[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKd7IPUbv3Xf5U0SOqT6kCnnaKmPlQk7x8_rTFKpbKYo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":44,"crawl_stats":35,"alternatives":49,"analysis":96,"fingerprints":214},"sync-posts","Sync Posts","1.0","SoftClever Limited","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftclever\u002F","\u003Cp>Sync Posts is a WordPress plugin that allows you to sync posts from another website using a URL. With this plugin, you can easily import Post Title, Content, Content Images, Post Tags, Categories, and Featured Images from any WordPress site to your current WordPress site.\u003C\u002Fp>\n","Sync Posts is a WordPress plugin that allows you to sync posts from another website using a URL. With this plugin, you can easily import Post Title, C &hellip;",100,1748,2,"2023-10-27T20:52:00.000Z","6.3.8","","7.2.5",[19,20,21,22],"import-posts","post-scrapping","posts-copy","remote-posts-copier","https:\u002F\u002Fsoftclever.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsync-posts.zip",61,1,"2025-04-10 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35},"CVE-2025-32579","sync-posts-authenticated-subscriber-arbitrary-file-upload","Sync Posts \u003C= 1.0 - Authenticated (Subscriber+) Arbitrary File Upload","The Sync Posts plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'scwp_sync_posts_func' and 'scwp_download_posts_content_images' functions in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.",null,"\u003C=1.0","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2025-04-30 05:24:33",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbdd9045e-5869-446b-9a6e-4c6766b91d05?source=api-prod",{"slug":45,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":46,"trust_score":47,"computed_at":48},"softclever",30,67,"2026-04-04T11:18:54.354Z",[50,75],{"slug":51,"name":52,"version":53,"author":54,"author_profile":55,"description":56,"short_description":57,"active_installs":58,"downloaded":59,"rating":60,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":16,"tags":65,"homepage":16,"download_link":70,"security_score":71,"vuln_count":72,"unpatched_count":73,"last_vuln_date":74,"fetched_at":28},"wp-multisite-content-copier","WP Multisite Content Copier\u002FUpdater","2.0.2","Obtain Infotech","https:\u002F\u002Fprofiles.wordpress.org\u002Fobtaininfotech\u002F","\u003Cp>WP Multisite Content Copier\u002FUpdater plugin is the best solution for copy\u002Fupdate posts and pages from one site (blog) to the other sites (blogs) in your WordPress Multisite Network.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Copy\u002FUpdate posts and pages from one site to the other sites in your WordPress Multisite Network.\u003C\u002Fli>\n\u003Cli>Copy\u002FUpdate posts.\u003C\u002Fli>\n\u003Cli>Copy\u002FUpdate pages.\u003C\u002Fli>\n\u003Cli>Copy\u002FUpdate terms (Categories and Tags) when post copy\u002Fupdate.\u003C\u002Fli>\n\u003Cli>Copy\u002FUpdate parents posts, pages, tags and categories automatically.\u003C\u002Fli>\n\u003Cli>Copy\u002FUpdate media (image, document file, etc…) when post or page copy\u002Fupdate.\u003C\u002Fli>\n\u003Cli>Bulk copy\u002Fupdate posts\u002Fpages from one site to the other sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>PRO Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Copy\u002FUpdate custom post type posts.\u003C\u002Fli>\n\u003Cli>Copy\u002FUpdate users.\u003C\u002Fli>\n\u003Cli>Automatically copy\u002Fupdate custom terms when post, page, custom post type post copy\u002Fupdate.\u003C\u002Fli>\n\u003Cli>Automatically copy\u002Fupdate media (image, document file, etc…) when post, page, custom post type post copy\u002Fupdate.\u003C\u002Fli>\n\u003Cli>Exclude Meta Data (posts, pages and custom post type posts) option: Exclude meta data when copy\u002Fupdate with web sites.\u003C\u002Fli>\n\u003Cli>Bulk copy\u002Fupdate posts, pages, custom post type posts and users from one site to the other sites.