[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fa2IcGqPJ1fwUels1JlOqQk3GSCxM_t5U596EbomXVN4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":140,"fingerprints":790},"bcms","bCMS","5.3","Casey Bisson","https:\u002F\u002Fprofiles.wordpress.org\u002Fmisterbisson\u002F","\u003Cp>Make WordPress a better CMS. Create a post loop in a widget. Lazy load widgets. More shortcodes. More good.\u003C\u002Fp>\n\u003Ch4>Widgets\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Post Loop allows you to build your own, um, post loop, and put it anywhere a widget will fit.\u003C\u002Fli>\n\u003Cli>Pages replaces WP’s built in Pages widget and adds the option to expand the page list to include the parents and immediate children of the page your currently viewing.\u003C\u002Fli>\n\u003Cli>The Breadcrumbs widget makes navigation throughout the site easier.\u003C\u002Fli>\n\u003Cli>Category description widget can display the category description without requiring you to modify your theme.\u003C\u002Fli>\n\u003Cli>The paged navigation widget makes it easier to display the number of pages in an archive.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Automatically build an index of headings on a page and create a table of contents to it (with links to anchors on the page)\u003C\u002Fli>\n\u003Cli>Embed a list of pages or sub-pages on a page or post\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Fork me!\u003C\u002Fh4>\n\u003Cp>This plugin is on Github: https:\u002F\u002Fgithub.com\u002Fmisterbisson\u002Fbcms\u003C\u002Fp>\n\u003Ch4>History\u003C\u002Fh4>\n\u003Cp>The bCMS plugin is derived from bSuite and includes many of the content management features and none of the cruft from that plugin. See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftags\u002Fbsuite\" rel=\"ugc\">the whole family of bSuite plugins\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Build status\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftravis-ci.org\u002Fmisterbisson\u002Fbcms\" rel=\"nofollow ugc\">Master build status at Travis-CI\u003C\u002Fa>: \u003Ca href=\"https:\u002F\u002Ftravis-ci.org\u002Fmisterbisson\u002Fbcms\" rel=\"nofollow ugc\">\u003C\u002Fa>\u003C\u002Fp>\n","A suite of tools that improve WordPress' CMS capabilities.",10,4074,0,"2014-10-30T21:20:00.000Z","4.0.38","3.3","",[19,20,21,22,23],"bsuite","cms","content-management","formatting","widgets","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbcms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbcms.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"misterbisson",7,290,84,3405,68,"2026-04-04T11:01:28.009Z",[39,60,80,103,124],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":17,"tags":54,"homepage":58,"download_link":59,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"restrict-widgets","Restrict Widgets","1.3.1","dFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fdfactory\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.dfactory.eu\u002Fplugins\u002Frestrict-widgets\u002F\" rel=\"nofollow ugc\">Restrict Widgets\u003C\u002Fa> is all in one solution for widget management in WordPress. It lets you easily control the pages that each widget will appear on and avoid creating multiple sidebars and duplicating widgets. You can also set who can manage widgets, which sidebars and widgets will be available to selected users, which widget options will be available and how it will be displayed.\u003C\u002Fp>\n\u003Cp>By default, Hide widget on selected is enabled with no options selected, so all current widgets will continue to display on all pages.\u003C\u002Fp>\n\u003Cp>For more information, check out plugin page at \u003Ca href=\"http:\u002F\u002Fwww.dfactory.eu\u002F\" rel=\"nofollow ugc\">dFactory\u003C\u002Fa> or plugin \u003Ca href=\"http:\u002F\u002Fwww.dfactory.eu\u002Fsupport\u002Fforum\u002Frestrict-widgets\u002F\" rel=\"nofollow ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Hide or display each widget on selected pages, posts, categories, custom taxonomies, custom post types, single posts, archives, special pages, for logged in or logged out users, current language, mobile device and so on\u003C\u002Fli>\n\u003Cli>Select which user roles are restricted to manage widgets\u003C\u002Fli>\n\u003Cli>Select which sidebars will be restricted to admins