[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOGPcoRvv9X6gUcqDs5XMdLeLBmL0m9Yhz7Uhknx_gS4":3,"$fPDiY8JdVKEzFsgj4QWYMQZRqWH20RBqqRWKE349QW4I":216,"$ftxl-_V0gOkBfrBbJ4__yvYzvcdGqELzs2w_CYt29gYc":221},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":136,"fingerprints":195},"covid-19-corona-virus-report","Covid-19 Corona Virus Report","1.0","kinjaldalwadi","https:\u002F\u002Fprofiles.wordpress.org\u002Fkinjaldalwadi\u002F","\u003Cp>This plugin will display summary of COVID-19 Corona Virus with search filter and pagination.\u003C\u002Fp>\n\u003Cp>Plugin Functionality:\u003Cbr \u002F>\n* Allow to admin for display Reports of Corona Virus.\u003Cbr \u002F>\n* Just place shortcode [CVUPDATES_COVID19_Reports] on any post\u002Fpage.\u003Cbr \u002F>\n* Do not need to edit any code\u003Cbr \u002F>\n* Gutenberg supported\u003C\u002Fp>\n\u003Cp>THIRD PARTY SERVICES API\u003C\u002Fp>\n\u003Cp>API website: https:\u002F\u002Fcorona.lmao.ninja\u002F .It will collect live data from https:\u002F\u002Fwww.worldometers.info\u002Fcoronavirus\u002F\u003Cbr \u002F>\nAPI Privacy Policy : https:\u002F\u002Fgithub.com\u002FNovelCOVID\u002FAPI\u002Fblob\u002Fmaster\u002Fprivacy.md\u003C\u002Fp>\n","This plugin will display summary of COVID-19 Corona Virus with search filter and pagination.",10,1567,0,"2025-04-09T10:25:00.000Z","6.7.5","4.0","",[19,20,21,22],"corona","country","covid-19","worldwide","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcovid-19-corona-virus-report.zip",92,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},5,70,30,88,"2026-05-20T11:21:40.555Z",[36,59,80,103,118],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":58},"yatko-coronavirus","Coronavirus Update","1.1.2","Yatko","https:\u002F\u002Fprofiles.wordpress.org\u002Fyatko\u002F","\u003Cp>COVID-19 Plugin\u003C\u002Fp>\n\u003Ch3>Coronavirus Plugin for WordPress\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>IMPORTANT:\u003C\u002Fstrong> the plugin is evolving daily, please don’t hesitate to add your idea, request changes and features or to report a bug: \u003Ca href=\"https:\u002F\u002Fquarantine.country\u002Fcoronavirus\u002Fplugins\u002Fwordpress\u002Fissues\" rel=\"nofollow ugc\">https:\u002F\u002Fquarantine.country\u002Fcoronavirus\u002Fplugins\u002Fwordpress\u002Fissues\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Coronavirus Update Widget\u003C\u002Fstrong> with coronavirus tracker. Cases by country and by state. Free COVID-19 live update for WordPress, based on multiple sources via \u003Ca href=\"https:\u002F\u002Fapi.quarantine.country\" rel=\"nofollow ugc\">coronavirus API\u003C\u002Fa>. Source code and .zip download soon, see demo:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcoronavirus.cases.today\u002Fusa\u002F\" rel=\"nofollow ugc\">Coronavirus update USA\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcoronavirus.cases.today\u002Fspain\u002F\" rel=\"nofollow ugc\">Casos de coronavirus en España\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Coronavirus Update for WordPress is built on the robust and reliable coronavirus data API: api.quarantine.country. By accessing the API, you are not sharing any information. The service is free and does not collect data about you or your WordPress website. Please read and accept the api.quarantine.country \u003Ca href=\"https:\u002F\u002Fquarantine.country\u002Fcoronavirus\u002Fapi\u002Fprivacy.html\" rel=\"nofollow ugc\">privacy policy\u003C\u002Fa> to understand and to use the service.