[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqjOeGco2bRAS1wKgeNhwI4p-35b7_6l7Mw7n8z1xNy0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":57,"fingerprints":97},"wp-touch-stylesheet-addon","Custom Stylesheet Extension for WPtouch","1.0.8","Miles Stewart","https:\u002F\u002Fprofiles.wordpress.org\u002Fmilesstewart88\u002F","\u003Cp>Custom Stylesheet Extension for WPtouch is a plugin that allows you to add a custom stylesheet to your WordPress theme\u003Cbr \u002F>\nthat will control the css for mobile only visitors. You can change the location of the stylesheet in the admin. You can use the default stylesheet that is created once you activate the plugin.\u003C\u002Fp>\n\u003Cp>** Note **\u003Cbr \u002F>\nDefault stylesheet location:\u003Cbr \u002F>\n\u002Fwp-content\u002Fuploads\u002Fwp-touch-stylesheet-addon.css\u003C\u002Fp>\n","Adds a custom mobile only stylesheet for WPtouch.",100,7665,4,"2014-12-01T11:07:00.000Z","4.0.38","3.8.1","",[19,20,21,22,23],"custom-stylesheet-wptouch","wptouch","wptouch-css","wptouch-custom-stylesheet","wptouch-stylesheet-addon","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-touch-stylesheet-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-touch-stylesheet-addon.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"milesstewart88",1,30,84,"2026-04-04T20:19:58.150Z",[38],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":27,"num_ratings":27,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":55,"download_link":56,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wptouch-cestina","WPtouch čeština","1.1","Expres-Web","https:\u002F\u002Fprofiles.wordpress.org\u002Fexpres-web\u002F","\u003Cp>Přeloží plugin WPtouch Mobile Plugin do češtiny.\u003C\u002Fp>\n","Přeloží plugin WPtouch Mobile Plugin do češtiny.",90,3508,"2015-05-12T05:07:00.000Z","4.1.42","3.0",[20,52,53,39,54],"wptouch-mobile-plugin","wptouch-mobile-plugin-cestina","cestina","http:\u002F\u002Fexpres-web.cz","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwptouch-cestina.zip",{"attackSurface":58,"codeSignals":79,"taintFlows":87,"riskAssessment":88,"analyzedAt":96},{"hooks":59,"ajaxHandlers":75,"restRoutes":76,"shortcodes":77,"cronEvents":78,"entryPointCount":27,"unprotectedCount":27},[60,66,70],{"type":61,"name":62,"callback":63,"file":64,"line":65},"action","admin_menu","add_plugin_page","classes\\ExtraStylesheetAddon.php",16,{"type":61,"name":67,"callback":68,"file":64,"line":69},"admin_init","page_init",17,{"type":61,"name":71,"callback":72,"file":73,"line":74},"wp_enqueue_scripts","mobile_extra_stylesheet","wp-touch-stylesheet-addon.php",23,[],[],[],[],{"dangerousFunctions":80,"sqlUsage":81,"outputEscaping":83,"fileOperations":85,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":86},[],{"prepared":27,"raw":27,"locations":82},[],{"escaped":33,"rawEcho":27,"locations":84},[],2,[],[],{"summary":89,"deductions":90},"The wp-touch-stylesheet-addon plugin v1.0.8 exhibits a very strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with or without authentication checks, significantly limits the plugin's attack surface.  Furthermore, the code signals are highly positive: no dangerous functions were detected, all SQL queries utilize prepared statements, and all outputs are properly escaped. The presence of only two file operations and no external HTTP requests are also good indicators of secure coding practices. Taint analysis revealed zero flows, indicating no discernible pathways for malicious data injection through common attack vectors.  The plugin also has no recorded vulnerability history, which suggests a consistent track record of security.  \n\nWhile the absence of known vulnerabilities and the excellent static analysis results are highly encouraging, the complete lack of capability checks and nonce checks on any potential entry points (even though none are currently exposed) represents a potential future risk. If future versions introduce new entry points, these critical security mechanisms might be overlooked.  However, as the plugin currently stands, its security is exceptionally robust. The primary strength lies in its minimal attack surface and adherence to secure coding practices like prepared statements and output escaping. The weakness, though currently hypothetical, is the complete absence of authorization and integrity checks, which are fundamental security layers.",[91,94],{"reason":92,"points":93},"No capability checks detected",5,{"reason":95,"points":93},"No nonce checks detected","2026-03-16T20:35:47.510Z",{"wat":98,"direct":104},{"assetPaths":99,"generatorPatterns":101,"scriptPaths":102,"versionParams":103},[100],"\u002Fwp-content\u002Fuploads\u002Fwp-touch-stylesheet-addon.css",[],[],[],{"cssClasses":105,"htmlComments":106,"htmlAttributes":108,"restEndpoints":110,"jsGlobals":111,"shortcodeOutput":112},[],[107],"\u002F**\n * Addon CSS File for WPtouch\n * Author: Miles Stewart\n * Author URI: http:\u002F\u002Fwww.milesstewart.co.uk\n *\u002F",[109],"name=\"wp_touch_stylesheet_addon_settings[stylesheet_path]\"",[],[],[]]