[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flVuqHL5Mk7-LgjWiXpxSlO8h9hagiqjOGVU0XQLE6g8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":19,"download_link":20,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":31,"analysis":32,"fingerprints":157},"stocktech-alerts","Stocktech Alerts","1.0.1","StockTech","https:\u002F\u002Fprofiles.wordpress.org\u002Fstartflorin\u002F","\u003Cp>This plugin helps you use the StockTech alerts widget as a block to your WordPress page.\u003Cbr \u002F>\nThis block will create an iframe to: \u003Ca href=\"https:\u002F\u002Fstocktech.org\u002Fstatic\u002Fwidget-symbols\" rel=\"nofollow ugc\">https:\u002F\u002Fstocktech.org\u002Fstatic\u002Fwidget-symbols\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Stocktech Alerts and stock marketing content.\u003C\u002Fp>\n\u003Cp>Tested up to the most recent stable major version as of December 2022.\u003C\u002Fp>\n\u003Ch3>3rd Party or external service\u003C\u002Fh3>\n\u003Cp>This wordpress plugin creates an iframe for a StockTech widget.\u003C\u002Fp>\n\u003Cp>The Privacy Agreement for the StockTech content is presented when you create your API key: \u003Ca href=\"https:\u002F\u002Fstocktech.org\u002F?view=API\" rel=\"nofollow ugc\">https:\u002F\u002Fstocktech.org\u002F?view=API\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Check the available documentation and styles: \u003Ca href=\"https:\u002F\u002Fstocktech.org\u002F?page=public-user-api\" rel=\"nofollow ugc\">https:\u002F\u002Fstocktech.org\u002F?page=public-user-api\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Here is a direct link to StockTech privacy policy  \u003Ca href=\"https:\u002F\u002Fstocktech.org\u002Fdocs\u002FPrivacyPolicy.html\" rel=\"nofollow ugc\">https:\u002F\u002Fstocktech.org\u002Fdocs\u002FPrivacyPolicy.html\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>How to use it\u003C\u002Fh3>\n\u003Cp>Install and activate the plugin.\u003C\u002Fp>\n\u003Cp>Get your API key. You will need to provide your email address: https:\u002F\u002Fstocktech.org\u002F?view=API Keep this page open.\u003C\u002Fp>\n\u003Cp>A verification email will be sent to your adress. Open the link in that verification email to complete your free account on StockTech.org\u003C\u002Fp>\n\u003Cp>Return to https:\u002F\u002Fstocktech.org\u002F?view=API and preess “I confirmed my email”. No tou can copy your API-Key and paste it in the App-Key field of your plugin. Save changes.\u003C\u002Fp>\n\u003Cp>To add the widget in code editor, add this code to your page:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    \u003C!-- wp:cgb\u002Fstocktech-alerts \u002F-->\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To add the widget in visual editor, press the blue plus sign to open blocks search and search for stocktech-alerts. You will find it in STOCKTECH WIDGETS as StockTech Alerts. drag it in your page.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FCHc9ots4QGg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Stocktech Alerts and stock marketing content.",0,565,"2022-12-30T04:03:00.000Z","6.1.10","3.0","",[18],"price-alerts-and-charts","https:\u002F\u002Fstocktech.org\u002F?page=public-user-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstocktech-alerts.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":21,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},"startflorin",1,30,84,"2026-04-05T17:25:21.535Z",[],{"attackSurface":33,"codeSignals":102,"taintFlows":146,"riskAssessment":147,"analyzedAt":156},{"hooks":34,"ajaxHandlers":95,"restRoutes":96,"shortcodes":97,"cronEvents":101,"entryPointCount":27,"unprotectedCount":11},[35,41,47,51,56,60,64,68,71,75,79,83,87,91],{"type":36,"name":37,"callback":38,"file":39,"line":40},"action","enqueue_block_editor_assets","stocktech_alerts_editor_assets","src\\init.php",28,{"type":42,"name":43,"callback":44,"priority":45,"file":39,"line":46},"filter","block_categories","closure",10,31,{"type":36,"name":48,"callback":49,"file":39,"line":50},"init","register_stocktech_alerts_api_blocks",64,{"type":36,"name":52,"callback":53,"file":54,"line":55},"admin_menu","stocktech_alerts_add_plugin_page","stocktech_alerts_plugin.php",55,{"type":36,"name":57,"callback":58,"file":54,"line":59},"admin_init","stocktech_alerts_page_init",56,{"type":36,"name":61,"callback":62,"file":54,"line":63},"admin_notices","stocktech_alerts_display_notice",57,{"type":36,"name":65,"callback":66,"file":54,"line":67},"admin_head","stocktech_alerts_stocktech_js",58,{"type":36,"name":65,"callback":69,"file":54,"line":70},"stocktech_alerts_charts_button",59,{"type":36,"name":72,"callback":73,"file":54,"line":74},"wp_print_scripts","enqueueStocktechAlertsAssets",388,{"type":36,"name":76,"callback":77,"priority":11,"file":54,"line":78},"wp_head","stocktech_referrer_header_metadata",402,{"type":42,"name":80,"callback":81,"file":54,"line":82},"mce_buttons","stocktech_alerts_register_button",657,{"type":42,"name":84,"callback":85,"file":54,"line":86},"mce_external_plugins","stocktech_alerts_add_plugin",663,{"type":36,"name":88,"callback":44,"file":89,"line":90},"widgets_init","stocktech_alerts_widget.php",122,{"type":36,"name":92,"callback":93,"file":89,"line":94},"admin_print_styles","stocktech_alerts_widget_admin_styles",126,[],[],[98],{"tag":4,"callback":99,"file":54,"line":100},"stocktech_alerts_func",390,[],{"dangerousFunctions":103,"sqlUsage":104,"outputEscaping":106,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":144,"bundledLibraries":145},[],{"prepared":11,"raw":11,"locations":105},[],{"escaped":107,"rawEcho":108,"locations":109},42,17,[110,113,115,116,118,120,122,124,126,128,130,132,134,136,138,140,142],{"file":54,"line":111,"context":112},673,"raw output",{"file":89,"line":114,"context":112},26,{"file":89,"line":50,"context":112},{"file":89,"line":117,"context":112},65,{"file":89,"line":119,"context":112},66,{"file":89,"line":121,"context":112},72,{"file":89,"line":123,"context":112},73,{"file":89,"line":125,"context":112},74,{"file":89,"line":127,"context":112},80,{"file":89,"line":129,"context":112},81,{"file":89,"line":131,"context":112},82,{"file":89,"line":133,"context":112},88,{"file":89,"line":135,"context":112},89,{"file":89,"line":137,"context":112},90,{"file":89,"line":139,"context":112},97,{"file":89,"line":141,"context":112},98,{"file":89,"line":143,"context":112},101,2,[],[],{"summary":148,"deductions":149},"The stocktech-alerts v1.0.1 plugin exhibits a generally strong security posture, particularly in its handling of database interactions and external requests. The complete absence of SQL queries that are not properly prepared, no file operations, and no external HTTP requests are excellent indicators of good security practices and a reduced attack surface. The plugin also has a clean vulnerability history with no recorded CVEs, suggesting a commitment to security by the developers or a lack of discovered vulnerabilities.\n\nHowever, there are areas that warrant attention. The static analysis reveals 59 total outputs with 71% properly escaped, meaning a significant portion (29%) of outputs are potentially unescaped. This could lead to cross-site scripting (XSS) vulnerabilities if user-controlled data is outputted without proper sanitization. Furthermore, the plugin lacks nonce checks entirely, which, while not directly tied to a specific entry point with a missing check in the provided data, is a fundamental security mechanism that should ideally be present for all sensitive actions or data processing.\n\nIn conclusion, the plugin demonstrates a good foundation with secure database and external communication practices and a clean history. The primary concerns revolve around potential XSS vulnerabilities due to incomplete output escaping and the absence of nonce checks, which represent opportunities for attackers to inject malicious scripts or exploit unintended actions. Addressing these areas would significantly enhance the plugin's overall security.",[150,153],{"reason":151,"points":152},"Unescaped output detected",8,{"reason":154,"points":155},"Missing nonce checks",7,"2026-03-17T06:25:57.341Z",{"wat":158,"direct":165},{"assetPaths":159,"generatorPatterns":161,"scriptPaths":162,"versionParams":163},[160],"\u002Fwp-content\u002Fplugins\u002Fstocktech-alerts\u002Fassets\u002Fstocktech-wp.css",[],[],[164],"stocktech-alerts\u002Fassets\u002Fstocktech-wp.css?ver=",{"cssClasses":166,"htmlComments":168,"htmlAttributes":169,"restEndpoints":170,"jsGlobals":171,"shortcodeOutput":172},[167],"stocktech_alerts_form",[],[],[],[],[]]