[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOFtbVQSge0JF1Cq8ta0ABjl5Zsof8c2-aIQuuNIeXO0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":133,"fingerprints":228},"calendar-posts","Calendar Posts","0.7.1","swedish boy","https:\u002F\u002Fprofiles.wordpress.org\u002Fswedish-boy\u002F","\u003Cp>Adds a ‘calendar-box’ to the edit post mode. Here you set up to 10 different dates for your post to be associated with. Through a sidebar widget you control how to display posts that have upcoming dates set to them. This plugin should work fine with other post plugins and the posts you add “calendar-post-dates” will still be displayed in your normal blog post flow.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds Date Picker (jQuery) box to ‘edit post mode’.\u003C\u002Fli>\n\u003Cli>Up to 10 different dates can be set for one post.\u003C\u002Fli>\n\u003Cli>Configurable widget to choose how your sidebar calendar will look.\u003C\u002Fli>\n\u003Cli>CSS customizable through your themes stylesheet. Developers can style the output as they like. (Non developers can pick some css-code in the FAQ’s)\u003C\u002Fli>\n\u003C\u002Ful>\n","A powerful yet simple plugin for adding calendar functionality to posts. Great for using posts as events and calendar inputs.",10,8474,0,"2011-05-18T01:09:00.000Z","3.1.4","2.8","",[19,4,20,21,22],"calendar","events","post","posts","http:\u002F\u002Fwww.swedishboy.dk\u002Fproducts\u002Fcalendar-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcalendar-posts.0.7.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"swedish-boy",3,130,30,84,"2026-04-04T06:59:41.711Z",[37,54,78,97,114],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":52,"download_link":53,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"posts-to-events","Posts To Events","1.56","xdark","https:\u002F\u002Fprofiles.wordpress.org\u002Fxdarkeu\u002F","\u003Cp>This simple and elegant plugin adds callendar functionality to posts. As soon as you install and activate you can find a “Event Date Select” box in post add\u002Fedit section. Choose a date for your event and it will be displayed wherever you place pugins widget. When an event is over it won’t apear anymore.\u003C\u002Fp>\n\u003Cp>Works great with custom themes or other calendar plugins.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress built in javascript date picker\u003C\u002Fli>\n\u003Cli>Change thumbnail size\u003C\u002Fli>\n\u003Cli>Change color, size, type of the text to displayed on the fly through the widget options\u003C\u002Fli>\n\u003Cli>Layout fully customizable through a provided css stylesheet (although id’s and classes are provided, you’ll need some css skills here)\u003C\u002Fli>\n\u003C\u002Ful>\n","This is a simple plugin for adding callendar functionality to posts.",2284,40,1,"2013-05-19T12:19:00.000Z","3.5.2","3.0.1",[19,20,21,22],"http:\u002F\u002Fshowcase.xdark.eu\u002Fpoststoevents\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fposts-to-events.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":74,"download_link":75,"security_score":76,"vuln_count":47,"unpatched_count":13,"last_vuln_date":77,"fetched_at":27},"same-category-posts","Same Category Posts","1.1.20","Daniel Floeter","https:\u002F\u002Fprofiles.wordpress.org\u002Fkometschuh\u002F","\u003Cp>Same Category Posts shows a list of related posts with a same Post Type to the current post. The widget is only shown on single post pages. Forked from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frelated-posts-widget\" rel=\"ugc\">Related Posts Widget\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Tip Top Press\u003C\u002Fh4>\n\u003Cp>We’re \u003Ca href=\"http:\u002F\u002Ftiptoppress.com\u002F\" rel=\"nofollow ugc\">Tip Top Press\u003C\u002Fa> and create widgets for WordPress. If you want to know about what we’re working on and you are interested in backgrounds then you can read all newes storys on our \u003Ca href=\"http:\u002F\u002Ftiptoppress.com\u002Fblog\u002F?utm_source=wp.org&utm_medium=readme.txt&utm_campaign=same+category+posts\" rel=\"nofollow ugc\">blog\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Shows a list of related posts.\u003C\u002Fli>\n\u003Cli>Option which Post Type should be related to the current post.