[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEaAJElhlze9c1qnksNc1igJe_1GdTA91sSKuos8-mxo":3,"$f_QceTASABkQEMZXX2Svtp-cSYCnGxIXIclsUi3LdYC8":547,"$f0fzUnlTgHK6lrUTjH0cCEy-lQdPZUoFTugkcn-UJRB8":552},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"discovery_status":24,"vulnerabilities":25,"developer":26,"crawl_stats":22,"alternatives":33,"analysis":34,"fingerprints":522},"serenity-theme-extensions","Serenity Extensions","1.1.2","themely","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemely\u002F","\u003Cp>This plugin adds widgets required by the Serenity WordPress theme by Themely.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>Serenity Extensions WordPress Plugin, Copyright 2016 Ishmael ‘Hans’ Desjarlais\u003C\u002Fp>\n\u003Cp>Serenity Extensions is distributed under the terms of the GNU GPL\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation; either version 2 of the License, or\u003Cbr \u002F>\n(at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\u003Cbr \u002F>\nGNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along\u003Cbr \u002F>\nwith this program; if not, write to the Free Software Foundation, Inc.,\u003Cbr \u002F>\n51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.\u003C\u002Fp>\n","This plugin adds widgets required by the Serenity WordPress theme by Themely.",200,8659,0,"2022-07-27T15:43:00.000Z","6.0.11","3.8","5.6",[],"https:\u002F\u002Fwww.themely.com\u002Fthemes\u002Fserenity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fserenity-theme-extensions.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},4,5660,76,30,77,"2026-05-20T01:11:06.838Z",[],{"attackSurface":35,"codeSignals":88,"taintFlows":514,"riskAssessment":515,"analyzedAt":521},{"hooks":36,"ajaxHandlers":84,"restRoutes":85,"shortcodes":86,"cronEvents":87,"entryPointCount":13,"unprotectedCount":13},[37,43,46,50,55,58,62,64,67,70,73,75,77,78,81],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","admin_enqueue_scripts","serenity_extensions_upload_script","inc\\widgets.php",17,{"type":38,"name":39,"callback":44,"file":41,"line":45},"serenity_extensions_color_picker",18,{"type":38,"name":47,"callback":48,"file":41,"line":49},"wp_head","serenity_extensions_image_styles",19,{"type":38,"name":51,"callback":52,"file":53,"line":54},"widgets_init","closure","widgets\\bar_widget.php",129,{"type":38,"name":51,"callback":52,"file":56,"line":57},"widgets\\counter_widget.php",179,{"type":38,"name":59,"callback":60,"file":61,"line":42},"load-widgets.php","serenity_lite_widgets_color_picker","widgets\\feature_widget.php",{"type":38,"name":51,"callback":52,"file":61,"line":63},175,{"type":38,"name":51,"callback":52,"file":65,"line":66},"widgets\\hero_widget.php",228,{"type":38,"name":51,"callback":52,"file":68,"line":69},"widgets\\pricing_widget.php",217,{"type":38,"name":51,"callback":52,"file":71,"line":72},"widgets\\project_widget.php",172,{"type":38,"name":51,"callback":52,"file":74,"line":54},"widgets\\service_widget.php",{"type":38,"name":59,"callback":60,"file":76,"line":42},"widgets\\showcase_widget.php",{"type":38,"name":51,"callback":52,"file":76,"line":63},{"type":38,"name":51,"callback":52,"file":79,"line":80},"widgets\\team_widget.php",187,{"type":38,"name":51,"callback":52,"file":82,"line":83},"widgets\\testimonial_widget.php",114,[],[],[],[],{"dangerousFunctions":89,"sqlUsage":90,"outputEscaping":92,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":512,"bundledLibraries":513},[],{"prepared":13,"raw":13,"locations":91},[],{"escaped":93,"rawEcho":94,"locations":95},263,302,[96,99,101,103,105,107,109,110,112,114,115,117,119,120,122,124,126,128,130,131,133,135,136,138,140,141,143,145,146,148,150,152,153,155,157,158,160,162,163,165,166,167,169,171,173,175,177,178,180,182,183,185,186,187,189,191,192,194,196,197,199,200,201,202,203,204,205,207,209,210,211,213,215,216,218,220,221,223,224,225,227,229,230,232,234,235,237,239,240,242,243,244,246,248,250,251,252,254,255,256,258,260,261,263,264,265,267,268,269,270,272,273,275,277,278,280,282,283,285,287,288,290,292,293,295,297,298,299,301,302,303,305,306,308,309,310,311,312,313,314,315,316,317,318,319,320,321,322,323,325,326,327,329,330,332,334,335,337,338,339,340,341,342,344,345,347,348,350,352,353,355,357,358,359,360,361,362,363,364,365,366,367,368,369,370,372,373,374,376,377,378,380,381,383,384,385,387,389,390,392,394,395,396,397,398,399,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423,424,425,426,427,428,429,430,431,432,433,435,436,437,439,441,443,444,446,448,449,451,452,453,454,455,456,457,458,459,460,461,462,463,464,465,466,467,468,469,470,471,472,473,474,475,477,478,479,481,482,483,485,486,487,489,490,491,492,493,494,495,496,497,499,500,501,502,503,505,506,507,509,511],{"file":53,"line":97,"context":98},44,"raw output",{"file":53,"line":100,"context":98},47,{"file":53,"line":102,"context":98},53,{"file":53,"line":104,"context":98},56,{"file":53,"line":106,"context":98},90,{"file":53,"line":108,"context":98},91,{"file":53,"line":108,"context":98},{"file":53,"line":111,"context":98},95,{"file":53,"line":113,"context":98},96,{"file":53,"line":113,"context":98},{"file":53,"line":116,"context":98},122,{"file":53,"line":118,"context":98},123,{"file":53,"line":118,"context":98},{"file":56,"line":121,"context":98},52,{"file":56,"line":123,"context":98},59,{"file":56,"line":125,"context":98},62,{"file":56,"line":127,"context":98},67,{"file":56,"line":129,"context":98},73,{"file":56,"line":31,"context":98},{"file":56,"line":132,"context":98},117,{"file":56,"line":134,"context":98},118,{"file":56,"line":134,"context":98},{"file":56,"line":137,"context":98},145,{"file":56,"line":139,"context":98},146,{"file":56,"line":139,"context":98},{"file":56,"line":142,"context":98},149,{"file":56,"line":144,"context":98},151,{"file":56,"line":144,"context":98},{"file":56,"line":147,"context":98},156,{"file":56,"line":149,"context":98},159,{"file":56,"line":151,"context":98},160,{"file":56,"line":151,"context":98},{"file":56,"line":154,"context":98},163,{"file":56,"line":156,"context":98},164,{"file":56,"line":156,"context":98},{"file":56,"line":159,"context":98},167,{"file":56,"line":161,"context":98},168,{"file":56,"line":161,"context":98},{"file":56,"line":164,"context":98},171,{"file":56,"line":72,"context":98},{"file":56,"line":72,"context":98},{"file":61,"line":168,"context":98},61,{"file":61,"line":170,"context":98},65,{"file":61,"line":172,"context":98},68,{"file":61,"line":174,"context":98},72,{"file":61,"line":176,"context":98},75,{"file":61,"line":29,"context":98},{"file":61,"line":179,"context":98},112,{"file":61,"line":181,"context":98},113,{"file":61,"line":181,"context":98},{"file":61,"line":184,"context":98},116,{"file":61,"line":132,"context":98},{"file":61,"line":132,"context":98},{"file":61,"line":188,"context":98},125,{"file":61,"line":190,"context":98},126,{"file":61,"line":190,"context":98},{"file":61,"line":193,"context":98},153,{"file":61,"line":195,"context":98},154,{"file":61,"line":195,"context":98},{"file":61,"line":198,"context":98},157,{"file":61,"line":149,"context":98},{"file":61,"line":149,"context":98},{"file":61,"line":159,"context":98},{"file":61,"line":161,"context":98},{"file":61,"line":161,"context":98},{"file":65,"line":121,"context":98},{"file":65,"line":206,"context":98},147,{"file":65,"line":208,"context":98},186,{"file":65,"line":80,"context":98},{"file":65,"line":80,"context":98},{"file":65,"line":212,"context":98},190,{"file":