[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWRP8IrOdRvdESPUJh4ufMImmOUkn2EQMQTKOd0vTlYU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":129,"fingerprints":201},"reftagger","Logos Reftagger","2.4.7","logos","https:\u002F\u002Fprofiles.wordpress.org\u002Flogos\u002F","\u003Cp>Logos Reftagger is a service which automatically converts Bible references on your site into links so your site’s visitors can see Scripture just by hovering over the link. Reftagger modifies your site to run the tagging script each time a page loads, identifying Bible verse references and turning them into links to the verse on Biblia.com.\u003C\u002Fp>\n\u003Cp>Hovering over a link displays a tooltip with the text of the reference, so users don’t need to leave the page to see the verse. You can also insert a small icon next to the reference to open the verse in Logos Bible Software.\u003C\u002Fp>\n\u003Cp>The plugin provides a simple options page where you can customize settings. Preferences include options to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Specify a Bible version.\u003C\u002Fli>\n\u003Cli>Insert a Logos link after each reference.\u003C\u002Fli>\n\u003Cli>Insert a Logos icon after existing Logos links on your site.\u003C\u002Fli>\n\u003Cli>Choose which icon to use if Logos links are enabled.\u003C\u002Fli>\n\u003Cli>Enable or disable hover tooltips.\u003C\u002Fli>\n\u003Cli>Work on existing Biblia.com and Ref.ly links.\u003C\u002Fli>\n\u003Cli>Work on Bible references with improper casing (such as jn 3:16 or JOHN 3:16).\u003C\u002Fli>\n\u003Cli>Tag chapter references (such as Gen. 1).\u003C\u002Fli>\n\u003Cli>Prevent searching user comments for references.\u003C\u002Fli>\n\u003Cli>Prevent searching specific HTML tags (such as bold, h1, ordered list).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin relies on the Logos Reftagger API service (api.reftagger.com) to make this tagging possible. By using this plugin and corresponding service, you are accept Logos Reftagger API’s Privacy Policy (https:\u002F\u002Fwww.logos.com\u002Fprivacy) and Terms of Use (https:\u002F\u002Fwww.logos.com\u002Fterms).\u003C\u002Fp>\n\u003Cp>For more information, visit https:\u002F\u002Fwww.logos.com\u002Freftagger.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>The plugin works immediately when you activate it on the Plugins page. Customize preferences from Settings > Logos Reftagger. Any changes take effect immediately after clicking Save Changes.\u003C\u002Fp>\n","Logos Reftagger turns Bible references into links to the verse on Biblia.com and adds tooltips with the text of the verse.",10000,131528,96,15,"2025-12-22T21:03:00.000Z","6.9.4","2.3","7.0",[20,7,4,21,22],"bible","scripture","verse","https:\u002F\u002Fwww.logos.com\u002Freftagger","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freftagger.2.4.7.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},4,10330,92,30,88,"2026-04-04T14:52:59.280Z",[38,56,76,96,112],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":26,"num_ratings":26,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":50,"tags":51,"homepage":53,"download_link":54,"security_score":55,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"reftagger-toggle","RefTagger Toggle","0.1.0","Justin Sternberg","https:\u002F\u002Fprofiles.wordpress.org\u002Fjtsternberg\u002F","\u003Cp>Allows disabling \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freftagger\u002F\" rel=\"ugc\">Reftagger\u003C\u002Fa> on a per-page\u002Fpost basis.\u003C\u002Fp>\n","Allows disabling Reftagger on a per-page\u002Fpost basis.",10,1406,"2016-05-18T17:29:00.000Z","4.4.34","",[20,7,4,52],"verses","http:\u002F\u002Fdsgnwrks.pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freftagger-toggle.0.1.0.zip",85,{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":25,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":74,"download_link":75,"security_score":33,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"bible-link-multilingual","BibleLink Multilingual","1.0.19","GlobalRize","https:\u002F\u002Fprofiles.wordpress.org\u002Fglobalrize\u002F","\u003Cp>This lightweight plugin makes Bible references on your website interactive, showing a preview when the visitor clicks or moves the mouse cursor over the references. Up to three verses are shown, followed by a ‘Read more’ link.