[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9ojO3TgAavOFVCzI1Fb2MisnJTBeJM_7SsnhOc06b2Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":136,"fingerprints":254},"reactpress","ReactPress – Create React App for WordPress","3.4.0","rockiger","https:\u002F\u002Fprofiles.wordpress.org\u002Frockiger\u002F","\u003Cp>ReactPress enables you to easily create, build and deploy React apps into your existing WordPress sites. Use your React knowledge to create single page applications for your WordPress customers.\u003C\u002Fp>\n\u003Cp>Get started in seconds and develop your React app with instant feedback and your WordPress theme in mind.\u003C\u002Fp>\n\u003Cp>Combine the flexibility of WordPress with the UI capabilities of React and seamlessly integrate create-react-app into your WordPress project for your next SaaS.\u003C\u002Fp>\n\u003Cp>ReactPress does 3 things:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It integrates your local dev server into your WordPress theme, that you have instant feedback, how your React app looks in the context of your WordPress website.\u003C\u002Fli>\n\u003Cli>It builds your React app in a way that it is usable from your WordPress site.\u003C\u002Fli>\n\u003Cli>It makes it easy to upload your app to a live server after building.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fast refresh during app development\u003C\u002Fli>\n\u003Cli>WordPress integration during development\u003C\u002Fli>\n\u003Cli>Easy deploy to your live site\u003C\u002Fli>\n\u003Cli>client-side routing\u003C\u002Fli>\n\u003Cli>zero-config\u003C\u002Fli>\n\u003Cli>TypeScript support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frockiger.com\u002Fen\u002Freactpress\u002F\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frockiger.com\u002Fen\u002Freactpress\u002Fgetting-started\u002F\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frockiger.com\u002Fen\u002Freactpress\u002Freactpress-tutorial\u002F\" rel=\"nofollow ugc\">In depth React with WordPress Tutorial\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frockiger.com\u002Fen\u002Freactpress\u002Funderstanding-reactpress\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frockiger\u002Freactpress\u002F\" rel=\"nofollow ugc\">Development\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>System Requirements\u003C\u002Fh3>\n\u003Cp>To develop React apps your WordPress instance needs access to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Access to the PHP function \u003Ccode>file_get_contents\u003C\u002Fcode>. Some hosting providers deactivate \u003Ccode>fopen\u003C\u002Fcode> on which \u003Ccode>file_get_contents\u003C\u002Fcode> depends. Access to \u003Ccode>file_get_contents\u003C\u002Fcode> is neccessary on your dev and your live system!\u003C\u002Fli>\n\u003Cli>POSIX compatible system, Windows support is experimental. (\u003Ca href=\"https:\u002F\u002Frockiger.com\u002Fen\u002Fwindows-survival-guide-to-for-react-and-web-developers\u002F\" title=\"Windows Survival Guide for React and Web Developers\" rel=\"nofollow ugc\">Alternatively Windows users can use WSL2\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily create, build and deploy React apps into your existing WordPress sites.",3000,51111,88,18,"2025-04-07T21:07:00.000Z","6.7.5","5.0","7.4",[20,21,22,23,24],"developer","embed","javascript","js","react","https:\u002F\u002Frockiger.com\u002Fen\u002Freactpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freactpress.3.4.0.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,30,94,"2026-04-04T11:17:53.974Z",[38,59,75,96,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":27,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"go-embed","GoEmbed – Javascript Application Embedded","1.0.0","Deliinco","https:\u002F\u002Fprofiles.wordpress.org\u002Fdelightincode\u002F","\u003Cp>The integration of WordPress and ReactJS is a powerful combination that can help developers create dynamic, interactive websites with ease. By combining the power of both platforms, web developers have access tools and features that can significantly improve their workflow.