[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fiYB2WRZxv13CvfAv8V8TcPF5WEk1WycfWuWABPGO8yU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":136,"fingerprints":258},"wpneon-gocodes","WPNeon GoCodes 2","1.0","WPDean","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdean-1\u002F","\u003Cp>Have you ever had to give someone a shortened version of a URL? Maybe you’re a podcaster, and you can’t say “visit mydomain.com\u002F2008\u002F01\u002F03\u002Fmy-post-with-a-long-url\u002F for more info.”\u003Cbr \u002F>\nWouldn’t it be useful if you could just say “go to mydomain.com\u002Fgo\u002Fmycoolpost\u002F ?” Sure, you \u003Cem>could\u003C\u002Fem> use a service like tinyurl.com, but that’s still not too great if you need the URL for a podcast. It’s still awkward to read-out “tinyurl.com\u002F27asr9,” isn’t it? It’s less professional too.\u003Cbr \u002F>\nGoCodes let’s you create shortcut URLs to anywhere on the internet, right from your WordPress Admin.\u003Cbr \u002F>\nThe plugin is also useful for masking affiliate program URLs.\u003C\u002Fp>\n\u003Ch3>Upgrading\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate plugin\u003C\u002Fli>\n\u003Cli>Upload updated files\u003C\u002Fli>\n\u003Cli>Reactivate plugin\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Origin\u003C\u002Fh3>\n\u003Cp>We are proud that original base of this plugin is a fork of GoCodes by redwall_hp (Not available for download and Supported currently).\u003Cbr \u002F>\nWe worked on the plugin before before releasing it is “WPNeon GoCodes2”, stripped down some code to make it a simple & lightweight.\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Ch4>WP Super Cache\u003C\u002Fh4>\n\u003Cp>There seems to be a conflict with the WP Super Cache plugin where a redirect will only work once before the cache is cleared. There are a couple of workarounds:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Add “index.php” on a new line in the “Rejected URLs” field of the WP Super Cache options page. yourdomain.com\u002F will be cached still, but \u002Findex.php won’t.\u003C\u002Fli>\n\u003Cli>Frederick of frederickding.com put together another method. Add this line to your .htaccess file above the WP Super Cache line: “RewriteCond %{QUERY_STRING} !.\u003Cem>gocode=.\u003C\u002Fem>” It should look something like this:\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>RewriteCond %{QUERY_STRING} !.\u003Cem>gocode=.\u003C\u002Fem>\u003Cbr \u002F>\nRewriteRule ^(.*) \u002Fwp-content\u002Fcache\u002Fsupercache\u002F%{HTTP_HOST}\u002F$1\u002Findex.html [L]\u003C\u002Fp>\n","Based on the original GoCodes plugin, \"WPNeon GoCodes 2\" is a revamnped URL redirection\u002Fshortener plugin. Great for podcasting and redirecti &hellip;",60,2027,0,"2018-11-09T08:39:00.000Z","4.9.29","4.9","5.2.4",[19,20,21,22,23],"301","redirection","tinyurl","url","url-shortener","http:\u002F\u002Fwpneon.com\u002Fgocodes-wordpress-redirection-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpneon-gocodes.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"wpdean-1",1,30,84,"2026-04-05T09:11:59.226Z",[37,58,77,96,114],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"speedy-page-redirect","Speedy Page Redirect","0.4.1","Geert De Deckere","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeertdd\u002F","\u003Cp>This lightweight plugin adds a meta box to your page and post screens. You can enter a new destination URL to which the page will be redirected.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choose between permanent (301) and temporary (302) redirects.\u003C\u002Fli>\n\u003Cli>Support for custom post types out of the box.\u003C\u002Fli>\n\u003Cli>Filters for customizing some settings.\u003C\u002Fli>\n\u003Cli>Compatible with WP Multisite.\u003C\u002Fli>\n\u003Cli>Fully translatable. Included languages: English, Dutch.\u003C\u002Fli>\n\u003C\u002Ful>\n","Redirect pages and posts to other locations.",1000,47628,100,9,"2017-11-28T17:24:00.000Z","3.6.1","3.0","",[19,54,55,20,22],"forward","redirect","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fspeedy-page-redirect\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspeedy-page-redirect.0.4.1.