[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRKuqnkRyMOtLViN0K-VWi4bNCUqQJ8138i2MIcxHqj4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":58,"crawl_stats":37,"alternatives":65,"analysis":173,"fingerprints":245},"add-to-feedly","Add to Feedly","1.2.11","David Merinas","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidmerinas\u002F","\u003Cp>Feedly users can subscribe your RSS feed just by clicking the banner “Follow on Feedly” or the floating button that this plugin provides. You can show the banner in English, French or Spanish or whatever you want using custom text. Several sizes available for Floating button.\u003C\u002Fp>\n","This plugin provides a widget to Display a \"Follow on Feedly\" banner in your sidebar and a floating button at bottom.",80,9411,86,3,"2018-03-23T11:04:00.000Z","4.9.29","3.3","",[20,21,22,23,24],"derosieres","feed","feedly","rss","widget","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadd-to-feedly\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-to-feedly.zip",42,2,"2025-09-05 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-58859","add-to-feedly-cross-site-request-forgery","Add to Feedly \u003C= 1.2.11 - Cross-Site Request Forgery","The Add to Feedly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.11. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.2.11","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-09-09 21:53:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcddc6d2e-bf42-478a-8390-d3aa9ce04292?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":51,"cvss_vector":52,"vuln_type":53,"published_date":54,"updated_date":55,"references":56,"days_to_patch":37},"CVE-2023-2470","add-to-feedly-authenticatedadministrator-stored-cross-site-scripting-via-plugin-settings","Add to Feedly \u003C= 1.2.11 - Authenticated(Administrator+) Stored Cross-Site Scripting via plugin settings","The Add to Feedly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.2.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2023-05-02 00:00:00","2024-01-22 19:56:02",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1496ce98-ee19-4f37-9ec7-eb0fafb5df19?source=api-prod",{"slug":59,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":60,"avg_security_score":61,"avg_patch_time_days":62,"trust_score":63,"computed_at":64},"davidmerinas",210,63,30,68,"2026-04-05T01:04:09.298Z",[66,88,113,136,155],{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":76,"num_ratings":77,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":80,"tags":81,"homepage":84,"download_link":85,"security_score":86,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"super-rss-reader","Super RSS Reader – Add attractive RSS Feed Widget","5.4","vaakash","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaakash\u002F","\u003Cp>Super RSS Reader plugin allows you to display RSS feed(s) in an attractive way to your widget. It has options to display multiple RSS feeds separated by tabs in a single widget and has feature to add a news ticker like effect to it. See the features list below for complete list.\u003C\u002Fp>\n\u003Cp>The widget is fully customizable with external styles and also has color themes out of the box. It is a perfect replacement for the default RSS widget in WordPress.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdemos\u002Fsuper-rss-reader\u002F\" rel=\"nofollow ugc\">Check out the \u003Cstrong>LIVE DEMO\u003C\u002Fstrong> of the plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>✨ Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>News ticker\u003C\u002Fstrong> – Add news ticker like effect to the RSS feeds (can turn on of off)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple tabs\u003C\u002Fstrong> – Display multiple feeds in one widget separated by tabs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thumbnail\u003C\u002Fstrong> – Display the thumbnail of the feed item.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Color themes\u003C\u002Fstrong> – Options of multiple color themes out of the box. Customizable via CSS.\u003C\u002Fli>\n\u003Cli>Different \u003Cstrong>thumbnail positions\u003C\u002Fstrong> (align left, right and cover)\u003C\u002Fli>\n\u003Cli>Customizable ticker speed.\u003C\u002Fli>\n\u003Cli>Different \u003Cstrong>date formats\u003C\u002Fstrong> for feed item (absolute and relative)\u003C\u002Fli>\n\u003Cli>Supports RSS and atom feed.\u003C\u002Fli>\n\u003Cli>Trim title and description text of the feed item.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order\u003C\u002Fstrong> feed items by date or random.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌄 Display RSS feeds like\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Your own website content like recent posts, comments, forum topics etc.\u003C\u002Fli>\n\u003Cli>Articles, posts from related websites and share with your users.