[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fhJPj_pXWcu0QJqG_xoM3zEhc78UiJrwefmMPxfnMoNs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":146,"fingerprints":321},"tipi-components","Tipi Components","1.0","codetipi","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodetipi\u002F","\u003Cp>Tipi Components is a lightweight plugin to add some handy extra tools to your site. Currently the plugin has a few shortcodes, including columns, divider, buttons and dropcap.\u003C\u002Fp>\n\u003Cp>Shortcodes included\u003Cbr \u002F>\n* Columns\u003Cbr \u002F>\n* Divider\u003Cbr \u002F>\n* Dropcap\u003Cbr \u002F>\n* Buttons\u003C\u002Fp>\n\u003Ch3>Reporting Bugs\u003C\u002Fh3>\n\u003Cp>If you run into any issues, please let us know by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodetipi\u002Ftipi-components\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">opening up a new issue here\u003C\u002Fa>.\u003C\u002Fp>\n","Tipi Components is a lightweight plugin to add some handy extra tools to your site.",10,1241,0,"2017-02-04T21:08:00.000Z","4.7.32","4.0","",[19,20,21,22,23],"divider","modern-buttons","modern-dropcaps","responsive-columns","shortcodes","https:\u002F\u002Fgithub.com\u002Fcodetipi\u002Ftipi-components","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftipi-components.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-04T06:59:06.070Z",[36,57,81,102,125],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":55,"download_link":56,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"column-shortcodes","Column Shortcodes","1.0.1","Tobias Schutter","https:\u002F\u002Fprofiles.wordpress.org\u002Ftschutter\u002F","\u003Cp>Adds shortcodes to easily create columns in your posts or pages.\u003C\u002Fp>\n\u003Cp>Sometimes you just need to divide your page into different columns. With this plugin you just select a column shortcode and it will add the column to the page. You can also change the padding of each individual column from the UI.\u003C\u002Fp>\n\u003Cp>There are 10 different column widths available from which you can make all combinations:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>full width (1\u002F1)\u003C\u002Fli>\n\u003Cli>half (1\u002F2)\u003C\u002Fli>\n\u003Cli>one third (1\u002F3)\u003C\u002Fli>\n\u003Cli>two third (2\u002F3)\u003C\u002Fli>\n\u003Cli>one fourth (1\u002F4)\u003C\u002Fli>\n\u003Cli>three fourth (3\u002F4)\u003C\u002Fli>\n\u003Cli>one fifth (1\u002F5)\u003C\u002Fli>\n\u003Cli>two fifth (2\u002F5)\u003C\u002Fli>\n\u003Cli>three fifth (3\u002F5)\u003C\u002Fli>\n\u003Cli>four fifth (4\u002F5)\u003C\u002Fli>\n\u003Cli>one sixth (1\u002F6)\u003C\u002Fli>\n\u003Cli>five sixth (5\u002F6)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A preset stylesheet is included, which you can also overwrite to you liking in your theme’s stylesheet.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Related Links:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>http:\u002F\u002Fwww.codepresshq.com\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds shortcodes to easily create columns in your posts or pages.",60000,893481,96,134,"2022-10-11T12:57:00.000Z","6.0.11","4.8",[52,53,19,54,23],"column","columns","shortcode","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcolumn-shortcodes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcolumn-shortcodes.1.0.1.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":31,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":13,"last_vuln_date":80,"fetched_at":28},"apollo13-framework-extensions","Apollo13 Framework Extensions","1.9.9","apollo13themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fapollo13themes\u002F","\u003Cp>\u003Cstrong>Apollo13 Framework Extensions\u003C\u002Fstrong> adds few features to themes build on Apollo13 Framework. These are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Designs Importer,\u003C\u002Fli>\n\u003Cli>shortcodes based on Apollo13 Framework features: writtng effect, count