[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f44YKWD49q5_PgKVdYvG7MVoSSsAeTxkFMDq1ud8HVfg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":134,"fingerprints":217},"qiriman","Qiriman","1.0.4","idwebmobile","https:\u002F\u002Fprofiles.wordpress.org\u002Fidwebmobile\u002F","\u003Cp>Qiriman is a WooCommerce plugin that provide shipping method from various expedition in Indonesia.\u003C\u002Fp>\n\u003Cp>This plugin support shipping via JNE, JNT, POS, TIKI, and WAHANA. Currently, only support shipping within Indonesia.\u003C\u002Fp>\n\u003Cp>You can use the free vesion for shipping via JNE. The premium version give you access to shipping via another expedition.\u003C\u002Fp>\n","Qiriman is a WooCommerce plugin that provide shipping method from various expedition in Indonesia.",10,2583,0,"2019-02-12T07:05:00.000Z","5.0.25","4.9.0","7.1.0",[19,20,21,22,23],"delivery-cost","indonesia","ongkir","ongkos-kirim","woocommerce","https:\u002F\u002Fqiriman.idwebmobile.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fqiriman.1.0.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-04T14:40:35.138Z",[36,61,83,103,118],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":59,"last_vuln_date":60,"fetched_at":28},"epeken-all-kurir","Epeken All Kurir for Woocommerce","2.0.6","epeken","https:\u002F\u002Fprofiles.wordpress.org\u002Fepeken\u002F","\u003Cp>Epeken All Kurir for WooCommerce is a wordpress plugin for woocommerce to enable shipping methods featuring many shipping companies in Indonesia for Indonesia e-commerce. This is very popular plugin that many woocommerce online shops in Indonesia have installed. However, you need to have license to use this plugin and subscribe to our shipping data. \u003Ca href=\"http:\u002F\u002Fwww.epeken.com\u002Fshop\u002Fepeken-all-kurir-license\u002F\" rel=\"nofollow ugc\">Buy our valid anual or monthly license to continue using this plugin\u003C\u002Fa>. This Plugin is compatible with marketplace plugins like \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fproduct-vendors\u002F\" rel=\"nofollow ugc\">Woocommerce Product Vendors\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fid.wordpress.org\u002Fplugins\u002Fwc-vendors\u002F\" rel=\"nofollow ugc\">wc-vendors\u003C\u002Fa> , \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdc-woocommerce-multi-vendor\u002F\" rel=\"ugc\">MultiVendorX\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fyithemes.com\u002Fthemes\u002Fplugins\u002Fyith-woocommerce-multi-vendor\u002F\" rel=\"nofollow ugc\">Yith Woocommerce Multi Vendor\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwoocommerce-dropshippers\u002F7615263\" rel=\"nofollow ugc\">woocommerce-dropshippers\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-multivendor-marketplace\u002F\" rel=\"ugc\">Woocommerce Multivendor Marketplace\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdokan-lite\u002F\" rel=\"ugc\">dokan\u003C\u002Fa> if you want to build marketplace ecommerce based on wordpress and woocommerce.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fepeken.com\u002Fdemo\" rel=\"nofollow ugc\">Try Our Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin is developed by epeken. copyright (c) 2015 by \u003Ca href=\"http:\u002F\u002Fwww.epeken.com\" rel=\"nofollow ugc\">epeken\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Supporting Expeditions\u003C\u002Fh4>\n\u003Cp>JNE, TIKI, POS, NSS, J&T, RPX, SICEPAT, WAHANA, JMX, LION PARCEL, NINJA EXPRESS, JNE TRUCKING, DAKOTA CARGO\u003C\u002Fp>\n\u003Ch4>Ekspedisi Anteraja\u003C\u002Fh4>\n\u003Cp>Epeken in collaboration with Anterja has released Anteraja plugin for WooCommerce. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fanteraja\" rel=\"ugc\">Check this out\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Strength & flexibility\u003C\u002Fh4>\n\u003Cp>This plugin is built using WordPress best practises both on the front and the back end. This results in an efficient, robust and intuitive plugin. Currently this plugin supports latest version of woocommerce and wordpress.