[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fC2mNmThw9xspOs4ABnF1yP9HhjyOp57-N_5WxYvSqAk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":137,"fingerprints":225},"custom-windows-pinned-tiles","Custom Windows Pinned Tiles","2.1","Nick Halsey","https:\u002F\u002Fprofiles.wordpress.org\u002Fcelloexpressions\u002F","\u003Cp>Look at the plugin banner image – which of these Windows Start Screen Tiles would you open, colorful live-updating ones in the top row or static, plain ones in the bottom row?\u003C\u002Fp>\n\u003Cp>With Custom Windows Pinned Tiles 2, you can set up your site to display beautiful live-updating tiles in a matter of seconds. Just activate the plugin and pick a tile image and color on the settings page. Then, anyone who pins your site to their start screen with Windows 8.1\u002FIE11 will see your site’s logo\u002Fimage (at the size of their choosing), which will also live-update to display your latest 5 posts, with images if they’re available.\u003C\u002Fp>\n\u003Cp>Live tiles feature your post titles and excerpts or images from the posts. Your website essentially becomes a Windows 8.1 App; a huge opportunity to engage your visitors and keep them coming back, with headlines from your content appearing directly on their start screen!\u003C\u002Fp>\n","Look at the plugin banner image - which of these Windows Start Screen Tiles would you open, colorful live-updating ones in the top row or static, plai …",30,8071,100,4,"2014-12-23T00:50:00.000Z","4.1.42","3.5","",[20,21,22,23,24],"ie10","ie11","internet-explorer","live-tile","windows-8","http:\u002F\u002Fcelloexpressions.com\u002Fplugins\u002Fcustom-windows-pinned-tiles\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-windows-pinned-tiles.2.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"celloexpressions",27,24000,91,8,88,"2026-04-04T07:18:13.407Z",[41,61,82,103,121],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":17,"requires_php":55,"tags":56,"homepage":59,"download_link":60,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"os-integration","OS Integration","3.0","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>User’s have all kinds of devices these days and your site needs to look the best it can when being displayed, pinned or added to your users system.\u003C\u002Fp>\n\u003Cp>WordPress 4.3 has introduced the “Site Icon” option in settings but it’s far too limited, OS Integration does what it can’t!\u003C\u002Fp>\n\u003Cp>OS Integration supports the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generation of favicon.ico, up to 96x96px.\u003C\u002Fli>\n\u003Cli>PNG favicon support in multiple resolutions (16, 32, 96, 160 and 196px)\u003C\u002Fli>\n\u003Cli>Windows 8 and 8.1 Live Tiles in all sizes\u003C\u002Fli>\n\u003Cli>Windows 8 Live Tile update feeds (both through buildmypinnedsite.com and local XML files)\u003C\u002Fli>\n\u003Cli>Support for Windows Phone 8.1 Live Tiles\u003C\u002Fli>\n\u003Cli>iOS Touch Icon support in multiple resolutions (57, 72, 114, 144px)\u003C\u002Fli>\n\u003Cli>iOS Web App support including loading screen\u003C\u002Fli>\n\u003Cli>iOS Web App link override mode, keep your site in the Web App even if the user clicks on a link\u003C\u002Fli>\n\u003Cli>Widget to notify users of bookmarking and pinning support on the site (only displays which options you have enabled)\u003C\u002Fli>\n\u003Cli>Progressive Web Apps (PWA), including related applications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All of the above can be supported with a single image supplied by you to the plugin and all the required formats will then be generated by OS Integration.\u003C\u002Fp>\n\u003Cp>Optionally you can also supply a custom wide formatted imaged or override any or all the generated images with custom selections.\u003C\u002Fp>\n\u003Cp>Why use 2, 3 or 4 other plugins when OS Integration does all the work for you!\u003C\u002Fp>\n","User's have all kinds of devices these days and your site needs to look the best it can when being displayed, pinned or added to your users syste …",80,8118,96,5,"2023-12-03T02:53:00.000Z","6.4.8","5.4",[57,22,23,58,24],"app","tiles","http:\u002F\u002Ftoolstack.com\u002Fos-integration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fos-integration.3.0.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":52,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":18,"tags":75,"homepage":80,"download_link":81,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"modernizr","Modernizr for WordPress","3.7.1","Ramoonus","https:\u002F\u002Fprofiles.wordpress.org\u002Framoonus\u002F","\u003Cp>This plugin adds the Modernizr to your WordPress installation.\u003Cbr \u002F>\nModernizr is a small JavaScript library that detects the availability of native implementations for next-generation web technologies, i.e. features that stem from the HTML5 and CSS3 specifications. Many of these features are already implemented in at least one major browser (most of them in two or more), and what Modernizr does is, very simply, tell you whether the current browser has this feature natively implemented or not.\u003C\u002Fp>\n\u003Cp>For documentation visit http:\u002F\u002Fwww.modernizr.com\u002Fdocs\u002F\u003C\u002Fp>\n","This plugin adds the Modernizr to your WordPress installation.",900,49412,68,"2019-05-04T10:24:00.000Z","5.2.24","4.8",[76,77,78,22,79],"html","html5","ie","javascript","http:\u002F\u002Fwww.ramoonus.nl\u002Fwordpress\u002Fmodernizr\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmodernizr.3.7.1.