[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSnsHTlMPAD5Hly65BqSfHFF0rYcHCTx7csnnm3eEZxU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":13,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":37,"fingerprints":190},"value-analysis-nutzwertanalyse","Value Analysis – Nutzwertanalyse","0.11","Severin Roth","https:\u002F\u002Fprofiles.wordpress.org\u002Fseverinroth\u002F","\u003Cp>Value analysis (VA) is a systematic method to improve the “value” of opportunities (goods, products and services) by using requirements. Value analysis is used for the development and improvement of products, technical processes and other operations in all areas of business, science and administration. The application of the value analysis system usually results in a significant improvement and increase in the value of the processed objects, which at the same time is associated with a reduction in effort and costs compared to the original situation. Value analysis is basically carried out as a project and in small interdisciplinary teams.\u003C\u002Fp>\n\u003Ch4>Feedback\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>I am open for your suggestions and feedback – \u003Ca href=\"https:\u002F\u002Fwww.projektmoderation.ch\u002F\" rel=\"nofollow ugc\">Just send it in\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Localization\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English (default) – always included\u003C\u002Fli>\n\u003Cli>.pot file (\u003Ccode>gm.pot\u003C\u002Fcode>) for translators is also always included 🙂\u003C\u002Fli>\n\u003Cli>\u003Cem>Your translation? – \u003Ca href=\"https:\u002F\u002Fwww.travel-logbuch.com\u002Fkontakt\u002F\" rel=\"nofollow ugc\">Just send it in\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>English\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Note:* All my plugins are localized\u002F translateable by default. This is very important for all users worldwide. So please contribute your language to the plugin to make it even more useful. For translating I recommend the awesome \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcodestyling-localization\u002F\" rel=\"ugc\">“Codestyling Localization” plugin\u003C\u002Fa> and for validating the \u003Ca href=\"http:\u002F\u002Fwww.poedit.net\u002F\" rel=\"nofollow ugc\">“Poedit Editor”\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Additional Documentation\u003C\u002Fh3>\n","Value Analysis - Value Engineering - Nutzwertanalyse",0,848,"","6.4.8","5.6",[17,18,19,20,21],"cost-analysis","nutzwertanalyse","paarvergleichsmethode","value-analysis","value-engineering","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvalue-analysis-nutzwertanalyse","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvalue-analysis-nutzwertanalyse.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"severinroth",3,80,90,30,87,"2026-04-05T14:45:39.974Z",[],{"attackSurface":38,"codeSignals":93,"taintFlows":159,"riskAssessment":178,"analyzedAt":189},{"hooks":39,"ajaxHandlers":82,"restRoutes":90,"shortcodes":91,"cronEvents":92,"entryPointCount":88,"unprotectedCount":11},[40,47,50,54,58,61,65,68,72,77],{"type":41,"name":42,"callback":43,"priority":44,"file":45,"line":46},"action","wp_enqueue_scripts","vave_enqueue_scripts_core",1,"init.php",55,{"type":41,"name":48,"callback":43,"priority":44,"file":45,"line":49},"admin_enqueue_scripts",56,{"type":41,"name":51,"callback":52,"priority":24,"file":45,"line":53},"admin_menu","vave_menu",63,{"type":41,"name":55,"callback":56,"file":45,"line":57},"wp_head","vave_addJSToHeader",85,{"type":41,"name":59,"callback":56,"file":45,"line":60},"admin_head",86,{"type":41,"name":62,"callback":63,"file":45,"line":64},"wp_footer","vave_staticNotification_Hook",105,{"type":41,"name":66,"callback":63,"file":45,"line":67},"admin_footer",106,{"type":41,"name":69,"callback":70,"priority":11,"file":45,"line":71},"plugins_loaded","vave_plugin_loaded_textdomain",115,{"type":41,"name":73,"callback":74,"priority":11,"file":75,"line":76},"init","vave_custom_post_type","PHP\\vave_mainPHP.php",60,{"type":78,"name":79,"callback":80,"file":75,"line":81},"filter","single_template","vave_custom_template",64,[83,89],{"action":84,"nopriv":85,"callback":84,"hasNonce":86,"hasCapCheck":85,"file":87,"line":88},"vave_request",false,true,"PHP\\vave_request.php",2,{"action":84,"nopriv":86,"callback":84,"hasNonce":86,"hasCapCheck":85,"file":87,"line":30},[],[],[],{"dangerousFunctions":94,"sqlUsage":95,"outputEscaping":97,"fileOperations":11,"externalRequests":11,"nonceChecks":44,"capabilityChecks":11,"bundledLibraries":158},[],{"prepared":11,"raw":11,"locations":96},[],{"escaped":30,"rawEcho":98,"locations":99},28,[100,103,105,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156],{"file":45,"line":101,"context":102},72,"raw