[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3Ig3848mTZib5Mi5yv7hTpdSeCU2ch21bmF8rw6DUgk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":20,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":35,"fingerprints":181},"wp-hash-filename","WP Faster","1.2","610216","https:\u002F\u002Fprofiles.wordpress.org\u002F610216-1\u002F","\u003Cp>WordPress性能优化插件，主要提升运行效率。更多信息请访问： \u003Ca href=\"https:\u002F\u002Fwpmore.cn\u002F\" rel=\"nofollow ugc\">更好的WordPress主题\u003C\u002Fa>。\u003C\u002Fp>\n","WordPress性能优化插件，主要提升运行效率。更多信息请访问： 更好的WordPress主题。",2000,3399,100,4,"2020-04-09T03:12:00.000Z","5.4.19","5.0","5.3.2",[],"https:\u002F\u002Fwpmore.cn\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-hash-filename.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":22,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"610216-1",3,2050,30,84,"2026-04-05T05:06:36.652Z",[],{"attackSurface":36,"codeSignals":157,"taintFlows":169,"riskAssessment":170,"analyzedAt":180},{"hooks":37,"ajaxHandlers":153,"restRoutes":154,"shortcodes":155,"cronEvents":156,"entryPointCount":23,"unprotectedCount":23},[38,44,48,53,57,62,66,70,75,78,81,84,87,90,94,96,99,102,106,110,113,117,121,125,130,133,136,140,143,146,150],{"type":39,"name":40,"callback":41,"file":42,"line":43},"action","admin_menu","wp_faster_add_plugin_page","wp-faster.php",26,{"type":39,"name":45,"callback":46,"file":42,"line":47},"admin_init","wp_faster_page_init",27,{"type":49,"name":50,"callback":51,"file":42,"line":52},"filter","show_admin_bar","__return_false",822,{"type":39,"name":40,"callback":54,"priority":55,"file":42,"line":56},"closure",9,827,{"type":49,"name":58,"callback":59,"priority":60,"file":42,"line":61},"admin_footer_text","change_footer_admin",9999,865,{"type":49,"name":63,"callback":64,"priority":60,"file":42,"line":65},"update_footer","change_footer_version",869,{"type":39,"name":67,"callback":68,"priority":23,"file":42,"line":69},"wp_before_admin_bar_render","annointed_admin_bar_remove",878,{"type":49,"name":71,"callback":72,"priority":73,"file":42,"line":74},"wp_revisions_to_keep","specs_wp_revisions_to_keep",10,899,{"type":49,"name":76,"callback":51,"file":42,"line":77},"xmlrpc_enabled",907,{"type":49,"name":79,"callback":51,"file":42,"line":80},"rest_enabled",917,{"type":49,"name":82,"callback":51,"file":42,"line":83},"rest_jsonp_enabled",918,{"type":49,"name":85,"callback":54,"file":42,"line":86},"rest_authentication_errors",921,{"type":49,"name":88,"callback":51,"file":42,"line":89},"emoji_svg_url",947,{"type":49,"name":91,"callback":92,"file":42,"line":93},"wp_calculate_image_srcset","disable_srcset",955,{"type":39,"name":45,"callback":54,"file":42,"line":95},960,{"type":49,"name":97,"callback":54,"file":42,"line":98},"tiny_mce_before_init",964,{"type":49,"name":100,"callback":51,"file":42,"line":101},"use_block_editor_for_post_type",972,{"type":49,"name":103,"callback":104,"file":42,"line":105},"get_avatar","iopenv_get_https_avatar",986,{"type":49,"name":107,"callback":108,"file":42,"line":109},"pre_option_link_manager_enabled","__return_true",991,{"type":49,"name":111,"callback":51,"file":42,"line":112},"run_wptexturize",996,{"type":49,"name":114,"callback":115,"priority":73,"file":42,"line":116},"sanitize_file_name","info_sanitize_file_name",1006,{"type":49,"name":118,"callback":119,"file":42,"line":120},"comments_popup_link_attributes","add_nofollow_to_comments_popup_link",1037,{"type":49,"name":122,"callback":123,"priority":23,"file":42,"line":124},"the_content_more_link","add_nofollow_to_link",1045,{"type":49,"name":126,"callback":127,"priority":128,"file":42,"line":129},"the_content","the_content_external",999,1050,{"type":39,"name":131,"callback":54,"file":42,"line":132},"in_admin_header",1064,{"type":49,"name":134,"callback":51,"file":42,"line":135},"admin_email_check_interval",1072,{"type":49,"name":137,"callback":138,"file":42,"line":139},"image_size_names_choose","wpjam_image_size_names_choose",1077,{"type":49,"name":126,"callback":141,"priority":73,"file":42,"line":142},"remove_width_attribute",1088,{"type":39,"name":144,"callback":54,"file":42,"line":145},"restrict_manage_posts",1097,{"type":49,"name":147,"callback":148,"file":42,"line":149},"login_headerurl","anonymous",1112,{"type":49,"name":151,"callback":148,"file":42,"line":152},"login_headertitle",1113,[],[],[],[],{"dangerousFunctions":158,"sqlUsage":164,"outputEscaping":166,"fileOperations":23,"externalRequests":23,"nonceChecks":23,"capabilityChecks":23,"bundledLibraries":168},[159,162],{"fn":160,"file":42,"line":149,"context":161},"create_function","add_filter('login_headerurl', create_function(false,\"return get_bloginfo('url');\"));",{"fn":160,"file":42,"line":152,"context":163},"add_filter('login_headertitle', create_function(false,\"return get_bloginfo('name');\"));",{"prepared":23,"raw":23,"locations":165},[],{"escaped":23,"rawEcho":23,"locations":167},[],[],[],{"summary":171,"deductions":172},"The \"wp-hash-filename\" v1.2 plugin exhibits a strong security posture with no recorded vulnerabilities, CVEs, or identified taint flows. The static analysis reveals no exposed attack surface through AJAX, REST API, shortcodes, or cron events, and all SQL queries utilize prepared statements, demonstrating good development practices. The absence of external HTTP requests and file operations further minimizes potential exposure points.\n\nHowever, the presence of two \"dangerous functions\" (create_function) is a notable concern. While no direct exploitation is evident in the static or taint analysis, the use of `create_function` is discouraged in modern PHP as it can lead to security vulnerabilities if not handled with extreme care, particularly regarding input sanitization, which is not explicitly detailed here beyond the zero taint flows. The lack of nonce and capability checks on the (currently non-existent) entry points is also a weakness, although moot in this specific version's configuration.\n\nIn conclusion, while the plugin is currently secure based on the provided data and has a clean vulnerability history, the use of `create_function` presents a potential, albeit theoretical, risk that should be addressed. The absence of any external dependencies or complex interactions is a significant strength, contributing to its current low-risk profile.",[173,175,178],{"reason":174,"points":73},"Dangerous functions (create_function) found",{"reason":176,"points":177},"No nonce checks implemented",5,{"reason":179,"points":177},"No capability checks implemented","2026-03-16T18:40:39.639Z",{"wat":182,"direct":187},{"assetPaths":183,"generatorPatterns":184,"scriptPaths":185,"versionParams":186},[],[],[],[],{"cssClasses":188,"htmlComments":190,"htmlAttributes":191,"restEndpoints":192,"jsGlobals":193,"shortcodeOutput":194},[189],"wp-faster-setting-section",[],[],[],[],[]]