[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIHrtOh98wU7wfV9KXgYeBn3iwRf5eSZiL9K1WGOeJ4Q":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":63,"crawl_stats":38,"alternatives":70,"analysis":92,"fingerprints":323},"uichemy","UiChemy — Figma Converter for Elementor, Gutenberg and Bricks","4.7.0","POSIMYTH","https:\u002F\u002Fprofiles.wordpress.org\u002Fposimyththemes\u002F","\u003Cp>Convert Figma Designs into Live WordPress Websites in seconds. You can edit your website using the popular Elementor Page Builder, Bricks Builder & Default Gutenberg Block Editor.\u003C\u002Fp>\n\u003Cp>Well, that’s it, that’s the product. Install can bring your website to reality!\u003C\u002Fp>\n\u003Cp>—\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fuichemy.com\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\"> Visit Website\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=m2R0Qo0ax4Y&list=PLFRO-irWzXaJ00ay82qZZ2T4etPCPh7er\" rel=\"nofollow ugc\">Video Tutorials\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fuichemy.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">Documentations\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Froadmap.uichemy.com\u002F\" rel=\"nofollow ugc\">Roadmap\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fuichemy\u002F\" rel=\"nofollow ugc\">Join Facebook Community\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fuichemy\u002F\" rel=\"ugc\">Free Support\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fstore.posimyth.com\u002Fhelpdesk\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\">Premium Support\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fuichemy.com\u002Fchat\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\">AI Chat (Instant Answers)\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fuichemy.com\u002Ftemplates-library\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\">UiChemy Figma Templates\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fuichemy.com\u002Fcase-study-templates\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\">Conversion Case Study(GUIDED)\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Figma Plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.figma.com\u002Fcommunity\u002Fplugin\u002F1265873702834050352\" rel=\"nofollow ugc\">Figma to Elementor Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.figma.com\u002Fcommunity\u002Fplugin\u002F1344313361212431142\u002F\" rel=\"nofollow ugc\">Figma to Bricks Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.figma.com\u002Fcommunity\u002Fplugin\u002F1379733208974981538\u002Fuichemy-convert-figma-to-gutenberg-block-editor-wordpress\" rel=\"nofollow ugc\">Figma to Gutenberg Plugin\u003C\u002Fa> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwww.figma.com\u002Fcommunity\u002Fplugin\u002F1265873702834050352\u002Fuichemy-convert-figma-to-wordpress-elementor-and-gutenberg\" rel=\"nofollow ugc\">Read our Onboarding Guidelines to Get Best Output with UiChemy\u003C\u002Fa>\u003C\u002Fh3>\n\u003Ch3>See UiChemy in Action \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fvm8Ak5Oy9AU\" rel=\"nofollow ugc\"> Watch Now\u003C\u002Fa>\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fvm8Ak5Oy9AU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How Does UiChemy Work?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Design your Website in Figma.\u003Ca href=\"https:\u002F\u002Fuichemy.com\u002Fhelp\u002Fdesign-guidelines\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\"> \u003Cem>(Following Design Guidelines)\u003C\u002Fem>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Install UiChemy Figma Plugin & Export Designs.\u003C\u002Fli>\n\u003Cli>Download UiChemy WordPress Plugin to Connect with Figma\u003C\u002Fli>\n\u003Cli>Import Figma Design directly to your WordPress Site\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cem>NB: You can also manually download JSON file and import Templates\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Seems like too good to be true?