[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3OVQdLMpgGAEtoLbQMbti4DDENhtDOX2qoie8kIXse8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":137,"fingerprints":197},"advanced-posts-listing","Advanced Posts Listing – Show Post List Easily","1.0.7","Flipper Code - WordPress Development Company","https:\u002F\u002Fprofiles.wordpress.org\u002Fflippercode\u002F","\u003Cp>Advanced Posts Listing is a Gutenberg block plugin that enables site administrators to create & display visually appealing blog posts listing or custom post type listing effortlessly right from the Gutenberg editor.\u003C\u002Fp>\n\u003Cp>This plugin provides six beautiful and responsive design \u002F layouts for the listing. Site admins can choose custom post type from block properties & listing will be created accordingly with a live preview.\u003C\u002Fp>\n\u003Cp>This plugin also allows site admins to filter the custom post listing by taxonomy, terms and other criterias. The infomation displayed inside the listing record is also manageable from block properties.\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cp>For better idea of how all layouts would look like, below are live demo links of all the layouts.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fweplugins.com\u002Fadvanced-posts-listing\u002Flisting-layout\u002F\" rel=\"nofollow ugc\">List View\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fweplugins.com\u002Fadvanced-posts-listing\u002F\" rel=\"nofollow ugc\">Grid View\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fweplugins.com\u002Fadvanced-posts-listing\u002Fmasonry-layout\u002F\" rel=\"nofollow ugc\">Masonry View\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fweplugins.com\u002Fadvanced-posts-listing\u002Foverlay-layout\u002F\" rel=\"nofollow ugc\">Overlay View\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fweplugins.com\u002Fadvanced-posts-listing\u002Fslider-layout\u002F\" rel=\"nofollow ugc\">Slider View\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Contact \u003Ca href=\"https:\u002F\u002Fweplugins.com\u002Fsupport\" rel=\"nofollow ugc\">Dedicated Support team\u003C\u002Fa> for any assistance in the plugin setup process, for any query or for any customisation request for this plugin.\u003C\u002Fp>\n\u003Cp>Features List\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Six beautiful & responsive blog post listing designs.\u003C\u002Fli>\n\u003Cli>Numeric pagination support for every layout. Manageable settings for pagination.\u003C\u002Fli>\n\u003Cli>Display posts, pages, and custom post types listing.\u003C\u002Fli>\n\u003Cli>Filter posts by categories.\u003C\u002Fli>\n\u003Cli>Filter posts by tags.\u003C\u002Fli>\n\u003Cli>Filter custom post types by taxonomies.\u003C\u002Fli>\n\u003Cli>Listing inherits most of the typography from currently activated theme.\u003C\u002Fli>\n\u003Cli>Manageable color picker settings for buttons UI to make it theme compatible.\u003C\u002Fli>\n\u003Cli>Options for adding custom css in block settings. Full flexibility. \u003C\u002Fli>\n\u003Cli>Compatible with popular custom post type plugins. e,g Advanced Custom Fields (acf plugin).\u003C\u002Fli>\n\u003Cli>Supports custom post type listing.\u003C\u002Fli>\n\u003Cli>Include only some specific posts\u002Fcustom posts by comma separated ids.\u003C\u002Fli>\n\u003Cli>Exclude some particular posts by comma separated ids to be dislayed in output.\u003C\u002Fli>\n\u003Cli>Sort listings by date (ascending\u002Fdescending).\u003C\u002Fli>\n\u003Cli>Alphabetical sorting (A-Z, Z-A).\u003C\u002Fli>\n\u003Cli>Live preview of listings in Gutenberg.\u003C\u002Fli>\n\u003Cli>Customizable listing display.\u003C\u002Fli>\n\u003Cli>Easy block properties configuration.\u003C\u002Fli>\n\u003Cli>Manageable row and column gaping for Grid, Masanory & Overlay layout.\u003C\u002Fli>\n\u003Cli>Display post titles.\u003C\u002Fli>\n\u003Cli>Show post excerpts.\u003C\u002Fli>\n\u003Cli>Include post featured images.\u003C\u002Fli>\n\u003Cli>Display post authors.\u003C\u002Fli>\n\u003Cli>Show post dates.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide post titles.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide post content.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide post excerpts.