\u003C\u002Fli>\n\u003Cli>Also support custom fields which is in posts, pages and custom post type posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advanced Custom Fields (ACF) plugin and Custom Fields Support:\u003C\u002Fstrong> Copy\u002FUpdate custom fields which is in posts, pages and custom post type posts.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwp-multisite-content-copier-pro\u002F19166406\u002F\" rel=\"nofollow ugc\">Upgrade to Pro Now\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Others WordPress Multisite Network Sites Plugins\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwordpress-multisite-posts-pages-and-custom-post-types-sync\u002F20143748\" rel=\"nofollow ugc\">WordPress Multisite Posts, Pages and Custom Post Type Posts Sync\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwoocommerce-multisite-product-sync\u002F20137238\" rel=\"nofollow ugc\">WooCommerce Multisite Product Sync\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwordpress-multisite-user-syncunsync\u002F19660623\" rel=\"nofollow ugc\">WordPress Multisite User Sync\u002FUnsync\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwoocommerce-multisite-content-copier\u002F19660524\" rel=\"nofollow ugc\">WooCommerce Multisite Content Copier\u002FUpdater\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwordpress-multisite-media-syncunsync\u002F20257503\" rel=\"nofollow ugc\">Multisite Shared Media for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>WordPress API Based Sync Plugins (WordPress Single Separate Sites)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwordpress-api-posts-and-pages-sync-with-multiple-wordpress-sites\u002F22075096\" rel=\"nofollow ugc\">WordPress API Posts and Pages Sync with Multiple WordPress Sites\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwordpress-api-multiple-sites-user-sync\u002F21608092\" rel=\"nofollow ugc\">WordPress API Multiple Sites User Sync\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwoocommerce-api-product-sync-with-multiple-web-stores-shops\u002F21672540\" rel=\"nofollow ugc\">WooCommerce API Product Sync with Multiple WooCommerce Stores (Shops)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Bulk Copy\u002FUpdate:\u003C\u002Fstrong> You can copy\u002Fupdate bulk posts\u002Fpages (public, private and future) from one site to the other sites. Please follow the below steps.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to ‘Network Admin’ -> ‘Content Copier’ -> ‘Bulk Copy\u002FUpdate’ OR ‘Network Admin’ -> ‘WMCC’ -> ‘Bulk Copy\u002FUpdate’.\u003C\u002Fli>\n\u003Cli>You will see WP Multisite Content Copier page.\u003C\u002Fli>\n\u003Cli>Select content type (posts or pages).\u003C\u002Fli>\n\u003Cli>Select source site you want copy\u002Fupdate from.\u003C\u002Fli>\n\u003Cli>Add number of records per page.\u003C\u002Fli>\n\u003Cli>Click on ‘Filter’ button.\u003C\u002Fli>\n\u003Cli>You will see list of records.\u003C\u002Fli>\n\u003Cli>Select records you want copy\u002Fupdate.\u003C\u002Fli>\n\u003Cli>Select destination sites you want copy\u002Fupdate.\u003C\u002Fli>\n\u003Cli>Select extra option like Copy or update media, Copy or update terms (Categories & Tags).\u003C\u002Fli>\n\u003Cli>Click on ‘Copy\u002FUpdate’ button.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Individual Copy\u002FUpdate:\u003C\u002Fstrong> You can copy\u002Fupdate individual posts\u002Fpages (public, private and future) from one site to the other sites. Please follow the below steps.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Edit any post\u002Fpage.\u003C\u002Fli>\n\u003Cli>You will see ‘WP Multisite Content Copier: Copy\u002FUpdate Content’ section.\u003C\u002Fli>\n\u003Cli>Select destination sites you want copy\u002Fupdate.\u003C\u002Fli>\n\u003Cli>Select extra option like Copy or update media, Copy or update terms (Categories & Tags).\u003C\u002Fli>\n\u003Cli>Click on ‘Copy\u002FUpdate’ button.