only\u003C\u002Fli>\n\u003Cli>Select which widgets will be restricted to admins only\u003C\u002Fli>\n\u003Cli>Select which widget options will be restricted to admins only\u003C\u002Fli>\n\u003Cli>Choose to display or not widget options as groups\u003C\u002Fli>\n\u003Cli>Option to modify the is_active_sidebar() function to use Restrict Widgets display settings\u003C\u002Fli>\n\u003Cli>Multisite compatible\u003C\u002Fli>\n\u003Cli>WPML compatible\u003C\u002Fli>\n\u003Cli>Polylang compatible\u003C\u002Fli>\n\u003Cli>.pot file for translations included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Chinese – by Changmeng Hu\u003C\u002Fli>\n\u003Cli>Czech – by Martin Kucera\u003C\u002Fli>\n\u003Cli>German – by \u003Ca href=\"http:\u002F\u002Fapart-webdesign.de\u002F\" rel=\"nofollow ugc\">Angelika Reisiger\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Hebrew – by \u003Ca href=\"http:\u002F\u002Fatar4u.com\u002F\" rel=\"nofollow ugc\">Ahrale Shrem\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian – by \u003Ca href=\"http:\u002F\u002Fsododesign.it\u002F\" rel=\"nofollow ugc\">Davide Pante\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Polish – by Bartosz Arendt\u003C\u002Fli>\n\u003C\u002Ful>\n","All in one widgets and sidebars management in WordPress. Allows you to hide or display widgets on specified pages and restrict access for users.",4000,132717,96,36,"2017-11-28T12:16:00.000Z","4.7.32","4.0",[20,55,56,57,23],"conditional-tags","widget","widget-only","http:\u002F\u002Fwww.dfactory.eu\u002Fplugins\u002Frestrict-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestrict-widgets.1.3.1.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":34,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"pagely-multiedit","Pagely MultiEdit","0.9.8.6","joshua strebel","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoshuastrebel\u002F","\u003Cp>One thing I always wished WP would do better is allow for multiple editable content blocks on page templates. This plugin uses custom fields to create simple tinyMCE editable regions on page templates.\u003C\u002Fp>\n\u003Cp>See Instructions and Usage Examples here: \u003Ca href=\"https:\u002F\u002Fpagely.com\u002Fmultiedit-plugin\u002F\" rel=\"nofollow ugc\">Pagely MultiEdit plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>NOTE: Must be used inside\u002Fafter the opening loop statement:\u003Cbr \u002F>\nwhile (have_posts()) : the_post();\u003Cbr \u002F>\n  multieditDisplay(‘YourBlockName’);\u003C\u002Fp>\n\u003Cp>Brought to you by: \u003Ca href=\"https:\u002F\u002Fpagely.com\" rel=\"nofollow ugc\">Pagely WordPress Hosting\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Follow \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fstrebel\" rel=\"nofollow ugc\">@strebel\u003C\u002Fa> and feel free to check out \u003Ca href=\"https:\u002F\u002Fpagely.com\" rel=\"nofollow ugc\">Pagely\u003C\u002Fa>\u003C\u002Fp>\n","MultiEdit adds tinyMCE editable \"blocks\" to WordPress custom page templates.",300,34377,5,"2016-05-10T20:26:00.000Z","4.5.33","2.9",[75,20,22,76,77],"admin","page","pages","https:\u002F\u002Fpagely.com\u002Fmultiedit-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpagely-multiedit.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":17,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":17,"tags":94,"homepage":98,"download_link":99,"security_score":100,"vuln_count":101,"unpatched_count":101,"last_vuln_date":102,"fetched_at":28},"shortcode-generator","Shortcode Generator","1.1","kylegetson","https:\u002F\u002Fprofiles.wordpress.org\u002Fkylegetson\u002F","Generate as many shortcodes. Keep pages synchronized for split testing, or reuse a specific peice of code on multiple pages.",100,13052,60,2,"2009-11-17T01:22:00.000Z","2.8.6","2.8.0",[20,95,96,97,23],"shortcodes","split-testing","unlimited","http:\u002F\u002Fwww.getson.info\u002Fshortcode-generator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcode-generator.1.1.zip",63,1,"2025-07-08 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":13,"num_ratings":13,"last_updated":113,"tested_up_to":114,"requires_at_least":93,"requires_php":17,"tags":115,"homepage":120,"download_link":121,"security_score":122,"vuln_count":101,"unpatched_count":101,"last_vuln_date":123,"fetched_at":28},"navigation-du-lapin-blanc","Navigation