[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f79dhHAn2-hPX1du3u3cb45yW4pFmeRjUXd8TV0_Xlx8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":57,"crawl_stats":37,"alternatives":65,"analysis":161,"fingerprints":293},"breaking-news-wp","Breaking News WP","1.3","doit","https:\u002F\u002Fprofiles.wordpress.org\u002Fdoctorwp\u002F","\u003Cp>Breaking News WP allows you to place a custom breaking news bar wherever you like,\u003Cbr \u002F>\nand to customize the breaking news bar in various ways, like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Dimension of the bar\u003C\u002Fli>\n\u003Cli>Color of the backgrounds\u003C\u002Fli>\n\u003Cli>Color of the title and the news\u003C\u002Fli>\n\u003Cli>Title of the bar\u003C\u002Fli>\n\u003Cli>Number of news to show\u003C\u002Fli>\n\u003Cli>News to show filtered based on the categories of the news\u003C\u002Fli>\n\u003Cli>Possibility to add a custom text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>HOW TO USE BREAKING NEWS:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP Code: echo do_shortcode(‘[breaking-news-wp]’);\u003C\u002Fli>\n\u003Cli>Editor: [breaking-news-wp]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>FURTHER READING\u003C\u002Fp>\n\u003Cp>For more info about the plugin, check out the following link: \u003Ca href=\"https:\u002F\u002Fwp-love.it\u002Fen\u002Fbreaking-news-plugin-wordpress-guide-to-use\u002F\" rel=\"nofollow ugc\">Breaking News WP Plugin WordPress – Guide to use\u003C\u002Fa>\u003C\u002Fp>\n","Show in every place your Free and Custom Breaking News Bar",400,12761,80,4,"2019-07-29T08:50:00.000Z","5.2.24","4.8","7.1.16",[20,21,22,23,24],"breaking-news","breaking-news-ticker","breaking-news-wp-plugin","news-ticker","news-ticker-plugin","https:\u002F\u002Fwp-love.it\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbreaking-news-wp.1.3.zip",43,2,"2025-04-01 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-31750","breaking-news-wp-authenticated-administrator-stored-cross-site-scripting","Breaking News WP \u003C= 1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Breaking News WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.3","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-08 18:05:05",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F59b9c2f8-f84a-49f9-98c5-6ef90475d686?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":51,"cvss_vector":52,"vuln_type":53,"published_date":29,"updated_date":54,"references":55,"days_to_patch":37},"CVE-2025-31751","breaking-news-wp-cross-site-request-forgery-to-settings-update","Breaking News WP \u003C= 1.3 - Cross-Site Request Forgery to Settings Update","The Breaking News WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update plugin settings granted they can trick a site administrator into performing an action such as clicking on a link.",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-04-08 18:04:38",[56],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6e1b7f09-f5b8-46a2-bbbe-7ee192f11c12?source=api-prod",{"slug":58,"display_name":7,"profile_url":8,"plugin_count":59,"total_installs":60,"avg_security_score":61,"avg_patch_time_days":62,"trust_score":63,"computed_at":64},"doctorwp",3,1100,71,30,74,"2026-04-04T07:05:43.479Z",[66,88,107,124,139],{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":13,"downloaded":74,"rating":75,"num_ratings":59,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":84,"download_link":85,"security_score":86,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"latest-simple-news-ticker","Latest Simple News Ticker","1.0","rostomali","https:\u002F\u002Fprofiles.wordpress.org\u002Frostomali\u002F","\u003Cp>This plugin help you to view the latest posts or page on your website.This plugin also have three type of animation such as Fade Effects,Slide Effects,Roll Effects.You can also control and adjust color and animation Admin panel.