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":18,"requires_php":18,"tags":96,"homepage":101,"download_link":102,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"php-browser-detection","PHP Browser Detection","3.1.8","Mindshare Labs, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fmindshare\u002F","\u003Cp>Version 3 adds support for is_tablet(), is_desktop(), and is_browser() as well as numerous bug fixes and code improvements. As of version 3.1.2 automatic updates of browscap.ini are disabeld until we can deal with memory usage issues.\u003C\u002Fp>\n\u003Cp>PHP Browser Detection is a WordPress plugin used to detect a user’s browser. It can be used to send conditional CSS files for Internet Explorer, display different content or custom messages anywhere on the page, or to swap out Flash for an image for iPhones.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Template Tags:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Test for specific browsers:\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>$version is optional. Include a major version number, a single integer – 3,4,5, etc… Or leave it empty to test for any version.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php if(is_firefox($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_safari($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_chrome($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_opera($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_ie($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_browser($name, $version)) { \u002F* your code here *\u002F }; ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Check for mobile, tablet, iPhone, iPad, iPod, etc…\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php if(is_desktop()) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_tablet()) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_iphone($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_ipad($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_ipod($version)) { \u002F* your code here *\u002F }; ?>\n\n\u003C?php if(is_mobile()) { \u002F* your code here *\u002F }; ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Check for greater than \u002F less than a specific version…\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Less than or equal to Firefox 19:\u003Cbr \u002F>\n    \u003C ?php if(is_firefox() && get_browser_version() \u003C\u002Fp>\n\u003Cp>Less than or equal to IE 10:\u003Cbr \u002F>\n    \u003C ?php if(is_ie() && get_browser_version() \u003C\u002Fp>\n\u003Cp>Greater than or equal to Safari 4:\u003Cbr \u002F>\n    = 4) { \u002F* your code here *\u002F }; ?>\u003C\u002Fp>\n\u003Cp>these are just a few examples, but this syntax will work for any browser or version.\u003C\u002Fp>\n\u003Cp>\u003Cem>Check specific versions…\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Is the browser IE6?\n    \u003C\u002Fp>\n\u003Cp>Is the browser IE10?\n    \u003C\u002Fp>\n\u003Cp>\u003Cstrong>Or you can get all the info and do what you want with it:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Get just the name…\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php $browser_name = get_browser_name(); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Get the full version number – 3.2, 5.0, etc…\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php $browser_version = get_browser_version(); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Or get it all in array…\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php $browser_info = php_browser_info(); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Shortcodes:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Test for specific browsers:\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[is_browser name=\"chrome\" version=\"45\"]\n\u003Cp>You are using Chrome 45 or above.\u003C\u002Fp>\n[\u002Fis_browser]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cem>Output all browser info:\u003C\u002Fem>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[browser_info]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","PHP Browser Detection is a WordPress plugin used to detect a user's browser. Please report any bugs on the support forums.",600,46465,82,16,"2015-09-08T03:12:00.000Z","4.3.34",[97,98,22,99,100],"browser","browser-detection","iphone","php","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fphp-browser-detection\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-browser-detection.3.1.8.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":13,"downloaded":111,"rating":13,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":119,"download_link":120,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"jt-internet-explorer-url","JT Internet explorer URL","1.0","studio-jt","https:\u002F\u002Fprofiles.wordpress.org\u002Fstudiojt\u002F","\u003Cp>The plugin allow you display human readable URL on IE (Internet Explorer), the problem occur on permalinks write in a non English alphabet.\u003C\u002Fp>\n","Display User Friendly URL on Internet Explorer (for non English Alphabet).",2296,2,"2016-08-29T02:03:00.000Z","3.4.2","2.5.0",[117,78,22,118],"decode-url","url","http:\u002F\u002Fstudio-jt.co.kr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjt-internet-explorer-url.1.0.zip",{"slug":122,"name":123,"version":106,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":13,"downloaded":128,"rating":13,"num_ratings":52,"last_updated":129,"tested_up_to":130,"requires_at_least":18,"requires_php":18,"tags":131,"homepage":135,"download_link":136,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"stop-oldies","Stop Oldies","Pierre-André Boissinot","https:\u002F\u002Fprofiles.wordpress.org\u002Fpabois\u002F","\u003Cp>This plugin detects if a visitor is using some old version of Internet Explorer and suggests to upgrade to a recent browser.