[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTh-SXXlaMr5RS9nX5xUAjsyXlWcNk2BkVi9UeYJxq5M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":119,"fingerprints":170},"feed-json","Feed JSON","1.0.10","wokamoto","https:\u002F\u002Fprofiles.wordpress.org\u002Fwokamoto\u002F","\u003Cp>Adds a new type of feed you can subscribe to.\u003Cbr \u002F>\n    http:\u002F\u002Fexample.com\u002Ffeed\u002Fjson or \u003Ccode>http:\u002F\u002Fexample.com\u002F?feed=json\u003C\u002Fcode> to anywhere you get a JSON form.\u003Cbr \u002F>\n    http:\u002F\u002Fexample.com\u002Ffeed\u002Fjson?callback=callback or \u003Ccode>http:\u002F\u002Fexample.com\u002F?feed=json&callback=callback\u003C\u002Fcode> to anywhere you get a JSONP.\u003C\u002Fp>\n","Adds a new type of feed you can subscribe to.",500,21681,80,4,"2017-01-18T02:29:00.000Z","4.7.32","3.0","",[20,21,22,23],"feed","feeds","json","jsonp","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ffeed-json\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeed-json.1.0.10.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},7,12430,82,30,81,"2026-04-04T14:08:50.267Z",[39,55,74,89,102],{"slug":40,"name":5,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":48,"requires_at_least":17,"requires_php":18,"tags":49,"homepage":51,"download_link":52,"security_score":53,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":54},"tabletize-json-connector","1.0.0","appfactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fappfactory\u002F","\u003Cp>Expose a new type of feed compatible with a Tabletize data source.\u003Cbr \u002F>\nYou can point your Tabletize external data source to \u003Ccode>http:\u002F\u002Fexample.com\u002Ffeed\u002Fjson\u003C\u002Fcode> or \u003Ccode>http:\u002F\u002Fexample.com\u002F?feed=json\u003C\u002Fcode> and you get a fully functional Tabletize data source that you can use with a list element.\u003Cbr \u002F>\nYou can find out more about external data sources here: \u003Ccode>http:\u002F\u002Fhelp.tabletize.com\u002Fdata\u002Fexternal-source\u002F\u003C\u002Fcode>.\u003C\u002Fp>\n","Expose Wordpress posts to be used by a Tabletize data source.",10,1809,"3.9.40",[20,21,22,23,50],"tabletize","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftabletize-json\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftabletize-json-connector.zip",100,"2026-03-15T10:48:56.248Z",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":53,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":71,"download_link":72,"security_score":73,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"jsonfeed","JSON Feed (jsonfeed.org)","1.4.5","mantonr","https:\u002F\u002Fprofiles.wordpress.org\u002Fmantonr\u002F","\u003Cp>Adds a JSON Feed to your WordPress site by adding \u003Ccode>\u002Ffeed\u002Fjson\u003C\u002Fcode> to any URL.\u003C\u002Fp>\n\u003Cp>The JSON Feed format is a pragmatic syndication format, like RSS and Atom, but with one big difference: it’s JSON instead of XML. Learn more at \u003Ca href=\"http:\u002F\u002Fjsonfeed.org\u002F\" rel=\"nofollow ugc\">jsonfeed.org\u003C\u002Fa>.\u003C\u002Fp>\n","Adds feeds in JSON Feed format.",1000,55677,5,"2024-04-05T13:41:00.000Z","6.5.8","4.9","5.6",[20,21,22,56],"https:\u002F\u002Fgithub.com\u002Fmanton\u002Fjsonfeed-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjsonfeed.1.4.5.zip",92,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":53,"downloaded":82,"rating":27,"num_ratings":27,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":18,"tags":86,"homepage":87,"download_link":88,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"json-feed","JSON feed","1.3","chrisnorthwood","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrisnorthwood\u002F","\u003Cp>Pretty simple, really. Adds a new type of feed you can subscribe to. Simply\u003Cbr \u002F>\nadd \u003Ccode>?feed=json\u003C\u002Fcode> to anywhere you get a normal feed to get it in JSON form\u003Cbr \u002F>\n(but with a cutdown version of events).\u003C\u002Fp>\n\u003Cp>Version 1.1 added support for JSONP. To get a JSONP response instead of a\u003Cbr \u002F>\nnormal JSON structure, simply add \u003Ccode>jsonp=callbackName\u003C\u002Fcode> to your query, where\u003Cbr \u002F>\n    callbackName is the name of the function to be wrapped with.\u003C\u002Fp>\n\u003Cp>To use this with jQuery, you’ll want to do something like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$.getJSON(\"http:\u002F\u002Fexample.com\u002Ffeed\u002F?feed=json&jsonp=?