\u003C\u002Fp>\n\u003Cp>👉🏻 \u003Cstrong>Watch How it works:\u003C\u002Fstrong>\u003Ca href=\"https:\u002F\u002Fyoutu.be\u002F8E2d7O0BZ3c\" rel=\"nofollow ugc\"> \u003Cstrong>See in Action\u003C\u002Fstrong>\u003C\u002Fa>\u003Cbr \u002F>\n👉🏻 \u003Cstrong>Read How it works:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Ftheplusaddons.com\u002Fblog\u002Fconvert-figma-to-elementor\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\">\u003Cstrong>Figma to Elementor Convertor\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>What makes UiChemy Exclusive?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Felementor.com\u002Fwidgets\u002F\" rel=\"nofollow ugc\">Supports 30+ Elementor Widgets\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftheplusaddons.com\u002Felementor-widgets\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\">Supports 30+ Widgets from The Plus Addons for Elementor\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>No Coding Knowledge required\u003C\u002Fli>\n\u003Cli>Fast Loading Websites\u003C\u002Fli>\n\u003Cli>Free forever, upgrade as per your need\u003C\u002Fli>\n\u003Cli>Complete peace of mind\u003C\u002Fli>\n\u003Cli>Saves time for Developers\u003C\u002Fli>\n\u003Cli>Magic wand for Web designers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can further edit them directly from your preferred page builder.\u003C\u002Fp>\n\u003Cp>This is not Figma to HTML Code Convertor, it converts Figma designs to Elementor Editable website using its widgets set. No HTML Code is added. You can edit these templates using supported Elementor Widgets, Brick Elements or Gutenberg Blocks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fposimyth\u002FUiChemy-Plugin-Developer\" rel=\"nofollow ugc\">WordPress Plugin Source Code\u003C\u002Fa>\u003C\u002Fstrong> – To embrace the open-source community, we’ve also made the plugin’s design source code available here.\u003C\u002Fp>\n\u003Ch3>🔍 OUR PRODUCTS\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftheplusaddons.com\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=links\" rel=\"nofollow ugc\">🥇 The Plus Addons for Elementor\u003C\u002Fa>\u003C\u002Fstrong> –  120+ Powerful Elementor Widgets for Elementor Page Builder.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fnexterwp.com\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=widgetslinks\" rel=\"nofollow ugc\">🥇 NexterWP Theme, Blocks & Extensions\u003C\u002Fa>\u003C\u002Fstrong> – Best Starter Theme for WordPress with 22+ WordPress Extension & 90+ Gutenberg Blocks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwdesignkit.com\u002F?utm_source=wordpress&utm_medium=readmepage&utm_campaign=widgetslinks\" rel=\"nofollow ugc\">🥇WdesignKit\u003C\u002Fa>\u003C\u002Fstrong> – 1000+ Elementor Template, Elementor Widget Builder, Widget Convertor to Block, Bricks, Cloud Template & Widget Storage & more.\u003C\u002Fp>\n","Convert Figma Designs Templates into 100% Editable WordPress Websites. It's having figma to Elementor, Figma to Gutenberg & Figma to Bricks P &hellip;",8000,119734,100,12,"2026-03-06T13:39:00.000Z","6.9.4","6.6","7.4",[20,21,22,23,24],"figma-to-bricks","figma-to-code","figma-to-elementor","figma-to-gutenberg","figma-to-wordpress","https:\u002F\u002Fuichemy.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuichemy.4.7.0.zip",98,2,0,"2026-01-12 00:00:00","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-69362","uichemy-authenticated-author-stored-cross-site-scripting","UiChemy \u003C= 4.4.2 - Authenticated (Author+) Stored Cross-Site Scripting","The UiChemy plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=4.4.2","4.4.3","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-01-19 16:16:20",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fca7a968d-b1e9-4e8b-803a-58269910d9ff?source=api-prod",8,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":48},"CVE-2025-62013","uichemy-missing-authorization","UiChemy \u003C= 4.0.0 - Missing Authorization","The UiChemy — Figma Converter for Elementor, Gutenberg and Bricks plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 4.