[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxWaBe2npbmnUKaH1plya0MDKqoblyQu28po4TGRAD10":3,"$fLPc--hlDd73GaUCI8V508pW-Gjt37mFmLAwDv49UmOs":672,"$f1upATtB27zW9CpQwanzvFb0mUydiMxQ5RdSIULjyxH8":676},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":36,"analysis":116,"fingerprints":655},"pronosticos-apuestas-tap","Pronosticos Apuestas TAP","1.2.6","todoapuestas","https:\u002F\u002Fprofiles.wordpress.org\u002Ftodoapuestas\u002F","\u003Cp>Este plugin es para gestionar pronosticos de apuestas\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>Nothing for now\u003C\u002Fp>\n\u003Ch3>Updates\u003C\u002Fh3>\n\u003Cp>The basic structure of this plugin was cloned from the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftommcfarlin\u002FWordPress-Plugin-Boilerplate\" rel=\"nofollow ugc\">WordPress-Plugin-Boilerplate\u003C\u002Fa> project.\u003Cbr \u002F>\nThis plugin supports the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fafragen\u002Fgithub-updater\" rel=\"nofollow ugc\">GitHub Updater\u003C\u002Fa> plugin, so if you install that, this plugin becomes automatically updateable direct from GitHub. Any submission to WP.org repo will make this redundant.\u003C\u002Fp>\n","Permite gestionar pronosticos de apuestas",10,1624,0,"2016-01-05T15:56:00.000Z","4.4.34","3.5.1","",[19,20,21,22],"apuestas","picks","pronosticos","tipsters","http:\u002F\u002Fwww.todoapuestas.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronosticos-apuestas-tap.1.2.6.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},5,80,30,84,"2026-05-20T11:21:36.104Z",[37,57,71,94],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":54,"download_link":55,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":56},"epic-tap-widgets","Epic Tap Widgets","1.2.9","Alain Sanchez","https:\u002F\u002Fprofiles.wordpress.org\u002Fmrbrazzi\u002F","\u003Cp>This plugin is a widgets collection for TodoApuestas’s blog network\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>Nothing for now\u003C\u002Fp>\n\u003Ch3>Updates\u003C\u002Fh3>\n\u003Cp>The basic structure of this plugin was cloned from the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftommcfarlin\u002FWordPress-Plugin-Boilerplate\" rel=\"nofollow ugc\">WordPress-Plugin-Boilerplate\u003C\u002Fa> project.\u003Cbr \u002F>\nThis plugin supports the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fafragen\u002Fgithub-updater\" rel=\"nofollow ugc\">GitHub Updater\u003C\u002Fa> plugin, so if you install that, this plugin becomes automatically updateable direct from GitHub. Any submission to WP.org repo will make this redundant.\u003C\u002Fp>\n","Widgets collection for TodoApuestas's blog network",20,1875,"2022-12-11T20:35:00.000Z","5.5.18","5.0",[51,52,20,22,53],"bets","bonus","widget","https:\u002F\u002Fwww.wordpress.org\u002Fplugins\u002Fepic-tap-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fepic-tap-widgets.1.2.9.zip","2026-04-16T10:56:18.058Z",{"slug":58,"name":59,"version":60,"author":7,"author_profile":8,"description":61,"short_description":62,"active_installs":45,"downloaded":63,"rating":13,"num_ratings":13,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":17,"tags":67,"homepage":69,"download_link":70,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":56},"tipster-tap","Tipster TAP","4.2.2","\u003Cp>This plugin is to manage tipsters and picks.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>Must have installed \u003Ca href=\"https:\u002F\u002Fwww.wordpress.org\u002Fplugins\u002Frest-client-tap\" rel=\"nofollow ugc\">Rest Client TAP\u003C\u002Fa> plugin version 1.0 o later.\u003C\u002Fp>\n\u003Ch3>Updates\u003C\u002Fh3>\n\u003Cp>The basic structure of this plugin was cloned from the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftommcfarlin\u002FWordPress-Plugin-Boilerplate\" rel=\"nofollow ugc\">WordPress-Plugin-Boilerplate\u003C\u002Fa> project.