[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fN3Kg70YveUiCYTlO4L8HFnTGk7uGQ7WNr5fAoP2izmI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":34,"analysis":142,"fingerprints":177},"xym-price-block","XYM Price block","1.0","水野史土","https:\u002F\u002Fprofiles.wordpress.org\u002Founziw\u002F","\u003Cp>This plugin uses CoinGecko API.\u003Cbr \u002F>\nUsers can choose either XYMUSD or XYMJPY.\u003C\u002Fp>\n\u003Cp>The endpoint of CoinGecko API which this plugin uses is: https:\u002F\u002Fapi.coingecko.com\u002Fapi\u002Fv3\u002Fsimple\u002Fprice?ids=symbol&vs_currencies=jpy,usd\u003C\u002Fp>\n\u003Ch4>About CoinGecko API\u003C\u002Fh4>\n\u003Cp>This plugin uses CoinGecko API.\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.coingecko.com\u002Fen\u002Fapi\u003C\u002Fp>\n\u003Cp>It is not required to register coingecko.com, however if you use this API, it is assumed that you have agreed the terms and conditions.\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.coingecko.com\u002Fen\u002Fterms\u003C\u002Fp>\n\u003Ch4>Donation\u003C\u002Fh4>\n\u003Cp>Donations are welcome.\u003Cbr \u002F>\nYou can send XYM to NBKFNLCPQJMVCBEFU5ZA365SEDS5GYQKWXL63SI\u003C\u002Fp>\n","This plugin uses CoinGecko API.",0,759,"2021-11-03T23:24:00.000Z","5.8.13","5.7","7.0",[18,19],"blockchain","xym","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxym-price-block.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"ounziw",11,8370,86,30,84,"2026-04-04T19:08:41.305Z",[35,61,84,104,122],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":11,"last_vuln_date":60,"fetched_at":24},"likecoin","Web3Press – Migrating to 3ook.com Decentralized Bookstore","4.0.0","LikeCoin","https:\u002F\u002Fprofiles.wordpress.org\u002Flikecoin\u002F","\u003Cp>\u003Cstrong>FINAL LEGACY VERSION NOTICE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This is the \u003Cstrong>final version\u003C\u002Fstrong> of the Web3Press LikeCoin plugin before the transition to 3ook.com. Version 4.0.0 serves as a read-only legacy version.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CURRENT STATUS (v4.0.0):\u003C\u002Fstrong>\u003Cbr \u002F>\n– Plugin is in \u003Cstrong>read-only legacy mode\u003C\u002Fstrong>\u003Cbr \u002F>\n– All NFT publishing and ISCN publishing functions have been \u003Cstrong>removed\u003C\u002Fstrong>\u003Cbr \u002F>\n– This is a \u003Cstrong>maintenance version only\u003C\u002Fstrong> – no new features will be added\u003Cbr \u002F>\n– Existing content display and management features remain functional\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WHAT STILL WORKS (Legacy Features):\u003C\u002Fstrong>\u003Cbr \u002F>\n– Display control for existing LikeCoin buttons and NFT widgets\u003Cbr \u002F>\n– Update ISCN ID and Arweave ID for existing posts\u003Cbr \u002F>\n– Assign Liker ID to site or post (legacy functionality)\u003Cbr \u002F>\n– Internet Archive integration\u003Cbr \u002F>\n– Payment pointer functionality\u003C\u002Fp>\n\u003Cp>\u003Cstrong>LEGACY MAINTENANCE:\u003C\u002Fstrong>\u003Cbr \u002F>\n– All existing content and widgets remain fully functional\u003Cbr \u002F>\n– Portfolio access maintained at liker.land\u003Cbr \u002F>\n– Display settings and configurations preserved\u003Cbr \u002F>\n– No user action required for continued operation\u003C\u002Fp>\n\u003Ch4>About the Future 3ook.com Version\u003C\u002Fh4>\n\u003Cp>The next major release will be a new 3ook.com plugin with:\u003Cbr \u002F>\n– Book collection displays from 3ook.com\u003Cbr \u002F>\n– Book recommendation features\u003Cbr \u002F>\n– Enhanced discovery and community tools\u003Cbr \u002F>\n– Full EVM blockchain integration\u003C\u002Fp>\n\u003Ch4>Important Notes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>This v4.0.0 is maintenance-only\u003C\u002Fstrong> – no new blockchain publishing\u003C\u002Fli>\n\u003Cli>Existing users can continue managing current content normally\u003C\u002Fli>\n\u003Cli>Future 3ook.com features will be in a new major plugin version release\u003C\u002Fli>\n\u003Cli>No migration action required from users at this time\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribution\u003C\u002Fh3>\n\u003Cp>LikeCoin is an open-source project. You are welcome to contribute to the plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flikecoin\u002Flikecoin-wordpress\" rel=\"nofollow ugc\">Github\u003C\u002Fa> if you are a developer.