\u003C\u002Fp>\n","The idea to embed a Modern Javascript Application into WordPress page",10,2474,1,"2023-03-29T05:17:00.000Z","6.1.10","",[53,54,22,24,55],"build","integrated","vuejs","http:\u002F\u002Fdelightincode.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgo-embed.zip",85,{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":46,"downloaded":67,"rating":28,"num_ratings":28,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":51,"tags":71,"homepage":73,"download_link":74,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"include-custom-files","Include Custom Files","1.0","Utkarsh Kukreti","https:\u002F\u002Fprofiles.wordpress.org\u002Futkarsh\u002F","\u003Cp>This plugin enables embedding of multiple stylesheets and javascript files on a per-post basis.\u003C\u002Fp>\n\u003Cp>Multiple file names should be separated by a ‘,’. Extra whitespace after and before a ‘,’ are automatically ignored.\u003C\u002Fp>\n\u003Cp>Relative paths to files are automatically prefixed by the \u002Fcss or \u002Fjs. These settings can be customized by editing values of the variables $css_folder and $js_folder in the plugin file.\u003C\u002Fp>\n\u003Cp>Absolute paths are directly hotlinked.\u003C\u002Fp>\n","Enables embedding of multiple stylesheets and javascript files on a per-post basis.",2331,"2010-05-12T08:14:00.000Z","3.0.5","2.9",[72,21,22,23],"css","http:\u002F\u002Fwpprogrammer.com\u002Finclude-custom-files\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finclude-custom-files.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":51,"tags":90,"homepage":94,"download_link":95,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"oh-add-script-header-footer","SOGO Add Script to Individual Pages Header Footer","3.9","SOGO","https:\u002F\u002Fprofiles.wordpress.org\u002Forenhav\u002F","\u003Cp>Tested with Gutenberg\u003C\u002Fp>\n\u003Cp>Create a simple way to add javascript code to individual page post or custom post type header and footer,\u003Cbr \u002F>\nfor example: add conversion code to thank you pages\u003Cbr \u002F>\nadd google re-marketing code to individual pages\u003Cbr \u002F>\nand much more…\u003Cbr \u002F>\nadded in version 1.3 the option to add script  \\ style to all pages not only individual pages,\u003Cbr \u002F>\n this will allow you to add Google re-marketing code to the entire site or Google Analytics\u003Cbr \u002F>\n to use it goto “settings” – “Header Footer Settings”\u003C\u002Fp>\n\u003Cp>New Features (version 3.0):\u003Cbr \u002F>\nAdded option for terms  \u002F category pages\u003C\u002Fp>\n\u003Cp>New Features (version 2.3):\u003Cbr \u002F>\n Added support for WooCommerce shop page.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>we support now exclude individual pages form printing the header and footer scripts, this is supported by 2 checkboxes in each page\\post\u003Cbr \u002F>\nbuy check it the script will not be display on this page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>we added support to limit the script only for certain post type \\ page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>if you like it \\ use it – please rate us.\u003C\u002Fp>\n\u003Cp>usage:\u003Cbr \u002F>\nYou need to paste the code with the script tag, for example:\u003Cbr \u002F>\n   you js code \u003C\u002Fp>\n","Simple plugin to add script to header and footer for individual pages & posts",20000,382562,86,31,"2020-01-20T09:20:00.000Z","5.3.21","3.5",[91,92,22,23,93],"footer","header","re-marketing-code","http:\u002F\u002Fsogo.co.il","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foh-add-script-header-footer.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":83,"downloaded":104,"rating":13,"num_ratings":105,"last_updated":106,"tested_up_to":107,"requires_at_least":17,"requires_php":18,"tags":108,"homepage":113,"download_link":114,"security_score":115,"vuln_count":33,"unpatched_count":28,"last_vuln_date":116,"fetched_at":30},"pdfjs-viewer-shortcode","PDF.js Viewer","3.0.2","Ben Lawson","https:\u002F\u002Fprofiles.wordpress.org\u002Ffalconerweb\u002F","\u003Cp>Incorporate \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmozilla\u002Fpdf.js\u002F\" rel=\"nofollow ugc\">Mozilla’s PDF.js\u003C\u002Fa> viewer into your pages and posts via a Gutenberg block or a simple shortcode. PDF.js is a javascript library for displaying pdf pages within browsers.