[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7amrv6-mcmqe7F1kEEJ0X3Kd7ghTniMBshslP_i0uck":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":63,"crawl_stats":38,"alternatives":69,"analysis":174,"fingerprints":591},"wp24-domain-check","WP24 Domain Check","1.12.0","WP24","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp24dotorg\u002F","\u003Cp>WP24 Domain Check allows users to check domains if they are free for registration. The responsive form could be easily intregrated via shortcode or widget. Labels and colors are customizeable through the settings page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy integration via shortcode or widget\u003C\u002Fli>\n\u003Cli>Ajax based search (no page reload required)\u003C\u002Fli>\n\u003Cli>Define a list of testable TLDs\u003C\u002Fli>\n\u003Cli>Drop-down list (select the TLD from predefinded list)\u003C\u002Fli>\n\u003Cli>Free text input (type TLD into domain name field)\u003C\u002Fli>\n\u003Cli>Over 1,600 supported TLDs\u003C\u002Fli>\n\u003Cli>Add custom whois servers\u003C\u002Fli>\n\u003Cli>Possibility of checking every TLD\u003C\u002Fli>\n\u003Cli>Internationalized domain name (IDN) support\u003C\u002Fli>\n\u003Cli>Check all TLDs simultaneously (asynchronous)\u003C\u002Fli>\n\u003Cli>Show detailed whois information (if domain is registered)\u003C\u002Fli>\n\u003Cli>Provide price and purchase link for each TLD\u003C\u002Fli>\n\u003Cli>WooCommerce integration\u003C\u002Fli>\n\u003Cli>Responsive design\u003C\u002Fli>\n\u003Cli>Bot protection with Google reCAPTCHA or Cloudflare Turnstile\u003C\u002Fli>\n\u003Cli>Customization of labels and colors\u003C\u002Fli>\n\u003Cli>WPML and Polylang compatible\u003C\u002Fli>\n\u003C\u002Ful>\n","Check (whois) domain names for availability. Easy integration via shortcode or widget.",5000,118926,86,32,"2026-01-11T10:24:00.000Z","6.9.4","5.0","7.0.0",[20,21,22,23,24],"domain","domain-check","domain-checker","domaincheck","whois","https:\u002F\u002Fwp24.org\u002Fplugins\u002Fdomain-check","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp24-domain-check.1.12.0.zip",99,2,0,"2024-12-26 00:00:00","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-24602","wp24-domain-check-reflected-cross-site-scripting","WP24 Domain Check \u003C= 1.10.14 - Reflected Cross-Site Scripting","The WP24 Domain Check plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.10.14 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.10.14","1.10.15","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-02-26 20:29:31",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F29326ec5-edb7-44b7-bca9-21962037ccc8?source=api-prod",63,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"WF-e1dcdc7f-ae52-4c76-90db-ea136656bb0b-wp24-domain-check","wp24-domain-check-cross-site-scripting","WP24 Domain Check \u003C= 1.6.2 - Cross-Site Scripting","The WP24 Domain Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=1.6.2","1.6.3",5.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2021-01-06 00:00:00","2024-01-22 19:56:02",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe1dcdc7f-ae52-4c76-90db-ea136656bb0b?source=api-prod",1112,{"slug":64,"display_name":7,"profile_url":8,"plugin_count":65,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":66,"trust_score":67,"computed_at":68},"wp24dotorg",1,588,78,"2026-04-04T14:00:14.104Z",[70,95,116,132,155],{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":80,"num_ratings":81,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":91,"download_link":92,"security_score":93,"vuln_count":65,"unpatched_count":65,"last_vuln_date":94,"fetched_at":31},"dominion-domain-checker-wpbakery-addon","Dominion – Domain