[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fb80mwt-F2MqqDKBAyvTyanh9o8ovWOacimVsxuqgkdc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":45,"crawl_stats":34,"alternatives":51,"analysis":92,"fingerprints":322},"super-blank","Super Blank","1.3.1","Tyler Moore","https:\u002F\u002Fprofiles.wordpress.org\u002Fconutant\u002F","\u003Ch4>SUPER BLANK MAKES IT SUPER EASY TO BUILD YOUR WEBSITE\u003C\u002Fh4>\n\u003Cp>With just one click it lets you install a beautiful, clean, and fully responsive blank layout.\u003C\u002Fp>\n\u003Cp>This gives you the perfect starting point, and then you can use Elementor to build anything that you want from there.\u003C\u002Fp>\n\u003Cp>No more choosing a theme, staring at a confusing screen, or fighting with complicated settings.\u003C\u002Fp>\n\u003Cp>Super Blank makes website building super easy – even if you’ve never built a website before.\u003C\u002Fp>\n\u003Cp>Just follow these simple steps:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Click a button to import your blank design.\u003C\u002Fli>\n\u003Cli>Preview and choose your favorite colors that automatically apply to your whole site.\u003C\u002Fli>\n\u003Cli>Choose from our hundreds of ready-made design options to customize your site’s layout.\u003C\u002Fli>\n\u003Cli>Add your own images, text, and content to make it yours.\u003C\u002Fli>\n\u003Cli>And that’s it, you’ve got a beautiful modern website!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>To make this possible, Super Blank uses the Astra theme together with the Elementor editor.\u003C\u002Fp>\n\u003Cp>Astra is one of the most popular themes on WordPress, and Elementor is the most popular page builder.\u003C\u002Fp>\n\u003Cp>Super Blank brings them together, allowing you to make your dream design super easy and super fast.\u003C\u002Fp>\n\u003Cp>Want to change the look and feel of your whole site? Just change the global colors and fonts in a single place within Astra, and your whole design will adapt.\u003C\u002Fp>\n\u003Cp>Want to mix things up? Super Blank lets you combine different layouts to create exactly what you need, right inside the Elementor editor.\u003C\u002Fp>\n\u003Cp>You can easily swap sections, move things around, and make the design your own. Even if you’re a complete beginner.\u003C\u002Fp>\n\u003Cp>With Super Blank, you can have a beautiful website up and running in no time.\u003C\u002Fp>\n\u003Ch4>TUTORIAL\u003C\u002Fh4>\n","The best way in the world to make a website. Start from blank, and build any design you want.",10000,48926,100,7,"2026-01-16T12:16:00.000Z","6.9.4","5.9","7.4",[20,4],"blank-template","https:\u002F\u002Ftyler.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-blank.1.3.1.zip",99,1,0,"2025-09-23 00:00:00","2026-03-15T15:16:48.613Z",[29],{"id":30,"url_slug":31,"title":32,"description":33,"plugin_slug":4,"theme_slug":34,"affected_versions":35,"patched_in_version":36,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":26,"updated_date":41,"references":42,"days_to_patch":44},"CVE-2025-54741","super-blank-authenticated-subscriber-arbitrary-content-deletion","Super Blank \u003C= 1.2.0 - Authenticated (Subscriber+) Arbitrary Content Deletion","The Super Blank plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary content.",null,"\u003C=1.2.0","1.3.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-09-30 12:40:09",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc61093b0-6004-4f20-bea5-95c891f44a13?source=api-prod",8,{"slug":46,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":13,"avg_patch_time_days":44,"trust_score":49,"computed_at":50},"conutant",2,20000,94,"2026-04-04T05:04:53.770Z",[52,71],{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":25,"num_ratings":25,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":68,"download_link":69,"security_score":70,"vuln_count":25,"unpatched_count":25,"last_vuln_date":34,"fetched_at":27},"blanked","Blanked Template","1.1.0","Sofyan Sitorus","https:\u002F\u002Fprofiles.wordpress.org\u002Fsofyansitorus\u002F","\u003Cp>This plugin will add a blank page template for any themes. Any page using the template will only display the content. No header, no sidebar, no footer.