[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCEfA41HybTJpLic-JleUmANaIwIjOdxpz8_kkdghY4Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":44,"crawl_stats":35,"alternatives":52,"analysis":151,"fingerprints":291},"better-random-redirect","Better Random Redirect","1.3.20","Robert Peake","https:\u002F\u002Fprofiles.wordpress.org\u002Frobertpeake\u002F","\u003Cp>Based on the original Random Redirect, this plugin enables efficient, easy random redirection to a post. Supports setting a category for all random redirects, shortcodes to generate URLs that can override the default category, and setting your own redirector URL. Designed to scale to handle high-traffic websites with thousands of posts by using a more efficient strategy than most other redirection plugins employ.\u003C\u002Fp>\n\u003Cp>Based on the original Random Redirect by Matt Mullenweg https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frandom-redirect\u002F\u003C\u002Fp>\n\u003Cp>Special thanks to Tim Green for providing additional quality assurance testing on the popular rattle.com website.\u003C\u002Fp>\n","Based on the original Random Redirect, this plugin enables efficient, easy random redirection to a post. Supports setting a category for all random re &hellip;",700,26670,92,10,"2025-05-26T10:53:00.000Z","6.8.5","3.0.0","",[20,21,22],"category","post","random","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetter-random-redirect\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-random-redirect.1.3.20.zip",78,1,"2025-06-19 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35},"CVE-2025-50021","better-random-redirect-authenticated-administrator-stored-cross-site-scripting","Better Random Redirect \u003C= 1.3.20 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Better Random Redirect plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.3.20","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-06-25 16:57:44",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F922d851a-906c-4413-b6a9-a7b35a547db2?source=api-prod",{"slug":45,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},"robertpeake",3,61300,83,525,67,"2026-04-04T05:26:00.560Z",[53,74,89,106,129],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":18,"tags":67,"homepage":71,"download_link":72,"security_score":73,"vuln_count":63,"unpatched_count":63,"last_vuln_date":35,"fetched_at":28},"advanced-random-posts","Advanced Random Posts","2.3","yakuphan","https:\u002F\u002Fprofiles.wordpress.org\u002Fyakuphan\u002F","\u003Cp>Advanced Random Posts Widget displays your posts by selecting randomly with thumbnail images (optional). It gets posts from selected categories or current category or all posts. When your visitors are at home, it gets posts from all posts or selected category. If you set ‘Get posts from current category’, when visitors see single post, widget lists posts in the same category of single post or when visitors click a category link, it gets posts from current category.\u003C\u002Fp>\n\u003Cp>Notice: Version 2.2+ requires at least 2.8.\u003C\u002Fp>\n\u003Ch4>Supported Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Turkish\u003C\u002Fli>\n\u003Cli>Russian – Thanks \u003Ca href=\"http:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">Fatcow \u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Options\u003C\u002Fh3>\n\u003Cp>Widget’s options allow you to change your random posts list displaying.\u003C\u002Fp>\n\u003Ch4>Title:\u003C\u002Fh4>\n\u003Cp>Your random posts widget’s title on your sidebar.\u003C\u002Fp>\n\u003Ch4>Number of posts to show:\u003C\u002Fh4>\n\u003Cp>How many posts to display\u003C\u002Fp>\n\u003Ch4>Excerpt length (letters)\u003C\u002Fh4>\n\u003Cp>You know that\u003C\u002Fp>\n\u003Ch4>Thumbnail Custom Field Name\u003C\u002Fh4>\n\u003Cp>If you want to display the thumbnail of your posts via a custom field, write its name.\u003C\u002Fp>\n\u003Ch4>Height – Width\u003C\u002Fh4>\n\u003Cp>Images size.\u003C\u002Fp>\n\u003Ch4>Get first image of post\u003C\u002Fh4>\n\u003Cp>If you don’t want to use custom field, plugin will get first image from your post content.\u003C\u002Fp>\n\u003Ch4>Get first attached image of post\u003C\u002Fh4>\n\u003Cp>Plugin gets first attached image of post.