[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8B2rfcFa6FhQZyYotDbXeuXz0eIed1-yVuVSwvv7uWU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":35,"analysis":127,"fingerprints":252},"push-notifications-ios","Push Notification iOS","0.3","zedamin","https:\u002F\u002Fprofiles.wordpress.org\u002Fzedamin\u002F","\u003Cp>This plugin allows you to send notifications directly from your WordPress site with payload (JSON) to all devices, that have installed your app to notify users about something new.\u003C\u002Fp>\n\u003Cp>Now, go to Installation section to find out how to install and use plugin.\u003C\u002Fp>\n","This plugin allows you to send Push Notifications directly from your WordPress site to your iOS app.",10,1739,40,1,"2013-11-22T14:08:00.000Z","3.7.41","3.6","",[20,21,22,23,24],"ios","ipad","iphone","ipod-touch","push-notifications","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpush-notifications-ios.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},30,84,"2026-04-04T09:25:44.564Z",[36,56,78,94,110],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":54,"download_link":55,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"retina-2x","Retina @2x","1.6","Wouter Postma","https:\u002F\u002Fprofiles.wordpress.org\u002Fwouterpostmanl\u002F","\u003Cp>This plugin adds a simple Javascript to your WordPress website that will check for each image if there is a retina version available. This will make sure that your images (logo’s, buttons, images with text) look sharp on Apple devices with retina displays.\u003C\u002Fp>\n\u003Cp>When you have for example a logo of 200 by 200 pixels called “Logo.png”, you will need to upload a second image of 400 by 400 pixels called “Logo@2x.png” in the exact same directory.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fimulus.github.io\u002Fretinajs\u002F\" rel=\"nofollow ugc\">Retina.js by imulus\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwouterpostmanl#content-plugins\" rel=\"nofollow ugc\">View my other plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A plugin that looks for retina images automatically based on the @2x naming convention.",800,10993,100,6,"2017-05-13T15:50:00.000Z","4.8.28","3.0.1",[52,20,21,22,53],"images","retina","https:\u002F\u002Fwouterpostma.nl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fretina-2x.1.6.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":33,"vuln_count":76,"unpatched_count":27,"last_vuln_date":77,"fetched_at":29},"smart-app-banner","Smart App Banner","1.1.6","stephend","https:\u002F\u002Fprofiles.wordpress.org\u002Fstephend\u002F","\u003Cp>This is a WordPress plugin that allows you to use the Smart App Banners with your\u003Cbr \u002F>\nWordPress blog.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdeveloper.apple.com\u002Flibrary\u002Fios\u002F#documentation\u002FAppleApplications\u002FReference\u002FSafariWebContent\u002FPromotingAppswithAppBanners\u002FPromotingAppswithAppBanners.html#\u002F\u002Fapple_ref\u002Fdoc\u002Fuid\u002FTP40002051-CH6-SW1\" rel=\"nofollow ugc\">According to Apple\u003C\u002Fa>, Smart App Banners:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>vastly improve users’ browsing experience compared to other promotional methods.\u003Cbr \u002F>\n  As banners are implemented in iOS 6, they will provide a consistent look and\u003Cbr \u002F>\n  feel across the web that users will come to recognize. Users will trust that tapping the\u003Cbr \u002F>\n  banner will take them to the App Store and not a third-party advertisement. They will\u003Cbr \u002F>\n  appreciate that banners are presented unobtrusively at the top of a webpage, instead of\u003Cbr \u002F>\n  as a full-screen ad interrupting the web content. And with a large and prominent\u003Cbr \u002F>\n  close button, a banner is easy for users to dismiss.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>It’s really simple to use. In short, you download and activate the plugin. On pages and posts you should find a “Smart App Banner” settings box. If you want the Smart App Banner to appear on this page then enter the App ID of your application here. You can also enter affiliate data and an app argument here.\u003C\u002Fp>\n\u003Cp>If you want to display a banner on the home page there’s a setting screen (Settings -> Smart App Banner) where you can enter the App ID.