[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKB4Crqg0iD547BFCTrSb0SuHIn2-_8ccvDEeSEC1ZIs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":100,"crawl_stats":38,"alternatives":105,"analysis":208,"fingerprints":759},"crelly-slider","Crelly Slider","1.4.7","Fabio Rinaldi","https:\u002F\u002Fprofiles.wordpress.org\u002Ffabiorino\u002F","\u003Cp>Crelly Slider is a Free \u002F Open Source responsive WordPress slider that supports layers. You can add Texts, Images, YouTube\u002FVimeo videos using a powerful Drag & Drop Builder and animate each of them. It is perfect to display your creative content in posts and pages.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcrellyslider.altervista.org\u002F\" rel=\"nofollow ugc\">Official WebSite (with live demo)\u003C\u002Fa>\u003Cbr \u002F>\n\u003C\u002Fp>\n\u003Ch4>User Friendly Admin Panel\u003C\u002Fh4>\n\u003Cp>Crelly Slider does not require any Coding Knowledge. With the simple admin panel you will be able to create the sliders in the easiest way. Upload images with the default WordPress interface or choose colors using the picker.\u003C\u002Fp>\n\u003Ch4>High Cross Browser Compatibility\u003C\u002Fh4>\n\u003Cp>Most of the animations and the transitions are written in jQuery (using the “animate” function). In this way we can assure the compatibility with modern (even Android and iOs) and older browsers.\u003C\u002Fp>\n\u003Ch4>Drag and Drop Builder\u003C\u002Fh4>\n\u003Cp>How can you position all the elements in to the slider area? You just simply drag them in to the desired position. Like in Powerpoint, you just have to move the object around the Slide.\u003C\u002Fp>\n\u003Ch4>Transitions & Animations\u003C\u002Fh4>\n\u003Cp>Foreach element and slide you can choose an in animation and an out animation using a simple selection menu. You can set the transition speeds and how long the element will take to get in and out.\u003C\u002Fp>\n\u003Ch4>Completely Responsive\u003C\u002Fh4>\n\u003Cp>Responsive means that the Slider will be displayed correctly in every resolution that the user will use. If the display is small (like in a smartphone), the slides and the elements will be scaled to be adapted.\u003C\u002Fp>\n\u003Ch4>Full & Fixed Width Modes\u003C\u002Fh4>\n\u003Cp>Using Crelly Slider you can select between a fixed or a full-width layout (both of them can be responsive). You are the designer, you own the WebSite, just choose the best for it.\u003C\u002Fp>\n","A free responsive slider that supports layers. Add texts, images, videos and beautify them with transitions and animations.",10000,355100,98,112,"2025-01-02T11:27:00.000Z","6.7.5","4.6","",[20,21,22,23,24],"animations","layers","slider","texts","transitions","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcrelly-slider\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrelly-slider.1.4.7.zip",63,5,1,"2025-01-06 00:00:00","2026-03-15T15:16:48.613Z",[33,48,62,69,85],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-13116","crelly-slider-authenticated-admin-stored-cross-site-scripting-2","Crelly Slider \u003C= 1.4.6 - Authenticated (Admin+) Stored Cross-Site Scripting","The Crelly Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.4.5","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-02-18 14:46:32",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd3945a60-6be2-4ce5-850e-a214523fb584?source=api-prod",44,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":53,"severity":40,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"CVE-2024-33542","crelly-slider-authenticated-subscriber-insecure-direct-object-reference","Crelly Slider \u003C= 1.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference","The Crelly Slider plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.4.5 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.","1.4.6",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Authorization Bypass Through User-Controlled Key","2024-04-25 00:00:00","2024-05-31 18:49:20",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4acc1fd2-0024-4c35-b8c6-94203b91e985?source=api-prod",37,{"id":63,"url_slug":64,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":65,"updated_date":66,"references":67,"days_to_patch":38},"CVE-2024-3752","crelly-slider-authenticated-admin-stored-cross-site-scripting","2024-04-15 00:00:00","2024-05-31 18:49:27",[68],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa885e5db-dc84-46db-960e-63f62709e1b1?source=api-prod",{"id":70,"url_slug":71,"title":72,"description":73,"plugin_slug":4,"theme_slug":38,"affected_versions":74,"patched_in_version":75,"severity":76,"cvss_score":77,"cvss_vector":78,"vuln_type":79,"published_date":80,"updated_date":81,"references":82,"days_to_patch":84},"CVE-2019-15866","crelly-slider-arbitrary-file-upload","Crelly