\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"http:\u002F\u002Fdemo.imrostom.com\u002Flatest-news-ticker-documentation\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fh3>\n","This plugin help you to view the latest posts or page on your website.This plugin also have three type of animation such as Fade Effects,Slide Effects &hellip;",4846,100,"2017-06-28T12:40:00.000Z","4.8.28","3.0","",[21,81,82,23,83],"latest-news-ticker","news-bar","wordpress-news-ticker","https:\u002F\u002Fgithub.com\u002Frostomali\u002Flatest-simple-news-ticker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatest-simple-news-ticker.zip",85,0,{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":28,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":79,"tags":102,"homepage":105,"download_link":106,"security_score":86,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"news-ticker-tj","News ticker","1.0.2","Tajul2010","https:\u002F\u002Fprofiles.wordpress.org\u002Ftajul2010\u002F","\u003Cblockquote>\n\u003Cp>\u003Cstrong> \u003Ca href=\"https:\u002F\u002Fgoo.gl\u002F2ojTgg\" rel=\"nofollow ugc\">Live DEMO\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fgoo.gl\u002FfXE07g\" rel=\"nofollow ugc\">Video Documentation\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fdeveloper.tajul\" rel=\"nofollow ugc\">Hire Me\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fgoo.gl\u002F8BEPHC\" rel=\"nofollow ugc\">Portfolios\u003C\u002Fa> \u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Features of this plugin:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Modern\u003C\u002Fli>\n\u003Cli>Falt\u003C\u002Fli>\n\u003Cli>Responsive \u003C\u002Fli>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003Cli>customize\u003C\u002Fli>\n\u003Cli>Unlimited News\u003C\u002Fli>\n\u003Cli>changeable properties with unlimited design\u003C\u002Fli>\n\u003Cli>New: Added RSS Feed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Slider Plugin :\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnews-slider\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upcoming Themeforest Theme For Free :\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgoo.gl\u002FaV5Vcw\" rel=\"nofollow ugc\">MATX – Material Design Agency Template\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgoo.gl\u002FSbaSDf\" rel=\"nofollow ugc\">Self – HTML One Page Potfolio and Resume Cv \u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgoo.gl\u002FaC8fgE\" rel=\"nofollow ugc\">Comet – Creative Multi-Purpose HTML Template\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgoo.gl\u002FurFxb8\" rel=\"nofollow ugc\">GoAhead – Finance & Business HTML Template\u003C\u002Fa> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong> \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Ftajulislamdu\" rel=\"nofollow ugc\">Just Send Me a Friend Request on FB and I will inform you when it’s ready. \u003C\u002Fa>   \u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F9LGoQq8mBMo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIfwEAigzErA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Premium Quality but free. It is responsive and easily custimzeable. Video tutorials are given for usage and custimization.",50,13708,60,"2018-10-23T05:31:00.000Z","4.9.29","3.0.1",[20,21,81,103,104],"latest-news","news-update","http:\u002F\u002Fbreakingnews.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnews-ticker-tj.zip",{"slug":108,"name":109,"version":69,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":87,"num_ratings":87,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":79,"tags":119,"homepage":122,"download_link":123,"security_score":86,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"nice-latest-news-ticker","Nice Latest News Ticker","Nayeem Hyder","https:\u002F\u002Fprofiles.wordpress.org\u002Fnriddhi\u002F","\u003Cp>Nice Latest News Ticker is a Customizable responsive Jquery WordPress plugin that gives you a new experience with your website.\u003C\u002Fp>\n\u003Cp>You will find a \u003Ca href=\"https:\u002F\u002Fplugins-demo.nayeemriddhi.info\u002Fnews-ticker\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa> here\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin Features \u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customizable responsive.\u003C\u002Fli>\n\u003Cli>All Browser support.\u003C\u002Fli>\n\u003Cli>Unlimited News Group Anywhere for use.\u003C\u002Fli>\n\u003Cli>Use via short-code.\u003C\u002Fli>\n\u003Cli>You Can Change Heading of News Ticker.\u003C\u002Fli>\n\u003Cli>You Can Sort With Up and Down Arrow.\u003C\u002Fli>\n\u003Cli>Add and remove News item from backend.\u003C\u002Fli>\n\u003Cli>News Link given option also available\u003C\u002Fli>\n\u003Cli>Highly recommended for User Experience.