Du Lapin Blanc","1.1.1","bjoerne","https:\u002F\u002Fprofiles.wordpress.org\u002Fbjoerne\u002F","\u003Cp>This plugin provides integrated navigation for your website. Thus you can use WordPress as a CMS for your website and think in terms of main navigation, sub navigation etc. A navigation item can link to page, a category, directly to the first sub navigation item (if no own content exist for this item), an external url or a sitemap page. There are a lot of helpful methods to realize a website navigation with little effort like printing the navigation on any level (main, sub, sub sub etc.), searching single navigation items and handle them individually, using cross links in the content, providing a sitemap page and so on.\u003C\u002Fp>\n\u003Cp>Plugin page with a large documentation and a lot of examples: \u003Ca href=\"http:\u002F\u002Fwww.bjoerne.com\u002Fnavigation-du-lapin-blanc\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.bjoerne.com\u002Fnavigation-du-lapin-blanc\u002F\u003C\u002Fa>\u003C\u002Fp>\n","This plugin provides integrated navigation for your website. Use WordPress as a CMS for your website and think in navigation terms (main, sub etc.)",40,11218,"2017-09-29T07:05:00.000Z","4.8.28",[20,116,117,118,119],"content-management-system","menu","navigation","sitemap","http:\u002F\u002Fwww.bjoerne.com\u002Fnavigation-du-lapin-blanc","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnavigation-du-lapin-blanc.zip",64,"2025-01-14 00:00:00",{"slug":19,"name":125,"version":126,"author":7,"author_profile":8,"description":127,"short_description":128,"active_installs":11,"downloaded":129,"rating":13,"num_ratings":13,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":17,"tags":133,"homepage":137,"download_link":138,"security_score":26,"vuln_count":101,"unpatched_count":13,"last_vuln_date":139,"fetched_at":28},"bSuite","5 alpha 3","\u003Cp>bSuite is a set of tools that help surface interesting and popular stories as well as improve WordPress’ CMS capabilities and usefulness as an application platform. \u003Ca href=\"http:\u002F\u002Fmaisonbisson.com\u002Fbsuite\u002Fwidgets\u002F\" rel=\"nofollow ugc\">Available widgets\u003C\u002Fa> can show most popular posts, recently commented posts, or related posts (can also add a listof related posts to the bottom of the post content). \u003Ca href=\"http:\u002F\u002Fmaisonbisson.com\u002Fbsuite\u002Fshortcodes\u002F\" rel=\"nofollow ugc\">Added shortcodes\u003C\u002Fa> help organize content, allowing you to list all sub-pages of the current page or list all headings within the page. Another shortcode will render RSS feeds into a page or post. See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbsuite\u002Fscreenshots\u002F\" rel=\"ugc\">the screenshots\u003C\u002Fa> for more.\u003C\u002Fp>\n\u003Ch4>Stats\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Tracks page loads across your WordPress site\u003C\u002Fli>\n\u003Cli>Works with caching plugins\u003C\u002Fli>\n\u003Cli>Shows you what’s popular, what’s growing in popularity, and what’s declining\u003C\u002Fli>\n\u003Cli>Shows you what categories and tags are most popular\u003C\u002Fli>\n\u003Cli>Tracks the search terms readers use to find your site (and highlights those terms on the page)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Widgets\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fmaisonbisson.com\u002Fbsuite\u002Fwidgets\u002F\" rel=\"nofollow ugc\">bSuite widgets\u003C\u002Fa> include:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Post Loop allows you to build your own, um, post loop, and put it anywhere a widget will fit.\u003C\u002Fli>\n\u003Cli>Pages replaces WP’s built in Pages widget and adds the option to expand the page list to include the parents and immediate children of the page your currently viewing.\u003C\u002Fli>\n\u003Cli>bSuite Popular Posts\u003C\u002Fli>\n\u003Cli>bSuite Related Posts\u003C\u002Fli>\n\u003Cli>bSuite Recently Commented Posts\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fmaisonbisson.com\u002Fbsuite\u002Fshortcodes\u002F\" rel=\"nofollow ugc\">Built-in shortcodes\u003C\u002Fa> allow you to:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Embed an RSS or Atom feed into a post or page\u003C\u002Fli>\n\u003Cli>Include the content or excerpt from one post or page in another.