Spencer Haws

@linkwhspr · wordpress.org profile ↗

Member since: 2019-12-16
Location: —
Employer: —
Job title: —
Authored: 1
SVN commit access: 1
Readme contributor: 0
Combined install base: 30k+ across 1 plugins

Alerts (0)

No open alerts.

Show 3 resolved alerts

High code_scan_delta Link Whisper Free Resolved · fp_remote_enqueue_legit_sdk_cdn_or_own_domain 6d ago

Slug link-whisper

Previous version 0.9.4

Current version 0.9.5

New findings

Pattern	Kind	File	Line	Snippet	Confidence	Details
`base64_decode`	`builtin`	`core/Wpil/Editor/Oxygen.php`	110	`$content .= base64_decode($args->original->$key) . "\n";`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/ClickTracker.php`	268	`$url = esc_url_raw(base64_decode($_POST['url']));`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/Error.php`	1,333	$anchor = (isset($_POST['anchor']) && !empty($_POST['anchor'])) ? wp_kses(base64_decode($_POST['anchor']), 'post') : '';	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/Error.php`	1,365	$anchor = (isset($_POST['anchor']) && !empty($_POST['anchor'])) ? wp_kses(base64_decode($_POST['anchor']), 'post') : '';	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/Report.php`	2,211	`$decoded_url = base64_decode(urldecode(wp_unslash($_GET['ret_url'])), true);`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/Settings.php`	3,327	$ignore_words = sanitize_textarea_field(stripslashes(trim(base64_decode($_POST['ignore_words']))));	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/Toolbox.php`	111	`$raw_value = base64_decode($raw_value, true);`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/Toolbox.php`	508	`$data = base64_decode($data);`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/Toolbox.php`	570	`$data = base64_decode($data);`	`medium`	—
`remote_enqueue`	`builtin`	`core/Wpil/Base.php`	851	`wp_enqueue_script('stripe-js', 'https://js.stripe.com/v3/', [], null, true);`	`medium`	Url https://js.stripe.com/v3/ Url host `js.stripe.com`
`remote_enqueue`	`builtin`	`core/Wpil/Base.php`	872	`wp_enqueue_script('stripe-js', 'https://js.stripe.com/v3/', [], null, true);`	`medium`	Url https://js.stripe.com/v3/ Url host `js.stripe.com`
`base64_decode`	`builtin`	`core/Wpil/LinkMapping.php`	408	`$context = base64_decode($dat->context);`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/LinkMapping.php`	409	`$sentence = strip_tags(base64_decode($dat->context));`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/TargetKeyword.php`	1,623	`$keyword_data = unserialize(gzinflate(base64_decode($keyword_data)));`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/TargetKeyword.php`	1,816	`$keyword_data = unserialize(gzinflate(base64_decode($keyword_data)));`	`medium`	—

New finding count 33

View raw JSON

{
    "slug": "link-whisper",
    "previous_version": "0.9.4",
    "current_version": "0.9.5",
    "new_findings": [
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Editor/Oxygen.php",
            "line": 110,
            "snippet": "$content .= base64_decode($args->original->$key) . \"\\n\";",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/ClickTracker.php",
            "line": 268,
            "snippet": "$url = esc_url_raw(base64_decode($_POST['url']));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Error.php",
            "line": 1333,
            "snippet": "$anchor = (isset($_POST['anchor']) && !empty($_POST['anchor'])) ? wp_kses(base64_decode($_POST['anchor']), 'post') : '';",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Error.php",
            "line": 1365,
            "snippet": "$anchor = (isset($_POST['anchor']) && !empty($_POST['anchor'])) ? wp_kses(base64_decode($_POST['anchor']), 'post') : '';",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Report.php",
            "line": 2211,
            "snippet": "$decoded_url = base64_decode(urldecode(wp_unslash($_GET['ret_url'])), true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Settings.php",
            "line": 3327,
            "snippet": "$ignore_words = sanitize_textarea_field(stripslashes(trim(base64_decode($_POST['ignore_words']))));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Toolbox.php",
            "line": 111,
            "snippet": "$raw_value = base64_decode($raw_value, true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Toolbox.php",
            "line": 508,
            "snippet": "$data = base64_decode($data);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Toolbox.php",
            "line": 570,
            "snippet": "$data = base64_decode($data);",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "core/Wpil/Base.php",
            "line": 851,
            "snippet": "wp_enqueue_script('stripe-js', 'https://js.stripe.com/v3/', [], null, true);",
            "confidence": "medium",
            "details": {
                "url": "https://js.stripe.com/v3/",
                "url_host": "js.stripe.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "core/Wpil/Base.php",
            "line": 872,
            "snippet": "wp_enqueue_script('stripe-js', 'https://js.stripe.com/v3/', [], null, true);",
            "confidence": "medium",
            "details": {
                "url": "https://js.stripe.com/v3/",
                "url_host": "js.stripe.com"
            }
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/LinkMapping.php",
            "line": 408,
            "snippet": "$context = base64_decode($dat->context);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/LinkMapping.php",
            "line": 409,
            "snippet": "$sentence = strip_tags(base64_decode($dat->context));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/TargetKeyword.php",
            "line": 1623,
            "snippet": "$keyword_data = unserialize(gzinflate(base64_decode($keyword_data)));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/TargetKeyword.php",
            "line": 1816,
            "snippet": "$keyword_data = unserialize(gzinflate(base64_decode($keyword_data)));",
            "confidence": "medium"
        }
    ],
    "new_finding_count": 33
}

