[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fLDQsSMubJVuYdSfK7lHyFkm5N710aOh8J4EHBafSzak":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":14,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":46,"crawl_stats":37,"alternatives":53,"analysis":147,"fingerprints":428},"sparkle-demo-importer","Sparkle Demo Importer","1.4.8","Sparkle WP","https:\u002F\u002Fprofiles.wordpress.org\u002Fsparklewpthemes\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002F\" rel=\"nofollow ugc\">Home\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fdocs.sparklewpthemes.com\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fthemes\u002Fpremium-wordpress-theme\u002F\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">All themes\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fplugins\u002F\" rel=\"nofollow ugc\">Plugins\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fblogs\" rel=\"nofollow ugc\">Blog\u003C\u002Fa>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FPJMDFKG52C4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Sparkle Demo Importer imports sparkle themes full demo with just one click. It is specially developed for demo import purpose. This plugin works for theme developed by SparleThemes and if other themes wants to use then they have to use \u003Cstrong>action\u003C\u002Fstrong> filter to work.\u003C\u002Fp>\n\u003Cp>You just need to define the array that includes the location of the demo zip files and other related info.\u003C\u002Fp>\n\u003Ch3>Get the outstanding themes from Sparkle Themes\u003C\u002Fh3>\n\u003Cp>__ Check all of our \u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fthemes\u002Ffree-wordpress-theme\u002F\" rel=\"nofollow ugc\">Free\u003C\u002Fa> themes __\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Feducation-wordpress-theme\u002F\" rel=\"nofollow ugc\">Educenter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fconstruction-wordpress-theme\u002F\" rel=\"nofollow ugc\">Construction Light\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fappzend-multipurpose-business-wordpress-themes\u002F\" rel=\"nofollow ugc\">AppZend\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Ffree-ecommerce-wordpress-theme\u002F\" rel=\"nofollow ugc\">Sparkle Store\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fecommerce-online-shopping\u002F\" rel=\"nofollow ugc\">BuzzStore\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fecommerce-wordpress-theme\u002F\" rel=\"nofollow ugc\">MetroStore\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fonline-estore-details\u002F\" rel=\"nofollow ugc\">Online eStore\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Ffree-education-wordpress-theme\u002F\" rel=\"nofollow ugc\">Educenter Xpert\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>__ Check all of our \u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fthemes\u002Fpremium-wordpress-theme\u002F\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> plugins __\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fconstructionlightpro\u002F\" rel=\"nofollow ugc\">Construction Plus\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fappzend-multipurpose-business-wordpress-themes\u002F\" rel=\"nofollow ugc\">AppZend Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Feducenterpro\u002F\" rel=\"nofollow ugc\">Educenter Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fsparklestorepro\u002F\" rel=\"nofollow ugc\">Sparkle Store Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fonline-estore-pro-multipurpose-woocommerce-theme\u002F\" rel=\"nofollow ugc\">Online eStore Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fchankhe-plus-multipurpose-wordpress-theme\u002F\" rel=\"nofollow ugc\">Chankhe Plus\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fbuzzstorepro\u002F\" rel=\"nofollow ugc\">BuzzStore Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Ffitnessparkpro\u002F\" rel=\"nofollow ugc\">FitnessPark Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fbloggerbuzzpro\u002F\" rel=\"nofollow ugc\">Blogger Buzz Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fmedicalheedpro\u002F\" rel=\"nofollow ugc\">Medical Heed  Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsparklewpthemes.com\u002Fwordpress-themes\u002Fmetrostorepro\u002F\" rel=\"nofollow ugc\">MetroStore Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Import Complete Demo Data\u003C\u002Fli>\n\u003Cli>Automatic Install Required Plugins\u003C\u002Fli>\n\u003Cli>Import Widgets Data\u003C\u002Fli>\n\u003Cli>Import Customizer Data\u003C\u002Fli>\n\u003Cli>Reset Site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>* Forked from HashThemes Demo Importer Plugin\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Sparkle Demo Importer imports sparkle themes full demo with