[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuAmxYb4L0r-wbA6iYpZAV3onbLgIaZPNlAg-UHWvKEU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":53,"analysis":148,"fingerprints":248},"embed-peertube-playlist","Embed Peertube Playlist","1.21","manu225","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanu225\u002F","\u003Cp>Display peertube playlist on your webiste. \u003Ca href=\"https:\u002F\u002Fwww.info-d-74.com\u002Fpeertube-playlist-demo\u002F\" rel=\"nofollow ugc\">Here some exemples\u003C\u002Fa>\u003Cbr \u002F>\nAnd see my others WordPress Pro plugin on \u003Ca href=\"https:\u002F\u002Fwww.info-d-74.com\u002Fen\u002Fshop\u002F\" rel=\"nofollow ugc\">my shop\u003C\u002Fa>\u003C\u002Fp>\n","Display peertube playlist on your webiste.",100,3295,1,"2025-12-06T12:39:00.000Z","6.9.4","3.5","5.6",[19,20,21,22,23],"embed","grid","peertube","playlist","video","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-peertube-playlist.1.21.zip",99,0,"2024-06-22 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-4602","embed-peertube-playlist-authenticated-editor-stored-cross-site-scripting","Embed Peertube Playlist \u003C= 1.07 - Authenticated (Editor+) Stored Cross-Site Scripting","The Embed Peertube Playlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.07 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.07","1.10","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-06-27 14:30:11",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc8db0c54-0a68-41bc-832f-1e0e1a92d167?source=api-prod",6,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":11,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},17,26850,29,94,"2026-04-04T15:37:16.336Z",[54,79,96,114,135],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":51,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":24,"tags":68,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":27,"last_vuln_date":78,"fetched_at":29},"yotuwp-easy-youtube-embed","Video Gallery – YouTube Playlist, Channel Gallery by YotuWP","1.3.14","yotuwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fyotuwp\u002F","\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdocument\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" rel=\"nofollow ugc\">Document\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fcontact\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" title=\"Contact & Support\" rel=\"nofollow ugc\">Contact & Support\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" title=\"YotuWP Landingpage\" rel=\"nofollow ugc\">Home Page\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The longer you keep vistors on website, the better. Video was a game-changer for us personally in regards to keeping people on the site longer.\u003C\u002Fp>\n\u003Cp>YotuWP is your solution for embeding videos YouTube on your website. YotuWP is modern and mobile responsive video gallery. Easy embed videos from YouTube video playlist, channel and videos IDs to your WordPress website.\u003C\u002Fp>\n\u003Ch3>Support resource from:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Videos from playlist\u003C\u002Fli>\n\u003Cli>Videos from channel\u003C\u002Fli>\n\u003Cli>Videos from username\u003C\u002Fli>\n\u003Cli>Videos from list of video ids\u003C\u002Fli>\n\u003Cli>Embed single video with video url only.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=resource-section\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View More\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Layouts\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Grid : with multi columns videos and vertical video info. You can change number of columns via setting.\u003C\u002Fli>\n\u003Cli>List : with one column and horizontal video info \u003C\u002Fli>\n\u003Cli>Mix : that is combie layout between grid and list layout. You can change number of columns via setting.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=layout-section\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View More\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Player Mode\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Large : A big player at head of gallery. Item video played when click on item thumbnail or title of gallery.