[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fe_T_jQGfYpnW0csPQXatI_gEvHwGd5mKM4AnNSvX7DU":3,"$fjZJi2GSmZf9tT7yRrUcHyVbRmzTJlQN8qbxxds8o-ho":254,"$fRFj3fo2gDZYOocESstQpKCXUYXKXRMhd_7x0S1tO2ek":258},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":52,"crawl_stats":39,"alternatives":59,"analysis":165,"fingerprints":230},"powies-whois","Powie's WHOIS Domain Check","0.9.34","PowieT","https:\u002F\u002Fprofiles.wordpress.org\u002Fpowiet\u002F","\u003Cp>Checks Domain WHOIS Lookup for availability. Simple insert the [pwhois] shortcode on a page or post.\u003Cbr \u002F>\nTo select the default TLD use the default attribute: [pwhois default=com] – sets .com as default in the TLD dropdown.\u003Cbr \u002F>\nTLD List is limited because of the knowledge of the required whois servers. If you wish to have support for a special TLD please contact me and I will implement it asap.\u003Cbr \u002F>\nWe cannot guarantee that every domain lookup works perfect, in case that whois servers and how to talk to them can change time by time.\u003Cbr \u002F>\nHowever if you inform us about changes and we can get it to work, we give you a free version of the Pro version of this plugin!\u003C\u002Fp>\n\u003Ch4>Demos\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowie.de\u002Fwordpress\u002Fwhois\u002F\" rel=\"nofollow ugc\">Demo 1\u003C\u002Fa> – at our own page.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbe-webspace.de\u002Fdomaincheck\u002F\" rel=\"nofollow ugc\">Demo 2\u003C\u002Fa> – live version at a hosting providers webpage.\u003C\u002Fp>\n\u003Ch4>Requires\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>php7\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Including:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Shortcode [pwhois]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Support Forum @ \u003Ca href=\"https:\u002F\u002Fforum.powie.de\u002Fforum\u002F87-powies-whois\u002F\" rel=\"nofollow ugc\">forum.powie.de\u003C\u002Fa>\u003Cbr \u002F>\nYou get faster feedback if you post in our forum, rather than on wordpress.org!\u003C\u002Fp>\n\u003Ch3>Remove plugin\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Delete plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n","Check a Domain WHOIS Lookup for availability. Simple insert the [pwhois] shortcode on a page or post",500,30746,80,10,"2024-10-06T09:52:00.000Z","6.6.5","4.0","",[20,21,22,23,24],"domain","free","lookup","shortcode","whois","https:\u002F\u002Fpowie.de\u002Fwordpress\u002Fwhois\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.34.zip",92,1,0,"2020-07-07 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":41,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":30,"updated_date":46,"references":47,"days_to_patch":49,"patch_diff_files":50,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"WF-4b1568d6-4fea-4ed3-9931-f293932eaa3a-powies-whois","powers-whois-domain-check-authenticated-stored-cross-site-scripting","Power's WHOIS Domain Check \u003C= 0.9.31 - Authenticated Stored Cross-Site Scripting","The Power's WHOIS Domain Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 0.9.31 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=0.9.31","0.9.32","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[48],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4b1568d6-4fea-4ed3-9931-f293932eaa3a?source=api-prod",1295,[],false,{"slug":53,"display_name":7,"profile_url":8,"plugin_count":54,"total_installs":55,"avg_security_score":56,"avg_patch_time_days":49,"trust_score":57,"computed_at":58},"powiet",7,660,86,69,"2026-05-20T07:03:20.300Z",[60,84,106,125,145],{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":56,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":79,"download_link":80,"security_score":81,"vuln_count":82,"unpatched_count":29,"last_vuln_date":83,"fetched_at":31},"wp24-domain-check","WP24 Domain Check","1.12.0","WP24","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp24dotorg\u002F","\u003Cp>WP24 Domain Check allows users to check domains if they are free for registration. The responsive form could be easily intregrated via shortcode or widget. Labels and colors are customizeable through the settings page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy integration via shortcode or widget\u003C\u002Fli>\n\u003Cli>Ajax based search (no page reload required)\u003C\u002Fli>\n\u003Cli>Define a list of testable TLDs\u003C\u002Fli>\n\u003Cli>Drop-down list (select the TLD from predefinded list)\u003C\u002Fli>\n\u003Cli>Free