just one click. It is specially developed for demo import purpose.",6000,233020,100,1,"2024-06-20T05:11:00.000Z","6.2.9","4.0","5.6",[20,21,22,23,24],"demo-data","demo-importer","importer","sparkle-demo","sparkle-demo-data","https:\u002F\u002Fgithub.com\u002Fsparklewpthemes\u002Fsparkle-demo-importer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsparkle-demo-importer.zip",91,0,"2024-06-21 11:04:07","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":14},"CVE-2024-6120","sparkle-demo-importer-missing-authorization-to-authorizedsubscriber-postpagesattachements-deletion-and-demo-data-import","Sparkle Demo Importer \u003C= 1.4.7 - Missing Authorization to Authorized(Subscriber+) Post\u002FPages\u002FAttachements Deletion and Demo Data Import","The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and demo data import due to a missing capability check on the multiple functions in all versions up to and including 1.4.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete all posts, pages, and uploaded files, as well as download and install a limited set of demo plugins.",null,"\u003C=1.4.7","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:N","Missing Authorization","2024-06-21 23:33:49",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8f411d17-5b0d-4a4a-afa8-7efebf6965f2?source=api-prod",{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":27,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},"sparklewpthemes",36,14350,193,73,"2026-04-04T04:32:17.930Z",[54,72,94,110,130],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":28,"num_ratings":28,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":66,"tags":67,"homepage":70,"download_link":71,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"keon-toolset","Keon Toolset","2.4.5","keonthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeonthemes\u002F","\u003Cp>A demo importer plugin that makes importing starter sites effortless for building your website!\u003C\u002Fp>\n\u003Ch3>Images License\u003C\u002Fh3>\n\u003Cp>https:\u002F\u002Fpxhere.com\u002Fen\u002Flicense [CCO License]\u003C\u002Fp>\n","Import dummy data for themes developed by Keon Themes.",30000,1490109,"2026-01-07T05:31:00.000Z","6.9.4","4.6",[20,68,69],"demo-data-importer","one-click-demo-import","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkeon-toolset.2.4.5.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":28,"num_ratings":28,"last_updated":82,"tested_up_to":65,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":70,"download_link":90,"security_score":91,"vuln_count":92,"unpatched_count":28,"last_vuln_date":93,"fetched_at":30},"blaze-demo-importer","Blaze Demo Importer","1.0.15","blazethemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fblazethemes\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fblazethemes.com\u002F\" rel=\"nofollow ugc\">Home\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fblazethemes.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">All themes\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fblazethemes.com\u002Fblog\u002F\" rel=\"nofollow ugc\">Blog\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fblazethemes.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FzCw0bkswns4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Blaze Demo Importer can be used in all the official themes developed by BlazeThemes. Plugin can be used to import any of the available starter sites settings in your website. Within just a few steps your website will look exactly like the starter website. Provides information about the plugin required to be installed and activated and proceeds automatically.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Replicate demo you want in just a click\u003C\u002Fli>\n\u003Cli>Clean previous website data – Optional\u003C\u002Fli>\n\u003Cli>Automatically installs recommended and required plugins\u003C\u002Fli>\n\u003Cli>Imports customizer settings, post, pages, media, navigation menus and widgets\u003C\u002Fli>\n\u003C\u002Ful>\n","Blaze Demo Importer can be used in all the official themes developed by BlazeThemes.",8000,167416,"2025-12-22T06:26:00.000Z","5.3","5.4",[86,21,87,88,89],"customizer","import","one-click-import","widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblaze-demo-importer.1.0.15.zip",96,2,"2025-12-11 15:12:44",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":80,"downloaded":102,"rating":28,"num_ratings":28,"last_updated":103,"tested_up_to":65,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":70,"download_link":109,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"blockskit","Blockskit","1.2.2","BlockskitDev","https:\u002F\u002Fprofiles.wordpress.org\u002Fblockskitdev\u002F","\u003Cp>An easy plugin to import starter sites and add different effects to the image.