[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUWI31qiSk76zFQbQHr2XLI7cU3ADgF5sE2Yvwjs_59s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":46,"crawl_stats":37,"alternatives":54,"analysis":166,"fingerprints":512},"wp-condition","Health and Server Condition – Integrated with Google Page Speed","4.1.1","M. Ali Saleem","https:\u002F\u002Fprofiles.wordpress.org\u002Fzinger252\u002F","\u003Cp>Display Your WordPress Condition in Charts and table\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLiGWjcBQBkQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cli>Performance Score: Provides a performance score that summarizes the page’s performance.\u003C\u002Fli>\n\u003Cli>Field Data: Uses real-world, user-collected data to evaluate the performance of a page.\u003C\u002Fli>\n\u003Cli>Lab Data: Provides performance metrics collected in a controlled environment.\u003C\u002Fli>\n\u003Cli>Opportunities: Provides suggestions for improving the page’s performance metrics.\u003C\u002Fli>\n\u003Cli>Diagnostics: Provides additional information about how a page adheres to best practices for web development.\u003C\u002Fli>\n\u003Cli>Passed Audits: A list of audits that the page passed. These indicate practices that the page implements correctly.\u003C\u002Fli>\n\u003Cli>Stack Packs: Provides recommendations for popular JavaScript frameworks and WordPress.\u003C\u002Fli>\n\u003Cli>Database Performance, \u003C\u002Fli>\n\u003Cli>Memory Usage, \u003C\u002Fli>\n\u003Cli>Peak Memory Usage, \u003C\u002Fli>\n\u003Cli>Page load time, \u003C\u002Fli>\n\u003Cli>Average Page load time, \u003C\u002Fli>\n\u003Cp>More features coming soon.\u003C\u002Fp>\n","Display Health and Server Condition in Charts and Table for Google Page Speed, Database Performance, Memory Usage, Peak Memory Usage, Page load time & &hellip;",20,3031,80,4,"2025-12-17T15:07:00.000Z","6.9.4","5.0","",[20,21,22,23,24],"condition","google-page-speed","page-speed","query","site-health","https:\u002F\u002Fgigsix.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-condition.zip",78,1,"2025-04-10 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-32520","wordpress-health-and-server-condition-integrated-with-google-page-speed-reflected-cross-site-scripting","WordPress Health and Server Condition – Integrated with Google Page Speed \u003C= 4.1.1 - Reflected Cross-Site Scripting","The WordPress Health and Server Condition – Integrated with Google Page Speed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=4.1.1","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-16 20:06:26",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8cbce71b-0c3c-4dbd-a83e-3f2d64f8aade?source=api-prod",{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":50,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"zinger252",6,690,96,30,91,"2026-04-04T11:53:10.285Z",[55,79,97,121,144],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":28,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":77,"vuln_count":78,"unpatched_count":78,"last_vuln_date":37,"fetched_at":30},"itman-page-speed-insights","Page Speed Insights","1.0.6","Matej Podstrelenec","https:\u002F\u002Fprofiles.wordpress.org\u002Fmatejpodstrelenec\u002F","\u003Cp>ITMan Page Speed Insights plugin enables you to view daily updated page speed statistics on your dashboard.\u003C\u002Fp>\n\u003Cp>All measurement data are fetched from Google PageSpeed Insights leveraging their API.\u003C\u002Fp>\n\u003Cp>In addition to dashboard widget, you can view measurement history in \u003Cstrong>Tools > Page Speed Insights\u003C\u002Fstrong>.\u003C\u002Fp>\n","Displays and measures page performance according to the Google PageSpeed Insights.",200,3363,100,"2023-06-26T18:48:00.000Z","6.2.9","3.5","5.2.4",[21,71,72,73,74],"itman-page-speed","page-speed-widget","speed","speed-insights","https:\u002F\u002Fwww.itman.sk\u002Fpage-speed-insights\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fitman-page-speed-insights.zip",85,0,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":65,"num_ratings":28,"last_updated":89,"tested_up_to":67,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":95,"download_link":96,"security_score":77,"vuln_count":78,"unpatched_count":78,"last_vuln_date":37,"fetched_at":30},"widget-speed-test-for-elementor","Widget Speed Test for Elementor","1.0.4","Scott Bowler","https:\u002F\u002Fprofiles.wordpress.org\u002Fscottybowl2\u002F","\u003Cp>Identify Elementor widgets that are slowing down page rendering and load times.\u003C\u002Fp>\n\u003Ch3>How to use\u003C\u002Fh3>\n\u003Cp>When logged-in, go to any front-end page and click the “Widget Speed Test” button in the WordPress toolbar (the black bar across the top).\u003C\u002Fp>\n\u003Ch3>More information\u003C\u002Fh3>\n\u003Cp>Page speed is such an important ranking factor, and has a huge impact on conversion rates. As a result, it’s incredibly important to optimise page load times.\u003C\u002Fp>\n\u003Cp>Sites built with Elementor make use of “widgets”, and each widget gets rendered each time a page is loaded.\u003C\u002Fp>\n\u003Cp>Sometimes a widget can consume more resources, which causes the page to slow down.\u003C\u002Fp>\n\u003Cp>Widget Speed Test for Elementor helps you discover which widgets are slowing your page down, allowing you to make informed decisions about whether you should be using them or not.