\u003Cbr \u002F>\nThis plugin supports the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fafragen\u002Fgithub-updater\" rel=\"nofollow ugc\">GitHub Updater\u003C\u002Fa> plugin, so if you install that, this plugin becomes automatically updateable direct from GitHub. Any submission to WP.org repo will make this redundant.\u003C\u002Fp>\n","Manage tipsters and picks.",8749,"2021-11-25T22:44:00.000Z","5.8.13","5.5",[20,68],"tipster","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftipster-tap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftipster-tap.zip",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":11,"downloaded":79,"rating":13,"num_ratings":13,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":17,"tags":83,"homepage":89,"download_link":90,"security_score":91,"vuln_count":92,"unpatched_count":13,"last_vuln_date":93,"fetched_at":27},"comicbookmanagementsystemweeklypicks","Comic Book Management System","2.2.0","Inksplat Web Design & Development","https:\u002F\u002Fprofiles.wordpress.org\u002Finksplat\u002F","\u003Cp>Comic Book Management System Weekly Picks allows user to display seven comic book, picks of the week in an animated display. Designed for for use with blogs, reviews sites and stores.\u003C\u002Fp>\n\u003Cp>Major features in Comic Book Management System include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add your seven picks of the week for display on your website\u003C\u002Fli>\n\u003Cli>Your chosen books move in an animated display \u003C\u002Fli>\n\u003Cli>The display is responsive to and adjusts to fit in any space you place it\u003C\u002Fli>\n\u003C\u002Ful>\n","Comic Book Management System Weekly Picks allows users to display seven comic book, picks of the week in an animated display.",1406,"2023-04-15T16:25:00.000Z","6.2.9","4.0",[84,85,86,87,88],"comic-book-management-system-weekly-picks","comic-books","comics","ncbd","weekly-picks","https:\u002F\u002Fwww.inksplat.ie\u002Fcomic-book-management-system-weekly-picks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomicbookmanagementsystemweeklypicks.zip",83,1,"2022-11-14 00:00:00",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":13,"downloaded":102,"rating":13,"num_ratings":13,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":106,"tags":107,"homepage":113,"download_link":114,"security_score":115,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":56},"toppicks-block","TopPicks – Editorial Picks Card Section","1.0.0","Nilesh Shiragave","https:\u002F\u002Fprofiles.wordpress.org\u002Fsnilesh\u002F","\u003Cp>\u003Cstrong>TopPicks\u003C\u002Fstrong> is the first WordPress plugin built specifically for creating “Top Picks” \u002F “Our Recommendations” \u002F “Editor’s Choice” summary card sections at the top of listicle articles.\u003C\u002Fp>\n\u003Cp>Every major review site — Wirecutter, WPBeginner, TechRadar, PCMag, Tom’s Hardware — uses this exact UI pattern: 3-5 product\u002Fservice recommendation cards with badges, one-liners, and CTA buttons. Until now, WordPress bloggers had to build this manually in HTML, use clunky page builders, or skip it entirely.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>TopPicks makes it one Gutenberg block.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Free Features (12)\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Top Picks Gutenberg block\u003C\u002Fstrong> — drag-and-drop from the block inserter\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Up to 5 pick cards\u003C\u002Fstrong> per block\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Badge labels\u003C\u002Fstrong> — “Best Overall”, “Best Value”, “Editor’s Pick” + custom badges\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Product name + one-liner\u003C\u002Fstrong> per card\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CTA button with link\u003C\u002Fstrong> — “View Plans”, “Check Price”, custom text\u003C\u002Fli>\n\u003Cli>\u003Cstrong>3 layout templates\u003C\u002Fstrong> — Horizontal cards, Vertical grid, Compact list\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Basic