\u003C\u002Fli>\n\u003Cli>Custom Post Types support.\u003C\u002Fli>\n\u003Cli>Child category and terms support.\u003C\u002Fli>\n\u003Cli>Archive page support.\u003C\u002Fli>\n\u003Cli>Option exclude one or multi categories or terms.\u003C\u002Fli>\n\u003Cli>Option to filter by popular posts (by comment count).\u003C\u002Fli>\n\u003Cli>Option \u003Ca href=\"http:\u002F\u002Ftiptoppress.com\u002Fnew-dynamic-layout-feature-separate-categories\u002F\" rel=\"nofollow ugc\">separate categories\u003C\u002Fa> if more than one is assigned.\u003C\u002Fli>\n\u003Cli>Set how many posts to show (overall and by category).\u003C\u002Fli>\n\u003Cli>Option exclude current post, sticky posts or children.\u003C\u002Fli>\n\u003Cli>Option exclude categories and terms without exclude their children.\u003C\u002Fli>\n\u003Cli>Placeholders in title string (e.g. “There are a lot of %cat%-News.” -> “There are a lot of Tech-News.”).\u003C\u002Fli>\n\u003Cli>Filter hook for the post titles ‘widget_title’.\u003C\u002Fli>\n\u003Cli>Option to show post thumbnail and set width & height.\u003C\u002Fli>\n\u003Cli>Option to \u003Ca href=\"http:\u002F\u002Ftiptoppress.com\u002Fcss-image-crop\u002F\" rel=\"nofollow ugc\">crop thumbnails dimensions with CSS\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Option to put thumbnail on top.\u003C\u002Fli>\n\u003Cli>Option to make the widget title link to the category page.\u003C\u002Fli>\n\u003Cli>Option to show\u002Fhide the title.\u003C\u002Fli>\n\u003Cli>Option to show the post excerpt and how long (in words).\u003C\u002Fli>\n\u003Cli>Option change excerpt ‘more’ text.\u003C\u002Fli>\n\u003Cli>Option to show the post date, author and comment count.\u003C\u002Fli>\n\u003Cli>Multiple widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Placeholder\u003C\u002Fh4>\n\u003Cp>In text boxes \u003Cstrong>%cat%\u003C\u002Fstrong> will replaced with the (first assigned) category name, e.g. “There are a lot of %cat%-News.” -> “There are a lot of Tech-News.”\u003C\u002Fp>\n\u003Cp>And \u003Cstrong>%cat-all%\u003C\u002Fstrong> will replaced with all assigned category name, e.g. “Special offers for %cat-all%!” -> “Special offers for houses, flats, apartments.”\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>While using this plugin if you find any bug or any conflict, please submit an issue at\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDanielFloeter\u002Fsame-category-posts\" rel=\"nofollow ugc\">Github\u003C\u002Fa> (If possible with a pull request).\u003C\u002Fp>\n","Show posts related to the current category or other custom post types.",3000,71571,94,13,"2026-01-21T22:07:00.000Z","6.9.4","3.0",[70,20,71,72,73],"custom-post-type","products","related","related-posts","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsame-category-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsame-category-posts.1.1.20.zip",99,"2026-01-23 19:17:25",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":64,"num_ratings":11,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":17,"tags":91,"homepage":93,"download_link":94,"security_score":34,"vuln_count":95,"unpatched_count":13,"last_vuln_date":96,"fetched_at":27},"schedule-posts-calendar","Schedule Posts Calendar","5.3","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>Adds a JavaScript calendar to the scheduled publish widget to allow you to select a date and time graphically instead of via the text entry boxes.\u003C\u002Fp>\n\u003Cp>This plugin uses the gpl’d dhtmlxcalendar (http:\u002F\u002Fdhtmlx.com\u002Fdocs\u002Fproducts\u002FdhtmlxCalendar\u002Findex.shtml) for the calendar control.\u003C\u002Fp>\n\u003Cp>This code is released under the GPL v2, see license.txt for details.\u003C\u002Fp>\n\u003Ch3>Roadmap\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>None at this time.