\u003C\u002Fp>\n\u003Cp>We also hope that but making it easier to discover which widgets routinely cause pages to slow down, that we can help plugin authors and the Elementor team improve performance.\u003C\u002Fp>\n","Identify Elementor widgets that are slowing down page rendering and load times.",40,1924,"2023-04-25T06:37:00.000Z","6.0.0",[92,93,21,73,94],"elementor","elementor-pro","widgets","https:\u002F\u002Fwww.dcsdigital.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-speed-test-for-elementor.1.0.4.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":119,"download_link":120,"security_score":65,"vuln_count":78,"unpatched_count":78,"last_vuln_date":37,"fetched_at":30},"complianz-terms-conditions","Complianz – Terms and Conditions","1.2.8","Complianz","https:\u002F\u002Fprofiles.wordpress.org\u002Fcomplianz\u002F","\u003Cp>Complianz – Terms and Conditions is a stand-alone plugin from Complianz. A simple, but in-depth wizard will configure a Terms and Conditions page for your website or for those of your clients.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>A simple but in-depth wizard to configure the Terms & Conditions specified to your needs or the needs of your clients.\u003C\u002Fli>\n\u003Cli>Includes specific paragraphs for affiliate marketing, WooCommerce or Easy Digital Downloads, digital and physical goods and services, and other variables.\u003C\u002Fli>\n\u003Cli>Optional are sections about minimum age requirements, a return policy, accessibility policy and user created content, for example.\u003C\u002Fli>\n\u003Cli>A full-featured Terms & Conditions applicable to most businesses and personal endeavours, and available for editing if needed.\u003C\u002Fli>\n\u003Cli>Can be used stand-alone or fully integrated with the Complianz – GDPR\u002FCCPA Cookie Consent plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Are you missing anything or have suggestions? Leave an issue, or do a pull request on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Fcomplianz-terms-conditions\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Check out other plugins developed by Really Simple Plugins: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomplianz-gdpr\u002F\" rel=\"ugc\">Complianz – GDPR\u002FCCPA Cookie Consent\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freally-simple-ssl\u002F\" rel=\"ugc\">Really Simple SSL\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fburst-statistics\u002F\" rel=\"ugc\">Burst Statistics\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcomplianz.io\u002Fsupport\u002F\" rel=\"nofollow ugc\">Contact\u003C\u002Fa> us if you have any questions, issues, or suggestions. Complianz – Terms & Conditions is developed by \u003Ca href=\"https:\u002F\u002Fcomplianz.io\" rel=\"nofollow ugc\">Complianz B.V.\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Installation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Go to “plugins” in your WordPress Dashboard, and click “add new”\u003C\u002Fli>\n\u003Cli>Upload the downloaded .zip file and activate the plugin\u003C\u002Fli>\n\u003Cli>Navigate to Tools -> Terms and Conditions and follow the instructions\u003C\u002Fli>\n\u003Cli>If you already have Complianz GDPR\u002FCCPA Cookie Consent installed: Please visit Complianz -> Terms and conditions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>IMPORTANT! Complianz – Terms and Conditions can help you meet compliance requirements, but you as the user must nonetheless ensure that you have all the necessary configurations in place.\u003C\u002Fp>\n","Configure your own Terms and Conditions specific to your service or webshop.",300000,1645693,98,176,"2025-05-19T16:03:00.000Z","6.8.5","5.7","7.2",[114,115,116,117,118],"conditions","legal","terms","terms-and-conditions","webshop","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomplianz-terms-conditions","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomplianz-terms-conditions.1.2.8.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":16,"requires_at_least":17,"requires_php":134,"tags":135,"homepage":140,"download_link":141,"security_score":142,"vuln_count":14,"unpatched_count":78,"last_vuln_date":143,"fetched_at":30},"iubenda-cookie-law-solution","iubenda | All-in-one Compliance for GDPR \u002F CCPA Cookie Consent + more","3.13.1","iubenda","https:\u002F\u002Fprofiles.wordpress.org\u002Fiubenda\u002F","\u003Cp>The iubenda plugin is an \u003Cstrong>all-in-one\u003C\u002Fstrong>, extremely easy to use 360° compliance solution, with text crafted by actual lawyers, that quickly \u003Cstrong>scans your site and auto-configures to match your specific setup\u003C\u002Fstrong>. It supports the GDPR (DSGVO, RGPD), UK-GDPR, ePrivacy, LGPD, CPRA \u002F CCPA, CalOPPA, PECR and more, and seamlessly integrates with the latest versions of Google Consent Mode and IAB’s TCF.\u003Cbr \u002F>\nIt allows you to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>⚡️Scan your site and have solutions auto-configured\u003C\u002Fstrong> to match your site’s specific needs.\u003C\u002Fli>\n\u003Cli>🚀 Easily generate a fully customizable \u003Cstrong>cookie banner,\u003C\u002Fstrong> \u003Cstrong>manage cookie consent\u003C\u002Fstrong> and store legally required \u003Cstrong>GDPR consent proofs\u003C\u002Fstrong> for cookies.