text input (type TLD into domain name field)\u003C\u002Fli>\n\u003Cli>Over 1,600 supported TLDs\u003C\u002Fli>\n\u003Cli>Add custom whois servers\u003C\u002Fli>\n\u003Cli>Possibility of checking every TLD\u003C\u002Fli>\n\u003Cli>Internationalized domain name (IDN) support\u003C\u002Fli>\n\u003Cli>Check all TLDs simultaneously (asynchronous)\u003C\u002Fli>\n\u003Cli>Show detailed whois information (if domain is registered)\u003C\u002Fli>\n\u003Cli>Provide price and purchase link for each TLD\u003C\u002Fli>\n\u003Cli>WooCommerce integration\u003C\u002Fli>\n\u003Cli>Responsive design\u003C\u002Fli>\n\u003Cli>Bot protection with Google reCAPTCHA or Cloudflare Turnstile\u003C\u002Fli>\n\u003Cli>Customization of labels and colors\u003C\u002Fli>\n\u003Cli>WPML and Polylang compatible\u003C\u002Fli>\n\u003C\u002Ful>\n","Check (whois) domain names for availability. Easy integration via shortcode or widget.",4000,119715,32,"2026-01-11T10:24:00.000Z","6.9.4","5.0","7.0.0",[20,76,77,78,24],"domain-check","domain-checker","domaincheck","https:\u002F\u002Fwp24.org\u002Fplugins\u002Fdomain-check","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp24-domain-check.1.12.0.zip",99,2,"2024-12-26 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":28,"last_updated":95,"tested_up_to":96,"requires_at_least":73,"requires_php":97,"tags":98,"homepage":104,"download_link":105,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"domain-search-for-whmcs","Domain Search for WHMCS","2.0.3","Shipon Karmakar","https:\u002F\u002Fprofiles.wordpress.org\u002Fshiponkarmakar\u002F","\u003Cp>Domain Search for WHMCS is a lightweight yet powerful WordPress plugin that allows users to search for domain names and redirects them to your WHMCS-powered domain registration portal. This seamless integration improves user experience and streamlines domain purchase processes.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Simple and fast domain search form\u003C\u002Fli>\n\u003Cli>Fully customizable search field and placeholder text\u003C\u002Fli>\n\u003Cli>Shortcode support for easy placement anywhere on your website\u003C\u002Fli>\n\u003Cli>Redirect users to your WHMCS domain registration page automatically\u003C\u002Fli>\n\u003Cli>Admin settings page for easy configuration\u003C\u002Fli>\n\u003Cli>Lightweight and optimized for speed\u003C\u002Fli>\n\u003Cli>Secure nonce verification for form submissions\u003C\u002Fli>\n\u003Cli>Supports multiple domain search shortcodes with custom settings\u003C\u002Fli>\n\u003Cli>Easy deletion and management of created shortcodes\u003C\u002Fli>\n\u003Cli>Optimized code for better WordPress compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is perfect for web hosting businesses, domain resellers, and WHMCS-based service providers looking to enhance user engagement and conversion rates.\u003C\u002Fp>\n","Integrate WHMCS domain search functionality into your WordPress website with a clean, responsive search form.",200,1616,100,"2025-04-03T17:47:00.000Z","6.7.5","7.2",[99,100,101,102,103],"domain-lookup","domain-registration","domain-search","whmcs","whmcs-integration","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdomain-search-for-whmcs\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdomain-search-for-whmcs.2.0.3.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":94,"downloaded":114,"rating":94,"num_ratings":28,"last_updated":115,"tested_up_to":116,"requires_at_least":17,"requires_php":117,"tags":118,"homepage":122,"download_link":123,"security_score":124,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"faq-schema","FAQ Schema","1.0","panhwerwaseem121","https:\u002F\u002Fprofiles.wordpress.org\u002Fpanhwerwaseem121\u002F","\u003Cp>FAQ schema is an easy to use plugin which easily can add faq schema on your post, page or any other post type you just need to use a simple\u003Cbr \u002F>\nshortcode to add this faq schema in your website.\u003C\u002Fp>\n\u003Cp>At a glance, this plugin adds the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User can easily add the faq schema by adding these shortcode in there post: [faq]Your frist question|=|your first Answer|SEP|Your Second Question|=|Your Second Answer[\u002Ffaq].