[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fK4rir5xAvICu8djw4eTxlme46ItV1g6cOuIR3sTrQQE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":131,"fingerprints":218},"embed-charts","Embed Charts","1.0.3","jamesdlow","https:\u002F\u002Fprofiles.wordpress.org\u002Fjamesdlow\u002F","\u003Cp>Easily embed TradingView charts in WordPress from just the link. Contains affiliate links.\u003C\u002Fp>\n","Easily embed TradingView charts in Wordpress from just the link.",60,2002,0,"2021-02-27T23:18:00.000Z","5.5.18","4.0","",[19,20,21,22,23],"embed","link","oembed","page","post","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembed-charts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-charts.1.0.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},11,390,90,9,87,"2026-04-04T05:06:10.952Z",[38,51,72,92,113],{"slug":39,"name":40,"version":41,"author":7,"author_profile":8,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":16,"requires_php":17,"tags":48,"homepage":49,"download_link":50,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"embed-link","Embed Link","1.0.4","\u003Cp>Embed any link in WordPress using it’s open graph thumbnail image\u003C\u002Fp>\n","Embed any link in Wordpress using it's open graph thumbnail image",10,1063,"2021-02-27T23:35:00.000Z","5.6.0",[19,20,21,22,23],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembed-link\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-link.1.0.4.zip",{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":16,"requires_php":17,"tags":65,"homepage":70,"download_link":71,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ts-widget-pack","Widget Pack","1.2","Slobodan Manic","https:\u002F\u002Fprofiles.wordpress.org\u002Fslobodanmanic\u002F","\u003Cp>Widget Pack consists of several widget modules that will enable you to do the things you wish were WordPress standard features.\u003C\u002Fp>\n\u003Cp>The idea behind building such a plugin is that we believe following WordPress.org codex and best practices is the only way of developing WordPress themes and plugins.\u003C\u002Fp>\n\u003Cp>We encourage all end-users, as well as developers, to extend any additional functionality of WordPress themes by using Widget Pack. This ensures painless and safe switching themes without loosing any widget content or its function.\u003C\u002Fp>\n\u003Ch4>TS Call to Action Widget\u003C\u002Fh4>\n\u003Cp>Call to action widget gives you an option of inserting a call to action box in any widgetized area of your WordPress theme. Elements of the call to action widget are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Call to action text\u003C\u002Fli>\n\u003Cli>Button link\u003C\u002Fli>\n\u003Cli>Button text\u003C\u002Fli>\n\u003Cli>Button second line text\u003C\u002Fli>\n\u003Cli>Button position (right, left, below, no-button\u003C\u002Fli>\n\u003Cli>Button color (yellow, blue, red, green, black)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS List Authors Widget\u003C\u002Fh4>\n\u003Cp>This widget lists all authors on your blog. You have the option of customizing:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Number of authors to display\u003C\u002Fli>\n\u003Cli>Show\u002Fhide author Gravatars\u003C\u002Fli>\n\u003Cli>Gravatar Size (32px, 48px, 64px)\u003C\u002Fli>\n\u003Cli>Sort by (number of posts, alphabetically)\u003C\u002Fli>\n\u003Cli>Sorting (ascending, descending)\u003C\u002Fli>\n\u003Cli>Show latest posts for each author\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS oEmbed Widget\u003C\u002Fh4>\n\u003Cp>TS oEmbed allows you to embed all kinds of stuff without worrying about the code. You just enter the link and widget does the rest.