[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdVn8u2icx2eADX3JLumg-TqzEiP6qi3UAD6GXTZhEdY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":9,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":136,"fingerprints":223},"billybenswf","BillyBenSWF","1.1.0","Billyben","https:\u002F\u002Fprofiles.wordpress.org\u002Fbillyben\u002F","","Simple shortcode for swf\u002Fflash embedding. Autodetect original size. Can set size, object id+class, flashvar, attributes and parameter.",10,5606,0,"2011-09-15T16:16:00.000Z","3.1.4","2.8.1",[18,19,20,21,22],"embed","flash","flashvar","include","swf","http:\u002F\u002Fwww.etherocliquecite.eu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbillybenswf.1.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"billyben",2,20,30,84,"2026-04-04T11:07:08.156Z",[37,60,80,100,118],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":9,"tags":52,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":58,"last_vuln_date":59,"fetched_at":27},"easy-flash-embed","Easy Flash Embed","1.0","Vincent Boiardt","https:\u002F\u002Fprofiles.wordpress.org\u002Fvincent-boiardt\u002F","\u003Cp>Embed Flash easily and standard compliant with SWFObject using only a [swf] shortcode!\u003C\u002Fp>\n\u003Cp>In the text editor simply write something like:\u003C\u002Fp>\n\u003Cp>[swf src=”http:\u002F\u002Fwww.example.com\u002Fmy-flash-file.swf” width=300 height=100]\u003C\u002Fp>\n\u003Cp>The attributes \u003Cem>src\u003C\u002Fem>, \u003Cem>width\u003C\u002Fem> and \u003Cem>height\u003C\u002Fem> are \u003Cstrong>required\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Additional attributes includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>params\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cem>flashvars\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cem>version\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The attributes \u003Cem>params\u003C\u002Fem>, and \u003Cem>flashvars\u003C\u002Fem> should be written like “flashvar1=value&flashvar2=value” to function properly. If you want to specify a Flash version use \u003Cem>version\u003C\u002Fem> attribute. \u003Cstrong>Default is 9\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>To provide alternative content for people without Flash, simply put some text between the [swf] brackets, e.g.\u003C\u002Fp>\n\u003Cp>[swf src=”http:\u002F\u002Fwww.example.com\u002Fmy-flash-file.swf” width=300 height=100]You must have Flash to view this file[\u002Fswf]\u003C\u002Fp>\n","Embed Flash easily and standard compliant with SWFObject using only a [swf] shortcode!",900,54934,80,4,"2017-11-28T21:45:00.000Z","2.9.2","2.9",[18,53,19,22,54],"embedding","swfobject","http:\u002F\u002Fwpquicktips.wordpress.com\u002Feasy-flash-embedding","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-flash-embed.1.0.zip",63,1,"2025-09-02 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":9,"tags":75,"homepage":78,"download_link":79,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-swfobject","WP-SWFObject","2.4","Kodetop","https:\u002F\u002Fprofiles.wordpress.org\u002Funijimpe\u002F","\u003Cp>This plugin enable insert flash movies into WordPress using \u003Cstrong>SWFObject\u003C\u002Fstrong> with simple quicktag \u003Ccode>[swf][\u002Fswf]\u003C\u002Fcode> .\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy install and easy use on content and widgets\u003C\u002Fli>\n\u003Cli>Insert Flash movie with simple shortcode\u003C\u002Fli>\n\u003Cli>Panel for easy configuration\u003C\u002Fli>\n\u003Cli>Allow config flash player version required\u003C\u002Fli>\n\u003Cli>Allow config message for iPhone Browser\u003C\u002Fli>\n\u003Cli>Support FlashVars param\u003C\u002Fli>\n\u003Cli>Support FullScreen param\u003C\u002Fli>\n\u003Cli>Generate \u003Ccode>\u003Cobject>\u003C\u002Fcode> code for RSS and iPhone compatibility   \u003C\u002Fli>\n\u003Cli>Select version of SWFObject (1.5 or 2.0)\u003C\u002Fli>\n\u003Cli>Allow insert SWFObject from Google AJAX Libraries API\u003C\u002Fli>\n\u003Cli>Detect iPhone Browser to show message o link for Youtube Videos\u003C\u002Fli>\n\u003Cli>Easy integration with Youtube videos\u003C\u002Fli>\n\u003Cli>Support for show Loading image\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To insert swf into post content or text widget use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[swf]movie.swf, width, heigth[\u002Fswf]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To insert swf with flashvars use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[swf]movie.swf, width, heigth, var1=val1&var2=val2[\u002Fswf]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To insert swf on template, use the php code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php wp_swfobject_echo(\"movie.swf\", \"width\", \"heigth\"); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To insert swf with flashvars on template, use the php code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php wp_swfobject_echo(\"movie.swf\", \"width\", \"heigth\", \"var1=val1&var2=val2\"); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For more information visit \u003Ca href=\"http:\u002F\u002Fblog.unijimpe.net\u002Fwp-swfobject\u002F\" title=\"plugin website\" rel=\"nofollow ugc\">plugin website\u003C\u002Fa>\u003C\u002Fp>\n","Insert Flash Movies into WordPress.",1000,148800,100,3,"2017-11-28T16:58:00.000Z","3.2.1","1.5",[19,76,22,54,77],"flv","video","http:\u002F\u002Fblog.unijimpe.net\u002Fwp-swfobject\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-swfobject.2.4.