[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHSxmea4vykrx0ftOu5iC9DP103wvsn0O-h-NjV4WAMw":3,"$fBtBWUqNG03v4KLTQYP7QMSG0HaeHE8wLm4h7JE6lgyk":98,"$fzbcbY84A3uI9pX9JCCJUHazM6EyNg4iLtHMm8qTQtOY":102},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":36,"analysis":37,"fingerprints":83},"purge-black-hat-seo","Purge BlackHat SEO","1.0.0","EazyServer","https:\u002F\u002Fprofiles.wordpress.org\u002Feazyserver\u002F","\u003Cp>There has been an increase in attacks on wp sites where attackers implant malicous contents into your posts and pages that are not visible to human users but visible to crawlers such as google. Therefore we made this plugin, which will scan through all your posts and pages purging any malicious black-hat SEO infection.\u003C\u002Fp>\n\u003Cp>However, you would still need to find and remove the virus that generates this malicious infection.\u003C\u002Fp>\n\u003Cp>How to use:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Please make sure to make a full backup of your DB (or at leat your pages and posts) in case you want to revert back.\u003C\u002Fli>\n\u003Cli>Find the signature of the infection. usually it got “style:” with weird padding, alignment numbers etc (to hide from human user). See screenshots for an example.\u003C\u002Fli>\n\u003Cli>There are few control checkboxs to target certain pages or posts.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin will scan through all your posts and pages purging any malicious black-hat SEO infection",10,1518,0,"2016-05-07T19:34:00.000Z","",[17,18,19,20,21],"black-hat","black-hat-seo","malicious-divs","malicious-infection","purge-blackhat","https:\u002F\u002Fgithub.com\u002FEazyServer\u002Fpurge_blackhat_seo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpurge-black-hat-seo.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":33,"computed_at":35},"eazyserver",4,40,80,30,"2026-05-20T14:03:21.023Z",[],{"attackSurface":38,"codeSignals":57,"taintFlows":72,"riskAssessment":73,"analyzedAt":82},{"hooks":39,"ajaxHandlers":46,"restRoutes":53,"shortcodes":54,"cronEvents":55,"entryPointCount":56,"unprotectedCount":13},[40],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","admin_menu","purge_menu","purge.php",13,[47],{"action":48,"nopriv":49,"callback":50,"hasNonce":51,"hasCapCheck":49,"file":44,"line":52},"purge_blackhat_seo",false,"_purge_blackhat_seo_callback",true,145,[],[],[],1,{"dangerousFunctions":58,"sqlUsage":59,"outputEscaping":61,"fileOperations":13,"externalRequests":13,"nonceChecks":56,"capabilityChecks":13,"bundledLibraries":71},[],{"prepared":13,"raw":13,"locations":60},[],{"escaped":13,"rawEcho":62,"locations":63},3,[64,67,69],{"file":44,"line":65,"context":66},36,"raw output",{"file":44,"line":68,"context":66},111,{"file":44,"line":70,"context":66},219,[],[],{"summary":74,"deductions":75},"The \"purge-black-hat-seo\" v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis.  It demonstrates good practices by having no known vulnerabilities, no critical or high severity taint flows, and all SQL queries utilize prepared statements. The absence of shortcodes, cron events, and REST API routes, along with only one AJAX handler which has a nonce check, significantly limits the potential attack surface. However, a notable concern is the complete lack of output escaping for all three identified output points. This could allow for cross-site scripting (XSS) vulnerabilities if user-supplied data is directly outputted without sanitization. Additionally, while a nonce check is present on the single AJAX handler, there are no capability checks, meaning any authenticated user, regardless of their role, could potentially trigger this handler.",[76,79],{"reason":77,"points":78},"0% output escaping",8,{"reason":80,"points":81},"No capability checks on AJAX",5,"2026-03-17T00:12:21.189Z",{"wat":84,"direct":89},{"assetPaths":85,"generatorPatterns":86,"scriptPaths":87,"versionParams":88},[],[],[],[],{"cssClasses":90,"htmlComments":91,"htmlAttributes":92,"restEndpoints":93,"jsGlobals":95,"shortcodeOutput":97},[],[],[],[94],"\u002Fwp-ajax-handler?action=purge_blackhat_seo",[96],"ajaxurl",[],{"error":51,"url":99,"statusCode":100,"statusMessage":101,"message":101},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpurge-black-hat-seo\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":103},[]]