\u003C\u002Fp>\n","FINAL LEGACY VERSION: Read-only maintenance version before 3ook.com transition. No new publishing features.",500,64582,100,10,"2025-09-04T10:13:00.000Z","6.8.5","5.3","5.4",[18,52,53,54,55],"books","decentralized","publishing","web3","https:\u002F\u002Fgithub.com\u002Flikecoin\u002Flikecoin-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flikecoin.4.0.0.zip",99,1,"2025-05-02 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":32,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":81,"download_link":82,"security_score":83,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"wordproof-timestamp","WordProof Timestamp","3.0.15","WordProof","https:\u002F\u002Fprofiles.wordpress.org\u002Fwordproof\u002F","\u003Ch3>WordProof: Timestamp your WordPress Content on the Blockchain\u003C\u002Fh3>\n\u003Cp>With WordProof Timestamp, you can timestamp your WordPress content on any EOSIO blockchain from the comfort of your WordPress site. No prior blockchain experience necessary. After the set-up, everything is taken care of automatically!\u003C\u002Fp>\n\u003Ch3>Why do I need to timestamp my content?\u003C\u002Fh3>\n\u003Cp>WordProof Timestamp does everything in its power to bring the benefits of blockchain to your WordPress website. Here are some reasons why you should timestamp your content:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Copyright protection\u003C\u002Fli>\n\u003Cli>Transparency: increase trust and claim authenticity\u003C\u002Fli>\n\u003Cli>Next-generation SEO benefits\u003C\u002Fli>\n\u003Cli>Proof of existence at certain moments in time\u003C\u002Fli>\n\u003Cli>Prepare for upcoming EU regulations\u003C\u002Fli>\n\u003Cli>Be your own notary\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically timestamp your content on the blockchain\u003C\u002Fli>\n\u003Cli>Show the blockchain certificate pop-up on your website\u003C\u002Fli>\n\u003Cli>Let your visitors verify when and how your content changed\u003C\u002Fli>\n\u003Cli>Downloadable blockchain certificate as proof of existence\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How does WordProof Timestamp work?\u003C\u002Fh3>\n\u003Cp>Timestamping creates a unique and universal fingerprint (the ‘hash’) for all your posts, pages and media files. If the input changes, the hash becomes totally different.\u003C\u002Fp>\n\u003Cp>This hash is added to the blockchain with a date and time. Because you (the website owner) have the input that results in this specific hash, you can prove that you published the content at that point in time.\u003C\u002Fp>\n\u003Ch3>Further Reading on WordProof, WordPress, and Blockchain\u003C\u002Fh3>\n\u003Cp>For more info on WordProof, WordPress, and Blockchain, check out the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fwordproof.io\u002F\" title=\"WordProof: The WordPress Timestamp Plugin\" rel=\"nofollow ugc\">WordProof Plugin official homepage\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmedium.com\u002Fwordproof\" title=\"WordProof: WordPress and Blockchain\" rel=\"nofollow ugc\">WordPress and Blockchain – The Manifest for a 100% Open Source Future\u003C\u002Fa> by Sebastiaan van der Lans.\u003C\u002Fli>\n\u003Cli>Join the \u003Ca href=\"https:\u002F\u002Ft.me\u002FWordProof\" rel=\"nofollow ugc\">WordProof Telegram\u003C\u002Fa> for feedback, updates and support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Special thanks to the Telos Foundation for co-funding a first version WordProof via their \u003Ca href=\"https:\u002F\u002Fmedium.com\u002Fwordproof\" title=\"Truly inclusive Open Source funding via Worker Proposal Systems.