[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_4lTAQotjlHm-oGW7cqNcrpnhbA186EsthQ9jsJxx8A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":56,"analysis":165,"fingerprints":274},"wp-replicate-post","WP Replicate Post","4.2","Yudiz Solutions Ltd.","https:\u002F\u002Fprofiles.wordpress.org\u002Fyudiz\u002F","\u003Cp>This plugin has been developed by \u003Ca href=\"https:\u002F\u002Fwww.yudiz.com\" rel=\"nofollow ugc\">Yudiz Solutions Ltd.\u003C\u002Fa> It will help you to replicate pages, posts as well as custom posts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How to use this plugin?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>1) In edit posts\u002Fpages, you can click on ‘Replicate’ link which will create a replica of that particular post\u002Fpage and return back to the list.\u003C\u002Fp>\n\u003Cp>2) This plugin also retains the state of the original post\u002Fpage. To exemplify, if we create replica of post\u002Fpage, it will be in the draft state with ‘Replica’ name.\u003C\u002Fp>\n\u003Cp>3) If you need to edit the replica then it can be done in the same manner as you do with regular post\u002Fpage.\u003C\u002Fp>\n\u003Cp>4) In order to replicate in bulk, you need to select all those posts\u002Fpages and then afterward choose ‘Replicate’ option from the ‘Bulk Actions’ dropdown that appears on the top of the list.\u003C\u002Fp>\n\u003Cp>5) Download Source Code from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fyudiz-wordpress\u002Fwp-replicate-post\" rel=\"nofollow ugc\">here.\u003C\u002Fa>\u003C\u002Fp>\n","Replicate any Post, Pages, etc in single click!",100,3327,0,"2025-10-24T09:26:00.000Z","6.8.5","3.0","",[19,20,21,22,23],"clone","copy","duplicate","page","post","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-replicate-post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-replicate-post.4.2.zip",99,1,"2023-05-10 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2023-2237","wp-replicate-post-authenticated-contributor-sql-injection","WP Replicate Post \u003C= 4.0.2 - Authenticated (Contributor+) SQL Injection","The WP Replicate Post plugin for WordPress is vulnerable to SQL Injection via the post_id parameter in versions up to, and including, 4.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for contributor-level attackers or higher to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=4.0.2","4.1","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F916e6f8b-cb29-4062-9a05-0337cfdb382a?source=api-prod",258,{"slug":48,"display_name":49,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},"yudiz","Yudiz Solutions Pvt. Ltd.",14,6360,96,59,85,"2026-04-04T14:37:20.744Z",[57,82,104,124,144],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":52,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":78,"download_link":79,"security_score":52,"vuln_count":80,"unpatched_count":13,"last_vuln_date":81,"fetched_at":29},"wp-duplicate-page","WP Duplicate Page","1.8.1","Ninja Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fninjateam\u002F","\u003Cp>\u003Cstrong>Clone WordPress page, post, custom post types\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin adds an option to duplicate a page, a post, or any custom post type items.\u003C\u002Fp>\n\u003Cp>It’s a plug and play & super easy to use.\u003C\u002Fp>\n\u003Cp>We hate distraction, so we created a page\u002Fpost copy plugin with a simple interface. When you hover over a post or a page in the Pages or Posts list, you’ll be able to select \u003Cstrong>Duplicate\u003C\u002Fstrong> to create a duplicate version.\u003C\u002Fp>\n\u003Cp>Like this plugin? Check out \u003Cstrong>\u003Ca href=\"https:\u002F\u002F1.envato.market\u002Fqb0Vb\" rel=\"nofollow ugc\">FileBird\u003C\u002Fa>\u003C\u002Fstrong> – another great plugin to make your WordPress life much easier.