[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ftTF-9QR0SLuMBTZr72_bMrwFGUWQ43TD3LA5cDn3Pqo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":143,"fingerprints":303},"server-status","Server Status","0.1.2","Daisuke Takahashi","https:\u002F\u002Fprofiles.wordpress.org\u002Fextendwings\u002F","\u003Cp>\u003Cem>Do you want to monitor your server without using SSH?\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cem>Don’t you know how to use difficult commands? (looks like a spell!)\u003C\u002Fem>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>OK! Leave all to this plugin!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>“Server Status” adds widget like ‘uptime’ command in Dashboard and Network Admin Dashboard.\u003C\u002Fp>\n\u003Ch3>Notice\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Currently, only RHEL\u002FCentOS is tested.\u003C\u002Fstrong> And OS X is tesing now! (The number of tested OS will increase shortly.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PECL Zend OPcache users\u003C\u002Fstrong>, \u003Cem>please add server-status.php\u003C\u002Fem> to black list! Otherwise, there must be segmentation fault.\u003Cbr \u002F>\nThis troublesome process isn’t required on PHP5.5!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP 5.2 users\u003C\u002Fstrong>, your version of PHP is no longer supported.(\u003Ca href=\"http:\u002F\u002Fwww.php.net\u002Feol.php\" rel=\"nofollow ugc\">Detail\u003C\u002Fa>) If you’re using such older version, this plugin nags at it!\u003C\u002Fli>\n\u003C\u002Ful>\n","Show server information widget in Dashboard and Network Admin Dashboard.(Currently, only RHEL is tested)",70,3446,100,2,"2014-08-30T20:55:00.000Z","4.0.38","3.8","",[20,21,22,23,24],"linux","load-average","server","status","uptime","http:\u002F\u002Fwww.extendwings.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fserver-status.0.1.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"extendwings",6,270,30,84,"2026-04-04T14:37:18.851Z",[40,60,82,101,121],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":18,"tags":55,"homepage":58,"download_link":59,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-server","WP Server","2.2.3","nabtron","https:\u002F\u002Fprofiles.wordpress.org\u002Fnabtron\u002F","\u003Cp>Show average server load and uptime of your linux server on top in admin panel. It contains three values, first one is the load average for last 15 minutes, second one is for 5 minutes, third one is for last 1 minute.\u003C\u002Fp>\n\u003Cp>Now you can easily monitor your server load in real time whenever you want without installing any script or moving out of your wordpress admin panel.\u003C\u002Fp>\n\u003Cp>Options include turn off, on or legacy mode.\u003C\u002Fp>\n\u003Cp>It shows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>3 averages for server load\u003C\u002Fli>\n\u003Cli>server uptime in days and hours\u003C\u002Fli>\n\u003Cli>Memory usage in %age\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If useful – Future versions are planned to have more options, so please leave a feedback\u003C\u002Fp>\n\u003Cp>Found a bug or have a feature request ? \u003Ca href=\"https:\u002F\u002Fnabtron.com\u002Fwp-server-plugin\u002F\" rel=\"nofollow ugc\">Report here\u003C\u002Fa>\u003C\u002Fp>\n","Show average server load and uptime of your linux server on top in admin panel",20,10402,96,4,"2024-03-09T20:50:00.000Z","6.4.8","4.4",[56,22,23,57],"load","uptime-linux","https:\u002F\u002Fnabtron.com\u002Fwp-server-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-server.2.2.3.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":80,"download_link":81,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"server-info","Server Info","0.0.1","Usman Ali Qureshi","https:\u002F\u002Fprofiles.wordpress.org\u002Fusmanaliqureshi\u002F","\u003Cp>This plugin will show you useful information about the hosting server you are using e.g. PHP version, MySQL version, Server OS, Server Protocol, Server IP and other useful information. You can use the information displayed by this plugin to update any settings which is crucial for your website performance and other aspects.