[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqBsDqH0pvTNCVxyllplPEcSozooT5sB5W3o9KzmAfVc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":39,"fingerprints":462},"wp-sitebuilder","WP Sitebuilder","0.0.2.4","Mithu A Quayium","https:\u002F\u002Fprofiles.wordpress.org\u002Fmithublue\u002F","\u003Cp>=Features=\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Manage roles\u003C\u002Fli>\n\u003Cli>Create or remove roles\u003C\u002Fli>\n\u003Cli>Modify capabilites for any role\u003C\u002Fli>\n\u003Cli>Drag and drop pagebuilder\u003C\u002Fli>\n\u003Cli>Custom template chooser for each post\u003C\u002Fli>\n\u003Cli>Lightweight\u003C\u002Fli>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003Cli>Easily customizable\u003C\u002Fli>\n\u003Cli>Easily extendable\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>=Apart from this=\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You will have 24\u002F7 support.\u003C\u002Fli>\n\u003Cli>Continuously updating\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Author\u003C\u002Fh3>\n\u003Cp>Mithu A Quayium\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcybercraftit.com\u002F\" rel=\"nofollow ugc\">Offisial Site\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmithublue\" rel=\"nofollow ugc\">WordPress\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fmithu-quayium-9b594630?trk=hp-identity-name\" rel=\"nofollow ugc\">Linked In\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fmithuaquayium\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplus.google.com\u002Fu\u002F0\u002F+MithuAQuayium-MAQ\" rel=\"nofollow ugc\">Google Plus\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fmithu.quayium\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fp>\n","This plugin is to let you build your site quite easily without any coding with easy to use pagebuilder",10,4742,74,3,"2016-12-01T19:30:00.000Z","4.6.30","3.0.1","",[20,4,21,22],"sitebuilder","wp-total-manager","wpmanager","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-sitebuilder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sitebuilder.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"mithublue",16,500,86,30,84,"2026-04-04T11:06:40.708Z",[],{"attackSurface":40,"codeSignals":176,"taintFlows":449,"riskAssessment":450,"analyzedAt":461},{"hooks":41,"ajaxHandlers":155,"restRoutes":172,"shortcodes":173,"cronEvents":174,"entryPointCount":175,"unprotectedCount":175},[42,48,53,56,59,62,65,68,71,74,77,79,82,85,90,93,97,102,105,108,111,114,116,119,124,129,133,137,141,144,148,151],{"type":43,"name":44,"callback":45,"file":46,"line":47},"action","admin_menu","addon_submenu","add-on.php",8,{"type":43,"name":49,"callback":50,"file":51,"line":52},"widgets_init","closure","elements\\button.php",81,{"type":43,"name":49,"callback":50,"file":54,"line":55},"elements\\call-to-action.php",87,{"type":43,"name":49,"callback":50,"file":57,"line":58},"elements\\carousel-slider.php",260,{"type":43,"name":49,"callback":50,"file":60,"line":61},"elements\\embedded-video.php",61,{"type":43,"name":49,"callback":50,"file":63,"line":64},"elements\\features.php",229,{"type":43,"name":49,"callback":50,"file":66,"line":67},"elements\\image.php",69,{"type":43,"name":49,"callback":50,"file":69,"line":70},"elements\\post-carousel.php",299,{"type":43,"name":49,"callback":50,"file":72,"line":73},"elements\\post-loop-bk.php",245,{"type":43,"name":49,"callback":50,"file":75,"line":76},"elements\\post-loop.php",197,{"type":43,"name":49,"callback":50,"file":78,"line":67},"elements\\rich-text.php",{"type":43,"name":49,"callback":50,"file":80,"line":81},"elements\\social-media-button.php",144,{"type":43,"name":49,"callback":50,"file":83,"line":84},"elements\\title.php",89,{"type":43,"name":86,"callback":87,"priority":11,"file":88,"line":89},"add_meta_boxes","pagebuilder_meta_box","includes\\admin\\pagebuilder-panel.php",9,{"type":43,"name":91,"callback":92,"file":88,"line":11},"edit_form_after_title","pagebuilder_button",{"type":43,"name":94,"callback":95,"file":88,"line":96},"save_post","save_lego_data",11,{"type":98,"name":99,"callback":100,"file":88,"line":101},"filter","wpsb_widget_element_list","populate_wp_widgets",14,{"type":98,"name":99,"callback":103,"file":88,"line":104},"populate_sitebuilder_elements",15,{"type":98,"name":106,"callback":107,"priority":11,"file":88,"line":32},"wpsb_widget_element_list_labels","add_widget_list_label",{"type":98,"name":106,"callback":109,"priority":11,"file":88