[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2LavnBaAZl_iKGHZP9UXJ4Y5HlthIed-ZTfcQAroeWQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":131,"fingerprints":221},"brewery-db","BreweryDB","2.1.0","farrelley","https:\u002F\u002Fprofiles.wordpress.org\u002Ffarrelley\u002F","\u003Cp>The BreweryDB plugin allows you to display information in your posts about beers and breweries.\u003Cbr \u002F>\nThis plugin uses the BreweryDB API to retrieve data and you must register for a BreweryDB API Key at http:\u002F\u002Fwww.brewerydb.com\u002Fdevelopers\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>More information can be found at http:\u002F\u002Fwww.brewerydb.com\u002F or by contacting feedback@pintlabs.com\u003C\u002Fp>\n","The BreweryDB plugin allows you to display information in your posts about beers and breweries.",10,3036,0,"2013-02-27T01:36:00.000Z","3.5.2","3.0","",[19,20,21,22,23],"beer","breweries","brewerydb","craft-beer","craftbeer","http:\u002F\u002Fwww.brewerydb.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrewery-db.2.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-05T08:47:08.629Z",[36,53,77,97,115],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":45,"num_ratings":31,"last_updated":46,"tested_up_to":47,"requires_at_least":16,"requires_php":17,"tags":48,"homepage":51,"download_link":52,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"beer-ratings","Beer Ratings","1.0.2","jamesewelch","https:\u002F\u002Fprofiles.wordpress.org\u002Fjamesewelch\u002F","\u003Cp>The Beer Ratings plugin allows you to display information about beers, brewers, and places to drink. This plugin uses the RateBeer API to retrieve data and you must register for a RateBeer API Key at http:\u002F\u002Fwww.ratebeer.com\u002Fjson\u002Fratebeer-api.asp.\u003C\u002Fp>\n\u003Cp>You can retrieve beers by brewers, best beers by style, beers available at a specific place, brewer information, place information, and beer information. You can also retrieve beer reviews, rankings, and scores.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>More information can be found at http:\u002F\u002Fwww.jamesewelch.com\u002Fprojects\u002Fbeer-ratings-wp-plugin\u003C\u002Fp>\n","The Beer Ratings plugin allows you to display information about beers, brewers, and places to drink. The plugin requires a RateBeer API Key.",2417,20,"2012-07-20T03:05:00.000Z","3.4.2",[19,49,50,20,22],"beer-library","brew","http:\u002F\u002Fwww.jamesewelch.com\u002Fprojects\u002Fbeer-ratings-wp-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeer-ratings.1.0.2.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":68,"homepage":73,"download_link":74,"security_score":75,"vuln_count":31,"unpatched_count":13,"last_vuln_date":76,"fetched_at":28},"beerxml-shortcode","BeerXML Shortcode","0.8","Derek Springer","https:\u002F\u002Fprofiles.wordpress.org\u002Fderekspringer\u002F","\u003Cp>A shortcode for displaying beer recipes. Now with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortcode-ui\u002F\" rel=\"ugc\">Shortcake (Shortcode UI)\u003C\u002Fa> integration!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Link to a BeerXML document to display recipe details, style details, fermentables, hops, miscs, yeast, mash steps, fermentation schedule, and notes.\u003C\u002Fli>\n\u003Cli>Allows you to easily switch between U.S. & Metric measurements.\u003C\u002Fli>\n\u003Cli>Control if & how long recipe is cached.\u003C\u002Fli>\n\u003Cli>Allow readers to download the recipe directly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It follows the basic format of:\u003C\u002Fp>\n\u003Cp>[beerxml\u003Cbr \u002F>\n    recipe={URL}\u003Cbr \u002F>\n    metric=true|false\u003Cbr \u002F>\n    download=true|false\u003Cbr \u002F>\n    style=true|false\u003Cbr \u002F>\n    mash=true|false\u003Cbr \u002F>\n    fermentation=true|false\u003Cbr \u002F>\n    mhop=true|false\u003Cbr \u002F>\n    misc=true|false\u003Cbr \u002F>\n    actuals=true|false\u003Cbr \u002F>\n    cache=-1|{seconds to cache}]\u003C\u002Fp>\n\u003Cp>Please note all options (minus recipe) are optional and have the following defaults:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>metric = false\u003C\u002Fli>\n\u003Cli>cache = 12 hours (60 x 60 x 12 seconds), -1 kills the cache and sets value to 0\u003C\u002Fli>\n\u003Cli>download = true\u003C\u002Fli>\n\u003Cli>style = true\u003C\u002Fli>\n\u003Cli>mash = true\u003C\u002Fli>\n\u003Cli>misc = true\u003C\u002Fli>\n\u003Cli>actuals = true\u003C\u002Fli>\n\u003Cli>fermentation = false\u003C\u002Fli>\n\u003Cli>mhop = false\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically insert and display beer recipes by linking to a BeerXML document.",100,7120,98,9,"2025-04-29T20:04:00.000Z","6.8.5","3.4",[19,69,70,71,72],"beerxml","homebrew","recipe","shortcode","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbeerxml-shortcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeerxml-shortcode.0.8.zip",99,"2025-04-24 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":61,"downloaded":85,"rating":61,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":95,"download_link":96,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"untappd-checkins-widget","Untappd WordPress Widget","1.3.3","Michael Beckwith","https:\u002F\u002Fprofiles.wordpress.org\u002Ftw2113\u002F","\u003Cp>This plugin creates a widget that you can use to display recent checkins on Untappd.