\u003C\u002Fp>\n\u003Ch4>Default image\u003C\u002Fh4>\n\u003Cp>If post has no image, plugin display this image. Ex: http:\u002F\u002Fwww.yakupgovler.com\u002Fdefault-image.png\u003C\u002Fp>\n\u003Cp>Notice: If you use three options, plugin uses custom field image firstly. If the post has no custom field, it gets first image from content. At last it gets first attached image. I suggest not to use “Get first image of post” for performance. It queries much more.\u003C\u002Fp>\n\u003Ch4>Categories\u003C\u002Fh4>\n\u003Cp>Plugin gets posts in these categories. (Category IDs, separated by commas.)\u003C\u002Fp>\n\u003Ch4>Get posts from current category:\u003C\u002Fh4>\n\u003Cp>Posts will be get from current category (single post’s category or current category).\u003C\u002Fp>\n","Display random posts from selected categories or current category or all posts with thumbnail images (optional).",300,52616,0,"2017-11-28T20:49:00.000Z","2.8.4","2.8",[20,68,69,22,70],"category-posts","posts","random-posts","http:\u002F\u002Fwww.yakupgovler.com\u002F?p=416","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-random-posts.zip",85,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":14,"downloaded":82,"rating":63,"num_ratings":63,"last_updated":83,"tested_up_to":84,"requires_at_least":84,"requires_php":18,"tags":85,"homepage":87,"download_link":88,"security_score":73,"vuln_count":63,"unpatched_count":63,"last_vuln_date":35,"fetched_at":28},"random-related-posts-based-on-category","Random Related Posts Based on Category","1.0.2","James Kemp","https:\u002F\u002Fprofiles.wordpress.org\u002Ftristarweb\u002F","\u003Cp>This plugin allows you to list any number of related posts from the same category as the current post. You can also randomise these results. It is very lightweight, at only 3KB.\u003C\u002Fp>\n\u003Cp>There are a number of options available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Choose the number of Posts to show\u003C\u002Fli>\n\u003Cli>Choose whether it displays these posts randomly, or in order specified by you.\u003C\u002Fli>\n\u003Cli>Choose whether to display a title, what tags to use, and what text should be displayed (e.g. H3)\u003C\u002Fli>\n\u003Cli>Choose a class for the main UL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To display the random related posts in its simplest form, simply place the following code in your single.php file – \u003Ccode>\u003C?php relatedPosts(); ?>\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>To edit the options availble, use the following codes:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php relatedPosts(\n    $ppp = 4, \n    $rand = true, \n    $rPinctitle = true, \n    $rPtitletag = 'h3', \n    $rPtitle = 'Related Posts', \n    $rPulclass = 'related_posts',\n    $orderby = 'title', \n    $order = 'ASC'\n); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Where:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>$ppp\u003C\u002Fstrong> = Number of posts to display (Any integer allowed)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$rand\u003C\u002Fstrong> = sets the display to random (true\u002Ffalse)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$rPinctitle\u003C\u002Fstrong> = Displays the title (true\u002Ffalse)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$rPtitletag\u003C\u002Fstrong> = The type of tag to wrap the title in (Default h3, but it can be any valid HTML tag)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$rPtitle\u003C\u002Fstrong> = The title to be displayed (This can be any text value)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$rPulclass\u003C\u002Fstrong> = This sets the class of the ul (This can be any text value)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$rPexcerpt\u003C\u002Fstrong> = Displays the post excerpt (true\u002Ffalse)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$orderby\u003C\u002Fstrong> = This allows you to order the posts by certain parameters (title\u002Fauthor\u002Fdate\u002Fmodified\u002Fmenu_order\u002Fparent\u002FID\u002Fnone\u002Fcomment_count) \u003Cstrong>If you want to choose the order of your posts, be sure to set $rand to false\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>$order\u003C\u002Fstrong> = This can either be Ascending or Descending (ASC\u002FDESC)\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows you to list any number of related posts from the same category as the current post. You can also randomise these results.",4770,"2011-01-10T10:48:00.000Z","3",[20,69,22,86],"related","http:\u002F\u002Fwww.tristarwebdesign.