Checker for WPBakery","2.3.1","Fluent-Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Freader87\u002F","\u003Cp>Dominion Domain Checker is higly flexible Domain Checker plugin which allows you to place a Domain Search form in your page\u002Fpost with full control over the design of the form. By using Dominion domain checker form, your users will be able to swiftly check domain name availability from your WordPress site and even you can place Purchase URL of your domain selling page in order to sell your domains. With the help of drag and drop WPBakery page builder it is just a matter of couple of minutes to build a domain search form in your website. Dominion plugin is made with AJAX and easy to use with WPBakery page builder.\u003C\u002Fp>\n\u003Cp>Don’t have the WPBakery page builder? No Worries ✨\u003Cbr \u002F>\nYou can use this plugin WITHOUT any page builder also. To do so you need to input the shortcode in your page\u002Fpost editor. View the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdominion-domain-checker-wpbakery-addon\u002F#faq\" rel=\"ugc\">FAQs Section\u003C\u002Fa> for details.\u003C\u002Fp>\n\u003Ch3>What makes Dominion Version 2.3.x Special\u003C\u002Fh3>\n\u003Cp>This new version (2.3.x) includes flexible features listed below:\u003Cbr \u002F>\n✨ Option added to use Domain Purchase Button URL for Searched Domains. Now you can place Purchase URL of your domain selling page in order to sell your domains\u003Cbr \u002F>\n✨ Option added to use Parallax Background Image, makes the form look cool\u003Cbr \u002F>\n✨ 9 more options added to change Font Size, Font Weight, Line Height for Heading, Sub-Heading and Text of the Form\u003Cbr \u002F>\n✨ 9 more options added to choose your desired Color for Title, Sub Title, Text, Button lable, Search result texts, Button background, Section background and Placeholder text\u003Cbr \u002F>\n✨ 3 more options added to choose Hover Color for Text, Button lable, Button background and Section background\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Check domain name availability for any TLD\u003C\u002Fli>\n\u003Cli>No need domain reseller API\u003C\u002Fli>\n\u003Cli>List\u002FInclude unlimited TLD (extensions) of Domains in the dropdown of the Domain Checker form\u003C\u002Fli>\n\u003Cli>Use your Domain Purchase Button URL for Searched Domains\u003C\u002Fli>\n\u003Cli>Change the text for Search field placeholder, Buttons, Title, Sub-Title and Texts of the form\u003C\u002Fli>\n\u003Cli>Customize the look and feel of the domain checker form to match your website\u003C\u002Fli>\n\u003Cli>Use Parallax Background Image\u003C\u002Fli>\n\u003Cli>Choose Font Size, Font Weight, Line Height for Heading, Sub-Heading and Text of the form\u003C\u002Fli>\n\u003Cli>Unlimited color variations to choose from for Title, Sub Title, Text, Button lable, Search result texts, Button background, Placeholder text, Section background and more\u003C\u002Fli>\n\u003Cli>Choose Mouse Over (Hover) Color for Text, Button lable, Button background, Section background\u003C\u002Fli>\n\u003Cli>Easily use with WPBakery Page Builder\u003C\u002Fli>\n\u003Cli>Made with AJAX\u003C\u002Fli>\n\u003Cli>And more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Shortcode: ✍ [dominion_shortcodes_domain_search_6]\u003C\u002Fp>\n\u003Ch3>PRO Version Features\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ffluentthemes.com\u002Fwp-plugins\u002Fdominion\u002F\" rel=\"nofollow ugc\">View PRO Version\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>PRO Version Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>10 more Layout and Design to choose from\u003C\u002Fli>\n\u003Cli>Option to