[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faYQYCCFmWpMavC6S_kc6FHAsdnE7-pb5SrQNBD3788Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":122,"fingerprints":224},"advanced-blogroll","Advanced Blogroll","1.4","yakuphan","https:\u002F\u002Fprofiles.wordpress.org\u002Fyakuphan\u002F","\u003Cp>Advanced Blogroll Widget displays your bookmarks as you want. You can customize your blogroll.\u003Cbr \u002F>\nYou can add how many widgets you want. You can select the category of your links so that you can seperate your bookmarks in different categories.\u003C\u002Fp>\n\u003Ch4>Supported Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Turkish\u003C\u002Fli>\n\u003Cli>Russian – Thanks \u003Ca href=\"http:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">Fatcow \u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German – Thanks \u003Ca href=\"http:\u002F\u002Fwww.wilsen.de\u002F\" rel=\"nofollow ugc\">Sebastian Masch\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Belorussian – Thanks \u003Ca href=\"http:\u002F\u002Fantsar.info\" rel=\"nofollow ugc\">ilyuha\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Options\u003C\u002Fh3>\n\u003Cp>Widget’s options allow you to change your blogroll’s displaying.\u003C\u002Fp>\n\u003Ch4>Title\u003C\u002Fh4>\n\u003Cp>Your blogroll’s title on your sidebar.\u003C\u002Fp>\n\u003Ch4>Category\u003C\u002Fh4>\n\u003Cp>Category of your bookmarks you want to list.\u003C\u002Fp>\n\u003Ch4>Order by\u003C\u002Fh4>\n\u003Cp>What you want to order by\u003C\u002Fp>\n\u003Ch4>Order\u003C\u002Fh4>\n\u003Cp>How you want to order\u003C\u002Fp>\n\u003Ch4>Display Form\u003C\u002Fh4>\n\u003Cp>How to display your bookmarks. With only names, only images, images and names.\u003C\u002Fp>\n\u003Ch4>Image Width\u003C\u002Fh4>\n\u003Cp>Your bookmarks’ image width.\u003C\u002Fp>\n\u003Ch4>Image Height\u003C\u002Fh4>\n\u003Cp>Your bookmarks’ image height.\u003C\u002Fp>\n\u003Ch4>Number of Bookmarks to Show\u003C\u002Fh4>\n\u003Cp>How many bookmarks you want to show.\u003C\u002Fp>\n\u003Ch4>Add rel\u003C\u002Fh4>\n\u003Cp>“nofollow” to bookmarks =\u003Cbr \u002F>\nAllows add rel = “nofollow” to your bookmarks.\u003C\u002Fp>\n","Advanced Blogroll Widget displays your bookmarks as you want. You can customize your blogroll.",100,17083,0,"2009-08-28T05:08:00.000Z","2.8.4","2.3","",[4,19,20,21],"blogroll","blogroll-widget","widget","http:\u002F\u002Fwww.yakupgovler.com\u002F?p=592","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-blogroll.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},4,660,30,84,"2026-04-05T02:39:29.385Z",[35,54,69,85,99],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":52,"download_link":53,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"rss-blogroll","RSS Blogroll","0.4","pantsonhead","https:\u002F\u002Fprofiles.wordpress.org\u002Fpantsonhead\u002F","\u003Cp>I don’t really like Blogrolls, I think they’re often not much more than glorified link dumps. I don’t like how they give you nothing more than the Blog title, and unless that title really grabs your attention, you’re never gonna click it. I don’t like how they are often just a static list, commonly out of date, that you learn to ignore after the first 4 page views. In their current format, they just appear to be a great waste of space.\u003C\u002Fp>\n\u003Cp>This is why I decided to create the RSS Blogroll plugin. RSS Blogroll allows you to link to your favourite blogs via the latest items from their RSS\u002FAtom feed. Article titles are much more attention grabbing and will deliver much higher quality traffic. We all hate clicking through to abandoned blogs – displaying article publication dates also lets readers know these are up to date and active sites.\u003C\u002Fp>\n\u003Cp>Many of us want to direct some of our traffic to related sites. RSS Blogroll will create deeplinks to the target sites, which are much more useful for SEO than homepage links. Overall it’s a win-win situation with a better browsing experience for users and the linked sites getting more visitors who are actually interested in their content.\u003C\u002Fp>\n","Sidebar widget that links to recent entries from RSS\u002FAtom feeds.",13947,46,3,"2015-08-02T05:10:00.000Z","4.2.39","2.8",[19,50,51,21],"rss","sidebar","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Frss-blogroll\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-blogroll.zip",{"slug":55,"name":56,"version":57,"author":17,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":17,"requires_at_least":63,"requires_php":17,"tags":64,"homepage":66,"download_link":67,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":68},"google-reader-blogroll-widget","Google Reader Blogroll Widget","0.1.