api-prod",6,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":44,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2024-11807","nps-computy-reflected-cross-site-scripting","NPS computy \u003C= 2.8.0 - Reflected Cross-Site Scripting","The NPS computy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'data1' and 'data2' parameters in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=2.8.0","2.8.1","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-12-03 14:21:57","2024-12-04 02:40:28",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffabeeba6-f3c0-4f9c-a12f-c97801aad810?source=api-prod",1,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":56,"cvss_score":71,"cvss_vector":72,"vuln_type":73,"published_date":74,"updated_date":75,"references":76,"days_to_patch":78},"CVE-2024-1755","nps-computy-cross-site-request-forgery-to-results-deletion","NPS computy \u003C= 2.7.5 - Cross-Site Request Forgery to Results Deletion","The NPS computy plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.5. This is due to missing or incorrect nonce validation on the nps_plugin_options function. This makes it possible for unauthenticated attackers to delete results via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=2.7.5","2.7.6",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-03-25 00:00:00","2024-04-01 11:35:18",[77],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F490b4ee5-dd99-42af-94af-b45cea27b287?source=api-prod",7,{"id":80,"url_slug":81,"title":82,"description":83,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":56,"cvss_score":84,"cvss_vector":85,"vuln_type":44,"published_date":74,"updated_date":86,"references":87,"days_to_patch":78},"CVE-2024-1754","nps-computy-authenticated-admin-stored-cross-site-scripting","NPS computy \u003C= 2.7.5 - Authenticated (Admin+) Stored Cross-Site Scripting","The NPS computy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-04-01 11:38:42",[88],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc1ac9f77-eea7-4726-b2ba-019c26aec242?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":90,"avg_security_score":91,"avg_patch_time_days":92,"trust_score":93,"computed_at":94},330,99,51,87,"2026-04-04T13:56:23.825Z",[96,118,134,151,171],{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":106,"num_ratings":63,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":115,"download_link":116,"security_score":117,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"nps-monitoring","NPS Monitoring","2.1.2","benhallbenhall","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenhallbenhall\u002F","\u003Cp>NPS Monitoring allows you to easily integrate a powerful Net Promoter Score survey system into your existing wordpress site.\u003C\u002Fp>\n\u003Cp>Your Net Promoter Score is a valuable customer engagement metric designed to measure the likelyhood of your user base to recommend you to a family or friend.\u003C\u002Fp>\n\u003Cp>Standard NPS Monitoring accounts are completely free and perfect for blogs and small websites.  Larger business will enjoy premium features such as being able to segregate their NPS scores by Browser type, platform used and many other data points.  Large businesses can also collect up to 1,000 responses per day for NPS analysis.\u003C\u002Fp>\n\u003Cp>The plugin and service is designed to get you up and running in under 5 minutes.  Simply install the plugin, signup for a free NPS Monitoring account, then list your Property ID on the plugin settings page.  It’s that simple.\u003C\u002Fp>\n","This plugin allows you to display a simple NPS Monitoring survey.  Data is then calculated and analyzed to determine your Net Promoter Score.",10,2216,100,"2013-09-05T07:15:00.000Z","3.6.1","3.0.1","",[112,113,20,114],"customer-feedback","net-promoter-score","survey","http:\u002F\u002Fwww.npsmonitoring.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnps-monitoring.2.1.2.zip",85,{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":104,"downloaded":126,"rating":106,"num_ratings":63,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":110,"tags":130,"homepage":132,"download_link":133,"security_score":117,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"sightmill-nps","SightMill Net Promoter Score (NPS) feedback surveys","1.0.3","sightmill","https:\u002F\u002Fprofiles.wordpress.org\u002Fsightmill\u002F","\u003Cp>Add Net Promoter Score (NPS) SightMill.com feedback surveys to your website\u003C\u002Fp>\n\u003Cp>This plugin provides a simple way to include your unique SightMill tracking code that delivers NPS surveys to any page on your website.