[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkZ5JZJtv3e1IQc4ia05AWQyWMtNKsa6cIyk5093aU_o":3,"$f5kFO_1tYj-r3XciBV7KhPO6k0VWJ2RhR-sjJRwKqlJI":380,"$f_fEqE0cT3zBQj1JKtbpOIRQD7NTB75Uc-LvJznKyRYc":384},{"slug":4,"name":5,"version":6,"author":5,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":35,"analysis":128,"fingerprints":352},"topcontent","Topcontent","1.2.1","https:\u002F\u002Fprofiles.wordpress.org\u002Ftopcontent\u002F","\u003Cp>At Topcontent we work hard to create the text you need for your websites. With the Topcontent plugin, you can have finished content automatically published on your website.\u003C\u002Fp>\n\u003Cp>In other words, with this plugin, you no longer need to manually publish your content. Instead, you assign which site the content should be published on when placing a content order. And when the content is ready, it will automatically be published on that site. You can also set which date the article should be published.\u003C\u002Fp>\n\u003Cp>This is an extremely useful plugin if you manage several WordPress sites and need to create long term content plans. For example, if you want to publish one article a week over a year, you can place an order for 52 articles and specify different publishing dates. The content will automatically be published on your site on those dates.\u003C\u002Fp>\n\u003Cp>For more information please visit: \u003Ca href=\"https:\u002F\u002Ftopcontent.com\u002Fsolutions\u002Ftopcontent-wordpress-plugin\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Ftopcontent.com\u003C\u002Fa>\u003C\u002Fp>\n","With the Topcontent plugin, you can have content orders automatically published directly to your website.",10,1820,0,"2023-11-24T08:37:00.000Z","6.3.8","4.7","5.6",[18,19,20,21,22],"content","content-automation","content-creation","content-marketing","content-writing","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftopcontent\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftopcontent.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":4,"display_name":5,"profile_url":7,"plugin_count":31,"total_installs":10,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-05-19T20:40:49.463Z",[36,56,74,93,112],{"slug":37,"name":38,"version":39,"author":37,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":31,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":54,"download_link":55,"security_score":45,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27},"contentpen","ContentPen","1.0.12","https:\u002F\u002Fprofiles.wordpress.org\u002Fcontentpen\u002F","\u003Cp>ContentPen is an AI-powered content writing assistant designed to help businesses create, optimize, and publish SEO-friendly blog posts at scale. By combining deep research with your brand’s unique voice, ContentPen crafts high-impact articles that outperform your competition.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Brand Knowledge\u003C\u002Fstrong>: AI-powered analysis of your brand voice, unique selling points, target audience, and competitors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keyword and Title Selection\u003C\u002Fstrong>: Automated title suggestions and search intent alignment for SEO success.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Deep Topic Research\u003C\u002Fstrong>: In-depth SERP analysis and content gap identification.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimized Blog Outline\u003C\u002Fstrong>: Research-backed article structure with a semantic SEO approach.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>High-Quality First Draft\u003C\u002Fstrong>: Collaborative AI agents generating comprehensive content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quality Review and Optimization\u003C\u002Fstrong>: SEO optimization to enhance article performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Final Enhancements\u003C\u002Fstrong>: Strategic linking and automated images for appealing blogs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Effortless Publishing\u003C\u002Fstrong>: Seamless integration with WordPress and other CMS platforms (coming soon).\u003C\u002Fli>\n\u003C\u002Ful>\n","AI-Powered SEO Content Writing Assistant",200,2094,100,"2026-04-03T11:02:00.000Z","6.9.4","5.8","7.4",[51,52,21,22,53],"ai","blogging","seo","https:\u002F\u002Fcontentpen.ai","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontentpen.1.0.12.