[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fS4_qs6a6WPZ0tlbNcLCnYtScZhfoMnM3wfqVLUWfKAE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":48,"fingerprints":434},"wireless-butler","Wireless Butler","1.0.11","validas","https:\u002F\u002Fprofiles.wordpress.org\u002Fvalidas\u002F","\u003Cp>Wireless Butler helps businesses competitively sell mobile service by instantly reading bills and recommending your service.\u003Cbr \u002F>\nSprint used our technology to read millions of competitor bills during their “Cut Your Bill in Half” campaign,\u003Cbr \u002F>\nand now you can harness that same power to make competitive Recommendations to your website users!\u003C\u002Fp>\n","Wireless Butler helps businesses competitively sell mobile service by instantly reading bills and recommending your service.",0,1530,"2022-08-14T14:53:00.000Z","6.0.11","4.6","7.0",[18,19,20,21,22],"bill-calculator","mobile-bill-analyzer","mobile-sales-leads","plan-calculator","upload-offer","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwireless-butler.1.0.11.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,30,84,"2026-04-05T17:29:21.668Z",[35],{"slug":36,"name":37,"version":38,"author":7,"author_profile":8,"description":39,"short_description":40,"active_installs":11,"downloaded":41,"rating":11,"num_ratings":11,"last_updated":42,"tested_up_to":14,"requires_at_least":43,"requires_php":16,"tags":44,"homepage":23,"download_link":47,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"mobile-cost-control-automated","Mcc Automated","1.2.8","\u003Cp>Brought to you by Validas: The bill-reading talent behind Sprints Cut Your Bill in Half campaign.\u003Cbr \u002F>\nReading wireless bills is hard, especially for B2B. They’re often 100 to 100,000 of pages with confusing itemized plan structures.\u003Cbr \u002F>\nMCCa allows your prospects & customers to upload their bill to your site, to compare with your service.\u003Cbr \u002F>\nValidas uses MCCa for their consulting service: Mobile Cost Control (MCC).\u003Cbr \u002F>\nNow anyone can use MCCa for any product or service that would benefit from instantly reading a B2B or government wireless bill.\u003Cbr \u002F>\nYou will receive their bills and a database of your users with their bill totals to make fast work of building large B2B offers!\u003C\u002Fp>\n","Get accurate information from your prospect's bills and show them a better offer instantly. Show your prospects their line count, total bill, dat &hellip;",1524,"2022-09-19T20:09:00.000Z","5.0.13",[45,19,46,22],"b2b-sales-leads","read-prospects-bills","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmobile-cost-control-automated.1.2.8.zip",{"attackSurface":49,"codeSignals":107,"taintFlows":185,"riskAssessment":421,"analyzedAt":433},{"hooks":50,"ajaxHandlers":98,"restRoutes":99,"shortcodes":100,"cronEvents":105,"entryPointCount":106,"unprotectedCount":11},[51,57,62,65,67,70,73,75,78,83,86,90,93],{"type":52,"name":53,"callback":54,"file":55,"line":56},"action","admin_init","register_wireless_butler_plugin_settings","admin\\class-wireless-butler-admin.php",131,{"type":52,"name":58,"callback":59,"file":60,"line":61},"plugins_loaded","anonymous","includes\\class-wireless-butler.php",142,{"type":52,"name":63,"callback":59,"file":60,"line":64},"admin_enqueue_scripts",157,{"type":52,"name":63,"callback":59,"file":60,"line":66},158,{"type":52,"name":68,"callback":59,"file":60,"line":69},"admin_