[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3DE6r9-tYD32SGZZigc1InoQsCH40Eou-xwpbuvgSes":3,"$f7shw_GMAYAkTR9TD_E9iBGKp2v8VmXapOhbAkBn-lSU":92,"$f9YBqkUrI3cCqkYqeJ2L3xkYeLV_SJrEmynvOz3kUrs0":97},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":16,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":35,"analysis":36,"fingerprints":76},"wp-ano-atual","AnO Atual – Copyright","1.2","aquilesmaior","https:\u002F\u002Fprofiles.wordpress.org\u002Faquilesmaior\u002F","\u003Cp>[wp-ano-atual] ou [wp-ano-atual inicio = “© 2015”]\u003Cbr \u002F>\nO plugin ideal para adicionar rapidamente o ano atual no rodapé do seu site via shortcode, muito simples. Apenas ative e coloque o shortcode onde quiser.\u003Cbr \u002F>\nExemplo de uso: [wp-ano-atual] ou [wp-ano-atual inicio = “© 2015”].\u003Cbr \u002F>\nResultado: 2015-2019\u003C\u002Fp>\n\u003Cp>The ideal plugin to quickly add the current Year in the footer of your site via shortcode, very simple. Just activate and put the shortcode where you want.\u003Cbr \u002F>\nExample usage: [wp-ano-atual] or [wp-ano-atual inicio = “© 2015”].\u003Cbr \u002F>\nResult: 2015-2019\u003C\u002Fp>\n","Mantenha o Ano do seu copyright no rodape sempre atualizado com este plugin.",10,1077,100,1,"2019-07-08T12:25:00.000Z","","5.3",[19,20,21,22,23],"ano-atual","ano-rodape","data-atual","date-copyright","footer-date","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-ano-atual.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},30,84,"2026-05-20T06:36:27.714Z",[],{"attackSurface":37,"codeSignals":53,"taintFlows":63,"riskAssessment":64,"analyzedAt":75},{"hooks":38,"ajaxHandlers":45,"restRoutes":46,"shortcodes":47,"cronEvents":52,"entryPointCount":14,"unprotectedCount":26},[39],{"type":40,"name":41,"callback":42,"file":43,"line":44},"filter","widget_text","do_shortcode","settings.php",6,[],[],[48],{"tag":4,"callback":49,"file":50,"line":51},"wp_anox","functions.php",27,[],{"dangerousFunctions":54,"sqlUsage":55,"outputEscaping":57,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":62},[],{"prepared":26,"raw":26,"locations":56},[],{"escaped":26,"rawEcho":14,"locations":58},[59],{"file":50,"line":60,"context":61},14,"raw output",[],[],{"summary":65,"deductions":66},"The \"wp-ano-atual\" plugin v1.2 presents a mixed security posture.  On the positive side, the static analysis indicates no dangerous functions, file operations, external HTTP requests, or SQL queries that are not using prepared statements.  The absence of known CVEs and a clean vulnerability history is also a strong indicator of good security practices to date.  However, there are significant concerns regarding output escaping and a lack of critical security checks like nonces and capability checks.\n\nThe primary area of concern is the lack of proper output escaping, with 100% of identified outputs not being properly escaped. This could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is rendered directly to the page without sanitization. Furthermore, the complete absence of nonce checks and capability checks across all identified entry points, even though the attack surface is small (one shortcode), represents a potential blind spot. Without these fundamental security measures, any interaction through the shortcode could be vulnerable to unauthorized execution or manipulation.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and the avoidance of common risky coding patterns like raw SQL, the critical oversight in output escaping and the absence of authentication\u002Fauthorization checks on its sole entry point are significant weaknesses. These issues, if exploited, could lead to severe security breaches. The plugin has a solid foundation but requires immediate attention to its escaping and access control mechanisms.",[67,70,73],{"reason":68,"points":69},"Unescaped output detected",8,{"reason":71,"points":72},"Missing nonce checks on entry points",7,{"reason":74,"points":72},"Missing capability checks on entry points","2026-04-16T12:21:26.013Z",{"wat":77,"direct":84},{"assetPaths":78,"generatorPatterns":80,"scriptPaths":81,"versionParams":82},[79],"\u002Fwp-content\u002Fplugins\u002Fwp-ano-atual\u002Fassets\u002Fadmin\u002Fcss\u002Fwelcome.css",[],[],[83],"\u002Fwp-ano-atual\u002Fassets\u002Fadmin\u002Fcss\u002Fwelcome.css?ver=",{"cssClasses":85,"htmlComments":86,"htmlAttributes":87,"restEndpoints":88,"jsGlobals":89,"shortcodeOutput":90},[],[],[],[],[],[91],"\u003C!-- Start Date - Current Date -->",{"error":93,"url":94,"statusCode":95,"statusMessage":96,"message":96},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-ano-atual\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":26,"versions":98},[]]