[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZezbZtbeu09UT9xqhiyaqSA5Qbk4Zk9cKUvJfBmh89c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":15,"tags":18,"homepage":22,"download_link":23,"security_score":13,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":136,"fingerprints":214},"beautiful-recent-posts-widget","Beautiful Recent Posts Widget","1.0","Gaurav Tiwari","https:\u002F\u002Fprofiles.wordpress.org\u002Fgauravtiwari\u002F","\u003Cul>\n\u003Cli>Lightweight – Just 5kB in size.\u003C\u002Fli>\n\u003Cli>Tested on WordPress 3.5+ \u002F\u002F WordPress 4.1 recommended.\u003C\u002Fli>\n\u003Cli>Customize the way you want.\u003C\u002Fli>\n\u003Cli>Link to one of your blog pages.\u003C\u002Fli>\n\u003Cli>Free support and future updates at \u003Ca href=\"http:\u002F\u002Fgauravtiwari.org\u002F\" title=\"Gaurav Tiwari\" rel=\"nofollow ugc\">personal blog\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Beautiful Recent Posts Widget (BRPW) is a clean minimal sidebar widget to showcase your recent articles in a clean & beautiful way.",10,2689,100,1,"","4.1.42","3.5",[19,20,21],"posts","sidebar","widget","http:\u002F\u002Fgauravtiwari.org\u002Fportfolio\u002Fbeautiful-recent-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeautiful-recent-posts-widget.1.1.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":13,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"gauravtiwari",3,8010,30,94,"2026-04-04T21:15:29.276Z",[36,59,80,98,117],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":15,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":58},"advanced-random-posts-widget","Advanced Random Posts Widget","2.2.1","Ga Satrya","https:\u002F\u002Fprofiles.wordpress.org\u002Fsatrya\u002F","\u003Ch4>Notice\u003C\u002Fh4>\n\u003Cp>This plugin is no longer supported, please use \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frecent-posts-widget-extended\u002F\" rel=\"ugc\">Recent posts widget Extended\u003C\u002Fa> instead.\u003C\u002Fp>\n\u003Cp>This plugin will enable a custom, flexible and advanced random posts. It allows you to display a list of random posts via shortcode or widget with thumbnail, excerpt and post date, also you can display it from all or specific or multiple taxonomy.\u003C\u002Fp>\n\u003Ch4>Features Include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow you to set title url.\u003C\u002Fli>\n\u003Cli>Display thumbnails, with customizable size and alignment.\u003C\u002Fli>\n\u003Cli>Display excerpt, with customizable length.\u003C\u002Fli>\n\u003Cli>Display from all, specific or multiple category.\u003C\u002Fli>\n\u003Cli>Display from all, specific or multiple tag.\u003C\u002Fli>\n\u003Cli>Display from all, specific or multiple taxonomy.\u003C\u002Fli>\n\u003Cli>Display post date.\u003C\u002Fli>\n\u003Cli>Display post modified date.\u003C\u002Fli>\n\u003Cli>Post types.\u003C\u002Fli>\n\u003Cli>Post status.\u003C\u002Fli>\n\u003Cli>Allow you to set custom css class per widget.\u003C\u002Fli>\n\u003Cli>Add custom html or text before and\u002For after random posts.\u003C\u002Fli>\n\u003Cli>Multiple widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support Me\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Purchase or download my \u003Ca href=\"https:\u002F\u002Fwp.idenovasi.com\u002F\" rel=\"nofollow ugc\">WordPress themes\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Purchase my \u003Ca href=\"https:\u002F\u002Fwww.fiverr.com\u002Fidenovasi\" rel=\"nofollow ugc\">Services\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Try another \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fidenovasi\u002F#content-plugins\" rel=\"nofollow ugc\">WordPress plugin\u003C\u002Fa> from me.\u003C\u002Fli>\n\u003Cli>Contribute on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fidenovasi\u002Fadvanced-random-posts-widget\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shorcode Explanation\u003C\u002Fh3>\n\u003Cp>Explanation of shortcode options:\u003C\u002Fp>\n\u003Cp>Basic shortcode\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display 10 random posts\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw limit=\"10\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display with thumbnail and set the size\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw thumbnail=\"true\" thumbnail_size=\"arpw-thumbnail\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display posts based on category by id\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw thumbnail=\"true\" cat=\"10\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display portfolio post type\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw post_type=\"portfolio\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Here’s the full default shortcode