[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fm_Wkk487vueoNhpn5fae_y6z914jxodCdyh6TDsVdWg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":134,"fingerprints":288},"easy-shuffle-widget","Easy Shuffle Widget","1.0","darrinb","https:\u002F\u002Fprofiles.wordpress.org\u002Fdbmartin\u002F","\u003Cp>\u003Cem>Keep em’ guessing!\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>The Easy Shuffle Widget is a fun way to feature any content on your site.  It’s an easy-to-use widget that displays random content by shuffling through your site’s posts, authors, custom post types, and comments, and choosing one at random.\u003C\u002Fp>\n\u003Cp>Want to only shuffle through comments or posts?  No problem!  You can choose to shuffle through \u003Cem>any\u003C\u002Fem> content, or the content of your choice.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Configurable widget title.\u003C\u002Fli>\n\u003Cli>Set up multiple instances.\u003C\u002Fli>\n\u003Cli>Select which content to display.  (You can choose either any registered post type, users, comments, or full-on random.)\u003C\u002Fli>\n\u003Cli>Supports post thumbnails and user avatars.\u003C\u002Fli>\n\u003Cli>Set \u003Cem>and preview\u003C\u002Fem> custom thumbnail sizes.\u003C\u002Fli>\n\u003Cli>Show an excerpt of the post, comment, or author description.\u003C\u002Fli>\n\u003Cli>Set \u003Cem>and preview\u003C\u002Fem> the length of the excerpt.\u003C\u002Fli>\n\u003Cli>Choose the default (basic) CSS styling or roll your own.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Developer Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This widget was built not only with end-users in mind, but also plugin developers.  Almost every aspect of this widget is extensible through filters and action hooks.  You can even add your own form fields to the widget form!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Need to remove a field from the widget form?  Not a problem!  Every field is passed through its own filter for easy customization.\u003C\u002Fli>\n\u003Cli>Need to modify the output of the widget?  Easy!  The output is passed through numerous filters, allowing you to customize the content to meet your project’s requirements.\u003C\u002Fli>\n\u003Cli>For a full list of action hooks and filters, please see the plugin documentation: http:\u002F\u002Fdarrinb.com\u002Fplugins\u002Feasy-shuffle-widget\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily display random posts, comments, or users.  Supports all custom post types!",10,1448,0,"2016-05-11T00:50:00.000Z","4.7.32","4.4","",[19,20,21,22,23],"comments","comments-widget","posts","users","widget","http:\u002F\u002Fdarrinb.com\u002Fplugins\u002Feasy-shuffle-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-shuffle-widget.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"dbmartin",13,1620,30,84,"2026-04-04T15:13:41.810Z",[38,61,81,100,118],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"comments-widget-plus","Recent Comments Widget Plus","1.3","Ga Satrya","https:\u002F\u002Fprofiles.wordpress.org\u002Fsatrya\u002F","\u003Cp>This plugin will enable a custom and advanced \u003Cstrong>recent comments widget\u003C\u002Fstrong>. Allows you to display a list of the most recent comments with avatar and excerpt, you can also choose which to show newer comments first or older comments first and choose comments from any post type.\u003C\u002Fp>\n\u003Ch4>Support this project\u003C\u002Fh4>\n\u003Cp>If you are enjoying this plugin. I would appreciate a cup of coffee to help me keep coding and supporting the project! \u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Fsatrya\" rel=\"nofollow ugc\">Support & donate\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features Include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display avatar with customizable size.\u003C\u002Fli>\n\u003Cli>Display comment excerpt with customizable length.\u003C\u002Fli>\n\u003Cli>Exclude pingback & trackback\u003C\u002Fli>\n\u003Cli>Post type option.\u003C\u002Fli>\n\u003Cli>Offset option.\u003C\u002Fli>\n\u003Cli>Option to choose the comments order.\u003C\u002Fli>\n\u003Cli>Allows you to set title url.\u003C\u002Fli>\n\u003Cli>Custom CSS class.