[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUJVNlWGnzsY40v0dJN1VsSpHBK7lN9oI9-C_ywF2fko":3,"$f260ngVg9D0rJrgG_Osd4zhOKoDhKLj3OSqJ_B_VLNJk":189,"$fx_C-n6F2JeJdXROvyTG5xiTAMk65XKZ_CzNpZGh79r8":194},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":18,"download_link":19,"security_score":20,"vuln_count":11,"unpatched_count":11,"last_vuln_date":21,"fetched_at":22,"discovery_status":23,"vulnerabilities":24,"developer":25,"crawl_stats":21,"alternatives":31,"analysis":32,"fingerprints":115},"wp-reviews-lite","WP Reviews","1.1.4","abnercalapiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fabnercalapiz\u002F","\u003Cp>Best Review Plugin. Customer reviews powered with shortcode to display both grid reviews and slider reviews.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>Display all client reviews with count functionality\u003Cbr \u002F>\n* [review_grid]\u003Cbr \u002F>\n* [review_grid count=”9″]\u003C\u002Fp>\n\u003Cp>Display client reviews filtered by Category with count functionality\u003Cbr \u002F>\n* [review_grid_cat category=”test”]\u003Cbr \u002F>\n* [review_grid_cat category=”test” count=”9″]\u003C\u002Fp>\n\u003Cp>Display client slider reviews with count functionality\u003Cbr \u002F>\n* [review_slider]\u003Cbr \u002F>\n* [review_slider count=”10″]\u003C\u002Fp>\n\u003Cp>Add Review metaboxes;\u003Cbr \u002F>\n* source (facebook, google and tripadvisor)\u003Cbr \u002F>\n* company name\u003Cbr \u002F>\n* position\u003Cbr \u002F>\n* address\u003Cbr \u002F>\n* blurb\u003C\u002Fp>\n","Best Review Plugin. Customer reviews powered with shortcode to display both grid reviews and slider reviews.",0,936,"2022-07-23T21:33:00.000Z","6.0.11","5.4","",[],"#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-reviews-lite.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":20,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},3,10,30,84,"2026-05-19T22:54:46.791Z",[],{"attackSurface":33,"codeSignals":88,"taintFlows":107,"riskAssessment":108,"analyzedAt":114},{"hooks":34,"ajaxHandlers":71,"restRoutes":72,"shortcodes":73,"cronEvents":87,"entryPointCount":26,"unprotectedCount":11},[35,42,46,50,55,58,63,67],{"type":36,"name":37,"callback":38,"priority":39,"file":40,"line":41},"action","admin_enqueue_scripts","add_wprl_metabox_scripts",999,"includes\u002Fmetabox.php",12,{"type":36,"name":43,"callback":44,"priority":11,"file":40,"line":45},"add_meta_boxes","add_wprl_box_review",18,{"type":36,"name":47,"callback":48,"file":40,"line":49},"save_post","review_save_data",75,{"type":36,"name":51,"callback":52,"priority":11,"file":53,"line":54},"init","wprl_review_post_type","includes\u002Fposttypes.php",48,{"type":36,"name":51,"callback":56,"file":53,"line":57},"wprl_createcustom_tax",63,{"type":36,"name":59,"callback":60,"file":61,"line":62},"admin_menu","wprl_review_register_options_page","includes\u002Fsettings.php",11,{"type":36,"name":64,"callback":65,"file":66,"line":41},"wp_enqueue_scripts","custom_wprl_review_scripts","review.php",{"type":36,"name":68,"callback":69,"file":66,"line":70},"after_setup_theme","custom_wprl_theme_setup",26,[],[],[74,79,83],{"tag":75,"callback":76,"file":77,"line":78},"review_grid","review_grid_shortcode","includes\u002Fshortcodes.php",68,{"tag":80,"callback":81,"file":77,"line":82},"review_grid_cat","review_grid_cat_shortcode",139,{"tag":84,"callback":85,"file":77,"line":86},"review_slider","review_slider_shortcode",203,[],{"dangerousFunctions":89,"sqlUsage":90,"outputEscaping":92,"fileOperations":11,"externalRequests":11,"nonceChecks":105,"capabilityChecks":105,"bundledLibraries":106},[],{"prepared":11,"raw":11,"locations":91},[],{"escaped":93,"rawEcho":94,"locations":95},13,4,[96,99,101,103],{"file":40,"line":97,"context":98},38,"raw output",{"file":77,"line":100,"context":98},51,{"file":77,"line":102,"context":98},122,{"file":77,"line":104,"context":98},185,1,[],[],{"summary":109,"deductions":110},"The \"wp-reviews-lite\" v1.1.4 plugin exhibits a generally good security posture based on the provided static analysis. The complete absence of dangerous functions, SQL queries executed with prepared statements, and no file operations or external HTTP requests are strong indicators of secure coding practices. The presence of nonce and capability checks, though only one each, is also a positive sign.  