[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnBtQ4Wdp97AB9QIRy7Rc7xGeRV7nCgKnKWZttnC3IGA":3,"$fTRfI_jjaWSHg12ap3JHlIlEtSMk6QRyWgeOwyxJCims":102,"$flA7V_8hzOr5bX7y6jNmnaQH_XBpKObQDu7xFwHDB-js":107},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":36,"analysis":37,"fingerprints":80},"site-is-alive","Site is Alive","1.0.0","wpex.ir","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpexir\u002F","\u003Cp>Site is Alive displays a customizable message with the current date and time using Gregorian, Solar Hijri, or Lunar Hijri calendars to reassure visitors that your site is active and up-to-date.\u003C\u002Fp>\n","Display a customizable message with current date and time using Gregorian, Solar Hijri, or Lunar Hijri calendars to show your site is active.",0,533,"2025-02-06T10:17:00.000Z","6.7.5","5.0","7.4",[18,19,20,21],"active-site-message","date-display","lunar-hijri","solar-hijri","https:\u002F\u002Fwpex.ir\u002Fen\u002Fsite-is-alive","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-is-alive.1.0.0.zip",92,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":24,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"wpexir",2,100,30,88,"2026-05-20T16:14:39.168Z",[],{"attackSurface":38,"codeSignals":64,"taintFlows":72,"riskAssessment":73,"analyzedAt":79},{"hooks":39,"ajaxHandlers":55,"restRoutes":56,"shortcodes":57,"cronEvents":62,"entryPointCount":63,"unprotectedCount":11},[40,46,50],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","admin_menu","wpex_sia_add_admin_menu","includes\\wpex-sia-admin-settings.php",23,{"type":41,"name":47,"callback":48,"file":44,"line":49},"admin_init","wpex_sia_register_settings",174,{"type":41,"name":51,"callback":52,"file":53,"line":54},"wp_enqueue_scripts","wpex_sia_enqueue_assets","includes\\wpex-sia-functions.php",76,[],[],[58],{"tag":59,"callback":60,"file":53,"line":61},"wpex_sia_site_is_alive","wpex_sia_display_message_shortcode",95,[],1,{"dangerousFunctions":65,"sqlUsage":66,"outputEscaping":68,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":63,"bundledLibraries":71},[],{"prepared":11,"raw":11,"locations":67},[],{"escaped":69,"rawEcho":11,"locations":70},18,[],[],[],{"summary":74,"deductions":75},"The \"site-is-alive\" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis.  The code demonstrates excellent practices by utilizing prepared statements for all SQL queries and ensuring all output is properly escaped. There are no identified dangerous functions, file operations, or external HTTP requests, further reducing the attack surface. The absence of any taint flows, critical or high severity, indicates that sensitive data is not being mishandled within the plugin's codebase.  The plugin's vulnerability history is also completely clean, with no recorded CVEs, suggesting a well-maintained and secure development history.\n\nWhile the overall security is commendable, there are minor areas for improvement. The presence of a single shortcode, while not inherently insecure, represents an entry point that could potentially be exploited if not properly handled within its implementation.  The lack of nonce checks on this shortcode, though not explicitly flagged as a vulnerability due to no identified flows, is a potential concern for future development or if the shortcode's functionality evolves to handle sensitive data.  The single capability check is a positive sign, indicating some level of access control, but it's crucial to ensure this check is robust and appropriate for the shortcode's function.  In conclusion, \"site-is-alive\" v1.0.0 is a secure plugin with a solid foundation, but attention to potential entry points like shortcodes and robust access controls is always beneficial.",[76],{"reason":77,"points":78},"Shortcode entry point without explicit nonce check",3,"2026-03-17T05:59:47.649Z",{"wat":81,"direct":90},{"assetPaths":82,"generatorPatterns":85,"scriptPaths":86,"versionParams":87},[83,84],"\u002Fwp-content\u002Fplugins\u002Fsite-is-alive\u002Fassets\u002Fcss\u002Fwpex-sia-front-css.css","\u002Fwp-content\u002Fplugins\u002Fsite-is-alive\u002Fassets\u002Fjs\u002Fwpex-sia-front-js.js",[],[84],[88,89],"site-is-alive\u002Fassets\u002Fcss\u002Fwpex-sia-front-css.css?ver=","site-is-alive\u002Fassets\u002Fjs\u002Fwpex-sia-front-js.js?ver=",{"cssClasses":91,"htmlComments":95,"htmlAttributes":96,"restEndpoints":97,"jsGlobals":98,"shortcodeOutput":100},[92,93,94],"wpex-sia-message","wpex-sia-timestamp","wpex-sia-message-text",[],[],[],[99],"wpexSiaPhpData",[101],"\u003Cdiv id=\"wpex-sia-message\">\n        \u003Cspan id=\"wpex-sia-timestamp\">\u003C\u002Fspan>\n        \u003Cspan id=\"wpex-sia-message-text\">\u003C\u002Fspan>\n    \u003C\u002Fdiv>",{"error":103,"url":104,"statusCode":105,"statusMessage":106,"message":106},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsite-is-alive\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":63,"versions":108},[109],{"version":6,"download_url":23,"svn_tag_url":110,"released_at":25,"has_diff":111,"diff_files_changed":112,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":113,"is_current":103},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsite-is-alive\u002Ftags\u002F1.0.0\u002F",false,[],[]]