,"line":110},"add_sitebuilder_widget_list_label",17,{"type":43,"name":86,"callback":112,"file":113,"line":47},"wp_add_post_custom_template","includes\\admin\\templates-panel.php",{"type":43,"name":94,"callback":115,"priority":11,"file":113,"line":89},"save_custom_post_template",{"type":98,"name":117,"callback":118,"file":113,"line":11},"single_template","load_custom_post_template",{"type":43,"name":120,"callback":121,"file":122,"line":123},"the_content","render_lego_layout","includes\\content.php",6,{"type":43,"name":125,"callback":126,"file":127,"line":128},"wpsb_admin_menu","build_submenu_page","modules\\role-manager\\role-manager.php",31,{"type":43,"name":130,"callback":131,"file":127,"line":132},"admin_enqueue_scripts","admin_enqueue_scripts_styles",32,{"type":43,"name":130,"callback":134,"file":135,"line":136},"enqueue_scripts_styles","wp-sitebuilder.php",48,{"type":43,"name":138,"callback":139,"file":135,"line":140},"wp_enqueue_scripts","wp_enqueue_scripts_styles",49,{"type":43,"name":44,"callback":142,"file":135,"line":143},"build_admin_menu_page",50,{"type":43,"name":145,"callback":146,"file":135,"line":147},"admin_notices","beta_notice",60,{"type":43,"name":149,"callback":150,"file":135,"line":61},"admin_footer","beta_remove",{"type":43,"name":152,"callback":153,"priority":11,"file":135,"line":154},"in_plugin_update_message-wp-sitebuilder\u002Fwp-sitebuilder.php","showUpgradeNotification",204,[156,160,163,165,169],{"action":157,"nopriv":158,"callback":50,"hasNonce":158,"hasCapCheck":158,"file":159,"line":123},"wpsb_grab_element_data",false,"includes\\ajax-actions.php",{"action":161,"nopriv":158,"callback":50,"hasNonce":158,"hasCapCheck":158,"file":159,"line":162},"wpsb_update_preview",35,{"action":164,"nopriv":158,"callback":50,"hasNonce":158,"hasCapCheck":158,"file":159,"line":143},"wpsb_disabled_pagebuilder_for_post_types",{"action":166,"nopriv":158,"callback":167,"hasNonce":158,"hasCapCheck":158,"file":168,"line":11},"sbrm_save_role_caps_data","save_role_caps_data","modules\\role-manager\\ajaxaction.php",{"action":170,"nopriv":158,"callback":50,"hasNonce":158,"hasCapCheck":158,"file":135,"line":171},"wpsb_remove_beta",56,[],[],[],5,{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":180,"fileOperations":447,"externalRequests":26,"nonceChecks":14,"capabilityChecks":14,"bundledLibraries":448},[],{"prepared":26,"raw":26,"locations":179},[],{"escaped":181,"rawEcho":182,"locations":183},33,181,[184,188,190,191,193,194,196,197,198,199,201,202,203,205,206,207,208,209,211,212,213,215,216,217,218,220,222,224,226,228,230,232,233,235,236,238,240,242,243,245,246,248,250,252,254,256,257,258,260,262,263,264,265,266,267,268,269,270,272,274,276,278,280,281,282,284,286,287,289,290,292,294,296,297,298,299,300,302,303,304,306,307,308,309,310,311,312,314,316,318,320,322,324,326,328,330,332,333,335,337,339,341,342,343,344,345,346,347,348,349,350,351,352,353,354,355,356,357,358,359,360,361,363,365,367,368,369,371,372,373,374,375,377,378,379,381,383,384,386,387,388,389,390,391,392,393,394,396,398,399,400,402,403,404,406,408,410,412,414,415,416,418,420,421,423,424,426,427,428,430,431,432,433,434,435,436,438,439,440,442,445],{"file":185,"line":186,"context":187},"elements\\base.php",58,"raw output",{"file":185,"line":189,"context":187},64,{"file":185,"line":189,"context":187},{"file":185,"line":192,"context":187},68,{"file":185,"line":192,"context":187},{"file":185,"line":195,"context":187},71,{"file":185,"line":195,"context":187},{"file":185,"line":13,"context":187},{"file":185,"line":13,"context":187},{"file":185,"line":200,"context":187},78,{"file":185,"line":200,"context":187},{"file":51,"line":13,"context":187},{"file":51,"line":204,"context":187},75,{"file":51,"line":204,"context":187},{"file":51,"line":204,"context":187},{"file":51,"line":204,"context":187},{"file":54,"line":67,"context":187},{"file":54,"line":210,"context":187},70,{"file":54,"line":195,"context":187},{"file":54,"line":13,"context":187},{"file":54,"line":214,"context":187},77,{"file":54,"line":214,"context":187},{"file":54,"line":214,"context":187},{"file":54,"line":214,"context":187},{"file":57,"line":219,"context":187},24,{"file":57,"line":221,"context":187},39,{"file":57,"line":223,"context":187},42,{"file":57,"line":225,"context":187},43,{"file":57,"line":227,"context":187},59,{"file":57,"line":229,"context":187},63,{"file":57,"line":231,"context":187},67,{"file":57,"line":204,"context":187},{"file":57,"line":234,"context":187},79,{"