[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgfK_eT1grPgJIQCJLDsgQ-vMnFpDkPq2aZva1dtQDZQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":135,"crawl_stats":38,"alternatives":143,"analysis":252,"fingerprints":1366},"subscribe2","Subscribe2 – Form, Email Subscribers & Newsletters","10.45","weDevs","https:\u002F\u002Fprofiles.wordpress.org\u002Fwedevs\u002F","\u003Ch4>Summary\u003C\u002Fh4>\n\u003Cp>Subscribe2 provides a comprehensive subscription management and email notification system for WordPress blogs that sends email notifications to a list of subscribers when you publish new content to your blog.\u003C\u002Fp>\n\u003Cp>A full description of features is below.\u003C\u002Fp>\n\u003Ch4>Email\u003C\u002Fh4>\n\u003Cp>Email notifications can be sent on a per-post basis or periodically in a Digest email. Additionally, certain categories can be excluded from inclusion in the notification and posts can be excluded on an individual basis by setting a custom field.\u003C\u002Fp>\n\u003Ch4>Subscriptions\u003C\u002Fh4>\n\u003Cp>Subscription requests allows users to publicly subscribe (\u003Cstrong>Public Subscribers\u003C\u002Fstrong>) by submitting their email address in an easy to use form or to register with your blog (\u003Cstrong>Registered Users\u003C\u002Fstrong>) which enables greater flexibility over the email content for per-post notifications for the subscriber. Admins are given control over the presentation of the email notifications, can bulk manage subscriptions for users and manually send email notices to subscribers.\u003C\u002Fp>\n\u003Cp>The format of the email can also be customised for per-post notifications, Subscribe2 can generate emails for each of the following formats:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>plaintext excerpt.\u003C\u002Fli>\n\u003Cli>plaintext full post (Registered Users only).\u003C\u002Fli>\n\u003Cli>HTML excerpt (Registered Users only).\u003C\u002Fli>\n\u003Cli>HTML full post (Registered Users only).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you want to grow your subscriber lists, send automated campaigns to huge subscriber lists, you should upgrade to \u003Ca href=\"https:\u002F\u002Fgetwemail.io\" rel=\"nofollow ugc\">weMail\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>Subscribe2 uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements. Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n","Sends a list of subscribers an email notification when you publish new posts.",20000,2455236,70,115,"2025-12-29T06:11:00.000Z","6.9.4","4.0","5.4",[20,21,22,23,24],"email","notify","posts","subscribe","subscription","https:\u002F\u002Fgetwemail.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe2.10.45.zip",88,8,0,"2026-02-03 00:00:00","2026-03-15T15:16:48.613Z",[33,48,64,79,87,100,110,123],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2026-24944","subscribe2-missing-authorization","Subscribe2 \u003C= 10.44 - Missing Authorization","The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 10.44. This makes it possible for unauthenticated attackers to perform an unauthorized action.",null,"\u003C=10.44","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-02-09 21:41:47",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F38bf5451-5042-48ad-a189-699e1e7abf07?source=api-prod",7,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":38,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2024-11582","subscribe2-form-email-subscribers-newsletters-unauthenticated-stored-cross-site-scripting-via-ip-parameter","Subscribe2 – Form, Email Subscribers & Newsletters \u003C= 10.43 - Unauthenticated Stored Cross-Site Scripting via IP Parameter","The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ip parameter in all versions up to, and including, 10.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=10.43","10.44","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-02-18 15:02:03","2025-02-19 03:21:12",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F36777e39-be45-41f2-beca-2971e15b77cd?source=api-prod",1,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":40,"cvss_score":71,"cvss_vector":72,"vuln_type":73,"published_date":74,"updated_date":75,"references":76,"days_to_patch":78},"CVE-2023-3407","subscribe2-cross-site-request-forgery-2","Subscribe2 \u003C= 10.40 - Cross-Site Request Forgery","The Subscribe2 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 10.40. This is due to missing or incorrect nonce validation when sending test emails. This makes it possible for unauthenticated attackers to send test emails with custom content to users on sites running a vulnerable version of this plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=10.40","10.41",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2023-06-26 00:00:00","2024-01-22 19:56:02",[77],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F92b4d800-2895-4f7b-8b3b-ee6df75a7908?source=api-prod",211,{"id":80,"url_slug":81,"title":82,"description":83,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":40,"cvss_score":71,"cvss_vector":84,"vuln_type":43,"published_date":74,"updated_date":75,"references":85,"days_to_patch":78},"CVE-2023-1844","subscribe2-missing-authorization-2","Subscribe2 \u003C= 10.40 - Missing Authorization","The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachments to site users.","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N",[86],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc34ce601-5cf9-433f-bc9d-5c705eba6b08?source=api-prod",{"id":88,"url_slug":89,"title":90,"description":91,"plugin_slug":4,"theme_slug":38,"affected_versions":92,"patched_in_version":93,"severity":55,"cvss_score":94,"cvss_vector":95,"vuln_type":73,"published_date":96,"updated_date":75,"references":97,"days_to_patch":99},"CVE-2022-4309","subscribe2-cross-site-request-forgery","Subscribe2 \u003C= 10.37 - Cross-Site Request Forgery","The Subscribe2 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 10.37. This is due to missing or incorrect nonce validation on the process_bulk_action function. This makes it possible for unauthenticated attackers to delete users, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=10.37","10.38",7.