\u003C\u002Fli>\n\u003C\u002Ful>\n","FAQ schema is an easy to use plugin which easily can add faq schema on your post, page or any other post type you just need to use a simple",2425,"2019-11-27T08:51:00.000Z","5.2.24","5.2.4",[107,119,120,121],"faq-shortcode","free-faq-schema","shortcode-for-faq","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffaq-schema\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffaq-schema.1.1.zip",85,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":29,"num_ratings":29,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":143,"download_link":144,"security_score":124,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"extended-shortcodes-for-ultimate-membership-pro","Extended Shortcodes for Ultimate Membership Pro","1.6","WPIndeed Development","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpindeed\u002F","\u003Cp>\u003Cstrong>Extended Shortcodes provides a list of shortcodes entirely designed to add practicability and versatility to membership-based systems. 😎\u003C\u002Fstrong>\u003Cbr \u002F>\nIt is one of the most useful WordPress plugins for WordPress admins.\u003Cbr \u002F>\n\u003Cstrong>This addon is an extension of \u003Ca href=\"https:\u002F\u002Fultimatemembershippro.com\" rel=\"nofollow ugc\">Ultimate Membership Pro\u003C\u002Fa> plugin.\u003C\u002Fstrong>\u003Cbr \u002F>\nAdmins have complete control over how content is organized and displayed to users based on their membership type. Using this plugin, you can now show\u002Fhide content to registered\u002Funregistered members, display links and buttons anywhere on the page, ensure access to restricted content to visitors based on their subscription type\u002Frole, and many more.\u003C\u002Fp>\n\u003Ch3>🌟 Ultimate Membership Pro\u003C\u002Fh3>\n\u003Cp>For many years in a row, \u003Cstrong>Ultimate Membership Pro\u003C\u002Fstrong> has been the most well-known and finest WordPress Membership Plugin, allowing you to establish and operate with multi-level exclusive access for your Members based on basic Free Memberships or \u003Cstrong>Paid recurring Subscriptions\u003C\u002Fstrong>.\u003Cbr \u002F>\nWith Ultimate Membership Pro site owners can convert a WordPress website into a powerful Content Selling Platform and start charging members for valuable access right away.\u003C\u002Fp>\n\u003Ch3>🔔 How it works?\u003C\u002Fh3>\n\u003Cp>The installation process is easy: all you have to do is upload the plugin and enable it with the press of a button.\u003Cbr \u002F>\nLong gone are the days of tweaking your code for every small change. Organizing the content on your WordPress website has never been easier.\u003C\u002Fp>\n\u003Ch3>⚙️ Extended Shortcodes Features\u003C\u002Fh3>\n\u003Cp>✅ Show the content only for registered users.\u003Cbr \u002F>\n✅ Show the content only for unregistered users.\u003Cbr \u002F>\n✅ Show link to login page.\u003Cbr \u002F>\n✅ Show link to account page.\u003Cbr \u002F>\n✅ Show link to Lost Password page.\u003Cbr \u002F>\n✅ Show link to Register page.\u003Cbr \u002F>\n✅ Show link to Subscription page.\u003Cbr \u002F>\n✅ Show the content depending on the type of membership.\u003C\u002Fp>\n\u003Cp>Thanks to this plugin, you can focus more on delivering the best user experience and less on insignificant tasks.\u003Cbr \u002F>\nThe \u003Cstrong>shortcodes list\u003C\u002Fstrong> is periodically updated and modified based on new functionalities that get released. Whenever a new functionality is added, its shortcode will be uploaded accordingly.\u003C\u002Fp>\n\u003Ch3>💡 For Extended Shortcodes to work, \u003Ca href=\"https:\u002F\u002Fultimatemembershippro.com\" rel=\"nofollow ugc\">Ultimate Membership Pro\u003C\u002Fa> is required.\u003C\u002Fh3>\n\u003Ch3>📘 DOCUMENTATION\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Documentation may be found \u003Ca href=\"https:\u002F\u002Fstore.wpindeed.com\u002Fdocumentation\u002Fextended-shortcodes-2\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>For video Tutorials you may check the \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fplaylist?list=PLmOiaKgLhsFlhpkMb_fHKV45u4qZ1IZHd\" rel=\"nofollow ugc\">YouTube channel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>For more information about functionality and features check out our \u003Ca href=\"https:\u002F\u002Fstore.wpindeed.com\u002Faddon\u002Fextended-shortcodes\u002F\" rel=\"nofollow ugc\">website\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📖 Read more\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Check others \u003Ca href=\"https:\u002F\u002Fwpindeed.com\u002F\" rel=\"nofollow ugc\">WordPress Plugins\u003C\u002Fa> by WPIndeed Development.\u003C\u002Fli>\n\u003Cli>Visit \u003Ca href=\"https:\u002F\u002Fstore.wpindeed.com\u002F\" rel=\"nofollow ugc\">store.wpindeed\u003C\u002Fa> to get a collection of ready-to-use addons.