\u003C\u002Fli>\n\u003Cli>Multiple widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fcomments-widget-plus\u002F\" rel=\"nofollow ugc\">Translate to your language\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Contribute or submit issues on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsatrya\u002Fcomments-widget-plus\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Provides custom recent comments widget with extra features such as display avatar, comment excerpt and much more!",2000,49264,94,20,"2022-10-26T16:06:00.000Z","6.1.10","5.8","7.2",[55,56,57,58,23],"avatar","excerpt","recent-comments","recent-comments-widget","https:\u002F\u002Fidenovasi.com\u002Fprojects\u002Fcomments-widget-plus\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomments-widget-plus.1.3.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":17,"tags":76,"homepage":79,"download_link":80,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"bwp-recent-comments","Better WordPress Recent Comments","1.2.2","Khang Minh","https:\u002F\u002Fprofiles.wordpress.org\u002Foddoneout\u002F","\u003Cp>This plugin displays recent comment lists at assigned locations. It does not add any significant load to your website. The comment list is updated on the fly when a visitor adds a comment or when you moderate one. No additional queries are needed for end-users.\u003C\u002Fp>\n\u003Cp>A recent comment list, in my opinion, can help stimulate discussion and exploration of your blog tremendously. Now for the past few months I have been using a plugin called Get Recent Comments; though this plugin is configurable and indeed popular, the code is somehow messy and no support for custom post type is found. The worst thing is Get Recent Comment doesn’t seem to be updated anymore, so I decide to write another recent comment plugin which is more lightweight and makes use of some nice features provided by WordPress 3.0.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Powerup your recent comment list today!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Group comments by post (inspired by the classic Get Recent Comments plugin).\u003C\u002Fli>\n\u003Cli>AJAX navigation for any recent comment list you want!\u003C\u002Fli>\n\u003Cli>Has the options to show comment only, trackback only, or show both (separately or all together)\u003C\u002Fli>\n\u003Cli>Get comments from a specific post, using either ID or post name (slug).\u003C\u002Fli>\n\u003Cli>Possibility to add different comment lists with different settings on one page\u003C\u002Fli>\n\u003Cli>You can show comments on a separate page, with pagination and custom template!\u003C\u002Fli>\n\u003Cli>You can sort comment lists descendingly or ascendingly\u003C\u002Fli>\n\u003Cli>Supports custom post type\u003C\u002Fli>\n\u003Cli>Supports Gravatar\u003C\u002Fli>\n\u003Cli>Supports smiley\u003C\u002Fli>\n\u003Cli>Widget-ready\u003C\u002Fli>\n\u003Cli>Template functions ready\u003C\u002Fli>\n\u003Cli>Generate Zero SQL query for end-users\u003C\u002Fli>\n\u003Cli>Possibility to trim post title to a certain number of words.\u003C\u002Fli>\n\u003Cli>Possibility to trim comment to a specific number of words\u003C\u002Fli>\n\u003Cli>Possibility to split long words into smaller chunks\u003C\u002Fli>\n\u003Cli>WordPress Multi-site compatible (not tested with WPMU)\u003C\u002Fli>\n\u003Cli>And more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Get in touch\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>I’m available at \u003Ca href=\"http:\u002F\u002Fbetterwp.net\" rel=\"nofollow ugc\">BetterWP.net\u003C\u002Fa> and you can also follow me on \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002F0dd0ne0ut\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Check out \u003Ca href=\"http:\u002F\u002Ffeeds.feedburner.com\u002FBetterWPnet\" rel=\"nofollow ugc\">latest WordPress Tips and Ideas\u003C\u002Fa> from BetterWP.net.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Languages\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English (default)\u003C\u002Fli>\n\u003Cli>French 1.1.0 (fr_FR) – Thanks to \u003Ca href=\"http:\u002F\u002Fmaitremo.fr\" rel=\"nofollow ugc\">Ma�tre M�\u003C\u002Fa>!\u003C\u002Fli>\n\u003Cli>Russian 1.1.0 (ru_RU) – Thanks to Konstantin (kg69design)!\u003C\u002Fli>\n\u003Cli>Ukrainian 1.1.0 (ua_UA) – Thanks to Konstantin (kg69design)!\u003C\u002Fli>\n\u003Cli>Portuguese 1.2.1 (pt_PT) – Thanks to Marcus (http:\u002F\u002Fwww.maniadecelular.com.br)!\u003C\u002Fli>\n\u003Cli>Spanish 1.2.1 (es_ES) – Thanks to Jordi!\u003C\u002Fli>\n\u003Cli>Polish 1.2.1 (pl_PL) – Thanks to Jarek!