[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVz6uaThBR6rsKqjD3DLyUzv7rw3EpVhL7LVfnKw5ggo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":34,"analysis":96,"fingerprints":261},"product-feature-request","Product Feature Request","1.2.3","ThemeHigh","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemehigh\u002F","\u003Cp>Many a time, it’s difficult to incorporate all of the features in a WooCommerce Product. Chances are that the missed out feature could be a significant one that would bring in more conversion rates for your online store! Product Feature Request – the WordPress idea management plugin is a perfect solution for all your product feedbacking concerns.\u003C\u002Fp>\n\u003Cp>With this brand new feature request plugin, you can easily collect ideas and suggestions from your customers so as to include new impressive features or improvements for the WooCommerce products.\u003C\u002Fp>\n","Product Feature Request plugin allows you to easily create and manage feature requests in your WordPress products.",50,2730,0,"2024-08-12T07:42:00.000Z","6.6.5","5.2","",[19,20],"feature-requests","idea-collector","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproduct-feature-request.1.2.3.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"themehigh",16,579170,97,245,77,"2026-04-03T17:57:05.892Z",[35,61,82],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":13,"last_vuln_date":60,"fetched_at":24},"ideapush","IdeaPush","8.73","Northern Beaches Websites","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorthernbeacheswebsites\u002F","\u003Cp>With IdeaPush you can add an awesome feature\u002Fidea request system to WordPress. Use IdeaPush to generate new ideas or get feedback from actual users and customers or use it as a support triage system or use it for something else!\u003C\u002Fp>\n\u003Cp>Watch the plugin walkthrough:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FyFaGNbYUiIw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Check out the \u003Ca href=\"https:\u002F\u002Fnorthernbeacheswebsites.com.au\u002Fideapush-feature-requests\u002F\" rel=\"nofollow ugc\">demo page here\u003C\u002Fa> and submit an idea for the plugin.\u003C\u002Fp>\n\u003Ch4>Rich and extensive notifications\u003C\u002Fh4>\n\u003Cp>Easily activate automatic notifications for the administrator, idea authors or voters for a range of actions. Use our simple but powerful shortcode generator to make your email subject and content dynamic, relevant and personalised.\u003C\u002Fp>\n\u003Ch4>Intelligent voting\u003C\u002Fh4>\n\u003Cp>Enable users or guests to vote on ideas with an up vote only or an up and down vote so poor ideas can be buried and good ideas can rise. Place a daily maximum voting limit on voting to prevent misuse. Set a vote threshold for your board so ideas automatically change status when the vote goal is reached.\u003C\u002Fp>\n\u003Ch4>Fast idea creation\u003C\u002Fh4>\n\u003Cp>With an accessible form users or guests can create new ideas and assign ideas tags and an attachment. Like votes, new ideas can have a daily limit so things don’t get out of control. Eliminate bot ideas with built-in honeypot and math problem protection. When new ideas are submitted, ideas can either be automatically published or get assigned a pending status for administrator approval. Upgrade to pro to show suggested ideas to users whilst they write a new idea to prevent duplication.\u003C\u002Fp>\n\u003Ch4>Easy to use and fast setup\u003C\u002Fh4>\n\u003Cp>The admin interface is well organised and provides extensive options for customising the plugin. Create a new board in seconds and add the board shortcode provided to any post or page.\u003C\u002Fp>\n\u003Ch4>Statuses to keep things organised\u003C\u002Fh4>\n\u003Cp>Statuses keep your ideas organised and logical within a typical development workflow. Ideas when created are set to open and are set to reviewed when the vote goal has been reached and can then be changed to approved or declined and then to in progress and completed. Ideas can be edited in the backend like any other WordPress post. Optionally, tags can be used as a secondary categorisation method to better manage ideas.\u003C\u002Fp>\n\u003Ch4>Beautiful, dynamic and intuitive user interface\u003C\u002Fh4>\n\u003Cp>Great attention to detail has been made to bring the frontend design to a professional level. IdeaPush is a dynamic Ajax powered interface so ideas move up and down as a vote gets cast. When ideas are sorted to show ideas by the most popular, recent, trending, your own ideas or ideas you have voted on, new ideas are fetched. Ideas can also be filtered by status or tags to create specific lookups of ideas.