[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMb3UQqIJNoszEYLPBorrgG_Mk7pvD9L74T4i2PO9o24":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":141,"fingerprints":296},"reach-me","Reach Me","1.0.7","Leander Iversen","https:\u002F\u002Fprofiles.wordpress.org\u002Fleanderiversen\u002F","\u003Cp>Reach Me is a simple, yet powerful plugin that allows you to display your contact information anywhere on your website.\u003C\u002Fp>\n\u003Ch4>Supported Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Norwegian\u003C\u002Fli>\n\u003Cli>Swedish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Like the plugin?\u003C\u002Fh4>\n\u003Cp>If you like the plugin, please review it! Every review is highly appreciated, but if you want to suggest something, please send an email to info@carpe-noctem.no.\u003C\u002Fp>\n","Reach Me is a simple, yet powerful plugin that allows you to display your contact information anywhere on your website.",10,1808,0,"2019-01-26T02:50:00.000Z","5.0.25","3.5","",[19,20,21,22],"contact","info","links","social","https:\u002F\u002Fgithub.com\u002FIversenCarpeNoctem\u002Freach-me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freach-me.1.0.7.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":25,"computed_at":35},"leanderiversen",3,6910,87,30,"2026-04-05T03:07:27.792Z",[37,59,79,96,115],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":17,"tested_up_to":49,"requires_at_least":16,"requires_php":17,"tags":50,"homepage":17,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":58},"personal-contact-info-widget","Personal Contact Info Widget","1.3","bringmesupport","https:\u002F\u002Fprofiles.wordpress.org\u002Fbringmesupport\u002F","\u003Cp>This plugin adds a custom Widget which displays your profile photo, social media links and contact information. Here is a current list of features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>21 Social Media icons to choose from (using Font Awesome)\u003C\u002Fli>\n\u003Cli>Upload a profile photo, or choose one from your existing Media Library\u003C\u002Fli>\n\u003Cli>4 different photo styling to choose from\u003C\u002Fli>\n\u003Cli>Enter contact information (full name, slogan, email, phone number, alternate website address)\u003C\u002Fli>\n\u003Cli>NEW – Options to make email, phone number and website information clickable!\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a custom Widget to display your profile photo, social media links and contact information.",200,13854,76,6,"4.8.28",[51,52,53,54,55],"contact-information","personal-contact","profile","profile-photo","social-icons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpersonal-contact-info-widget.1.3.zip",100,"2026-03-15T10:48:56.248Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":57,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":16,"requires_php":17,"tags":72,"homepage":77,"download_link":78,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"contact-us-page","Contact Us Page","1.0","cyberbundle","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevmatte\u002F","\u003Cp>You will have a professional looking contact page in seconds. It comes with a contact form, google map, contact info fields with icons and social icons. You can replace the default contact form with the shortcode of your favorite contact form.\u003Cbr \u002F>\n\u003Cbr \u002F>\nGet started:\u003Cbr \u002F>\n1. Go to the settings page and enter your information. \u003Cbr \u002F>\n2. Copy the shortcode in the settings page and paste it into a page of your choice. \u003Cbr \u002F>\n3. Done! It’s that simple.\u003C\u002Fp>\n","Create your contact page in seconds with a contact form, map, social icons and your contact info.",11344,80,1,"2015-12-15T13:24:00.000Z","4.4.34",[73,74,75,76,55],"contact-form","contact-info","google-map","map","http:\u002F\u002Fcyberbundle.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-us-page.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":34,"downloaded":87,"rating":13,"num_ratings":13,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":94,"download_link":95,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"naibabiji-global-connect-hub","Naibabiji Global Connect Hub","1.0.3","奶爸建站笔记","https:\u002F\u002Fprofiles.wordpress.org\u002Fnaibabiji\u002F","\u003Cp>Naibabiji Global Connect Hub is a powerful WordPress plugin that helps you easily manage and display various contact methods.