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔍 Check out some of our projects\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdelete-my-account-addon-for-ultimate-membership-pro\u002F\" rel=\"ugc\">Delete My Account \u003C\u002Fa>\u003C\u002Fstrong> – Every user from Ultimate Membership Pro may delete their profile account on demand\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-membership-pro-paystack\u002F\" rel=\"ugc\">Ultimate Membership Pro – Paystack\u003C\u002Fa>\u003C\u002Fstrong> – Enables businesses from African region to receive payments from anyone, anywhere in the globe\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-membership-pro-payfast\u002F\" rel=\"ugc\">Ultimate Membership Pro – PayFast\u003C\u002Fa>\u003C\u002Fstrong> – Makes it easier for visitors to become members by facilitating operations and one-time payments\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-membership-pro-razorpay\u002F\" rel=\"ugc\">Razorpay for Ultimate Membership Pro\u003C\u002Fa>\u003C\u002Fstrong> – Accepts one time payments and run transactions so that users join as members\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fultimateaffiliate.pro\u002F\" rel=\"nofollow ugc\">Ultimate Affiliate Pro\u003C\u002Fa>\u003C\u002Fstrong> – The Powerful turn-key Premium WordPress Affiliate Plugin for Ultimate Membership Pro and WooCommerce\u003C\u002Fp>\n\u003Ch3>👍 Like Extended Shortcodes?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Come to our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002FUltimateMembershipPro\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Or rate Extended Shortcodes for Ultimate Membership Pro on WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>✔️ COVERED BY A TRUSTED TEAM\u003C\u002Fh3>\n\u003Cp>Extended Shortcodes for Ultimate Membership Pro is developed by \u003Ca href=\"https:\u002F\u002Fwpindeed.com\u002F\" rel=\"nofollow ugc\">WPIndeed Development\u003C\u002Fa>, a dedicated WordPress product company with over 100k happy customers.\u003C\u002Fp>\n","Extend Ultimate Membership Pro functionality with a list of shortcodes which can be used by admin in order to manage content restriction.",50,1911,"2024-04-24T10:58:00.000Z","6.5.8","5.1.1","7.4",[140,141,21,142,23],"accessibility","extend","registration","https:\u002F\u002Fstore.wpindeed.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fextended-shortcodes-for-ultimate-membership-pro.1.6.zip",{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":155,"num_ratings":82,"last_updated":156,"tested_up_to":157,"requires_at_least":158,"requires_php":18,"tags":159,"homepage":163,"download_link":164,"security_score":124,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"domainlabs-whois","DomainLabs Whois","1.0.3","Bahri CANLI","https:\u002F\u002Fprofiles.wordpress.org\u002Fbmericc\u002F","\u003Cp>DomainLabs whois plugin; domain and Ip address whois lookup allows you on with WordPress\u003C\u002Fp>\n","DomainLabs Domain Whois Plugin for Wordpress",30,8649,40,"2015-01-08T11:25:00.000Z","4.1.42","3.0",[20,160,24,161,162],"search","whois-search","wp-whois","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fdomainlabs-whois\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdomainlabs-whois.1.0.3.zip",{"attackSurface":166,"codeSignals":203,"taintFlows":216,"riskAssessment":217,"analyzedAt":229},{"hooks":167,"ajaxHandlers":188,"restRoutes":195,"shortcodes":196,"cronEvents":201,"entryPointCount":202,"unprotectedCount":29},[168,174,178,180,184],{"type":169,"name":170,"callback":171,"file":172,"line":173},"action","admin_menu","pwhois_create_menu","powies-whois.php",20,{"type":169,"name":175,"callback":176,"file":172,"line":177},"admin_init","pwhois_register_settings",21,{"type":169,"name":170,"callback":171,"file":172,"line":179},38,{"type":169,"name":181,"callback":182,"file":172,"line":183},"init","pwhoisnonce_create",98,{"type":169,"name":185,"callback":186,"file":172,"line":187},"wp_enqueue_scripts","whois_scripts",121,[189,193],{"action":190,"nopriv":51,"callback":190,"hasNonce":191,"hasCapCheck":51,"file":172,"line":192},"pwhois_post",true,126,{"action":190,"nopriv":191,"callback":190,"hasNonce":191,"hasCapCheck":51,"file":172,"line":194},127,[],[197],{"tag":198,"callback":199,"file":172,"line":200},"pwhois","pwhois_show",24,[],3,{"dangerousFunctions":204,"sqlUsage":205,"outputEscaping":207,"fileOperations":29,"externalRequests":29,"nonceChecks":28,"capabilityChecks":29,"bundledLibraries":215},[],{"prepared":29,"raw":29,"locations":206},[],{"escaped":208,"rawEcho":82,"locations":209},14,[210,213],{"file":172,"line":211,"context":212},172,"raw