65,"line":214,"context":98},191,{"file":65,"line":214,"context":98},{"file":65,"line":217,"context":98},194,{"file":65,"line":219,"context":98},195,{"file":65,"line":219,"context":98},{"file":65,"line":222,"context":98},199,{"file":65,"line":11,"context":98},{"file":65,"line":11,"context":98},{"file":65,"line":226,"context":98},203,{"file":65,"line":228,"context":98},204,{"file":65,"line":228,"context":98},{"file":65,"line":231,"context":98},207,{"file":65,"line":233,"context":98},208,{"file":65,"line":233,"context":98},{"file":65,"line":236,"context":98},211,{"file":65,"line":238,"context":98},212,{"file":65,"line":238,"context":98},{"file":65,"line":241,"context":98},215,{"file":65,"line":69,"context":98},{"file":65,"line":69,"context":98},{"file":68,"line":245,"context":98},49,{"file":68,"line":247,"context":98},54,{"file":68,"line":249,"context":98},55,{"file":68,"line":104,"context":98},{"file":68,"line":123,"context":98},{"file":68,"line":253,"context":98},60,{"file":68,"line":168,"context":98},{"file":68,"line":125,"context":98},{"file":68,"line":257,"context":98},63,{"file":68,"line":259,"context":98},64,{"file":68,"line":170,"context":98},{"file":68,"line":262,"context":98},66,{"file":68,"line":127,"context":98},{"file":68,"line":172,"context":98},{"file":68,"line":266,"context":98},70,{"file":68,"line":174,"context":98},{"file":68,"line":29,"context":98},{"file":68,"line":118,"context":98},{"file":68,"line":271,"context":98},124,{"file":68,"line":271,"context":98},{"file":68,"line":274,"context":98},127,{"file":68,"line":276,"context":98},128,{"file":68,"line":276,"context":98},{"file":68,"line":279,"context":98},131,{"file":68,"line":281,"context":98},132,{"file":68,"line":281,"context":98},{"file":68,"line":284,"context":98},135,{"file":68,"line":286,"context":98},136,{"file":68,"line":286,"context":98},{"file":68,"line":289,"context":98},139,{"file":68,"line":291,"context":98},140,{"file":68,"line":291,"context":98},{"file":68,"line":294,"context":98},143,{"file":68,"line":296,"context":98},144,{"file":68,"line":296,"context":98},{"file":68,"line":206,"context":98},{"file":68,"line":300,"context":98},148,{"file":68,"line":300,"context":98},{"file":68,"line":144,"context":98},{"file":68,"line":304,"context":98},152,{"file":68,"line":304,"context":98},{"file":68,"line":307,"context":98},155,{"file":68,"line":147,"context":98},{"file":68,"line":147,"context":98},{"file":68,"line":149,"context":98},{"file":68,"line":151,"context":98},{"file":68,"line":151,"context":98},{"file":68,"line":154,"context":98},{"file":68,"line":156,"context":98},{"file":68,"line":156,"context":98},{"file":68,"line":159,"context":98},{"file":68,"line":161,"context":98},{"file":68,"line":161,"context":98},{"file":68,"line":164,"context":98},{"file":68,"line":72,"context":98},{"file":68,"line":72,"context":98},{"file":68,"line":63,"context":98},{"file":68,"line":324,"context":98},176,{"file":68,"line":324,"context":98},{"file":68,"line":57,"context":98},{"file":68,"line":328,"context":98},180,{"file":68,"line":328,"context":98},{"file":68,"line":331,"context":98},183,{"file":68,"line":333,"context":98},184,{"file":68,"line":333,"context":98},{"file":68,"line":336,"context":98},210,{"file":68,"line":236,"context":98},{"file":68,"line":236,"context":98},{"file":71,"line":102,"context":98},{"file":71,"line":253,"context":98},{"file":71,"line":259,"context":98},{"file":71,"line":343,"context":98},69,{"file":71,"line":266,"context":98},{"file":71,"line":346,"context":98},71,{"file":71,"line":174,"context":98},{"file":71,"line":349,"context":98},81,{"file":71,"line":351,"context":98},86,{"file":71,"line":188,"context":98},{"file":71,"line":354,"context":98},134,{"file":71,"line":356,"context