\u003C\u002Fp>\n\u003Ch4>Customizable\u003C\u002Fh4>\n\u003Cp>Your business is unique, you may modify this plugin to meet your business requirement. You may refer to woocommerce plugin customization page and wordpress plugin development page to do it. Any concerns and questions, you may submit them and contact us : support@epeken.com.\u003C\u002Fp>\n","Epeken All Kurir is a wordpress plugin for woocommerce to enable shipping method featuring many shipping companies for Indonesia e-commerce.",500,71686,94,23,"2026-01-05T22:19:00.000Z","6.9.4","4.0","",[40,53,21,22,54],"jne","shipping","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fepeken-all-kurir","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fepeken-all-kurir.2.0.6.zip",55,3,2,"2025-09-22 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":80,"download_link":81,"security_score":82,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"shipping-discount","Shipping Discount for WooCommerce: Easy Make a Coupon for Shipping","1.2.2","Ali","https:\u002F\u002Fprofiles.wordpress.org\u002Fsitusali\u002F","\u003Cp>Want to make a strikeout price for shipping? It’s easy to use the shipping discount plugin, all you have to do is set the shipping discount you want.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy without the need for a lot of configuration, just set it in the default WooCommerce coupon menu.\u003C\u002Fli>\n\u003Cli>There is an additional discount type “Shipping Discount” in the coupon settings.\u003C\u002Fli>\n\u003Cli>There are 3 types of discounts: Free Shipping, Fixed Amount, and Percentage.\u003C\u002Fli>\n\u003Cli>There is detailed discount information in the WP Admin.\u003C\u002Fli>\n\u003Cli>There is an additional meta in Shipping.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Need support?\u003C\u002Fh3>\n\u003Cp>Please contact to situsali.id@gmail.com and we will be happy to assist you.\u003C\u002Fp>\n\u003Ch3>Rate us & Review\u003C\u002Fh3>\n\u003Cp>If you love our plugins, please give us a full five-star rating, so that we know that our work is valued and appreciated.\u003Cbr \u002F>\nThis will be the drive and motivation for us to further improve our plugins with more useful features.\u003C\u002Fp>\n\u003Cp>We highly appreciate your support and love.\u003C\u002Fp>\n","Want to make a strikeout price for shipping? It's easy to use the shipping discount plugin, all you have to do is set the shipping discount you w &hellip;",300,6583,100,5,"2024-11-26T00:32:00.000Z","6.7.5","4.8","7.0",[78,21,54,79,23],"discount","simple","https:\u002F\u002Fgithub.com\u002Faliterm\u002Fshipping-discount","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshipping-discount.1.2.2.zip",92,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":71,"num_ratings":59,"last_updated":51,"tested_up_to":93,"requires_at_least":94,"requires_php":51,"tags":95,"homepage":100,"download_link":101,"security_score":71,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":102},"woo-payment-gateways-bank-indo-kode-payment","WooWIB – Payment Gateways Bank Indonesia","2.3.3","Yudhi Purnomo","https:\u002F\u002Fprofiles.wordpress.org\u002Finitialdhi\u002F","\u003Cp>** WooWIB – Payment Gateways Bank Indonesia **\u003Cbr \u002F>\nWooCommerce default provides 1 bank transfer payment gateway for all your bank accounts.  