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":45,"downloaded":64,"rating":45,"num_ratings":31,"last_updated":65,"tested_up_to":47,"requires_at_least":66,"requires_php":49,"tags":67,"homepage":72,"download_link":73,"security_score":45,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27},"brainypress","BrainyPress","2.8","Naveed Ali Shah","https:\u002F\u002Fprofiles.wordpress.org\u002Fmrnaveedshah\u002F","\u003Cp>\u003Cstrong>Meet BrainyPress v2.8: Your Free Auto-Writer for WordPress.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>BrainyPress is a fully automated content machine designed to rank on Google. Whether you want to run it on \u003Cstrong>Auto-Pilot (Server Cron)\u003C\u002Fstrong> while you sleep or trigger posts \u003Cstrong>Manually\u003C\u002Fstrong>, BrainyPress handles it all.\u003C\u002Fp>\n\u003Cp>Unlike old-school spinners, BrainyPress uses \u003Cstrong>Google Gemini 2.0 Flash (Free API)\u003C\u002Fstrong> with \u003Cstrong>Real-Time Search Grounding\u003C\u002Fstrong> to write factually accurate, human-quality articles that readers love.\u003C\u002Fp>\n\u003Ch3>🌟 Why is BrainyPress Different?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>⚡ Fully Automated (Set & Forget):\u003C\u002Fstrong> Just set a schedule (e.g., “Post every hour”). BrainyPress runs 24\u002F7 in the background, generating fresh content even while you are offline.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🧠 Liquid AI Logic (All Niches Supported):\u003C\u002Fstrong> No rigid templates! The AI adapts instantly to \u003Cstrong>ANY Niche\u003C\u002Fstrong>.\n\u003Cul>\n\u003Cli>\u003Cem>Crypto\u002FFinance:\u003C\u002Fem> Writes deep technical analysis & price predictions.\u003C\u002Fli>\n\u003Cli>\u003Cem>Food\u002FRecipes:\u003C\u002Fem> Writes mouth-watering steps with ingredients.\u003C\u002Fli>\n\u003Cli>\u003Cem>News\u002FSports:\u003C\u002Fem> Writes journalistic breaking reports.\u003C\u002Fli>\n\u003Cli>\u003Cem>Tech\u002FReviews:\u003C\u002Fem> Writes pros\u002Fcons and spec comparisons.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔗 Smart SEO Engine:\u003C\u002Fstrong> Automatically weaves \u003Cstrong>Internal Links\u003C\u002Fstrong> to your older posts and adds high-authority \u003Cstrong>External Links\u003C\u002Fstrong> (Wikipedia, News) to boost SEO authority.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔍 Real-Time Google Data:\u003C\u002Fstrong> Fetches live 2026 data (Prices, Scores, News) before writing. No outdated hallucinations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>✍️ 100% Human-Style Writing:\u003C\u002Fstrong> Uses “Storytelling Mode” to avoid robotic lists. The content flows naturally to bypass AI detectors.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Auto-Run & Manual Modes:\u003C\u002Fstrong> Total control. Run bulk batches instantly or schedule them for drip-feeding.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Twitter (X) Auto-Posting:\u003C\u002Fstrong> Viral marketing built-in. Automatically tweets your new posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free to Use:\u003C\u002Fstrong> Built on the generous Free Tier of Gemini API. Zero monthly fees.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Crash-Proof:\u003C\u002Fstrong> Optimized SQL logic ensures it handles 100+ posts without crashing your server.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Turn your WordPress site into a money-making auto-blog today with BrainyPress.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>External Services Disclosure\u003C\u002Fh3>\n\u003Cp>This plugin relies on third-party API services to function. API keys are stored securely in your database.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>1. Google Gemini API (by Google)\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Usage:\u003C\u002Fstrong> Generates article text, performs web searches, and structures HTML.\u003Cbr \u002F>\n* \u003Cstrong>Privacy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">Google Privacy Policy\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fai.google.dev\u002Fterms\" rel=\"nofollow ugc\">Terms\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Twitter \u002F X API (by X Corp)\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Usage:\u003C\u002Fstrong> Posts updates to your social feed.