color controls\u003C\u002Fstrong> — badges, cards, buttons, section background\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive design\u003C\u002Fstrong> — stacks beautifully on mobile\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Section heading\u003C\u002Fstrong> — “Our Top Picks”, “Editor’s Choice”, custom text\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Nofollow\u002Fsponsored link toggle\u003C\u002Fstrong> — rel=”sponsored” per Google guidelines\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Under 5KB footprint\u003C\u002Fstrong> — zero JavaScript on frontend, pure CSS\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with any theme\u003C\u002Fstrong> — 100% Gutenberg-native, no page builder dependency\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Who Is This For?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Affiliate marketers writing “Best X for 2026” articles\u003C\u002Fli>\n\u003Cli>Review bloggers and niche site owners\u003C\u002Fli>\n\u003Cli>WooCommerce shops needing “Staff Picks” sections\u003C\u002Fli>\n\u003Cli>Anyone publishing product roundups or recommendations\u003C\u002Fli>\n\u003C\u002Ful>\n","Create editorial \"Top Picks\" card sections for listicle articles. Zero JS, under 5KB, works with any theme.",110,"2026-04-13T17:38:00.000Z","6.9.4","6.4","8.0",[108,109,110,111,112],"affiliate","editorial","gutenberg-block","listicle","top-picks","https:\u002F\u002Freycraft.com\u002Fplugin\u002Ftoppicks-block\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftoppicks-block.1.0.0.zip",100,{"attackSurface":117,"codeSignals":346,"taintFlows":574,"riskAssessment":636,"analyzedAt":654},{"hooks":118,"ajaxHandlers":309,"restRoutes":340,"shortcodes":341,"cronEvents":342,"entryPointCount":345,"unprotectedCount":345},[119,125,127,131,135,139,143,147,151,156,160,164,168,173,178,182,186,191,195,198,201,204,206,209,213,217,220,224,227,229,234,236,239,243,245,248,250,255,257,259,260,262,266,270,273,275,279,283,286,290,294,296,298,300,303,307],{"type":120,"name":121,"callback":122,"file":123,"line":124},"action","admin_enqueue_scripts","enqueue_admin_styles","admin\\class-pronosticos-apuestas-tap-admin.php",109,{"type":120,"name":121,"callback":126,"file":123,"line":102},"enqueue_admin_scripts",{"type":120,"name":128,"callback":129,"file":123,"line":130},"admin_menu","add_plugin_admin_menu",112,{"type":120,"name":132,"callback":133,"priority":11,"file":123,"line":134},"pronostico_apuestas_save_promocion","save_promocion",117,{"type":120,"name":136,"callback":137,"priority":11,"file":123,"line":138},"pronostico_apuestas_metodos_pago","metodos_pago",118,{"type":120,"name":140,"callback":141,"priority":11,"file":123,"line":142},"pronostico_apuestas_gestion_suscripciones","gestion_suscripciones",120,{"type":120,"name":144,"callback":145,"priority":11,"file":123,"line":146},"pronostico_apuestas_enviar_email_suscripcion_por_paysafecard","enviar_email_suscripcion_por_paysafecard",122,{"type":120,"name":148,"callback":149,"priority":11,"file":123,"line":150},"pronostico_apuestas_enviar_email_suscripcion_por_paypal_editada","enviar_email_suscripcion_por_paypal_editada",123,{"type":152,"name":153,"callback":154,"priority":11,"file":123,"line":155},"filter","wp_mail_from","enviar_email_from",124,{"type":152,"name":157,"callback":158,"priority":11,"file":123,"line":159},"wp_mail_from_name","enviar_email_from_name",125,{"type":152,"name":161,"callback":162,"priority":11,"file":123,"line":163},"wp_mail_content_type","enviar_email_content_type",126,{"type":120,"name":165,"callback":166,"priority":45,"file":123,"line":167},"wp_insert_post","save_post",128,{"type":152,"name":169,"callback":170,"file":171,"line":172},"cmb_meta_boxes","cmb_sample_metaboxes","admin\\includes\\cmb\\example-functions.php",11,{"type":120,"name":174,"callback":175,"priority":176,"file":171,"line":177},"init","cmb_initialize_cmb_meta_boxes",9999,406,{"type":152,"name":179,"callback":180,"priority":11,"file":181,"line":130