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide meta data like dates.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide categories.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide tags.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide featured images.\u003C\u002Fli>\n\u003Cli>Customize the number of posts per listing.\u003C\u002Fli>\n\u003Cli>Pagination for long listings.\u003C\u002Fli>\n\u003Cli>Responsive design for mobile and desktop.\u003C\u002Fli>\n\u003Cli>SEO-friendly post listings.\u003C\u002Fli>\n\u003Cli>Lightweight and fast-loading.\u003C\u002Fli>\n\u003Cli>Compatible with all WordPress themes.\u003C\u002Fli>\n\u003Cli>User-friendly interface.\u003C\u002Fli>\n\u003Cli>Regular updates and support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>So this plugin supports a wide range of custom post types and offers extensive filtering options, including categories, tags, and custom taxonomies. Certain posts can also be included or excluded via id from the output. This flexibility ensures that your posts list is tailored to meet your specific needs. Additionally, the posts block can be sorted by date or alphabetically, giving you full control over how your content is presented. Enhance your WordPress site with a post list block that is both functional and visually appealing with maximum flexiblity.\u003C\u002Fp>\n","Display posts list from posts, pages or custom post types. Use Multiple designs and filters.",3000,19550,0,"2025-02-27T13:30:00.000Z","6.7.5","5.5","7.0",[19,20,21,22,23],"blog-listing","blog-post","post-list","post-listing","posts","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-posts-listing","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-posts-listing.1.0.7.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"flippercode",4,63330,91,1193,73,"2026-04-05T02:02:29.756Z",[39,58,76,96,116],{"slug":22,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":13,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":51,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"Post Listing","1.0","farvehandleren","https:\u002F\u002Fprofiles.wordpress.org\u002Ffarvehandleren\u002F","\u003Cp>Display list and grid of posts.\u003C\u002Fp>\n","Display list and grid of posts.",10,1486,"2016-10-03T15:58:00.000Z","4.4.34","4.0","",[53,22,23,54,55],"category","tag","type","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-listing.zip",85,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":51,"download_link":75,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"dynamic-query-filter","Dynamic Query Filter","1.0.1","Adlwebsolutions","https:\u002F\u002Fprofiles.wordpress.org\u002Farunzrko159\u002F","\u003Cp>Dynamic Query Filter is an Elementor widget that enhances LMS websites, blog listings, page listings, and resource\u003Cbr \u002F>\npages by providing dynamic post filtering using ACF Relationship fields.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later. You are free to modify and distribute it under the terms of the GNU\u003Cbr \u002F>\nGeneral Public License as published by the Free Software Foundation, either version 2 of the License, or (at your\u003Cbr \u002F>\noption) any later version.\u003C\u002Fp>\n","Dynamic Query Filter is an Elementor widget designed for LMS websites, blog listings, page listings, and resource  pages.",1008,"2024-10-16T08:09:00.000Z","6.6.5","4.7",[71,72,73,22,74],"acf-query-list","dynamic-post-listing","lms-post-listing","query-filter-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdynamic-query-filter.1.0.1.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":68,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":51,"download_link":95,"security_score":86,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"zoninator","Zone Manager (Zoninator)","0.10.2","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>This plugin is designed to help you curate your content. It lets you assign and order stories within zones that you create, edit, and delete, and display those groupings of related stories on your site.\u003C\u002Fp>\n\u003Cp>This plugin was originally built by \u003Ca href=\"http:\u002F\u002Fdigitalize.ca\" rel=\"nofollow ugc\">Mohammad Jangda\u003C\u002Fa> in conjunction with \u003Ca href=\"http:\u002F\u002Fwpdavis.com\u002F\" rel=\"nofollow ugc\">William Davis\u003C\u002Fa> and the \u003Ca href=\"http:\u002F\u002Fwww.bangordailynews.com\u002F\" rel=\"nofollow ugc\">Bangor Daily News\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add, edit, and delete zones.