[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0e37r2TF9BdnvaGKPA-SNRTfWgomEWM9oyGWKSsHpYQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":33,"analysis":143,"fingerprints":466},"pukiwiki-for-wordpress","PukiWiki for WordPress","0.2.3","makoto_kw","https:\u002F\u002Fprofiles.wordpress.org\u002Fmakoto_kw\u002F","\u003Cp>‘PukiWiki for WordPress’ is convert html from pukiwiki text on an entry.\u003Cbr \u002F>\nIt includes original PukiWiki 1.4.7 (utf-8),\u003C\u002Fp>\n","'PukiWiki for WordPress' converts a html from pukiwiki text on an entry.",20,4631,0,"","3.5.2","2.8",[18,19],"japanese","wiki","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpukiwiki-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpukiwiki-for-wordpress.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},3,40,90,30,87,"2026-04-05T00:06:34.792Z",[34,54,77,97,119],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":22,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":14,"tags":48,"homepage":51,"download_link":52,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"wp-multibyte-patch","WP Multibyte Patch","2.9.3","Seisuke Kuraishi","https:\u002F\u002Fprofiles.wordpress.org\u002Ftenpura\u002F","\u003Cp>Multibyte functionality enhancement for the WordPress Japanese package.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Feastcoder.com\u002Fcode\u002Fwp-multibyte-patch\u002F\" title=\"Documentation in Japanese\" rel=\"nofollow ugc\">日本語の説明を読む\u003C\u002Fa>\u003C\u002Fp>\n","Multibyte functionality enhancement for the WordPress Japanese package.",1000000,7864798,24,"2025-12-01T21:45:00.000Z","6.9.4","5.2",[49,18,50,35],"i18n","multibyte","https:\u002F\u002Feastcoder.com\u002Fcode\u002Fwp-multibyte-patch\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-multibyte-patch.2.9.3.zip","2026-03-15T15:16:48.613Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"aurora-heatmap","Aurora Heatmap","1.7.1","r3098","https:\u002F\u002Fprofiles.wordpress.org\u002Fr3098\u002F","\u003Cp>Goddess Aurora is said to give light to the user world.\u003Cbr \u002F>\nThe name “Aurora Heatmap” visualizes user behavior with a beautiful heatmap.\u003Cbr \u002F>\nBringing light to the activation and optimization of your website.\u003C\u002Fp>\n\u003Ch4>The most important thing in site management.\u003C\u002Fh4>\n\u003Cp>That is, \u003Cem>Is the user satisfied?\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Where do users see and move through the content?\u003C\u002Fli>\n\u003Cli>Whether the user is not confused?\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Aurora Heatmap is the \u003Cstrong>strongest tool\u003C\u002Fstrong> for visualizing it.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Are you guiding users well?\u003C\u002Fli>\n\u003Cli>Conversion rate\u003C\u002Fli>\n\u003Cli>Are you missing out on prospects and readers?\u003C\u002Fli>\n\u003Cli>How is it evaluated by Google?\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You will be able to see the points of improvement.\u003C\u002Fp>\n\u003Ch4>Plugin features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Cem>No Coding\u003C\u002Fem>\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>\u003Cem>No Setting\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You just install and activate the plugin.\u003Cbr \u002F>\nNo troublesome user registration or setup is required.\u003Cbr \u002F>\nIt works as default in most WordPress environments.\u003Cbr \u002F>\nAnd Aurora Heatmap is \u003Cstrong>complete with just plugin\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The free version can check the click heat map of PC and mobile, and can be used on any number of sites.\u003Cbr \u002F>\nEven if it is free, there is no limit due to the number of PV and analysis pages.\u003C\u002Fp>\n\u003Ch4>Special notes\u003C\u002Fh4>\n\u003Cp>If it does not work well when used with a cache plugin, turn off JavaScript-related optimization, or exclude jQuery and Aurora Heatmap measurement script (reporter.js) from optimization.