\u003C\u002Fp>\n\u003Cp>Supported formats:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Animoto\u003C\u002Fli>\n\u003Cli>Blip\u003C\u002Fli>\n\u003Cli>CollegeHumor\u003C\u002Fli>\n\u003Cli>DailyMotion\u003C\u002Fli>\n\u003Cli>EmbedArticles\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003Cli>FunnyOrDie.com\u003C\u002Fli>\n\u003Cli>Hulu\u003C\u002Fli>\n\u003Cli>Imgur\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>iSnare\u003C\u002Fli>\n\u003Cli>Issuu\u003C\u002Fli>\n\u003Cli>Kickstarter\u003C\u002Fli>\n\u003Cli>Meetup.com\u003C\u002Fli>\n\u003Cli>Mixcloud\u003C\u002Fli>\n\u003Cli>Photobucket\u003C\u002Fli>\n\u003Cli>PollDaddy\u003C\u002Fli>\n\u003Cli>Rdio\u003C\u002Fli>\n\u003Cli>Revision3\u003C\u002Fli>\n\u003Cli>Scribd\u003C\u002Fli>\n\u003Cli>SlideShare\u003C\u002Fli>\n\u003Cli>SmugMug   \u003C\u002Fli>\n\u003Cli>SoundCloud\u003C\u002Fli>\n\u003Cli>Spotify\u003C\u002Fli>\n\u003Cli>TED\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>Vine\u003C\u002Fli>\n\u003Cli>WordPress.tv\u003C\u002Fli>\n\u003Cli>YouTube   Videos\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS Page Tree Widget\u003C\u002Fh4>\n\u003Cp>The widget shows your current position in page hierarchy. Options you have for TS Page Tree widget are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Page tree top level page (current, top)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>“Current” shows only child pages and all pages bellow the one you’re currently viewing\u003C\u002Fp>\n\u003Cp>“Top” shows top level ancestors.\u003C\u002Fp>\n\u003Ch4>TS Preview Post Widget\u003C\u002Fh4>\n\u003Cp>Preview Post widget shows the post you’d like to feature. For that post you choose:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Post ID\u003C\u002Fli>\n\u003Cli>Show post title\u003C\u002Fli>\n\u003Cli>Show post thumbnail\u003C\u002Fli>\n\u003Cli>Show Excerpt\u003C\u002Fli>\n\u003Cli>Read more link text (leave more link text)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS Social Icons\u003C\u002Fh4>\n\u003Cp>Social Icons widget enables people to easily connect with you on social networks of your choosing and there’s an abundance of them.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003Cli>Dribbble\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>Last.fm\u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>TS Call to Action Widget\u003C\u002Fh4>\n\u003Cp>Call to action widget gives you an option of inserting a call to action box in any widgetized area of your WordPress theme. Elements of the call to action widget are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Call to action text\u003C\u002Fli>\n\u003Cli>Button link\u003C\u002Fli>\n\u003Cli>Button text\u003C\u002Fli>\n\u003Cli>Button second line text\u003C\u002Fli>\n\u003Cli>Button position (right, left, below, no-button\u003C\u002Fli>\n\u003Cli>Button color (yellow, blue, red, green, black)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS List Authors Widget\u003C\u002Fh4>\n\u003Cp>This widget lists all authors on your blog. You have the option of customizing:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Number of authors to display\u003C\u002Fli>\n\u003Cli>Show\u002Fhide author Gravatars\u003C\u002Fli>\n\u003Cli>Gravatar Size (32px, 48px, 64px)\u003C\u002Fli>\n\u003Cli>Sort by (number of posts, alphabetically)\u003C\u002Fli>\n\u003Cli>Sorting (ascending, descending)\u003C\u002Fli>\n\u003Cli>Show latest posts for each author\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS oEmbed Widget\u003C\u002Fh4>\n\u003Cp>TS oEmbed allows you to embed all kinds of stuff without worrying about the code. You just enter the link and widget does the rest.\u003C\u002Fp>\n\u003Cp>Supported formats:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>YouTube (public videos only)\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>Flickr (both videos and images)\u003C\u002Fli>\n\u003Cli>Hulu\u003C\u002Fli>\n\u003Cli>Twitter (WordPress 3.4+)\u003C\u002Fli>\n\u003Cli>DailyMotion\u003C\u002Fli>\n\u003Cli>blip.tv\u003C\u002Fli>\n\u003Cli>Viddler\u003C\u002Fli>\n\u003Cli>Qik\u003C\u002Fli>\n\u003Cli>Revision3\u003C\u002Fli>\n\u003Cli>Scribd\u003C\u002Fli>\n\u003Cli>Photobucket\u003C\u002Fli>\n\u003Cli>PollDaddy\u003C\u002Fli>\n\u003Cli>WordPress.tv (only VideoPress-type videos for the time being)\u003C\u002Fli>\n\u003Cli>SmugMug (WordPress 3.0+)\u003C\u002Fli>\n\u003Cli>FunnyOrDie.com (WordPress 3.0+)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS Page Tree Widget\u003C\u002Fh4>\n\u003Cp>The widget shows your current position in page hierarchy. Options you have for TS Page Tree widget are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Title\u003C\u002Fli>\n\u003Cli>Page tree top level page (current, top)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>“Current” shows only child pages and all pages bellow the one you’re currently viewing\u003C\u002Fp>\n\u003Cp>“Top” shows top level ancestors.