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":34,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":9,"tags":94,"homepage":98,"download_link":99,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"allow-swf-upload","Allow Swf Upload","1.1","behrouzpc","https:\u002F\u002Fprofiles.wordpress.org\u002Fbehrouzpc\u002F","\u003Cp>Allow user to upload SWF file inside Upload panel for all user important need this permission.\u003C\u002Fp>\n","Allow Admin to Upload SWF file",500,19929,5,"2013-12-24T15:54:00.000Z","3.7.41","2.0.2",[95,96,22,97],"allow-upload","iflashlord","upload","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fallow-swf-upload\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallow-swf-upload.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":70,"num_ratings":58,"last_updated":110,"tested_up_to":111,"requires_at_least":51,"requires_php":9,"tags":112,"homepage":116,"download_link":117,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"swfobject-reloaded","swfObject Reloaded","1.6","CodeAndReload","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodeandreload\u002F","\u003Cp>This plugin allows easy embedding of swf files and better media management for swf files, allowing swf files to have a\u003Cbr \u002F>\nheight, width, and their own minimum flash version.  This plugin adds a swfobject shortcode that can be inserted via\u003Cbr \u002F>\nthe “Add media” button while editing a post.  SWF files are now also automatically embedded on their respective\u003Cbr \u002F>\nattachment pages.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Technical support for this plugin will be provided via the WordPress plugin forum.  Additional support may be\u003Cbr \u002F>\navailable at \u003Ca href=\"http:\u002F\u002Fwww.codeandreload.com\u002Fwp-plugins\u002Fswfobjectreloaded\" title=\"swfObject Reloaded\nat Code and Reload\">plugin’s homepage\u003C\u002Fa>.\u003C\u002Fp>\n","Allows easy embedding (shortcode inserted via Add Media button while posting) and better management of swf files.",200,33348,"2012-10-11T23:22:00.000Z","3.4.2",[113,19,114,115,22],"animation","flex","media","http:\u002F\u002Fwww.codeandreload.com\u002Fwp-plugins\u002Fswfobjectreloaded","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fswfobject-reloaded.1.6.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":11,"downloaded":126,"rating":13,"num_ratings":13,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":9,"tags":130,"homepage":134,"download_link":135,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"flash-feed-scroll-reader","Flash Feed Scroll Reader","1.2.0","gfazioli","https:\u002F\u002Fprofiles.wordpress.org\u002Fgfazioli\u002F","\u003Cp>Flash Feed Scroll Reader is a Adobe Flash Feed Reader with horizontal scrolling.\u003Cbr \u002F>\nYou can set one or more feed to fetch. The scroll rendering is in HTML Adobe Flash, so you can edit style.css file for change color, fonts and rendering.\u003C\u002Fp>\n\u003Cp>In this version you can set options and call php function:\n    \u003C\u002Fp>\n\u003Cp>for show flash scroll feed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>FEATURES\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Single Feed Reader\u003C\u002Fli>\n\u003Cli>Multiple\u002Faggregator Feed Reader\u003C\u002Fli>\n\u003Cli>Customize Adobe Flash Scroll Reader\u003C\u002Fli>\n\u003Cli>Simple and Fast\u003C\u002Fli>\n\u003Cli>English\u002FItalian Localizzation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>LAST IMPROVE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Localizzation Italian\u003C\u002Fli>\n\u003Cli>Rev User Interface\u003C\u002Fli>\n\u003Cli>\u003Ccode>stringcutend\u003C\u002Fcode> param: String to append when the description is cutted, default \u003Ccode>\"[...]\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>target\u003C\u002Fcode> param: Window target on click feed title link, default \u003Ccode>\"_blank\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>HOW TO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Usage:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* width:          Flash movie width. This value can be in pixel or percent\n* height:         Flash movie height. This value can be in pixel or percent\n* feedurl:        URL address of feed rss to show\n* scrollspeed:    Scroll speed in millisecond\n* separator:      HTML text between feed title\n* description:    Set to \"1\" for show description content. \"0\" for none\n* stringcut:      If description is set to \"1\" this is the number of chars to show\n* stringcutend:   String to append when the description is cutted, default \"[...]