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds a JavaScript calendar to the scheduled publish widget to allow you to select a date and time graphically instead of via the text entry boxes.",1000,35574,"2023-12-03T02:54:00.000Z","6.4.8","3.0.0",[92,19,22],"admin","http:\u002F\u002Ftoolstack.com\u002FSchedulePostsCalendar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fschedule-posts-calendar.5.3.zip",2,"2023-08-16 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":86,"downloaded":105,"rating":64,"num_ratings":65,"last_updated":106,"tested_up_to":67,"requires_at_least":107,"requires_php":17,"tags":108,"homepage":111,"download_link":112,"security_score":113,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"the-future-is-now","The Future Is Now","3.3.8","xjlin0","https:\u002F\u002Fprofiles.wordpress.org\u002Fxjlin0\u002F","\u003Cp>A WordPress plugin aimed primarily at events sites, where you want to be able to timestamp posts in the future but have them appear immediately (by default, WordPress will not display a future timestamped post until its go-live date rolls around). Without changing database, this plugin sets the post_status field to “publish” rather than “future” when publishing a post, even if its timestamp is in the future.\u003C\u002Fp>\n\u003Cp>Note: This 2.0 version requires WordPress 3.5 or higher. If you need this to work with versions lower than 3.5, grab the 1.0 version from svn: https:\u002F\u002Fplugins.svn.wordpress.org\u002Fthe-future-is-now\u002Ftags\u002F1.0\u002F\u003C\u002Fp>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>This seemingly simple plugin was graciously written by the magical Ryan Boren when I was facing a deadline. He doesn’t have time to maintain\u002Fhost it, so I agreed to. Andrew Nacin tweaked it to work with WP 3.5, when the APIs changed a bit. Jack updated the plugin for WordPress 6.8.\u003C\u002Fp>\n","Allow future-time-stamped posts to appear live on your site immediately.",36817,"2026-02-08T03:35:00.000Z","5.6",[20,109,22,110],"future","time","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fthe-future-is-now\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-future-is-now.3.3.8.zip",100,{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":113,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":49,"requires_at_least":126,"requires_php":17,"tags":127,"homepage":131,"download_link":132,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"blog-post-calendar-widget","Blog Post Calendar Widget","1.1","Ron Zvagelsky","https:\u002F\u002Fprofiles.wordpress.org\u002Frzvagelsky\u002F","\u003Cp>Monthly grid view calendar widget highlighting archived and\u002For future posts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Additional Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Popup details for each date with posts\u003C\u002Fli>\n\u003Cli>Optional details include post author and comment count.\u003C\u002Fli>\n\u003Cli>Ability to show posts by post type, category, specific taxonomy and\u002For term\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fpresshive.com\u002Fplugins\u002Fwordpress-blog-post-calendar-plugin\" rel=\"nofollow ugc\">\u003Cstrong>For more information or to request additional features, please visit the plugin page\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n","The Blog Posts Calendar Widget allows you to display your archived or future posts in a calendar as a sidebar widget.",14402,96,8,"2013-05-24T19:47:00.000Z","3.2",[19,128,129,22,130],"future-posts","post-types","widget","http:\u002F\u002Fpresshive.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-post-calendar-widget.zip",{"attackSurface":134,"codeSignals":154,"taintFlows":198,"riskAssessment":217,"analyzedAt":227},{"hooks":135,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":13,"unprotectedCount":13},[136,142,146],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","widgets_init","anonymous","calendar-posts.php",451,{"type":137,"name":143,"callback":144,"file":140,"line":145},"save_post","save_handler",452,{"type":137,"name":147,"callback":148,"file":140,"line":149},"admin_menu","add_metaboxes",453,[],[],[],[],{"dangerousFunctions":155,"sqlUsage":159,"outputEscaping":161,"fileOperations":13,"externalRequests":13,"nonceChecks":47,"capabilityChecks":47,"bundledLibraries":193},[156],{"fn":157,"file":140,"line":141,"context":158},"create_function","add_action('widgets_init', create_function('','return register_widget(\"CalendarPosts\");'));",{"prepared":13,"raw":13,"locations":160},[],{"escaped":13,"rawEcho":162,"locations":163},15,[164,167,169,171,173,175,177,179,181,183,185,187,188,189,191],{"file":140,"line":165,"context":166},50,"raw