[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxZhtZQdcLhzpMCnDnTisSW0hmcJ987Pn7UtD15JyiBE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":14,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":71,"crawl_stats":37,"alternatives":78,"analysis":162,"fingerprints":369},"pretty-url","Pretty Url","1.5.5","faaiq","https:\u002F\u002Fprofiles.wordpress.org\u002Ffaaiq\u002F","\u003Cp>Description: Pretty URLs is a powerful WordPress plugin that lets you create clean, SEO-optimized custom URLs for any content type — including Posts, Pages, Categories, and Custom Post Types. Features: * Define custom SEO-friendly URLs for Posts, Pages, Categories, and Custom Post Types * Add custom Meta Titles, Meta Descriptions, and Meta Keywords * Control search engine behavior with NOFOLLOW and NOINDEX tags * Enable or disable meta tags individually for full flexibility * Supports archive pages, single posts, and taxonomy terms Boost your site’s search engine visibility and gain complete control over how your content appears in search results — without needing to touch your theme or core files. Installation: 1. Upload the \u003Ccode>prettyurl\u003C\u002Fcode> plugin folder to your \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory 2. Activate the plugin via the Plugins menu in your WordPress admin 3. Navigate to “Pretty URLs” in the admin menu to create and manage custom URLs for categories and post type archive pages 4. For single posts, pages, and custom post types, a “Pretty URL” meta box will be available on the edit screen 5. For support or customizations, contact: [scriptut.com] contact page\u003C\u002Fp>\n\u003Ch3>Arbitrary section 1\u003C\u002Fh3>\n","Description: Pretty URLs is a powerful WordPress plugin that lets you create clean, SEO-optimized custom URLs for any content type — including Posts,  &hellip;",90,11273,100,1,"2025-06-18T19:30:00.000Z","6.8.5","3.4","",[20,21,22,23,24],"custom-category-url","custom-page-url","custom-post-type-pretty-url","custom-post-url","seo-friendly-url","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpretty-urls","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpretty-url.zip",77,3,"2025-01-07 00:00:00","2026-03-15T15:16:48.613Z",[32,47,58],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-22564","pretty-url-reflected-cross-site-scripting","Pretty Url \u003C= 1.5.4 - Reflected Cross-Site Scripting","The Pretty Url plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.5.4","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-02-26 15:04:07",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F90331fdc-6a44-4a35-941f-dd5717a7632b?source=api-prod",416,{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":52,"cvss_vector":53,"vuln_type":54,"published_date":29,"updated_date":55,"references":56,"days_to_patch":37},"CVE-2025-22563","pretty-url-cross-site-request-forgery","Pretty Url \u003C= 1.5.4 - Cross-Site Request Forgery","The Pretty Url plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.4. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-01-14 19:23:38",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe96588f8-5b74-43bd-801d-5f20a938337c?source=api-prod",{"id":59,"url_slug":60,"title":61,"description":62,"plugin_slug":4,"theme_slug":37,"affected_versions":63,"patched_in_version":6,"severity":39,"cvss_score":64,"cvss_vector":65,"vuln_type":42,"published_date":66,"updated_date":67,"references":68,"days_to_patch":70},"CVE-2023-2009","pretty-url-authenticated-admin-stored-cross-site-scripting","Pretty Url \u003C 1.5.5 - Authenticated (Admin+) Stored Cross-Site Scripting","The Pretty Url plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and excluding, 1.5.5  due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C1.5.5",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2023-04-18 00:00:00","2026-03-17 