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:H\u002FA:L","2022-12-22 00:00:00",[98],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0e43d6fc-28f1-4208-a529-f264304fe8aa?source=api-prod",397,{"id":101,"url_slug":102,"title":103,"description":104,"plugin_slug":4,"theme_slug":38,"affected_versions":92,"patched_in_version":93,"severity":40,"cvss_score":71,"cvss_vector":84,"vuln_type":43,"published_date":105,"updated_date":106,"references":107,"days_to_patch":109},"WF-84003388-c47c-41db-8d2d-4643aa375a89-subscribe2","appsero-missing-authorization-2","Appsero \u003C= 1.2.1 - Missing Authorization","The Appsero analytics tool used in several plugins is vulnerable to authorization bypass due to a missing capability check on the uninstall_reason_submission function used for feedback submission in versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function intended for administrator use.","2022-12-16 00:00:00","2024-11-13 15:47:37",[108],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F84003388-c47c-41db-8d2d-4643aa375a89?source=api-prod",699,{"id":111,"url_slug":112,"title":113,"description":114,"plugin_slug":4,"theme_slug":38,"affected_versions":115,"patched_in_version":116,"severity":40,"cvss_score":117,"cvss_vector":118,"vuln_type":58,"published_date":119,"updated_date":75,"references":120,"days_to_patch":122},"CVE-2014-6604","subscribe2-form-email-subscribers-newsletters-stored-cross-site-scripting","Subscribe2 – Form, Email Subscribers & Newsletters \u003C= 10.15 - Stored Cross-Site Scripting","The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REMOTE_ADDR  value in versions up to, and including, 10.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with subscriber, or higher privileges access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C10.16","10.16",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2014-10-01 00:00:00",[121],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7202c0f7-cde7-4588-95f4-367d91f2eb67?source=api-prod",3401,{"id":124,"url_slug":125,"title":126,"description":127,"plugin_slug":4,"theme_slug":38,"affected_versions":128,"patched_in_version":129,"severity":55,"cvss_score":94,"cvss_vector":130,"vuln_type":58,"published_date":131,"updated_date":75,"references":132,"days_to_patch":134},"WF-10a54a3b-db6d-45c5-9280-7042ccc17ccd-subscribe2","subscribe2-form-email-subscribers-newsletters-multiple-cross-site-scripting","Subscribe2 – Form, Email Subscribers & Newsletters \u003C 8.1 - Multiple Cross-Site Scripting","The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to Multiple Cross-Site Scripting via several parameters in versions before 8.1 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.","\u003C8.1","8.1","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:L","2014-08-01 00:00:00",[133],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F10a54a3b-db6d-45c5-9280-7042ccc17ccd?source=api-prod",3462,{"slug":136,"display_name":7,"profile_url":8,"plugin_count":137,"total_installs":138,"avg_security_score":139,"avg_patch_time_days":140,"trust_score":141,"computed_at":142},"wedevs",20,113360,91,366,73,"2026-04-04T04:17:03.420Z",[144,165,187,204,231],{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":137,"downloaded":152,"rating":153,"num_ratings":154,"last_updated":155,"tested_up_to":156,"requires_at_least":157,"requires_php":158,"tags":159,"homepage":162,"download_link":163,"security_score":164,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"subscribr","Subscribr","0.1.9.1","Mindshare Labs, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fmindshare\u002F","\u003Cp>Allows WordPress users to subscribe to email notifications for new posts, pages, and custom types, filterable by taxonomies. The plugin supports tons of actions and filters too! More documentation will be coming soon.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>We are now working on a major rewrite of this plugin which will allow us to more rapidly roll out new features. Stay tuned for version 0.2.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>send mail as plain text or HTML (by user preference)\u003C\u002Fli>\n\u003Cli>integrated email template editor\u003C\u002Fli>\n\u003Cli>option to use PHP template instead of integrated template editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upcoming Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>option to separate different taxonomies on profile update\u003C\u002Fli>\n\u003Cli>widget\u003C\u002Fli>\n\u003Cli>option to post notifications for update as well as new posts\u003C\u002Fli>\n\u003Cli>html\u002Fplain text options\u003C\u002Fli>\n\u003Cli>scheduling options \u002F digest mode\u003C\u002Fli>\n\u003Cli>analytics options\u003C\u002Fli>\n\u003Cli>minimum role option for notifications\u003C\u002Fli>\n\u003Cli>double opt-in\u003C\u002Fli>\n\u003Cli>SMS text messages\u003C\u002Fli>\n\u003Cli>integration with 3rd-party SMTP servers and\u002For advanced SMTP settings\u003C\u002Fli>\n\u003Cli>integration with MailChimp\u002FMandrill\u003C\u002Fli>\n\u003Cli>integration with Constant Contact\u003C\u002Fli>\n\u003Cli>integration with Aweber\u003C\u002Fli>\n\u003Cli>notification on site (like Facebook)\u003C\u002Fli>\n\u003Cli>subscriber management to settings\u003C\u002Fli>\n\u003Cli>CSV subscriber export\u003C\u002Fli>\n\u003Cli>list management for Roles, use-case wholesale \u002F retail\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support development with a donation and let us know what features are most important to you!\u003C\u002Fp>\n","Allows WordPress users to subscribe to notifications for new posts, pages, and custom types, filterable by taxonomies.",6372,96,5,"2015-08-10T15:33:00.000Z","4.3.34","3.8","",[20,160,21,23,161],"notifications","subscriptions","https:\u002F\u002Fmindsharelabs.com\u002Fdownloads\u002Fsubscribr\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribr.0.1.9.1.zip",85,{"slug":166,"name":167,"version":168,"author":169,"author_profile":170,"description":171,"short_description":172,"active_installs":173,"downloaded":174,"rating":175,"num_ratings":28,"last_updated":176,"tested_up_to":16,"requires_at_least":177,"requires_php":178,"tags":179,"homepage":185,"download_link":186,"security_score":173,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"comments-subscribe-checkbox","Subscribe To Comments Checkbox","1.2.6","yydevelopment","https:\u002F\u002Fprofiles.wordpress.org\u002Fyydevelopment\u002F","\u003Cp>The subscribe to comments checkbox is a simple plugin that will allow you to add subscribe checkbox message below comments on your website and it will also send automatic email when the comment get replied.\u003C\u002Fp>\n\u003Cp>To add the comment email subscribe notification message all you need to do is to activate the plugin and it will be added automatically.\u003C\u002Fp>\n\u003Cp>The plugin also allow you to see under the “comments” section in wordpress admin panel all the user that subscribed to the comment reply in your blog posts & pages and you will be able to see who get mail and who didn’t.\u003C\u002Fp>\n\u003Ch4>Comments Subscribe Checkbox Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Comment subscribe notification message below the comment box\u003C\u002Fli>\n\u003Cli>Comments users management system\u003C\u002Fli>\n\u003Cli>Automatic email message that will be send to every user who subscribed to the comment\u003C\u002Fli>\n\u003Cli>The ability to unsubscribe from getting new comments on the site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available languages:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Hebrew (only frontend code)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the author & license\u003C\u002Fh4>\n\u003Cp>This plugin was brought to you for free by \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002F\" rel=\"nofollow ugc\">YYDevelopment\u003C\u002Fa> under GPLv2 license.