[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fA_5Ng1rjtFCyeXLptRyg0tH-fPL5T17lPWbmZhjjXoI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":114,"fingerprints":331},"wp-lawyer","WP Lawyer","1.0.4","Brandon Hubbard","https:\u002F\u002Fprofiles.wordpress.org\u002Fbhubbard\u002F","\u003Cp>WP-Lawyer is a custom WordPress plugin for Lawyers and Law Firms which use WordPress. It allows them to easily manage past court cases, along with a directory of Attorneys on their WordPress website.\u003C\u002Fp>\n","WP-Lawyer is a custom WordPress plugin for Lawyers and Law Firms which use WordPress.",30,3676,100,2,"2025-01-05T01:57:00.000Z","6.7.5","4.7","",[20,21,22],"attorneys","law-firm","lawyers","\u002F\u002Fwp-lawyer.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-lawyer.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":11,"trust_score":35,"computed_at":36},"bhubbard",4,90,87,85,"2026-04-04T11:06:04.609Z",[38,60,80,97],{"slug":39,"name":40,"version":6,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":18,"download_link":57,"security_score":58,"vuln_count":48,"unpatched_count":26,"last_vuln_date":59,"fetched_at":28},"clio-grow-form","Clio Grow Form","cliogrow","https:\u002F\u002Fprofiles.wordpress.org\u002Fcliogrow\u002F","\u003Cp>Clio Grow is a law firm CRM and client intake software. It helps law firms keep track of all their potential clients, and intake them with ease using powerful online tools to collect information and e-sign documents.\u003C\u002Fp>\n\u003Cp>The Clio Grow plugin for WordPress enables law firms who use Clio Grow to automatically capture leads from their website or blog into the Clio Grow CRM system. Visit https:\u002F\u002Fclio.com for more information.\u003C\u002Fp>\n","The Clio Grow Wordpress plugin enables law firms who use Clio Grow to automatically capture leads from their website or blog into the Clio Grow CRM.",1000,13043,46,3,"2025-11-17T17:45:00.000Z","6.8.5","4.0",[53,54,55,21,56],"clio","clio-grow","contact-form","lawyer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclio-grow-form.zip",98,"2024-10-15 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":26,"downloaded":68,"rating":13,"num_ratings":69,"last_updated":18,"tested_up_to":50,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":77,"download_link":78,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":79},"attorneyconnect-ai","AttorneyConnect AI","1.0.27","AttorneyConnect LLC","https:\u002F\u002Fprofiles.wordpress.org\u002Fattorneyconnect\u002F","\u003Cp>AttorneyConnect AI engages visitors, qualifies leads, and streamlines intake 24\u002F7. Add a branded chat experience, optional call\u002Fmessage buttons, and a floating chat entry point.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> To use this plugin you must \u003Ca href=\"https:\u002F\u002FAttorneyConnect.ai\" rel=\"nofollow ugc\">sign up at AttorneyConnect.ai\u003C\u002Fa> and obtain a \u003Cstrong>Website Code\u003C\u002Fstrong>. The code connects your WordPress site to your AttorneyConnect account. Without it, the chat feature cannot function.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003Cbr \u002F>\n* Branded widget bar (horizontal\u002Fvertical)\u003Cbr \u002F>\n* Floating chat button\u003Cbr \u002F>\n* Custom colors and text color\u003Cbr \u002F>\n* Auto-engagement after a configurable delay\u003Cbr \u002F>\n* Default-on widget actions and attribution (Title, Call, Message, Chat, Powered by)\u003Cbr \u002F>\n* Optional “Powered by AttorneyConnect” attribution\u003Cbr \u002F>\n* Works with buttons\u002Flinks anywhere on your site\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Open chat from your own buttons\u002Flinks\u003C\u002Fstrong>\u003Cbr \u002F>\nAdd the CSS class \u003Ccode>open-attorneyconnect\u003C\u002Fcode> to any button or link to open the chat.