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frandom-related-posts-based-on-category.zip",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":14,"downloaded":97,"rating":63,"num_ratings":63,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":18,"tags":101,"homepage":104,"download_link":105,"security_score":73,"vuln_count":63,"unpatched_count":63,"last_vuln_date":35,"fetched_at":28},"show-posts-fade-inout-fix","Show Category Posts Fade in\u002Fout","0.2.3","geegood.com","https:\u002F\u002Fprofiles.wordpress.org\u002Fthaiyindee\u002F","\u003Cp>The Random Featured Post plugin allows you to display a random post from a designated category. Ideally this should draw readers landing on your homepage to some of your best posts. The featured post will display the title “Featured Post” (customizable) along with the post’s title, an excerpt and a link to continue to the full post.\u003C\u002Fp>\n\u003Ch3>Using it\u003C\u002Fh3>\n\u003Cp>Please go here for now for documentation: http:\u002F\u002Fgeegood.com\u002Fwordpress\u002F\u003C\u002Fp>\n","The Random Featured Post plugin allows you to display a random post from a designated category as a \"featured\" post.",3921,"2010-11-11T17:36:00.000Z","3.0.5","3.0",[20,102,103,21,22],"featured","home","http:\u002F\u002Fwordpress.geegood.com\u002Fplugins\u002Fshow-category-posts-fade-inout\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-posts-fade-inout-fix.zip",{"slug":68,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":115,"num_ratings":116,"last_updated":117,"tested_up_to":118,"requires_at_least":66,"requires_php":119,"tags":120,"homepage":124,"download_link":125,"security_score":126,"vuln_count":127,"unpatched_count":63,"last_vuln_date":128,"fetched_at":28},"Category Posts Widget","4.9.22","ZephyrWest","https:\u002F\u002Fprofiles.wordpress.org\u002Fzephyrwest\u002F","\u003Cp>Category Posts Widget is a light widget designed to do one thing and do it well: display the most recent posts from a certain category.\u003C\u002Fp>\n\u003Ch4>Term and Category based Posts Widget\u003C\u002Fh4>\n\u003Cp>A premium version of that free widget available at \u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002F\" rel=\"nofollow ugc\">tiptoppress.com\u003C\u002Fa> created for big WordPress sites.\u003C\u002Fp>\n\u003Ch4>Premium features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Auto-sizing Grid layout\u003C\u002Fli>\n\u003Cli>Custom field support in the Template\u003C\u002Fli>\n\u003Cli>Shortcode support in the Template\u003C\u002Fli>\n\u003Cli>Image-Slider (or News-Ticker)\u003C\u002Fli>\n\u003Cli>Asymmetrical list layouts\u003C\u002Fli>\n\u003Cli>Full background images\u003C\u002Fli>\n\u003Cli>Masonry responsive grid layout\u003C\u002Fli>\n\u003Cli>More complex filter (ANY, NOT, AND, …)\u003C\u002Fli>\n\u003Cli>Custom Post Types, Events, Products support\u003C\u002Fli>\n\u003Cli>All free features\u003C\u002Fli>\n\u003Cli>E-Mail support\u003C\u002Fli>\n\u003Cli>More examples on the \u003Ca href=\"https:\u002F\u002Fdemo.tiptoppress.com\u002F\" rel=\"nofollow ugc\">demo pages\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002Ftemplate-arrange-post-details\u002F\" rel=\"nofollow ugc\">Template\u003C\u002Fa> to arrange the post details.\u003C\u002Fli>\n\u003Cli>The Template text can be a post details placeholder, plain text, HTML or a font-icons.\u003C\u002Fli>\n\u003Cli>Font-icon support.\u003C\u002Fli>\n\u003Cli>‘Load more’ button \u002F Ajax API\u003C\u002Fli>\n\u003Cli>Item Title heading level buttons\u003C\u002Fli>\n\u003Cli>Excerpt length and item title in lines (line-clamp)\u003C\u002Fli>\n\u003Cli>Shortcode (Easily change all Shortcode options in the customizer).\u003C\u002Fli>\n\u003Cli>Date range filter\u003C\u002Fli>\n\u003Cli>New date format: Time since plublished\u003C\u002Fli>\n\u003Cli>Filter by post status: Published, scheduled, private.\u003C\u002Fli>\n\u003Cli>Multiple shortcodes at the same site or post.