\" rel=\"nofollow ugc\">Worker Proposal System\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>From within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit ‘Plugins > Add New’\u003C\u002Fli>\n\u003Cli>Search for ‘WordProof’\u003C\u002Fli>\n\u003Cli>Activate WordProof Timestamp from your Plugins page.\u003C\u002Fli>\n\u003Cli>Go to “after activation” below.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the \u003Ccode>wordproof-timestamp\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the WordProof Timestamp plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Go to “after activation” below.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>After activation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Authenticate using your WordProof account\u003C\u002Fli>\n\u003C\u002Fol>\n","Timestamp your WordPress content on the blockchain for protection and trust. No blockchain knowledge required.",300,31648,15,"2024-05-07T11:06:00.000Z","6.5.8","5.8","7.3",[18,77,78,79,80],"eos","eosio","telos","timestamp","https:\u002F\u002Fwordproof.io\u002Fwordproof-timestamp-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordproof-timestamp.3.0.15.zip",92,{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":45,"num_ratings":59,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":20,"tags":97,"homepage":102,"download_link":103,"security_score":45,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"chainwire-integration","Chainwire Integration","1.0.27","MediaFuse","https:\u002F\u002Fprofiles.wordpress.org\u002Fmediafuse\u002F","\u003Cp>MediaFuse is an innovative newswire company helping PR and communication professionals distribute their press releases on hyper-targeted news outlets.\u003Cbr \u002F>\nChainwire is your one-stop broadcast shop for the cryptocurrency and blockchain space. Distribute your press releases automatically to the leading publications with guaranteed coverage and detailed analytics.\u003C\u002Fp>\n\u003Cp>This plugin allows you a direct integration with our platform.\u003C\u002Fp>\n\u003Cp>A few notes about this plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>After installation please go under “Settings” >> “Chainwire”\u003C\u002Fli>\n\u003Cli>On this page please provide your Secret and Token (you can generate it from your \u003Ca href=\"https:\u002F\u002Fapp.chainwire.org\u002F\" rel=\"nofollow ugc\">dashboard\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>You can also set default “Post Status” and “Categories” which be connected with articles published with Chainwire\u003C\u002Fli>\n\u003Cli>Save changes\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows to integrate your website with MediaFuse platforms.",200,5644,"2025-09-23T12:23:00.000Z","6.7.5","4.6",[18,98,99,100,101],"crypto","cryptocurrency","newswire","wire","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fchainwire-integration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchainwire-integration.1.0.27.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":45,"downloaded":112,"rating":32,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":20,"tags":117,"homepage":20,"download_link":121,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"steempress","SteemPress","2.6.3","howofr","https:\u002F\u002Fprofiles.wordpress.org\u002Fhowofr\u002F","\u003Cp>SteemPress is a WordPress plugin that connects any blog to the hive blockchain.\u003C\u002Fp>\n\u003Cp>Hive is a blockchain where content and contributions are rewarded with the crypto currency hive based on the upvotes from users. The HIVE tokens can then be traded online with 0 transaction costs and with 3 second transaction time.\u003C\u002Fp>\n\u003Cp>What benefits can a blog owner get by sharing posts on hive hive blockchain?\u003Cbr \u002F>\n    • It can help you reach new audiences as people browsing nay app or website displaying content stored on the hive blockchain can see your post.\u003Cbr \u002F>\n    • It may provide a new source of income through earning HIVE tokens.\u003Cbr \u002F>\n    • It will help store your content securely on an un-censorable blockchain.