[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqBDW-Tx2nkaogKbP23iq2LDeyCss5mh9M-FnqDpVk2U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":59,"crawl_stats":37,"alternatives":65,"analysis":166,"fingerprints":297},"checklist","Checklist","1.1.9","checklistcom","https:\u002F\u002Fprofiles.wordpress.org\u002Fchecklistcom\u002F","\u003Cp>Turn any list in your blog to a beautiful interactive checklist. Print, Use, Share, Download to Mobile and more. 100% Free.\u003C\u002Fp>\n\u003Cp>People love lists! And if you run a successful blog, you probably have many lists throughout your posts. But those lists tend to be boring bullet lists such as screenshot 1 into an interactive checklist as shown in screenshot 2.\u003C\u002Fp>\n\u003Cp>And once your visitors save the list to their Checklist app (on iOS\u002F Android and Web), it will show as in screenshot 6.\u003C\u002Fp>\n\u003Cp>Notice how you get the sticky relationship as the list includes a link back to your blog which the user will see every time they use the list (even months after).\u003C\u002Fp>\n\u003Ch3>The Advantages\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Let users enjoy a beautiful interactive checklist rather than a boring bullet list\u003C\u002Fli>\n\u003Cli>Let users save the list for later (with a link back to your blog)\u003C\u002Fli>\n\u003Cli>Let users print your lists (sourcing your blog)\u003C\u002Fli>\n\u003Cli>Turn visitors into returning users (increase page views)\u003C\u002Fli>\n\u003Cli>Increase your brand awareness\u003C\u002Fli>\n\u003Cli>Get exposure on Checklist.com \u003C\u002Fli>\n\u003Cli>Monetize your lists\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>Start by installing the plugin in your Plugins directory (or via the WordPress one click install)\u003C\u002Fp>\n\u003Cp>Option 1 – Save & Print buttons\u003Cbr \u002F>\nPlace your cursor above any list in your post, click the Checklist button in your WordPress post editor and select “Save & Print Buttons” from the drop down menu. A shortcode will be placed above your list. You may customize the text on each of the Save or Print buttons.\u003C\u002Fp>\n\u003Cp>Option 2 – Interactive Checklist Box\u003Cbr \u002F>\nSelect any bullet list (or create a new one) in your WordPress post editor. In the following example we take a list of baby items an expecting mom should buy (see screenshot 3)\u003Cbr \u002F>\nClick on the Checklist button from the editor and get the Checklist popup to customize your checklist (screenshot 4)\u003C\u002Fp>\n\u003Cp>And voila: you have a \u003Ca href=\"https:\u002F\u002Fchecklist.com\u002Fbaby-checklist\u002F\" rel=\"nofollow ugc\">baby checklist\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>To customize the overall look and feel of the plugin to fit your blog’s, head over to the Checklist settings page from the WordPress admin menu (screenshot 5)\u003C\u002Fp>\n\u003Ch3>Where can I use the plugin?\u003C\u002Fh3>\n\u003Cp>Naturally, you can use this for any list on your site. Here are a few examples:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Action list. Things to do. E.g. DIY instructions\u003C\u002Fli>\n\u003Cli>Shopping lists. Things you will need to get something accomplished. E.g. DIY lists\u003C\u002Fli>\n\u003Cli>Recipes. Inclued a list of ingredients\u003C\u002Fli>\n\u003Cli>Trip Plans. Lists of places to visit\u003C\u002Fli>\n\u003Cli>Bookmarks. Lists of links. E.g. if you have just listed the top 20 WordPress themes, why not place a list at the end which the user can take with them and further look into\u003C\u002Fli>\n\u003Cli>List of tips\u003C\u002Fli>\n\u003Cli>Summary. See the tip below.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And the list goes on. Let us know if you have an idea we can add to this list.\u003C\u002Fp>\n\u003Cp>Tip: Why not end (and even start) each blog post with a list which summarizes the article? This can be something the reader can take away with them.\u003C\u002Fp>\n\u003Cp>So get started with turning your boring lists into shining interactive checklists!