[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1e_nSdQDRNouw0PUNj-phFW_Rcnj3DD-24vl1wdDDt0":3,"$fgyP8H8fcQ69k0xXhWtGGG7_Ma5E5W4jNMgs3jnPXZjk":254,"$fkVVRbPnEavH72iGNi1zOY0DEGPRzyyeCmcgw8XHomQQ":259},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":121,"fingerprints":228},"simple-contacts-manager","Simple Contacts Manager","1.3.1","Earl Evan Amante","https:\u002F\u002Fprofiles.wordpress.org\u002Fraeven\u002F","\u003Cp>A simple contact manager for your personal and business use. Multiple contact groups can be created to manage your contacts easier. You may also print the contact easily in a page\u002Fpost or anywhere on the page. And as a plus, it includes easy input for your Google Analytics ID, and an option to add the Analytics codes to your site.\u003C\u002Fp>\n\u003Cp>Add a contact group for you or your business, if you have more than 1 branch, then add more contact groups!  Simple to use, simple to love.\u003C\u002Fp>\n","A simple contact manager for your personal and business use.",20,1727,60,2,"2015-07-29T12:54:00.000Z","4.2.39","3.0.1","",[20,21,22,23,24],"contact-manager","contacts","google-analytics","tool","wordpress-org","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-contacts-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-contacts-manager.1.3.1.zip",85,0,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":27,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"raeven",4,70,30,84,"2026-05-20T00:34:24.478Z",[41,62,73,94,109],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":37,"downloaded":49,"rating":28,"num_ratings":28,"last_updated":50,"tested_up_to":51,"requires_at_least":18,"requires_php":52,"tags":53,"homepage":58,"download_link":59,"security_score":60,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":61},"contacts-bmlt","Contacts BMLT","1.3.2","pjaudiomv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpjaudiomv\u002F","\u003Cp>Contacts BMLT is a plugin that displays helpline and website information about service bodies using the contacts_bmlt shortcode.\u003C\u002Fp>\n\u003Cp>SHORTCODE\u003Cbr \u002F>\nBasic: [contacts_bmlt]\u003Cbr \u002F>\nAttributes: root_server, display_type, parent_id, show_description, show_email, show_url_in_name, show_tel_url, show_full_url, show_all_services, show_locations\u003C\u002Fp>\n\u003Cp>— Most Shortcode parameters can be combined\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>A minimum of root_server needs to be set.\u003C\u002Fp>\n\u003Cp>Ex. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>display_type\u003C\u002Fstrong> To change the display type add display_type=\"table\" there are two different types \u003Cstrong>table\u003C\u002Fstrong>, \u003Cstrong>block\u003C\u002Fstrong> the default is table.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" display_type=\"table\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>parent_id\u003C\u002Fstrong> This will only display service bodies who has set parent_id.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" parent_id=\"22\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_description\u003C\u002Fstrong> This will display the service bodies description underneath the name if set.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" show_description=\"1\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_email\u003C\u002Fstrong> This will display the service bodies contact email underneath the name if set.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" show_email=\"1\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_url_in_name\u003C\u002Fstrong> This will add a link to the service body name, this is the default action. To remove the url from the service body name add show_url_in_name=\"0quot;.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" show_url_in_name=\"0\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_tel_url\u003C\u002Fstrong> This will add a tel link to the telephone number. Default is to not add it.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" show_tel_url=\"1\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_full_url\u003C\u002Fstrong> This will add a separate column or div with the full url displayed. Default is to not add it.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" show_full_url=\"1\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_all_services\u003C\u002Fstrong> This will display all service bodies regardless of whether they have their phone or URL field filled out. The default is not to display them.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" show_all_services=\"1\"]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_locations\u003C\u002Fstrong> This will display a list of locations below the service body name. Accepted values are location_neighborhood, location_city_subsection, location_municipality, location_sub_province.