[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fY7GWaytvRi_LxNPxr25Skq-xxzcNp6prfVeT2Co-r9w":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":128,"fingerprints":454},"fidgetr","Fidgetr","2.5.3","reaperhulk","https:\u002F\u002Fprofiles.wordpress.org\u002Freaperhulk\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Flangui.sh\u002Ffidgetr\u002F\" title=\"Fidgetr Home\" rel=\"nofollow ugc\">Fidgetr\u003C\u002Fa> is a WordPress widget that displays the latest photos from your Flickr photostream in an attractive manner.  It features support for its own themes along with very simple setup and compatibility with most WordPress themes. \u003Cstrong>Check the changelog to see what’s new!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Fidgetr requires PHP 5.0 or newer as well as WordPress 2.8 or newer.\u003C\u002Fp>\n\u003Cp>Catch new releases and other information about my plugins by following \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Freaperhulk\" rel=\"nofollow ugc\">@reaperhulk\u003C\u002Fa> on Twitter.\u003C\u002Fp>\n\u003Ch3>Theme Development FAQ\u003C\u002Fh3>\n\u003Ch4>How do I make a theme?\u003C\u002Fh4>\n\u003Cp>Check out the basic.theme.php file in the themes directory to see a very basic example of how to parse the JSON structure that fidgetr outputs. You can also write PHP.\u003C\u002Fp>\n\u003Ch4>How do I make new themes show up in the configuration dropdown?\u003C\u002Fh4>\n\u003Cp>Simply create a file called yourname.theme.php with your data.  If you have a CSS\u002FJS supplement add those support files in a directory theme_includes\u002Fyourname\u002F\u003C\u002Fp>\n\u003Cp>Please note that in Fidgetr javascript files have a very strict naming structure to allow proper queueing via WP and reduce conflicts with other plugins.  Your file must be named handle-ver-deps.js.  \u003Cem>Do not use – or _ in the handle as they are delimiters.\u003C\u002Fem>  Additionally, ver must be numeric.  Multiple deps can be provided via underscore.  Examples: slimbox-2.01-jquery.js , somelib-1.0-jquery_jquery-ui-core.js.  Be sure to name your scripts correctly to avoid conflicts with other wordpress plugins.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>Copyright 2010 Paul Kehrer\n\nThis program is free software; you can redistribute it and\u002For modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation; either version 2 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program; if not, write to the Free Software\nFoundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA\n\u003C\u002Fcode>\u003C\u002Fpre>\n","A simple and beautiful Flickr widget that supports themes.",20,24061,0,"2010-08-17T21:26:00.000Z","3.0.5","2.8","",[19,20,21,22,23],"flickr","photography","photos","sidebar","widgets","http:\u002F\u002Flangui.sh\u002Ffidgetr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffidgetr.2.5.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},2,30,84,"2026-04-04T16:55:23.481Z",[36,57,77,96,112],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"meks-simple-flickr-widget","Meks Simple Flickr Widget","1.3","Meks","https:\u002F\u002Fprofiles.wordpress.org\u002Fmekshq\u002F","\u003Cp>Quickly display your Flickr photos inside WordPress widget. No authorization required (only provide your user id).\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No authorization required (only provide your user id)\u003C\u002Fli>\n\u003Cli>Support both user Flickr users and Flickr groups \u003C\u002Fli>\n\u003Cli>Change thumbnail size\u003C\u002Fli>\n\u003Cli>Caching system integrated for better performance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Simple Flickr Widget plugin is created by \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Live example?