[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwqKl34w0DO_p3CgiPX-HXk4ZXdAumkwu4rEjRONUGtM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":142,"fingerprints":180},"basic-url-shortcodes","Basic URL ShortCodes","4.0.2","Vikas Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevikas301\u002F","\u003Cp>Sometimes you need to display your website’s base URL, active theme URL or uploads folder URL directly inside your content editor.\u003C\u002Fp>\n\u003Cp>Basic URL Shortcodes allows you to easily insert important WordPress URLs using simple shortcodes inside posts, pages and widgets.\u003C\u002Fp>\n\u003Ch4>Available Shortcodes\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>[home_url]\u003C\u002Fstrong>\u003Cbr \u002F>\nOutputs the website’s home URL (as set in WordPress Settings).\u003Cbr \u002F>\nExample:\u003Cbr \u002F>\nhttp:\u002F\u002Flocalhost\u002Fwp-demo\u003C\u002Fp>\n\u003Cp>\u003Cstrong>[theme_url_template]\u003C\u002Fstrong>\u003Cbr \u002F>\nOutputs the URL of the currently active theme (child theme supported).\u003Cbr \u002F>\nExample:\u003Cbr \u002F>\nhttp:\u002F\u002Flocalhost\u002Fwp-demo\u002Fwp-content\u002Fthemes\u002Fmytheme\u003C\u002Fp>\n\u003Cp>\u003Cstrong>[UPLOAD_URL]\u003C\u002Fstrong>\u003Cbr \u002F>\nOutputs the base URL of the WordPress uploads directory.\u003Cbr \u002F>\nExample:\u003Cbr \u002F>\nhttp:\u002F\u002Flocalhost\u002Fwp-demo\u002Fwp-content\u002Fuploads\u003C\u002Fp>\n\u003Cp>These shortcodes are useful when building custom layouts, inserting dynamic links or when theme customization options are limited.\u003C\u002Fp>\n\u003Cp>Lightweight, simple and fully compatible with modern WordPress editors.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin uses the GPLv3 license.\u003C\u002Fp>\n","Provides simple shortcodes to output essential WordPress URLs inside posts, pages and widgets.",3000,7450,100,2,"2026-02-28T05:52:00.000Z","6.9.4","4.0.0","",[20,21,22,23,24],"basic-url","rockon","shortcode","stylesheet","template","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbasic-url-shortcodes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbasic-url-shortcodes.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"devikas301",6,3350,94,30,90,"2026-04-04T05:00:35.280Z",[40,59,83,103,123],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":13,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":56,"download_link":57,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"url-shortcodes","URL ShortCodes","1.2","cgarvey","https:\u002F\u002Fprofiles.wordpress.org\u002Fcgarvey\u002F","\u003Cp>Sometimes you want to put the base URL (that of the blog, or that of the active template) in your content editor. Times when the template customising isn’t quite flexible enough.\u003Cbr \u002F>\nWith this plugin you can use [url_base] to output the base URL of the blog (as set in your Settings). Or, you can use [url_template] to output the URL of the active template.\u003C\u002Fp>\n\u003Cp>For example \u003Ccode>\u003Cimg src=\"[url_base]\u002Ftest.png \u002F>\u003C\u002Fcode> in your editor might output \u003Ccode>\u003Cimg src=\"http:\u002F\u002Flocalhost\u002Fwordpress\u002Ftest.png\" \u002F>\u003C\u002Fcode> (if http:\u002F\u002Flocalhost\u002Fwordpress is what you have configured as your blog URL in Settings).\u003C\u002Fp>\n\u003Cp>The supported short codes are as follows:\u003Cbr \u002F>\n* [url_base] – the configured blog URL (set in Settings). E.g. http:\u002F\u002Flocalhost\u002Fwordpress\u003Cbr \u002F>\n* [url_template] – the URL of the active template. E.g. http:\u002F\u002Flocalhost\u002Fwordpress\u002Fwp-content\u002Fthemes\u002Fmytheme1\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin uses the GPLv3 license.