\u003C\u002Fli>\n\u003C\u002Ful>\n","Copy\u002FUpdate posts and pages from one site (blog) to the other sites (blogs) in your WordPress Multisite Network.",800,55892,82,17,"2025-12-12T05:51:00.000Z","6.9.4","4.1",[66,67,68,69,21],"content-copier","copier","copy","multisite","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-multisite-content-copier.2.0.2.zip",98,3,0,"2024-07-10 00:00:00",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":13,"last_updated":86,"tested_up_to":63,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":16,"download_link":94,"security_score":71,"vuln_count":13,"unpatched_count":73,"last_vuln_date":95,"fetched_at":28},"postpage-import-export-with-custom-fields-taxonomies","Post\u002FPage Import Export – Migrate Content with Custom Fields & Taxonomies","2.1.0","wpspin","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpspin\u002F","\u003Cp>📦 \u003Cstrong>Post\u002FPage Import & Export\u003C\u002Fstrong> makes it easy to migrate content between WordPress sites — no database dumps, no complex migration tools.\u003C\u002Fp>\n\u003Cp>With a single click, export any post or page as a lightweight \u003Cstrong>JSON file\u003C\u002Fstrong> that includes everything: content, custom fields, taxonomies, featured images, and ACF data. Then upload that file on another WordPress site to instantly recreate the content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Just click, download, upload, done.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>✨ Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>📤 \u003Cstrong>One-Click Export\u003C\u002Fstrong> — Export any post or page as a JSON file directly from the list view\u003C\u002Fli>\n\u003Cli>📥 \u003Cstrong>Quick Import\u003C\u002Fstrong> — Import JSON files via a simple popup modal\u003C\u002Fli>\n\u003Cli>🖼️ \u003Cstrong>Featured Image Transfer\u003C\u002Fstrong> — Automatically downloads and re-attaches featured images on the destination site\u003C\u002Fli>\n\u003Cli>🏷️ \u003Cstrong>Taxonomy Preservation\u003C\u002Fstrong> — Categories, tags, and custom taxonomies are fully preserved\u003C\u002Fli>\n\u003Cli>📝 \u003Cstrong>Custom Fields \u002F PostMeta\u003C\u002Fstrong> — All custom field data is carried over during migration\u003C\u002Fli>\n\u003Cli>🔧 \u003Cstrong>ACF Support\u003C\u002Fstrong> — Advanced Custom Fields including nested repeaters up to 5 levels deep\u003C\u002Fli>\n\u003Cli>🖼️ \u003Cstrong>Inline Image Handling\u003C\u002Fstrong> — Images embedded in post content are downloaded and URLs are updated automatically\u003C\u002Fli>\n\u003Cli>📄 \u003Cstrong>Custom Post Types\u003C\u002Fstrong> — Works with any registered post type, not just posts and pages\u003C\u002Fli>\n\u003Cli>🏗️ \u003Cstrong>Page Builder Friendly\u003C\u002Fstrong> — Compatible with Elementor, WPBakery, Beaver Builder, and more\u003C\u002Fli>\n\u003Cli>🔒 \u003Cstrong>Secure\u003C\u002Fstrong> — Only administrators can export content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>💡 Use Cases\u003C\u002Fh4>\n\u003Col>\n\u003Cli>🌐 \u003Cstrong>Cross-Site Content Migration\u003C\u002Fstrong> — Move posts or pages from a staging site to production without database migration\u003C\u002Fli>\n\u003Cli>📋 \u003Cstrong>Content Duplication\u003C\u002Fstrong> — Clone a post or page within the same site with all its metadata intact\u003C\u002Fli>\n\u003Cli>🏗️ \u003Cstrong>Staging to Production\u003C\u002Fstrong> — Build pages on staging and deploy to the live site via JSON export\u002Fimport\u003C\u002Fli>\n\u003Cli>🔄 \u003Cstrong>Multi-Site Content Sharing\u003C\u002Fstrong> — Share content across a multisite network or between independent installs\u003C\u002Fli>\n\u003Cli>📦 \u003Cstrong>Content Backup\u003C\u002Fstrong> — Export critical posts as JSON backups before making major changes\u003C\u002Fli>\n\u003Cli>👨‍💻 \u003Cstrong>Developer Handoff\u003C\u002Fstrong> — Share pre-built pages with clients or team members as portable JSON files\u003C\u002Fli>\n\u003Cli>🛒 \u003Cstrong>WooCommerce Product Migration\u003C\u002Fstrong> — Move product pages with custom fields between stores\u003C\u002Fli>\n\u003Cli>📰 \u003Cstrong>Editorial Workflow\u003C\u002Fstrong> — Export drafted content for offline review and re-import after approval\u003C\u002Fli>\n\u003Cli>🎨 \u003Cstrong>Template Distribution\u003C\u002Fstrong> — Create