\u003Cbr \u002F>\nEx. [contacts_bmlt root_server=\"https:\u002F\u002Fwww.domain.org\u002Fmain_server\" show_locations=\"location_municipality\"]\u003C\u002Fp>\n\u003Ch3>EXAMPLES\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsca.charlestonna.org\u002Fregion-contacts\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fsca.charlestonna.org\u002Fregion-contacts\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>MORE INFORMATION\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbmlt-enabled\u002Fcontacts-bmlt\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fbmlt-enabled\u002Fcontacts-bmlt\u003C\u002Fa>\u003C\u002Fp>\n","Contacts BMLT is a plugin that displays helpline and website information about service bodies using the contacts_bmlt shortcode.",1979,"2025-04-18T15:37:00.000Z","6.3.8","8.0",[54,55,21,56,57],"basic-meeting-list-toolbox","bmlt","na","narcotics-anonymous","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontacts-bmlt\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontacts-bmlt.1.3.2.zip",92,"2026-04-16T10:56:18.058Z",{"slug":63,"name":64,"version":6,"author":7,"author_profile":8,"description":65,"short_description":66,"active_installs":37,"downloaded":67,"rating":13,"num_ratings":14,"last_updated":68,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":69,"homepage":71,"download_link":72,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-taxonomy-wysiwyg","Simple Taxonomy WYSIWYG","\u003Cp>This is a very simple plugin that will convert the taxonomy\u002Fcategory description textarea to a WYSIWYG (TinyMCE) form.\u003Cbr \u002F>\nOnce active, it will convert the textarea field in the create new and edit page of a taxonomy\u002Fcategory to a WYSIWYG or standard WP content form.\u003C\u002Fp>\n","A very simple plugin that will convert the taxonomy\u002Fcategory description textarea to a WYSIWYG (TinyMCE) form.",2544,"2015-07-29T13:06:00.000Z",[70,23,24],"taxonomy","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-taxonomy-wysiwyg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-taxonomy-wysiwyg.1.3.1.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":11,"downloaded":81,"rating":82,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":87,"tags":88,"homepage":18,"download_link":93,"security_score":82,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":61},"sitestats-analytics","SiteStats Analytics – Google Analytics, Bing Webmaster & Search Console","1.5.2","Quicksnail Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fquicksnail\u002F","\u003Ch4>WordPress Analytics Plugin with GA4, Search Console & Bing\u003C\u002Fh4>\n\u003Cp>Drag-and-drop WordPress analytics dashboard that combines data from Google Analytics, Search Console, Bing, WordPress, WooCommerce & others.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FtZ2-8bW5-fA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>SiteStats Analytics provides a unified analytics dashboard directly in your WordPress admin.\u003C\u002Fp>\n\u003Cp>Instead of jumping between multiple external tools, SiteStats lets you view key metrics from Google Analytics, Google Search Console, Bing Webmaster Tools, WooCommerce & WordPress itself in one place with flexible charts, KPIs and tables.\u003C\u002Fp>\n\u003Cp>Built for site owners, developers and agencies who want fast insights without unnecessary complexity.\u003C\u002Fp>\n\u003Ch3>Analytics Dashboard Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Customizable dashboard\n\u003Cul>\n\u003Cli>Drag-and-drop modules\u003C\u002Fli>\n\u003Cli>Line charts, bar charts, tables and KPI cards\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Google Analytics (GA4) integration\n\u003Cul>\n\u003Cli>Sessions, users, traffic sources and more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Google Search Console integration\n\u003Cul>\n\u003Cli>Search queries, clicks, impressions and CTR\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Bing Webmaster Tools integration\n\u003Cul>\n\u003Cli>Search queries, clicks, impressions and CTR\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>WordPress analytics\n\u003Cul>\n\u003Cli>New posts, new users, comments and publishing activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>WooCommerce analytics\n\u003Cul>\n\u003Cli>Revenue, orders, top products, order status & more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Flexible date ranges\n\u003Cul>\n\u003Cli>Presets like last 7\u002F30\u002F90 days\u003C\u002Fli>\n\u003Cli>Custom date selection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Role-based