output",{"file":172,"line":214,"context":212},218,[],[],{"summary":218,"deductions":219},"The 'powies-whois' plugin version 0.9.34 demonstrates several positive security practices, including a lack of dangerous functions, 100% use of prepared statements for SQL queries, and a relatively high percentage of properly escaped output. The absence of file operations and external HTTP requests further reduces its attack surface in those areas. Importantly, all identified entry points (AJAX handlers and shortcodes) appear to have some form of authentication or permission checks, and there are no detected taint flows indicating unsanitized paths.\n\nHowever, the plugin does present some areas for concern. While the static analysis shows no explicit capability checks, the presence of a nonce check on one entry point is a good sign, but the lack of explicit capability checks on all entry points could still leave it vulnerable if permissions are not handled robustly at the WordPress core level. The plugin has a history of one known medium severity Cross-Site Scripting (XSS) vulnerability, which was last patched in 2020. Although currently unpatched CVEs are zero, the past XSS vulnerability suggests that input sanitization and output escaping, despite the current 88% rate, may require ongoing vigilance.\n\nIn conclusion, 'powies-whois' v0.9.34 has a generally good security posture due to its adherence to secure coding practices like prepared statements and the apparent protection of its entry points. The limited attack surface and lack of critical vulnerabilities in static analysis are strengths. Nevertheless, the past XSS vulnerability and the absence of explicit capability checks on all entry points warrant careful consideration and suggest that thorough testing and continuous monitoring remain important for this plugin.",[220,223,226],{"reason":221,"points":222},"Past medium XSS vulnerability",8,{"reason":224,"points":225},"No capability checks on entry points",5,{"reason":227,"points":228},"Some output not properly escaped",4,"2026-03-16T19:34:08.670Z",{"wat":231,"direct":237},{"assetPaths":232,"generatorPatterns":234,"scriptPaths":235,"versionParams":236},[233],"\u002Fwp-content\u002Fplugins\u002Fpowies-whois\u002Fpwhois.js",[],[233],[],{"cssClasses":238,"htmlComments":239,"htmlAttributes":243,"restEndpoints":244,"jsGlobals":245,"shortcodeOutput":247},[],[240,241,242],"\u003C!-- pWHOIS Plugin Output by www.powie.de -->","\u003C!-- \u002FpWHOIS Plugin Output -->","\u003C!-- pwhois settings -->",[],[],[246],"pWhoisAjax",[248,249,250,251,252,253],"\u003Cform method=\"post\" id=\"whois\" action=\"\">","\u003Cinput type=\"hidden\" name=\"action\" value=\"pwhois_post\" \u002F>","\u003Clegend>","\u003Cinput type=\"text\" size=\"30\" name=\"domain\" id=\"domain\" \u002F>","\u003Cselect id=\"tld\" name=\"tld\">","\u003Cinput type=\"submit\" id=\"whoissubmit\" name=\"whoissubmit\" value=\"",{"error":191,"url":255,"statusCode":256,"statusMessage":257,"message":257},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpowies-whois\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":259,"versions":260},23,[261,266,273,279,287,295,303,311,319,327,335,343,351,359,367,375,383,391,399,407,415,423,431],{"version":6,"download_url":26,"svn_tag_url":262,"released_at":39,"has_diff":51,"diff_files_changed":263,"diff_lines":39,"trac_diff_url":264,"vulnerabilities":265,"is_current":191},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.34\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.33&new_path=%2Fpowies-whois%2Ftags%2F0.9.34",[],{"version":267,"download_url":268,"svn_tag_url":269,"released_at":39,"has_diff":51,"diff_files_changed":270,"diff_lines":39,"trac_diff_url":271,"vulnerabilities":272,"is_current":51},"0.9.33","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.33.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.33\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.32&new_path=%2Fpowies-whois%2Ftags%2F0.9.33",[],{"version":41,"download_url":274,"svn_tag_url":275,"released_at":39,"has_diff":51,"diff_files_changed":276,"diff_lines":39,"trac_diff_url":277,"vulnerabilities":278,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.32.