\u003C\u002Fli>\n\u003Cli>Generate a \u003Cstrong>CCPA notice with working DNSMPI link\u003C\u002Fstrong> as legally required.\u003C\u002Fli>\n\u003Cli>Activate IABs \u003Cstrong>TCF to maximize ad earning\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>🚀 Quickly generate a fully customizable \u003Cstrong>privacy and cookie policy\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-detect user location and auto-applies the correct data privacy settings\u003C\u002Fstrong> (needed if you have users from multiple regions like the US and the EU).\u003C\u002Fli>\n\u003Cli>🚀 Capture, store and manage \u003Cstrong>GDPR consent records\u003C\u002Fstrong> for your webforms.\u003C\u002Fli>\n\u003Cli>🚀 Effortlessly \u003Cstrong>generate professional Terms and Conditions\u003C\u002Fstrong> to protect you from liabilities and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translate all documents with a single click\u003C\u002Fstrong> (supports 10 languages).\u003C\u002Fli>\n\u003Cli>Compatible with \u003Cstrong>Google’s Accelerated Mobile Pages\u003C\u002Fstrong> (AMP)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And of course, basic set-up is completely free.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FZmUC66etPbk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>This all-in-one plugin lets you integrate all iubenda compliance solutions in a single install and basic set-up is completely free.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡️\u003C\u002Fstrong> The plugin \u003Cstrong>scans your site and auto-configures everything\u003C\u002Fstrong> based on your site’s specific needs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⭐ All our solutions are fully responsive (perfect for all screen sizes) and WCAG Level AAA Compliant.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>They’re auto-updated when the law changes so that they’re always up-to-date and our built-in site scanner runs periodic scans on your site and alerts you if it detects something that should be added to your compliance documents.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Our solutions support the GDPR (DSGVO, RGPD), UK-GDPR, ePrivacy, LGPD, CCPA \u002F CPRA, VCDPA, CalOPPA, PECR and more.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Privacy Controls and Cookie Solution\u003C\u002Fh3>\n\u003Cp>Includes cookie banner\u002FCCPA notice, and cookie consent management (blocking scripts until consent is collected as legally required). Free basic setup and full CCPA support.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy and guided set-up: \u003Cstrong>Analyzes your site and auto-configures everything\u003C\u002Fstrong> to make set-up as easy as possible.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully customizable cookie banner\u003C\u002Fstrong> – change functionality, design, location, colors, add your logo and more.\u003C\u002Fli>\n\u003Cli>Asynchronously re-activates cookie scripts once consent is collected (\u003Cstrong>no page reload needed\u003C\u002Fstrong>).\u003C\u002Fli>\n\u003Cli>Lightning-fast: \u003Cstrong>won’t affect page performance\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-detects and blocks a wide range of 3rd party script\u003C\u002Fstrong>s like Google Analytics, Google Maps, Facebook and Instagram widgets, Youtube, Twitter, PayPal, Disqus, Outbrain, AdRoll, Kissmetrics, Freshchat and more.\u003C\u002Fli>\n\u003Cli>Allows you to provide your users with \u003Cstrong>granular, per-category preference control\u003C\u002Fstrong> (e.g. basic functionalities, experience enhancement, targeting & advertising)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Consent Mode\u003C\u002Fstrong> (both \u003Cstrong>Basic\u003C\u002Fstrong> and \u003Cstrong>Advanced\u003C\u002Fstrong> implementations; no extra setup required): Enables \u003Cstrong>efficient conversion tracking\u003C\u002Fstrong> even without user consent for cookies and tracking technologies, \u003Cstrong>enhancing Google Analytics and Ads performance\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Integrates with IAB’s \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fen\u002Fhelp\u002F7440-enable-preference-management-iab-framework#revenue\" rel=\"nofollow ugc\">Transparency and Consent Framework\u003C\u002Fa> (\u003Cstrong>TCF\u003C\u002Fstrong>) to maximize ad revenue (needed if your site uses ad networks like Google ads and more)\u003C\u002Fli>\n\u003Cli>Compatible with \u003Cstrong>Google’s Accelerated Mobile Pages\u003C\u002Fstrong> (AMP)\u003C\u002Fli>\n\u003Cli>Allows you to auto-detect and \u003Cstrong>limit prior-blocking and cookie consent requests only to users from the EU\u003C\u002Fstrong> – where this is a legal requirement \u003Cstrong>for GDPR compliance\u003C\u002Fstrong> – while running cookies scripts normally in regions where you are still legally allowed to do so.