file":57,"line":25,"context":187},{"file":57,"line":237,"context":187},91,{"file":57,"line":239,"context":187},101,{"file":57,"line":241,"context":187},194,{"file":57,"line":241,"context":187},{"file":57,"line":244,"context":187},203,{"file":57,"line":244,"context":187},{"file":57,"line":247,"context":187},222,{"file":57,"line":249,"context":187},230,{"file":57,"line":251,"context":187},235,{"file":57,"line":253,"context":187},247,{"file":57,"line":255,"context":187},251,{"file":60,"line":223,"context":187},{"file":60,"line":225,"context":187},{"file":60,"line":259,"context":187},44,{"file":60,"line":261,"context":187},53,{"file":63,"line":223,"context":187},{"file":63,"line":225,"context":187},{"file":63,"line":259,"context":187},{"file":63,"line":140,"context":187},{"file":63,"line":227,"context":187},{"file":63,"line":229,"context":187},{"file":63,"line":192,"context":187},{"file":63,"line":192,"context":187},{"file":63,"line":271,"context":187},73,{"file":63,"line":273,"context":187},90,{"file":63,"line":275,"context":187},94,{"file":63,"line":277,"context":187},102,{"file":63,"line":279,"context":187},123,{"file":63,"line":154,"context":187},{"file":63,"line":154,"context":187},{"file":63,"line":283,"context":187},206,{"file":63,"line":285,"context":187},209,{"file":63,"line":285,"context":187},{"file":63,"line":288,"context":187},211,{"file":63,"line":288,"context":187},{"file":63,"line":291,"context":187},215,{"file":66,"line":293,"context":187},46,{"file":66,"line":295,"context":187},47,{"file":66,"line":136,"context":187},{"file":66,"line":186,"context":187},{"file":66,"line":186,"context":187},{"file":69,"line":219,"context":187},{"file":69,"line":301,"context":187},40,{"file":69,"line":259,"context":187},{"file":69,"line":259,"context":187},{"file":69,"line":305,"context":187},57,{"file":69,"line":67,"context":187},{"file":69,"line":271,"context":187},{"file":69,"line":214,"context":187},{"file":69,"line":52,"context":187},{"file":69,"line":25,"context":187},{"file":69,"line":84,"context":187},{"file":69,"line":313,"context":187},96,{"file":69,"line":315,"context":187},107,{"file":69,"line":317,"context":187},111,{"file":69,"line":319,"context":187},115,{"file":69,"line":321,"context":187},119,{"file":69,"line":323,"context":187},125,{"file":69,"line":325,"context":187},131,{"file":69,"line":327,"context":187},141,{"file":69,"line":329,"context":187},168,{"file":69,"line":331,"context":187},208,{"file":69,"line":331,"context":187},{"file":69,"line":334,"context":187},275,{"file":69,"line":336,"context":187},282,{"file":69,"line":338,"context":187},286,{"file":69,"line":340,"context":187},290,{"file":72,"line":219,"context":187},{"file":72,"line":301,"context":187},{"file":72,"line":259,"context":187},{"file":72,"line":259,"context":187},{"file":72,"line":305,"context":187},{"file":72,"line":67,"context":187},{"file":72,"line":271,"context":187},{"file":72,"line":214,"context":187},{"file":72,"line":52,"context":187},{"file":72,"line":25,"context":187},{"file":72,"line":84,"context":187},{"file":72,"line":313,"context":187},{"file":72,"line":315,"context":187},{"file":72,"line":317,"context":187},{"file":72,"line":319,"context":187},{"file":72,"line":321,"context":187},{"file":72,"line":323,"context":187},{"file":72,"line":325,"context":187},{"file":72,"line":327,"context":187},{"file":72,"line":329,"context":187},{"file":72,"line":362,"context":187},187,{"file":72,"line":364,"context":187},241,{"file":75,"line":366,"context":187},36,{"file":75,"line":301,"context":187},{"file":75,"line":301,"context":187},{"file":75,"line":370,"context":187},55,{"file":75,"line":231,"context":187},{"file":75,"line":195,"context":187},{"file":75,"line":204,"context":187},{"file":75,"line":234,"context":187},{"file":75,"line":376,"context":187},83,{"file":75,"line":55,"context":187},{"file":75,"line":275,"context":187},{"file":75,"line":380,"context":187},106,{"file":75,"line":382,"context":187},122,{"file":75,"line":279,"context":187},{"file":78,"line":385,"context":187},28,{"file":78,"line":223,"context":187},{"file":78,"line":186,"context":187},{"file":78,"line":227,"context":187},{"file":78,"line":147,"context":187},{"file":80,"line":192,"context":187},{"file":80,"line":271,"context":187},{"file":80,"line":34,"context":187},{"file":80,"line":275,"context":187},{"file":80,"line":395,"context":187},95,{"file":80,"line":397,"context":187},135,{"file":80,"line":397,"context":187},{"file":80,"line":397,"context