\",\n       function(data){\n               console.debug(data[0].title);   \u002F\u002F print title of first item to firebug console\n       });\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>(thanks to Dan “Tack” Trudell)\u003C\u002Fp>\n","Pretty simple, really. Adds a new type of feed you can subscribe to. Simply",16484,"2009-11-19T23:31:00.000Z","2.9.2","2.7.1",[20,21,22],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjson-feed\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjson-feed.1.3.zip",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":46,"downloaded":97,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":16,"requires_at_least":98,"requires_php":18,"tags":99,"homepage":100,"download_link":101,"security_score":53,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":54},"json-feeder","JSON Feeder","1.0.6","Signalfade","https:\u002F\u002Fprofiles.wordpress.org\u002Fsignalfade\u002F","\u003Cp>Adds a new type of feed you can subscribe to.\u003Cbr \u002F>\n    http:\u002F\u002Fexample.com\u002Ffeed\u002Fjson or \u003Ccode>http:\u002F\u002Fexample.com\u002F?feed=json\u003C\u002Fcode> to anywhere and you’ll get JSON back.\u003C\u002Fp>\n","Adds a feed based on the jsonfeed.org standard that one can subscribe to or parse.",1386,"4.0",[20,21,22,56],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjson-feeder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjson-feeder.1.0.6.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":46,"downloaded":110,"rating":53,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":18,"tags":115,"homepage":117,"download_link":118,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-api-json-reader","WP API JSON READER","1.1","elsteno","https:\u002F\u002Fprofiles.wordpress.org\u002Felsteno\u002F","\u003Cp>This plugin provide a widget(s) to get, read and show posts from wordpress sites (with WP REST API Installed) to an other(s) wordpress site(s)!\u003C\u002Fp>\n","Get and show posts from an other WP website which have installed the WP REST API and provide json feeds via the API",1852,1,"2015-05-28T09:07:00.000Z","4.4.34","4.0.0",[21,22,116],"wp-api","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwpapi-json-reader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-api-json-reader.1.1.zip",{"attackSurface":120,"codeSignals":144,"taintFlows":158,"riskAssessment":159,"analyzedAt":169},{"hooks":121,"ajaxHandlers":140,"restRoutes":141,"shortcodes":142,"cronEvents":143,"entryPointCount":27,"unprotectedCount":27},[122,128,131,136],{"type":123,"name":124,"callback":125,"file":126,"line":127},"action","init","add_feed_json","feed-json.php",52,{"type":123,"name":129,"callback":129,"priority":46,"file":126,"line":130},"do_feed_json",53,{"type":132,"name":133,"callback":134,"file":126,"line":135},"filter","template_include","template_json",54,{"type":132,"name":137,"callback":138,"file":126,"line":139},"query_vars","add_query_vars",55,[],[],[],[],{"dangerousFunctions":145,"sqlUsage":146,"outputEscaping":148,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":157},[],{"prepared":27,"raw":27,"locations":147},[],{"escaped":111,"rawEcho":149,"locations":150},2,[151,155],{"file":152,"line":153,"context":154},"template\\feed-json.php",59,"raw output",{"file":152,"line":156,"context":154},62,[],[],{"summary":160,"deductions":161},"The 'feed-json' plugin v1.0.10 demonstrates a strong security posture based on the provided static analysis. The absence of any identifiable attack surface points, dangerous functions, raw SQL queries, file operations, external HTTP requests, or known vulnerabilities in its history is highly commendable. This suggests the developers have prioritized secure coding practices and have maintained a clean track record.\n\nHowever, there are a few areas that warrant attention. The low percentage of properly escaped outputs (33%) indicates a potential risk of cross-site scripting (XSS) vulnerabilities if the unescaped outputs are rendered in a user's browser. While the static analysis did not identify specific taint flows or vulnerabilities, this output escaping issue remains a significant concern. Additionally, the complete lack of nonce and capability checks, while not directly leading to identified issues in this scan, could be a concern in larger or more complex plugins where such checks are crucial for preventing CSRF and unauthorized actions.\n\nIn conclusion, the plugin is in a generally good security state due to its limited attack surface and lack of known vulnerabilities. The primary weakness lies in output escaping, which should be addressed to mitigate potential XSS risks. The absence of critical or high severity issues in the taint analysis and vulnerability history are positive indicators. Addressing the output escaping would significantly enhance its overall security.",[162,165,167],{"reason":163,"points":164},"Low percentage of properly escaped outputs",6,{"reason":166,"points":14},"Lack of nonce checks",{"reason":168,"points":14},"Lack of capability checks","2026-03-16T19:37:28.449Z",{"wat":171,"direct":177},{"assetPaths":172,"generatorPatterns":174,"scriptPaths":175,"versionParams":176},[173],"\u002Fwp-content\u002Fplugins\u002Ffeed-json\u002Ftemplate\u002Ffeed-json.php",[],[],[],{"cssClasses":178,"htmlComments":179,"htmlAttributes":180,"restEndpoints":181,"jsGlobals":182,"shortcodeOutput":183},[],[],[],[],[],[]]