[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNsCbKirOHExB3q6w3CEVpjSIM2-WG_EvEqnpTKlID_0":3,"$fpei4w2ninQPBBcU8QQvgnojgqNpPdBO6OSSXWN1LBIU":155,"$fonr-I0qlKKeR0cTRZj4HRTzWHS-A2yYUYTwmi3lNPCc":159},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":36,"analysis":61,"fingerprints":136},"traumaradar","TraumaRadar","1.0.5","snoei","https:\u002F\u002Fprofiles.wordpress.org\u002Fsnoei\u002F","\u003Cp>\u003Cstrong>TraumaRadar\u003C\u002Fstrong> biedt een widget en shortcode voor WordPress waarmee gebruikers realtime de route kunnen volgen van trauma-, ambulance-, politie- en kustwachthelikopters. Informatie naar voor gedetailleerde vluchtinformatie. Ideaal voor nieuwswebsites maar ook voor websites gericht op luchtvaart, hulpdiensten of 112 nieuwsverslaggeving.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Belangrijkste functies\u003C\u002Fstrong>:\u003Cbr \u002F>\n– Toon een live kaart met helikopterroutes.\u003Cbr \u002F>\n– Ondersteuning voor traumahelikopters, ambulancehelikopters, politiehelikopters en kustwachthelikopters.\u003Cbr \u002F>\n– Informatie naar gedetailleerde vluchtgegevens en bijbehorende 112 meldingen\u003Cbr \u002F>\n– Eenvoudige integratie via een shortcode of widget op je website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Gebruik van de ShortCode\u003C\u002Fstrong>\u003Cbr \u002F>\nJe kunt een kaart\u002Fmap aan je website toevoegen van een helikoptervlucht met behulp van een shortcode:\u003Cbr \u002F>\n1. Ga naar je Pagina of Post > Voeg blok toe > Zoek naar “Shortcode”\u003Cbr \u002F>\n2. Voeg nu de volgende code toe:\u003C\u002Fp>\n\u003Cpre>\n[traumaradar_map url=\"https:\u002F\u002Ftraumaradar.nl\u002Fvlucht\u002F2024\u002F10\u002F11\u002F103682\u002Flifeliner-4-ph-ttr-naar-groningen-airport-eelde.html\" show_title=\"1\" show_date=\"1\" show_map=\"1\"]\n\u003C\u002Fpre>\n\u003Cp>De parameters:\u003Cbr \u002F>\n* \u003Cem>“url”\u003C\u002Fem> – Vervang “url” met de gewenste url naar de vlucht die je wilt tonen. Zoek deze op op \u003Ca href=\"https:\u002F\u002Ftraumaradar.nl\" rel=\"nofollow ugc\">traumaradar.nl\u003C\u002Fa>.\u003Cbr \u002F>\n* \u003Cem>“show_title”\u003C\u002Fem> – Toont de titel. Vervang “1” door “0” om de titel niet te tonen.\u003Cbr \u002F>\n* \u003Cem>“show_date”\u003C\u002Fem> – Toont de datum van de vlucht. Vervang “1” door “0” om de datum niet te tonen.\u003Cbr \u002F>\n* \u003Cem>“show_map”\u003C\u002Fem> – Toont de kaart. Vervang “1” door “0” om de kaart niet te tonen.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Gebruik van de Widget (vanaf WordPress 6.6)\u003C\u002Fstrong>\u003Cbr \u002F>\nJe kunt een kaart\u002Fmap aan je website toevoegen van een helikoptervlucht met behulp van een block of widget:\u003Cbr \u002F>\n1. Ga naar je Pagina of Post > Voeg blok toe > Zoek naar “TraumaRadar Map”\u003Cbr \u002F>\n2. Ga naar de traumaradar.nl website en zoek naar de vlucht die je wilt tonen\u003Cbr \u002F>\n3. Kopieer de link naar de pagina vanuit de browser en plak deze in het “Traumaradar vlucht url” veld.\u003Cbr \u002F>\n4. Kies welke onderdelen je wilt tonen: Kaart, datum en titel.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Voorwaarden\u003C\u002Fstrong>\u003Cbr \u002F>\nDeze plugin maakt gebruik van de (third-party) traumaradar.nl website om het kaartje en de gegevens op je website te tonen. De plugin gebruikt daarvoor de \u003Ca href=\"https:\u002F\u002Ftraumaradar.nl\u002Fwordpressapi\" rel=\"nofollow ugc\">TraumaRadar API\u003C\u002Fa>. Let op: deze API mag alleen worden gebruikt door de code van de plugin, het gebruik buiten de plugin om is niet toegestaan. Lees het\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Ftraumaradar.nl\u002Fprivacybeleid\" rel=\"nofollow ugc\">Privacybeleid\u003C\u002Fa> en onze \u003Ca href=\"https:\u002F\u002Ftraumaradar.nl\u002Falgemene-voorwaarden\" rel=\"nofollow ugc\">Algemene Voorwaarden\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Tags\u003C\u002Fh3>\n\u003Cp>traumahelikopter, ambulancehelikopter, politiehelikopter, kustwacht, vluchten, radar, kaart, helikopter, traumaradar, luchtvaart, emergency services, live tracking\u003C\u002Fp>\n\u003Ch3>License & Copyright\u003C\u002Fh3>\n\u003Cp>Deze plugin is gelicenseerd onder de GPLv2 of later.