[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDn3qc_lfWDHbFdduhaqirCvb_oCnDhRed_YLN0jr43Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":31,"analysis":32,"fingerprints":339},"reputando-reviews-widget","Reputando Reviews Widget","1.0.8","Reputando","https:\u002F\u002Fprofiles.wordpress.org\u002Fajaychandanit\u002F","\u003Cp>The \u003Cstrong>Reputando Reviews Widget\u003C\u002Fstrong> plugin allows you to showcase customer reviews collected via the Reputando platform directly on your WordPress site.\u003C\u002Fp>\n\u003Cp>This is ideal for businesses who want to build trust by showing real customer feedback from various review channels in one unified widget. Whether you’re running an eCommerce site, local business, or a service company, this plugin helps you boost conversions by making reviews visible where they matter most.\u003C\u002Fp>\n\u003Cp>You can easily embed reviews using a simple shortcode and customize how they look to match your site’s style.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>✅ Display customer reviews from your Reputando account\u003C\u002Fli>\n\u003Cli>🔄 Automatically syncs new reviews\u003C\u002Fli>\n\u003Cli>🧩 Lightweight and easy to configure\u003C\u002Fli>\n\u003Cli>🔧 Simple shortcode to embed reviews anywhere\u003C\u002Fli>\n\u003Cli>🎨 Minimal and responsive design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>SHORTCODE\u003C\u002Fh3>\n\u003Cp>Use the following shortcode to embed your reviews:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[reputando_reviews id=\"{id}\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Replace \u003Ccode>{id}\u003C\u002Fcode> with your Reputando shortcode post ID.\u003C\u002Fp>\n\u003Cp>Example:\u003Cbr \u002F>\n    [reputando_reviews id=”1234″]\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>After activating the plugin, go to \u003Cstrong>Reputando > Connect\u003C\u002Fstrong> in your WordPress dashboard.\u003C\u002Fli>\n\u003Cli>Connect the plugin to your Reputando account to pull in your latest reviews.\u003C\u002Fli>\n\u003Cli>Then go to \u003Cstrong>Reputando > Shortcodes\u003C\u002Fstrong> to generate a shortcode with customized design settings.\u003C\u002Fli>\n\u003Cli>Copy the generated shortcode and paste it into any page or post where you want the reviews to appear.\u003C\u002Fli>\n\u003Cli>Save the page and view it on the front end to see your reviews live.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Reputando API (https:\u002F\u002Fapp.reputando.com) to fetch and manage business reviews.\u003C\u002Fp>\n\u003Cp>The plugin sends the following data to the Reputando API:\u003Cbr \u002F>\n– User credentials (email, password) for login and token generation.\u003Cbr \u002F>\n– Business identifiers to retrieve and manage reviews.\u003Cbr \u002F>\n– Review replies and publishing actions from the WordPress admin.\u003C\u002Fp>\n\u003Cp>The API is required for the core functionality of this plugin — including viewing reviews, syncing them, and replying to them.\u003C\u002Fp>\n\u003Cp>This service is provided by Reputando.\u003Cbr \u002F>\n– Terms of Use: https:\u002F\u002Fapp.reputando.com\u002Fterms\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fapp.reputando.com\u002Fprivacy\u003C\u002Fp>\n","Display customer reviews from your Reputando profile on any WordPress page or post using a simple shortcode.",10,431,0,"2026-03-02T09:28:00.000Z","6.8.5","5.0","7.0",[],"https:\u002F\u002Fwww.reputando.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freputando-reviews-widget.1.0.8.