[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzyd_UeQk7hm7cDbO-awLqmM0mtKPLjP6-2hKOZqIJfk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":127,"fingerprints":281},"wpheka-web-server-information","Web Server Information","1.7","akshayaswaroop","https:\u002F\u002Fprofiles.wordpress.org\u002Fakshayaswaroop\u002F","\u003Cp>\u003Cstrong>Web Server Information\u003C\u002Fstrong> plugin allows you to check full information about the web server PHP\u002FMysql configurations including libraries, system type and OS version.\u003C\u002Fp>\n\u003Ch4>Features List:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display \u003Cstrong>server OS\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>server software\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>server IP address\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>server port\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>server location\u003C\u002Fstrong> detected by ip address using \u003Ca href=\"https:\u002F\u002Fip-api.com\u002Fdocs\u002Fapi:serialized_php\" rel=\"nofollow ugc\">IP-API.com\u003C\u002Fa> .See \u003Ca href=\"https:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\" rel=\"nofollow ugc\">Terms and Policies\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>server hostname\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>server document root\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Detailed information about the \u003Cstrong>PHP version\u003C\u002Fstrong> you are using and \u003Cstrong>installed modules\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Detailed information about your \u003Cstrong>Database\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>PHP, Mysql, Web server, WordPress version\u003C\u002Fstrong> info in admin footer.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you enjoyed this plugin then please put a review, that will encourage me to bring some more …\u003C\u002Fp>\n","Web Server Information plugin will give you detailed information about your hosting server's configuration and installed modules.",30,4731,0,"2026-02-12T18:26:00.000Z","6.9.4","4.8","",[19,20,21,22],"php","php-info","server-information","server-stats","https:\u002F\u002Fwww.wpheka.com\u002Fproduct\u002Fphp-information\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpheka-web-server-information.1.7.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":25,"avg_patch_time_days":11,"trust_score":32,"computed_at":33},4,1890,94,"2026-04-04T15:24:48.010Z",[35,52,74,92,108],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":13,"num_ratings":13,"last_updated":45,"tested_up_to":15,"requires_at_least":46,"requires_php":17,"tags":47,"homepage":17,"download_link":51,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"server-info-for-debugging","Server Info for Debugging","1.1.4","Blend Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fblendmedia\u002F","\u003Cp>\u003Cstrong>Server Info for Debugging\u003C\u002Fstrong> is a lightweight plugin that displays server stats and WordPress environment information on an admin page, helping with troubleshooting server-related issues. It provides:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Operating system information\u003C\u002Fli>\n\u003Cli>PHP version and memory limits\u003C\u002Fli>\n\u003Cli>Database version and user details\u003C\u002Fli>\n\u003Cli>WordPress debug mode status\u003C\u002Fli>\n\u003Cli>SSL\u002FTLS status\u003C\u002Fli>\n\u003Cli>Write permissions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For detailed server and WordPress setup, see below:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Server Details\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Operating System\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Software\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>MySQL Version\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>PHP Version\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>PHP Memory Limit\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>PHP Max Input Vars\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>PHP Max Post Size\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>GD Installed\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>ZIP Installed\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Write Permissions\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>PHP Execution Time\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>File Uploads Enabled\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Environment Details\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>WordPress Version\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Site URL\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Home URL\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>WP