\u003C\u002Fli>\n\u003Cli>Add and remove posts (or any custom post type) to or from zones.\u003C\u002Fli>\n\u003Cli>Order posts in any given zone.\u003C\u002Fli>\n\u003Cli>Limit capabilities on who can add, edit, and delete zones vs add content to zones.\u003C\u002Fli>\n\u003Cli>Locking mechanism, so only one user can edit a zone at a time (to avoid conflicts).\u003C\u002Fli>\n\u003Cli>Idle control, so people can’t keep the zone locked.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Function Reference\u003C\u002Fh3>\n\u003Cp>Get an array of all zones:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>z_get_zones()\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Get a single zone, accepts either ID or slug:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>z_get_zone( $zone )\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Get an array of ordered posts in a given zone, accepts either ID or slug:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>z_get_posts_in_zone( $zone )\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Get a WP_Query object for a given zone, accepts either ID or slug:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>z_get_zone_query( $zone );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>More functions listed in \u003Ccode>functions.php\u003C\u002Fcode>.\u003C\u002Fp>\n","Content curation made easy! Create \"zones\" then add and order your content!",2000,112853,100,3,"2025-10-02T17:54:00.000Z","5.9","7.4",[92,21,93,23,94],"order","post-order","zones","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzoninator.0.10.2.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":86,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":114,"download_link":115,"security_score":86,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ultimate-content-views","Display Posts As List, Grid, Thumbs","4.4","wp-buy","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp-buy\u002F","\u003Cp>This plugin lets you list posts by category, author, tags, and more, using a shortcode on posts, pages, or widgets with plenty of customization options.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin features: \u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Responsive Templates (Grid list, a list with thumbnails, etc..)\u003C\u002Fli>\n\u003Cli>Image size – thumbnail, medium, large, or any custom size\u003C\u002Fli>\n\u003Cli>Choose categories, tags, authors\u003C\u002Fli>\n\u003Cli>Custom post types and taxonomies support\u003C\u002Fli>\n\u003Cli>Customize the Title, excerpt, date\u003C\u002Fli>\n\u003Cli>Image positioning – top, right, left, in or out of the excerpt\u003C\u002Fli>\n\u003Cli>Custom CSS class for every widget’s instance\u003C\u002Fli>\n\u003Cli>Comprehensive options page (Filter posts by category, tags, authors, etc..)\u003C\u002Fli>\n\u003Cli>List posts from any category\u003C\u002Fli>\n\u003Cli>List posts from any post type (one or more)\u003C\u002Fli>\n\u003Cli>List posts based on the post date & status\u003C\u002Fli>\n\u003Cli>Pagination options (posts per page, pagination styling)\u003C\u002Fli>\n\u003Cli>Read more options (button text and styling)\u003C\u002Fli>\n\u003Cli>Exclusion options (exclude posts by the author, category, and tags)\u003C\u002Fli>\n\u003Cli>Order by options (order by date ascending or descending or randomly)\u003C\u002Fli>\n\u003Cli>Shortcode support\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin lets you list posts by category, author, tags, and more, using a shortcode on posts, pages, or widgets with plenty of customization option …",900,14621,7,"2025-06-15T19:06:00.000Z","6.8.5","3.5","7.3",[112,113,21,23],"author-posts","list-category-posts","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-content-views\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-content-views.4.4.