\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We are here to help you and are very eager to hear any feedback you may have. We are also happy to help you set the plugin. Just \u003Ca href=\"https:\u002F\u002Fchecklist.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The Checklisters\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fchecklist\u002Fwordpress\u002Fblob\u002Fmaster\u002Fguide.md\" rel=\"nofollow ugc\">User Guide\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fchecklist.com\" rel=\"nofollow ugc\">Checklist.com\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fchecklist.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Contact Support\u003C\u002Fa> (Free)\u003C\u002Fp>\n","Turn any list in your blog to a beautiful interactive checklist. Print, Use, Share, Download to Mobile and more. 100% Free.",400,15783,80,7,"2019-09-11T17:07:00.000Z","5.2.24","3.5","",[4,20,21,22,23],"frontend","lists","shortcode","todo","https:\u002F\u002Fchecklist.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchecklist.1.1.9.zip",63,2,1,"2025-03-31 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-31538","checklist-authenticated-contributor-stored-cross-site-scripting","Checklist \u003C= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Checklist plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.1.9","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-09 13:11:19",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9790bb19-bb5c-407c-9a2f-589b8b318ffb?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":51,"patched_in_version":6,"severity":39,"cvss_score":52,"cvss_vector":53,"vuln_type":42,"published_date":54,"updated_date":55,"references":56,"days_to_patch":58},"CVE-2019-16525","checklist-cross-site-scripting","Checklist \u003C= 1.1.8 - Cross-Site Scripting","An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript code.","\u003C=1.1.8",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2019-09-10 00:00:00","2024-01-22 19:56:02",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F48b31324-c6a3-4550-939e-06f7b3c7067a?source=api-prod",1596,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":60,"avg_security_score":61,"avg_patch_time_days":62,"trust_score":63,"computed_at":64},410,81,875,66,"2026-04-04T04:17:09.298Z",[66,90,109,128,147],{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":76,"num_ratings":77,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":18,"tags":81,"homepage":86,"download_link":87,"security_score":88,"vuln_count":89,"unpatched_count":89,"last_vuln_date":37,"fetched_at":30},"todo-lists-for-membership-sites","To Do List Member","1.5","Trent Jessee","https:\u002F\u002Fprofiles.wordpress.org\u002Ftjessee\u002F","\u003Cp>To Do List Member adds todo lists and tasks using custom taxonomy and post type to your blog.\u003C\u002Fp>\n\u003Cp>The site admin creates the todo lists and each user can track their own progress.\u003C\u002Fp>\n\u003Cp>Todo lists and progress bars are inserted into any post or page using shortcodes.\u003C\u002Fp>\n\u003Cp>The plugin adds two buttons to the visual editor, one to insert a todo list and one to insert a progress bar.\u003C\u002Fp>\n\u003Cp>Screenshots and a more detailed description can be found here: http:\u002F\u002Fwww.watchmanadvisors.com\u002Fto-do-list-member-wordpress-plugin\u002F\u003C\u002Fp>\n","To Do List Member adds todolists and tasks using custom taxonomy and post type to your blog.",10,8519,64,9,"2018-11-28T08:43:00.000Z","4.9.29","3.0.1",[4,82,83,84,85],"checklists","tasks","to-do","todo-list","http:\u002F\u002Fwww.watchmanadvisors.com\u002Fto-do-list-member-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftodo-lists-for-membership-sites.1.6.zip",85,0,{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":11,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":18,"tags":104,"homepage":18,"download_link":108,"security_score":88,"vuln_count":89,"unpatched_count":89,"last_vuln_date":37,"fetched_at":30},"checklist-in-post","Checklist in Post","1.1.3","Intar IT","https:\u002F\u002Fprofiles.wordpress.org\u002Ftomiskym\u002F","\u003Cp>Allow creating checklists in posts based on bulleted list.