[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fscylHE_N8HP3JLFG51LtO5lrpwkLaSwgi9tNfmQns68":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":36,"fingerprints":114},"um-wp-user-frontend","WP User Frontend Integration for Ultimate Member","1.3.1","Simple Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimplewpplugins\u002F","\u003Cp>\u003Cem>WP User Frontend Integration for Ultimate Member\u003C\u002Fem> plugin requires both \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\" rel=\"ugc\">Ultimate Member\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-user-frontend\" rel=\"ugc\">WP User Frontend\u003C\u002Fa> plugin to work.\u003C\u002Fp>\n\u003Cp>This plugin adds an option for you to add Profile tab with frontend post form on Ultimate member’s user profile page.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FpI72okL_vA0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Allows adding WP User Frontend's post form into Ultimate member's profile tab.",70,2836,100,2,"2023-09-21T09:25:00.000Z","6.3.8","3.0","7.2",[20,21],"frontend-posting-for-ultimate-member","wp-user-frontend-integration-for-ultimate-member","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fum-wp-user-frontend","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fum-wp-user-frontend.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"simplewpplugins",670,30,84,"2026-04-04T01:23:02.897Z",[],{"attackSurface":37,"codeSignals":92,"taintFlows":106,"riskAssessment":107,"analyzedAt":113},{"hooks":38,"ajaxHandlers":88,"restRoutes":89,"shortcodes":90,"cronEvents":91,"entryPointCount":25,"unprotectedCount":25},[39,46,50,54,59,64,68,71,74,78,82,85],{"type":40,"name":41,"callback":42,"priority":43,"file":44,"line":45},"action","admin_menu","create_admin_submenu",1001,"includes\\admin\\class-admin.php",13,{"type":40,"name":47,"callback":48,"file":44,"line":49},"init","register_post_type",15,{"type":40,"name":51,"callback":52,"file":44,"line":53},"add_meta_boxes","add_metaboxes",17,{"type":55,"name":56,"callback":57,"file":44,"line":58},"filter","um_profile_tabs","filter_profile_tabs_arr",19,{"type":40,"name":60,"callback":61,"priority":62,"file":44,"line":63},"save_post","save_meta_data",10,21,{"type":40,"name":65,"callback":66,"file":44,"line":67},"admin_enqueue_scripts","admin_enqueue",23,{"type":40,"name":65,"callback":69,"file":70,"line":49},"load_font_icons","includes\\class-helper.php",{"type":40,"name":72,"callback":73,"file":70,"line":53},"plugins_loaded","plugin_i18n",{"type":40,"name":75,"callback":76,"file":77,"line":45},"um_core_loaded","add_posting_tabs","includes\\class-profile.php",{"type":55,"name":79,"callback":80,"priority":62,"file":77,"line":81},"um_user_profile_tabs","closure",37,{"type":40,"name":72,"callback":83,"file":84,"line":32},"umwpuf_check_dependencies","um-wp-user-frontend.php",{"type":40,"name":86,"callback":80,"file":84,"line":87},"admin_notices",39,[],[],[],[],{"dangerousFunctions":93,"sqlUsage":94,"outputEscaping":96,"fileOperations":25,"externalRequests":25,"nonceChecks":104,"capabilityChecks":25,"bundledLibraries":105},[],{"prepared":25,"raw":25,"locations":95},[],{"escaped":97,"rawEcho":14,"locations":98},14,[99,102],{"file":77,"line":100,"context":101},60,"raw output",{"file":84,"line":103,"context":101},41,1,[],[],{"summary":108,"deductions":109},"The static analysis of um-wp-user-frontend v1.3.1 reveals a generally positive security posture. The plugin exhibits good practices by having no identified AJAX handlers, REST API routes, shortcodes, or cron events exposed without proper authentication or authorization checks. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests is commendable. The code also demonstrates a strong commitment to security with 100% of SQL queries using prepared statements and a high rate (88%) of properly escaped output.\n\nHowever, there are minor areas for improvement. The presence of only one nonce check across the plugin, while not indicative of a direct vulnerability based on the provided data, suggests a limited implementation of nonce protection, which is a fundamental security mechanism in WordPress. The lack of any recorded vulnerabilities in its history is a significant strength, implying a stable and well-maintained codebase. While the current analysis shows no critical or high severity issues, the limited scope of taint analysis (0 flows analyzed) means that potentially complex vulnerabilities might have been missed. \n\nIn conclusion, um-wp-user-frontend v1.3.1 appears to be a secure plugin with a strong foundation. The lack of exposed entry points and secure coding practices for SQL and output are significant strengths. The primary concern is the limited implementation of nonce checks. While no vulnerabilities are recorded historically, a more comprehensive taint analysis could provide further assurance.",[110],{"reason":111,"points":112},"Limited nonce checks",5,"2026-03-16T21:34:50.225Z",{"wat":115,"direct":122},{"assetPaths":116,"generatorPatterns":119,"scriptPaths":120,"versionParams":121},[117,118],"\u002Fwp-content\u002Fplugins\u002Fum-wp-user-frontend\u002Fassets\u002Fcss\u002Fumwpuf-frontend.css","\u002Fwp-content\u002Fplugins\u002Fum-wp-user-frontend\u002Fassets\u002Fjs\u002Fumwpuf-frontend.js",[],[118],[],{"cssClasses":123,"htmlComments":125,"htmlAttributes":126,"restEndpoints":127,"jsGlobals":128,"shortcodeOutput":129},[124],"umwpuf-frontend",[],[],[],[],[]]