\u003C\u002Fp>\n\u003Cp>The blank page template can be applied to pages, singular posts and any special pages such as blog page, archive page, search page. It load everything included in the wp_head(), wp_body_open() and wp_footer(), so all scripts and styles should load as normal. It also has option to customize the CSS class for the body tag element (body_class()) and post content wrapper element (post_class()).\u003C\u002Fp>\n\u003Cp>This is great for page builders (Divi, Elementor, Beaver Builder, etc), landing pages.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add totally blank page template for any themes. No header, no sidebar, no footer.\u003C\u002Fli>\n\u003Cli>Disable functions wp_head(), wp_body_open() and wp_footer() for any singular and special pages that applied to use blanked template\u003C\u002Fli>\n\u003Cli>Disable CSS class for any singular and special pages that applied to use blanked template\u003C\u002Fli>\n\u003Cli>Add CSS class for any singular and special pages that applied to use blanked template\u003C\u002Fli>\n\u003Cli>Apply blanked template to post type singular pages: Built-in and custom post type\u003C\u002Fli>\n\u003Cli>Apply blanked template to special pages: blog page, archive page, search page\u003C\u002Fli>\n\u003C\u002Ful>\n","Add blank page template for any themes. No header, no sidebar, no footer. Apply blank template to pages, built-in and custom posts types, blog, archiv &hellip;",70,1714,"2019-11-17T12:33:00.000Z","5.2.24","4.7","5.6",[20,67],"page-template","https:\u002F\u002Fgithub.com\u002Fsofyansitorus\u002FBlanked","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblanked.zip",85,{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":25,"num_ratings":25,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":90,"download_link":91,"security_score":70,"vuln_count":25,"unpatched_count":25,"last_vuln_date":34,"fetched_at":27},"admin-menu-tamplate-plugin","Admin Menu Blank Template Plugin","1.0","Nitin Yawalkar","https:\u002F\u002Fprofiles.wordpress.org\u002Fyawalkarm\u002F","\u003Cp>Admin Menu Template Plugin make plugin development easy and it is a simple, flexible and cool blank plugin template with a special menu icon and ability of menu increment and much more so the developers feels “Code is a Poetry”.\u003C\u002Fp>\n\u003Cp>In addition to increasing the user experience for your plugin, it has also been widely reported that this blank template gives your plugin the admin area in an independent space with your very own icon.\u003C\u002Fp>\n","Admin Menu Template Plugin make plugin development easy like drag and drop.",10,3241,"2012-01-01T17:33:00.000Z","3.3.2","2.7.0","",[86,20,87,88,89],"admin-menu-template","plugin-menu","plugin-menu-icon","submenus","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fadmin-menu-tamplate-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-menu-tamplate-plugin.zip",{"attackSurface":93,"codeSignals":205,"taintFlows":259,"riskAssessment":309,"analyzedAt":321},{"hooks":94,"ajaxHandlers":161,"restRoutes":201,"shortcodes":202,"cronEvents":203,"entryPointCount":204,"unprotectedCount":79},[95,101,106,111,115,118,123,128,132,137,141,145,148,151,153,156,158],{"type":96,"name":97,"callback":98,"file":99,"line":100},"action","admin_menu","superBlankCustomAdminMenu","inc\\admin-pages.php",29,{"type":102,"name":103,"callback":104,"file":99,"line":105},"filter","plugin_action_links_super-blank\u002Fsuper-blank.php","superBlankAddSettingsLink",108,{"type":96,"name":107,"callback":108,"file":109,"line":110},"elementor\u002Feditor\u002Fbefore_enqueue_scripts","enqueue_editor_scripts","inc\\Elementor_Sections.php",14,{"type":96,"name":112,"callback":113,"file":109,"line":114},"elementor\u002Feditor\u002Ffooter","additional_style",16,{"type":96,"name":112,"callback":116,"file":109,"line":117},"render_modal_template",17,{"type":102,"name":119,"callback":120,"priority":79,"file":121,"line":122},"super_blank_pre_process_template_content","closure","inc\\Endpoints\\HandleStepSix.php",119,{"type":96,"name":124,"callback":125,"file":126,"line":127},"wp_enqueue_scripts","superBlankCustomFrontendStyle","inc\\enqueue-scripts.php",19,{"type":96,"name":129,"callback":130,"file":126,"line":131},"admin_enqueue_scripts","superBlankCustomAdminStyle",90,{"type":96,"name":133,"callback":134,"file":135,"line":136},"init","superBlankPatternsExtractor","inc\\functions.php",67,{"type":102,"name":138,"callback":139