[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSTKcO6OxdOzpTxoMVNdYRZCfYeFfNXEnKuNPcpNyzuE":3,"$fWtFkQtHPV4YrgEV20bhoOQMAoQSrkhUvF8_0CtK_lbc":216,"$fvp4oVYV9RqSIgpxF7rf0T7_GijUOHex3AoF3GJ1yjc8":221},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":51,"crawl_stats":39,"alternatives":54,"analysis":155,"fingerprints":197},"cricket-score","Cricket Live Score","2.0.3","wpscore","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpscore\u002F","\u003Cp>Cricket Live Score wordpress plugin allows you to add real-time cricket scores to your website for free. This plugin allows you to add live cricket data of all today’s events by every well-known leagues, just live events that are happening right now or all yesterdays events.\u003C\u002Fp>\n\u003Cp>Cricket live scores is added by a simple shortcode so you can add this events whenever you want – to a single page as a main content, to a single post, as a sitewide element in header or sidebar of you website as a widget etc.\u003C\u002Fp>\n\u003Cp>When setting up plugin’s display option please choose best option that fits your needs:\u003Cbr \u002F>\n* Display cricket livescores as iframe containing ads\u003Cbr \u002F>\n* Display cricket livescores as native code without ads but containing a link to developer’s websites\u003C\u002Fp>\n\u003Cp>Main Advantages of this plugin:\u003Cbr \u002F>\n1. Plugin is fully responsive and can be added to any website\u003Cbr \u002F>\n2. Plugin supports SSL\u002FHTTPS so it’s fully secured for your website\u003Cbr \u002F>\n3. It’s totally free for everyone\u003Cbr \u002F>\n4. Information is updating in real time so users don’t need to refresh the page to get the score\u003Cbr \u002F>\n5. Automatiс timezones changes for users from different countries so they see accurate date and time\u003C\u002Fp>\n\u003Cp>And more to come!\u003C\u002Fp>\n\u003Ch4>Interaction with External Services\u003C\u002Fh4>\n\u003Cp>Through the external service fscore.in, the Cricket Live Score Widget provides users with real-time information on the schedule and results of cricket matches. Fscore.in is a reliable source of sports information, earning trust within the community.\u003C\u002Fp>\n\u003Cp>The functionality of fscore.in is built on delivering real-time data for selected matches, including the match start time, current status, incidents, and score. This implies that data is automatically updated without the need for page reloads.\u003C\u002Fp>\n\u003Cp>Such an approach ensures users quick and uninterrupted access to the latest sports data, eliminating the need for manual information updates and allowing them to stay informed about ongoing events in real-time.\u003C\u002Fp>\n","Get the latest auto-updated live Cricket Score for your website for free.",200,12022,74,3,"2025-02-18T09:43:00.000Z","6.7.5","4.1","7.0",[20,21,22,23,24],"cricket","ipl","live-score","livescore","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcricket-score\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcricket-score.2.0.3.zip",91,1,0,"2024-12-13 15:59:40","2026-04-16T10:56:18.058Z","no_bundle",[34],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":6,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48,"patch_diff_files":49,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-11877","cricket-live-score-authenticated-contributor-stored-cross-site-scripting","Cricket Live Score \u003C= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Cricket Live Score plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cricket_score' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.0.2","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-02-20 14:44:13",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd9fe750f-5d8f-4c47-9d75-d928f1367fa8?source=api-prod",69,[],false,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":48,"trust_score":52,"computed_at":53},82,"2026-05-20T07:02:23.542Z",[55,78,102,119,139],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":29,"num_ratings":29,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":74,"download_link":75,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":77},"cric-zumo","Cric Zumo Cricket Scoreboards and Odds Plugin","0.2","criczumo","https:\u002F\u002Fprofiles.wordpress.org\u002Fcriczumo\u002F","\u003Cp>We have created the fastest scoreboards and odds plugin for websites by using a proven algorithm because we want to help web developers increase traffic and create awareness of their website and app!\u003C\u002Fp>\n\u003Cp>We’ve done our research, and we are minutes faster than anything that is available in the market. This product is sold as a wordpress plugin, however for those looking for a plugin to use on a different platform- it can be done. We are able to customize layouts for different design formats. Drop us an email at support@criczumo.com for an inquiry.