\u003C\u002Fli>\n\u003Cli>Modal\u002FPopup\u002FLightbox : The new youtbe popup\u002Flightbox displayed when click on item thumbnail or title of gallery.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=player-section\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View More\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcode Generator\u003C\u002Fh3>\n\u003Cp>Allow you generate shortcode YotuWP to use on page builders, widgets, product description…\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy to embed playlist\u002F channel videos to WordPress post\u002Fpage\u003C\u002Fli>\n\u003Cli>Custom layout for display videos\u003C\u002Fli>\n\u003Cli>Video gallery responsive\u003C\u002Fli>\n\u003Cli>Player with a large frame on top\u003C\u002Fli>\n\u003Cli>Player with popup\u002Flightbox\u002Fmodal with thumbnails\u003C\u002Fli>\n\u003Cli>Player responsive\u003C\u002Fli>\n\u003Cli>Pager and load more buttons\u003C\u002Fli>\n\u003Cli>Compatibility with page builders via Shortcode Generator\u003C\u002Fli>\n\u003Cli>Styling settings: buttons color, buttons style\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>BECOME A PREMIUM USER\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>YotuWP has Pro version which comes with several additional benefits. Only $21 for start!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Carousel Layout\u003C\u002Fli>\n\u003Cli>Masonry Layout\u003C\u002Fli>\n\u003Cli>Big Player Left Layout\u003C\u002Fli>\n\u003Cli>Big Player Right Layout\u003C\u002Fli>\n\u003Cli>Flip Layout with 40+ effects\u003C\u002Fli>\n\u003Cli>Replacement: Replace title, description and video thumbnail by your custom info, image\u003C\u002Fli>\n\u003Cli>Multiple video thumbnails styling\u003C\u002Fli>\n\u003Cli>Meta video data: View, Like, Comments, Published Date\u003C\u002Fli>\n\u003Cli>12+ Hover icons\u003C\u002Fli>\n\u003Cli>Custom text for buttons Next, Prev, Load more\u003C\u002Fli>\n\u003Cli>Color styling for title, description, meta data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyotuwp.com\u002Fadvanced-demos\u002F?utm_source=wp-plugin-repo&utm_medium=after-features-link\" rel=\"nofollow ugc\">Free Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Modern responsive YouTube video gallery helps your website getting noticed from visitors, increase the reach and stand out from the competitors.",20000,371238,320,"2024-06-25T03:20:00.000Z","6.2.9","4.5",[69,70,71,72,73],"youtube-channel","youtube-embed","youtube-gallery","youtube-playlist","youtube-videos","https:\u002F\u002Fwww.yotuwp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyotuwp-easy-youtube-embed.zip",86,5,"2024-06-14 20:13:53",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":27,"num_ratings":27,"last_updated":89,"tested_up_to":24,"requires_at_least":90,"requires_php":24,"tags":91,"homepage":24,"download_link":94,"security_score":95,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"press-tube","Press Tube","0.0.3","Erik","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodekraft\u002F","\u003Cp>Press Tube let you access YouTube content from your site administration panel, easily find them and embed in your posts content. You can access to your channel content and create custom playlists.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easily select YouTube content from post edit page.\u003C\u002Fli>\n\u003Cli>Embed content in your posts with many options.\u003C\u002Fli>\n\u003Cli>Display YouTube playlists in various styles (default, list, slider, gallery).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[subscribe]: Display the YouTube subscribe button for a given Channel Id\u003C\u002Fli>\n\u003Cli>[playlist]: Display the playlist for a given Id that can be YouTube playlist Id or custom playlists Id\u003C\u002Fli>\n\u003Cli>[live-chat]: Display the live chat frame for a given Live video id.