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":13,"num_ratings":13,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":75,"download_link":76,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"nomore404-404-redirection-and-firewall","Nomore404 404 Redirection and Firewall","2.1","devoutpro","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevoutpro\u002F","\u003Cp>NoMore404 is a free WordPress plugin for redirection of 404 pages and simple firewall to block malicious hosts and URLs.\u003Cbr \u002F>\nAll redirections are done via 301 redirection.\u003Cbr \u002F>\nYou can mark any hosts and URLs to be blocked as malicious as well.\u003C\u002Fp>\n","NoMore404 is a free WordPress plugin for redirection of 404 pages and simple firewall to block malicious hosts and URLs.",10,1344,"2021-02-25T02:21:00.000Z","5.5.18","4.0","5.3",[19,73,20,74,22],"404","uri","https:\u002F\u002Fdevoutpro.com\u002Fnomore404","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnomore404-404-redirection-and-firewall.2.1.zip",{"slug":78,"name":79,"version":6,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":13,"downloaded":84,"rating":13,"num_ratings":13,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":93,"download_link":94,"security_score":95,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"advanced-redirection-tool","Advanced Redirection Tool","Tayyab Hassan","https:\u002F\u002Fprofiles.wordpress.org\u002Ftayyabhassan04\u002F","\u003Cp>Advanced Redirection Tool is a lightweight plugin designed to help you manage URL redirections easily. This plugin is perfect for improving SEO, handling broken links, and managing URL changes.\u003C\u002Fp>\n\u003Cp>Features in Version 1.0:\u003Cbr \u002F>\n– Add new URL redirections.\u003Cbr \u002F>\n– Edit and delete existing redirections.\u003Cbr \u002F>\n– Automatically redirect users to the target URLs.\u003Cbr \u002F>\n– Simple and user-friendly interface.\u003C\u002Fp>\n\u003Cp>Use Cases:\u003Cbr \u002F>\n– Redirect outdated or broken URLs to new ones.\u003Cbr \u002F>\n– Manage URL changes during website migration or redesign.\u003Cbr \u002F>\n– Avoid 404 errors to maintain user experience and SEO ranking.\u003C\u002Fp>\n\u003Cp>Why Choose Advanced Redirection Tool?\u003Cbr \u002F>\n– Simplifies redirection management.\u003Cbr \u002F>\n– Provides an intuitive dashboard for quick actions.\u003Cbr \u002F>\n– Optimized for performance and ease of use.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">LICENSE\u003C\u002Fa> for more details.\u003C\u002Fp>\n","A simple and efficient WordPress plugin to manage URL redirections for your website. Add, edit, delete, and bulk upload redirections with ease.",663,"2025-01-13T10:50:00.000Z","6.7.5","5.0","7.2",[90,91,20,92],"301-redirect","redirect-manager","url-redirect","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-redirection-tool","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-redirection-tool.1.0.zip",92,{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":13,"downloaded":104,"rating":13,"num_ratings":13,"last_updated":105,"tested_up_to":106,"requires_at_least":87,"requires_php":107,"tags":108,"homepage":112,"download_link":113,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"url-shortener-by-melk","URL Shortener by Melk","1.0.0","melksedeque","https:\u002F\u002Fprofiles.wordpress.org\u002Fmelksedeque\u002F","\u003Cp>\u003Cstrong>URL Shortener by Melk\u003C\u002Fstrong> is a lightweight and efficient WordPress plugin that allows you to automatically generate short URLs for your posts, pages, categories, tags, and Custom Post Types. Ideal for sharing on social media and marketing materials.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Generation:\u003C\u002Fstrong> Automatically creates short URLs when publishing new posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Support:\u003C\u002Fstrong> Works with Posts, Pages, Categories, Tags, and Custom Post Types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick Copy:\u003C\u002Fstrong> “Copy” button directly in the post\u002Fterm listing in the admin panel.