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.32\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.31&new_path=%2Fpowies-whois%2Ftags%2F0.9.32",[],{"version":280,"download_url":281,"svn_tag_url":282,"released_at":39,"has_diff":51,"diff_files_changed":283,"diff_lines":39,"trac_diff_url":284,"vulnerabilities":285,"is_current":51},"0.9.31","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.31.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.31\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.30&new_path=%2Fpowies-whois%2Ftags%2F0.9.31",[286],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":288,"download_url":289,"svn_tag_url":290,"released_at":39,"has_diff":51,"diff_files_changed":291,"diff_lines":39,"trac_diff_url":292,"vulnerabilities":293,"is_current":51},"0.9.30","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.30.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.30\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.26&new_path=%2Fpowies-whois%2Ftags%2F0.9.30",[294],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":296,"download_url":297,"svn_tag_url":298,"released_at":39,"has_diff":51,"diff_files_changed":299,"diff_lines":39,"trac_diff_url":300,"vulnerabilities":301,"is_current":51},"0.9.26","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.26.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.26\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.25&new_path=%2Fpowies-whois%2Ftags%2F0.9.26",[302],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":304,"download_url":305,"svn_tag_url":306,"released_at":39,"has_diff":51,"diff_files_changed":307,"diff_lines":39,"trac_diff_url":308,"vulnerabilities":309,"is_current":51},"0.9.25","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.25.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.25\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.24&new_path=%2Fpowies-whois%2Ftags%2F0.9.25",[310],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":312,"download_url":313,"svn_tag_url":314,"released_at":39,"has_diff":51,"diff_files_changed":315,"diff_lines":39,"trac_diff_url":316,"vulnerabilities":317,"is_current":51},"0.9.24","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.24.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.24\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.23&new_path=%2Fpowies-whois%2Ftags%2F0.9.24",[318],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":320,"download_url":321,"svn_tag_url":322,"released_at":39,"has_diff":51,"diff_files_changed":323,"diff_lines":39,"trac_diff_url":324,"vulnerabilities":325,"is_current":51},"0.9.23","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.23.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.23\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.22&new_path=%2Fpowies-whois%2Ftags%2F0.9.23",[326],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":328,"download_url":329,"svn_tag_url":330,"released_at":39,"has_diff":51,"diff_files_changed":331,"diff_lines":39,"trac_diff_url":332,"vulnerabilities":333,"is_current":51},"0.9.22","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.22.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.22\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.21&new_path=%2Fpowies-whois%2Ftags%2F0.9.22",[334],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":336,"download_url":337,"svn_tag_url":338,"released_at":39,"has_diff":51,"diff_files_changed":339,"diff_lines":39,"trac_diff_url":340,"vulnerabilities":341,"is_current":51},"0.9.21","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.21.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.21\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.20&new_path=%2Fpowies-whois%2Ftags%2F0.9.21",[342],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":344,"download_url":345,"svn_tag_url":346,"released_at":39,"has_diff":51,"diff_files_changed":347,"diff_lines":39,"trac_diff_url":348,"vulnerabilities":349,"is_current":51},"0.9.20","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.20.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.20\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.19&new_path=%2Fpowies-whois%2Ftags%2F0.9.20",[350],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":352,"download_url":353,"svn_tag_url":354,"released_at":39,"has_diff":51,"diff_files_changed":355,"diff_lines":39,"trac_diff_url":356,"vulnerabilities":357,"is_current":51},"0.9.19","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.19.