\u003C\u002Fp>\n\u003Cp>SightMill uses the industry-standard Net Promoter Score (NPS) framework to deliver great-looking surveys – you control when the survey is displayed and the text, design and colors from your SightMill dashboard.\u003C\u002Fp>\n\u003Cp>For further information on Net Promoter Score, customer feedback surveys and how to setup your surveys, visit https:\u002F\u002Fsightmill.com\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Setup Net Promoter Score (NPS) surveys on your website\u003C\u002Fli>\n\u003Cli>Gather, analyze and act on customer feedback to improve customer satisfaction\u003C\u002Fli>\n\u003Cli>Get started with a free account at SightMill.com\u003C\u002Fli>\n\u003C\u002Ful>\n","Add SightMill.com Net Promoter Score (NPS) feedback surveys to your website",1647,"2019-08-29T11:46:00.000Z","5.2.24","4.6",[131,113,20,114],"feedback","https:\u002F\u002Fsightmill.com\u002Fplugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsightmill-nps.1.0.3.zip",{"slug":135,"name":136,"version":137,"author":138,"author_profile":139,"description":140,"short_description":141,"active_installs":104,"downloaded":142,"rating":106,"num_ratings":28,"last_updated":143,"tested_up_to":144,"requires_at_least":145,"requires_php":146,"tags":147,"homepage":149,"download_link":150,"security_score":117,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"zenloop-woocommerce-nps-platform","zenloop for WooCommerce – Net Promoter Score (NPS) platform","3.1","zenloop","https:\u002F\u002Fprofiles.wordpress.org\u002Fzenloop\u002F","\u003Cp>All companies lose customers. In general, more than 15% of transactions are affected – every month. We boost customer loyalty at leading e-commerce companies.\u003C\u002Fp>\n\u003Cp>The zenloop plugin for WooCommerce automates three key business processes:\u003Cbr \u002F>\n1. Immediately detect unhappy, churning customers\u003Cbr \u002F>\n2. Detect churn motives and alert stakeholders\u003Cbr \u002F>\n3. Win back customers through personalized actions\u003C\u002Fp>\n\u003Cp>By analyzing quantitative and qualitative feedback, we uncover potential for improvement and help you address the voices of (un)happy customers, increase CLV, and prevent churn. Ask your customers two simple questions, learn about their opinions on your company and take customer experience to the next level.\u003C\u002Fp>\n\u003Ch4>Platform  benefits\u003C\u002Fh4>\n\u003Cp>With our software, you can measure customer retention and predict business growth.\u003C\u002Fp>\n\u003Cp>Our benefits include:\u003Cbr \u002F>\n– Achieve high response rates thanks to individual integration and optimized usability\u003Cbr \u002F>\n– Configure alarm systems and immediately forward critical topics internally\u003Cbr \u002F>\n– X-ray customer comments with smart labels and identify churn drivers\u003Cbr \u002F>\n– Target critical voices based on your customer feedback and respond immediately\u003Cbr \u002F>\n– Benefit from free referrals of your loyal promoters\u003Cbr \u002F>\n– Motivate your employees with visualized real-time feedback\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cp>When we founded Flaconi, we aimed at creating an optimal customer experience. Thus, zenloop for WooCommerce enables you to systematically evaluate your customer feedback.\u003C\u002Fp>\n\u003Cp>With the zenloop extension, you can\u003Cbr \u002F>\n– Create customized surveys within a few minutes\u003Cbr \u002F>\n– Use platform data to schedule NPS surveys via zenloop\u003Cbr \u002F>\n– Trigger on-site NPS surveys on your order-success-page\u003Cbr \u002F>\n– Trigger email NPS surveys after product delivery\u003Cbr \u002F>\n– Keep track with automated feedback analyses and reports\u003C\u002Fp>\n\u003Ch4>Testimonials\u003C\u002Fh4>\n\u003Cp>Smooth feedback analysis\u003Cbr \u002F>\n“With zenloop, time-consuming and manual analyses are no longer an issue. Thanks to Smart Labels, we can evaluate qualitative customer feedback in no time at all.”