[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fISe9QJ6P6XJ98Jlr0oQyaKM_RGf83EBczZPPgnoSP5M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":110,"fingerprints":157},"strong-password-maker","Strong Password generator widget","1.0","vaibhav31gangrade","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaibhav31gangrade\u002F","\u003Cp>A Plugin for generating random pasword with numbers only ,characters only ,special characters only and with all of them together.\u003C\u002Fp>\n\u003Ch3>How to Use\u003C\u002Fh3>\n\u003Cp>After Installing visit widget section password generator widget will be visibled there just drag and drop and you are ready to use. .\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>It can run on any wordpress version.\u003C\u002Fp>\n","A Plugin for generating random pasword with numbers only ,characters only ,special characters only and with all of them together.",10,1114,100,5,"2025-09-27T05:04:00.000Z","6.8.5","4.6","5.2.4",[20,21,22],"password-generator","random-password-generator","strong-password-generator-widget","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstrong-password-maker.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},7,350,98,30,93,"2026-04-04T09:50:27.743Z",[37,56,75,92],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":25,"num_ratings":25,"last_updated":23,"tested_up_to":46,"requires_at_least":47,"requires_php":23,"tags":48,"homepage":53,"download_link":54,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":55},"wp-sheridan-password-generator","WP Sheridan Password Generator","1.02","sheridaninternet","https:\u002F\u002Fprofiles.wordpress.org\u002Fsheridaninternet\u002F","\u003Cp>This plugin allows you to embed a secure random password generator on any page using shortcodes. The\u003Cbr \u002F>\ngenerated passwords secure and difficult to guess.\u003C\u002Fp>\n","This plugin allows you to embed a secure random password generator on any page using shortcodes. The",1413,"3.5.2","3.4",[49,50,20,51,52],"generator","password","passwords","secure-random-password-generator","http:\u002F\u002Fwww.sheridaninternet.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sheridan-password-generator.zip","2026-03-15T10:48:56.248Z",{"slug":20,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":13,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":23,"tags":69,"homepage":72,"download_link":73,"security_score":74,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"Password Generator","1.7","Outerbridge","https:\u002F\u002Fprofiles.wordpress.org\u002Fouterbridge\u002F","\u003Cp>Password Generator is a plugin written by Outerbridge which adds a widget to WordPress which generates various length random passwords (with or without special characters).\u003C\u002Fp>\n","Password Generator is a plugin which adds a widget to WordPress which generates various length random passwords (with or without special characters).",90,4633,2,"2022-09-01T16:48:00.000Z","6.0.11","4.7",[20,70,71],"special-characters","strong-password","https:\u002F\u002Fouterbridge.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-generator.zip",85,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":11,"downloaded":83,"rating":25,"num_ratings":25,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":23,"tags":87,"homepage":90,"download_link":91,"security_score":74,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"lx-password-generator","LX Password Generator","1.0.2","lx6g","https:\u002F\u002Fprofiles.wordpress.org\u002Flx6g\u002F","\u003Cp>You can choose from upper and lower letters, digits and special characters to make your new hardcore passwords impossible to break.\u003Cbr \u002F>\nAnd yes, all the passwords are generated only within client’s browser session and are not saved anywhere on the server side,\u003Cbr \u002F>\nso it is absolutely safe to use in real world.\u003C\u002Fp>\n\u003Cp>You can also specify the following attributes to tune the form’s appearance:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>length=4..64\u003C\u002Fcode> specifies the default length of a password. Allowed values range from 4 to 64.  \u003C\u002Fli>\n\u003Cli>\u003Ccode>upper=1\u003C\u002Fcode> enables upper-case letters option. Activated by default.\u003C\u002Fli>\n\u003Cli>\u003Ccode>lower=1\u003C\u002Fcode> enables lower-case letters option. Activated by default.\u003C\u002Fli>\n\u003Cli>\u003Ccode>digits=1\u003C\u002Fcode> enables digits option. Activated by default.\u003C\u002Fli>\n\u003Cli>\u003Ccode>special=1\u003C\u002Fcode> enables special characters \u003Ccode>,.:;_=\u003C\u002Fcode> option. Disabled by default. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugin’s Official Site\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Flx6g.com\" rel=\"nofollow ugc\">Alex Granovsky Blog\u003C\u002Fa>\u003C\u002Fp>\n","LX Password Generator is simple yet nifty password generation form to be placed in any page or post you like.",2514,"2015-11-10T16:56:00.000Z","3.0.5","2.5",[49,88,50,20,89],"page","post","http:\u002F\u002Flx6g.com\u002F2011\u002F01\u002Fpassgen-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flx-password-generator.1.0.2.