arguments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>title=\"\"\noffset=\"\"\nlimit=\"5\"\npost_type=\"post\"\npost_status=\"publish\"\nignore_sticky=\"1\"\ntaxonomy=\"\"\ncat=\"\"\ntag=\"\"\nthumbnail=\"false\"\nthumbnail_size=\"arpw-thumbnail\"\nthumbnail_align=\"left\"\nexcerpt=\"false\"\nexcerpt_length=\"10\"\ndate=\"false\"\ndate_modified=\"false\"\ndate_relative=\"false\"\ncss_class=\"\"\nbefore=\"\"\nafter=\"\"\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Provides flexible and advanced random posts. Display it via shortcode or widget with thumbnails, post excerpt, and much more!",10000,216217,80,39,"2023-08-05T11:11:00.000Z","6.1.10","4.5",[52,20,53,21,54],"random-posts","thumbnail","widgets","https:\u002F\u002Fgithub.com\u002Fidenovasi\u002Fadvanced-random-posts-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-random-posts-widget.2.2.1.zip",85,"2026-03-15T15:16:48.613Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":44,"downloaded":67,"rating":13,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":76,"download_link":77,"security_score":78,"vuln_count":14,"unpatched_count":24,"last_vuln_date":79,"fetched_at":58},"newpost-catch","Newpost Catch","1.3.22","Tetsuya Imamura","https:\u002F\u002Fprofiles.wordpress.org\u002Fs56bouya\u002F","\u003Cp>Thumbnails in new articles setting widget.\u003C\u002Fp>\n","Thumbnails in new articles setting widget.",288091,2,"2025-03-03T00:21:00.000Z","6.7.5","5.6","7.2",[74,75,19,20,21],"image","images","http:\u002F\u002Fwww.imamura.biz\u002Fblog\u002Fnewpost-catch\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnewpost-catch.1.3.22.zip",91,"2025-02-20 15:03:22",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":44,"downloaded":88,"rating":24,"num_ratings":24,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":96,"download_link":97,"security_score":13,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":58},"raratheme-companion","RaraTheme Companion","1.4.4","Rara Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fraratheme\u002F","\u003Cp>RaraTheme Companion is truly a must have companion for your website. It provides 23 useful and frequently used widgets that you can add to the sidebars to create an engaging website.\u003C\u002Fp>\n\u003Ch3>Widgets offered\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Advertisement\u003C\u002Fli>\n\u003Cli>A Featured Page\u003C\u002Fli>\n\u003Cli>Author Bio\u003C\u002Fli>\n\u003Cli>Call to Action\u003C\u002Fli>\n\u003Cli>Client Logo\u003C\u002Fli>\n\u003Cli>Contact\u003C\u002Fli>\n\u003Cli>Custom Categories\u003C\u002Fli>\n\u003Cli>Facebook Page\u003C\u002Fli>\n\u003Cli>FAQs\u003C\u002Fli>\n\u003Cli>Featured Post\u003C\u002Fli>\n\u003Cli>Icon Text\u003C\u002Fli>\n\u003Cli>Image Text\u003C\u002Fli>\n\u003Cli>Image\u003C\u002Fli>\n\u003Cli>Latest Tweets\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Popular Post\u003C\u002Fli>\n\u003Cli>Posts Category Slider\u003C\u002Fli>\n\u003Cli>Recent Post\u003C\u002Fli>\n\u003Cli>Snapchat\u003C\u002Fli>\n\u003Cli>Social Media\u003C\u002Fli>\n\u003Cli>Stat Counter\u003C\u002Fli>\n\u003Cli>Team Member\u003C\u002Fli>\n\u003Cli>Testimonial\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The plugin works best with themes developed by Rara Theme.\u003C\u002Fp>\n\u003Cp>The plugin also provides simple yet clean code which allows developers to overwrite the plugin properties. The plugin offers a multiple numbers of filters and action hooks which for maximum flexibility to the developers.\u003C\u002Fp>\n","23 extremely useful custom widgets to create an engaging website.",497772,"2026-01-06T05:43:00.000Z","6.9.4","4.4.0","7.4",[19,94,95,54],"sidebars","social-links","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fraratheme-companion","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fraratheme-companion.1.4.4.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":33,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":15,"tags":112,"homepage":15,"download_link":116,"security_score":57,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":58},"recent-posts-by-category-widget","Recent Posts by Category Widget","1.3","Ross Cornell","https:\u002F\u002Fprofiles.wordpress.org\u002Frossc\u002F","\u003Cp>This plugin adds a simple widget that allows you to display a number of recent blog posts from a specific category. You have the options to choose a title, category, number of posts and whether or not to show the post date. The posts will be ordered by date just like the default Recent Posts widget included with WordPress.\u003C\u002Fp>\n","Just like the default Recent Posts widget except you can choose a category to pull posts from.",4000,33251,12,"2017-11-28T16:45:00.000Z","4.2.39","3.0.1",[113,114,115,20,21],"categories","category","recent-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecent-posts-by-category-widget.