\u003C\u002Fp>\n","URL ShortCodes plugin adds support for a basic short codes to use in your post\u002Fpage editor that produce correct absolute URLs.",2000,12824,1,"2018-12-08T00:33:00.000Z","5.0.25","2.9.0",[44,55,22,23,24],"short-code","http:\u002F\u002Fcgarvey.ie\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Furl-shortcodes.rel_1-02.zip",85,{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":11,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":79,"download_link":80,"security_score":81,"vuln_count":50,"unpatched_count":27,"last_vuln_date":82,"fetched_at":29},"cf7-email-add-on","Email addon for CF7","2.0","KrishaWeb","https:\u002F\u002Fprofiles.wordpress.org\u002Fkrishaweb\u002F","\u003Cp>Email addon for CF7 is the email configuration extension to the Contact Form 7. It lets you customize the contact form email both for users and admin. You can select the most suitable email template from the pre-developed templates and easily customize the template as per your requirements. You can add and update the content, links, graphics and buttons of the email template that too without expert coding skills.\u003C\u002Fp>\n\u003Cp>Different pre-developed email templates lets also enables you to do the A\u002FB testing to understand the user behavior and improve the conversion rate. It is not just a contact from 7 email add on, it also helps you with your conversion optimization process. It is easy to install, set up and requires minimum technical skills to update.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>10+ Pre-developed responsive email templates\u003C\u002Fli>\n\u003Cli>Multiple Email templates for Contact Form 7\u003C\u002Fli>\n\u003Cli>Single step template selection \u003C\u002Fli>\n\u003Cli>Click to copy shortcode\u003C\u002Fli>\n\u003Cli>User can see special mail tags on the plugin popup\u003C\u002Fli>\n\u003Cli>Can add\u002Fremove form fields \u003C\u002Fli>\n\u003Cli>Ability to customize pre-developed templates\u003C\u002Fli>\n\u003Cli>Compatible with WordPress 4.6 and above \u003C\u002Fli>\n\u003Cli>Compatible with Contact Form 7 version 5 and above\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>PRO Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>18+ Pre-developed responsive email templates\u003C\u002Fli>\n\u003Cli>Can download HTML Template for external use\u003C\u002Fli>\n\u003Cli>Compatible with custom shortcode\u003C\u002Fli>\n\u003Cli>Preview template & send test email\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Buy Contact Form 7 Email Add On Pro on Codecanyon :\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fcontact-form-7-email-add-on-pro\u002F23172379\" rel=\"nofollow ugc\">https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fcontact-form-7-email-add-on-pro\u002F23172379\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Check such amazing email add-on for Ninja form as well at \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fninja-forms-email-add-on\u002F22782567\" rel=\"nofollow ugc\">https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fninja-forms-email-add-on\u002F22782567\u003C\u002Fa>. It comes with all these features for Ninja form along with some additional features.\u003C\u002Fp>\n","Email addon for CF7 plugin provides the responsive Email templates to admin and users.",36707,92,9,"2025-09-26T07:28:00.000Z","6.8.5","6.6","7.4",[75,76,77,78,22],"cf7","contactform7","email-template","html-email","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcf7-email-add-on\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-email-add-on.2.0.zip",98,"2024-11-20 00:00:00",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":13,"num_ratings":50,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":101,"download_link":102,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"shortcodely","Shortcodely","1.0.1","Swapnil V. Patil","https:\u002F\u002Fprofiles.wordpress.org\u002Fpatilswapnilv\u002F","\u003Cp>Insert separate widgets or a entire widget area (sidebar) into a page using a shortcode.\u003C\u002Fp>\n\u003Cp>Customize the widget setting in “widgets for shortcodely” widget area.No extra efforts. Exactly as you would do it for any other widget.\u003C\u002Fp>\n\u003Cp>\u003Cem>do_widget shortcode\u003C\u002Fem>,will do its magic and display the widget or the even a chosen sidebar from the \u003Cem>do_widget_area\u003C\u002Fem> shortcode.\u003C\u002Fp>\n\u003Cp>The plugins default action is that it will magically find the settings for your themes first sidebar and use them to control the widget’s output.  In most cases this would mean that the widget will be styled as per the rest of your theme.  In case, yout need to change the styling, there are parameters to override it.