\u003C\u002Fp>\n\u003Cp>Or better yet, use our super powerful live search filter to search idea titles, content, authors and tags with search phrase highlighting.\u003C\u002Fp>\n\u003Cp>Each idea has its own page for sharing and SEO purposes and for administrators there are quick action buttons on the single idea page to bring idea triage to the frontend. Upgrade to pro to remove the single idea page.\u003C\u002Fp>\n\u003Ch4>Other things\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The plugin tightly integrates with existing WordPress functions\u003C\u002Fli>\n\u003Cli>Translate certain things in the plugin settings and translate the rest using Poedit – German has already been done!\u003C\u002Fli>\n\u003Cli>Extension board and global options\u003C\u002Fli>\n\u003Cli>Enable or disable comments for ideas\u003C\u002Fli>\n\u003Cli>An array of action hooks for other developers to sink their teeth into\u003C\u002Fli>\n\u003Cli>You can choose to make a board available only to a certain user role or hide a board from WordPress search\u003C\u002Fli>\n\u003Cli>It’s mobile responsive\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upgrade to pro\u003C\u002Fh4>\n\u003Cp>Upgrade to pro to unlock multiple boards and our powerful idea suggestion system to minimise duplicate ideas and so much more!\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FHD18EijWSHo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>All pro features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The ability to create multiple boards\u003C\u002Fli>\n\u003Cli>Idea and tag suggestion system when users are creating a new idea to minimise duplicate ideas and tags\u003C\u002Fli>\n\u003Cli>Shows related ideas on the single idea page\u003C\u002Fli>\n\u003Cli>A beautiful idea history timeline on the editing interface so you can see and track the status of and idea and how it has changed over time and the ability to add an internal note to an idea\u003C\u002Fli>\n\u003Cli>The ability to send an email to voters or the author of an idea with a custom and dynamic text\u003C\u002Fli>\n\u003Cli>Track the activity of your ideas and votes over time and by user via the reports menu item\u003C\u002Fli>\n\u003Cli>The ability to disable the single ideas page\u003C\u002Fli>\n\u003Cli>An awesome integration with Zendesk\u003C\u002Fli>\n\u003Cli>A simple but powerful integration with MailChimp\u003C\u002Fli>\n\u003Cli>Ability to create challenges\u003C\u002Fli>\n\u003Cli>Custom fields and multiple form settings including video field\u003C\u002Fli>\n\u003Cli>User idea editing and deleting\u003C\u002Fli>\n\u003Cli>Leaderboards\u003C\u002Fli>\n\u003Cli>An awesome integration with Jira\u003C\u002Fli>\n\u003Cli>Merge duplicate ideas\u003C\u002Fli>\n\u003Cli>Have multiple users on the same IP address\u003C\u002Fli>\n\u003Cli>Show images inline on the all ideas page\u003C\u002Fli>\n\u003Cli>Widgets! Including a widget to show the leaderboard, a widget to display tags and a widget to display the idea form for a particular board\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pro customers will also enjoy priority support and theming assistance so IdeaPush looks just right.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fnorthernbeacheswebsites.com.au\u002Fideapush-pro\u002F\" rel=\"nofollow ugc\">Learn more about IdeaPush Pro here\u003C\u002Fa>\u003C\u002Fp>\n","IdeaPush is a feature request management system for WordPress",800,37814,90,31,"2024-12-01T22:00:00.000Z","6.7.5","4.0","5.2.4",[52,53,20,54,55],"feature-request","idea","idea-board","push","https:\u002F\u002Fwww.northernbeacheswebsites.com.au","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fideapush.8.73.zip",88,8,"2024-12-27 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":13,"downloaded":22,"rating":69,"num_ratings":70,"last_updated":17,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":79,"download_link":80,"security_score":69,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":81},"feedhub-feedback-widget","FeedHub – Feedback Widget","1.0.2","cyrgim","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyrgim\u002F","\u003Cp>FeedHub is a feedback collection tool that helps you gather feature