\u003Cbr \u002F>\nFor more details, please refer to \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap#oc-1\" rel=\"nofollow ugc\">official site description page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Aurora Heatmap can be used with the following cache plugins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WP Rocket\u003C\u002Fli>\n\u003Cli>W3 Total Cache\u003C\u002Fli>\n\u003Cli>WP Super Cache\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage and support\u003C\u002Fh4>\n\u003Cp>More detailed usage and FAQs are provided on the \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap\" rel=\"nofollow ugc\">Aurora Heatmap official site\u003C\u002Fa>.\u003Cbr \u002F>\nIf you can’t find the answer to your question in those documents, use the WordPress.org \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faurora-heatmap\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003Cbr \u002F>\nThe premium version has priority email support.\u003C\u002Fp>\n\u003Ch4>About privacy\u003C\u002Fh4>\n\u003Cp>This plugin \u003Cstrong>does not\u003C\u002Fstrong> perform the following operations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User tracking\u003C\u002Fli>\n\u003Cli>Send recorded data to external server\u003C\u002Fli>\n\u003Cli>Use of cookies\u003C\u002Fli>\n\u003Cli>Record of personally identifiable data including IP address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Aurora Heatmap Free version 90 seconds demo\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F3W17Gg_vbHg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Beautiful like an aurora! A simple WordPress heatmap that can be completed with just a plugin.",20000,357256,94,7,"2025-04-14T09:25:00.000Z","6.8.0","4.9","7.0",[71,72,73,74,18],"analytics","analyze","click","heatmap","https:\u002F\u002Fmarket.seous.info\u002Faurora-heatmap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faurora-heatmap.1.7.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":46,"requires_at_least":90,"requires_php":14,"tags":91,"homepage":14,"download_link":96,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"japanese-font-for-tinymce","Japanese font for WordPress(Previously: Japanese Font for TinyMCE)","4.30","raspi0124","https:\u002F\u002Fprofiles.wordpress.org\u002Fraspi0124\u002F","\u003Cp>Add Japanese font to Gutenberg and TinyMCE Advanced plugin’s font family selections.\u003Cbr \u002F>\nNow supports Gutenberg as option. Please enable gutenberg option in order to use it.\u003Cbr \u002F>\nFont to be added；\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fhp.vector.co.jp\u002Fauthors\u002FVA039499\u002F#hui\" rel=\"nofollow ugc\">ふい字\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Fget\u002Fnoto\u002F#sans-jpan\" rel=\"nofollow ugc\">Noto Sans Japanese\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Ftanukifont.com\u002Fesenapaj\u002F\" rel=\"nofollow ugc\">エセナパJ\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Ffont.gloomy.jp\u002Fhonoka-maru-gothic-dl.html\" rel=\"nofollow ugc\">ほのか丸ゴシック\u003C\u002Fa>\u003Cbr \u002F>\nand more..\u003Cbr \u002F>\nAnd If you want more font,please post a comment to page below.\u003C\u002Fp>\n\u003Cp>Please see \u003Ca href=\"https:\u002F\u002Fdiary.raspi0124.dev\u002Fpost-677\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> for more infomation.(Japanese)\u003Cbr \u002F>\nDevelopment for this plugin takes place at GitHub. To report bugs or feature requests, please use \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fraspi0124\u002FJapanese-font-for-TinyMCE\" rel=\"nofollow ugc\">Github\u003C\u002Fa> issues.\u003Cbr \u002F>\nThis plugin could not be exist without the creator of the fonts, the people who sacrificed huge amount of their time contributing to more freeer world.\u003Cbr \u002F>\nIf you would like to donate, or send message to those people who sacrificed huge amount of their private time making those fonts and pubishing them for free, feel free to checkout this list. It has all email\u002Fdonating destination I could collect.\u003C\u002Fp>\n","Add Japanese font to Gutenberg and TinyMCE Advanced plugin's font family selections.",10000,130196,76,6,"2025-12-04T09:06:00.000Z","5.1",[92,93,18,94,95],"font","fonts","japanesefont","tinymce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjapanese-font-for-tinymce.