And this WooCommerce extension which provides Indonesian banks (BCA, BNI, Mandiri and BRI) as payment method for checkout on WooCommerce. And give code payment to make it easier to check the transfer of consumer funds in the seller’s account. Code payment is 3 digits (random) added to total shopping automatically. This plugin does nothing except:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Providing list of Indonesian Banks checkout\u003C\u002Fli>\n\u003Cli>Providing Bank information on order notes on the dashboard, customer email, etc\u003C\u002Fli>\n\u003Cli>Providing Payment code for checkout\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Hopefully barokah & useful 🙂\u003C\u002Fp>\n","WooWIB - Payment Gateways Bank Indonesia plugin with 3 digits code payment",50,18439,"6.1.10","5.7.0",[96,97,98,23,99],"cart","indonesian-banks","online-store","woocommerce-payment","#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-payment-gateways-bank-indo-kode-payment.zip","2026-03-15T10:48:56.248Z",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":11,"downloaded":111,"rating":13,"num_ratings":13,"last_updated":112,"tested_up_to":49,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":51,"download_link":117,"security_score":71,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"jne-shipping-official","JNE Shipping – Plugin Ongkos Kirim Resmi Untuk WooCommerce","1.8.0","JNE (PT. Tiki Jalur Nugraha Ekakurir)","https:\u002F\u002Fprofiles.wordpress.org\u002Fjneshipping\u002F","\u003Cp>Plugin WordPress terintegrasi dengan WooCommerce untuk layanan pengiriman JNE di Indonesia.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>Plugin ini terhubung ke API Resmi JNE untuk menyediakan fungsionalitas pengiriman untuk toko WooCommerce di Indonesia. Dengan menggunakan plugin ini, Anda menyetujui bahwa data akan dikirimkan ke layanan API resmi JNE seperti yang dijelaskan di bawah ini.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Layanan API Resmi JNE\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>URL Layanan:\u003C\u002Fstrong> https:\u002F\u002Fshipping.jne.co.id\u003Cbr \u002F>\n\u003Cstrong>Penyedia Layanan:\u003C\u002Fstrong> PT. Tiki Jalur Nugraha Ekakurir (JNE)\u003C\u002Fp>\n\u003Cp>Untuk apa layanan ini digunakan:\u003Cbr \u002F>\n– Registrasi toko dan autentikasi dengan layanan JNE\u003Cbr \u002F>\n– Mengambil tarif pengiriman real-time dan opsi pengiriman\u003Cbr \u002F>\n– Membuat label pengiriman (AWB – Air Waybill)\u003Cbr \u002F>\n– Melacak status pengiriman dan pembaruan pengiriman\u003Cbr \u002F>\n– Mengelola permintaan penjemputan dan penjadwalan\u003Cbr \u002F>\n– Mendapatkan data lokasi asal dan tujuan\u003C\u002Fp>\n\u003Cp>Data apa yang dikirim dan kapan:\u003Cbr \u002F>\n– \u003Cstrong>Registrasi toko\u003C\u002Fstrong>: Nama toko, URL, detail kontak, dan informasi PIC (Person in Charge) selama setup dan konfigurasi plugin awal\u003Cbr \u002F>\n– \u003Cstrong>Perhitungan pengiriman\u003C\u002Fstrong>: Alamat pengiriman pelanggan (nama, alamat, kota, kode pos, nomor telepon), berat dan dimensi paket saat menghitung tarif pengiriman selama checkout\u003Cbr \u002F>\n– \u003Cstrong>Pembuatan AWB\u003C\u002Fstrong>: Detail pesanan lengkap termasuk informasi pengirim dan penerima, detail item (nama, jumlah, berat, dimensi), dan layanan pengiriman yang dipilih saat membuat label pengiriman\u003Cbr \u002F>\n– \u003Cstrong>Permintaan pelacakan\u003C\u002Fstrong>: Nomor AWB saat meminta pembaruan status pengiriman\u003Cbr \u002F>\n– \u003Cstrong>Permintaan penjemputan\u003C\u002Fstrong>: Data lokasi penjemputan, penjadwalan yang diinginkan, dan informasi kontak saat meminta penjemputan paket\u003Cbr \u002F>\n– \u003Cstrong>Pencarian lokasi\u003C\u002Fstrong>: Kata kunci pencarian atau kode pos saat mencari asal atau tujuan di antarmuka admin\u003Cbr \u002F>\n– \u003Cstrong>Autentikasi\u003C\u002Fstrong>: Kunci akses API dan token untuk otorisasi layanan\u003C\u002Fp>\n\u003Cp>Transmisi data terjadi:\u003Cbr \u002F>\n– Selama setup dan konfigurasi plugin (registrasi toko dengan JNE)\u003Cbr \u002F>\n– Ketika pelanggan menghitung biaya pengiriman selama proses checkout\u003Cbr \u002F>\n– Ketika pemilik toko memproses pesanan dan membuat label AWB\u003Cbr \u002F>\n– Ketika melacak status pengiriman melalui antarmuka admin atau pelacakan pelanggan\u003Cbr \u002F>\n– Ketika menjadwalkan permintaan penjemputan untuk paket\u003Cbr \u002F>\n– Ketika mencari lokasi asal\u002Ftujuan di admin\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Keamanan dan Transmisi