\u003C\u002Fp>\n\u003Ch3>⚡️ FEATURES\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>WP Duplicate Page is built to optimize dashboard appearance and drive positive impact for your WordPress admin workflow productivity:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Designed with \u003Cstrong>clean\u003C\u002Fstrong> UI\u002FUX\u003C\u002Fli>\n\u003Cli>Highly compatible with all themes and plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-click\u003C\u002Fstrong> to duplicate any page or post\u003C\u002Fli>\n\u003Cli>Set permission based on \u003Cstrong>user roles\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Custom text for Duplicate button\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 TYPICAL USE CASES\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>These are good ideas on how to exploit the WP Duplicate Page plugin:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a replica of that particular page\u002Fpost\u003C\u002Fli>\n\u003Cli>Retain a specific state of the original page\u002Fpost\u003C\u002Fli>\n\u003Cli>Enhance multiple revision works\u003C\u002Fli>\n\u003Cli>Copy to a new draft with selected elements\u003C\u002Fli>\n\u003Cli>Keep a standard template of page\u002Fpost\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎉 Supported Themes and Plugins\u003C\u002Fh3>\n\u003Cp>We have done extra work to ensure compatibility with all themes, page builders, and major plugins.\u003C\u002Fp>\n\u003Ch3>📝 Documentation and Support\u003C\u002Fh3>\n\u003Cp>If you’re having issues, do let us know and we’ll try to help you out.\u003Cbr \u002F>\nYou can always reach us at \u003Ca href=\"http:\u002F\u002Fninjateam.org\u002Fsupport\" rel=\"nofollow ugc\">Ninja Team Support Center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>♥️ Like this WP Duplicate Page Plugin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Check out our \u003Ca href=\"https:\u002F\u002F1.envato.market\u002FForm-Plugins\" rel=\"nofollow ugc\">Contact Form 7 extensions\u003C\u002Fa> 💌\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Try out the #1 free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbookster\u002F\" rel=\"ugc\">WordPress booking form plugin\u003C\u002Fa> 🌐\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Clone WordPress page, post, custom post types",60000,323690,12,"2026-01-04T19:51:00.000Z","6.9.4","4.0","5.3",[73,74,75,76,77],"clone-page","clone-post","duplicate-page","duplicate-post","wordpress-copy-page","https:\u002F\u002Fninjateam.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-duplicate-page.1.8.1.zip",3,"2026-01-12 00:00:00",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":69,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":102,"download_link":103,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"clone-posts","Clone Posts","2.1.4","George Pattichis","https:\u002F\u002Fprofiles.wordpress.org\u002Fpattihis\u002F","\u003Cp>This is a simple but robust plugin that allows you to easily clone (duplicate) posts, pages and custom post types in WordPress.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Enable clone feature for Posts, Pages or any Custom Post Type (CPT)\u003C\u002Fli>\n\u003Cli>Clone single Posts\u002FPages with one click\u003C\u002Fli>\n\u003Cli>Clone multiple Posts\u002Fpages with Bulk feature\u003C\u002Fli>\n\u003Cli>Set default Status & Date of cloned Posts\u002FPages\u003C\u002Fli>\n\u003Cli>Custom fields (post-metadata) are also copied when duplicating a Post\u003C\u002Fli>\n\u003Cli>Translations ready\u003C\u002Fli>\n\u003Cli>Build according to WordPress coding standards\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fclone-posts\u002Fchangelog\u002F\" rel=\"ugc\">Changelog\u003C\u002Fa>\u003C\u002Fp>\n","Easily clone (duplicate) Posts, Pages and Custom Post Types, including their custom fields (post_meta)",10000,202763,86,22,"2026-01-22T02:35:00.000Z","5.3.0","7.2",[98,83,99,100,101],"clone-pages","copy-posts","duplicate-posts","post-cloning","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fclone-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclone-posts.2.1.4.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":90,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":17,"tags":118,"homepage":17,"download_link":121,"security_score":114,"vuln_count":122,"unpatched_count":13,"last_vuln_date":123,"fetched_at":29},"duplicate-post-page-menu-custom-post-type","Duplicate Post Page Menu & Custom Post Type","3.0.1","Attinder Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Finqsys\u002F","\u003Cp>This plugin is very useful in creating multiple duplicate entries of a single post, page, menu and  custom posts like products, tickets, coupons, events etc. Now you don’t need to create multiple mock post on your website to check the website layout. Create one post and a single click will create a multiple entries for the same post.