\u003C\u002Fp>\n\u003Cp>The plugin is 100% free and we intend to keep it that way in the future as well. You are free to use this plugin and all our other \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F\" rel=\"nofollow ugc\">free wordpress plugins\u003C\u002Fa> for your projects, your client’s projects or for anything else you need.\u003C\u002Fp>\n\u003Cp>If this plugin was helpful for you please share it online and if you get a chance to give it a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomments-subscribe-checkbox\u002F#reviews\" rel=\"ugc\">positive review\u003C\u002Fa> we will appreciate that.\u003C\u002Fp>\n\u003Cp>If have any problems or questions regarding our comments subscribe checkbox plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomments-subscribe-checkbox\u002F\" rel=\"ugc\">submit a ticket\u003C\u002Fa> and we will be happy to help.\u003C\u002Fp>\n\u003Cp>By the way, we are based in Israel so we welcome you to visit our Hebrew site as well \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.co.il\u002F\" rel=\"nofollow ugc\">YYDevelopment Israel\u003C\u002Fa> if you are fellow Israeli.\u003C\u002Fp>\n\u003Ch4>Help support us with a coffee donation\u003C\u002Fh4>\n\u003Cp>Don’t you just hate it when you download a plugin and you find out that in order to use it you have to buy a pro version?\u003C\u002Fp>\n\u003Cp>Even bigger problem is when you use a plugin and then just out of the blue the developer decides to add a pro version and he either changes the way the plugin works or he converts some of the free functions to paid ones.\u003C\u002Fp>\n\u003Cp>We sure did hate that and a few years back we decided to start creating some of the plugins ourselves and we decided to share them all with the WordPress community \u003Cstrong>100% FREE\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Nowadays we have more than 15 plugins and you can download and use them all for free by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch\u002Fyydevelopment\u002F\" rel=\"ugc\">Clicking Here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you liked this plugin and you want to help support our cause, \u003Ca href=\"https:\u002F\u002Fwww.yydevelopment.com\u002Fcoffee-break\u002F?plugin=comments-subscribe-checkbox\" rel=\"nofollow ugc\">buy us a coffee\u003C\u002Fa>. Studies show that coffee helps with creating WordPress plugins.\u003C\u002Fp>\n","This plugin will allow you to add subscribe notification checkbox to comments on your site.",100,4550,98,"2025-12-10T03:51:00.000Z","5.0","5.2.4",[180,181,182,183,184],"comments-checkbox","comments-subscribe","notification-subscription","subscribe-email","subscribe-to-comments","https:\u002F\u002Fwww.yydevelopment.com\u002Fyydevelopment-wordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-subscribe-checkbox.1.2.6.zip",{"slug":188,"name":189,"version":190,"author":191,"author_profile":192,"description":193,"short_description":194,"active_installs":173,"downloaded":195,"rating":173,"num_ratings":154,"last_updated":196,"tested_up_to":197,"requires_at_least":198,"requires_php":158,"tags":199,"homepage":202,"download_link":203,"security_score":164,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"new-post-notification","New Post Notification","1.0.10","kilozwo","https:\u002F\u002Fprofiles.wordpress.org\u002Fkilozwo\u002F","\u003Cp>Simply notifies registered users if a new post has been published. If you use the User-Access-Manager (UAM) Plugin by GM_Alex, users will only be notified if they have access to the post. Notifies the admin if a user changes his subscription status. There is zero configuration. Available in English, German, French and Japan.\u003C\u002Fp>\n\u003Cp>The subscription to new posts is activated to new users by default. Based on the post category, users are able to choose which notifications they would like to receive. They can also deactivate all notifications.\u003C\u002Fp>\n","Simply notifies users if a new post has been published. This can also be used as an addon for User-Access-Manager. Users will only be notified if they &hellip;",12820,"2014-11-23T13:32:00.000Z","4.0.38","3.0.1",[20,200,22,24,201],"notification","user-access-manager","http:\u002F\u002Fkilozwo.de\u002Fwordpress-new-post-notification-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnew-post-notification.1.0.10.zip",{"slug":205,"name":206,"version":207,"author":208,"author_profile":209,"description":210,"short_description":211,"active_installs":212,"downloaded":213,"rating":214,"num_ratings":215,"last_updated":216,"tested_up_to":217,"requires_at_least":218,"requires_php":219,"tags":220,"homepage":226,"download_link":227,"security_score":228,"vuln_count":229,"unpatched_count":29,"last_vuln_date":230,"fetched_at":31},"email-subscription-with-secure-captcha","Easy Email Subscription","1.3.1","Yudiz Solutions Ltd.","https:\u002F\u002Fprofiles.wordpress.org\u002Fyudiz\u002F","\u003Cp>This Plugin allows widget drag n drop form with captcha to display in sidebars.You can also use shortcode to display form anywhere in the template or pages or post.\u003C\u002Fp>\n","Easy Email Subscription form with secured captcha.",30,5198,60,2,"2025-11-03T04:21:00.000Z","6.8.5","3.6.1","5.6",[221,222,223,224,225],"captcha","email-subscribers","email-subscription","email-subscription-with-captcha","simple-email-subscription","https:\u002F\u002Fwww.yudiz.com\u002Fwordpress-plugin-support\u002F?plugin=Easy%20Email%20Subscription","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-subscription-with-secure-captcha.1.3.1.zip",95,3,"2025-11-11 21:45:38",{"slug":232,"name":233,"version":234,"author":235,"author_profile":236,"description":237,"short_description":238,"active_installs":239,"downloaded":240,"rating":29,"num_ratings":29,"last_updated":241,"tested_up_to":242,"requires_at_least":243,"requires_php":158,"tags":244,"homepage":250,"download_link":251,"security_score":164,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"adbase-ai-popup-growth","SendSquared – Email Marketing, Lead Generation, Popup & Post Emailer","1.0.12","Nicolas Wegener","https:\u002F\u002Fprofiles.wordpress.org\u002Fadbaseai\u002F","\u003Cp>Gaining new subscribers should be easy!\u003C\u002Fp>\n\u003Cp>Create good looking popups, design a striking newsletter template, and so much more with SendSquared. With this plugin, you can add SendSquared’s popup system and install newsletter signup forms.  You can also now send your new posts to your subscribers automatically. The tools can be connected to automations, triggers, email and SMS messages, along with the rest of the SendSquared platform.