High code_scan_match Link Whisper Free Resolved · code_scan_fp_class_vendor_cdn_enqueue 1mo ago

Slug link-whisper

Finding count 2

Findings

Pattern	Kind	File	Line	Snippet	Confidence	Details
`remote_enqueue`	`builtin`	`trunk/core/Wpil/Base.php`	250	wp_register_script('wpil_convertkit_script', 'https://f.convertkit.com/ckjs/ck.5.js', array(), false, true);	`medium`	Url https://f.convertkit.com/ckjs/ck.5.js Url host `f.convertkit.com`
`remote_enqueue`	`builtin`	`core/Wpil/Base.php`	250	wp_register_script('wpil_convertkit_script', 'https://f.convertkit.com/ckjs/ck.5.js', array(), false, true);	`medium`	Url https://f.convertkit.com/ckjs/ck.5.js Url host `f.convertkit.com`

Resolved sha 051bd32becfb1ca7c3a19910ca3c8f6ce97a6782

View raw JSON

{
    "slug": "link-whisper",
    "finding_count": 2,
    "findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "trunk/core/Wpil/Base.php",
            "line": 250,
            "snippet": "wp_register_script('wpil_convertkit_script', 'https://f.convertkit.com/ckjs/ck.5.js', array(), false, true);",
            "confidence": "medium",
            "details": {
                "url": "https://f.convertkit.com/ckjs/ck.5.js",
                "url_host": "f.convertkit.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "core/Wpil/Base.php",
            "line": 250,
            "snippet": "wp_register_script('wpil_convertkit_script', 'https://f.convertkit.com/ckjs/ck.5.js', array(), false, true);",
            "confidence": "medium",
            "details": {
                "url": "https://f.convertkit.com/ckjs/ck.5.js",
                "url_host": "f.convertkit.com"
            }
        }
    ],
    "resolved_sha": "051bd32becfb1ca7c3a19910ca3c8f6ce97a6782"
}

High code_scan_delta Link Whisper Free Resolved · false_positive_cdn_known_good 1mo ago

Slug link-whisper

Previous version 0.9.2

Current version 0.9.3

New findings

Pattern	Kind	File	Line	Snippet	Confidence	Details
`remote_enqueue`	`builtin`	`core/Wpil/Base.php`	990	wp_register_script('wpil_convertkit_script', 'https://f.convertkit.com/ckjs/ck.5.js', array(), false, true);	`medium`	Url https://f.convertkit.com/ckjs/ck.5.js Url host `f.convertkit.com`
`base64_decode`	`builtin`	`core/Wpil/Report.php`	2,059	`$decoded_url = base64_decode(urldecode(wp_unslash($_GET['ret_url'])), true);`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/LinkMapping.php`	408	`$context = base64_decode($dat->context);`	`medium`	—
`base64_decode`	`builtin`	`core/Wpil/LinkMapping.php`	409	`$sentence = strip_tags(base64_decode($dat->context));`	`medium`	—

New finding count 4

View raw JSON

{
    "slug": "link-whisper",
    "previous_version": "0.9.2",
    "current_version": "0.9.3",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "core/Wpil/Base.php",
            "line": 990,
            "snippet": "wp_register_script('wpil_convertkit_script', 'https://f.convertkit.com/ckjs/ck.5.js', array(), false, true);",
            "confidence": "medium",
            "details": {
                "url": "https://f.convertkit.com/ckjs/ck.5.js",
                "url_host": "f.convertkit.com"
            }
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/Report.php",
            "line": 2059,
            "snippet": "$decoded_url = base64_decode(urldecode(wp_unslash($_GET['ret_url'])), true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/LinkMapping.php",
            "line": 408,
            "snippet": "$context = base64_decode($dat->context);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "core/Wpil/LinkMapping.php",
            "line": 409,
            "snippet": "$sentence = strip_tags(base64_decode($dat->context));",
            "confidence": "medium"
        }
    ],
    "new_finding_count": 4
}

Plugins authored (1)

Plugin	Version	Installs	Last updated	Status
Link Whisper Free ·`link-whisper`	0.9.5	30k+	11d ago	Active

SVN commit access (1)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin	Primary author	Installs	Commits	First	Latest	Status
Link Whisper Free	linkwhspr	30k+	16	6y ago	4y ago	Active