integrated Domain purchase button with WHMCS\u003C\u002Fli>\n\u003Cli>Transfer Domain feature with WHMCS\u003C\u002Fli>\n\u003Cli>Enable Google reCAPTCHA v2\u003C\u002Fli>\n\u003Cli>Enable Animation (35+ variations of animations to choose from)\u003C\u002Fli>\n\u003Cli>Adjust Width of the form field for desktop and mobile to make it responsive\u003C\u002Fli>\n\u003Cli>Choose Shape\u002FMargin\u002FPadding of the Domain Search Section\u003C\u002Fli>\n\u003Cli>Choose Title Tag (h1, h2, h3, h4, h5, h6, div, span, p)\u003C\u002Fli>\n\u003Cli>Choose any Font Family from Google Fonts for Heading and Sub-Heading of the Form\u003C\u002Fli>\n\u003Cli>Check domain name availability for any TLD(s)\u003C\u002Fli>\n\u003Cli>Plus all the features of the Free Version\u003C\u002Fli>\n\u003Cli>Video Tutorials Included\u003C\u002Fli>\n\u003Cli>6 Months Priority Support (typically reply within 24 Hours)\u003C\u002Fli>\n\u003Cli>Life Time FREE Updates\u003C\u002Fli>\n\u003C\u002Ful>\n","Dominion Domain Checker is a WordPress plugin which allows you to swiftly check domain name availability from your WordPress site.",90,8855,70,8,"2025-11-02T18:46:00.000Z","6.8.5","5.9","7.4",[87,22,88,89,90],"domain-availability","domain-search","wordpress-domain-checker","wordpress-domain-names","https:\u002F\u002Ffluentthemes.com\u002Fwp-plugins\u002Fdominion\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdominion-domain-checker-wpbakery-addon.zip",79,"2025-01-10 19:03:16",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":65,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":109,"tags":110,"homepage":113,"download_link":114,"security_score":115,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"whmcs-domain-checker","WHMCS Domain Checker","1.0.1","cmsbased","https:\u002F\u002Fprofiles.wordpress.org\u002Fcmsbased\u002F","\u003Cp>WordPress plugin that allows you to display the responsive WHMCS Domain Checker in a widget. Appearance settings and the list of suggested domains can be configured via WordPress admin.\u003C\u002Fp>\n","WordPress plugin that allows you to display the responsive WHMCS Domain Checker in a widget.",60,9253,100,"2014-08-05T04:57:00.000Z","3.9.40","3.6","",[111,112],"domain-checker-widget","whmcs","http:\u002F\u002Fcmsbased.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhmcs-domain-checker.zip",85,{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":103,"num_ratings":28,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":109,"tags":129,"homepage":130,"download_link":131,"security_score":115,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"whmcs-domain-checker-widget","LJM WHMCS Domain Checker","1.1.2","leejmurphy","https:\u002F\u002Fprofiles.wordpress.org\u002Fleejmurphy\u002F","\u003Cp>This plugin will allow you display the Domain Checker integration code for WHMCS in a nice tidy widget. You MUST have WHMCS installed in order for this plugin to work.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>You can follow this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fleejmurphy\u002Fwp-whmcs-domain-checker\" rel=\"nofollow ugc\">Git Hub\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","A simple plugin for WordPress that allows you to display the Domain Checker for WHMCS in a nice tidy widget.",20,5492,"2013-01-29T21:03:00.000Z","3.5.2","3",[22,112],"http:\u002F\u002Fwww.leemurphy.co.uk\u002Fofferings\u002Ffile\u002F2-whmcs-wordpress-domain-checker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhmcs-domain-checker-widget.1.1.2.zip",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":142,"num_ratings":143,"last_updated":144,"tested_up_to":145,"requires_at_least":146,"requires_php":109,"tags":147,"homepage":151,"download_link":152,"security_score":153,"vuln_count":65,"unpatched_count":29,"last_vuln_date":154,"fetched_at":31},"powies-whois","Powie's WHOIS Domain Check","0.9.34","PowieT","https:\u002F\u002Fprofiles.wordpress.org\u002Fpowiet\u002F","\u003Cp>Checks Domain WHOIS Lookup for availability. Simple insert the [pwhois] shortcode on a page or post.