},"get_post_metadata","hijack_oembed_cache_get","admin\\includes\\cmb\\helpers\\cmb_Meta_Box_ajax.php",{"type":152,"name":183,"callback":184,"priority":11,"file":181,"line":185},"update_post_metadata","hijack_oembed_cache_set",114,{"type":152,"name":187,"callback":188,"priority":11,"file":189,"line":190},"cmb_show_on","anonymous","admin\\includes\\cmb\\init.php",171,{"type":120,"name":121,"callback":192,"priority":193,"file":189,"line":194},"register_scripts",8,175,{"type":120,"name":128,"callback":196,"file":189,"line":197},"add_metaboxes",178,{"type":120,"name":199,"callback":166,"file":189,"line":200},"add_attachment",179,{"type":120,"name":202,"callback":166,"file":189,"line":203},"edit_attachment",180,{"type":120,"name":166,"callback":166,"priority":11,"file":189,"line":205},181,{"type":120,"name":121,"callback":207,"file":189,"line":208},"do_scripts",182,{"type":120,"name":210,"callback":211,"file":189,"line":212},"admin_head","add_post_enctype",185,{"type":120,"name":214,"callback":215,"file":189,"line":216},"show_user_profile","user_metabox",200,{"type":120,"name":218,"callback":215,"file":189,"line":219},"edit_user_profile",201,{"type":120,"name":221,"callback":222,"file":189,"line":223},"personal_options_update","save_user",203,{"type":120,"name":225,"callback":222,"file":189,"line":226},"edit_user_profile_update",204,{"type":120,"name":210,"callback":211,"file":189,"line":228},207,{"type":152,"name":169,"callback":230,"priority":231,"file":232,"line":233},"post_type_tipster_metabox",101,"admin\\includes\\meta-boxes.php",32,{"type":120,"name":174,"callback":175,"priority":176,"file":232,"line":235},33,{"type":120,"name":121,"callback":237,"file":232,"line":238},"enqueue_scripts",34,{"type":120,"name":174,"callback":240,"file":241,"line":242},"post_type_members","includes\\post-type-members.php",29,{"type":120,"name":174,"callback":244,"file":241,"line":238},"post_type_members_create",{"type":120,"name":174,"callback":246,"file":247,"line":242},"post_type_paypal","includes\\post-type-paypal.php",{"type":120,"name":174,"callback":249,"file":247,"line":238},"post_type_paypal_create",{"type":120,"name":251,"callback":252,"file":253,"line":254},"plugins_loaded","get_instance","pronosticos-apuestas-tap.php",56,{"type":120,"name":251,"callback":252,"file":253,"line":256},75,{"type":120,"name":251,"callback":252,"file":253,"line":258},79,{"type":120,"name":251,"callback":252,"file":253,"line":25},{"type":120,"name":251,"callback":252,"file":253,"line":261},90,{"type":120,"name":174,"callback":263,"file":264,"line":265},"load_plugin_textdomain","public\\class-pronosticos-apuestas-tap.php",71,{"type":120,"name":267,"callback":268,"file":264,"line":269},"wpmu_new_blog","activate_new_site",73,{"type":120,"name":271,"callback":272,"file":264,"line":256},"wp_enqueue_scripts","enqueue_styles",{"type":120,"name":271,"callback":237,"file":264,"line":274},76,{"type":120,"name":276,"callback":277,"file":264,"line":278},"pronostico_apuestas_user_bar_menuitem","user_bar_menuitem",81,{"type":120,"name":280,"callback":281,"priority":11,"file":264,"line":282},"pronostico_apuestas_checkout_shopping_cart","checkout_shopping_cart",87,{"type":120,"name":284,"callback":285,"priority":11,"file":264,"line":115},"pronostico_apuestas_paypal_response","paypal_response",{"type":120,"name":287,"callback":288,"priority":11,"file":264,"line":289},"pronostico_apuestas_enviar_email_suscripcion_por_paypal","enviar_email_suscripcion_por_paypal",104,{"type":120,"name":291,"callback":292,"priority":11,"file":264,"line":293},"pronostico_apuestas_enviar_email_suscripcion_por_paysafecard_creada","enviar_email_suscripcion_por_paysafecard_creada",105,{"type":152,"name":153,"callback":154,"priority":11,"file":264,"line":295},106,{"type":152,"name":157,"callback":158,"priority":11,"file":264,"line":297},107,{"type":152,"name":161,"callback":162,"priority":11,"file":264,"line":299},108,{"type":120,"name":301,"callback":302,"file":264,"line":130},"wp","activar_cancelar