[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fI6v-3zzMbbA0DIuUV2lRiCfm6Hg9pLhx-bUzi8Twkuo":3,"$fVO3E3wEUJGdyHX41TTihkZj5dAHlwcm1OPYRJnsVP1Q":189,"$f1CrACq4a1wl5l4Jg4lLfWwdl08iaQSEuwwyxO_LJ2B0":194},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":39,"analysis":154,"fingerprints":175},"php-floating-point-dos-attack-workaround","PHP Floating Point DoS Attack Workaround","0.2","Sergey Biryukov","https:\u002F\u002Fprofiles.wordpress.org\u002Fsergeybiryukov\u002F","\u003Cp>Prevents 32-bit PHP versions from hanging when processing a request containing 2.2250738585072011e-308 value.\u003C\u002Fp>\n\u003Cp>For more information see the \u003Ca href=\"http:\u002F\u002Fwww.exploringbinary.com\u002Fphp-hangs-on-numeric-value-2-2250738585072011e-308\u002F\" rel=\"nofollow ugc\">original post\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Fbugs.php.net\u002Fbug.php?id=53632\" rel=\"nofollow ugc\">bug report\u003C\u002Fa> by Rick Regan.\u003C\u002Fp>\n\u003Cp>Based on the \u003Ca href=\"http:\u002F\u002Fwww.aircraft24.com\u002Fen\u002Finfo\u002Fphp-float-dos-quickfix.htm\" rel=\"nofollow ugc\">non-plugin solution\u003C\u002Fa> by AirCraft24.com.\u003C\u002Fp>\n","Prevents 32-bit PHP versions from hanging when processing a request containing 2.2250738585072011e-308 value.",10,3845,0,"2012-05-21T20:01:00.000Z","3.4.2","1.5","",[19,20,21,22,23],"hosting","php","security","setup","system","http:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F16097","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-floating-point-dos-attack-workaround.0.2.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"sergeybiryukov",25,312670,86,30,84,"2026-05-19T17:36:14.867Z",[40,64,87,108,130],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":36,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":13,"last_vuln_date":63,"fetched_at":28},"hostinger","Hostinger Tools","3.0.65","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Tools is an all-in-one plugin designed to streamline essential tasks for WordPress site administrators. This plugin offers a range of features to help you manage your site’s information, maintenance mode, security, and redirects effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Basic Info\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the current WordPress version with automatic update checks.\u003C\u002Fli>\n\u003Cli>Shows the current PHP version with automatic update checks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Maintenance Mode\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable or disable maintenance mode for your site.\u003C\u002Fli>\n\u003Cli>Provide a URL to bypass maintenance mode for selected users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Security\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable XML-RPC requests to enhance your site’s security.\u003C\u002Fli>\n\u003Cli>Enable or disable Authorize application page to enhance your site’s security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Redirects\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force all URLs to use HTTPS for secure browsing.\u003C\u002Fli>\n\u003Cli>Force all URLs to use WWW to ensure consistency in site access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>LLMs.txt Generation\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically generate a structured LLMs.txt file in Markdown format.\u003C\u002Fli>\n\u003Cli>Include website title, description, posts, pages, and products (if WooCommerce is active).\u003C\u002Fli>\n\u003Cli>Keep the file updated when content changes or new content is published.\u003C\u002Fli>\n\u003Cli>Help AI-powered tools better understand and interact with your website content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hostinger Tools is the new version of the previous Hostinger plugin, offering an updated and enhanced experience.\u003Cbr \u002F>\nThe Onboarding assistant and the Learning section previously included in this plugin were moved to the separate plugin Hostinger Easy Onboarding.