\u003C\u002Fp>\n\u003Ch4>TS Preview Post Widget\u003C\u002Fh4>\n\u003Cp>Preview Post widget shows the post you’d like to feature. For that post you choose:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Post ID\u003C\u002Fli>\n\u003Cli>Show post title\u003C\u002Fli>\n\u003Cli>Show post thumbnail\u003C\u002Fli>\n\u003Cli>Show Excerpt\u003C\u002Fli>\n\u003Cli>Read more link text (leave more link text)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TS Social Icons\u003C\u002Fh4>\n\u003Cp>Social Icons widget enables people to easily connect with you on social networks of your choosing and there’s an abundance of them.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003Cli>Dribbble\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>Last.fm\u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Social Icons – http:\u002F\u002Fveodesign.com\u002F2011\u002Fen\u002F11\u002F08\u002Fsomacro-27-free-big-and-simple-social-media-icons\u002F\u003C\u002Fp>\n","Widget Pack is a WordPress plugin that enables essential, yet powerful features for your website.",300,24328,100,3,"2016-06-27T07:37:00.000Z","4.2.39",[66,67,21,68,69],"call-to-action-widget","list-authors","page-tree","preview-post-widget","https:\u002F\u002Fgithub.com\u002Fslobodan\u002FTS-Widget-Pack","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fts-widget-pack.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":61,"num_ratings":82,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":17,"tags":86,"homepage":90,"download_link":91,"security_score":61,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"vk-link-target-controller","VK Link Target Controller","1.8.0.1","Vektor,Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fvektor-inc\u002F","\u003Ch4>Plugin presentation\u003C\u002Fh4>\n\u003Cp>VK Link Target Controller enables to redirect your visitors to another page than the post content when they click on the post title that displays on the Recent Posts list or the Archives Page.\u003C\u002Fp>\n\u003Ch4>Example of use\u003C\u002Fh4>\n\u003Cp>Let’s say you have a new product for sale on eBay or Etsy.\u003Cbr \u002F>\nYou find it annoying to write a complete post entry on your blog (or WordPress powered website) to explain you have a new product to sell there and would like your visitors to access directly the product page.\u003C\u002Fp>\n\u003Cp>With VK Link Target Controller your visitors will access directly that product page when clicking on the post title.\u003Cbr \u002F>\nFast redirection to the product you want to sell!.\u003C\u002Fp>\n\u003Ch4>GitHub repository\u003C\u002Fh4>\n\u003Cp>VK Link Target Controller official repository on GitHub.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkurudrive\u002Fvk-link-target-controller\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fkurudrive\u002Fvk-link-target-controller\u003C\u002Fa>\u003Cbr \u002F>\nLatest plugin version is always on GitHub.\u003C\u002Fp>\n","Redirect your visitors to another page than the post content when they click on the post title.",30000,253504,2,"2026-02-19T09:04:00.000Z","6.9.4","5.3",[20,87,22,88,89],"list","recent-posts","redirection","https:\u002F\u002Fgithub.com\u002Fvektor-inc\u002Fvk-link-target-controller","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvk-link-target-controller.1.8.0.1.