Data:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Semua permintaan dikirim dengan aman melalui enkripsi HTTPS ke shipping.jne.co.id\u003Cbr \u002F>\n– Data digunakan semata-mata untuk memfasilitasi operasi pengiriman dengan layanan JNE untuk pesanan Anda\u003Cbr \u002F>\n– Plugin tidak menyimpan informasi pembayaran pelanggan yang sensitif\u003Cbr \u002F>\n– Anda harus mendapatkan dan mengonfigurasi kredensial akses API JNE di pengaturan plugin\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Ketentuan Layanan dan Kebijakan Privasi:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Situs Web Resmi JNE: https:\u002F\u002Fwww.jne.co.id\u003Cbr \u002F>\n– Ketentuan Layanan JNE: https:\u002F\u002Fwww.jne.co.id\u002Fid\u002Ftentang-jne\u002Fsyarat-ketentuan\u003Cbr \u002F>\n– Kebijakan Privasi JNE: https:\u002F\u002Fwww.jne.co.id\u002Fid\u002Ftentang-jne\u002Fkebijakan-privasi\u003Cbr \u002F>\n– Dukungan Pelanggan JNE: https:\u002F\u002Fwww.jne.co.id\u002Fid\u002Fhubungi-kami\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Opsi Opt-out:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Jika Anda menonaktifkan plugin ini atau tidak mengonfigurasi kredensial API JNE, tidak ada data yang akan dikirim ke JNE\u003Cbr \u002F>\n– Anda dapat secara selektif menonaktifkan fitur tertentu (pelacakan, penjadwalan penjemputan) untuk membatasi transmisi data\u003Cbr \u002F>\n– Menghapus instalasi plugin akan menghentikan semua transmisi data ke layanan JNE\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kepatuhan Hukum dan Tanggung Jawab:\u003C\u002Fstrong>\u003Cbr \u002F>\nSebagai pemilik situs, Anda bertanggung jawab untuk:\u003Cbr \u002F>\n– Memastikan Anda memiliki dasar hukum yang tepat dan persetujuan pelanggan untuk mengirimkan data pribadi ke JNE untuk keperluan pengiriman\u003Cbr \u002F>\n– Kepatuhan terhadap undang-undang perlindungan data yang berlaku (GDPR, Undang-Undang Perlindungan Data Pribadi Indonesia\u002FUU PDP, dll.)\u003Cbr \u002F>\n– Menginformasikan kepada pelanggan bahwa data pengiriman mereka akan diproses oleh JNE untuk layanan pengiriman\u003Cbr \u002F>\n– Mempertahankan kebijakan privasi dan ketentuan layanan yang sesuai di situs web Anda\u003C\u002Fp>\n","Plugin pengiriman JNE resmi untuk WooCommerce di Indonesia. Menyediakan tarif real-time, pembuatan AWB, dan pelacakan pengiriman.",1068,"2026-02-16T16:46:00.000Z","5.0","7.4",[116,20,53,54,23],"courier","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjne-shipping-official.1.8.0.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":13,"downloaded":126,"rating":13,"num_ratings":13,"last_updated":51,"tested_up_to":127,"requires_at_least":128,"requires_php":114,"tags":129,"homepage":51,"download_link":133,"security_score":71,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":102},"brankas-payment-for-woocommerce","Brankas Payment for WooCommerce","1.3.1","brankasmkp","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrankasmkp\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.brankas.com\u002Fdirect\" rel=\"nofollow ugc\">Brankas Direct\u003C\u002Fa> plugin enables instant Account-to-Account fund transfers as a payment\u003Cbr \u002F>\nmethod on your WooCommerce store.\u003Cbr \u002F>\nYour customers would be able to complete their purchases by fund transfers across financial institutions while you save\u003Cbr \u002F>\non charges such as merchant or transaction fees.