\u003C\u002Fp>\n","An easy plugin to import starter sites and add different effects to the image.",88023,"2025-12-21T10:23:00.000Z","5.9","7.4.9",[107,20,68,108,69],"block","image-block","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblockskit.1.2.2.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":28,"num_ratings":28,"last_updated":120,"tested_up_to":121,"requires_at_least":104,"requires_php":122,"tags":123,"homepage":128,"download_link":129,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"cozy-essential-addons","Theme Demo Importer and Patterns Library for CozyThemes – Cozy Essential Addons","1.3.4","CozyThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcozythemes\u002F","\u003Cp>Cozy Essentials Addons is the ultimate companion plugin for CozyThemes users, offering seamless one-click demo imports and a rich library of pre-designed block patterns to help you quickly build stunning websites. Designed to work perfectly with themes like FotaWP, ReviveNews, Storemate, and more, this lightweight plugin lets you instantly replicate professional starter sites, complete with layouts and content, while also enabling theme-specific enhancements for an optimized building experience. Whether you’re launching a blog, store, or business site, Cozy Essentials Addons makes website creation faster, easier, and more powerful.\u003C\u002Fp>\n\u003Ch4>Display shortcode of post type in site\u003C\u002Fh4>\n\u003Cp>To display post data in your site, please checkout [shortcodes][https:\u002F\u002Fcozythemes.com\u002Fcozy-essential-addons\u002F] in plugin details page.\u003C\u002Fp>\n","Cozy Essential Addons is the free WordPress plugin for Custom post type and provides basic skeletal for custom post type list.",7000,198409,"2025-10-13T15:03:00.000Z","6.8.5","7.3.0",[21,124,125,126,127],"faqs","portfolios","teams","testimonials","https:\u002F\u002Fcozythemes.com\u002Fcozy-essential-addons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcozy-essential-addons.1.3.4.zip",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":11,"downloaded":138,"rating":28,"num_ratings":28,"last_updated":139,"tested_up_to":65,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":143,"download_link":144,"security_score":145,"vuln_count":14,"unpatched_count":28,"last_vuln_date":146,"fetched_at":30},"hashthemes-demo-importer","HashThemes Demo Importer","1.4.1","hashthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fhashthemes\u002F","\u003Cp>HashThemes Demo Importer imports the full demo with just one click. It is specially developed to add a demo importer functionality in the theme developed by HashThemes but it can also be used by any other themes as well.\u003C\u002Fp>\n\u003Cp>You just need to define the array that includes the location of the demo zip files and other informations. The other information includes name of the demo, preview image, theme option array, menu array, home page and blog page slug(if any), required plugins array and the tags that categorizes the theme.\u003C\u002Fp>\n\u003Cp>The demo zip should contain the XML file, customizer (.dat) file, widget (.wie) file, theme option (.json), revolutions slider zip. It is not necessary to add all these files in the demo zip. You can skip the files if your demo does not need it.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Reset website(Optional)\u003C\u002Fli>\n\u003Cli>Install recommended and required plugins automatically\u003C\u002Fli>\n\u003Cli>Imports Revolution slider\u003C\u002Fli>\n\u003Cli>Imports fully functional demo\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Video Guide\u003C\u002Fh4>\n","Transforming website setups from headache to 'click, click, done!",218093,"2025-12-07T16:11:00.000Z","6.3","7.2",[21,134,87,88],"https:\u002F\u002Fgithub.com\u002Fpzstar\u002Fhashthemes-demo-importer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhashthemes-demo-importer.1.4.1.zip",99,"2021-10-26 00:00:00",{"attackSurface":148,"codeSignals":237,"taintFlows":378,"riskAssessment":416,"analyzedAt":427},{"hooks":149,"ajaxHandlers":187,"restRoutes":229,"shortcodes":230,"cronEvents":235,"entryPointCount":236,"unprotectedCount":14},[150,156,160,165,169,173,178,182,185],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","admin_menu","sparkle_demo_import_menu","sparkle-demo-importer.php",66,{"type":151,"name":157,"callback":158,"file":154,"line":159},"admin_enqueue_scripts","admin_script",69,{"type":161,"name":162,"callback":163,"file":154,"line":164},"filter","wp_import_post_meta","on_wp_import_post_meta",85,{"type":161,"name":166,"callback":167,"file":154,"line":168},"wxr_importer.pre_process.post_meta","on_wxr_importer_pre_process_post_meta",86,{"type":151,"name":170,"callback":171,"file":154,"line":172},"after_setup_theme","closure",1163,{"type":161,"name":174