Multisite\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Max Upload Size\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Memory Limit\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Max Memory Limit\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Permalink Structure\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Language\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Timezone\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Admin Email\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Debug Mode\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Database Host\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Database Name\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Database User\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Database Charset\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>SSL\u002FTLS Status\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL v2.0 or later. For more details, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GNU GPL\u003C\u002Fa>.\u003C\u002Fp>\n","Displays server stats and WordPress system information for debugging purposes.",200,1537,"2026-02-11T19:27:00.000Z","5.0",[48,20,49,22,50],"debug","server-info","system-info","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fserver-info-for-debugging.1.1.4.zip",{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":13,"num_ratings":13,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":71,"download_link":72,"security_score":73,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-tech-lookup","WP Tech Lookup","1.1","Ashish Ajani","https:\u002F\u002Fprofiles.wordpress.org\u002Fashishajani\u002F","\u003Cp>WP Tech Lookup is a simple WordPress utiliy plugin. Once installed it will show important information including hosting server information, WordPress information, database information, file permissions and WordPress cron job information.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Ch4>Hosting server information\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Hosting server name and IP address\u003C\u002Fli>\n\u003Cli>Server protocol, CGI version and software\u003C\u002Fli>\n\u003Cli>Server operating system and available ports\u003C\u002Fli>\n\u003Cli>PHP version and maximum limit of size, vars, memory and execution time\u003C\u002Fli>\n\u003Cli>Status of PHP variables like globals and safe mode\u003C\u002Fli>\n\u003Cli>Database software details\u003C\u002Fli>\n\u003Cli>Database version and maximum number of connections allowed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress information\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress version\u003C\u002Fli>\n\u003Cli>Themes information including active theme, version, author, etc…\u003C\u002Fli>\n\u003Cli>Active plugins and CPT details (if used)\u003C\u002Fli>\n\u003Cli>Database connection and character set information\u003C\u002Fli>\n\u003Cli>WordPress debug mode status\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress directory permissions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>List of all main WordPress directory with path\u003C\u002Fli>\n\u003Cli>Recommended and current directory permissions\u003C\u002Fli>\n\u003Cli>Status indicator for wrong and right directory permissions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Database information\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>All database tables and engine for each table\u003C\u002Fli>\n\u003Cli>Date when last updated\u003C\u002Fli>\n\u003Cli>Number of records in each table\u003C\u002Fli>\n\u003Cli>Table size\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress schedule actions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>List of all WordPress cron jobs\u003C\u002Fli>\n\u003Cli>Event action and key\u003C\u002Fli>\n\u003Cli>Cron schedule status\u003C\u002Fli>\n\u003Cli>Cron interval\u003C\u002Fli>\n\u003Cli>Last execution time\u003C\u002Fli>\n\u003Cli>Cron arguments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In case if you like to know more about this plugin or have any suggestions\u002Fcomments then please drop me a contact request from \u003Ca href=\"http:\u002F\u002Ffreelancer-coder.com\" rel=\"nofollow ugc\">http:\u002F\u002Ffreelancer-coder.com\u003C\u002Fa>.