[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUEae-c3XODIba_jjhgZSLM9F_P_YEmdzf1eKZDo1zAY":3,"$fNY6SR9rQfVSIkrMiFboPjPgbb7p43r8kXD8aNmpV5Vc":211,"$fjzWVJM3VnmD-R6FAqUsEVYkJ83IshMbasCkdNMHD-Mc":216},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":35,"analysis":144,"fingerprints":186},"post-tracking-code","Post tracking code","1.0.0","imanabuhaydari","https:\u002F\u002Fprofiles.wordpress.org\u002Fimanabuhaydari\u002F","\u003Cp>With this plugin, you can add a tracking code to each order, we have added a new field in the left side of admin order page and you can add your tracking code to the field, after adding each new tracking code,\u003Cbr \u002F>\nthis tracking code automatically will be sent to its related customers’ email,Apart from that, we have added a new shortcode that you can use that for creating a new tracking form page.\u003C\u002Fp>\n\u003Cp>Please use this shortcode : [ptc_tracking_code] to add a form to your page.\u003C\u002Fp>\n","This plugin is so useful for adding tracking code to your orders.",0,751,100,1,"2021-11-04T03:42:00.000Z","5.8.13","",[19,20,4,21,22],"add-woocommerce-tracking-code","order-tracking-page","tracking-code","tracking-form-page","http:\u002F\u002Fwww.iranimij.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-tracking-code.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},2,30,84,"2026-05-20T02:51:07.147Z",[36,58,76,101,125],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":17,"download_link":55,"security_score":56,"vuln_count":14,"unpatched_count":11,"last_vuln_date":57,"fetched_at":27},"addfunc-head-footer-code","AddFunc Head & Footer Code","2.4","AddFunc","https:\u002F\u002Fprofiles.wordpress.org\u002Faddfunc\u002F","\u003Cp>Allows administrators to add code to the \u003Ccode>\u003Chead>\u003C\u002Fcode> and\u002For footer of an individual post (or page or other content) and\u002For site-wide. Ideal for scripts such as Google Analytics conversion tracking code and any other general or page-specific JavaScript. A very simple, reliable and lightweight plugin.\u003C\u002Fp>\n","Easily add code to your head, footer and\u002For immediately after the opening body tag, site-wide and\u002For on any individual page\u002Fpost.",20000,244177,25,"2026-03-28T16:08:00.000Z","6.9.4","3.0.1",[51,52,53,54,21],"add-to-head","footer-code","head-code","per-page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faddfunc-head-footer-code.2.4.zip",99,"2026-04-09 14:51:35",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":13,"num_ratings":68,"last_updated":69,"tested_up_to":16,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":17,"download_link":75,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"embed-code","Embed Code – Headers & Footers by DesignBombs","2.0.4","designbombs","https:\u002F\u002Fprofiles.wordpress.org\u002Fdesignbombs\u002F","\u003Cp>Easily insert or embed header and footer code in WordPress. Embed Code makes embedding global or page\u002Fpost-specific header and footer code super easy. It can be used to add almost anything, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Analytics tracking code\u003C\u002Fli>\n\u003Cli>Site verification snippets\u003C\u002Fli>\n\u003Cli>Typekit font scripts\u003C\u002Fli>\n\u003Cli>Custom CSS\u003C\u002Fli>\n\u003Cli>Custom JavaScript\u003C\u002Fli>\n\u003Cli>Optimizely embed code\u003C\u002Fli>\n\u003Cli>Facebook tracking pixel\u003C\u002Fli>\n\u003Cli>Live chat integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It even supports embedding code on custom post types!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s Next?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is maintained by folks over at \u003Ca href=\"http:\u002F\u002Fdesignbombs.com\" rel=\"nofollow ugc\">DesignBombs.com\u003C\u002Fa>. If you are looking to start a new website, checkout their guide on \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fhow-to-make-a-website\u002F\" rel=\"nofollow ugc\">how to create a website\u003C\u002Fa>. They also have in-depth guides on other topics like how to \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fbest-wordpress-hosting\" rel=\"nofollow ugc\">choose the best WordPress hosting\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fhow-to-start-a-blog\u002F\" rel=\"nofollow ugc\">how to start a blog\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fwordpress-security\u002F\" rel=\"nofollow ugc\">WordPress security\u003C\u002Fa>.\u003C\u002Fp>\n","The easiest way to embed code in the head or footer of your site, globally or on a per-page\u002Fpost basis.",5000,59370,6,"2021-08-04T08:03:00.000Z","4.7.0","5.4",[59,73,52,74,21],"embed-javascript","header-code","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-code.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":98,"download_link":99,"security_score":13,"vuln_count":14,"unpatched_count":11,"last_vuln_date":100,"fetched_at":27},"bws-google-analytics","Analytics by BestWebSoft – Google Analytics Dashboard and Statistic Plugin for WordPress","2.0","bestweblayout","https:\u002F\u002Fprofiles.wordpress.org\u002Fbestweblayout\u002F","\u003Cp>Analytics plugin is the best way to view Google Analytics on your WordPress website dashboard. Configure the reporting mode, select the metrics you need, set the time range for your statistic displaying and keep tracking your WordPress website statistics.