requests, bug reports, and general feedback from your users. This plugin makes it easy to add the FeedHub widget to your WordPress site without writing any code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Popup Widget\u003C\u002Fstrong> – A floating feedback button that opens a modal form\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Inline Widget\u003C\u002Fstrong> – Embed the feedback form anywhere using a shortcode\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Colors\u003C\u002Fstrong> – Match your brand with custom primary, text, and background colors\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Labels\u003C\u002Fstrong> – Personalize all form labels and messages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress User Integration\u003C\u002Fstrong> – Automatically fill in logged-in user’s name and email\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Support\u003C\u002Fstrong> – Place inline widgets anywhere with \u003Ccode>[feedhub]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Position Control\u003C\u002Fstrong> – Choose where the popup button appears (corners)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How It Works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Sign up for a free account at \u003Ca href=\"https:\u002F\u002Ffeedhub.app\" rel=\"nofollow ugc\">feedhub.app\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Create your feedback board\u003C\u002Fli>\n\u003Cli>Get your App Slug and Widget Key from the dashboard\u003C\u002Fli>\n\u003Cli>Install and configure this plugin\u003C\u002Fli>\n\u003Cli>Start collecting feedback!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Requirements:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A FeedHub account (free tier available)\u003C\u002Fli>\n\u003Cli>Your App Slug and Widget Key from the FeedHub dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to FeedHub (https:\u002F\u002Ffeedhub.app), a feedback collection service that enables website visitors to submit feature requests, bug reports, and general feedback.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The widget script is loaded from https:\u002F\u002Ffeedhub.app\u002Fwidget.js on every page where the widget is displayed\u003C\u002Fli>\n\u003Cli>When a user submits feedback, the following data is sent to FeedHub: feedback text, category (feature request\u002Fbug report\u002Fother), and optionally the user’s name and email address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Service provider:\u003C\u002Fstrong> FeedHub (https:\u002F\u002Ffeedhub.app)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffeedhub.app\u002Fterms\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffeedhub.app\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily collect user feedback on your WordPress site with FeedHub's beautiful feedback widget.",100,1,"6.9.4","5.0","7.4",[75,76,19,77,78],"bug-reports","customer-feedback","feedback","widget","https:\u002F\u002Ffeedhub.app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeedhub-feedback-widget.1.0.2.zip","2026-03-15T10:48:56.248Z",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":13,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":90,"tested_up_to":71,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":17,"download_link":95,"security_score":69,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"riaco-feedback","RIACO Feedback","1.0.0","robertoiacono","https:\u002F\u002Fprofiles.wordpress.org\u002Fprototipo88\u002F","\u003Cp>RIACO Feedback is a WordPress plugin for collecting user feedback and feature suggestions.\u003C\u002Fp>\n\u003Cp>It supports:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Frontend feedback submission via a customizable form.\u003C\u002Fli>\n\u003Cli>Voting system with unique voter tracking.\u003C\u002Fli>\n\u003Cli>Categorization of feedback using custom taxonomies (Projects & Status).\u003C\u002Fli>\n\u003Cli>Admin moderation queue for approving feedback.\u003C\u002Fli>\n\u003Cli>Dashboard widgets to view pending feedback.\u003C\u002Fli>\n\u003Cli>Shortcodes to display feedback boards anywhere on your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Designed for developers and site admins who want to engage users and collect ideas directly on their WordPress site.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Ch4>Add the feedback form to a page\u002Fpost\u003C\u002Fh4>\n\u003Cp>Insert \u003Ccode>[riaco_feedback_features]\u003C\u002Fcode> anywhere in the content editor. The feedback form and submitted feedback list will appear there.