\u003C\u002Fli>\n\u003Cli>Automatically build an index of headings on a page and create a table of contents to it (with links to anchors on the page)\u003C\u002Fli>\n\u003Cli>Embed a list of pages or sub-pages on a page or post\u003C\u002Fli>\n\u003Cli>Embed Slideshare items\u003C\u002Fli>\n\u003Cli>Embed Wufoo forms\u003C\u002Fli>\n\u003C\u002Fol>\n","A suite of tools used to help surface interesting and popular stories as well as improve WordPress' CMS capabilities as an application platform.",23536,"2012-04-11T04:15:00.000Z","3.3.2","3.2",[20,21,134,135,136],"statistics","stats","tags","http:\u002F\u002Fmaisonbisson.com\u002Fbsuite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbsuite.zip","2014-09-27 00:00:00",{"attackSurface":141,"codeSignals":345,"taintFlows":752,"riskAssessment":778,"analyzedAt":789},{"hooks":142,"ajaxHandlers":318,"restRoutes":328,"shortcodes":329,"cronEvents":344,"entryPointCount":32,"unprotectedCount":13},[143,149,154,157,162,167,172,176,179,182,185,189,193,197,201,204,207,211,214,218,220,224,227,230,233,236,239,242,245,248,253,257,260,263,267,270,271,274,279,282,284,288,293,297,301,303,305,308,312,314],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","admin_menu","bcms_config_page","admin.php",25,{"type":150,"name":151,"callback":152,"priority":11,"file":147,"line":153},"filter","plugin_action_links","bcms_plugin_action_links",31,{"type":144,"name":155,"callback":156,"file":147,"line":111},"admin_init","bcms_admin_init",{"type":144,"name":158,"callback":159,"priority":101,"file":160,"line":161},"widgets_init","bcms_widgets_init","bcms.php",26,{"type":150,"name":163,"callback":164,"priority":11,"file":165,"line":166},"print_footer_scripts","print_js","components\\class-bcms-postloop-scroller.php",42,{"type":150,"name":168,"callback":169,"file":170,"line":171},"wijax-actions","wjiax_actions","components\\class-bcms-postloop-widget.php",22,{"type":150,"name":173,"callback":174,"priority":11,"file":170,"line":175},"posts_where","posts_where_comments_yes_once",199,{"type":150,"name":173,"callback":177,"priority":11,"file":170,"line":178},"posts_where_comments_no_once",202,{"type":150,"name":173,"callback":180,"priority":11,"file":170,"line":181},"posts_where_date_before_once",214,{"type":150,"name":173,"callback":183,"priority":11,"file":170,"line":184},"posts_where_date_since_once",218,{"type":150,"name":186,"callback":187,"priority":11,"file":170,"line":188},"posts_fields","posts_fields_recently_commented_once",252,{"type":150,"name":190,"callback":191,"priority":11,"file":170,"line":192},"posts_join","posts_join_recently_commented_once",253,{"type":150,"name":194,"callback":195,"priority":11,"file":170,"line":196},"posts_groupby","posts_groupby_recently_commented_once",254,{"type":150,"name":198,"callback":199,"priority":11,"file":170,"line":200},"posts_orderby","posts_orderby_recently_commented_once",255,{"type":150,"name":190,"callback":202,"priority":11,"file":170,"line":203},"posts_join_recently_popular_once",266,{"type":150,"name":198,"callback":205,"priority":11,"file":170,"line":206},"posts_orderby_recently_popular_once",267,{"type":150,"name":208,"callback":209,"file":170,"line":210},"posts_request","posts_request_once",357,{"type":144,"name":212,"callback":212,"file":213,"line":161},"init","components\\class-bcms-postloop.php",{"type":144,"name":215,"callback":216,"priority":13,"file":213,"line":217},"template_redirect","get_default_posts",28,{"type":144,"name":155,"callback":155,"file":213,"line":219},41,{"type":144,"name":221,"callback":222,"file":213,"line":223},"admin_footer","footer_activatejs",49,{"type":144,"name":212,"callback":212,"file":225,"line":226},"components\\class-bcms-search.php",12,{"type":150,"name":228,"callback":229,"file":225,"line":171},"save_post","delete_index_for_post",{"type":144,"name":231,"callback":232,"file":225,"line":148},"bcms_search_reindex","reindex_passive",{"type":144,"name":234,"callback":234,"priority":101,"file":225,"line":235},"parse_query",39,{"type":150,"name":237,"callback":237,"priority":70,"file":225,"line":238},"posts_search",131,{"type":150,"name":240,"callback":240,"priority":70,"file":225,"line":241},"posts_join_request",132,{"type":150,"name":243,"callback":243,"priority":70,"file":225,"line":244},"posts_fields_request",133,{"type":150,"name":246