,"callback":175,"file":176,"line":177},"import_post_meta_key","is_valid_meta_key","wordpress-importer\\class-wp-import.php",77,{"type":161,"name":179,"callback":180,"file":176,"line":181},"http_request_timeout","bump_request_timeout",78,{"type":161,"name":174,"callback":175,"file":183,"line":184},"wordpress-importer\\wordpress-importer.php",80,{"type":161,"name":179,"callback":180,"file":183,"line":186},81,[188,195,199,203,207,210,212,215,218,221,223,225],{"action":189,"nopriv":190,"callback":191,"hasNonce":192,"hasCapCheck":192,"file":193,"line":194},"plugin_installer",false,"installer_callback",true,"classes\\class-demo-importer.php",35,{"action":196,"nopriv":190,"callback":197,"hasNonce":192,"hasCapCheck":192,"file":193,"line":198},"plugin_offline_installer","offline_installer_callback",38,{"action":200,"nopriv":190,"callback":201,"hasNonce":192,"hasCapCheck":190,"file":193,"line":202},"plugin_activation","activation_callback",41,{"action":204,"nopriv":190,"callback":205,"hasNonce":190,"hasCapCheck":190,"file":193,"line":206},"plugin_deactivation","plugin_deactivation_callback",44,{"action":208,"nopriv":190,"callback":208,"hasNonce":192,"hasCapCheck":192,"file":154,"line":209},"sparkle_demo_import_install_demo",72,{"action":211,"nopriv":190,"callback":211,"hasNonce":192,"hasCapCheck":192,"file":154,"line":51},"sparkle_demo_import_install_plugin",{"action":213,"nopriv":190,"callback":213,"hasNonce":192,"hasCapCheck":192,"file":154,"line":214},"sparkle_demo_import_download_files",74,{"action":216,"nopriv":190,"callback":216,"hasNonce":192,"hasCapCheck":192,"file":154,"line":217},"sparkle_demo_import_import_xml",75,{"action":219,"nopriv":190,"callback":219,"hasNonce":192,"hasCapCheck":192,"file":154,"line":220},"sparkle_demo_import_customizer_import",76,{"action":222,"nopriv":190,"callback":222,"hasNonce":192,"hasCapCheck":192,"file":154,"line":177},"sparkle_demo_import_menu_import",{"action":224,"nopriv":190,"callback":224,"hasNonce":192,"hasCapCheck":192,"file":154,"line":181},"sparkle_demo_import_theme_option",{"action":226,"nopriv":190,"callback":227,"hasNonce":192,"hasCapCheck":192,"file":154,"line":228},"sparkle_demo_import_importing_widget","importing_widget",79,[],[231],{"tag":232,"callback":233,"file":154,"line":234},"construction-customizer-slider","sparkle_demo_importer_construction_light_customizer_slider",1169,[],13,{"dangerousFunctions":238,"sqlUsage":239,"outputEscaping":242,"fileOperations":373,"externalRequests":374,"nonceChecks":375,"capabilityChecks":376,"bundledLibraries":377},[],{"prepared":240,"raw":28,"locations":241},8,[],{"escaped":243,"rawEcho":244,"locations":245},174,65,[246,249,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,329,330,331,332,334,336,338,340,342,343,345,347,349,351,353,355,357,359,361,363,365,367,369,371],{"file":154,"line":247,"context":248},173,"raw output",{"file":154,"line":243,"context":248},{"file":154,"line":251,"context":248},195,{"file":154,"line":253,"context":248},197,{"file":154,"line":255,"context":248},324,{"file":154,"line":257,"context":248},333,{"file":154,"line":259,"context":248},337,{"file":154,"line":261,"context":248},370,{"file":154,"line":263,"context":248},372,{"file":154,"line":265,"context":248},390,{"file":154,"line":267,"context":248},420,{"file":154,"line":269,"context":248},1132,{"file":176,"line":271,"context":248},106,{"file":176,"line":273,"context":248},107,{"file":176,"line":275,"context":248},115,{"file":176,"line":277,"context":248},150,{"file":176,"line":279,"context":248},151,{"file":176,"line":281,"context":248},166,{"file":176,"line":283,"context":248},170,{"file":176,"line":285,"context":248},179,{"file":176,"line":287,"context":248},233,{"file":176,"line":289,"context":248},235,{"file":176,"line":291,"context":248},281,{"file":176,"line":293,"context":248},291,{"file":176,"line":295,"context":248},294,{"file":176,"line":297,"context":248},302,{"file":176,"line":299,"context":248},311,{"file":176,"line":301,"context":248},362,{"file":176,"line":303,"context":248},414,{"file":176,"line":305,"context":248},459,{"file":176,"line":307,"context":248},514,{"file":176,"line":309,"context":248},707,{"file":176,"line":311,"context":248},740,{"file":176,"line":313,"context":248},1224,{"file":176,"line":315,"context":248},1246,{"file":176,"line":317,"context":248},1247,{"file":319,"line":48,"context":248},"wordpress-importer\\parsers\\class-wxr-parser.php",{"file":319,"line":321,"context":248},39,{"file":319,"line":323,"context":248},42,{"file":319,"line":325,"context":248},43,{"file":327,"line":328,"context":248},"wordpress-importer\\parsers.php",32,{"file":327,"line":194,"context":248},{"file":327,"line":198,"context":248},{"file":327,"line":321,"context":248},{"file":183,"line":333,"context":248},103,{"file":183,"line":335,"context":248},104,