\u003C\u002Fp>\n\u003Cp>So, hesitate no more and download now to receive the FASTEST score (no jokes)\u003C\u002Fp>\n\u003Cp>Features\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Free Plugin : Free version\u003C\u002Fstrong>\u003Cbr \u002F>\n* Complete match info\u003Cbr \u002F>\n* Real Time score Push score update\u003Cbr \u002F>\n* Ready to use widget\u003Cbr \u002F>\n* Available for all international T20 and 50 over matches.\u003Cbr \u002F>\n* Available for all T20 Leagues.\u003Cbr \u002F>\n* (*No test matches)\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcriczumo.com\u002Fplugins\" rel=\"nofollow ugc\">For Premium Plugins Please visit http:\u002F\u002Fcriczumo.com\u002Fplugins\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Scoreboard Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n* Complete match information\u003Cbr \u002F>\n* Real-time push score updates\u003Cbr \u002F>\n* Ready-to-use widget\u003Cbr \u002F>\n* Available for all International T20 and 50 over matches\u003Cbr \u002F>\n* Available for all Domestic T20 Leagues\u003Cbr \u002F>\n* Live, upcoming and ended matches within 48 hours\u003Cbr \u002F>\n* Live stats within the last 3 overs\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Odds Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n* Real-time match odds\u003Cbr \u002F>\n* Batsman odds\u003Cbr \u002F>\n* Fall of Wicket odds\u003Cbr \u002F>\n* Session Run odds\u003Cbr \u002F>\n* Available for all Domestic T20 leagues\u003Cbr \u002F>\n* Updates for 20 over matches (6th,10th, 12th,15th,20th overs)\u003Cbr \u002F>\n* Updates for 50 over matches (every 5 overs)\u003C\u002Fp>\n","We provide fastest scoreboards and livescores",10,4737,"2019-05-30T06:40:00.000Z","5.1.22","4.2","5.6",[20,70,71,72,73],"cricket-odds","live-scoreboard","livescores","scoreboard","http:\u002F\u002Fcriczumo.com\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcric-zumo.0.2.zip",85,"2026-04-06T09:54:40.288Z",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":100,"download_link":101,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"bns-corner-logo","BNS Corner Logo","2.2","Edward Caissie","https:\u002F\u002Fprofiles.wordpress.org\u002Fcais\u002F","\u003Cp>Widget to display a user selected image as a logo; or, used as a plugin that displays the image fixed in one of the four corners of the display.\u003Cbr \u002F>\nCopyright 2009-2016  Edward Caissie  (email : edward.caissie@gmail.com)\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify\u003Cbr \u002F>\n  it under the terms of the GNU General Public License version 2,\u003Cbr \u002F>\n  as published by the Free Software Foundation.\u003C\u002Fp>\n\u003Cp>You may NOT assume that you can use any other version of the GPL.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\n  but WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\n  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\u003Cbr \u002F>\n  GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License\u003Cbr \u002F>\n  along with this program; if not, write to the Free Software\u003Cbr \u002F>\n  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA\u003C\u002Fp>\n\u003Cp>The license for this software can also likely be found here:\u003Cbr \u002F>\n  http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n","Widget to display a logo; or, used as a plugin displays image fixed in one of the four corners.",300,52117,100,4,"2016-04-10T17:54:00.000Z","4.5.33","3.0","",[95,96,97,98,99],"gravatar","image","logo","multiple-widgets","multisite-compatible","http:\u002F\u002Fbuynowshop.com\u002Fplugins\u002Fbns-corner-logo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbns-corner-logo.2.2.zip",{"slug":103,"name":104,"version":105,"author":103,"author_profile":106,"description":107,"short_description":108,"active_installs":11,"downloaded":109,"rating":88,"num_ratings":28,"last_updated":110,"tested_up_to":111,"requires_at_least":93,"requires_php":93,"tags":112,"homepage":116,"download_link":117,"security_score":118,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"azscore","AZScore: Live Score and football fixures and results","1.0.3","https:\u002F\u002Fprofiles.wordpress.org\u002Fazscore\u002F","\u003Cp>AZScore – provides real-time soccer match scores. Completely ad-free, without iFrames, fully customizable, and responsive.\u003Cbr \u002F>\nIt can be employed, for instance, on sports news websites to report competition results, within soccer-related blog match reviews, on official soccer team websites, and more.\u003Cbr \u002F>\nDeveloped by the team at azscore.com.\u003C\u002Fp>\n\u003Cp>Stay Ahead with Real-Time Football Updates! Azscore is a robust WordPress plugin designed for football (soccer) enthusiasts, bloggers, and website owners. With Azscore, you can seamlessly integrate live football scores, updates, and crucial match livescore events directly onto your WordPress website.