[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCL0hr8VceuTMloJ8foKEFV-kmLHdfF12l-wOGwobBz8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":37,"fingerprints":71},"proprofs-embed","ProProfs Embed","1.0.0","ProProfs","https:\u002F\u002Fprofiles.wordpress.org\u002Fproprofs\u002F","\u003Cp>Installing and using ProProfs with WordPress is a breeze and requires no coding or technical expertise to get started.\u003Cbr \u002F>\nInstalling and using ProProfs with WordPress is a breeze and requires no coding or technical expertise to get started. You can create courses hassle-free and train hundreds to thousands of learners anytime and anywhere. Apart from creating courses, you can also create handy quizzes and surveys.\u003C\u002Fp>\n","Installing and using ProProfs with WordPress is a breeze and requires no coding or technical expertise to get started.",200,3770,0,"2024-10-28T09:15:00.000Z","6.7.0","3.0.1","5.2.4",[19,20,21,4],"embed-course","embed-quiz","embed-survey","https:\u002F\u002Fwww.proprofs.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproprofs-embed.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"proprofs",3,300,95,30,91,"2026-04-04T16:24:20.385Z",[],{"attackSurface":38,"codeSignals":55,"taintFlows":62,"riskAssessment":63,"analyzedAt":70},{"hooks":39,"ajaxHandlers":47,"restRoutes":48,"shortcodes":49,"cronEvents":53,"entryPointCount":54,"unprotectedCount":13},[40],{"type":41,"name":42,"callback":43,"priority":44,"file":45,"line":46},"filter","plugin_row_meta","pp_plugin_row_meta",10,"ProProfs.php",13,[],[],[50],{"tag":7,"callback":51,"file":45,"line":52},"pp_frame",68,[],1,{"dangerousFunctions":56,"sqlUsage":57,"outputEscaping":59,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":61},[],{"prepared":13,"raw":13,"locations":58},[],{"escaped":30,"rawEcho":13,"locations":60},[],[],[],{"summary":64,"deductions":65},"The proprofs-embed plugin v1.0.0 exhibits a generally strong security posture based on the provided static analysis. There are no identified dangerous functions, raw SQL queries, unescaped output, or file operations, which are common sources of vulnerabilities. The absence of external HTTP requests and bundled libraries further simplifies the attack surface. Crucially, the plugin has no known vulnerabilities (CVEs) recorded, suggesting a history of secure development or a lack of widespread security scrutiny. This indicates a developer who is likely adhering to secure coding practices. \n\nHowever, a notable concern is the complete absence of nonce checks and capability checks across its single entry point (a shortcode). While there are no AJAX handlers or REST API routes to check, a shortcode can still be a vector for malicious execution if not properly secured. The lack of these checks means that any user, regardless of their role or authorization, could potentially trigger the shortcode's functionality. This is a significant weakness that could lead to unintended consequences or provide an avenue for privilege escalation or unwanted actions if the shortcode's functionality is not inherently benign. \n\nIn conclusion, the plugin is strong in its handling of sensitive code operations and has a clean vulnerability history. However, the oversight in implementing security checks for its sole entry point is a critical weakness that requires immediate attention to mitigate potential risks.",[66,68],{"reason":67,"points":44},"Missing nonce checks",{"reason":69,"points":44},"Missing capability checks","2026-03-16T20:27:20.229Z",{"wat":72,"direct":79},{"assetPaths":73,"generatorPatterns":75,"scriptPaths":76,"versionParams":77},[74],"\u002Fwp-content\u002Fplugins\u002Fproprofs-embed\u002Fstyle.css",[],[],[78],"proprofs-embed\u002Fstyle.css?ver=",{"cssClasses":80,"htmlComments":82,"htmlAttributes":84,"restEndpoints":85,"jsGlobals":86,"shortcodeOutput":87},[81],"class-pp",[83],"ProProfs plugin v.1.0.0",[],[],[],[88],"\u003Ciframe src=\"https:\u002F\u002Fproprofs.com\" width=\"100%\" height=\"500\" scrolling=\"yes\" class=\"class-pp\" frameborder=\"1\">\u003C\u002Fiframe>"]