,"callback":246,"priority":70,"file":225,"line":247},"posts_orderby_request",134,{"type":150,"name":249,"callback":250,"priority":70,"file":251,"line":252},"wijax-base-current","base_current","components\\class-bcms-wijax-widget.php",14,{"type":150,"name":254,"callback":255,"priority":70,"file":251,"line":256},"wijax-base-home","base_home",15,{"type":144,"name":212,"callback":212,"file":258,"line":259},"components\\class-bcms-wijax.php",18,{"type":144,"name":158,"callback":158,"priority":261,"file":258,"line":262},11,19,{"type":150,"name":264,"callback":265,"file":258,"line":266},"query_vars","add_query_var",20,{"type":150,"name":268,"callback":268,"file":258,"line":269},"request",30,{"type":150,"name":163,"callback":164,"priority":11,"file":258,"line":50},{"type":150,"name":215,"callback":272,"priority":13,"file":258,"line":273},"redirect",126,{"type":150,"name":275,"callback":276,"priority":277,"file":278,"line":32},"content_save_pre","nametags",3,"components\\innerindex.php",{"type":150,"name":228,"callback":280,"file":278,"line":281},"delete_cache",9,{"type":150,"name":283,"callback":283,"file":278,"line":11},"go_theme_page_summary",{"type":150,"name":163,"callback":285,"priority":11,"file":286,"line":287},"bcms_print_late_styles","components\\late-enqueue.php",29,{"type":144,"name":289,"callback":290,"file":291,"line":292},"update_wpmu_options","sitewide_privacy_update","components\\privacy.php",33,{"type":144,"name":294,"callback":295,"file":291,"line":296},"wpmu_options","sitewide_privacy_options_page",34,{"type":144,"name":298,"callback":299,"file":291,"line":300},"blog_privacy_selector","privacy_options",37,{"type":144,"name":215,"callback":302,"file":291,"line":111},"check_authz",{"type":144,"name":215,"callback":302,"file":291,"line":304},47,{"type":144,"name":306,"callback":306,"priority":101,"file":291,"line":307},"do_robots",57,{"type":144,"name":309,"callback":310,"priority":101,"file":291,"line":311},"wp_head","noindex",62,{"type":144,"name":313,"callback":310,"priority":101,"file":291,"line":100},"login_head",{"type":150,"name":315,"callback":316,"priority":101,"file":291,"line":317},"option_ping_sites","privacy_ping_filter",67,[319,324],{"action":320,"nopriv":321,"callback":322,"hasNonce":321,"hasCapCheck":323,"file":225,"line":153},"bcms-search-reindex",false,"reindex_ajax",true,{"action":325,"nopriv":321,"callback":326,"hasNonce":321,"hasCapCheck":323,"file":225,"line":327},"bcms-search-reset","reset_ajax",32,[],[330,334,339,340,343],{"tag":331,"callback":332,"file":278,"line":333},"innerindex","shortcode",6,{"tag":335,"callback":336,"file":337,"line":338},"pagemenu","list_pages","components\\listchildren.php",8,{"tag":336,"callback":336,"file":337,"line":281},{"tag":341,"callback":342,"file":337,"line":11},"attachmentsmenu","list_attachments",{"tag":342,"callback":342,"file":337,"line":261},[],{"dangerousFunctions":346,"sqlUsage":351,"outputEscaping":364,"fileOperations":101,"externalRequests":13,"nonceChecks":13,"capabilityChecks":333,"bundledLibraries":751},[347],{"fn":348,"file":337,"line":349,"context":350},"unserialize",78,"$post_orig = unserialize( serialize( $post )); \u002F\u002F how else to prevent passing object by reference?",{"prepared":277,"raw":352,"locations":353},4,[354,357,359,362],{"file":225,"line":355,"context":356},103,"$wpdb->get_results() with variable interpolation",{"file":225,"line":358,"context":356},147,{"file":225,"line":360,"context":361},215,"$wpdb->get_col() with variable interpolation",{"file":225,"line":363,"context":356},258,{"escaped":365,"rawEcho":366,"locations":367},116,236,[368,370,371,373,374,376,378,380,382,384,386,387,388,389,391,392,393,395,396,397,398,400,402,404,406,407,409,411,413,415,417,418,419,420,422,424,426,428,429,430,431,433,434,436,438,440,441,443,445,447,449,450,452,454,456,457,459,460,461,463,464,466,468,470,471,472,474,475,477,479,481,483,485,486,487,489,490,491,492,494,496,498,500,501,503,505,507,509,510,512,513,514,516,517,519,521,523,525,526,528,530,532,534,536,537,539,540,542,544,546,548,549,551,553,555,557,558,560,562,564,566,568,569,571,572,574,576,577,579,580,582,584,586,588,589,591,593,595,596,598,599,601,603,604,606,607,608,610,611,613,615,617,618,619,621,622,624,626,628,629,631,633,635,637,639,641,642,643,644,646,648,650,652,654,656,658,660,662,663,664,665,667,669,670,672,674,675,677,678,679,680,682,684,685,686,688,690,691,692,693,695,697,698,699,701,702,703,704,706,708,710,712,713,714,715,717,718,719,721,723,725,727,728,729,730,732,733,734,735,737,739,741,743,745,747,749],{"file":147,"line":307,"context":369},"raw