[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-hbYxw8UN9yrHpaYmMtN_03HHZP_rAvcuI0TnUGHc_k":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":31,"analysis":32,"fingerprints":106},"redfox-companion","Redfox Companion","1.1","redfoxthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fredfoxthemes\u002F","\u003Cp>This plugin is developed for redfox themes. This plugin creates the additional sections on the front page in redfox themes.\u003Cbr \u002F>\nRedfox Companion is a plugin creation to enhance the functionality of WordPress theme created by redfox.\u003C\u002Fp>\n","Enhance Redfox Themes WordPress Themes additional functionality.",100,4173,0,"2019-03-29T10:28:00.000Z","5.0.25","3.3","",[19,20],"room-section","service-section","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fredfox-companion.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},1,30,84,"2026-04-04T00:40:09.198Z",[],{"attackSurface":33,"codeSignals":83,"taintFlows":96,"riskAssessment":97,"analyzedAt":105},{"hooks":34,"ajaxHandlers":79,"restRoutes":80,"shortcodes":81,"cronEvents":82,"entryPointCount":13,"unprotectedCount":13},[35,41,45,51,56,60,65,69,74],{"type":36,"name":37,"callback":38,"file":39,"line":40},"action","customize_register","carpress_section_service","include\\carpress\\customizer\\sections\\section-service.php",149,{"type":36,"name":37,"callback":42,"file":43,"line":44},"carpress_section_slider","include\\carpress\\customizer\\sections\\section-slider.php",167,{"type":46,"name":47,"callback":48,"file":49,"line":50},"filter","carpress_default_data","btc_carpress_default_data","include\\carpress\\functions\\template-tags.php",79,{"type":46,"name":52,"callback":53,"file":54,"line":55},"hotel_paradise_customize_settings","rfc_customizer_room_section","include\\hotel-paradise\\customizer\\sections\\section-room.php",94,{"type":46,"name":52,"callback":57,"file":58,"line":59},"rfc_customizer_service_section","include\\hotel-paradise\\customizer\\sections\\section-service.php",117,{"type":36,"name":61,"callback":62,"file":63,"line":64},"hotel_paradise_sections","rfc_frontpage_room","include\\hotel-paradise\\home-page\\section-room.php",107,{"type":36,"name":61,"callback":66,"file":67,"line":68},"rfc_frontpage_service","include\\hotel-paradise\\home-page\\section-service.php",138,{"type":46,"name":70,"callback":71,"file":72,"line":73},"hotel_paradise_default_data","rfc_hotel_paradise_default_data","include\\hotel-paradise\\init.php",136,{"type":36,"name":75,"callback":76,"file":77,"line":78},"init","rfc_init","redfox-companion.php",23,[],[],[],[],{"dangerousFunctions":84,"sqlUsage":85,"outputEscaping":87,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":95},[],{"prepared":13,"raw":13,"locations":86},[],{"escaped":88,"rawEcho":89,"locations":90},56,2,[91,93],{"file":67,"line":55,"context":92},"raw output",{"file":67,"line":94,"context":92},102,[],[],{"summary":98,"deductions":99},"Based on the static analysis and vulnerability history, redfox-companion v1.1 appears to have a strong security posture. The code analysis shows no identified dangerous functions, all SQL queries utilize prepared statements, and output is almost universally properly escaped. There are no file operations or external HTTP requests, and no vulnerabilities have been recorded in its history, indicating a proactive approach to security or a lack of historical exposure.  The complete absence of identified entry points like AJAX handlers, REST API routes, shortcodes, and cron events, especially those without authentication or permission checks, is a significant strength. Similarly, the lack of identified taint flows suggests that user-supplied data is not being mishandled in a way that could lead to common vulnerabilities.\n\nHowever, the complete absence of nonce checks and capability checks across all identified entry points (though there are none) is a potential concern. While the current lack of entry points mitigates this risk, if future versions introduce any, this lack of built-in checks could become a critical vulnerability. The absence of any recorded vulnerabilities is excellent but could also be a reflection of the plugin's limited usage or exposure, rather than an absolute guarantee of future safety. Overall, the plugin exhibits good coding practices, but the lack of explicit security checks on potential future entry points warrants caution and monitoring.",[100,103],{"reason":101,"points":102},"Missing