\"\n* stylesheet:     StyleSheet URL address\n* bgcolor:        Background color for Flash Movie in #RRGGBB value\n* wmode:          Window Mode for Flash Movie: Window, Opaque, Transparent\n* useaggregator:  Set to '1' for use aggregator setting, else '0' default\n* target:         Window target on click feed title link, default \"_blank\"\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Related Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.saidmade.com\u002F\" title=\"Saidmade\" rel=\"nofollow ugc\">Author’s Company\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.undolog.com\u002F\" title=\"Undolog\" rel=\"nofollow ugc\">Author’s Personal Blog\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information on the roadmap for future improvements please e-mail: g.fazioli@saidmade.com\u003C\u002Fp>\n\u003Ch3>Thanks\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsimplepie.org\u002Fdownloads\u002F\" title=\"SimplePie\" rel=\"nofollow ugc\">SimplePie\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Flash Feed Scroll Reader WordPress Plugin use SWFObject (from Google Ajax API) and SimplePie\u003C\u002Fli>\n\u003Cli>Chris for beta testing\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002F247145\" rel=\"ugc\">godai\u003C\u002Fa> for some usefull suggest\u003C\u002Fli>\n\u003C\u002Ful>\n","Flash Feed Scroll Reader is a Adobe Flash Feed Reader with horizontal scrolling.",18945,"2010-07-19T16:18:00.000Z","2.7.1","2.7",[131,132,19,133,54],"feed-reader","feed-rss","scroll","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fflash-feed-scroll-reader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflash-feed-scroll-reader.1.2.0.zip",{"attackSurface":137,"codeSignals":165,"taintFlows":210,"riskAssessment":211,"analyzedAt":222},{"hooks":138,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":164,"entryPointCount":58,"unprotectedCount":13},[139,145,150,154],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","wp_loaded","bbswf_create_option_page","BillyBenSWF.php",50,{"type":140,"name":146,"callback":147,"file":148,"line":149},"admin_menu","add_pages","script\\BBSWF_option_class.php",8,{"type":140,"name":151,"callback":152,"file":148,"line":153},"admin_init","register_settings",9,{"type":140,"name":155,"callback":156,"file":148,"line":11},"admin_head","admin_css",[],[],[160],{"tag":161,"callback":162,"file":143,"line":163},"BB_SWF","bbswf_shortcodehandler",49,[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":209},[],{"prepared":13,"raw":13,"locations":168},[],{"escaped":13,"rawEcho":170,"locations":171},19,[172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208],{"file":148,"line":32,"context":173},"raw output",{"file":148,"line":175,"context":173},29,{"file":148,"line":177,"context":173},91,{"file":148,"line":179,"context":173},97,{"file":148,"line":181,"context":173},101,{"file":148,"line":183,"context":173},104,{"file":148,"line":185,"context":173},108,{"file":148,"line":187,"context":173},111,{"file":148,"line":189,"context":173},117,{"file":148,"line":191,"context":173},119,{"file":148,"line":193,"context":173},167,{"file":148,"line":195,"context":173},174,{"file":148,"line":197,"context":173},175,{"file":148,"line":199,"context":173},181,{"file":148,"line":201,"context":173},182,{"file":148,"line":203,"context":173},184,{"file":148,"line":205,"context":173},188,{"file":148,"line":207,"context":173},189,{"file":148,"line":108,"context":173},[],[],{"summary":212,"deductions":213},"The \"billybenswf\" plugin version 1.1.0 presents a mixed security posture. On the positive side, the plugin exhibits excellent practices regarding SQL queries, exclusively using prepared statements, and shows no history of reported vulnerabilities (CVEs). The attack surface is minimal, with only one shortcode identified, and crucially, there are no identified AJAX handlers or REST API routes without authentication checks, nor are there any file operations, external HTTP requests, or cron events that could pose immediate risks.  However, a significant concern arises from the complete lack of output escaping for all 19 identified output points. This means that any data outputted by the plugin is vulnerable to being rendered as executable code, potentially leading to cross-site scripting (XSS) attacks. Furthermore, the absence of nonce checks and capability checks on the shortcode entry point leaves it open to potential abuse if the shortcode itself handles user-supplied data, even without direct AJAX or REST API vulnerabilities. The taint analysis shows no critical or high severity flows, which is positive, but this is in conjunction with zero total flows analyzed, suggesting the taint analysis might not be comprehensive or that the plugin's logic is very simple.  Overall, while the plugin avoids common pitfalls like raw SQL and known vulnerabilities, the lack of output escaping is a critical weakness that significantly elevates the risk of XSS attacks. The absence of input validation checks (nonce, capabilities) on its sole entry point further compounds this risk.",[214,216,218,220],{"reason":215,"points":32},"Output escaping is not implemented",{"reason":217,"points":149},"No nonce checks on entry points",{"reason":219,"points":149},"No capability checks on entry points",{"reason":221,"points":71},"Taint analysis not comprehensive","2026-03-16T23:59:30.434Z",{"wat":224,"direct":232},{"assetPaths":225,"generatorPatterns":228,"scriptPaths":229,"versionParams":231},[226,227],"\u002Fwp-content\u002Fplugins\u002FBillyBenSWF\u002Fscript\u002Fbbswf_js.js","\u002Fwp-content\u002Fplugins\u002FBillyBenSWF\u002Fscript\u002Fbbswf_style.css",[],[230],"BillyBenSWF\u002Fscript\u002Fbbswf_js.js",[],{"cssClasses":233,"htmlComments":235,"htmlAttributes":236,"restEndpoints":240,"jsGlobals":241,"shortcodeOutput":242},[234],"tinyMCETA",[],[237,238,239],"name=\"bbswf_options[folder]\"","name=\"bbswf_options[minfp]\"","name=\"bbswf_options[defaultContent]\"",[],[],[]]