\u003Cbr \u002F>\nJens Griebler (Deichmann) Head of CRM\u003C\u002Fp>\n\u003Cp>Expand customer centricity\u003Cbr \u002F>\n“Customer centricity is the key for our company success. Zenloop helps us to focus on the customer and to communicate insights instantly to all stakeholders.”\u003Cbr \u002F>\nJulia Bösch (Outfittery) Chief Executive Officer\u003C\u002Fp>\n\u003Cp>Fully automated NPS\u003Cbr \u002F>\n“The easiest way to implement and roll out the entire Net Promoter System from A to Z – fully automated.”\u003Cbr \u002F>\nNana Lohmann (Shopapotheke) Chief Marketing Officer\u003C\u002Fp>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cp>You can send surveys in English, French, German, Spanish, Chinese, Czech, Danish, Dutch, Finnish, Italian, Norwegian, Polish, Portuguese, Russian, Swedish, and Turkish.\u003Cbr \u002F>\nText analysis is available in English, French, German, Spanish, Russian, Italian, and Dutch.\u003C\u002Fp>\n\u003Cp>The user interface is in English or German.\u003C\u002Fp>\n\u003Ch4>Integrations\u003C\u002Fh4>\n\u003Cp>Use our powerful integration to enrich your CRM data, trigger workflows or to close the feedback loop:\u003Cbr \u002F>\n– Emarsys\u003Cbr \u002F>\n– Freshdesk\u003Cbr \u002F>\n– Slack\u003Cbr \u002F>\n– Salesforce\u003Cbr \u002F>\n– webhooks\u003Cbr \u002F>\n– Zapier\u003C\u002Fp>\n","zenloop for WooCommerce is the official zenloop.com plugin. It connects zenloop’s Net Promoter Score (NPS) platform with your WooCommerce shop.",3287,"2023-04-05T07:02:00.000Z","6.2.9","5.6","7.0",[131,113,20,148],"surveys","https:\u002F\u002Fwww.zenloop.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzenloop-woocommerce-nps-platform.zip",{"slug":152,"name":153,"version":154,"author":153,"author_profile":155,"description":156,"short_description":157,"active_installs":158,"downloaded":159,"rating":160,"num_ratings":161,"last_updated":162,"tested_up_to":163,"requires_at_least":164,"requires_php":146,"tags":165,"homepage":168,"download_link":169,"security_score":106,"vuln_count":63,"unpatched_count":29,"last_vuln_date":170,"fetched_at":31},"feedfocal","FeedFocal","1.3.2","https:\u002F\u002Fprofiles.wordpress.org\u002Ffeedfocal\u002F","\u003Cp>FeedFocal is a data analytics platform for collecting user feedback data.\u003C\u002Fp>\n\u003Cp>We have a range of surveys designed to collect feedback from your users at different points along the customer journey, which helps you identify areas to focus on when improving your user experience (UX).\u003C\u002Fp>\n\u003Cp>We’re passionate about user experience, and know how important user feedback is to the success of any website or business in general. So get started today with the free FeedFocal plugin. Create surveys in seconds and begin collecting valuable user feedback to improve your user experience.\u003C\u002Fp>\n\u003Cp>Create and track your performance in key feedback areas, including customer satisfaction and customer effort surveys. Find out how your users really feel and where you need to improve to make sure your users are happy with your service.\u003C\u002Fp>\n\u003Cp>Our surveys take seconds to create and take seconds to complete! Then see your results in beautiful simple to understand charts.\u003C\u002Fp>\n\u003Cp>Check us out at \u003Ca href=\"https:\u002F\u002Ffeedfocal.com\" rel=\"nofollow ugc\">feedfocal.com\u003C\u002Fa> for more information.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>The following opensource projects have been used in developing this plugin. Thanks to the author for the creative work they made. All creative works are licensed as being GPL or GPL compatible.\u003C\u002Fp>\n","Collect user feedback with our easy to use survey tools! Create surveys in seconds.",2000,43799,80,3,"2025-05-20T10:04:00.000Z","6.8.0","5.0.0",[131,113,148,166,167],"user-feedback","website-feedback","http:\u002F\u002FFeedFocal","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeedfocal.1.3.2.zip","2023-10-24 00:00:00",{"slug":172,"name":173,"version":174,"author":175,"author_profile":176,"description":177,"short_description":178,"active_installs":179,"downloaded":180,"rating":181,"num_ratings":104,"last_updated":182,"tested_up_to":183,"requires_at_least":183,"requires_php":110,"tags":184,"homepage":189,"download_link":190,"security_score":117,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"word-stats","Word Stats","4.5.1","Fran Ontanaya","https:\u002F\u002Fprofiles.wordpress.org\u002Ffran-ontanaya\u002F","\u003Cp>Word Stats adds a suite of linguistic diagnostics to help you keep track of your content and improve its quality.