\u003C\u002Fp>\n\u003Cp>You can find the App ID in iTunes Connect, using the\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fitunes.apple.com\u002Flinkmaker\u002F\" rel=\"nofollow ugc\">iTunes Link Maker\u003C\u002Fa> or if the iTunes URL for your\u003Cbr \u002F>\napp looks like this:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fitunes.apple.com\u002Fus\u002Fapp\u002Frootn-tootn-baby-feed-timer\u002Fid530589336?ls=1&mt=8\u003C\u002Fp>\n\u003Cp>Then your ID is “530589336”.\u003C\u002Fp>\n\u003Cp>The other two fields are optional.\u003C\u002Fp>\n\u003Cp>The affiliate data field varies depending on the affiliate. The most common is PHG, where the value looks like “at=AFFILIATE_TOKEN” or “at=AFFILIATE_TOKEN&ct=CAMPAIGN” (without the quotes). You can find the token when you sign into the PHG website. The campaign is just some text you use to identify a particular marketing campaign.\u003C\u002Fp>\n\u003Cp>So I might have “at=11lmMT&ct=wordpress” on the product pages of my website. Check the documentation to find your affiliate token and confirm the format.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdeveloper.apple.com\u002Flibrary\u002Fios\u002Fdocumentation\u002FAppleApplications\u002FReference\u002FSafariWebContent\u002FPromotingAppswithAppBanners\u002FPromotingAppswithAppBanners.html\" rel=\"nofollow ugc\">According to the documentation\u003C\u002Fa>, the app argument value is:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>A URL that provides context to your native app. If you include this, and the user has your\u003Cbr \u002F>\n  app installed, she can jump from your website to the corresponding position in your iOS app.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>This plugin does not restrict or validate what you put here.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>You can format it however you’d like, as long as it is a valid URL.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","This is a WordPress plugin that allows you to use Smart App Banners, introduced in iOS 6, with your WordPress blog.",600,24996,94,3,"2024-03-23T20:35:00.000Z","6.4.8","4.6",[72,73,20,21,22],"apple","banner","https:\u002F\u002Fwww.zx81.org.uk\u002Fsoftware\u002Fwordpress-smart-app-banner-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-app-banner.1.1.6.zip",2,"2023-10-18 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":46,"num_ratings":14,"last_updated":88,"tested_up_to":89,"requires_at_least":50,"requires_php":18,"tags":90,"homepage":92,"download_link":93,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"ios-smart-app-banner-for-safari","iOS Smart App Banner For Safari","1.0","carpemobile","https:\u002F\u002Fprofiles.wordpress.org\u002Fcarpemobile\u002F","\u003Cp>This WordPress plugin gives you an easy way to add a Smart App Banner for your app (or any iOS app) to any of your pages. What sets this plugin above the others out there is that it makes it easy to add your app, affiliate identifier, affiliate campaign name and deep link app arguments. You can change any of these parameters for each page on your WordPress site.e\u003C\u002Fp>\n\u003Cp>It is really easy to get up and running! Just download and install the plugin, then edit any page that you would like to have a Smart App Banner displayed for and enter the App Store ID for the app.\u003C\u002Fp>\n","iOS Smart App Banner For Safari plugin quickly and easily displays app banners for your web users who are using mobile Safari on iOS.",20,2105,"2016-01-22T18:15:00.000Z","4.4.34",[20,21,22,91,57],"smart","http:\u002F\u002Fcarpemobile.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fios-smart-app-banner-for-safari.1.0.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":11,"downloaded":102,"rating":46,"num_ratings":76,"last_updated":103,"tested_up_to":104,"requires_at_least":18,"requires_php":18,"tags":105,"homepage":108,"download_link":109,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"app-reviews-lite","App Reviews LITE","1.4","admapps","https:\u002F\u002Fprofiles.wordpress.org\u002Fadmapps\u002F","\u003Cp>App Reviews Plugin, \u003Ca href=\"http:\u002F\u002Fappreviewsplugin.com\u002F\" title=\"the best way to highlight your iOS app reviews within WordPress\" rel=\"friend nofollow ugc\">the best way to highlight your iOS app reviews within WordPress, is now available in its Lite form!