output",{"file":165,"line":307,"context":369},{"file":165,"line":372,"context":369},58,{"file":165,"line":36,"context":369},{"file":170,"line":375,"context":369},362,{"file":170,"line":377,"context":369},390,{"file":170,"line":379,"context":369},513,{"file":170,"line":381,"context":369},517,{"file":170,"line":383,"context":369},520,{"file":170,"line":385,"context":369},718,{"file":170,"line":385,"context":369},{"file":170,"line":385,"context":369},{"file":170,"line":385,"context":369},{"file":170,"line":390,"context":369},719,{"file":170,"line":390,"context":369},{"file":170,"line":390,"context":369},{"file":170,"line":394,"context":369},723,{"file":170,"line":394,"context":369},{"file":170,"line":394,"context":369},{"file":170,"line":394,"context":369},{"file":170,"line":399,"context":369},732,{"file":170,"line":401,"context":369},733,{"file":170,"line":403,"context":369},734,{"file":170,"line":405,"context":369},736,{"file":170,"line":405,"context":369},{"file":170,"line":408,"context":369},747,{"file":170,"line":410,"context":369},761,{"file":170,"line":412,"context":369},762,{"file":170,"line":414,"context":369},763,{"file":170,"line":416,"context":369},767,{"file":170,"line":416,"context":369},{"file":170,"line":416,"context":369},{"file":170,"line":416,"context":369},{"file":170,"line":421,"context":369},781,{"file":170,"line":423,"context":369},782,{"file":170,"line":425,"context":369},783,{"file":170,"line":427,"context":369},790,{"file":170,"line":427,"context":369},{"file":170,"line":427,"context":369},{"file":170,"line":427,"context":369},{"file":170,"line":432,"context":369},806,{"file":170,"line":432,"context":369},{"file":170,"line":435,"context":369},807,{"file":170,"line":437,"context":369},808,{"file":170,"line":439,"context":369},810,{"file":170,"line":439,"context":369},{"file":170,"line":442,"context":369},814,{"file":170,"line":444,"context":369},818,{"file":170,"line":446,"context":369},819,{"file":170,"line":448,"context":369},830,{"file":170,"line":448,"context":369},{"file":170,"line":451,"context":369},831,{"file":170,"line":453,"context":369},832,{"file":170,"line":455,"context":369},834,{"file":170,"line":455,"context":369},{"file":170,"line":458,"context":369},847,{"file":170,"line":458,"context":369},{"file":170,"line":458,"context":369},{"file":170,"line":462,"context":369},851,{"file":170,"line":462,"context":369},{"file":170,"line":465,"context":369},861,{"file":170,"line":467,"context":369},868,{"file":170,"line":469,"context":369},877,{"file":170,"line":469,"context":369},{"file":170,"line":469,"context":369},{"file":170,"line":473,"context":369},881,{"file":170,"line":473,"context":369},{"file":170,"line":476,"context":369},891,{"file":170,"line":478,"context":369},911,{"file":170,"line":480,"context":369},912,{"file":170,"line":482,"context":369},913,{"file":170,"line":484,"context":369},915,{"file":170,"line":484,"context":369},{"file":170,"line":484,"context":369},{"file":170,"line":488,"context":369},921,{"file":170,"line":488,"context":369},{"file":170,"line":488,"context":369},{"file":170,"line":488,"context":369},{"file":170,"line":493,"context":369},933,{"file":170,"line":495,"context":369},934,{"file":170,"line":497,"context":369},935,{"file":170,"line":499,"context":369},937,{"file":170,"line":499,"context":369},{"file":170,"line":502,"context":369},951,{"file":170,"line":504,"context":369},952,{"file":170,"line":506,"context":369},953,{"file":170,"line":508,"context":369},955,{"file":170,"line":508,"context":369},{"file":170,"line":511,"context":369},959,{"file":170,"line":511,"context":369},{"file":170,"line":511,"context":369},{"file":170,"line":515,"context":369},960,{"file":170,"line":515,"context":369},{"file":170,"line":518,"context":369},975,{"file":170,"line":520,"context":369},976,{"file":170,"line":522,"context":369},977,{"file":170,"line":524,"context":369},979,{"file":170,"line":524,"context":369},{"file":170,"line":527,"context":369},985,{"file":170,"line":529,"context":369},997,{"file":170,"line":531,"context":369},998,{"file":170,"line":533