\u003C\u002Fh3>\n\u003Cp>You can see Simple Flickr Widget live example on our \u003Ca href=\"https:\u002F\u002Fmekshq.com\u002Fdemo\u002Fvoice\" rel=\"nofollow ugc\">Voice theme demo website\u003C\u002Fa>\u003C\u002Fp>\n","Quickly display your Flickr photos inside WordPress widget.",20000,405991,86,3,"2024-07-29T12:33:00.000Z","6.6.5","3.0",[19,21,52,22,53],"photostream","widget","https:\u002F\u002Fmekshq.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmeks-simple-flickr-widget.zip",92,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":31,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":17,"tags":71,"homepage":73,"download_link":74,"security_score":75,"vuln_count":31,"unpatched_count":31,"last_vuln_date":76,"fetched_at":28},"snapwidget-wp-instagram-widget","SnapWidget Social Photo Feed Widget","1.1.0","snapwidget","https:\u002F\u002Fprofiles.wordpress.org\u002Fsnapwidget\u002F","\u003Cp>SnapWidget Social Photo Feed Widget is an easy way to embed your Instagram photos and videos on your website or blog to display your photos. The widget offers the same functionality and customization available for widgets embedded from \u003Ca href=\"https:\u002F\u002Fsnapwidget.com\" title=\"Instagram widget\" rel=\"nofollow ugc\">SnapWidget\u003C\u002Fa>. Supports the Instagram Basic Display and Graph API’s.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple and easy to use\u003C\u002Fli>\n\u003Cli>Multiple layout options (Grid, Board, Scrolling, Slideshow and Map)\u003C\u002Fli>\n\u003Cli>Secure, supports HTTPS websites\u003C\u002Fli>\n\u003Cli>Refreshes with new photos every 15 minutes (5 minutes for Pro widgets)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Pro Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hashtag Widgets\u003C\u002Fli>\n\u003Cli>Widget Analytics\u003C\u002Fli>\n\u003Cli>Shoppable features\u003C\u002Fli>\n\u003Cli>Add your own custom CSS\u003C\u002Fli>\n\u003Cli>Display photos in a lightbox\u003C\u002Fli>\n\u003Cli>Previous \u002F Next buttons to display older content\u003C\u002Fli>\n\u003Cli>Creating widgets for other users\u003C\u002Fli>\n\u003C\u002Ful>\n","SnapWidget Social Photo Feed Widget is an easy way to embed your Instagram photos and videos on your website or blog to display your photos.",600,15422,60,"2021-02-25T15:41:00.000Z","5.6.17","4.4",[72,21,22,53,23],"instagram","https:\u002F\u002Fsnapwidget.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsnapwidget-wp-instagram-widget.1.2.0.zip",42,"2025-09-22 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":17,"tags":92,"homepage":94,"download_link":95,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"flickr-me","Flickr Me","1.0.6","Erik Ford","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearepixel8\u002F","\u003Cp>With Flickr Me, you can add Flickr feeds, from an individual account or group, to your widget ready areas. Once installed and activated the widget is an easy to manage, out of box solution for displaying a Flickr gallery of images. Each photo, in the feed, will link to its Flickr permalink and you can optionally set to display the title when stacking images.\u003C\u002Fp>\n","Add Flickr feeds to your widget ready areas.",40,6088,100,1,"2016-05-02T15:14:00.000Z","4.5.33","3.1",[19,93,21,22,53],"images","http:\u002F\u002Fheavyheavy.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflickr-me.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":85,"downloaded":104,"rating":87,"num_ratings":88,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":17,"tags":108,"homepage":110,"download_link":111,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"javascript-flickr-badge","Javascript Flickr Badge","2.3","erikrasmussen","https:\u002F\u002Fprofiles.wordpress.org\u002Ferikrasmussen\u002F","\u003Cp>Javascript Flickr Badge uses pure javascript to place a Flickr badge in your widget-enabled sidebar to display recent photos. Photos\u003Cbr \u002F>\nmay be filtered by tag if so desired. All communication with Flickr is client-side, so no extra load is placed on your server at all.