_suscripcion",{"type":120,"name":304,"callback":305,"file":264,"line":306},"pronostico_apuestas_cancelar_suscripcion_hourly_event","cancelar_suscripcion",113,{"type":120,"name":308,"callback":305,"file":264,"line":185},"pronostico_apuestas_cancelar_suscripcion",[310,315,318,322,324,328,330,334,336],{"action":311,"nopriv":312,"callback":313,"hasNonce":312,"hasCapCheck":312,"file":189,"line":314},"cmb_oembed_handler",false,"oembed_handler",1047,{"action":311,"nopriv":316,"callback":313,"hasNonce":312,"hasCapCheck":312,"file":189,"line":317},true,1048,{"action":319,"nopriv":316,"callback":320,"hasNonce":312,"hasCapCheck":312,"file":264,"line":321},"pronostico_apuestas_update_shopping_cart","update_shopping_cart",88,{"action":319,"nopriv":312,"callback":320,"hasNonce":312,"hasCapCheck":312,"file":264,"line":323},89,{"action":325,"nopriv":316,"callback":326,"hasNonce":312,"hasCapCheck":312,"file":264,"line":327},"pronostico_apuestas_validar_cupon","validar_cupon",93,{"action":325,"nopriv":312,"callback":326,"hasNonce":312,"hasCapCheck":312,"file":264,"line":329},94,{"action":331,"nopriv":316,"callback":332,"hasNonce":312,"hasCapCheck":312,"file":264,"line":333},"pronostico_apuestas_confirm_paypal","confirm_paypal",98,{"action":331,"nopriv":312,"callback":332,"hasNonce":312,"hasCapCheck":312,"file":264,"line":335},99,{"action":337,"nopriv":312,"callback":338,"hasNonce":312,"hasCapCheck":312,"file":264,"line":339},"pronostico_apuestas_listar_suscripciones","listar_suscripciones",116,[],[],[343],{"hook":304,"callback":304,"file":264,"line":344},1171,9,{"dangerousFunctions":347,"sqlUsage":361,"outputEscaping":367,"fileOperations":13,"externalRequests":13,"nonceChecks":345,"capabilityChecks":564,"bundledLibraries":565},[348,353,356,358],{"fn":349,"file":350,"line":351,"context":352},"unserialize","admin\\includes\\cmb\\helpers\\cmb_Meta_Box_types.php",486,"$datetime   = unserialize( $meta_value );",{"fn":349,"file":354,"line":163,"context":355},"includes\\PedidoRepository.php","$pedido->setElementos(unserialize($queryResult->elementos));",{"fn":349,"file":354,"line":357,"context":355},163,{"fn":349,"file":354,"line":359,"context":360},194,"$pedido->setElementos(unserialize($row->elementos));",{"prepared":362,"raw":92,"locations":363},21,[364],{"file":365,"line":362,"context":366},"uninstall.php","$wpdb->get_results() with variable interpolation",{"escaped":293,"rawEcho":134,"locations":368},[369,372,375,377,379,381,383,385,387,389,391,392,394,396,397,399,400,401,402,404,405,406,408,409,411,413,414,416,417,418,419,420,421,423,424,425,427,429,431,432,433,435,437,438,439,441,443,444,446,449,451,453,455,456,458,460,461,462,464,467,469,470,472,474,476,478,480,482,484,485,486,488,491,493,495,497,499,501,503,506,508,510,512,513,514,516,518,520,522,523,525,526,527,529,531,532,533,534,535,536,538,541,542,545,546,547,549,551,553,554,555,556,557,559,560,562,563],{"file":181,"line":370,"context":371},199,"raw output",{"file":373,"line":374,"context":371},"admin\\includes\\cmb\\helpers\\cmb_Meta_Box_field.php",402,{"file":373,"line":376,"context":371},407,{"file":350,"line":378,"context":371},60,{"file":350,"line":380,"context":371},244,{"file":350,"line":382,"context":371},250,{"file":350,"line":384,"context":371},301,{"file":350,"line":386,"context":371},328,{"file":350,"line":388,"context":371},443,{"file":350,"line":390,"context":371},666,{"file":350,"line":390,"context":371},{"file":350,"line":393,"context":371},678,{"file":350,"line":395,"context":371},692,{"file":350,"line":395,"context":371},{"file":350,"line":398,"context":371},704,{"file":350,"line":398,"context":371},{"file":350,"line":398,"context":371},{"file":350,"line":398,"context":371},{"file":350,"line":403,"context":371},722,{"file":350,"line":403,"context":371},{"file":350,"line":403,"context":371},{"file":350,"line":407,"context":371},748,{"file":350,"line":407,"context":371},{"file":350,"line":410,"context":371},759,{"file":350,"line":412,"context":371},760,{"file":350,"line":