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":21,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},"ajaychandanit",1,30,94,"2026-04-04T13:49:09.166Z",[],{"attackSurface":33,"codeSignals":219,"taintFlows":241,"riskAssessment":332,"analyzedAt":338},{"hooks":34,"ajaxHandlers":158,"restRoutes":209,"shortcodes":210,"cronEvents":215,"entryPointCount":218,"unprotectedCount":13},[35,41,45,50,55,60,64,67,71,76,80,84,88,92,96,99,102,105,109,112,116,121,125,128,131,135,140,143,148,151,153,156],{"type":36,"name":37,"callback":38,"file":39,"line":40},"action","admin_menu","reputando_admin_menu","admin\\src\\reputando_admin_menus.php",13,{"type":36,"name":42,"callback":43,"file":39,"line":44},"admin_init","reputando_register_settings",150,{"type":36,"name":46,"callback":47,"file":48,"line":49},"admin_enqueue_scripts","reputando_enqueue_scripts","admin\\src\\reputando_ajax_callbacks.php",4,{"type":36,"name":51,"callback":52,"file":53,"line":54},"init","reputando_register_reputando_cpt","admin\\src\\reputando_custom_posts.php",88,{"type":56,"name":57,"callback":58,"priority":11,"file":53,"line":59},"filter","post_row_actions","reputando_remove_edit_view_links_from_cpt",106,{"type":36,"name":46,"callback":61,"file":62,"line":63},"reputando_add_sync_reviews_button_near_add_new","admin\\src\\reputando_post_column_adjustments.php",22,{"type":56,"name":65,"callback":66,"file":62,"line":28},"manage_reputando_shortcodes_posts_columns","reputando_add_shortcode_columns",{"type":36,"name":68,"callback":69,"priority":11,"file":62,"line":70},"manage_reputando_shortcodes_posts_custom_column","reputando_display_shortcode_postmeta_column",41,{"type":56,"name":72,"callback":73,"priority":74,"file":62,"line":75},"manage_edit-reputando_reviews_columns","modify_reputando_reviews_columns",999,56,{"type":36,"name":77,"callback":78,"priority":11,"file":62,"line":79},"manage_reputando_reviews_posts_custom_column","reputando_populate_reviews_columns",152,{"type":36,"name":81,"callback":82,"file":62,"line":83},"admin_footer","reputando_add_modal_html",207,{"type":36,"name":85,"callback":86,"file":62,"line":87},"restrict_manage_posts","reputando_add_custom_meta_filter",330,{"type":36,"name":89,"callback":90,"file":62,"line":91},"pre_get_posts","reputando_filter_posts_by_meta_key",384,{"type":56,"name":93,"callback":94,"file":62,"line":95},"views_edit-reputando_reviews","reputando_add_custom_channel_views_for_reviews",413,{"type":36,"name":89,"callback":97,"file":62,"line":98},"reputando_filter_reputando_reviews_by_channel_view",463,{"type":36,"name":85,"callback":100,"file":62,"line":101},"reputando_add_reputando_date_filter_for_reviews",482,{"type":36,"name":89,"callback":103,"file":62,"line":104},"reputando_filter_raputando_reviews_by_date_range",500,{"type":56,"name":106,"callback":107,"file":62,"line":108},"months_dropdown_results","__return_empty_array",597,{"type":36,"name":42,"callback":110,"file":62,"line":111},"reputando_remove_monthly_filter_for_custom_post_type",601,{"type":36,"name":113,"callback":114,"file":115,"line":49},"reputando_sync_reviews_event","reputando_sync_reviews","admin\\src\\reputando_review_sync_cron.php",{"type":36,"name":117,"callback":118,"file":119,"line":120},"add_meta_boxes","reputando_register_meta_boxes","admin\\src\\reputando_shortcode_metaboxes.php",45,{"type":36,"name":122,"callback":123,"file":119,"line":124},"save_post","reputando_save_meta_boxes",288,{"type":36,"name":122,"callback":126,"file":119,"line":127},"reputando_save_channel_metabox",831,{"type":36,"name":122,"callback":129,"file":119,"line":130},"reputando_save_advance_metabox",902,{"type":36,"name":132,"callback":133,"file":119,"line":134},"admin_notices","reputando_show_reputando_badge_layout_error_notice",942,{"type":36,"name":136,"callback":137,"file":138,"line":139},"wp_enqueue_scripts","reputando_frontend_scripts","frontend\\shortcode\\reputando_review_shortcode.php",313,{"type":36,"name":46,"callback":141,"file":138,"line":142},"reputando_preview_scripts",333,{"type":36,"name":144,"callback":145,"file":146,"line":147},"plugins_loaded","reputando_load_textdomain","reputando.php",35,{"type":36,"name":42,"callback":149,"file":146,"line":150},"closure",44,{"type":56,"name":152,"callback":149,"priority":11,"file":146,"line":75},"wp_kses_allowed_html",{"type":56,"name":154,"callback":149,"file":146,"line":155},"kses_allowed_protocols",80,{"type":36,"name":132,"callback":149,"file":146,"line":157},86,[159,165,169,173,177,181,184,187,191,195,199,202,204,207],{"action":160,"nopriv":161,"callback":162,"hasNonce":163,"hasCapCheck":163,"file":48,"line":164},"reputando_get_token",false,"reputando_get_token_ajax",true,25,{"action":166,"nopriv":161,"callback":167,"hasNonce":163,"hasCapCheck":163,"file":48,"line":168},"reputando_get_reviews","reputando_get_reviews_ajax",111,{"action":170,"nopriv":161,"callback":171,"hasNonce":163,"hasCapCheck":163,"file":48,"line":172},"reputando_generate_preview_shortcode","reputando_reputando_generate_preview_shortcode_ajax",160,{"action":174,"nopriv":161,"callback":175,"hasNonce":163,"hasCapCheck":163,"file":48,"line":176},"reputando_update_location","reputando_update_location_ajax",218,{"action":178,"nopriv":161,"callback":179,"hasNonce":163,"hasCapCheck":161,"file":48,"line":180},"reputando_delete_account","reputando_delete_account_ajax",252,{"action":182,"nopriv":161,"callback":182,"hasNonce":163,"hasCapCheck":163,"file":62,"line":183},"reputando_fetch_post_content",236,{"action":185,"nopriv":161,"callback":185,"hasNonce":163,"hasCapCheck":163,"file":62,"line":186},"reputando_save_post_content",262,{"action":188,"nopriv":161,"callback":189,"hasNonce":163,"hasCapCheck":163,"file":62,"line":190},"reputando_display_reply_content","reputando_display_reply_content_callback",278,{"action":192,"nopriv":161,"callback":193,"hasNonce":163,"hasCapCheck":163,"file":62,"line":194},"reputando_display_review_content","reputando_display_review_content_callback",301,{"action":196,"nopriv":161,"callback":197,"hasNonce":163,"hasCapCheck":163,"file":62,"line":198},"reputando_publish_reply","reputando_publish_review_reply",328,{"action":200,"nopriv":161,"callback":200,"hasNonce":163,"hasCapCheck":161,"file":62,"line":201},"reputando_fetch_slider_content",584,{"action":200,"nopriv":163,"callback":200,"hasNonce":163,"hasCapCheck":161,"file":62,"line":203},585,{"action":205,"nopriv":163,"callback":205,"hasNonce":163,"hasCapCheck":161,"file":138,"line":206},"reputando_pagination_reviews",335,{"action":205,"nopriv":161,"callback":205,"hasNonce":163,"hasCapCheck":161,"file":138,"line":208},336,[],[211],{"tag":212,"callback":213,"file":138,"line":214},"reputando_reviews","reputando_reviews_shortcode",182,[216],{"hook":113,"callback":113,"file":146,"line":217},51,15,{"dangerousFunctions":220,"sqlUsage":221,"outputEscaping":224,"fileOperations":13,"externalRequests":222,"nonceChecks":239,"capabilityChecks":40,"bundledLibraries":240},[],{"prepared":222,"raw":13,"locations":223},6,[],{"escaped":225,"rawEcho":222,"locations":226},224,[227,230,232,234,236,237],{"file":62,"line":228,"context":229},340,"raw output",{"file":119,"line":231,"context":229},122,{"file":119,"line":233,"context":229},125,{"file":119,"line":235,"context":229},324,{"file":119,"line":228,"context":229},{"file":119,"line":238,"context":229},346,17,[],[242,260,273,284,293,304,313,324],{"entryPoint":243,"graph":244,"unsanitizedCount":27,"severity":259},"reputando_add_custom_meta_filter (admin\\src\\reputando_post_column_adjustments.php:331)",{"nodes":245,"edges":257},[246,251],{"id":247,"type":248,"label":249,"file":62,"line":250},"n0","source","$_GET",343,{"id":252,"type":253,"label":254,"file":62,"line":255,"wp_function":256},"n1","sink","echo() [XSS]",344,"echo",[258],{"from":247,"to":252,"sanitized":161},"medium",{"entryPoint":261,"graph":262,"unsanitizedCount":13,"severity":272},"reputando_get_token_ajax (admin\\src\\reputando_ajax_callbacks.php:27)",{"nodes":263,"edges":270},[264,266],{"id":247,"type":248,"label":265,"file":48,"line":70},"$_POST (x6)",{"id":252,"type":253,"label":267,"file":48,"line":268,"wp_function":269},"update_option() [Settings Manipulation]",54,"update_option",[271],{"from":247,"to":252,"sanitized":163},"low",{"entryPoint":274,"graph":275,"unsanitizedCount":13,"severity":272},"reputando_update_location_ajax (admin\\src\\reputando_ajax_callbacks.php:220)",{"nodes":276,"edges":282},[277,280],{"id":247,"type":248,"label":278,"file":48,"line":279},"$_POST",234,{"id":252,"type":253,"label":267,"file":48,"line":281,"wp_function":269},235,[283],{"from":247,"to":252,"sanitized":163},{"entryPoint":285,"graph":286,"unsanitizedCount":13,"severity":272},"\u003Creputando_ajax_callbacks> (admin\\src\\reputando_ajax_callbacks.php:0)",{"nodes":287,"edges":291},[288,290],{"id":247,"type":248,"label":289,"file":48,"line":70},"$_POST (x7)",{"id":252,"type":253,"label":267,"file":48,"line":268,"wp_function":269},[292],{"from":247,"to":252,"sanitized":163},{"entryPoint":294,"graph":295,"unsanitizedCount":13,"severity":272},"reputando_add_reputando_date_filter_for_reviews (admin\\src\\reputando_post_column_adjustments.php:484)",{"nodes":296,"edges":302},[297,300],{"id":247,"type":248,"label":298,"file":62,"line":299},"$_GET (x2)",489,{"id":252,"type":253,"label":254,"file":62,"line":301,"wp_function":256},493,[303],{"from":247,"to":252,"sanitized":163},{"entryPoint":305,"graph":306,"unsanitizedCount":13,"severity":272},"\u003Creputando_post_column_adjustments> (admin\\src\\reputando_post_column_adjustments.php:0)",{"nodes":307,"edges":311},[308,310],{"id":247,"type":248,"label":309,"file":62,"line":250},"$_GET (x3)",{"id":252,"type":253,"label":254,"file":62,"line":255,"wp_function":256},[312],{"from":247,"to":252,"sanitized":163},{"entryPoint":314,"graph":315,"unsanitizedCount":13,"severity":272},"reputando_pagination_reviews (frontend\\shortcode\\reputando_review_shortcode.php:338)",{"nodes":316,"edges":322},[317,320],{"id":247,"type":248,"label":318,"file":138,"line":319},"$_POST (x2)",351,{"id":252,"type":253,"label":254,"file":138,"line":321,"wp_function":256},430,[323],{"from":247,"to":252,"sanitized":163},{"entryPoint":325,"graph":326,"unsanitizedCount":13,"severity":272},"\u003Creputando_review_shortcode> (frontend\\shortcode\\reputando_review_shortcode.php:0)",{"nodes":327,"edges":330},[328,329],{"id":247,"type":248,"label":318,"file":138,"line":319},{"id":252,"type":253,"label":254,"file":138,"line":321,"wp_function":256},[331],{"from":247,"to":252,"sanitized":163},{"summary":333,"deductions":334},"The reputando-reviews-widget plugin version 1.0.8 exhibits a generally strong security posture based on the provided static analysis. A significant strength is the complete absence of raw SQL queries, with all 6 queries utilizing prepared statements, mitigating the risk of SQL injection. Furthermore, the plugin demonstrates excellent output escaping practices, with 97% of outputs properly handled, greatly reducing the likelihood of cross-site scripting (XSS) vulnerabilities. The presence of 17 nonce checks and 13 capability checks across its 15 entry points (including AJAX handlers and shortcodes) is also a positive indicator of secure development, as these are crucial for preventing common web attacks. The plugin also has a clean vulnerability history with no known CVEs, which suggests a history of stable and secure development.\n\nHowever, one area of concern identified in the taint analysis is a single flow with an unsanitized path. While classified as critical severity 0 and high severity 0, the very existence of an unsanitized path is a potential weakness that could be exploited if combined with other factors or if the severity classification is an oversight. The attack surface, while fully protected by authentication\u002Fpermission checks, is still composed of 14 AJAX handlers and a shortcode, representing multiple potential interaction points. The plugin's lack of bundled libraries is also a positive, as it avoids the risk of using outdated and vulnerable components. Overall, the plugin is well-developed from a security perspective, but the single unsanitized path warrants careful consideration and potential further investigation.",[335],{"reason":336,"points":337},"Flow with unsanitized paths found",8,"2026-03-17T01:20:06.875Z",{"wat":340,"direct":350},{"assetPaths":341,"generatorPatterns":344,"scriptPaths":345,"versionParams":347},[342,343],"\u002Fwp-content\u002Fplugins\u002Freputando-reviews-widget\u002Fadmin\u002Fcss\u002Freputando-admin.css","\u002Fwp-content\u002Fplugins\u002Freputando-reviews-widget\u002Fadmin\u002Fjs\u002Freputando-admin-scripts.js",[],[346],"admin\u002Fjs\u002Freputando-admin-scripts.js",[348,349],"reputando-admin-css?ver=","reputando-admin-scripts.js?ver=",{"cssClasses":351,"htmlComments":353,"htmlAttributes":354,"restEndpoints":357,"jsGlobals":358,"shortcodeOutput":360},[352],"reputando_page_reputando-connect",[],[355,356],"reputando_selected_location","location_connect",[],[359],"reputando_ajax",[]]