\u003C\u002Fp>\n","Coronavirus Update: WordPress Plugin and Widget with coronavirus tracker. Cases by country and by state. Free COVID-19 live update for WordPress.",2214,100,1,"2020-04-01T21:48:00.000Z","5.4.19","5.0","5.6",[52,53,20,21,54],"corona-virus","coronavirus","state","https:\u002F\u002Fquarantine.country\u002Fcoronavirus\u002Fplugins\u002Fwordpress\u002Fcoronavirus-update","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyatko-coronavirus.zip",85,"2026-04-06T09:54:40.288Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":78,"download_link":79,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"corona-virus-data","Corona Virus Data","1.4.3","Duke Yin","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreeduke\u002F","\u003Cp>This plugin displays the Coronavirus case data of the whole world and country you care through shortcodes \u003Ccode>[cov2019]\u003C\u002Fcode> \u003Ccode>[cov2019all]\u003C\u002Fcode> or \u003Ccode>[cov2019map]\u003C\u002Fcode> in your WordPress post or page.\u003C\u002Fp>\n\u003Cp>You can see how many patient(s) are confirmed, dead or recovered, in the world, and the country or region you select.\u003C\u002Fp>\n\u003Cp>This plugin is free to use.\u003C\u002Fp>\n\u003Cp>Praying for those affected by the coronavirus and those who are worried. May everyone in this world be healthy.\u003C\u002Fp>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019]\u003C\u002Fcode> Showing global COVID data.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019contry]\u003C\u002Fcode> Showing COVID data of the country or region you select.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019all]\u003C\u002Fcode> Showing data of all countries in a table.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019map]\u003C\u002Fcode> Showing a map with data of each country.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019history]\u003C\u002Fcode>  A line chart showing global historical daily data.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019historyc]\u003C\u002Fcode>  A line chart showing historical daily data of the country you select.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019namerica]\u003C\u002Fcode> Data of North America.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019samerica]\u003C\u002Fcode> Data of South America.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019europe]\u003C\u002Fcode> Data of Europe.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019asia]\u003C\u002Fcode> Data of Asia.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019oceania]\u003C\u002Fcode> Data of Oceania.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[cov2019africa]\u003C\u002Fcode> Data of Africa.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Current API information\u003C\u002Fh3>\n\u003Cp>NovelCOVID\u002FAPI\u003C\u002Fp>\n\u003Cp>API website: https:\u002F\u002Fgithub.com\u002FNovelCOVID\u002FAPI\u003C\u002Fp>\n\u003Cp>License: https:\u002F\u002Fgithub.com\u002FNovelCOVID\u002FAPI\u002Fblob\u002Fmaster\u002FLICENSE\u003C\u002Fp>\n\u003Cp>Endpoint: https:\u002F\u002Fdisease.sh\u002F\u003C\u002Fp>\n\u003Cp>Privacy policy: https:\u002F\u002Fgithub.com\u002FNovelCOVID\u002FAPI\u002Fblob\u002Fmaster\u002Fprivacy.md\u003C\u002Fp>\n\u003Cp>Please read the Privacy Policy of this API before you download and install this plugin in your website.\u003C\u002Fp>\n\u003Ch3>Third party services\u003C\u002Fh3>\n\u003Cp>Mapbox: https:\u002F\u002Fwww.mapbox.com\u002F\u003Cbr \u002F>\n* Mapbox Term of ues: https:\u002F\u002Fwww.mapbox.com\u002Flegal\u002Ftos\u002F\u003Cbr \u002F>\n* Mapbox Privacy policy: https:\u002F\u002Fwww.mapbox.com\u002Flegal\u002Fprivacy\u002F\u003C\u002Fp>\n","This plugin displays the Coronavirus case data through shortcodes [cov2019] [cov2019all] or [cov2019map] in your WordPress post or page.",1000,69295,94,13,"2024-05-22T03:06:00.000Z","6.6.5","3.0.1","7.2",[52,53,21,76,77],"ncov19","%e5%86%a0%e7%8a%b6%e7%97%85%e6%af%92","https:\u002F\u002Fwww.dukeyin.com\u002Fcorona-virus-data\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcorona-virus-data.