[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSjGC2_Q-5DBEJAIZl2eP7SSKZbdBFqNC_lmhiDhLvTQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":19,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":33,"fingerprints":124},"taboola-pixel","Taboola Pixel","1.1.5","Taboola","https:\u002F\u002Fprofiles.wordpress.org\u002Ftaboolawordpress\u002F","\u003Cp>Taboola Pixel enables you to track user interactions on your WordPress website and integrate with Realize’s advertising platform. The plugin provides:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy setup with guided onboarding\u003C\u002Fli>\n\u003Cli>Automatic pixel installation\u003C\u002Fli>\n\u003Cli>Seamless connection to your Realize account\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Simple Setup\u003C\u002Fstrong>: Connect your Realize account with just a few clicks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Codeless Solution\u003C\u002Fstrong>: Easy conversion tracking setup using Realize \u003Ca href=\"https:\u002F\u002Fdevelopers.taboola.com\u002Fpixel\u002Fdocs\u002Fcodeless-conversions?_gl=1*u4ap9j*_gcl_au*MjA0NTk4NzYzLjE3NTA1ODM0NzM.*_ga*NTE1MjQ3Mjk0LjE3NTAzMzYyNjc.*_ga_ERHENNM7DM*czE3NTE4ODI3MTkkbzU1JGcxJHQxNzUxODgyOTEwJGo1JGwwJGgw\" rel=\"nofollow ugc\">Codeless solution\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure\u003C\u002Fstrong>: Follows WordPress security best practices\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, please visit \u003Ca href=\"https:\u002F\u002Fhelp.taboola.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fhelp.taboola.com\u002F\u003C\u002Fa> or contact your Realize account manager.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin sends data to Realize’s servers for analytics and advertising purposes. Please review Realize’s privacy policy at \u003Ca href=\"https:\u002F\u002Fwww.taboola.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.taboola.com\u002Fprivacy-policy\u003C\u002Fa> and ensure you have proper user consent mechanisms in place.\u003C\u002Fp>\n","Taboola Pixel is a WordPress plugin that injects the Taboola Pixel code into your website for advanced tracking and analytics.",400,1954,0,"2026-02-24T10:30:00.000Z","6.9.4","5.0","7.4",[],"","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftaboola-pixel.1.1.5.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":21,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"taboolawordpress",3,3410,183,79,"2026-04-04T03:43:56.845Z",[],{"attackSurface":34,"codeSignals":111,"taintFlows":119,"riskAssessment":120,"analyzedAt":123},{"hooks":35,"ajaxHandlers":98,"restRoutes":107,"shortcodes":108,"cronEvents":109,"entryPointCount":110,"unprotectedCount":13},[36,42,47,51,55,58,62,67,71,74,77,80,82,85,88,92,94],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","wp_head","tabpx_add_pixel_to_head","includes\\header.php",14,{"type":37,"name":43,"callback":44,"file":45,"line":46},"admin_menu","tabpx_add_admin_menu","includes\\settings.php",12,{"type":37,"name":48,"callback":49,"file":45,"line":50},"admin_enqueue_scripts","tabpx_enqueue_admin_styles",15,{"type":37,"name":52,"callback":53,"file":45,"line":54},"admin_init","tabpx_settings_init",17,{"type":37,"name":48,"callback":56,"file":45,"line":57},"tabpx_enqueue_admin_scripts",93,{"type":37,"name":59,"callback":60,"file":45,"line":61},"in_admin_header","tabpx_inject_topbar",147,{"type":37,"name":63,"callback":64,"file":65,"line":66},"woocommerce_thankyou","closure","includes\\woocommerce-events.php",95,{"type":37,"name":68,"callback":64,"priority":69,"file":65,"line":70},"woocommerce_add_to_cart",10,111,{"type":37,"name":72,"callback":64,"file":65,"line":73},"woocommerce_checkout_init",130,{"type":37,"name":75,"callback":64,"file":65,"line":76},"wp_footer",139,{"type":37,"name":78,"callback":64,"file":65,"line":79},"woocommerce_before_single_product",148,{"type":37,"name":75,"callback":64,"file":65,"line":81},151,{"type":37,"name":83,"callback":64,"file":65,"line":84},"woocommerce_before_shop_loop",160,{"type":37,"name":86,"callback":64,"file":65,"line":87},"woocommerce_product_query",167,{"type":89,"name":90,"callback":91,"file":65,"line":29},"filter","woocommerce_add_to_cart_fragments","tabpx_add_to_cart_event_fragment",{"type":37,"name":75,"callback":64,"file":65,"line":93},186,{"type":37,"name":95,"callback":96,"file":65,"line":97},"init","tabpx_register_woocommerce_events",192,[99,104],{"action":100,"nopriv":101,"callback":100,"hasNonce":102,"hasCapCheck":102,"file":45,"line":103},"tabpx_install_account_id",false,true,127,{"action":105,"nopriv":101,"callback":105,"hasNonce":102,"hasCapCheck":102,"file":45,"line":106},"tabpx_uninstall_account_id",128,[],[],[],2,{"dangerousFunctions":112,"sqlUsage":113,"outputEscaping":115,"fileOperations":13,"externalRequests":13,"nonceChecks":27,"capabilityChecks":110,"bundledLibraries":118},[],{"prepared":13,"raw":13,"locations":114},[],{"escaped":116,"rawEcho":13,"locations":117},28,[],[],[],{"summary":121,"deductions":122},"The Taboola Pixel plugin v1.1.5 exhibits a strong security posture based on the provided static analysis and vulnerability history. The code demonstrates good security practices, including 100% use of prepared statements for SQL queries and proper output escaping for all identified outputs. The absence of dangerous functions, file operations, and external HTTP requests further contributes to a reduced attack surface.\n\nCritically, there are no critical or high-severity taint flows detected, indicating that user-supplied data is not being mishandled in a way that could lead to significant security breaches. The presence of nonce and capability checks on its two AJAX entry points suggests an effort to protect against common WordPress attack vectors. Furthermore, the plugin has no recorded vulnerabilities, CVEs, or historical security issues, implying a commitment to maintaining a secure codebase.\n\nWhile the plugin demonstrates considerable strengths in secure coding practices and a clean vulnerability history, its limited attack surface with two unprotected AJAX handlers could be a point of concern if those handlers were to be modified in future versions without proper security considerations. However, based on the current data, the plugin appears to be very secure.",[],"2026-03-17T05:37:04.384Z",{"wat":125,"direct":136},{"assetPaths":126,"generatorPatterns":130,"scriptPaths":131,"versionParams":132},[127,128,129],"\u002Fwp-content\u002Fplugins\u002Ftaboola-pixel\u002Fjs\u002Ftaboola-pixel.js","\u002Fwp-content\u002Fplugins\u002Ftaboola-pixel\u002Fcss\u002Ftaboola-pixel.css","\u002Fwp-content\u002Fplugins\u002Ftaboola-pixel\u002Fjs\u002Ftaboola-pixel-woocommerce.js",[],[127,129],[133,134,135],"taboola-pixel\u002Fjs\u002Ftaboola-pixel.js?ver=","taboola-pixel\u002Fcss\u002Ftaboola-pixel.css?ver=","taboola-pixel\u002Fjs\u002Ftaboola-pixel-woocommerce.js?ver=",{"cssClasses":137,"htmlComments":139,"htmlAttributes":140,"restEndpoints":141,"jsGlobals":142,"shortcodeOutput":144},[138],"wc-taboola-event-placeholder",[],[],[],[143],"window._tfa",[]]