down, socials, scroller, slider, galleries, post grid,\u003C\u002Fli>\n\u003Cli>support for WPBakery Page Builder elements added by Apollo13 Framework,\u003C\u002Fli>\n\u003Cli>custom post types: albums, works & people,\u003C\u002Fli>\n\u003Cli>Export\u002FImport of theme options,\u003C\u002Fli>\n\u003Cli>Custom Sidebar,\u003C\u002Fli>\n\u003Cli>Custom CSS,\u003C\u002Fli>\n\u003Cli>Meta options that are creating content for posts, pages, albums and works,\u003C\u002Fli>\n\u003Cli>Responsive Image resizing ,\u003C\u002Fli>\n\u003Cli>Maintenance mode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin requires one of themes build on \u003Cstrong>Apollo13 Framework\u003C\u002Fstrong> theme to be installed.\u003C\u002Fp>\n\u003Cp>It is mostly used for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fapollo13themes.com\u002Frife\u002Ffree\u002F\" rel=\"nofollow ugc\">Rife Free\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fapollo13themes.com\u002Frife\u002F\" rel=\"nofollow ugc\">Rife Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits & Copyright\u003C\u002Fh3>\n\u003Ch4>Anime.js, Copyright 2019 Julian Garnier\u003C\u002Fh4>\n\u003Cp>Licenses: MIT\u003Cbr \u002F>\nSource: https:\u002F\u002Fanimejs.com\u002F\u003C\u002Fp>\n","Adds custom post types, shortcodes and some features that are used in themes built on Apollo13 Framework.",20000,534616,100,"2025-12-04T08:12:00.000Z","6.5.8","4.7","5.4.0",[73,74,23,75],"custom-post-types","elementor-widgets","wpbakery-page-builder-support","https:\u002F\u002Fapollo13themes.com\u002Frife\u002Ffree","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapollo13-framework-extensions.zip",95,6,"2026-02-18 15:32:44",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":65,"downloaded":89,"rating":67,"num_ratings":31,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":17,"tags":93,"homepage":98,"download_link":99,"security_score":46,"vuln_count":100,"unpatched_count":13,"last_vuln_date":101,"fetched_at":28},"futurio-extra","Futurio Extra","2.0.23","FuturioWP","https:\u002F\u002Fprofiles.wordpress.org\u002Ffuturiowp\u002F","\u003Cp>Futurio Extra add extra features and options to \u003Ca href=\"https:\u002F\u002Ffuturiowp.com\u002F\" rel=\"nofollow ugc\">Futurio\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Ffuturio-storefront\u002F\" rel=\"ugc\">Futurio Storefront\u003C\u002Fa> theme.\u003Cbr \u002F>\nThis plugin require the free WP theme – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Ffuturio\u002F\" rel=\"ugc\">Futurio\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Ffuturio-storefront\u002F\" rel=\"ugc\">Futurio Storefront\u003C\u002Fa> – to be installed.\u003C\u002Fp>\n\u003Cp>Futurio Extra brings new widgets to be used in Elementor and allows you to import beautiful page templates for Elementor page builder. It also comes with 100% WooCommerce support and custom options. With the one click demo import feature you can import all our 10+ demo sites.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– One click demo import – import starter sites with one click. \u003Ca href=\"https:\u002F\u002Ffuturiowp.com\u002Fdemos\u002F\" rel=\"nofollow ugc\">Demos here\u003C\u002Fa>\u003Cbr \u002F>\n– Customizer options (Color presets, Google fonts, Layout desings…)\u003Cbr \u002F>\n– Page\u002Fpost custom options and features\u003Cbr \u002F>\n– Custom Elementor widgets and addons\u003Cbr \u002F>\n– Custom widgets (social icons, about me, recent & popular posts)\u003Cbr \u002F>\n– 100% WooCommerce support and custom WooCommerce options and features\u003Cbr \u002F>\n– Custom Elementor 404 page \u003Ca href=\"https:\u002F\u002Ffuturiowp.com\u002Fdocs\u002Ffuturio\u002Fcustomizer-settings\u002Ffooter-credits\u002F#custom-footer-with-elementor\" rel=\"nofollow ugc\">How to?\u003C\u002Fa>\u003Cbr \u002F>\n– Custom Elementor header \u003Ca href=\"https:\u002F\u002Ffuturiowp.com\u002Fdocs\u002Ffuturio\u002Fcustomizer-settings\u002Fcustom-header\u002F\" rel=\"nofollow ugc\">How to?