\u003Cbr \u002F>\n\u003Cstrong>Supports Cookies\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>WordPress 5.0 and Gutenberg Support:\u003C\u002Fem>\u003Cbr \u002F>\nUse Classic Block and then Visual editor instructions below.\u003Cbr \u002F>\nThere are plans for Separate Gutenberg block in the future.\u003C\u002Fp>\n\u003Cp>\u003Cem>Usage in visual editor :\u003C\u002Fem>\u003Cbr \u002F>\n* Create \u002F Edit Post and add classic Visual Editor bulleted list to it. Try to prepare space for it by leaving empty lines before and after.\u003Cbr \u002F>\n* Select list in Visual Editor (and empty line above) and click button \u003Ccode>\"Add Checklist\"\u003C\u002Fcode>.\u003Cbr \u002F>\n* Shortcodes \u003Ccode>[checklist_in_post] [\u002Fchecklist_in_post]\u003C\u002Fcode> will appear.\u003Cbr \u002F>\n* Save.\u003Cbr \u002F>\n* If you want to use cookies – check cookie option under plugin settings.\u003C\u002Fp>\n","Allow creating checklists in posts based on bulleted list.",7777,100,6,"2018-12-08T19:13:00.000Z","5.0.25","3.0",[4,105,106,107,22],"for","in","post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchecklist-in-post.1.1.3.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":11,"downloaded":117,"rating":99,"num_ratings":118,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":122,"tags":123,"homepage":126,"download_link":127,"security_score":88,"vuln_count":89,"unpatched_count":89,"last_vuln_date":37,"fetched_at":30},"docket-wp","Docket WP","1.1.4","Andre Gagnon","https:\u002F\u002Fprofiles.wordpress.org\u002F2winfactor\u002F","\u003Cp>Docket WP is a productivity tool that allows you to create, save, and execute your standard operating procedures and simple to-do lists from any WordPress installation. By working through standardized procedures you can maximize your efficiency, develop consistency, improve organization, build repeatable systems, and accomplish more in less time.\u003C\u002Fp>\n\u003Cp>Docket WP is commonly used for procedures like; Website Launches, Content Publishing, Monthly Maintenance, Website Auditing, Search Engine Optimization, and much more!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features include:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create unlimited lists for all of your standard operating procedures or one-off to-do’s.\u003C\u002Fli>\n\u003Cli>Fill your lists with the individual steps (tasks) you need to take in order to execute your procedures.\u003C\u002Fli>\n\u003Cli>Add notes to each task to provide more detail or link to instructions.\u003C\u002Fli>\n\u003Cli>Check off tasks as you work through your processes ensuring you never miss a step.\u003C\u002Fli>\n\u003Cli>Access your tasks from a small button in the admin bar, or use the keyboard shortcut.\u003C\u002Fli>\n\u003Cli>Create list ‘templates’ and save them to your cloud library so you can reuse them on any WordPress installation.\u003C\u002Fli>\n\u003Cli>Jumpstart your processes by importing our prebuilt processes list and use them out of the box, or edit them to make them your own.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Make it your own\u003C\u002Fstrong> by using or editing prebuilt lists or easily customize to fit your needs.\u003Cbr \u002F>\n\u003Cstrong>Do more in less time\u003C\u002Fstrong> by standardizing your procedures maximizes your efficiency.\u003Cbr \u002F>\n\u003Cstrong>Develop consistency\u003C\u002Fstrong> by having repeatable processes ensure your work is always done right.\u003Cbr \u002F>\n\u003Cstrong>Improve teamwork\u003C\u002Fstrong> with clear directions and instructions for step-by-step execution. .\u003Cbr \u002F>\n\u003Cstrong>Reduce redundancy\u003C\u002Fstrong> by creating, saving, and accessing lists from unlimited websites.\u003Cbr \u002F>\n\u003Cstrong>Boost creativity\u003C\u002Fstrong> by giving your brain space to focus on creative problem solving.