\u003C\u002Fp>\n\u003Cp>The reports page lets you select an author and period to analyze, and displays:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The total word count.\u003C\u002Fli>\n\u003Cli>The number and percentage of posts of each post type.\u003C\u002Fli>\n\u003Cli>The top 20 keywords.\u003C\u002Fli>\n\u003Cli>The percentage of posts of basic, intermediate and advanced readability level.\u003C\u002Fli>\n\u003Cli>A graph with monthly word counts for each post type.\u003C\u002Fli>\n\u003Cli>Diagnostics tables, with links to edit the posts that may be too short, too long, too difficult, too simple, lack relevant keywords or abuse certain keywords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can display the total word counts for each post type in your dashboard, widget areas and inside your posts with the [wordcounts] shortcode.\u003C\u002Fp>\n\u003Cp>Word Stats also extends the info area of the post edit form with these live stats:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Relevant keywords. Common words can be blacklisted with regular expressions in the settings page.\u003C\u002Fli>\n\u003Cli>A more accurate word count.\u003C\u002Fli>\n\u003Cli>Color coded readability tests: Automated Readability Index, Coleman-Liau Index and LIX.\u003C\u002Fli>\n\u003Cli>Total characters, alphanumeric characters, words and sentences.\u003C\u002Fli>\n\u003Cli>Characters per word, characters per sentence, words per sentence.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additionally, an extra column with the readability level of each post can be displayed in the manage posts list.\u003C\u002Fp>\n\u003Cp>Word Stats includes basic support for Unicode scripts, including cyrillic, greek, arabic, hindi and japanese (mileage may vary).\u003C\u002Fp>\n\u003Cp>Spanish and Catalan translations are bundled with the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Contact\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Feel free to send feedback, requests or suggestions at email@franontanaya.com.\u003C\u002Fp>\n\u003Cp>Or follow me on Twitter: \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FFranOntanaya\" rel=\"nofollow ugc\">https:\u002F\u002Ftwitter.com\u002FFranOntanaya\u003C\u002Fa>\u003C\u002Fp>\n","A suite of word counters, keyword counters and readability analysis for your blog.",200,33571,88,"2014-12-21T16:23:00.000Z","4.1.0",[185,186,23,187,188],"analytics","keywords","statistics","words","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fword-stats\u002Fstats\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fword-stats.4.5.1.zip",{"attackSurface":192,"codeSignals":246,"taintFlows":334,"riskAssessment":385,"analyzedAt":402},{"hooks":193,"ajaxHandlers":228,"restRoutes":236,"shortcodes":237,"cronEvents":244,"entryPointCount":28,"unprotectedCount":245},[194,199,203,207,212,216,220,221,225],{"type":195,"name":196,"callback":197,"file":198,"line":104},"action","admin_menu","add_admin_menu","class.nps-computy-admin.php",{"type":195,"name":200,"callback":201,"file":198,"line":202},"admin_enqueue_scripts","load_scripts",11,{"type":195,"name":204,"callback":205,"file":198,"line":206},"admin_init","plugin_settings",12,{"type":208,"name":209,"callback":210,"file":198,"line":211},"filter","wp_mail_content_type","wp_mail_content_type_nps",680,{"type":195,"name":213,"callback":213,"file":214,"line":215},"init","index.php",16,{"type":195,"name":217,"callback":218,"file":214,"line":219},"admin_notices","npsc_admin_notice__error",49,{"type":195,"name":213,"callback":213,"file":214,"line":27},{"type":195,"name":222,"callback":223,"file":214,"line":224},"wp_enqueue_scripts","add_nps_computy_styles",104,{"type":195,"name":222,"callback":226,"file":214,"line":227},"nps_computy_script",113,[229,233],{"action":230,"nopriv":231,"callback":230,"hasNonce":231,"hasCapCheck":231,"file":198,"line":232},"nps_computy_ajax",false,13,{"action":230,"nopriv":234,"callback":230,"hasNonce":231,"hasCapCheck":231,"file":198,"line":235},true,14,[],[238,241],{"tag":4,"callback":239,"file":214,"line":240},"nps_func",251,{"tag":242,"callback":243,"file":214,"line":90},"nps-computy-chart","nps_func_chart",[],2,{"dangerousFunctions":247,"sqlUsage":248,"outputEscaping":260,"fileOperations":29,"externalRequests":29,"nonceChecks":245,"capabilityChecks":161,"bundledLibraries":329},[],{"prepared":202,"raw":28,"locations":249},[250,253,256,258],{"file":198,"line":251,"context":252},302,"$wpdb->query() with