\u003Cbr \u002F>\nExample: \u003Ccode>\u003Ca href=\"#\" class=\"open-attorneyconnect\">Chat with us\u003C\u002Fa>\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Where to find the settings\u003C\u002Fstrong>\u003Cbr \u002F>\nOnce activated, go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> AttorneyConnect\u003C\u002Fstrong> in your WordPress admin.\u003C\u002Fp>\n\u003Cp>For support, sales, or profile updates, visit \u003Cstrong>https:\u002F\u002FAttorneyConnect.ai\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Service and Data Disclosure\u003C\u002Fh3>\n\u003Cp>This plugin acts as a client for the \u003Cstrong>AttorneyConnect AI\u003C\u002Fstrong> service.\u003Cbr \u002F>\nWhen enabled, it establishes a WebSocket\u002FHTTPS connection to AttorneyConnect servers in order to deliver chat functionality.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remote Endpoints Contacted\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>https:\u002F\u002Fapis.attorneyconnect.ai\u003C\u002Fcode> (production)\u003Cbr \u002F>\n* \u003Ccode>https:\u002F\u002Fapis.stage.attorneyconnect.ai\u003C\u002Fcode> (staging)\u003Cbr \u002F>\n* \u003Ccode>https:\u002F\u002Fapis.dev.attorneyconnect.ai\u003C\u002Fcode> (development)\u003C\u002Fp>\n\u003Cp>No chat or lead functionality can operate without contacting these endpoints.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s Sent\u003C\u002Fstrong>\u003Cbr \u002F>\n* Your \u003Cstrong>Website Code\u003C\u002Fstrong> (provided when you sign up at \u003Ca href=\"https:\u002F\u002FAttorneyConnect.ai\" rel=\"nofollow ugc\">AttorneyConnect.ai\u003C\u002Fa>), which identifies your account.\u003Cbr \u002F>\n* Chat session messages and metadata necessary for operation of the receptionist service.\u003Cbr \u002F>\n* Plugin metadata including:\u003Cbr \u002F>\n  * \u003Ccode>plugin_version\u003C\u002Fcode> (plugin build version)\u003Cbr \u002F>\n  * \u003Ccode>device_type\u003C\u002Fcode> (\u003Ccode>mobile\u003C\u002Fcode> or \u003Ccode>desktop\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s Required\u003C\u002Fstrong>\u003Cbr \u002F>\n* An active AttorneyConnect account.\u003Cbr \u002F>\n* A valid Website Code entered in the plugin settings.\u003C\u002Fp>\n\u003Cp>By activating this plugin you are connecting your site to the AttorneyConnect service. If you do not have an account or do not wish your site to communicate with AttorneyConnect servers, do not enable the plugin.\u003C\u002Fp>\n","AttorneyConnect AI is the Most Advanced Conversational Website Receptionist Built for Small Law Firms.",424,1,"5.0","7.4",[73,74,21,75,76],"conversion","intake","legal","receptionist","https:\u002F\u002Fattorneyconnect.ai\u002Fget-started\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fattorneyconnect-ai.1.0.27.zip","2026-03-15T10:48:56.248Z",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":26,"downloaded":88,"rating":26,"num_ratings":26,"last_updated":18,"tested_up_to":89,"requires_at_least":70,"requires_php":71,"tags":90,"homepage":95,"download_link":96,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":79},"lawyer-locker","Lawyer Locker","0.1","Web Guy","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebguyio\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwebguyio\u002Fsupport\" rel=\"nofollow ugc\">💬 Ask Question\u003C\u002Fa> | \u003Ca href=\"mailto:webguywork@gmail.com\" rel=\"nofollow ugc\">📧 Email Me\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Encrypted lockers for secure client communication and file sharing.