\u003C\u002Fp>\n\u003Cp>To use SteemPress you will need a hive account which can be made for free when signing up through https:\u002F\u002Fsteempress.io\u002Fsignup\u003Cbr \u002F>\nYou can also follow the value of a HIVE token here: https:\u002F\u002Fcoinmarketcap.com\u002Fcurrencies\u002Fhive\u002F\u003C\u002Fp>\n\u003Cp>If you have any questions, feel free to contact us by email on contact@steempress.io, or join our Discord channel together with many other users through https:\u002F\u002Fdiscord.gg\u002FW2KyAbm\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>• Automatic posting of articles to the Hive blockchain\n• Conversion and cleaning of text to look good on different websites\n• Automatic self-vote\n• Add an original link to your blog\n• Custom tags for each article\n• Default tags if no tags are defined for an article.\n• Optional posting\n• Bulk posting\n• Post scheduling\n• Multiple hive account support\n• Add (or not) the featured image on top of the hive post\n• Category filtering\n• Custom footer on hive\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Stores your WordPress blogs on the hive blockchain where posts are rewarded with cryptocurrency as new audiences interacts with your content",32060,20,"2020-03-30T01:56:00.000Z","5.3.21","4.7",[18,118,119,120],"hive","monetization","wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsteempress.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":45,"downloaded":130,"rating":45,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":140,"download_link":141,"security_score":45,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"wc-solana-pay","WC Solana Pay","2.12.0","aztemi","https:\u002F\u002Fprofiles.wordpress.org\u002Faztemi\u002F","\u003Cp>WC Solana Pay – Fast payment gateway powered by Solana blockchain with support for \u003Cstrong>Block\u003C\u002Fstrong> and \u003Cstrong>Classic\u003C\u002Fstrong> themes.\u003C\u002Fp>\n\u003Cp>Accept crypto payments in \u003Cstrong>SOL\u003C\u002Fstrong>, \u003Cstrong>USDT\u003C\u002Fstrong>, \u003Cstrong>USDC\u003C\u002Fstrong>, \u003Cstrong>EURC\u003C\u002Fstrong> and more via \u003Cstrong>QR Code\u003C\u002Fstrong> and through all major Solana wallets, including Phantom, Solflare and Backpack.\u003C\u002Fp>\n\u003Cp>This is a quick and easy way to add crypto and stablecoin payments to your WooCommerce store and WordPress website. Give your customers a fast, seamless crypto checkout experience and increase your conversion rate.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FArqS84jGjE0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Demo Store\u003C\u002Fh4>\n\u003Cp>Below is a live demo store. Get free tokens for testing from the \u003Ca href=\"https:\u002F\u002Fapps.aztemi.com\u002Fwc-solana-pay\u002Ffaucet\u002F\" rel=\"nofollow ugc\">Devnet Faucet\u003C\u002Fa> and try out the plugin for yourself.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsolana-pay-demo.juxdan.io\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fsolana-pay-demo.juxdan.io\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Tokens for Payments\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Solana (SOL)\u003C\u002Fli>\n\u003Cli>Tether USD Stablecoin (USDT)\u003C\u002Fli>\n\u003Cli>Circle USD Stablecoin (USDC)\u003C\u002Fli>\n\u003Cli>PayPal USD Stablecoin (PYUSD)\u003C\u002Fli>\n\u003Cli>Circle EURO Stablecoin (EURC)\u003C\u002Fli>\n\u003Cli>EUROe Stablecoin (EUROe)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Solana Pay smart button integrated with the Checkout page for express checkout without redirect\u003C\u002Fli>\n\u003Cli>Supports payments via QR Code scan and connection to browser wallets\u003C\u002Fli>\n\u003Cli>Fast transactions handling and direct payments into the Solana wallet address that you configure\u003C\u002Fli>\n\u003Cli>Compatible with Gutenberg Block and Classic themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Benefits for Merchants\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Get paid instantly for immediate cash flow. Payments go directly into your Solana wallet.