\u003C\u002Fp>\n","Toon een map\u002Fkaart helikoptervluchten van trauma-, ambulance-, politie- en kustwachthelikopters op je website doormiddel van een widget of shortcode.",0,863,"2024-10-11T09:49:00.000Z","6.6.5","5.0","5.6",[18,19,20,4],"112","heli","traumahelikopters","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftraumaradar.1.0.5.zip",92,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":29,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"tonsnoei",2,10,89,30,86,"2026-05-20T01:34:22.657Z",[37],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":33,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":21,"tags":51,"homepage":57,"download_link":58,"security_score":59,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":60},"helion-widgets-pro","Helion Widgets Pro","1.5.7","paulpela","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaulpela\u002F","\u003Cp>Wzbogać swój serwis o ciekawe treści, które przyciągną do Ciebie klientów! Rozwiń skrzydła w e-biznesie i zacznij dobrze zarabiać. Poszerz swoją ofertę o nowości oraz bestsellery literatury informatycznej, biznesowej, przewodniki turystyczne, beletrystykę oraz poradniki psychologiczne. Pamiętaj książki informatyczne to najlepiej sprzedające się pozycje w sieci!\u003C\u002Fp>\n\u003Cp>Program partnerski działa praktycznie bezobsługowo a jego zasady są proste i przejrzyste. Partner może publikować wszystkie informacje o książkach dostępnych w księgarniach Grupy Wydawniczej Helion, a mianowicie: onepress.pl, helion.pl, sensus.pl, septem.pl i ebookpoint.pl, w tym fragmentów książek, okładek, filmów video, szczegółowych opisów oraz spisów treści wraz z mechanizmem dodawania książek\u003Cbr \u002F>\ndo koszyka.\u003C\u002Fp>\n\u003Cp>W zamian za prezentację naszych produktów otrzymasz wynagrodzenie w postaci prowizji od każdego zrealizowanego zakupu w księgarniach za pośrednictwem swojej strony. Prowizja od każdego zrealizowanego zamówienia wynosi 5%.\u003C\u002Fp>\n\u003Cp>Już teraz zapoznaj się z Programem Partnerskim na stronie https:\u002F\u002Fprogram-partnerski.helion.pl i dołącz do 4 tysięcy partnerów współpracujących z nami!\u003C\u002Fp>\n\u003Cp>Wtyczka pozwala na:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>umieszczanie na blogu widgetów z książkami (wybrane książki, książka dnia, bestsellery, wyszukiwarka)\u003C\u002Fli>\n\u003Cli>łatwe umieszczanie informacji o książkach i linków we wpisach\u003C\u002Fli>\n\u003Cli>stworzenie na blogu własnej księgarni zawierającej wszystkie pozycje z dowolnej księgarni GW Helion\u003C\u002Fli>\n\u003C\u002Ful>\n","Zainstaluj na swoim blogu widgety z książkami, umieszczaj informacje o książkach we wpisach, otwórz własną księgarnię i zarabiaj z GW Helion!",9359,20,1,"2019-04-24T08:33:00.000Z","4.7.32","3.1",[52,53,54,55,56],"ebookpoint","helion","onepress","sensus","septem","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fhelion-widgets-pro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhelion-widgets-pro.1.5.7.zip",85,"2026-03-15T15:16:48.613Z",{"attackSurface":62,"codeSignals":83,"taintFlows":90,"riskAssessment":124,"analyzedAt":135},{"hooks":63,"ajaxHandlers":74,"restRoutes":80,"shortcodes":81,"cronEvents":82,"entryPointCount":47,"unprotectedCount":11},[64,70],{"type":65,"name":66,"callback":67,"file":68,"line":69},"action","init","traumardr_create_block_init","traumaradar.php",41,{"type":65,"name":71,"callback":72,"file":68,"line":73},"enqueue_block_editor_assets","traumardr_enqueue_block_editor_assets",57,[75],{"action":76,"nopriv":77,"callback":76,"hasNonce":78,"hasCapCheck":77,"file":68,"line":79},"traumardr_fetch_data",false,true,103,[],[],[],{"dangerousFunctions":84,"sqlUsage":85,"outputEscaping":87,"fileOperations":11,"externalRequests":47,"nonceChecks":47,"capabilityChecks":11,"bundledLibraries":89},[],{"prepared":11,"raw":11,"locations":86},[],{"escaped":47,"rawEcho":11,"locations":88},[],[],[91,114],{"entryPoint":92,"graph":93,"unsanitizedCount":47,"severity":113},"traumardr_fetch_data (traumaradar.php:76)",{"nodes":94,"edges":110},[95,100,104],{"id":96,"type":97,"label":98,"file":68,"line":99},"n0","source","$_POST",97,{"id":101,"type":102,"label":103,"file":68,"line":99},"n1","transform","→ traumardr_fetch_data_internal()",{"id":105,"type":106,"label":107,"file":68,"line":108,"wp_function":109},"n2","sink","wp_remote_get() [SSRF]",64,"wp_remote_get",[111,112],{"from":96,"to":101,"sanitized":77},{"from":101,"to":105,"sanitized":77},"medium",{"entryPoint":115,"graph":116,"unsanitizedCount":47,"severity":113},"\u003Ctraumaradar> (traumaradar.php:0)",{"nodes":117,"edges":121},[118,119,120],{"id":96,"type":97,"label":98,"file":68,"line":99},{"id":101,"type":102,"label":103,"file":68,"line":99},{"id":105,"type":106,"label":107,"file":68,"line":108,"wp_function":109},[122,123],{"from":96,"to":101,"sanitized":77},{"from":101,"to":105,"sanitized":77},{"summary":125,"deductions":126},"The \"traumaradar\" v1.0.5 plugin exhibits a strong security posture based on the static analysis.  