\u003C\u002Fli>\n\u003Cli>Features an \u003Cstrong>easy-to-use interface for entering custom scripts\u003C\u002Fstrong> and iframes\u003C\u002Fli>\n\u003Cli>Cookie database feature allows you to auto-set \u003Cstrong>cookie lifetime information\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display CCPA \u002F CPRA notice and opt-out link as required by the\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fen\u002Fhelp\u002F21165-ccpa-how-to-add-a-notice-of-collection-and-a-do-not-sell-link\" rel=\"nofollow ugc\">\u003Cstrong>California Consumer Privacy Act\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Provides \u003Cstrong>cookie consent analytics\u003C\u002Fstrong> for high-traffic sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detects bots\u002Fspiders\u003C\u002Fstrong> and serves them a clean page \u003Cstrong>so that your SEO efforts are never compromised\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy and Cookie Policy Generator\u003C\u002Fh3>\n\u003Cp>This solution lets you generate professional privacy and cookie policies \u003Cstrong>in minutes\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Super \u003Cstrong>easy interface, guided process, fully customizable\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>All \u003Cstrong>legal text written by actual legal professionals\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Quick select from \u003Cstrong>over 1900 clauses or create custom clauses\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Activate \u003Cstrong>cookie policy in a single click\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Site Scanner to quickly \u003Cstrong>detect which services\u002F clauses you need to add to your policies\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-click translation\u003C\u002Fstrong>. 10 languages supported: English-US, English-UK, Italian, French, Spanish, German, Portuguese, Brazilian Portuguese, Russian, Dutch.\u003C\u002Fli>\n\u003Cli>One-click activation for \u003Cstrong>country\u002F region-specific text\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Compatible with \u003Cstrong>Google’s Accelerated Mobile Pages\u003C\u002Fstrong> (AMP)\u003C\u002Fli>\n\u003Cli>Documents are \u003Cstrong>remotely updated when legal requirements change\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Manage documents for \u003Cstrong>multiple sites from a single dashboard\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>White label option\u003C\u002Fstrong> allows you to seamlessly integrate your privacy policy text into the body of your webpage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Consent Database\u003C\u002Fh3>\n\u003Cp>Collect consent, document opt-ins and opt-outs via your web forms. This solution smoothly integrates with your consent collection forms to auto-create legally required GDPR and LGPD consent records.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>About Legal requirements and Consent Records\u003C\u002Fstrong>\u003Cbr \u002F>\nThese records should include a userid, timestamp, consent proof, record of the consenting action, and the legal documents available to the user at the time of consent, \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fen\u002Fhelp\u002F5428-gdpr-guide#records-of-consent\" rel=\"nofollow ugc\">among other things\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is \u003Cstrong>THE most complete solution for recording, sorting and maintaining GDPR & LGPD records of consent for optimal privacy compliance\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The plugin also boasts built-in compatibility with WordPress comment form, Contact Form 7, Elementor forms and WP Forms plugins for your convenience, but can be manually integrated with any type of web-form and can even store consent proofs for consents collected offline (e.g in-store sign-ups) via WP media upload.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It’s \u003Cstrong>auto-compatible with and allows super easy mapping\u003C\u002Fstrong> of Contact Form 7, WP Forms, WordPress comment, Mailchimp for WordPress, Germanized for WooCommerce, Elementor forms and WooCommerce checkout forms\u003C\u002Fli>\n\u003Cli>Also allows manual integration with \u003Cstrong>any type of web-form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>For each consent, \u003Cstrong>track the form\u002Fwording the user was prompted\u003C\u002Fstrong> with at the time of the consent collection\u003C\u002Fli>\n\u003Cli>Accurate \u003Cstrong>timestamping and recording of consenting action\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Flexibly \u003Cstrong>upload any form of proof of consent or legal notice, including a PDF if consent was collected offline\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>It provides a \u003Cstrong>high granularity\u003C\u002Fstrong>: map individual form fields, exclude fields (like password inputs), add legal notices available at the time of consent collection, indicate double opt-in, set preferences and more\u003C\u002Fli>\n\u003Cli>REST \u003Cstrong>HTTP API and JS SDK, to give you total control\u003C\u002Fstrong> and how and when consent is stored\u003C\u002Fli>\n\u003Cli>Store \u003Cstrong>multiple preferences for each user\u003C\u002Fstrong> (e.g. if you have multiple newsletters or opt-ins)\u003C\u002Fli>\n\u003Cli>Features an \u003Cstrong>easy-to-use interface for entering custom scripts and iframes\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>It provides \u003Cstrong>API input field for quick and easy activation\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Terms and Conditions\u003C\u002Fh3>\n\u003Cp>Create your terms and conditions in minutes.