,"context":369},999,{"file":170,"line":535,"context":369},1001,{"file":170,"line":535,"context":369},{"file":170,"line":538,"context":369},1005,{"file":170,"line":538,"context":369},{"file":170,"line":541,"context":369},1020,{"file":170,"line":543,"context":369},1021,{"file":170,"line":545,"context":369},1022,{"file":170,"line":547,"context":369},1024,{"file":170,"line":547,"context":369},{"file":170,"line":550,"context":369},1046,{"file":170,"line":552,"context":369},1047,{"file":170,"line":554,"context":369},1048,{"file":170,"line":556,"context":369},1050,{"file":170,"line":556,"context":369},{"file":170,"line":559,"context":369},1063,{"file":170,"line":561,"context":369},1064,{"file":170,"line":563,"context":369},1065,{"file":170,"line":565,"context":369},1067,{"file":170,"line":567,"context":369},1068,{"file":170,"line":567,"context":369},{"file":170,"line":570,"context":369},1071,{"file":170,"line":570,"context":369},{"file":170,"line":573,"context":369},1076,{"file":170,"line":575,"context":369},1077,{"file":170,"line":575,"context":369},{"file":170,"line":578,"context":369},1080,{"file":170,"line":578,"context":369},{"file":170,"line":581,"context":369},1094,{"file":170,"line":583,"context":369},1095,{"file":170,"line":585,"context":369},1096,{"file":170,"line":587,"context":369},1098,{"file":170,"line":587,"context":369},{"file":170,"line":590,"context":369},1114,{"file":170,"line":592,"context":369},1147,{"file":170,"line":594,"context":369},1206,{"file":170,"line":594,"context":369},{"file":170,"line":597,"context":369},1207,{"file":170,"line":597,"context":369},{"file":170,"line":600,"context":369},1208,{"file":170,"line":602,"context":369},1210,{"file":170,"line":602,"context":369},{"file":170,"line":605,"context":369},1226,{"file":170,"line":605,"context":369},{"file":170,"line":605,"context":369},{"file":170,"line":609,"context":369},1230,{"file":170,"line":609,"context":369},{"file":170,"line":612,"context":369},1240,{"file":170,"line":614,"context":369},1248,{"file":170,"line":616,"context":369},1260,{"file":170,"line":616,"context":369},{"file":170,"line":616,"context":369},{"file":170,"line":620,"context":369},1264,{"file":170,"line":620,"context":369},{"file":170,"line":623,"context":369},1272,{"file":170,"line":625,"context":369},1307,{"file":225,"line":627,"context":369},283,{"file":225,"line":33,"context":369},{"file":225,"line":630,"context":369},311,{"file":225,"line":632,"context":369},315,{"file":225,"line":634,"context":369},317,{"file":251,"line":636,"context":369},54,{"file":251,"line":638,"context":369},71,{"file":251,"line":640,"context":369},83,{"file":251,"line":241,"context":369},{"file":251,"line":244,"context":369},{"file":251,"line":247,"context":369},{"file":258,"line":645,"context":369},115,{"file":258,"line":647,"context":369},420,{"file":649,"line":292,"context":369},"components\\cms-widgets.php",{"file":649,"line":651,"context":369},111,{"file":649,"line":653,"context":369},113,{"file":649,"line":655,"context":369},117,{"file":649,"line":657,"context":369},119,{"file":649,"line":659,"context":369},122,{"file":649,"line":661,"context":369},161,{"file":649,"line":661,"context":369},{"file":649,"line":661,"context":369},{"file":649,"line":661,"context":369},{"file":649,"line":666,"context":369},163,{"file":649,"line":668,"context":369},164,{"file":649,"line":668,"context":369},{"file":649,"line":671,"context":369},171,{"file":649,"line":673,"context":369},172,{"file":649,"line":673,"context":369},{"file":649,"line":676,"context":369},184,{"file":649,"line":676,"context":369},{"file":649,"line":676,"context":369},{"file":649,"line":676,"context":369},{"file":649,"line":681,"context":369},187,{"file":649,"line":683,"context":369},188,{"file":649,"line":178,"context":369},{"file":649,"line":178,"context":369},{"file":649,"line":687,"context":369},203,{"file":649,"line":689,"context":369},206,{"file":649,"line":689,"context":369},{"file":649,"line":689,"context":369},{"file":649,"line":689,"context":369},{"file":649,"line":694,"context":369},248,{"file":649,"line":696,"context":369},250,{"file":649,"line":188,"context":369},{"file":649,"line":196,"context":369},{"file":649,"line":700,"context":369},276,{"file":649,"line":700,"context":369},{"file":649,"line":700,"context":369},{"file":649,"line":700,"context":369},{