\u003C\u002Fp>\n","The Docket WP plugin connects your Docket WP account into any WordPress installation. You will need a Docket WP account in order to use the plugin.",9415,14,"2022-08-18T17:44:00.000Z","6.0.11","4.7","5.6",[124,125,21,83,23],"docket","docketwp","http:\u002F\u002Fdocketwp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdocket-wp.1.1.4.zip",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":136,"downloaded":137,"rating":63,"num_ratings":138,"last_updated":139,"tested_up_to":140,"requires_at_least":141,"requires_php":142,"tags":143,"homepage":18,"download_link":146,"security_score":99,"vuln_count":89,"unpatched_count":89,"last_vuln_date":37,"fetched_at":30},"todo-block","Todo Block","1.2.0","David Towoju","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavexpression\u002F","\u003Cp>Gutenberg is a great block editor but it does not come with a todo block.\u003C\u002Fp>\n\u003Cp>You can now create to-do lists in WordPress Gutenberg editor.\u003Cbr \u002F>\nYour todo checkboxes will appear both on the \u003Cstrong>frontend\u003C\u002Fstrong> and \u003Cstrong>backend\u003C\u002Fstrong>. It will even keep the current state of the checkbox when shown on the frontend.\u003C\u002Fp>\n\u003Cp>Logged-in users can save their checkbox selections (if enabled per checklist).\u003C\u002Fp>\n\u003Cp>You can use this block to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add tasks to your posts and pages\u003C\u002Fli>\n\u003Cli>Create a checklist of items\u003C\u002Fli>\n\u003Cli>Let logged-in users save their selections\u003C\u002Fli>\n\u003Cli>Set goals and track progress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FxbmKzLUItqU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Adds ToDo list block that shows checkboxes on frontend and backend of your site.",200,6566,3,"2026-03-14T06:33:00.000Z","6.7.5","6.3","7.0",[144,145,4,83,23],"block","checkbox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftodo-block.1.2.0.zip",{"slug":148,"name":149,"version":150,"author":151,"author_profile":152,"description":153,"short_description":154,"active_installs":99,"downloaded":155,"rating":156,"num_ratings":27,"last_updated":157,"tested_up_to":158,"requires_at_least":159,"requires_php":18,"tags":160,"homepage":164,"download_link":165,"security_score":88,"vuln_count":89,"unpatched_count":89,"last_vuln_date":37,"fetched_at":30},"lists-shortcode-and-widget","Lists Shortcode and Widget","1.8","OTWthemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fotwthemes\u002F","\u003Cp>Easily create all different kinds of Ordered and Unordered Lists for your WordPress site. Insert Lists anywhere in your site – page\u002Fpost editor, sidebars, template files. No coding is required. It is all done in a nice and easy interface.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Upgrade to the \u003Cstrong>Pro version\u003C\u002Fstrong> of this plugin – the fastes way to build your WordPress based site including regular updates and premium support:\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002F1.envato.market\u002Fc\u002F1246358\u002F275988\u002F4415?subId1=cm&subId2=2020&subId3=https%3A%2F%2Fcodecanyon.net%2Fitem%2Fcontent-manager-for-wordpress%2F7431829&u=https%3A%2F%2Fcodecanyon.net%2Fitem%2Fcontent-manager-for-wordpress%2F7431829\" rel=\"nofollow ugc\">Content Manager\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fotwthemes.com\u002Fdemos\u002F1ts\u002F?item=Content%20Manager&utm_source=wp.org&utm_medium=page&utm_content=upgrade&utm_campaign=cml\" rel=\"nofollow ugc\">Demo site\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Lists Options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Number of Items \u003C\u002Fli>\n\u003Cli>List Style\u003C\u002Fli>\n\u003Cli>Item 1,2,…10 title \u003C\u002Fli>\n\u003Cli>Custom CSS Class\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Insert Lists Anywhere in your site\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Basically Lists can be inserted anywhere in your site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Page\u002Fpost WYSIWYG editor by using the buttion in the editor\u003C\u002Fli>\n\u003Cli>In sidebars by using the OTW Shortcode Widget\u003C\u002Fli>\n\u003Cli>In template files by using the List’s shortcode and WordPress do_shortcode function\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Custom styling\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you need to further style a List here are your options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Each List shortcode has it’s unique CSS class that can be used to style all Lists.