\u003C\u002Fli>\n\u003Cli>Add option for post offset (use two or more widgets after another).\u003C\u002Fli>\n\u003Cli>Admin UI: Buttons in the editor toolbar to insert shortcode.\u003C\u002Fli>\n\u003Cli>Option to touch device friendly “everything is a link”.\u003C\u002Fli>\n\u003Cli>For editing shortcode adds a Customizer link to the admin-bar (“With one click to the Customizer”).\u003C\u002Fli>\n\u003Cli>Set thumbnail width & height \u002F image crop with CSS (object-fit).\u003C\u002Fli>\n\u003Cli>Fluid images (max-width in %).\u003C\u002Fli>\n\u003Cli>One thumb dimension can be left empty.\u003C\u002Fli>\n\u003Cli>Option to set mouse hover effects for post thumbnail.\u003C\u002Fli>\n\u003Cli>Set a default thumbnail.\u003C\u002Fli>\n\u003Cli>Hide widget text or text, if there is no post.\u003C\u002Fli>\n\u003Cli>Option to hide posts which have no thumbnail.\u003C\u002Fli>\n\u003Cli>Option exclude current post.\u003C\u002Fli>\n\u003Cli>Option show post author, comment’s count, post date.\u003C\u002Fli>\n\u003Cli>Admin UI: Set \u002F find thumbnail size buttons: +, ¼, ½, 2x, -, ratio and Media sizes\u003C\u002Fli>\n\u003Cli>Admin UI: Buttons to easy add post details placeholder.\u003C\u002Fli>\n\u003Cli>Multi sites support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Full \u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002Fcategory-posts-widget\u002Fdocumentation-4-9\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Shortcode: Use [catposts] in the content and \u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002Fuse-shortcode-to-add-category-posts-widget-to-the-content\u002F\" rel=\"nofollow ugc\">edit in the customizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Formatting date and time: See \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFormatting_Date_and_Time\" rel=\"nofollow ugc\">Formatting Date and Time\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>While using this plugin if you find any bug or any conflict, please submit an issue at\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDanielFloeter\u002Fcategory-posts-widget\" rel=\"nofollow ugc\">Github\u003C\u002Fa> (If possible with a pull request).\u003C\u002Fp>\n","Adds a widget that shows the most recent posts from a single category.",40000,1787954,90,79,"2026-02-07T16:33:00.000Z","6.9.4","5.3",[121,122,20,69,123],"block","categories","recent-posts","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcategory-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-posts.4.9.22.zip",99,2,"2025-04-03 00:00:00",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":137,"downloaded":138,"rating":139,"num_ratings":140,"last_updated":141,"tested_up_to":142,"requires_at_least":143,"requires_php":18,"tags":144,"homepage":149,"download_link":150,"security_score":73,"vuln_count":63,"unpatched_count":63,"last_vuln_date":35,"fetched_at":28},"advanced-random-posts-widget","Advanced Random Posts Widget","2.2.1","Ga Satrya","https:\u002F\u002Fprofiles.wordpress.org\u002Fsatrya\u002F","\u003Ch4>Notice\u003C\u002Fh4>\n\u003Cp>This plugin is no longer supported, please use \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frecent-posts-widget-extended\u002F\" rel=\"ugc\">Recent posts widget Extended\u003C\u002Fa> instead.\u003C\u002Fp>\n\u003Cp>This plugin will enable a custom, flexible and advanced random posts. It allows you to display a list of random posts via shortcode or widget with thumbnail, excerpt and post date, also you can display it from all or specific or multiple taxonomy.\u003C\u002Fp>\n\u003Ch4>Features Include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow you to set title url.\u003C\u002Fli>\n\u003Cli>Display thumbnails, with customizable size and alignment.\u003C\u002Fli>\n\u003Cli>Display excerpt, with customizable length.\u003C\u002Fli>\n\u003Cli>Display from all, specific or multiple category.\u003C\u002Fli>\n\u003Cli>Display from all, specific or multiple tag.\u003C\u002Fli>\n\u003Cli>Display from all, specific or multiple taxonomy.\u003C\u002Fli>\n\u003Cli>Display post date.\u003C\u002Fli>\n\u003Cli>Display post modified date.\u003C\u002Fli>\n\u003Cli>Post types.\u003C\u002Fli>\n\u003Cli>Post status.\u003C\u002Fli>\n\u003Cli>Allow you to set custom css class per widget.