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Real-Time Updates: Azscore ensures you never miss any action. Get livescore updates for today’s matches, track yesterday’s scores, and be prepared with the schedule for tomorrow’s games – all in real time.\u003C\u002Fli>\n\u003Cli>Extensive Coverage: Choose from over 2000 football tournaments and leagues across the globe. Whether it’s popular leagues or niche tournaments, Azscore has got it covered including:\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>* England Premier League\u003Cbr \u002F>\n* Spain La Liga\u003Cbr \u002F>\n* Germany Bundesliga\u003Cbr \u002F>\n* Italy Serie A\u003Cbr \u002F>\n* France Ligue 1\u003Cbr \u002F>\n* Brasil Serie A\u003Cbr \u002F>\n* Libertadores Cup\u003Cbr \u002F>\n* Champions League\u003Cbr \u002F>\n* Europe League\u003Cbr \u002F>\n* Conference League\u003Cbr \u002F>\n* World Cup\u003Cbr \u002F>\n* Euro (European Championship)\u003Cbr \u002F>\n…and many others!\u003Cbr \u002F>\n3. Customizable Display: Tailor Azscore to your website’s theme and your preferences. Pick from 8 different languages (English, German, Dutch, Portuguese, Turkish, Italian, French, and Romanian), customize fonts, and select your desired highlight and background colours.\u003Cbr \u002F>\n4. Detailed Match Insights:\u003Cbr \u002F>\n* Kick-off Details: Know when the game begins with match start time and date\u003Cbr \u002F>\n* Live Scores: Get the latest score updates in real time\u003Cbr \u002F>\n* Match Events: Stay informed with main events such as goals (with minute and scorer details), yellow and red cards (with minute and player details), and substitutions (minute and player information for both incoming and outgoing players)\u003Cbr \u002F>\n5. No Ads: Experience an uninterrupted interface. Azscore prioritizes your content and your users by being completely ad-free.\u003Cbr \u002F>\n6. Fully Responsive: Whether your visitors are on desktop, tablet, or mobile, Azscore adapts perfectly to ensure a smooth browsing experience.\u003Cbr \u002F>\n7. Automatic Time Zone Adjustments: Azscore intelligently adjusts match timings based on the user’s country, ensuring the most accurate information for your global audience.\u003Cbr \u002F>\n8. SSL Support: With SSL (HTTPS) support, Azscore ensures that the data on your website remains secure and trustworthy.\u003Cbr \u002F>\n* Integrate Azscore with Your WordPress Site\u003Cbr \u002F>\n* Adding Azscore to your WordPress site is a breeze. With a user-friendly interface, the plugin is perfect for both beginners and experienced WordPress users. Elevate your website content by providing real-time football livescore updates to your audience and keep them engaged.\u003C\u002Fp>\n\u003Ch3>Displaying Live Score\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Use [azscore] shortcode where you want to display the live scores\u003C\u002Fli>\n\u003Cli>You have the option to configure additional attributes:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Col>\n\u003Cli>For the period: today, live, tomorrow, yesterday. For example [azscore period=”live”]\u003C\u002Fli>\n\u003Cli>For different leagues. For example [azscore league-is=”Premier League” country-is=”England”]. The full list of leagues and countries is provided below in the “List of tournaments and categories”\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Supported Languages\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Deutsch (German)\u003C\u002Fli>\n\u003Cli>Nederlands (Dutch)\u003C\u002Fli>\n\u003Cli>Português (Portuguese)\u003C\u002Fli>\n\u003Cli>Türkçe (Turkish)\u003C\u002Fli>\n\u003Cli>İtaliano (Italian)\u003C\u002Fli>\n\u003Cli>Français (French)\u003C\u002Fli>\n\u003Cli>Română (Romanian)\u003C\u002Fli>\n\u003C\u002Ful>\n","AZScore - provides real-time soccer match scores. Completely ad-free, without iFrames, fully customizable, and responsive.",3687,"2024-08-23T12:08:00.000Z","6.6.5",[113,114,22,23,115],"football","live","scores","https:\u002F\u002Fazscore.com\u002Ffootball\u002Fwidget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fazscore.1.0.3.zip",92,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":88,"downloaded":127,"rating":88,"num_ratings":14,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":93,"tags":131,"homepage":137,"download_link":138,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"multi-image-widget","Multi Image Widget","1.1","Shankaranand Maurya","https:\u002F\u002Fprofiles.wordpress.org\u002Fshankaranand12\u002F","\u003Cp>This plugin is used for upload the image. It has two unique feature in one.\u003C\u002Fp>\n\u003Cp>1: Linear View * You can upload multiple image and display in linear form.