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":45,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":17,"download_link":99,"security_score":100,"vuln_count":101,"unpatched_count":13,"last_vuln_date":102,"fetched_at":26},"corona-virus-covid-19-banner","Simple Website Banner","1.8.0.4","Nick Tomkin","https:\u002F\u002Fprofiles.wordpress.org\u002Forchestrated\u002F","\u003Cp>This is a very simple plugin with a sole purpose of allowing you to inform your visitors of an upcoming event, updated store hours, or other important message you want to display.\u003C\u002Fp>\n","This is a very simple plugin with a sole purpose of allowing you to inform your visitors of an upcoming event, updated store hours, or other important &hellip;",700,54399,8,"2024-05-09T20:33:00.000Z","6.4.8","5.1","7.4",[96,53,97,21,98],"banner","covid","simple-web","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcorona-virus-covid-19-banner.1.8.0.4.zip",84,2,"2024-05-06 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":45,"num_ratings":46,"last_updated":113,"tested_up_to":48,"requires_at_least":73,"requires_php":17,"tags":114,"homepage":116,"download_link":117,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"corona-virus-covid19-banner","South African COVID19 Banner","0.4.6","bridgementdevops","https:\u002F\u002Fprofiles.wordpress.org\u002Fbridgementdevops\u002F","\u003Cp>As of 26 March 2020, a new regulation (see reference below) was created in South Africa, requiring all websites operating within the .za top level domain name to have a landing page with a visible link to www.sacoronavirus.co.za.\u003Cbr \u002F>\nThis plugin will make you 100% compliant with the new regulation by adding a discrete, styled banner on the bottom right-hand side of the page which includes the link to the Department of Health’s official Covid-19 page.\u003C\u002Fp>\n\u003Cp>Once installed you can also customise the banner from the plugin’s setting page. The following features are available with many more to follow:\u003Cbr \u002F>\n1. Customise font and background colours to fit in with your website’s colour palette\u003Cbr \u002F>\n2. Customise the text that appears in the banner\u003Cbr \u002F>\n3. Include a link to help others add the banner to their own websites\u003Cbr \u002F>\n4. Select pages on your website where you don’t want the banner to appear\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Paragraph 5.1.4 in the Government Gazette 43164:\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>All internet sites operating within .zaDNA top level domain name must have a landing page with a visible link to www.sacoronavirus.co.za\u003C\u002Fem>\u003C\u002Fp>\n","Comply with new South African Covid-19 regulations requiring all websites ending in .ZA to show a link to the official government page.",60,3674,"2020-06-15T05:07:00.000Z",[52,53,21,115],"covid19","https:\u002F\u002Fwww.bridgement.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcorona-virus-covid19-banner.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":13,"num_ratings":13,"last_updated":128,"tested_up_to":129,"requires_at_least":93,"requires_php":130,"tags":131,"homepage":134,"download_link":135,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"covid-19-float-button","COVID-19 Float Button","1.1","barthusz","https:\u002F\u002Fprofiles.wordpress.org\u002Fbarthusz\u002F","\u003Cp>This plugin creates a floating button with a link to a read more page (which you have to create yourself), meant for COVID-19 information. You can choose from different icons and set the colors, text, link and position of the button (including offset) in the WordPress backend. It is aimed to be simple and lightweight.