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please \u003Ca href=\"http:\u002F\u002Fbetterwp.net\u002Fwordpress-tips\u002Fcreate-pot-file-using-poedit\u002F\" rel=\"nofollow ugc\">help translate\u003C\u002Fa> this plugin!\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fbetterwp.net\u002Fwordpress-plugins\u002Fbwp-recent-comments\u002F\" rel=\"nofollow ugc\">Plugin’s Official Page\u003C\u002Fa> for more information!\u003C\u002Fp>\n","This plugin displays recent comment lists at assigned locations, with comprehensive support for widgets.",600,55904,90,15,"2017-11-28T21:47:00.000Z","3.7.41","2.8",[19,57,77,78],"recent-comments-widgets","wordpress-recent-comments","http:\u002F\u002Fbetterwp.net\u002Fwordpress-plugins\u002Fbwp-recent-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbwp-recent-comments.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":74,"requires_at_least":94,"requires_php":17,"tags":95,"homepage":98,"download_link":99,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ff-tab-widget","FF Tab Widget","1.1","Kharis Sulistiyono","https:\u002F\u002Fprofiles.wordpress.org\u002Fkharisblank\u002F","\u003Cp>FF Tab Widget is a great solution for you to display different contents in a single widget. You can display popular posts, recent posts, recent commets, and tags in an animated tabs.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to install, just drag the widget into your widgetized sidebar.\u003C\u002Fli>\n\u003Cli>Has widget options: Label name, limit tab content and show\u002Fhide tab item.\u003C\u002Fli>\n\u003Cli>Uses jQuery Tabs \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FamazingSurge\u002Fjquery-tabs\" rel=\"nofollow ugc\">script\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’d like to contribute to the plugin you can find it on \u003Ca href=\"http:\u002F\u002Fgithub.com\u002Fkharissulistiyo\u002FFF-Tab-Widget\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>FF doesn’t stand for anything.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.kharissulistiyono.com\u002Fff-tab-widget-pro\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Simply go to Appearance > Widgets and drag “FF Tab Widget” instance to the sidebar of your choice. Within the widget are several options where you can show\u002Fhide tab item and specifify the content limit. See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fff-tab-widget\u002Fscreenshots\" rel=\"ugc\">screenshots\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Tabs Widget Style\u003C\u002Fh4>\n\u003Cp>The tab widget style tested on “Twenty Twelve” theme (see the plugin screenshot). It may look different on other themes. You can adjust its style by modifying CSS file (fftw.css) inside the plugin folder. To make developers easy to make modification I also profide the LESS file (fftw.less).\u003C\u002Fp>\n\u003Cp>If you do not have time to make your tabs widget looks beautiful on your theme, you can \u003Ca href=\"mailto:kharisblank@gmail.com\" rel=\"nofollow ugc\">contact me\u003C\u002Fa> for plugin customization service.\u003C\u002Fp>\n\u003Cp>Contact this \u003Ca href=\"http:\u002F\u002Fkharissulistiyo.com\" rel=\"nofollow ugc\">plugin author\u003C\u002Fa>.\u003C\u002Fp>\n","Display popular posts, recent posts, recent commets, and tags in an animated tabs in a single widget.",80,7765,46,3,"2014-01-09T17:16:00.000Z","3.0",[19,21,96,97,23],"sidebar","tags","https:\u002F\u002Fgithub.com\u002Fkharissulistiyo\u002FFF-Tab-Widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fff-tab-widget.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":13,"num_ratings":13,"last_updated":110,"tested_up_to":111,"requires_at_least":75,"requires_php":17,"tags":112,"homepage":116,"download_link":117,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"recent-comments-widget-with-excerpts","Recent Comments Widget with Excerpts","1.0.0","Corey Salzano","https:\u002F\u002Fprofiles.wordpress.org\u002Fsalzano\u002F","\u003Cp>This plugin creates a widget similar to the default recent comments widget. Instead of the format “username on post title,” the widget will display “username said comment excerpt.”\u003C\u002Fp>\n\u003Cp>Choose whether or not to include admin user comments.\u003C\u002Fp>\n\u003Cp>Customize the character length of the comment excerpt.