\u003C\u002Fp>\n\u003Cp>From \u003Cstrong>Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Feedback \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Projects\u003C\u002Fstrong> it is possible to create multiple projects.\u003Cbr \u002F>\nTo bind a Feedback Form to a specific project, add project slug in the shortcode: \u003Ccode>[riaco_feedback_features project='project-slug']\u003C\u002Fcode> and \u003Ccode>[riaco_feedback_roadmap project='project-slug']\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Display the roadmap\u003C\u002Fh4>\n\u003Cp>Insert \u003Ccode>[riaco_feedback_roadmap]\u003C\u002Fcode> anywhere you want the roadmap to show.\u003C\u002Fp>\n\u003Ch4>Testing the plugin\u003C\u002Fh4>\n\u003Cp>Go to the page where you added the feedback form.\u003C\u002Fp>\n\u003Cp>Submit a test feedback entry.\u003C\u002Fp>\n\u003Cp>Feedback appears in the admin list. Go to your \u003Cstrong>WP dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Feedback \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Feedback\u003C\u002Fstrong> and approve it if you want to display in frontend list.\u003C\u002Fp>\n","RIACO Feedback allows users to submit feature requests or feedback, vote on existing suggestions, and manage them via the WordPress admin.","2025-12-28T15:50:00.000Z","6.2","8.0",[19,77,94],"votes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Friaco-feedback.1.0.0.zip",{"attackSurface":97,"codeSignals":170,"taintFlows":232,"riskAssessment":250,"analyzedAt":260},{"hooks":98,"ajaxHandlers":153,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":169,"unprotectedCount":169},[99,104,108,113,118,122,126,130,134,137,139,143,146,150],{"type":100,"name":101,"callback":101,"file":102,"line":103},"action","add_meta_boxes","includes\\class-thpfr.php",68,{"type":100,"name":105,"callback":106,"file":102,"line":107},"save_post","save_feature_request_status",69,{"type":109,"name":110,"callback":111,"file":102,"line":112},"filter","manage_posts_columns","add_custom_column",70,{"type":100,"name":114,"callback":115,"priority":116,"file":102,"line":117},"manage_posts_custom_column","add_custom_column_data",10,71,{"type":109,"name":119,"callback":120,"priority":116,"file":102,"line":121},"post_type_link","replace_permalink_with_product_url",72,{"type":100,"name":123,"callback":124,"file":102,"line":125},"before_delete_post","before_delete_product",73,{"type":100,"name":127,"callback":128,"priority":116,"file":102,"line":129},"post_updated","validate_custom_post_type_status",74,{"type":100,"name":131,"callback":132,"file":102,"line":133},"admin_enqueue_scripts","enqueue_styles_and_scripts",84,{"type":100,"name":135,"callback":135,"file":102,"line":136},"admin_menu",85,{"type":100,"name":138,"callback":132,"file":102,"line":69},"wp_enqueue_scripts",{"type":109,"name":140,"callback":141,"file":102,"line":142},"woocommerce_product_tabs","custom_product_tab",103,{"type":109,"name":140,"callback":144,"file":102,"line":145},"set_prioryty_wooco_custom_tab",106,{"type":100,"name":147,"callback":147,"file":148,"line":149},"init","product-feature-request.php",23,{"type":100,"name":151,"callback":151,"file":148,"line":152},"before_woocommerce_init",25,[154,158,161,164],{"action":155,"nopriv":156,"callback":155,"hasNonce":156,"hasCapCheck":156,"file":102,"line":157},"feature_request_action",false,101,{"action":155,"nopriv":159,"callback":155,"hasNonce":156,"hasCapCheck":156,"file":102,"line":160},true,102,{"action":162,"nopriv":156,"callback":162,"hasNonce":156,"hasCapCheck":156,"file":102,"line":163},"feature_voting_action",104,{"action":162,"nopriv":159,"callback":162,"hasNonce":156,"hasCapCheck":156,"file":102,"line":165},105,[],[],[],4,{"dangerousFunctions":171,"sqlUsage":172,"outputEscaping":174,"fileOperations":13,"externalRequests":13,"nonceChecks":230,"capabilityChecks":70,"bundledLibraries":231},[],{"prepared":13,"raw":13,"locations":173},[],{"escaped":175,"rawEcho":176,"locations":177},82,24,[178,182,184,186,189,191,194,196,199,201,203,205,207,208,210,212,214,216,218,220,222,224,226,228],{"file":179,"line":180,"context":181},"includes\\admin\\class-thpfr-admin-settings-frw.php",182,"raw