[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwCjeucvQt5mPd3BMMFkNLoeGg9cN8FsQsxcyN_1lFOg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":132,"fingerprints":220},"bigboss-recent-post-widget","Bigboss Recent Post Widget","4.0.2","Bulbul Bigboss","https:\u002F\u002Fprofiles.wordpress.org\u002Fbulbulbigboss\u002F","\u003Cp>Bigboss Recent Post Widget for Showing Recent Post with thumbnail and title [Auto Exclude current post] in widget\u002Fsidebar area of your WordPress site with Exceptional setting option Thumbnails size\u002Fposition, Thumbnails border, Title font size\u002Fcolor Display date author etc..\u003Cbr \u002F>\nYou can show any number of post, just put a number in the Bigboss Recent Post Widget setting section. If you want to show all post then set the value 0\u003C\u002Fp>\n\u003Cp>If you face any problem then contact with us\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fbigbosssoftbd\u002F?\" rel=\"nofollow ugc\">bigboss Soft BD\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>\u003C\u002Fh3>\n\u003Cp>Basic Use\u003Cbr \u002F>\nInstall the plugin and Go to Appearance-> widget ->Bigboss Recent Post Widget. Just Drug and Drop in your Sidebar area , Check the setting\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>To Know About us Check My Youtube channel \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fbulbulbigbossbd\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.youtube.com\u002Fbulbulbigbossbd\u003C\u002Fa>\u003C\u002Fp>\n","Bigboss Recent Post Widget for Showing Recent Post with thumbnail and title [Auto Exclude current post] in widget\u002Fsidebar area of your WordPress site  …",10,1649,20,1,"2019-05-15T10:05:00.000Z","5.2.24","3.0.1","",[20,21,22,23,24],"advance-recent-post","latest-news-widget-with-thumbnials-and-title","latest-news","recent-post-setting","recent-post-shortcode","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbigboss-recent-post-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbigboss-recent-post-widget.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":13,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"bulbulbigboss",2,30,84,"2026-04-04T18:41:22.337Z",[39,62,82,99,113],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":60,"download_link":61,"security_score":49,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"news-ticker-benaceur","news ticker benaceur","3.4.2","Benaceur","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenaceur\u002F","\u003Cp>This plugin allows you to view the latest posts or latest comments in a bar with twenty five beautiful animations,\u003Cbr \u002F>\nyou can control and adjust the style of the bar from the admin panel,\u003Cbr \u002F>\nyou also the possibility to appear the bar to the particular group or member …\u003C\u002Fp>\n\u003Ch4>and here is all plugin characteristics:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Twenty five styles with beautiful animations\u003C\u002Fli>\n\u003Cli>Complete control over the plugin, color properties, font, height, width, etc … through the Control Panel\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable the plugin from the control panel\u003C\u002Fli>\n\u003Cli>Compatible with mobile\u003C\u002Fli>\n\u003Cli>Control the direction of the news ticker RTL \u002F LTR or auto if your site is multi language.\u003C\u002Fli>\n\u003Cli>Double title if your site is multilanguage one ltr and the other rtl.\u003C\u002Fli>\n\u003Cli>Adding a link a sub or a major to the plugin settings page in admin bar\u003C\u002Fli>\n\u003Cli>The possibility to appear the bar to the particular group or member …\u003C\u002Fli>\n\u003Cli>Include the posts from certain categories only, or conversely, exclude a category or categories\u003C\u002Fli>\n\u003Cli>Include the comments from certain posts only, or conversely, exclude a post or posts\u003C\u002Fli>\n\u003Cli>The possibility to control the maximum number of letters of the title of the article or comment\u003C\u002Fli>\n\u003Cli>The possibility to control speed,timeout … of animation\u003C\u002Fli>\n\u003Cli>The ability to remove all settings and data from the database when the plugin is disabled or not to remove, is optional\u003C\u002Fli>\n\u003Cli>The ability to customize an appropriate style for the control panel, what you can set and adjust the colors of the options page.