\u003C\u002Fp>\n\u003Ch3>Details\u003C\u002Fh3>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress: 6.0.1 or above\u003C\u002Fli>\n\u003Cli>WooCommerce: 6.7.0 or above\u003C\u002Fli>\n\u003Cli>PHP 7.0 or above\u003C\u002Fli>\n\u003C\u002Ful>\n","Brankas Direct plugin enables instant Account-to-Account fund transfers as a payment",797,"6.0.11","6.0",[130,20,131,132,23],"brankas","payment-gateway","philippines","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrankas-payment-for-woocommerce.zip",{"attackSurface":135,"codeSignals":195,"taintFlows":202,"riskAssessment":203,"analyzedAt":216},{"hooks":136,"ajaxHandlers":178,"restRoutes":191,"shortcodes":192,"cronEvents":193,"entryPointCount":194,"unprotectedCount":194},[137,143,146,148,151,153,157,160,163,166,169,172,175],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","plugins_loaded","anonymous","includes\\class-qiriman.php",144,{"type":138,"name":144,"callback":140,"file":141,"line":145},"admin_enqueue_scripts",158,{"type":138,"name":144,"callback":140,"file":141,"line":147},159,{"type":138,"name":149,"callback":140,"file":141,"line":150},"wp_enqueue_scripts",175,{"type":138,"name":149,"callback":140,"file":141,"line":152},176,{"type":154,"name":155,"callback":140,"file":141,"line":156},"filter","woocommerce_cart_needs_shipping_address",182,{"type":154,"name":158,"callback":140,"file":141,"line":159},"woocommerce_enable_order_notes_field",189,{"type":154,"name":161,"callback":140,"file":141,"line":162},"woocommerce_checkout_fields",193,{"type":154,"name":164,"callback":140,"file":141,"line":165},"woocommerce_billing_fields",194,{"type":154,"name":167,"callback":140,"file":141,"line":168},"woocommerce_shipping_fields",195,{"type":138,"name":170,"callback":140,"file":141,"line":171},"woocommerce_customer_save_address",197,{"type":154,"name":173,"callback":140,"file":141,"line":174},"woocommerce_shipping_methods",248,{"type":138,"name":176,"callback":140,"file":141,"line":177},"woocommerce_shipping_init",249,[179,183,186,189],{"action":180,"nopriv":181,"callback":140,"hasNonce":181,"hasCapCheck":181,"file":141,"line":182},"qiriman_get_subdistrict",false,251,{"action":180,"nopriv":184,"callback":140,"hasNonce":181,"hasCapCheck":181,"file":141,"line":185},true,252,{"action":187,"nopriv":181,"callback":140,"hasNonce":181,"hasCapCheck":181,"file":141,"line":188},"qiriman_check_activation",254,{"action":187,"nopriv":184,"callback":140,"hasNonce":181,"hasCapCheck":181,"file":141,"line":190},255,[],[],[],4,{"dangerousFunctions":196,"sqlUsage":197,"outputEscaping":199,"fileOperations":13,"externalRequests":194,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":201},[],{"prepared":13,"raw":13,"locations":198},[],{"escaped":13,"rawEcho":13,"locations":200},[],[],[],{"summary":204,"deductions":205},"The \"qiriman\" v1.0.4 plugin exhibits a significant security concern due to its unprotected AJAX handlers.  While the plugin demonstrates good practices in terms of SQL query sanitization and output escaping, the presence of four AJAX entry points without any authentication or capability checks creates a substantial attack surface. This means any unauthenticated user could potentially interact with these handlers, leading to unintended consequences or exploitation.  The absence of any recorded vulnerabilities in its history is a positive indicator, suggesting a history of secure development or at least a lack of publicly discovered flaws. However, this cannot compensate for the immediate and evident risk posed by the unprotected AJAX endpoints.  The plugin's strengths lie in its internal code hygiene for SQL and output, but the external-facing unprotected AJAX handlers represent a critical weakness that needs immediate attention.",[206,208,211,214],{"reason":207,"points":11},"Unprotected AJAX handlers",{"reason":209,"points":210},"Large attack surface without auth",8,{"reason":212,"points":213},"Missing nonce checks on AJAX",7,{"reason":215,"points":213},"Missing capability checks on AJAX","2026-03-17T01:25:10.514Z",{"wat":218,"direct":227},{"assetPaths":219,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[220,221],"\u002Fwp-content\u002Fplugins\u002Fqiriman\u002Fadmin\u002Fcss\u002Fqiriman-admin.css","\u002Fwp-content\u002Fplugins\u002Fqiriman\u002Fadmin\u002Fjs\u002Fqiriman-admin.js",[],[221],[225,226],"qiriman-admin?ver=","qiriman_admin?ver=",{"cssClasses":228,"htmlComments":229,"htmlAttributes":230,"restEndpoints":232,"jsGlobals":233,"shortcodeOutput":235},[],[],[231],"data-qiriman-nonce",[],[234],"qiriman_ajax",[]]