\u003C\u002Fp>\n\u003Cp>You will see the information about:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP Version\u003C\u002Fli>\n\u003Cli>Operating System\u003C\u002Fli>\n\u003Cli>Server IP\u003C\u002Fli>\n\u003Cli>Server Hostname\u003C\u002Fli>\n\u003Cli>MySQL Version\u003C\u002Fli>\n\u003Cli>System Uptime\u003C\u002Fli>\n\u003Cli>Active Theme\u003C\u002Fli>\n\u003Cli>Active Plugins\u003C\u002Fli>\n\u003Cli>Database Name\u003C\u002Fli>\n\u003Cli>Database Username\u003C\u002Fli>\n\u003Cli>Database Hostname\u003C\u002Fli>\n\u003Cli>Database Charset\u003C\u002Fli>\n\u003Cli>Database Collate\u003C\u002Fli>\n\u003Cli>WordPress Debugging (Enabled\u002FDisabled)\u003C\u002Fli>\n\u003Cli>WordPress Memory Limit\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please rate the Plugin if you find it useful, thanks.\u003C\u002Fp>\n","This plugin will show you very useful information about your hosting server such as PHP version, Server OS, Server IP etc.",3000,56532,72,10,"2025-05-19T05:40:00.000Z","6.8.5","5.2","7.3",[77,78,61,4,79],"admin","dashboard","widget","https:\u002F\u002Fgithub.com\u002Fusmanaliqureshi\u002Fserver-info","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fserver-info.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":13,"num_ratings":14,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":18,"download_link":100,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"my-website-is-online-uptime-monitoring","Uptime Monitoring for WordPress – My Website is Online","1.0.1","santerref","https:\u002F\u002Fprofiles.wordpress.org\u002Fsanterref\u002F","\u003Cp>This plugin simplifies how you can add for you by giving you a configuration page to put the code.\u003C\u002Fp>\n\u003Cp>Once installed, a new REST API route will be created to output the code: wp-json\u002Fmywebsiteisonline\u002Fv1\u002Fverify\u003C\u002Fp>\n\u003Cp>Trusted by developers from all around the world.\u003C\u002Fp>\n\u003Ch4>My Website is Online features\u003C\u002Fh4>\n\u003Cp>Receive a notification as soon as a problem is detected on your website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>1-minute checks\u003C\u002Fli>\n\u003Cli>Unlimited monitors\u003C\u002Fli>\n\u003Cli>SMS alerts\u003C\u002Fli>\n\u003Cli>Unlimited email alerts\u003C\u002Fli>\n\u003Cli>HTTP headers and status\u003C\u002Fli>\n\u003Cli>Response time monitoring (TTFB)\u003C\u002Fli>\n\u003Cli>SSL certificate checks\u003C\u002Fli>\n\u003Cli>Multi-factor authentication\u003C\u002Fli>\n\u003Cli>12 months log retention\u003C\u002Fli>\n\u003Cli>Multiple email recipients\u003C\u002Fli>\n\u003Cli>Domain expiration monitoring\u003C\u002Fli>\n\u003Cli>Google Web Risk\u003C\u002Fli>\n\u003Cli>DNS records monitoring\u003C\u002Fli>\n\u003Cli>Slack integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To learn more about My Website is Online visit: \u003Ca href=\"https:\u002F\u002Fmywebsiteisonline.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fmywebsiteisonline.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n","My Website is Online is a Web service that monitors your website every minute to check if it's down. Don’t let downtimes impact your business.",600,7371,"2023-07-27T03:53:00.000Z","6.0.11","5.0","7.0",[97,22,98,99,24],"monitoring","sms","speed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-website-is-online-uptime-monitoring.1.0.1.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":13,"num_ratings":14,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":119,"download_link":120,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"atec-system-info","atec System Info","1.2.31","docjojo","https:\u002F\u002Fprofiles.wordpress.org\u002Fdocjojo\u002F","\u003Cp>This plugin provides detailed system information, such as operating system, server, memory, PHP and database details. It will also show PHPinfo, php.ini and PHP extensions.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>Once, when activating the plugin, an integrity check is requested from our server – if you give your permission.