Slider \u003C= 1.3.4 - Arbitrary File Upload","The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider.","\u003C=1.3.4","1.3.5","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2019-06-06 00:00:00","2024-08-15 18:22:27",[83],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd9fbd7ee-cfd0-4621-9eb9-df0202657ce9?source=api-prod",1898,{"id":86,"url_slug":87,"title":88,"description":89,"plugin_slug":4,"theme_slug":38,"affected_versions":90,"patched_in_version":91,"severity":76,"cvss_score":92,"cvss_vector":93,"vuln_type":94,"published_date":95,"updated_date":96,"references":97,"days_to_patch":99},"WF-473ff00e-e045-4b66-b0af-89d666de4de8-crelly-slider","crelly-slider-sql-injection","Crelly Slider \u003C= 1.1.1 - SQL Injection","The Crelly Slider plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter found in the ~\u002Fwordpress\u002Fadmin.php file in versions up to, and including, 1.1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers with administrative privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","\u003C=1.1.1","1.1.2",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2017-06-05 00:00:00","2024-01-22 19:56:02",[98],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F473ff00e-e045-4b66-b0af-89d666de4de8?source=api-prod",2423,{"slug":101,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":102,"trust_score":103,"computed_at":104},"fabiorino",1101,53,"2026-04-04T02:44:57.834Z",[106,127,148,169,190],{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":11,"downloaded":114,"rating":115,"num_ratings":116,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":124,"download_link":125,"security_score":115,"vuln_count":126,"unpatched_count":126,"last_vuln_date":38,"fetched_at":31},"view-transitions","View Transitions","1.2.0","WordPress Performance Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fperformanceteam\u002F","\u003Cp>This plugin implements support for \u003Ca href=\"https:\u002F\u002Fdeveloper.chrome.com\u002Fdocs\u002Fweb-platform\u002Fview-transitions\u002Fcross-document\" rel=\"nofollow ugc\">cross-document view transitions\u003C\u002Fa> in WordPress. This effectively replaces the hard transitions when navigating from one URL to the other with a smooth animation, by default using a fade effect.\u003C\u002Fp>\n\u003Ch4>Browser support\u003C\u002Fh4>\n\u003Cp>Cross-document view transitions are supported in a variety of browsers, including Chrome, Edge, and Safari. Users with browsers that currently do not support it should not see any adverse effects when the plugin is active. They will simply not benefit from the feature and continue to experience the traditional hard transitions between URLs.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcaniuse.com\u002Fmdn-css_at-rules_view-transition\" rel=\"nofollow ugc\">Please refer to “Can I use…” for a comprehensive overview of browser support for the feature.\u003C\u002Fa>\u003C\u002Fp>\n","Adds smooth transitions between navigations to your WordPress site.",51865,100,23,"2026-02-27T20:19:00.000Z","7.0","6.6","7.2",[20,122,123,107],"performance","smooth-transitions","https:\u002F\u002Fgithub.com\u002FWordPress\u002Fperformance\u002Ftree\u002Ftrunk\u002Fplugins\u002Fview-transitions","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fview-transitions.1.2.0.zip",0,{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":115,"num_ratings":137,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":146,"download_link":147,"security_score":115,"vuln_count":126,"unpatched_count":126,"last_vuln_date":38,"fetched_at":31},"cinematic","Cinematic 3D Parallax Touch Slider","1.0.0","Bukza","https:\u002F\u002Fprofiles.wordpress.org\u002Fbukza\u002F","\u003Cp>Cinematic – is a responsive. touch-friendly Slider that displays your content with parallax 3D effect.\u003Cbr \u002F>\nYou can easily prepare layers for your own images in photo editor – a video lesson for Adobe Photoshop is included.\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fw63lzbJ2g7I?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=w63lzbJ2g7I\" title=\"See in action on the video!\" rel=\"nofollow ugc\">Video\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcinematic.bukza.com\u002F\" title=\"Visit our website to see live demo!\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fcinematic-3d-parallax-touch-slider-for-wordpress\u002F23379722\" title=\"Check out our PRO version with more features.