\u003C\u002Fli>\n\u003Cli>No lock-ups, No redirect, No pay-later intermediaries. Transactions are settled onchain immediately.\u003C\u002Fli>\n\u003Cli>No setup fees, No monthly fees, No upsell. Only pay-as-you-go fee of 0.5% per transaction. We make money only when you do.\u003C\u002Fli>\n\u003C\u002Ful>\n","Crypto payment gateway for WooCommerce powered by Solana Pay.",5255,4,"2026-02-19T14:26:00.000Z","6.9.4","5.2","7.2",[18,98,137,138,139],"payment","solana-pay","stablecoin","https:\u002F\u002Fapps.aztemi.com\u002Fwc-solana-pay","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-solana-pay.2.12.0.zip",{"attackSurface":143,"codeSignals":161,"taintFlows":168,"riskAssessment":169,"analyzedAt":176},{"hooks":144,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":11,"unprotectedCount":11},[145,150,154],{"type":146,"name":147,"callback":148,"file":149,"line":31},"action","init","xymprice_register_block","index.php",{"type":146,"name":151,"callback":152,"file":149,"line":153},"wp_enqueue_scripts","xymprice_enqueue_scripts",43,{"type":146,"name":147,"callback":155,"file":149,"line":156},"xymprice_load_textdomain",49,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":167},[],{"prepared":11,"raw":11,"locations":164},[],{"escaped":11,"rawEcho":11,"locations":166},[],[],[],{"summary":170,"deductions":171},"The \"xym-price-block\" v1.0 plugin exhibits a strong security posture based on the provided static analysis.  There are no identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events that are exposed to attack.  Furthermore, the code signals indicate a clean codebase with no dangerous functions, all SQL queries utilizing prepared statements, and all output properly escaped.  The absence of file operations, external HTTP requests, and importantly, the lack of explicit nonce or capability checks on any potential entry points, while contributing to a minimal attack surface, also represent a potential concern if any functionalities were to be introduced without proper authorization checks. The vulnerability history is entirely clean, with no recorded CVEs, which suggests a well-maintained or relatively new plugin with no known security flaws.  This combination of a minimal attack surface and a clean history presents a positive security outlook, though the absolute absence of authorization checks on all potential interaction points warrants careful consideration for future development.\n\nWhile the current version appears secure due to its lack of exposed features, the complete absence of authorization checks (capability checks, nonce checks) across all potential entry points is a notable omission. If any new functionalities that accept user input or perform actions were to be added in future versions, this lack of built-in authorization mechanisms could become a significant vulnerability. The static analysis indicates zero flows requiring sanitation, which is excellent, but it also means that the plugin is not exercising these security checks, suggesting they might be entirely absent rather than demonstrably implemented and passed. Therefore, while the plugin is currently secure due to its limited functionality, its security relies heavily on the *absence* of exploitable features rather than demonstrated *presence* of robust security controls. The clean vulnerability history is a strong positive, but the lack of demonstrated authorization checks prevents a perfect security score.",[172,174],{"reason":173,"points":71},"No capability checks found",{"reason":175,"points":71},"No nonce checks found","2026-03-17T06:59:11.000Z",{"wat":178,"direct":187},{"assetPaths":179,"generatorPatterns":182,"scriptPaths":183,"versionParams":184},[180,181],"\u002Fwp-content\u002Fplugins\u002Fxym-price-block\u002Fbuild\u002Findex.js","\u002Fwp-content\u002Fplugins\u002Fxym-price-block\u002Fjs\u002Fxymprice.js",[],[180],[185,186],"xym-price-block\u002Fbuild\u002Findex.js?ver=","xym-price-block\u002Fjs\u002Fxymprice.js?ver=",{"cssClasses":188,"htmlComments":189,"htmlAttributes":190,"restEndpoints":191,"jsGlobals":192,"shortcodeOutput":193},[],[],[],[],[],[]]