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fblog.jyst.us\u002Fjavascript-flickr-badge?utm_source=Wordpress&utm_medium=Wordpress%2BPlugin%2BDirectory&utm_campaign=Javascript%2BFlickr%2BBadge\" rel=\"nofollow ugc\">Plugin Page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=AyRj7U-dExI\" rel=\"nofollow ugc\">Demo Video\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customizable thumbnail size, number of rows, and number of columns to fit perfectly into any sidebar.\u003C\u002Fli>\n\u003Cli>Works for your personal photo stream, group pools, or your friends photostreams.\u003C\u002Fli>\n\u003Cli>Filtering by tag (user feed only).\u003C\u002Fli>\n\u003Cli>Lightweight javascript. No heavy libraries required!\u003C\u002Fli>\n\u003Cli>Works on mobile browsers\u003C\u002Fli>\n\u003Cli>All the work happens client-side. No server load.\u003C\u002Fli>\n\u003Cli>Animations, using CSS3: Vertical Scroll, Shuffle, Zoom (like Flickr’s Flash Badge), 3D Horizontal Flip, 3D Vertical Flip\u003C\u002Fli>\n\u003Cli>Localized to Spanish.\u003C\u002Fli>\n\u003C\u002Ful>\n","Displays photos from Flickr, with optional tag filtering, with pure client-side javascript. Several eye-catching effects available.",10128,"2013-05-27T09:37:00.000Z","3.5.2","2.0.2",[19,109,21,22,53],"media","http:\u002F\u002Fblog.jyst.us\u002Fjavascript-flickr-badge?utm_source=Wordpress&utm_medium=Plugin%2BAdmin&utm_campaign=Javascript%2BFlickr%2BBadge","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjavascript-flickr-badge.2.3.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":32,"downloaded":120,"rating":13,"num_ratings":13,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":17,"tags":124,"homepage":126,"download_link":127,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"flickrapi","Flickr API","0.7","David Walker","https:\u002F\u002Fprofiles.wordpress.org\u002Fpolaraction\u002F","\u003Cp>This plugin allows you to easily display Flickr photos on your site and using the Flickr API doesn’t limit you to\u003Cbr \u002F>\nthe standard 20 photos.  It supports user, set, favorite, group and public photostreams.\u003C\u002Fp>\n\u003Cp>The plugin is relatively easy to setup and configure via an options panel.\u003Cbr \u002F>\nIt also has support for an image cache located on your server.\u003C\u002Fp>\n\u003Ch3>Feedback and Support\u003C\u002Fh3>\n\u003Cp>For API problems you can visit the plugin page (http:\u002F\u002Fmalton-webdesign.co.uk\u002Fflickrapi)\u003C\u002Fp>\n\u003Ch3>Advanced\u003C\u002Fh3>\n\u003Cp>The plugin also supports a number of parameters, allowing you to have multiple instances across your\u003C\u002Fp>\n\u003Cp>site.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ccode>'type' => 'user'\u003C\u002Fcode> – The type of Flickr images that you want to show. Possible values: ‘user’, \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>‘favorite’, ‘set’, ‘group’, ‘public’\u003Cbr \u002F>\n2. \u003Ccode>'api' => ''\u003C\u002Fcode> – Optional but the point of the plugin!\u003Cbr \u002F>\n2. \u003Ccode>'tags' => ''\u003C\u002Fcode> – Optional: Can be used with type = ‘user’ or ‘public’, comma separated\u003Cbr \u002F>\n3. \u003Ccode>'set' => ''\u003C\u002Fcode> – Optional: To be used with type = ‘set’\u003Cbr \u002F>\n4. \u003Ccode>'id' => ''\u003C\u002Fcode> – Optional: Your Group or User ID. To be used with type = ‘user’ or ‘group’\u003Cbr \u002F>\n5. \u003Ccode>'do_cache' => false\u003C\u002Fcode> – Enable the image cache\u003Cbr \u002F>\n6. \u003Ccode>'cache_sizes' => array('square')\u003C\u002Fcode> – What are the image sizes we want to cache locally? Possible\u003Cbr \u002F>\nvalues: ‘square’, ‘thumbnail’, ‘small’, ‘medium’\u003Cbr \u002F>\n7. \u003Ccode>'cache_path' => ''\u003C\u002Fcode> – Where the images are saved (server path)\u003Cbr \u002F>\n8. \u003Ccode>'cache_uri' => ''\u003C\u002Fcode> – The URI associated to the cache path (web address)\u003Cbr \u002F>\n9. \u003Ccode>'num_items' => 4\u003C\u002Fcode> – The number of images that you want to display\u003Cbr \u002F>\n10. \u003Ccode>'before_list' => ''\u003C\u002Fcode> – The HTML to print before the list of images\u003Cbr \u002F>\n11. \u003Ccode>'html' => '\u003Ca href=\"%flickr_page%\" title=\"%title%\">\u003Cimg src=\"%image_square%\" alt=\"%title%\">\u003C\u002Fa&>'\u003C\u002Fcode> –\u003C\u002Fp>\n\u003Cp>the code to print out for each image.\u003Cbr \u002F>\n    Meta tags available: %flickr_page%, %title%, %image_small%, %image_square%, %image_thumbnail%,\u003C\u002Fp>\n\u003Cp>%image_medium%, %image_large%\u003Cbr \u002F>\n12. \u003Ccode>'default_title' => \"Untitled Flickr photo\"\u003C\u002Fcode> – the default title\u003Cbr \u002F>\n13. \u003Ccode>'after_list' => ''\u003C\u002Fcode> – the HTML to print after the list of images\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Example 1\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>  get_flickrAPI(array('num_items' => 36, \n                      'type' => 'group', \n                      'tags' => '',\n                      'id' => '12325216@N00',\n                      'api' => '3370ecbd3e604245581eb4955fd6xxxx')); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would show the 36 most recent group photos\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Example 2\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>  get_flickrAPI(array('num_items' => 30, \n                      'type' => 'user', \n                      'tags' => '',\n                      'id' => '10529805@N00',\n                      'api' => '3370ecbd3e604245581eb4955fd6xxxx')); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would show the 30 most recent thumbnail sized photos from the specified user’s set.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Example 3\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>  get_flickrAPI(array('num_items' => 30, \n                      'type' => 'public', \n                      'text' => '',\n                      'tags' => '',\n                      'api' => '3370ecbd3e604245581eb4955fd6xxxx')); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would show the 30 most recent photos from all of FLickr.\u003C\u002Fp>\n\u003Ch3>Plugin History\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>0.7 – Change of the Support page to new website\u003C\u002Fli>\n\u003Cli>0.6 – Removed the Large option as FLickr seem to have removed it.\u003C\u002Fli>\n\u003Cli>0.5 – Added search by Text facilty\u003C\u002Fli>\n\u003Cli>0.4 – Debug Option Added \u003C\u002Fli>\n\u003Cli>0.3 – Upgrade bug fix. \u003C\u002Fli>\n\u003Cli>0.2 – Readme.txt updated properly\u003C\u002Fli>\n\u003Cli>0.1 – Beta release (Plugin amended from the original “eightface” flickrRSS plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin is an amended version of flickrRSS by \"eightface\". As well as allowing you to integrate Flickr photos into your site, supportin &hellip;",10412,"2012-04-24T16:05:00.000Z","3.3.2","2.6",[125,19,93,21,22],"api","http:\u002F\u002Fmalton-webdesign.co.uk\u002FflickrAPI\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflickrapi.zip",{"attackSurface":129,"codeSignals":162,"taintFlows":437,"riskAssessment":438,"analyzedAt":453},{"hooks":130,"ajaxHandlers":149,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":31,"unprotectedCount":31},[131,137,141,145],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","wp_print_styles","include_css","fidgetr.php",33,{"type":132,"name":138,"callback":139,"file":135,"line":140},"init