\u003Cbr \u002F>\nTo select the default TLD use the default attribute: [pwhois default=com] – sets .com as default in the TLD dropdown.\u003Cbr \u002F>\nTLD List is limited because of the knowledge of the required whois servers. If you wish to have support for a special TLD please contact me and I will implement it asap.\u003Cbr \u002F>\nWe cannot guarantee that every domain lookup works perfect, in case that whois servers and how to talk to them can change time by time.\u003Cbr \u002F>\nHowever if you inform us about changes and we can get it to work, we give you a free version of the Pro version of this plugin!\u003C\u002Fp>\n\u003Ch4>Demos\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowie.de\u002Fwordpress\u002Fwhois\u002F\" rel=\"nofollow ugc\">Demo 1\u003C\u002Fa> – at our own page.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbe-webspace.de\u002Fdomaincheck\u002F\" rel=\"nofollow ugc\">Demo 2\u003C\u002Fa> – live version at a hosting providers webpage.\u003C\u002Fp>\n\u003Ch4>Requires\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>php7\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Including:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Shortcode [pwhois]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Support Forum @ \u003Ca href=\"https:\u002F\u002Fforum.powie.de\u002Fforum\u002F87-powies-whois\u002F\" rel=\"nofollow ugc\">forum.powie.de\u003C\u002Fa>\u003Cbr \u002F>\nYou get faster feedback if you post in our forum, rather than on wordpress.org!\u003C\u002Fp>\n\u003Ch3>Remove plugin\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Delete plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n","Check a Domain WHOIS Lookup for availability. Simple insert the [pwhois] shortcode on a page or post",500,30592,80,10,"2024-10-06T09:52:00.000Z","6.6.5","4.0",[20,148,149,150,24],"free","lookup","shortcode","https:\u002F\u002Fpowie.de\u002Fwordpress\u002Fwhois\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-whois.0.9.34.zip",92,"2020-07-07 00:00:00",{"slug":156,"name":157,"version":158,"author":159,"author_profile":160,"description":161,"short_description":162,"active_installs":163,"downloaded":164,"rating":105,"num_ratings":65,"last_updated":165,"tested_up_to":145,"requires_at_least":166,"requires_php":167,"tags":168,"homepage":172,"download_link":173,"security_score":153,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"cb-domain-checker","CB Domain Checker","1.1","Md Abul Bashar","https:\u002F\u002Fprofiles.wordpress.org\u002Fhmbashar\u002F","\u003Cp>You’re Welcome to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fhmbashar\u002Fcb-domain-checker\" rel=\"nofollow ugc\">Github Repo\u003C\u002Fa> for features\u002Fpull request\u003C\u002Fp>\n\u003Cp>You can use the plugin for domain name search on your WordPress website using the shortcode [cb-domain-checker]\u003C\u002Fp>\n\u003Ch3>Pro Features\u003C\u002Fh3>\n\u003Cp>You can show your domain extension with price per year using the [cb-domain-price] shortcode inside the main shortcode [cb-domain-checker]\u003C\u002Fp>\n\u003Ch3>example\u003C\u002Fh3>\n\u003Cp>\u003Ccode>[cb-domain-checker][cb-domain-price][\u002Fcb-domain-checker]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>attributes are supported with the domain price