It adheres to several good security practices, including the absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and proper output escaping for all identified outputs.  Furthermore, it correctly implements nonce checks and has no known vulnerabilities or CVEs, indicating a history of secure development or diligent patching.  The limited attack surface, with only one AJAX handler and no shortcodes, cron events, or REST API routes, is also a positive sign.  However, the presence of two taint flows with unsanitized paths, even without critical or high severity, warrants attention as it suggests potential, albeit unexploited, avenues for code injection or manipulation.  Additionally, the single external HTTP request is a potential point of concern if not properly secured, as it could be a vector for attacks or lead to information disclosure.  While the plugin demonstrates a generally secure foundation, these specific areas should be further investigated for robustness. The lack of capability checks on its sole entry point is a notable omission, though this is mitigated by the fact that it's an AJAX handler with a nonce check.  Overall, \"traumaradar\" v1.0.5 is a well-developed plugin from a security perspective, but it's not entirely without potential risks, particularly concerning the identified taint flows and the external HTTP request.",[127,130,132],{"reason":128,"points":129},"Taint flows with unsanitized paths",5,{"reason":131,"points":30},"External HTTP request without clear context",{"reason":133,"points":134},"Lack of capability checks on AJAX handler",3,"2026-03-17T06:28:10.351Z",{"wat":137,"direct":147},{"assetPaths":138,"generatorPatterns":144,"scriptPaths":145,"versionParams":146},[139,140,141,142,143],"\u002Fwp-content\u002Fplugins\u002Ftraumaradar\u002Fbuild\u002Fnotices\u002Frender.php","\u002Fwp-content\u002Fplugins\u002Ftraumaradar\u002Fbuild\u002Fsettings-page\u002Frender.php","\u002Fwp-content\u002Fplugins\u002Ftraumaradar\u002Fbuild\u002Fmap-shortcode\u002Frender.php","\u002Fwp-content\u002Fplugins\u002Ftraumaradar\u002Fbuild\u002Fmap-widget\u002Fblock.json","\u002Fwp-content\u002Fplugins\u002Ftraumaradar\u002Fassets\u002Fmap-placeholder.jpg",[],[142],[],{"cssClasses":148,"htmlComments":149,"htmlAttributes":150,"restEndpoints":151,"jsGlobals":152,"shortcodeOutput":154},[],[],[],[],[153],"traumardr_ajax",[],{"error":78,"url":156,"statusCode":157,"statusMessage":158,"message":158},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ftraumaradar\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":160,"versions":161},4,[162,167,174,181],{"version":6,"download_url":22,"svn_tag_url":163,"released_at":24,"has_diff":77,"diff_files_changed":164,"diff_lines":24,"trac_diff_url":165,"vulnerabilities":166,"is_current":78},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftraumaradar\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftraumaradar%2Ftags%2F1.0.4&new_path=%2Ftraumaradar%2Ftags%2F1.0.5",[],{"version":168,"download_url":169,"svn_tag_url":170,"released_at":24,"has_diff":77,"diff_files_changed":171,"diff_lines":24,"trac_diff_url":172,"vulnerabilities":173,"is_current":77},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftraumaradar.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftraumaradar\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftraumaradar%2Ftags%2F1.0.3&new_path=%2Ftraumaradar%2Ftags%2F1.0.4",[],{"version":175,"download_url":176,"svn_tag_url":177,"released_at":24,"has_diff":77,"diff_files_changed":178,"diff_lines":24,"trac_diff_url":179,"vulnerabilities":180,"is_current":77},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftraumaradar.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftraumaradar\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftraumaradar%2Ftags%2F1.0.2&new_path=%2Ftraumaradar%2Ftags%2F1.0.3",[],{"version":182,"download_url":183,"svn_tag_url":184,"released_at":24,"has_diff":77,"diff_files_changed":185,"diff_lines":24,"trac_diff_url":24,"vulnerabilities":186,"is_current":77},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftraumaradar.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftraumaradar\u002Ftags\u002F1.0.2\u002F",[],[]]