access\n\u003Cul>\n\u003Cli>Control who can view dashboards and manage settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Performance-conscious\n\u003Cul>\n\u003Cli>Server-side query limiting\u003C\u002Fli>\n\u003Cli>Built-in caching for analytics queries\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Bing Webmaster Tools WordPress Dashboard\u003C\u002Fh3>\n\u003Cp>SiteStats Analytics includes a built-in Bing Webmaster Tools connector, allowing you to view Bing search performance data directly inside your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>Instead of logging into Bing Webmaster separately, you can monitor:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bing search queries\u003C\u002Fli>\n\u003Cli>Clicks from Bing search\u003C\u002Fli>\n\u003Cli>Impressions in Bing\u003C\u002Fli>\n\u003Cli>Click-through rate (CTR)\u003C\u002Fli>\n\u003Cli>Average position in Bing results\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you are looking for a Bing analytics WordPress plugin or a way to display Bing Webmaster data inside WordPress, SiteStats provides a simple dashboard-based solution.\u003C\u002Fp>\n\u003Cp>This is especially useful for site owners who want visibility into both Google and Bing search performance without switching platforms.\u003C\u002Fp>\n\u003Ch3>Google Search Console WordPress Dashboard\u003C\u002Fh3>\n\u003Cp>SiteStats connects to Google Search Console and displays search performance data inside WordPress.\u003C\u002Fp>\n\u003Cp>You can view:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Search queries\u003C\u002Fli>\n\u003Cli>Total clicks\u003C\u002Fli>\n\u003Cli>Impressions\u003C\u002Fli>\n\u003Cli>Average position\u003C\u002Fli>\n\u003Cli>Click-through rate (CTR)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you are searching for a Search Console WordPress plugin or a way to show Google Search Console data in the WordPress admin area, SiteStats provides a flexible dashboard builder for creating custom Search Console reports.\u003C\u002Fp>\n\u003Cp>You can combine Search Console data with Google Analytics, Bing, WooCommerce and WordPress metrics in one unified dashboard.\u003C\u002Fp>\n\u003Ch3>Multi-Source Analytics for WordPress\u003C\u002Fh3>\n\u003Cp>Most analytics plugins focus on a single platform. SiteStats is designed as a multi-source analytics plugin for WordPress.\u003C\u002Fp>\n\u003Cp>You can combine data from:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Analytics (GA4)\u003C\u002Fli>\n\u003Cli>Google Search Console\u003C\u002Fli>\n\u003Cli>Bing Webmaster Tools\u003C\u002Fli>\n\u003Cli>WordPress core activity\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>Additional connectors (Pro)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This makes SiteStats suitable for developers, agencies and site owners who want a unified analytics dashboard inside WordPress rather than relying on multiple separate plugins.\u003C\u002Fp>\n\u003Ch3>Free vs Pro\u003C\u002Fh3>\n\u003Cp>The free version includes core analytics and WordPress data sources.\u003C\u002Fp>\n\u003Cp>A Pro add-on is available which unlocks additional connectors and advanced features.\u003C\u002Fp>\n\u003Cp>Learn more about SiteStats Pro:\u003Cbr \u002F>\nhttps:\u002F\u002Fsitestatswp.com\u002Fpricing\u003C\u002Fp>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Activate the plugin\u003C\u002Fli>\n\u003Cli>Open SiteStats \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings\u003C\u002Fli>\n\u003Cli>Configure global settings such as:\n\u003Cul>\n\u003Cli>Default date range\u003C\u002Fli>\n\u003Cli>User roles with access\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Connect Google services if required\u003C\u002Fli>\n\u003Cli>Add, remove or rearrange dashboard modules\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Each module can be customized to show specific metrics and visuals.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services to authenticate with Google and to retrieve analytics data for display inside WordPress. These connections are only used if you choose to enable the relevant features.\u003C\u002Fp>\n\u003Cp>To connect a Google account, the plugin uses a SiteStats-hosted authentication service. When you click “Connect Google”, your site is redirected to this service to complete the Google OAuth 2.0 login. During this process, your site URL, a return URL, and a temporary state value are sent to securely complete the authentication. After a successful login, a temporary authorization code is returned to your WordPress site to establish the connection.\u003C\u002Fp>\n\u003Cp>This service is operated by the plugin author.