"file":649,"line":705,"context":369},359,{"file":649,"line":707,"context":369},364,{"file":649,"line":709,"context":369},368,{"file":649,"line":711,"context":369},396,{"file":649,"line":711,"context":369},{"file":649,"line":711,"context":369},{"file":649,"line":711,"context":369},{"file":649,"line":716,"context":369},400,{"file":649,"line":716,"context":369},{"file":649,"line":716,"context":369},{"file":649,"line":720,"context":369},445,{"file":649,"line":722,"context":369},449,{"file":649,"line":724,"context":369},455,{"file":649,"line":726,"context":369},472,{"file":649,"line":726,"context":369},{"file":649,"line":726,"context":369},{"file":649,"line":726,"context":369},{"file":649,"line":731,"context":369},475,{"file":649,"line":731,"context":369},{"file":649,"line":731,"context":369},{"file":649,"line":731,"context":369},{"file":286,"line":736,"context":369},61,{"file":291,"line":738,"context":369},145,{"file":291,"line":740,"context":369},150,{"file":291,"line":742,"context":369},156,{"file":744,"line":261,"context":369},"templates-post\\a_default_photo.php",{"file":746,"line":171,"context":369},"templates-post\\e_default_icon.php",{"file":748,"line":256,"context":369},"templates-post\\e_default_icontiny.php",{"file":748,"line":750,"context":369},21,[],[753,770],{"entryPoint":754,"graph":755,"unsanitizedCount":13,"severity":769},"widget (components\\class-bcms-wijax-widget.php:18)",{"nodes":756,"edges":767},[757,762],{"id":758,"type":759,"label":760,"file":251,"line":761},"n0","source","$_SERVER",46,{"id":763,"type":764,"label":765,"file":251,"line":36,"wp_function":766},"n1","sink","echo() [XSS]","echo",[768],{"from":758,"to":763,"sanitized":323},"low",{"entryPoint":771,"graph":772,"unsanitizedCount":13,"severity":769},"\u003Cclass-bcms-wijax-widget> (components\\class-bcms-wijax-widget.php:0)",{"nodes":773,"edges":776},[774,775],{"id":758,"type":759,"label":760,"file":251,"line":761},{"id":763,"type":764,"label":765,"file":251,"line":36,"wp_function":766},[777],{"from":758,"to":763,"sanitized":323},{"summary":779,"deductions":780},"The \"bcms\" plugin version 5.3 exhibits a mixed security posture.  While the static analysis indicates a relatively small attack surface with all identified entry points seemingly protected by authentication checks (no unprotected AJAX handlers or REST API routes), there are several concerning code signals. The presence of a \"unserialize\" function without explicit warnings about its use is a significant red flag, as it can lead to serious vulnerabilities if used with untrusted input. Furthermore, a substantial portion of SQL queries are not using prepared statements, increasing the risk of SQL injection. The low percentage of properly escaped output also poses a risk for cross-site scripting (XSS) vulnerabilities.\n\nThe plugin's vulnerability history is clean, with no known CVEs. This is a positive indicator, suggesting that the developers have either been diligent in securing the code or that the plugin has not been a significant target. However, the lack of historical vulnerabilities does not negate the risks identified in the static analysis. The strengths lie in the seemingly protected entry points and the absence of known exploits. The weaknesses are primarily in the insecure coding practices identified: the use of unserialize, raw SQL queries, and insufficient output escaping.",[781,783,785,787],{"reason":782,"points":256},"Use of unserialize function",{"reason":784,"points":338},"High percentage of SQL queries not prepared",{"reason":786,"points":32},"Low percentage of properly escaped output",{"reason":788,"points":70},"No nonce checks on entry points","2026-03-17T01:16:53.708Z",{"wat":791,"direct":800},{"assetPaths":792,"generatorPatterns":796,"scriptPaths":797,"versionParams":798},[793,794,795],"\u002Fwp-content\u002Fplugins\u002Fbcms\u002Fcomponents\u002Fjs\u002Fedit_widgets.js","\u002Fwp-content\u002Fplugins\u002Fbcms\u002Fcomponents\u002Fjs\u002Fscrollable.min.js","\u002Fwp-content\u002Fplugins\u002Fbcms\u002Fcomponents\u002Fcss\u002Fscrollable.css",[],[793,794],[799],"bcms\u002Fcomponents\u002Fjs\u002Fedit_widgets.js?ver=2",{"cssClasses":801,"htmlComments":803,"htmlAttributes":804,"restEndpoints":805,"jsGlobals":806,"shortcodeOutput":808},[802],"scrollable",[],[],[],[807],"postloops_widgeteditor",[]]