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcu5\u002F","\u003Cp>Simple widget to list your Google Reader subscriptions as blogroll.\u003C\u002Fp>\n\u003Cp>All you need is to specify the link to your public Google Reader page, can be found in the Google Reader settings: https:\u002F\u002Fwww.google.com\u002Freader\u002Fsettings in the “Folders and Tags”-tab, the “view public page”-link. Just copy\u002Fpaste the whole link.\u003C\u002Fp>\n\u003Cp>The widget allows you to choose one of Googles cholor schemes, if you select “None” it will generate a generic list that should look quite fine with most themes.\u003C\u002Fp>\n\u003Cp>You can have multiple blogrolls with different designs.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Copyright 2008  Marcus Himmel  (email : ac@acidchaos.de)\u003C\u002Fp>\n\u003Cpre>\u003Ccode>This program is free software; you can redistribute it and\u002For modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation; either version 2 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program; if not, write to the Free Software\nFoundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Simple widget(s) to list your Google Reader subscriptions as blogroll.",10,4913,"2.0.2",[19,65,21],"google-reader","http:\u002F\u002Fblog.acidchaos.de\u002Fgoogle-reader-blogroll-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoogle-reader-blogroll-widget.0.1.0.zip","2026-03-15T10:48:56.248Z",{"slug":70,"name":71,"version":72,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":61,"downloaded":77,"rating":13,"num_ratings":13,"last_updated":78,"tested_up_to":48,"requires_at_least":48,"requires_php":17,"tags":79,"homepage":83,"download_link":84,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-linkex","WP-LinkEX","1.0","Juanjo Fernández","https:\u002F\u002Fprofiles.wordpress.org\u002Fjuanjoefe\u002F","\u003Cp>This plugin allows you to easily display the links included in your \u003Ca href=\"http:\u002F\u002Flinkex.dk\u002F\" title=\"LinkEX\" rel=\"nofollow ugc\">LinkEX\u003C\u002Fa> installation directly in a WordPress widget.\u003Cbr \u002F>\nYou can separate your links in different categories and display them on multiple widgets with different titles and designs.\u003C\u002Fp>\n","This plugin allows you to easily display the links included in your LinkEX installation directly in a WordPress widget.",2569,"2010-11-23T13:19:00.000Z",[19,80,81,82,21],"link-exchange","linkex","links","http:\u002F\u002Fjuanjoefe.wordpress.com\u002Fwp-linkex\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-linkex.zip",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":61,"downloaded":93,"rating":13,"num_ratings":13,"last_updated":94,"tested_up_to":95,"requires_at_least":63,"requires_php":17,"tags":96,"homepage":97,"download_link":98,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wpw-linkslist","WPW-Linkslist","0.1","Amie","https:\u002F\u002Fprofiles.wordpress.org\u002Fsunburntkamel\u002F","\u003Cp>This widget replaces the standard Blogroll widget, and adds the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>API compatibility, so the widget matches the theme\u003C\u002Fli>\n\u003Cli>Respects options set in the Links Manager Admin Panel\u003C\u002Fli>\n\u003C\u002Ful>\n","A flexible replacement for the standard links widget, for wordpress 2.0.x only.",4775,"2007-03-18T19:11:00.000Z","2.0.9",[19,82,21],"http:\u002F\u002Fwww.archgfx.net\u002Fblog\u002Findex.php\u002Fthemes\u002Flinkslist","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpw-linkslist.0.1.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":120,"download_link":121,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"classic-widgets","Classic Widgets","0.3","Tonya Mork","https:\u002F\u002Fprofiles.wordpress.org\u002Fhellofromtonya\u002F","\u003Cp>Classic Widgets is an official plugin maintained by the WordPress team that restores the previous (“classic”) WordPress widgets settings screens. It will be supported and maintained to 2024, or as long as is necessary.\u003C\u002Fp>\n\u003Cp>Once activated and when using a classic (non-block) theme, this plugin restores the previous widgets settings screens and disables the block editor from managing widgets. There is no other configuration, the classic widgets settings screens are enabled or disabled by either enabling or disabling this plugin.