\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you are an iOS app developer with a WordPress marketing site for your mobile app, you’ve experienced the hassle of copying\u002Fpasting reviews from the iOS App Store onto your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Ratings and reviews give your app the social proof that it needs to convince others to download it\u003C\u002Fstrong>, so it’s critical to show them on your marketing web site as well. Stop the madness of finding, copying, and pasting reviews from the App Store onto your site – let the App Reviews plugin automatically display the latest reviews for you. \u003Cstrong>5 minute setup, no maintenance required.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The App Reviews plugin gives you a shortcode to put to use on your WordPress marketing site. All you have to do is put in the app id from the iOS App Store, and the plugin will do the rest. A flexible, responsive carousel will display on your site and show off your app’s ratings and reviews to everyone who comes to your site.\u003C\u002Fp>\n\u003Cp>\u003Cem>Never copy and paste reviews from the App Store again with the App Reviews plugin!\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note: This is the lite version of the App Reviews Plugin. Want even more features and customization? \u003Ca href=\"http:\u002F\u002Fappreviewsplugin.com\u002Fpricing\u002F\" title=\"Click here to purchase the best plugin to highlight your iOS app reviews within WordPress!\" rel=\"friend nofollow ugc\">Click here to purchase the best plugin to highlight your iOS app reviews within WordPress!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Carousel to display iOS app ratings & reviews right from the App Store in real time on your Wordpress site. No maintenance required.",2504,"2020-07-11T14:55:00.000Z","5.4.19",[20,21,22,106,107],"itunes","marketing","http:\u002F\u002Fappreviewsplugin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapp-reviews-lite.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":11,"downloaded":118,"rating":46,"num_ratings":14,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":18,"tags":122,"homepage":125,"download_link":126,"security_score":46,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"ipad-rubberneck-disrupter","iPad Rubberneck Disrupter","1.0.2","cubecolour","https:\u002F\u002Fprofiles.wordpress.org\u002Fnumeeja\u002F","\u003Cp>When you login to your WordPress site on your iPad, iPhone or iPod Touch, each character of your password will be displayed as you enter it.\u003C\u002Fp>\n\u003Cp>This is not ideal when you login to a WordPress site from your iPad as part of a presentation or screencast, or when you login in a public place and someone might be looking over your shoulder.\u003C\u002Fp>\n\u003Cp>This plugin obscures the password as you type it on your iPad; It causes each character of the password to appear as a plain disc.\u003C\u002Fp>\n\u003Cp>Note:\u003Cbr \u002F>\nThe iPad’s soft keys highlight to indicate a keystroke. If you are presenting on an external screen or projector, in addition to masking the password with this plugin, it is recommended to use a bluetooth keyboard paired to your iPad so that the soft keyboard does not appear on the screen.\u003C\u002Fp>\n","Hides the WordPress login password as it is typed on your iPad or other IOS device.",9653,"2025-06-23T10:00:00.000Z","6.8.5","3.5",[20,21,22,123,124],"ipod","password","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fipad-rubberneck-disrupter\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fipad-rubberneck-disrupter.1.0.2.zip",{"attackSurface":128,"codeSignals":153,"taintFlows":185,"riskAssessment":241,"analyzedAt":251},{"hooks":129,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":152,"entryPointCount":27,"unprotectedCount":27},[130,136,140,145],{"type":131,"name":132,"callback":133,"file":134,"line":135},"filter","page_template","push_notifications_page_template","push_notifications.php",487,{"type":131,"name":137,"callback":138,"file":134,"line":139},"upload_mimes","add_custom_upload_mimes",488,{"type":141,"name":142,"callback":143,"file":134,"line":144},"action","admin_head","push_notifications_css",490,{"type":141,"name":146,"callback":147,"file":134,"line":148},"admin_menu","push_notifications_admin_pages",491,[],[],[],[],{"dangerousFunctions":154,"sqlUsage":155,"outputEscaping":161,"fileOperations":14,"externalRequests":27,"nonceChecks":76,"capabilityChecks":76,"bundledLibraries":184},[],{"prepared":156,"raw":14,"locations":157},12,[158],{"file":134,"line":159,"context":160},284,"$wpdb->get_var() with variable interpolation",{"escaped":27,"rawEcho":11,"locations":162},[163,166,168,170,172,174,176,178,180,182],{"file":134,"line":164,"context":165},31,"raw