WP Beacon

10Web

@10web · wordpress.org profile ↗
Member since
2018-01-25
Location
Employer
Job title
Authored
30 (22 closed)
SVN commit access
6
Readme contributor
0
Combined install base
345k+ across 30 plugins

Alerts (0)

No open alerts.

Show 5 resolved alerts
Critical code_scan_delta Slider by 10Web – Responsive Image Slider Resolved · false_positive_cdn_known_good 2d ago
Slugslider-wd
Previous version1.2.62
Current version1.2.62
New findings
PatternKindFileLineSnippetConfidenceDetails
remote_enqueuebuiltinslider-wd.php886wp_register_script($this->prefix . '_youtube', 'https://www.youtube.com/iframe_api');medium
Url
https://www.youtube.com/iframe_api
Url host
www.youtube.com
New finding count1
Serial offender noteSeverity bumped high→critical: author 10web has 6 prior security-issue closures on wp.org.
View raw JSON
{
    "slug": "slider-wd",
    "previous_version": "1.2.62",
    "current_version": "1.2.62",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "slider-wd.php",
            "line": 886,
            "snippet": "wp_register_script($this->prefix . '_youtube', 'https://www.youtube.com/iframe_api');",
            "confidence": "medium",
            "details": {
                "url": "https://www.youtube.com/iframe_api",
                "url_host": "www.youtube.com"
            }
        }
    ],
    "new_finding_count": 1,
    "serial_offender_note": "Severity bumped high\u2192critical: author 10web has 6 prior security-issue closures on wp.org."
}
Critical code_scan_delta Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder Resolved · false_positive_cdn_known_good 2d ago
Slugform-maker
Previous version1.15.42
Current version1.15.43
New findings
PatternKindFileLineSnippetConfidenceDetails
remote_enqueuebuiltinform-maker.php1,161wp_register_script($this->handle_prefix . '-g-recaptcha', 'https://www.google.com/recaptcha/api.js?hl='.$lng.'&onload=fmRecaptchaInit&render=explicit');medium
Url
https://www.google.com/recaptcha/api.js?hl=
Url host
www.google.com
remote_enqueuebuiltinform-maker.php1,163wp_register_script($this->handle_prefix . '-g-recaptcha-v3', 'https://www.google.com/recaptcha/api.js?hl='.$lng.'&onload=fmRecaptchaInit&render=' . $fm_settings['public_key']);medium
Url
https://www.google.com/recaptcha/api.js?hl=
Url host
www.google.com
New finding count2
Serial offender noteSeverity bumped high→critical: author 10web has 6 prior security-issue closures on wp.org.
View raw JSON
{
    "slug": "form-maker",
    "previous_version": "1.15.42",
    "current_version": "1.15.43",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "form-maker.php",
            "line": 1161,
            "snippet": "wp_register_script($this->handle_prefix . '-g-recaptcha', 'https://www.google.com/recaptcha/api.js?hl='.$lng.'&onload=fmRecaptchaInit&render=explicit');",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js?hl=",
                "url_host": "www.google.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "form-maker.php",
            "line": 1163,
            "snippet": "wp_register_script($this->handle_prefix . '-g-recaptcha-v3', 'https://www.google.com/recaptcha/api.js?hl='.$lng.'&onload=fmRecaptchaInit&render=' . $fm_settings['public_key']);",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js?hl=",
                "url_host": "www.google.com"
            }
        }
    ],
    "new_finding_count": 2,
    "serial_offender_note": "Severity bumped high\u2192critical: author 10web has 6 prior security-issue closures on wp.org."
}
Critical code_scan_delta Photo Gallery by 10Web – Mobile-Friendly Image Gallery Resolved · false_positive_cdn_known_good 3d ago
Slugphoto-gallery
Previous version1.8.39
Current version1.8.40
New findings
PatternKindFileLineSnippetConfidenceDetails
remote_enqueuebuiltinfrontend/views/view.php17wp_register_script( 'instagram-embed', 'https://www.instagram.com/embed.js' );medium
Url
https://www.instagram.com/embed.js
Url host
www.instagram.com
New finding count1
Serial offender noteSeverity bumped high→critical: author 10web has 6 prior security-issue closures on wp.org.
View raw JSON
{
    "slug": "photo-gallery",
    "previous_version": "1.8.39",
    "current_version": "1.8.40",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "frontend/views/view.php",
            "line": 17,
            "snippet": "wp_register_script( 'instagram-embed', 'https://www.instagram.com/embed.js' );",
            "confidence": "medium",
            "details": {
                "url": "https://www.instagram.com/embed.js",
                "url_host": "www.instagram.com"
            }
        }
    ],
    "new_finding_count": 1,
    "serial_offender_note": "Severity bumped high\u2192critical: author 10web has 6 prior security-issue closures on wp.org."
}
Critical code_pattern Photo Gallery by 10Web – Mobile-Friendly Image Gallery Resolved · no_longer_matches 7d ago
Slugphoto-gallery
Patternunserialize_after_remote_call
Kindbuiltin
Version1.8.39
Hit count1
First hit
File
wd/includes/overview.php
Line
44
Snippet
L41: $request = wp_remote_get(" http://api.wordpress.org/plugins/info/1.0/" . $plugin_wp_sl → L44: $body = unserialize($request['body']);
Explanationa remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak.
View raw JSON
{
    "slug": "photo-gallery",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "1.8.39",
    "hit_count": 1,
    "first_hit": {
        "file": "wd/includes/overview.php",
        "line": 44,
        "snippet": "L41: $request = wp_remote_get(\" http://api.wordpress.org/plugins/info/1.0/\" . $plugin_wp_sl  \u2192  L44: $body = unserialize($request['body']);"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak."
}
Critical code_scan_delta Photo Gallery by 10Web – Mobile-Friendly Image Gallery Resolved · fp_wporg_official_api 7d ago
Slugphoto-gallery
Previous version1.8.39
Current version1.8.39
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltinwd/includes/overview.php44L41: $request = wp_remote_get(" http://api.wordpress.org/plugins/info/1.0/" . $plugin_wp_sl → L44: $body = unserialize($request['body']);high
New finding count1
View raw JSON
{
    "slug": "photo-gallery",
    "previous_version": "1.8.39",
    "current_version": "1.8.39",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "wd/includes/overview.php",
            "line": 44,
            "snippet": "L41: $request = wp_remote_get(\" http://api.wordpress.org/plugins/info/1.0/\" . $plugin_wp_sl  \u2192  L44: $body = unserialize($request['body']);",
            "confidence": "high"
        }
    ],
    "new_finding_count": 1
}