\u003Cbr \u002F>\n* \u003Cstrong>Privacy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fen\u002Fprivacy\" rel=\"nofollow ugc\">Twitter Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","The Ultimate Fully Automated AI Blogger. Runs 24\u002F7 on Auto-Pilot or Manual Mode. Generates Human-Like, SEO-Ranked Content for ANY Niche using Free Gem &hellip;",613,"2026-01-18T20:45:00.000Z","6.0",[68,69,70,19,71],"ai-auto-blogger","auto-blogging","auto-content-creation","wordpress-automation","https:\u002F\u002Fbrainypress.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrainypress.2.8.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":45,"downloaded":82,"rating":45,"num_ratings":31,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":91,"download_link":92,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27},"rss-ground","RSS Ground","1.0.1","Max Galitsyn","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaytory\u002F","\u003Cp>If you are having troubles connecting third-party scripts to your WordPress’s XML-RPC, this plugin is for you.\u003C\u002Fp>\n\u003Cp>This plugin offers alternative XML-RPC file that is not blocked by your hosting provider or security plugins.\u003C\u002Fp>\n\u003Cp>It was originally developed for RSSGround.com users who set up automated posting campaigns for their WordPress blogs but it can be used by anybody else.\u003C\u002Fp>\n\u003Cp>RSSGround.com is a service that helps you streamline and automate all of your content marketing efforts – generation, curation, publishing and display.\u003C\u002Fp>\n\u003Cp>Find out more about RSS Ground: \u003Ca href=\"https:\u002F\u002Fwww.rssground.com\u002F\" rel=\"nofollow ugc\">Content marketing service\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Compare our membership plans: \u003Ca href=\"https:\u002F\u002Fwww.rssground.com\u002Fpricing\" rel=\"nofollow ugc\">Sign up\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fhelp.rssground.com\u002Farticle\u002F241-rssground-plugin-for-wordpress-posting\" rel=\"nofollow ugc\">More details on this plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>System Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP >=5.6\u003C\u002Fli>\n\u003Cli>WordPress >=4.6\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Website\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.rssground.com\" rel=\"nofollow ugc\">RSS Ground\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Author\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paytory.com\" rel=\"nofollow ugc\">Paytory Inc.\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","RSSGround.com is a service that helps you streamline and automate all of your content marketing efforts - generation, curation, publishing & display.",2537,"2024-02-18T21:34:00.000Z","6.4.8","4.6","",[19,21,88,89,90],"content-posting","rssground","rssground-com","https:\u002F\u002Fhelp.rssground.com\u002Farticle\u002F241-rssground-plugin-for-wordpress-posting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-ground.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":10,"downloaded":101,"rating":12,"num_ratings":12,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":86,"tags":105,"homepage":109,"download_link":110,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":111},"bolt-media-wp-integration","Bolt Platform Integration","1.5","boltmedia","https:\u002F\u002Fprofiles.wordpress.org\u002Fboltmedia\u002F","\u003Cp>This plugin enables you to connect your brand’s Bolt Account with your WordPress publication, enabling direct publication from content creators on our platform. Install this plugin and follow the instructions on the Bolt Platform to enable the integration for publication.\u003C\u002Fp>\n","WordPress publishing integration from the Bolt Content Platform.",1448,"2017-04-25T07:30:00.000Z","3.4.2","4.4",[106,20,21,107,108],"brand-content","content-strategy","publishing","https:\u002F\u002Fboltmedia.co\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbolt-media-wp-integration.zip","2026-04-06T09:54:40.288Z",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":12,"downloaded":120,"rating":12,"num_ratings":12,"last_updated":121,"tested_up_to":47,"requires_at_least":122,"requires_php":49,"tags":123,"homepage":86,"download_link":127,"security_score":45,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27},"acme-bot-ai-seo-writer-content-generator","ACME.BOT – AI SEO Writer & Content Generator","1.0.4","ACME.BOT","https:\u002F\u002Fprofiles.wordpress.org\u002Facmebot\u002F","\u003Cp>ACME.BOT is a fully automated AI SEO writer for businesses that integrates seamlessly with WordPress to enable running your blog on auto-pilot. Unlike generic AI-generated content that risks diluting your credibility, ACME.BOT focuses on writing useful high-quality blogs that your audience will find valuable, while simultaneously helping your SEO and Answer Engine ranking.