[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_GWOtQG8k-hRZFHB2Pax-RJhvaB_5FxcdjlVs05Bu04":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":37,"fingerprints":91},"shrtfly-integration","WP ShrtFly Integration","1.6.0","Vincenzo","https:\u002F\u002Fprofiles.wordpress.org\u002Fvluongo\u002F","\u003Cp>WP ShrtFly Integration is a secure and optimized WordPress plugin that allows you to easily integrate ShrtFlyโ€™s monetization services into your website. This plugin provides a safe way to configure Full Page Script integration with comprehensive security measures and performance optimizations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>โœ… Secure integration with proper input sanitization\u003C\u002Fli>\n\u003Cli>โšก Optimized performance with proper WordPress standards\u003C\u002Fli>\n\u003Cli>๐ŸŽจ Modern admin interface with visual status indicators\u003C\u002Fli>\n\u003Cli>๐Ÿ”’ Enhanced security with capability checks and nonce verification\u003C\u002Fli>\n\u003Cli>๐Ÿ“ฑ Full AMP support for mobile pages\u003C\u002Fli>\n\u003Cli>๐ŸŒ Domain include\u002Fexclude functionality\u003C\u002Fli>\n\u003Cli>๐ŸŽฏ Support for different ad types (Mainstream\u002FAdult)\u003C\u002Fli>\n\u003Cli>๐Ÿงน Proper cleanup on plugin uninstall\u003C\u002Fli>\n\u003C\u002Ful>\n","Secure and optimized ShrtFly integration plugin with improved performance and enhanced security features.",0,966,"2025-10-03T19:53:00.000Z","6.3.8","5.0","7.4",[18,19,4,20,21],"shrtfly","shrtfly-dashboard","shrtfly-script-massive","shrtfly-stats","https:\u002F\u002Fwordpress-plugins.luongovincenzo.it\u002F#wp-shrtfly-integration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshrtfly-integration.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"vluongo",5,1530,94,30,90,"2026-04-04T19:39:03.862Z",[],{"attackSurface":38,"codeSignals":69,"taintFlows":81,"riskAssessment":82,"analyzedAt":90},{"hooks":39,"ajaxHandlers":65,"restRoutes":66,"shortcodes":67,"cronEvents":68,"entryPointCount":11,"unprotectedCount":11},[40,46,50,53,57,61],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","wp_enqueue_scripts","gen_script","index.php",50,{"type":41,"name":47,"callback":48,"file":44,"line":49},"admin_menu","create_admin_menu",51,{"type":41,"name":51,"callback":51,"file":44,"line":52},"admin_enqueue_scripts",53,{"type":41,"name":54,"callback":55,"file":44,"line":56},"amp_post_template_head","gen_amp_script",64,{"type":41,"name":58,"callback":59,"file":44,"line":60},"admin_init","_registerOptions",141,{"type":41,"name":62,"callback":63,"file":44,"line":64},"plugins_loaded","wp_shrtfly_integration_init",488,[],[],[],[],{"dangerousFunctions":70,"sqlUsage":71,"outputEscaping":73,"fileOperations":75,"externalRequests":11,"nonceChecks":11,"capabilityChecks":30,"bundledLibraries":80},[],{"prepared":11,"raw":11,"locations":72},[],{"escaped":74,"rawEcho":75,"locations":76},31,1,[77],{"file":44,"line":78,"context":79},192,"raw output",[],[],{"summary":83,"deductions":84},"The shrtfly-integration plugin v1.6.0 exhibits a generally strong security posture based on the provided static analysis. The plugin has no known vulnerabilities (CVEs) and has a clean history, suggesting good development practices and consistent security maintenance. The static analysis reveals a commendably small attack surface with zero AJAX handlers, REST API routes, shortcodes, or cron events exposed, which significantly reduces the potential for external exploitation. Furthermore, the code demonstrates a commitment to secure coding by using prepared statements for all SQL queries and properly escaping a very high percentage (97%) of its outputs. Capability checks are in place, further bolstering its defense.\n\nDespite the strong showing, there are minor areas for consideration. The presence of one file operation without further context is a potential area of concern, as is the complete absence of nonce checks. While the attack surface is small, any entry point without proper authentication or validation can become a vector. The lack of any taint analysis flows analyzed is also a neutral observation; it doesn't indicate a problem but means this specific aspect of security hasn't been thoroughly tested by this analysis. In conclusion, the plugin appears to be developed with security in mind, but the file operation and the complete lack of nonce checks, even with a minimal attack surface, warrant a slight reduction in the perfect score.",[85,87],{"reason":86,"points":30},"Missing nonce checks",{"reason":88,"points":89},"File operation without context",3,"2026-03-17T07:27:14.489Z",{"wat":92,"direct":101},{"assetPaths":93,"generatorPatterns":97,"scriptPaths":98,"versionParams":100},[94,95,96],"\u002Fwp-content\u002Fplugins\u002Fshrtfly-integration\u002Fassets\u002Fjs\u002Fvendor\u002Fjquery\u002Fdist\u002Fjquery.min.js","\u002Fwp-content\u002Fplugins\u002Fshrtfly-integration\u002Fassets\u002Fjs\u002Fadmin-script.js","\u002Fwp-content\u002Fplugins\u002Fshrtfly-integration\u002Fassets\u002Fcss\u002Fadmin-style.css",[],[99],"https:\u002F\u002Fshrtfly.com\u002Fjs\u002Ffull-page-script.js",[],{"cssClasses":102,"htmlComments":104,"htmlAttributes":106,"restEndpoints":110,"jsGlobals":111,"shortcodeOutput":117},[103],"shrtfly-integration-wrap",[105,105],"This is an AMP-compatible header",[107,108,109],"data-url","data-api-token","data-advert",[],[112,113,114,115,116],"app_domains","app_exclude_domains","app_url","app_api_token","app_advert",[]]