\u003C\u002Fp>\n\u003Cp>You can choose from 30+ languages and 60+ bible versions. Check the list of available languages\u002Fbibles \u003Ca href=\"https:\u002F\u002Fbible-link.com\u002Flanguages-and-translations\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fc-i_3ALvw-0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbible-link.com\u002F\" rel=\"nofollow ugc\">bible-link.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cp>Suggestions for improvements, additional functionality or more Bible translations are \u003Ca href=\"https:\u002F\u002Fbible-link.com\u002Fcontribute\" rel=\"nofollow ugc\">welcome\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>By installing this plugin you agree to \u003Ca href=\"https:\u002F\u002Fbible-link.com\u002Fterms-of-use\u002F\" rel=\"nofollow ugc\">these terms\u003C\u002Fa>.\u003C\u002Fp>\n","This lightweight plugin makes Bible references on your website interactive and supports multiple languages.",300,5807,6,"2025-01-14T13:39:00.000Z","6.7.5","3.1.0","5.4",[20,72,73,21,22],"link","reference","https:\u002F\u002Fbible-link.globalrize.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbible-link-multilingual.1.0.19.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":94,"download_link":95,"security_score":33,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"truth","Truth","2.8","uamv","https:\u002F\u002Fprofiles.wordpress.org\u002Fuamv\u002F","\u003Cp>The Truth plugin will scan the content of your posts, pages, comments, and widgets for references to Bible verses and can generate two types of links from these references.\u003C\u002Fp>\n\u003Ch4>bibles.org\u003C\u002Fh4>\n\u003Cp>Truth utilizes the \u003Ca href=\"https:\u002F\u002Fbibles.org\u002Fwidget\" title=\"bibles.org Global Bible Widget\" rel=\"nofollow ugc\">Global Bible Widget\u003C\u002Fa> from \u003Ca href=\"https:\u002F\u002Fglobal.bible\" title=\"Global.Bible\" rel=\"nofollow ugc\">The Global Bible Project\u003C\u002Fa> to generate links that, when clicked, will display a modal containing the verse that has been referenced. The following Bible versions are currently supported:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Amplified Bible (AMP)\u003C\u002Fli>\n\u003Cli>Contemporary English Version (CEV)\u003C\u002Fli>\n\u003Cli>Contemporary English Version (Anglicised) 2012 (CEVD)\u003C\u002Fli>\n\u003Cli>English Standard Version (ESV)\u003C\u002Fli>\n\u003Cli>Good News Translation (US Version) (GNTD)\u003C\u002Fli>\n\u003Cli>King James Version, American Edition (KJVA)\u003C\u002Fli>\n\u003Cli>King James Version with Apocrypha, American Edition (KJVA)\u003C\u002Fli>\n\u003Cli>New American Standard Bible (NASB)\u003C\u002Fli>\n\u003Cli>New International Version (NIV)\u003C\u002Fli>\n\u003Cli>New Revised Standard Version (NRSV)\u003C\u002Fli>\n\u003Cli>Good News Bible (Anglicised) 1994 (GNB)\u003C\u002Fli>\n\u003Cli>Good News Bible (Anglicised) Catholic Edition 1994 (GNB)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>YouVersion\u003C\u002Fh4>\n\u003Cp>Truth can also generate links to \u003Ca href=\"http:\u002F\u002Fbible.com\" title=\"YouVersion\" rel=\"nofollow ugc\">YouVersion\u003C\u002Fa>. When using YouVersion, a shortcode allows override of the default Bible version. There is also an option to disable auto-generation of links and use only the shortcode. The following Bible versions are currently supported:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Amplified Bible (AMP)\u003C\u002Fli>\n\u003Cli>American Standard Version (ASV)\u003C\u002Fli>\n\u003Cli>Berean Study Bible (BSB)\u003C\u002Fli>\n\u003Cli>Common English Bible (CEB)\u003C\u002Fli>\n\u003Cli>Contemporary English Version (CEVUS06)\u003C\u002Fli>\n\u003Cli>Catholic Public Domain Version (CPDV)\u003C\u002Fli>\n\u003Cli>Darby Translation 1890 (Darby)\u003C\u002Fli>\n\u003Cli>Douay Rheims (DRA)\u003C\u002Fli>\n\u003Cli>English Standard Version (ESV)\u003C\u002Fli>\n\u003Cli>Good News Bible (GNB)\u003C\u002Fli>\n\u003Cli>GOD’S WORD Translation (GWT)\u003C\u002Fli>\n\u003Cli>Good News Translation (GNT)\u003C\u002Fli>\n\u003Cli>Holman Christian Standard Bible (HCSB)\u003C\u002Fli>\n\u003Cli>King