","include_js",34,{"type":132,"name":142,"callback":143,"file":135,"line":144},"admin_init","fidgetr_admin_init",35,{"type":132,"name":146,"callback":147,"file":135,"line":148},"widgets_init","fidgetr_register",523,[150,155],{"action":151,"nopriv":152,"callback":153,"hasNonce":152,"hasCapCheck":152,"file":135,"line":154},"fidgetr_user_check_ajax",false,"user_check_ajax",37,{"action":156,"nopriv":152,"callback":157,"hasNonce":152,"hasCapCheck":152,"file":135,"line":158},"fidgetr_photoset_fetch_ajax","photoset_fetch_ajax",38,[],[],[],{"dangerousFunctions":163,"sqlUsage":172,"outputEscaping":174,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":436},[164,168],{"fn":165,"file":135,"line":166,"context":167},"unserialize",179,"$dataCache = unserialize($instance['datacache']);",{"fn":165,"file":169,"line":170,"context":171},"flickrApi.class.php",136,"$responseObj = unserialize($response);",{"prepared":13,"raw":13,"locations":173},[],{"escaped":13,"rawEcho":175,"locations":176},166,[177,180,181,183,185,187,189,191,193,195,197,199,200,202,204,205,206,208,210,211,212,214,216,217,218,220,222,223,224,226,228,229,231,233,235,236,237,239,241,242,243,245,247,248,249,251,253,254,255,257,259,260,262,264,267,269,271,272,273,274,275,277,279,280,282,283,284,285,286,288,289,290,291,292,293,295,297,298,299,301,303,304,305,306,307,309,310,312,313,315,317,319,321,323,325,327,329,331,333,335,336,338,340,341,343,345,347,349,350,352,354,356,357,358,360,362,364,365,367,368,369,370,371,372,373,375,376,378,379,381,382,383,384,385,387,388,389,391,393,394,396,397,398,399,401,403,404,405,406,408,409,411,413,415,416,418,420,422,424,426,428,429,431,432,433,434],{"file":135,"line":178,"context":179},134,"raw output",{"file":135,"line":170,"context":179},{"file":135,"line":182,"context":179},154,{"file":135,"line":184,"context":179},167,{"file":135,"line":186,"context":179},169,{"file":135,"line":188,"context":179},171,{"file":135,"line":190,"context":179},231,{"file":135,"line":192,"context":179},232,{"file":135,"line":194,"context":179},238,{"file":135,"line":196,"context":179},242,{"file":135,"line":198,"context":179},244,{"file":135,"line":198,"context":179},{"file":135,"line":201,"context":179},415,{"file":135,"line":203,"context":179},417,{"file":135,"line":203,"context":179},{"file":135,"line":203,"context":179},{"file":135,"line":207,"context":179},422,{"file":135,"line":209,"context":179},424,{"file":135,"line":209,"context":179},{"file":135,"line":209,"context":179},{"file":135,"line":213,"context":179},432,{"file":135,"line":215,"context":179},434,{"file":135,"line":215,"context":179},{"file":135,"line":215,"context":179},{"file":135,"line":219,"context":179},439,{"file":135,"line":221,"context":179},441,{"file":135,"line":221,"context":179},{"file":135,"line":221,"context":179},{"file":135,"line":225,"context":179},446,{"file":135,"line":227,"context":179},448,{"file":135,"line":227,"context":179},{"file":135,"line":230,"context":179},453,{"file":135,"line":232,"context":179},475,{"file":135,"line":234,"context":179},476,{"file":135,"line":234,"context":179},{"file":135,"line":234,"context":179},{"file":135,"line":238,"context":179},481,{"file":135,"line":240,"context":179},482,{"file":135,"line":240,"context":179},{"file":135,"line":240,"context":179},{"file":135,"line":244,"context":179},487,{"file":135,"line":246,"context":179},488,{"file":135,"line":246,"context":179},{"file":135,"line":246,"context":179},{"file":135,"line":250,"context":179},494,{"file":135,"line":252,"context":179},495,{"file":135,"line":252,"context":179},{"file":135,"line":252,"context":179},{"file":135,"line":256,"context":179},500,{"file":135,"line":258,"context":179},502,{"file":135,"line":258,"context":179},{"file":135,"line":261,"context":179},507,{"file":169,"line":263,"context":179},183,{"file":265,"line":