\u003C\u002Fp>\n\u003Cp>\nIf you find this useful, \u003Ca href='https:\u002F\u002Fwww.inqsys.com\u002Fdonate\u002F' rel=\"nofollow ugc\">please consider donating\u003C\u002Fa> and this would help us in the development of the plugin and improve support.\n\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.inqsys.com\u002Fduplicate-post-page-menu-custom-post-type-pro-wordpress-plugin\u002F\" rel=\"nofollow ugc\">Buy Pro Version\u003C\u002Fa> with extra features & support.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.inqsys.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa> for Support Only Pro Version Users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\n\u003Cstrong>Features In Free Version\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Duplicate Post, Page, Menu and Custom Post Type more than once in a single click.\u003C\u002Fli>\n\u003Cli>Easy to configure for enabling\u002Fdisabling specific post\u002Fpage\u002Fcustom post type\u002Fmenu duplication.\u003C\u002Fli>\n\u003Cli>Using Ajax for duplicating post\u002Fpage\u002Fmenu so no more browser freezing in case of large data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\n\u003Cstrong>Features in Pro Editions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Duplicate Post, Page, Menu and Custom Post Type for upto 100 duplicates  in a single click.\u003C\u002Fli>\n\u003Cli>Easy to configure for enabling\u002Fdisabling specific post\u002Fpage\u002Fcustom post type\u002Fmenu duplication.\u003C\u002Fli>\n\u003Cli>Using Ajax for duplicating post\u002Fpage\u002Fmenu so no more browser freezing in case of large data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Roles:\u003C\u002Fstrong> Allow specific user roles to access the plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Types:\u003C\u002Fstrong> Option to show Duplicate Page link in post types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Status:\u003C\u002Fstrong> Option to select post status after duplication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Link Title:\u003C\u002Fstrong> Option to change Duplicate Post Link Title.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Prefix:\u003C\u002Fstrong> Option to add Post Prefix.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Suffix:\u003C\u002Fstrong> Option to add Post Suffix.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.inqsys.com\u002Fduplicate-post-page-menu-custom-post-type-pro-wordpress-plugin\u002F\" rel=\"nofollow ugc\">Upgrade to Pro Version\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","The best plugin to duplicate post, page, menu and custom post type multiple times in a single click.",354497,98,91,"2025-01-11T16:45:00.000Z","6.7.5","5.0",[19,20,119,120,75],"copy-menu","duplicate-custom-post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduplicate-post-page-menu-custom-post-type.3.0.1.zip",2,"2023-09-06 00:00:00",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":122,"last_updated":135,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":136,"homepage":141,"download_link":142,"security_score":113,"vuln_count":122,"unpatched_count":13,"last_vuln_date":143,"fetched_at":29},"wp-quick-post-duplicator","WP Quick Post Duplicator","2.2","Arul Prasad J","https:\u002F\u002Fprofiles.wordpress.org\u002Farulprasadj\u002F","\u003Cp>This plugin allows you to clone\u002Fduplicate posts of any type for further editing.\u003C\u002Fp>\n\u003Cp>Custom post types are supported, along with custom taxonomies and custom fields.\u003C\u002Fp>\n\u003Cp>Hover over a post in the edit screen and click on  “Duplicate This Item” to create a duplicate\u002Fclone post.\u003C\u002Fp>\n\u003Cp>Plugin uses standard actions and filters only.