shortcode\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>name\u003C\u002Fli>\n\u003Cli>currency\u003C\u002Fli>\n\u003Cli>price\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>example\u003C\u002Fh3>\n\u003Cp>\u003Ccode>[cb-domain-price name=\".com\" currency=\"$\" price=\"10.5\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Full shortcode like this\u003C\u002Fh3>\n\u003Cp>\u003Ccode>[cb-domain-checker][cb-domain-price name=\".com\" currency=\"tk\" price=\"950\"][cb-domain-price name=\".net\" currency=\"tk\" price=\"1050\"][cb-domain-price name=\".org\" currency=\"tk\" price=\"1100\"][cb-domain-price name=\".com.bd\" currency=\"tk\" price=\"1250\"][\u002Fcb-domain-checker]\u003C\u002Fcode>\u003C\u002Fp>\n","You can use the plugin for domain name search on your WordPress website using the shortcode [cb-domain-checker]",50,2849,"2024-10-23T19:49:00.000Z","4.6","5.6",[169,170,171,88],"domain-checking","domain-find","domain-name-register","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcb-domain-checker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcb-domain-checker.1.1.zip",{"attackSurface":175,"codeSignals":252,"taintFlows":493,"riskAssessment":573,"analyzedAt":590},{"hooks":176,"ajaxHandlers":231,"restRoutes":244,"shortcodes":245,"cronEvents":249,"entryPointCount":250,"unprotectedCount":251},[177,183,187,190,193,197,200,205,209,212,216,220,224,228],{"type":178,"name":179,"callback":180,"file":181,"line":182},"action","wp_enqueue_scripts","enqueue_scripts","includes\\class-wp24-domaincheck.php",29,{"type":184,"name":185,"callback":185,"priority":143,"file":181,"line":186},"filter","woocommerce_add_cart_item_data",43,{"type":184,"name":188,"callback":188,"priority":143,"file":181,"line":189},"woocommerce_get_item_data",44,{"type":178,"name":191,"callback":191,"priority":143,"file":181,"line":192},"woocommerce_checkout_create_order_line_item",45,{"type":184,"name":194,"callback":195,"priority":143,"file":181,"line":196},"script_loader_tag","closure",213,{"type":178,"name":198,"callback":195,"file":181,"line":199},"wp_footer",365,{"type":178,"name":201,"callback":202,"file":203,"line":204},"wp_loaded","get_woocommerce_products","includes\\class-wp24-settings.php",67,{"type":178,"name":206,"callback":207,"priority":143,"file":203,"line":208},"upgrader_process_complete","update_plugin",101,{"type":178,"name":210,"callback":180,"file":203,"line":211},"admin_enqueue_scripts",102,{"type":178,"name":213,"callback":214,"file":203,"line":215},"admin_init","init_settings",104,{"type":178,"name":217,"callback":218,"file":203,"line":219},"admin_menu","init_menu",105,{"type":178,"name":221,"callback":222,"file":223,"line":93},"widgets_init","register_wp24_domaincheck_widget","includes\\class-wp24-widget.php",{"type":178,"name":225,"callback":195,"file":226,"line":227},"plugins_loaded","wp24-domain-check.php",34,{"type":178,"name":229,"callback":195,"file":226,"line":230},"init",41,[232,236,238,242],{"action":233,"nopriv":234,"callback":233,"hasNonce":234,"hasCapCheck":234,"file":181,"line":235},"whois_query",false,33,{"action":233,"nopriv":237,"callback":233,"hasNonce":234,"hasCapCheck":234,"file":181,"line":227},true,{"action":239,"nopriv":234,"callback":240,"hasNonce":234,"hasCapCheck":234,"file":181,"line":241},"add_domain_to_cart","woocommerce_add_domain_to_cart",38,{"action":239,"nopriv":237,"callback":240,"hasNonce":234,"hasCapCheck":234,"file":181,"line":243},39,[],[246],{"tag":247,"callback":150,"file":181,"line":248},"wp24_domaincheck",28,[],5,4,{"dangerousFunctions":253,"sqlUsage":254,"outputEscaping":266,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":65,"bundledLibraries":492},[],{"prepared":251,"raw":251,"locations":255},[256,259,262,264],{"file":203,"line":257,"context":258},1592,"$wpdb->get_var() with