\u003Cbr \u002F>\nThe versions to block can be configured in an admin panel.\u003Cbr \u002F>\nWorks for blocking IE6, IE7 and IE8.\u003Cbr \u002F>\nLocalisation of the plugin into french.\u003C\u002Fp>\n","This plugin detects if a visitor is using some old version of Internet Explorer and suggests to upgrade to a recent browser.",4626,"2014-04-18T13:30:00.000Z","3.9.40",[78,132,133,22,134],"ie6","ie7","old","http:\u002F\u002Fwordpress.semiodesign.com\u002Fstop-oldies\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-oldies.zip",{"attackSurface":138,"codeSignals":168,"taintFlows":218,"riskAssessment":219,"analyzedAt":224},{"hooks":139,"ajaxHandlers":164,"restRoutes":165,"shortcodes":166,"cronEvents":167,"entryPointCount":28,"unprotectedCount":28},[140,146,150,156,160],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_init","cwptiles_init","custom-windows-pinned-tiles.php",35,{"type":141,"name":147,"callback":148,"file":144,"line":149},"admin_menu","cwptiles_add_options_page",36,{"type":151,"name":152,"callback":153,"priority":154,"file":144,"line":155},"filter","plugin_action_links","cwptiles_plugin_action_links",10,37,{"type":141,"name":157,"callback":158,"file":144,"line":159},"admin_enqueue_scripts","cwptiles_admin_scripts",92,{"type":141,"name":161,"callback":162,"file":144,"line":163},"wp_head","cwptiles_output",314,[],[],[],[],{"dangerousFunctions":169,"sqlUsage":170,"outputEscaping":172,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":217},[],{"prepared":28,"raw":28,"locations":171},[],{"escaped":112,"rawEcho":173,"locations":174},21,[175,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,207,209,211,213,215],{"file":144,"line":176,"context":177},115,"raw output",{"file":144,"line":179,"context":177},122,{"file":144,"line":181,"context":177},181,{"file":144,"line":183,"context":177},187,{"file":144,"line":185,"context":177},190,{"file":144,"line":187,"context":177},211,{"file":144,"line":189,"context":177},215,{"file":144,"line":191,"context":177},216,{"file":144,"line":193,"context":177},217,{"file":144,"line":195,"context":177},218,{"file":144,"line":197,"context":177},224,{"file":144,"line":199,"context":177},230,{"file":144,"line":201,"context":177},327,{"file":144,"line":203,"context":177},328,{"file":144,"line":205,"context":177},329,{"file":144,"line":205,"context":177},{"file":144,"line":208,"context":177},334,{"file":144,"line":210,"context":177},335,{"file":144,"line":212,"context":177},336,{"file":144,"line":214,"context":177},337,{"file":144,"line":216,"context":177},342,[],[],{"summary":220,"deductions":221},"The \"custom-windows-pinned-tiles\" plugin v2.1 exhibits a seemingly strong security posture based on the provided static analysis. The absence of entry points like AJAX handlers, REST API routes, shortcodes, and cron events significantly reduces the potential attack surface. Furthermore, the code signals indicate a lack of dangerous functions, file operations, and external HTTP requests, which are common vectors for exploitation. The use of prepared statements for SQL queries is also a positive indicator of secure database interaction.\n\nHowever, a significant concern arises from the low percentage of properly escaped output (9%). This suggests that data displayed to users may not be adequately sanitized, leaving the plugin vulnerable to Cross-Site Scripting (XSS) attacks. While taint analysis shows no immediate critical or high severity issues, the lack of proper output escaping is a pervasive risk that can be exploited if any user-controlled data is rendered on the frontend without sufficient sanitization. The plugin's vulnerability history is clean, which is positive, but it's crucial to remember that past security does not guarantee future immunity, especially with the identified output escaping deficiency.\n\nIn conclusion, while the plugin has a minimal attack surface and good practices in areas like SQL handling, the critical weakness in output escaping presents a substantial risk for XSS vulnerabilities. This overshadows the otherwise clean static analysis and vulnerability history. Addressing the output escaping issues should be the highest priority to improve the plugin's overall security.",[222],{"reason":223,"points":37},"Low percentage of properly escaped output","2026-03-16T22:28:36.006Z",{"wat":226,"direct":234},{"assetPaths":227,"generatorPatterns":230,"scriptPaths":231,"versionParams":233},[228,229],"\u002Fwp-content\u002Fplugins\u002Fcustom-windows-pinned-tiles\u002Fstart-screen-preview.png","\u002Fwp-content\u002Fplugins\u002Fcustom-windows-pinned-tiles\u002Fdefault-wp-logo.png",[],[232],"\u002Fwp-content\u002Fplugins\u002Fcustom-windows-pinned-tiles\u002Fpinned-tiles-admin.js",[],{"cssClasses":235,"htmlComments":239,"htmlAttributes":241,"restEndpoints":247,"jsGlobals":248,"shortcodeOutput":249},[236,237,238],"live-preview-tile","live-preview-image","live-preview-title",[240]," tile icon",[242,243,244,245,246],"id=\"tile-preview-container\"","id=\"preview-tile\"","id=\"tile-img-preview\"","id=\"the_title\"","id=\"preview-disclaimer\"",[],[],[]]