WP Beacon

Shahjahan Jewel

@techjewel · wordpress.org profile ↗
Member since
2012-10-04
Location
Sylhet
Employer
AuthLab
Job title
Head of Ideas
Authored
21 (4 closed)
SVN commit access
25 (4 closed)
Readme contributor
8
Combined install base
1.5M+ across 29 plugins

Alerts (0)

No open alerts.

Show 5 resolved alerts
Critical code_pattern FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider Resolved · no_longer_matches 28d ago
Slugfluent-smtp
Patternunserialize_after_remote_call
Kindbuiltin
Version2.2.95
Hit count1
First hit
File
app/Services/NotificationHelper.php
Line
328
Snippet
L312: $body = wp_remote_retrieve_body($response); → L328: $sendingTo = self::unserialize(Arr::get($logData, 'to'));
Explanationa remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak.
View raw JSON
{
    "slug": "fluent-smtp",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "2.2.95",
    "hit_count": 1,
    "first_hit": {
        "file": "app/Services/NotificationHelper.php",
        "line": 328,
        "snippet": "L312: $body = wp_remote_retrieve_body($response);  \u2192  L328: $sendingTo = self::unserialize(Arr::get($logData, 'to'));"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak."
}
Critical code_scan_delta FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider Resolved · fp_proximity_only_different_vars 28d ago
Slugfluent-smtp
Previous version2.2.95
Current version2.2.95
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltinapp/Services/NotificationHelper.php328L312: $body = wp_remote_retrieve_body($response); → L328: $sendingTo = self::unserialize(Arr::get($logData, 'to'));high
New finding count1
View raw JSON
{
    "slug": "fluent-smtp",
    "previous_version": "2.2.95",
    "current_version": "2.2.95",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "app/Services/NotificationHelper.php",
            "line": 328,
            "snippet": "L312: $body = wp_remote_retrieve_body($response);  \u2192  L328: $sendingTo = self::unserialize(Arr::get($logData, 'to'));",
            "confidence": "high"
        }
    ],
    "new_finding_count": 1
}
High code_scan_match Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Resolved · code_scan_fp_class_vendor_cdn_enqueue 17d ago
Slugfluentform
Finding count1
Findings
PatternKindFileLineSnippetConfidenceDetails
remote_enqueuebuiltinapp/Modules/Payments/PaymentMethods/Stripe/StripeHandler.php145wp_enqueue_script('stripe_elements', 'https://js.stripe.com/v3/', array('jquery'), '3.0', true);medium
Url
https://js.stripe.com/v3/
Url host
js.stripe.com
Resolved sha5a600146365db9ac75dca5328b6fc3e3b70c0f91
View raw JSON
{
    "slug": "fluentform",
    "finding_count": 1,
    "findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "app/Modules/Payments/PaymentMethods/Stripe/StripeHandler.php",
            "line": 145,
            "snippet": "wp_enqueue_script('stripe_elements', 'https://js.stripe.com/v3/', array('jquery'), '3.0', true);",
            "confidence": "medium",
            "details": {
                "url": "https://js.stripe.com/v3/",
                "url_host": "js.stripe.com"
            }
        }
    ],
    "resolved_sha": "5a600146365db9ac75dca5328b6fc3e3b70c0f91"
}
High domain_younger_than_plugin Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Resolved · no_longer_matches 21d ago
Slugfluentform
Domainapip.cc
Domain sourcec2_http_call
Domain registered at2024-07-18
Plugin earliest commit2017-12-26 21:18:58
Plugin latest release2026-04-28 04:32:22
Gap days2,395
Domain age at release649
Active installs700,000
View raw JSON
{
    "slug": "fluentform",
    "domain": "apip.cc",
    "domain_source": "c2_http_call",
    "domain_registered_at": "2024-07-18",
    "plugin_earliest_commit": "2017-12-26 21:18:58",
    "plugin_latest_release": "2026-04-28 04:32:22",
    "gap_days": 2395,
    "domain_age_at_release": 649,
    "active_installs": 700000
}
Medium code_scan_match FluentSnippets – The High-Performance file based Custom Code Snippets Plugin Resolved · code_scan_fp_class_genre_encoding 17d ago
Slugeasy-code-manager
Finding count2
Findings
PatternKindFileLineSnippetConfidence
eval_callbuiltinapp/Services/PhpValidator.php288$result = eval($code); // phpcs:ignore Squiz.PHP.Eval.Discouragedmedium
base64_decodebuiltinapp/Hooks/Handlers/AdminMenuHandler.php177$code = base64_decode($snippet['code']);medium
Resolved sha189e84f001c072e6ba91349ea76e6d5a38f8e3d1
View raw JSON
{
    "slug": "easy-code-manager",
    "finding_count": 2,
    "findings": [
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "app/Services/PhpValidator.php",
            "line": 288,
            "snippet": "$result = eval($code); // phpcs:ignore Squiz.PHP.Eval.Discouraged",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "app/Hooks/Handlers/AdminMenuHandler.php",
            "line": 177,
            "snippet": "$code = base64_decode($snippet['code']);",
            "confidence": "medium"
        }
    ],
    "resolved_sha": "189e84f001c072e6ba91349ea76e6d5a38f8e3d1"
}

Plugins authored (21)