":98},141,{"file":71,"line":296,"context":98},{"file":71,"line":137,"context":98},{"file":71,"line":137,"context":98},{"file":71,"line":300,"context":98},{"file":71,"line":142,"context":98},{"file":71,"line":142,"context":98},{"file":71,"line":304,"context":98},{"file":71,"line":193,"context":98},{"file":71,"line":193,"context":98},{"file":71,"line":147,"context":98},{"file":71,"line":198,"context":98},{"file":71,"line":198,"context":98},{"file":71,"line":151,"context":98},{"file":71,"line":371,"context":98},161,{"file":71,"line":371,"context":98},{"file":71,"line":156,"context":98},{"file":71,"line":375,"context":98},165,{"file":71,"line":375,"context":98},{"file":74,"line":100,"context":98},{"file":74,"line":379,"context":98},50,{"file":74,"line":249,"context":98},{"file":74,"line":382,"context":98},58,{"file":74,"line":253,"context":98},{"file":74,"line":257,"context":98},{"file":74,"line":386,"context":98},100,{"file":74,"line":388,"context":98},101,{"file":74,"line":388,"context":98},{"file":74,"line":391,"context":98},109,{"file":74,"line":393,"context":98},110,{"file":74,"line":393,"context":98},{"file":74,"line":181,"context":98},{"file":74,"line":83,"context":98},{"file":74,"line":83,"context":98},{"file":74,"line":134,"context":98},{"file":74,"line":400,"context":98},119,{"file":74,"line":400,"context":98},{"file":74,"line":116,"context":98},{"file":74,"line":118,"context":98},{"file":74,"line":118,"context":98},{"file":76,"line":168,"context":98},{"file":76,"line":170,"context":98},{"file":76,"line":172,"context":98},{"file":76,"line":174,"context":98},{"file":76,"line":176,"context":98},{"file":76,"line":29,"context":98},{"file":76,"line":179,"context":98},{"file":76,"line":181,"context":98},{"file":76,"line":181,"context":98},{"file":76,"line":184,"context":98},{"file":76,"line":132,"context":98},{"file":76,"line":132,"context":98},{"file":76,"line":188,"context":98},{"file":76,"line":190,"context":98},{"file":76,"line":190,"context":98},{"file":76,"line":193,"context":98},{"file":76,"line":195,"context":98},{"file":76,"line":195,"context":98},{"file":76,"line":198,"context":98},{"file":76,"line":149,"context":98},{"file":76,"line":149,"context":98},{"file":76,"line":159,"context":98},{"file":76,"line":161,"context":98},{"file":76,"line":161,"context":98},{"file":79,"line":125,"context":98},{"file":79,"line":170,"context":98},{"file":79,"line":266,"context":98},{"file":79,"line":174,"context":98},{"file":79,"line":434,"context":98},74,{"file":79,"line":29,"context":98},{"file":79,"line":31,"context":98},{"file":79,"line":438,"context":98},78,{"file":79,"line":440,"context":98},79,{"file":79,"line":442,"context":98},80,{"file":79,"line":349,"context":98},{"file":79,"line":445,"context":98},82,{"file":79,"line":447,"context":98},83,{"file":79,"line":351,"context":98},{"file":79,"line":450,"context":98},130,{"file":79,"line":279,"context":98},{"file":79,"line":279,"context":98},{"file":79,"line":354,"context":98},{"file":79,"line":284,"context":98},{"file":79,"line":284,"context":98},{"file":79,"line":294,"context":98},{"file":79,"line":296,"context":98},{"file":79,"line":296,"context":98},{"file":79,"line":206,"context":98},{"file":79,"line":300,"context":98},{"file":79,"line":300,"context":98},{"file":79,"line":304,"context":98},{"file":79,"line":193,"context":98},{"file":79,"line":193,"context":98},{"file":79,"line":147,"context":98},{"file":79,"line":198,"context":98},{"file":79,"line":198,"context":98},{"file":79,"line":151,"context":98},{"file":79,"line":371,"context":98},{"file":79,"line":371,"context":98},{"file":79,"line":156,"context":98},{"file":79,"line":375,"context":98},{"file":79,"line":375,"context":98},{"file":79,"line":161,"context":98},{"