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":11,"downloaded":100,"rating":25,"num_ratings":25,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":104,"tags":105,"homepage":108,"download_link":109,"security_score":74,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"secure-password-generator","Secure Password Generator","1.0.1","oakcreekdev","https:\u002F\u002Fprofiles.wordpress.org\u002Foakcreekdev\u002F","\u003Cp>Secure Password Generator is a plugin written by Oak Creek Development that allows you to add a secure password generator to your WordPress website. Just place the shortcode: [secure_pw_gen][\u002Fsecure_pw_gen] on any page.\u003C\u002Fp>\n\u003Cp>This can be a great way to encourage your users within your organization to start using secure random passwords for everything. It is easy and convenient to keep a pinned tab open on your public or internal website.\u003C\u002Fp>\n","Adds a secure password generator to your WordPress website.",2575,"2023-03-04T05:30:00.000Z","6.1.10","5.1","7.1",[20,106,107,70,71],"secure-password","security","https:\u002F\u002Fwww.oakcreekdev.com\u002Ftools\u002Fsecure-password-generator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecure-password-generator.1.0.1.zip",{"attackSurface":111,"codeSignals":126,"taintFlows":145,"riskAssessment":146,"analyzedAt":156},{"hooks":112,"ajaxHandlers":122,"restRoutes":123,"shortcodes":124,"cronEvents":125,"entryPointCount":25,"unprotectedCount":25},[113,119],{"type":114,"name":115,"callback":116,"file":117,"line":118},"action","wp_enqueue_scripts","pgw_load_admin_js","password-generator-widget.php",20,{"type":114,"name":120,"callback":121,"file":117,"line":33},"widgets_init","pgw_register_password_generator",[],[],[],[],{"dangerousFunctions":127,"sqlUsage":128,"outputEscaping":130,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":144},[],{"prepared":25,"raw":25,"locations":129},[],{"escaped":131,"rawEcho":132,"locations":133},9,4,[134,138,140,142],{"file":135,"line":136,"context":137},"include\\password-generator-class.php",34,"raw output",{"file":135,"line":139,"context":137},37,{"file":135,"line":141,"context":137},83,{"file":135,"line":143,"context":137},237,[],[],{"summary":147,"deductions":148},"The \"strong-password-maker\" v1.0 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of dangerous functions, SQL queries not utilizing prepared statements, file operations, and external HTTP requests are all strong indicators of good development practices. Furthermore, the lack of any recorded vulnerabilities or CVEs suggests a history of secure code. The total lack of identified attack surface points (AJAX handlers, REST API routes, shortcodes, cron events) is exceptionally positive, meaning there are no obvious entry points for attackers to exploit.\n\nHowever, there are areas that warrant attention. The low percentage of properly escaped output (69%) presents a potential risk for cross-site scripting (XSS) vulnerabilities. While no direct flows were identified in the taint analysis, unescaped output can be a gateway for such attacks, especially if user-supplied data is not handled with sufficient care. The complete absence of nonce and capability checks is also a significant concern, as it implies that all actions, even if they were to exist, would be open to unauthorized execution. This, coupled with the zero-count for unprotected entry points, creates a somewhat contradictory picture, suggesting that while no entry points were *identified* as unprotected, the fundamental mechanisms for protection are missing.\n\nIn conclusion, the plugin's strengths lie in its clean code regarding dangerous functions and data handling (SQL, file operations, HTTP requests) and its historical lack of vulnerabilities. The main weaknesses stem from potential XSS risks due to insufficient output escaping and a fundamental lack of authentication and authorization checks, which, even in the absence of an identified attack surface, leaves the door open for future exploitation should any entry points be introduced or overlooked. A score of 100 is a starting point, and deductions will be made for the identified weaknesses.",[149,152,154],{"reason":150,"points":151},"Insufficient output escaping",6,{"reason":153,"points":14},"Missing nonce checks",{"reason":155,"points":14},"Missing capability checks","2026-03-17T00:20:33.533Z",{"wat":158,"direct":164},{"assetPaths":159,"generatorPatterns":161,"scriptPaths":162,"versionParams":163},[160],"\u002Fwp-content\u002Fplugins\u002Fstrong-password-maker\u002Fpg.png",[],[],[],{"cssClasses":165,"htmlComments":167,"htmlAttributes":169,"restEndpoints":177,"jsGlobals":178,"shortcodeOutput":187},[166],"form-group",[168],"\u003C!--form for password generator-->",[170,171,172,173,174,175,176],"id=\"generated_password\"","id=\"password_gen_div\"","id=\"length\"","id=\"select_para\"","onchange = \"return generate_pw(this.value,length);\"","onchange=\" return generate_pw(length);\"","onchange = \"return generate_pw();\"",[],[179,180,181,180,182,180,183,180,184,180,185,180,186,180],"var chars ='0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!@#$%%^&*()';","var random_password ='';","var chars ='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';","var chars ='1234567890';","var chars ='~`!@#$%^&*()_+=-';","var chars ='1234567890~`!@#$%^&*()_+=-';","var chars ='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890';","var chars ='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz~`!@#$%^&*()_+=-';",[]]