\u003C\u002Fp>\n","Simplified WordPress management. Manage site info, maintenance, security, & redirects.",3000000,17158936,66,"2026-04-08T12:10:00.000Z","6.9.4","5.5","8.1",[41,56,57,21,58],"https","maintenance","tools","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger.3.0.65.zip",99,1,"2024-01-05 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":75,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":17,"download_link":85,"security_score":86,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"plugin-compatibility-checker","Plugin Compatibility Checker","7.0.5","compatshield","https:\u002F\u002Fprofiles.wordpress.org\u002Fcompatshield\u002F","\u003Cp>The \u003Cstrong>Plugin Compatibility Checker\u003C\u002Fstrong> helps you keep your WordPress site stable and secure by scanning installed plugins for PHP and WordPress version compatibility.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>$1\u002Fmonth License Required (Entry Plan)\u003C\u002Fstrong>\u003Cbr \u002F>\nYou must subscribe to the CompatShield Portal ($1\u002Fmonth recurring) to obtain a \u003Cstrong>license key\u003C\u002Fstrong>. Once activated, you will be able to see plugin compatibility results (up to PHP 8.5) directly inside your WordPress admin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📺 Video Tutorial\u003C\u002Fstrong>\u003Cbr \u002F>\nWatch step-by-step how to activate your license & run your first scan:\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FPCxhJmO-Tb4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Quick Setup Steps\u003C\u002Fstrong>\u003Cbr \u002F>\n1) Subscribe \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Get your license key from the Portal\u003Cbr \u002F>\n2) Add your domain inside the License tab\u003Cbr \u002F>\n3) Copy your License Key\u003Cbr \u002F>\n4) Paste License Key inside Plugin Settings in WP Admin\u003Cbr \u002F>\n5) Click \u003Cstrong>Validate License\u003C\u002Fstrong>\u003Cbr \u002F>\n6) Click \u003Cstrong>Save Settings\u003C\u002Fstrong>\u003Cbr \u002F>\n7) Go to Plugin Main Page \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Click \u003Cstrong>Rescan\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pro Version (Upgrade)\u003C\u002Fstrong>\u003Cbr \u002F>\nUpgrading to Pro unlocks the full CompatShield Portal Dashboard with advanced features — vulnerability summary, detailed scan results, notifications, historic analysis, plugin issues overview, premium ZIP upload scanning, and multi-layer compatibility intelligence.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Subscribe \u002F Upgrade to Pro:\u003C\u002Fstrong> https:\u002F\u002Fwww.compatshield.com\u002F\u003C\u002Fp>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>PHP Compatibility Check\u003C\u002Fstrong> – Scan plugins for PHP compatibility.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>$1\u002Fmonth license: Shows PHP compatibility results directly inside WP Plugin backend (up to PHP 8.5)\u003C\u002Fli>\n\u003Cli>Pro license: Deeper breakdowns, insights, and analysis inside Portal Dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Plugin Rescan\u003C\u002Fstrong> – Quickly rescan whenever you install or update plugins.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Email Notifications (Pro)\u003C\u002Fstrong> – Get notified when scans complete or risks are detected.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Portal Integration (Pro)\u003C\u002Fstrong> – View full detailed results in the CompatShield Portal Dashboard.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Vulnerability Summary (Pro)\u003C\u002Fstrong> – Basic vulnerability insights available in the Portal.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>“No Data” Plugins Handling\u003C\u002Fstrong> – Easily identify custom\u002Fpremium plugins or removed versions not available on WordPress.org.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔑 Entry Plan vs Pro Plan\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>PHP Compatibility Check\u003C\u002Fstrong>\u003Cbr \u002F>\n$1 Plan: WP Admin Results up to PHP 8.5\u003Cbr \u002F>\nPro Plan: Detailed compatibility insights in Portal Dashboard\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Vulnerability Summary\u003C\u002Fstrong>\u003Cbr \u002F>\n$1 Plan: Not available\u003Cbr \u002F>\nPro Plan: Available in Portal\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Email Notifications\u003C\u002Fstrong>\u003Cbr \u002F>\n$1 Plan: Not available\u003Cbr \u002F>\nPro Plan: Available\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Portal Dashboard\u003C\u002Fstrong>\u003Cbr \u002F>\n$1 Plan: Not available\u003Cbr \u002F>\nPro Plan: Full access (compatibility + vulnerabilities + detailed summaries + site overview)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom\u002FPremium Plugins ZIP Scanning\u003C\u002Fstrong>\u003Cbr \u002F>\n$1 Plan: Not available\u003Cbr \u002F>\nPro Plan: Supported via Portal ZIP uploader\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Scan and check your plugins for PHP and WordPress compatibility. Requires a $1\u002Fmonth Portal subscription to obtain a license key.",8000,90480,76,8,"2026-04-09T16:20:00.000Z","7.0","5.0","7.2",[81,82,21,83,84],"php-version","plugin-checker","tags-compatibility","vulnerabilities","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-compatibility-checker.zip",100,{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":52,"requires_at_least":100,"requires_php":17,"tags":101,"homepage":105,"download_link":106,"security_score":61,"vuln_count":62,"unpatched_count":13,"last_vuln_date":107,"fetched_at":28},"booter-bots-crawlers-manager","Booter – Bots & Crawlers Manager","1.5.8","uPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fupress\u002F","\u003Cp>Booter – Bots & Crawlers Manager is a preventative measure (treatment in advance) and treatment of damages caused by crawlers and bots.\u003Cbr \u002F>\nThe plugin uses a number of existing technologies which are known by crawlers and bots and takes them one step forward – smartly and almost completely automatically.\u003Cbr \u002F>\nTo allow the plugin to function correctly, you must follow the instructions and manually enter some data (which must be done by a human being to avoid errors).\u003C\u002Fp>\n\u003Ch4>At the prevention level\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Booter allows you to manage and create an advanced dynamic robots.txt file.\u003C\u002Fli>\n\u003Cli>View a 404 error log to see the most common bad links.\u003C\u002Fli>\n\u003Cli>Blocking bad bots that cause high server loads due to very frequent page crawls, or are used to search for security vulnerabilities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>At the treatment level\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Booter allows you to limit the amount of requests from crawlers and bots, if or when they exceed the specified amount of requests per minute, it will be rejected for a specified period of time.\u003C\u002Fli>\n\u003Cli>Rejecting links that we do not want in the fastest way, not by just blocking but by sending the appropriate HTTP status code to make search engines forget them.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Instructions for use in case of damage treatment\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Activate the plugin.\u003C\u002Fli>\n\u003Cli>Enable the 404 error log option.\u003C\u002Fli>\n\u003Cli>Set the access rate limit.\u003C\u002Fli>\n\u003Cli>Watch the 404 log, try to find common parts in the URLs that repeats most often.\u003C\u002Fli>\n\u003Cli>Enter the common parts to the “reject links” page, and ensure the rejection code is 410.\u003C\u002Fli>\n\u003Cli>Clear the 404 error log.\u003C\u002Fli>\n\u003Cli>Repeat the process once every few hours until the 404 error log remains blank.\u003C\u002Fli>\n\u003Cli>Check the status of your website’s index coverage every few days.\u003C\u002Fli>\n\u003C\u002Fol>\n","Booter - Bots & Crawlers Manager is a preventative measure (treatment in advance) and treatment of damages caused by crawlers and bots.",7000,70189,88,13,"2026-02-16T10:26:00.000Z","4.0",[19,102,103,21,104],"rate-limit","request","upress","https:\u002F\u002Fbooter.app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbooter-bots-crawlers-manager.zip","2026-01-25 00:00:00",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":118,"num_ratings":119,"last_updated":120,"tested_up_to":121,"requires_at_least":100,"requires_php":17,"tags":122,"homepage":127,"download_link":128,"security_score":129,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"manage-xml-rpc","Manage XML-RPC","1.0.2","brainvireinfo","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainvireinfo\u002F","\u003Cp>You can now disable XML-RPC to avoid Brute force attack for given IPs or can even enable access for some IPs. XML-RPC on WordPress is actually an API that gives developers who build mobile apps, desktop apps and other services, the ability to talk to a WordPress site. The XML-RPC API that WordPress provides gives developers, a way to write applications (for you) that can do many of the things that you can do when logged into WordPress via the web interface.