output",{"file":179,"line":183,"context":181},184,{"file":179,"line":185,"context":181},186,{"file":187,"line":188,"context":181},"includes\\admin\\class-thpfr-admin-settings-general.php",120,{"file":187,"line":190,"context":181},121,{"file":192,"line":193,"context":181},"includes\\admin\\class-thpfr-admin-settings.php",164,{"file":192,"line":195,"context":181},173,{"file":197,"line":198,"context":181},"includes\\public\\class-thpfr-public.php",89,{"file":197,"line":200,"context":181},91,{"file":197,"line":202,"context":181},93,{"file":197,"line":204,"context":181},94,{"file":197,"line":206,"context":181},134,{"file":197,"line":180,"context":181},{"file":197,"line":209,"context":181},197,{"file":197,"line":211,"context":181},215,{"file":197,"line":213,"context":181},239,{"file":197,"line":215,"context":181},337,{"file":197,"line":217,"context":181},340,{"file":197,"line":219,"context":181},433,{"file":197,"line":221,"context":181},478,{"file":197,"line":223,"context":181},482,{"file":197,"line":225,"context":181},486,{"file":197,"line":227,"context":181},487,{"file":197,"line":229,"context":181},491,5,[],[233],{"entryPoint":234,"graph":235,"unsanitizedCount":70,"severity":249},"\u003Cclass-thpfr-admin-settings-frw> (includes\\admin\\class-thpfr-admin-settings-frw.php:0)",{"nodes":236,"edges":247},[237,242],{"id":238,"type":239,"label":240,"file":179,"line":241},"n0","source","$_POST",143,{"id":243,"type":244,"label":245,"file":179,"line":180,"wp_function":246},"n1","sink","echo() [XSS]","echo",[248],{"from":238,"to":243,"sanitized":156},"low",{"summary":251,"deductions":252},"The product-feature-request plugin v1.2.3 exhibits a concerning security posture due to a significant number of unprotected AJAX handlers. While the plugin demonstrates good practices in other areas, such as using prepared statements for all SQL queries and having no recorded vulnerabilities, the lack of authentication checks on its entry points presents a substantial risk.\n\nThe static analysis revealed 4 AJAX handlers, all of which are exposed without any authentication or capability checks. This means any unauthenticated user could potentially trigger these handlers, leading to unintended actions or data manipulation. Although taint analysis did not identify critical or high-severity unsanitized flows, the presence of one unsanitized path flow is a red flag, especially when coupled with unprotected AJAX actions.\n\nThe absence of any known CVEs or past vulnerabilities is a positive indicator, suggesting a history of responsible development or simply a lack of targeted attacks. However, this does not negate the immediate risks posed by the unprotected AJAX endpoints. The plugin's strengths lie in its secure database interactions and file operations. The primary weakness is the broad attack surface created by insecure AJAX handlers, which overshadows its otherwise decent security practices.",[253,255,257],{"reason":254,"points":116},"Unprotected AJAX handlers",{"reason":256,"points":230},"Unsanitized path flow",{"reason":258,"points":259},"Limited capability checks",3,"2026-03-16T22:03:26.566Z",{"wat":262,"direct":275},{"assetPaths":263,"generatorPatterns":268,"scriptPaths":269,"versionParams":270},[264,265,266,267],"\u002Fwp-content\u002Fplugins\u002Fproduct-feature-request\u002Fassets\u002Fpublic\u002Fcss\u002Fthpfr-public.css","\u002Fwp-content\u002Fplugins\u002Fproduct-feature-request\u002Fassets\u002Fpublic\u002Fjs\u002Fthpfr-public.js","\u002Fwp-content\u002Fplugins\u002Fproduct-feature-request\u002Fassets\u002Fadmin\u002Fcss\u002Fthpfr-admin.css","\u002Fwp-content\u002Fplugins\u002Fproduct-feature-request\u002Fassets\u002Fadmin\u002Fjs\u002Fthpfr-admin.js",[],[265,267],[271,272,273,274],"product-feature-request\u002Fassets\u002Fpublic\u002Fcss\u002Fthpfr-public.css?ver=","product-feature-request\u002Fassets\u002Fpublic\u002Fjs\u002Fthpfr-public.js?ver=","product-feature-request\u002Fassets\u002Fadmin\u002Fcss\u002Fthpfr-admin.css?ver=","product-feature-request\u002Fassets\u002Fadmin\u002Fjs\u002Fthpfr-admin.js?ver=",{"cssClasses":276,"htmlComments":278,"htmlAttributes":283,"restEndpoints":288,"jsGlobals":289,"shortcodeOutput":294},[277],"thpfr-admin-style",[279,280,281,282],"\u003C!-- Product Feature Request Settings -->","\u003C!-- Save feature request data -->","\u003C!-- Feature Request Custom Field Meta Box -->","\u003C!-- End Feature Request Custom Field Meta Box -->",[284,285,286,287],"data-product_id","data-request_id","data-target","data-request-id",[],[290,291,292,293],"THPFR_ASSETS_URL_PUBLIC","THPFR_ASSETS_URL_ADMIN","THPFR_VERSION","THPFR_AJAX_URL",[]]