menu",160,{"type":52,"name":71,"callback":59,"file":60,"line":72},"wp_enqueue_scripts",175,{"type":52,"name":71,"callback":59,"file":60,"line":74},176,{"type":52,"name":76,"callback":59,"file":60,"line":77},"init",178,{"type":52,"name":79,"callback":80,"file":81,"line":82},"admin_post_nopriv_wireless_butler_form_1_step_1","handle_form_1_step_1_submit","public\\class-wireless-butler-public.php",112,{"type":52,"name":84,"callback":80,"file":81,"line":85},"admin_post_wireless_butler_form_1_step_1",113,{"type":52,"name":87,"callback":88,"file":81,"line":89},"admin_post_nopriv_wireless_butler_form_1_step_2","handle_form_1_step_2_submit",115,{"type":52,"name":91,"callback":88,"file":81,"line":92},"admin_post_wireless_butler_form_1_step_2",116,{"type":52,"name":94,"callback":95,"priority":96,"file":81,"line":97},"upgrader_process_complete","plugin_upgrader_process_complete",10,118,[],[],[101],{"tag":102,"callback":103,"file":81,"line":104},"wireless_butler_form_1","wireless_butler_form_1_func",110,[],1,{"dangerousFunctions":108,"sqlUsage":109,"outputEscaping":174,"fileOperations":182,"externalRequests":183,"nonceChecks":30,"capabilityChecks":11,"bundledLibraries":184},[],{"prepared":110,"raw":111,"locations":112},16,28,[113,116,118,120,124,125,128,131,133,135,137,139,141,143,145,147,150,152,154,156,158,160,162,164,166,168,170,172],{"file":55,"line":114,"context":115},335,"$wpdb->get_row() with variable interpolation",{"file":55,"line":117,"context":115},466,{"file":55,"line":119,"context":115},500,{"file":121,"line":122,"context":123},"includes\\class-wireless-butler-activator.php",134,"$wpdb->get_var() with variable interpolation",{"file":121,"line":66,"context":123},{"file":121,"line":126,"context":127},209,"$wpdb->get_results() with variable interpolation",{"file":121,"line":129,"context":130},213,"$wpdb->query() with variable interpolation",{"file":121,"line":132,"context":130},214,{"file":121,"line":134,"context":127},218,{"file":121,"line":136,"context":130},222,{"file":121,"line":138,"context":130},223,{"file":121,"line":140,"context":123},235,{"file":121,"line":142,"context":130},254,{"file":121,"line":144,"context":123},269,{"file":121,"line":146,"context":123},334,{"file":148,"line":149,"context":130},"includes\\class-wireless-butler-uninstall.php",89,{"file":148,"line":151,"context":130},93,{"file":148,"line":153,"context":130},97,{"file":148,"line":155,"context":130},101,{"file":148,"line":157,"context":130},105,{"file":81,"line":159,"context":127},259,{"file":81,"line":161,"context":115},565,{"file":81,"line":163,"context":115},617,{"file":81,"line":165,"context":115},630,{"file":81,"line":167,"context":127},640,{"file":81,"line":169,"context":127},717,{"file":81,"line":171,"context":115},726,{"file":81,"line":173,"context":115},924,{"escaped":175,"rawEcho":30,"locations":176},261,[177,180],{"file":55,"line":178,"context":179},388,"raw output",{"file":55,"line":181,"context":179},403,7,8,[],[186,214,231,284,296,304,316,326,342,359,377,387,405],{"entryPoint":187,"graph":188,"unsanitizedCount":106,"severity":213},"plan_db (admin\\class-wireless-butler-admin.php:739)",{"nodes":189,"edges":208},[190,195,201,203],{"id":191,"type":192,"label":193,"file":55,"line":194},"n0","source","$_FILES",752,{"id":196,"type":197,"label":198,"file":55,"line":199,"wp_function":200},"n1","sink","fopen() [File