[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fiNlzxeFkSiBw2zNuukt7Pf4j1M1-yyhcnYs8WKck2YA":3,"$fx6pcxIVjp3aAyypy21tU-H-T5EHdRYx_bwisEwt6AKs":111,"$fkJ6ZGe7-GafYlV4qDMhV1CuR3LdZNpo-vdsh_rAUfro":116},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":34,"analysis":53,"fingerprints":97},"turnupsecurity-http-headers","TurnUpSecurity HTTP Headers – Simple & Secure WordPress HTTP Headers","1.0","TurnUpHosting","https:\u002F\u002Fprofiles.wordpress.org\u002Ffergi230\u002F","\u003Cp>Thank you for downloading our plugin. TurnUpSecurity HTTP Headers plugin allows you to enable HTTP headers from the settings page.\u003C\u002Fp>\n\u003Cp>Before you install the plugin go to https:\u002F\u002Fsecurityheaders.com\u002F and scan your website’s url, if it’s already at A, then no need to install the plugin.\u003C\u002Fp>\n\u003Ch3>Installation Instructions\u003C\u002Fh3>\n\u003Cp>Download the plugin, go to Plugins area in your WordPress dashboard, select add new plugin, and upload the zip file.\u003C\u002Fp>\n\u003Cp>Activate the plugin.\u003Cbr \u002F>\nGo to settings and select TurnUpSecurity HTTP Headers, check the box to Enable HTTP Headers and click on save.\u003C\u002Fp>\n\u003Cp>Verify your HTTP Header score by going to https:\u002F\u002Fsecurityheaders.com\u002F and scanning your website’s url (refresh the page first).\u003C\u002Fp>\n\u003Cp>That’s it Enjoy :).\u003C\u002Fp>\n\u003Ch3>About Us\u003C\u002Fh3>\n\u003Cp>TurnUpHosting provides Secure and Fast WordPress Hosting and custom web developments for all. \u003Ca href=\"https:\u002F\u002Fturnuphosting.com\u002F\" rel=\"nofollow ugc\">TurnUpHosting\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Contact and Credits\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fturnuphosting.com\u002Fweb-design\u002F\" rel=\"nofollow ugc\">TurnUpHosting Dev Team\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Adds X-Frame-Options Policy\u003C\u002Fli>\n\u003Cli>Adds X-XSS-Protection Policy\u003C\u002Fli>\n\u003Cli>Adds X-Content-Type-Options Policy\u003C\u002Fli>\n\u003Cli>Adds Strict-Transport-Security Policy\u003C\u002Fli>\n\u003Cli>Adds Referrer-Policy\u003C\u002Fli>\n\u003Cli>Adds Content-Security-Policy\u003C\u002Fli>\n\u003Cli>Adds Permissions-Policy\u003C\u002Fli>\n\u003C\u002Ful>\n","Thank you for downloading our plugin. TurnUpSecurity HTTP Headers plugin allows you to enable HTTP headers from the settings page.",10,5280,0,"2024-03-04T13:14:00.000Z","6.4.8","",[18,19,20],"http-headers-protection","wordpress-http-headers-security","x-xss-protection","https:\u002F\u002Fturnupsecurityshield.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fturnupsecurity-http-headers.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"fergi230",1,30,84,"2026-05-19T20:01:50.440Z",[35],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":13,"num_ratings":13,"last_updated":44,"tested_up_to":45,"requires_at_least":16,"requires_php":46,"tags":47,"homepage":16,"download_link":51,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":52},"s2-safety-functions","s2 Safety","1.9.2","Sebas2","https:\u002F\u002Fprofiles.wordpress.org\u002Fsebas2\u002F","\u003Cblockquote>\n\u003Cp>This will automatically add basic security headers to any wordpress website.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Overview\u003C\u002Fh4>\n\u003Cp>Adding security layers to your website has never been easier. Just add the plugin and activate. With this plugin you will reach a score of A+ on https:\u002F\u002Fsecurityheaders.com\u002F\u003C\u002Fp>\n\u003Ch4>Installation Instructions\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Upload \u003Ccode>s2 Safety\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n","WordPress plugin to add instant security