\u003C\u002Fp>\n","WP Tech Lookup plugin is to see all the necessary information about server at one place.",10,1598,"2024-03-08T12:49:00.000Z","6.4.8","4.7","7.4",[67,68,21,69,70],"mysql-information","php-information","server-monitor","wordpress-information","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-tech-lookup\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-tech-lookup.1.1.zip",85,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":25,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":64,"requires_php":46,"tags":87,"homepage":90,"download_link":91,"security_score":73,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"php-server-configuration","PHP Server Configuration","1.0","Ninetyseven Infotech","https:\u002F\u002Fprofiles.wordpress.org\u002Fsutharkaran10\u002F","\u003Ch3>Live Preview\u003C\u002Fh3>\n\u003Cp>You Can check below settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP Version\u003C\u002Fli>\n\u003Cli>max_execution_time\u003C\u002Fli>\n\u003Cli>max_file_uploads\u003C\u002Fli>\n\u003Cli>max_input_time\u003C\u002Fli>\n\u003Cli>upload_max_filesize\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003C\u002Fp>\n\u003Ch3>Live Preview\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fninetyseveninfotech.in\u002Fphp-info-nsi\" rel=\"nofollow ugc\">https:\u002F\u002Fninetyseveninfotech.in\u002Fphp-info-nsi\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003C\u002Fp>\n\u003Cp>\u003C\u002Fp>\n\u003Ch3>\u003C\u002Fh3>\n","A simple Light weight plugin to look up information about PHP Info and manage PHP configurations values.",500,6661,1,"2023-03-01T05:16:00.000Z","6.1.10",[88,20,89],"php-configuration","php-version","https:\u002F\u002Fninetyseveninfotech.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-server-configuration.zip",{"slug":93,"name":94,"version":77,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":43,"downloaded":99,"rating":25,"num_ratings":84,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":17,"tags":103,"homepage":106,"download_link":107,"security_score":73,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"php-server-info","PHP Server Info","ray.viljoen","https:\u002F\u002Fprofiles.wordpress.org\u002Frayviljoen\u002F","\u003Cp>Adds custom menu under WordPress Admin to view all PHP info as produced with the standard phpinfo function, but without breaking the page strucure.\u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"http:\u002F\u002Fwww.catn.com\" rel=\"nofollow ugc\">PHP Hosting Experts CatN\u003C\u002Fa>\u003C\u002Fp>\n","A very simple plugin for displaying full PHP Info from within the WordPress Admin menu.",10991,"2011-07-13T15:49:00.000Z","3.2.1","3.1",[19,20,104,105,49],"phpinfo","server","http:\u002F\u002Fcatn.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-server-info.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":25,"num_ratings":84,"last_updated":118,"tested_up_to":119,"requires_at_least":46,"requires_php":65,"tags":120,"homepage":123,"download_link":124,"security_score":125,"vuln_count":84,"unpatched_count":13,"last_vuln_date":126,"fetched_at":27},"debugger-troubleshooter","Debugger & Troubleshooter","1.3.2","Jhimross Olinares","https:\u002F\u002Fprofiles.wordpress.org\u002Fjhimross\u002F","\u003Cp>The “Debugger & Troubleshooter” plugin provides essential tools for WordPress site administrators to diagnose and resolve issues efficiently. It offers a dedicated section in the WordPress dashboard that displays comprehensive site health information and powerful debugging toggles.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Troubleshooting Mode:\u003C\u002Fstrong> Activate a unique, \u003Cstrong>session-based\u003C\u002Fstrong> “Troubleshooting Mode” for your current browser session. This means any changes you make are temporary and only visible to you. This mode allows you to:\n\u003Cul>\n\u003Cli>\u003Cstrong>Simulate Plugin Deactivation:\u003C\u002Fstrong> Selectively “deactivate” plugins. The plugin’s assets and code will be disabled for your session only.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simulate Theme Switching:\u003C\u002Fstrong> Preview any installed theme, while the public-facing site continues to use the active theme.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Role Simulator:\u003C\u002Fstrong> View your site as any other user or role (e.g., Subscriber, Editor) to test permissions and content visibility. This is session-based and includes a safe “Exit” button in the Admin Bar.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Debugging:\u003C\u002Fstrong> Safely enable \u003Ccode>WP_DEBUG\u003C\u002Fcode> with a single click from the admin dashboard. Errors are logged to \u003Ccode>debug.log\u003C\u002Fcode> without being displayed on the site, and you can view the log file directly in the plugin’s interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Site Information:\u003C\u002Fstrong> Get a quick, organized overview of your WordPress environment in collapsible cards. This includes detailed PHP, Database, and Server information, a full list of all themes and plugins with their status, and important WordPress constants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Copy to Clipboard:\u003C\u002Fstrong> A one-click button allows you to copy all the site information, making it incredibly easy to share with support forums or developers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe Debugging & Cache Bypassing:\u003C\u002Fstrong> All troubleshooting actions are session-based. The plugin automatically attempts to bypass caching when Troubleshooting Mode is active, ensuring your changes are reflected instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Friendly Interface:\u003C\u002Fstrong> An intuitive dashboard interface makes it easy to access all features.