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":33,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":92,"tags":131,"homepage":134,"download_link":135,"security_score":57,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":58},"expanding-archives","Expanding Archives","2.1.0","Ashley","https:\u002F\u002Fprofiles.wordpress.org\u002Fnosegraze\u002F","\u003Cp>Expanding Archives adds a widget that shows your old posts in an expandable\u002Fcollapsible format. Each post is categorized under its year and month, so you can expand all the posts in a given month and year.\u003C\u002Fp>\n\u003Cp>This plugin comes with very minimal CSS styling so you can easily customize it to match your design.\u003C\u002Fp>\n\u003Cp>JavaScript is required. No IE support.\u003C\u002Fp>\n","This plugin adds a new widget where you can view your old posts by expanding certain years and months.",2000,22798,6,"2024-03-23T14:55:00.000Z","6.4.8","3.0",[132,133,19,20,21],"archives","navigation","https:\u002F\u002Fshop.nosegraze.com\u002Fproduct\u002Fexpanding-archives\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpanding-archives.zip",{"attackSurface":137,"codeSignals":149,"taintFlows":198,"riskAssessment":199,"analyzedAt":213},{"hooks":138,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":24,"unprotectedCount":24},[139],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","widgets_init","anonymous","BRPWidget.php",113,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":154,"outputEscaping":156,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":197},[151],{"fn":152,"file":143,"line":144,"context":153},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"BRP_Widget\");'));",{"prepared":24,"raw":24,"locations":155},[],{"escaped":157,"rawEcho":158,"locations":159},4,22,[160,163,165,167,168,170,171,173,175,177,178,179,181,182,184,186,188,189,191,193,194,196],{"file":143,"line":161,"context":162},37,"raw output",{"file":143,"line":164,"context":162},38,{"file":143,"line":166,"context":162},47,{"file":143,"line":166,"context":162},{"file":143,"line":169,"context":162},56,{"file":143,"line":169,"context":162},{"file":143,"line":172,"context":162},59,{"file":143,"line":174,"context":162},92,{"file":143,"line":176,"context":162},93,{"file":143,"line":176,"context":162},{"file":143,"line":33,"context":162},{"file":143,"line":180,"context":162},95,{"file":143,"line":180,"context":162},{"file":143,"line":183,"context":162},98,{"file":143,"line":185,"context":162},101,{"file":143,"line":187,"context":162},102,{"file":143,"line":187,"context":162},{"file":143,"line":190,"context":162},103,{"file":143,"line":192,"context":162},104,{"file":143,"line":192,"context":162},{"file":143,"line":195,"context":162},106,{"file":143,"line":195,"context":162},[],[],{"summary":200,"deductions":201},"The \"beautiful-recent-posts-widget\" v1.0 plugin exhibits a mixed security posture. On the positive side, it has a very small attack surface with no reported AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all SQL queries are secured using prepared statements, and there are no file operations or external HTTP requests, which are common sources of vulnerabilities.  However, there are significant concerns regarding code quality and security best practices. The presence of the `create_function` function is a major red flag, as it is deprecated and can be exploited for code injection if not handled with extreme care. More importantly, a substantial percentage (85%) of output is not properly escaped, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The lack of any nonce checks or capability checks on any entry points further exacerbates this risk, as any user, regardless of their role or authentication status, could potentially trigger these unescaped outputs.  The plugin's vulnerability history is clean, with no known CVEs, which might suggest its limited attack surface and lack of complex features have so far avoided major exploits. However, the current code analysis reveals significant inherent risks that could be easily leveraged if an attacker finds a way to interact with the unescaped outputs. The lack of historical vulnerabilities should not be interpreted as a sign of robust security, given the identified coding flaws.",[202,205,208,211],{"reason":203,"points":204},"High percentage of unescaped output (85%)",8,{"reason":206,"points":207},"Presence of dangerous function: create_function",7,{"reason":209,"points":210},"No nonce checks on any entry points",5,{"reason":212,"points":210},"No capability checks on any entry points","2026-03-16T23:29:54.855Z",{"wat":215,"direct":222},{"assetPaths":216,"generatorPatterns":218,"scriptPaths":219,"versionParams":220},[217],"\u002Fwp-content\u002Fplugins\u002Fbeautiful-recent-posts-widget\u002Fcss\u002Fbrpw.css",[],[],[221],"\u002Fcss\u002Fbrpw.css?ver=",{"cssClasses":223,"htmlComments":229,"htmlAttributes":230,"restEndpoints":232,"jsGlobals":233,"shortcodeOutput":234},[224,225,226,227,228],"brpw-news-sidebar","brpw-clearfix","brpw-imgframe","brpw-date-news","brpw-button-more",[],[231],"data-retina",[],[],[]]