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Block XML-RPC by following way.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable pingback.ping, pingback.extensions.getPingbacks and Unset X-Pingback from HTTP headers, that will block bots to access specified method.\u003C\u002Fli>\n\u003Cli>Disable\u002FBlock XML-RPC for all users.\u003C\u002Fli>\n\u003C\u002Ful>\n","Enable\u002FDisable XML-RPC for all or based on IP list, also you can control pingback and Unset X-Pingback from HTTP headers.",6000,64423,60,4,"2024-12-02T07:10:00.000Z","6.7.5",[123,124,21,125,126],"block-xml-rpc","brute-force-attacks","xml-rpc-pingback","xmlrpc-php-attack","http:\u002F\u002Fwww.brainvire.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanage-xml-rpc.1.0.2.zip",92,{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":138,"downloaded":139,"rating":86,"num_ratings":140,"last_updated":141,"tested_up_to":52,"requires_at_least":142,"requires_php":143,"tags":144,"homepage":149,"download_link":150,"security_score":151,"vuln_count":152,"unpatched_count":13,"last_vuln_date":153,"fetched_at":28},"rsfirewall","RSFirewall!","1.1.46","RSJoomla!","https:\u002F\u002Fprofiles.wordpress.org\u002Frsjoomla\u002F","\u003Cp>The RSFirewall! WordPress plugin is the optimal solution for securing your website, helping you stay one step ahead of malicious users that wish to harm your website. The plugin is backed by a team of professionals with a long history in website security that are up to date with the latest known vulnerabilities and security updates.\u003C\u002Fp>\n\u003Cp>RSFIREWALL FREE VERSION FEATURES:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Free WordPress Firewall for your website\u003C\u002Fli>\n\u003Cli>Active protections against local file and remote file inclusion attacks\u003C\u002Fli>\n\u003Cli>SQL injection protections\u003C\u002Fli>\n\u003Cli>ReCAPTCHA for registration, login and commenting forms\u003C\u002Fli>\n\u003Cli>Filter uploaded files for possible malware and improper extensions\u003C\u002Fli>\n\u003Cli>Active monitoring WordPress core files integrity\u003C\u002Fli>\n\u003Cli>Active monitoring for your own files\u003C\u002Fli>\n\u003Cli>XML-RPC blocking\u003C\u002Fli>\n\u003Cli>REST API blocking with proper exceptions that you can define\u003C\u002Fli>\n\u003Cli>Protect the wp-admin\u002F slug with an extra password\u003C\u002Fli>\n\u003Cli>Change the wp-admin\u002F slug into a custom one\u003C\u002Fli>\n\u003Cli>Disallow direct access to PHP files in (wp-content, wp-content\u002Fuploads, wp-includes) with proper exceptions that you can define\u003C\u002Fli>\n\u003Cli>Receive email notifications on detected threats\u003C\u002Fli>\n\u003Cli>Automatically block repeated offenders IP addresses\u003C\u002Fli>\n\u003Cli>Perform a System check (WordPress and server configuration checks)\u003C\u002Fli>\n\u003Cli>Disable the creation of new Administrator accounts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>RSFIREWALL PAID VERSION FEATURES:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Two Factor Authentication\u003C\u002Fli>\n\u003Cli>Country blocking\u003C\u002Fli>\n\u003Cli>Convert email addresses to images\u003C\u002Fli>\n\u003Cli>Protect forms from abusive IPs\u003C\u002Fli>\n\u003Cli>File integrity check\u003C\u002Fli>\n\u003Cli>Convert email addresses from plain text to images\u003C\u002Fli>\n\u003Cli>More control over the system check\u003C\u002Fli>\n\u003Cli>Whitelist blocked PHP files\u003C\u002Fli>\n\u003Cli>Protect admin users from changes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>3rd Party services\u003C\u002Fh3>\n\u003Cp>RSFirewall! will compare the MD5 hash of files with the original ones from the WordPress installation package. If differences are found (ie files have been modified) RSFirewall! upon request can download the original files from the GitHub synchronised repository of WordPress:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002FWordPress\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FWordPress\u002FWordPress\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All