\u003C\u002Fli>\n\u003Cli>Events, job listings etc. from other websites.\u003C\u002Fli>\n\u003Cli>Deals, Craigslist, Google News RSS etc. You got it, any RSS feed on your site !\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F02aOG_-98Tg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>💎 PRO version\u003C\u002Fh3>\n\u003Cp>Super RSS reader has a PRO version which has more features to further enhance and to get more control of the RSS feed you display. With the PRO version you can enjoy below additional features included and also support the development of this plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode\u003C\u002Fstrong> – Display RSS feed anywhere in your website using \u003Ccode>[srr_feed]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Grid display\u003C\u002Fstrong> – Display feed item in rows and columns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Paginated display\u003C\u002Fstrong> – Display feed item in different pages with a pagination bar\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Filter by keyword\u003C\u002Fstrong> – Show\u002Fhide feed items based on keyword\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom feed item template\u003C\u002Fstrong> – Change order of feed item content, add HTML\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fetch thumbnail\u003C\u002Fstrong> – Forcefully fetches the thumbnail from feed URL\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Merge multiple feeds\u003C\u002Fstrong> – Display multiple RSS feeds as one\u003C\u002Fli>\n\u003Cli>\u003Cstrong>4 new\u003C\u002Fstrong> color themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fsuper-rss-reader\u002F?utm_source=readme&utm_medium=description&utm_campaign=srr-pro\" rel=\"nofollow ugc\">\u003Cstrong>More information\u003C\u002Fstrong>\u003C\u002Fa> – \u003Ca href=\"https:\u002F\u002Fwpdemos.aakashweb.com\u002Fsuper-rss-reader\u002F?utm_source=readme&utm_medium=description&utm_campaign=srr-pro\" rel=\"nofollow ugc\">Live demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fsuper-rss-reader\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fsuper-rss-reader\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fforum\u002Fdiscuss\u002Fwordpress-plugins\u002Fsuper-rss-reader\u002F\" rel=\"nofollow ugc\">Support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Display any RSS feed(s) in widget with news ticker effect in multiple tabs, thumbnails, customizable color themes and more.",10000,426421,92,66,"2025-12-06T07:43:00.000Z","6.9.4","5.3",[21,82,23,83,24],"news","rss-feed","https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fsuper-rss-reader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-rss-reader.5.4.zip",100,0,{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":99,"last_updated":100,"tested_up_to":79,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":108,"download_link":109,"security_score":110,"vuln_count":111,"unpatched_count":87,"last_vuln_date":112,"fetched_at":30},"rss-feed-widget","RSS Feed Widget","3.0.3","Fahad Mahmood","https:\u002F\u002Fprofiles.wordpress.org\u002Ffahadmahmood\u002F","\u003Cul>\n\u003Cli>\n\u003Cp>Author: \u003Ca href=\"https:\u002F\u002Fwww.androidbubbles.com\u002Fcontact\" rel=\"nofollow ugc\">Fahad Mahmood\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Project URI: \u003Ca href=\"http:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fwidgets\u002Frss-feed-widget\" rel=\"nofollow ugc\">http:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fwidgets\u002Frss-feed-widget\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>License: GPL 3. See License below for copyright jots and tittles.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>RSS Feed Widget is a free WordPress plugin for rss feeds display. It is simple to use as after installation you see a menu item under settings. Easily to get started with this plugin, select image size for your feed and save changes. For more customization, you can install Chameleon and choose desired style. This plugin also provides to filter or mute words\u002Ftext\u002Fsentences etc. To filter any word\u002Ftext\u002Fsentence open filter tab and enter word\u002Ftext\u002Fsentence as one per line.\u003Cbr \u002F>\nYou can also choose various image sizes for your feed like thumbnail, medium, large or post thumbnail etc. It also provides the facility of creating shortcode based pages. The shortcode tab describes that how can you create shotcode based pages. The most important and special feature is Advanced Settings. Advanced settings tab allows you to reach custom tag in strange XML based feeds for images.\u003C\u002Fp>\n\u003Cp>Important!\u003Cbr \u002F>\nVisit my blog and suggest good features which you wana see in this plugin.