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.","\u003C=4.0.0","4.0.1",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-10-16 00:00:00","2025-10-23 14:32:56",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa673f9f9-ad32-4dcf-bbbb-115a5339c415?source=api-prod",{"slug":64,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":65,"avg_security_score":66,"avg_patch_time_days":67,"trust_score":68,"computed_at":69},"posimyththemes",460050,96,72,85,"2026-04-04T04:20:37.234Z",[71],{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":13,"num_ratings":81,"last_updated":82,"tested_up_to":16,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":90,"download_link":91,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"yotako-convert-figma-designs","Yotako – Convert Figma Designs","1.2.20","yotako","https:\u002F\u002Fprofiles.wordpress.org\u002Fyotako\u002F","\u003Cp>Convert Figma designs into fully editable WordPress themes in just a few clicks. No coding required.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>Live Chat: This plugin integrates Crisp Chat (https:\u002F\u002Fcrisp.chat\u002F), which provides live chat support on the website. By using Crisp Chat, users may be subject to their privacy policy and terms of service. For more information, visit: https:\u002F\u002Fcrisp.chat\u002Fen\u002Fprivacy\u002F.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by Yotako S.A.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, use the Live Chat icon available in the plugin or visit \u003Ca href=\"https:\u002F\u002Ffigma-to-wordpress.com\" rel=\"nofollow ugc\">https:\u002F\u002Ffigma-to-wordpress.com\u003C\u002Fa>.\u003C\u002Fp>\n","Create Figma designs to professional WordPress themes with AI. Ready to download or publish online in 1 click. Ideal for designers, freelancers, and b &hellip;",200,3882,5,"2026-01-30T12:13:00.000Z","4.7","7.0",[86,87,88,89,24],"ai","convert","domain","figma-to-website","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyotako-convert-figma-designs.1.2.20.zip",{"attackSurface":93,"codeSignals":236,"taintFlows":271,"riskAssessment":313,"analyzedAt":322},{"hooks":94,"ajaxHandlers":194,"restRoutes":233,"shortcodes":234,"cronEvents":235,"entryPointCount":108,"unprotectedCount":29},[95,101,105,110,113,117,122,126,129,132,135,139,144,149,153,156,160,163,165,168,171,174,179,184,189],{"type":96,"name":97,"callback":98,"file":99,"line":100},"filter","rest_pre_serve_request","uiche_rest_send_cors_headers","includes\\admin\\class-uich-api.php",75,{"type":96,"name":102,"callback":103,"file":99,"line":104},"upload_mimes","add_svg_to_upload_mimes",76,{"type":96,"name":106,"callback":107,"priority":108,"file":99,"line":109},"http_request_timeout","uich_modify_http_request_default_timeout",10,77,{"type":96,"name":111,"callback":111,"priority":108,"file":99,"line":112},"uich_recommended_settings",83,{"type":114,"name":115,"callback":116,"file":99,"line":68},"action","rest_api_init","closure",{"type":114,"name":118,"callback":119,"file":120,"line":121},"elementor\u002Finit","uich_initialize_controls","includes\\admin\\class-uich-elementor.php",40,{"type":114,"name":123,"callback":124,"priority":108,"file":120,"line":125},"elementor\u002Felement\u002Fcommon\u002F_section_responsive\u002Fafter_section_end","uich_add_custom_css_controls",51,{"type":114,"name":127,"callback":124,"priority":108,"file":120,"line":128},"elementor\u002Felement\u002Fsection\u002F_section_responsive\u002Fafter_section_end",52,{"type":114,"name":130,"callback":124,"priority":108,"file":120,"line":131},"elementor\u002Felement\u002Fcolumn\u002F_section_responsive\u002Fafter_section_end",53,{"type":114,"name":133,"callback":124,"priority":108,"file":120,"line":134},"elementor\u002Felement\u002Fcontainer\u002F_section_responsive\u002Fafter_section_end",54,{"type":114,"name":136,"callback":137,"priority":108,"file":120,"line":138},"elementor\u002Felement\u002Fparse_css","uich_apply_post_css",56,{"type":114,"name":140,"callback":141,"priority":142,"file":120,"line":143},"elementor\u002Feditor\u002Fafter_enqueue_scripts","uich_enqueue_panel_scripts",988,58,{"type":114,"name":145,"callback":146,"file":147,"line":148},"admin_menu","uich_admin_menu","includes\\admin\\class-uich-enqueue.php",38,{"type":