\u003C\u002Fli>\n\u003Cli>Create a new class for each instance of a List shortcode in its interface so you can style it individually.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Localization\u002FInternationalization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin comes Localization\u002FInternationalization ready. It is following WordPress I18n standards.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Full version of the plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Upgrade to the full version of \u003Ca href=\"https:\u002F\u002F1.envato.market\u002Fc\u002F1246358\u002F275988\u002F4415?subId1=cm&subId2=2020&subId3=https%3A%2F%2Fcodecanyon.net%2Fitem%2Fcontent-manager-for-wordpress%2F7431829&u=https%3A%2F%2Fcodecanyon.net%2Fitem%2Fcontent-manager-for-wordpress%2F7431829\" rel=\"nofollow ugc\">Content Manager\u003C\u002Fa> |\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fotwthemes.com\u002Fdemos\u002F1ts\u002F?item=Content%20Manager&utm_source=wp.org&utm_medium=page&utm_content=upgrade&utm_campaign=cml\" rel=\"nofollow ugc\">Demo site\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom Responsive Layouts – Build in Seconds\u003C\u002Fli>\n\u003Cli>Front-end Editor – Edit your layouts and content in the front-end of your site\u003C\u002Fli>\n\u003Cli>40+ Shortcodes with add\u002Fedit Interface, Custom and Imported Shortcodes\u003C\u002Fli>\n\u003Cli>Insert Shortcodes Anywhere – Layouts, Page Editor, Sidebars, Template files\u003C\u002Fli>\n\u003Cli>Insert Sidebars Anywhere – Layouts, Page Editor, Template files\u003C\u002Fli>\n\u003Cli>WordPress Widgets Anywhere – Layouts, Page Editor, Template files\u003C\u002Fli>\n\u003Cli>Content Sidebars\u003C\u002Fli>\n\u003Cli>Support and Updates\u003C\u002Fli>\n\u003Cli>Zero Coding Required\u003C\u002Fli>\n\u003C\u002Ful>\n","Create Lists. Nice and easy interface. Insert anywhere in your site - page\u002Fpost editor, sidebars, template files.",7045,60,"2022-03-04T04:22:00.000Z","5.9.13","3.6",[21,161,22,162,163],"ordered-list","unordered-list","widgets","http:\u002F\u002FOTWthemes.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flists-shortcode-and-widget.zip",{"attackSurface":167,"codeSignals":216,"taintFlows":255,"riskAssessment":281,"analyzedAt":296},{"hooks":168,"ajaxHandlers":204,"restRoutes":205,"shortcodes":206,"cronEvents":215,"entryPointCount":27,"unprotectedCount":89},[169,175,179,183,187,191,196,200],{"type":170,"name":171,"callback":172,"file":173,"line":174},"action","admin_menu","wpa_add_menu","checklist-com.php",28,{"type":170,"name":176,"callback":177,"file":173,"line":178},"admin_init","checklist_com_admin_init",29,{"type":170,"name":180,"callback":181,"file":173,"line":182},"init","plugin_load_textdomain",32,{"type":170,"name":184,"callback":185,"file":173,"line":186},"admin_enqueue_scripts","wpa_scripts",35,{"type":170,"name":188,"callback":189,"file":173,"line":190},"enqueue_scripts","wpf_scripts",36,{"type":192,"name":193,"callback":194,"file":173,"line":195},"filter","mce_external_plugins","wpa_add_buttons",39,{"type":192,"name":197,"callback":198,"file":173,"line":199},"mce_buttons","wpa_register_buttons",40,{"type":170,"name":201,"callback":202,"file":173,"line":203},"after_wp_tiny_mce","wpa_checklist_tinymce_extra_vars",238,[],[],[207,211],{"tag":208,"callback":209,"file":173,"line":210},"checklist-box","register_checklist_box_shortcode",572,{"tag":212,"callback":213,"file":173,"line":214},"checklist-buttons","register_checklist_buttons_shortcode",573,[],{"dangerousFunctions":217,"sqlUsage":218,"outputEscaping":220,"fileOperations":89,"externalRequests":89,"nonceChecks":89,"capabilityChecks":89,"bundledLibraries":251},[],{"prepared":89,"raw":89,"locations":219},[],{"escaped":89,"rawEcho":221,"locations":222},13,[223,226,228,230,232,234,236,238,240,242,244,246,249],{"file":173,"line":224,"context":225},260,"raw