Plugin Version Installs Last updated Status
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder ·fluentform 6.2.2 700k+ 24d ago Active
FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider ·fluent-smtp 2.2.95 500k+ 4mo ago Active
Ninja Tables – Easy Data Table Builder ·ninja-tables 5.2.8 80k+ 1mo ago Active
FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution ·fluent-crm 2.9.87 70k+ 5mo ago Active
FluentSnippets – The High-Performance file based Custom Code Snippets Plugin ·easy-code-manager 10.53 40k+ 4mo ago Active
Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution ·fluent-booking 2.0.05 20k+ 3mo ago Active
Fluent Support – Helpdesk & Customer Support Ticket System ·fluent-support 2.1.2 10k+ 1mo ago Active
FluentAuth – The Ultimate Authorization & Security Plugin for WordPress ·fluent-security 2.1.2 10k+ 24d ago Active
FluentCommunity – Ultra-Fast High-Performance Social Network, Community, LMS & Online Courses ·fluent-community 2.4.01 7k+ 21d ago Active
FluentAffiliate – Affiliate Program Management Suite, Affiliates Manager ·fluent-affiliate 1.4.0 1k+ 1mo ago Active
Fluent Forms Connector for MailPoet ·fluent-forms-connector-for-mailpoet 1.0.6 1k+ 1y ago Active
FluentComments – Spam protection, AntiSpam, Ajax Enhanced Comments ·fluent-comments 2.0.0 700 10mo ago Active
Mautic Integration For Fluent Forms ·mautic-for-fluent-forms 1.0.4 300 1y ago Active
WP GDPR Cookie Consent ·wp-gdpr-cookie-consent 1.0.0 100 7y ago Active
Fluent Query Logger – Log Database Queries and analyze plugin database performance ·fluent-query-logger 1.0.0 30 3y ago Active
WP Faq Builder ·wp-faq-builder 1.0.0 10 7y ago Active
Ninja Mortgage Calculator – The best Mortgage Plugin for WordPress ·ninja-mortgage-calculator 1.0.1 Closed
WooCommerce Order Cancel for Customers ·woo-order-cancel-for-customers 1.1 Closed
Trendy Restaurant Menu – Best Restaurant Plugin for WordPress ·trendy-restaurant-menu 1.0.0 Closed
Pricing Table Builder – The Best Price Table Builder Plugin ·wp-pricing 1.0.0 Closed
NinjaDB ·ninjadb 0.8 8y ago Active

SVN commit access (25)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution techjewel 70k+ 107 5y ago 5mo ago Active
Ninja Tables – Easy Data Table Builder techjewel 80k+ 96 8y ago 10mo ago Active
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder techjewel 700k+ 81 8y ago 2y ago Active
Fluent Support – Helpdesk & Customer Support Ticket System techjewel 10k+ 65 4y ago 2mo ago Active
FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider techjewel 500k+ 48 5y ago 4mo ago Active
WP Social Ninja – Embed Social Feeds, User Reviews & Chat Widgets adreastrian 30k+ 38 4y ago 6mo ago Active
Paymattic – Secure, Simple Payment & Donation with Subscription Payments, Recurring Donations, Customer Management wpmanageninja 4k+ 26 7y ago 3y ago Active
FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration adreastrian 6k+ 26 1y ago 3mo ago Active
Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution techjewel 20k+ 26 1y ago 3mo ago Active
FluentSnippets – The High-Performance file based Custom Code Snippets Plugin techjewel 40k+ 14 2y ago 4mo ago Active
FluentAffiliate – Affiliate Program Management Suite, Affiliates Manager techjewel 1k+ 8 8mo ago 1mo ago Active
Ninja Job Board – Ultimate WordPress Job Board Plugin wpmanageninja 100 7 4y ago 2y ago Active
FluentComments – Spam protection, AntiSpam, Ajax Enhanced Comments techjewel 700 5 2y ago 10mo ago Active
Fluent Query Logger – Log Database Queries and analyze plugin database performance techjewel 30 4 3y ago 3y ago Active
Mautic Integration For Fluent Forms techjewel 300 3 6y ago 6y ago Active
Fluent Forms Connector for MailPoet techjewel 1k+ 3 5y ago 2y ago Active
WooCommerce Order Cancel for Customers techjewel 3 8y ago 8y ago Closed
Trendy Restaurant Menu – Best Restaurant Plugin for WordPress techjewel 2 7y ago 7y ago Closed
FluentCommunity – Ultra-Fast High-Performance Social Network, Community, LMS & Online Courses techjewel 7k+ 2 1y ago 21d ago Active
Ninja Mortgage Calculator – The best Mortgage Plugin for WordPress techjewel 1 7y ago 7y ago Closed
FluentAuth – The Ultimate Authorization & Security Plugin for WordPress techjewel 10k+ 1 3y ago 24d ago Active
WP GDPR Cookie Consent techjewel 100 1 7y ago 7y ago Active
Fluent Connect – Connect ThriveCart with your WordPress and FluentCRM wpmanageninja 600 1 1y ago 1y ago Active
FluentCart A New Era of eCommerce – Faster, Lighter, and Simpler wpmanageninja 5k+ 1 7mo ago 17d ago Active
Pricing Table Builder – The Best Price Table Builder Plugin techjewel 1 7y ago 7y ago Closed

Contributor on other plugins (8)

Plugins where this account is listed in the readme contributors (distinct from SVN commit access).

Plugin Primary author Version Installs
WP Social Ninja – Embed Social Feeds, User Reviews & Chat Widgets adreastrian 4.2.1 30k+
Fluent PDF Generator wpmanageninja 2.1.1 20k+
FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration adreastrian 1.91.3 6k+
FluentCart A New Era of eCommerce – Faster, Lighter, and Simpler wpmanageninja 1.3.26 5k+
Paymattic – Secure, Simple Payment & Donation with Subscription Payments, Recurring Donations, Customer Management wpmanageninja 4.6.20 4k+
Custom Feed for TikTok – Social Post Feed Plugin for TikTok devutpol 1.2.3 1k+
Fluent Connect – Connect ThriveCart with your WordPress and FluentCRM wpmanageninja 0.4 600
Ninja Job Board – Ultimate WordPress Job Board Plugin wpmanageninja 1.4.0 100