114,"name":150,"callback":151,"priority":108,"file":147,"line":152},"admin_enqueue_scripts","uich_admin_scripts",39,{"type":114,"name":154,"callback":155,"file":147,"line":121},"wp_enqueue_scripts","enqueue_bricks_scripts",{"type":114,"name":157,"callback":158,"file":147,"line":159},"enqueue_block_editor_assets","editor_assets",43,{"type":114,"name":150,"callback":161,"priority":108,"file":147,"line":162},"uich_dash_admin_scripts",46,{"type":114,"name":164,"callback":116,"file":147,"line":128},"admin_head",{"type":114,"name":140,"callback":166,"file":147,"line":167},"enqueue_elementor_atomic_script",70,{"type":114,"name":169,"callback":170,"file":147,"line":100},"wp_loaded","uich_block_add_attribues",{"type":114,"name":172,"callback":173,"file":147,"line":104},"wp_head","uich_block_css_add_to_head",{"type":96,"name":175,"callback":176,"priority":108,"file":177,"line":178},"uich_manage_token","uich_create_default","includes\\admin\\class-uich-token-manager.php",35,{"type":96,"name":180,"callback":181,"priority":108,"file":182,"line":183},"uich_manage_usermanager","uich_usermanage","includes\\admin\\class-uich-usermanager.php",34,{"type":114,"name":185,"callback":186,"file":187,"line":188},"plugins_loaded","uich_plugin_loaded","includes\\class-uich-uichemy.php",63,{"type":96,"name":190,"callback":191,"priority":108,"file":192,"line":193},"plugin_row_meta","uich_extra_links_plugin_row_meta","includes\\notices\\class-uich-plugin-page.php",68,[195,201,204,208,213,217,222,225,228,231],{"action":196,"nopriv":197,"callback":198,"hasNonce":199,"hasCapCheck":199,"file":99,"line":200},"uich_regenerate_token",false,"uiche_regenerate_token",true,79,{"action":202,"nopriv":197,"callback":202,"hasNonce":199,"hasCapCheck":199,"file":99,"line":203},"uich_select_user",80,{"action":205,"nopriv":197,"callback":206,"hasNonce":199,"hasCapCheck":199,"file":99,"line":207},"uich_uichemy","uich_api_call",81,{"action":209,"nopriv":197,"callback":210,"hasNonce":199,"hasCapCheck":197,"file":211,"line":212},"elementor_import_media","import_media","includes\\admin\\class-uich-atomic-imgs.php",7,{"action":214,"nopriv":197,"callback":210,"hasNonce":199,"hasCapCheck":199,"file":215,"line":216},"uich_bricks_import_media","includes\\admin\\class-uich-bricks-imgs.php",3,{"action":218,"nopriv":197,"callback":219,"hasNonce":199,"hasCapCheck":199,"file":220,"line":221},"uichemy_import_images","cross_copy_paste_media_import","includes\\admin\\class-uich-copy-images.php",42,{"action":223,"nopriv":197,"callback":223,"hasNonce":199,"hasCapCheck":199,"file":147,"line":224},"uich_install_wdesign",48,{"action":226,"nopriv":197,"callback":226,"hasNonce":199,"hasCapCheck":199,"file":147,"line":227},"uich_boarding_store",50,{"action":229,"nopriv":197,"callback":229,"hasNonce":199,"hasCapCheck":199,"file":147,"line":230},"uich_activate_elementor_pro_plugin",66,{"action":232,"nopriv":197,"callback":232,"hasNonce":199,"hasCapCheck":199,"file":147,"line":193},"uich_update_notice_count",[],[],[],{"dangerousFunctions":237,"sqlUsage":258,"outputEscaping":261,"fileOperations":263,"externalRequests":268,"nonceChecks":108,"capabilityChecks":269,"bundledLibraries":270},[238,242,245,248,252,255],{"fn":239,"file":99,"line":240,"context":241},"unserialize",1655,"$elementor_plugin = unserialize(wp_remote_retrieve_body($response));",{"fn":239,"file":99,"line":243,"context":244},1843,"$tpgb_plugin = unserialize(wp_remote_retrieve_body($response));",{"fn":239,"file":147,"line":246,"context":247},352,"$plugin_info = unserialize( wp_remote_retrieve_body( $response ) );",{"fn":239,"file":249,"line":250,"context":251},"includes\\admin\\globals\\class-uich-atomic-globals.php",99,"$old_value      = unserialize(serialize($global_classes));;",{"fn":239,"file":249,"line":253,"context":254},348,"$old_value = unserialize(serialize($global_classes));",{"fn":239,"file":249,"line":256,"context":257},371,"$old_value      = unserialize(serialize($global_classes));",{"prepared":259,"raw":29,"locations":260},4,[],{"escaped":262,"rawEcho":263,"locations":264},102,1,[265],{"file":147,"line":266,"context":267},808,"raw