\u003C\u002Fp>\n\u003Cp>Customizable from hundreds of combinations, available in 10 languages, powerful and precise — our solution is capable of handling even the most complex, individual scenarios. Optimized for e-commerce, marketplace, SaaS, apps and more.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy, \u003Cstrong>guided set-up\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Expertly crafted at the hands of our \u003Cstrong>international legal team\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Pre-defined scenarios modules for everything from basic \u003Cstrong>disclaimers to copyright licenses, account terminations rules, product-comparison, age-related disclaimers, virtual currency,\u003C\u002Fstrong> and more.\u003C\u002Fli>\n\u003Cli>Plug-and-go \u003Cstrong>integrations for popular eCommerce solutions like Shopify, Wix, Squarespace, Weebly, WooCommerce, PrestaShop\u003C\u002Fstrong> and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-click translation\u003C\u002Fstrong> (10 languages supported EN-US, EN-UK, IT, FR, ES, DE, PT, PT-BR, RU, NL)\u003C\u002Fli>\n\u003Cli>Compatible with \u003Cstrong>Google’s Accelerated Mobile Pages\u003C\u002Fstrong> (AMP)\u003C\u002Fli>\n\u003Cli>Manage documents for \u003Cstrong>multiple sites from a single dashboard\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>White label option\u003C\u002Fstrong> allows you to seamlessly integrate your privacy policy text into the body of your webpage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>iubenda and Third-party services\u003C\u002Fh3>\n\u003Cp>The iubenda plugin makes use of two iubenda services:\u003C\u002Fp>\n\u003Col>\n\u003Cli>A service named \u003Cstrong>Quick generator\u003C\u002Fstrong> that allows you to login\u002Fsignup on iubenda.com and creates privacy policies for your website right from the plugin. The service is publicly available and described in detail on the \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fen\u002Fhelp\u002F37013-api-docs-quick-generator-manual\" rel=\"nofollow ugc\">official documentation page\u003C\u002Fa> on the iubenda website.\u003C\u002Fli>\n\u003Cli>An internal service to scan the user’s website and detect the correct data privacy settings to be applied, depending on the website location.\u003Cbr \u002F>\nExternal CSS and JS assets used in the plugin or applied to the user’s website by iubenda are delivered either by \u003Ca href=\"http:\u002F\u002Fcdn.iubenda.com\u002F\" rel=\"nofollow ugc\">cdn.iubenda.com\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fcdn.ampproject.org\u002F\" rel=\"nofollow ugc\">cdn.ampproject.org\u003C\u002Fa> (only when the AMP settings are \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fen\u002Fhelp\u002F22135-cookie-solution-amp-wordpress#wordpress\" rel=\"nofollow ugc\">activated\u003C\u002Fa>). Any services available at \u003Ca href=\"http:\u002F\u002Fcdn.iubenda.com\u002F\" rel=\"nofollow ugc\">cdn.iubenda.com\u003C\u002Fa> are provided by iubenda and the respective privacy policy applies. Any services available at \u003Ca href=\"http:\u002F\u002Fcdn.ampproject.org\u002F\" rel=\"nofollow ugc\">cdn.ampproject.org\u003C\u002Fa> are provided by Google and the respective privacy policy applies.\u003Cbr \u002F>\nIf you integrate the Privacy Controls and Cookie Solution to allow your website to request and manage consent for the use of cookies and similar technologies, when the final user navigates on your website\u002Fapplication, then the \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fprivacy-policy\u002F36700132\" rel=\"nofollow ugc\">Privacy Policy of iubenda Privacy Controls and Cookie Solution\u003C\u002Fa> applies.\u003Cbr \u002F>\nSimilarly, when you integrate the Consent Database tool to keep track of the user’s consent activities and store the information necessary to record evidence of that consent, then the \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fprivacy-policy\u002F94654098\" rel=\"nofollow ugc\">Privacy Policy of iubenda Consent Database\u003C\u002Fa> applies.\u003Cbr \u002F>\nFor further details on the iubenda tools and services privacy policies please refer to the \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fprivacy-policy\u002F252372\" rel=\"nofollow ugc\">privacy policy\u003C\u002Fa> on the iubenda website.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>About iubenda\u003C\u002Fh3>\n\u003Cp>We help companies all over the world to keep their websites and apps compliant with international privacy laws for optimal peace of mind. \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002F\" rel=\"nofollow ugc\">More here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Languages\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Our services are currently available in the following languages:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English US and UK\u003C\u002Fli>\n\u003Cli>Italian\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>Portuguese\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support & Updates\u003C\u002Fh3>\n\u003Cp>All our solutions and plugins are \u003Cstrong>regularly updated and well maintained\u003C\u002Fstrong> to ensure that you’re always protected.