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":102,"num_ratings":103,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":17,"tags":107,"homepage":111,"download_link":112,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"admin-collapse-subpages","Admin Collapse Subpages","2.4","bravokeyl","https:\u002F\u002Fprofiles.wordpress.org\u002Fbravokeyl\u002F","\u003Cp>Simple plugin that allows you to collapse subpages in the Pages admin list also for custom post types that are heirarchial. Especially helpful if you have a ton of pages \u002Fcpt’s with heiararchial set to true. It uses a cookie to save the expand\u002Fcollapse status of your pages.\u003C\u002Fp>\n\u003Cp>This is loosely based on Collapse Sub-Pages by Dan Dietz, which broke with the 3.0 upgrade due to UI changes and hasn’t been updated. I’ve had to rewrite the jQuery to make it work with 3.x versions.\u003C\u002Fp>\n\u003Cp>Because this is a jQuery, it’s possible that they could make additional changes that would break it. I’ll do my best to stay on top of it, but let me know if it stops working.\u003C\u002Fp>\n\u003Ch3>Plugin in your Language\u003C\u002Fh3>\n\u003Cp>From version 2.3 our plugin supports internationalization, which means you can have plugin in your specified language.\u003C\u002Fp>\n\u003Cp>It’s currently available in US English ,UK English, Chinese, Telugu , Serbian.\u003C\u002Fp>\n\u003Ch3>Support us by Translating\u003C\u002Fh3>\n\u003Cp>Go \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fadmin-collapse-subpages\" rel=\"nofollow ugc\">here\u003C\u002Fa> and translate into your language.\u003C\u002Fp>\n\u003Ch3>Special Thanks\u003C\u002Fh3>\n\u003Cp>We specially thank \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Borisa Djuraskovic\u003C\u002Fa> for translating this plugin in Serbian Language.\u003C\u002Fp>\n\u003Cp>What’s new in Version 2.0 ?\u003C\u002Fp>\n\u003Cp>1)Fix en-queuing of scripts .\u003Cbr \u002F>\n2)Expand all , Collapse all links appear only on the pages list not on every list (like plugins ,posts etc.,)\u003Cbr \u002F>\n3)Updated jQuery.cookie.js to 1.4.0\u003C\u002Fp>\n","Using this plugin one can easily collapse\u002Fexpand pages with children and grand children.",4000,46956,98,20,"2019-07-09T17:11:00.000Z","5.2.24","4.6",[108,109,22,110,23],"admin","links","pages","https:\u002F\u002Fbravokeyl.com\u002Fadmin-collapse-subpages\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-collapse-subpages.zip",{"slug":114,"name":115,"version":54,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":122,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":85,"tags":127,"homepage":129,"download_link":130,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"embed-iframe","Embed Iframe","brajesh","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrajesh\u002F","\u003Cp>Embed Iframe is a plugin that will let you embed iframe – an HTML tag that allows a webpage to be displayed inline with the current page, in a WordPress post. Although an iframe can lead to a complicated website, it can be very effective when used appropriately.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Use following tag to insert another page in post using iframe\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[iframe url width height]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>e.g.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[iframe http:\u002F\u002Fwww.example.com 400 500]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Allows the insertion of code to display an external webpage within an iframe.",2000,156429,68,5,"2022-06-01T02:10:00.000Z","6.0.11","1.3",[19,128,22,23],"iframe","https:\u002F\u002Fwww.deskera.com\u002Fblog\u002Fwordpress-plugin-embed-iframe\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-iframe.zip",{"attackSurface":132,"codeSignals":157,"taintFlows":181,"riskAssessment":209,"analyzedAt":217},{"hooks":133,"ajaxHandlers":153,"restRoutes":154,"shortcodes":155,"cronEvents":156,"entryPointCount":13,"unprotectedCount":13},[134,139,142,146,150],{"type":135,"name":136,"callback":136,"file":137,"line":138},"action","init","embed-charts.php",31,{"type":135,"name":140,"callback":140,"file":137,"line":141},