\u003C\u002Fp>\n\u003Cp>\u003Cem>Don’t Waste Time\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Most companies on average are using more than 12 different tools to manage campaigns and their data. That means you are jumping back and forth just to figure out what everything means and how to use it. SendSquared is here to help you simplify your approach and offer better data so you can market the right way.\u003C\u002Fp>\n\u003Cp>\u003Cem>Convert your website traffic\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Consumers researching your website want to give you their cell phone number and email address, but far too many companies don’t even ask.\u003C\u002Fp>\n\u003Cp>Some (not all) Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Install popup conversion windows.\u003C\u002Fli>\n\u003Cli>Replace the default WordPress Mailer.\u003C\u002Fli>\n\u003Cli>Email your blog posts to your subscribers automatically.\u003C\u002Fli>\n\u003Cli>Connect with your SendSquared account in minutes.\u003C\u002Fli>\n\u003Cli>Seamless integration between your WordPress site and SendSquared.\u003C\u002Fli>\n\u003Cli>A multitude of add-ons and automation\u003C\u002Fli>\n\u003Cli>Easy to manages contact groups\u003C\u002Fli>\n\u003Cli>Easy to use templates\u003C\u002Fli>\n\u003C\u002Ful>\n","Enables you to install popups, email posts, install subscribe forms and lightweight analytics.  The design and data focused email marketing platform.",10,1443,"2021-09-20T04:31:00.000Z","5.9.13","4.6",[245,246,247,248,249],"contact","contact-form","email-newsletter","email-posts","subscription-box","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadbase-ai-popup-growth\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadbase-ai-popup-growth.zip",{"attackSurface":253,"codeSignals":571,"taintFlows":1262,"riskAssessment":1352,"analyzedAt":1365},{"hooks":254,"ajaxHandlers":532,"restRoutes":545,"shortcodes":563,"cronEvents":567,"entryPointCount":47,"unprotectedCount":215},[255,261,264,268,274,278,282,287,291,294,299,302,304,306,311,314,319,322,325,328,332,336,340,343,347,350,354,358,362,366,370,374,378,382,385,389,392,396,400,403,406,410,413,417,420,423,426,429,432,436,439,443,446,450,454,458,462,466,470,474,476,480,483,487,492,495,500,504,508,510,513,516,520,524,527],{"type":256,"name":257,"callback":258,"file":259,"line":260},"action","admin_notices","admin_notice","classes\\class-mo-admin-notice.php",14,{"type":256,"name":262,"callback":258,"file":259,"line":263},"network_admin_notices",15,{"type":256,"name":265,"callback":266,"file":259,"line":267},"admin_init","dismiss_admin_notice",17,{"type":269,"name":270,"callback":271,"priority":239,"file":272,"line":273},"filter","plugin_row_meta","plugin_links","classes\\class-s2-admin.php",35,{"type":269,"name":275,"callback":276,"file":272,"line":277},"mce_external_plugins","mce_plugin",394,{"type":269,"name":279,"callback":280,"file":272,"line":281},"mce_buttons","mce_button",395,{"type":269,"name":283,"callback":284,"priority":63,"file":285,"line":286},"s2_ajax_form","s2_ajax_form_class","classes\\class-s2-ajax.php",18,{"type":269,"name":288,"callback":289,"file":285,"line":290},"safe_style_css","s2_safe_css",19,{"type":256,"name":292,"callback":293,"file":285,"line":212},"wp_enqueue_scripts","add_ajax",{"type":256,"name":295,"callback":296,"file":297,"line":298},"init","register_s2_meta","classes\\class-s2-block-editor.php",16,{"type":256,"name":300,"callback":301,"file":297,"line":267},"rest_api_init","register_preview_endpoint",{"type":256,"name":300,"callback":303,"file":297,"line":286},"register_resend_endpoint",{"type":256,"name":300,"callback":305,"file":297,"line":290},"register_settings_endpoint",{"type":256,"name":307,"callback":308,"priority":309,"file":297,"line":310},"enqueue_block_editor_assets","gutenberg_block_editor_assets",6,22,{"type":256,"name":307,"callback":312,"priority":309,"file":297,"line":313},"gutenberg_i18n",23,{"type":269,"name":315,"callback":316,"file":317,"line":318},"wp_mail_content_type","html_email","classes\\class-s2-core.php",217,{"type":269,"name":315,"callback":320,"file":317,"line":321},"plain_email",228,{"type":256,"name":295,"callback":323,"file":317,"line":324},"wpmu_subscribe",2191,{"type":256,"name":295,"callback":326,"file":317,"line":327},"load_translations",2196,{"type":256,"name":329,"callback":330,"file":317,"line":331},"shutdown","upgrade",2226,{"type":269,"name":333,"callback":334,"priority":137,"file":317,"line":335},"cron_schedules","add_weekly_sched",2230,{"type":256,"name":337,"callback":338,"file":317,"line":339},"wpmu_activate_user","wpmu_add_user",2234,{"type":256,"name":341,"callback":338,"priority":239,"file":317,"line":342},"add_user_to_blog",2235,{"type":256,"name":344,"callback":345,"priority":239,"file":317,"line":346},"remove_user_from_blog","wpmu_remove_user",2236,{"type":256,"name":348,"callback":348,"file":317,"line":349},"register_form",2238,{"type":256,"name":351,"callback":352,"file":317,"line":353},"user_register","register_post",2239,{"type":256,"name":355,"callback":356,"file":317,"line":357},"s2_digest_cron","subscribe2_cron",2244,{"type":256,"name":359,"callback":360,"priority":239,"file":317,"line":361},"transition_post_status","digest_post_transitions",2245,{"type":269,"name":363,"callback":364,"file":317,"line":365},"jetpack_get_available_modules","s2_hide_jetpack_comments",2262,{"type":269,"name":367,"callback":368,"file":317,"line":369},"comment_form_submit_field","s2_comment_meta_form",2263,{"type":256,"name":371,"callback":372,"priority":63,"file":317,"line":373},"comment_post","s2_comment_meta",2264,{"type":256,"name":375,"callback":376,"file":317,"line":377},"wp_set_comment_status","comment_status",2265,{"type":256,"name":379,"callback":380,"file":317,"line":381},"widgets_init","subscribe2_widget",2270,{"type":256,"name":379,"callback":383,"file":317,"line":384},"counter_widget",2275,{"type":256,"name":386,"callback":387,"file":317,"line":388},"wp_scheduled_delete","s2cleaner_task",2280,{"type":256,"name":390,"callback":390,"file":317,"line":391},"admin_menu",2315,{"type":256,"name":393,"callback":394,"priority":239,"file":317,"line":395},"add_meta_boxes","s2_meta_init",2316,{"type":256,"name":397,"callback":398,"file":317,"line":399},"save_post","s2_meta_handler",2317,{"type":256,"name":397,"callback":401,"file":317,"line":402},"s2_preview_handler",2318,{"type":256,"name":397,"callback":404,"file":317,"line":405},"s2_resend_handler",2319,{"type":256,"name":407,"callback":408,"file":317,"line":409},"create_category","new_category",2320,{"type":256,"name":411,"callback":411,"file":317,"line":412},"delete_category",2321,{"type":269,"name":414,"callback":415,"file":317,"line":416},"ozh_adminmenu_icon_s2","ozh_s2_icon",2325,{"type":269,"name":418,"callback":415,"file":317,"line":419},"ozh_adminmenu_icon_s2_posts",2326,{"type