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Multiple contact methods: Phone, Mobile, Email, WhatsApp, WeChat, Telegram, Facebook, Instagram, X, LinkedIn, YouTube, Pinterest, TikTok, and more\u003C\u002Fli>\n\u003Cli>Flexible frontend display: Supports list, inline, and icon layouts\u003C\u002Fli>\n\u003Cli>Floating contact bar: Fixed on the right side of the page for easy visitor access\u003C\u002Fli>\n\u003Cli>Drag-and-drop sorting: Easily adjust contact method order in the admin panel\u003C\u002Fli>\n\u003Cli>Shortcode support: \u003Ccode>[naibabiji_connect]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Responsive design: Perfectly adapts to desktop and mobile devices\u003C\u002Fli>\n\u003Cli>Hover popups: Phone number copying and QR code display\u003C\u002Fli>\n\u003C\u002Ful>\n","Provides a unified contact channel management and display system for your entire site, including a reusable floating contact center.",309,"2025-12-21T07:13:00.000Z","6.9.4","5.0","7.2",[19,93,21,22],"floating-bar","https:\u002F\u002Fblog.naibabiji.com\u002Ffiles\u002Fwordpress-plugins\u002Fnaibabiji-global-connect-hub.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnaibabiji-global-connect-hub.1.0.3.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":11,"downloaded":104,"rating":13,"num_ratings":13,"last_updated":105,"tested_up_to":106,"requires_at_least":90,"requires_php":107,"tags":108,"homepage":112,"download_link":113,"security_score":114,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"company-data-manager","Company Data Manager","1.0.1","webprowp","https:\u002F\u002Fprofiles.wordpress.org\u002Fbaracil\u002F","\u003Cp>Company Data Manager allows users to manage essential company information from a dedicated admin panel in WordPress. It includes fields for contact information such as email, CIF\u002FNIF, TIN\u002FEIN, address, phone, website, and social media profiles. Users can display this information on their site using shortcodes.\u003C\u002Fp>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cp>Use these shortcodes to display specific company data fields on your website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[company_email]\u003C\u002Fcode> – Display the company’s email address.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_nif]\u003C\u002Fcode> – Display the company’s CIF\u002FNIF.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_address]\u003C\u002Fcode> – Display the company’s address.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_phone]\u003C\u002Fcode> – Display the company’s phone number.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_website]\u003C\u002Fcode> – Display the company’s website.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_x]\u003C\u002Fcode> – Display the company’s X profile.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_youtube]\u003C\u002Fcode> – Display the company’s YouTube profile.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_instagram]\u003C\u002Fcode> – Display the company’s Instagram profile.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_linkedin]\u003C\u002Fcode> – Display the company’s LinkedIn profile.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[company_facebook]\u003C\u002Fcode> – Display the company’s Facebook profile.\u003C\u002Fli>\n\u003C\u002Ful>\n","A plugin for managing and displaying essential company information, including contact details and social media links.",566,"2025-02-04T16:35:00.000Z","6.7.5","7.0",[109,110,51,111],"company","company-data","social-media","https:\u002F\u002Fwebprowp.com\u002Fplugin-datos-de-empresa\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcompany-data-manager.1.0.1.zip",92,{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":89,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":136,"download_link":137,"security_score":138,"vuln_count":139,"unpatched_count":13,"last_vuln_date":140,"fetched_at":27},"powerkit","Powerkit – Supercharge your WordPress Site","3.0.4","codesupplyco","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodesupplyco\u002F","\u003Cp>We’ve been developing \u003Ca href=\"https:\u002F\u002Fcodesupply.co\" rel=\"nofollow ugc\">premium WordPress themes\u003C\u002Fa> for a few years and have always been lacking essentials things in the WordPress core.