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Locker Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Individual Client Lockers\u003C\u002Fstrong>: Each client gets a unique, password-protected, secure area\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure File Sharing\u003C\u002Fstrong>: Upload and download encrypted files with full privacy\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Message Thread\u003C\u002Fstrong>: Secure, timestamped communication log between lawyer and client\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity Audit Trail\u003C\u002Fstrong>: Track all locker access, file downloads, and messages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Client Accounts Required\u003C\u002Fstrong>: Share a simple URL with encryption key in the fragment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Lockbox Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>One-offs\u003C\u002Fstrong>: One-time encrypted messages that self-destruct after reading\u003C\u002Fli>\n\u003Cli>\u003Cstrong>End-to-End Encryption\u003C\u002Fstrong>: All data is encrypted in the browser using AES-256-GCM before transmission\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero-Knowledge Server\u003C\u002Fstrong>: The server never has access to encryption keys or plaintext data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Client Accounts Required\u003C\u002Fstrong>: Share a simple URL with encryption key in the fragment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How it Works\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Lawyer creates a locker in WordPress admin\u003C\u002Fli>\n\u003Cli>Plugin generates a unique URL with encryption key (\u003Ccode>\u002Flocker\u002Fabc123\u002F#encryption-key\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Lawyer shares this URL securely with their client\u003C\u002Fli>\n\u003Cli>Both parties access the locker using the same URL\u003C\u002Fli>\n\u003Cli>All messages and files are encrypted\u002Fdecrypted locally in the browser\u003C\u002Fli>\n\u003Cli>Server only stores encrypted blobs (no plaintext ever touches the server)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Security Notice\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The encryption key is included in the URL fragment (after the #). This must be shared securely:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use encrypted email (Proton)\u003C\u002Fli>\n\u003Cli>Use secure messaging (Signal)\u003C\u002Fli>\n\u003Cli>Use the built-in Lockbox feature\u003C\u002Fli>\n\u003Cli>Share in-person or via phone\u003C\u002Fli>\n\u003Cli>DO NOT send via regular email (Gmail, Yahoo, Hotmail) or SMS\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Perfect For\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Law firms managing sensitive client communications\u003C\u002Fli>\n\u003Cli>Accountants sharing financial documents\u003C\u002Fli>\n\u003Cli>Healthcare providers (HIPAA compliance considerations)\u003C\u002Fli>\n\u003Cli>Politicians and government officials\u003C\u002Fli>\n\u003Cli>Journalists and activists\u003C\u002Fli>\n\u003Cli>Anyone requiring genuine privacy and confidentiality\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Technical Details\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Uses Web Crypto API for browser-based AES-256-GCM encryption\u003C\u002Fli>\n\u003Cli>Custom database tables for encrypted files and activity logs\u003C\u002Fli>\n\u003Cli>No third-party dependencies\u003C\u002Fli>\n\u003Cli>Clean, minimal codebase\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Browser Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Modern browser with Web Crypto API support (all current browsers)\u003C\u002Fli>\n\u003Cli>JavaScript must be enabled (required for encryption\u002Fdecryption)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>For the Lawyers\u003C\u002Fh4>\n\u003Cp>Lawyer Locker is part of the \u003Ca href=\"https:\u002F\u002Fforthelawyers.co\u002F\" rel=\"nofollow ugc\">For the Lawyers\u003C\u002Fa> initiative, a project dedicated to lawyers, finding all the gaps on the web to make their lives easier, and filling them.