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOTE\u003C\u002Fstrong> You will need to register for an api key from Untappd to use this widget. More information and application can be found at \u003Ca href=\"https:\u002F\u002Funtappd.com\u002Fapi\u002F\" rel=\"nofollow ugc\">Untappd API Docs\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>See full documentation at http:\u002F\u002Ftrexthepirate.com\u002Funtappd\u002F\u003C\u002Fp>\n","Display recent Untappd Checkins via widget",11625,3,"2020-07-09T02:57:00.000Z","5.4.19","3.5","5.3",[19,92,93,94],"social-drinking","untappd","widgets","http:\u002F\u002Fmichaelbox.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funtappd-checkins-widget.1.3.3.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":32,"downloaded":105,"rating":106,"num_ratings":31,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":17,"tags":110,"homepage":113,"download_link":114,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"beer-directory","Beer Directory","1.1","Rescue Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Frescuethemes\u002F","\u003Cp>This plugin allows home brewers, professional breweries, and beer afficianadoes to enter individual beer, beer categories, and beer details. It provides a shortcode that will allow for display management.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features include:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily categorize and group your beer with a configurable shortcode.\u003C\u002Fli>\n\u003Cli>Enter details for your beer that include: ABV, IBU, OG, FG, SRM\u002FColor, Malts, Hops, and Yeast.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>New features\u003C\u002Fstrong>\u003Cbr \u002F>\nWe want to improve the Beer Directory plugin based on your feedback! Please let us know via the plugin’s support tab and \u003Ca href=\"http:\u002F\u002Frescuethemes.us6.list-manage.com\u002Fsubscribe?u=e996b9d9a5&id=a41af7345e\" rel=\"nofollow ugc\">subscribe to our mailing list\u003C\u002Fa> to get notified of new developments.\u003C\u002Fp>\n\u003Ch3>Credit\u003C\u002Fh3>\n\u003Cp>team-post-type – ​https:\u002F\u002Fgithub.com\u002Fdevinsays\u002Fteam-post-type\u003Cbr \u002F>\nLicense: GPL-2.0+ – http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003Cbr \u002F>\nCopyright: Devin Price, @devinsays\u003C\u002Fp>\n\u003Cp>Dashboard Glancer – http:\u002F\u002Fgamajo.com\u002Fdashboard-glancer\u003Cbr \u002F>\nLicense: GPL-2.0+ – http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003Cbr \u002F>\nCopyright: Gary Jones, Gamajo Tech\u003C\u002Fp>\n","Enables a beer post type and beer list shortcode.",4565,60,"2019-08-13T23:04:00.000Z","5.2.24","4.0",[19,50,111,112,70],"brewery","directory","https:\u002F\u002Frescuethemes.com\u002Fbeer-directory","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeer-directory.1.1.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":11,"downloaded":123,"rating":13,"num_ratings":13,"last_updated":124,"tested_up_to":108,"requires_at_least":125,"requires_php":17,"tags":126,"homepage":17,"download_link":130,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"allgrainbeer","AllGrain.Beer","1.0.0","Nagmay","https:\u002F\u002Fprofiles.wordpress.org\u002Fgabrielmcgovern\u002F","\u003Cp>Adds oEmbed support for \u003Ca href=\"http:\u002F\u002Fallgrain.beer\u002F\" title=\"Brew better beer!\" rel=\"nofollow ugc\">AllGrain.Beer\u003C\u002Fa>\u003Cbr \u002F>\nTry adding a recipe URL to your post or page!\u003C\u002Fp>\n","Adds oEmbed support for AllGrain.Beer",1756,"2019-10-11T00:56:00.000Z","3.7",[127,116,19,128,129],"allgrain-beer","embed","oembed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallgrainbeer.zip",{"attackSurface":132,"codeSignals":158,"taintFlows":173,"riskAssessment":210,"analyzedAt":220},{"hooks":133,"ajaxHandlers":139,"restRoutes":140,"shortcodes":141,"cronEvents":156,"entryPointCount":157,"unprotectedCount":13},[134],{"type":135,"name":136,"callback":136,"file":137,"line":138},"action","admin_menu","index.php",24,[],[],[142,145,148,150,153],{"tag":111,"callback":111,"file":143,"line":144},"BreweryDB.php",18,{"tag":146,"callback":111,"file":143,"line":147},"brewerydb_brewery",19,{"tag":19,"callback":19,"file":143,"line":149},21,{"tag":151,"callback":19,"file":143,"line":152},"brewerydb_beer",22,{"tag":154,"callback":155,"file":143,"line":138},"brewerydb_featured","featured",[],5,{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":162,"fileOperations":13,"externalRequests":171,"nonceChecks":13,"capabilityChecks":31,"bundledLibraries":172},[],{"prepared":13,"raw":13,"locations":161},[],{"escaped":13,"rawEcho":163,"locations":164},2,[165,169],{"file":166,"line":167,"context":168},"BreweryDB_Admin.php",48,"raw