\u003C\u002Fp>\n\u003Ch4>Tags\u003C\u002Fh4>\n\u003Cp>feed, facebook, youtube, shortcodes, slider, image, widget, page, techcrucnch, news, updates, aggragator, slideshow, feedly\u003C\u002Fp>\n\u003Cp>How to use shortcodes for content pages?\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FQCLNXfPOsQo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This WordPress Plugin is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or any later version. This free software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this software. If not, see http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html.\u003C\u002Fp>\n","RSS Feed Widget with customizable slider. Feed title, description, image, censorship and a few other features which you can use.",2000,239625,78,26,"2025-12-19T09:06:00.000Z","3.0","7.0",[104,105,106,23,107],"chameleon","custom-feed","feed-widget","social-feed","http:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fwidgets\u002Frss-feed-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-feed-widget.3.0.3.zip",95,6,"2026-01-07 00:00:00",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":86,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":18,"tags":127,"homepage":132,"download_link":133,"security_score":134,"vuln_count":123,"unpatched_count":87,"last_vuln_date":135,"fetched_at":30},"admin-dashboard-rss-feed","Admin Dashboard RSS Feed","3.8","wsxplugindev","https:\u002F\u002Fprofiles.wordpress.org\u002Fwsxplugindev\u002F","\u003Cp>Are you a web design company looking to broadcast your company’s latest news in your client’s Admin Dashboard? This plugin helps to show your latest news in the WordPress Admin Dashboard via an RSS feed.\u003C\u002Fp>\n\u003Cp>This plugin is very simple to install and configure. After successful install and activation. just provide this info and you are set:\u003C\u002Fp>\n\u003Cp>Your company name:\u003Cbr \u002F>\nYour company logo:\u003Cbr \u002F>\nYour website:\u003Cbr \u002F>\nYour company RSS feed URL:\u003Cbr \u002F>\nSet the number of items to show:\u003C\u002Fp>\n\u003Cp>Keep your client abreast of what’s happening.\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>This plugin shows latest news in the WordPress Admin Dashboard from the RSS feed URL that you provide.\u003C\u002Fp>\n","Admin Dashboard RSS Feed displays company news in the WordPress Admin Dashboard using an RSS feed. It provides quick access to the latest updates.",500,20334,1,"2025-04-25T08:47:00.000Z","6.8.5","4.7.5",[128,129,83,130,131],"admin-widget","admin-rss-feed","show-rss-feed","wordpress-admin-dashboard","https:\u002F\u002Fwww.webstix.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-dashboard-rss-feed.zip",99,"2024-07-11 00:00:00",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":86,"downloaded":144,"rating":87,"num_ratings":87,"last_updated":145,"tested_up_to":146,"requires_at_least":147,"requires_php":18,"tags":148,"homepage":152,"download_link":153,"security_score":154,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"subscribe-here-widget","Subscribe Here Widget","1.0","adiian","https:\u002F\u002Fprofiles.wordpress.org\u002Fadiian\u002F","\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show “Subscribe by RSS” and “Subscribe by email”\u003C\u002Fli>\n\u003Cli>Configurable apearance through CSS\u003C\u002Fli>\n\u003Cli>Feedburner Feed Id configurable through widget panel\u003C\u002Fli>\n\u003C\u002Ful>\n","Subscribe Here displays a visible plugin widget in the sidebar with Subscribe by Rss & Subscribe by Email(through Feedburner) options.",23003,"2010-01-11T23:34:00.000Z","2.9.2","2.3.1",[149,23,150,151,24],"feedburner","subscribe","subscribe-here","http:\u002F\u002Fwww.improveseo.info\u002Fsubscribe-here-widget-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribe-here-widget.1.0.zip",85,{"slug":156,"name":157,"version":158,"author":159,"author_profile":160,"description":161,"short_description":162,"active_installs":163,"downloaded":164,"rating":163,"num_ratings":28,"last_updated":165,"tested_up_to":79,"requires_at_least":166,"requires_php":167,"tags":168,"homepage":171,"download_link":172,"security_score":86,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"rss-image-widget","RSS Image Widget","3.0.0","zackdesign","https:\u002F\u002Fprofiles.wordpress.org\u002Fzackdesign\u002F","\u003Cp>RSS Image Widget fetches images from any RSS\u002FAtom feed that uses enclosures and displays them in a responsive grid with a built-in lightbox. Works as both a classic widget and a Gutenberg block.