\" rel=\"nofollow ugc\">Pro Version\u003C\u002Fa>\u003C\u002Fp>\n","Responsive 3D Parallax Touch Slider. The most realistic mobile 3D layer photo animation in the market.",60,3686,2,"2025-05-16T03:56:00.000Z","6.8.5","4.7","5.4",[143,21,144,22,145],"3d","parallax","slideshow","https:\u002F\u002Fcinematic.bukza.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcinematic.zip",{"slug":149,"name":150,"version":151,"author":152,"author_profile":153,"description":154,"short_description":155,"active_installs":135,"downloaded":156,"rating":115,"num_ratings":28,"last_updated":157,"tested_up_to":158,"requires_at_least":159,"requires_php":18,"tags":160,"homepage":166,"download_link":167,"security_score":168,"vuln_count":126,"unpatched_count":126,"last_vuln_date":38,"fetched_at":31},"motion","Motion","0.5","Adam Pery","https:\u002F\u002Fprofiles.wordpress.org\u002Fadam1920\u002F","\u003Cp>Motion WordPress Plugin based on Motion UI by ZURB – a Sass library for creating CSS transitions and animations.\u003Cbr \u002F>\nProvide user friendly solution to beautiful CSS3 animations on WordPress Posts, Pages and Widgets.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fmotion.tadam.co.il\u002F\" rel=\"nofollow ugc\">Motion Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F8QMMndMZOCE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Some of the Key features Include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>CSS animations\u003C\u002Fli>\n\u003Cli>CSS transitions\u003C\u002Fli>\n\u003Cli>Allowing user to apply CSS3 animations on WordPress Posts, Pages and Widgets\u003C\u002Fli>\n\u003Cli>Animation on Scroll, bases on wow.js\u003C\u002Fli>\n\u003Cli>Different scroll offset on individual animation blocks\u003C\u002Fli>\n\u003Cli>Delay to create a nice animation sequence\u003C\u002Fli>\n\u003Cli>Animation duration\u003C\u002Fli>\n\u003Cli>Enable or disable animations on mobile\u003C\u002Fli>\n\u003Cli>Enable or disable checking for new elements on the page\u003C\u002Fli>\n\u003Cli>Custom box class setting\u003C\u002Fli>\n\u003Cli>Custom animate class setting\u003C\u002Fli>\n\u003Cli>Custom CSS setting\u003C\u002Fli>\n\u003Cli>Allow users to apply animation on WordPress Widgets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All the CSS3 animations are from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fzurb\u002Fmotion-ui\" title=\"Motion UI\" rel=\"nofollow ugc\">Motion UI\u003C\u002Fa>\u003Cbr \u002F>\nWOW.js are from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmatthieua\u002FWOW\" title=\"WOW\" rel=\"nofollow ugc\">WOW\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>[motion data-animate=”slideInUp” data-speed=”slow” data-easing=”linear” data-delay=”short-delay” data-animation=”shake” data-offset=”100″ custom_class=”your_custom_class”][\u002Fmotion]\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fmotion.tadam.co.il\u002F\" rel=\"nofollow ugc\">Motion Demo\u003C\u002Fa>\u003C\u002Fp>\n","Motion WordPress Plugin provide user friendly solution to beautiful CSS3 animations.",4283,"2015-10-22T09:31:00.000Z","4.0.38","4.0",[161,162,163,164,165],"animate","css-animations","css-transitions","motion-ui","zurb","http:\u002F\u002Fmotion.tadam.co.il\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmotion.zip",85,{"slug":170,"name":171,"version":172,"author":173,"author_profile":174,"description":175,"short_description":176,"active_installs":177,"downloaded":178,"rating":115,"num_ratings":137,"last_updated":179,"tested_up_to":180,"requires_at_least":181,"requires_php":18,"tags":182,"homepage":187,"download_link":188,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":189,"fetched_at":31},"simple-text-slider","Simple Text Slider","1.0.5","w1zzard","https:\u002F\u002Fprofiles.wordpress.org\u002Fw1zzard\u002F","\u003Cp>This plugin adds a simple shortcode to your wordpress installation. With the [simple-text-slider] shortcode you can output multiple vertical text slider with global or individual color and style settings.\u003C\u002Fp>\n\u003Cp>Demo: \u003Ca href=\"https:\u002F\u002Ftom-henneken.de\u002Fsimple-text-slider-demos\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Ftom-henneken.de\u002Fsimple-text-slider-demos\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The animations are implemented with dynamic css animations and therefore very smooth.\u003C\u002Fp>\n","A simple text slider plugin for several vertical textslider via shortcode.",30,4300,"2016-10-31T11:11:00.000Z","4.6.30","3.5",[22,183,184,185,186],"slides","text","textslider","vertical","http:\u002F\u002Ftom-henneken.