\u003Cbr \u002F>\nWhy choose ACME.BOT for your WordPress site?\u003C\u002Fp>\n\u003Ch4>Deep-Researched Articles\u003C\u002Fh4>\n\u003Cp>ACME.BOT ensures your blog features publish-ready articles that genuinely add value to your audience. With automated research capabilities, this AI SEO writer produces in-depth, authoritative content that resonates with readers and earns search engine rewards. This drives trust, boosts engagement, and expands organic traffic reach for your brand.\u003C\u002Fp>\n\u003Ch4>AI Diagram Generator\u003C\u002Fh4>\n\u003Cp>The unique AI diagram generator creates visuals that hook readers and convey information instantly. Going beyond basic AI images, ACME.BOT creates illustrations that weave into your narrative and amplify complex ideas. In a world where skimming is common, ACME.BOT ensures your content captures attention effortlessly with diagrams that actually help your audience understand concepts better.\u003C\u002Fp>\n\u003Ch4>Content Strategy and Planning\u003C\u002Fh4>\n\u003Cp>ACME.BOT transforms your WordPress content strategy by breaking down competition and dissecting market trends with ease. It targets keywords that matter and crafts tailored content plans with a single click. Staying ahead in SEO and Answer Engine Optimization becomes second nature with ACME.BOT working for you.\u003C\u002Fp>\n\u003Ch4>All-in-One Solution for Cost Efficiency\u003C\u002Fh4>\n\u003Cp>ACME.BOT replaces expensive, fragmented content tools that typically cost hundreds monthly. This comprehensive AI SEO writer functions as a bundle of built-in AI keyword planners, automatic competitor gap analysis, optimized article creation, custom illustrations, and auto-publishing features. With zero freelancer management or plugin errors, ACME.BOT cuts your marketing costs while increasing productivity.\u003C\u002Fp>\n\u003Ch4>WordPress Integration\u003C\u002Fh4>\n\u003Cp>ACME.BOT integrates smoothly with your existing WordPress setup, enabling true content automation. Schedule posts, maintain consistent publishing schedules, and keep your blog active without constant manual intervention.\u003C\u002Fp>\n\u003Ch3>Why ACME.BOT?\u003C\u002Fh3>\n\u003Cp>In today’s content-saturated digital landscape, standing out requires more than just quantity. ACME.BOT ensures your WordPress blog features high-quality, deep-researched content that actually helps your audience while improving your search rankings.\u003Cbr \u002F>\nThe best way to rank while retaining an audience is to write articles that are genuinely helpful – that’s why ACME.BOT focuses on creating valuable content, not AI-generated fluff. With features like the advanced AI diagram generator and strategic content planning, ACME.BOT ensures consistent branding, higher conversion rates, and stress-free reliability for your WordPress site.\u003Cbr \u002F>\nExperience the difference of a fully automated AI SEO writer that understands both search algorithms and human readers.\u003C\u002Fp>\n\u003Cp>The plugin creates a REST endpoint that’s used by ACME.BOT to publish articles on your WordPress website.\u003C\u002Fp>\n","Run your WordPress blog on auto-pilot with ACME.BOT - automated AI SEO writer that creates deep-researched, publish-ready content with AI