\u003C\u002Fp>\n","Creates a floating button with a link to a read more page.",40,2036,"2022-01-29T14:35:00.000Z","5.9.13","7.0",[19,53,21,132,133],"floating-button","information","https:\u002F\u002Fwww.bartsalle.nl\u002Fdownload\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcovid-19-float-button.1.1.zip",{"attackSurface":137,"codeSignals":153,"taintFlows":183,"riskAssessment":184,"analyzedAt":194},{"hooks":138,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":152,"entryPointCount":46,"unprotectedCount":13},[139],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","wp_enqueue_scripts","covid19_updates_scripts","covid19-corona-virus-reports.php",71,[],[],[148],{"tag":149,"callback":150,"file":143,"line":151},"CVUPDATES_COVID19_Reports","CVUPDATES_COVID19_Shortcode",61,[],{"dangerousFunctions":154,"sqlUsage":155,"outputEscaping":157,"fileOperations":13,"externalRequests":46,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":179},[],{"prepared":13,"raw":13,"locations":156},[],{"escaped":13,"rawEcho":158,"locations":159},9,[160,163,165,167,169,171,173,175,177],{"file":143,"line":161,"context":162},42,"raw output",{"file":143,"line":164,"context":162},43,{"file":143,"line":166,"context":162},44,{"file":143,"line":168,"context":162},45,{"file":143,"line":170,"context":162},46,{"file":143,"line":172,"context":162},47,{"file":143,"line":174,"context":162},48,{"file":143,"line":176,"context":162},49,{"file":143,"line":178,"context":162},50,[180],{"name":181,"version":25,"knownCves":182},"DataTables",[],[],{"summary":185,"deductions":186},"The \"covid-19-corona-virus-report\" plugin v1.0 exhibits a mixed security posture.  While it boasts a very small attack surface with only one shortcode and no AJAX handlers, REST API routes, or cron events exposed, its code analysis reveals significant security concerns, primarily related to output sanitization.  The absence of any output escaping on the 9 identified outputs is a major red flag, indicating a high potential for cross-site scripting (XSS) vulnerabilities.  Furthermore, the lack of nonce checks and capability checks on its single entry point (the shortcode) means that even without a direct AJAX or REST API vulnerability, an attacker could potentially trigger the shortcode's functionality without proper authorization, though the absence of taint analysis findings limits the immediate severity of this.  The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator, suggesting that past development might have been diligent or that the plugin is simply not a target of widespread vulnerability discovery.  However, this lack of history doesn't negate the immediate risks identified in the current static analysis, particularly the unescaped output.  In conclusion, while the plugin has strengths in its limited attack surface and lack of known vulnerabilities, the critical deficiency in output escaping presents a clear and present danger that requires immediate attention to prevent potential XSS attacks.",[187,190,192],{"reason":188,"points":189},"Output escaping missing on all outputs",15,{"reason":191,"points":30},"No nonce checks on entry points",{"reason":193,"points":30},"No capability checks on entry points","2026-04-16T12:16:35.782Z",{"wat":196,"direct":206},{"assetPaths":197,"generatorPatterns":203,"scriptPaths":204,"versionParams":205},[198,199,200,201,202],"\u002Fwp-content\u002Fplugins\u002Fcovid-19-corona-virus-report\u002Fjs\u002Fjquery.dataTables.min.js","\u002Fwp-content\u002Fplugins\u002Fcovid-19-corona-virus-report\u002Fjs\u002FdataTables.responsive.min.js","\u002Fwp-content\u002Fplugins\u002Fcovid-19-corona-virus-report\u002Fcss\u002Fjquery.dataTables.min.css","\u002Fwp-content\u002Fplugins\u002Fcovid-19-corona-virus-report\u002Fcss\u002Fresponsive.dataTables.min.css","\u002Fwp-content\u002Fplugins\u002Fcovid-19-corona-virus-report\u002Fjs\u002Fcustom.js",[],[198,199,202],[],{"cssClasses":207,"htmlComments":210,"htmlAttributes":211,"restEndpoints":212,"jsGlobals":213,"shortcodeOutput":214},[208,209],"display","nowrap",[],[],[],[],[215],"\u003Ctable id=\"covid19\"  class=\"display nowrap\" cellspacing=\"0\" width=\"100%\">",{"error":217,"url":218,"statusCode":219,"statusMessage":220,"message":220},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcovid-19-corona-virus-report\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":222},[]]