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-text-slider.1.0.5.zip","2025-09-05 00:00:00",{"slug":191,"name":192,"version":193,"author":194,"author_profile":195,"description":196,"short_description":197,"active_installs":198,"downloaded":199,"rating":115,"num_ratings":29,"last_updated":200,"tested_up_to":201,"requires_at_least":159,"requires_php":18,"tags":202,"homepage":18,"download_link":206,"security_score":168,"vuln_count":126,"unpatched_count":126,"last_vuln_date":38,"fetched_at":207},"page-slideshow","Page slideshow","0.4.4","adriankremer","https:\u002F\u002Fprofiles.wordpress.org\u002Fadriankremer\u002F","\u003Cp>Page Slideshow is a clean plugin with which you can create a slideshow for every web page. Simply choose your desired images in the WordPressStyle media library via the Drag and Drop method and design your own individual slideshow. This plugin also supports texts and headlines and uses the responsive \u003Ca href=\"http:\u002F\u002Fwww.woothemes.com\u002Fflexslider\u002F\" rel=\"nofollow ugc\">Flexslider\u003C\u002Fa> provided by Woothemes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>After having successfully installed Page Slideshow, the plugin offers different options to create and edit your slideshow. Within the settings, you will find the following options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Position: Determines when the slideshow will be created. It can either be placed before the actual content or after it\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Animation: The slideshow’s animation option regulates in which style the slideshow switches from one slide to the other. You can choose between a ‘Fade’ mode, which generates an alpha effect and a ‘Slide’ mode that creates a flowing transition\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Navigation: You can choose between two different methods with which to navigate your slideshow:\u003C\u002Fp>\n\u003Col>\n\u003Cli>With the help of navigation points, which are visibly displayed as dots on the bottom of the slides and can be used to navigate between slides\u003C\u002Fli>\n\u003Cli>By using the navigation arrows that appear on each side of the slideshow during a mouseover\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Both of these methods can be displayed simultaneously\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Image size: The chosen image size affects the maximum solution of the slideshow images\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Creation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you have installed and activated the plugin, a new slideshow section will be generated on the bottom half of the content part on every available web page. Here you will find a ‘+’ (plus) button that calls for you to choose or to upload an image. Once you have picked the desired image, it can be inserted into the slideshow range using the ‘Use Image’ button. Afterwards the chosen image appears in a box with the option to add text. The slideshow will be shown on the respective web page.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>The slides can be arranged as may be required by dragging them to their desired position via Drag and Drop.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The slideshow’s layout automatically adjusts to the conditions of the terminal device owing to a responsive web design.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","With Page Slideshow you can create individual, responsive and sortable slideshows. Uses performance-friendly CSS3 transitions.",10,3469,"2015-06-18T08:03:00.000Z","4.2.39",[203,204,205,145,24],"flexslider","page","responsive","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpage-slideshow.0.4.4.zip","2026-03-15T14:54:45.397Z",{"attackSurface":209,"codeSignals":290,"taintFlows":563,"riskAssessment":743,"analyzedAt":758},{"hooks":210,"ajaxHandlers":243,"restRoutes":283,"shortcodes":284,"cronEvents":289,"entryPointCount":198,"unprotectedCount":126},[211,216,220,224,228,233,235,239],{"type":212,"name":213,"callback":214,"file":215,"line":198},"action","admin_menu","CrellySliderAdmin::pluginMenus","wordpress\\admin.php",{"type":212,"name":217,"callback":218,"priority":29,"file":215,"line":219},"admin_print_footer_scripts","printTinyMCEOptions",262,{"type":212,"name":221,"callback":222,"file":215,"line":223},"admin_head","CrellySliderAdmin::rawHeadAssets",281,{"type":212,"name":225,"callback":226,"file":215,"line":227},"admin_enqueue_scripts","CrellySliderAdmin::enqueues",282,{"type":212,"name":229,"callback":230,