\u003C\u002Fli>\n\u003Cli>And Many More…\u003C\u002Fli>\n\u003C\u002Ful>\n","A Nice Breaking News or News Slideshow plugin for WordPress.",10,1524,"2019-01-11T05:45:00.000Z","5.0.25","3.8",[20,21,120,23,121],"news-show","nice-news-ticker","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnice-latest-news-ticker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnice-latest-news-ticker.zip",{"slug":125,"name":126,"version":69,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":114,"downloaded":131,"rating":87,"num_ratings":87,"last_updated":132,"tested_up_to":133,"requires_at_least":101,"requires_php":79,"tags":134,"homepage":137,"download_link":138,"security_score":86,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"synchronise-news-ticker","Synchronise News Ticker","Mohammad Jahidul Alam Rudro","https:\u002F\u002Fprofiles.wordpress.org\u002Fmohammad-jahidul-alam-rudro\u002F","\u003Cp>Synchronise News Ticker is a lightweight plugin used to animating a simple news ticker.You can customise type speed, post count, category selection, color,background color via shortcode.\u003Cbr \u002F>\nWant to see how it works please click here: http:\u002F\u002Fsynchronisebd.com\u002Fproduct\u002Fsynchronise-news-ticker-wordpress-plugin\u002F\u003Cbr \u002F>\nPowered By:\u003Ca href=\"http:\u002F\u002Fsynchronisebd.com\u002Fcontact\" rel=\"nofollow ugc\">Synchronise IT\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>How do I install this plugin?\u003C\u002Fh3>\n\u003Cp>You can install this plugin as like other plugin of install, no difference.\u003C\u002Fp>\n\u003Ch3>Why this plugin does not have link support in ticker?\u003C\u002Fh3>\n\u003Cp>If you need link support in ticker you have to purchase premium version.\u003C\u002Fp>\n\u003Ch3>Can i get RSS feed in this ticker?\u003C\u002Fh3>\n\u003Cp>No in this version but you can if you purchase the premium one.\u003C\u002Fp>\n","Synchronise News Ticker is a lightweight plugin used to animating a simple news ticker.",1926,"2016-07-06T23:19:00.000Z","4.5.33",[20,21,135,136,23],"jquery-type-effect","news-headlinee","http:\u002F\u002Fsynchronisebd.com\u002Fproduct\u002Fsynchronise-news-ticker-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsynchronise-news-ticker.zip",{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":147,"downloaded":148,"rating":149,"num_ratings":150,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":154,"tags":155,"homepage":159,"download_link":160,"security_score":75,"vuln_count":87,"unpatched_count":87,"last_vuln_date":37,"fetched_at":30},"t4b-news-ticker","T4B News Ticker – Responsive News Scroller, Slider, and Animations","1.4.4","Realwebcare","https:\u002F\u002Fprofiles.wordpress.org\u002Frealwebcare\u002F","\u003Ch3>Dynamic News Presentation\u003C\u002Fh3>\n\u003Cp>With \u003Cstrong>T4B News Ticker\u003C\u002Fstrong>, you can add dynamic news content to your website in an eye-catching manner. Whether you’re showcasing the latest updates, announcements, or breaking news, this plugin offers a seamless solution. Choose from four captivating animation effects: fade, slide, ticker, and scroll, to suit your website’s aesthetics.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.realwebcare.com\u002Fdemo\u002Ft4b-news-ticker-responsive-news-scroller-slider-and-animations\u002F\" rel=\"nofollow ugc\">FREE VERSION DEMO\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.realwebcare.com\u002Fdemo\u002F?product_id=t4b-news-ticker-pro\" rel=\"nofollow ugc\">PRO VERSION DEMO\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.realwebcare.com\u002Fitem\u002Fwp-news-ticker-t4b-news-ticker-pro-dynamic-scrolling-plugin\u002F\" rel=\"nofollow ugc\">EXPLORE PRO\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsandbox.realwebcare.com\u002Fsandbox-demo-creator-t4b-news-ticker\u002F\" rel=\"nofollow ugc\">TEST DRIVE PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Watch Free Version Video Walkthrough\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FCX72IvU51SY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Flexible Content Sources\u003C\u002Fh3>\n\u003Cp>What sets T4B News Ticker apart is its flexibility in content sources. You can display tickers based on specific post categories, relevant tags, or even craft custom text messages with associated links. Compose your custom content using the default WordPress post editor.