[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnACC91JXeKH13_kB_jBW9bFvOie38Rsv_ndxqWxBbL8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":48,"crawl_stats":38,"alternatives":55,"analysis":151,"fingerprints":254},"falling-things","Falling Things","1.09","manu225","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanu225\u002F","\u003Cp>Falling leafs, snowflakes, flowers or wathever you want :). \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=D8L8YWiyBQo\" rel=\"nofollow ugc\">Demo video\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>And there is a Pro version of this plugin, with many additional features:\u003Cbr \u002F>\n– choose which object fall (custom and multiple icons allowed)\u003Cbr \u002F>\n– quantity of objet falling\u003Cbr \u002F>\n– speed of the object (can be random speed)\u003Cbr \u002F>\n– 3 possible trajectories\u003Cbr \u002F>\n– define on wich pages or custom urls the falling things appear\u003Cbr \u002F>\n– define on wich period the falling things appear\u003Cbr \u002F>\n– multiple profils (ie: one for summer and one for winter)\u003C\u002Fp>\n\u003Cp>More informations and demos \u003Ca href=\"https:\u002F\u002Fwww.info-d-74.com\u002Fen\u002Fproduit\u002Ffalling-things-pro-plugin-wordpress-2\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n","Falling leafs, snowflakes, flowers or wathever you want :)",300,17861,80,3,"2025-12-02T14:46:00.000Z","6.9.4","3.5","5.6",[20,21,22,23,24],"falling","flower","leaf","snow","things","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffalling-things.1.09.zip",99,1,0,"2025-04-04 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-32203","falling-things-authenticated-editor-sql-injection","Falling things \u003C= 1.08 - Authenticated (Editor+) SQL Injection","The Falling things plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.08 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=1.08","medium",4.9,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-04-10 13:02:03",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2328efaf-4174-48f0-b575-1939d6af9216?source=api-prod",7,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},17,26850,100,29,94,"2026-04-04T10:00:38.207Z",[56,78,100,118,133],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":51,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":25,"tags":70,"homepage":75,"download_link":76,"security_score":77,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"db-falling-snowflakes","DB Falling Snowflakes","1.8","Denis Bisteinov","https:\u002F\u002Fprofiles.wordpress.org\u002Fbisteinoff\u002F","\u003Cp>Make a snow falling effect on your website with a simple and secure plugin.\u003C\u002Fp>\n\u003Cp>You will be able to customize the number of snowflakes, their style and their movement.\u003C\u002Fp>\n\u003Cp>DB Falling Snowflakes is an easy solution to generate snowflakes falling down on the foreground of the pages. Once installed it will run the script only in the period of time when you want. A lot of options to customize snowflakes and their actions.\u003C\u002Fp>\n","Snow falling animation. Personal customization of snowflakes and their movement. The script runs only during the period of time you want.",700,7726,4,"2025-01-05T22:48:00.000Z","6.7.5","4.6",[71,23,72,73,74],"falling-snow","snow-effect","snow-overlay","snowflakes","https:\u002F\u002Fgithub.com\u002Fbisteinoff\u002Fdb-snow","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdb-falling-snowflakes.1.8.zip",92,{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":77,"num_ratings":88,"last_updated":89,"tested_up_to":68,"requires_at_least":90,"requires_php":25,"tags":91,"homepage":95,"download_link":96,"security_score":97,"vuln_count":98,"unpatched_count":29,"last_vuln_date":99,"fetched_at":31},"snow-storm","Snow Storm","1.4.7","Tribulant Software","https:\u002F\u002Fprofiles.wordpress.org\u002Fcontrid\u002F","\u003Cp>Display falling snow flakes on the front of your WordPress website for a festive presentation.