\u003Cbr \u002F>\nSource: https:\u002F\u002Fatecplugins.com\u002F\u003Cbr \u002F>\nPrivacy policy: https:\u002F\u002Fatecplugins.com\u002Fprivacy-policy\u002F\u003C\u002Fp>\n\u003Cp>This plugin requests the server geo location (country, city) by sending the server IPinfo, a IP2GEO location service at to https:\u002F\u002Fipinfo.io\u002F.\u003Cbr \u002F>\nPrivacy policy: https:\u002F\u002Fipinfo.io\u002Fprivacy-policy\u003Cbr \u002F>\nTerms: https:\u002F\u002Fipinfo.io\u002Fterms-of-service\u003C\u002Fp>\n","atec System Info (Operating system, server, memory, PHP and database details)",200,11491,"2025-12-18T09:33:00.000Z","6.9.4","4.9","7.4",[116,117,118],"highly-detailed-system-information-system-health-status","memory-db-and-comprehensive-server-and-php-configuration-details","server-info-os","https:\u002F\u002Fatecplugins.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fatec-system-info.1.2.31.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":13,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":140,"download_link":141,"security_score":142,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"atr-server-status","ATR Server Status","1.5.1","rehhoff","https:\u002F\u002Fprofiles.wordpress.org\u002Frehhoff\u002F","\u003Cp>\u003Cstrong>Important notice\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin is no longer in active development, do not use in high-availability environments.\u003C\u002Fp>\n\u003Cp>Simple, efficient, ad- and bloatfree plugin for testing whether or not a given server address is up for just you, or everyone else on a given port and protocol.\u003Cbr \u002F>\nServers & services are checked in real-time whenever a user requests to view the page where the shortcode is inserted.\u003C\u002Fp>\n\u003Cp>Intuitive interface, makes is really easy to maintain servers & services to check.\u003C\u002Fp>\n\u003Cp>You have the ability to filter\u002Fhook the message displayed to the user through functions.php in your theme folder.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( \"atr_server_success_message\", function($message, $server) {\n    return $server->humanname.\" appears to be working alrstight.\";\n}, 10, 2);\n\nadd_filter( \"atr_server_error_message\", function($message, $server) {\n    return $server->humanname.\" is down.\";\n}, 10, 2);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also use the filter “atr_perm_administer_servers” to alter the permission being used to check access rights.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( \"atr_perm_administer_servers\", function( $permission ) {\n    $permission = \"editor\";\n    return $permission;\n} );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Shortcode Examples\u003C\u002Fh3>\n\u003Cp>Displays all servers entered in wp-admin\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[server-status]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display server by certain id\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[server-status id=\"X\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display servers by multiple id’s\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[server-status id=\"X,X,X\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Excludes certain posts from display, only works if ‘id’ is not set.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[server-status exclude=\"X\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Supports most common protocols (TCP, UDP, HTTP, HTTPS) (FTP is on the todo)\u003C\u002Fli>\n\u003Cli>Define a human friendly readable name for display\u003C\u002Fli>\n\u003Cli>Define hostname\u003C\u002Fli>\n\u003Cli>Define port\u003C\u002Fli>\n\u003Cli>Define timeout in seconds\u003C\u002Fli>\n\u003Cli>Define protocol\u003C\u002Fli>\n\u003Cli>Drag’n’drop ordering\u003C\u002Fli>\n\u003Cli>Edit and delete servers\u002Fservices\u003C\u002Fli>\n\u003Cli>Shortcodes for checking one or more servers frontend\u003C\u002Fli>\n\u003Cli>Simple, clear and well explained settings page\u003C\u002Fli>\n\u003Cli>Filter available configurations\u003C\u002Fli>\n\u003Cli>Settings page with various configrations to suit your needs\u003C\u002Fli>\n\u003Cli>Possible to disable\u002Fenable servers and services\u003C\u002Fli>\n\u003Cli>Includes a widget for displaying servers in sidebars\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Is this plugin for you?