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":13,"num_ratings":13,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":90,"tags":129,"homepage":135,"download_link":136,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"lsx-blog-customizer","LSX Blog Customizer","1.4.7","Ash Shaw","https:\u002F\u002Fprofiles.wordpress.org\u002Ffeedmymedia\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Flsdev.biz\u002Flsx\u002Fextensions\u002Fblog-customizer\u002F\" rel=\"nofollow ugc\">LSX Blog Customiser\u003C\u002Fa> is developed for the LSX Theme to customise the blog layout for your archive pages and single blog posts. The main blog page is also customisable using this extension.\u003C\u002Fp>\n\u003Cp>In addition to a beautiful blog you can also add a layout switcher for users to change between grid and list view.\u003C\u002Fp>\n\u003Cp>Use LSX Search to index and create filters for your blog page. Searching your blog content allows users to be in control of what they want to see.\u003C\u002Fp>\n\u003Cp>It allows you it to customize various aspects of the the appearance of your blog, posts widgets, archive pages and single posts so they looks exactly how you want.\u003C\u002Fp>\n\u003Ch4>Free Companion Theme\u003C\u002Fh4>\n\u003Cp>LSX Team is built to show off the best of the WordPress block editor, but it requires the free LSX theme in the WordPress theme repository as the perfect companion for LSX Blocks – https:\u002F\u002Fwordpress.org\u002Fthemes\u002Flsx\u002F\u003C\u002Fp>\n\u003Ch4>Block Editor Support\u003C\u002Fh4>\n\u003Cp>The LSX theme is full compatible with the WordPress block editor. This means you can now make use of the drag-and-drop page builder when creating new pages and posts.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Flsdev.biz\u002Flsx\u002Fextensions\u002Fblocks\" rel=\"nofollow ugc\">LSX Blocks\u003C\u002Fa> is an extension with blocks designed to display perfectly with the LSX theme. The blocks plugin extends various WordPress core blocks to be more flexible with the WordPress theme.\u003C\u002Fp>\n\u003Cp>The combination of LSX Theme & LSX Blocks gives you a true page builder experience using the WordPress Gutenberg block editor.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>We have extensive documentation on all our plugins and theme functionality. This allows you to take control of your website setup and design to your needs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.lsdev.biz\u002Flsx\u002Fdocumentation\u002Flsx-extensions\u002Flsx-blog-customizer\u002F\" rel=\"nofollow ugc\">LSX Blog Customiser Documentation\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Contact the \u003Ca href=\"https:\u002F\u002Flsdev.biz\u002F\" rel=\"nofollow ugc\">LightSpeed\u003C\u002Fa> for assistance via the \u003Ca href=\"https:\u002F\u002Fwww.lsdev.biz\u002Flsx\u002Fsupport\u002F\" rel=\"nofollow ugc\">LSX support form\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you are experiencing issues with the LSX  plugin, please log any bug issues you are having on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flightspeeddevelopment\u002Flsx-blog-customiser\u002Fissues\" rel=\"nofollow ugc\">LSX Blog Customiser Issues\u003C\u002Fa> page.\u003C\u002Fp>\n\u003Ch4>Contributing\u003C\u002Fh4>\n\u003Cp>Extensible, adaptable, and open source — LSX Blog Customiser is created with theme and plugin developers in mind. If you’re interested to jump in the project, there are opportunities for developers at all levels to get involved.\u003C\u002Fp>\n\u003Cp>If you’re a developer who’s spotted a bug issue and have a fix, or simply have the functionality you think would extend our core theme, we are always happy to accept your contribution! Visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flightspeeddevelopment\u002Flsx-blog-customiser\u002F\" rel=\"nofollow ugc\">LSX Blog Customiser on Github\u003C\u002Fa> and submit a Pull Request with your updates.