":187},{"file":83,"line":401,"context":187},26,{"file":83,"line":35,"context":187},{"file":83,"line":366,"context":187},{"file":83,"line":405,"context":187},45,{"file":83,"line":407,"context":187},82,{"file":88,"line":409,"context":187},108,{"file":88,"line":411,"context":187},109,{"file":88,"line":413,"context":187},157,{"file":113,"line":261,"context":187},{"file":113,"line":261,"context":187},{"file":417,"line":301,"context":187},"includes\\admin\\wpsb-settings-panel.php",{"file":417,"line":419,"context":187},41,{"file":159,"line":227,"context":187},{"file":122,"line":422,"context":187},25,{"file":122,"line":422,"context":187},{"file":122,"line":425,"context":187},27,{"file":122,"line":425,"context":187},{"file":122,"line":425,"context":187},{"file":122,"line":429,"context":187},29,{"file":122,"line":429,"context":187},{"file":122,"line":429,"context":187},{"file":122,"line":429,"context":187},{"file":122,"line":128,"context":187},{"file":122,"line":128,"context":187},{"file":122,"line":128,"context":187},{"file":437,"line":13,"context":187},"modules\\role-manager\\admin\\role-manager-panel.php",{"file":437,"line":407,"context":187},{"file":168,"line":162,"context":187},{"file":441,"line":110,"context":187},"templates\\post\\content.php",{"file":443,"line":444,"context":187},"wpsb-functions.php",160,{"file":443,"line":446,"context":187},162,1,[],[],{"summary":451,"deductions":452},"The wp-sitebuilder plugin version 0.0.2.4 exhibits a concerning security posture primarily due to its unprotected AJAX handlers.  With 5 AJAX handlers identified and all 5 lacking authentication checks, this presents a significant attack surface.  Any user, including unauthenticated ones, can trigger these functions, potentially leading to unauthorized actions or information disclosure. While the plugin demonstrates good practices in SQL query handling and has no known CVEs, these strengths are overshadowed by the critical flaw in its AJAX endpoint security. The lack of taint analysis results is not necessarily a positive sign; it may indicate the analysis tool was unable to perform this crucial step, rather than an absence of vulnerabilities.\n\nThe plugin's vulnerability history is clean, which is a positive indicator. However, this alone does not mitigate the immediate risks posed by the exposed AJAX endpoints. The limited number of capability checks and nonce checks (3 each) further exacerbates the situation, as these are fundamental security mechanisms for WordPress plugins. The low percentage of properly escaped output (15%) is also a significant concern, suggesting a high probability of cross-site scripting (XSS) vulnerabilities, especially when combined with the unprotected AJAX handlers.  While the absence of dangerous functions and external HTTP requests is beneficial, the overall security is severely compromised by the lack of authentication on its primary entry points.",[453,455,457,459],{"reason":454,"points":11},"5 unprotected AJAX handlers",{"reason":456,"points":47},"15% output properly escaped (implies 85% unescaped)",{"reason":458,"points":175},"Only 3 capability checks",{"reason":460,"points":175},"Only 3 nonce checks","2026-03-16T23:57:09.944Z",{"wat":463,"direct":480},{"assetPaths":464,"generatorPatterns":477,"scriptPaths":478,"versionParams":479},[465,466,467,468,469,470,471,472,473,474,475,476],"\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fcss\u002Fwrapper-bs.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fcss\u002Fvue-ui-widgets.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fcss\u002Fframework.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fcss\u002Fadmin\u002Fadmin.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fcss\u002Fadmin\u002Felement.admin.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fjs\u002Fvue.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fjs\u002Fvue-ui-widgets.js","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fjs\u002Fcomponents.js","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fjs\u002Fadmin\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fcss\u002Felements.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fcss\u002Ffont-awesome.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-sitebuilder\u002Fassets\u002Fjs\u002Fbootstrap.min.js",[],[],[],{"cssClasses":481,"htmlComments":483,"htmlAttributes":484,"restEndpoints":485,"jsGlobals":486,"shortcodeOutput":488},[482],"wpsb-beta-notice",[],[],[],[487],"wpsb_obj",[]]