[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fT89n6QEQluKeP33vnyhS3XvqcoWqvzJ1vNzVqmxuQgY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":31,"analysis":69,"fingerprints":119},"visit-site-settings","Visit Site Settings","2.0.1","rayholt","https:\u002F\u002Fprofiles.wordpress.org\u002Frayholt\u002F","\u003Cp>This plugin enables the administrative dashboard’s “Visit Site” link to open in a new window through added visit site setting in personal options.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>When a new user is registered they are generally taken to the Profile page where they can choose their settings under Personal Options. For currently registered users you must go into your profile and change the visit site setting under Personal Options.\u003C\u002Fp>\n","This plugin enables the administrative dashboard's \"Visit Site\" link to open in a new window through added visit site setting in person …",10,2358,0,"2010-03-08T19:51:00.000Z","2.9.2","2.0.2","",[19],"visit-site","http:\u002F\u002Fholtis.com\u002Fvisit-site-settings\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisit-site-settings.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},1,30,84,"2026-04-04T15:34:37.446Z",[32,52],{"slug":33,"name":34,"version":35,"author":36,"author_profile":37,"description":38,"short_description":39,"active_installs":11,"downloaded":40,"rating":41,"num_ratings":27,"last_updated":42,"tested_up_to":43,"requires_at_least":44,"requires_php":17,"tags":45,"homepage":50,"download_link":51,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"preview-site-link","Preview Site for WordPress Admin","1.0","samratshamim","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamratshamim\u002F","\u003Cp>This plugin will display a preview site link at admin panel of your WordPress site. Whenever you want to view your site from the admin panel you don’t have to point your mouse over the left top \u002F right top corner, you will be able to find a preview site link at the top center of your admin dashboard in every page. If you feel any problem with this plugin feel free to contact with the developer \u003Ca href=\"mailto:samratshamim@yahoo.com?Subject=Hello%20SamratShamim\" rel=\"nofollow ugc\">\u003Cbr \u002F>\nShaikh Shamim Reza\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Feature\u003C\u002Fh4>\n\u003Cp>This plugin will display a preview site link at admin panel of your WordPress site.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Developed by \u003Ca href=\"http:\u002F\u002Fsamratshamim.freeiz.com\u002F\" rel=\"nofollow ugc\">Shaikh Shamim Reza\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Plugin Powered by \u003Ca href=\"http:\u002F\u002Fsamratshamim.freeiz.com\u002F\" title=\"SamratShamim\" rel=\"nofollow ugc\">SamratShamim\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Preview site for WordPress Admin",1760,100,"2013-01-20T20:01:00.000Z","3.5.2","2.8",[46,47,48,19,49],"preview-site","preview-site-admin","preview-site-wordpress-admin","visit-site-link","http:\u002F\u002Fdeveloper.hossst.com\u002Fwordpress\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpreview-site-link.zip",{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":13,"downloaded":60,"rating":13,"num_ratings":13,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":17,"tags":64,"homepage":67,"download_link":68,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"visit-site-from-customizer","Visit Site from Customizer","1.0.0","Rushi Jagani","https:\u002F\u002Fprofiles.wordpress.org\u002Frushijagani\u002F","\u003Cp>Visit Site from Customizer plugin adds the link to Visit Site into the custmoizer\u003C\u002Fp>\n","Visit Site from customizer interface.",1054,"2017-10-09T04:52:00.000Z","4.8.28","4.4",[65,66,53],"any-theme","customizer","https:\u002F\u002Frushijagani.wordpress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisit-site-from-customizer.zip",{"attackSurface":70,"codeSignals":96,"taintFlows":106,"riskAssessment":107,"analyzedAt":118},{"hooks":71,"ajaxHandlers":92,"restRoutes":93,"shortcodes":94,"cronEvents":95,"entryPointCount":13,"unprotectedCount":13},[72,78,80,84,88],{"type":73,"name":74,"callback":75,"file":76,"line":77},"action","admin_menu","holtis_plugins_menu","holtis-vss.php",32,{"type":73,"name":74,"callback":75,"file":76,"line":79},58,{"type":73,"name":81,"callback":82,"file":76,"line":83},"personal_options","holtis_visit_site_setting_check_box",60,{"type":73,"name":85,"callback":86,"file":76,"line":87},"personal_options_update","holtis_save_user_setting_check_box",62,{"type":73,"name":89,"callback":90,"file":76,"line":91},"admin_footer","holtis_visit_site_setting_open_new",64,[],[],[],[],{"dangerousFunctions":97,"sqlUsage":98,"outputEscaping":100,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":105},[],{"prepared":13,"raw":13,"locations":99},[],{"escaped":13,"rawEcho":27,"locations":101},[102],{"file":76,"line":103,"context":104},21,"raw output",[],[],{"summary":108,"deductions":109},"The plugin 'visit-site-settings' v2.0.1 presents a generally positive security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the code signals indicate a commendable approach to data handling, with all SQL queries utilizing prepared statements and no detected dangerous functions, file operations, or external HTTP requests.  The lack of any recorded vulnerabilities in its history is also a strong indicator of good development practices and a stable codebase.\n\nHowever, a critical concern arises from the output escaping analysis, where 100% of outputs are not properly escaped. This represents a significant risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or dynamic content displayed on the frontend could be injected with malicious scripts. The absence of nonce checks and capability checks, while not immediately exploitable due to the limited attack surface, suggests a potential weakness if new entry points are introduced in future versions without proper security considerations. The taint analysis showing zero flows is reassuring but should be interpreted with caution given the limited attack surface; it doesn't guarantee future safety.\n\nIn conclusion, while the plugin demonstrates strengths in preventing common attack vectors through its limited entry points and secure SQL practices, the universal lack of output escaping is a major flaw that demands immediate attention. The absence of recorded vulnerabilities is a positive sign, but the unescaped output is a clear and present danger. Addressing this output escaping issue should be the highest priority to mitigate the risk of XSS attacks.",[110,113,116],{"reason":111,"points":112},"Unescaped output detected (100%)",7,{"reason":114,"points":115},"Missing nonce checks",3,{"reason":117,"points":115},"Missing capability checks","2026-03-17T00:29:14.072Z",{"wat":120,"direct":126},{"assetPaths":121,"generatorPatterns":123,"scriptPaths":124,"versionParams":125},[122],"\u002Fwp-content\u002Fplugins\u002Fvisit-site-settings\u002Fholtis-vss.php",[],[],[],{"cssClasses":127,"htmlComments":129,"htmlAttributes":130,"restEndpoints":134,"jsGlobals":135,"shortcodeOutput":137},[128],"icon32",[],[131,132,133],"id=\"holtis_vss\"","name=\"holtis_vss\"","id=\"icon-options-general\"",[],[136],"jQuery",[]]