\u003C\u002Fp>\n\u003Cp>You can access our friendly support in multiple languages (currently EN, IT, DE, FR, PT, PT-BR) via \u003Ca href=\"mailto:info@iubenda.com\" rel=\"nofollow ugc\">info@iubenda.com\u003C\u002Fa>, our \u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002F\" rel=\"nofollow ugc\">onsite chat\u003C\u002Fa> \u003Cem>(just click the green Help button on the right side of the page)\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Other links:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fen\u002Fhelp\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsupport.iubenda.com\u002F\" rel=\"nofollow ugc\">Feedback & Support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","The solution for GDPR compliance + more. Get your cookie banner, privacy policy, terms and conditions and handle cookie consent in just one plugin.",200000,5312018,94,386,"2026-03-11T13:35:00.000Z","7.0.0",[136,137,138,139,117],"ccpa","cookie-banner","gdpr","privacy-policy","https:\u002F\u002Fwww.iubenda.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fiubenda-cookie-law-solution.3.13.1.zip",97,"2022-12-12 00:00:00",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":129,"downloaded":152,"rating":153,"num_ratings":154,"last_updated":155,"tested_up_to":156,"requires_at_least":157,"requires_php":112,"tags":158,"homepage":163,"download_link":164,"security_score":65,"vuln_count":28,"unpatched_count":78,"last_vuln_date":165,"fetched_at":30},"performance-lab","Performance Lab","4.1.0","WordPress Performance Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fperformanceteam\u002F","\u003Cp>The Performance Lab plugin is a collection of features focused on enhancing the performance of your site, most of which should eventually be merged into WordPress core. The plugin facilitates the discovery and activation of the individual performance feature plugins which the performance team is developing. In this way you can test the features to get their benefits before they become available in WordPress core. You can also play an important role by providing feedback to further improve the solutions.\u003C\u002Fp>\n\u003Cp>The feature plugins which are currently featured by this plugin are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembed-optimizer\u002F\" rel=\"ugc\">Embed Optimizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauto-sizes\u002F\" rel=\"ugc\">Enhanced Responsive Images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdominant-color-images\u002F\" rel=\"ugc\">Image Placeholders\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fimage-prioritizer\u002F\" rel=\"ugc\">Image Prioritizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnocache-bfcache\u002F\" rel=\"ugc\">Instant Back\u002FForward\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwebp-uploads\u002F\" rel=\"ugc\">Modern Image Formats\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foptimization-detective\u002F\" rel=\"ugc\">Optimization Detective\u003C\u002Fa> (dependency for Embed Optimizer and Image Prioritizer)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fperformant-translations\u002F\" rel=\"ugc\">Performant Translations\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fspeculation-rules\u002F\" rel=\"ugc\">Speculative Loading\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fview-transitions\u002F\" rel=\"ugc\">View Transitions\u003C\u002Fa> \u003Cem>(experimental)\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These plugins can also be installed separately from installing Performance Lab, but having the Performance Lab plugin also active will ensure you find out about new performance features as they are developed.\u003C\u002Fp>\n","Performance plugin from the WordPress Performance Team, which is a collection of standalone performance features.",3452248,86,50,"2026-02-27T20:19:00.000Z","7.0","6.6",[159,160,161,162,24],"diagnostics","measurement","optimization","performance","https:\u002F\u002Fgithub.com\u002FWordPress\u002Fperformance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fperformance-lab.4.1.0.zip","2023-05-18 00:00:00",{"attackSurface":167,"codeSignals":203,"taintFlows":459,"riskAssessment":502,"analyzedAt":511},{"hooks":168,"ajaxHandlers":195,"restRoutes":200,"shortcodes":201,"cronEvents":202,"entryPointCount":28,"unprotectedCount":28},[169,174,177,180,182,185,188,192],{"type":170,"name":171,"callback":171,"file":172,"line":173},"action","init","includes\\class.WP_Page_Condition_Stats.php",13,{"type":170,"name":175,"callback":175,"file":172,"line":176},"wp_head",16,{"type":170,"name":178,"callback":178,"file":172,"line":179},"wp_footer",17,{"type":170,"name":181,"callback":175,"file":172,"line":11},"admin_head",{"type":170,"name":183,"callback":178,"file":172,"line":184},"admin_footer",21,{"type":170,"name":186,"callback":186,"file":172,"line":187},"admin_menu",22,{"type":170,"name":189,"callback":190,"file":172,"line":191},"admin_enqueue_scripts","enqueue",25,{"type":170,"name":193,"callback":190,"file":172,"line":194},"wp_enqueue_scripts",26,[196],{"action":197,"nopriv":198,"callback":197,"hasNonce":