21:18:00",[69],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6f54fb59-03c1-45e9-a498-1fa1409c4466?source=api-prod",1065,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":72,"total_installs":73,"avg_security_score":74,"avg_patch_time_days":75,"trust_score":76,"computed_at":77},6,630,89,498,71,"2026-04-04T14:13:11.358Z",[79,104,123,142],{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":16,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":100,"download_link":101,"security_score":13,"vuln_count":14,"unpatched_count":102,"last_vuln_date":103,"fetched_at":30},"make-paths-relative","Make Paths Relative","2.1.0","Sami Ahmed Siddiqui","https:\u002F\u002Fprofiles.wordpress.org\u002Fsasiddiqui\u002F","\u003Cp>This powerful plugin simplifies website maintenance by automatically converting absolute paths (URLs) for resources like links, scripts, stylesheets, and images to relative paths. This ensures your website functions flawlessly regardless of its location on a server or domain.\u003C\u002Fp>\n\u003Ch3>Enhanced Efficiency and Flexibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Seamless Relocation:\u003C\u002Fstrong> Move your website with confidence, knowing all paths will adjust accordingly, preventing broken links and preserving a seamless user – experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Centralized Control:\u003C\u002Fstrong> Update paths once in a central location, eliminating the need for tedious, site-wide modifications.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Potential Performance Boost:\u003C\u002Fstrong> Relative paths can, in some cases, improve website loading times.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Whitelist Your Domains (Optional)\u003C\u002Fh3>\n\u003Cp>For extra control, you can specify a list of domains that will always be converted to relative paths. This ensures internal links are always optimized while allowing external resources to function properly.\u003C\u002Fp>\n\u003Ch3>Embrace a Streamlined Approach\u003C\u002Fh3>\n\u003Cp>This plugin empowers you to focus on creating exceptional content while eliminating the burden of managing absolute paths. Take control, optimize your workflow, and ensure your website’s continued success!\u003C\u002Fp>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cp>If you want to make plugin works and all the paths relative without going to check\u002Fvisit Settings Page so, just add this line in your theme’s \u003Ccode>functions.php\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'make_paths_relative_activate_all', '__return_true' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>: Make sure to check the settings Page.\u003C\u002Fp>\n\u003Ch3>Bug reports\u003C\u002Fh3>\n\u003Cp>Bug reports for \u003Cstrong>Make Paths Relative\u003C\u002Fstrong> are \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fyasglobal\u002Fmake-paths-relative\u002Fissues\u002F\" rel=\"nofollow ugc\">welcomed on GitHub\u003C\u002Fa>. Please note GitHub is not a support forum, and issues that aren’t properly qualified as bugs will be closed.\u003C\u002Fp>\n","Convert Absolute URLs to be relative in your fingertip.",2000,71499,82,15,"2025-07-22T14:32:00.000Z","2.6","5.6",[95,96,97,98,99],"migration","relative-links","relative-paths","remove-domain","seo-friendly-urls","https:\u002F\u002Fwww.yasglobal.com\u002Fweb-design-development\u002Fwordpress\u002Fmake-paths-relative\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmake-paths-relative.2.1.0.zip",0,"2023-08-14 00:00:00",{"slug":105,"name":106,"version":92,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":13,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":18,"requires_php":18,"tags":116,"homepage":18,"download_link":121,"security_score":122,"vuln_count":102,"unpatched_count":102,"last_vuln_date":37,"fetched_at":30},"simple-seo-criteria-check","Simple SEO Criteria Check","Janine","https:\u002F\u002Fprofiles.wordpress.org\u002Fblapps\u002F","\u003Cp>The Plugin Simple SEO Criteria Check fosters to get a better ranking in Google.