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Widgets\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>YouTube LiveStream: Display your live stream video with chat and many options\u003C\u002Fli>\n\u003Cli>YouTube Videos: Display a set of videos that match your options in different styles\u003C\u002Fli>\n\u003Cli>YouTube Subscribe: Display the YouTube Subscribe button for your channel or any channel with many options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>More to come in next versions.\u003C\u002Fp>\n\u003Ch4>Please Vote and Enjoy\u003C\u002Fh4>\n\u003Cp>Your votes really make a difference! Thanks.\u003C\u002Fp>\n","With Press Tube you can easily access to YouTube content directly from your site administration panel.",50,3354,"2017-04-03T10:19:00.000Z","4.6",[19,22,92,23,93],"share","youtube","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpress-tube.zip",85,{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":27,"num_ratings":27,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":24,"tags":109,"homepage":112,"download_link":113,"security_score":95,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"simple-youtube-widget","Simple Youtube Widget","2.5.0","UjW0L","https:\u002F\u002Fprofiles.wordpress.org\u002Fujw0l\u002F","\u003Cp>This plugin lets you to display Youtube widget on sidebar with the themes that supports sidebar and Footer\u003C\u002Fp>\n\u003Cp>It displays video and playlist of your choice with video id and playlist id.\u003Cbr \u002F>\nIt also lets you display all videos from you youtube channel with option to navigate to next nd previous button.\u003Cbr \u002F>\nNo google API key needed. Uses Youtube rss feed.\u003C\u002Fp>\n\u003Cp>You have choice between single video , playlist and channel.\u003C\u002Fp>\n\u003Cp>Note:\u003C\u002Fp>\n","Plugin that provides users option to display Youtube Widget on the Sidebar or Footer",40,2266,"2020-08-25T10:10:00.000Z","5.5.0","2.8",[110,22,111,93],"channel","video-embed","https:\u002F\u002Fgithub.com\u002Fujw0l\u002FSimpleYoutubePlugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-youtube-widget.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":11,"num_ratings":124,"last_updated":125,"tested_up_to":15,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":133,"download_link":134,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"elex-embed-youtube-video-gallery","ELEX Embed YouTube Video Gallery","1.0.7","ELEXtensions","https:\u002F\u002Fprofiles.wordpress.org\u002Felextensions\u002F","\u003Cp>The ELEX Embed YouTube Video Gallery plugin allows you to embed unlimited YouTube galleries on your website, featuring complete channels, handles, playlists, or single videos. Utilizing the YouTube API, this plugin is designed for optimal performance. It offers features such as pagination to enhance layout and loading speed, automatic synchronization, and various customization options.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Create unlimited galleries featuring videos from various YouTube channels, handles, playlists, and videos\u003C\u002Fli>\n\u003Cli>Automatic gallery syncs with all of your YouTube channels, handles, and playlists\u003C\u002Fli>\n\u003Cli>Live preview\u003C\u002Fli>\n\u003Cli>Customizable gallery layout\u003C\u002Fli>\n\u003Cli>Add an intro video to galleries\u003C\u002Fli>\n\u003Cli>Include a subscribe button in the gallery\u003C\u002Fli>\n\u003Cli>Pagination customization\u003C\u002Fli>\n\u003Cli>Generate gallery-specific shortcodes\u003C\u002Fli>\n\u003Cli>Light and dark color mode customization\u003C\u002Fli>\n\u003Cli>Videos can be wrapped in a container for the background of the gallery\u003C\u002Fli>\n\u003Cli>Ability to revert to default settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Version Features\u003C\u002Fh4>\n\u003Cp>For complete list of features and details, Please visit \u003Ca href=\"https:\u002F\u002Felextensions.com\u002Fplugin\u002Fwordpress-embed-youtube-video-gallery\u002F\" rel=\"nofollow ugc\">ELEX WordPress Embed YouTube Video Gallery\u003C\u002Fa>.