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Gutenberg Block and Shortcode\u003C\u002Fli>\n\u003Cli>Translation Support (plugin only): Spanish and French included, ready for more languages\u003C\u002Fli>\n\u003Cli>Elegant Theme that adapts to dark and light mode (if browser supports dynamic CSS)\u003C\u002Fli>\n\u003Cli>Customizable buttons\u003C\u002Fli>\n\u003Cli>Page navigation drawer\u003C\u002Fli>\n\u003Cli>Search functionality\u003C\u002Fli>\n\u003Cli>Protected PDF password entry\u003C\u002Fli>\n\u003Cli>Loading bar & displays partially loaded PDF (great for huge PDFs!)\u003C\u002Fli>\n\u003Cli>Document outline\u003C\u002Fli>\n\u003Cli>Classic Editor: Easy to use editor media button that generates the shortcode for you\u003C\u002Fli>\n\u003Cli>Support for mobile devices\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Shortcode Syntax:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>[pdfjs-viewer attachment_id=123 viewer_width=600px viewer_height=700px fullscreen=true download=true print=true]\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Cp>Or use a direct URL:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>[pdfjs-viewer url=http:\u002F\u002Fwww.website.com\u002Ftest.pdf viewer_width=600px viewer_height=700px fullscreen=true download=true print=true]\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Shortcode Parameters:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>attachment_id\u003C\u002Fcode> (recommended): ID of the media file in WordPress media library\u003C\u002Fli>\n\u003Cli>\u003Ccode>url\u003C\u002Fcode> (alternative): Direct URL to PDF file. Use \u003Ccode>attachment_id\u003C\u002Fcode> when possible for better security.\u003C\u002Fli>\n\u003Cli>\u003Ccode>viewer_width\u003C\u002Fcode> (optional): Width of the viewer (default: \u003Ccode>100%\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>viewer_height\u003C\u002Fcode> (optional): Height of the viewer (default: \u003Ccode>800px\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>fullscreen\u003C\u002Fcode> (optional): \u003Ccode>true\u003C\u002Fcode>\u002F\u003Ccode>false\u003C\u002Fcode>, displays fullscreen link above viewer (default: \u003Ccode>true\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>fullscreen_text\u003C\u002Fcode> (optional): Text for the fullscreen link (default: \u003Ccode>View Fullscreen\u003C\u002Fcode>)\n\u003Cul>\n\u003Cli>Spaces not allowed. Use \u003Ccode>%20\u003C\u002Fcode> in place of spaces.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Ccode>fullscreen_target\u003C\u002Fcode> (optional): \u003Ccode>true\u003C\u002Fcode>\u002F\u003Ccode>false\u003C\u002Fcode>, open the fullscreen link in a new tab (default: \u003Ccode>false\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>download\u003C\u002Fcode> (optional): \u003Ccode>true\u003C\u002Fcode>\u002F\u003Ccode>false\u003C\u002Fcode>, enables or disables download button (default: \u003Ccode>true\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>print\u003C\u002Fcode> (optional): \u003Ccode>true\u003C\u002Fcode>\u002F\u003Ccode>false\u003C\u002Fcode>, enables or disables print button (default: \u003Ccode>true\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>openfile\u003C\u002Fcode> (optional): \u003Ccode>true\u003C\u002Fcode>\u002F\u003Ccode>false\u003C\u002Fcode>, show open file button (default: \u003Ccode>false\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>zoom\u003C\u002Fcode> (optional): Initial zoom level – \u003Ccode>auto\u003C\u002Fcode>, \u003Ccode>page-actual\u003C\u002Fcode>, \u003Ccode>page-fit\u003C\u002Fcode>, \u003Ccode>page-width\u003C\u002Fcode>, or percentage like \u003Ccode>75\u003C\u002Fcode>, \u003Ccode>100\u003C\u002Fcode>, \u003Ccode>150\u003C\u002Fcode> (default: \u003Ccode>auto\u003C\u002Fcode>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Want to help develop the plugin? Found a bug? \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTwisterMc\u002FPDF.js-Viewer-Shortcode\" rel=\"nofollow ugc\">Find us on GitHub\u003C\u002Fa>. For build instructions and contribution guidelines see the developer guide in \u003Ccode>DEVELOPER.md\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch3>Admin Notice After Updates \u002F Invalid Block\u003C\u002Fh3>\n\u003Cp>When you update the plugin, editors may see an admin banner explaining that Gutenberg could show an “Attempt Block Recovery” prompt when editing older posts with PDFs. Clicking it updates the block format; it does not affect what visitors see. You can dismiss the banner, and it won’t reappear until a future release enables it again.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This WordPress plugin is licensed under GPLv2 or later.\u003C\u002Fp>\n\u003Cp>PDF.js (included in this plugin) is developed by Mozilla and licensed under the Apache License 2.0. See the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmozilla\u002Fpdf.js\" rel=\"nofollow ugc\">PDF.js repository\u003C\u002Fa> for details.\u003C\u002Fp>\n","Embed a beautiful PDF viewer into pages.",387670,53,"2025-12-10T19:04:00.000Z","6.9.4",[21,109,110,111,112],"mozilla","pdf","pdfjs","viewer","https:\u002F\u002Fgithub.com\u002FTwisterMc\u002Fpdfjs-viewer-shortcode","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdfjs-viewer-shortcode.3.0.2.zip",99,"2023-01-10 00:00:00",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":27,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":18,"tags":131,"homepage":134,"download_link":135,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"pdfjs-viewer-for-elementor","PDF viewer for Elementor & Gutenberg","1.3.2","Kaz Kadalashvili","https:\u002F\u002Fprofiles.wordpress.org\u002Fkazbekkadalashvili\u002F","\u003Cp>The “PDFjs Viewer for Elementor & Gutenberg” plugin is a powerful tool that allows you to embed PDF files into your Elementor page builder pages with ease. It’s designed specifically for Elementor, so you can easily add PDF files to your website without any coding knowledge. With this plugin, you can quickly and easily add PDF viewers to your Elementor pages, making it easier for your visitors to access and view your PDF files.\u003C\u002Fp>\n\u003Cp>The plugin is user-friendly and easy to use. You can simply upload your PDF files to your WordPress media library and then add a PDF viewer to your Elementor page using the this widget.\u003C\u002Fp>\n\u003Cp>Compatible with Elementor v3.18.3\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fkazbekkada9\" rel=\"nofollow ugc\">\u003C\u002Fa>\u003C\u002Fp>\n","The \"PDFjs Viewer for Elementor & Gutenberg\" plugin is a powerful tool that allows you to embed PDF files into your Elementor page build &hellip;",10000,31131,3,"2024-01-24T03:14:00.000Z","6.4.8","5.6",[132,133,21,110,111],"block-editor","elementor","https:\u002F\u002Fgithub.com\u002Fkazbekkadalashvili\u002Fpdfjs-viewer-for-elementor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdfjs-viewer-for-elementor.1.3.2.zip",{"attackSurface":137,"codeSignals":193,"taintFlows":239,"riskAssessment":240,"analyzedAt":253},{"hooks":138,"ajaxHandlers":185,"restRoutes":190,"shortcodes":191,"cronEvents":192,"entryPointCount":48,"unprotectedCount":48},[139,145,148,150,153,157,160,163,166,168,171,174,177,180],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","plugins_loaded","anonymous","includes\\Core.php",134,{"type":140,"name":146,"callback":142,"file":143,"line":147},"admin_enqueue_scripts",148,{"type":140,"name":146,"callback":142,"file":143,"line":149},149,{"type":140,"name":151,"callback":142,"file":143,"line":152},"admin_menu",151,{"type":154,"name":155,"callback":142,"file":143,"line":156},"filter","theme_page_templates",156,{"type":154,"name":158,"callback":142,"file":143,"line":159},"display_post_states",159,{"type":140,"name":161,"callback":142,"file":143,"line":162},"admin_init",162,{"type":140,"name":164,"callback":142