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fdemo-analytics\u002F?ref=readme\" rel=\"nofollow ugc\">View Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fu6GCmG2SYIg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Free Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add single tracking code\u003C\u002Fli>\n\u003Cli>Choose statistics view mode:\n\u003Cul>\n\u003Cli>Line chart\u003C\u002Fli>\n\u003Cli>Table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Choose statistics time range\u003C\u002Fli>\n\u003Cli>Supports several webproperties for the statistics displaying\u003C\u002Fli>\n\u003Cli>Choose statistics metrics:\n\u003Cul>\n\u003Cli>Visitor\n\u003Cul>\n\u003Cli>Unique visitors\u003C\u002Fli>\n\u003Cli>New visits\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Session\n\u003Cul>\n\u003Cli>Visits\u003C\u002Fli>\n\u003Cli>Bounce rate\u003C\u002Fli>\n\u003Cli>Average visit duration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Page Tracking\n\u003Cul>\n\u003Cli>Pageviews\u003C\u002Fli>\n\u003Cli>Page\u002FVisit\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with latest WordPress version\u003C\u002Fli>\n\u003Cli>Incredibly simple settings for fast setup without modifying code\u003C\u002Fli>\n\u003Cli>Detailed step-by-step documentation and videos\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Pro Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>All features from Free version included plus:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>View visual statistics\u003C\u002Fli>\n\u003Cli>View visual statistics for URL\u003C\u002Fli>\n\u003Cli>Choose statistics metrics:\n\u003Cul>\n\u003Cli>Session\u003C\u002Fli>\n\u003Cli>Revenue\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Save statistics to scv\u003C\u002Fli>\n\u003Cli>Get answer to your support question within one business day (\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fsupport-policy\u002F\" rel=\"nofollow ugc\">Support Policy\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fbws-google-analytics\u002F?k=5891b1a2761b39cd5706eba26c3af1d4\" rel=\"nofollow ugc\">Upgrade to Pro Now\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>If you have a feature suggestion or idea you’d like to see in the plugin, we’d love to hear about it! \u003Ca href=\"https:\u002F\u002Fsupport.bestwebsoft.com\u002Fhc\u002Fen-us\u002Frequests\u002Fnew\" rel=\"nofollow ugc\">Suggest a Feature\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Documentation & Videos\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.google.com\u002Fdocument\u002Fd\u002F1crUDzT-SASTmoj3M6lJcR4CyRzCp9Ge1l2-BcsUotZY\u002F\" rel=\"nofollow ugc\">[Doc] User Guide\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.google.com\u002Fdocument\u002Fd\u002F1-hvn6WRvWnOqj5v5pLUk7Awyu87lq5B_dO-Tv-MC9JQ\u002F\" rel=\"nofollow ugc\">[Doc] Installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.google.com\u002Fdocument\u002Fd\u002F1EUdBVvnm7IHZ6y0DNyldZypUQKpB8UVPToSc_LdOYQI\u002F\" rel=\"nofollow ugc\">[Doc] Purchase\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Help & Support\u003C\u002Fh4>\n\u003Cp>Visit our Help Center if you have any questions, our friendly Support Team is happy to help — \u003Ca href=\"https:\u002F\u002Fsupport.bestwebsoft.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fsupport.bestwebsoft.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Translation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Russian (ru_RU)\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) (thanks to \u003Ca href=\"mailto:jmbescos@ibidemgroup.com\" rel=\"nofollow ugc\">Jose Bescos\u003C\u002Fa> – www.ibidemgroup.com)\u003C\u002Fli>\n\u003Cli>Ukrainian (uk)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Some of these translations are not complete. We are constantly adding new features which should be translated. If you would like to create your own language pack or update the existing one, you can send \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTranslating_WordPress\" rel=\"nofollow ugc\">the text of PO and MO files\u003C\u002Fa> to \u003Ca href=\"https:\u002F\u002Fsupport.bestwebsoft.com\u002Fhc\u002Fen-us\u002Frequests\u002Fnew\" rel=\"nofollow ugc\">BestWebSoft\u003C\u002Fa> and we’ll add it to the plugin. You can download the latest version of the program for work with PO and MO \u003Ca href=\"https:\u002F\u002Fwww.poedit.net\u002Fdownload.php\" rel=\"nofollow ugc\">files Poedit\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Recommended Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fupdater\u002F?k=b0536eca91f29f7603d42d53f5fd3990\" rel=\"nofollow ugc\">Updater\u003C\u002Fa> – Automatically check and update WordPress website core with all installed plugins and themes to the latest versions.