\u003C\u002Fp>\n\u003Cp>If you love this plugin, \u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Farulprasadj?locale.x=en_GB\" rel=\"nofollow ugc\">buy me a cup of coffee\u003C\u002Fa>\u003C\u002Fp>\n","Copy or Duplicate any post types, including pages, taxonomies & custom fields with a single click.",3000,21799,60,"2026-01-01T16:08:00.000Z",[73,137,138,139,140],"copy-post","wordpress-page-duplicate","wordpress-page-duplicator","wordpress-post-duplicate","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-quick-post-duplicator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quick-post-duplicator.2.2.zip","2026-01-08 00:00:00",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":152,"downloaded":153,"rating":11,"num_ratings":122,"last_updated":154,"tested_up_to":155,"requires_at_least":156,"requires_php":157,"tags":158,"homepage":161,"download_link":162,"security_score":163,"vuln_count":27,"unpatched_count":27,"last_vuln_date":164,"fetched_at":29},"labinator-content-types-duplicator","Labinator Content Types Duplicator","1.1.3","Labinator","https:\u002F\u002Fprofiles.wordpress.org\u002Flabinator\u002F","\u003Cp>\u003Cstrong>Labinator Content Types Duplicator\u003C\u002Fstrong> is a WordPress plugin that allows you to duplicate posts, pages, widgets, menus, media files, and any content types with one click. Copy or clone your content without limitations or restrictions. It is 100% free and open source.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Duplicate posts with one click. This option is available from multiple locations.\u003C\u002Fli>\n\u003Cli>Duplicate pages with one click. This option is available from multiple locations.\u003C\u002Fli>\n\u003Cli>Duplicate widgets with one click. This option can be found in the “Widgets” page.\u003C\u002Fli>\n\u003Cli>Duplicate menus with one click. This option is available from the “Menus” page.\u003C\u002Fli>\n\u003Cli>Duplicate media files with one click. This option is available from the Media page when the “list” mode is active.\u003C\u002Fli>\n\u003Cli>Ability to specify what elements to copy or clone.\u003C\u002Fli>\n\u003Cli>Ability to add title prefix and suffix if needed.\u003C\u002Fli>\n\u003Cli>Ability to set permissions.\u003C\u002Fli>\n\u003Cli>Ability to control the visibility of the duplicate buttons or links.\u003C\u002Fli>\n\u003Cli>100% free without upgrades, limitations, or restrictions.\u003C\u002Fli>\n\u003Cli>Bloat-free without tracking or collection of any data. It is GDPR compliant.\u003C\u002Fli>\n\u003Cli>Lightweight and accessible with a very intuitive sleek user interface.\u003C\u002Fli>\n\u003Cli>Easy to use and works directly out-of-box.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>This plugin is \u003Cstrong>translation-ready\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Browser Compatibility\u003C\u002Fh3>\n\u003Cp>This plugin was tested and made fully compatible with all popular browsers including \u003Cstrong>Google Chrome, Mozilla Firefox, Opera, Apple Safari, Microsoft Edge, Vivaldi, and Brave Browser\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Developed by \u003Ca href=\"https:\u002F\u002Flabinator.com\" rel=\"nofollow ugc\">Labinator\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>User Interface (UI) is based on \u003Ca href=\"https:\u002F\u002Fsemantic-ui.com\u002F\" rel=\"nofollow ugc\">Semantic UI\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Other WordPress Products By Labinator\u003C\u002Fh3>\n\u003Cp>Check up the \u003Ca href=\"https:\u002F\u002Flabinator.com\u002Fwordpress-marketplace\u002F\" rel=\"nofollow ugc\">Labinator WordPress Marketplace\u003C\u002Fa> that covers all your WordPress needs in one place. Featuring amazing accessible premium themes and over 9+ premium plugins in one package.\u003C\u002Fp>\n","Duplicate posts, pages, widgets, menus, and any content types with one click. Copy or clone your content without limitations. It is 100% free!",200,6207,"2024-07-19T05:22:00.000Z","6.6.5","6.6","8.1",[19,20,21,159,160],"pages","posts","https:\u002F\u002Flabinator.com\u002Fwordpress-marketplace\u002Fplugins\u002Fcontent-types-duplicator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flabinator-content-types-duplicator.1.1.3.zip",71,"2025-04-01 