412,"context":371},{"file":350,"line":415,"context":371},768,{"file":350,"line":415,"context":371},{"file":350,"line":415,"context":371},{"file":350,"line":415,"context":371},{"file":350,"line":415,"context":371},{"file":350,"line":415,"context":371},{"file":350,"line":422,"context":371},775,{"file":350,"line":422,"context":371},{"file":350,"line":422,"context":371},{"file":350,"line":426,"context":371},784,{"file":189,"line":428,"context":371},318,{"file":189,"line":430,"context":371},439,{"file":189,"line":430,"context":371},{"file":189,"line":388,"context":371},{"file":189,"line":434,"context":371},445,{"file":189,"line":436,"context":371},458,{"file":189,"line":436,"context":371},{"file":189,"line":436,"context":371},{"file":189,"line":440,"context":371},466,{"file":189,"line":442,"context":371},471,{"file":189,"line":351,"context":371},{"file":189,"line":445,"context":371},1182,{"file":447,"line":448,"context":371},"admin\\views\\configuracion.php",24,{"file":447,"line":450,"context":371},72,{"file":447,"line":452,"context":371},91,{"file":447,"line":454,"context":371},190,{"file":447,"line":216,"context":371},{"file":457,"line":172,"context":371},"admin\\views\\suscripciones-add.php",{"file":457,"line":459,"context":371},22,{"file":457,"line":459,"context":371},{"file":457,"line":274,"context":371},{"file":463,"line":11,"context":371},"admin\\views\\suscripciones-delete.php",{"file":465,"line":466,"context":371},"admin\\views\\suscripciones-edit.php",12,{"file":465,"line":468,"context":371},14,{"file":465,"line":45,"context":371},{"file":465,"line":471,"context":371},28,{"file":465,"line":473,"context":371},36,{"file":465,"line":475,"context":371},48,{"file":465,"line":477,"context":371},59,{"file":465,"line":479,"context":371},68,{"file":465,"line":481,"context":371},77,{"file":465,"line":483,"context":371},97,{"file":465,"line":293,"context":371},{"file":465,"line":102,"context":371},{"file":487,"line":11,"context":371},"admin\\views\\suscripciones-fixed-records.php",{"file":489,"line":490,"context":371},"admin\\views\\suscripciones-list.php",42,{"file":489,"line":492,"context":371},57,{"file":494,"line":11,"context":371},"admin\\views\\suscripciones-new.php",{"file":264,"line":496,"context":371},491,{"file":264,"line":498,"context":371},519,{"file":264,"line":500,"context":371},585,{"file":264,"line":502,"context":371},1248,{"file":504,"line":505,"context":371},"public\\views\\paypal-response-success.php",4,{"file":507,"line":459,"context":371},"public\\views\\shopping-cart-step-pago.php",{"file":507,"line":509,"context":371},50,{"file":507,"line":511,"context":371},51,{"file":507,"line":254,"context":371},{"file":507,"line":254,"context":371},{"file":507,"line":515,"context":371},62,{"file":507,"line":517,"context":371},66,{"file":507,"line":519,"context":371},70,{"file":507,"line":521,"context":371},82,{"file":507,"line":91,"context":371},{"file":507,"line":524,"context":371},92,{"file":507,"line":524,"context":371},{"file":507,"line":329,"context":371},{"file":507,"line":528,"context":371},95,{"file":507,"line":530,"context":371},96,{"file":507,"line":483,"context":371},{"file":507,"line":333,"context":371},{"file":507,"line":335,"context":371},{"file":507,"line":115,"context":371},{"file":507,"line":231,"context":371},{"file":507,"line":537,"context":371},102,{"file":539,"line":540,"context":371},"public\\views\\shopping-cart-step-paysafecard.php",3,{"file":539,"line":505,"context":371},{"file":543,"line":544,"context":371},"public\\views\\shopping-cart-step-resumen.php",31,{"file":543,"line":235,"context":371},{"file":543,"line":238,"context":371},{"file":543,"line":548,"context":371},35,{"file":543,"line":550,"context":371},39,{"file":543,"line":552,"context":371},40,{"file":543,"line":509,"context":371},{"file":543,"line":509,"context":371},{"file":543,"line":511,"context":371},{"file":543,"line":511,"context":371},{"file":543,"line":558,"context":371},61,{"file":543,"line":91,"context":371},{"file":543,"line":561,"context":371},86,{"file":543,"line":321,"context":371},{"file":543,"line":530,"context":371},2,[566,570],{"name":567,"version":568,"knownCves":569},"DataTables","1.0.4",[],{"name":571,"version":572,"knownCves":573},"Select2","3.5.2",[],[575,592,601,620],{"entryPoint":576,"graph":577,"unsanitizedCount":92,"severity":591},"listar_suscripciones (public\\class-pronosticos-apuestas-tap.php:1182)",{"nodes":578,"edges":589},[579,584],{"id":580,"type":581,"label":582,"file":264,"line":583},"n0","source","$_GET",1244,{"id":585,"type":586,"label":587,"file":264,"line":502,"wp_function":588},"n1","sink","echo() [XSS]","echo",[590],{"from":580,"to":585,"sanitized":312},"medium",{"entryPoint":593,"graph":594,"unsanitizedCount":13,"severity":600},"\u003Cclass-pronosticos-apuestas-tap> (public\\class-pronosticos-apuestas-tap.php:0)",{"nodes":595,"edges":598},[596,597],{"id":580,"type":581,"label":582,"file":264,"line":583},{"id":585,"type":586,"label":587,"file":264,"line":502,"wp_function":588},[599],{"from":580,"to":585,"sanitized":316},"low",{"entryPoint":602,"graph":603,"unsanitizedCount":92,"severity":619},"sanitize_field (admin\\includes\\cmb\\init.php:643)",{"nodes":604,"edges":616},[605,608,611],{"id":580,"type":581,"label":606,"file":189,"line":607},"$_POST",655,{"id":585,"type":609,"label":610,"file":189,"line":607},"transform","→ sanitization_cb()",{"id":612,"type":586,"label":613,"file":373,"line":614,"wp_function":615},"n2","call_user_func() [RCE]",222,"call_user_func",[617,618],{"from":580,"to":585,"sanitized":312},{"from":585,"to":612,"sanitized":312},"high",{"entryPoint":621,"graph":622,"unsanitizedCount":92,"severity":619},"\u003Cinit> (admin\\includes\\cmb\\init.php:0)",{"nodes":623,"edges":632},[624,626,627,628,630],{"id":580,"type":581,"label":625,"file":189,"line":398},"$_REQUEST",{"id":585,"type":586,"label":587,"file":189,"line":445,"wp_function":588},{"id":612,"type":581,"label":606,"file":189,"line":607},{"id":629,"type":609,"label":610,"file":189,"line":607},"n3",{"id":631,"type":586,"label":613,"file":373,"line":614,"wp_function":615},"n4",[633,634,635],{"from":580,"to":585,"sanitized":316},{"from":612,"to":629,"sanitized":312},{"from":629,"to":631,"sanitized":312},{"summary":637,"deductions":638},"The plugin 'pronosticos-apuestas-tap' v1.2.6 presents a concerning security posture due to a significant number of unprotected AJAX handlers, indicating a broad attack surface accessible without proper authentication checks. While the plugin demonstrates good practices in SQL query preparation and nonce checks, the presence of the 'unserialize' dangerous function and taint analysis revealing flows with unsanitized paths are critical red flags. These specific code signals suggest potential vulnerabilities that could be exploited to inject malicious code or manipulate data, especially when combined with the unprotected entry points.  The lack of any recorded vulnerability history is a positive, suggesting that past development may not have had exploitable flaws. However, this does not mitigate the immediate risks identified in the static analysis.  Overall, the plugin has strengths in its SQL handling and nonce implementation, but the identified code vulnerabilities and exposed attack surface require urgent attention to prevent potential security breaches.",[639,641,643,646,647,650,652],{"reason":640,"points":11},"AJAX handlers without auth checks",{"reason":642,"points":11},"Dangerous function unserialize",{"reason":644,"points":645},"Taint flows with unsanitized paths (High severity)",15,{"reason":644,"points":645},{"reason":648,"points":649},"Output escaping is not consistently applied",6,{"reason":651,"points":505},"Bundled outdated library DataTables v1.0.4",{"reason":653,"points":505},"Bundled outdated library Select2 