\u003Cbr \u002F>\n2: Slider View * You can upload the multiple image and display in slider.\u003C\u002Fp>\n\u003Cp>It will provide the widget and you can use it in widget module.\u003C\u002Fp>\n\u003Cp>For more information,you can visit the \u003Ca href=\"https:\u002F\u002Fshankaranandmaurya.wordpress.com\u002Fmy-developed-plugin\u002Fmulti-image-widget\u002F\" rel=\"nofollow ugc\">plugin Page\u003C\u002Fa>\u003Cbr \u002F>\nNote: Anyone can write the CSS for my plugin,I will added it.\u003C\u002Fp>\n","Multi image widget is used to upload the multiple image.",4605,"2015-05-27T17:32:00.000Z","4.1.42","3.1",[132,133,134,135,136],"image-upload-widget","image-widget","multiple-image-upload-widget","multiple-image-widget","slider-widget","http:\u002F\u002Froomrent.org\u002Fmy-developed-plugins\u002Fmulti-image-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmulti-image-widget.zip",{"slug":140,"name":141,"version":142,"author":82,"author_profile":83,"description":143,"short_description":144,"active_installs":145,"downloaded":146,"rating":88,"num_ratings":28,"last_updated":147,"tested_up_to":91,"requires_at_least":148,"requires_php":93,"tags":149,"homepage":153,"download_link":154,"security_score":76,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"bns-smf-feeds","BNS SMF Feeds","2.1","\u003Cp>Plugin with multi-widget functionality that builds an SMF Forum RSS feed url by user option choices; and, displays a SMF forum feed. The widget includes the additional option to include in the feed: specific boards and\u002For specific categories. There are also check boxes to include the feed item date and the item summary, too.\u003C\u002Fp>\n\u003Cp>NB: If updating from a version before 1.1 please make sure to re-save your widget options (check your feed type) for each instance after upgrading. This will set the feed type correctly using the new feed drop-down selection option. Thanks! ~cais\u003Cbr \u002F>\n* Copyright 2009-2015  Edward Caissie  (email : edward.caissie@gmail.com)\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify\u003Cbr \u002F>\n  it under the terms of the GNU General Public License version 2,\u003Cbr \u002F>\n  as published by the Free Software Foundation.\u003C\u002Fp>\n\u003Cp>You may NOT assume that you can use any other version of the GPL.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\n  but WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\n  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\u003Cbr \u002F>\n  GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License\u003Cbr \u002F>\n  along with this program; if not, write to the Free Software\u003Cbr \u002F>\n  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA\u003C\u002Fp>\n\u003Cp>The license for this software can also likely be found here:\u003Cbr \u002F>\n  http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n","Plugin with multi-widget functionality that builds an SMF Forum RSS feed url by user option choices; and, displays a SMF forum feed.",60,15029,"2016-04-10T18:00:00.000Z","3.6",[98,150,151,152],"option-panel","rss","smf","http:\u002F\u002Fbuynowshop.com\u002Fplugins\u002Fbns-smf-feeds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbns-smf-feeds.2.1.zip",{"attackSurface":156,"codeSignals":177,"taintFlows":185,"riskAssessment":186,"analyzedAt":196},{"hooks":157,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":176,"entryPointCount":28,"unprotectedCount":29},[158,164],{"type":159,"name":160,"callback":161,"file":162,"line":163},"action","admin_menu","addPage","src\\FscoreConfig.php",43,{"type":159,"name":165,"callback":166,"file":162,"line":167},"admin_init","registerPageOptions",46,[],[],[171],{"tag":172,"callback":173,"file":174,"line":175},"cricket_score","connectFscore","cricket-score.php",17,[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":181,"fileOperations":28,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":184},[],{"prepared":29,"raw":29,"locations":180},[],{"escaped":182,"rawEcho":29,"locations":183},13,[],[],[],{"summary":187,"deductions":188},"The \"cricket-score\" plugin version 2.0.3 demonstrates some positive security practices, including 100% of its SQL queries using prepared statements and all identified outputs being properly escaped. The absence of critical or high severity taint flows, along with no dangerous functions or external HTTP requests, suggests a generally secure codebase in these areas.\n\nHowever, there are notable concerns. The plugin has a history of vulnerabilities, with one medium severity Cross-Site Scripting (XSS) issue recorded. While currently unpatched CVEs are zero, this history indicates a recurring pattern of potential security weaknesses. Furthermore, the static analysis reveals a complete lack of nonce checks and capability checks, which is a significant concern for entry points like shortcodes. Although the static analysis indicates no unprotected entry points, the absence of these checks means that the existing shortcode is vulnerable to unauthorized execution if an attacker can trick a user into triggering it.