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Generation:\u003C\u002Fstrong> Tool to generate short URLs for old content with one click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance:\u003C\u002Fstrong> Fast redirection using native WordPress rewrite rules (no heavy queries).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure:\u003C\u002Fstrong> Validated and secure code, following WordPress best practices.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developer Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Namespace: \u003Ccode>Melk\\\\UrlShortenerByMelk\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Unique prefix: all functions, options, meta keys and hooks use the \u003Ccode>urlshbym_\u003C\u002Fcode> prefix, following the WordPress Plugin Handbook recommendations to avoid naming collisions.\u003C\u002Fli>\n\u003Cli>Options stored in the database:\n\u003Cul>\n\u003Cli>\u003Ccode>urlshbym_enabled_post_types\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>urlshbym_enabled_taxonomies\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Meta keys:\n\u003Cul>\n\u003Cli>\u003Ccode>_urlshbym_short_code\u003C\u002Fcode> on posts\u003C\u002Fli>\n\u003Cli>\u003Ccode>_urlshbym_short_code\u003C\u002Fcode> on terms (taxonomies)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Database table: \u003Ccode>{$wpdb->prefix}urlshbym_short_urls\u003C\u002Fcode> is created on activation to store the mapping between short codes and objects.\u003C\u002Fli>\n\u003Cli>Main hook:\n\u003Cul>\n\u003Cli>\u003Ccode>urlshbym_short_url_clicked\u003C\u002Fcode> — fired whenever a short URL is accessed, receiving the short code and the internal record ID.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Rewrite rules: short URLs are handled through a rewrite rule that maps patterns like \u003Ccode>\u002Fabc12\u003C\u002Fcode> to \u003Ccode>index.php?urlshbym_short=abc12\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Create short URLs for your WordPress posts, pages, categories, tags, and custom post types automatically.",91,"2026-01-26T16:37:00.000Z","6.9.4","7.4",[109,20,110,111,23],"permalink","seo","shortlink","https:\u002F\u002Fgithub.com\u002FMelksedeque\u002Fplugin-url-shortener-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Furl-shortener-by-melk.1.0.0.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":106,"requires_at_least":70,"requires_php":127,"tags":128,"homepage":131,"download_link":132,"security_score":133,"vuln_count":134,"unpatched_count":13,"last_vuln_date":135,"fetched_at":28},"eps-301-redirects","301 Redirects – Redirect Manager","2.83","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwp301redirects.com\u002F?ref=wporg\" rel=\"nofollow ugc\">301 Redirects\u003C\u002Fa> helps you manage and create 301, 302, 307 redirects for WordPress site to \u003Cstrong>improve SEO & visitor experience\u003C\u002Fstrong>. 301 Redirects is easy to use. Perfect for new sites or repairing links after reorganizing your old content, or when your site has content that expires and you wish to avoid sending visitors to a 404 error page and want to create redirection instead. Use the 404 error log to identify problematic links & create new redirections.\u003C\u002Fp>\n\u003Cp>301 Redirects GUI is located in WP Admin – Settings – 301 Redirects\u003Cbr \u002F>\n404 Error Log widget can be found in the WP Admin – Dashboard\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Choose from Pages, Posts, Custom Post types, Archives, and Term Archives from dropdown menu to create redirection\u003C\u002Fli>\n\u003Cli>Or, set a custom destination URL!\u003C\u002Fli>\n\u003Cli>Retain query strings across redirects\u003C\u002Fli>\n\u003Cli>Super-fast redirection\u003C\u002Fli>\n\u003Cli>404 error log\u003C\u002Fli>\n\u003Cli>404 error log widget\u003C\u002Fli>\n\u003Cli>Import\u002FExport feature for bulk redirects management\u003C\u002Fli>\n\u003Cli>Simple redirect stats so you know how much a redirection is used\u003C\u002Fli>\n\u003Cli>Fully compatible with translation plugins (Weglot, TranslatePress, Gtranslate, Loco Translate) that use lang prefix in URL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Need more features?