\u003C\u002Fp>\n\u003Cp>Whenever you need to change your theme, the plugin automagically saves and restores the widgets and its settings. It will then select the sidebar setting from the currect theme you are using.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Instructions:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Make sure you test the widget in the regualr widget area, or any exisitng sidebar.\u003C\u002Fli>\n\u003Cli>Then Activate shortcodely. (Ignore id already done.)\u003C\u002Fli>\n\u003Cli>Go to Appearance > Widgets and find the ” widgets for shortcodely” sidebar or widget area\u003C\u002Fli>\n\u003Cli>Add your desired widgets to the Shortcodely side bar. Save.\u003C\u002Fli>\n\u003Cli>Go the Shortcodely settings.  Click on one of the create page links to help you setup the shortcode.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>OR go to an existing page and enter a shortcode:\u003C\u002Fp>\n\u003Cp>[do_widget widgetname]   eg: [do_widget calendar]\u003Cbr \u002F>\n[do_widget “widget name”].   eg: [do_widget “tag cloud”]\u003Cbr \u002F>\n[do_widget id=widgetid]\u003C\u002Fp>\n\u003Cp>[do_widget_area]  (will use the  “widgets in shortcodes” widget area \u002F sidebar\u003Cbr \u002F>\n[do_widget_area sidebarname]  for another sidebar or widget area – eg: to maximise likelihood of getting your theme’s widget css to apply.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If the plugin cannot work out what you want and you are logged in as an administrator, it will show a debug prompt to you, the logged in admin only.\u003Cbr \u002F>\nClick on the link ‘Try debug’.  It will produce a bunch of info. Look for the id of your widget in the shortcodes sidebar (you may have to scroll through a lot of debug info). Try using the widget id.   Sometimes the widget name that wordpress calls it internally is not the same as what you see on the screen and you will need the ‘debug’ to find the id.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>[do_widget …] Parameters:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>nameofwidget\u003C\u002Fem> or name=”\u003Cem>nameofwidget\u003C\u002Fem>”  This is NOT the title of the widget.  THis is the name that you see in the widgets menu page even when unassigned to a sidebar.  For existing users , you can also use just the name of the widget without name=.  It must bethe first parameter then.\u003C\u002Fli>\n\u003Cli>id=\u003Cem>wordpress assigned id of widget\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>title=false to hide the widgets title OR to override your themes first sidebar html settings for widget titles, use title=\u003Cem>htmltag\u003C\u002Fem> where \u003Cem>htmltag\u003C\u002Fem> is one of h1,h2,h3,h4,h5,header,strong,em.  If not entered plugin will use the same title html that your themes first sidebar uses – yes even if you change themes, it will switch to the new themes html.\u003C\u002Fli>\n\u003Cli>wrap=\u003Cem>htmltag\u003C\u002Fem> where \u003Cem>htmltag\u003C\u002Fem> is one of div,p,main,aside,section.  This will override your themes first sidebar html settings for widget wrapping html.\u003C\u002Fli>\n\u003Cli>widget_classes=none  This will remove the class “widget” from the wrapping html and the class “widget_title” from the title html.  This may be enough to remove any unwanted css styling from your theme.\u003C\u002Fli>\n\u003Cli>class=\u003Cem>yourclassname\u003C\u002Fem>  By default the plugin will add a class of amr-widget tto the wrapping html.  You can use this to add any special css.  Add css either by editing your themes stylesheet if it is a custom theme, or using something like the wordpress custom css plugin.\u003C\u002Fli>\n\u003Cli>sidebar=”\u003Cem>sidebarname\u003C\u002Fem>”  will default to widgets_for_shortcode sidebar.  Only use if you want to re-use a widget already beingused in another sidebar.  THis is theme dependent and WILL break if you change themes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>[do_widget_area …] Parameters:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>widget_area=\u003Cem>yourwidgetarea\u003C\u002Fem>  defaults to ‘widgets_for_shortcodes’ if nothing entered\u003C\u002Fli>\n\u003Cli>widget_area_class=none    \u002F* option to remove theme styling by removing the widget_area class from the sidebar html *\u002F\u003C\u002Fli>\n\u003Cli>widget_classes=none     \u002F* option to remove the widget class from the widget wrappinghtml\u003C\u002Fli>\n\u003Cli>class=\u003Cem>yourclassname\u003C\u002Fem>   default is amr_widget_area’\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See the settings page for links to help your create the shortcodes in a page.