[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzgLFPX2zPolGSaLbkig1Vu5g8R8WZyErRRKSFCxQVy8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":37,"fingerprints":80},"persian-date-for-codestar-framework","Persian date for codestar framework","1.1","saeed Taheri","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaeedtaheri\u002F","\u003Cp>Codestar Framework Is A Simple and Lightweight WordPress Option Framework for Themes and Plugins. Persian date for codestar framework adds a new\u003Cbr \u002F>\nfield to codestar framwork. new field is a date field which user can choose jalali\u002Fpersian date. For using persian date the field type should set as \u003Cem>“pdate”\u003C\u002Fem>. also you can use format and other settings. for full settings please visit: \u003Ca href=\"http:\u002F\u002Fbabakhani.github.io\u002FPersianWebToolkit\u002Fdoc\u002Fdatepicker\u002F\" rel=\"nofollow ugc\">persian datepicker\u003C\u002Fa>.\u003C\u002Fp>\n","Codestar Framework Is A Simple and Lightweight WordPress Option Framework for Themes and Plugins. Persian date for codestar framework adds a new field …",20,2398,0,"2022-07-09T16:52:00.000Z","6.3.8","5.5","7.0",[19,20,21,22,23],"codestar","codestar-jalali","codestar-persian","codestar-persian-date","codestar-shamsi","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpersian-date-for-codestar-framework.1.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"saeedtaheri",1,30,84,"2026-04-05T03:00:00.120Z",[],{"attackSurface":38,"codeSignals":50,"taintFlows":67,"riskAssessment":68,"analyzedAt":79},{"hooks":39,"ajaxHandlers":46,"restRoutes":47,"shortcodes":48,"cronEvents":49,"entryPointCount":13,"unprotectedCount":13},[40],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","admin_notices","closure","sorth-codestar-persiandate.php",18,[],[],[],[],{"dangerousFunctions":51,"sqlUsage":52,"outputEscaping":54,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":66},[],{"prepared":13,"raw":13,"locations":53},[],{"escaped":55,"rawEcho":56,"locations":57},4,3,[58,62,64],{"file":59,"line":60,"context":61},"persiandate.php",33,"raw output",{"file":59,"line":63,"context":61},36,{"file":59,"line":65,"context":61},45,[],[],{"summary":69,"deductions":70},"The 'persian-date-for-codestar-framework' plugin v1.1 exhibits a seemingly strong security posture based on the provided static analysis. The absence of identified entry points like AJAX handlers, REST API routes, shortcodes, and cron events is a positive indicator, as it minimizes the potential attack surface. Furthermore, the fact that all SQL queries utilize prepared statements demonstrates good practice in preventing SQL injection vulnerabilities. The plugin also appears to avoid dangerous functions, file operations, and external HTTP requests, which further reduces its risk profile.\n\nHowever, a significant concern arises from the low percentage (57%) of properly escaped outputs. This suggests a potential for cross-site scripting (XSS) vulnerabilities, where unescaped data displayed to users could be manipulated by attackers. The complete lack of nonce checks and capability checks is also a notable weakness. While there are no apparent entry points that would directly exploit these missing checks in the current version, it represents a missed opportunity for robust security and could become a vulnerability if the plugin evolves or integrates with other components.\n\nThe plugin's vulnerability history is also clean, with no recorded CVEs. This, combined with the absence of critical or high severity taint flows, paints a picture of a plugin that has historically been secure or has not been a target for significant exploitation. Despite the identified output escaping issue and missing security checks, the overall lack of immediate, critical threats suggests a relatively low risk for this specific version, provided the output escaping is addressed and future development incorporates proper authorization checks.",[71,74,77],{"reason":72,"points":73},"Insufficient output escaping",6,{"reason":75,"points":76},"Missing nonce checks",5,{"reason":78,"points":76},"Missing capability checks","2026-03-16T23:00:00.694Z",{"wat":81,"direct":93},{"assetPaths":82,"generatorPatterns":87,"scriptPaths":88,"versionParams":92},[83,84,85,86],"\u002Fwp-content\u002Fplugins\u002Fpersian-date-for-codestar-framework\u002Fcss\u002Fpersian.datepicker.min.css","\u002Fwp-content\u002Fplugins\u002Fpersian-date-for-codestar-framework\u002Fjs\u002Fpersian.date.min.js","\u002Fwp-content\u002Fplugins\u002Fpersian-date-for-codestar-framework\u002Fjs\u002Fpersian.datepicker.min.js","\u002Fwp-content\u002Fplugins\u002Fpersian-date-for-codestar-framework\u002Fjs\u002Fsorth.js",[],[89,90,91],"js\u002Fpersian.date.min.js","js\u002Fpersian.datepicker.min.js","js\u002Fsorth.js",[],{"cssClasses":94,"htmlComments":96,"htmlAttributes":97,"restEndpoints":100,"jsGlobals":101,"shortcodeOutput":102},[95],"pd",[],[98,99],"data-date","data-settings",[],[],[]]