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add Google Analytics code to WordPress website and track basic stats.",1000,90591,94,23,"2025-06-09T10:31:00.000Z","6.8.5","5.6","7.4",[93,94,95,96,97],"add-tracking-code","analytics","display-statistic-report","google-analytics","google-analytics-plugin","https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fbws-google-analytics\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbws-google-analytics.2.0.zip","2017-04-12 00:00:00",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":13,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":122,"download_link":123,"security_score":124,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wp-tracking-codes","Wp Tracking Codes","1.9.3","Heitor_tito","https:\u002F\u002Fprofiles.wordpress.org\u002Fheitor_tito\u002F","\u003Cp>The tracking codes in one place.\u003Cbr \u002F>\nSupport: Google Tag Manager, Google Analytics 4 Global Tag, Google ADS Remarketing Global Tag, Google Merchant Customer Reviews for WooCommerce, Facebook Pixel Code.\u003C\u002Fp>\n","The tracking codes in one place. Support: Google Tag Manager, GA 4 Global Tag, Google ADS Remarketing Global Tag,Google Merchant Reviews,Facebook Pixe &hellip;",900,28611,4,"2024-10-29T02:40:00.000Z","6.6.5","5.2.0","7.2",[117,118,119,120,121],"ads","facebook","ga4","gtm","tracking-codes","https:\u002F\u002Fbr.wordpress.org\u002Fplugins\u002Fwp-tracking-codes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-tracking-codes.1.9.3.zip",92,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":11,"num_ratings":11,"last_updated":135,"tested_up_to":48,"requires_at_least":136,"requires_php":90,"tags":137,"homepage":141,"download_link":142,"security_score":56,"vuln_count":14,"unpatched_count":11,"last_vuln_date":143,"fetched_at":27},"content-snippet-manager","Content Snippet Manager","1.1.7","alexvtn","https:\u002F\u002Fprofiles.wordpress.org\u002Falexvtn\u002F","\u003Cp>\u003Cstrong>Content Snippet Manager plugin\u003C\u002Fstrong> allows you to create and manage unlimited numbers of HTML and WordPress shortcodes in your WordPress content\u003Cbr \u002F>\nYou will be able to choose the position and the destination of each snippet.\u003C\u002Fp>\n\u003Cp>For example, you may need to insert an Amazon banner or a subscription newsletter shortcode at the middle or at the end of all posts, you can do it using our plugin, without being forced to edit manually each WordPress post.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong> Javascript code, conversion script or custom css codes are not allowed on the free version, they will be removed from the WordPress editor.\u003C\u002Fp>\n\u003Cp>To insert an header, body, footer or conversion snippet, you can configure one of available shortcode.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdemo.themeinprogress.eu\u002Fcontent-snippet-manager-pro\u002Fconversion-shortcodes\" rel=\"nofollow ugc\">https:\u002F\u002Fdemo.themeinprogress.eu\u002Fcontent-snippet-manager-pro\u002Fconversion-shortcodes\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Premium features.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Header snippets\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can insert your own Javascript and CSS code on the wp_head hook.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Body snippets\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can insert your own Javascript and CSS code on the wp_body hook.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Footer snippets\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can insert your own Javascript and CSS code on the wp_footer hook.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Conversion snippets\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can insert your own Javascript and CSS code inside the final thank you page of WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Dynamic conversion values\u003C\u002Fstrong>\u003Cbr \u002F>\n  The dynamic conversion values allow you to use specific parameters of a WooCommerce order inside your snippet, when a user has been redirected to the final thank you page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom post type support\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can include a snippet inside all available custom post types available on WordPress, instead of only the WordPress posts, pages and WooCommerce products.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom taxonomies support\u003C\u002Fstrong>\u003Cbr \u002F>\n  You can include a snippet inside all available custom taxonomies available on WordPress, instead of only the WordPress post categories, tags and WooCommerce categories.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Device selection\u003C\u002Fstrong>\u003Cbr \u002F>\n  Select one or more devices where you can load the content snippet.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User Role\u003C\u002Fstrong>\u003Cbr \u002F>\n  If needed, you can hide each snippet for specific user roles, like the administrator.