connections are made with \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fwp_remote_get\" rel=\"nofollow ugc\">wp_remote_get\u003C\u002Fa> and the following information will be sent along with the request:\u003Cbr \u002F>\n– WordPress version\u003Cbr \u002F>\n– WordPress user agent along with your WordPress website address\u003Cbr \u002F>\n– Your server’s IP address\u003C\u002Fp>\n","Based on the success of the most popular firewall for Joomla!, RSFirewall! is now available to protect your WordPress website as well.",4000,30153,5,"2026-03-12T09:29:00.000Z","4.5.15","5.4",[145,146,21,147,148],"firewall","malware-scanner","system-check","web-application-firewall","https:\u002F\u002Fwww.rsjoomla.com\u002Fwordpress-plugins\u002Fwordpress-security-plugin.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frsfirewall.zip",95,3,"2026-03-23 00:00:00",{"attackSurface":155,"codeSignals":161,"taintFlows":168,"riskAssessment":169,"analyzedAt":174},{"hooks":156,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":13,"unprotectedCount":13},[],[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":167},[],{"prepared":13,"raw":13,"locations":164},[],{"escaped":13,"rawEcho":13,"locations":166},[],[],[],{"summary":170,"deductions":171},"The \"php-floating-point-dos-attack-workaround\" plugin version 0.2 exhibits an exceptionally clean static analysis report, indicating a strong adherence to secure coding practices. There are no identified attack vectors through AJAX, REST API, shortcodes, or cron events. Crucially, the code contains no dangerous functions, all SQL queries are properly prepared, and all output is correctly escaped. The absence of file operations, external HTTP requests, and any identified taint flows further bolsters its security posture.\n\nThe plugin's vulnerability history is equally pristine, with zero recorded CVEs of any severity. This lack of historical vulnerabilities suggests either a highly secure codebase from its inception or a very limited exposure and usage that has prevented the discovery of flaws. The absence of common vulnerability types and any recent issues further reinforces this perception.\n\nWhile the static analysis and vulnerability history present a near-perfect security profile, the primary concern stems from the complete lack of any entry points or protective mechanisms like nonce or capability checks. While this might be intentional for a plugin designed for a very specific, internal workaround, it also means there are no built-in defenses if its intended use case were to change or if an attacker found an unforeseen way to interact with it. Despite this theoretical concern, based solely on the provided data, the plugin appears to be very secure.",[172],{"reason":173,"points":140},"No authentication\u002Fauthorization checks on any entry points","2026-04-16T12:59:15.229Z",{"wat":176,"direct":181},{"assetPaths":177,"generatorPatterns":178,"scriptPaths":179,"versionParams":180},[],[],[],[],{"cssClasses":182,"htmlComments":183,"htmlAttributes":184,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":187},[],[],[],[],[],[188],"Script interrupted due to floating point DoS attack.",{"error":190,"url":191,"statusCode":192,"statusMessage":193,"message":193},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fphp-floating-point-dos-attack-workaround\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":195,"versions":196},2,[197,203],{"version":6,"download_url":25,"svn_tag_url":198,"released_at":27,"has_diff":199,"diff_files_changed":200,"diff_lines":27,"trac_diff_url":201,"vulnerabilities":202,"is_current":190},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fphp-floating-point-dos-attack-workaround\u002Ftags\u002F0.2\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fphp-floating-point-dos-attack-workaround%2Ftags%2F0.1&new_path=%2Fphp-floating-point-dos-attack-workaround%2Ftags%2F0.2",[],{"version":204,"download_url":205,"svn_tag_url":206,"released_at":27,"has_diff":199,"diff_files_changed":207,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":208,"is_current":199},"0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-floating-point-dos-attack-workaround.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fphp-floating-point-dos-attack-workaround\u002Ftags\u002F0.1\u002F",[],[]]