James Version (KJV)\u003C\u002Fli>\n\u003Cli>The Message (MSG)\u003C\u002Fli>\n\u003Cli>New American Standard Bible (NASB)\u003C\u002Fli>\n\u003Cli>New Century Version (NCV)\u003C\u002Fli>\n\u003Cli>New English Translation (NET)\u003C\u002Fli>\n\u003Cli>New International Reader’s Version (NIRV)\u003C\u002Fli>\n\u003Cli>New International Version (NIV)\u003C\u002Fli>\n\u003Cli>New King James Version (NKJV)\u003C\u002Fli>\n\u003Cli>New Living Translation (NLT)\u003C\u002Fli>\n\u003Cli>New Revised Standard Version (NRSV)\u003C\u002Fli>\n\u003Cli>Orthodox Jewish Bible (OJB)\u003C\u002Fli>\n\u003Cli>Tree of Life Bible (TLV)\u003C\u002Fli>\n\u003Cli>World English Bible (WEB)\u003C\u002Fli>\n\u003Cli>La Palabra (BLPH)\u003C\u002Fli>\n\u003Cli>La Bilia de las Americas (LBLA)\u003C\u002Fli>\n\u003Cli>Nueva Versión Internacional (NVI)\u003C\u002Fli>\n\u003Cli>Biblia Reina Valera 1960 (RVR60)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>View an implementation of the plugin \u003Ca href=\"http:\u002F\u002Fwmpl.org\u002Farticles\" title=\"WMPL Articles\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","Automatically links to Bible verses throughout your site.",90,8027,80,9,"2024-06-06T03:00:00.000Z","6.5.8","3.1","7.4",[20,21,77,22,93],"version","https:\u002F\u002Ftypewheel.xyz","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftruth.2.8.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":46,"downloaded":104,"rating":26,"num_ratings":26,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":91,"tags":108,"homepage":50,"download_link":111,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"bible-reader","Bible Reader","1.0.1","Quincy","https:\u002F\u002Fprofiles.wordpress.org\u002Fquincyvr\u002F","\u003Cp>Features:\u003Cbr \u002F>\n– Bible Reader with multiple languages and translations\u003Cbr \u002F>\n– Verse of the Day\u003Cbr \u002F>\n– Hebrew Date Converter\u003Cbr \u002F>\n– Word Cloud Visualization\u003Cbr \u002F>\n– Word Highlighting\u003Cbr \u002F>\n– Chapter Navigation\u003Cbr \u002F>\n– Font Size Options\u003Cbr \u002F>\n– Easy Sharing Options\u003C\u002Fp>\n\u003Cp>Requires a free API key from scripture.api.bible.\u003C\u002Fp>\n\u003Cp>Note: API.Bible has usage limits (500 requests\u002Fhour for free tier).\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the API.Bible service (https:\u002F\u002Fscripture.api.bible) to fetch Bible translations, books, chapters, and verses. This is required for the core functionality of displaying Bible content.\u003C\u002Fp>\n\u003Cp>Data sent to API.Bible:\u003Cbr \u002F>\n– Bible version ID (e.g., ‘06125adad2d5898a-01’)\u003Cbr \u002F>\n– Book ID (e.g., ‘GEN’)\u003Cbr \u002F>\n– Chapter number (e.g., 1)\u003Cbr \u002F>\n– Language code (e.g., ‘eng’)\u003C\u002Fp>\n\u003Cp>When data is sent:\u003Cbr \u002F>\n– When loading available Bible versions for a selected language\u003Cbr \u002F>\n– When loading books for a selected Bible version\u003Cbr \u002F>\n– When loading chapters for a selected book\u003Cbr \u002F>\n– When loading verses for a selected chapter\u003Cbr \u002F>\n– When performing searches\u003C\u002Fp>\n\u003Cp>The plugin does NOT send:\u003Cbr \u002F>\n– User personal data\u003Cbr \u002F>\n– IP addresses\u003Cbr \u002F>\n– Site URLs\u003Cbr \u002F>\n– Any identifiable information\u003C\u002Fp>\n\u003Cp>API.Bible is provided by American Bible Society:\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fscripture.api.bible\u002Fdocs\u002Fterms\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fscripture.api.bible\u002Fdocs\u002Fprivacy\u003C\u002Fp>\n\u003Ch3>Hebrew Date Conversion\u003C\u002Fh3>\n\u003Cp>The plugin also connects to HebCal’s Hebrew Date Converter API (https:\u002F\u002Fwww.hebcal.com) for converting Gregorian dates to Hebrew dates.\u003C\u002Fp>\n\u003Cp>Data sent to HebCal:\u003Cbr \u002F>\n– Day, month, and year of Gregorian date being converted\u003C\u002Fp>\n\u003Cp>When data is sent:\u003Cbr \u002F>\n– Only when a user actively uses the Hebrew date converter feature\u003C\u002Fp>\n\u003Cp>HebCal is provided by HebCal LLC:\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fwww.hebcal.com\u002Fabout\u002Fterms-and-conditions\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.hebcal.com\u002Fabout\u002Fprivacy-policy\u003C\u002Fp>\n\u003Ch3>Social Sharing\u003C\u002Fh3>\n\u003Cp>This plugin includes optional sharing features that generate links to social media platforms.