198,"hasCapCheck":198,"file":172,"line":199},"wpfixit_con_analysis",false,27,[],[],[],{"dangerousFunctions":204,"sqlUsage":205,"outputEscaping":207,"fileOperations":78,"externalRequests":28,"nonceChecks":28,"capabilityChecks":78,"bundledLibraries":458},[],{"prepared":28,"raw":78,"locations":206},[],{"escaped":176,"rawEcho":208,"locations":209},138,[210,213,215,217,219,221,223,225,227,229,230,232,234,236,238,240,242,243,244,246,248,250,252,253,255,258,259,260,262,263,264,266,267,269,271,273,275,277,279,281,283,285,287,289,291,294,295,297,299,302,303,304,305,306,308,310,312,313,315,317,319,320,321,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,352,354,356,357,359,361,363,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,398,399,400,402,403,405,407,409,410,411,413,415,417,419,420,421,423,425,426,427,429,432,434,435,437,439,441,443,444,446,447,449,450,451,453,455,457],{"file":172,"line":211,"context":212},148,"raw output",{"file":172,"line":214,"context":212},194,{"file":172,"line":216,"context":212},261,{"file":172,"line":218,"context":212},301,{"file":172,"line":220,"context":212},302,{"file":172,"line":222,"context":212},303,{"file":172,"line":224,"context":212},304,{"file":226,"line":48,"context":212},"partials\\pagespeed\\accessibility.php",{"file":226,"line":228,"context":212},15,{"file":226,"line":228,"context":212},{"file":226,"line":231,"context":212},47,{"file":226,"line":233,"context":212},53,{"file":226,"line":235,"context":212},59,{"file":226,"line":237,"context":212},63,{"file":226,"line":239,"context":212},67,{"file":226,"line":241,"context":212},88,{"file":226,"line":131,"context":212},{"file":226,"line":107,"context":212},{"file":226,"line":245,"context":212},102,{"file":226,"line":247,"context":212},122,{"file":226,"line":249,"context":212},130,{"file":226,"line":251,"context":212},134,{"file":226,"line":208,"context":212},{"file":226,"line":254,"context":212},155,{"file":256,"line":257,"context":212},"partials\\pagespeed\\bestpractices.php",7,{"file":256,"line":179,"context":212},{"file":256,"line":179,"context":212},{"file":256,"line":261,"context":212},57,{"file":256,"line":237,"context":212},{"file":256,"line":239,"context":212},{"file":256,"line":265,"context":212},71,{"file":256,"line":142,"context":212},{"file":256,"line":268,"context":212},103,{"file":256,"line":270,"context":212},107,{"file":256,"line":272,"context":212},111,{"file":256,"line":274,"context":212},135,{"file":256,"line":276,"context":212},141,{"file":256,"line":278,"context":212},145,{"file":256,"line":280,"context":212},149,{"file":256,"line":282,"context":212},172,{"file":256,"line":284,"context":212},178,{"file":256,"line":286,"context":212},182,{"file":256,"line":288,"context":212},186,{"file":256,"line":290,"context":212},202,{"file":292,"line":293,"context":212},"partials\\pagespeed\\fetched_records.php",5,{"file":292,"line":293,"context":212},{"file":292,"line":296,"context":212},12,{"file":292,"line":298,"context":212},14,{"file":300,"line":301,"context":212},"partials\\pagespeed\\performance.php",11,{"file":300,"line":179,"context":212},{"file":300,"line":184,"context":212},{"file":300,"line":191,"context":212},{"file":300,"line":51,"context":212},{"file":300,"line":307,"context":212},64,{"file":300,"line":309,"context":212},70,{"file":300,"line":311,"context":212},74,{"file":300,"line":27,"context":212},{"file":300,"line":314,"context":212},83,{"file":300,"line":316,"context":212},120,{"file":300,"line":318,"context":212},126,{"file":300,"line":249,"context":212},{"file":300,"line":251,"context":212},{"file":300,"line":322,"context":212},139,{"file":300,"line":324,"context":212},173,{"file":300,"line":326,"context":212},179,{"file":300,"line":328,"context":212},183,{"file":300,"line":330,"context":212},187,{"file":300,"line":332,"context":212},192,{"file":300,"line":334,"context":212},229,{"file":300,"line":336,"context":212},236,{"file":300,"line":338,"context":212},240,{"file":300,"line":340,"context":212},244,{"file":300,"line":342,"context":212},249,{"file":300,"line":344,"context":212},284,{"file":300,"line":346,"context":212},290,{"file":300,"line":348,"context":212},294,{"file":300,"line":350,"context":212},298,{"file":300,"line":222,"context":212},{"file":300,"line":353,"context":212},339,{"file":300,"line":355,"context":212},349,{"file":300,"line":355,"context":212},{"file":300,"line":358,"context":212},387,{"file":300,"line":360,"context":212},388,{"file":300,"line":362,"context":212},389,{"file":300,"line":364,"context":212},390,{"file":300,"line":366,"context":212},391,{"file":300,"line":368,"context":212},392,{"file":300,"line":370,"context":212},401,{"file":300,"line":372,"context":212},408,{"file":300,"line":374,"context":212},412,{"file":300,"line":376,"context":212},416,{"file":300,"line":378,"context":212},437,{"file":300,"line":380,"context":212},444,{"file":300,"line":382,"context":212},448,{"file":300,"line":384,"context":212},452,{"file":300,"line":386,"context":212},474,{"file":300,"line":388,"context":212},481,{"file":300,"line":390,"context":212},485,{"file":300,"line":392,"context":212},489,{"file":300,"line":394,"context":212},506,{"file":396,"line":397,"context":212},"partials\\pagespeed\\seo.php",8,{"file":396,"line":176,"context":212},{"file":396,"line