[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_mqyIkXsW2ZzIqU3H-BPaTw6BrgmPPrgkS40Izielz8":3,"$fv7FdygAmiWKfKH9GhUBn5rGeq9KYNkKeaZpvKgdPOvY":124,"$fWo3Z5q54gephijqj7L0DB78qxOehGhFeaPOc0cJVp7k":129},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":33,"analysis":34,"fingerprints":92},"star-rating-review-w","Star Rating Review for Welcart","1.1","TEMPLX","https:\u002F\u002Fprofiles.wordpress.org\u002Ftemplx\u002F","\u003Cp>Star rating and reviews of products I can write.\u003Cbr \u002F>\nPlease upload the theme in use comments.php file.\u003C\u002Fp>\n","*** Welcart e-Commerce Version1.6.3 or more *** It is only for this plugin: Welcart e-Commerce. You can only be used when enabled.",20,1954,0,"2015-12-15T06:43:00.000Z","4.4.34","4.4","",[19],"welcart-e-commerce-starrating-review","http:\u002F\u002Ftemplx.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstar-rating-review-w.1.1.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"templx",1,30,84,"2026-05-19T20:16:31.409Z",[],{"attackSurface":35,"codeSignals":62,"taintFlows":85,"riskAssessment":86,"analyzedAt":91},{"hooks":36,"ajaxHandlers":58,"restRoutes":59,"shortcodes":60,"cronEvents":61,"entryPointCount":13,"unprotectedCount":13},[37,43,47,52,55],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","wp_enqueue_scripts","srrwtx_dashicons","srrwtx_function.php",12,{"type":38,"name":44,"callback":45,"file":41,"line":46},"comment_post","srrwtx_comment_meta_save",28,{"type":48,"name":49,"callback":50,"file":41,"line":51},"filter","comments_open","srrwtx_comment_tags_clear",51,{"type":48,"name":53,"callback":50,"file":41,"line":54},"pre_comment_approved",52,{"type":38,"name":39,"callback":56,"file":57,"line":46},"srrwtx_css_style","star_rating_review.php",[],[],[],[],{"dangerousFunctions":63,"sqlUsage":64,"outputEscaping":66,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":84},[],{"prepared":13,"raw":13,"locations":65},[],{"escaped":67,"rawEcho":68,"locations":69},2,6,[70,74,76,78,80,82],{"file":71,"line":72,"context":73},"comments.php",15,"raw output",{"file":71,"line":75,"context":73},27,{"file":71,"line":77,"context":73},57,{"file":71,"line":79,"context":73},63,{"file":41,"line":81,"context":73},80,{"file":41,"line":83,"context":73},87,[],[],{"summary":87,"deductions":88},"The static analysis of \"star-rating-review-w\" v1.1 reveals a generally strong security posture with no identified dangerous functions, external HTTP requests, file operations, or raw SQL queries. The absence of any identified CVEs and a clean vulnerability history further contribute to a positive outlook. However, a significant concern arises from the 75% of output handling that is not properly escaped. This weakness creates a potential attack vector for cross-site scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed within the user's browser.  While the attack surface is currently reported as zero entry points, this could change with future updates, and the lack of robust output sanitization remains a notable deficiency. The plugin demonstrates good practices in avoiding direct SQL injection risks and limiting its external dependencies, but the unescaped output requires immediate attention to mitigate potential XSS risks.",[89],{"reason":90,"points":68},"Output not properly escaped (75%)","2026-03-16T22:50:02.796Z",{"wat":93,"direct":99},{"assetPaths":94,"generatorPatterns":96,"scriptPaths":97,"versionParams":98},[95],"\u002Fwp-content\u002Fplugins\u002Fstar-rating-review-w\u002Fcss\u002Fsrrwtx.css",[],[],[],{"cssClasses":100,"htmlComments":114,"htmlAttributes":117,"restEndpoints":121,"jsGlobals":122,"shortcodeOutput":123},[101,102,103,104,105,106,107,108,109,110,111,112,113],"star-rating-review","star-rating-review-meta","star-rating-review-author","star-rating-review-metadata","star-rating-review-content","star-rating","star-rating-review-awaiting-moderation","srrwtx-body","srrwtx-body-in","srrwtx-rating-synthesis","srrwtx-rating-synthesis-star","srrwtx-rating-synthesis-text","srrwtx-rating-synthesis-text-number",[115,116],"\u003C!-- Customizing the comment list -->","\u002F*\n * comments.php file is welcart only.\n * Please use it to enable the welcart.\n * To the theme, please upload (overwriting) the comments.php file.\n * Before uploading please always back up.\n *\u002F",[118,119,120],"id=\"star-rating-review-","id=\"div-star-rating-review-","datetime=\"",[],[],[],{"error":125,"url":126,"statusCode":127,"statusMessage":128,"message":128},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fstar-rating-review-w\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":67,"versions":130},[131,137],{"version":6,"download_url":21,"svn_tag_url":132,"released_at":23,"has_diff":133,"diff_files_changed":134,"diff_lines":23,"trac_diff_url":135,"vulnerabilities":136,"is_current":125},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fstar-rating-review-w\u002Ftags\u002F1.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fstar-rating-review-w%2Ftags%2F1.0&new_path=%2Fstar-rating-review-w%2Ftags%2F1.1",[],{"version":138,"download_url":139,"svn_tag_url":140,"released_at":23,"has_diff":133,"diff_files_changed":141,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":142,"is_current":133},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstar-rating-review-w.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fstar-rating-review-w\u002Ftags\u002F1.0\u002F",[],[]]