\u003C\u002Fa>\u003Cbr \u002F>\n– Custom Elementor footer credits \u003Ca href=\"https:\u002F\u002Ffuturiowp.com\u002Fdocs\u002Ffuturio\u002Fcustomizer-settings\u002Fcustom-404-error-page\u002F\" rel=\"nofollow ugc\">How to?\u003C\u002Fa>\u003Cbr \u002F>\n– Custom Elementor blog feed builder \u003Ca href=\"https:\u002F\u002Ffuturiowp.com\u002Fdocs\u002Ffuturio\u002Fcustomizer-settings\u002Fcustom-404-error-page\u002F\" rel=\"nofollow ugc\">How to?\u003C\u002Fa>\u003Cbr \u002F>\n– And much more….\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ffuturiowp.com\u002Fdocs\u002Ffuturio\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Page Builders Friend\u003C\u002Fh4>\n\u003Cp>Futurio & Futurio Extra is best friend with the popular pagebuilders like Elementor, Beaver Builder, King Composer, Brizy, Visual Composer, SiteOrigin, Divi or Gutenberg.\u003C\u002Fp>\n\u003Ch4>Custom look with Elementor\u003C\u002Fh4>\n\u003Cp>With Elementor you can design your header, footer, 404 error page or the blog page look\u003C\u002Fp>\n\u003Ch4>20+ free demos sites\u003C\u002Fh4>\n\u003Cp>20+ free demo websites ready to import are included. Importing is easy with a few clicks.\u003C\u002Fp>\n\u003Ch4>100% WooCommerce support\u003C\u002Fh4>\n\u003Cp>Extend the WooCommerce with new options and features. Import full WooCommerce demo websites with few clicks and be ready to start your new store in few minutes.\u003C\u002Fp>\n\u003Ch3>Credits & Copyright\u003C\u002Fh3>\n\u003Ch4>Typed.js, Copyright 2014 Matt Bold\u003C\u002Fh4>\n\u003Cp>Licenses: MIT\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fmattboldt\u002Ftyped.js\u003C\u002Fp>\n\u003Ch4>Kirki, Copyright (c) 2017, Aristeides Stathopoulos\u003C\u002Fh4>\n\u003Cp>Licenses: MIT\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Faristath\u002Fkirki\u003C\u002Fp>\n\u003Ch4>Dilaz Metabox, by WebDilaz Team\u003C\u002Fh4>\n\u003Cp>Licenses: GPL-2.0+\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002FRodgath\u002FDilaz-Metaboxes-Plugin\u003C\u002Fp>\n","Futurio Extra add extra features to Futurio theme like widgets, WooCommerce options, Elementor widgets, one click demo import and much more.",740491,"2026-03-05T07:31:00.000Z","6.9.4","4.4",[94,95,96,23,97],"demo","elementor","page-builder","woocommerce","https:\u002F\u002Ffuturiowp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffuturio-extra.2.0.23.zip",7,"2024-12-02 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":65,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":17,"tags":116,"homepage":120,"download_link":121,"security_score":122,"vuln_count":123,"unpatched_count":13,"last_vuln_date":124,"fetched_at":28},"nd-shortcodes","ND Shortcodes","7.8","nicdark","https:\u002F\u002Fprofiles.wordpress.org\u002Fnicdark\u002F","\u003Ch4>Some components in the preview below\u003C\u002Fh4>\n\u003Cp>The plugin adds some useful components to your page builder ( Elementor or WP Bakery Page Builder ) that can be integrated very easily with your own theme.\u003C\u002Fp>\n","The plugin adds some useful components to your page builder ( Elementor or WP Bakery Page Builder ). All components are full responsive and retina rea &hellip;",412507,66,13,"2025-03-18T11:08:00.000Z","6.7.5","4.5",[117,95,118,23,119],"components","elementor-library","wp-bakery-page-builder","https:\u002F\u002Fnicdark.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnd-shortcodes.7.8.zip",89,5,"2024-05-24 11:33:21",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":135,"num_ratings":136,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":17,"tags":140,"homepage":143,"download_link":144,"security_score":145,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"contact-form-7-shortcode-enabler","Contact Form 7 Shortcode Enabler","1.1","Tobias Zimpel","https:\u002F\u002Fprofiles.wordpress.org\u002Ftz-media\u002F","\u003Cp>Many themes, as well as other plugins, provide shortcodes for layout options like multi-column-layouts, tabs, etc.