v3.5.2","2026-03-17T01:06:09.098Z",{"wat":656,"direct":665},{"assetPaths":657,"generatorPatterns":660,"scriptPaths":661,"versionParams":662},[658,659],"\u002Fwp-content\u002Fplugins\u002Fpronosticos-apuestas-tap\u002Fpublic\u002Fcss\u002Fpronosticos-apuestas-tap-public.css","\u002Fwp-content\u002Fplugins\u002Fpronosticos-apuestas-tap\u002Fpublic\u002Fjs\u002Fpronosticos-apuestas-tap-public.js",[],[659],[663,664],"pronosticos-apuestas-tap\u002Fpublic\u002Fcss\u002Fpronosticos-apuestas-tap-public.css?ver=","pronosticos-apuestas-tap\u002Fpublic\u002Fjs\u002Fpronosticos-apuestas-tap-public.js?ver=",{"cssClasses":666,"htmlComments":667,"htmlAttributes":668,"restEndpoints":669,"jsGlobals":670,"shortcodeOutput":671},[],[],[],[],[],[],{"error":316,"url":673,"statusCode":674,"statusMessage":675,"message":675},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpronosticos-apuestas-tap\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":677,"versions":678},7,[679,684,691,698,705,712,719],{"version":6,"download_url":24,"svn_tag_url":680,"released_at":26,"has_diff":312,"diff_files_changed":681,"diff_lines":26,"trac_diff_url":682,"vulnerabilities":683,"is_current":316},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpronosticos-apuestas-tap\u002Ftags\u002F1.2.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.5&new_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.6",[],{"version":685,"download_url":686,"svn_tag_url":687,"released_at":26,"has_diff":312,"diff_files_changed":688,"diff_lines":26,"trac_diff_url":689,"vulnerabilities":690,"is_current":312},"1.2.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronosticos-apuestas-tap.1.2.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpronosticos-apuestas-tap\u002Ftags\u002F1.2.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.4&new_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.5",[],{"version":692,"download_url":693,"svn_tag_url":694,"released_at":26,"has_diff":312,"diff_files_changed":695,"diff_lines":26,"trac_diff_url":696,"vulnerabilities":697,"is_current":312},"1.2.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronosticos-apuestas-tap.1.2.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpronosticos-apuestas-tap\u002Ftags\u002F1.2.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.3&new_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.4",[],{"version":699,"download_url":700,"svn_tag_url":701,"released_at":26,"has_diff":312,"diff_files_changed":702,"diff_lines":26,"trac_diff_url":703,"vulnerabilities":704,"is_current":312},"1.2.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronosticos-apuestas-tap.1.2.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpronosticos-apuestas-tap\u002Ftags\u002F1.2.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.1&new_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.3",[],{"version":706,"download_url":707,"svn_tag_url":708,"released_at":26,"has_diff":312,"diff_files_changed":709,"diff_lines":26,"trac_diff_url":710,"vulnerabilities":711,"is_current":312},"1.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronosticos-apuestas-tap.1.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpronosticos-apuestas-tap\u002Ftags\u002F1.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.0&new_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.1",[],{"version":713,"download_url":714,"svn_tag_url":715,"released_at":26,"has_diff":312,"diff_files_changed":716,"diff_lines":26,"trac_diff_url":717,"vulnerabilities":718,"is_current":312},"1.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronosticos-apuestas-tap.1.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpronosticos-apuestas-tap\u002Ftags\u002F1.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.0.0&new_path=%2Fpronosticos-apuestas-tap%2Ftags%2F1.2.0",[],{"version":97,"download_url":720,"svn_tag_url":721,"released_at":26,"has_diff":312,"diff_files_changed":722,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":723,"is_current":312},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronosticos-apuestas-tap.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpronosticos-apuestas-tap\u002Ftags\u002F1.0.0\u002F",[],[]]