[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDHZ98aGpErtArtM_8e--HGngQZTvDyeCLfcnpSwCtRs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":37,"fingerprints":156},"saksh-private-ielts-preparation","Saksh private IELTS preparation","4.1.1","susheelhbti","https:\u002F\u002Fprofiles.wordpress.org\u002Fsusheelhbti\u002F","\u003Cp>Saksh private IELTS preparation offer you an application using that you can provide practise tests to your students.\u003C\u002Fp>\n\u003Cp>This include questions set so you don’t need to import any database you only need to create a page and add shortcode  [PrivateIELTSEXCERCISE]\u003C\u002Fp>\n\u003Cp>Student can click and see the tests and read.\u003C\u002Fp>\n\u003Cp>To start using this you only need two step 1 activate plugin and 2nd create a page and type the shortcode [PrivateIELTSEXCERCISE] .This all plugin will do the rest.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>£ Database included\u003Cbr \u002F>\n£ Around 2800 datasets.\u003C\u002Fp>\n\u003Ch3>Key Usage :\u003C\u002Fh3>\n\u003Cp>Students will study these materials and you will get traffice on your website.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Download and extract   to \u003Ccode>wp-content\u002Fplugins\u002F\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress.\u003C\u002Fli>\n\u003Cli>“Dashboard”->”Settings”->”saksh-private-IELTS-preparation”\u003C\u002Fli>\n\u003Cli>There are some examples on the settings page,\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin provide around 3000+ questions\u002Fanwer set to your students for the practise for the IELTS.  [PrivateIELTSEXCERCISE]",10,1360,0,"2024-06-17T03:43:00.000Z","6.5.8","2.7","",[19,20,21,22],"exam-software","ielts","ielts-test","private-ielts-study","#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsaksh-private-ielts-preparation.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},14,40,90,30,87,"2026-04-04T04:31:58.149Z",[],{"attackSurface":38,"codeSignals":61,"taintFlows":114,"riskAssessment":142,"analyzedAt":155},{"hooks":39,"ajaxHandlers":51,"restRoutes":52,"shortcodes":53,"cronEvents":59,"entryPointCount":60,"unprotectedCount":13},[40,46],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","wp_enqueue_scripts","saksh_scripts","index.php",55,{"type":41,"name":47,"callback":48,"file":49,"line":50},"admin_menu","saksh_private_ielts_preparation_menu_page","saksh_private_ielts_preparation_support.php",24,[],[],[54],{"tag":55,"callback":56,"file":57,"line":58},"PrivateIELTSEXCERCISE","saksh_private_ielts_preparation__excersize_func","saksh_private_ielts_preparation_shortcode.php",158,[],1,{"dangerousFunctions":62,"sqlUsage":63,"outputEscaping":66,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":113},[],{"prepared":64,"raw":13,"locations":65},2,[],{"escaped":60,"rawEcho":67,"locations":68},25,[69,72,74,75,77,79,80,82,84,85,87,89,90,92,94,95,97,99,100,102,103,105,107,109,111],{"file":57,"line":70,"context":71},17,"raw output",{"file":57,"line":73,"context":71},44,{"file":57,"line":73,"context":71},{"file":57,"line":76,"context":71},46,{"file":57,"line":78,"context":71},48,{"file":57,"line":78,"context":71},{"file":57,"line":81,"context":71},50,{"file":57,"line":83,"context":71},52,{"file":57,"line":83,"context":71},{"file":57,"line":86,"context":71},54,{"file":57,"line":88,"context":71},56,{"file":57,"line":88,"context":71},{"file":57,"line":91,"context":71},57,{"file":57,"line":93,"context":71},59,{"file":57,"line":93,"context":71},{"file":57,"line":96,"context":71},64,{"file":57,"line":98,"context":71},65,{"file":57,"line":98,"context":71},{"file":57,"line":101,"context":71},78,{"file":57,"line":101,"context":71},{"file":57,"line":104,"context":71},79,{"file":57,"line":106,"context":71},80,{"file":57,"line":108,"context":71},131,{"file":57,"line":110,"context":71},132,{"file":57,"line":112,"context":71},133,[],[115,133],{"entryPoint":116,"graph":117,"unsanitizedCount":60,"severity":132},"saksh_private_ielts_preparation__excersize_func (saksh_private_ielts_preparation_shortcode.php:4)",{"nodes":118,"edges":129},[119,124],{"id":120,"type":121,"label":122,"file":57,"line":123},"n0","source","$_GET",11,{"id":125,"type":126,"label":127,"file":57,"line":70,"wp_function":128},"n1","sink","echo() [XSS]","echo",[130],{"from":120,"to":125,"sanitized":131},false,"medium",{"entryPoint":134,"graph":135,"unsanitizedCount":60,"severity":141},"\u003Csaksh_private_ielts_preparation_shortcode> (saksh_private_ielts_preparation_shortcode.php:0)",{"nodes":136,"edges":139},[137,138],{"id":120,"type":121,"label":122,"file":57,"line":123},{"id":125,"type":126,"label":127,"file":57,"line":70,"wp_function":128},[140],{"from":120,"to":125,"sanitized":131},"low",{"summary":143,"deductions":144},"The saksh-private-ielts-preparation plugin, version 4.1.1, exhibits a mixed security posture. On the positive side, it has no known vulnerabilities (CVEs) and no external HTTP requests or file operations, which are common vectors for compromise. The plugin also utilizes prepared statements for all its SQL queries, a strong indicator of good database security practices. However, several concerning signals emerge from the static analysis.  The most significant concern is the lack of any capability checks or nonce checks across its identified entry points, including a shortcode. This means that any user, regardless of their role or authentication status, could potentially interact with the plugin's functionality. Furthermore, the taint analysis revealed two flows with unsanitized paths, indicating a potential for path traversal or local file inclusion vulnerabilities, even though they are not classified as critical or high severity in this analysis. The low percentage of properly escaped output (4%) is also a significant concern, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities across its outputs.\n\nWhile the plugin's history of zero CVEs is reassuring, it does not negate the immediate risks identified in the code analysis. The absence of vulnerabilities in the past could be due to luck, infrequent auditing, or a lack of exploitation attempts. The current static analysis highlights a considerable risk of XSS due to insufficient output escaping and potential path-related vulnerabilities. The lack of authorization checks on its single entry point is a critical oversight. Therefore, despite the absence of known CVEs and good SQL practices, the plugin's current version presents significant security risks that require immediate attention, particularly regarding output escaping and access control.",[145,148,151,153],{"reason":146,"points":147},"Unsanitized paths in taint flows",12,{"reason":149,"points":150},"Insufficient output escaping (96% unescaped)",15,{"reason":152,"points":11},"No capability checks on entry points",{"reason":154,"points":11},"No nonce checks on entry points","2026-03-16T23:43:58.113Z",{"wat":157,"direct":166},{"assetPaths":158,"generatorPatterns":161,"scriptPaths":162,"versionParams":163},[159,160],"\u002Fwp-content\u002Fplugins\u002Fsaksh-private-ielts-preparation\u002Fsaksh.css","\u002Fwp-content\u002Fplugins\u002Fsaksh-private-ielts-preparation\u002Fsaksh.js",[],[],[164,165],"saksh-private-ielts-preparation\u002Fsaksh.css?ver=","saksh-private-ielts-preparation\u002Fsaksh.js?ver=",{"cssClasses":167,"htmlComments":171,"htmlAttributes":172,"restEndpoints":175,"jsGlobals":176,"shortcodeOutput":177},[168,169,170],"sakshh3","sakshtable","togglebtn",[],[173,174],"data-toggle","data-target",[],[],[178,179,180,181,182,183,184,185,186],"\u003Cdiv id=\"sakshaccordion\">","\u003Ctable class=\"sakshtable  table table-hover\">","\u003Cth>Excercise ID\u003C\u002Fth>","\u003Cth>Title\u003C\u002Fth>","\u003Ctd>\u003Ca href=\"?exercise_id=","\u003Cdiv class=\"block\">","\u003Cdiv id=\"toggle-example","\u003Cp>Correct Answer : ","\u003Cp>Notes: "]