\u003Cbr \u002F>\n👉 Premium Plugin Live Demo: \u003Ca href=\"https:\u002F\u002Fapp.instawp.io\u002Flaunch?t=elex-wordpress-embed-youtube-video-gallery&d=v2\" rel=\"nofollow ugc\">Exclusive Live Demo Site\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>Play button customization\u003C\u002Fli>\n\u003Cli>Add product videos to individual product galleries through direct WooCommerce integration\u002Fli>\n\u003C\u002Fli>\n\u003Cli>Premium support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>ELEX Premium Plugins You May Be Interested In\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Felextensions.com\u002Fplugin\u002Fdynamic-pricing-and-discounts-plugin-for-woocommerce\u002F\" rel=\"nofollow ugc\">WooCommerce Dynamic Pricing and Discounts Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Felextensions.com\u002Fplugin\u002Fwoocommerce-catalog-mode-wholesale-role-based-pricing\u002F\" rel=\"nofollow ugc\">Wholesale & Role Based Pricing\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Felextensions.com\u002Fplugin\u002Fbulk-edit-products-prices-attributes-for-woocommerce\u002F\" rel=\"nofollow ugc\">WooCommerce Advanced Bulk Edit Products, Prices & Attributes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Felextensions.com\u002Fplugin\u002Fwoocommerce-request-a-quote-plugin\u002F\" rel=\"nofollow ugc\">WooCommerce Request a Quote Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About ELEXtensions\u003C\u002Fh4>\n\u003Cp>We, Team ELEXtensions are a group of WordPress and WooCommerce enthusiasts with a vision to solve genuine problems related to WordPress & WooCommerce stores. We offer a wide variety of extensions for WooCommerce. We have premium extensions related to many domains including Shipping, Pricing, Payments and Customer Support.\u003C\u002Fp>\n","The ELEX Embed YouTube Video Gallery plugin allows you to create unlimited YouTube gallery pages on your WordPress website using videos from multiple  …",30,3084,2,"2026-01-27T14:42:00.000Z","5.0","7.1.3",[129,130,131,132,93],"embed-youtube-video","playlist-gallery","video-gallery","woocommerce-youtube","https:\u002F\u002Felextensions.com\u002Fplugin\u002Fwordpress-embed-youtube-video-gallery-free\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Felex-embed-youtube-video-gallery.1.0.7.zip",{"slug":136,"name":137,"version":138,"author":7,"author_profile":8,"description":139,"short_description":140,"active_installs":141,"downloaded":142,"rating":27,"num_ratings":27,"last_updated":143,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":144,"homepage":24,"download_link":146,"security_score":26,"vuln_count":13,"unpatched_count":27,"last_vuln_date":147,"fetched_at":29},"playlist-for-youtube","Playlist for Youtube","1.43","\u003Cp>Display Youtube playlist on your webiste. This is the free version.\u003C\u002Fp>\n\u003Cp>The pro version offer many settings :\u003Cbr \u002F>\n– template choice\u003Cbr \u002F>\n– color and text options\u003Cbr \u002F>\n– show\u002Fhide title and description\u003Cbr \u002F>\n– cache system for optimization\u003C\u002Fp>\n\u003Cp>Some demos here of Pro version: \u003Ca href=\"https:\u002F\u002Fwww.info-d-74.com\u002Fplaylist-youtube-plugin-wordpress-demos\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.info-d-74.com\u002Fplaylist-youtube-plugin-wordpress-demos\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Display Youtube playlist on your webiste.",20,5089,"2025-12-02T13:30:00.000Z",[20,22,145,23,93],"slider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplaylist-for-youtube.1.43.zip","2024-05-08 00:00:00",{"attackSurface":149,"codeSignals":178,"taintFlows":199,"riskAssessment":240,"analyzedAt":247},{"hooks":150,"ajaxHandlers":164,"restRoutes":171,"shortcodes":172,"cronEvents":177,"entryPointCount":124,"unprotectedCount":27},[151,157,160],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","admin_menu","register_playlist_peertube_menu","peertube-playlist.php",55,{"type":152,"name":158,"callback":159,"file":155,"line":95},"admin_print_styles","playlist_peertube_css",{"type":152,"name":161,"callback":162,"file":155,"line":163},"wp_enqueue_scripts","closure",255,[165],{"action":166,"nopriv":167,"callback":168,"hasNonce":169,"hasCapCheck":167,"file":155,"line":170},"remove_playlist_peertube",false,"remove_playlist_peertube_callback",true,151,[],[173],{"tag":174,"callback":175,"file":155,"line":176},"playlist_peertube","display_playlist_peertube",173,[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":192,"fileOperations":13,"externalRequests":13,"nonceChecks":182,"capabilityChecks":27,"bundledLibraries":198},[],{"prepared":181,"raw":182,"locations":183},10,3,[184,187,189],{"file":155,"line":185,"context":186},51,"$wpdb->query() with