\u003C\u002Fp>\n\u003Cp>For support and other WordPress tools for legal pros, go to \u003Ca href=\"https:\u002F\u002Fforthelawyers.co\u002F\" rel=\"nofollow ugc\">forthelawyers.co\u003C\u002Fa>.\u003C\u002Fp>\n","Encrypted lockers for secure client communication and file sharing.",150,"6.9.4",[91,92,93,22,94],"clients","communication","encryption","privacy","https:\u002F\u002Fforthelawyers.co\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flawyer-locker.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":26,"downloaded":105,"rating":26,"num_ratings":26,"last_updated":106,"tested_up_to":89,"requires_at_least":107,"requires_php":71,"tags":108,"homepage":112,"download_link":113,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"legal-services-management","Legal Services Management","2.0.0","Mati Ullah","https:\u002F\u002Fprofiles.wordpress.org\u002Fmatiullahpro\u002F","\u003Cp>\u003Cstrong>Legal Services Management\u003C\u002Fstrong> is a powerful, all-in-one WordPress plugin designed specifically for law firms, solo attorneys, and legal service providers. Manage your entire practice workflow without leaving your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>Whether you’re a solo practitioner or managing a multi-attorney firm, this plugin gives you everything you need: client records, case tracking, appointment scheduling, document templates, invoicing, and frontend portals for both clients and attorneys.\u003C\u002Fp>\n\u003Ch3>Core Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Client Management\u003C\u002Fstrong>\u003Cbr \u002F>\n* Complete client database with contact details, status tracking, and activity history\u003Cbr \u002F>\n* Auto-link WordPress user accounts to client records\u003Cbr \u002F>\n* Supports guest and logged-in client bookings\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Case Management\u003C\u002Fstrong>\u003Cbr \u002F>\n* Track cases with case numbers, types (civil, criminal, family, corporate, immigration, real estate), priorities, and statuses\u003Cbr \u002F>\n* Assign lawyers and link clients to each case\u003Cbr \u002F>\n* Store court info and full case descriptions with the WordPress editor\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Appointment Scheduling\u003C\u002Fstrong>\u003Cbr \u002F>\n* Book in-person, video call, and phone appointments\u003Cbr \u002F>\n* Interactive monthly calendar view in the admin dashboard\u003Cbr \u002F>\n* Automated email reminders via WP-Cron\u003Cbr \u002F>\n* Frontend booking form via shortcode\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Invoice & Billing\u003C\u002Fstrong>\u003Cbr \u002F>\n* Create professional invoices with subtotals, tax rates, and balance tracking\u003Cbr \u002F>\n* Track invoice status: Draft, Sent, Paid, Overdue, and Cancelled\u003Cbr \u002F>\n* Link invoices to specific cases and clients\u003Cbr \u002F>\n* Stripe payment integration (configurable via settings)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Document Templates\u003C\u002Fstrong>\u003Cbr \u002F>\n* Create reusable document templates with placeholders (\u003Ccode>{client_name}\u003C\u002Fcode>, \u003Ccode>{case_number}\u003C\u002Fcode>, \u003Ccode>{date}\u003C\u002Fcode>)\u003Cbr \u002F>\n* Manage uploaded files linked to cases and clients\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Client Portal (Frontend)\u003C\u002Fstrong>\u003Cbr \u002F>\n* Logged-in clients can view their cases, appointments, and invoices\u003Cbr \u002F>\n* Accessible via \u003Ccode>[lsm_client_portal]\u003C\u002Fcode> shortcode on any page or post\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Attorney\u002FLawyer Dashboard (Frontend)\u003C\u002Fstrong>\u003Cbr \u002F>\n* Attorneys can view their assigned cases, appointment calendar, and invoices\u003Cbr \u002F>\n* Accessible via \u003Ccode>[lsm_lawyer_dashboard]\u003C\u002Fcode> shortcode\u003C\u002Fp>\n\u003Cp>\u003Cstrong>REST API\u003C\u002Fstrong>\u003Cbr \u002F>\n* Full RESTful API (\u003Ccode>\u002Fwp-json\u002Flsm\u002Fv1\u002F\u003C\u002Fcode>) for integration with external tools\u003Cbr \u002F>\n* Permission-controlled endpoints for clients, cases, and appointments\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cron Automation\u003C\u002Fstrong>\u003Cbr \u002F>\n* Hourly appointment reminder emails\u003Cbr \u002F>\n* Daily cleanup of old activity logs and expired sessions\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Activity Logging\u003C\u002Fstrong>\u003Cbr \u002F>\n* Records all create\u002Fupdate operations for audit trail purposes\u003C\u002Fp>\n\u003Ch3>Available Shortcodes\u003C\u002Fh3>\n\u003Cp>  Shortcode\u003Cbr \u002F>\n  Description\u003C\u002Fp>\n\u003Cp>  \u003Ccode>[lsm_booking_form]\u003C\u002Fcode>\u003Cbr \u002F>\n  Frontend appointment booking form\u003C\u002Fp>\n\u003Cp>  \u003Ccode>[lsm_client_portal]\u003C\u002Fcode>\u003Cbr \u002F>\n  Client self-service portal\u003C\u002Fp>\n\u003Cp>  \u003Ccode>[lsm_lawyer_dashboard]\u003C\u002Fcode>\u003Cbr \u002F>\n  Lawyer\u002Fattorney frontend dashboard\u003C\u002Fp>\n\u003Cp>  \u003Ccode>[lsm_lawyer_list]\u003C\u002Fcode>\u003Cbr \u002F>\n  Display all active lawyers\u003C\u002Fp>\n\u003Cp>  \u003Ccode>[lsm_service_list]\u003C\u002Fcode>\u003Cbr \u002F>\n  Display all available services\u003C\u002Fp>\n\u003Cp>  \u003Ccode>[lsm_appointment_calendar]\u003C\u002Fcode>\u003Cbr \u002F>\n  Client appointment calendar view\u003C\u002Fp>\n\u003Ch3>Custom Roles & Capabilities\u003C\u002Fh3>\n\u003Cp>The plugin registers the following custom WordPress roles and capabilities:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>LSM Lawyer\u003C\u002Fstrong> – Can manage cases, appointments, and view clients\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LSM Client\u003C\u002Fstrong> – Can access the client portal\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Custom capabilities: \u003Ccode>manage_clients\u003C\u002Fcode>, \u003Ccode>manage_cases\u003C\u002Fcode>, \u003Ccode>manage_appointments\u003C\u002Fcode>, \u003Ccode>manage_invoices\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All form submissions protected with nonces (CSRF protection)\u003C\u002Fli>\n\u003Cli>All input sanitized with appropriate WordPress functions (\u003Ccode>sanitize_text_field\u003C\u002Fcode>, \u003Ccode>sanitize_email\u003C\u002Fcode>, \u003Ccode>wp_kses_post\u003C\u002Fcode>, etc.)\u003C\u002Fli>\n\u003Cli>All output escaped before rendering (\u003Ccode>esc_html\u003C\u002Fcode>, \u003Ccode>esc_attr\u003C\u002Fcode>, \u003Ccode>esc_url\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Database queries use \u003Ccode>$wpdb->prepare()\u003C\u002Fcode> with placeholders to prevent SQL injection\u003C\u002Fli>\n\u003Cli>Direct file access protection on all PHP files\u003C\u002Fli>\n\u003Cli>Safe redirects via \u003Ccode>wp_safe_redirect()\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","Manage clients, cases, appointments, invoices & documents for law firms directly from WordPress.",432,"2026-03-04T22:49:00.000Z","5.6",[109,110,111,21,75],"appointments","case-management","client-portal","https:\u002F\u002Fsamthrive.