\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwp301redirects.com\u002F?ref=wporg\" rel=\"nofollow ugc\">WP 301 Redirects PRO\u003C\u002Fa> offers wildcard & regular expression URL matching, auto-typo fixing in URLs, complete redirect and 404 log, link scanner, and a centralized SaaS dashboard to monitor redirects on all your sites from one place.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What is a 301 Redirect?\u003C\u002Fstrong>\u003Cbr \u002F>\nA redirect is a simple way to re-route traffic coming to a \u003Cem>Requested URL\u003C\u002Fem> to different \u003Cem>Destination URL\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>A 301 redirect indicates that the page requested has been permanently moved to the \u003Cem>Destination URL\u003C\u002Fem>, and helps pass on the \u003Cem>Requested URLs\u003C\u002Fem> traffic in a search engine friendly manner. Creating a 301 redirect tells search engines that the \u003Cem>Requested URL\u003C\u002Fem>  has moved permanently, and that the content can now be found on the \u003Cem>Destination URL\u003C\u002Fem>. An important feature is that search engines will pass along any clout the \u003Cem>Requested URL\u003C\u002Fem> used to have to the \u003Cem>Destination URL\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F70Yn_lO_8BA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>When Should I use 301 Redirects?\u003C\u002Fstrong>\u003Cbr \u002F>\n* Replacing an old site design with a new site design\u003Cbr \u002F>\n* Overhauling or re-organizing your existing WordPress content\u003Cbr \u002F>\n* You have content that expires (or is otherwise no longer available) and you wish to redirect users elsewhere\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Is the 404 error log GDPR friendly?\u003C\u002Fstrong>\u003Cbr \u002F>\nThe 404 error log does not collect user IPs. It collects the following data: timestamp of the event, the (404) URL that was opened, and the user-agent string.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Having problems with SSL? Moving a site from HTTP to HTTPS?\u003C\u002Fstrong>\u003Cbr \u002F>\nInstall our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-ssl\u002F\" rel=\"ugc\">WP Force SSL\u003C\u002Fa> plugin. It’s a great way to enable SSL and fix SSL problems.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>External libraries used in the project\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdonatj\u002FPhpUserAgent\" rel=\"nofollow ugc\">PHP User Agent Parser\u003C\u002Fa>\u003C\u002Fp>\n","Manage 301 & 302 redirects. Simple redirection & redirects validation. Includes redirect stats & 404 error log.",300000,3616494,94,575,"2026-01-09T19:14:00.000Z","5.2",[90,129,55,20,130],"404-error-log","redirects","https:\u002F\u002Fwp301redirects.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feps-301-redirects.2.83.zip",98,3,"2023-03-08 00:00:00",{"attackSurface":137,"codeSignals":166,"taintFlows":196,"riskAssessment":243,"analyzedAt":257},{"hooks":138,"ajaxHandlers":162,"restRoutes":163,"shortcodes":164,"cronEvents":165,"entryPointCount":13,"unprotectedCount":13},[139,145,149,154,158],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","init","wsc_gocodes_query","gocodes2.php",24,{"type":140,"name":146,"callback":147,"file":143,"line":148},"admin_menu","wsc_gocodes_add_pages",25,{"type":150,"name":151,"callback":152,"file":143,"line":153},"filter","favorite_actions","wsc_gocodes_add_menu_favorite",106,{"type":140,"name":141,"callback":155,"file":156,"line":157},"wsc_gocodes_admin_script","menus.php",302,{"type":140,"name":159,"callback":160,"file":156,"line":161},"wp_head","wsc_gocodes_admin_style",303,[],[],[],[],{"dangerousFunctions":167,"sqlUsage":168,"outputEscaping":181,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":195},[],{"prepared":169,"raw":134,"locations":170},4,[171,174,178],{"file":143,"line":172,"context":173},53,"$wpdb->get_row() with