\u003C\u002Fli>\n\u003Cli>Add custom html or text before and\u002For after random posts.\u003C\u002Fli>\n\u003Cli>Multiple widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support Me\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Purchase or download my \u003Ca href=\"https:\u002F\u002Fwp.idenovasi.com\u002F\" rel=\"nofollow ugc\">WordPress themes\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Purchase my \u003Ca href=\"https:\u002F\u002Fwww.fiverr.com\u002Fidenovasi\" rel=\"nofollow ugc\">Services\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Try another \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fidenovasi\u002F#content-plugins\" rel=\"nofollow ugc\">WordPress plugin\u003C\u002Fa> from me.\u003C\u002Fli>\n\u003Cli>Contribute on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fidenovasi\u002Fadvanced-random-posts-widget\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shorcode Explanation\u003C\u002Fh3>\n\u003Cp>Explanation of shortcode options:\u003C\u002Fp>\n\u003Cp>Basic shortcode\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display 10 random posts\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw limit=\"10\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display with thumbnail and set the size\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw thumbnail=\"true\" thumbnail_size=\"arpw-thumbnail\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display posts based on category by id\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw thumbnail=\"true\" cat=\"10\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Display portfolio post type\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[arpw post_type=\"portfolio\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Here’s the full default shortcode arguments\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>title=\"\"\noffset=\"\"\nlimit=\"5\"\npost_type=\"post\"\npost_status=\"publish\"\nignore_sticky=\"1\"\ntaxonomy=\"\"\ncat=\"\"\ntag=\"\"\nthumbnail=\"false\"\nthumbnail_size=\"arpw-thumbnail\"\nthumbnail_align=\"left\"\nexcerpt=\"false\"\nexcerpt_length=\"10\"\ndate=\"false\"\ndate_modified=\"false\"\ndate_relative=\"false\"\ncss_class=\"\"\nbefore=\"\"\nafter=\"\"\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Provides flexible and advanced random posts. Display it via shortcode or widget with thumbnails, post excerpt, and much more!",10000,216217,80,39,"2023-08-05T11:11:00.000Z","6.1.10","4.5",[70,145,146,147,148],"sidebar","thumbnail","widget","widgets","https:\u002F\u002Fgithub.com\u002Fidenovasi\u002Fadvanced-random-posts-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-random-posts-widget.2.2.1.zip",{"attackSurface":152,"codeSignals":202,"taintFlows":237,"riskAssessment":276,"analyzedAt":290},{"hooks":153,"ajaxHandlers":194,"restRoutes":195,"shortcodes":196,"cronEvents":201,"entryPointCount":26,"unprotectedCount":63},[154,160,164,168,172,176,179,182,185,188,190,192],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","plugins_loaded","load_textdomain","classes\\BetterRandomRedirect.php",5,{"type":155,"name":161,"callback":162,"file":158,"line":163},"admin_menu","register_menu_page",6,{"type":155,"name":165,"callback":166,"file":158,"line":167},"admin_init","register_settings",7,{"type":155,"name":169,"callback":170,"file":158,"line":171},"template_redirect","do_redirect",8,{"type":173,"name":174,"callback":174,"file":175,"line":14},"filter","brr_transient_id_filter","classes\\BrrFilter.php",{"type":173,"name":177,"callback":177,"file":175,"line":178},"brr_additional_where_filter",11,{"type":173,"name":180,"callback":180,"file":175,"line":181},"brr_url_base_filter",12,{"type":173,"name":183,"callback":183,"file":175,"line":184},"brr_admin_table_filter",13,{"type":173,"name":174,"callback":174,"file":186,"line":187},"classes\\QtranslatexFilter.php",16,{"type":173,"name":177,"callback":177,"file":186,"line":189},17,{"type":173,"name":180,"callback":180,"file":186,"line":191},18,{"type":173,"name":183,"callback":183,"file":186,"line":193},19,[],[],[197],{"tag":198,"callback":199,"file":158,"line":200},"random-url","random_url_shortcode",9,[],{"dangerousFunctions":203,"sqlUsage":204,"outputEscaping":206,"fileOperations":63,"externalRequests":63,"nonceChecks":63,"capabilityChecks":63,"bundledLibraries":236},[],{"prepared":167,"raw":63,"locations":205},[],{"escaped":26,"rawEcho":187,"locations":207},[208,211,212,213,215,216,218,219,221,223,225,227,229,231,233,234],{"file":209,"line":184,"context":210},"admin.php","raw