\u003C\u002Fp>\n\u003Ch3>Complete Control Over Appearance\u003C\u002Fh3>\n\u003Cp>Take complete control over the ticker’s appearance and behavior. Adjust the scrolling speed to match your preferences and fine-tune the typography to ensure the ticker seamlessly blends with your website’s design. Easily integrate the ticker into your posts, pages, or theme files using the provided shortcode.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch3>Upgrade to Premium\u003C\u002Fh3>\n\u003Cp>Unlock more animation effects, play\u002Fpause option for all animation types, and enhanced customization with dedicated support.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Premium features of T4B News Ticker:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Instantly create news tickers with 12 pre-designed templates.\u003C\u002Fli>\n\u003Cli>Choose from 7 animation effects.\u003C\u002Fli>\n\u003Cli>Display tickers from various categories, RSS feeds, and JSON data.\u003C\u002Fli>\n\u003Cli>Seamless continuous scrolling.\u003C\u002Fli>\n\u003Cli>Effortlessly import\u002Fexport tickers between websites.\u003C\u002Fli>\n\u003Cli>Create multiple news tickers.\u003C\u002Fli>\n\u003Cli>Copy existing tickers for easy replication.\u003C\u002Fli>\n\u003Cli>RTL (Right-to-Left) language support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.realwebcare.com\u002Fitem\u002Fwp-news-ticker-t4b-news-ticker-pro-dynamic-scrolling-plugin\u002F\" rel=\"nofollow ugc\">Explore Premium features\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=IR-K0KuQ8Fc\" rel=\"nofollow ugc\">\u003Cstrong>Click to Watch Pro Version Walkthrough\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily create and customize horizontal news tickers.\u003C\u002Fli>\n\u003Cli>Choose from four animation effects: fade, slide, ticker, and scroll.\u003C\u002Fli>\n\u003Cli>Display tickers based on post categories, tags, or custom text.\u003C\u002Fli>\n\u003Cli>Set animation speed and time between fades.\u003C\u002Fli>\n\u003Cli>Control the number and order of displayed posts.\u003C\u002Fli>\n\u003Cli>The scroll type animation includes options for pause, play, next, and previous actions.\u003C\u002Fli>\n\u003Cli>Insert tickers using shortcodes in posts, pages, or theme files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>This program is free software; you can redistribute it and\u002For modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation; either version 2 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program; if not, write to the Free Software\nFoundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA\n\u003C\u002Fcode>\u003C\u002Fpre>\n","T4B News Ticker is a flexible and user-friendly news ticker plugin for WordPress, designed to create horizontal news tickers with 4 unique animations.",7000,126281,90,15,"2026-03-07T01:08:00.000Z","6.9.4","5.2","7.4",[20,23,156,157,158],"scroll","ticker","trending","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Ft4b-news-ticker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ft4b-news-ticker.1.4.4.zip",{"attackSurface":162,"codeSignals":198,"taintFlows":276,"riskAssessment":277,"analyzedAt":292},{"hooks":163,"ajaxHandlers":186,"restRoutes":191,"shortcodes":192,"cronEvents":196,"entryPointCount":28,"unprotectedCount":197},[164,170,174,178,182],{"type":165,"name":166,"callback":167,"file":168,"line":169},"action","plugins_loaded","brnwp_load_textdomain","breaking-news.php",25,{"type":165,"name":171,"callback":172,"file":168,"line":173},"wp_enqueue_scripts","brnwp_load_custom_script",33,{"type":165,"name":175,"callback":176,"file":168,"line":177},"admin_enqueue_scripts","brnwp_admin_script",39,{"type":165,"name":179,"callback":180,"file":168,"line":181},"admin_menu","brnwp_add_option_page",97,{"type":165,"name":183,"callback":184,"file":168,"line":185},"admin_init","brnwp_register_options_group",151,[187],{"action":188,"nopriv":189,"callback":188,"hasNonce":189,"hasCapCheck":189,"file":168,"line":190},"brnwp_ajax_form",false,364,[],[193],{"tag":4,"callback":194,"file":168,"line":195},"brnwp_show_breaking_news_wp",91,[],1,{"dangerousFunctions":199,"sqlUsage":200,"outputEscaping":202,"fileOperations":87,"externalRequests":87,"nonceChecks":87,"capabilityChecks":197,"bundledLibraries":275},[],{"prepared":87,"raw":87,"locations":201},[],{"escaped":150,"rawEcho":177,"locations":203},[204,207,209,211,213,215,217,219,221,223,225,227,230,232,234,235,236,238,240,242,244,245,246,248,249,252,253,255,257,259,260,262,263,265,267,269,271,273,274],{"file":168,"line":205,"context":206},163,"raw