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>You can get the premium version, from the following link:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.themeinprogress.com\u002Fcontent-snippet-manager\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.themeinprogress.com\u002Fcontent-snippet-manager\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Installation\u003C\u002Fh4>\n\u003Cp>Once you have installed the plugin, you just need to activate the plugin in order to enable it.\u003C\u002Fp>\n\u003Ch4>Configuration\u003C\u002Fh4>\n\u003Cp>Content Snippet Manager will add a new admin page, where you can manage all snippets.\u003C\u002Fp>\n\u003Ch3>Translators\u003C\u002Fh3>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English (Default)\u003C\u002Fli>\n\u003Cli>Italiano\u003C\u002Fli>\n\u003C\u002Ful>\n","Content Snippet Manager plugin allows you to create and manage unlimited numbers of HTML and WordPress shortcodes in your WordPress content",200,10733,"2026-04-15T17:11:00.000Z","3.5.0",[138,139,96,121,140],"conversion-tracking","facebook-conversion-pixel","woocommerce-tracking-code","https:\u002F\u002Fwww.themeinprogress.com\u002Fcontent-snippet-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-snippet-manager.1.1.7.zip","2025-02-14 00:00:00",{"attackSurface":145,"codeSignals":166,"taintFlows":179,"riskAssessment":180,"analyzedAt":185},{"hooks":146,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":165,"entryPointCount":14,"unprotectedCount":11},[147,153],{"type":148,"name":149,"callback":150,"file":151,"line":152},"action","add_meta_boxes","ptc_mv_add_meta_boxes","post-tracking-code.php",20,{"type":148,"name":154,"callback":155,"priority":156,"file":151,"line":157},"save_post","ptc_mv_save_wc_order_other_fields",10,22,[],[],[161],{"tag":162,"callback":163,"file":151,"line":164},"ptc_tracking_code","ptc_tracking_code_callback",24,[],{"dangerousFunctions":167,"sqlUsage":168,"outputEscaping":170,"fileOperations":11,"externalRequests":11,"nonceChecks":31,"capabilityChecks":11,"bundledLibraries":178},[],{"prepared":11,"raw":11,"locations":169},[],{"escaped":171,"rawEcho":31,"locations":172},19,[173,176],{"file":151,"line":174,"context":175},35,"raw output",{"file":151,"line":177,"context":175},137,[],[],{"summary":181,"deductions":182},"The 'post-tracking-code' plugin v1.0.0 demonstrates a strong adherence to several WordPress security best practices. The static analysis reveals no dangerous functions, all SQL queries utilize prepared statements, and file operations are absent. External HTTP requests are also not made, minimizing potential attack vectors. Furthermore, the plugin incorporates nonce checks, indicating an effort to protect against CSRF attacks. The taint analysis shows no identified flows, which is a positive sign regarding input validation.\n\nHowever, a notable concern is the complete absence of capability checks. While nonce checks protect against unauthorized execution of actions, they do not inherently restrict *who* can perform those actions. Without capability checks, any authenticated user, regardless of their role, could potentially interact with the plugin's functionality. This broad accessibility could be a risk if the shortcode, its sole entry point, handles user-supplied data in a sensitive manner that isn't fully mitigated by other checks. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator, but this should not be relied upon as a guarantee of future safety, especially given the identified gap in capability checks.\n\nIn conclusion, the plugin has a good foundation with its use of prepared statements and nonce checks. The lack of identified vulnerabilities and clean history are strengths. The primary weakness lies in the absence of capability checks, which represents a potential privilege escalation or unauthorized action vector if the shortcode's functionality is not trivial. This single point of entry, a shortcode, should be carefully reviewed to ensure that even without explicit capability checks, its usage by any authenticated user is safe.",[183],{"reason":184,"points":156},"No capability checks on entry points","2026-04-16T15:05:15.035Z",{"wat":187,"direct":192},{"assetPaths":188,"generatorPatterns":189,"scriptPaths":190,"versionParams":191},[],[],[],[],{"cssClasses":193,"htmlComments":198,"htmlAttributes":199,"restEndpoints":202,"jsGlobals":203,"shortcodeOutput":204},[194,195,196,197],"tracking_code_wrapper","tracking_code_body","tracking_code_wrappr","tracking_code_result",[],[200,201],"name=\"ptc_tracking_code\"","name=\"ptc_tracking_code_nonce\"",[],[],[205,206,207,208,209,210],"\u003Cdiv class=\"tracking_code_wrapper\">","\u003Cdiv class=\"tracking_code_body\">","\u003Cform action=\"\">","\u003Cinput type=\"text\" placeholder=\"Insert your order number\"","\u003Cbutton type=\"submit\"","\u003Cdiv class=\"tracking_code_result\">",{"error":212,"url":213,"statusCode":214,"statusMessage":215,"message":215},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpost-tracking-code\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":217},[]]