\u003C\u002Fp>\n\u003Cp>There’re numerous plugins in the WordPress repository, however if you install them all, there’s inconsistency in their backend and frontend styles and possible plugin conflicts.\u003C\u002Fp>\n\u003Cp>That’s why we created Powerkit, essentials components for every WordPress blog or magazine.\u003C\u002Fp>\n\u003Cp>Components have modular structure and can be enabled or disabled with a single click. They have been thoroughly tested and play well together.\u003C\u002Fp>\n\u003Ch3>Social Integrations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Share Buttons\u003C\u002Fli>\n\u003Cli>Social Links\u003C\u002Fli>\n\u003Cli>Facebook Integration\u003C\u002Fli>\n\u003Cli>Pinterest Integration\u003C\u002Fli>\n\u003Cli>Twitter Integration\u003C\u002Fli>\n\u003Cli>Instagram Integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Marketing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Opt-In Forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Content Presentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Basic Shortcodes\u003C\u002Fli>\n\u003Cli>Justified Gallery\u003C\u002Fli>\n\u003Cli>Slider Gallery\u003C\u002Fli>\n\u003Cli>Lightbox\u003C\u002Fli>\n\u003Cli>Typekit Fonts\u003C\u002Fli>\n\u003Cli>Custom Fonts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Image Optimization\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Retina Images\u003C\u002Fli>\n\u003Cli>Lazyload\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Utilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Contributors Widget\u003C\u002Fli>\n\u003Cli>Author Widget\u003C\u002Fli>\n\u003Cli>Featured Posts Widget\u003C\u002Fli>\n\u003Cli>Scroll To Top Button\u003C\u002Fli>\n\u003C\u002Ful>\n","Essential components for every WordPress site: share buttons, social links, social media integrations, galleries, lazyload, custom widgets, and more.",20000,876126,90,14,"2025-12-03T14:00:00.000Z","4.0","5.4",[131,132,133,134,135],"gallery","lazyload","share-buttons","slider","social-links","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowerkit\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowerkit.3.0.4.zip",98,2,"2024-04-05 00:00:00",{"attackSurface":142,"codeSignals":176,"taintFlows":241,"riskAssessment":281,"analyzedAt":295},{"hooks":143,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":13,"unprotectedCount":13},[144,150,155,160,165,169],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_menu","reme_add_menu_pages","inc\\functions\\reme_add_menu_pages.php",13,{"type":145,"name":151,"callback":152,"file":153,"line":154},"admin_enqueue_scripts","reme_admin_enqueue_scripts","inc\\functions\\reme_admin_enqueue_scripts.php",15,{"type":145,"name":156,"callback":157,"file":158,"line":159},"admin_notices","reme_updated_notice","inc\\pages\\settings.php",81,{"type":145,"name":161,"callback":162,"file":163,"line":164},"init","reme_load_textdomain","reach-me.php",37,{"type":145,"name":166,"callback":167,"file":163,"line":168},"plugins_loaded","reme_require_pages",44,{"type":145,"name":166,"callback":170,"file":163,"line":171},"reme_require_functions",52,[],[],[],[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":185,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":240},[],{"prepared":13,"raw":139,"locations":179},[180,184],{"file":181,"line":182,"context":183},"inc\\functions\\reme_plugin_uninstall.php",12,"$wpdb->get_results() with variable interpolation",{"file":158,"line":182,"context":183},{"escaped":13,"rawEcho":186,"locations":187},26,[188,191,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238],{"file":189,"line":154,"context":190},"inc\\pages\\how-to-use.php","raw