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fsitestatswp.com\u002Fterms-of-service\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsitestatswp.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Once connected, the plugin communicates directly with Google APIs to retrieve Google Analytics 4 and Google Search Console data. When dashboards or widgets are loaded, the plugin sends requests to Google that include the selected property or site, the requested date range and report configuration, and an access token authorizing the request. Google returns aggregated analytics and search performance data for display inside WordPress.\u003C\u002Fp>\n\u003Cp>Google APIs are provided by Google LLC.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fterms\" rel=\"nofollow ugc\">Google APIs Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">Google Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Drag-and-drop WordPress analytics dashboard that combines data from Google Analytics, Search Console, Bing Webmaster, WordPress, WooCommerce & others.",585,100,1,"2026-02-20T01:26:00.000Z","6.9.4","5.9","7.0",[89,90,22,91,92],"bing-webmaster","bing-webmaster-tools","search-console","wordpress-analytics","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsitestats-analytics.1.5.2.zip",{"slug":95,"name":96,"version":97,"author":7,"author_profile":8,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":82,"num_ratings":83,"last_updated":102,"tested_up_to":103,"requires_at_least":17,"requires_php":18,"tags":104,"homepage":107,"download_link":108,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":61},"gallery-made-easy","Gallery Made Easy","1.3","\u003Cp>Instantly create responsive image galleries within a simple and customizable interface. Just upload, add, organise and publish.\u003C\u002Fp>\n","Instantly create responsive image galleries within a simple and customizable interface. Just upload, add, organise and publish.",10,1730,"2016-07-25T00:48:00.000Z","4.5.33",[23,105,106,24],"w3b","w3bkit","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgallery-made-easy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgallery-made-easy.zip",{"slug":110,"name":111,"version":6,"author":7,"author_profile":8,"description":112,"short_description":113,"active_installs":100,"downloaded":114,"rating":82,"num_ratings":83,"last_updated":115,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":116,"homepage":119,"download_link":120,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":61},"simple-posts-generator","Simple Posts Generator","\u003Cp>A straight forward Posts Generator for Developers and Testers.\u003Cbr \u002F>\nOnce active, a Posts Generator user will be created for later use.\u003C\u002Fp>\n\u003Cp>In the Tools page, you can set the Title, Content, Post Type and number of posts to be generated.\u003Cbr \u002F>\nOnce you’re done with the data, you may then delete the user since all generated posts will be under the Posts Generator user.\u003C\u002Fp>\n","A straight forward Posts Generator for Developers and Testers.",2673,"2015-07-29T13:02:00.000Z",[117,118,23,24],"generator","post","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-posts-generator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-posts-generator.1.3.1.zip",{"attackSurface":122,"codeSignals":145,"taintFlows":214,"riskAssessment":215,"analyzedAt":227},{"hooks":123,"ajaxHandlers":137,"restRoutes":138,"shortcodes":139,"cronEvents":144,"entryPointCount":83,"unprotectedCount":28},[124,129,133],{"type":125,"name":126,"callback":126,"file":127,"line":128},"action","admin_menu","simple-contacts-manager.php",199,{"type":125,"name":130,"callback":131,"file":127,"line":132},"admin_enqueue_scripts","admin_head",200,{"type":125,"name":134,"callback":135,"file":127,"line":136},"wp_footer","insert_analytics_code",213,[],[],[140],{"tag":141,"callback":142,"file":127,"line":143},"cm_contact","do_shortcode",202,[],{"dangerousFunctions":146,"sqlUsage":151,"outputEscaping":153,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":213},[147],{"fn":148,"file":127,"line":149,"context":150},"unserialize",320,"if( $this->orig_data[$option_name] = $this->data[$option_name] = unserialize( get_option( $option_na",{"prepared":28,"raw":28,"locations":152},[],{"escaped":28,"rawEcho":154,"locations":155},29,[156,159,161,164,166,168,169,171,173,175,177,179,181,183,185,187,189,190,191,193,195,197,199,201,203,205,207,209,211],{"file":127,"line":157,"context":158},259,"raw