"wp_head",32,{"type":135,"name":143,"callback":144,"file":137,"line":145},"rest_api_init","closure",33,{"type":135,"name":147,"callback":147,"file":148,"line":149},"admin_init","settingslib.php",22,{"type":135,"name":151,"callback":151,"file":148,"line":152},"admin_menu",23,[],[],[],[],{"dangerousFunctions":158,"sqlUsage":159,"outputEscaping":161,"fileOperations":13,"externalRequests":13,"nonceChecks":179,"capabilityChecks":13,"bundledLibraries":180},[],{"prepared":13,"raw":13,"locations":160},[],{"escaped":123,"rawEcho":34,"locations":162},[163,165,167,168,170,172,173,175,177],{"file":137,"line":11,"context":164},"raw output",{"file":137,"line":166,"context":164},61,{"file":148,"line":122,"context":164},{"file":148,"line":169,"context":164},86,{"file":148,"line":171,"context":164},88,{"file":148,"line":33,"context":164},{"file":148,"line":174,"context":164},92,{"file":148,"line":176,"context":164},140,{"file":148,"line":178,"context":164},141,1,[],[182,200],{"entryPoint":183,"graph":184,"unsanitizedCount":179,"severity":199},"process_option (settingslib.php:133)",{"nodes":185,"edges":196},[186,191],{"id":187,"type":188,"label":189,"file":148,"line":190},"n0","source","$_REQUEST[$key]",134,{"id":192,"type":193,"label":194,"file":148,"line":190,"wp_function":195},"n1","sink","update_option() [Settings Manipulation]","update_option",[197],{"from":187,"to":192,"sanitized":198},false,"low",{"entryPoint":201,"graph":202,"unsanitizedCount":13,"severity":199},"\u003Csettingslib> (settingslib.php:0)",{"nodes":203,"edges":206},[204,205],{"id":187,"type":188,"label":189,"file":148,"line":190},{"id":192,"type":193,"label":194,"file":148,"line":190,"wp_function":195},[207],{"from":187,"to":192,"sanitized":208},true,{"summary":210,"deductions":211},"The \"embed-charts\" plugin v1.0.3 demonstrates a generally strong security posture, particularly evident in the absence of any known vulnerabilities and the use of prepared statements for all SQL queries. The plugin also correctly implements a nonce check, which is a fundamental security practice. However, there are notable areas of concern. The static analysis reveals that only 36% of output escaping is properly done, which poses a significant risk for cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed. Additionally, one unsanitized path was identified in the taint analysis, indicating a potential pathway for malicious input to reach sensitive functions, even though it was not classified as critical or high severity.\n\nWhile the plugin has no recorded vulnerability history, this does not guarantee future safety, especially given the identified output escaping and taint analysis concerns. The lack of capability checks and the absence of any unprotected entry points are positive indicators, suggesting the developers have considered some fundamental security aspects. However, the low percentage of proper output escaping is a substantial weakness that needs immediate attention, as it is a common vector for exploitation. The plugin's strengths lie in its SQL handling and nonce implementation, but its weaknesses in output sanitization and the presence of an unsanitized path require careful consideration.",[212,215],{"reason":213,"points":214},"Low output escaping percentage",8,{"reason":216,"points":123},"Unsanitized path in taint analysis","2026-03-16T21:42:18.705Z",{"wat":219,"direct":225},{"assetPaths":220,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[221],"\u002Fwp-content\u002Fplugins\u002Fembed-charts\u002Fsettingslib.php",[],[],[],{"cssClasses":226,"htmlComments":232,"htmlAttributes":235,"restEndpoints":238,"jsGlobals":240,"shortcodeOutput":242},[227,228,229,230,231],"wp_embed_chart","tradingview-widget-container","tradingview-widget-child","tradingview-widget-copyright","blue-text",[233,234],"\u003C!-- TradingView Widget BEGIN -->","\u003C!-- TradingView Widget END -->",[236,237],"id=\"tradingview_([0-9]+)\"","container_id=\"tradingview_([0-9]+)\"",[239],"\u002Fembedcharts\u002Fv1\u002Foembed",[241],"TradingView.widget",[]]