\u003C\u002Fp>\n\u003Cp>Useful Links:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftribulant.com\u002Fdocs\u002Fwordpress-snow-storm-plugin\u002F7799\u002F\" rel=\"nofollow ugc\">Online Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftribulant.net\u002Fsnowstorm\u002F\" rel=\"nofollow ugc\">Live Demonstration of Snow Storm plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftribulant.com\" rel=\"nofollow ugc\">Get Support for Snow Storm plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The Snow Storm plugin was developed by \u003Ca href=\"https:\u002F\u002Ftribulant.com\" rel=\"nofollow ugc\">Tribulant Software\u003C\u002Fa> so that WordPress website owners can display falling snow during the festive season eg. Christmas to decorate their website.\u003C\u002Fp>\n","Display falling snow flakes on the front of your WordPress website for a festive presentation.",500,113021,49,"2025-03-14T19:25:00.000Z","3.0",[92,71,93,94,79],"christmas","festive","snow-flakes","https:\u002F\u002Ftribulant.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsnow-storm.1.4.7.zip",91,2,"2025-04-02 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":51,"num_ratings":110,"last_updated":111,"tested_up_to":68,"requires_at_least":112,"requires_php":18,"tags":113,"homepage":116,"download_link":117,"security_score":77,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"christmas-snow-3d","Christmas Snow 3D – Snowfalling, Snowflake Effect and Christmas mood","1.0.2","Ilya Zolotov","https:\u002F\u002Fprofiles.wordpress.org\u002Ffnpen\u002F","\u003Ch4>May your site be filled with warmth and good cheer, and aspire to something big!\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Filyazolotov.com\u002Fprojects\u002Fchristmas-snow-3d\" rel=\"nofollow ugc\">Demo Page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin will help you to add Christmas mood and falling snowflakes with unique and smooth experience and realistic animation.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Advanced 3D realistic animation\u003C\u002Fli>\n\u003Cli>Live camera\u003C\u002Fli>\n\u003Cli>Highly optimized code\u003C\u002Fli>\n\u003Cli>Responsize & Mobile support\u003C\u002Fli>\n\u003Cli>Scroll animation\u003C\u002Fli>\n\u003Cli>Smooth animation – 120fps support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Issues and Suggestions\u003C\u002Fh3>\n\u003Cp>Please create new issue on Github:\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffnpen\u002Fchristmas-snow-3d\u002Fissues\" rel=\"nofollow ugc\">GitHub Issues\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>You can contribute or see sources to this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffnpen\u002Fchristmas-snow-3d\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","The plugin adds Christmas mood and falling snowflakes with unique and smooth experience and realistic animation.",200,11660,9,"2024-12-01T21:32:00.000Z","5.7",[92,23,114,74,115],"snow-falling","winter","https:\u002F\u002Filyazolotov.com\u002Fprojects\u002Fchristmas-snow-3d","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchristmas-snow-3d.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":51,"downloaded":126,"rating":51,"num_ratings":127,"last_updated":128,"tested_up_to":16,"requires_at_least":129,"requires_php":25,"tags":130,"homepage":131,"download_link":132,"security_score":51,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"devvn-snow","DevVN Snow","1.1.0","Le Van Toan","https:\u002F\u002Fprofiles.wordpress.org\u002Flevantoan\u002F","\u003Cp>Christmas decorations for your website such as snowfall, Christmas bell scene, Christmas tree…\u003C\u002Fp>\n","Christmas decorations for your website such as snowfall, Christmas bell scene, Christmas