[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnpCt2TmIzXAVCqgFtiA-0dpZBC8Wf5_Oec6QEmrWqlU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":19,"download_link":20,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":33,"fingerprints":146},"saksh-course-system","Saksh Course System","1.0","susheelhbti","https:\u002F\u002Fprofiles.wordpress.org\u002Fsusheelhbti\u002F","\u003Cp>Are you selling course from your website. This plugin is best and yes very small but full feature for selling coures.\u003C\u002Fp>\n\u003Cp>This provide a custom post type courses and a clean design for the font end.\u003C\u002Fp>\n\u003Cp>When we add course we also provide one link where user can purcahse the course and complete.\u003C\u002Fp>\n\u003Cp>It ask following information from the admin and publish to the front page\u003C\u002Fp>\n\u003Cp>Short Title\u003Cbr \u002F>\n Language\u003Cbr \u002F>\n Course Buy Link\u003Cbr \u002F>\n Course Price\u003Cbr \u002F>\n Access\u003Cbr \u002F>\n Certificate of completion\u003Cbr \u002F>\n Topic Covered\u003Cbr \u002F>\n Requirements\u003Cbr \u002F>\n Curriculum\u003Cbr \u002F>\n About this course\u003Cbr \u002F>\n Notes\u003Cbr \u002F>\n Resources\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>£ Small plugin thus put less load on the wordpress installation\u003C\u002Fp>\n\u003Ch3>Key Usage :\u003C\u002Fh3>\n\u003Cp>You can start course selling from your site and monetize your website.\u003C\u002Fp>\n","Saksh course pluign is best if you sell courses from your website and don't wish to install any big learning management system as it may cost hug …",0,775,"2021-03-25T10:48:00.000Z","5.6.17","5.3","7.0",[18],"course-system","#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsaksh-course-system.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},14,40,90,30,87,"2026-04-04T02:50:39.401Z",[],{"attackSurface":34,"codeSignals":78,"taintFlows":120,"riskAssessment":139,"analyzedAt":145},{"hooks":35,"ajaxHandlers":74,"restRoutes":75,"shortcodes":76,"cronEvents":77,"entryPointCount":11,"unprotectedCount":11},[36,42,47,51,55,58,61,64,67,70],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","init","SCS_aistore_load_language","index.php",63,{"type":43,"name":44,"callback":45,"file":40,"line":46},"filter","single_template","SCS_aistore_template",74,{"type":37,"name":48,"callback":49,"file":40,"line":50},"save_post","SCS_aistore_save_meta_box_data",200,{"type":37,"name":52,"callback":53,"file":40,"line":54},"add_meta_boxes","SCS_aistore_meta_box",465,{"type":37,"name":38,"callback":56,"priority":11,"file":40,"line":57},"SCS_aistore_custom_post_type",534,{"type":37,"name":38,"callback":59,"priority":11,"file":40,"line":60},"SCS_aistore_create_subjects_hierarchical_taxonomy",539,{"type":37,"name":38,"callback":62,"priority":11,"file":40,"line":63},"SCS_aistore_create_exam_hierarchical_taxonomy",579,{"type":37,"name":38,"callback":65,"priority":11,"file":40,"line":66},"SCS_aistore_create_language_hierarchical_taxonomy",622,{"type":37,"name":38,"callback":68,"priority":11,"file":40,"line":69},"SCS_aistore_create_tags_hierarchical_taxonomy",667,{"type":43,"name":71,"callback":72,"file":40,"line":73},"tiny_mce_before_init","my_format_TinyMCE",730,[],[],[],[],{"dangerousFunctions":79,"sqlUsage":80,"outputEscaping":82,"fileOperations":11,"externalRequests":11,"nonceChecks":117,"capabilityChecks":118,"bundledLibraries":119},[],{"prepared":11,"raw":11,"locations":81},[],{"escaped":83,"rawEcho":84,"locations":85},11,15,[86,90,92,94,96,98,100,102,104,105,107,109,111,113,115],{"file":87,"line":88,"context":89},"aistore_course_system_template.php",35,"raw output",{"file":87,"line":91,"context":89},43,{"file":87,"line":93,"context":89},49,{"file":87,"line":95,"context":89},55,{"file":87,"line":97,"context":89},61,{"file":87,"line":99,"context":89},67,{"file":87,"line":101,"context":89},73,{"file":87,"line":103,"context":89},80,{"file":87,"line":30,"context":89},{"file":87,"line":106,"context":89},94,{"file":87,"line":108,"context":89},100,{"file":87,"line":110,"context":89},107,{"file":87,"line":112,"context":89},114,{"file":40,"line":114,"context":89},229,{"file":40,"line":116,"context":89},235,1,2,[],[121],{"entryPoint":122,"graph":123,"unsanitizedCount":11,"severity":138},"\u003Cindex> (index.php:0)",{"nodes":124,"edges":135},[125,130],{"id":126,"type":127,"label":128,"file":40,"line":129},"n0","source","$_POST",125,{"id":131,"type":132,"label":133,"file":40,"line":114,"wp_function":134},"n1","sink","echo() [XSS]","echo",[136],{"from":126,"to":131,"sanitized":137},true,"low",{"summary":140,"deductions":141},"The \"saksh-course-system\" v1.0 plugin exhibits a strong security posture based on the provided static analysis. The complete absence of known CVEs and a clean vulnerability history suggest a well-maintained or recently developed plugin with no public security flaws.  The code analysis reveals a commendably small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication or permission checks. The plugin also avoids dangerous functions and file operations, and all SQL queries utilize prepared statements, which significantly mitigates the risk of SQL injection vulnerabilities. The presence of nonce checks and capability checks, although limited in number, indicates an awareness of WordPress security best practices.  However, a notable concern is the low percentage (42%) of properly escaped output. This could potentially lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not sufficiently sanitized before being displayed to end-users. While the taint analysis did not reveal any unsanitized paths, the unescaped output remains a potential area of weakness. Overall, the plugin demonstrates good security fundamentals, but the output escaping issue warrants attention to ensure a robust security profile.",[142],{"reason":143,"points":144},"Low percentage of properly escaped output",6,"2026-03-17T06:43:05.199Z",{"wat":147,"direct":153},{"assetPaths":148,"generatorPatterns":150,"scriptPaths":151,"versionParams":152},[149],"\u002Fwp-content\u002Fplugins\u002Fsaksh-course-system\u002Faistore_course_system_template.php",[],[],[],{"cssClasses":154,"htmlComments":155,"htmlAttributes":158,"restEndpoints":171,"jsGlobals":172,"shortcodeOutput":173},[],[156,157],"\u003C!-- Checks for single template by post type -->","\u003C!-- Add a nonce field so we can check for it later. SCS_aistore_meta_box_callback -->",[159,160,161,162,163,164,165,166,167,168,169,170],"name=\"short_title\"","name=\"course_buy_link\"","name=\"course_price\"","name=\"access\"","name=\"certificate_of_completion\"","name=\"description\"","name=\"topic_covered\"","name=\"requirements\"","name=\"curriculum\"","name=\"about_this_course\"","name=\"notes\"","name=\"resources\"",[],[],[]]