variable interpolation",{"file":155,"line":188,"context":186},68,{"file":155,"line":190,"context":191},142,"$wpdb->get_results() with variable interpolation",{"escaped":141,"rawEcho":13,"locations":193},[194],{"file":195,"line":196,"context":197},"views\\grid.php",52,"raw output",[],[200,217,227],{"entryPoint":201,"graph":202,"unsanitizedCount":27,"severity":216},"playlists_peertube (peertube-playlist.php:93)",{"nodes":203,"edges":214},[204,209],{"id":205,"type":206,"label":207,"file":155,"line":208},"n0","source","$_POST['name'] (x2)",124,{"id":210,"type":211,"label":212,"file":155,"line":208,"wp_function":213},"n1","sink","query() [SQLi]","query",[215],{"from":205,"to":210,"sanitized":169},"low",{"entryPoint":218,"graph":219,"unsanitizedCount":27,"severity":216},"remove_playlist_peertube_callback (peertube-playlist.php:153)",{"nodes":220,"edges":225},[221,224],{"id":205,"type":206,"label":222,"file":155,"line":223},"$_POST['id']",164,{"id":210,"type":211,"label":212,"file":155,"line":223,"wp_function":213},[226],{"from":205,"to":210,"sanitized":169},{"entryPoint":228,"graph":229,"unsanitizedCount":27,"severity":216},"\u003Cpeertube-playlist> (peertube-playlist.php:0)",{"nodes":230,"edges":237},[231,232,233,235],{"id":205,"type":206,"label":207,"file":155,"line":208},{"id":210,"type":211,"label":212,"file":155,"line":208,"wp_function":213},{"id":234,"type":206,"label":222,"file":155,"line":223},"n2",{"id":236,"type":211,"label":212,"file":155,"line":223,"wp_function":213},"n3",[238,239],{"from":205,"to":210,"sanitized":169},{"from":234,"to":236,"sanitized":169},{"summary":241,"deductions":242},"The \"embed-peertube-playlist\" plugin version 1.21 demonstrates a generally good security posture based on the static analysis. A high percentage of SQL queries utilize prepared statements, and output escaping is very well implemented. The absence of critical or high severity taint flows further suggests a lack of immediately exploitable code vulnerabilities. The plugin also has a limited attack surface with no unprotected entry points identified in the static analysis.\n\nHowever, a medium severity vulnerability (Cross-site Scripting) was recently patched, indicating a past weakness that required remediation. While currently unpatched vulnerabilities are zero, the presence of a past XSS vulnerability is a point of attention. The lack of capability checks on its entry points, despite a small attack surface, represents a potential area for improvement to further harden the plugin against unauthorized actions, even if the current analysis found no direct way to exploit this.\n\nIn conclusion, the plugin is in a relatively secure state with strong coding practices in place for SQL and output handling. The recent remediation of a medium severity XSS vulnerability is positive, but it highlights the importance of ongoing vigilance. The primary area for improvement would be the addition of capability checks to its entry points to align with WordPress security best practices.",[243,245],{"reason":244,"points":77},"Missing capability checks on entry points",{"reason":246,"points":181},"Past medium severity XSS vulnerability history","2026-03-16T21:15:27.614Z",{"wat":249,"direct":259},{"assetPaths":250,"generatorPatterns":253,"scriptPaths":254,"versionParams":256},[251,252],"\u002Fwp-content\u002Fplugins\u002Fembed-peertube-playlist\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fembed-peertube-playlist\u002Fcss\u002Fgrid.css",[],[255],"\u002Fwp-content\u002Fplugins\u002Fembed-peertube-playlist\u002Fjs\u002Fadmin.js",[257,258],"embed-peertube-playlist\u002Fcss\u002Fadmin.css?ver=","embed-peertube-playlist\u002Fcss\u002Fgrid.css?ver=",{"cssClasses":260,"htmlComments":261,"htmlAttributes":262,"restEndpoints":263,"jsGlobals":265,"shortcodeOutput":266},[],[],[],[264],"\u002Fapi\u002Fv1\u002Fvideo-playlists\u002F",[],[]]