basics",1081,"2022-05-29T15:34:00.000Z","6.0.11","5.2.17",[48,49,50,20],"referrer-policy-header-etc","x-content-type-options","x-frame-options","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fs2-safety-functions.zip","2026-04-06T09:54:40.288Z",{"attackSurface":54,"codeSignals":74,"taintFlows":84,"riskAssessment":85,"analyzedAt":96},{"hooks":55,"ajaxHandlers":70,"restRoutes":71,"shortcodes":72,"cronEvents":73,"entryPointCount":13,"unprotectedCount":13},[56,62,66],{"type":57,"name":58,"callback":59,"file":60,"line":61},"action","admin_menu","http_headers_toggler_menu","turnupsecheaders.php",19,{"type":57,"name":63,"callback":64,"file":60,"line":65},"admin_init","http_headers_toggler_settings",42,{"type":57,"name":67,"callback":68,"file":60,"line":69},"send_headers","http_headers_toggler_set_headers",77,[],[],[],[],{"dangerousFunctions":75,"sqlUsage":76,"outputEscaping":78,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":83},[],{"prepared":13,"raw":13,"locations":77},[],{"escaped":30,"rawEcho":30,"locations":79},[80],{"file":60,"line":81,"context":82},73,"raw output",[],[],{"summary":86,"deductions":87},"The \"turnupsecurity-http-headers\" v1.0 plugin exhibits a strong security posture based on the provided static analysis.  There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero attack surface.  Furthermore, the code signals are generally positive, with no dangerous functions, all SQL queries using prepared statements, and no file operations or external HTTP requests. The absence of vulnerabilities in its history reinforces this impression, suggesting a well-maintained and secure codebase.\n\nHowever, the analysis does highlight a couple of areas for concern that prevent a perfect score. The fact that only 50% of output is properly escaped, despite only two outputs being present, indicates a potential for cross-site scripting (XSS) vulnerabilities if the unescaped outputs handle user-controlled data. Additionally, the complete absence of nonce checks and capability checks, while not directly leading to deductions due to the lack of an attack surface, represents a missed opportunity for robust security, especially if the plugin were to be extended in the future. Without any historical vulnerabilities, it's difficult to gauge the plugin's long-term security practices, but the current static analysis suggests a conscientious developer.\n\nIn conclusion, the \"turnupsecurity-http-headers\" v1.0 plugin appears to be secure against common attack vectors, with a minimal attack surface and positive code practices regarding database interactions and external calls. The primary weakness lies in the potential for unescaped output, which should be addressed to ensure complete protection against XSS. The lack of nonce and capability checks is a minor concern in its current state but worth noting for future development.",[88,91,94],{"reason":89,"points":90},"Unescaped output detected",5,{"reason":92,"points":93},"Missing nonce checks",2,{"reason":95,"points":93},"Missing capability checks","2026-04-16T12:36:30.827Z",{"wat":98,"direct":103},{"assetPaths":99,"generatorPatterns":100,"scriptPaths":101,"versionParams":102},[],[],[],[],{"cssClasses":104,"htmlComments":106,"htmlAttributes":107,"restEndpoints":108,"jsGlobals":109,"shortcodeOutput":110},[105],"wrap",[],[],[],[],[],{"error":112,"url":113,"statusCode":114,"statusMessage":115,"message":115},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fturnupsecurity-http-headers\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":30,"versions":117},[118],{"version":6,"download_url":119,"svn_tag_url":120,"released_at":24,"has_diff":121,"diff_files_changed":122,"diff_lines":24,"trac_diff_url":24,"vulnerabilities":123,"is_current":112},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fturnupsecurity-http-headers.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fturnupsecurity-http-headers\u002Ftags\u002F1.0\u002F",false,[],[]]