\u003C\u002Fli>\n\u003Cli>etc …\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TRANSLATED IN FOLLOWING LANGUAGES:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Arabic\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Link to preview \u003Ca href=\"http:\u002F\u002Fbenaceur-php.com\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Direct support page on my site:\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbenaceur-php.com\u002F?p=1747\" rel=\"nofollow ugc\">https:\u002F\u002Fbenaceur-php.com\u002F?p=1747\u003C\u002Fa>\u003C\u002Fp>\n","This plugin allow you to display the latest posts or latest comments in a bar with twenty seven beautiful animations and effects...",1000,59458,100,25,"2025-12-07T17:33:00.000Z","6.9.4","3.0",[55,56,57,58,59],"latest-comments","latest-news-animation","latest-posts","news-post","news-ticker","https:\u002F\u002Fbenaceur-php.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnews-ticker-benaceur.3.4.2.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":28,"num_ratings":28,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":18,"tags":75,"homepage":80,"download_link":81,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"latest-news-widget","Latest News Widget","1.0.1","Taylor Lovett","https:\u002F\u002Fprofiles.wordpress.org\u002Ftlovett1\u002F","\u003Cp>Show latest posts from specific categories in your sidebar. Simple, easy-to-use, and customizble.\u003C\u002Fp>\n\u003Cp>Special Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Choose posts from up to three categories to display posts from\u003C\u002Fli>\n\u003Cli>Optionally show post titles\u003C\u002Fli>\n\u003Cli>Optionally show post bylines\u003C\u002Fli>\n\u003Cli>A dashboard widget that displays WordPress blogging tips, SEO tricks, exclusive tutorials, SEO strategies, and more!\u003C\u002Fli>\n\u003Cli>Show either the content, the excerpt, or the content with a limited number of characters\u003C\u002Fli>\n\u003Cli>Limit the number of posts shown. Offset the posts that are shown\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget includes a style manager!\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Easily change the font size, font family, title font size, etc from within the widget.\u003C\u002Fli>\n\u003Cli>This widget is reusable\u003C\u002Fli>\n\u003Cli>Very easy to setup. \u003Cstrong>Requires NO technical knowledge\u003C\u002Fstrong> to install\u003C\u002Fli>\n\u003Cli>Can be translated to multiple languages\u003C\u002Fli>\n\u003Cli>Outputs \u003Cstrong>clean, validated code\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Free Support via email\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Restrictions\u002FRequirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works with WordPress 2.8.1+, WPMU, and BuddyPress (WordPress 3.0+ is highly recommended)\u003C\u002Fli>\n\u003Cli>PHP 4 or 5\u003C\u002Fli>\n\u003Cli>PHP register_globals and safe_mode should be set to “Off” (this is done in your php.ini file)\u003C\u002Fli>\n\u003Cli>Your theme must call wp_head() and wp_footer()\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Configuring and Using the Plugin\u003C\u002Fh3>\n\u003Cp>Instructions for this plugin can be found at http:\u002F\u002Fwww.taylorlovett.com\u002Fwordpress-plugins\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For questions, feature requests, and support concerning the Latest News Widget plugin, please visit:\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.taylorlovett.com\u002Fwordpress-plugins\u003C\u002Fp>\n","A customizable latest news widget.",200,23234,"2011-01-30T16:50:00.000Z","3.0.5","2.8.1",[76,63,77,78,79],"featured-posts-widget","latest-posts-widget","new-posts-widget","posts-widget","http:\u002F\u002Ftaylorlovett.com\u002Fwordpress-plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatest-news-widget.1.0.1.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":70,"downloaded":90,"rating":49,"num_ratings":14,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":18,"download_link":98,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-blog-news","Wp Blog News","1.0","nayon46","https:\u002F\u002Fprofiles.wordpress.org\u002Fnayon46\u002F","\u003Cp>With Wp Blog News it’s very easy to implement a Blog News in WordPress.Awesome Responsive Blog News WordPress has been created to display Blog News on your WordPress site\u003C\u002Fp>\n\u003Cp>add shortcode in your page [blog-news]\u003C\u002Fp>\n\u003Cp>The list of the features :\u003C\u002Fp>\n\u003Cpre>\u003Ccode> Display post thumbnails, with customizable size.\n Display post excerpt, author, comment count, and more.\n Provides options to trim the number of characters in the title and excerpt.\n Override the post order to order by; date modified, title, post ID, random, comment count etc.