[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faG_rTcGPFeoDUzIlKrPt1flPayHHCSn0tHxmC7MOPDc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":32,"analysis":33,"fingerprints":68},"wpmanager","WP Manager","1.1.3","mlazarov","https:\u002F\u002Fprofiles.wordpress.org\u002Fmlazarov\u002F","\u003Cp>WP Manager extends basic functionality of Wordress XMLRPC protocol for better experience on \u003Ca href=\"http:\u002F\u002Fwpmanager.biz\" rel=\"nofollow ugc\">wpmanager.biz\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To use this plugin you have to create account at \u003Ca href=\"http:\u002F\u002Fwpmanager.biz\" rel=\"nofollow ugc\">wpmanager.biz\u003C\u002Fa> and add your blog.\u003C\u002Fp>\n\u003Cp>With WP Manager you can manage your blogs from one place without need to walk to all your blogs to check for updates.\u003C\u002Fp>\n\u003Ch4>WP Manager features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Watch all your blogs for updates\u003C\u002Fli>\n\u003Cli>Update Core\u003C\u002Fli>\n\u003Cli>Update plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Soon you will also have\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Update themes\u003C\u002Fli>\n\u003Cli>many other cool features\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Manager allows you to manage all your blogs from one place - wpmanager.biz",80,5972,0,"2013-12-30T12:04:00.000Z","3.4.2","3.4","",[19],"wordpress-remote-management","http:\u002F\u002Fmarto.lazarov.org\u002Fplugins\u002Fwpmanager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpmanager.1.1.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},10,1630,30,84,"2026-04-04T04:14:42.177Z",[],{"attackSurface":34,"codeSignals":51,"taintFlows":60,"riskAssessment":61,"analyzedAt":67},{"hooks":35,"ajaxHandlers":47,"restRoutes":48,"shortcodes":49,"cronEvents":50,"entryPointCount":13,"unprotectedCount":13},[36,42],{"type":37,"name":38,"callback":39,"file":40,"line":41},"filter","wp_xmlrpc_server_class","define_wpmanager_xmlrpc_class","wpmanager.php",323,{"type":43,"name":44,"callback":45,"file":40,"line":46},"action","xmlrpc_blog_options","wpmanager_blog_options",336,[],[],[],[],{"dangerousFunctions":52,"sqlUsage":53,"outputEscaping":55,"fileOperations":57,"externalRequests":13,"nonceChecks":13,"capabilityChecks":58,"bundledLibraries":59},[],{"prepared":13,"raw":13,"locations":54},[],{"escaped":13,"rawEcho":13,"locations":56},[],2,7,[],[],{"summary":62,"deductions":63},"The wpmanager plugin version 1.1.3 demonstrates a strong security posture based on the provided static analysis.  There are no identified dangerous functions, all SQL queries utilize prepared statements, and all output is properly escaped. The absence of external HTTP requests and the presence of capability checks further contribute to a secure design.  The plugin also boasts a clean vulnerability history with zero recorded CVEs, indicating a consistent commitment to security by its developers.\n\nDespite the excellent security practices observed, a notable area for improvement lies in the lack of observed nonce checks (0 nonces detected). While there are no unprotected entry points currently identified, the absence of nonces on any potential future entry points could introduce vulnerabilities if new AJAX handlers, REST API routes, or other interactive elements are added without proper authorization checks. The presence of file operations also warrants attention; while not flagged as malicious, understanding the context and purpose of these operations is crucial for a complete security assessment.\n\nIn conclusion, wpmanager v1.1.3 appears to be a secure plugin with excellent coding practices. The absence of known vulnerabilities and the robust use of prepared statements and output escaping are commendable. However, the complete lack of nonce checks is a potential weakness that should be addressed to further harden the plugin against potential future threats.",[64],{"reason":65,"points":66},"Missing nonce checks",5,"2026-03-16T21:27:47.095Z",{"wat":69,"direct":74},{"assetPaths":70,"generatorPatterns":71,"scriptPaths":72,"versionParams":73},[],[],[],[],{"cssClasses":75,"htmlComments":76,"htmlAttributes":77,"restEndpoints":78,"jsGlobals":79,"shortcodeOutput":80},[],[],[],[],[],[]]