output",{"file":140,"line":168,"context":166},108,{"file":140,"line":170,"context":166},112,{"file":140,"line":172,"context":166},218,{"file":140,"line":174,"context":166},219,{"file":140,"line":176,"context":166},269,{"file":140,"line":178,"context":166},316,{"file":140,"line":180,"context":166},317,{"file":140,"line":182,"context":166},326,{"file":140,"line":184,"context":166},367,{"file":140,"line":186,"context":166},368,{"file":140,"line":186,"context":166},{"file":140,"line":186,"context":166},{"file":140,"line":190,"context":166},383,{"file":140,"line":192,"context":166},395,[194],{"name":195,"version":196,"knownCves":197},"jQuery","1.4.2",[],[199],{"entryPoint":200,"graph":201,"unsanitizedCount":13,"severity":216},"\u003Ccalendar-posts> (calendar-posts.php:0)",{"nodes":202,"edges":213},[203,208],{"id":204,"type":205,"label":206,"file":140,"line":207},"n0","source","$_POST (x2)",136,{"id":209,"type":210,"label":211,"file":140,"line":178,"wp_function":212},"n1","sink","echo() [XSS]","echo",[214],{"from":204,"to":209,"sanitized":215},true,"low",{"summary":218,"deductions":219},"The 'calendar-posts' plugin v0.7.1 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to modern WordPress security practices by utilizing prepared statements for all SQL queries, including a nonce check and a capability check.  Furthermore, the static analysis found no critical or high-severity taint flows, suggesting that user-controlled input is generally handled safely in these critical areas. The complete absence of known CVEs also points to a generally secure history, implying diligent maintenance or a lack of targeted exploits.\n\nHowever, several concerning code signals warrant attention. The presence of the `create_function` is a significant risk, as it's considered deprecated and can lead to severe security vulnerabilities if used with unsanitized input.  Equally concerning is the fact that 100% of output operations are not properly escaped. This means any dynamic content displayed by the plugin is susceptible to Cross-Site Scripting (XSS) attacks, allowing attackers to inject malicious code into the user's browser. The bundling of an outdated jQuery version (v1.4.2) also introduces potential risks, as older library versions often contain known vulnerabilities.\n\nIn conclusion, while the plugin scores well on foundational security elements like SQL sanitization and authentication checks, the critical issues of unescaped output and the use of `create_function`, coupled with an outdated library, present significant security weaknesses. The lack of historical vulnerabilities is a positive indicator, but the identified code signals necessitate immediate attention to prevent potential exploitation.",[220,222,224],{"reason":221,"points":162},"100% of outputs not properly escaped",{"reason":223,"points":11},"Dangerous function: create_function",{"reason":225,"points":226},"Bundled outdated library: jQuery v1.4.2",5,"2026-03-17T01:22:24.598Z",{"wat":229,"direct":240},{"assetPaths":230,"generatorPatterns":237,"scriptPaths":238,"versionParams":239},[231,232,233,234,235,236],"\u002Fwp-content\u002Fplugins\u002Fcalendar-posts\u002Fjquery.datepick.package\u002Fredmond.datepick.css","\u002Fwp-content\u002Fplugins\u002Fcalendar-posts\u002Fjquery.datepick.package\u002Fui-redmond.datepick.css","\u002Fwp-content\u002Fplugins\u002Fcalendar-posts\u002Fjquery.datepick.package\u002Fredmond\u002Fui.datepicker.css","\u002Fwp-content\u002Fplugins\u002Fcalendar-posts\u002Fjquery.datepick.package\u002Fjquery-1.4.2.min.js","\u002Fwp-content\u002Fplugins\u002Fcalendar-posts\u002Fjquery.datepick.package\u002Fjquery.datepick.js","\u002Fwp-content\u002Fplugins\u002Fcalendar-posts\u002Fjquery.datepick.package\u002Fjquery.datepick.lang.min.js",[],[234,235,236],[],{"cssClasses":241,"htmlComments":246,"htmlAttributes":247,"restEndpoints":256,"jsGlobals":257,"shortcodeOutput":261},[242,243,244,245],"cp-post","cp-date","cp-author","cp-cat",[],[248,249,250,251,252,253,254,255],"id=\"swecpdater_nonce\"","name=\"swecpdater_nonce\"","id=\"cp_dates\"","name=\"CP_dates\"","id=\"calendar_pickr\"","name=\"tid\"","id=\"swecpdater\"","class=\"cp-post\"",[],[258,259,260],"cp_lang","datepick_package","$j = jQuery.noConflict()",[]]