\u003Cbr \u002F>\nNo data is sent to these services unless the user actively chooses to share content.\u003C\u002Fp>\n\u003Cp>When a user shares a verse:\u003Cbr \u002F>\n– The verse text and reference are encoded in the share URL\u003Cbr \u002F>\n– The user’s browser connects directly to the chosen platform\u003Cbr \u002F>\n– No data passes through our servers\u003C\u002Fp>\n\u003Cp>Supported services:\u003Cbr \u002F>\n– X (Twitter): https:\u002F\u002Ftwitter.com\u002Ftos\u003Cbr \u002F>\n– Truth Social: https:\u002F\u002Ftruthsocial.com\u002Fterms\u003Cbr \u002F>\n– Gab: https:\u002F\u002Fgab.com\u002Fabout\u002Fterms\u003Cbr \u002F>\n– WhatsApp: https:\u002F\u002Fwww.whatsapp.com\u002Flegal\u003Cbr \u002F>\n– Telegram: https:\u002F\u002Ftelegram.org\u002Ftos\u003Cbr \u002F>\n– Email (uses default mail client)\u003C\u002Fp>\n\u003Cp>The plugin does NOT:\u003Cbr \u002F>\n– Track sharing activity\u003Cbr \u002F>\n– Store any sharing data\u003Cbr \u002F>\n– Connect to these services without user initiation\u003C\u002Fp>\n\u003Ch3>Privacy Notice\u003C\u002Fh3>\n\u003Cp>This plugin does not collect, store or share any personal user data.\u003Cbr \u002F>\nAll Bible content is fetched directly from API.Bible and not stored locally.\u003C\u002Fp>\n","A beautiful Bible reader with a 'Verse of the Day' and a 'Hebrew date converter'.",349,"2025-05-06T22:22:00.000Z","6.8.5","5.6",[20,109,110,21,22],"converter","reader","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbible-reader.1.0.1.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":46,"downloaded":120,"rating":26,"num_ratings":26,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":18,"tags":124,"homepage":127,"download_link":128,"security_score":55,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"bible-verses-references","Bible Verses References","1.1.2","Klaylton Fernando","https:\u002F\u002Fprofiles.wordpress.org\u002Fbboyguil\u002F","\u003Cp>If you have a blog where you write about theology, there are certainly several biblical references to support your argument. You can’t quote all the texts in full because search engines can punish your blog’s SEO for containing copied texts.\u003C\u002Fp>\n\u003Cp>If you leave only the Biblical references, they are often ignored by users, as many do not have the time or willingness to look up each of the Biblical references.\u003C\u002Fp>\n\u003Cp>Thinking about solving this problem, what this plugin does is a scan of all references present in your text and adds an \u003Ccode>ABBR\u003C\u002Fcode> tag containing the text of the quoted verse.\u003C\u002Fp>\n\u003Cp>When the user hovers over the mouse, a popup will open containing the biblical text. That way, the usability of your Christian blog will be much better and your users will thank you.\u003C\u002Fp>\n\u003Ch3>Supported reference formats\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>João 3:16\u003C\u002Fstrong> parses a single verse\u003C\u002Fli>\n\u003Cli>\u003Cstrong>1 John 5:11-12\u003C\u002Fstrong> parses two verses separated with hyphen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>I John 5:11,14-15\u003C\u002Fstrong> parses a verse followed by a range separated with comm\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Romanos 7:25-8:1\u003C\u002Fstrong> parses two chapter\u002Fverse pairs separated with hyphen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Romanos 12:1,2\u003C\u002Fstrong> parses two versions separated with comma\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rm 12:1-2,4,13\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rm 12:1-2,4,13;13:2;14:2-4,6\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>About the operation\u003C\u002Fh3>\n\u003Cp>The plugin extracts, through regex, the biblical references present in the posts, then a tag is added highlighting the biblical reference to indicate to the user the need to hover. As soon as the user hovers over the reference or taps on the cell phone, a request is made to our API, where the biblical text is returned.