diagrams.",552,"2026-04-06T09:53:00.000Z","5.0",[124,125,126,19,21],"ai-diagram-generator","ai-seo-writer","blog-autopilot","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facme-bot-ai-seo-writer-content-generator.zip",{"attackSurface":129,"codeSignals":167,"taintFlows":233,"riskAssessment":341,"analyzedAt":351},{"hooks":130,"ajaxHandlers":163,"restRoutes":164,"shortcodes":165,"cronEvents":166,"entryPointCount":12,"unprotectedCount":12},[131,137,140,144,148,153,156,160],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","admin_enqueue_scripts","topcont_admin_scripts","topcontent.php",34,{"type":132,"name":133,"callback":138,"file":135,"line":139},"topcont_admin_styles",35,{"type":132,"name":141,"callback":142,"file":135,"line":143},"admin_menu","topcont_admin_menu",36,{"type":132,"name":145,"callback":146,"file":135,"line":147},"init","topcont_callback",38,{"type":149,"name":150,"callback":151,"priority":10,"file":135,"line":152},"filter","plugin_action_links","topcont_add_settings_link",41,{"type":149,"name":154,"callback":151,"priority":10,"file":135,"line":155},"network_admin_plugin_action_links",42,{"type":132,"name":157,"callback":158,"file":135,"line":159},"admin_post_topcont","topcont_post_save",305,{"type":132,"name":161,"callback":158,"file":135,"line":162},"admin_post_nopriv_topcont",306,[],[],[],[],{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":174,"fileOperations":31,"externalRequests":12,"nonceChecks":31,"capabilityChecks":31,"bundledLibraries":232},[],{"prepared":12,"raw":31,"locations":170},[171],{"file":135,"line":172,"context":173},80,"$wpdb->get_results() with variable interpolation",{"escaped":175,"rawEcho":32,"locations":176},13,[177,180,182,184,186,188,190,191,193,195,197,199,201,203,205,207,209,210,211,212,214,216,218,220,222,223,225,226,228,230],{"file":135,"line":178,"context":179},128,"raw output",{"file":135,"line":181,"context":179},132,{"file":135,"line":183,"context":179},146,{"file":135,"line":185,"context":179},147,{"file":135,"line":187,"context":179},148,{"file":135,"line":189,"context":179},158,{"file":135,"line":189,"context":179},{"file":135,"line":192,"context":179},167,{"file":135,"line":194,"context":179},168,{"file":135,"line":196,"context":179},169,{"file":135,"line":198,"context":179},216,{"file":135,"line":200,"context":179},217,{"file":135,"line":202,"context":179},218,{"file":135,"line":204,"context":179},219,{"file":135,"line":206,"context":179},220,{"file":135,"line":208,"context":179},226,{"file":135,"line":208,"context":179},{"file":135,"line":208,"context":179},{"file":135,"line":208,"context":179},{"file":135,"line":213,"context":179},231,{"file":135,"line":215,"context":179},244,{"file":135,"line":217,"context":179},260,{"file":135,"line":219,"context":179},274,{"file":135,"line":221,"context":179},281,{"file":135,"line":221,"context":179},{"file":135,"line":224,"context":179},284,{"file":135,"line":224,"context":179},{"file":135,"line":227,"context":179},512,{"file":135,"line":229,"context":179},517,{"file":135,"line":231,"context":179},559,[],[234,252,310],{"entryPoint":235,"graph":236,"unsanitizedCount":250,"severity":251},"topcont_admin_menu_html (topcontent.php:108)",{"nodes":237,"edges":247},[238,242],{"id":239,"type":240,"label":241,"file":135,"line":185},"n0","source","$_GET (x4)",{"id":243,"type":244,"label":245,"file":135,"line":185,"wp_function":246},"n1","sink","echo() [XSS]","echo",[248],{"from":239,"to":243,"sanitized":249},false,4,"medium",{"entryPoint":253,"graph":254,"unsanitizedCount":12,"severity":309},"topcont_post_save (topcontent.php:308)",{"nodes":255,"edges":300},[256,259,262,266,268,272,274,278,280,284,286,290,292,296],{"id":239,"type":240,"label":257,"file":135,"line":258},"$_POST['topcont-api-key']",315,{"id":243,"type":244,"label":260,"file":135,"line":258,"wp_function":261},"update_option() [Settings Manipulation]","update_option",{"id":263,"type":240,"label":264,"file":135,"line":265},"n2","$_POST['topcont-api-url']",327,{"id":267,"type":244,"label":260,"file":135,"line":265,"wp_function":261},"n3",{"id":269,"type":240,"label":270,"file":135,"line":271},"n4","$_POST['topcont-draft']",332,{"id":273,"type":244,"label":260,"file":135,"line":271,"wp_function":261},"n5",{"id":275,"type":240,"label":276,"file":135,"line":277},"n6","$_POST['topcont-featured-image']",335,{"id":279,"type":244,"label":260,"file":135,"line":277,"wp_function":261},"n7",{"id":281,"type":240,"label":282,"file":135,"line":283},"n8","$_POST['topcont-first-h1']",338,{"id":285,"type":244,"label":260,"file":135,"line":283,"wp_function":261},"n9",{"id":287,"type":240,"label":288,"file":135,"line":289},"n10","$_POST['topcont-author']",341,{"id":291,"type":244,"label":260,"file":135,"line":289,"wp_function":261},"n11",{"id":293,"type":240,"label":294,"file":135,"line":295},"n12","$_POST['redirect']",348,{"id":297,"type":244,"label":298,"file":135,"line":295,"wp_function":299},"n13","wp_redirect() [Open