output",{"file":75,"line":104,"context":102},131,{"file":106,"line":107,"context":102},"PHP\\vave_page.php",153,{"file":106,"line":109,"context":102},156,{"file":106,"line":111,"context":102},157,{"file":106,"line":113,"context":102},158,{"file":106,"line":115,"context":102},159,{"file":106,"line":117,"context":102},165,{"file":106,"line":119,"context":102},167,{"file":106,"line":121,"context":102},221,{"file":106,"line":123,"context":102},246,{"file":106,"line":125,"context":102},260,{"file":106,"line":127,"context":102},269,{"file":106,"line":129,"context":102},279,{"file":106,"line":131,"context":102},288,{"file":106,"line":133,"context":102},306,{"file":106,"line":135,"context":102},330,{"file":106,"line":137,"context":102},353,{"file":106,"line":139,"context":102},365,{"file":106,"line":141,"context":102},387,{"file":106,"line":143,"context":102},409,{"file":106,"line":145,"context":102},624,{"file":106,"line":147,"context":102},1149,{"file":106,"line":149,"context":102},1159,{"file":106,"line":151,"context":102},1170,{"file":106,"line":153,"context":102},1179,{"file":106,"line":155,"context":102},1189,{"file":87,"line":157,"context":102},217,[],[160],{"entryPoint":161,"graph":162,"unsanitizedCount":176,"severity":177},"\u003Cvave_page> (PHP\\vave_page.php:0)",{"nodes":163,"edges":174},[164,169],{"id":165,"type":166,"label":167,"file":106,"line":168},"n0","source","$_GET (x5)",16,{"id":170,"type":171,"label":172,"file":106,"line":107,"wp_function":173},"n1","sink","echo() [XSS]","echo",[175],{"from":165,"to":170,"sanitized":85},5,"low",{"summary":179,"deductions":180},"The 'value-analysis-nutzwertanalyse' plugin v0.11 exhibits a mixed security posture. On the positive side, it demonstrates good practices by having no known CVEs, no bundled libraries, no SQL queries that are not prepared, and no file operations or external HTTP requests.  The presence of a nonce check is also a positive sign. However, there are significant areas for improvement. The static analysis reveals that only 10% of the identified 31 output points are properly escaped, indicating a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis shows one flow with unsanitized paths, which, while not flagged as critical or high, still represents a potential weakness. The plugin's vulnerability history is clean, but this could be a result of its limited adoption or insufficient security scrutiny rather than inherent robustness.",[181,184,187],{"reason":182,"points":183},"Low output escaping rate",15,{"reason":185,"points":186},"Unsanitized path taint flow",10,{"reason":188,"points":176},"No capability checks on entry points","2026-03-17T06:06:49.031Z",{"wat":191,"direct":206},{"assetPaths":192,"generatorPatterns":198,"scriptPaths":199,"versionParams":200},[193,194,195,196,197],"\u002Fwp-content\u002Fplugins\u002Fvalue-analysis-nutzwertanalyse\u002FCSS\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fvalue-analysis-nutzwertanalyse\u002FCSS\u002FStyle\u002Fkendo.common-office365.min.css","\u002Fwp-content\u002Fplugins\u002Fvalue-analysis-nutzwertanalyse\u002FCSS\u002FStyle\u002Fkendo.common.min.css","\u002Fwp-content\u002Fplugins\u002Fvalue-analysis-nutzwertanalyse\u002FJS\u002Fkendo.all.min.js","\u002Fwp-content\u002Fplugins\u002Fvalue-analysis-nutzwertanalyse\u002FJS\u002Fvave_main.js",[],[196,197],[201,202,203,204,205],"value-analysis-nutzwertanalyse\u002FCSS\u002Fstyle.css?ver=","value-analysis-nutzwertanalyse\u002FCSS\u002FStyle\u002Fkendo.common-office365.min.css?ver=","value-analysis-nutzwertanalyse\u002FCSS\u002FStyle\u002Fkendo.common.min.css?ver=","value-analysis-nutzwertanalyse\u002FJS\u002Fkendo.all.min.js?ver=","value-analysis-nutzwertanalyse\u002FJS\u002Fvave_main.js?ver=",{"cssClasses":207,"htmlComments":212,"htmlAttributes":213,"restEndpoints":219,"jsGlobals":220,"shortcodeOutput":226},[208,209,210,211],"va-wrapper","vave_grid","vave_staticNotification-section","vaMainContainer",[],[214,215,216,217,218],"id=\"vave_tabstrip\"","id=\"vave_tabDash\"","id=\"vave_tabWork\"","id=\"vave_tabResult\"","id=\"vaMainContainer\"",[],[221,222,223,224,225],"vave_ajaxURL","vave_ajaxStatus","vave_ajaxStack_i","vave_ajaxStack_vs","vave_ajaxStack_e",[]]