":269,"name":421,"callback":415,"file":317,"line":422},"ozh_adminmenu_icon_s2_tools",2327,{"type":269,"name":424,"callback":415,"file":317,"line":425},"ozh_adminmenu_icon_s2_settings",2328,{"type":256,"name":265,"callback":427,"file":317,"line":428},"button_init",2333,{"type":256,"name":265,"callback":430,"file":317,"line":431},"widget_s2counter_css_and_js",2338,{"type":256,"name":433,"callback":434,"file":317,"line":435},"show_user_profile","one_click_profile_form",2343,{"type":256,"name":437,"callback":434,"file":317,"line":438},"edit_user_profile",2344,{"type":256,"name":440,"callback":441,"file":317,"line":442},"personal_options_update","one_click_profile_form_save",2345,{"type":256,"name":444,"callback":441,"file":317,"line":445},"edit_user_profile_update",2346,{"type":256,"name":447,"callback":448,"file":317,"line":449},"s2_digest_preview","digest_preview",2350,{"type":256,"name":451,"callback":452,"file":317,"line":453},"s2_digest_resend","digest_resend",2351,{"type":269,"name":455,"callback":456,"priority":239,"file":317,"line":457},"set-screen-option","subscribers_set_screen_option",2357,{"type":256,"name":459,"callback":460,"file":317,"line":461},"wp","load_strings",2392,{"type":269,"name":463,"callback":464,"file":317,"line":465},"request","query_filter",2396,{"type":269,"name":467,"callback":468,"file":317,"line":469},"the_title","title_filter",2397,{"type":269,"name":471,"callback":472,"file":317,"line":473},"the_content","confirm",2398,{"type":269,"name":471,"callback":269,"priority":239,"file":317,"line":475},2402,{"type":256,"name":477,"callback":478,"priority":29,"file":317,"line":479},"wp_meta","add_minimeta",2406,{"type":256,"name":292,"callback":481,"priority":239,"file":317,"line":482},"js_ip_script",2411,{"type":256,"name":484,"callback":485,"priority":137,"file":317,"line":486},"wp_footer","js_ip_library_script",2412,{"type":256,"name":488,"callback":489,"file":490,"line":491},"s2_subscription_submit","s2_your_subscription_submit","classes\\class-s2-forms.php",21,{"type":256,"name":493,"callback":494,"priority":239,"file":490,"line":310},"s2_subscription_form","s2_your_subscription_form",{"type":256,"name":496,"callback":497,"file":498,"line":499},"switch_theme","deactivation_cleanup","include\\appsero\\src\\Insights.php",140,{"type":256,"name":496,"callback":501,"priority":502,"file":498,"line":503},"theme_deactivated",12,141,{"type":256,"name":505,"callback":506,"file":498,"line":507},"admin_footer","deactivate_scripts",158,{"type":256,"name":257,"callback":258,"file":498,"line":509},175,{"type":256,"name":265,"callback":511,"file":498,"line":512},"handle_optin_optout",178,{"type":269,"name":333,"callback":514,"file":498,"line":515},"add_weekly_schedule",184,{"type":256,"name":390,"callback":390,"priority":517,"file":518,"line":519},99,"include\\appsero\\src\\License.php",219,{"type":256,"name":521,"callback":522,"file":518,"line":523},"after_switch_theme","schedule_cron_event",787,{"type":256,"name":496,"callback":525,"file":518,"line":526},"clear_scheduler",788,{"type":256,"name":528,"callback":529,"file":530,"line":531},"plugins_loaded","s2init","subscribe2.php",82,[533,538,541],{"action":534,"nopriv":535,"callback":536,"hasNonce":537,"hasCapCheck":537,"file":285,"line":298},"subscribe2_form",true,"s2_ajax_form_handler",false,{"action":539,"nopriv":535,"callback":540,"hasNonce":535,"hasCapCheck":537,"file":285,"line":267},"subscribe2_submit","s2_ajax_submit_handler",{"action":542,"nopriv":537,"callback":543,"hasNonce":537,"hasCapCheck":537,"file":317,"line":544},"s2_dismiss_notice","s2_dismiss_notice_handler",2354,[546,554,558],{"namespace":547,"route":548,"methods":549,"callback":551,"permissionCallback":552,"file":297,"line":553},"s2\u002Fv1","\u002Fpreview\u002F(?P\u003Cid>[0-9]+)",[550],"GET","preview","closure",49,{"namespace":547,"route":555,"methods":556,"callback":557,"permissionCallback":552,"file":297,"line":141},"\u002Fresend\u002F(?P\u003Cid>[0-9]+)",[550],"resend",{"namespace":547,"route":559,"methods":560,"callback":561,"permissionCallback":552,"file":297,"line":562},"\u002Fsettings\u002F(?P\u003Csetting>[a-z0-9_]+)",[550],"setting",97,[564],{"tag":4,"callback":565,"file":317,"line":566},"widget_shortcode",2416,[568],{"hook":355,"callback":355,"file":569,"line":570},"admin\\settings.php",117,{"dangerousFunctions":572,"sqlUsage":573,"outputEscaping":669,"fileOperations":29,"externalRequests":1256,"nonceChecks":1257,"capabilityChecks":137,"bundledLibraries":1258},[],{"prepared":574,"raw":575,"locations":576},89,42,[577,580,583,585,587,589,591,593,595,598,600,602,604,606,608,610,612,614,616,618,620,622,624,627,630,633,636,638,640,642,644,646,649,651,653,655,658,660,661,663,665,667],{"file":569,"line":578,"context":579},137,"$wpdb->get_var() with variable interpolation",{"file":272,"line":581,"context":582},629,"$wpdb->get_results() with variable interpolation",{"file":272,"line":584,"context":582},655,{"file":272,"line":586,"context":582},681,{"file":272,"line":588,"context":579},813,{"file":272,"line":590,"context":579},814,{"file":272,"line":592,"context":579},825,{"file":272,"line":594,"context":579},827,{"file":272,"line":596,"context":597},1121,"$wpdb->get_col() with variable interpolation",{"file":272,"line":599,"context":597},1163,{"file":272,"line":601,"context":597},1205,{"file":272,"line":603,"context":597},1229,{"file":317,"line":605,"context":597},907,{"file":317,"line":607,"context":597},911,{"file":317,"line":609,"context":597},1142,{"file":317,"line":611,"context":582},1147,{"file":317,"line":613,"context":597},1152,{"file":317,"line":615,"context":597},1159,{"file":317,"line":617,"context":582},1164,{"file":317,"line":619,"context":597},1169,{"file":317,"line":621,"context":582},1261,{"file":317,"line":623,"context":597},1263,{"file":625,"line":626,"context":579},"classes\\class-s2-frontend.php",65,{"file":628,"line":629,"context":597},"classes\\class-s2-multisite.php",181,{"file":631,"line":632,"context":597},"classes\\class-s2-uninstall.php",33,{"file":631,"line":634,"context":635},61,"$wpdb->query() with variable