[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fziXpQhzv4IP3jVbVwd_ePheqYJ7dqqCbbO8I0ajcGG4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":16,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":34,"fingerprints":143},"per-page-headers-and-footers-code","Per Page Headers and Footers Code","1.0.0","jabermarketing","https:\u002F\u002Fprofiles.wordpress.org\u002Fjabermarketing\u002F","\u003Cp>This plugin allows you to add header and footer code to your wordpress website on a per page basis. You can also add global code which you can then deactivate from specfic pages\u002Fpsots.\u003C\u002Fp>\n","This plugin allows you to add header and footer code to your wordpress website on a per page basis.",0,977,"2018-04-03T16:57:00.000Z","4.9.29","4.0","",[18,19,20,21,22],"per-page-code","per-page-footer-code","per-page-header-code","wordpress-footers","wordpress-headers","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fper-page-headers-and-footers-code.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},1,30,84,"2026-04-04T14:21:26.007Z",[],{"attackSurface":35,"codeSignals":92,"taintFlows":133,"riskAssessment":134,"analyzedAt":142},{"hooks":36,"ajaxHandlers":83,"restRoutes":89,"shortcodes":90,"cronEvents":91,"entryPointCount":29,"unprotectedCount":29},[37,43,47,52,56,61,63,68,71,75,78],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","admin_notices","display","includes\\admin\\admin-campaign.php",10,{"type":38,"name":44,"callback":45,"file":41,"line":46},"admin_init","send",11,{"type":38,"name":48,"callback":49,"file":50,"line":51},"add_meta_boxes","register_meta_boxes","includes\\admin\\admin-meta-box.php",18,{"type":38,"name":53,"callback":54,"priority":42,"file":50,"line":55},"save_post","save_meta_box",19,{"type":38,"name":57,"callback":58,"file":59,"line":60},"admin_menu","register_menu","includes\\admin\\admin-settings.php",17,{"type":38,"name":44,"callback":62,"file":59,"line":51},"register_settings",{"type":38,"name":64,"callback":65,"file":66,"line":67},"admin_enqueue_scripts","enqueue_scripts","includes\\admin\\admin.php",14,{"type":38,"name":64,"callback":69,"file":66,"line":70},"enqueue_styles",15,{"type":38,"name":72,"callback":65,"file":73,"line":74},"wp_footer","includes\\footer-handler.php",16,{"type":38,"name":76,"callback":65,"file":77,"line":74},"wp_head","includes\\header-handler.php",{"type":38,"name":79,"callback":80,"file":81,"line":82},"plugins_loaded","custom_body_init","plugin.php",61,[84],{"action":85,"nopriv":86,"callback":87,"hasNonce":86,"hasCapCheck":86,"file":41,"line":88},"custom_body_admin_ignore",false,"ignore",13,[],[],[],{"dangerousFunctions":93,"sqlUsage":94,"outputEscaping":96,"fileOperations":11,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":132},[],{"prepared":11,"raw":11,"locations":95},[],{"escaped":11,"rawEcho":97,"locations":98},21,[99,102,104,105,106,108,109,111,113,115,117,118,120,121,123,124,125,127,129,130,131],{"file":41,"line":100,"context":101},34,"raw output",{"file":41,"line":103,"context":101},35,{"file":50,"line":24,"context":101},{"file":50,"line":24,"context":101},{"file":50,"line":107,"context":101},98,{"file":50,"line":107,"context":101},{"file":59,"line":110,"context":101},149,{"file":59,"line":112,"context":101},158,{"file":59,"line":114,"context":101},159,{"file":59,"line":116,"context":101},216,{"file":59,"line":116,"context":101},{"file":59,"line":119,"context":101},230,{"file":59,"line":119,"context":101},{"file":59,"line":122,"context":101},242,{"file":59,"line":122,"context":101},{"file":73,"line":103,"context":101},{"file":73,"line":126,"context":101},39,{"file":73,"line":128,"context":101},44,{"file":77,"line":103,"context":101},{"file":77,"line":126,"context":101},{"file":77,"line":128,"context":101},[],[],{"summary":135,"deductions":136},"The plugin \"per-page-headers-and-footers-code\" v1.0.0 exhibits a mixed security posture. On the positive side, it utilizes prepared statements for all SQL queries and includes a nonce check and capability check for its single AJAX handler. There is no recorded vulnerability history, suggesting a good track record so far. However, a significant concern is the lack of authentication checks on its sole AJAX entry point. This unprotected AJAX handler represents a direct attack vector that could be exploited by unauthenticated users.\n\nFurthermore, the static analysis reveals that none of the 21 identified output points are properly escaped. This is a critical vulnerability that could lead to Cross-Site Scripting (XSS) attacks. If malicious data is processed and then outputted without proper sanitization, an attacker could inject arbitrary JavaScript code into pages viewed by other users. While taint analysis shows no flows, this is likely due to the limited scope of the analysis or the specific nature of the code. The presence of an unprotected AJAX handler and widespread unescaped output are the most pressing security risks associated with this plugin.",[137,140],{"reason":138,"points":139},"AJAX handler without auth check",8,{"reason":141,"points":70},"Unescaped output","2026-03-17T07:07:58.685Z",{"wat":144,"direct":154},{"assetPaths":145,"generatorPatterns":149,"scriptPaths":150,"versionParams":151},[146,147,148],"\u002Fwp-content\u002Fplugins\u002Fper-page-headers-and-footers-code\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fper-page-headers-and-footers-code\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fper-page-headers-and-footers-code\u002Fassets\u002Flibraries\u002Face\u002Face.js",[],[],[152,153],"per-page-headers-and-footers-code\u002Fassets\u002Fjs\u002Fadmin.js?ver=","per-page-headers-and-footers-code\u002Fassets\u002Fcss\u002Fadmin.css?ver=",{"cssClasses":155,"htmlComments":158,"htmlAttributes":159,"restEndpoints":162,"jsGlobals":163,"shortcodeOutput":164},[156,157],"meta-field","meta-field-hide_header_scripts",[],[160,161],"data-ace-mode","data-ace-theme",[],[],[]]