266,"context":179},"themes\\basic.theme.php",6,{"file":265,"line":268,"context":179},8,{"file":265,"line":270,"context":179},9,{"file":265,"line":270,"context":179},{"file":265,"line":270,"context":179},{"file":265,"line":270,"context":179},{"file":265,"line":270,"context":179},{"file":265,"line":276,"context":179},15,{"file":278,"line":266,"context":179},"themes\\crossfade.theme.php",{"file":278,"line":270,"context":179},{"file":278,"line":281,"context":179},11,{"file":278,"line":281,"context":179},{"file":278,"line":281,"context":179},{"file":278,"line":281,"context":179},{"file":278,"line":281,"context":179},{"file":278,"line":287,"context":179},13,{"file":278,"line":287,"context":179},{"file":278,"line":287,"context":179},{"file":278,"line":287,"context":179},{"file":278,"line":287,"context":179},{"file":278,"line":276,"context":179},{"file":278,"line":294,"context":179},17,{"file":278,"line":296,"context":179},18,{"file":278,"line":296,"context":179},{"file":278,"line":11,"context":179},{"file":278,"line":300,"context":179},22,{"file":278,"line":302,"context":179},23,{"file":278,"line":302,"context":179},{"file":278,"line":302,"context":179},{"file":278,"line":302,"context":179},{"file":278,"line":302,"context":179},{"file":278,"line":308,"context":179},32,{"file":278,"line":154,"context":179},{"file":278,"line":311,"context":179},41,{"file":278,"line":75,"context":179},{"file":278,"line":314,"context":179},45,{"file":278,"line":316,"context":179},46,{"file":278,"line":318,"context":179},49,{"file":278,"line":320,"context":179},50,{"file":278,"line":322,"context":179},54,{"file":278,"line":324,"context":179},55,{"file":278,"line":326,"context":179},65,{"file":278,"line":328,"context":179},66,{"file":278,"line":330,"context":179},69,{"file":278,"line":332,"context":179},71,{"file":278,"line":334,"context":179},74,{"file":278,"line":334,"context":179},{"file":278,"line":337,"context":179},78,{"file":278,"line":339,"context":179},79,{"file":278,"line":339,"context":179},{"file":278,"line":342,"context":179},80,{"file":278,"line":344,"context":179},81,{"file":278,"line":346,"context":179},82,{"file":278,"line":348,"context":179},83,{"file":278,"line":26,"context":179},{"file":278,"line":351,"context":179},89,{"file":278,"line":353,"context":179},90,{"file":278,"line":355,"context":179},91,{"file":278,"line":56,"context":179},{"file":278,"line":56,"context":179},{"file":278,"line":359,"context":179},97,{"file":361,"line":266,"context":179},"themes\\default.theme.php",{"file":361,"line":363,"context":179},7,{"file":361,"line":281,"context":179},{"file":361,"line":366,"context":179},14,{"file":361,"line":366,"context":179},{"file":361,"line":366,"context":179},{"file":361,"line":366,"context":179},{"file":361,"line":366,"context":179},{"file":361,"line":276,"context":179},{"file":361,"line":296,"context":179},{"file":361,"line":374,"context":179},19,{"file":361,"line":374,"context":179},{"file":361,"line":377,"context":179},21,{"file":361,"line":302,"context":179},{"file":361,"line":380,"context":179},25,{"file":361,"line":380,"context":179},{"file":361,"line":380,"context":179},{"file":361,"line":380,"context":179},{"file":361,"line":380,"context":179},{"file":361,"line":386,"context":179},31,{"file":361,"line":136,"context":179},{"file":361,"line":154,"context":179},{"file":361,"line":390,"context":179},39,{"file":361,"line":392,"context":179},43,{"file":361,"line":392,"context":179},{"file":361,"line":395,"context":179},44,{"file":361,"line":395,"context":179},{"file":361,"line":314,"context":179},{"file":361,"line":316,"context":179},{"file":361,"line":400,"context":179},47,{"file":361,"line":402,"context":179},48,{"file":361,"line":402,"context":179},{"file":361,"line":318,"context":179},{"file":361,"line":320,"context":179},{"file":361,"line":407,"context":179},51,