"file":231,"line":232},"wp_enqueue_scripts","CrellySliderCommon::enqueues","wordpress\\common.php",21,{"type":212,"name":225,"callback":230,"file":231,"line":234},22,{"type":212,"name":236,"callback":237,"file":231,"line":238},"plugins_loaded","CrellySliderCommon::textDomain",26,{"type":212,"name":229,"callback":240,"file":241,"line":242},"CrellySliderFrontend::notAdminJs","wordpress\\frontend.php",16,[244,251,255,259,263,267,271,275,279],{"action":245,"nopriv":246,"callback":247,"hasNonce":248,"hasCapCheck":248,"file":249,"line":250},"crellyslider_listSlidersForGutenberg",false,"crellyslider_listSlidersForGutenberg_callback",true,"wordpress\\ajax.php",68,{"action":252,"nopriv":246,"callback":253,"hasNonce":248,"hasCapCheck":248,"file":249,"line":254},"crellyslider_addSlider","crellyslider_addSlider_callback",125,{"action":256,"nopriv":246,"callback":257,"hasNonce":246,"hasCapCheck":248,"file":249,"line":258},"crellyslider_editSlider","crellyslider_editSlider_callback",194,{"action":260,"nopriv":246,"callback":261,"hasNonce":246,"hasCapCheck":248,"file":249,"line":262},"crellyslider_editSlides","crellyslider_editSlides_callback",266,{"action":264,"nopriv":246,"callback":265,"hasNonce":246,"hasCapCheck":248,"file":249,"line":266},"crellyslider_editElements","crellyslider_editElements_callback",346,{"action":268,"nopriv":246,"callback":269,"hasNonce":248,"hasCapCheck":248,"file":249,"line":270},"crellyslider_deleteSlider","crellyslider_deleteSlider_callback",438,{"action":272,"nopriv":246,"callback":273,"hasNonce":248,"hasCapCheck":248,"file":249,"line":274},"crellyslider_duplicateSlider","crellyslider_duplicateSlider_callback",492,{"action":276,"nopriv":246,"callback":277,"hasNonce":248,"hasCapCheck":248,"file":249,"line":278},"crellyslider_exportSlider","crellyslider_exportSlider_callback",593,{"action":280,"nopriv":246,"callback":281,"hasNonce":248,"hasCapCheck":248,"file":249,"line":282},"crellyslider_importSlider","crellyslider_importSlider_callback",711,[],[285],{"tag":286,"callback":287,"file":241,"line":288},"crellyslider","shortcode",34,[],{"dangerousFunctions":291,"sqlUsage":292,"outputEscaping":299,"fileOperations":473,"externalRequests":126,"nonceChecks":473,"capabilityChecks":198,"bundledLibraries":562},[],{"prepared":103,"raw":137,"locations":293},[294,297],{"file":249,"line":295,"context":296},88,"$wpdb->get_results() with variable interpolation",{"file":298,"line":28,"context":296},"wordpress\\home.php",{"escaped":258,"rawEcho":300,"locations":301},134,[302,305,307,309,311,313,315,317,319,321,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355,357,359,362,363,365,367,369,371,373,375,376,378,379,380,381,383,384,386,388,390,392,394,396,397,399,401,403,405,407,409,410,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,468,470,472,474,475,478,480,482,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,518,520,522,524,526,528,530,532,535,537,539,541,543,545,547,549,551,553,555,557,558,560],{"file":215,"line":303,"context":304},147,"raw output",{"file":215,"line":306,"context":304},178,{"file":215,"line":308,"context":304},188,{"file":215,"line":310,"context":304},197,{"file":215,"line":312,"context":304},220,{"file":215,"line":314,"context":304},449,{"file":249,"line":316,"context":304},90,{"file":249,"line":318,"context":304},103,{"file":249,"line":320,"context":304},117,{"file":249,"line":322,"context":304},120,{"file":249,"line":324,"context":304},142,{"file":249,"line":326,"context":304},205,{"file":249,"line":328,"context":304},260,{"file":249,"line":330,"context":304},276,{"file":249,"line":332,"context":304},295,{"file":249,"line":334,"context":304},322,{"file":249,"line":336,"context":304},356,{"file":249,"line":338,"context":304},371,{"file":249,"line":340,"context":304},376,{"file":249,"line":342,"context":304},401,{"file":249,"line":344,"context":304},414,{"file":249,"line":346,"context":304},451,{"file":249,"line":348,"context":304},486,{"file":249,"line":350,"context":304},505,{"file":249,"line":352,"context":304},587,{"file":249,"line":354,"context":304},607,{"file":249,"line":356,"context":304},705,{"file":249,"line":358,"context":304},730,{"file":360,"line":361,"context":304},"wordpress\\elements.php",13,{"file":360,"line":234,"context":304},{"file":360,"line":364,"context":304},27,{"file":360,"line":366,"context":304},47,{"file":360,"line":368,"context":304},61,{"file":360,"line":370,"context":304},66,{"file":360,"line":372,"context":304},69,{"file":360,"line":374,"context":304},73,{"file":360,"line":316,"context":304},{"file":360,"line":377,"context":304},95,{"file":360,"line":13,"context":