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Widget + Block\u003C\u002Fstrong> — Use in sidebars (classic widget) or anywhere in the block editor\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight\u003C\u002Fstrong> — No jQuery, no external CDN. Just a tiny vanilla JS lightbox (~2 KB)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive grid\u003C\u002Fstrong> — CSS Grid layout adapts to any container width\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lazy loading\u003C\u002Fstrong> — Images use native browser lazy loading\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessible\u003C\u002Fstrong> — Lightbox supports keyboard navigation (Escape to close)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero configuration\u003C\u002Fstrong> — Just add a feed URL and go\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Upgrading from v2.x:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Bootstrap classes (\u003Ccode>row\u003C\u002Fcode>, \u003Ccode>col-xs-12\u003C\u002Fcode>) and external Lightbox2 CDN have been replaced with clean semantic HTML, a responsive CSS Grid layout, and a bundled vanilla JS lightbox. If you had custom CSS targeting the old classes, you will need to update it to use the new \u003Ccode>.rss-image-gallery\u003C\u002Fcode> BEM classes.\u003C\u002Fp>\n","Display images from an RSS or Atom feed as a widget or block with a lightweight lightbox gallery.",60,32807,"2026-02-23T09:43:00.000Z","6.0","7.4",[21,169,170,23,24],"gallery","image","https:\u002F\u002Fzackdesign.biz\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-image-widget.3.0.0.zip",{"attackSurface":174,"codeSignals":205,"taintFlows":233,"riskAssessment":234,"analyzedAt":244},{"hooks":175,"ajaxHandlers":201,"restRoutes":202,"shortcodes":203,"cronEvents":204,"entryPointCount":87,"unprotectedCount":87},[176,182,186,189,193,197],{"type":177,"name":178,"callback":179,"file":180,"line":181},"action","admin_init","ADD_TO_FEEDLY_register_mysettings","addtofeedly.php",19,{"type":177,"name":183,"callback":184,"file":180,"line":185},"wp_enqueue_scripts","addtofeedly_stylesheet",205,{"type":177,"name":183,"callback":187,"file":180,"line":188},"addtofeedly_javascript",206,{"type":177,"name":190,"callback":191,"file":180,"line":192},"admin_menu","ADD_TO_FEEDLY_create_menu",209,{"type":177,"name":194,"callback":195,"file":180,"line":196},"plugins_loaded","widget_ADD_TO_FEEDLY_init",213,{"type":177,"name":198,"callback":199,"file":180,"line":200},"wp_footer","ADD_TO_FEEDLY_init",216,[],[],[],[],{"dangerousFunctions":206,"sqlUsage":207,"outputEscaping":209,"fileOperations":87,"externalRequests":87,"nonceChecks":87,"capabilityChecks":87,"bundledLibraries":228},[],{"prepared":87,"raw":87,"locations":208},[],{"escaped":87,"rawEcho":210,"locations":211},8,[212,215,216,218,220,222,224,226],{"file":180,"line":213,"context":214},55,"raw output",{"file":180,"line":76,"context":214},{"file":180,"line":217,"context":214},97,{"file":180,"line":219,"context":214},128,{"file":180,"line":221,"context":214},150,{"file":180,"line":223,"context":214},169,{"file":180,"line":225,"context":214},171,{"file":180,"line":227,"context":214},199,[229],{"name":230,"version":231,"knownCves":232},"jQuery","1.10.2",[],[],{"summary":235,"deductions":236},"The 'add-to-feedly' plugin v1.2.11 presents a mixed security picture. While the static analysis shows a minimal attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and all SQL queries are prepared, there are significant concerns regarding output escaping and a history of known vulnerabilities.  Specifically, 100% of the observed outputs are not properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. This is compounded by two known medium-severity CVEs, both of which are currently unpatched and include CSRF and XSS as common types. The presence of these unpatched vulnerabilities, despite the limited apparent attack surface in the current version's code, suggests a pattern of security weaknesses that have not been fully addressed. The bundled jQuery v1.10.2 is also outdated, which can introduce its own set of security risks. While the absence of direct entry points and raw SQL is positive, the unescaped output and unpatched CVEs make this plugin a moderate to high risk.",[237,240,242],{"reason":238,"points":239},"Unpatched CVEs",20,{"reason":241,"points":239},"Output escaping is not properly handled",{"reason":243,"points":14},"Bundled outdated library","2026-03-16T21:26:40.983Z",{"wat":246,"direct":258},{"assetPaths":247,"generatorPatterns":252,"scriptPaths":253,"versionParams":254},[248,249,250,251],"\u002Fwp-content\u002Fplugins\u002Fadd-to-feedly\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fadd-to-feedly\u002Fjs\u002Fjquery-1.10.2.min.js","\u002Fwp-content\u002Fplugins\u002Fadd-to-feedly\u002Fjs\u002Faddtofeedly.js","\u002Fwp-content\u002Fplugins\u002Fadd-to-feedly\u002Fimages\u002Faddtofeedly_master.png",[],[249,250],[255,256,257],"add-to-feedly\u002Fstyle.css?ver=","add-to-feedly\u002Fjs\u002Fjquery-1.10.2.min.js?ver=","add-to-feedly\u002Fjs\u002Faddtofeedly.js?ver=",{"cssClasses":259,"htmlComments":261,"htmlAttributes":262,"restEndpoints":264,"jsGlobals":265,"shortcodeOutput":267},[260],"customtext",[],[263],"widget_ADD_TO_FEEDLY",[],[266],"ADD_TO_FEEDLY_WIDGET_ID",[]]