variable interpolation",{"file":214,"line":254,"context":255},259,"$wpdb->get_var() with variable interpolation",{"file":214,"line":257,"context":255},267,{"file":214,"line":259,"context":255},271,{"escaped":261,"rawEcho":262,"locations":263},58,32,[264,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,317,319,321,323,325,327],{"file":198,"line":265,"context":266},261,"raw output",{"file":198,"line":268,"context":266},316,{"file":198,"line":270,"context":266},318,{"file":198,"line":272,"context":266},321,{"file":198,"line":274,"context":266},323,{"file":198,"line":276,"context":266},329,{"file":198,"line":278,"context":266},334,{"file":198,"line":280,"context":266},336,{"file":198,"line":282,"context":266},338,{"file":198,"line":284,"context":266},355,{"file":198,"line":286,"context":266},361,{"file":198,"line":288,"context":266},400,{"file":198,"line":290,"context":266},424,{"file":198,"line":292,"context":266},426,{"file":198,"line":294,"context":266},460,{"file":198,"line":296,"context":266},502,{"file":198,"line":298,"context":266},519,{"file":198,"line":300,"context":266},545,{"file":198,"line":302,"context":266},558,{"file":198,"line":304,"context":266},566,{"file":198,"line":306,"context":266},567,{"file":198,"line":308,"context":266},568,{"file":198,"line":310,"context":266},569,{"file":198,"line":312,"context":266},570,{"file":198,"line":314,"context":266},571,{"file":198,"line":316,"context":266},572,{"file":198,"line":318,"context":266},575,{"file":198,"line":320,"context":266},591,{"file":198,"line":322,"context":266},614,{"file":198,"line":324,"context":266},700,{"file":198,"line":326,"context":266},715,{"file":198,"line":328,"context":266},717,[330],{"name":331,"version":332,"knownCves":333},"DataTables","1.10.21",[],[335,371],{"entryPoint":336,"graph":337,"unsanitizedCount":29,"severity":370},"nps_plugin_options (class.nps-computy-admin.php:282)",{"nodes":338,"edges":366},[339,344,350,354,358,361],{"id":340,"type":341,"label":342,"file":198,"line":343},"n0","source","$_POST",290,{"id":345,"type":346,"label":347,"file":198,"line":348,"wp_function":349},"n1","sink","query() [SQLi]",299,"query",{"id":351,"type":341,"label":352,"file":198,"line":353},"n2","$_POST (x6)",371,{"id":355,"type":346,"label":356,"file":198,"line":288,"wp_function":357},"n3","echo() [XSS]","echo",{"id":359,"type":341,"label":360,"file":198,"line":353},"n4","$_POST (x4)",{"id":362,"type":346,"label":363,"file":198,"line":364,"wp_function":365},"n5","get_results() [SQLi]",420,"get_results",[367,368,369],{"from":340,"to":345,"sanitized":234},{"from":351,"to":355,"sanitized":234},{"from":359,"to":362,"sanitized":234},"low",{"entryPoint":372,"graph":373,"unsanitizedCount":29,"severity":370},"\u003Cclass.nps-computy-admin> (class.nps-computy-admin.php:0)",{"nodes":374,"edges":381},[375,376,377,378,379,380],{"id":340,"type":341,"label":342,"file":198,"line":343},{"id":345,"type":346,"label":347,"file":198,"line":348,"wp_function":349},{"id":351,"type":341,"label":352,"file":198,"line":353},{"id":355,"type":346,"label":356,"file":198,"line":288,"wp_function":357},{"id":359,"type":341,"label":360,"file":198,"line":353},{"id":362,"type":346,"label":363,"file":198,"line":364,"wp_function":365},[382,383,384],{"from":340,"to":345,"sanitized":234},{"from":351,"to":355,"sanitized":234},{"from":359,"to":362,"sanitized":234},{"summary":386,"deductions":387},"The \"nps-computy\" v2.8.4 plugin exhibits a mixed security posture. While it demonstrates some good practices, such as a low number of external HTTP requests and file operations, significant concerns remain. The presence of two AJAX handlers without authentication checks presents a direct attack vector, potentially allowing unauthorized users to trigger plugin functionality. Furthermore, the static analysis reveals that a substantial portion of SQL queries are not using prepared statements, increasing the risk of SQL injection vulnerabilities. The output escaping is also a concern, with a notable percentage of outputs not being properly escaped, which could lead to cross-site scripting vulnerabilities.