file":79,"line":476,"context":98},169,{"file":79,"line":476,"context":98},{"file":79,"line":72,"context":98},{"file":79,"line":480,"context":98},173,{"file":79,"line":480,"context":98},{"file":79,"line":324,"context":98},{"file":79,"line":484,"context":98},177,{"file":79,"line":484,"context":98},{"file":79,"line":328,"context":98},{"file":79,"line":488,"context":98},181,{"file":79,"line":488,"context":98},{"file":82,"line":97,"context":98},{"file":82,"line":100,"context":98},{"file":82,"line":379,"context":98},{"file":82,"line":102,"context":98},{"file":82,"line":247,"context":98},{"file":82,"line":104,"context":98},{"file":82,"line":108,"context":98},{"file":82,"line":498,"context":98},92,{"file":82,"line":498,"context":98},{"file":82,"line":111,"context":98},{"file":82,"line":113,"context":98},{"file":82,"line":113,"context":98},{"file":82,"line":504,"context":98},99,{"file":82,"line":386,"context":98},{"file":82,"line":386,"context":98},{"file":82,"line":508,"context":98},104,{"file":82,"line":510,"context":98},106,{"file":82,"line":510,"context":98},8,[],[],{"summary":516,"deductions":517},"The \"serenity-theme-extensions\" v1.1.2 plugin exhibits a strong security posture based on the provided static analysis. The absence of known vulnerabilities and the clean taint analysis are positive indicators.  Furthermore, the plugin demonstrates good development practices by avoiding dangerous functions, using prepared statements for all SQL queries, and handling file operations securely. The presence of capability checks is also a good sign for access control.\n\nHowever, a significant concern arises from the output escaping. With 565 total outputs, only 47% are properly escaped. This means a considerable number of outputs may be vulnerable to Cross-Site Scripting (XSS) attacks if the data being output originates from untrusted sources. While the attack surface appears minimal and there are no direct indications of unsanitized inputs in the taint analysis, unescaped output remains a critical pathway for potential XSS vulnerabilities. The lack of nonce checks, while not necessarily a direct vulnerability in itself without specific AJAX handlers or shortcodes, could be a missed opportunity for reinforcing security on any future endpoints that might be introduced.\n\nIn conclusion, the plugin is generally well-secured with no known historical vulnerabilities or critical code flaws. The primary weakness lies in the insufficient output escaping, which presents a tangible risk for XSS. The limited attack surface is a strength, but the unescaped output is a significant area that requires attention to achieve a more robust security profile.",[518],{"reason":519,"points":520},"Insufficient output escaping (47% properly escaped)",7,"2026-03-16T20:21:50.649Z",{"wat":523,"direct":530},{"assetPaths":524,"generatorPatterns":527,"scriptPaths":528,"versionParams":529},[525,526],"\u002Fwp-content\u002Fplugins\u002Fserenity-theme-extensions\u002Fcss\u002Fwidgets.css","\u002Fwp-content\u002Fplugins\u002Fserenity-theme-extensions\u002Fjs\u002Fadmin.js",[],[526],[],{"cssClasses":531,"htmlComments":541,"htmlAttributes":542,"restEndpoints":544,"jsGlobals":545,"shortcodeOutput":546},[532,533,534,535,536,537,538,539,540],"serenity-feature-widget","serenity-service-widget","serenity-testimonial-widget","serenity-team-widget","serenity-hero-widget","serenity-bar-widget","serenity-counter-widget","serenity-pricing-widget","serenity-showcase-widget",[],[543],"data-widget_name",[],[],[],{"error":548,"url":549,"statusCode":550,"statusMessage":551,"message":551},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fserenity-theme-extensions\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":553},[]]