\u003C\u002Fp>\n\u003Cp>To ‘remove debug mode’\u003Cbr \u002F>\nremove ?do_widget_debug=1 from the url you are looking at (NOTE it only debugs if you are logged in and an administrator, so this is really NOT a problem.)\u003C\u002Fp>\n\u003Cp>The plugin has been tested with most standard widgets (rss feeds, tag cloud, pages, meta, search, and of course my own plugins widgets – upcoming events list, calendar and user lists.\u003C\u002Fp>\n\u003Cp>If you use a widget more than once for different reasons, you may need to use the widget id to isolate which widget instance and it’s settings to use.  ie: [do_widget id=categories-6] .  If you just use the name, it will display all widgets in the shortcode sidebar with that name (all instances).\u003C\u002Fp>\n\u003Cp>If you liked this plugin, you might also like my other plugins:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-and-logout-redirect\u002F\" rel=\"ugc\">\u003Cstrong>Login and Logout redirect\u003C\u002Fstrong>\u003C\u002Fa> – Redirects users to specified url on logging in, logging out OR both.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgravity-pre-submission-confirmation\u002F\" rel=\"ugc\">\u003Cstrong>Gravity Pre-submission Confirmation\u003C\u002Fstrong>\u003C\u002Fa> – adds a pre-submission confirmation page to your Graviy forms where users can preview their entered data before they submit it.\u003C\u002Fp>\n","Enable the usage of shortcodes almost any where on your website",400,4723,"2021-07-14T07:38:00.000Z","5.7.15","4.0",[97,98,22,99,100],"page","page-template","templates","widget","https:\u002F\u002Fgithub.com\u002Fpatilswapnilv\u002Fshortcodely\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcodely.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":113,"requires_at_least":114,"requires_php":18,"tags":115,"homepage":120,"download_link":121,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":122},"lotos-likes","Lotos Likes","1.8","Excellent Dynamics","https:\u002F\u002Fprofiles.wordpress.org\u002Fexcellentdynamics\u002F","\u003Cp>Add “like” functionality to your posts and pages. Display your most liked posts via widget.\u003C\u002Fp>\n","Add \"like\" functionality to your posts and pages",200,4220,"6.5.8","4.2",[116,117,118,22,119],"hearts","likes","post","template-tag","https:\u002F\u002Fexcellentdynamics.biz\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flotos-likes.4.8.zip","2026-03-15T10:48:56.248Z",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":13,"downloaded":131,"rating":13,"num_ratings":50,"last_updated":132,"tested_up_to":71,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":18,"download_link":141,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"anywhere-elementor-template","Show template by shortcode for Elementor","1.0.2","Saiful Islam","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodersaiful\u002F","\u003Cp>\u003Cstrong>Show template by shortcode for Elementor\u003C\u002Fstrong> plugin allows users to display Elementor sections\u002Fcanvas\u002Ftemplates anywhere on their WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How to use?\u003C\u002Fstrong>\u003Cbr \u002F>\nBy shortcode: \u003Ccode>[AETS_Template id='123']\u003C\u002Fcode> – use template’s id, instead 123.\u003Cbr \u002F>\nTips: Go to Dashboard -> Templates (find shortcode from Shortcode column).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Use Templates Anywhere\u003C\u002Fstrong> – Effortlessly insert your Elementor-created templates into any section of your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Integration\u003C\u002Fstrong> – Simply copy and paste the generated shortcode to display your template in pages, posts, widgets, or other builder elements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless Compatibility\u003C\u002Fstrong> – Works with any WordPress theme or page builder, ensuring maximum flexibility.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Take your Elementor designs to the next level with this powerful and easy-to-use plugin!