[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$frH3JAgOgSx4WFp6LoG3_ep9YSbuB7z3VcBs671DN8ps":3,"$f5dDKoDvn5GyywyUTk3h2N05qsqNvlGUv2U1HvnEdpFA":201},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":35,"fingerprints":165},"tagesmenue","Tagesmenue Widget","1.0.0","colbeinformatik","https:\u002F\u002Fprofiles.wordpress.org\u002Fcolbeinformatik\u002F","\u003Ch3>This plugin let you automatically integrate the ‘daily menu’, ‘daily menu PDF Link’ and ‘menu cards’ as widget inside your wordpress restaurant-website\u003C\u002Fh3>\n\u003Cp>You get also an icon inside your editor, where you can add the ‘daily menu’ and ‘menu cards’ as shortlink.\u003Cbr \u002F>\nFor each ‘menu cards’ you can set your own icon image, the width and the alt-tag (inside the widget area: Appearance->Widgets)\u003Cbr \u002F>\nThe flip-book ‘menu cards’ opens in an iframe over the page.\u003C\u002Fp>\n\u003Cp>See how it works\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=PCYvHy-RURU\" rel=\"nofollow ugc\">Was ist Tagesmenü 2018\u003C\u002Fa>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FPCYvHy-RURU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=IC4Xc4qY8fw\" rel=\"nofollow ugc\">Demo Tagesmenü\u003C\u002Fa>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIC4Xc4qY8fw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Automatically integrate 'menu cards' from www.tagesmenue.ch inside your wordpress restaurant-website",10,1110,0,"2018-03-23T16:44:00.000Z","4.9.29","4.0","",[19,20,4],"daily-menu","menu-cards","http:\u002F\u002Fwww.colbe.ch","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftagesmenue.zip",85,null,"2026-04-06T09:54:40.288Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,20,74,30,76,"2026-04-18T22:45:21.621Z",[],{"attackSurface":36,"codeSignals":99,"taintFlows":155,"riskAssessment":156,"analyzedAt":164},{"hooks":37,"ajaxHandlers":89,"restRoutes":95,"shortcodes":96,"cronEvents":97,"entryPointCount":98,"unprotectedCount":98},[38,44,48,51,56,60,65,70,73,77,82,86],{"type":39,"name":40,"callback":41,"file":42,"line":43},"action","admin_menu","addPluginMenu","inc\\class.admin.php",23,{"type":39,"name":45,"callback":46,"file":42,"line":47},"admin_init","init",24,{"type":39,"name":45,"callback":49,"file":42,"line":50},"TAGESMENUEaddButtons",26,{"type":52,"name":53,"callback":54,"file":42,"line":55},"filter","mce_external_plugins","TAGESMENUEaddScriptTinymce",241,{"type":52,"name":57,"callback":58,"file":42,"line":59},"mce_buttons","registerTheButton",242,{"type":39,"name":61,"callback":62,"file":63,"line":64},"widgets_init","register_tagesmenue_button_widget","tagesmenue-button-widget.php",48,{"type":39,"name":66,"callback":67,"file":68,"line":69},"admin_enqueue_scripts","tagesmenue_katalog_widget_scripts","tagesmenue-katalog-widget.php",150,{"type":39,"name":61,"callback":71,"file":68,"line":72},"register_tagesmenue_katalog_widget",157,{"type":39,"name":61,"callback":74,"file":75,"line":76},"register_tagesmenue_widget","tagesmenue-widget.php",67,{"type":39,"name":78,"callback":79,"file":80,"line":81},"plugins_loaded","TAGESMENUE_Init","tagesmenue.php",38,{"type":39,"name":83,"callback":84,"file":80,"line":85},"wp_footer","hook_TAGESMENUE_javascript",120,{"type":39,"name":66,"callback":87,"file":80,"line":88},"tagesmenue_katalog_scripts",127,[90],{"action":91,"nopriv":92,"callback":93,"hasNonce":92,"hasCapCheck":92,"file":42,"line":94},"TAGESMENUE_shortcodePrinter",false,"tagesmenue_popup_shortcode",27,[],[],[],1,{"dangerousFunctions":100,"sqlUsage":101,"outputEscaping":103,"fileOperations":13,"externalRequests":13,"nonceChecks":98,"capabilityChecks":150,"bundledLibraries":151},[],{"prepared":13,"raw":13,"locations":102},[],{"escaped":104,"rawEcho":105,"locations":106},43,25,[107,110,112,114,115,117,119,121,123,125,127,129,131,133,134,136,137,139,140,141,143,144,145,147,149],{"file":42,"line":108,"context":109},54,"raw