interpolation",{"file":631,"line":637,"context":635},62,{"file":631,"line":639,"context":635},63,{"file":631,"line":641,"context":635},64,{"file":631,"line":643,"context":635},66,{"file":631,"line":645,"context":635},69,{"file":647,"line":648,"context":597},"classes\\class-s2-upgrade.php",252,{"file":647,"line":650,"context":597},462,{"file":647,"line":652,"context":635},553,{"file":647,"line":654,"context":635},574,{"file":656,"line":657,"context":597},"uninstall.php",25,{"file":656,"line":659,"context":635},48,{"file":656,"line":553,"context":635},{"file":656,"line":662,"context":635},50,{"file":656,"line":664,"context":635},51,{"file":656,"line":666,"context":635},53,{"file":656,"line":668,"context":635},56,{"escaped":670,"rawEcho":671,"locations":672},408,312,[673,677,679,681,682,684,686,688,689,691,693,695,697,699,700,702,704,706,708,710,712,714,716,718,720,722,724,726,728,730,732,734,736,738,740,742,744,746,748,750,752,754,756,758,760,762,764,766,768,770,772,774,776,778,780,782,784,786,788,790,792,794,796,798,800,802,804,806,808,810,812,814,816,818,820,822,824,826,828,830,832,834,836,838,840,842,844,846,848,850,852,854,856,858,860,862,864,866,868,870,872,874,876,878,880,882,884,886,888,890,892,894,896,898,900,902,904,906,908,910,912,914,916,918,920,922,924,926,928,930,932,934,936,938,940,942,944,946,948,950,952,954,956,958,960,962,964,966,968,970,972,974,976,978,980,982,984,986,988,990,992,994,996,998,1001,1003,1004,1006,1007,1009,1011,1013,1015,1016,1017,1019,1021,1023,1024,1025,1026,1027,1029,1031,1033,1035,1037,1039,1041,1043,1045,1046,1047,1049,1051,1053,1055,1057,1059,1061,1063,1065,1068,1070,1071,1073,1075,1077,1079,1081,1083,1085,1087,1089,1091,1093,1095,1097,1099,1101,1103,1105,1107,1109,1110,1112,1114,1116,1118,1120,1121,1123,1125,1127,1129,1131,1132,1134,1135,1136,1138,1139,1141,1143,1145,1147,1149,1151,1153,1155,1157,1159,1161,1163,1165,1167,1168,1170,1172,1174,1176,1178,1179,1180,1181,1183,1185,1186,1187,1189,1191,1192,1193,1195,1196,1198,1200,1202,1204,1205,1206,1207,1208,1210,1212,1213,1215,1216,1217,1218,1219,1220,1222,1224,1226,1227,1228,1229,1231,1233,1235,1238,1239,1240,1242,1244,1246,1247,1248,1250,1252,1254],{"file":674,"line":675,"context":676},"admin\\send-email.php",114,"raw output",{"file":674,"line":678,"context":676},126,{"file":674,"line":680,"context":676},131,{"file":569,"line":310,"context":676},{"file":569,"line":683,"context":676},36,{"file":569,"line":685,"context":676},41,{"file":569,"line":687,"context":676},43,{"file":569,"line":680,"context":676},{"file":569,"line":690,"context":676},139,{"file":569,"line":692,"context":676},150,{"file":569,"line":694,"context":676},202,{"file":569,"line":696,"context":676},248,{"file":569,"line":698,"context":676},251,{"file":569,"line":648,"context":676},{"file":569,"line":701,"context":676},254,{"file":569,"line":703,"context":676},255,{"file":569,"line":705,"context":676},256,{"file":569,"line":707,"context":676},257,{"file":569,"line":709,"context":676},258,{"file":569,"line":711,"context":676},259,{"file":569,"line":713,"context":676},260,{"file":569,"line":715,"context":676},261,{"file":569,"line":717,"context":676},262,{"file":569,"line":719,"context":676},264,{"file":569,"line":721,"context":676},265,{"file":569,"line":723,"context":676},266,{"file":569,"line":725,"context":676},267,{"file":569,"line":727,"context":676},268,{"file":569,"line":729,"context":676},270,{"file":569,"line":731,"context":676},271,{"file":569,"line":733,"context":676},272,{"file":569,"line":735,"context":676},273,{"file":569,"line":737,"context":676},274,{"file":569,"line":739,"context":676},278,{"file":569,"line":741,"context":676},282,{"file":569,"line":743,"context":676},283,{"file":569,"line":745,"context":676},284,{"file":569,"line":747,"context":676},285,{"file":569,"line":749,"context":676},286,{"file":569,"line":751,"context":676},287,{"file":569,"line":753,"context":676},288,{"file":569,"line":755,"context":676},289,{"file":569,"line":757,"context":676},290,{"file":569,"line":759,"context":676},291,{"file":569,"line":761,"context":676},294,{"file":569,"line":763,"context":676},295,{"file":569,"line":765,"context":676},296,{"file":569,"line":767,"context":676},297,{"file":569,"line":769,"context":676},298,{"file":569,"line":771,"context":676},301,{"file":569,"line":773,"context":676},309,{"file":569,"line":775,"context":676},314,{"file":569,"line":777,"context":676},315,{"file":569,"line":779,"context":676},316,{"file":569,"line":781,"context":676},317,{"file":569,"line":783,"context":676},318,{"file":569,"line":785,"context":676},321,{"file":569,"line":787,"context":676},323,{"file":569,"line":789,"context":676},334,{"file":569,"line":791,"context":676},335,{"file":569,"line":793,"context":676},340,{"file":569,"line":795,"context":676},341,{"file":569,"line":797,"context":676},343,{"file":569,"line":799,"context":676},354,{"file":569,"line":801,"context":676},358,{"file":569,"line":803,"context":676},359,{"file":569,"line":805,"context":676},360,{"file":569,"line":807,"context":676},368,{"file":569,"line":809,"context":676},369,{"file":569,"line":811,"context":676},373,{"file":569,"line":813,"context":676},377,{"file":569,"line":815,"context":676},378,{"file":569,"line":817,"context":676},382,{"file":569,"line":819,"context":676},383,{"file":569,"line":821,"context":676},399,{"file":569,"line":823,"context":676},401,{"file":569,"line":825,"context":676},410,{"file":569,"line":827,"context":676},412,{"file":569,"line":829,"context":676},417,{"file":569,"line":831,"context":676},418,{"file":569,"line":833,"context":676},426,{"file":569,"line":835,"context":676},428,{"file":569,"line":837,"context":676},438,{"file":569,"line":839,"context":676},440,{"file":569,"line":841,"context":676},446,{"file":569,"line":843,"context":676},447,{"file":569,"line":845,"context":676},450,{"file":569,"line":847,"context":676},451,{"file":569,"line":849,"context":676},452,{"file":569,"line":851,"context":676},453,{"file":569,"line":853,"context":676},454,{"file":569,"line":855,"context":676},455,{"file":569,"line":857,"context":676},456,{"file":569,"line":859,"context":676},457,{"file":569,"line":861,"context":676},458,{"file":569,"line":863,"context":676},464,{"file":569,"line":865,"context":676},465,{"file":569,"line":867,"context":676},466,{"file":569,"line":869,"context":676},467,{"file":569,"line":871,"context":676},468,{"file":569,"line":873,"context":676},471,{"file":569,"line":875,"context":676},472,{"file":569,"line":877,"context":676},473,{"file":569,"line":879,"context":676},474,{"file":569,"line":881,"context":676},475,{"file":569,"line":883,"context":676},476,{"file":569,"line":885,"context":676},477,{"file":569,"line":887,"context":676},478,{"file":569,"line":889,"context":676},479,{"file":569,"line":891,"context":676},480,{"file":569,"line":893,"context":676},481,{"file":569,"line":895,"context":676},482,{"file":569,"line":897,"context":676},483,{"file":569,"line":899,"context":676},484,{"file":569,"line":901,"context":676},485,{"file":569,"line":903,"context":676},486,{"file":569,"line":905,"context":676},492,{"file":569,"line":907,"context":676},493,{"file":569,"line":909,"context":676},494,{"file":569,"line":911,"context":676},495,{"file":569,"line":913,"context":676},496,{"file":569,"line":915,"context":676},501,{"file":569,"line":917,"context":676},502,{"file":569,"line":919,"context":676},503,{"file":569,"line":921,"context":676},504,{"file":569,"line":923,"context":676},505,{"file":569,"line":925,"context":676},506,{"file":569,"line":927,"context":676},507,{"file":569,"line":929,"context":676},513,{"file":569,"line":931,"context":676},514,{"file":569,"line":933,"context":676},515,{"file":569,"line":935,"context":676},516,{"file":569