\u003C\u002Fp>\n\u003Cp>At the moment, there is no need for extra configuration, nor is it necessary to edit your posts to flag or edit the references, as seen in other plugins with the same proposal.\u003C\u002Fp>\n\u003Cp>Operation is completely automated.\u003C\u002Fp>\n","This plugin fetches all the biblical references present in your posts and pages and adds the text of the verse in a floating window when the user hove &hellip;",1414,"2024-02-22T14:53:00.000Z","6.4.8","5.0",[20,125,126,21,52],"biblia","christian","https:\u002F\u002Fblogdosemeador.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbible-verses-references.1.1.2.zip",{"attackSurface":130,"codeSignals":146,"taintFlows":167,"riskAssessment":194,"analyzedAt":200},{"hooks":131,"ajaxHandlers":142,"restRoutes":143,"shortcodes":144,"cronEvents":145,"entryPointCount":26,"unprotectedCount":26},[132,138],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","admin_menu","reftagger_add_menu","RefTagger.php",525,{"type":133,"name":139,"callback":140,"file":136,"line":141},"wp_footer","reftagger_footer",531,[],[],[],[],{"dangerousFunctions":147,"sqlUsage":148,"outputEscaping":150,"fileOperations":26,"externalRequests":26,"nonceChecks":151,"capabilityChecks":151,"bundledLibraries":166},[],{"prepared":26,"raw":26,"locations":149},[],{"escaped":151,"rawEcho":66,"locations":152},1,[153,156,158,160,162,164],{"file":136,"line":154,"context":155},33,"raw output",{"file":136,"line":157,"context":155},34,{"file":136,"line":159,"context":155},37,{"file":136,"line":161,"context":155},53,{"file":136,"line":163,"context":155},431,{"file":136,"line":165,"context":155},434,[],[168,186],{"entryPoint":169,"graph":170,"unsanitizedCount":26,"severity":185},"reftagger_update_options (RefTagger.php:139)",{"nodes":171,"edges":182},[172,177],{"id":173,"type":174,"label":175,"file":136,"line":176},"n0","source","$_REQUEST (x11)",159,{"id":178,"type":179,"label":180,"file":136,"line":176,"wp_function":181},"n1","sink","update_option() [Settings Manipulation]","update_option",[183],{"from":173,"to":178,"sanitized":184},true,"low",{"entryPoint":187,"graph":188,"unsanitizedCount":26,"severity":185},"\u003CRefTagger> (RefTagger.php:0)",{"nodes":189,"edges":192},[190,191],{"id":173,"type":174,"label":175,"file":136,"line":176},{"id":178,"type":179,"label":180,"file":136,"line":176,"wp_function":181},[193],{"from":173,"to":178,"sanitized":184},{"summary":195,"deductions":196},"The reftagger plugin v2.4.7 exhibits a generally strong security posture based on the provided static analysis.  There is a notable lack of attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events.  The code also demonstrates good practices by using prepared statements for all SQL queries and including nonce and capability checks.  Furthermore, the absence of known CVEs and a history of vulnerabilities suggests a well-maintained and secure codebase.\n\nHowever, a significant concern arises from the low percentage of properly escaped output. With only 14% of outputs being correctly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This indicates that user-supplied data or dynamically generated content might be rendered directly into the browser without adequate sanitization, potentially allowing attackers to inject malicious scripts.\n\nDespite the strengths in attack surface reduction and data handling, the high number of unescaped outputs presents a tangible risk. While the plugin has no recorded vulnerabilities to date, this doesn't negate the inherent risk posed by unescaped output, which is a common vector for XSS attacks. Therefore, while the overall security is promising, immediate attention should be paid to improving output sanitization to mitigate potential XSS exploits.",[197],{"reason":198,"points":199},"Low output escaping rate",8,"2026-03-16T17:49:12.486Z",{"wat":202,"direct":209},{"assetPaths":203,"generatorPatterns":204,"scriptPaths":205,"versionParams":208},[],[],[206,207],"https:\u002F\u002Fapi.reftagger.com\u002Fv2\u002Freftagger.js","https:\u002F\u002Fapi.reftagger.com\u002Fv2\u002Freftagger.es.js",[],{"cssClasses":210,"htmlComments":211,"htmlAttributes":212,"restEndpoints":213,"jsGlobals":214,"shortcodeOutput":216},[],[],[],[],[215],"refTagger",[]]