":176,"context":212},{"file":396,"line":401,"context":212},51,{"file":396,"line":235,"context":212},{"file":396,"line":404,"context":212},65,{"file":396,"line":406,"context":212},69,{"file":396,"line":408,"context":212},73,{"file":396,"line":131,"context":212},{"file":396,"line":65,"context":212},{"file":396,"line":412,"context":212},104,{"file":396,"line":414,"context":212},108,{"file":396,"line":416,"context":212},131,{"file":396,"line":418,"context":212},137,{"file":396,"line":276,"context":212},{"file":396,"line":278,"context":212},{"file":396,"line":422,"context":212},168,{"file":396,"line":424,"context":212},174,{"file":396,"line":284,"context":212},{"file":396,"line":286,"context":212},{"file":396,"line":428,"context":212},198,{"file":430,"line":431,"context":212},"partials\\serverperformance\\db_performance.php",31,{"file":430,"line":433,"context":212},44,{"file":430,"line":433,"context":212},{"file":430,"line":436,"context":212},54,{"file":438,"line":293,"context":212},"partials\\serverperformance\\improv_performance.php",{"file":438,"line":440,"context":212},10,{"file":442,"line":440,"context":212},"partials\\serverperformance\\memory.php",{"file":442,"line":440,"context":212},{"file":445,"line":173,"context":212},"partials\\serverperformance\\peak_memory.php",{"file":445,"line":173,"context":212},{"file":448,"line":440,"context":212},"partials\\serverperformance\\site_performance.php",{"file":448,"line":296,"context":212},{"file":448,"line":173,"context":212},{"file":448,"line":452,"context":212},18,{"file":448,"line":454,"context":212},19,{"file":456,"line":301,"context":212},"partials\\serverperformance\\social_performance.php",{"file":456,"line":296,"context":212},[],[460,475,489],{"entryPoint":461,"graph":462,"unsanitizedCount":28,"severity":39},"display (includes\\class.WP_Page_Condition_Stats.php:130)",{"nodes":463,"edges":473},[464,468],{"id":465,"type":466,"label":467,"file":172,"line":416},"n0","source","$_GET",{"id":469,"type":470,"label":471,"file":172,"line":211,"wp_function":472},"n1","sink","echo() [XSS]","echo",[474],{"from":465,"to":469,"sanitized":198},{"entryPoint":476,"graph":477,"unsanitizedCount":78,"severity":488},"wp_conditions_settingsdisplay (includes\\class.WP_Page_Condition_Stats.php:103)",{"nodes":478,"edges":485},[479,482],{"id":465,"type":466,"label":480,"file":172,"line":481},"$_POST['wp_conditions_settings']",105,{"id":469,"type":470,"label":483,"file":172,"line":481,"wp_function":484},"update_option() [Settings Manipulation]","update_option",[486],{"from":465,"to":469,"sanitized":487},true,"low",{"entryPoint":490,"graph":491,"unsanitizedCount":78,"severity":488},"\u003Cclass.WP_Page_Condition_Stats> (includes\\class.WP_Page_Condition_Stats.php:0)",{"nodes":492,"edges":499},[493,494,495,497],{"id":465,"type":466,"label":480,"file":172,"line":481},{"id":469,"type":470,"label":483,"file":172,"line":481,"wp_function":484},{"id":496,"type":466,"label":467,"file":172,"line":416},"n2",{"id":498,"type":470,"label":471,"file":172,"line":211,"wp_function":472},"n3",[500,501],{"from":465,"to":469,"sanitized":487},{"from":496,"to":498,"sanitized":487},{"summary":503,"deductions":504},"The wp-condition v4.1.1 plugin presents a mixed security posture. While it demonstrates good practices in handling SQL queries with prepared statements and includes a nonce check, significant concerns arise from its attack surface and output sanitization. The presence of an unprotected AJAX handler is a critical entry point that could be exploited if not properly secured. Furthermore, only 10% of outputs are properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities, which aligns with its vulnerability history. The plugin has a known medium-severity CVE related to XSS that is currently unpatched, and the timestamp of the last vulnerability (2025-04-10) suggests it's either a future vulnerability or a typo in the data provided, but the presence of an unpatched vulnerability is a serious issue.  Despite the use of prepared statements and a nonce check, the combination of an unprotected AJAX endpoint and poor output escaping, coupled with an unpatched XSS vulnerability, elevates the risk considerably. This plugin requires immediate attention to address the XSS flaw and secure the AJAX handler.",[505,507,509],{"reason":506,"points":397},"Unprotected AJAX handler",{"reason":508,"points":257},"Low output escaping percentage",{"reason":510,"points":228},"Unpatched CVE (medium severity)","2026-03-16T23:03:35.164Z",{"wat":513,"direct":522},{"assetPaths":514,"generatorPatterns":517,"scriptPaths":518,"versionParams":519},[515,516],"\u002Fwp-content\u002Fplugins\u002Fwp-condition\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-condition\u002FChart.min.js",[],[],[520,521],"wp-condition\u002Fstyle.css?ver=","wp-condition\u002FChart.min.js?ver=",{"cssClasses":523,"htmlComments":525,"htmlAttributes":528,"restEndpoints":533,"jsGlobals":535,"shortcodeOutput":537},[524],"wpfixit_con",[526,527],"\u003C!-- The loader div -->","\u003C!-- The div where the AJAX response will be displayed -->",[529,530,531,532],"id=\"wpfixit_con\"","id=\"loader\"","id=\"content\"","name=\"wp_conditions_settings[wpcond_googleapis_key]\"",[534],"\u002Fwp-json\u002Fwpfixit_con_analysis",[536],"ajaxurl",[]]