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.19\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.18&new_path=%2Fpowies-whois%2Ftags%2F0.9.19",[358],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":360,"download_url":361,"svn_tag_url":362,"released_at":39,"has_diff":51,"diff_files_changed":363,"diff_lines":39,"trac_diff_url":364,"vulnerabilities":365,"is_current":51},"0.9.18","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.18.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.18\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.17&new_path=%2Fpowies-whois%2Ftags%2F0.9.18",[366],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":368,"download_url":369,"svn_tag_url":370,"released_at":39,"has_diff":51,"diff_files_changed":371,"diff_lines":39,"trac_diff_url":372,"vulnerabilities":373,"is_current":51},"0.9.17","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.17.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.17\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.16&new_path=%2Fpowies-whois%2Ftags%2F0.9.17",[374],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":376,"download_url":377,"svn_tag_url":378,"released_at":39,"has_diff":51,"diff_files_changed":379,"diff_lines":39,"trac_diff_url":380,"vulnerabilities":381,"is_current":51},"0.9.16","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.16.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.16\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.15&new_path=%2Fpowies-whois%2Ftags%2F0.9.16",[382],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":384,"download_url":385,"svn_tag_url":386,"released_at":39,"has_diff":51,"diff_files_changed":387,"diff_lines":39,"trac_diff_url":388,"vulnerabilities":389,"is_current":51},"0.9.15","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.15.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.15\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.14&new_path=%2Fpowies-whois%2Ftags%2F0.9.15",[390],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":392,"download_url":393,"svn_tag_url":394,"released_at":39,"has_diff":51,"diff_files_changed":395,"diff_lines":39,"trac_diff_url":396,"vulnerabilities":397,"is_current":51},"0.9.14","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.14.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.14\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.13&new_path=%2Fpowies-whois%2Ftags%2F0.9.14",[398],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":400,"download_url":401,"svn_tag_url":402,"released_at":39,"has_diff":51,"diff_files_changed":403,"diff_lines":39,"trac_diff_url":404,"vulnerabilities":405,"is_current":51},"0.9.13","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.13.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.13\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.12&new_path=%2Fpowies-whois%2Ftags%2F0.9.13",[406],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":408,"download_url":409,"svn_tag_url":410,"released_at":39,"has_diff":51,"diff_files_changed":411,"diff_lines":39,"trac_diff_url":412,"vulnerabilities":413,"is_current":51},"0.9.12","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.12.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.12\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.11&new_path=%2Fpowies-whois%2Ftags%2F0.9.12",[414],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":416,"download_url":417,"svn_tag_url":418,"released_at":39,"has_diff":51,"diff_files_changed":419,"diff_lines":39,"trac_diff_url":420,"vulnerabilities":421,"is_current":51},"0.9.11","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.11.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.11\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.10&new_path=%2Fpowies-whois%2Ftags%2F0.9.11",[422],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":424,"download_url":425,"svn_tag_url":426,"released_at":39,"has_diff":51,"diff_files_changed":427,"diff_lines":39,"trac_diff_url":428,"vulnerabilities":429,"is_current":51},"0.9.10","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.10.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.10\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpowies-whois%2Ftags%2F0.9.9&new_path=%2Fpowies-whois%2Ftags%2F0.9.10",[430],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":432,"download_url":433,"svn_tag_url":434,"released_at":39,"has_diff":51,"diff_files_changed":435,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":436,"is_current":51},"0.9.9","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.9.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpowies-whois\u002Ftags\u002F0.9.9\u002F",[],[437],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41}]