\n\nIn conclusion, while the plugin has strengths in its SQL and output handling, the history of vulnerabilities and the critical absence of nonce and capability checks on its shortcode create a moderate to high risk. The plugin should be reviewed and updated to include proper authorization checks to mitigate the risks associated with its vulnerability history and lack of input validation.",[189,192,194],{"reason":190,"points":191},"Medium severity XSS vulnerability in history",15,{"reason":193,"points":63},"No nonce checks on entry points",{"reason":195,"points":63},"No capability checks on entry points","2026-03-16T20:19:27.665Z",{"wat":198,"direct":203},{"assetPaths":199,"generatorPatterns":200,"scriptPaths":201,"versionParams":202},[],[],[],[],{"cssClasses":204,"htmlComments":207,"htmlAttributes":208,"restEndpoints":209,"jsGlobals":210,"shortcodeOutput":211},[205,206,24],"wrap","metabox-holder",[],[],[],[],[212,213,214,215],"[cricket_score]","[cricket_score period=live]","[cricket_score height=800]","[cricket_score height=1500]",{"error":217,"url":218,"statusCode":219,"statusMessage":220,"message":220},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcricket-score\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":222,"versions":223},7,[224,229,237,245,253,261,269],{"version":6,"download_url":26,"svn_tag_url":225,"released_at":39,"has_diff":50,"diff_files_changed":226,"diff_lines":39,"trac_diff_url":227,"vulnerabilities":228,"is_current":217},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcricket-score\u002Ftags\u002F2.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcricket-score%2Ftags%2F2.0.2&new_path=%2Fcricket-score%2Ftags%2F2.0.3",[],{"version":230,"download_url":231,"svn_tag_url":232,"released_at":39,"has_diff":50,"diff_files_changed":233,"diff_lines":39,"trac_diff_url":234,"vulnerabilities":235,"is_current":50},"2.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcricket-score.2.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcricket-score\u002Ftags\u002F2.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcricket-score%2Ftags%2F2.0.1&new_path=%2Fcricket-score%2Ftags%2F2.0.2",[236],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":238,"download_url":239,"svn_tag_url":240,"released_at":39,"has_diff":50,"diff_files_changed":241,"diff_lines":39,"trac_diff_url":242,"vulnerabilities":243,"is_current":50},"2.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcricket-score.2.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcricket-score\u002Ftags\u002F2.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcricket-score%2Ftags%2F2.0.0&new_path=%2Fcricket-score%2Ftags%2F2.0.1",[244],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":246,"download_url":247,"svn_tag_url":248,"released_at":39,"has_diff":50,"diff_files_changed":249,"diff_lines":39,"trac_diff_url":250,"vulnerabilities":251,"is_current":50},"2.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcricket-score.2.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcricket-score\u002Ftags\u002F2.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcricket-score%2Ftags%2F1.0.2&new_path=%2Fcricket-score%2Ftags%2F2.0.0",[252],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":254,"download_url":255,"svn_tag_url":256,"released_at":39,"has_diff":50,"diff_files_changed":257,"diff_lines":39,"trac_diff_url":258,"vulnerabilities":259,"is_current":50},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcricket-score.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcricket-score\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcricket-score%2Ftags%2F1.0.1&new_path=%2Fcricket-score%2Ftags%2F1.0.2",[260],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":262,"download_url":263,"svn_tag_url":264,"released_at":39,"has_diff":50,"diff_files_changed":265,"diff_lines":39,"trac_diff_url":266,"vulnerabilities":267,"is_current":50},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcricket-score.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcricket-score\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcricket-score%2Ftags%2F1.0.0&new_path=%2Fcricket-score%2Ftags%2F1.0.1",[268],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"version":270,"download_url":271,"svn_tag_url":272,"released_at":39,"has_diff":50,"diff_files_changed":273,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":274,"is_current":50},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcricket-score.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcricket-score\u002Ftags\u002F1.0.0\u002F",[],[275],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6}]