output",{"file":134,"line":167,"context":165},32,{"file":134,"line":169,"context":165},33,{"file":134,"line":171,"context":165},204,{"file":134,"line":173,"context":165},243,{"file":134,"line":175,"context":165},273,{"file":134,"line":177,"context":165},287,{"file":134,"line":179,"context":165},341,{"file":134,"line":181,"context":165},350,{"file":134,"line":183,"context":165},398,[],[186,217,232],{"entryPoint":187,"graph":188,"unsanitizedCount":14,"severity":216},"push_notifications_create_form (push_notifications.php:374)",{"nodes":189,"edges":210},[190,195,200,204,208],{"id":191,"type":192,"label":193,"file":134,"line":194},"n0","source","$_SERVER['PHP_SELF']",401,{"id":196,"type":197,"label":198,"file":134,"line":183,"wp_function":199},"n1","sink","echo() [XSS]","echo",{"id":201,"type":192,"label":202,"file":134,"line":203},"n2","$_POST['json']",387,{"id":205,"type":206,"label":207,"file":134,"line":203},"n3","transform","→ push_notifications_send()",{"id":209,"type":197,"label":198,"file":134,"line":173,"wp_function":199},"n4",[211,213,215],{"from":191,"to":196,"sanitized":212},true,{"from":201,"to":205,"sanitized":214},false,{"from":205,"to":209,"sanitized":214},"medium",{"entryPoint":218,"graph":219,"unsanitizedCount":14,"severity":216},"\u003Cpush_notifications> (push_notifications.php:0)",{"nodes":220,"edges":228},[221,224,225,226,227],{"id":191,"type":192,"label":222,"file":134,"line":223},"$_SERVER['PHP_SELF'] (x2)",345,{"id":196,"type":197,"label":198,"file":134,"line":179,"wp_function":199},{"id":201,"type":192,"label":202,"file":134,"line":203},{"id":205,"type":206,"label":207,"file":134,"line":203},{"id":209,"type":197,"label":198,"file":134,"line":173,"wp_function":199},[229,230,231],{"from":191,"to":196,"sanitized":212},{"from":201,"to":205,"sanitized":214},{"from":205,"to":209,"sanitized":214},{"entryPoint":233,"graph":234,"unsanitizedCount":27,"severity":240},"push_notifications_change_settigs (push_notifications.php:298)",{"nodes":235,"edges":238},[236,237],{"id":191,"type":192,"label":193,"file":134,"line":223},{"id":196,"type":197,"label":198,"file":134,"line":179,"wp_function":199},[239],{"from":191,"to":196,"sanitized":212},"low",{"summary":242,"deductions":243},"The \"push-notifications-ios\" v0.3 plugin exhibits a mixed security posture. On the positive side, there are no known vulnerabilities (CVEs) recorded, and the plugin demonstrates good practices by heavily favoring prepared statements for its SQL queries and including nonce and capability checks. The absence of a large attack surface through AJAX handlers, REST API routes, shortcodes, and cron events is also a significant strength.\n\nHowever, several concerning signals emerge from the static code analysis. The most critical is the complete lack of output escaping, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities where dynamic data is displayed to users. Additionally, the taint analysis reveals flows with unsanitized paths, suggesting potential for directory traversal or other path manipulation issues, even if no critical or high severity issues were flagged in this specific analysis. The presence of file operations without further context also warrants caution.\n\nGiven the lack of historical vulnerabilities, it's difficult to infer patterns. This could mean the plugin is well-maintained and secure, or simply that it hasn't been a target or thoroughly audited in the past. The current findings, particularly the unescaped output and unsanitized paths, represent tangible risks that require immediate attention, outweighing the positive aspects of its low attack surface and SQL query preparedness.",[244,247,249],{"reason":245,"points":246},"0% output escaping",8,{"reason":248,"points":47},"Taint flows with unsanitized paths (2)",{"reason":250,"points":67},"File operations present","2026-03-17T01:26:16.170Z",{"wat":253,"direct":263},{"assetPaths":254,"generatorPatterns":260,"scriptPaths":261,"versionParams":262},[255,256,257,258,259],"\u002Fwp-content\u002Fplugins\u002Fpush-notifications-ios\u002Fstyles\u002Fpn_style.css","\u002Fwp-content\u002Fplugins\u002Fpush-notifications-ios\u002Fstyles\u002Fpn_buttons.css","\u002Fwp-content\u002Fplugins\u002Fpush-notifications-ios\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fpush-notifications-ios\u002Fimg\u002Ficon.png","\u002Fwp-content\u002Fplugins\u002Fpush-notifications-ios\u002Fimg\u002Flogo.png",[],[257],[],{"cssClasses":264,"htmlComments":265,"htmlAttributes":266,"restEndpoints":268,"jsGlobals":269,"shortcodeOutput":270},[],[],[267],"register_user_device.php",[],[],[]]