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>You may provide arbitrary sections, in the same format as the ones above.  This may be of use for extremely complicated\u003Cbr \u002F>\nplugins where more information needs to be conveyed that doesn’t fit into the categories of “description” or\u003Cbr \u002F>\n“installation.”  Arbitrary sections will be shown below the built-in sections outlined above.\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>Ordered list:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Some feature\u003C\u002Fli>\n\u003Cli>Another feature\u003C\u002Fli>\n\u003Cli>Something else about the plugin\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Unordered list:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>something\u003C\u002Fli>\n\u003Cli>something else\u003C\u002Fli>\n\u003Cli>third thing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s a link to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002F\" title=\"Your favorite software\" rel=\"ugc\">WordPress\u003C\u002Fa> and one to \u003Ca href=\"http:\u002F\u002Fdaringfireball.net\u002Fprojects\u002Fmarkdown\u002Fsyntax\" title=\"Markdown is what the parser uses to process much of the readme file\" rel=\"nofollow ugc\">Markdown’s Syntax Documentation\u003C\u002Fa>.\u003Cbr \u002F>\nTitles are optional, naturally.\u003C\u002Fp>\n\u003Cp>Markdown uses email style notation for blockquotes and I’ve been told:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Asterisks for \u003Cem>emphasis\u003C\u002Fem>. Double it up  for \u003Cstrong>strong\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cpre>\u003Ccode>\u003C?php code(); \u002F\u002F goes in backticks ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","With Wp Blog News it's very easy to implement a Blog News in WordPress.Awesome Responsive Blog News WordPress has been created to display Blog Ne …",4618,"2024-01-07T03:06:00.000Z","6.4.8","5.0.1",[95,96,22,97],"blog-news","blog-post","news","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-blog-news.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":49,"downloaded":107,"rating":49,"num_ratings":14,"last_updated":108,"tested_up_to":73,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":111,"download_link":112,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"latest-news-plugin","Latest News","0.2.0","jamespiggot","https:\u002F\u002Fprofiles.wordpress.org\u002Fjamespiggot\u002F","\u003Cp>This WordPress plugin provides facilities to write Latest News items as custom posts and then to output them using template tags.\u003C\u002Fp>\n\u003Cp>It will also add a new Latest News menu item to the Admin menu. This allows news items to be created as posts with the same functionality such as categories and tags.\u003C\u002Fp>\n\u003Cp>This plugin also provides template tags to list of latest news items.\u003C\u002Fp>\n\u003Cp>There is a template tag that produces a list of Latest News items that link to the relevant posts. This is suitable for placing in the sidebar.\u003C\u002Fp>\n\u003Cp>There is a template tag that will output the Latest News items as posts using a custom post. This template tag would typically be placed on the home page of you blog or on a custom news page.\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>http:\u002F\u002Fwww.chorosdesign.com\u002Fwordpress\u002Fplugins\u002F\u003C\u002Fli>\n\u003Cli>http:\u002F\u002Fwww.chorosdesign.com\u002Flatest-news-plugin\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","This WordPress plugin provides facilities to write Latest News items as custom posts and then to output them using template tags.",17897,"2011-02-20T19:02:00.000Z","3.0.4",[22,97],"http:\u002F\u002Fchorosdesign.com\u002Fwordpress\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatest-news-plugin.zip",{"slug":114,"name":115,"version":85,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":49,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":53,"requires_php":18,"tags":125,"homepage":130,"download_link":131,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"latest-simple-news-ticker","Latest Simple News Ticker","rostomali","https:\u002F\u002Fprofiles.wordpress.org\u002Frostomali\u002F","\u003Cp>This plugin help you to view the latest posts or page on your website.This plugin also have three type of animation such as Fade Effects,Slide Effects,Roll Effects.You can also control and adjust color and animation Admin panel.