output",{"file":42,"line":111,"context":109},124,{"file":42,"line":113,"context":109},175,{"file":42,"line":113,"context":109},{"file":42,"line":116,"context":109},208,{"file":63,"line":118,"context":109},29,{"file":63,"line":120,"context":109},41,{"file":68,"line":122,"context":109},34,{"file":68,"line":124,"context":109},35,{"file":68,"line":126,"context":109},39,{"file":68,"line":128,"context":109},56,{"file":68,"line":130,"context":109},59,{"file":68,"line":132,"context":109},64,{"file":68,"line":132,"context":109},{"file":68,"line":135,"context":109},66,{"file":68,"line":135,"context":109},{"file":68,"line":138,"context":109},71,{"file":68,"line":138,"context":109},{"file":68,"line":138,"context":109},{"file":68,"line":142,"context":109},100,{"file":75,"line":118,"context":109},{"file":75,"line":126,"context":109},{"file":75,"line":146,"context":109},40,{"file":75,"line":148,"context":109},45,{"file":75,"line":148,"context":109},3,[152],{"name":153,"version":24,"knownCves":154},"TinyMCE",[],[],{"summary":157,"deductions":158},"The \"tagesmenue\" plugin v1.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all its SQL queries and performing a reasonable number of capability checks. The absence of any recorded vulnerabilities in its history is also a positive indicator of its development quality. However, a significant concern arises from its attack surface. With one identified AJAX handler and none of them protected by authentication, this represents a direct entry point for potential abuse.\n\nWhile the static analysis found no dangerous functions, unsanitized taint flows, or issues with file operations or external HTTP requests, the unprotected AJAX handler remains a critical weakness. The output escaping is also not fully robust, with 37% of outputs not being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is involved. The presence of TinyMCE, while not inherently a vulnerability, adds a layer of complexity that could indirectly contribute to security issues if not handled carefully within the plugin's logic.\n\nIn conclusion, the plugin has strengths in its SQL handling and a clean vulnerability history. Nevertheless, the unprotected AJAX endpoint and less-than-perfect output escaping present tangible security risks that require attention. The plugin's overall security could be significantly improved by implementing proper authentication and authorization checks on its AJAX handler and ensuring all outputs are consistently and correctly escaped.",[159,161],{"reason":160,"points":11},"Unprotected AJAX handler",{"reason":162,"points":163},"Inconsistent output escaping",5,"2026-03-17T00:05:05.553Z",{"wat":166,"direct":172},{"assetPaths":167,"generatorPatterns":169,"scriptPaths":170,"versionParams":171},[168],"\u002Fwp-content\u002Fplugins\u002Ftagesmenue\u002Ftagesmenue.php",[],[],[],{"cssClasses":173,"htmlComments":180,"htmlAttributes":181,"restEndpoints":193,"jsGlobals":194,"shortcodeOutput":195},[174,175,176,177,178,179],"TAGESMENUE_options","TAGESMENUE_shortcode_generator","tagesmenue-left","tagesmenue-centered","tagesmenue-left2x","tagesmenue-centered2x",[],[182,183,184,185,186,187,188,189,190,191,192],"id=\"TAGESMENUE_options\"","id=\"TAGESMENUE_shortcode_generator\"","id=\"TAGESMENUE_key\"","id=\"tagesmenue_design\"","id=\"TAGESMENUE_showmenu_FULL\"","id=\"TAGESMENUE_showmenu\"","id=\"TAGESMENUE_showpdfbutton\"","id=\"TAGESMENUE_3speisekarten\"","id=\"TAGESMENUE_showkatalogbutton\"","id=\"tagesmenue_pdf_id\"","id=\"tagesmenue_thumbnail\"",[],[],[196,197,198,199,200],"[tagesmenue]","[tagesmenue-full]","[tagesmenue-pdf]","[tagesmenue-cards]","[tagesmenue-katalog]",{"slug":4,"current_version":6,"total_versions":13,"versions":202},[]]