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flegal-services-management.2.0.0.zip",{"attackSurface":115,"codeSignals":192,"taintFlows":323,"riskAssessment":324,"analyzedAt":330},{"hooks":116,"ajaxHandlers":188,"restRoutes":189,"shortcodes":190,"cronEvents":191,"entryPointCount":26,"unprotectedCount":26},[117,123,126,129,132,135,138,141,144,147,150,154,158,163,166,168,171,174,177,180,183],{"type":118,"name":119,"callback":120,"priority":26,"file":121,"line":122},"action","init","wp_lawyer_attorneys_cpt","modules\\attorneys.php",60,{"type":118,"name":119,"callback":124,"priority":26,"file":121,"line":125},"wp_lawyer_attorneys_practicearea",107,{"type":118,"name":119,"callback":127,"priority":26,"file":121,"line":128},"wplawyer_attorney_city",152,{"type":118,"name":119,"callback":130,"priority":26,"file":121,"line":131},"wplawyer_attorney_county",197,{"type":118,"name":119,"callback":133,"priority":26,"file":121,"line":134},"wplawyer_attorney_state",241,{"type":118,"name":119,"callback":136,"priority":26,"file":121,"line":137},"wplawyer_attorney_district",287,{"type":118,"name":119,"callback":139,"priority":26,"file":121,"line":140},"wplawyer_attorney_lawschool",332,{"type":118,"name":119,"callback":142,"priority":26,"file":121,"line":143},"wplawyer_attorney_undergraduateschool",377,{"type":118,"name":119,"callback":145,"priority":26,"file":121,"line":146},"wplawyer_attorney_languages",421,{"type":118,"name":119,"callback":148,"priority":26,"file":121,"line":149},"wplawyer_attorney_associations",466,{"type":118,"name":151,"callback":152,"file":121,"line":153},"admin_menu","wplawyer_add_attorney_metaboxes",558,{"type":118,"name":155,"callback":156,"file":121,"line":157},"save_post","wplawyer_attorney_save_data",610,{"type":159,"name":160,"callback":161,"priority":69,"file":121,"line":162},"filter","template_include","wplawyer_attorney_templates",909,{"type":118,"name":119,"callback":164,"priority":26,"file":165,"line":122},"wp_lawyer_cases_cpt","modules\\cases.php",{"type":118,"name":119,"callback":167,"priority":26,"file":165,"line":125},"wp_lawyer_cases_casetype",{"type":118,"name":119,"callback":169,"priority":26,"file":165,"line":170},"wplawyer_case_resolution",157,{"type":118,"name":119,"callback":172,"priority":26,"file":165,"line":173},"wplawyer_cases_courthouse",201,{"type":118,"name":151,"callback":175,"file":165,"line":176},"wplawyer_add_case_metaboxes",240,{"type":118,"name":155,"callback":178,"file":165,"line":179},"wplawyer_case_save_data",286,{"type":159,"name":160,"callback":181,"priority":69,"file":165,"line":182},"wplawyer_cases_templates",366,{"type":118,"name":184,"callback":185,"file":186,"line":187},"wp_enqueue_scripts","wplawyer_styles","wp-lawyer.php",76,[],[],[],[],{"dangerousFunctions":193,"sqlUsage":194,"outputEscaping":196,"fileOperations":26,"externalRequests":26,"nonceChecks":14,"capabilityChecks":14,"bundledLibraries":322},[],{"prepared":26,"raw":26,"locations":195},[],{"escaped":26,"rawEcho":197,"locations":198},63,[199,202,204,205,207,208,210,211,213,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,271,273,274,276,278,280,283,285,287,289,291,293,295,298,300,302,305,307,309,311,313,315,316,318,320],{"file":121,"line":200,"context":201},576,"raw output",{"file":121,"line":203,"context":201},588,{"file":121,"line":203,"context":201},{"file":121,"line":206,"context":201},591,{"file":121,"line":206,"context":201},{"file":121,"line":209,"context":201},595,{"file":121,"line":209,"context":201},{"file":121,"line":212,"context":201},596,{"file":121,"line":212,"context":201},{"file":121,"line":215,"context":201},661,{"file":121,"line":217,"context":201},671,{"file":121,"line":219,"context":201},681,{"file":121,"line":221,"context":201},690,{"file":121,"line":223,"context":201},700,{"file":121,"line":225,"context":201},709,{"file":121,"line":227,"context":201},719,{"file":121,"line":229,"context":201},728,{"file":121,"line":231,"context":201},738,{"file":121,"line":233,"context":201},747,{"file":121,"line":235,"context":201},757,{"file":121,"line":237,"context":201},766,{"file":121,"line":239,"context":201},776,{"file":121,"line":241,"context":201},785,{"file":121,"line":243,"context":201