variable interpolation",{"file":203,"line":260,"context":261},1777,"$wpdb->get_results() with variable interpolation",{"file":203,"line":263,"context":261},1894,{"file":203,"line":265,"context":261},2016,{"escaped":267,"rawEcho":268,"locations":269},40,111,[270,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,317,319,321,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355,357,359,361,363,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,397,399,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,443,445,447,449,451,453,455,457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,486,488,490],{"file":181,"line":271,"context":272},366,"raw output",{"file":203,"line":274,"context":272},1357,{"file":203,"line":276,"context":272},1376,{"file":203,"line":278,"context":272},1395,{"file":203,"line":280,"context":272},1405,{"file":203,"line":282,"context":272},1413,{"file":203,"line":284,"context":272},1438,{"file":203,"line":286,"context":272},1495,{"file":203,"line":288,"context":272},1498,{"file":203,"line":290,"context":272},1503,{"file":203,"line":292,"context":272},1504,{"file":203,"line":294,"context":272},1512,{"file":203,"line":296,"context":272},1513,{"file":203,"line":298,"context":272},1519,{"file":203,"line":300,"context":272},1521,{"file":203,"line":302,"context":272},1529,{"file":203,"line":304,"context":272},1532,{"file":203,"line":306,"context":272},1538,{"file":203,"line":308,"context":272},1696,{"file":203,"line":310,"context":272},1736,{"file":203,"line":312,"context":272},1737,{"file":203,"line":314,"context":272},1740,{"file":203,"line":316,"context":272},1742,{"file":203,"line":318,"context":272},1744,{"file":203,"line":320,"context":272},1754,{"file":203,"line":322,"context":272},1756,{"file":203,"line":324,"context":272},1757,{"file":203,"line":326,"context":272},1763,{"file":203,"line":328,"context":272},1765,{"file":203,"line":330,"context":272},1766,{"file":203,"line":332,"context":272},1770,{"file":203,"line":334,"context":272},1772,{"file":203,"line":336,"context":272},1790,{"file":203,"line":338,"context":272},1794,{"file":203,"line":340,"context":272},1796,{"file":203,"line":342,"context":272},1802,{"file":203,"line":344,"context":272},1804,{"file":203,"line":346,"context":272},1807,{"file":203,"line":348,"context":272},1823,{"file":203,"line":350,"context":272},1858,{"file":203,"line":352,"context":272},1859,{"file":203,"line":354,"context":272},1862,{"file":203,"line":356,"context":272},1863,{"file":203,"line":358,"context":272},1865,{"file":203,"line":360,"context":272},1875,{"file":203,"line":362,"context":272},1882,{"file":203,"line":364,"context":272},1887,{"file":203,"line":366,"context":272},1889,{"file":203,"line":368,"context":272},1901,{"file":203,"line":370,"context":272},1905,{"file":203,"line":372,"context":272},1922,{"file":203,"line":374,"context":272},1924,{"file":203,"line":376,"context":272},1929,{"file":203,"line":378,"context":272},1930,{"file":203,"line":380,"context":272},1931,{"file":203,"line":382,"context":272},1934,{"file":203,"line":384,"context":272},1938,{"file":203,"line":386,"context":272},1945,{"file":203,"line":388,"context":272},1964,{"file":203,"line":390,"context":272},1965,{"file":203,"line":392,"context":272},1967,{"file":203,"line":394,"context":272},1988,{"file":203,"line":396,"context":272},1993,{"file":203,"line":398,"context":272},1996,{"file":203,"line":400,"context":272},1997,{"file":203,"line":402,"context":272},1998,{"file":203,"line":404,"context":272},2008,{"file":203,"line":406,"context":272},2010,{"file":203,"line":408,"context":272},2024,{"file