,"file":135,"line":140},"wp_theme_json_data_theme","superBlankCustomColorPalette",137,{"type":96,"name":142,"callback":143,"file":135,"line":144},"admin_notices","superBlankCheckAstraTheme",671,{"type":96,"name":146,"callback":143,"file":135,"line":147},"network_admin_notices",672,{"type":96,"name":142,"callback":149,"file":135,"line":150},"superBlankCheckElementorPlugin",703,{"type":96,"name":146,"callback":149,"file":135,"line":152},704,{"type":96,"name":142,"callback":154,"file":135,"line":155},"superBlankCheckWPFormsPlugin",735,{"type":96,"name":146,"callback":154,"file":135,"line":157},736,{"type":96,"name":159,"callback":120,"file":160,"line":79},"plugins_loaded","inc\\hooks.php",[162,168,173,177,180,183,186,189,192,195,198],{"action":163,"nopriv":164,"callback":165,"hasNonce":166,"hasCapCheck":164,"file":109,"line":167},"get_elementor_template",false,"get_template_data",true,15,{"action":169,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":171,"line":172},"super_blank_step5","handle_step","inc\\Endpoints\\HandleStepFive.php",20,{"action":174,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":175,"line":176},"super_blank_step5_1","inc\\Endpoints\\HandleStepFiveOne.php",18,{"action":178,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":179,"line":172},"super_blank_step4","inc\\Endpoints\\HandleStepFour.php",{"action":181,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":182,"line":172},"super_blank_step1","inc\\Endpoints\\HandleStepOne.php",{"action":184,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":185,"line":176},"super_blank_step1_3","inc\\Endpoints\\HandleStepOneThree.php",{"action":187,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":188,"line":176},"super_blank_step1_2","inc\\Endpoints\\HandleStepOneTwo.php",{"action":190,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":191,"line":127},"super_blank_step7","inc\\Endpoints\\HandleStepSeven.php",{"action":193,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":121,"line":194},"super_blank_step6",65,{"action":196,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":197,"line":172},"super_blank_step3","inc\\Endpoints\\HandleStepThree.php",{"action":199,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":200,"line":176},"super_blank_step2","inc\\Endpoints\\HandleStepTwo.php",[],[],[],11,{"dangerousFunctions":206,"sqlUsage":207,"outputEscaping":229,"fileOperations":25,"externalRequests":25,"nonceChecks":47,"capabilityChecks":25,"bundledLibraries":258},[],{"prepared":117,"raw":208,"locations":209},9,[210,213,215,217,219,221,223,225,227],{"file":135,"line":211,"context":212},169,"$wpdb->query() with variable interpolation",{"file":135,"line":214,"context":212},172,{"file":135,"line":216,"context":212},175,{"file":135,"line":218,"context":212},178,{"file":135,"line":220,"context":212},179,{"file":135,"line":222,"context":212},456,{"file":135,"line":224,"context":212},463,{"file":135,"line":226,"context":212},497,{"file":135,"line":228,"context":212},505,{"escaped":230,"rawEcho":110,"locations":231},641,[232,236,238,240,242,243,245,247,248,249,250,252,254,256],{"file":233,"line":234,"context":235},"inc\\Endpoints\\BaseEndpoint.php",51,"raw output",{"file":233,"line":237,"context":235},81,{"file":233,"line":239,"context":235},97,{"file":233,"line":241,"context":235},110,{"file":171,"line":136,"context":235},{"file":171,"line":244,"context":235},76,{"file":179,"line":246,"context":235},71,{"file":179,"line":237,"context":235},{"file":182,"line":136,"context":235},{"file":197,"line":246,"context":235},{"file":135,"line":251,"context":235},652,{"file":135,"line":253,"context":235},666,{"file":135,"line":255,"context":235},698,{"file":135,"line":257,"context":235},730,[],[260,294],{"entryPoint":261,"graph":262,"unsanitizedCount":47,"severity":293},"handle_step (inc\\Endpoints\\HandleStepFiveOne.php:21)",{"nodes":263,"edges":288},[264,269,273,279,283,286],{"id":265,"type":266,"label":267,"file":175,"line":268},"n0","source","$_POST['headerMenuData']",40,{"id":270,"type":271,"label":272,"file":175,"line":268},"n1","transform","→ createHeaderMenu()",{"id":274,"type":275,"label":276,"file":175,"line":277,"wp_function":278},"n2","sink","update_option() [Settings Manipulation]",72,"update_option",{"id":280,"type":266,"label":281,"file":175,"line":282},"n3","$_POST['footerMenuData']",46,{"id":284,"type":271,"label":285,"file":175,"line":282},"n4","→ createFooterMenu()",{"id":287,"type":275,"label":276,"file":175,"line":105,"wp_function":278},"n5",[289,290,291,292],{"from":265,"to":270,"sanitized":164},{"from":270,"to":274,"sanitized":164},{"from":280,"to":284,"sanitized":164},{"from":284,"to":287,"sanitized":164},"low",{"entryPoint":295,"graph":296,"unsanitizedCount":47,"severity":293},"\u003CHandleStepFiveOne> (inc\\Endpoints\\HandleStepFiveOne.php:0)",{"nodes":297,"edges":304},[298,299,300,301,302,303],{"id":265,"type":266,"label":267,"file":175,"line":268},{"id":270,"type":271,"label":272,"file":175,"line":268},{"id":274,"type":275,"label":276,"file":175,"line":277,"wp_function":278},{"id":280,"type":266,"label":281,"file":175,"line":282},{"id":284,"type":271,"label":285,"file":175,"line":282},{"id":287,"type":275,"label":276,"file":175,"line":105,"wp_function":278},[305,306,307,308],{"from":265,"to":270,"sanitized":164},{"from":270,"to":274,"sanitized":164},{"from":280,"to":284,"sanitized":164},{"from":284,"to":287,"sanitized":164},{"summary":310,"deductions":311},"The \"super-blank\" v1.3.1 plugin exhibits a mixed security posture. While it demonstrates good practices in areas like output escaping and avoiding dangerous functions, significant concerns arise from its attack surface.  A large number of AJAX handlers (10 out of 11) lack proper authentication checks, creating a substantial entry point for potential unauthorized actions.  The taint analysis, though limited in scope, did reveal two flows with unsanitized paths, which could indicate a risk of injection vulnerabilities if these paths are exposed to user input without proper sanitization, even if no critical or high severity vulnerabilities were immediately identified.\n\nThe plugin's vulnerability history shows one previously disclosed medium severity CVE, which was patched, and the absence of currently unpatched vulnerabilities is positive. However, the pattern of \"Missing Authorization\" in past vulnerabilities aligns with the current findings of unprotected AJAX handlers, suggesting a recurring weakness in access control implementation. The presence of only two nonce checks across 11 entry points further exacerbates the risk associated with the unprotected AJAX handlers.\n\nIn conclusion, while the plugin avoids common pitfalls like dangerous functions and generally handles output well, the extensive unprotected AJAX endpoints and the historical pattern of authorization issues present a notable risk. The taint analysis, though limited, also hints at potential for unaddressed path sanitization issues.  Users should exercise caution, and developers should prioritize implementing robust authentication and authorization checks for all AJAX endpoints.",[312,314,316,319],{"reason":313,"points":79},"High number of AJAX handlers without auth checks",{"reason":315,"points":44},"Taint analysis found unsanitized paths",{"reason":317,"points":318},"Low number of nonce checks on entry points",5,{"reason":320,"points":167},"Previous medium severity CVE (Missing Authorization)","2026-03-16T17:50:03.703Z",{"wat":323,"direct":333},{"assetPaths":324,"generatorPatterns":328,"scriptPaths":329,"versionParams":330},[325,326,327],"\u002Fwp-content\u002Fplugins\u002Fsuper-blank\u002Fassets\u002Fcss\u002Fsb-library.css","\u002Fwp-content\u002Fplugins\u002Fsuper-blank\u002Fassets\u002Fimages\u002Floader.json","\u002Fwp-content\u002Fplugins\u002Fsuper-blank\u002Fassets\u002Fjs\u002Fsb-library.js",[],[327],[331,332],"super-blank\u002Fassets\u002Fcss\u002Fsb-library.css?ver=","super-blank\u002Fassets\u002Fjs\u002Fsb-library.js?ver=",{"cssClasses":334,"htmlComments":342,"htmlAttributes":345,"restEndpoints":351,"jsGlobals":353,"shortcodeOutput":355},[335,336,337,338,339,340,341],"sb-library-modal","sb-library-modal-overlay","sb-library-modal-container","sb-library-modal-header","sb-library-modal-brand","sb-logo","sb-white-mode",[343,344],"\u003C!-- Start: Super Blank Library Modal -->","\u003C!-- End: Super Blank Library Modal -->",[346,347,348,349,350],"data-elementor-editor-element-id","data-template-type","data-template-file","data-template-category","data-template-category-order",[352],"\u002Fwp-json\u002Fsuper-blank\u002Fv1\u002Ftemplates",[354],"elementorSectionsData",[]]