\u003C\u002Fp>\n","Duplicates the built-in Recent Comments widget and adds functionality to display comment excerpts instead of post titles",50,5179,"2023-09-06T17:52:00.000Z","6.3.0",[113,114,115,57,58],"comment-excerpts","default-widgets","recent-comment-excerpts","https:\u002F\u002Fcoreysalzano.com\u002Fwordpress\u002Frecent-comments-widget-with-excerpts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecent-comments-widget-with-excerpts.1.0.0.zip",{"slug":119,"name":120,"version":6,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":11,"downloaded":125,"rating":13,"num_ratings":13,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":17,"tags":129,"homepage":132,"download_link":133,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"html-classified-recent-posts-comments-widgets","HTML Classified Recent Posts & Comments Widgets","Jan Štětina","https:\u002F\u002Fprofiles.wordpress.org\u002Fzaantar\u002F","\u003Cp>This plugins adds two widgets: Classified Recent Posts and Classified Recent Comments. They differ from the default widgets only in one thing – each listed link contains HTML \u003Ccode>class\u003C\u002Fcode> attribute describing which post it is related to. For recent comments the whole \u003Ccode>li\u003C\u002Fcode> tag also contains this attribute.\u003C\u002Fp>\n\u003Cp>Listed classes are similar to the output from \u003Ccode>get_post_class\u003C\u002Fcode> (see \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_post_class\" rel=\"nofollow ugc\">WordPress Codex\u003C\u002Fa>), each class has a prefix to prevent problems with CSS styling\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>crpw-\u003C\u002Fcode> for Custom Recent Posts Widget\u003C\u002Fli>\n\u003Cli>\u003Ccode>crcw-\u003C\u002Fcode> for Custom Recent Comments Widgets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can use this for example to highlight links to posts from chosen categories or witch chosen tags (or a particular post) via CSS.\u003C\u002Fp>\n","Default WordPress widgets with \"class\" attributes identifying posts added to links.",2550,"2012-08-22T05:21:00.000Z","3.4.2","3.3",[19,21,130,23,131],"recent","widgets","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fclassified-default-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtml-classified-recent-posts-comments-widgets.zip",{"attackSurface":135,"codeSignals":182,"taintFlows":280,"riskAssessment":281,"analyzedAt":287},{"hooks":136,"ajaxHandlers":178,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":13,"unprotectedCount":13},[137,144,149,153,156,159,161,164,168,171,174],{"type":138,"name":139,"callback":140,"priority":141,"file":142,"line":143},"action","plugins_loaded","_easy_shuffle_widget_init",99,"easy-shuffle-widget.php",51,{"type":138,"name":145,"callback":146,"file":147,"line":148},"widgets_init","register_widget","inc\\class-easy-shuffle-widget-init.php",117,{"type":138,"name":150,"callback":151,"file":147,"line":152},"admin_enqueue_scripts","admin_scripts",148,{"type":138,"name":154,"callback":151,"file":147,"line":155},"customize_controls_enqueue_scripts",149,{"type":138,"name":150,"callback":157,"file":147,"line":158},"admin_styles",151,{"type":138,"name":154,"callback":157,"file":147,"line":160},152,{"type":138,"name":154,"callback":162,"file":147,"line":163},"front_styles",153,{"type":138,"name":165,"callback":166,"priority":13,"file":147,"line":167},"eshuflw_update_widget","maybe_store_css",225,{"type":138,"name":169,"callback":166,"priority":13,"file":147,"line":170},"customize_save_widget_easy-shuffle-widget",226,{"type":138,"name":172,"callback":162,"file":147,"line":173},"wp_enqueue_scripts",299,{"type":138,"name":175,"callback":176,"priority":13,"file":147,"line":177},"delete_widget","delete_widget_options",346,[],[],[],[],{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":186,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":279},[],{"prepared":13,"raw":13,"locations":185},[],{"escaped":187,"rawEcho":188,"locations":189},38,49,[190,194,196,198,200,202,204,206,207,209,211,212,214,215,217,219,221,222,223,225,226,228,230,231,233,235,237,238,240,243,246,247,248,249,251,253,255,257,259,261,263,266,267,269,270,273,275,276,277],{"file":191,"line":192,"context":193},"inc\\class-easy-shuffle-widget-fields.php",54,"raw