\u003C\u002Fp>\n\u003Cp>By default, Contact Form 7 forms can not include shortcodes provided by WordPress or third-party-plugins or -themes.\u003Cbr \u002F>\nIt only processes its own shortcodes used to generate form elements.\u003C\u002Fp>\n\u003Cp>This plugin enables the usage of external shortcodes inside Contact Form 7 Forms.\u003C\u002Fp>\n","This plugin enables the usage of external shortcodes inside Contact Form 7 Forms.",10000,68161,98,12,"2024-10-18T12:44:00.000Z","6.6.5","2.6.0",[141,142,54,23],"cf7","contact-form-7","#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-shortcode-enabler.1.1.zip",92,{"attackSurface":147,"codeSignals":201,"taintFlows":210,"riskAssessment":310,"analyzedAt":320},{"hooks":148,"ajaxHandlers":176,"restRoutes":182,"shortcodes":183,"cronEvents":200,"entryPointCount":123,"unprotectedCount":31},[149,155,159,165,169,173],{"type":150,"name":151,"callback":152,"file":153,"line":154},"filter","mce_external_plugins","tipi_components_register","admin\\class-tipi-components-button.php",55,{"type":150,"name":156,"callback":157,"file":153,"line":158},"mce_buttons","tipi_components_buttons_callback",56,{"type":160,"name":161,"callback":162,"file":163,"line":164},"action","admin_enqueue_scripts","tipi_components_enqueue_scripts","inc\\class-tipi-components.php",62,{"type":160,"name":166,"callback":167,"file":163,"line":168},"admin_init","tipi_components_button_init",65,{"type":160,"name":170,"callback":171,"file":163,"line":172},"wp_enqueue_scripts","tipi_components_enqueue_scripts_frontend",77,{"type":150,"name":174,"callback":175,"file":163,"line":78},"mce_external_languages","tipi_components_i18n",[177],{"action":178,"nopriv":179,"callback":180,"hasNonce":179,"hasCapCheck":179,"file":153,"line":181},"tipi_components_buttons_insert_dialog",false,"tipi_components_box",57,[],[184,188,192,196],{"tag":185,"callback":186,"file":163,"line":187},"tipi_button","tipi_components_shortcode_buttons",80,{"tag":189,"callback":190,"file":163,"line":191},"tipi_divider","tipi_components_shortcode_divider",81,{"tag":193,"callback":194,"file":163,"line":195},"tipi_dropcap","tipi_components_shortcode_dropcap",82,{"tag":197,"callback":198,"file":163,"line":199},"tipi_column","tipi_components_shortcode_column",83,[],{"dangerousFunctions":202,"sqlUsage":203,"outputEscaping":205,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":208,"bundledLibraries":209},[],{"prepared":13,"raw":13,"locations":204},[],{"escaped":206,"rawEcho":13,"locations":207},86,[],2,[],[211,280],{"entryPoint":212,"graph":213,"unsanitizedCount":123,"severity":279},"tipi_components_box (admin\\class-tipi-components-button.php:93)",{"nodes":214,"edges":267},[215,219,225,227,230,233,237,240,243,246,249,252,255,258,261,264],{"id":216,"type":217,"label":218,"file":153,"line":78},"n0","source","$_POST",{"id":220,"type":221,"label":222,"file":153,"line":223,"wp_function":224},"n1","sink","echo() [XSS]",99,"echo",{"id":226,"type":217,"label":218,"file":153,"line":78},"n2",{"id":228,"type":221,"label":222,"file":153,"line":229,"wp_function":224},"n3",101,{"id":231,"type":217,"label":218,"file":153,"line":232},"n4",106,{"id":234,"type":235,"label":236,"file":153,"line":232},"n5","transform","→ tipi_components_buttons()",{"id":238,"type":221,"label":222,"file":153,"line":239,"wp_function":224},"n6",218,{"id":241,"type":217,"label":218,"file":153,"line":242},"n7",109,{"id":244,"type":235,"label":245,"file":153,"line":242},"n8","→ tipi_components_divider()",{"id":247,"type":221,"label":222,"file":153,"line":248,"wp_function":224},"n9",245,{"id":250,"type":217,"label":218,"file":153,"line":251},"n10",112,{"id":253,"type":235,"label":254,"file":153,"line":251},"n11","→ tipi_components_dropcap()",{"id":256,"type":221,"label":222,"file":153,"line":257,"wp_function":224},"n12",270,{"id":259,"type":217,"label":218,"file":153,"line":260},"n13",115,{"id":262,"type":235,"label":263,"file":153,"line":260},"n14","→ tipi_components_columns()",{"id":265,"type":221,"label":222,"file":153,"line":266,"wp_function":224},"n15",144,[268,270,271,272,273,274,275,276,277,278],{"from":216,"to":220,"sanitized":269},true,{"from":226,"to":228,"sanitized":179},{"from":231,"to":234,"sanitized":179},{"from":234,"to":238,"sanitized":179},{"from":241,"to":244,"sanitized":179},{"from":244,"to":247,"sanitized":179},{"from":250,"to":253,"sanitized":179},{"from":253,"to":256,"sanitized":179},{"from":259,"to":262,"sanitized":179},{"from":262,"to":265,"sanitized":179},"medium",{"entryPoint":281,"graph":282,"unsanitizedCount":309,"severity":279},"\u003Cclass-tipi-components-button> (admin\\class-tipi-components-button.php:0)",{"nodes":283,"edges":299},[284,286,287,288,289,290,291,292,293,294,295,296,297,298],{"id":216,"type":217,"label":285,"file":153,"line":78},"$_POST (x38)",{"id":220,"type":221,"label":222,"file":153,"line":223,"wp_function":224},{"id":226,"type":217,"label":218,"file":153,"line":232},{"id":228,"type":235,"label":236,"file":153,"line":232},{"id":231,"type":221,"label":222,"file":153,"line":239,"wp_function":224},{"id":234,"type":217,"label":218,"file":153,"line":242},{"id":238,"type":235,"label":245,"file":153,"line":242},{"id":241,"type":221,"label":222,"file":153,"line":248,"wp_function":224},{"id":244,"type":217,"label":218,"file":153,"line":251},{"id":247,"type":235,"label":254,"file":153,"line":251},{"id":250,"type":221,"label":222,"file":153,"line":257,"wp_function":224},{"id":253,"type":217,"label":218,"file":153,"line":260},{"id":256,"type":235,"label":263,"file":153,"line":260},{"id":259,"type":221,"label":222,"file":153,"line":266,"wp_function":224},[300,301,302,303,304,305,306,307,308],{"from":216,"to":220,"sanitized":269},{"from":226,"to":228,"sanitized":179},{"from":228,"to":231,"sanitized":179},{"from":234,"to":238,"sanitized":179},{"from":238,"to":241,"sanitized":179},{"from":244,"to":247,"sanitized":179},{"from":247,"to":250,"sanitized":179},{"from":253,"to":256,"sanitized":179},{"from":256,"to":259,"sanitized":179},4,{"summary":311,"deductions":312},"The tipi-components v1.0 plugin exhibits a generally good security posture with some significant concerns.  The absence of SQL queries without prepared statements and 100% proper output escaping are strong indicators of good development practices.  Furthermore, the plugin has no recorded vulnerabilities, which suggests a history of stable and secure code.  However, the presence of an unprotected AJAX handler is a critical risk. This entry point allows unauthenticated users to trigger potentially malicious actions or expose sensitive information, especially given the two identified taint flows with unsanitized paths. While the taint analysis did not yield critical or high severity findings, the lack of sanitization on these flows is concerning, as it could be exploited in conjunction with the unprotected AJAX handler. The plugin also lacks nonce checks on its AJAX handler, further increasing its susceptibility to Cross-Site Request Forgery (CSRF) attacks.",[313,316,318],{"reason":314,"points":315},"Unprotected AJAX handler",8,{"reason":317,"points":79},"Flows with unsanitized paths (2 flows)",{"reason":319,"points":123},"AJAX handler without nonce checks","2026-03-16T23:57:10.521Z",{"wat":322,"direct":333},{"assetPaths":323,"generatorPatterns":327,"scriptPaths":328,"versionParams":329},[324,325,326],"\u002Fwp-content\u002Fplugins\u002Ftipi-components\u002Fassets\u002Fcss\u002Fadmin-style.min.css","\u002Fwp-content\u002Fplugins\u002Ftipi-components\u002Fassets\u002Ffonts\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Ftipi-components\u002Fassets\u002Fcss\u002Fstyle.min.css",[],[],[330,331,332],"tipi-components\u002Fassets\u002Fcss\u002Fadmin-style.min.css?ver=","tipi-components\u002Fassets\u002Ffonts\u002Fstyle.css?ver=","tipi-components\u002Fassets\u002Fcss\u002Fstyle.min.css?ver=",{"cssClasses":334,"htmlComments":336,"htmlAttributes":337,"restEndpoints":338,"jsGlobals":339,"shortcodeOutput":340},[335],"tipi-divider",[],[],[],[],[341,342,343,344],"[tipi_button]","[tipi_divider]","[tipi_dropcap]","[tipi_column]"]