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":85,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":46,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":115,"download_link":116,"security_score":117,"vuln_count":88,"unpatched_count":13,"last_vuln_date":118,"fetched_at":53},"woocommerce-for-japan","Japanized for WooCommerce","2.8.5","shohei.tanaka","https:\u002F\u002Fprofiles.wordpress.org\u002Fshoheitanaka\u002F","\u003Cp>Japanized for WooCommerce is the essential toolkit for running a WooCommerce store in Japan. This plugin bridges the gap between WooCommerce’s global features and Japan’s unique e-commerce requirements.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why You Need This Plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Running an online store in Japan requires specific features that standard WooCommerce doesn’t provide out of the box:\u003Cbr \u002F>\n* Japanese address formats with proper field ordering (postal code, prefecture, city, address lines)\u003Cbr \u002F>\n* Name reading fields (Yomigana\u002FFurigana) for accurate customer identification\u003Cbr \u002F>\n* Delivery date and time selection that customers expect\u003Cbr \u002F>\n* Popular Japanese payment methods like bank transfer and COD\u003Cbr \u002F>\n* Legal compliance with Japan’s Specified Commercial Transaction Act (特定商取引法)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Who Should Use This\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is designed for:\u003Cbr \u002F>\n* Japanese e-commerce businesses using WooCommerce\u003Cbr \u002F>\n* International stores shipping to Japanese customers\u003Cbr \u002F>\n* Anyone who needs Japanese address handling and payment methods\u003Cbr \u002F>\n* Stores requiring delivery date\u002Ftime selection functionality\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Seamless Integration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Works smoothly with WooCommerce core features and popular extensions. Fully compatible with the new WooCommerce Blocks checkout experience. All features are optional – enable only what you need for your store.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Address & Name Management\u003C\u002Fstrong>\u003Cbr \u002F>\n* Name reading (Yomigana\u002FFurigana) input fields for billing and shipping addresses\u003Cbr \u002F>\n* Honorific title (様\u002Fsama) automatically added after customer names\u003Cbr \u002F>\n* Japanese-style address format with proper field ordering\u003Cbr \u002F>\n* Auto-fill address from postal code using Yahoo! API integration\u003Cbr \u002F>\n* Company name field support\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Shipping & Delivery\u003C\u002Fstrong>\u003Cbr \u002F>\n* Delivery date and time selection at checkout\u003Cbr \u002F>\n* Delivery time slot management\u003Cbr \u002F>\n* Holiday and non-delivery day settings\u003Cbr \u002F>\n* Weekend and specific date exclusions\u003Cbr \u002F>\n* Delivery-related fields hidden when free shipping is applied\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Payment Methods\u003C\u002Fstrong>\u003Cbr \u002F>\n* Bank Transfer (Japanese banks)\u003Cbr \u002F>\n* Japan Post Bank Transfer\u003Cbr \u002F>\n* Cash on Delivery (COD) with fee calculation\u003Cbr \u002F>\n* COD subscription support\u003Cbr \u002F>\n* Pay at Store (over-the-counter payment)\u003Cbr \u002F>\n* Paidy (Buy Now, Pay Later) – Official Japanese payment gateway\u003Cbr \u002F>\n* PayPal Checkout optimized for Japan\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Legal & Compliance\u003C\u002Fstrong>\u003Cbr \u002F>\n* Specified Commercial Transaction Act (特定商取引法) page creator\u003Cbr \u002F>\n* Shortcode support for legal information display\u003Cbr \u002F>\n* Customizable legal notice templates\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Additional Features\u003C\u002Fstrong>\u003Cbr \u002F>\n* Email template optimization for Japanese format\u003Cbr \u002F>\n* Address validation for Japanese postal codes\u003Cbr \u002F>\n* Affiliate integration (A8.net, Access Trade, Value Commerce)\u003Cbr \u002F>\n* WooCommerce Blocks compatibility\u003Cbr \u002F>\n* Security scanning and malware detection\u003C\u002Fp>\n\u003Cp>Note: Paidy and PayPal Checkout are also available as standalone payment plugins.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmPYlDDuGzis?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Essential Japanese localization toolkit for WooCommerce - adds address formats, payment methods, delivery scheduling, and legal compliance.",554631,66,21,"2026-02-19T08:53:00.000Z","6.7","8.1",[112,113,18,114],"e-commerce","ecommerce","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-for-japan\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoocommerce-for-japan.2.8.5.zip",95,"2026-02-26 21:04:26",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":14,"tags":134,"homepage":139,"download_link":140,"security_score":141,"vuln_count":27,"unpatched_count":13,"last_vuln_date":142,"fetched_at":53},"buddypress-docs","BuddyPress Docs","2.2.6","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>BuddyPress Docs adds collaborative work spaces to your BuddyPress community. Part wiki, part document editing, part shared dropbox, think of these Docs as a BuddyPress version of the Docs service offered by the Big G \u003Cem>ifyouknowwhatimean\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Docs that can be linked to groups or users, with a variety of privacy levels\u003C\u002Fli>\n\u003Cli>Support for fully-private document uploads\u003C\u002Fli>\n\u003Cli>Doc taxonomy, using tags\u003C\u002Fli>\n\u003Cli>Fully sortable and filterable doc lists\u003C\u002Fli>\n\u003Cli>TinyMCE front-end doc editing\u003C\u002Fli>\n\u003Cli>One-editor-at-a-time prevention against overwrites, plus idle detection\u002Fautosave\u003C\u002Fli>\n\u003Cli>Full access to revision history\u003C\u002Fli>\n\u003Cli>Dashboard access and management of Docs for the site admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is in active development. For feature requests and bug reports, visit http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Fbuddypress-docs. If you have translated the plugin and would like to provide your translation for distribution with BuddyPress Docs, please contact the plugin author.\u003C\u002Fp>\n","Adds collaborative Docs to BuddyPress.",7000,321667,88,35,"2025-08-20T17:41:00.000Z","6.8.5","3.3",[135,136,137,138,19],"buddypress","collaboration","docs","documents","http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Fbuddypress-docs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-docs.2.2.6.zip",97,"2025-06-06 00:00:00",{"attackSurface":144,"codeSignals":170,"taintFlows":410,"riskAssessment":450,"analyzedAt":465},{"hooks":145,"ajaxHandlers":166,"restRoutes":167,"shortcodes":168,"cronEvents":169,"entryPointCount":13,"unprotectedCount":13},[146,152,155,160,162],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","wp_head","head","pukiwiki.php",31,{"type":147,"name":153,"callback":153,"priority":65,"file":150,"line":154},"the_content",32,{"type":156,"name":157,"callback":158,"file":150,"line":159},"filter","edit_page_form","edit_form_advanced",33,{"type":156,"name":158,"callback":158,"file":150,"line":161},34,{"type":147,"name":163,"callback":164,"file":150,"line":165},"init","pukiwiki_init",92,[],[],[],[],{"dangerousFunctions":171,"sqlUsage":209,"outputEscaping":211,"fileOperations":407,"externalRequests":408,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":409},[172,176,180,183,185,188,191,194,196,200,202,206],{"fn":173,"file":150,"line":174,"context":175},"create_function",45,"return preg_replace_callback('\u002F\\[pukiwiki\\](.*?)\\[\\\u002Fpukiwiki\\]\u002Fs',create_function('$matches',$replac",{"fn":173,"file":177,"line":178,"context":179},"svc\\pukiwiki\\plugin\\referer.inc.php",54,"usort($data, create_function('$a,$b', 'return $b[0] - $a[0];'));",{"fn":173,"file":177,"line":181,"context":182},60,"usort($data, create_function('$a,$b', 'return $a[0] - $b[0];'));",{"fn":173,"file":177,"line":106,"context":184},"usort($data, create_function('$a,$b', 'return $b[1] - $a[1];'));",{"fn":173,"file":177,"line":186,"context":187},72,"usort($data, create_function('$a,$b', 'return $a[1] - $b[1];'));",{"fn":173,"file":177,"line":189,"context":190},78,"usort($data, create_function('$a,$b', 'return $b[2] - $a[2];'));",{"fn":173,"file":177,"line":192,"context":193},84,"usort($data, create_function('$a,$b', 'return $a[2] - $b[2];'));",{"fn":173,"file":177,"line":29,"context":195},"usort($data, create_function('$a,$b',",{"fn":173,"file":197,"line":198,"context":199},"svc\\pukiwiki\\plugin\\tb.inc.php",143,"create_function('$a', 'return htmlspecialchars($a);'), $arr);",{"fn":173,"file":197,"line":201,"context":179},203,{"fn":173,"file":203,"line":204,"context":205},"svc\\pukiwiki\\plugin\\tracker.inc.php",373,"list($key,$style,$format) = array_pad(array_map(create_function('$a','return