,"file":143,"line":165},"wp_enqueue_scripts",178,{"type":140,"name":164,"callback":142,"file":143,"line":167},179,{"type":154,"name":169,"callback":142,"file":143,"line":170},"template_include",181,{"type":154,"name":172,"callback":142,"file":143,"line":173},"script_loader_tag",182,{"type":140,"name":175,"callback":142,"file":143,"line":176},"init",184,{"type":140,"name":178,"callback":142,"file":143,"line":179},"generate_rewrite_rules",185,{"type":140,"name":181,"callback":182,"file":183,"line":184},"shutdown","closure","reactpress.php",124,[186],{"action":187,"nopriv":188,"callback":142,"hasNonce":188,"hasCapCheck":188,"file":143,"line":189},"repr_admin_ajax_request",false,153,[],[],[],{"dangerousFunctions":194,"sqlUsage":195,"outputEscaping":197,"fileOperations":237,"externalRequests":48,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":238},[],{"prepared":46,"raw":28,"locations":196},[],{"escaped":198,"rawEcho":14,"locations":199},13,[200,204,206,208,210,212,214,216,218,219,221,223,225,227,229,231,233,235],{"file":201,"line":202,"context":203},"admin\\Admin.php",238,"raw output",{"file":201,"line":205,"context":203},245,{"file":207,"line":34,"context":203},"admin\\Controller.php",{"file":207,"line":209,"context":203},40,{"file":207,"line":211,"context":203},57,{"file":207,"line":213,"context":203},62,{"file":207,"line":215,"context":203},70,{"file":207,"line":217,"context":203},82,{"file":207,"line":58,"context":203},{"file":207,"line":220,"context":203},97,{"file":207,"line":222,"context":203},102,{"file":207,"line":224,"context":203},111,{"file":207,"line":226,"context":203},118,{"file":207,"line":228,"context":203},123,{"file":207,"line":230,"context":203},128,{"file":207,"line":232,"context":203},321,{"file":207,"line":234,"context":203},324,{"file":183,"line":236,"context":203},125,14,[],[],{"summary":241,"deductions":242},"The ReactPress v3.4.0 plugin exhibits a concerning security posture primarily due to its significant unprotected attack surface.  While the plugin demonstrates good practices in its SQL query handling, utilizing prepared statements exclusively, and has no recorded historical vulnerabilities, these strengths are overshadowed by critical weaknesses identified in the static analysis.\n\nThe most significant risk lies in the presence of one AJAX handler that lacks any authentication checks. This directly exposes an entry point to potential attackers, allowing them to interact with the plugin's functionality without proper authorization. Furthermore, the absence of nonce checks and capability checks on this entry point exacerbates the risk, making it susceptible to CSRF attacks and unauthorized privilege escalation if the AJAX handler performs sensitive operations.\n\nWhile the plugin has a clean vulnerability history, which is positive, it doesn't mitigate the immediate risks presented by the current code. The lack of proper output escaping on a significant portion of its outputs (58%) also presents a risk of XSS vulnerabilities. In conclusion, despite good SQL practices and a clean history, the unprotected AJAX handler, lack of nonces\u002Fcapabilities, and insufficient output escaping make this plugin a considerable security risk.",[243,245,248,250],{"reason":244,"points":46},"Unprotected AJAX handler",{"reason":246,"points":247},"Missing nonce checks",7,{"reason":249,"points":247},"Missing capability checks",{"reason":251,"points":252},"Insufficient output escaping",5,"2026-03-16T18:20:28.158Z",{"wat":255,"direct":264},{"assetPaths":256,"generatorPatterns":259,"scriptPaths":260,"versionParams":261},[257,258],"\u002Fwp-content\u002Fplugins\u002Freactpress\u002Fadmin\u002Fcss\u002Freactpress-admin.css","\u002Fwp-content\u002Fplugins\u002Freactpress\u002Fadmin\u002Fjs\u002Freactpress-admin.js",[],[258],[262,263],"reactpress-admin.css?ver=","reactpress-admin.js?ver=",{"cssClasses":265,"htmlComments":267,"htmlAttributes":268,"restEndpoints":270,"jsGlobals":272,"shortcodeOutput":274},[266],"reactpress-admin-wrap",[],[269],"data-reactpress-app",[271],"\u002Fwp-json\u002Freactpress\u002Fv1",[273],"rp",[]]