},795,{"file":121,"line":245,"context":201},804,{"file":121,"line":247,"context":201},813,{"file":121,"line":249,"context":201},823,{"file":121,"line":251,"context":201},832,{"file":121,"line":253,"context":201},841,{"file":121,"line":255,"context":201},851,{"file":121,"line":257,"context":201},860,{"file":121,"line":259,"context":201},869,{"file":121,"line":261,"context":201},879,{"file":121,"line":263,"context":201},888,{"file":121,"line":265,"context":201},897,{"file":165,"line":267,"context":201},258,{"file":165,"line":269,"context":201},270,{"file":165,"line":269,"context":201},{"file":165,"line":272,"context":201},273,{"file":165,"line":272,"context":201},{"file":165,"line":275,"context":201},335,{"file":165,"line":277,"context":201},345,{"file":165,"line":279,"context":201},355,{"file":281,"line":282,"context":201},"templates\\archive-wplawyer-attorney.php",37,{"file":281,"line":284,"context":201},38,{"file":281,"line":286,"context":201},39,{"file":281,"line":288,"context":201},40,{"file":281,"line":290,"context":201},41,{"file":281,"line":292,"context":201},42,{"file":281,"line":294,"context":201},43,{"file":296,"line":297,"context":201},"templates\\archive-wplawyer-cases.php",13,{"file":296,"line":299,"context":201},25,{"file":296,"line":301,"context":201},29,{"file":303,"line":304,"context":201},"templates\\single-wplawyer-attorney.php",31,{"file":303,"line":306,"context":201},32,{"file":303,"line":308,"context":201},33,{"file":303,"line":310,"context":201},34,{"file":303,"line":312,"context":201},35,{"file":303,"line":314,"context":201},36,{"file":303,"line":282,"context":201},{"file":317,"line":312,"context":201},"templates\\single-wplawyer-cases.php",{"file":317,"line":319,"context":201},47,{"file":317,"line":321,"context":201},51,[],[],{"summary":325,"deductions":326},"The wp-lawyer plugin version 1.0.4 presents a generally good security posture based on the provided static analysis. The plugin has a remarkably small attack surface, with no apparent AJAX handlers, REST API routes, shortcodes, or cron events, which significantly reduces the potential for external exploitation. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests is a strong positive indicator. The use of prepared statements for all SQL queries and the presence of nonce and capability checks also suggest a developer who is aware of common WordPress security best practices.\n\nHowever, a significant concern arises from the output escaping. With 63 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed to users that is not properly escaped can be manipulated by an attacker to inject malicious scripts. The lack of any recorded vulnerability history is a positive sign, but it does not negate the clear risk identified in the output escaping. This means that while the plugin hasn't had historical issues, it currently has a significant, unaddressed security flaw that could be exploited.\n\nIn conclusion, the plugin demonstrates strengths in minimizing its attack surface and implementing fundamental security checks like prepared statements and nonces. However, the complete lack of output escaping is a critical weakness that requires immediate attention. Until this is rectified, the plugin should be considered to have a moderate to high security risk due to the potential for XSS attacks.",[327],{"reason":328,"points":329},"0% of outputs properly escaped (XSS risk)",8,"2026-03-16T22:36:45.772Z",{"wat":332,"direct":339},{"assetPaths":333,"generatorPatterns":335,"scriptPaths":336,"versionParams":337},[334],"\u002Fwp-content\u002Fplugins\u002Fwp-lawyer\u002Fassets\u002Fcss\u002Fmain.css",[],[],[338],"wp-lawyer\u002Fassets\u002Fcss\u002Fmain.css?ver=",{"cssClasses":340,"htmlComments":341,"htmlAttributes":342,"restEndpoints":343,"jsGlobals":344,"shortcodeOutput":345},[],[],[],[],[],[]]