output",{"file":166,"line":170,"context":168},53,4,[],[174,199],{"entryPoint":175,"graph":176,"unsanitizedCount":13,"severity":198},"my_plugin_options (BreweryDB_Admin.php:30)",{"nodes":177,"edges":194},[178,183,188,192],{"id":179,"type":180,"label":181,"file":166,"line":182},"n0","source","$_POST['brewerydb_apikey']",36,{"id":184,"type":185,"label":186,"file":166,"line":182,"wp_function":187},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":189,"type":180,"label":190,"file":166,"line":191},"n2","$_POST['brewerydb_cachetime']",37,{"id":193,"type":185,"label":186,"file":166,"line":191,"wp_function":187},"n3",[195,197],{"from":179,"to":184,"sanitized":196},true,{"from":189,"to":193,"sanitized":196},"low",{"entryPoint":200,"graph":201,"unsanitizedCount":13,"severity":198},"\u003CBreweryDB_Admin> (BreweryDB_Admin.php:0)",{"nodes":202,"edges":207},[203,204,205,206],{"id":179,"type":180,"label":181,"file":166,"line":182},{"id":184,"type":185,"label":186,"file":166,"line":182,"wp_function":187},{"id":189,"type":180,"label":190,"file":166,"line":191},{"id":193,"type":185,"label":186,"file":166,"line":191,"wp_function":187},[208,209],{"from":179,"to":184,"sanitized":196},{"from":189,"to":193,"sanitized":196},{"summary":211,"deductions":212},"The Brewery DB plugin v2.1.0 demonstrates a generally good security posture with a low overall risk profile. The absence of known CVEs and the use of prepared statements for all SQL queries are significant strengths.  Furthermore, the plugin doesn't appear to perform sensitive file operations or make external HTTP requests that are commonly exploited. The limited attack surface, primarily consisting of shortcodes, with no directly identified unprotected entry points, also contributes positively to its security.\n\nHowever, there are notable areas for improvement. The most significant concern is the complete lack of output escaping for all identified outputs, representing a potential cross-site scripting (XSS) vulnerability if any of the processed data is reflected directly in the browser without proper sanitization.  The absence of nonce checks on the identified entry points, coupled with only one capability check across the entire plugin, indicates a weakness in ensuring that actions are authorized and come from legitimate sources, especially if any of the shortcodes handle sensitive operations or user-provided data.\n\nOverall, while the plugin is not currently burdened by a history of vulnerabilities or critical code flaws, the unescaped output and limited authorization checks present real, albeit potentially exploitable under specific circumstances, security risks.  Addressing these issues would significantly strengthen the plugin's security.",[213,216,218],{"reason":214,"points":215},"All outputs lack escaping",8,{"reason":217,"points":157},"No nonce checks on entry points",{"reason":219,"points":86},"Minimal capability checks on entry points","2026-03-17T00:44:25.064Z",{"wat":222,"direct":228},{"assetPaths":223,"generatorPatterns":225,"scriptPaths":226,"versionParams":227},[224],"\u002Fwp-content\u002Fplugins\u002Fbrewery-db\u002Fcss\u002Fstyles.css",[],[],[],{"cssClasses":229,"htmlComments":244,"htmlAttributes":245,"restEndpoints":248,"jsGlobals":249,"shortcodeOutput":250},[21,111,19,230,231,232,233,234,235,236,237,238,239,240,111,241,242,243],"name","established","address","street-address","locality","region","postal-code","country-name","description","label","style","abv","ibu","text",[],[246,247],"id=\"breweries\"","id=\"beers\"",[],[],[251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271,272],"\u003Cdiv id=\"breweries\">","\u003Cdiv class=\"text\">","\u003Cdiv id=\"brewery-","\u003Cdiv class=\"logo\">\u003Cimg src=\"","\u003Cdiv class=\"name\">\u003Ca href=\"http:\u002F\u002Fbrewerydb.com\u002Fbrewery\u002F","\u003Cdiv class=\"established\">Established: ","\u003Cdiv class=\"address\">","\u003Cspan class=\"street-address\">","\u003Cspan class=\"locality\">","\u003Cspan class=\"region\">","\u003Cspan class=\"postal-code\">","\u003Cspan class=\"country-name\">","\u003Cdiv class=\"description\">","\u003Cdiv class=\"clearfix\">\u003C\u002Fdiv>","\u003C\u002Fdiv>","\u003Cdiv id=\"beers\">","\u003Cdiv class=\"label\">\u003Cimg src=\"","\u003Cdiv class=\"name\">\u003Ca href=\"http:\u002F\u002Fbrewerydb.com\u002Fbeer\u002F","\u003Cdiv class=\"style\">","\u003Cdiv class=\"brewery\">Brewed by: ","\u003Cdiv class=\"abv\">ABV: ","\u003Cdiv class=\"ibu\">IBU: "]