output",{"file":168,"line":208,"context":206},229,{"file":168,"line":210,"context":206},253,{"file":168,"line":212,"context":206},262,{"file":168,"line":214,"context":206},271,{"file":168,"line":216,"context":206},280,{"file":168,"line":218,"context":206},289,{"file":168,"line":220,"context":206},303,{"file":168,"line":222,"context":206},315,{"file":168,"line":224,"context":206},324,{"file":168,"line":226,"context":206},333,{"file":228,"line":229,"context":206},"templates\\one.php",12,{"file":228,"line":231,"context":206},16,{"file":228,"line":233,"context":206},20,{"file":228,"line":169,"context":206},{"file":228,"line":62,"context":206},{"file":228,"line":237,"context":206},37,{"file":228,"line":239,"context":206},38,{"file":228,"line":241,"context":206},42,{"file":228,"line":243,"context":206},45,{"file":228,"line":13,"context":206},{"file":228,"line":86,"context":206},{"file":228,"line":247,"context":206},88,{"file":228,"line":247,"context":206},{"file":250,"line":251,"context":206},"templates\\two.php",11,{"file":250,"line":150,"context":206},{"file":250,"line":254,"context":206},19,{"file":250,"line":256,"context":206},24,{"file":250,"line":258,"context":206},29,{"file":250,"line":173,"context":206},{"file":250,"line":261,"context":206},41,{"file":250,"line":241,"context":206},{"file":250,"line":264,"context":206},46,{"file":250,"line":266,"context":206},49,{"file":250,"line":268,"context":206},84,{"file":250,"line":270,"context":206},89,{"file":250,"line":272,"context":206},92,{"file":250,"line":272,"context":206},{"file":250,"line":272,"context":206},[],[],{"summary":278,"deductions":279},"The \"breaking-news-wp\" v1.3 plugin exhibits a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and has no file operations or external HTTP requests, significant concerns arise from its entry points and historical vulnerability patterns. The presence of one unprotected AJAX handler presents a direct attack vector. The plugin's vulnerability history, with two currently unpatched medium severity CVEs, both related to Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), is a major red flag. This pattern indicates a recurring weakness in how user input is handled or how actions are protected. The lack of nonce checks on the unprotected AJAX handler, coupled with the historical XSS vulnerabilities, suggests that malicious actors could potentially inject scripts or perform unauthorized actions.  The limited output escaping (28% properly escaped) further exacerbates the XSS risk, as data displayed to users may not be properly sanitized.  Overall, the plugin has some strengths in its secure handling of database queries, but the unprotected entry points and persistent historical vulnerabilities create a notable risk profile.",[280,282,284,287,290],{"reason":281,"points":114},"Unprotected AJAX handler",{"reason":283,"points":233},"2 unpatched medium severity CVEs",{"reason":285,"points":286},"Limited output escaping (28% proper)",8,{"reason":288,"points":289},"No nonce checks on AJAX handler",7,{"reason":291,"points":150},"Historical XSS and CSRF vulnerabilities","2026-03-16T19:51:05.252Z",{"wat":294,"direct":303},{"assetPaths":295,"generatorPatterns":299,"scriptPaths":300,"versionParams":302},[296,297,298],"\u002Fwp-content\u002Fplugins\u002Fbreaking-news-wp\u002Fjs\u002Fjquery.marquee.min.js","\u002Fwp-content\u002Fplugins\u002Fbreaking-news-wp\u002Fjs\u002Fmarquee-scroll-min.js","\u002Fwp-content\u002Fplugins\u002Fbreaking-news-wp\u002Fjs\u002Fmarquee-scroll.js",[],[301,296,297,298],"\u002Fwp-content\u002Fplugins\u002Fbreaking-news-wp\u002Fjs\u002Fbn-opt-res.js",[],{"cssClasses":304,"htmlComments":306,"htmlAttributes":307,"restEndpoints":315,"jsGlobals":316,"shortcodeOutput":319},[305],"brnwp_custom_text",[],[308,309,310,311,312,313,314],"name=\"brnwp_theme\"","id=\"brnwp_theme_one\"","id=\"brnwp_theme_two\"","id=\"brnwp_dim_barra\"","id=\"brnwp_testo_pers\"","id=\"brnwp_text\"","action: 'brnwp_ajax_form'",[],[317,318],"brnwp_ajax_sd","brnwp_custom_text_check",[320],"[breaking-news-wp]"]