trim($a);'),$option),3,",{"fn":173,"file":203,"line":207,"context":208},465,"$options[$this->name] = array_flip(array_map(create_function('$arr','return $arr[0];'),$this->config",{"prepared":13,"raw":13,"locations":210},[],{"escaped":13,"rawEcho":212,"locations":213},106,[214,217,219,222,223,225,227,229,231,233,235,237,239,241,243,246,248,249,251,254,255,256,257,259,260,262,263,265,267,268,269,270,271,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,301,303,305,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,347,348,350,352,353,355,356,357,359,360,361,363,365,367,369,371,373,375,376,378,380,382,384,386,388,390,392,394,396,398,400,402,404,405],{"file":150,"line":215,"context":216},39,"raw output",{"file":150,"line":218,"context":216},50,{"file":220,"line":221,"context":216},"svc\\index.php",83,{"file":220,"line":192,"context":216},{"file":224,"line":22,"context":216},"svc\\pukiwiki\\plugin\\rss.inc.php",{"file":224,"line":226,"context":216},117,{"file":197,"line":228,"context":216},124,{"file":197,"line":230,"context":216},125,{"file":197,"line":232,"context":216},179,{"file":197,"line":234,"context":216},236,{"file":236,"line":28,"context":216},"svc\\pukiwiki\\plugin\\touchgraph.inc.php",{"file":236,"line":238,"context":216},44,{"file":236,"line":240,"context":216},59,{"file":236,"line":242,"context":216},63,{"file":244,"line":245,"context":216},"svc\\pukiwiki\\skin\\keitai.skin.php",96,{"file":244,"line":247,"context":216},98,{"file":244,"line":22,"context":216},{"file":250,"line":154,"context":216},"svc\\pukiwiki\\skin\\pukiwiki.css.php",{"file":252,"line":253,"context":216},"svc\\pukiwiki\\skin\\pukiwiki.skin.php",71,{"file":252,"line":87,"context":216},{"file":252,"line":87,"context":216},{"file":252,"line":189,"context":216},{"file":252,"line":258,"context":216},79,{"file":252,"line":258,"context":216},{"file":252,"line":261,"context":216},80,{"file":252,"line":261,"context":216},{"file":252,"line":264,"context":216},81,{"file":252,"line":266,"context":216},85,{"file":252,"line":29,"context":216},{"file":252,"line":29,"context":216},{"file":252,"line":165,"context":216},{"file":252,"line":245,"context":216},{"file":252,"line":245,"context":216},{"file":252,"line":273,"context":216},99,{"file":252,"line":275,"context":216},116,{"file":252,"line":277,"context":216},167,{"file":252,"line":279,"context":216},173,{"file":252,"line":281,"context":216},176,{"file":252,"line":283,"context":216},181,{"file":252,"line":285,"context":216},185,{"file":252,"line":287,"context":216},190,{"file":252,"line":289,"context":216},191,{"file":252,"line":291,"context":216},195,{"file":252,"line":293,"context":216},231,{"file":252,"line":295,"context":216},274,{"file":252,"line":297,"context":216},278,{"file":252,"line":299,"context":216},282,{"file":252,"line":299,"context":216},{"file":252,"line":302,"context":216},284,{"file":304,"line":247,"context":216},"svc\\pukiwiki\\skin\\tdiary.css.php",{"file":304,"line":228,"context":216},{"file":304,"line":307,"context":216},129,{"file":304,"line":309,"context":216},137,{"file":304,"line":311,"context":216},144,{"file":304,"line":313,"context":216},150,{"file":304,"line":315,"context":216},165,{"file":304,"line":317,"context":216},388,{"file":304,"line":319,"context":216},416,{"file":304,"line":321,"context":216},423,{"file":304,"line":323,"context":216},431,{"file":304,"line":325,"context":216},438,{"file":304,"line":327,"context":216},445,{"file":304,"line":329,"context":216},452,{"file":304,"line":331,"context":216},459,{"file":304,"line":333,"context":216},466,{"file":304,"line":335,"context":216},516,{"file":304,"line":337,"context":216},571,{"file":304,"line":339,"context":216},575,{"file":304,"line":341,"context":216},579,{"file":343,"line":240,"context":216},"svc\\pukiwiki\\skin\\tdiary.skin.php",{"file":343,"line":345,"context":216},574,{"file":343,"line":341,"context":216},{"file":343,"line":341,"context":216},{"file":343,"line":349,"context":216},581,{"file":343,"line":351,"context":216},583,{"file":343,"line":351,"context":216},{"file":343,"line":354,"context":216},584,{"file":343,"line":354,"context":216},{"file":343,"line":354,"context":216},{"file":343,"line":358,"context":216},585,{"file":343,"line":358,"context":216},{"file":343,"line":358,"context":216},{"file":343,"line":362,"context":216},586,{"file":343,"line":