Access]",762,"fopen",{"id":202,"type":192,"label":193,"file":55,"line":194},"n2",{"id":204,"type":197,"label":205,"file":55,"line":206,"wp_function":207},"n3","echo() [XSS]",845,"echo",[209,211],{"from":191,"to":196,"sanitized":210},false,{"from":202,"to":204,"sanitized":212},true,"medium",{"entryPoint":215,"graph":216,"unsanitizedCount":11,"severity":230},"edit_regex (admin\\class-wireless-butler-admin.php:330)",{"nodes":217,"edges":227},[218,220,223,225],{"id":191,"type":192,"label":219,"file":55,"line":146},"$_GET",{"id":196,"type":197,"label":221,"file":55,"line":114,"wp_function":222},"get_row() [SQLi]","get_row",{"id":202,"type":192,"label":224,"file":55,"line":146},"$_GET (x3)",{"id":204,"type":197,"label":205,"file":55,"line":226,"wp_function":207},413,[228,229],{"from":191,"to":196,"sanitized":212},{"from":202,"to":204,"sanitized":212},"low",{"entryPoint":232,"graph":233,"unsanitizedCount":11,"severity":230},"\u003Cclass-wireless-butler-admin> (admin\\class-wireless-butler-admin.php:0)",{"nodes":234,"edges":275},[235,236,237,239,240,243,248,250,253,255,260,262,267,269,271,273],{"id":191,"type":192,"label":224,"file":55,"line":146},{"id":196,"type":197,"label":221,"file":55,"line":114,"wp_function":222},{"id":202,"type":192,"label":238,"file":55,"line":146},"$_GET (x5)",{"id":204,"type":197,"label":205,"file":55,"line":226,"wp_function":207},{"id":241,"type":192,"label":224,"file":55,"line":242},"n4",492,{"id":244,"type":197,"label":245,"file":55,"line":246,"wp_function":247},"n5","get_results() [SQLi]",513,"get_results",{"id":249,"type":192,"label":224,"file":55,"line":242},"n6",{"id":251,"type":197,"label":198,"file":55,"line":252,"wp_function":200},"n7",522,{"id":254,"type":192,"label":224,"file":55,"line":242},"n8",{"id":256,"type":197,"label":257,"file":55,"line":258,"wp_function":259},"n9","header() [Header Injection]",669,"header",{"id":261,"type":192,"label":219,"file":55,"line":242},"n10",{"id":263,"type":197,"label":264,"file":55,"line":265,"wp_function":266},"n11","query() [SQLi]",759,"query",{"id":268,"type":192,"label":193,"file":55,"line":194},"n12",{"id":270,"type":197,"label":198,"file":55,"line":199,"wp_function":200},"n13",{"id":272,"type":192,"label":193,"file":55,"line":194},"n14",{"id":274,"type":197,"label":205,"file":55,"line":206,"wp_function":207},"n15",[276,277,278,279,280,281,282,283],{"from":191,"to":196,"sanitized":212},{"from":202,"to":204,"sanitized":212},{"from":241,"to":244,"sanitized":212},{"from":249,"to":251,"sanitized":212},{"from":254,"to":256,"sanitized":212},{"from":261,"to":263,"sanitized":212},{"from":268,"to":270,"sanitized":212},{"from":272,"to":274,"sanitized":212},{"entryPoint":285,"graph":286,"unsanitizedCount":106,"severity":295},"table_data (admin\\class-wireless-butler-admin-customer-recommendation-plan.php:53)",{"nodes":287,"edges":293},[288,291],{"id":191,"type":192,"label":219,"file":289,"line":290},"admin\\class-wireless-butler-admin-customer-recommendation-plan.php",54,{"id":196,"type":197,"label":245,"file":289,"line":292,"wp_function":247},63,[294],{"from":191,"to":196,"sanitized":210},"high",{"entryPoint":297,"graph":298,"unsanitizedCount":106,"severity":295},"\u003Cclass-wireless-butler-admin-customer-recommendation-plan> (admin\\class-wireless-butler-admin-customer-recommendation-plan.php:0)",{"nodes":299,"edges":302},[300,301],{"id":191,"type":192,"label":219,"file":289,"line":290},{"id":196,"type":197,"label":245,"file":289,"line":292,"wp_function":247},[303],{"from":191,"to":196,"sanitized":210},{"entryPoint":305,"graph":306,"unsanitizedCount":106,"severity":295},"table_data (admin\\class-wireless-butler-admin-regex-list.php:94)",{"nodes":307,"edges":314},[308,312],{"id":191,"type":192,"label":309,"file":310,"line":311},"$_REQUEST","admin\\class-wireless-butler-admin-regex-list.php",99,{"id":196,"type":197,"label":245,"file":310,"line":313,"wp_function":247},108,[315],{"from":191,"to":196,"sanitized":210},{"entryPoint":317,"graph":318,"unsanitizedCount":106,"severity":295},"delete_regex (admin\\class-wireless-butler-admin-regex-list.php:230)",{"nodes":319,"edges":324},[320,322],{"id":191,"type":192,"label":219,"file":310,"line":321},236,{"id":196,"type":197,"label":264,"file":310,"line":323,"wp_function":266},239,[325],{"from":191,"to":196,"sanitized":210},{"entryPoint":327,"graph":328,"unsanitizedCount":341,"severity":295},"\u003Cclass-wireless-butler-admin-regex-list> (admin\\class-wireless-butler-admin-regex-list.php:0)",{"nodes":329,"edges":337},[330,331,332,333,335,336],{"id":191,"type":192,"label":309,"file":310,"line":311},{"id":196,"type":197,"label":245,"file":310,"line":313,"wp_function":247},{"id":202,"type":192,"label":309,"file":310,"line":311},{"id":204,"type":197,"label":264,"file":310,"line":334,"wp_function":266},211,{"id":241,"type":192,"label":219,"file":310,"line":321},{"id":244,"type":197,"label":264,"file":310,"line":323,"wp_function":266},[338,339,340],{"from":191,"to":196,"sanitized":210},{"from":202,"to":204,"sanitized":210},{"from":241,"to":244,"sanitized":210},3,{"entryPoint":343,"graph":344,"unsanitizedCount":30,"severity":295},"customer_recommendation_plan (admin\\class-wireless-butler-admin.php:457)",{"nodes":345,"edges":355},[346,348,349,350,352,353],{"id":191,"type":192,"label":219,"file":55,"line":347},458,{"id":196,"type":197,"label":221,"file":55,"line":117,"wp_function":222},{"id":202,"type":192,"label":219,"file":55,"line":347},{"id":204,"type":197,"label":205,"file":55,"line":351,"wp_function":207},478,{"id":241,"type":192,"label":219,"file":55,"line":347},{"id":244,"type":197,"label":205,"file":55,"line":354,"wp_function":207},480,[356,357,358],{"from":191,"to":196,"sanitized":210},{"from":202,"to":204,"sanitized":212},{"from":241,"to":244,"sanitized":210},{"entryPoint":360,"graph":361,"unsanitizedCount":376,"severity":295},"download_customer_recommendation_plan (admin\\class-wireless-butler-admin.php:491)",{"nodes":362,"edges":371},[363,364,365,366,367,368,369,370],{"id":191,"type":192,"label":219,"file":55,"line":242},{"id":196,"type":197,"label":221,"file":55,"line":119,"wp_function":222},{"id":202,"type":192,"label":219,"file":55,"line":242},{"id":204,"type":197,"label":245,"file":55,"line":246,"wp_function":247},{"id":241,"type":192,"label":219,"file":55,"line":242},{"id":244,"type":197,"label":198,"file":55,"line":252,"wp_function":200},{"id":249,"type":192,"label":219,"file":55,"line":242},{"id":251,"type":197,"label":257,"file":55,"line":258,"wp_function":259},[372,373,374,375],{"from":191,"to":196,"sanitized":210},{"from":202,"to":204,"sanitized":210},{"from":241,"to":244,"sanitized":210},{"from":249,"to":251,"sanitized":210},4,{"entryPoint":378,"graph":379,"unsanitizedCount":106,"severity":295},"handle_form_1_step_1_submit (public\\class-wireless-butler-public.php:177)",{"nodes":380,"edges":385},[381,384],{"id":191,"type":192,"label":382,"file":81,"line":383},"$_POST",194,{"id":196,"type":197,"label":245,"file":81,"line":159,"wp_function":247},[386],{"from":191,"to":196,"sanitized":210},{"entryPoint":388,"graph":389,"unsanitizedCount":404,"severity":295},"handle_form_1_step_2_submit (public\\class-wireless-butler-public.php:584)",{"nodes":390,"edges":400},[391,394,395,396,398,399],{"id":191,"type":192,"label":392,"file":81,"line":393},"$_POST (x3)",597,{"id":196,"type":197,"label":221,"file":81,"line":163,"wp_function":222},{"id":202,"type":192,"label":382,"file":81,"line":393},{"id":204,"type":197,"label":264,"file":81,"line":397,"wp_function":266},637,{"id":241,"type":192,"label":382,"file":81,"line":393},{"id":244,"type":197,"label":245,"file":81,"line":169,"wp_function":247},[401,402,403],{"from":191,"to":196,"sanitized":210},{"from":202,"to":204,"sanitized":210},{"from":241,"to":244,"sanitized":210},5,{"entryPoint":406,"graph":407,"unsanitizedCount":420,"severity":295},"\u003Cclass-wireless-butler-public> (public\\class-wireless-butler-public.php:0)",{"nodes":408,"edges":416},[409,411,412,413,414,415],{"id":191,"type":192,"label":410,"file":81,"line":383},"$_POST (x2)",{"id":196,"type":197,"label":245,"file":81,"line":159,"wp_function":247},{"id":202,"type":192,"label":392,"file":81,"line":393},{"id":204,"type":197,"label":221,"file":81,"line":163,"wp_function":222},{"id":241,"type":192,"label":382,"file":81,"line":393},{"id":244,"type":197,"label":264,"file":81,"line":397,"wp_function":266},[417,418,419],{"from":191,"to":196,"sanitized":210},{"from":202,"to":204,"sanitized":210},{"from":241,"to":244,"sanitized":210},6,{"summary":422,"deductions":423},"The \"wireless-butler\" v1.0.11 plugin exhibits a generally strong security posture, with a notable absence of known vulnerabilities and a high rate of properly escaped outputs. The plugin also demonstrates good practices by avoiding dangerous functions and implementing prepared statements for a significant portion of its SQL queries.  However, the static analysis reveals a significant concern regarding taint analysis. A high number of identified flows (10 out of 13) are flagged as having unsanitized paths, with all critical and high severity issues stemming from these flows. This suggests potential vulnerabilities where user-supplied data could be used in sensitive operations without proper validation or sanitization, despite the absence of direct evidence of exploitation through CVEs. The plugin also lacks capability checks on its single entry point (shortcode) and has limited nonce checks, which could be exploited if the shortcode's functionality is sensitive.",[424,427,429,431],{"reason":425,"points":426},"High number of unsanitized taint flows",15,{"reason":428,"points":404},"No capability checks on entry points",{"reason":430,"points":341},"Limited nonce checks",{"reason":432,"points":30},"SQL queries with prepared statements below 100%","2026-03-17T06:30:37.011Z",{"wat":435,"direct":445},{"assetPaths":436,"generatorPatterns":439,"scriptPaths":440,"versionParams":442},[437,438],"\u002Fwp-content\u002Fplugins\u002Fwireless-butler\u002Fcss\u002Fwireless-butler-admin.css","\u002Fwp-content\u002Fplugins\u002Fwireless-butler\u002Fjs\u002Fwireless-butler-admin.js",[],[441],"js\u002Fwireless-butler-admin.js",[443,444],"wireless-butler-admin.css?ver=","wireless-butler-admin.js?ver=",{"cssClasses":446,"htmlComments":447,"htmlAttributes":448,"restEndpoints":449,"jsGlobals":450,"shortcodeOutput":451},[],[],[],[],[],[]]