00:00:00",{"attackSurface":166,"codeSignals":211,"taintFlows":224,"riskAssessment":263,"analyzedAt":273},{"hooks":167,"ajaxHandlers":207,"restRoutes":208,"shortcodes":209,"cronEvents":210,"entryPointCount":13,"unprotectedCount":13},[168,174,178,182,188,191,195,199,203],{"type":169,"name":170,"callback":171,"file":172,"line":173},"action","admin_footer-edit.php","replicate_item_bulk_admin_footer","init\\functions.php",15,{"type":169,"name":175,"callback":176,"file":172,"line":177},"init","replicate_item_bulk_action",35,{"type":169,"name":179,"callback":180,"file":172,"line":181},"admin_init","replicate_item_admin_init",112,{"type":183,"name":184,"callback":185,"priority":186,"file":172,"line":187},"filter","post_row_actions","replicate_item_list_row_actions",10,120,{"type":183,"name":189,"callback":185,"priority":186,"file":172,"line":190},"page_row_actions",121,{"type":169,"name":192,"callback":193,"file":172,"line":194},"admin_action_replicate_item_save","replicate_item_save",142,{"type":183,"name":196,"callback":197,"priority":186,"file":172,"line":198},"plugin_action_links","replicate_item_plugin_action_links",214,{"type":169,"name":179,"callback":200,"file":201,"line":202},"replicate_item_register_setting","init\\replicate_item_option.php",6,{"type":169,"name":204,"callback":205,"file":201,"line":206},"admin_menu","replicate_item_admin_menu",24,[],[],[],[],{"dangerousFunctions":212,"sqlUsage":213,"outputEscaping":215,"fileOperations":13,"externalRequests":13,"nonceChecks":27,"capabilityChecks":13,"bundledLibraries":223},[],{"prepared":202,"raw":13,"locations":214},[],{"escaped":80,"rawEcho":80,"locations":216},[217,220,221],{"file":201,"line":218,"context":219},74,"raw output",{"file":201,"line":218,"context":219},{"file":201,"line":222,"context":219},75,[],[225,252],{"entryPoint":226,"graph":227,"unsanitizedCount":13,"severity":251},"replicate_item_save (init\\functions.php:147)",{"nodes":228,"edges":247},[229,234,240,242],{"id":230,"type":231,"label":232,"file":172,"line":233},"n0","source","$_POST",157,{"id":235,"type":236,"label":237,"file":172,"line":238,"wp_function":239},"n1","sink","get_results() [SQLi]",189,"get_results",{"id":241,"type":231,"label":232,"file":172,"line":233},"n2",{"id":243,"type":236,"label":244,"file":172,"line":245,"wp_function":246},"n3","wp_redirect() [Open Redirect]",204,"wp_redirect",[248,250],{"from":230,"to":235,"sanitized":249},true,{"from":241,"to":243,"sanitized":249},"low",{"entryPoint":253,"graph":254,"unsanitizedCount":13,"severity":251},"\u003Cfunctions> (init\\functions.php:0)",{"nodes":255,"edges":260},[256,257,258,259],{"id":230,"type":231,"label":232,"file":172,"line":233},{"id":235,"type":236,"label":237,"file":172,"line":238,"wp_function":239},{"id":241,"type":231,"label":232,"file":172,"line":233},{"id":243,"type":236,"label":244,"file":172,"line":245,"wp_function":246},[261,262],{"from":230,"to":235,"sanitized":249},{"from":241,"to":243,"sanitized":249},{"summary":264,"deductions":265},"The wp-replicate-post plugin v4.2 exhibits a generally positive security posture due to its minimal attack surface and consistent use of prepared statements for SQL queries. The static analysis reveals no critical or high severity taint flows, and the absence of AJAX handlers, REST API routes, and shortcodes without authentication checks is a significant strength.  However, the fact that only 50% of output is properly escaped raises a concern for potential cross-site scripting (XSS) vulnerabilities, especially if sensitive data is being outputted. The plugin's history shows one high-severity SQL injection vulnerability, which, while currently patched, indicates a past weakness in handling user input for database operations. The presence of a nonce check is a good practice, but the complete lack of capability checks across its entry points is a notable omission, potentially allowing unauthorized users to interact with the plugin's functions if they can find a way to trigger them.",[266,269,271],{"reason":267,"points":268},"Half of output is not properly escaped",5,{"reason":270,"points":186},"No capability checks on entry points",{"reason":272,"points":173},"Past high severity SQL injection vulnerability","2026-03-16T20:32:40.187Z",{"wat":275,"direct":280},{"assetPaths":276,"generatorPatterns":277,"scriptPaths":278,"versionParams":279},[],[],[],[],{"cssClasses":281,"htmlComments":282,"htmlAttributes":283,"restEndpoints":284,"jsGlobals":285,"shortcodeOutput":287},[],[],[],[],[286],"replicate_item_enable",[]]