output",{"file":127,"line":160,"context":158},263,{"file":162,"line":163,"context":158},"views\\contacts-manager-settings.php",12,{"file":162,"line":165,"context":158},32,{"file":167,"line":83,"context":158},"views\\contacts-manager.php",{"file":167,"line":163,"context":158},{"file":167,"line":170,"context":158},28,{"file":167,"line":172,"context":158},61,{"file":174,"line":83,"context":158},"views\\edit_group.php",{"file":174,"line":176,"context":158},15,{"file":174,"line":178,"context":158},17,{"file":174,"line":180,"context":158},36,{"file":174,"line":182,"context":158},37,{"file":174,"line":184,"context":158},47,{"file":174,"line":186,"context":158},48,{"file":174,"line":188,"context":158},59,{"file":174,"line":13,"context":158},{"file":174,"line":172,"context":158},{"file":174,"line":192,"context":158},62,{"file":174,"line":194,"context":158},66,{"file":174,"line":196,"context":158},87,{"file":174,"line":198,"context":158},132,{"file":174,"line":200,"context":158},177,{"file":174,"line":202,"context":158},221,{"file":204,"line":163,"context":158},"views\\google_analytics_code.php",{"file":206,"line":176,"context":158},"views\\main-container.php",{"file":206,"line":208,"context":158},18,{"file":206,"line":210,"context":158},23,{"file":206,"line":212,"context":158},25,[],[],{"summary":216,"deductions":217},"The plugin \"simple-contacts-manager\" v1.3.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding direct SQL queries and performing all its database interactions using prepared statements, indicating a reduced risk of SQL injection.  The plugin also has a very small attack surface with no AJAX handlers or REST API routes, and no cron events, minimizing potential entry points for attackers. There is no recorded vulnerability history, which generally suggests a stable and well-maintained plugin.\n\nHowever, significant security concerns are present in the code analysis. The presence of the `unserialize` function, especially without accompanying validation or sanitization, is a critical risk. If user-controlled data is passed to `unserialize`, it can lead to Remote Code Execution (RCE) vulnerabilities. Furthermore, the fact that 100% of outputs are not properly escaped is a major concern, opening the door for Cross-Site Scripting (XSS) attacks. The absence of nonce and capability checks on its single shortcode also means that any authenticated user could potentially trigger its functionality without proper authorization checks, leading to unexpected behavior or potential exploitation.\n\nIn conclusion, while the plugin has a clean vulnerability history and good practices in SQL handling and attack surface minimization, the critical risk posed by `unserialize` and the widespread lack of output escaping are significant weaknesses that demand immediate attention. These issues outweigh the strengths, making the plugin moderately to highly risky in its current state.",[218,220,222,225],{"reason":219,"points":176},"Dangerous function 'unserialize' used",{"reason":221,"points":100},"No output escaping",{"reason":223,"points":224},"No nonce checks",5,{"reason":226,"points":224},"No capability checks","2026-03-16T22:45:17.938Z",{"wat":229,"direct":238},{"assetPaths":230,"generatorPatterns":233,"scriptPaths":234,"versionParams":235},[231,232],"\u002Fwp-content\u002Fplugins\u002Fsimple-contacts-manager\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fsimple-contacts-manager\u002Fjs\u002Fscript.js",[],[232],[236,237],"simple-contacts-manager\u002Fstyle.css?ver=","simple-contacts-manager\u002Fjs\u002Fscript.js?ver=",{"cssClasses":239,"htmlComments":244,"htmlAttributes":245,"restEndpoints":248,"jsGlobals":249,"shortcodeOutput":252},[240,241,242,243],"w3b-cm-settings-form","w3b-cm-contacts-form","w3b-cm-group-settings","w3b-cm-contact-details",[],[246,247],"data-plugin-name=\"Simple Contacts Manager\"","data-plugin-version=\"1.3.1\"",[],[250,251],"window.W3B_Contacts_Manager","var W3B_Contacts_Manager",[253],"[cm_contact]",{"error":255,"url":256,"statusCode":257,"statusMessage":258,"message":258},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsimple-contacts-manager\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":260},[261,267],{"version":6,"download_url":26,"svn_tag_url":262,"released_at":29,"has_diff":263,"diff_files_changed":264,"diff_lines":29,"trac_diff_url":265,"vulnerabilities":266,"is_current":255},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsimple-contacts-manager\u002Ftags\u002F1.3.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsimple-contacts-manager%2Ftags%2F1.3&new_path=%2Fsimple-contacts-manager%2Ftags%2F1.3.1",[],{"version":97,"download_url":268,"svn_tag_url":269,"released_at":29,"has_diff":263,"diff_files_changed":270,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":271,"is_current":263},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-contacts-manager.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsimple-contacts-manager\u002Ftags\u002F1.3\u002F",[],[]]