a page with ACF fields and page builder layouts, distribute as JSON\u003C\u002Fli>\n\u003Cli>🧪 \u003Cstrong>A\u002FB Testing\u003C\u002Fstrong> — Duplicate pages quickly to test different content versions while preserving all metadata\u003C\u002Fli>\n\u003Cli>🏫 \u003Cstrong>Demo Content Setup\u003C\u002Fstrong> — Set up demo content on fresh WordPress installations for training or presentations\u003C\u002Fli>\n\u003Cli>🔀 \u003Cstrong>Theme Migration\u003C\u002Fstrong> — Export key pages and re-import them when switching themes to preserve structured content\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>📋 What Gets Exported\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>✅ Post title, content, and excerpt\u003C\u002Fli>\n\u003Cli>✅ Post status and post type\u003C\u002Fli>\n\u003Cli>✅ Featured image (auto-downloaded on import)\u003C\u002Fli>\n\u003Cli>✅ All custom fields \u002F postmeta\u003C\u002Fli>\n\u003Cli>✅ Categories, tags, and custom taxonomies\u003C\u002Fli>\n\u003Cli>✅ ACF fields (including nested repeaters and image fields)\u003C\u002Fli>\n\u003Cli>✅ Inline images in content (auto-downloaded and URLs updated)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🤝 Works Great With These Popular Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🔧 \u003Cstrong>Advanced Custom Fields (ACF)\u003C\u002Fstrong> — Full support for ACF fields including nested repeaters and image fields\u003C\u002Fli>\n\u003Cli>🏗️ \u003Cstrong>Elementor\u003C\u002Fstrong> — All layout data stored in postmeta is preserved during export\u002Fimport\u003C\u002Fli>\n\u003Cli>🏗️ \u003Cstrong>WPBakery Page Builder\u003C\u002Fstrong> — Shortcode-based layouts in post content transfer seamlessly\u003C\u002Fli>\n\u003Cli>🦫 \u003Cstrong>Beaver Builder\u003C\u002Fstrong> — Page builder data in custom fields is carried over\u003C\u002Fli>\n\u003Cli>🛒 \u003Cstrong>WooCommerce\u003C\u002Fstrong> — Migrate product pages with all custom fields and taxonomies\u003C\u002Fli>\n\u003Cli>📝 \u003Cstrong>Yoast SEO\u003C\u002Fstrong> — SEO metadata (title, description, focus keyword) is exported and imported\u003C\u002Fli>\n\u003Cli>📝 \u003Cstrong>Rank Math\u003C\u002Fstrong> — All SEO metadata stored in custom fields is preserved\u003C\u002Fli>\n\u003Cli>🖼️ \u003Cstrong>Meta Box\u003C\u002Fstrong> — Custom fields created with Meta Box are included in the export\u003C\u002Fli>\n\u003Cli>🔁 \u003Cstrong>WPML\u003C\u002Fstrong> — Export translated content individually and import on multilingual sites\u003C\u002Fli>\n\u003Cli>🗂️ \u003Cstrong>Custom Post Type UI\u003C\u002Fstrong> — Works with any custom post type registered by CPT UI\u003C\u002Fli>\n\u003C\u002Ful>\n","Export and import WordPress posts & pages as JSON files with full support for custom fields, taxonomies, ACF fields, and featured images.",200,4713,70,"2026-02-12T20:04:00.000Z","4.0.0","7.4",[90,91,92,93,19],"clone-pages","content-migration","copy-posts","export-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpostpage-import-export-with-custom-fields-taxonomies.2.1.0.zip","2025-01-20 00:00:00",{"attackSurface":97,"codeSignals":118,"taintFlows":127,"riskAssessment":199,"analyzedAt":213},{"hooks":98,"ajaxHandlers":109,"restRoutes":115,"shortcodes":116,"cronEvents":117,"entryPointCount":26,"unprotectedCount":26},[99,105],{"type":100,"name":101,"callback":102,"file":103,"line":104},"action","admin_menu","scwp_sync_posts_menu","inc\\admin-menu.php",7,{"type":100,"name":106,"callback":107,"file":103,"line":108},"admin_enqueue_scripts","scwp_enqueue_styles",13,[110],{"action":111,"nopriv":112,"callback":113,"hasNonce":112,"hasCapCheck":112,"file":114,"line":104},"sync_posts",false,"scwp_sync_posts_func","inc\\posts-ajax-handler.php",[],[],[],{"dangerousFunctions":119,"sqlUsage":120,"outputEscaping":122,"fileOperations":125,"externalRequests":26,"nonceChecks":73,"capabilityChecks":73,"bundledLibraries":126},[],{"prepared":73,"raw":73,"locations":121},[],{"escaped":123,"rawEcho":73,"locations":124},20,[],8,[],[128,155,169,188],{"entryPoint":129,"graph":130,"unsanitizedCount":104,"severity":154},"scwp_sync_posts_func (inc\\posts-sync-func.php:3)",{"nodes":131,"edges":151},[132,138,143,146],{"id":133,"type":134,"label":135,"file":136,"line":137},"n0","source","$_POST (x5)","inc\\posts-sync-func.php",4,{"id":139,"type":140,"label":141,"file":136,"line":47,"wp_function":142},"n1","sink","file_get_contents() [SSRF\u002FLFI]","file_get_contents",{"id":144,"type":134,"label":145,"file":136,"line":137},"n2","$_POST (x2)",{"id":147,"type":140,"label":148,"file":136,"line":149,"wp_function":150},"n3","file_put_contents() [File Write]",151,"file_put_contents",[152,153],{"from":133,"to":139,"sanitized":112},{"from":144,"to":147,"sanitized":112},"medium",{"entryPoint":156,"graph":157,"unsanitizedCount":168,"severity":154},"\u003Cposts-sync-func> (inc\\posts-sync-func.php:0)",{"nodes":158,"edges":165},[159,161,162,164],{"id":133,"type":134,"label":160,"file":136,"line":137},"$_POST (x6)",{"id":139,"type":140,"label":141,"file":136,"line":47,"wp_function":142},{"id":144,"type":134,"label":163,"file":136,"line":137},"$_POST (x4)",{"id":147,"type":140,"label":148,"file":136,"line":149,"wp_function":150},[166,167],{"from":133,"to":139,"sanitized":112},{"from":144,"to":147,"sanitized":112},10,{"entryPoint":170,"graph":171,"unsanitizedCount":73,"severity":187},"scwp_sync_posts_options (inc\\posts-options-page.php:3)",{"nodes":172,"edges":183},[173,176,179,182],{"id":133,"type":134,"label":174,"file":175,"line":168},"$_POST['website_url']","inc\\posts-options-page.php",{"id":139,"type":140,"label":177,"file":175,"line":168,"wp_function":178},"echo() [XSS]","echo",{"id":144,"type":134,"label":180,"file":175,"line":181},"$_POST['num_posts']",24,{"id":147,"type":140,"label":177,"file":175,"line":181,"wp_function":178},[184,186],{"from":133,"to":139,"sanitized":185},true,{"from":144,"to":147,"sanitized":185},"low",{"entryPoint":189,"graph":190,"unsanitizedCount":73,"severity":187},"\u003Cposts-options-page> (inc\\posts-options-page.php:0)",{"nodes":191,"edges":196},[192,193,194,195],{"id":133,"type":134,"label":174,"file":175,"line":168},{"id":139,"type":140,"label":177,"file":175,"line":168,"wp_function":178},{"id":144,"type":134,"label":180,"file":175,"line":181},{"id":147,"type":140,"label":177,"file":175,"line":181,"wp_function":178},[197,198],{"from":133,"to":139,"sanitized":185},{"from":144,"to":147,"sanitized":185},{"summary":200,"deductions":201},"The 'sync-posts' plugin v1.0 exhibits a mixed security posture. While it demonstrates good practices by using prepared statements for all SQL queries and properly escaping all output, significant concerns arise from its attack surface and vulnerability history.  The presence of one unprotected AJAX handler presents a direct entry point for potential attacks, especially given the lack of nonce checks and capability checks. This is exacerbated by the taint analysis revealing two flows with unsanitized paths, indicating a potential for malicious data to be processed insecurely, even if no critical or high severity issues were immediately identified in this analysis.",[202,204,207,209,211],{"reason":203,"points":168},"Unprotected AJAX handler found",{"reason":205,"points":206},"Unpatched high severity CVE exists",18,{"reason":208,"points":104},"Flows with unsanitized paths found",{"reason":210,"points":125},"No nonce checks on entry points",{"reason":212,"points":125},"No capability checks on entry points","2026-03-16T21:00:17.139Z",{"wat":215,"direct":222},{"assetPaths":216,"generatorPatterns":218,"scriptPaths":219,"versionParams":220},[217],"\u002Fwp-content\u002Fplugins\u002Fsync-posts\u002Fcss\u002Fstyle.css",[],[],[221],"sync-posts\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":223,"htmlComments":225,"htmlAttributes":226,"restEndpoints":227,"jsGlobals":232,"shortcodeOutput":233},[224],"sync-posts-alert",[],[],[228,229,230,231],"\u002Fwp-json\u002Fwp\u002Fv2\u002Fposts","\u002Fwp-json\u002Fwp\u002Fv2\u002Fcategories\u002F","\u002Fwp-json\u002Fwp\u002Fv2\u002Ftags\u002F","\u002Fwp-json\u002Fwp\u002Fv2\u002Fmedia\u002F",[],[]]