\u003Cbr \u002F>\nThis will by supported by\u003C\u002Fp>\n\u003Cul>\n\u003Cli>lists all your post’s permalinks and its URL lenght\u003C\u002Fli>\n\u003Cli>list all your post’s images, alt tags, filename and further meta data\u003C\u002Fli>\n\u003Cli>lists all internal and external links within a post\u003C\u002Fli>\n\u003Cli>progress bar shows your SEO health accordingly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Available in English and German\u003C\u002Fp>\n\u003Cp>This checklist helps you which deciding which post links, post image data must be adjusted to have a more SEO friedly website.\u003Cbr \u002F>\nMake Google happy! 😉\u003C\u002Fp>\n\u003Cp>The plugin is written by Janine of \u003Ca href=\"https:\u002F\u002Fblapps.eu\u002F\" title=\"\" rel=\"nofollow ugc\">Blapps.eu\u003C\u002Fa>.\u003C\u002Fp>\n","The plugin 'Simple SEO Criteria Checklist\" evaluates your post URLs, internal and external post links and image meta data.",60,2088,2,"2023-09-03T14:10:00.000Z","6.3.8",[117,118,99,119,120],"image-meta-data","seo-checklist","seo-health-check","seo-images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-seo-criteria-check.2.6.zip",85,{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":102,"num_ratings":102,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":18,"tags":136,"homepage":140,"download_link":141,"security_score":122,"vuln_count":102,"unpatched_count":102,"last_vuln_date":37,"fetched_at":30},"wp-url-extension","WP URL Extension","0.2","EviLex","https:\u002F\u002Fprofiles.wordpress.org\u002Fevilex\u002F","\u003Cp>Adds .html, .php, .whatever extension to url of all pages, post, tags, custom post.\u003C\u002Fp>\n\u003Cp>This Plugin related with rewrite rules so if anything problem seems in loading page with .html, refresh the permalink once\u003Cbr \u002F>\nGo to Settings->Permalink and update it.\u003C\u002Fp>\n","Adds .html, .php, .whatever to pages, post, custom post type with rewrite rule",10,1243,"2019-06-11T13:16:00.000Z","5.1.22","3.3",[23,137,138,139],"extension-in-url","html","post","https:\u002F\u002Fru.wordpress.org\u002Fplugins\u002Fwp-url-extension\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-url-extension.zip",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":102,"downloaded":150,"rating":102,"num_ratings":102,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":154,"tags":155,"homepage":160,"download_link":161,"security_score":13,"vuln_count":102,"unpatched_count":102,"last_vuln_date":37,"fetched_at":30},"nested-blog-posts","Nested Blog Posts","1.0.0","Yaver Abbas","https:\u002F\u002Fprofiles.wordpress.org\u002Fwwhry\u002F","\u003Cp>Nested Blog Posts makes the built-in \u003Cstrong>Posts\u003C\u002Fstrong> post type behave more like \u003Cstrong>Pages\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds a \u003Cstrong>Parent\u003C\u002Fstrong> dropdown to Posts.\u003C\u002Fli>\n\u003Cli>Generates hierarchical permalinks like \u003Ccode>\u002Fparent\u002Fchild\u002F\u003C\u002Fcode> (supports unlimited depth).\u003C\u002Fli>\n\u003Cli>Routes nested URLs correctly so you don’t get 404s or forced redirects to \u003Ccode>\u002Fchild\u002F\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin does not contact external servers and does not collect user data.\u003C\u002Fp>\n\u003Ch3>How to use\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Enable the plugin\u003C\u002Fstrong> (Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Nested Blog Posts \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Enabled).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Create a Parent blog post\u003C\u002Fstrong> (a normal Post).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Create a Child blog post\u003C\u002Fstrong> and set its \u003Cstrong>Parent\u003C\u002Fstrong> in the editor sidebar (Post \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Parent).\u003C\u002Fli>\n\u003Cli>To create a deeper tree, set the new post’s \u003Cstrong>Parent\u003C\u002Fstrong> to the previous child.