output",{"file":173,"line":227,"context":225},290,{"file":173,"line":229,"context":225},294,{"file":173,"line":231,"context":225},298,{"file":173,"line":233,"context":225},302,{"file":173,"line":235,"context":225},306,{"file":173,"line":237,"context":225},312,{"file":173,"line":239,"context":225},320,{"file":173,"line":241,"context":225},328,{"file":173,"line":243,"context":225},337,{"file":173,"line":245,"context":225},339,{"file":247,"line":248,"context":225},"images\\checklist-icon.php",4,{"file":250,"line":248,"context":225},"images\\ic_print_white_24px.php",[252],{"name":253,"version":37,"knownCves":254},"TinyMCE",[],[256,273],{"entryPoint":257,"graph":258,"unsanitizedCount":28,"severity":272},"\u003Cchecklist-icon> (images\\checklist-icon.php:0)",{"nodes":259,"edges":269},[260,264],{"id":261,"type":262,"label":263,"file":247,"line":138},"n0","source","$_GET",{"id":265,"type":266,"label":267,"file":247,"line":248,"wp_function":268},"n1","sink","echo() [XSS]","echo",[270],{"from":261,"to":265,"sanitized":271},false,"low",{"entryPoint":274,"graph":275,"unsanitizedCount":28,"severity":272},"\u003Cic_print_white_24px> (images\\ic_print_white_24px.php:0)",{"nodes":276,"edges":279},[277,278],{"id":261,"type":262,"label":263,"file":250,"line":138},{"id":265,"type":266,"label":267,"file":250,"line":248,"wp_function":268},[280],{"from":261,"to":265,"sanitized":271},{"summary":282,"deductions":283},"The \"checklist\" plugin v1.1.9 exhibits a mixed security posture. While it demonstrates good practices by utilizing prepared statements for all SQL queries and avoiding dangerous functions and file operations, significant concerns exist regarding output escaping and its vulnerability history. The static analysis reveals that 100% of outputs are not properly escaped, presenting a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This is further amplified by the taint analysis, which shows two flows with unsanitized paths, indicating potential for malicious input to reach sensitive functions.\n\nThe plugin's vulnerability history is particularly concerning, with two known CVEs, one of which remains unpatched. The common vulnerability type reported is Cross-Site Scripting, directly correlating with the unescaped output identified in the static analysis. The presence of an unpatched medium severity vulnerability is a critical issue that requires immediate attention. While the plugin has a limited attack surface and no apparent unprotected entry points, the combination of widespread output escaping issues and a history of XSS vulnerabilities, including an unpatched one, paints a picture of a plugin that, despite some good practices, carries a significant and ongoing risk to WordPress installations.",[284,287,290,292,294],{"reason":285,"points":286},"Unpatched CVEs",15,{"reason":288,"points":289},"Unescaped output detected",5,{"reason":291,"points":100},"Taint flows with unsanitized paths",{"reason":293,"points":289},"No nonce checks",{"reason":295,"points":289},"No capability checks","2026-03-16T19:48:02.755Z",{"wat":298,"direct":307},{"assetPaths":299,"generatorPatterns":303,"scriptPaths":304,"versionParams":306},[300,301,302],"\u002Fwp-content\u002Fplugins\u002Fchecklist\u002Fimages\u002Fic_print_white_24px.php","\u002Fwp-content\u002Fplugins\u002Fchecklist\u002Fimages\u002Fchecklist-icon.php","\u002Fwp-content\u002Fplugins\u002Fchecklist\u002Fcss\u002Fchecklist.css",[],[305],"\u002Fwp-content\u002Fplugins\u002Fchecklist\u002Fjs\u002Fchecklist.js",[],{"cssClasses":308,"htmlComments":313,"htmlAttributes":314,"restEndpoints":316,"jsGlobals":317,"shortcodeOutput":318},[309,310,212,208,311,312],"checklist-button","checklist-image","checklist-title","checklist-powered",[],[315],"onclick",[],[],[319,320,321,322,323,324],"\u003Cdiv class=\"checklist-buttons\" id=\"checklist-id-","\u003Cdiv id=\"checklist-id-","class=\"checklist-box\"","class=\"checklist-title\">","class=\"checklist-powered\">Powered By \u003Ca href=\"https:\u002F\u002Fchecklist.com\" target=\"_blank\">Checklist\u003C\u002Fa>\u003C\u002Fdiv>","class=\"checklist-button\""]