{"file":183,"line":337,"context":248},110,{"file":183,"line":339,"context":248},138,{"file":183,"line":341,"context":248},139,{"file":183,"line":279,"context":248},{"file":183,"line":344,"context":248},155,{"file":183,"line":346,"context":248},163,{"file":183,"line":348,"context":248},211,{"file":183,"line":350,"context":248},213,{"file":183,"line":352,"context":248},261,{"file":183,"line":354,"context":248},268,{"file":183,"line":356,"context":248},313,{"file":183,"line":358,"context":248},360,{"file":183,"line":360,"context":248},397,{"file":183,"line":362,"context":248},441,{"file":183,"line":364,"context":248},601,{"file":183,"line":366,"context":248},629,{"file":183,"line":368,"context":248},959,{"file":183,"line":370,"context":248},978,{"file":183,"line":372,"context":248},979,30,3,15,11,[],[379,405],{"entryPoint":380,"graph":381,"unsanitizedCount":28,"severity":404},"sparkle_demo_import_theme_option (sparkle-demo-importer.php:619)",{"nodes":382,"edges":401},[383,388,394,396],{"id":384,"type":385,"label":386,"file":154,"line":387},"n0","source","$_POST",626,{"id":389,"type":390,"label":391,"file":154,"line":392,"wp_function":393},"n1","sink","file_get_contents() [SSRF\u002FLFI]",631,"file_get_contents",{"id":395,"type":385,"label":386,"file":154,"line":387},"n2",{"id":397,"type":390,"label":398,"file":154,"line":399,"wp_function":400},"n3","update_option() [Settings Manipulation]",634,"update_option",[402,403],{"from":384,"to":389,"sanitized":192},{"from":395,"to":397,"sanitized":192},"low",{"entryPoint":406,"graph":407,"unsanitizedCount":28,"severity":404},"\u003Csparkle-demo-importer> (sparkle-demo-importer.php:0)",{"nodes":408,"edges":413},[409,410,411,412],{"id":384,"type":385,"label":386,"file":154,"line":387},{"id":389,"type":390,"label":391,"file":154,"line":392,"wp_function":393},{"id":395,"type":385,"label":386,"file":154,"line":387},{"id":397,"type":390,"label":398,"file":154,"line":399,"wp_function":400},[414,415],{"from":384,"to":389,"sanitized":192},{"from":395,"to":397,"sanitized":192},{"summary":417,"deductions":418},"The sparkle-demo-importer plugin v1.4.8 exhibits a mixed security posture. While it demonstrates strong practices in areas like SQL query sanitization and a lack of critical taint flow issues, there are notable areas of concern. The presence of an unprotected AJAX handler represents a direct entry point for potential attackers, bypassing authentication.  This, coupled with a history of past vulnerabilities, specifically a medium-severity one that was recently patched, suggests a pattern of past security oversights. The plugin does employ nonces and capability checks for many of its entry points, which is a positive sign of good development practices. However, the single unprotected AJAX handler is a significant weakness that must be addressed. Overall, the plugin has strengths in secure data handling but requires immediate attention to its authentication mechanisms for its exposed entry points.",[419,421,424],{"reason":420,"points":240},"1 unprotected AJAX handler",{"reason":422,"points":423},"1 medium severity vulnerability history",7,{"reason":425,"points":426},"73% output escaping (27% unescaped)",4,"2026-03-16T18:02:54.781Z",{"wat":429,"direct":438},{"assetPaths":430,"generatorPatterns":433,"scriptPaths":434,"versionParams":435},[431,432],"\u002Fwp-content\u002Fplugins\u002Fsparkle-demo-importer\u002Fassets\u002Fcss\u002Fsparkle-demo-importer.css","\u002Fwp-content\u002Fplugins\u002Fsparkle-demo-importer\u002Fassets\u002Fjs\u002Fsparkle-demo-importer.js",[],[432],[436,437],"sparkle-demo-importer\u002Fassets\u002Fcss\u002Fsparkle-demo-importer.css?ver=","sparkle-demo-importer\u002Fassets\u002Fjs\u002Fsparkle-demo-importer.js?ver=",{"cssClasses":439,"htmlComments":448,"htmlAttributes":449,"restEndpoints":452,"jsGlobals":462,"shortcodeOutput":464},[4,440,441,442,443,444,445,446,447],"sparkle-theme-tab-filter","available-categories","available-categories-lists","sparkle-theme-tab-group","sparkle-theme-tab","sparkle-theme-active","cat-count","sparkle-theme-demos",[],[450,451],"data-filter-group","data-filter",[453,454,455,456,457,458,459,460,461],"\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Fget-demos","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Finstall-demo","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Finstall-plugin","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Fdownload-files","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Fimport-xml","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Fcustomizer-import","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Fmenu-import","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Ftheme-option","\u002Fwp-json\u002Fsparkle-demo-importer\u002Fv1\u002Fimporting-widget",[463],"SparkleDemoImporter",[]]