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Credits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>We believe in giving credit where it’s due. Our plugin utilizes the following third-party resources to enhance its functionality:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Felementor\u002F\" rel=\"ugc\">Elementor Website Builder\u003C\u002Fa>: Elementor, the leading WordPress website creation platform, empowers you to build professional, pixel-perfect websites seamlessly.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002F\" rel=\"ugc\">WordPress\u003C\u002Fa>: We are indebted to the WordPress platform for providing the framework that powers our plugin. Its open-source nature and extensive community support make it an ideal environment for creating powerful and customizable solutions.\u003C\u002Fp>\n","Display Elementor sections\u002Fcanvas\u002Ftemplates using shortcode in anywhere of your site.",1425,"2025-07-01T13:10:00.000Z","6.2","7.0",[136,137,138,139,140],"elementor-anywhere","elementor-template","elementor-template-anywhere","elementor-template-shortcode","elementor-shortcode","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanywhere-elementor-template.1.0.2.zip",{"attackSurface":143,"codeSignals":163,"taintFlows":170,"riskAssessment":171,"analyzedAt":179},{"hooks":144,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":161,"entryPointCount":162,"unprotectedCount":27},[],[],[],[148,153,157],{"tag":149,"callback":150,"file":151,"line":152},"home_url","roHomeUrl","ro_burl_short_codes.php",19,{"tag":154,"callback":155,"file":151,"line":156},"theme_url_template","roThemeUrlTemplate",25,{"tag":158,"callback":159,"file":151,"line":160},"UPLOAD_URL","roUploadUrl",32,[],3,{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":169},[],{"prepared":27,"raw":27,"locations":166},[],{"escaped":162,"rawEcho":27,"locations":168},[],[],[],{"summary":172,"deductions":173},"The 'basic-url-shortcodes' plugin, version 4.0.2, exhibits a generally strong security posture based on the provided static analysis.  The absence of dangerous functions, file operations, external HTTP requests, and the exclusive use of prepared statements for SQL queries are commendable.  Furthermore, all identified output appears to be properly escaped, and there are no recorded vulnerabilities in its history, suggesting a low overall risk profile and consistent security development practices.\n\nHowever, there are areas that raise concern, particularly the complete lack of nonce checks and capability checks across all identified entry points. With three shortcodes present, this absence creates a potential avenue for Cross-Site Request Forgery (CSRF) attacks if these shortcodes perform any sensitive actions.  While the taint analysis found no unsanitized paths, the lack of explicit authorization mechanisms on these shortcodes means that any user, even an unauthenticated one if the shortcodes are accessible publicly, could potentially trigger their functionality. The lack of any identified AJAX handlers or REST API routes does limit the immediate attack surface, but the shortcode functionality remains a point of attention.\n\nIn conclusion, 'basic-url-shortcodes' v4.0.2 is a plugin that demonstrates good practices in areas like SQL and output sanitization, and its vulnerability history is clean. The primary weakness lies in the missing authorization and CSRF protection for its shortcode entry points. While no active vulnerabilities are apparent, the potential for exploitation exists due to these missing security controls. It is recommended that the developers implement nonce and capability checks for all shortcodes.",[174,177],{"reason":175,"points":176},"Missing nonce checks on shortcodes",8,{"reason":178,"points":176},"Missing capability checks on shortcodes","2026-03-16T18:22:25.613Z",{"wat":181,"direct":188},{"assetPaths":182,"generatorPatterns":183,"scriptPaths":184,"versionParams":185},[],[],[],[186,187],"basic-url-shortcodes\u002Fstyle.css?ver=","basic-url-shortcodes\u002Fscript.js?ver=",{"cssClasses":189,"htmlComments":190,"htmlAttributes":191,"restEndpoints":192,"jsGlobals":193,"shortcodeOutput":194},[],[],[],[],[],[195,196],"\u003Ca href=\"","\">"]