\u003C\u002Fp>\n","The LSX Blog Customiser will let you create the type of blog you want, showcasing your content in the layout and with the right metadata that you deci …",60,5652,"2023-08-18T05:10:00.000Z","6.3.8","5.0",[130,131,132,133,134],"blog-customizer","blog-posts","customizer","lsx","related-posts","https:\u002F\u002Flsx.lsdev.biz\u002Fextensions\u002Fblog-customizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flsx-blog-customizer.1.4.7.zip",{"attackSurface":138,"codeSignals":179,"taintFlows":187,"riskAssessment":188,"analyzedAt":196},{"hooks":139,"ajaxHandlers":161,"restRoutes":162,"shortcodes":176,"cronEvents":177,"entryPointCount":178,"unprotectedCount":178},[140,146,150,153,157],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","init","aplb_advance_posts_listing_block_callback","advanced-posts-listing.php",34,{"type":141,"name":147,"callback":148,"file":144,"line":149},"rest_api_init","aplb_register_custom_endpoints",35,{"type":141,"name":147,"callback":151,"file":144,"line":152},"aplb_register_custom_rest_fields",36,{"type":141,"name":154,"callback":155,"file":144,"line":156},"plugins_loaded","aplb_load_plugin_languages",37,{"type":141,"name":158,"callback":159,"file":144,"line":160},"enqueue_block_editor_assets","aplb_get_server_side_pass",38,[],[163,171],{"namespace":164,"route":165,"methods":166,"callback":168,"permissionCallback":169,"file":144,"line":170},"wpppro\u002Fv1","\u002Flist-cpt\u002F",[167],"GET","aplb_get_custom_post_types_and_tax","__return_true",1500,{"namespace":164,"route":172,"methods":173,"callback":174,"permissionCallback":169,"file":144,"line":175},"\u002Fget-post-by-id\u002F",[167],"aplb_get_posts_type_by_id",1510,[],[],2,{"dangerousFunctions":180,"sqlUsage":181,"outputEscaping":183,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":186},[],{"prepared":13,"raw":13,"locations":182},[],{"escaped":184,"rawEcho":13,"locations":185},89,[],[],[],{"summary":189,"deductions":190},"The \"advanced-posts-listing\" plugin v1.0.7 exhibits a mixed security posture. On the positive side, the plugin demonstrates excellent practices in its handling of SQL queries, with 100% using prepared statements, and all output is properly escaped, indicating a strong defense against common injection and XSS vulnerabilities.  The absence of dangerous functions, file operations, and external HTTP requests further bolsters its security.  Furthermore, its vulnerability history is clean, with no recorded CVEs, suggesting a history of responsible development and maintenance.\n\nHowever, a significant concern arises from the plugin's attack surface. It exposes two REST API routes that lack any permission callbacks. This means that potentially sensitive operations or data exposed through these routes could be accessed by any user, regardless of their role or privileges.  The lack of any nonce checks on entry points is also a notable weakness, as it leaves the plugin susceptible to CSRF attacks. While taint analysis and static code signals for dangerous functions are clean, the unprotected entry points represent a clear and present risk that could be exploited if the REST API endpoints themselves contain exploitable logic.\n\nIn conclusion, while the plugin excels in secure coding practices for SQL and output handling, its security is significantly undermined by unprotected REST API endpoints and a general absence of nonce checks. These vulnerabilities create a substantial attack surface that attackers could leverage. The clean vulnerability history is encouraging, but it does not mitigate the immediate risks posed by the identified structural weaknesses in access control.",[191,193],{"reason":192,"points":46},"REST API routes without permission callbacks",{"reason":194,"points":195},"Lack of nonce checks on entry points",8,"2026-03-16T18:17:29.491Z",{"wat":198,"direct":209},{"assetPaths":199,"generatorPatterns":203,"scriptPaths":204,"versionParams":205},[200,201,202],"\u002Fwp-content\u002Fplugins\u002Fadvanced-posts-listing\u002Fbuild\u002Fstyle-index.css","\u002Fwp-content\u002Fplugins\u002Fadvanced-posts-listing\u002Fbuild\u002Findex.js","\u002Fwp-content\u002Fplugins\u002Fadvanced-posts-listing\u002Fbuild\u002Fview.js",[],[201,202],[206,207,208],"advanced-posts-listing\u002Fbuild\u002Fstyle-index.css?ver=","advanced-posts-listing\u002Fbuild\u002Findex.js?ver=","advanced-posts-listing\u002Fbuild\u002Fview.js?ver=",{"cssClasses":210,"htmlComments":217,"htmlAttributes":218,"restEndpoints":224,"jsGlobals":226,"shortcodeOutput":228},[211,212,213,214,215,216],"wp-block-advanced-posts-listing","apl-grid-item","apl-listing-item","apl-overlay-item","apl-slider-item","apl-masonry-item",[],[219,220,221,222,223],"data-layout","data-title-manage-styling","data-title-font-size","data-meta-manage-styling","data-meta-font-size",[225],"\u002Fwp-json\u002Fadvanced-posts-listing\u002Fv1\u002Fposts",[227],"advancedPostsListingFrontend",[]]