364,"context":216},590,{"file":343,"line":366,"context":216},592,{"file":343,"line":368,"context":216},598,{"file":343,"line":370,"context":216},617,{"file":343,"line":372,"context":216},667,{"file":343,"line":374,"context":216},672,{"file":343,"line":374,"context":216},{"file":343,"line":377,"context":216},674,{"file":343,"line":379,"context":216},684,{"file":343,"line":381,"context":216},726,{"file":343,"line":383,"context":216},727,{"file":343,"line":385,"context":216},741,{"file":343,"line":387,"context":216},744,{"file":343,"line":389,"context":216},758,{"file":343,"line":391,"context":216},771,{"file":343,"line":393,"context":216},780,{"file":343,"line":395,"context":216},786,{"file":343,"line":397,"context":216},806,{"file":343,"line":399,"context":216},829,{"file":343,"line":401,"context":216},869,{"file":343,"line":403,"context":216},912,{"file":343,"line":403,"context":216},{"file":343,"line":406,"context":216},915,64,1,[],[411,430,442],{"entryPoint":412,"graph":413,"unsanitizedCount":408,"severity":429},"\u003Cdump.inc> (svc\\pukiwiki\\plugin\\dump.inc.php:0)",{"nodes":414,"edges":426},[415,420],{"id":416,"type":417,"label":418,"file":419,"line":309},"n0","source","$_FILES","svc\\pukiwiki\\plugin\\dump.inc.php",{"id":421,"type":422,"label":423,"file":419,"line":424,"wp_function":425},"n1","sink","header() [Header Injection]",198,"header",[427],{"from":416,"to":421,"sanitized":428},false,"medium",{"entryPoint":431,"graph":432,"unsanitizedCount":408,"severity":441},"\u003Cpukiwiki.css> (svc\\pukiwiki\\skin\\pukiwiki.css.php:0)",{"nodes":433,"edges":439},[434,436],{"id":416,"type":417,"label":435,"file":250,"line":11},"$_GET",{"id":421,"type":422,"label":437,"file":250,"line":154,"wp_function":438},"echo() [XSS]","echo",[440],{"from":416,"to":421,"sanitized":428},"low",{"entryPoint":443,"graph":444,"unsanitizedCount":408,"severity":441},"\u003Ctdiary.css> (svc\\pukiwiki\\skin\\tdiary.css.php:0)",{"nodes":445,"edges":448},[446,447],{"id":416,"type":417,"label":435,"file":304,"line":11},{"id":421,"type":422,"label":437,"file":304,"line":247,"wp_function":438},[449],{"from":416,"to":421,"sanitized":428},{"summary":451,"deductions":452},"The \"pukiwiki-for-wordpress\" plugin v0.2.3 exhibits a concerning security posture despite a lack of publicly disclosed vulnerabilities.  While the static analysis reveals no direct entry points like AJAX handlers, REST API routes, or shortcodes, and SQL queries are properly prepared, several critical code signals raise significant red flags. The presence of 12 instances of the `create_function` dangerous function is a major concern, as it can lead to code injection vulnerabilities. Furthermore, 100% of the 106 output operations are not properly escaped, meaning that any user-supplied data displayed on the frontend or backend could be vulnerable to cross-site scripting (XSS) attacks. The taint analysis also identified 3 flows with unsanitized paths, indicating potential for path traversal vulnerabilities, although these are not classified as critical or high severity in the provided data. The plugin's vulnerability history is empty, which could imply a history of good security practices or simply a lack of past discoveries. However, the identified code signals, particularly the unescaped output and use of `create_function`, present substantial risks that outweigh the absence of CVEs. A strong emphasis on output escaping and secure code practices is urgently needed.",[453,456,458,461,463],{"reason":454,"points":455},"Unescaped output across all operations",8,{"reason":457,"points":65},"Use of dangerous create_function",{"reason":459,"points":460},"Unsanitized paths in taint analysis",5,{"reason":462,"points":460},"No capability checks on entry points",{"reason":464,"points":460},"No nonce checks on entry points","2026-03-16T22:41:37.823Z",{"wat":467,"direct":474},{"assetPaths":468,"generatorPatterns":470,"scriptPaths":471,"versionParams":473},[469],"\u002Fwp-content\u002Fplugins\u002Fpukiwiki-for-wordpress\u002Fpukiwiki.css",[],[472],"\u002Fwp-content\u002Fplugins\u002Fpukiwiki-for-wordpress\u002Fadmin.js",[],{"cssClasses":475,"htmlComments":477,"htmlAttributes":478,"restEndpoints":479,"jsGlobals":480,"shortcodeOutput":481},[476],"pukiwiki_content",[],[],[],[],[482,483],"\u003Cdiv id=\"pukiwiki_content","\" class=\"pukiwiki_content\">"]