{"file":361,"line":407,"context":179},{"file":361,"line":410,"context":179},52,{"file":361,"line":412,"context":179},58,{"file":361,"line":414,"context":179},59,{"file":361,"line":67,"context":179},{"file":361,"line":417,"context":179},62,{"file":361,"line":419,"context":179},63,{"file":361,"line":421,"context":179},64,{"file":361,"line":423,"context":179},68,{"file":361,"line":425,"context":179},77,{"file":427,"line":88,"context":179},"themes\\grid.theme.php",{"file":427,"line":47,"context":179},{"file":427,"line":430,"context":179},4,{"file":427,"line":430,"context":179},{"file":427,"line":430,"context":179},{"file":427,"line":281,"context":179},{"file":427,"line":435,"context":179},16,[],[],{"summary":439,"deductions":440},"The plugin \"fidgetr\" v2.5.3 presents a significant security risk due to several critical omissions in its code.  While the plugin avoids known vulnerabilities and utilizes prepared statements for SQL queries, its security posture is severely undermined by the lack of authentication and authorization checks on all its entry points. The presence of two unprotected AJAX handlers exposes these functions to unauthorized access and potential exploitation.  Furthermore, the complete absence of output escaping on a large number of outputs (166 total) creates a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the WordPress admin area or user-facing pages.\n\nThe plugin's history of zero known CVEs is a positive indicator, suggesting a generally well-maintained codebase in the past. However, this historical strength is overshadowed by the current static analysis findings. The core issue lies in the implementation of basic security controls. The use of the `unserialize` function, while not directly tied to a specific vulnerability in this analysis, is a known security risk if not handled with extreme caution and validation, especially when dealing with external input. The lack of taint analysis results, while not a direct negative, doesn't provide reassurance regarding the handling of potentially malicious data through the identified entry points.\n\nIn conclusion, \"fidgetr\" v2.5.3 has a weak security posture. The absence of authentication on its entry points and the pervasive lack of output escaping are critical weaknesses that attackers can readily exploit. While its past vulnerability history is good, it doesn't mitigate the immediate risks identified in this version. Urgent attention is required to address these fundamental security flaws to prevent potential compromises.",[441,444,446,449,451],{"reason":442,"points":443},"Unprotected AJAX handlers",10,{"reason":445,"points":268},"Lack of output escaping",{"reason":447,"points":448},"Use of unserialize function",5,{"reason":450,"points":443},"Missing nonce checks on AJAX",{"reason":452,"points":443},"Missing capability checks","2026-03-16T23:02:44.904Z",{"wat":455,"direct":465},{"assetPaths":456,"generatorPatterns":460,"scriptPaths":461,"versionParams":462},[457,458,459],"\u002Fwp-content\u002Fplugins\u002Ffidgetr\u002Ffidgetr_ajax.js","\u002Fwp-content\u002Fplugins\u002Ffidgetr\u002Fthemes\u002Ftheme_includes\u002Fslimbox2\u002Fslimbox2.css","\u002Fwp-content\u002Fplugins\u002Ffidgetr\u002Fthemes\u002Ftheme_includes\u002Fslimbox2\u002Fslimbox-2.03-jquery.js",[],[457],[463,464],"fidgetr\u002Fthemes\u002Ftheme_includes\u002Fslimbox2\u002Fslimbox-2.03-jquery.js?ver=","fidgetr\u002Ffidgetr_ajax.js?ver=",{"cssClasses":466,"htmlComments":468,"htmlAttributes":469,"restEndpoints":479,"jsGlobals":480,"shortcodeOutput":481},[467],"widget_fidgetr",[],[470,471,472,473,474,475,476,477,478],"data-fidgetr-username","data-fidgetr-photoset","data-fidgetr-theme","data-fidgetr-showtitle","data-fidgetr-num","data-fidgetr-cachetime","data-fidgetr-commentsflag","data-fidgetr-randomize","data-fidgetr-slimbox",[],[],[]]