\u003C\u002Fp>\n","Enables the previous \"classic\" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.",2000000,7214667,98,262,"2025-12-08T10:52:00.000Z","6.9.4","4.9","5.6",[100,116,117,118,119],"disable","disable-gutenberg","editor","gutenberg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclassic-widgets.0.3.zip",{"attackSurface":123,"codeSignals":139,"taintFlows":211,"riskAssessment":212,"analyzedAt":223},{"hooks":124,"ajaxHandlers":135,"restRoutes":136,"shortcodes":137,"cronEvents":138,"entryPointCount":13,"unprotectedCount":13},[125,131],{"type":126,"name":127,"callback":128,"file":129,"line":130},"action","plugins_loaded","yg_adv_blogroll_loadlang","advanced_blogroll.php",339,{"type":126,"name":132,"callback":133,"file":129,"line":134},"widgets_init","yg_adv_blogroll_register",345,[],[],[],[],{"dangerousFunctions":140,"sqlUsage":141,"outputEscaping":143,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":210},[],{"prepared":13,"raw":13,"locations":142},[],{"escaped":13,"rawEcho":144,"locations":145},38,[146,149,151,153,155,157,158,159,161,163,164,166,168,169,171,173,174,176,178,179,181,183,184,185,187,189,190,191,193,195,196,197,199,201,202,204,206,208],{"file":129,"line":147,"context":148},92,"raw output",{"file":129,"line":150,"context":148},129,{"file":129,"line":152,"context":148},131,{"file":129,"line":154,"context":148},212,{"file":129,"line":156,"context":148},215,{"file":129,"line":156,"context":148},{"file":129,"line":156,"context":148},{"file":129,"line":160,"context":148},220,{"file":129,"line":162,"context":148},222,{"file":129,"line":162,"context":148},{"file":129,"line":165,"context":148},230,{"file":129,"line":167,"context":148},231,{"file":129,"line":167,"context":148},{"file":129,"line":170,"context":148},241,{"file":129,"line":172,"context":148},242,{"file":129,"line":172,"context":148},{"file":129,"line":175,"context":148},249,{"file":129,"line":177,"context":148},250,{"file":129,"line":177,"context":148},{"file":129,"line":180,"context":148},258,{"file":129,"line":182,"context":148},259,{"file":129,"line":182,"context":148},{"file":129,"line":182,"context":148},{"file":129,"line":186,"context":148},264,{"file":129,"line":188,"context":148},265,{"file":129,"line":188,"context":148},{"file":129,"line":188,"context":148},{"file":129,"line":192,"context":148},271,{"file":129,"line":194,"context":148},272,{"file":129,"line":194,"context":148},{"file":129,"line":194,"context":148},{"file":129,"line":198,"context":148},278,{"file":129,"line":200,"context":148},279,{"file":129,"line":200,"context":148},{"file":129,"line":203,"context":148},284,{"file":129,"line":205,"context":148},298,{"file":129,"line":207,"context":148},304,{"file":129,"line":209,"context":148},306,[],[],{"summary":213,"deductions":214},"The advanced-blogroll plugin v1.4 exhibits a mixed security posture.  While the static analysis shows no identified attack surface from AJAX, REST API, shortcodes, or cron events, and no dangerous functions or file operations are detected, there are significant concerns regarding output escaping.  A concerning 100% of the 38 identified output operations are not properly escaped, leaving the plugin highly susceptible to cross-site scripting (XSS) vulnerabilities.  Furthermore, the lack of any capability checks or nonce checks on the identified entry points (though none are present) means that if any were introduced in future versions without proper security measures, they would be unprotected.  The plugin's vulnerability history is currently clean, with no known CVEs. This, combined with the absence of dangerous functions and SQL injection risks due to prepared statements, suggests a generally good effort in core secure coding practices, but the critical flaw in output sanitization poses a severe, exploitable risk.",[215,218,221],{"reason":216,"points":217},"0% of outputs properly escaped",15,{"reason":219,"points":220},"No capability checks",5,{"reason":222,"points":220},"No nonce checks","2026-03-16T20:54:00.463Z",{"wat":225,"direct":230},{"assetPaths":226,"generatorPatterns":227,"scriptPaths":228,"versionParams":229},[],[],[],[],{"cssClasses":231,"htmlComments":235,"htmlAttributes":236,"restEndpoints":238,"jsGlobals":239,"shortcodeOutput":240},[232,233,234],"ab_bookmarks","ab_images","linkimg",[],[237],"data-widget-id",[],[],[241,242],"\u003Cul class=\"ab_bookmarks\">","\u003Cdiv class=\"ab_images\">"]