Redirect]","wp_redirect",[301,303,304,305,306,307,308],{"from":239,"to":243,"sanitized":302},true,{"from":263,"to":267,"sanitized":302},{"from":269,"to":273,"sanitized":302},{"from":275,"to":279,"sanitized":302},{"from":281,"to":285,"sanitized":302},{"from":287,"to":291,"sanitized":302},{"from":293,"to":297,"sanitized":302},"low",{"entryPoint":311,"graph":312,"unsanitizedCount":12,"severity":309},"\u003Ctopcontent> (topcontent.php:0)",{"nodes":313,"edges":332},[314,315,316,317,318,319,320,321,322,323,324,325,326,327,328,330],{"id":239,"type":240,"label":241,"file":135,"line":185},{"id":243,"type":244,"label":245,"file":135,"line":185,"wp_function":246},{"id":263,"type":240,"label":257,"file":135,"line":258},{"id":267,"type":244,"label":260,"file":135,"line":258,"wp_function":261},{"id":269,"type":240,"label":264,"file":135,"line":265},{"id":273,"type":244,"label":260,"file":135,"line":265,"wp_function":261},{"id":275,"type":240,"label":270,"file":135,"line":271},{"id":279,"type":244,"label":260,"file":135,"line":271,"wp_function":261},{"id":281,"type":240,"label":276,"file":135,"line":277},{"id":285,"type":244,"label":260,"file":135,"line":277,"wp_function":261},{"id":287,"type":240,"label":282,"file":135,"line":283},{"id":291,"type":244,"label":260,"file":135,"line":283,"wp_function":261},{"id":293,"type":240,"label":288,"file":135,"line":289},{"id":297,"type":244,"label":260,"file":135,"line":289,"wp_function":261},{"id":329,"type":240,"label":294,"file":135,"line":295},"n14",{"id":331,"type":244,"label":298,"file":135,"line":295,"wp_function":299},"n15",[333,334,335,336,337,338,339,340],{"from":239,"to":243,"sanitized":302},{"from":263,"to":267,"sanitized":302},{"from":269,"to":273,"sanitized":302},{"from":275,"to":279,"sanitized":302},{"from":281,"to":285,"sanitized":302},{"from":287,"to":291,"sanitized":302},{"from":293,"to":297,"sanitized":302},{"from":329,"to":331,"sanitized":302},{"summary":342,"deductions":343},"The \"topcontent\" v1.2.1 plugin exhibits a generally good security posture with a minimal attack surface. The absence of AJAX handlers, REST API routes, shortcodes, and cron events that are unprotected is a significant strength, indicating a conscious effort to limit entry points.  The presence of a nonce check and capability check further bolsters this by implementing basic security controls. However, the static analysis reveals a critical concern regarding SQL queries: 100% of them are not using prepared statements. This means that any user-supplied data that influences these SQL queries is susceptible to SQL injection attacks, a severe vulnerability. The taint analysis shows one flow with an unsanitized path, which, while not flagged as critical or high, still indicates a potential for data leakage or manipulation if that path involves user input. The vulnerability history is clean, which is positive, but it doesn't negate the risks identified in the static analysis. Overall, while the plugin has a small attack surface and implements some basic checks, the lack of prepared statements for all SQL queries and the identified unsanitized path are significant weaknesses that require immediate attention.",[344,346,349],{"reason":345,"points":10},"All SQL queries lack prepared statements",{"reason":347,"points":348},"Flow with unsanitized path",5,{"reason":350,"points":250},"Low percentage of properly escaped output","2026-03-17T00:11:53.188Z",{"wat":353,"direct":363},{"assetPaths":354,"generatorPatterns":357,"scriptPaths":358,"versionParams":360},[355,356],"\u002Fwp-content\u002Fplugins\u002Ftopcontent\u002Fassets\u002Fcss\u002Fadmin-topcontent.css","\u002Fwp-content\u002Fplugins\u002Ftopcontent\u002Fassets\u002Fcss\u002Fjquery-ui.min.css",[],[359],"\u002Fwp-content\u002Fplugins\u002Ftopcontent\u002Fassets\u002Fjs\u002Fadmin-topcontent.js",[361,362],"admin-topcontent.js?v=1.2","admin-topcontent.css?v=1.2",{"cssClasses":364,"htmlComments":373,"htmlAttributes":375,"restEndpoints":377,"jsGlobals":378,"shortcodeOutput":379},[365,366,367,368,369,370,371,372],"topcont-hide","topcont","topcont-logo","topcont-api-key-save","topcont-api-key-change","topcont-msg","topcont-msg-ok","topcont-msg-error",[374],"\u003C!-- Stop direct call -->",[376],"data-tab-content",[],[366],[],{"error":302,"url":381,"statusCode":382,"statusMessage":383,"message":383},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ftopcontent\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":12,"versions":385},[]]