[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fw5N_F6CXbxmTKWyqC4kyP8qm6rQc0CCs6-lKiLn-mCk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":33,"analysis":34,"fingerprints":136},"redirection-page-hit-counter","Page Redirection & Hit Counter","1.2","sumeetbhardwaj","https:\u002F\u002Fprofiles.wordpress.org\u002Fsumeetbhardwaj\u002F","\u003Cp>Page Redirection, Pages, Post and Custom Posts easily redirect to other url. (draft, private, public, pending).\u003Cbr \u002F>\nPage Visitor, Hit Counter, Page Visiter Counter, Page Visits Counts and Page Redirection and Hit counter\u003C\u002Fp>\n","Page Redirection, Post Redirection, Other Page Url Redirection",30,1316,100,1,"2021-07-17T17:11:00.000Z","5.8.13","4.2","",[20,21,22],"other-page-url-redirection","page-redirection","post-redirection","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwptech_redirection-page-hit-counter\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fredirection-page-hit-counter.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":11,"trust_score":31,"computed_at":32},84,"2026-04-05T02:49:11.928Z",[],{"attackSurface":35,"codeSignals":67,"taintFlows":89,"riskAssessment":126,"analyzedAt":135},{"hooks":36,"ajaxHandlers":63,"restRoutes":64,"shortcodes":65,"cronEvents":66,"entryPointCount":26,"unprotectedCount":26},[37,43,47,52,56,59],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","save_post","wptech_redirection_page_custom_field_data_save","class\\WptechAdminSetting.php",60,{"type":38,"name":44,"callback":45,"file":41,"line":46},"admin_init","wptech_page_redirection_and_hit_counter_option_setting",61,{"type":38,"name":48,"callback":49,"file":50,"line":51},"admin_enqueue_scripts","wptech_enqueue_admin_script","redirection-page-hit-counter.php",132,{"type":38,"name":53,"callback":54,"file":50,"line":55},"admin_menu","wptech_admin_settings",133,{"type":38,"name":57,"callback":54,"file":50,"line":58},"add_meta_boxes",134,{"type":38,"name":60,"callback":61,"file":50,"line":62},"template_redirect","wptech_current_page_redirection_and_hit_counter",135,[],[],[],[],{"dangerousFunctions":68,"sqlUsage":69,"outputEscaping":80,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":88},[],{"prepared":14,"raw":70,"locations":71},3,[72,74,77],{"file":50,"line":31,"context":73},"$wpdb->get_results() with variable interpolation",{"file":75,"line":76,"context":73},"templates\\admintab\\page_hit_counter_tab.php",17,{"file":78,"line":79,"context":73},"templates\\admintab\\redirection_page_hit_counter_setting.php",78,{"escaped":11,"rawEcho":81,"locations":82},2,[83,86],{"file":75,"line":84,"context":85},24,"raw output",{"file":75,"line":87,"context":85},25,[],[90,108,116],{"entryPoint":91,"graph":92,"unsanitizedCount":14,"severity":107},"wptech_current_page_redirection_and_hit_counter (redirection-page-hit-counter.php:79)",{"nodes":93,"edges":104},[94,99],{"id":95,"type":96,"label":97,"file":50,"line":98},"n0","source","$_SERVER",82,{"id":100,"type":101,"label":102,"file":50,"line":31,"wp_function":103},"n1","sink","get_results() [SQLi]","get_results",[105],{"from":95,"to":100,"sanitized":106},false,"high",{"entryPoint":109,"graph":110,"unsanitizedCount":14,"severity":107},"\u003Credirection-page-hit-counter> (redirection-page-hit-counter.php:0)",{"nodes":111,"edges":114},[112,113],{"id":95,"type":96,"label":97,"file":50,"line":98},{"id":100,"type":101,"label":102,"file":50,"line":31,"wp_function":103},[115],{"from":95,"to":100,"sanitized":106},{"entryPoint":117,"graph":118,"unsanitizedCount":14,"severity":107},"\u003Credirection_page_hit_counter_setting> (templates\\admintab\\redirection_page_hit_counter_setting.php:0)",{"nodes":119,"edges":124},[120,123],{"id":95,"type":96,"label":121,"file":78,"line":122},"$_POST",74,{"id":100,"type":101,"label":102,"file":78,"line":79,"wp_function":103},[125],{"from":95,"to":100,"sanitized":106},{"summary":127,"deductions":128},"The \"redirection-page-hit-counter\" v1.2 plugin exhibits a generally good security posture with several strengths. The absence of any known CVEs and a remarkably low percentage of SQL queries not using prepared statements are positive indicators. Furthermore, the plugin demonstrates strong output escaping practices, with over 90% of outputs being properly sanitized, mitigating many common cross-site scripting (XSS) vulnerabilities. The attack surface is also minimal, with no registered AJAX handlers, REST API routes, shortcodes, or cron events, and crucially, no unprotected entry points were identified.\n\nHowever, the analysis reveals a significant concern regarding taint analysis. While the total number of analyzed flows is low, the fact that all three identified flows have unsanitized paths and are flagged as high severity is a critical weakness. This suggests potential vulnerabilities where user-supplied data could be used in a way that compromises security, possibly leading to unintended code execution or data manipulation, despite the lack of direct SQL injection or XSS based on the static analysis.\n\nIn conclusion, the plugin's lack of historical vulnerabilities and good output escaping are strengths. Nevertheless, the high-severity unsanitized taint flows represent a notable risk that requires immediate attention and remediation to ensure the plugin's secure operation.",[129,132],{"reason":130,"points":131},"High severity taint flows without sanitization",15,{"reason":133,"points":134},"SQL queries not using prepared statements",5,"2026-03-16T22:40:15.705Z",{"wat":137,"direct":145},{"assetPaths":138,"generatorPatterns":142,"scriptPaths":143,"versionParams":144},[139,140,141],"\u002Fwp-content\u002Fplugins\u002Fredirection-page-hit-counter\u002Fsrc\u002Fcss\u002Fwptech_custom_tabs_style.css","\u002Fwp-content\u002Fplugins\u002Fredirection-page-hit-counter\u002Fsrc\u002Fjs\u002Fwptech_custom_tabs_script.js","\u002Fwp-content\u002Fplugins\u002Fredirection-page-hit-counter\u002Fsrc\u002Fjs\u002Fwptech_custom_admin_tabs_script.js",[],[140,141],[],{"cssClasses":146,"htmlComments":147,"htmlAttributes":148,"restEndpoints":151,"jsGlobals":152,"shortcodeOutput":153},[],[],[149,150],"name=\"wptech_page_redirection_url\"","id=\"wptech_page_redirection_url\"",[],[],[]]