nonce checks on entry points",5,{"reason":104,"points":102},"Missing capability checks on entry points","2026-03-16T20:42:07.017Z",{"wat":107,"direct":119},{"assetPaths":108,"generatorPatterns":116,"scriptPaths":117,"versionParams":118},[109,110,111,112,113,114,115],"\u002Fwp-content\u002Fplugins\u002Fredfox-companion\u002Finclude\u002Fcarpress\u002Ffunctions\u002Ftemplate-tags.php","\u002Fwp-content\u002Fplugins\u002Fredfox-companion\u002Finclude\u002Fhotel-paradise\u002Fdefault-service\u002Fdefault-service.php","\u002Fwp-content\u002Fplugins\u002Fredfox-companion\u002Finclude\u002Fhotel-paradise\u002Fdefault-room\u002Fdefault-room.php","\u002Fwp-content\u002Fplugins\u002Fredfox-companion\u002Finclude\u002Fhotel-paradise\u002Fcustomizer\u002Fcustomizer.php","\u002Fwp-content\u002Fplugins\u002Fredfox-companion\u002Finclude\u002Fhotel-paradise\u002Fhome-page\u002Fsection-service.php","\u002Fwp-content\u002Fplugins\u002Fredfox-companion\u002Finclude\u002Fhotel-paradise\u002Fhome-page\u002Fsection-room.php","\u002Fwp-content\u002Fplugins\u002Fredfox-companion\u002Finclude\u002Fhotel-paradise\u002Finit.php",[],[],[],{"cssClasses":120,"htmlComments":128,"htmlAttributes":129,"restEndpoints":255,"jsGlobals":256,"shortcodeOutput":257},[121,122,123,124,125,126,127],"slider-caption-title-no","slider-caption-label","slider-caption-price-currency","slider-caption-price-number","slider-caption-price-inner","slider-caption-price-title","slider-caption-price-subtitle",[],[130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,132,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,159,160,161,162,163,164,165,166],"data-theme-color","data-site-layout","data-primary-sidebar","data-animation-effect","data-googlefonts","data-single-post-meta","data-single-post-image","data-slider-enable","data-slider-effect","data-slider-speed","data-slider-duration","data-slider-largetext","data-slider-smalltext","data-slider-button-text","data-slider-button-link","data-slider-button-target","data-slider-media","data-service-enable","data-service-title","data-service-subtitle","data-service-layout","data-blog-enable","data-blog-title","data-blog-subtitle","data-news-layout","data-news-no","data-news-cat","data-news-orderby","data-news-order","data-p-fontsize","data-m-fontsize","data-h1-fontsize","data-h2-fontsize","data-h3-fontsize","data-h4-fontsize","data-h5-fontsize","data-h6-fontsize","data-switcher-hide","data-header-tb-hide","data-header-tb-icon1","data-header-tb-text1","data-header-tb-icon2","data-header-tb-text2","data-header-facebook-link","data-header-twitter-link","data-header-linkedin-link","data-header-googleplus-link","data-header-skype-link","data-theme-color-custom-show","data-theme-color-custom-color","data-nav-padding","data-animation-effect-hide","data-google-fonts-hide","data-single-image-hide","data-single-meta-hide","data-btt-disable","data-copyright","data-footer-logo-image","data-papal-icon-hide","data-stripe-icon-hide","data-visa-icon-hide","data-mc-icon-hide","data-ae-icon-hide","data-hero-section-hide","data-hero-animation-type","data-hero-speed","data-hero-media","data-hero-largetext","data-hero-large-effect","data-hero-smalltext","data-hero-small-effect","data-hero-btn-text","data-hero-btn-link","data-hero-btn-effect","data-service-s-hide","data-service-s-column","data-service-s-title","data-service-s-subtitle","data-service-s-content","data-service-s-bgcolor","data-service-s-bgimage","data-room-s-hide","data-room-s-column","data-room-s-title","data-room-s-subtitle","data-room-s-content","data-room-s-bgcolor","data-room-s-bgimage","data-blog-s-hide","data-blog-s-title","data-blog-s-subtitle","data-blog-s-noofshow","data-blog-s-orderby","data-blog-s-order","data-blog-s-cat","data-blog-s-bgcolor","data-blog-s-bgimage","data-contact-s-hide","data-contact-s-map-html","data-contact-s-address","data-contact-s-phone","data-contact-s-email","data-contact-s-bgcolor","data-contact-s-bgimage","data-subheader-hide","data-subheader-p-top","data-subheader-p-bottom","data-subheader-color","data-subheader-align","data-subheader-overlay-bg","data-footer-logo","data-footer-menu-hide","data-footer-bttopBtn-hide","data-footer-w-bg-color","data-footer-w-t-color","data-footer-w-l-color","data-footer-w-l-h-color","data-footer-widget-hide","data-footer-bg-color","data-footer-t-color","data-footer-l-color","data-footer-l-h-color","data-ap-section-hide","data-ap-section-title","data-ap-section-contents",[],[],[]]