output",{"file":191,"line":195,"context":193},66,{"file":191,"line":197,"context":193},87,{"file":191,"line":199,"context":193},89,{"file":191,"line":201,"context":193},92,{"file":191,"line":203,"context":193},121,{"file":191,"line":205,"context":193},122,{"file":191,"line":205,"context":193},{"file":191,"line":208,"context":193},154,{"file":191,"line":210,"context":193},157,{"file":191,"line":210,"context":193},{"file":191,"line":213,"context":193},187,{"file":191,"line":213,"context":193},{"file":191,"line":216,"context":193},188,{"file":191,"line":218,"context":193},219,{"file":191,"line":220,"context":193},222,{"file":191,"line":220,"context":193},{"file":191,"line":170,"context":193},{"file":191,"line":224,"context":193},229,{"file":191,"line":224,"context":193},{"file":191,"line":227,"context":193},268,{"file":191,"line":229,"context":193},271,{"file":191,"line":229,"context":193},{"file":191,"line":232,"context":193},279,{"file":191,"line":234,"context":193},280,{"file":191,"line":236,"context":193},310,{"file":191,"line":236,"context":193},{"file":191,"line":239,"context":193},311,{"file":241,"line":242,"context":193},"inc\\class-easy-shuffle-widget-utils.php",742,{"file":244,"line":245,"context":193},"inc\\class-easy-shuffle-widget-views.php",58,{"file":244,"line":245,"context":193},{"file":244,"line":245,"context":193},{"file":244,"line":245,"context":193},{"file":244,"line":250,"context":193},63,{"file":244,"line":252,"context":193},64,{"file":244,"line":254,"context":193},70,{"file":244,"line":256,"context":193},86,{"file":244,"line":258,"context":193},159,{"file":244,"line":260,"context":193},211,{"file":244,"line":262,"context":193},233,{"file":264,"line":265,"context":193},"inc\\class-widget-easy-shuffle.php",118,{"file":264,"line":203,"context":193},{"file":264,"line":268,"context":193},134,{"file":264,"line":208,"context":193},{"file":271,"line":272,"context":193},"inc\\widget-form.php",21,{"file":271,"line":274,"context":193},43,{"file":271,"line":252,"context":193},{"file":271,"line":35,"context":193},{"file":271,"line":278,"context":193},96,[],[],{"summary":282,"deductions":283},"The \"easy-shuffle-widget\" v1.0 plugin exhibits a strong security posture in terms of its attack surface and known vulnerability history. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits potential entry points for attackers. Furthermore, the plugin's code analysis shows a positive trend with 100% of SQL queries utilizing prepared statements, which is a critical security best practice for preventing SQL injection vulnerabilities. The lack of file operations and external HTTP requests also reduces the plugin's exposure to common attack vectors.\n\nHowever, a notable concern arises from the output escaping. With only 44% of its 87 total outputs properly escaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. This means user-supplied or dynamic content displayed by the widget might not be sufficiently sanitized, allowing attackers to inject malicious scripts. The absence of nonce checks and capability checks on any potential (though currently zero) entry points, while not an immediate issue with the current attack surface, would become a critical oversight if new entry points are introduced without proper authorization mechanisms. The vulnerability history being clean is a positive indicator, but it's essential to remember that a lack of past vulnerabilities does not guarantee future security.\n\nIn conclusion, the plugin demonstrates good practices in minimizing its attack surface and handling database interactions securely. The primary weakness lies in insufficient output escaping, presenting a notable XSS risk. While the current lack of checks on entry points is not immediately exploitable, it highlights a potential area for improvement should the plugin evolve. Maintaining a clean vulnerability history is positive, but continuous vigilance and addressing the output escaping issue are crucial for long-term security.",[284],{"reason":285,"points":286},"Insufficient output escaping",8,"2026-03-17T01:28:31.623Z",{"wat":289,"direct":300},{"assetPaths":290,"generatorPatterns":294,"scriptPaths":295,"versionParams":296},[291,292,293],"\u002Fwp-content\u002Fplugins\u002Feasy-shuffle-widget\u002Fcss\u002Fwidgins.css","\u002Fwp-content\u002Fplugins\u002Feasy-shuffle-widget\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Feasy-shuffle-widget\u002Fjs\u002Fwidgins.js",[],[293],[297,298,299],"easy-shuffle-widget\u002Fcss\u002Fwidgins.css?ver=","easy-shuffle-widget\u002Fcss\u002Fadmin.css?ver=","easy-shuffle-widget\u002Fjs\u002Fwidgins.js?ver=",{"cssClasses":301,"htmlComments":303,"htmlAttributes":304,"restEndpoints":306,"jsGlobals":307,"shortcodeOutput":309},[302],"widget-easy-shuffle",[],[305],"data-widget-id",[],[308],"widgins",[]]