\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"http:\u002F\u002Fdemo.imrostom.com\u002Flatest-news-ticker-documentation\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fh3>\n","This plugin help you to view the latest posts or page on your website.This plugin also have three type of animation such as Fade Effects,Slide Effects …",80,4846,3,"2017-06-28T12:40:00.000Z","4.8.28",[126,127,128,59,129],"breaking-news-ticker","latest-news-ticker","news-bar","wordpress-news-ticker","https:\u002F\u002Fgithub.com\u002Frostomali\u002Flatest-simple-news-ticker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatest-simple-news-ticker.zip",{"attackSurface":133,"codeSignals":145,"taintFlows":208,"riskAssessment":209,"analyzedAt":219},{"hooks":134,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":144,"entryPointCount":28,"unprotectedCount":28},[135],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","widgets_init","registerBBwidget","bigboss-widget.php",368,[],[],[],[],{"dangerousFunctions":146,"sqlUsage":147,"outputEscaping":149,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":207},[],{"prepared":28,"raw":28,"locations":148},[],{"escaped":28,"rawEcho":35,"locations":150},[151,154,156,158,160,162,164,166,168,170,172,174,175,177,178,180,182,184,185,187,189,191,193,195,196,198,199,201,203,205],{"file":139,"line":152,"context":153},57,"raw output",{"file":139,"line":155,"context":153},60,{"file":139,"line":157,"context":153},73,{"file":139,"line":159,"context":153},88,{"file":139,"line":161,"context":153},93,{"file":139,"line":163,"context":153},95,{"file":139,"line":165,"context":153},140,{"file":139,"line":167,"context":153},142,{"file":139,"line":169,"context":153},175,{"file":139,"line":171,"context":153},191,{"file":139,"line":173,"context":153},222,{"file":139,"line":173,"context":153},{"file":139,"line":176,"context":153},229,{"file":139,"line":176,"context":153},{"file":139,"line":179,"context":153},242,{"file":139,"line":181,"context":153},245,{"file":139,"line":183,"context":153},264,{"file":139,"line":183,"context":153},{"file":139,"line":186,"context":153},273,{"file":139,"line":188,"context":153},275,{"file":139,"line":190,"context":153},291,{"file":139,"line":192,"context":153},293,{"file":139,"line":194,"context":153},306,{"file":139,"line":194,"context":153},{"file":139,"line":197,"context":153},317,{"file":139,"line":197,"context":153},{"file":139,"line":200,"context":153},329,{"file":139,"line":202,"context":153},332,{"file":139,"line":204,"context":153},344,{"file":139,"line":206,"context":153},347,[],[],{"summary":210,"deductions":211},"The \"bigboss-recent-post-widget\" plugin version 4.0.2 demonstrates a generally good security posture based on the provided static analysis and vulnerability history. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface, and all identified SQL queries utilize prepared statements, indicating a strong defense against SQL injection vulnerabilities. Furthermore, the lack of recorded CVEs and common vulnerability types suggests a history of stable and secure development.\n\nHowever, the static analysis reveals a critical concern regarding output escaping. With 30 total outputs and 0% properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data that is displayed by the widget without proper sanitization or escaping can be exploited by attackers to inject malicious scripts, potentially leading to session hijacking, credential theft, or other malicious activities. The absence of nonce checks and capability checks on potential entry points (though none were identified in this scan) is also a minor concern, as these are fundamental security mechanisms for WordPress plugins.\n\nIn conclusion, while the plugin excels in areas like attack surface minimization and secure database interaction, the complete lack of output escaping is a severe weakness that requires immediate attention. This significantly undermines the plugin's overall security and presents a clear and present danger to users' websites. Addressing the unescaped output is paramount to mitigating XSS risks.",[212,214,217],{"reason":213,"points":13},"0% of outputs properly escaped",{"reason":215,"points":216},"0 Nonce checks",5,{"reason":218,"points":216},"0 Capability checks","2026-03-17T01:09:34.266Z",{"wat":221,"direct":228},{"assetPaths":222,"generatorPatterns":224,"scriptPaths":225,"versionParams":226},[223],"\u002Fwp-content\u002Fplugins\u002Fbigboss-recent-post-widget\u002Fstyle.css",[],[],[227],"\u002Fwp-content\u002Fplugins\u002Fbigboss-recent-post-widget\u002Fstyle.css?ver=",{"cssClasses":229,"htmlComments":236,"htmlAttributes":237,"restEndpoints":238,"jsGlobals":239,"shortcodeOutput":240},[230,231,232,233,234,235],"bbrecentpost-area","bbpost-thumb","bbpost-title","title-area","bbpost-date","post-author",[],[],[],[],[]]