304},{"file":360,"line":322,"context":304},{"file":360,"line":322,"context":304},{"file":360,"line":382,"context":304},140,{"file":360,"line":382,"context":304},{"file":360,"line":385,"context":304},254,{"file":360,"line":387,"context":304},344,{"file":360,"line":389,"context":304},348,{"file":360,"line":391,"context":304},363,{"file":360,"line":393,"context":304},367,{"file":360,"line":395,"context":304},373,{"file":360,"line":340,"context":304},{"file":360,"line":398,"context":304},379,{"file":360,"line":400,"context":304},423,{"file":360,"line":402,"context":304},426,{"file":360,"line":404,"context":304},429,{"file":360,"line":406,"context":304},443,{"file":360,"line":408,"context":304},504,{"file":360,"line":350,"context":304},{"file":360,"line":411,"context":304},594,{"file":360,"line":413,"context":304},598,{"file":360,"line":415,"context":304},613,{"file":360,"line":417,"context":304},617,{"file":360,"line":419,"context":304},623,{"file":360,"line":421,"context":304},626,{"file":360,"line":423,"context":304},629,{"file":360,"line":425,"context":304},673,{"file":360,"line":427,"context":304},676,{"file":360,"line":429,"context":304},679,{"file":360,"line":431,"context":304},693,{"file":360,"line":433,"context":304},781,{"file":360,"line":435,"context":304},784,{"file":360,"line":437,"context":304},787,{"file":360,"line":439,"context":304},796,{"file":360,"line":441,"context":304},799,{"file":360,"line":443,"context":304},802,{"file":360,"line":445,"context":304},811,{"file":360,"line":447,"context":304},814,{"file":360,"line":449,"context":304},817,{"file":360,"line":451,"context":304},831,{"file":360,"line":453,"context":304},834,{"file":360,"line":455,"context":304},837,{"file":360,"line":457,"context":304},928,{"file":360,"line":459,"context":304},932,{"file":360,"line":461,"context":304},947,{"file":360,"line":463,"context":304},951,{"file":360,"line":465,"context":304},957,{"file":360,"line":467,"context":304},960,{"file":360,"line":469,"context":304},963,{"file":360,"line":471,"context":304},1003,{"file":241,"line":473,"context":304},6,{"file":298,"line":61,"context":304},{"file":476,"line":477,"context":304},"wordpress\\slider.php",75,{"file":476,"line":479,"context":304},79,{"file":476,"line":481,"context":304},94,{"file":476,"line":13,"context":304},{"file":476,"line":484,"context":304},139,{"file":476,"line":486,"context":304},143,{"file":476,"line":488,"context":304},158,{"file":476,"line":490,"context":304},162,{"file":476,"line":492,"context":304},177,{"file":476,"line":494,"context":304},181,{"file":476,"line":496,"context":304},196,{"file":476,"line":498,"context":304},200,{"file":476,"line":500,"context":304},215,{"file":476,"line":502,"context":304},219,{"file":476,"line":504,"context":304},234,{"file":476,"line":506,"context":304},238,{"file":476,"line":508,"context":304},253,{"file":476,"line":510,"context":304},257,{"file":476,"line":512,"context":304},272,{"file":476,"line":514,"context":304},273,{"file":476,"line":516,"context":304},278,{"file":476,"line":223,"context":304},{"file":476,"line":519,"context":304},286,{"file":476,"line":521,"context":304},290,{"file":476,"line":523,"context":304},308,{"file":476,"line":525,"context":304},309,{"file":476,"line":527,"context":304},327,{"file":476,"line":529,"context":304},328,{"file":476,"line":531,"context":304},361,{"file":533,"line":534,"context":304},"wordpress\\slides.php",17,{"file":533,"line":536,"context":304},18,{"file":533,"line":538,"context":304},19,{"file":533,"line":540,"context":304},213,{"file":533,"line":542,"context":304},217,{"file":533,"line":544,"context":304},232,{"file":533,"line":546,"context":304},236,{"file":533,"line":548,"context":304},293,{"file":533,"line":550,"context":304},296,{"file":533,"line":552,"context":304},299,{"file":533,"line":554,"context":304},313,{"file":533,"line":556,"context":304},326,{"file":533,"line":527,"context":304},{"file":533,"line":559,"context":304},330,{"file":533,"line":561,"context":304},331,[],[564,612,637,646,660,678,688,698,709,725,735],{"entryPoint":565,"graph":566,"unsanitizedCount":137,"severity":40},"\u003Cajax> (wordpress\\ajax.php:0)",{"nodes":567,"edges":606},[568,573,578,581,586,589,593,597,601],{"id":569,"type":570,"label":571,"file":249,"line":572},"n0","source","$_POST (x6)",135,{"id":574,"type":575,"label":576,"file":249,"line":324,"wp_function":577},"n1","sink","echo() [XSS]","echo",{"id":579,"type":570,"label":580,"file":249,"line":514},"n2","$_POST (x8)",{"id":582,"type":575,"label":583,"file":249,"line":584,"wp_function":585},"n3","get_results() [SQLi]",285,"get_results",{"id":587,"type":570,"label":588,"file":249,"line":514},"n4","$_POST (x4)",{"id":590,"type":575,"label":591,"file":249,"line":525,"wp_function":592},"n5","query() [SQLi]","query",{"id":594,"type":570,"label":595,"file":249,"line":596},"n6","$_POST (x2)",830,{"id":598,"type":599,"label":600,"file":249,"line":596},"n7","transform","→ crellyslider_importImage()",{"id":602,"type":575,"label":603,"file":249,"line":604,"wp_function":605},"n8","file_get_contents() [SSRF\u002FLFI]",895,"file_get_contents",[607,608,609,610,611],{"from":569,"to":574,"sanitized":248},{"from":579,"to":582,"sanitized":248},{"from":587,"to":590,"sanitized":248},{"from":594,"to":598,"sanitized":246},{"from":598,"to":602,"sanitized":246},{"entryPoint":613,"graph":614,"unsanitizedCount":126,"severity":636},"\u003Cadmin> (wordpress\\admin.php:0)",{"nodes":615,"edges":632},[616,619,623,625,627,630],{"id":569,"type":570,"label":617,"file":215,"line":618},"$_GET (x2)",40,{"id":574,"type":575,"label":620,"file":215,"line":621,"wp_function":622},"get_row() [SQLi]",45,"get_row",{"id":579,"type":570,"label":624,"file":215,"line":618},"$_GET (x3)",{"id":582,"type":575,"label":576,"file":215,"line":626,"wp_function":577},52,{"id":587,"type":570,"label":628,"file":215,"line":629},"$_GET",118,{"id":590,"type":575,"label":583,"file":215,"line":631,"wp_function":585},124,[633,634,635],{"from":569,"to":574,"sanitized":248},{"from":579,"to":582,"sanitized":248},{"from":587,"to":590,"sanitized":248},"low",{"entryPoint":638,"graph":639,"unsanitizedCount":126,"severity":636},"crellyslider_addSlider_callback (wordpress\\ajax.php:126)",{"nodes":640,"edges":644},[641,643],{"id":569,"type":570,"label":642,"file":249,"line":572},"$_POST",{"id":574,"type":575,"label":576,"file":249,"line":324,"wp_function":577},[645],{"from":569,"to":574,"sanitized":248},{"entryPoint":647,"graph":648,"unsanitizedCount":126,"severity":636},"crellyslider_editSlides_callback (wordpress\\ajax.php:267)",{"nodes":649,"edges":656},[650,651,652,653,654,655],{"id":569,"type":570,"label":642,"file":249,"line":514},{"id":574,"type":575,"label":583,"file":249,"line":584,"wp_function":585},{"id":579,"type":570,"label":595,"file":249,"line":514},{"id":582,"type":575,"label":591,"file":249,"line":525,"wp_function":592},{"id":587,"type":570,"label":642,"file":249,"line":514},{"id":590,"type":575,"label":576,"file":249,"line":334,"wp_function":577},[657,658,659],{"from":569,"to":574,"sanitized":248},{"from":579,"to":582,"sanitized":248},{"from":587,"to":590,"sanitized":248},{"entryPoint":661,"graph":662,"unsanitizedCount":126,"severity":636},"crellyslider_editElements_callback (wordpress\\ajax.php:347)",{"nodes":663,"edges":674},[664,667,668,669,671,672],{"id":569,"type":570,"label":665,"file":249,"line":666},"$_POST (x3)",353,{"id":574,"type":575,"label":576,"file":249,"line":340,"wp_function":577},{"id":579,"type":570,"label":642,"file":249,"line":666},{"id":582,"type":575,"label":583,"file":249,"line":670,"wp_function":585},381,{"id":587,"type":570,"label":595,"file":249,"line":666},{"id":590,"type":575,"label":591,"file":249,"line":673,"wp_function":592},396,[675,676,677],{"from":569,"to":574,"sanitized":248},{"from":579,"to":582,"sanitized":248},{"from":587,"to":590,"sanitized":248},{"entryPoint":679,"graph":680,"unsanitizedCount":126,"severity":636},"crellyslider_duplicateSlider_callback (wordpress\\ajax.php:493)",{"nodes":681,"edges":686},[682,684],{"id":569,"type":570,"label":665,"file":249,"line":683},502,{"id":574,"type":575,"label":583,"file":249,"line":685,"wp_function":585},517,[687],{"from":569,"to":574,"sanitized":248},{"entryPoint":689,"graph":690,"unsanitizedCount":126,"severity":636},"crellyslider_exportSlider_callback (wordpress\\ajax.php:594)",{"nodes":691,"edges":696},[692,694],{"id":569,"type":570,"label":665,"file":249,"line":693},604,{"id":574,"type":575,"label":583,"file":249,"line":695,"wp_function":585},621,[697],{"from":569,"to":574,"sanitized":248},{"entryPoint":699,"graph":700,"unsanitizedCount":29,"severity":76},"displayPage (wordpress\\admin.php:18)",{"nodes":701,"edges":706},[702,703,704,705],{"id":569,"type":570,"label":628,"file":215,"line":618},{"id":574,"type":575,"label":620,"file":215,"line":621,"wp_function":622},{"id":579,"type":570,"label":628,"file":215,"line":618},{"id":582,"type":575,"label":576,"file":215,"line":626,"wp_function":577},[707,708],{"from":569,"to":574,"sanitized":246},{"from":579,"to":582,"sanitized":248},{"entryPoint":710,"graph":711,"unsanitizedCount":724,"severity":76},"displaySlider (wordpress\\admin.php:107)",{"nodes":712,"edges":720},[713,714,716,717,718,719],{"id":569,"type":570,"label":628,"file":215,"line":629},{"id":574,"type":575,"label":620,"file":215,"line":715,"wp_function":622},123,{"id":579,"type":570,"label":628,"file":215,"line":629},{"id":582,"type":575,"label":583,"file":215,"line":631,"wp_function":585},{"id":587,"type":570,"label":617,"file":215,"line":629},{"id":590,"type":575,"label":576,"file":215,"line":303,"wp_function":577},[721,722,723],{"from":569,"to":574,"sanitized":246},{"from":579,"to":582,"sanitized":246},{"from":587,"to":590,"sanitized":246},4,{"entryPoint":726,"graph":727,"unsanitizedCount":29,"severity":76},"crellyslider_printSlide (wordpress\\slides.php:49)",{"nodes":728,"edges":733},[729,731],{"id":569,"type":570,"label":628,"file":533,"line":730},351,{"id":574,"type":575,"label":583,"file":533,"line":732,"wp_function":585},357,[734],{"from":569,"to":574,"sanitized":246},{"entryPoint":736,"graph":737,"unsanitizedCount":29,"severity":76},"\u003Cslides> (wordpress\\slides.php:0)",{"nodes":738,"edges":741},[739,740],{"id":569,"type":570,"label":628,"file":533,"line":730},{"id":574,"type":575,"label":583,"file":533,"line":732,"wp_function":585},[742],{"from":569,"to":574,"sanitized":246},{"summary":744,"deductions":745},"The Crelly Slider plugin version 1.4.7 presents a mixed security posture. While it demonstrates good practices such as a majority of SQL queries using prepared statements and a reasonable number of capability checks and nonce checks for its entry points, several concerning signals emerge from the static analysis. Specifically, the presence of 5 flows with unsanitized paths and 4 high-severity taint flows indicate potential avenues for attackers to manipulate the application. This, coupled with a historical pattern of vulnerabilities including Cross-Site Scripting, SQL Injection, and Authorization Bypass, paints a picture of a plugin that, despite some security efforts, has previously been susceptible to significant risks. The fact that there is still one unpatched CVE as of January 2025 is a critical red flag, suggesting that known vulnerabilities may still be exploitable.",[746,748,751,754,756],{"reason":747,"points":536},"Currently unpatched CVE",{"reason":749,"points":750},"High severity taint flows",12,{"reason":752,"points":753},"Flows with unsanitized paths",8,{"reason":755,"points":198},"Historical high severity vulnerabilities",{"reason":757,"points":473},"Output escaping is not consistently applied","2026-03-16T17:47:25.663Z",{"wat":760,"direct":787},{"assetPaths":761,"generatorPatterns":774,"scriptPaths":775,"versionParams":776},[762,763,764,765,766,767,768,769,770,771,772,773],"\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fcss\u002Fcommon.css","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fcss\u002Fslider.css","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fcss\u002Fslides.css","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fjs\u002Fcommon.js","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fjs\u002Fslider.js","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fjs\u002Fslides.js","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fimages\u002Flogo2.png","\u002Fwp-content\u002Fplugins\u002Fcrelly-slider\u002Fwordpress\u002Fimages\u002Fmenu-icon.png",[],[767,768,769,770,771],[777,778,779,780,781,782,783,784,785,786],"crelly-slider\u002Fwordpress\u002Fcss\u002Fadmin.css?ver=","crelly-slider\u002Fwordpress\u002Fcss\u002Fcommon.css?ver=","crelly-slider\u002Fwordpress\u002Fcss\u002Ffrontend.css?ver=","crelly-slider\u002Fwordpress\u002Fcss\u002Fslider.css?ver=","crelly-slider\u002Fwordpress\u002Fcss\u002Fslides.css?ver=","crelly-slider\u002Fwordpress\u002Fjs\u002Fadmin.js?ver=","crelly-slider\u002Fwordpress\u002Fjs\u002Fcommon.js?ver=","crelly-slider\u002Fwordpress\u002Fjs\u002Ffrontend.js?ver=","crelly-slider\u002Fwordpress\u002Fjs\u002Fslider.js?ver=","crelly-slider\u002Fwordpress\u002Fjs\u002Fslides.js?ver=",{"cssClasses":788,"htmlComments":813,"htmlAttributes":814,"restEndpoints":816,"jsGlobals":817,"shortcodeOutput":820},[789,790,791,792,793,794,795,796,797,798,799,800,801,802,803,804,805,806,807,808,809,810,811,812],"cs-admin","cs-no-js","cs-message","cs-message-error","cs-message-ok","cs-message-wait","cs-message-warning","cs-logo","cs-home","cs-useless-wp_editor","cs-slider","cs-edit-slider","cs-add-slider","cs-tabs","cs-tabs-fade","cs-tabs-switch-interface","cs-icon","icon-settings","icon-edit","cs-show-slider-settings","cs-show-slides","cs-button","cs-is-primary","cs-save-settings",[],[815],"data-id",[],[818,819],"crellyslider_locale","crellyslider_currentSliderNonce",[]]