[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-YGlevFRZHH2ZcP_Y6HgOkLuZhKbU_3jsrYlpVIUjfk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":37,"fingerprints":84},"simple-content-upload-by-csv","Simple Content Upload By CSV","0.1","Md Meraj Ahmed","https:\u002F\u002Fprofiles.wordpress.org\u002Fhasmimerajgmailcom\u002F","\u003Cp>Upload your content data either it is custom post type, post or page. create csv with title and description and upload it.\u003C\u002Fp>\n\u003Cp>Simple admin interface to select for which content type you want to upload data.\u003Cbr \u002F>\nJust create A Csv file with title and content and upload it for selected content type\u003C\u002Fp>\n\u003Ch3>Upgrade\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Delete the previous \u003Ccode>uploadcontentbycsv\u003C\u002Fcode> folder from the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Upload the new \u003Ccode>uploadcontentbycsv\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit Settings>Upload Content in the admin area of your blog.\u003C\u002Fli>\n\u003Cli>Select your content type to which you want to upload data and click on save changes.\u003C\u002Fli>\n\u003Cli>Enjoy.\u003C\u002Fli>\n\u003C\u002Fol>\n","Upload your content data either it is custom post type, post or page.",10,1982,100,1,"2014-02-17T08:18:00.000Z","3.7.41","3.0","",[20,21],"post-or-page-create-csv-with-title-and-description-and-upload-it","upload-your-content-data-either-it-is-custom-post-type","http:\u002F\u002Famezingapps.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-content-upload-by-csv.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":24,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"hasmimerajgmailcom",2,40,30,84,"2026-04-04T05:27:37.892Z",[],{"attackSurface":38,"codeSignals":55,"taintFlows":70,"riskAssessment":71,"analyzedAt":83},{"hooks":39,"ajaxHandlers":46,"restRoutes":52,"shortcodes":53,"cronEvents":54,"entryPointCount":14,"unprotectedCount":14},[40],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","admin_menu","ucbc_menu","uploadcontentbycsv.php",111,[47],{"action":48,"nopriv":49,"callback":50,"hasNonce":49,"hasCapCheck":49,"file":44,"line":51},"formsubmit",false,"ucbc_wp_ajax_formsubmit",18,[],[],[],{"dangerousFunctions":56,"sqlUsage":57,"outputEscaping":59,"fileOperations":14,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":69},[],{"prepared":25,"raw":25,"locations":58},[],{"escaped":25,"rawEcho":60,"locations":61},3,[62,66,68],{"file":63,"line":64,"context":65},"ucbc_admin.php",16,"raw output",{"file":63,"line":67,"context":65},32,{"file":63,"line":67,"context":65},[],[],{"summary":72,"deductions":73},"The \"simple-content-upload-by-csv\" v0.1 plugin exhibits a concerning security posture despite having no recorded vulnerability history or obvious dangerous functions. The static analysis reveals a significant weakness with a single AJAX handler that lacks any authentication checks. This unprotected entry point is a prime target for attackers and could potentially be exploited to execute arbitrary actions or access sensitive data within the WordPress environment. While the plugin utilizes prepared statements for its SQL queries, demonstrating good database security practices, this is overshadowed by the critical lack of output escaping and the absence of nonce checks. These omissions, combined with the unprotected AJAX handler, create a substantial attack surface. The lack of vulnerability history, while positive, might indicate a low profile or simply a lack of prior in-depth security audits rather than inherent robustness.",[74,76,79,81],{"reason":75,"points":11},"AJAX handler without authentication",{"reason":77,"points":78},"Unescaped output found",6,{"reason":80,"points":11},"Missing nonce checks",{"reason":82,"points":60},"File operations present","2026-03-17T01:43:18.134Z",{"wat":85,"direct":94},{"assetPaths":86,"generatorPatterns":89,"scriptPaths":90,"versionParams":91},[87,88],"\u002Fwp-content\u002Fplugins\u002Fsimple-content-upload-by-csv\u002Fjs\u002Fjquery.validate.min.js","\u002Fwp-content\u002Fplugins\u002Fsimple-content-upload-by-csv\u002Fjs\u002Fubc-form.js",[],[87,88],[92,93],"simple-content-upload-by-csv\u002Fjs\u002Fjquery.validate.min.js?ver=","simple-content-upload-by-csv\u002Fjs\u002Fubc-form.js?ver=",{"cssClasses":95,"htmlComments":96,"htmlAttributes":97,"restEndpoints":98,"jsGlobals":99,"shortcodeOutput":100},[],[],[],[],[],[]]