Plugins authored (30)

Plugin Version Installs Last updated Status
Photo Gallery by 10Web – Mobile-Friendly Image Gallery ·photo-gallery 1.8.40 200k+ 3d ago Active
10Web Booster – Website speed optimization, Cache & Page Speed optimizer ·tenweb-speed-optimizer 2.32.21 80k+ 5d ago Active
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder ·form-maker 1.15.43 30k+ 3d ago Active
Slider by 10Web – Responsive Image Slider ·slider-wd 1.2.62 20k+ 1y ago Active
10WebSocial ·wd-instagram-feed 1.4.35 10k+ 3y ago Active
Image Optimizer by 10web – Image Optimizer and Compression plugin ·image-optimizer-wd 6.0.67 4k+ 1y ago Active
Z ·zoom-widget 1.2.8 600 6y ago Active
Import to Photo Gallery from NextGen gallery ·import-to-photo-gallery-from-nextgen-gallery 1.0.5 500 7y ago Active
10Web Social Post Feed ·wd-facebook-feed 1.2.9 Closed
10WebAnalytics ·wd-google-analytics 1.2.12 Closed
WD WidgetTwitter ·widget-twitter 1.0.9 Closed
10Web Map Builder for Google Maps ·wd-google-maps 1.0.74 Closed
10Web Forms for MailChimp ·wd-mailchimp 1.1.4 Closed
10Web AI Assistant – AI content writing assistant ·ai-assistant-by-10web 1.0.19 Closed
AI Assistant by 10Web – SEO Pack ·ai-assistant-by-10web-seo-pack 1.0.5 Closed
10WebPlayer ·wd-youtube 1.0.36 Closed
SpiderContacts ·spider-contacts 1.1.7 Closed
SpiderCalendar ·spider-event-calendar 1.5.65 Closed
Ecommerce by 10Web – eCommerce shopping cart plugin ·ecommerce-wd 1.2.17 Closed
WDSocialWidgets ·spider-facebook 1.0.15 Closed
SpiderFAQ ·spider-faq 1.3.2 Closed
SpiderVPlayer ·player 1.5.22 Closed
EventCalendar ·event-calendar-wd 1.1.55 Closed
RPost ·spider-random-post 1.0.4 Closed
TeamBy10Web ·staff-team 1.1.7 Closed
10WebPostSlider ·post-slider-wd 1.0.60 Closed
SEO by 10Web ·seo-by-10web 1.2.9 Closed
10WebFAQ ·faq-wd 1.0.41 Closed
WDContactFormBuilder ·contact-form-builder 1.0.72 Closed
Contact Form by WD – responsive drag & drop contact form builder tool ·contact-form-maker 1.13.23 Closed

SVN commit access (6)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
10Web Booster – Website speed optimization, Cache & Page Speed optimizer 10web 80k+ 131 3y ago 1y ago Active
10WebSocial 10web 10k+ 99 6y ago 3y ago Active
Slider by 10Web – Responsive Image Slider 10web 20k+ 82 6y ago 1y ago Active
Image Optimizer by 10web – Image Optimizer and Compression plugin 10web 4k+ 24 5y ago 2y ago Active
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder 10web 30k+ 3 6y ago 3d ago Active
Photo Gallery by 10Web – Mobile-Friendly Image Gallery 10web 200k+ 2 6y ago 3d ago Active