However, the analysis does highlight areas for potential concern. The 24% of output that is not properly escaped represents a risk of Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is involved in these unescaped outputs.  Furthermore, the lack of any taint analysis results could indicate either a very robust codebase or that the analysis itself had limitations in detecting potential data flow issues. The plugin's history of zero known CVEs is highly commendable and suggests a diligent approach to security over time, implying that past vulnerabilities, if any, have been addressed promptly. Overall, while the plugin demonstrates strong adherence to many security best practices, the unescaped output warrants attention to mitigate potential XSS risks.",[111],{"reason":112,"points":113},"Unescaped output detected",5,"2026-04-16T14:42:36.012Z",{"wat":116,"direct":136},{"assetPaths":117,"generatorPatterns":125,"scriptPaths":126,"versionParams":128},[118,119,120,121,122,123,124],"\u002Fwp-content\u002Fplugins\u002Fwp-reviews-lite\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-reviews-lite\u002Fjs\u002Fisotope.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-reviews-lite\u002Fjs\u002Fpackery-mode.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-reviews-lite\u002Fjs\u002Fjquery.flexslider-min.js","\u002Fwp-content\u002Fplugins\u002Fwp-reviews-lite\u002Fjs\u002Freview-script.js","\u002Fwp-content\u002Fplugins\u002Fwp-reviews-lite\u002Fjs\u002Freview-grid-script.js","\u002Fwp-content\u002Fplugins\u002Fwp-reviews-lite\u002Fcss\u002Fcustom-metabox-styles.css",[],[127],"https:\u002F\u002Fstackpath.bootstrapcdn.com\u002Ffont-awesome\u002F4.7.0\u002Fcss\u002Ffont-awesome.min.css",[129,130,131,132,133,134,135],"wp-reviews-lite\u002Fstyle.css?ver=","wp-reviews-lite\u002Fjs\u002Fisotope.min.js?ver=","wp-reviews-lite\u002Fjs\u002Fpackery-mode.min.js?ver=","wp-reviews-lite\u002Fjs\u002Fjquery.flexslider-min.js?ver=","wp-reviews-lite\u002Fjs\u002Freview-script.js?ver=","wp-reviews-lite\u002Fjs\u002Freview-grid-script.js?ver=","wp-reviews-lite\u002Fcss\u002Fcustom-metabox-styles.css?ver=",{"cssClasses":137,"htmlComments":154,"htmlAttributes":156,"restEndpoints":172,"jsGlobals":173,"shortcodeOutput":174},[138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153],"review-grid-item-wrapper","review-grid-loading","review-grid-inner","review-grid-item","review-grid-item-inner","rev-blurb","rev-ratings","rev-content","rev-quote","rev-name","rev-position","rev-company","rev-address","rev-source","custom-meta-row","cmr-leftalign",[155],"Disable direct access",[157,158,159,160,161,162,163,164,165,166,167,168,169,170,171],"id=\"review_source\"","name=\"review_source\"","id=\"review_blurb\"","name=\"review_blurb\"","id=\"review_company\"","name=\"review_company\"","id=\"review_position\"","name=\"review_position\"","id=\"review_address\"","name=\"review_address\"","name=\"review_inner_wprl_box_nonce\"","id=\"wprl_box_review\"","class=\"facebook\"","class=\"tripadvisor\"","class=\"google\"",[],[76,81],[175,176,177,178,179,180,181,182,183,184,185,186,187,188],"\u003Cdiv class=\"review-grid-item-wrapper review-grid-loading\">","\u003Cdiv class=\"review-grid-inner\">","\u003Cdiv class=\"review-grid-item\">","\u003Cdiv class=\"review-grid-item-inner\">","\u003Ch5 class=\"rev-blurb\">","\u003Cspan class=\"rev-blurb\">","\u003Cspan class=\"rev-ratings\">\u003Ci class=\"fa fa-star\">\u003C\u002Fi>\u003Ci class=\"fa fa-star\">\u003C\u002Fi>\u003Ci class=\"fa fa-star\">\u003C\u002Fi>\u003Ci class=\"fa fa-star\">\u003C\u002Fi>\u003Ci class=\"fa fa-star\">\u003C\u002Fi>\u003C\u002Fspan>","\u003Cp class=\"rev-content\">\u003Cspan class=\"rev-quote\">&ldquo;","\u003Cspan class=\"rev-name\">","\u003Cspan class=\"rev-position\">","\u003Cspan class=\"rev-company\">","\u003Cspan class=\"rev-address\">","\u003Ch5 class=\"rev-source\">","\u003Cspan class=\"rev-source\">",{"error":190,"url":191,"statusCode":192,"statusMessage":193,"message":193},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-reviews-lite\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":195},[]]