\u003Cbr \u002F>\nExample: \u003Ccode>\u002Fparent\u002Fchild\u002Fgrandchild\u002F\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>If you disable the feature later, the plugin automatically refreshes rewrite rules and WordPress will fall back to normal post behavior.\u003C\u002Fli>\n\u003C\u002Fol>\n","Enable parent\u002Fchild hierarchy for standard Posts and generate nested permalinks like \u002Fparent\u002Fchild\u002F (unlimited depth).",164,"2026-02-17T21:10:00.000Z","6.9.4","6.3","7.4",[156,157,158,159,99],"hierarchical-posts","nested-permalinks","nested-posts","parent-child-posts","https:\u002F\u002Fgithub.com\u002Fyaverabbas\u002Fnested-blog-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnested-blog-posts.1.0.0.zip",{"attackSurface":163,"codeSignals":215,"taintFlows":280,"riskAssessment":349,"analyzedAt":368},{"hooks":164,"ajaxHandlers":211,"restRoutes":212,"shortcodes":213,"cronEvents":214,"entryPointCount":102,"unprotectedCount":102},[165,171,175,179,184,188,192,195,199,203,207],{"type":166,"name":167,"callback":168,"file":169,"line":170},"action","admin_menu","prettyurl_menu","wp-prettyyurls.php",28,{"type":166,"name":172,"callback":173,"file":169,"line":174},"add_meta_boxes","myplugin_add_custom_box",29,{"type":166,"name":176,"callback":177,"file":169,"line":178},"save_post","prettyurl_save_postdata",30,{"type":180,"name":181,"callback":182,"priority":131,"file":169,"line":183},"filter","term_link","prettyurl_category_link",33,{"type":180,"name":185,"callback":186,"priority":131,"file":169,"line":187},"page_link","prettyurl_page_link",34,{"type":180,"name":189,"callback":190,"priority":131,"file":169,"line":191},"post_link","prettyurl_post_link",35,{"type":180,"name":193,"callback":193,"priority":14,"file":169,"line":194},"post_type_link",36,{"type":180,"name":196,"callback":197,"file":169,"line":198},"redirect_canonical","bwp_cancel_redirect_canonical",37,{"type":180,"name":200,"callback":201,"file":169,"line":202},"rewrite_rules_array","bwp_insertrules",38,{"type":180,"name":204,"callback":205,"priority":14,"file":169,"line":206},"wp_title","meta_title",39,{"type":166,"name":208,"callback":209,"file":169,"line":210},"wp_head","meta_head",40,[],[],[],[],{"dangerousFunctions":216,"sqlUsage":217,"outputEscaping":242,"fileOperations":102,"externalRequests":102,"nonceChecks":113,"capabilityChecks":28,"bundledLibraries":279},[],{"prepared":218,"raw":131,"locations":219},32,[220,223,225,226,228,230,233,236,238,240],{"file":169,"line":221,"context":222},50,"$wpdb->get_row() with variable interpolation",{"file":169,"line":224,"context":222},55,{"file":169,"line":111,"context":222},{"file":169,"line":227,"context":222},67,{"file":169,"line":229,"context":222},69,{"file":169,"line":231,"context":232},241,"$wpdb->query() with variable interpolation",{"file":169,"line":234,"context":235},391,"$wpdb->get_results() with variable interpolation",{"file":169,"line":237,"context":235},413,{"file":169,"line":239,"context":235},458,{"file":169,"line":241,"context":222},521,{"escaped":243,"rawEcho":244,"locations":245},31,16,[246,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277],{"file":169,"line":247,"context":248},75,"raw output",{"file":169,"line":250,"context":248},78,{"file":169,"line":252,"context":248},372,{"file":169,"line":254,"context":248},377,{"file":169,"line":256,"context":248},378,{"file":169,"line":258,"context":248},406,{"file":169,"line":260,"context":248},430,{"file":169,"line":262,"context":248},563,{"file":169,"line":264,"context":248},564,{"file":169,"line":266,"context":248},565,{"file":169,"line":268,"context":248},569,{"file":169,"line":270,"context":248},574,{"file":169,"line":272,"context":248},579,{"file":169,"line":274,"context":248},584,{"file":169,"line":276,"context":248},589,{"file":169,"line":278,"context":248},594,[],[281,305],{"entryPoint":282,"graph":283,"unsanitizedCount":14,"severity":304},"prettyurls_manage (wp-prettyyurls.php:262)",{"nodes":284,"edges":300},[285,290,294],{"id":286,"type":287,"label":288,"file":169,"line":289},"n0","source","$_REQUEST",281,{"id":291,"type":292,"label":293,"file":169,"line":289},"n1","transform","→ prettyurls_fetch_edit_data()",{"id":295,"type":296,"label":297,"file":169,"line":298,"wp_function":299},"n2","sink","get_row() [SQLi]",345,"get_row",[301,303],{"from":286,"to":291,"sanitized":302},false,{"from":291,"to":295,"sanitized":302},"high",{"entryPoint":306,"graph":307,"unsanitizedCount":14,"severity":304},"\u003Cwp-prettyyurls> (wp-prettyyurls.php:0)",{"nodes":308,"edges":341},[309,311,312,315,320,323,327,330,335,337,339],{"id":286,"type":287,"label":288,"file":169,"line":310},271,{"id":291,"type":296,"label":297,"file":169,"line":298,"wp_function":299},{"id":295,"type":287,"label":313,"file":169,"line":314},"$_POST",295,{"id":316,"type":296,"label":317,"file":169,"line":318,"wp_function":319},"n3","wp_redirect() [Open Redirect]",439,"wp_redirect",{"id":321,"type":287,"label":322,"file":169,"line":314},"n4","$_POST (x6)",{"id":324,"type":296,"label":325,"file":169,"line":264,"wp_function":326},"n5","echo() [XSS]","echo",{"id":328,"type":287,"label":322,"file":169,"line":329},"n6",632,{"id":331,"type":296,"label":332,"file":169,"line":333,"wp_function":334},"n7","get_var() [SQLi]",685,"get_var",{"id":336,"type":287,"label":288,"file":169,"line":289},"n8",{"id":338,"type":292,"label":293,"file":169,"line":289},"n9",{"id":340,"type":296,"label":297,"file":169,"line":298,"wp_function":299},"n10",[342,344,345,346,347,348],{"from":286,"to":291,"sanitized":343},true,{"from":295,"to":316,"sanitized":343},{"from":321,"to":324,"sanitized":343},{"from":328,"to":331,"sanitized":343},{"from":336,"to":338,"sanitized":302},{"from":338,"to":340,"sanitized":302},{"summary":350,"deductions":351},"The 'pretty-url' plugin exhibits a mixed security posture. While it has a commendable zero-attack surface for direct entry points like AJAX handlers and REST API routes, and a reasonable number of SQL queries utilize prepared statements, there are significant concerns. The taint analysis revealing two flows with unsanitized paths, classified as high severity, is a critical finding that indicates potential vulnerabilities in how user input is handled, which could lead to serious security issues if exploited. \n\nThe plugin's vulnerability history, with three known CVEs and two currently unpatched, is a major red flag. The fact that these past vulnerabilities include Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) suggests a recurring pattern of input validation and state management weaknesses. The most recent vulnerability being in 2025 further indicates that these issues may be persistent and not adequately addressed.\n\nIn conclusion, despite a strong showing in minimizing direct attack vectors and a good percentage of prepared SQL statements, the presence of high-severity unsanitized taint flows and a history of unpatched CSRF and XSS vulnerabilities present a substantial risk. Users should exercise extreme caution and prioritize patching any known vulnerabilities. The plugin has strengths in code hygiene for certain areas, but the identified taint flows and historical issues require immediate attention.",[352,355,357,359,361,364,366],{"reason":353,"points":354},"Unpatched CVEs",20,{"reason":356,"points":90},"High severity unsanitized taint flows",{"reason":358,"points":131},"Medium severity unpatched CVEs",{"reason":360,"points":72},"SQL queries not using prepared statements",{"reason":362,"points":363},"Outputs not properly escaped",5,{"reason":365,"points":363},"Missing nonce checks",{"reason":367,"points":28},"Missing capability checks","2026-03-16T21:23:02.859Z",{"wat":370,"direct":375},{"assetPaths":371,"generatorPatterns":372,"scriptPaths":373,"versionParams":374},[],[],[],[],{"cssClasses":376,"htmlComments":377,"htmlAttributes":378,"restEndpoints":379,"jsGlobals":380,"shortcodeOutput":381},[],[],[],[],[],[]]