output",{"file":158,"line":114,"context":190},{"file":158,"line":193,"context":190},101,{"file":158,"line":195,"context":190},107,{"file":158,"line":197,"context":190},113,{"file":158,"line":199,"context":190},119,{"file":158,"line":201,"context":190},125,{"file":158,"line":203,"context":190},131,{"file":158,"line":205,"context":190},137,{"file":158,"line":207,"context":190},143,{"file":158,"line":209,"context":190},149,{"file":158,"line":211,"context":190},155,{"file":158,"line":213,"context":190},161,{"file":158,"line":215,"context":190},167,{"file":158,"line":217,"context":190},178,{"file":158,"line":219,"context":190},182,{"file":158,"line":221,"context":190},186,{"file":158,"line":223,"context":190},190,{"file":158,"line":225,"context":190},194,{"file":158,"line":227,"context":190},204,{"file":158,"line":229,"context":190},208,{"file":158,"line":231,"context":190},212,{"file":158,"line":233,"context":190},216,{"file":158,"line":235,"context":190},220,{"file":158,"line":237,"context":190},224,{"file":158,"line":239,"context":190},229,[],[242,269],{"entryPoint":243,"graph":244,"unsanitizedCount":250,"severity":268},"reme_links_admin (inc\\pages\\settings.php:17)",{"nodes":245,"edges":264},[246,251,257,260],{"id":247,"type":248,"label":249,"file":158,"line":250},"n0","source","$_POST (x23)",24,{"id":252,"type":253,"label":254,"file":158,"line":255,"wp_function":256},"n1","sink","update_option() [Settings Manipulation]",53,"update_option",{"id":258,"type":248,"label":259,"file":158,"line":114},"n2","$_SERVER['REQUEST_URI']",{"id":261,"type":253,"label":262,"file":158,"line":114,"wp_function":263},"n3","echo() [XSS]","echo",[265,267],{"from":247,"to":252,"sanitized":266},false,{"from":258,"to":261,"sanitized":266},"medium",{"entryPoint":270,"graph":271,"unsanitizedCount":250,"severity":280},"\u003Csettings> (inc\\pages\\settings.php:0)",{"nodes":272,"edges":277},[273,274,275,276],{"id":247,"type":248,"label":249,"file":158,"line":250},{"id":252,"type":253,"label":254,"file":158,"line":255,"wp_function":256},{"id":258,"type":248,"label":259,"file":158,"line":114},{"id":261,"type":253,"label":262,"file":158,"line":114,"wp_function":263},[278,279],{"from":247,"to":252,"sanitized":266},{"from":258,"to":261,"sanitized":266},"low",{"summary":282,"deductions":283},"The \"reach-me\" plugin version 1.0.7 exhibits a concerning security posture due to several critical code analysis findings, despite a clean vulnerability history. While the plugin presents a seemingly small attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events, the internal code practices raise significant red flags.  The static analysis reveals a complete lack of prepared statements for its SQL queries and a 0% rate for properly escaped output, indicating a high likelihood of SQL injection and cross-site scripting (XSS) vulnerabilities. Furthermore, the absence of nonce and capability checks means that any unintended entry points, if they were to be discovered or introduced in future versions, would be unprotected.\n\nThe taint analysis, while not flagging critical or high severity flows, did identify two flows with unsanitized paths. When combined with the unescaped output, this suggests that user-supplied data could potentially be used in file operations or other sensitive contexts without proper sanitization, which could lead to unexpected behavior or security issues if not handled with extreme care. The plugin's history of zero known vulnerabilities might create a false sense of security, but the current code analysis strongly suggests that underlying vulnerabilities likely exist and have not yet been exploited or discovered.  The complete lack of security best practices in data handling (SQL, output, taint) is a major weakness that outweighs the small attack surface. Immediate attention is required to address these code-level deficiencies.",[284,286,288,291,293],{"reason":285,"points":11},"SQL queries without prepared statements",{"reason":287,"points":154},"0% output escaping",{"reason":289,"points":290},"Flows with unsanitized paths",5,{"reason":292,"points":290},"No nonce checks",{"reason":294,"points":290},"No capability checks","2026-03-17T01:38:10.506Z",{"wat":297,"direct":304},{"assetPaths":298,"generatorPatterns":300,"scriptPaths":301,"versionParams":302},[299],"\u002Fwp-content\u002Fplugins\u002Freach-me\u002Ffonts\u002Ffont-awesome-4.7.0\u002Fcss\u002Ffont-awesome.min.css",[],[],[303],"reach-me\u002Ffonts\u002Ffont-awesome-4.7.0\u002Fcss\u002Ffont-awesome.min.css?ver=4.7.0",{"cssClasses":305,"htmlComments":306,"htmlAttributes":307,"restEndpoints":308,"jsGlobals":309,"shortcodeOutput":310},[],[],[],[],[],[]]