tree...",13966,5,"2025-12-11T21:19:00.000Z","4.3",[92,23,72,114],"https:\u002F\u002Flevantoan.com\u002Fsan-pham\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdevvn-snow.1.1.0.zip",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":51,"downloaded":141,"rating":142,"num_ratings":127,"last_updated":143,"tested_up_to":68,"requires_at_least":112,"requires_php":144,"tags":145,"homepage":149,"download_link":150,"security_score":77,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"rs-christmas-trees","Rs Christmas Trees","1.0.1","RS Software","https:\u002F\u002Fprofiles.wordpress.org\u002Ftherssoftware\u002F","\u003Cp>Add nice looking animation effect of falling snow to your WordPress site and enjoy winter and Christmas.\u003C\u002Fp>\n\u003Cp>Simulate snow storm by adjusting the snow falling speed.\u003C\u002Fp>\n\u003Cp>This snow falling WP plugin uses jSnow JQuery plugin and no images.\u003C\u002Fp>\n\u003Cp>christmas is an easy-to-use Christmas plugin that can add snow, top and bottom Christmas banner to your WordPress website. All the effects are togglable so you can choose the ones you want.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fchristmas.therssoftware.com\u002F\" title=\"Rs Christmas Ultimate Pro Version\" rel=\"nofollow ugc\">Upgrade to the Rs Christmas Ultimate Pro Version Now! »\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>For more information take a look at the \u003Ca href=\"http:\u002F\u002Fchristmas.therssoftware.com\u002F#video\" title=\"Rs Christmas Ultimate Video Preview\" rel=\"nofollow ugc\">video preview\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fchristmas.therssoftware.com\u002Fdoc\u002Frs-christmas-trees.html\" title=\"Click Here\" rel=\"nofollow ugc\">Full Documentation for the plugin is available  »\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong> Christmas plugin feature:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Header and footer by gorgeous event images\u003C\u002Fli>\n\u003Cli>Header and footer spacific one\u003C\u002Fli>\n\u003Cli>Show image at top and bottom\u003C\u002Fli>\n\u003Cli>Click To hide image\u003C\u002Fli>\n\u003Cli>Decorate your website by using snow fall\u003C\u002Fli>\n\u003Cli>Snow Effect on specific pages\u003C\u002Fli>\n\u003Cli>Easy to install and configure\u003C\u002Fli>\n\u003Cli>Customize the falling speed for the snow flakes\u003C\u002Fli>\n\u003Cli>Define number of snowflakes\u003C\u002Fli>\n\u003Cli>Define maximal and minimal size of snowflake\u003C\u002Fli>\n\u003Cli>Define maximal and minimal size of fall speed\u003C\u002Fli>\n\u003Cli>Define flake color\u003C\u002Fli>\n\u003Cli>Configurable Snow Z-Index\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n","Add nice looking animation effect of falling snow  and header and footer trees banner to your Wordpress site and enjoy winter with RS Christmas.",3612,84,"2024-12-05T05:45:00.000Z","7.0",[92,146,147,71,148],"christmas-snow","christmas-trees","snow-effects","https:\u002F\u002Ftherssoftware.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frs-christmas-trees.1.0.1.zip",{"attackSurface":152,"codeSignals":181,"taintFlows":189,"riskAssessment":247,"analyzedAt":253},{"hooks":153,"ajaxHandlers":172,"restRoutes":178,"shortcodes":179,"cronEvents":180,"entryPointCount":28,"unprotectedCount":29},[154,160,164,168],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","admin_menu","register_falling_things_menu","falling_things.php",142,{"type":155,"name":161,"callback":162,"file":158,"line":163},"admin_print_styles","admin_falling_things_css",152,{"type":155,"name":165,"callback":166,"file":158,"line":167},"admin_enqueue_scripts","admin_falling_things_script",162,{"type":155,"name":169,"callback":170,"file":158,"line":171},"wp_head","head_falling_things",266,[173],{"action":174,"nopriv":175,"callback":174,"hasNonce":176,"hasCapCheck":176,"file":158,"line":177},"falling_image_add",false,true,344,[],[],[],{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":186,"fileOperations":29,"externalRequests":29,"nonceChecks":98,"capabilityChecks":28,"bundledLibraries":188},[],{"prepared":184,"raw":29,"locations":185},11,[],{"escaped":110,"rawEcho":29,"locations":187},[],[],[190,218,231],{"entryPoint":191,"graph":192,"unsanitizedCount":29,"severity":217},"falling_things_settings (falling_things.php:174)",{"nodes":193,"edges":214},[194,199,205,209],{"id":195,"type":196,"label":197,"file":158,"line":198},"n0","source","$_POST (x4)",184,{"id":200,"type":201,"label":202,"file":158,"line":203,"wp_function":204},"n1","sink","update_option() [Settings Manipulation]",208,"update_option",{"id":206,"type":196,"label":207,"file":158,"line":208},"n2","$_POST (x3)",224,{"id":210,"type":201,"label":211,"file":158,"line":212,"wp_function":213},"n3","get_results() [SQLi]",226,"get_results",[215,216],{"from":195,"to":200,"sanitized":176},{"from":206,"to":210,"sanitized":176},"low",{"entryPoint":219,"graph":220,"unsanitizedCount":29,"severity":217},"falling_image_add (falling_things.php:346)",{"nodes":221,"edges":229},[222,225],{"id":195,"type":196,"label":223,"file":158,"line":224},"$_POST",364,{"id":200,"type":201,"label":226,"file":158,"line":227,"wp_function":228},"query() [SQLi]",366,"query",[230],{"from":195,"to":200,"sanitized":176},{"entryPoint":232,"graph":233,"unsanitizedCount":29,"severity":217},"\u003Cfalling_things> (falling_things.php:0)",{"nodes":234,"edges":243},[235,236,237,238,239,241],{"id":195,"type":196,"label":197,"file":158,"line":198},{"id":200,"type":201,"label":202,"file":158,"line":203,"wp_function":204},{"id":206,"type":196,"label":197,"file":158,"line":208},{"id":210,"type":201,"label":211,"file":158,"line":212,"wp_function":213},{"id":240,"type":196,"label":223,"file":158,"line":224},"n4",{"id":242,"type":201,"label":226,"file":158,"line":227,"wp_function":228},"n5",[244,245,246],{"from":195,"to":200,"sanitized":176},{"from":206,"to":210,"sanitized":176},{"from":240,"to":242,"sanitized":176},{"summary":248,"deductions":249},"The \"falling-things\" v1.09 plugin exhibits a generally strong security posture based on the static analysis. The code demonstrates excellent practices by utilizing prepared statements for all SQL queries and properly escaping all output, indicating a good understanding of common web vulnerabilities. The absence of file operations, external HTTP requests, and dangerous functions further solidifies this positive outlook. Crucially, the plugin has a well-implemented defense against unauthorized actions with two nonce checks and one capability check on its single AJAX handler, meaning its attack surface is effectively protected.\n\nDespite these strengths, a past medium severity SQL injection vulnerability (CVE) stands out. While there are no currently unpatched vulnerabilities, the existence of a previous SQL injection suggests a potential area of weakness that, although remediated, warrants careful monitoring. The taint analysis found no unsanitized paths, which is excellent, but the historical vulnerability still represents a latent risk. In conclusion, \"falling-things\" v1.09 is built with many good security practices, but the historical CVE implies that developers should remain vigilant regarding input validation, especially concerning SQL operations.",[250],{"reason":251,"points":252},"Past medium SQL injection vulnerability",10,"2026-03-16T20:07:17.475Z",{"wat":255,"direct":266},{"assetPaths":256,"generatorPatterns":260,"scriptPaths":261,"versionParams":262},[257,258,259],"\u002Fwp-content\u002Fplugins\u002Ffalling-things\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Ffalling-things\u002Fjs\u002Ffront.js","\u002Fwp-content\u002Fplugins\u002Ffalling-things\u002Fcss\u002Ffront.css",[],[258],[263,264,265],"falling-things\u002Fcss\u002Fadmin.css?ver=","falling-things\u002Fjs\u002Ffront.js?ver=","falling-things\u002Fcss\u002Ffront.css?ver=",{"cssClasses":267,"htmlComments":268,"htmlAttributes":269,"restEndpoints":270,"jsGlobals":271,"shortcodeOutput":273},[],[],[],[],[272],"settings_ft",[]]