,"line":937,"context":676},517,{"file":569,"line":939,"context":676},521,{"file":569,"line":941,"context":676},522,{"file":569,"line":943,"context":676},523,{"file":569,"line":945,"context":676},524,{"file":569,"line":947,"context":676},525,{"file":569,"line":949,"context":676},536,{"file":569,"line":951,"context":676},541,{"file":569,"line":953,"context":676},546,{"file":569,"line":955,"context":676},547,{"file":569,"line":957,"context":676},550,{"file":569,"line":959,"context":676},551,{"file":569,"line":961,"context":676},554,{"file":569,"line":963,"context":676},555,{"file":569,"line":965,"context":676},558,{"file":569,"line":967,"context":676},559,{"file":569,"line":969,"context":676},562,{"file":569,"line":971,"context":676},563,{"file":569,"line":973,"context":676},566,{"file":569,"line":975,"context":676},567,{"file":569,"line":977,"context":676},570,{"file":569,"line":979,"context":676},571,{"file":569,"line":981,"context":676},579,{"file":569,"line":983,"context":676},581,{"file":569,"line":985,"context":676},582,{"file":569,"line":987,"context":676},585,{"file":569,"line":989,"context":676},586,{"file":569,"line":991,"context":676},587,{"file":569,"line":993,"context":676},588,{"file":569,"line":995,"context":676},599,{"file":569,"line":997,"context":676},600,{"file":999,"line":1000,"context":676},"admin\\subscribers.php",74,{"file":999,"line":1002,"context":676},78,{"file":999,"line":531,"context":676},{"file":999,"line":1005,"context":676},86,{"file":999,"line":153,"context":676},{"file":999,"line":1008,"context":676},104,{"file":999,"line":1010,"context":676},112,{"file":999,"line":1012,"context":676},121,{"file":999,"line":1014,"context":676},130,{"file":999,"line":78,"context":676},{"file":999,"line":321,"context":676},{"file":999,"line":1018,"context":676},235,{"file":999,"line":1020,"context":676},236,{"file":999,"line":1022,"context":676},245,{"file":999,"line":715,"context":676},{"file":999,"line":717,"context":676},{"file":999,"line":727,"context":676},{"file":999,"line":781,"context":676},{"file":999,"line":1028,"context":676},324,{"file":999,"line":1030,"context":676},325,{"file":999,"line":1032,"context":676},326,{"file":999,"line":1034,"context":676},327,{"file":999,"line":1036,"context":676},328,{"file":999,"line":1038,"context":676},336,{"file":999,"line":1040,"context":676},337,{"file":999,"line":1042,"context":676},338,{"file":999,"line":1044,"context":676},339,{"file":999,"line":793,"context":676},{"file":999,"line":795,"context":676},{"file":999,"line":1048,"context":676},342,{"file":999,"line":1050,"context":676},346,{"file":999,"line":1052,"context":676},347,{"file":999,"line":1054,"context":676},348,{"file":999,"line":1056,"context":676},349,{"file":999,"line":1058,"context":676},350,{"file":999,"line":1060,"context":676},351,{"file":999,"line":1062,"context":676},352,{"file":999,"line":1064,"context":676},353,{"file":1066,"line":1067,"context":676},"admin\\your-subscriptions.php",29,{"file":1066,"line":1069,"context":676},31,{"file":272,"line":935,"context":676},{"file":272,"line":1072,"context":676},560,{"file":272,"line":1074,"context":676},591,{"file":272,"line":1076,"context":676},752,{"file":272,"line":1078,"context":676},974,{"file":272,"line":1080,"context":676},1007,{"file":272,"line":1082,"context":676},1015,{"file":272,"line":1084,"context":676},1017,{"file":272,"line":1086,"context":676},1019,{"file":272,"line":1088,"context":676},1024,{"file":272,"line":1090,"context":676},1044,{"file":272,"line":1092,"context":676},1045,{"file":272,"line":1094,"context":676},1048,{"file":272,"line":1096,"context":676},1397,{"file":272,"line":1098,"context":676},1399,{"file":272,"line":1100,"context":676},1400,{"file":272,"line":1102,"context":676},1401,{"file":285,"line":1104,"context":676},118,{"file":285,"line":1106,"context":676},125,{"file":285,"line":1108,"context":676},135,{"file":285,"line":578,"context":676},{"file":285,"line":1111,"context":676},144,{"file":285,"line":1113,"context":676},161,{"file":285,"line":1115,"context":676},163,{"file":285,"line":1117,"context":676},167,{"file":285,"line":1119,"context":676},171,{"file":285,"line":509,"context":676},{"file":285,"line":1122,"context":676},177,{"file":317,"line":1124,"context":676},1544,{"file":317,"line":1126,"context":676},1545,{"file":317,"line":1128,"context":676},1549,{"file":1130,"line":678,"context":676},"classes\\class-s2-counter-widget.php",{"file":1130,"line":680,"context":676},{"file":1130,"line":1133,"context":676},133,{"file":1130,"line":1108,"context":676},{"file":1130,"line":499,"context":676},{"file":1130,"line":1137,"context":676},142,{"file":1130,"line":1111,"context":676},{"file":1130,"line":1140,"context":676},146,{"file":1142,"line":153,"context":676},"classes\\class-s2-form-widget.php",{"file":1142,"line":1144,"context":676},188,{"file":1142,"line":1146,"context":676},190,{"file":1142,"line":1148,"context":676},192,{"file":1142,"line":1150,"context":676},194,{"file":1142,"line":1152,"context":676},196,{"file":1142,"line":1154,"context":676},198,{"file":1142,"line":1156,"context":676},199,{"file":1142,"line":1158,"context":676},200,{"file":1142,"line":1160,"context":676},201,{"file":1142,"line":1162,"context":676},204,{"file":1142,"line":1164,"context":676},208,{"file":1142,"line":1166,"context":676},210,{"file":1142,"line":318,"context":676},{"file":1142,"line":1169,"context":676},224,{"file":1142,"line":1171,"context":676},229,{"file":1142,"line":1173,"context":676},230,{"file":1142,"line":1175,"context":676},232,{"file":1142,"line":1177,"context":676},233,{"file":1142,"line":1018,"context":676},{"file":1142,"line":1020,"context":676},{"file":490,"line":643,"context":676},{"file":490,"line":1182,"context":676},67,{"file":490,"line":1184,"context":676},68,{"file":490,"line":645,"context":676},{"file":490,"line":13,"context":676},{"file":490,"line":1188,"context":676},71,{"file":490,"line":1190,"context":676},72,{"file":490,"line":141,"context":676},{"file":490,"line":1000,"context":676},{"file":490,"line":1194,"context":676},77,{"file":490,"line":1002,"context":676},{"file":490,"line":1197,"context":676},79,{"file":490,"line":1199,"context":676},80,{"file":490,"line":1201,"context":676},81,{"file":490,"line":1203,"context":676},87,{"file":490,"line":27,"context":676},{"file":490,"line":574,"context":676},{"file":490,"line":173,"context":676},{"file":490,"line":1008,"context":676},{"file":490,"line":1209,"context":676},107,{"file":490,"line":1211,"context":676},109,{"file":490,"line":1012,"context":676},{"file":490,"line":1214,"context":676},129,{"file":490,"line":1108,"context":676},{"file":490,"line":503,"context":676},{"file":490,"line":1148,"context":676},{"file":490,"line":1156,"context":676},{"file":490,"line":1162,"context":676},{"file":490,"line":1221,"context":676},207,{"file":490,"line":1223,"context":676},220,{"file":490,"line":1225,"context":676},227,{"file":490