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Notices:\u003C\u002Fstrong> Clear notices alert you when Troubleshooting Mode is active.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is an invaluable tool for developers, site administrators, and anyone who needs to debug WordPress issues without risking site downtime or affecting user experience.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once the plugin is installed and activated, navigate to \u003Cstrong>Tools > Debugger & Troubleshooter\u003C\u002Fstrong> in your WordPress dashboard.\u003C\u002Fp>\n\u003Ch3>1. Site Information\u003C\u002Fh3>\n\u003Cp>The top section provides a comprehensive overview of your WordPress environment, organized into collapsible cards that are closed by default. Click on any card title to expand it and view the details.\u003C\u002Fp>\n\u003Ch3>2. Troubleshooting Mode\u003C\u002Fh3>\n\u003Cp>This session-based feature allows you to simulate theme switches and plugin deactivations without affecting your live website for other visitors.\u003C\u002Fp>\n\u003Ch3>3. User Role Simulator\u003C\u002Fh3>\n\u003Cp>Safely view your site as another user or role (e.g., “Subscriber” or “Editor”) without knowing their password. This is perfect for testing capabilities and content restrictions.\u003C\u002Fp>\n\u003Ch3>4. Live Debugging\u003C\u002Fh3>\n\u003Cp>This section allows you to safely manage WordPress’s debugging features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Enable Live Debug:\u003C\u002Fstrong> Click this button to programmatically enable \u003Ccode>WP_DEBUG\u003C\u002Fcode> and \u003Ccode>WP_DEBUG_LOG\u003C\u002Fcode>, while keeping \u003Ccode>WP_DEBUG_DISPLAY\u003C\u002Fcode> off. This logs errors to \u003Ccode>wp-content\u002Fdebug.log\u003C\u002Fcode> without showing them to visitors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Log Viewer:\u003C\u002Fstrong> A text area displays the contents of your \u003Ccode>debug.log\u003C\u002Fcode> file, allowing you to see errors as they are generated.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clear Log:\u003C\u002Fstrong> Safely clear the \u003Ccode>debug.log\u003C\u002Fcode> file with a click.\u003C\u002Fli>\n\u003C\u002Ful>\n","A WordPress plugin for debugging & troubleshooting. Safely simulate plugin deactivation, theme switching, and WP_DEBUG.",40,812,"2026-02-11T15:40:00.000Z","6.8.5",[48,121,20,122],"developer","troubleshoot","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebugger-troubleshooter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebugger-troubleshooter.1.3.2.zip",97,"2026-03-30 09:30:13",{"attackSurface":128,"codeSignals":171,"taintFlows":218,"riskAssessment":264,"analyzedAt":280},{"hooks":129,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":13,"unprotectedCount":13},[130,136,140,144,147,150,156,160,163],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","admin_menu","wpheka_web_server_info_menu","includes\\class-wpheka-web-server-info-admin.php",44,{"type":131,"name":137,"callback":138,"file":134,"line":139},"admin_enqueue_scripts","wpheka_web_server_info_admin_scripts_styles",47,{"type":131,"name":141,"callback":142,"priority":60,"file":134,"line":143},"info_page_webserver_tab_init","tab_init",50,{"type":131,"name":145,"callback":142,"priority":60,"file":134,"line":146},"info_page_phpinfo_tab_init",51,{"type":131,"name":148,"callback":142,"priority":60,"file":134,"line":149},"info_page_dbinfo_tab_init",52,{"type":151,"name":152,"callback":153,"priority":154,"file":134,"line":155},"filter","update_footer","version_info_in_footer",11,55,{"type":131,"name":157,"callback":158,"file":159,"line":135},"plugins_loaded","wpheka_web_server_info_init","wpheka-web-server-information.php",{"type":131,"name":161,"callback":162,"file":159,"line":146},"admin_notices","wpheka_web_server_missing_domdocument_notice",{"type":131,"name":164,"callback":165,"file":159,"line":166},"admin_init","install",104,[],[],[],[],{"dangerousFunctions":172,"sqlUsage":178,"outputEscaping":180,"fileOperations":13,"externalRequests":84,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":217},[173],{"fn":174,"file":175,"line":176,"context":177},"unserialize","includes\\class-wpheka-info-admin-webserver.php",109,"$query = @unserialize( wp_remote_retrieve_body( wp_remote_get( 'http:\u002F\u002Fip-api.com\u002Fphp\u002F' . $ip ) ) );",{"prepared":60,"raw":13,"locations":179},[],{"escaped":181,"rawEcho":182,"locations":183},6,17,[184,188,190,192,194,196,198,200,202,204,206,207,209,210,211,213,215],{"file":185,"line":186,"context":187},"includes\\class-wpheka-info-admin-dbinfo.php",45,"raw output",{"file":185,"line":189,"context":187},49,{"file":185,"line":191,"context":187},53,{"file":185,"line":193,"context":187},57,{"file":185,"line":195,"context":187},61,{"file":185,"line":197,"context":187},65,{"file":185,"line":199,"context":187},98,{"file":185,"line":201,"context":187},101,{"file":203,"line":189,"context":187},"includes\\class-wpheka-info-admin-phpinfo.php",{"file":175,"line":205,"context":187},39,{"file":175,"line":205,"context":187},{"file":175,"line":208,"context":187},43,{"file":175,"line":146,"context":187},{"file":175,"line":155,"context":187},{"file":175,"line":212,"context":187},59,{"file":175,"line":214,"context":187},63,{"file":159,"line":216,"context":187},41,[],[219,249],{"entryPoint":220,"graph":221,"unsanitizedCount":247,"severity":248},"__construct (includes\\class-wpheka-info-admin-webserver.php:31)",{"nodes":222,"edges":242},[223,227,232,235,237,240],{"id":224,"type":225,"label":226,"file":175,"line":208},"n0","source","$_SERVER['SERVER_SOFTWARE']",{"id":228,"type":229,"label":230,"file":175,"line":208,"wp_function":231},"n1","sink","echo() [XSS]","echo",{"id":233,"type":225,"label":234,"file":175,"line":146},"n2","$_SERVER['SERVER_PORT']",{"id":236,"type":229,"label":230,"file":175,"line":146,"wp_function":231},"n3",{"id":238,"type":225,"label":239,"file":175,"line":214},"n4","$_SERVER['DOCUMENT_ROOT']",{"id":241,"type":229,"label":230,"file":175,"line":214,"wp_function":231},"n5",[243,245,246],{"from":224,"to":228,"sanitized":244},false,{"from":233,"to":236,"sanitized":244},{"from":238,"to":241,"sanitized":244},3,"medium",{"entryPoint":250,"graph":251,"unsanitizedCount":247,"severity":263},"\u003Cclass-wpheka-info-admin-webserver> (includes\\class-wpheka-info-admin-webserver.php:0)",{"nodes":252,"edges":259},[253,254,255,256,257,258],{"id":224,"type":225,"label":226,"file":175,"line":208},{"id":228,"type":229,"label":230,"file":175,"line":208,"wp_function":231},{"id":233,"type":225,"label":234,"file":175,"line":146},{"id":236,"type":229,"label":230,"file":175,"line":146,"wp_function":231},{"id":238,"type":225,"label":239,"file":175,"line":214},{"id":241,"type":229,"label":230,"file":175,"line":214,"wp_function":231},[260,261,262],{"from":224,"to":228,"sanitized":244},{"from":233,"to":236,"sanitized":244},{"from":238,"to":241,"sanitized":244},"low",{"summary":265,"deductions":266},"The wpheka-web-server-information plugin v1.7 exhibits a mixed security posture.  While the attack surface appears to be zero, and all SQL queries utilize prepared statements, several concerning code signals are present.  The use of `unserialize` without apparent sanitization or input validation is a significant risk, as it can lead to Remote Code Execution (RCE) if malicious serialized data is processed.  Furthermore, only 26% of output is properly escaped, indicating a potential for Cross-Site Scripting (XSS) vulnerabilities. The presence of two flows with unsanitized paths in the taint analysis also raises red flags, suggesting that user-supplied data might be processed in a way that could be exploited.  The plugin's vulnerability history is clean, with no known CVEs, which is a positive indicator. However, the internal code signals of concern, particularly the `unserialize` function and the taint analysis results, suggest that the plugin's security relies heavily on the assumption that its inputs are always trusted, which is rarely the case in real-world scenarios. The lack of nonce checks and capability checks on potential entry points (even if currently zero) is also a weakness that could become a vulnerability if new entry points are introduced.",[267,270,273,275,278],{"reason":268,"points":269},"Dangerous function 'unserialize' used",15,{"reason":271,"points":272},"Low percentage of properly escaped output",7,{"reason":274,"points":60},"Flows with unsanitized paths found",{"reason":276,"points":277},"No nonce checks implemented",5,{"reason":279,"points":277},"No capability checks implemented","2026-03-16T22:28:22.898Z",{"wat":282,"direct":289},{"assetPaths":283,"generatorPatterns":285,"scriptPaths":286,"versionParams":287},[284],"\u002Fwp-content\u002Fplugins\u002Fwpheka-web-server-information\u002Fassets\u002Fcss\u002Fadmin.css",[],[],[288],"wpheka-web-server-information\u002Fassets\u002Fcss\u002Fadmin.css?ver=",{"cssClasses":290,"htmlComments":291,"htmlAttributes":292,"restEndpoints":293,"jsGlobals":294,"shortcodeOutput":295},[],[],[],[],[],[]]