variable interpolation",{"file":175,"line":176,"context":177},"installer.php",17,"$wpdb->get_var() with variable interpolation",{"file":156,"line":179,"context":180},187,"$wpdb->get_results() with variable interpolation",{"escaped":148,"rawEcho":182,"locations":183},5,[184,187,189,191,193],{"file":156,"line":185,"context":186},50,"raw output",{"file":156,"line":188,"context":186},112,{"file":156,"line":190,"context":186},194,{"file":156,"line":192,"context":186},223,{"file":156,"line":194,"context":186},307,[],[197,216,230],{"entryPoint":198,"graph":199,"unsanitizedCount":214,"severity":215},"wsc_gocodes_managemenu (menus.php:8)",{"nodes":200,"edges":211},[201,206],{"id":202,"type":203,"label":204,"file":156,"line":205},"n0","source","$_GET (x2)",49,{"id":207,"type":208,"label":209,"file":156,"line":185,"wp_function":210},"n1","sink","echo() [XSS]","echo",[212],{"from":202,"to":207,"sanitized":213},false,2,"medium",{"entryPoint":217,"graph":218,"unsanitizedCount":214,"severity":229},"wsc_gocodes_optionsmenu (menus.php:245)",{"nodes":219,"edges":227},[220,223],{"id":202,"type":203,"label":221,"file":156,"line":222},"$_POST (x2)",249,{"id":207,"type":208,"label":224,"file":156,"line":225,"wp_function":226},"update_option() [Settings Manipulation]",256,"update_option",[228],{"from":202,"to":207,"sanitized":213},"low",{"entryPoint":231,"graph":232,"unsanitizedCount":169,"severity":229},"\u003Cmenus> (menus.php:0)",{"nodes":233,"edges":240},[234,235,236,238],{"id":202,"type":203,"label":204,"file":156,"line":205},{"id":207,"type":208,"label":209,"file":156,"line":185,"wp_function":210},{"id":237,"type":203,"label":221,"file":156,"line":222},"n2",{"id":239,"type":208,"label":224,"file":156,"line":225,"wp_function":226},"n3",[241,242],{"from":202,"to":207,"sanitized":213},{"from":237,"to":239,"sanitized":213},{"summary":244,"deductions":245},"The wpneon-gocodes v1.0 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of exposed AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface.  Furthermore, the code demonstrates good practices by not utilizing dangerous functions, performing file operations, or making external HTTP requests.  The SQL query usage, with 57% employing prepared statements, is a reasonable starting point, and the high rate of output escaping (83%) is commendable.\n\nHowever, there are notable concerns. The taint analysis reveals that all three analyzed flows have unsanitized paths, and while they are not classified as critical or high severity, this warrants attention as it indicates potential vulnerabilities if malicious input were to be processed. The complete lack of nonce checks and capability checks across all entry points (even though the attack surface is currently zero) is a significant weakness that could be exploited if new entry points are introduced or if existing ones are not properly secured.\n\nThe vulnerability history is clean, with no recorded CVEs, which is a positive indicator of past development quality.  However, the absence of a vulnerability history does not guarantee future security. The plugin's strengths lie in its limited attack surface and decent output escaping. Its weaknesses are primarily the potential for unsanitized input processing indicated by the taint analysis and the critical absence of nonces and capability checks for future extensibility.",[246,248,251,253,255],{"reason":247,"points":66},"Taint flows with unsanitized paths (3\u002F3)",{"reason":249,"points":250},"No nonce checks found",15,{"reason":252,"points":250},"No capability checks found",{"reason":254,"points":134},"Some SQL queries not using prepared statements (43%)",{"reason":256,"points":214},"Some output not properly escaped (17%)","2026-03-16T21:48:08.000Z",{"wat":259,"direct":264},{"assetPaths":260,"generatorPatterns":261,"scriptPaths":262,"versionParams":263},[],[],[],[],{"cssClasses":265,"htmlComments":266,"htmlAttributes":267,"restEndpoints":268,"jsGlobals":269,"shortcodeOutput":270},[],[],[],[],[],[]]