":203,"line":410,"context":272},2030,{"file":203,"line":412,"context":272},2031,{"file":203,"line":414,"context":272},2032,{"file":203,"line":416,"context":272},2041,{"file":203,"line":418,"context":272},2060,{"file":203,"line":420,"context":272},2062,{"file":203,"line":422,"context":272},2064,{"file":203,"line":424,"context":272},2067,{"file":203,"line":426,"context":272},2071,{"file":203,"line":428,"context":272},2074,{"file":203,"line":430,"context":272},2076,{"file":203,"line":432,"context":272},2078,{"file":203,"line":434,"context":272},2080,{"file":203,"line":436,"context":272},2084,{"file":203,"line":438,"context":272},2087,{"file":203,"line":440,"context":272},2089,{"file":203,"line":442,"context":272},2091,{"file":203,"line":444,"context":272},2093,{"file":203,"line":446,"context":272},2095,{"file":203,"line":448,"context":272},2097,{"file":203,"line":450,"context":272},2101,{"file":203,"line":452,"context":272},2104,{"file":203,"line":454,"context":272},2106,{"file":203,"line":456,"context":272},2108,{"file":203,"line":458,"context":272},2110,{"file":203,"line":460,"context":272},2112,{"file":203,"line":462,"context":272},2114,{"file":203,"line":464,"context":272},2125,{"file":203,"line":466,"context":272},2139,{"file":203,"line":468,"context":272},2153,{"file":203,"line":470,"context":272},2155,{"file":203,"line":472,"context":272},2162,{"file":203,"line":474,"context":272},2169,{"file":203,"line":476,"context":272},2173,{"file":203,"line":478,"context":272},2177,{"file":203,"line":480,"context":272},2181,{"file":203,"line":482,"context":272},2185,{"file":223,"line":484,"context":272},31,{"file":223,"line":235,"context":272},{"file":223,"line":487,"context":272},35,{"file":223,"line":489,"context":272},36,{"file":223,"line":491,"context":272},49,[],[494,517,529,544,555],{"entryPoint":495,"graph":496,"unsanitizedCount":516,"severity":41},"prices_links (includes\\class-wp24-settings.php:1692)",{"nodes":497,"edges":513},[498,502,507,511],{"id":499,"type":500,"label":501,"file":203,"line":312},"n0","source","$_SERVER['REQUEST_URI']",{"id":503,"type":504,"label":505,"file":203,"line":312,"wp_function":506},"n1","sink","echo() [XSS]","echo",{"id":508,"type":500,"label":509,"file":203,"line":510},"n2","$_POST (x2)",1715,{"id":512,"type":504,"label":505,"file":203,"line":336,"wp_function":506},"n3",[514,515],{"from":499,"to":503,"sanitized":234},{"from":508,"to":512,"sanitized":234},3,{"entryPoint":518,"graph":519,"unsanitizedCount":516,"severity":41},"woocommerce (includes\\class-wp24-settings.php:1819)",{"nodes":520,"edges":526},[521,522,523,525],{"id":499,"type":500,"label":501,"file":203,"line":352},{"id":503,"type":504,"label":505,"file":203,"line":352,"wp_function":506},{"id":508,"type":500,"label":509,"file":203,"line":524},1841,{"id":512,"type":504,"label":505,"file":203,"line":368,"wp_function":506},[527,528],{"from":499,"to":503,"sanitized":234},{"from":508,"to":512,"sanitized":234},{"entryPoint":530,"graph":531,"unsanitizedCount":81,"severity":41},"whoisservers (includes\\class-wp24-settings.php:1917)",{"nodes":532,"edges":541},[533,535,536,539],{"id":499,"type":500,"label":534,"file":203,"line":380},"$_SERVER['REQUEST_URI'] (x2)",{"id":503,"type":504,"label":505,"file":203,"line":380,"wp_function":506},{"id":508,"type":500,"label":537,"file":203,"line":538},"$_POST (x6)",1928,{"id":512,"type":504,"label":505,"file":203,"line":540,"wp_function":506},1936,[542,543],{"from":499,"to":503,"sanitized":234},{"from":508,"to":512,"sanitized":234},{"entryPoint":545,"graph":546,"unsanitizedCount":29,"severity":554},"get_html (includes\\class-wp24-settings.php:1324)",{"nodes":547,"edges":552},[548,551],{"id":499,"type":500,"label":549,"file":203,"line":550},"$_GET",1339,{"id":503,"type":504,"label":505,"file":203,"line":278,"wp_function":506},[553],{"from":499,"to":503,"sanitized":237},"low",{"entryPoint":556,"graph":557,"unsanitizedCount":29,"severity":554},"\u003Cclass-wp24-settings> (includes\\class-wp24-settings.php:0)",{"nodes":558,"edges":569},[559,560,561,563,564,567],{"id":499,"type":500,"label":549,"file":203,"line":550},{"id":503,"type":504,"label":505,"file":203,"line":278,"wp_function":506},{"id":508,"type":500,"label":562,"file":203,"line":312},"$_SERVER['REQUEST_URI'] (x4)",{"id":512,"type":504,"label":505,"file":203,"line":312,"wp_function":506},{"id":565,"type":500,"label":566,"file":203,"line":510},"n4","$_POST (x11)",{"id":568,"type":504,"label":505,"file":203,"line":336,"wp_function":506},"n5",[570,571,572],{"from":499,"to":503,"sanitized":237},{"from":508,"to":512,"sanitized":237},{"from":565,"to":568,"sanitized":237},{"summary":574,"deductions":575},"The wp24-domain-check plugin exhibits a mixed security posture, with several concerning areas that overshadow its positive aspects. While the absence of critical or high-severity vulnerabilities in its history and no reported dangerous functions or file operations are strengths, the static analysis reveals significant weaknesses. A large portion of the plugin's attack surface, specifically 4 out of 5 entry points (AJAX handlers), lacks authentication checks, presenting a substantial risk of unauthorized access or manipulation. Furthermore, the high percentage of unsanitized paths identified in the taint analysis, even without critical severity, suggests potential for unexpected behavior or vulnerabilities if inputs are not properly handled.  The plugin's vulnerability history, with two medium-severity Cross-Site Scripting (XSS) vulnerabilities, further highlights concerns with input sanitization and output escaping. Although there are no currently unpatched CVEs, the recurrence of XSS issues indicates a need for more robust and consistent input validation and output encoding practices across the codebase. The low percentage of properly escaped output (26%) directly correlates with the historical XSS findings and represents a significant risk.",[576,578,581,584,586,588],{"reason":577,"points":81},"4 unprotected AJAX handlers",{"reason":579,"points":580},"Low output escaping percentage (26%)",6,{"reason":582,"points":583},"3 unsanitized taint flows",7,{"reason":585,"points":143},"2 medium CVEs (XSS)",{"reason":587,"points":81},"No nonce checks",{"reason":589,"points":583},"Only 1 capability check on 5 entry points","2026-03-16T18:10:43.337Z",{"wat":592,"direct":600},{"assetPaths":593,"generatorPatterns":595,"scriptPaths":596,"versionParams":597},[594],"\u002Fwp-content\u002Fplugins\u002Fwp24-domain-check\u002Fassets\u002Fjs\u002Fdomaincheck.js",[],[594],[598,599],"wp24-domain-check\u002Fstyle.css?ver=","wp24-domain-check\u002Fassets\u002Fjs\u002Fdomaincheck.js?ver=",{"cssClasses":601,"htmlComments":603,"htmlAttributes":612,"restEndpoints":614,"jsGlobals":616,"shortcodeOutput":618},[4,602],"wp24dc-wrapper",[604,605,606,607,608,609,610,611],"\u003C!-- START WP24 Domain Check SHORTCODE -->","\u003C!-- END WP24 Domain Check SHORTCODE -->","\u003C!-- WP24 Domain Check - Available -->","\u003C!-- WP24 Domain Check - Not Available -->","\u003C!-- WP24 Domain Check - Registrable -->","\u003C!-- WP24 Domain Check - Own -->","\u003C!-- WP24 Domain Check - Error -->","\u003C!-- WP24 Domain Check - Loading -->",[613],"data-wp24-domaincheck",[615],"\u002Fwp-json\u002Fwp24-domain-check\u002Fv1\u002Fcheck",[617],"wp24_domain_check_params",[619],"\u003Cdiv class=\"wp24-domain-check\">"]