output",6,15,[],[272,295],{"entryPoint":273,"graph":274,"unsanitizedCount":263,"severity":294},"uich_api_call (includes\\admin\\class-uich-api.php:1589)",{"nodes":275,"edges":291},[276,281,285],{"id":277,"type":278,"label":279,"file":99,"line":280},"n0","source","$_POST",1623,{"id":282,"type":283,"label":284,"file":99,"line":280},"n1","transform","→ uich_add_option()",{"id":286,"type":287,"label":288,"file":99,"line":289,"wp_function":290},"n2","sink","update_option() [Settings Manipulation]",1889,"update_option",[292,293],{"from":277,"to":282,"sanitized":197},{"from":282,"to":286,"sanitized":197},"low",{"entryPoint":296,"graph":297,"unsanitizedCount":263,"severity":294},"\u003Cclass-uich-api> (includes\\admin\\class-uich-api.php:0)",{"nodes":298,"edges":309},[299,302,304,305,307],{"id":277,"type":278,"label":300,"file":99,"line":301},"$_POST (x2)",1604,{"id":282,"type":287,"label":288,"file":99,"line":303,"wp_function":290},1883,{"id":286,"type":278,"label":279,"file":99,"line":280},{"id":306,"type":283,"label":284,"file":99,"line":280},"n3",{"id":308,"type":287,"label":288,"file":99,"line":289,"wp_function":290},"n4",[310,311,312],{"from":277,"to":282,"sanitized":199},{"from":286,"to":306,"sanitized":197},{"from":306,"to":308,"sanitized":197},{"summary":314,"deductions":315},"The uichemy plugin v4.7.0 exhibits a generally good security posture due to its adherence to several security best practices, including the consistent use of prepared statements for SQL queries and a high percentage of properly escaped output. The presence of nonce and capability checks on all identified AJAX entry points is also a positive indicator.  However, the static analysis reveals a significant concern with the presence of the `unserialize` function, which, if used with user-supplied input, can lead to critical remote code execution vulnerabilities. While the taint analysis did not flag critical or high severity issues, the two identified unsanitized path flows warrant attention as they could potentially be exploited in conjunction with other weaknesses. The vulnerability history, though showing no currently unpatched CVEs, indicates a past pattern of medium severity vulnerabilities including Cross-site Scripting and Missing Authorization, suggesting a need for continued vigilance and thorough auditing.\n\nIn conclusion, while uichemy v4.7.0 demonstrates strengths in fundamental security areas like output escaping and database query sanitization, the critical risk posed by the `unserialize` function and the potential for unsanitized path flows, coupled with its historical vulnerability profile, necessitates a cautious approach. The absence of unpatched CVEs is encouraging, but the underlying code signals and past incidents suggest that further review and potentially remediation of the `unserialize` usage are crucial for a robust security posture.",[316,318,320],{"reason":317,"points":269},"Dangerous function 'unserialize' detected",{"reason":319,"points":108},"Taint analysis found unsanitized paths",{"reason":321,"points":81},"History of medium severity vulnerabilities","2026-03-16T17:54:55.072Z",{"wat":324,"direct":337},{"assetPaths":325,"generatorPatterns":330,"scriptPaths":331,"versionParams":332},[326,327,328,329],"\u002Fwp-content\u002Fplugins\u002Fuichemy\u002Fassets\u002Fcss\u002Fuichemy.css","\u002Fwp-content\u002Fplugins\u002Fuichemy\u002Fassets\u002Fjs\u002Fuichemy-frontend.js","\u002Fwp-content\u002Fplugins\u002Fuichemy\u002Fassets\u002Fjs\u002Fuichemy-backend.js","\u002Fwp-content\u002Fplugins\u002Fuichemy\u002Fassets\u002Fjs\u002Fuich-elementor-editor.js",[],[327,328,329],[333,334,335,336],"uichemy\u002Fassets\u002Fcss\u002Fuichemy.css?ver=","uichemy\u002Fassets\u002Fjs\u002Fuichemy-frontend.js?ver=","uichemy\u002Fassets\u002Fjs\u002Fuichemy-backend.js?ver=","uich-addons-editor-js?ver=",{"cssClasses":338,"htmlComments":341,"htmlAttributes":343,"restEndpoints":346,"jsGlobals":348,"shortcodeOutput":350},[339,340],"uich-container","uich-item",[342],"UiChemy : Custom CSS",[344,345],"data-uich-id","data-uich-type",[347],"\u002Fwp-json\u002Fuich\u002Fv2\u002Fuich_store_user_data",[349],"window.uich_frontend_settings",[]]