\u003C\u002Fh3>\n\u003Cp>If you’re looking for a full fledged server monitoring tool, no. Consider using thirdparty software such as \u003Ca href=\"https:\u002F\u002Fzabbix.org\u002Fwiki\u002FMain_Page\" rel=\"nofollow ugc\">zabbix instead\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Otherwise, if you just want to provide a service, for your users\u002Fvisitors to check whether or not one or more of your servers is running healthy then yes, this is for you.\u003C\u002Fp>\n\u003Ch3>Feature requests\u003C\u002Fh3>\n\u003Cp>Think this plugin is missing a feature? I’ll gladly discuss any feature requests sent to me either through the wordpress support forums, or via my contact formular.\u003C\u002Fp>\n\u003Cp>Keep in mind, features must be able to fit seamlessly with the core wordpress UI, and must not be intrusive, or considered adware.\u003C\u002Fp>\n\u003Ch3>Got a question?\u003C\u002Fh3>\n\u003Cp>If you have any questions not answered here, do feel free to \u003Ca href=\"https:\u002F\u002Frehhoff.me\u002Fcontact\" rel=\"nofollow ugc\">send me an email\u003C\u002Fa> and I’ll do my best to answer you within 48 hours.\u003C\u002Fp>\n\u003Cp>Response time is usually faster if you send me a mail, instead of using the wordpress support forums.\u003C\u002Fp>\n","Important notice",7999,86,11,"2024-10-08T13:52:00.000Z","5.8.13","4.0","5.6",[137,138,22,4,139],"check-server","check-service","service-status","http:\u002F\u002Frehhoff.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fatr-server-status.1.5.1.zip",92,{"attackSurface":144,"codeSignals":168,"taintFlows":255,"riskAssessment":282,"analyzedAt":302},{"hooks":145,"ajaxHandlers":164,"restRoutes":165,"shortcodes":166,"cronEvents":167,"entryPointCount":28,"unprotectedCount":28},[146,152,155,158,161],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","wp_dashboard_setup","init","server-status.php",14,{"type":147,"name":153,"callback":149,"file":150,"line":154},"wp_network_dashboard_setup",16,{"type":147,"name":156,"callback":24,"file":150,"line":157},"fetch",176,{"type":147,"name":156,"callback":159,"file":150,"line":160},"users",177,{"type":147,"name":156,"callback":162,"file":150,"line":163},"loadavg",178,[],[],[],[],{"dangerousFunctions":169,"sqlUsage":225,"outputEscaping":231,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":254},[170,174,177,180,183,186,189,192,195,198,201,204,207,211,214,217,220,222],{"fn":171,"file":150,"line":172,"context":173},"shell_exec",40,"$data['uptime'] = @shell_exec('uptime 2>&1');",{"fn":171,"file":150,"line":175,"context":176},41,"$data['proc']['uptime'] = @shell_exec('cat \u002Fproc\u002Fuptime 2>&1');",{"fn":171,"file":150,"line":178,"context":179},42,"$data['proc']['loadavg'] = @shell_exec('cat \u002Fproc\u002Floadavg 2>&1');",{"fn":171,"file":150,"line":181,"context":182},43,"$data['w'] = @shell_exec('w 2>&1');",{"fn":171,"file":150,"line":184,"context":185},44,"$data['w_hs'] = @shell_exec('w -hs 2>&1');",{"fn":171,"file":150,"line":187,"context":188},45,"$data['who'] = @shell_exec('who 2>&1');",{"fn":171,"file":150,"line":190,"context":191},46,"$data['who_am_i'] = @shell_exec('who am i 2>&1');",{"fn":171,"file":150,"line":193,"context":194},47,"$data['whoami'] = @shell_exec('whoami 2>&1');",{"fn":171,"file":150,"line":196,"context":197},48,"$data['id_un'] = @shell_exec('id -un 2>&1');",{"fn":171,"file":150,"line":199,"context":200},49,"$data['users'] = @shell_exec('users 2>&1');",{"fn":171,"file":150,"line":202,"context":203},50,"$data['uname'] = @shell_exec('uname 2>&1');",{"fn":171,"file":150,"line":205,"context":206},51,"$data['uname_a'] = @shell_exec('uname -a 2>&1');",{"fn":208,"file":150,"line":209,"context":210},"exec",285,"$this->data['uptime'] = @exec('cat \u002Fproc\u002Fuptime');",{"fn":208,"file":150,"line":212,"context":213},297,"$this->data['users'] = @exec('users');",{"fn":208,"file":150,"line":215,"context":216},304,"$this->data['loadavg'] = @exec('cat \u002Fproc\u002Floadavg');",{"fn":208,"file":150,"line":218,"context":219},326,"$this->data['boottime'] = @exec('sysctl kern.boottime');",{"fn":208,"file":150,"line":221,"context":213},341,{"fn":208,"file":150,"line":223,"context":224},348,"$this->data['loadavg'] = @exec('sysctl vm.loadavg');",{"prepared":28,"raw":226,"locations":227},1,[228],{"file":229,"line":151,"context":230},"uninstall.php","$wpdb->get_col() with variable interpolation",{"escaped":226,"rawEcho":131,"locations":232},[233,236,238,240,241,243,245,247,249,250,252],{"file":150,"line":234,"context":235},62,"raw output",{"file":150,"line":237,"context":235},65,{"file":150,"line":239,"context":235},68,{"file":150,"line":70,"context":235},{"file":150,"line":242,"context":235},73,{"file":150,"line":244,"context":235},74,{"file":150,"line":246,"context":235},75,{"file":150,"line":248,"context":235},76,{"file":150,"line":13,"context":235},{"file":150,"line":251,"context":235},105,{"file":150,"line":253,"context":235},128,[],[256,273],{"entryPoint":257,"graph":258,"unsanitizedCount":226,"severity":272},"display (server-status.php:30)",{"nodes":259,"edges":269},[260,264],{"id":261,"type":262,"label":263,"file":150,"line":248},"n0","source","$_SERVER['SERVER_SOFTWARE']",{"id":265,"type":266,"label":267,"file":150,"line":248,"wp_function":268},"n1","sink","echo() [XSS]","echo",[270],{"from":261,"to":265,"sanitized":271},false,"medium",{"entryPoint":274,"graph":275,"unsanitizedCount":226,"severity":281},"\u003Cserver-status> (server-status.php:0)",{"nodes":276,"edges":279},[277,278],{"id":261,"type":262,"label":263,"file":150,"line":248},{"id":265,"type":266,"label":267,"file":150,"line":248,"wp_function":268},[280],{"from":261,"to":265,"sanitized":271},"low",{"summary":283,"deductions":284},"The \"server-status\" plugin, in version 0.1.2, presents a mixed security posture.  On one hand, it boasts a seemingly small attack surface with no AJAX handlers, REST API routes, shortcodes, or cron events exposed. This lack of direct entry points is a positive sign for preventing common web attack vectors.\n\nHowever, significant concerns arise from the code analysis. The presence of dangerous functions like `shell_exec` and `exec`, coupled with a complete absence of capability checks and nonce checks, indicates a high risk of remote code execution or privilege escalation if any of these functions are ever exposed to user input, even indirectly. The single SQL query is also not using prepared statements, which is a minor risk but still a deviation from best practices. The low percentage of properly escaped output is another area of concern, potentially leading to cross-site scripting vulnerabilities.\n\nThe plugin's vulnerability history is notably clean, with no recorded CVEs. This could indicate either a well-written plugin or simply a lack of historical scrutiny. While the absence of past vulnerabilities is encouraging, it doesn't negate the significant risks identified in the static analysis, particularly the dangerous function usage without any apparent security controls. The taint analysis, while showing no critical or high severity flows, did reveal two unsanitized paths, suggesting that internal data handling might still be susceptible to manipulation.",[285,288,291,294,297,299],{"reason":286,"points":287},"Dangerous functions (shell_exec, exec) without auth\u002Fchecks",18,{"reason":289,"points":290},"SQL query without prepared statements",8,{"reason":292,"points":293},"Low percentage of properly escaped output",7,{"reason":295,"points":296},"No capability checks",15,{"reason":298,"points":71},"No nonce checks",{"reason":300,"points":301},"Taint flows with unsanitized paths",5,"2026-03-16T21:33:54.468Z",{"wat":304,"direct":309},{"assetPaths":305,"generatorPatterns":306,"scriptPaths":307,"versionParams":308},[],[],[],[],{"cssClasses":310,"htmlComments":311,"htmlAttributes":312,"restEndpoints":313,"jsGlobals":314,"shortcodeOutput":315},[],[],[],[],[],[316],"\u003Cp>Thank you for using \u003Cspan style=\"font-style:italic !important;\">WP Server Status\u003C\u002Fspan> plugin!\u003C\u002Fp>"]