output",{"file":209,"line":193,"context":210},{"file":209,"line":193,"context":210},{"file":209,"line":214,"context":210},29,{"file":209,"line":214,"context":210},{"file":209,"line":217,"context":210},41,{"file":209,"line":217,"context":210},{"file":209,"line":220,"context":210},48,{"file":209,"line":222,"context":210},68,{"file":209,"line":224,"context":210},69,{"file":209,"line":226,"context":210},71,{"file":209,"line":228,"context":210},75,{"file":209,"line":230,"context":210},76,{"file":209,"line":232,"context":210},82,{"file":209,"line":48,"context":210},{"file":209,"line":235,"context":210},87,[],[238,265],{"entryPoint":239,"graph":240,"unsanitizedCount":26,"severity":37},"do_redirect (classes\\BetterRandomRedirect.php:168)",{"nodes":241,"edges":260},[242,247,253,255],{"id":243,"type":244,"label":245,"file":158,"line":246},"n0","source","$_GET",212,{"id":248,"type":249,"label":250,"file":158,"line":251,"wp_function":252},"n1","sink","get_col() [SQLi]",253,"get_col",{"id":254,"type":244,"label":245,"file":158,"line":246},"n2",{"id":256,"type":249,"label":257,"file":158,"line":258,"wp_function":259},"n3","wp_redirect() [Open Redirect]",282,"wp_redirect",[261,263],{"from":243,"to":248,"sanitized":262},true,{"from":254,"to":256,"sanitized":264},false,{"entryPoint":266,"graph":267,"unsanitizedCount":26,"severity":37},"\u003CBetterRandomRedirect> (classes\\BetterRandomRedirect.php:0)",{"nodes":268,"edges":273},[269,270,271,272],{"id":243,"type":244,"label":245,"file":158,"line":246},{"id":248,"type":249,"label":250,"file":158,"line":251,"wp_function":252},{"id":254,"type":244,"label":245,"file":158,"line":246},{"id":256,"type":249,"label":257,"file":158,"line":258,"wp_function":259},[274,275],{"from":243,"to":248,"sanitized":262},{"from":254,"to":256,"sanitized":264},{"summary":277,"deductions":278},"The plugin 'better-random-redirect' v1.3.20 presents a mixed security posture. On the positive side, the code analysis indicates good practices in handling SQL queries, with all 7 queries utilizing prepared statements, and no dangerous functions or file operations were detected. The attack surface is also relatively small, with only one shortcode identified and no AJAX handlers or REST API routes present. However, there are significant concerns, particularly regarding output escaping and the lack of security checks. Only 6% of the 17 detected outputs are properly escaped, leaving a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the absence of nonce checks and capability checks on the identified entry point (the shortcode) is a critical oversight, meaning any user, regardless of their role, could potentially trigger its functionality. The vulnerability history reveals a past medium-severity XSS vulnerability, and the fact that one CVE is currently unpatched is a serious red flag, suggesting ongoing security risks that have not been addressed by the developers.  While the plugin demonstrates some secure coding practices, the high percentage of unescaped output and the complete lack of security checks on its primary entry point, coupled with an unpatched vulnerability, create a notable risk profile that requires immediate attention.",[279,282,284,286,288],{"reason":280,"points":281},"Unpatched CVE",15,{"reason":283,"points":167},"Unescaped output",{"reason":285,"points":159},"Missing nonce checks",{"reason":287,"points":159},"Missing capability checks",{"reason":289,"points":159},"Taint flows with unsanitized paths","2026-03-16T19:24:20.980Z",{"wat":292,"direct":299},{"assetPaths":293,"generatorPatterns":296,"scriptPaths":297,"versionParams":298},[294,295],"\u002Fwp-content\u002Fplugins\u002Fbetter-random-redirect\u002Fcss\u002Fbrr_admin.css","\u002Fwp-content\u002Fplugins\u002Fbetter-random-redirect\u002Fjs\u002Fbrr_admin.js",[],[],[],{"cssClasses":300,"htmlComments":301,"htmlAttributes":302,"restEndpoints":303,"jsGlobals":304,"shortcodeOutput":305},[],[],[],[],[],[306],"[random-url"]