[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHHedxeO-xN6Wuf_AYxbFPcz2bxtMB0nxnf5cd7T2Nr8":3,"$fRYXVkXwHey9hsuVtboivDzWgpM8mWnba7ZyElJjlpuc":67,"$fYUx1cEFT6Uh7Zs5PAYRFgQo_2_4mMFT7Do6HsKXPgGo":72},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":17,"download_link":18,"security_score":19,"vuln_count":13,"unpatched_count":13,"last_vuln_date":20,"fetched_at":21,"discovery_status":22,"vulnerabilities":23,"developer":24,"crawl_stats":20,"alternatives":29,"analysis":30,"fingerprints":54},"ssl-enable","SSL enable","1.0","stennkool","https:\u002F\u002Fprofiles.wordpress.org\u002Fstennkool\u002F","\u003Ch3>What does this plugin do?\u003C\u002Fh3>\n\u003Cp>This plugin forces wordpress to detect the SSL protocol being enabled and in use, there are cases where SSL detection fails with a stock wordpress or you just want plugins to behave like SSL has been enabled (for in development and testing enviroments for example).\u003C\u002Fp>\n\u003Ch3>When is this plugin needed?\u003C\u002Fh3>\n\u003Cp>This plugin is useful when your website is behind a load balancer and the SSL encryption is handled by the loadbalancer itself.\u003Cbr \u002F>\nThere are scenarios where you want wordpress or plugins to behave like SSL is enabled for developmment purposes, think of the WooCommerce API for example where you different authentication methods are used depending if you us a SSL connection or not.\u003C\u002Fp>\n\u003Ch4>Info\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.stennmedia.nl\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003C\u002Fp>\n","What does this plugin do?",10,1781,0,"2017-06-06T09:05:00.000Z","",[],"http:\u002F\u002Fwww.stennmedia.nl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssl-enable.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":25,"total_installs":11,"avg_security_score":19,"avg_patch_time_days":26,"trust_score":27,"computed_at":28},1,30,84,"2026-05-19T16:22:24.563Z",[],{"attackSurface":31,"codeSignals":37,"taintFlows":44,"riskAssessment":45,"analyzedAt":53},{"hooks":32,"ajaxHandlers":33,"restRoutes":34,"shortcodes":35,"cronEvents":36,"entryPointCount":13,"unprotectedCount":13},[],[],[],[],[],{"dangerousFunctions":38,"sqlUsage":39,"outputEscaping":41,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":43},[],{"prepared":13,"raw":13,"locations":40},[],{"escaped":13,"rawEcho":13,"locations":42},[],[],[],{"summary":46,"deductions":47},"Based on the provided static analysis and vulnerability history, the 'ssl-enable' plugin v1.0 exhibits a strong security posture. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface.  Furthermore, the code signals indicate good development practices, with no dangerous functions, all SQL queries utilizing prepared statements, and all outputs being properly escaped.  The lack of file operations, external HTTP requests, and the absence of any identified taint flows further bolster this positive assessment.\n\nHowever, the plugin's security is also predicated on the absence of discovered vulnerabilities, both historically and in the current version. While this is a positive indicator, it's crucial to acknowledge that a lack of historical vulnerabilities does not guarantee future security.  The complete absence of nonces and capability checks, while not directly exploitable given the current attack surface, represents a potential weakness if the plugin were to evolve and introduce new entry points without implementing these essential security measures. This makes the plugin's security entirely dependent on its minimal attack surface remaining unchanged.\n\nIn conclusion, 'ssl-enable' v1.0 appears to be a very secure plugin due to its minimal attack surface and adherence to secure coding practices. The primary concern lies in the potential for future vulnerabilities if new entry points are added without corresponding security checks like nonces and capability checks. The plugin's current security is excellent, but its long-term security hinges on maintaining this minimal attack surface or implementing robust security measures for any future expansions.",[48,51],{"reason":49,"points":50},"No nonce checks",5,{"reason":52,"points":50},"No capability checks","2026-03-17T00:48:59.304Z",{"wat":55,"direct":60},{"assetPaths":56,"generatorPatterns":57,"scriptPaths":58,"versionParams":59},[],[],[],[],{"cssClasses":61,"htmlComments":62,"htmlAttributes":63,"restEndpoints":64,"jsGlobals":65,"shortcodeOutput":66},[],[],[],[],[],[],{"error":68,"url":69,"statusCode":70,"statusMessage":71,"message":71},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fssl-enable\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":25,"versions":73},[74],{"version":6,"download_url":75,"svn_tag_url":76,"released_at":20,"has_diff":77,"diff_files_changed":78,"diff_lines":20,"trac_diff_url":20,"vulnerabilities":79,"is_current":68},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssl-enable.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fssl-enable\u002Ftags\u002F1.0\u002F",false,[],[]]