\n\nThe plugin's vulnerability history is particularly alarming, with four known CVEs, including one high-severity and three medium-severity issues. The historical prevalence of Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities suggests a recurring pattern of insecure coding practices related to input handling and state management. Although there are currently no unpatched vulnerabilities, the sheer number and types of past issues indicate a systemic weakness that needs addressing. The presence of an outdated bundled library (DataTables v1.10.21) also adds to the risk profile.\n\nIn conclusion, while the plugin avoids certain high-risk areas like critical taint flows or raw file operations, the combination of unprotected entry points, insecure SQL practices, insufficient output escaping, and a history of common and severe vulnerabilities points to a moderate to high overall security risk. Addressing the unprotected AJAX handlers, improving SQL sanitation, and ensuring proper output escaping are critical next steps to improve its security.",[388,390,392,394,396,399],{"reason":389,"points":104},"Unprotected AJAX handlers",{"reason":391,"points":78},"Significant portion of SQL queries not prepared",{"reason":393,"points":48},"Substantial percentage of outputs not escaped",{"reason":395,"points":28},"Bundled outdated library (DataTables v1.10.21)",{"reason":397,"points":398},"History of high-severity vulnerabilities (1)",15,{"reason":400,"points":401},"History of medium-severity vulnerabilities (3)",9,"2026-03-16T21:59:43.880Z",{"wat":404,"direct":413},{"assetPaths":405,"generatorPatterns":408,"scriptPaths":409,"versionParams":410},[406,407],"\u002Fwp-content\u002Fplugins\u002Fnps-computy\u002F_inc\u002Fnps-computy-style.css","\u002Fwp-content\u002Fplugins\u002Fnps-computy\u002F_inc\u002Fnps-computy-script.js",[],[407],[411,412],"nps-computy-style.css?ver=","nps-computy-script.js?ver=",{"cssClasses":414,"htmlComments":422,"htmlAttributes":430,"restEndpoints":433,"jsGlobals":434,"shortcodeOutput":437},[20,415,416,417,418,419,420,421,4],"zagolovok-nps","question-container","desc-nps","validationError","nps-radios","index","input_nps",[423,424,425,426,427,428,429],"\u003C!--Общие переменные-->","\u003C!--версия плагина-->","\u003C!--Страница админки-->","\u002F*Страница админки*\u002F","\u002F\u002Fдобавляем стили на самом сайте","\u002F\u002Fдобавляем скрипты на самом сайте","\u002F*[nps-computy]  вывод формы голосования*\u002F",[431,432],"id=\"nps-computy\"","action=\"javascript:void(null);\"",[],[226,435,436,223,239],"nps_computy_activate","nps_computy_deactivate",[438,439,440,441,442,443,444,445,446,447,448,449,446,450,451,452,446,453,454,455,446,456,457,458,446,459,460,461,446,462,463,464,446,465,466,467,446,468],"\u003Cdiv class=\"nps\">","\u003Cdiv class=\"zagolovok-nps\">","\u003Cdiv class=\"desc-nps\">","\u003Cdiv class=\"validationError\"","\u003Cdiv class=\"nps-radios\"","\u003Cinput type=\"radio\" id=\"radio-0\" name=\"radio\" value=\"0\">","\u003Clabel for=\"radio-0\">","\u003Cdiv class=\"index i0\">0\u003C\u002Fdiv>","\u003C\u002Flabel>","\u003Cinput type=\"radio\" id=\"radio-1\" name=\"radio\" value=\"1\">","\u003Clabel for=\"radio-1\">","\u003Cdiv class=\"index i1\">1\u003C\u002Fdiv>","\u003Cinput  type=\"radio\" id=\"radio-2\" name=\"radio\" value=\"2\">","\u003Clabel for=\"radio-2\">","\u003Cdiv class=\"index i2\">2\u003C\u002Fdiv>","\u003Cinput  type=\"radio\" id=\"radio-3\" name=\"radio\" value=\"3\">","\u003Clabel for=\"radio-3\">","\u003Cdiv class=\"index i3\">3\u003C\u002Fdiv>","\u003Cinput type=\"radio\" id=\"radio-4\" name=\"radio\" value=\"4\">","\u003Clabel for=\"radio-4\">","\u003Cdiv class=\"index i4\">4\u003C\u002Fdiv>","\u003Cinput type=\"radio\" id=\"radio-5\" name=\"radio\" value=\"5\">","\u003Clabel for=\"radio-5\">","\u003Cdiv class=\"index i5\">5\u003C\u002Fdiv>","\u003Cinput  type=\"radio\" id=\"radio-6\" name=\"radio\" value=\"6\">","\u003Clabel for=\"radio-6\">","\u003Cdiv class=\"index i6\">6\u003C\u002Fdiv>","\u003Cinput  type=\"radio\" id=\"radio-7\" name=\"radio\" value=\"7\">","\u003Clabel for=\"radio-7\">","\u003Cdiv class=\"index i7\">7\u003C\u002Fdiv>","\u003Cinput  type=\"radio\" id=\"radio-8\" name=\"radio\" va"]