,"line":1175,"context":676},{"file":490,"line":1018,"context":676},{"file":490,"line":1042,"context":676},{"file":490,"line":1230,"context":676},363,{"file":490,"line":1232,"context":676},439,{"file":625,"line":1234,"context":676},214,{"file":1236,"line":1237,"context":676},"classes\\class-s2-list-table.php",216,{"file":1236,"line":648,"context":676},{"file":1236,"line":707,"context":676},{"file":1236,"line":1241,"context":676},308,{"file":1236,"line":1243,"context":676},469,{"file":498,"line":1245,"context":676},470,{"file":498,"line":875,"context":676},{"file":498,"line":877,"context":676},{"file":498,"line":1249,"context":676},961,{"file":518,"line":1251,"context":676},263,{"file":518,"line":1253,"context":676},613,{"file":518,"line":1255,"context":676},621,4,13,[1259],{"name":1260,"version":38,"knownCves":1261},"TinyMCE",[],[1263,1279,1288,1298,1308,1316,1325,1342],{"entryPoint":1264,"graph":1265,"unsanitizedCount":29,"severity":1278},"\u003Csend-email> (admin\\send-email.php:0)",{"nodes":1266,"edges":1276},[1267,1271],{"id":1268,"type":1269,"label":1270,"file":674,"line":1012},"n0","source","$_POST (x2)",{"id":1272,"type":1273,"label":1274,"file":674,"line":678,"wp_function":1275},"n1","sink","echo() [XSS]","echo",[1277],{"from":1268,"to":1272,"sanitized":535},"low",{"entryPoint":1280,"graph":1281,"unsanitizedCount":29,"severity":1278},"\u003Csettings> (admin\\settings.php:0)",{"nodes":1282,"edges":1286},[1283,1285],{"id":1268,"type":1269,"label":1284,"file":569,"line":1150},"$_SERVER['SERVER_NAME']",{"id":1272,"type":1273,"label":1274,"file":569,"line":1150,"wp_function":1275},[1287],{"from":1268,"to":1272,"sanitized":535},{"entryPoint":1289,"graph":1290,"unsanitizedCount":29,"severity":1278},"\u003Csubscribers> (admin\\subscribers.php:0)",{"nodes":1291,"edges":1296},[1292,1295],{"id":1268,"type":1269,"label":1293,"file":999,"line":1294},"$_POST (x8)",320,{"id":1272,"type":1273,"label":1274,"file":999,"line":1034,"wp_function":1275},[1297],{"from":1268,"to":1272,"sanitized":535},{"entryPoint":1299,"graph":1300,"unsanitizedCount":29,"severity":1278},"s2init (classes\\class-s2-core.php:2145)",{"nodes":1301,"edges":1306},[1302,1305],{"id":1268,"type":1269,"label":1303,"file":317,"line":1304},"$_POST['exportcsv']",2387,{"id":1272,"type":1273,"label":1274,"file":317,"line":1304,"wp_function":1275},[1307],{"from":1268,"to":1272,"sanitized":535},{"entryPoint":1309,"graph":1310,"unsanitizedCount":29,"severity":1278},"\u003Cclass-s2-core> (classes\\class-s2-core.php:0)",{"nodes":1311,"edges":1314},[1312,1313],{"id":1268,"type":1269,"label":1303,"file":317,"line":1304},{"id":1272,"type":1273,"label":1274,"file":317,"line":1304,"wp_function":1275},[1315],{"from":1268,"to":1272,"sanitized":535},{"entryPoint":1317,"graph":1318,"unsanitizedCount":29,"severity":1278},"\u003Cclass-s2-forms> (classes\\class-s2-forms.php:0)",{"nodes":1319,"edges":1323},[1320,1322],{"id":1268,"type":1269,"label":1321,"file":490,"line":1069},"$_GET (x6)",{"id":1272,"type":1273,"label":1274,"file":490,"line":1182,"wp_function":1275},[1324],{"from":1268,"to":1272,"sanitized":535},{"entryPoint":1326,"graph":1327,"unsanitizedCount":63,"severity":55},"confirm (classes\\class-s2-frontend.php:103)",{"nodes":1328,"edges":1339},[1329,1331,1334],{"id":1268,"type":1269,"label":1330,"file":625,"line":1104},"$_GET",{"id":1272,"type":1332,"label":1333,"file":625,"line":1104},"transform","→ get_email()",{"id":1335,"type":1273,"label":1336,"file":317,"line":1337,"wp_function":1338},"n2","get_var() [SQLi]",929,"get_var",[1340,1341],{"from":1268,"to":1272,"sanitized":537},{"from":1272,"to":1335,"sanitized":537},{"entryPoint":1343,"graph":1344,"unsanitizedCount":63,"severity":55},"\u003Cclass-s2-frontend> (classes\\class-s2-frontend.php:0)",{"nodes":1345,"edges":1349},[1346,1347,1348],{"id":1268,"type":1269,"label":1330,"file":625,"line":1104},{"id":1272,"type":1332,"label":1333,"file":625,"line":1104},{"id":1335,"type":1273,"label":1336,"file":317,"line":1337,"wp_function":1338},[1350,1351],{"from":1268,"to":1272,"sanitized":537},{"from":1272,"to":1335,"sanitized":537},{"summary":1353,"deductions":1354},"The Subscribe2 plugin version 10.45 presents a mixed security posture. While it demonstrates some good practices like a high percentage of prepared SQL statements and a reasonable number of capability checks, there are significant areas of concern.\n\nThe static analysis reveals a notable attack surface, with two out of three AJAX handlers lacking authentication checks. This is a critical oversight that could allow unauthorized actions. Furthermore, the taint analysis indicates two flows with unsanitized paths, classified as high severity. These issues, combined with the history of eight known CVEs, including three high-severity vulnerabilities related to missing authorization, CSRF, and XSS, suggest a plugin that has historically been a target and has had recurring security weaknesses.\n\nDespite the absence of currently unpatched CVEs and a recent vulnerability date (though unusually in the future), the combination of unprotected entry points and high-severity taint flows points to a continued need for vigilance. While the plugin has strengths in its SQL handling and nonce checks, the identified weaknesses in authorization and input sanitization, coupled with its vulnerability history, warrant a cautious approach to its deployment.",[1355,1357,1359,1361,1363],{"reason":1356,"points":239},"AJAX handlers without authentication checks",{"reason":1358,"points":502},"High severity unsanitized taint flows",{"reason":1360,"points":263},"History of high severity vulnerabilities",{"reason":1362,"points":239},"History of medium severity vulnerabilities",{"reason":1364,"points":47},"Large attack surface with unprotected entry points","2026-03-16T17:35:23.563Z",{"wat":1367,"direct":1382},{"assetPaths":1368,"generatorPatterns":1374,"scriptPaths":1375,"versionParams":1376},[1369,1370,1371,1372,1373],"\u002Fwp-content\u002Fplugins\u002Fsubscribe2\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fsubscribe2\u002Fcss\u002Fuser-style.css","\u002Fwp-content\u002Fplugins\u002Fsubscribe2\u002Fjs\u002Fadmin-scripts.js","\u002Fwp-content\u002Fplugins\u002Fsubscribe2\u002Fjs\u002Fuser-scripts.js","\u002Fwp-content\u002Fplugins\u002Fsubscribe2\u002Fjs\u002Fdismiss.js",[],[1371,1372,1373],[1377,1378,1379,1380,1381],"subscribe2\u002Fcss\u002Fadmin-style.css?ver=","subscribe2\u002Fcss\u002Fuser-style.css?ver=","subscribe2\u002Fjs\u002Fadmin-scripts.js?ver=","subscribe2\u002Fjs\u002Fuser-scripts.js?ver=","subscribe2\u002Fjs\u002Fdismiss.js?ver=",{"cssClasses":1383,"htmlComments":1384,"htmlAttributes":1385,"restEndpoints":1391,"jsGlobals":1392,"shortcodeOutput":1395},[4],[],[1386,1387,1388,1389,1390],"id=\"s2_email_freq\"","id=\"s2_body\"","id=\"s2_subject\"","id=\"s2_signature\"","id=\"s2_send_button\"",[],[1393,1394],"mysubscribe2","s2_confirm_nonce",[]]