[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5xXuTsBdVtt01A62Hvp0Jqv4lX8ENlrCh_hm6F9x7r4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":126,"fingerprints":193},"geekshed-embed","GeekShed Embed","2.0.1","Ryan Murphy","https:\u002F\u002Fprofiles.wordpress.org\u002Fryanmurphy\u002F","\u003Cp>GeekShed Embed allows a user to easily embed a \u003Ca href=\"http:\u002F\u002Fgeekshed.net\" rel=\"nofollow ugc\">GeekShed IRC\u003C\u002Fa> channel (chat room) onto their website. In additions to creating it via the options page, there are also two shortcodes that allow for use in page and\u002For post. Two other shortcodes are also included; one will display a list of users currently in the room, and the other will display a small userbadge with the number of chatters in the room.\u003C\u002Fp>\n\u003Cp>Comments, questions, suggestions? Post them at\u003C\u002Fp>\n","Easily add a GeekShed IRC channel (chat room) onto your site. Also includes shortcodes for other items provided by GeekShed",10,2907,0,"2012-07-16T16:43:00.000Z","3.4.2","2.7.0","",[19,20,21],"chat","geekshed","irc","http:\u002F\u002Fgeekshed.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeekshed-embed.2.0.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"ryanmurphy",1,30,84,"2026-04-05T09:44:03.982Z",[35,55,76,90,108],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":30,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":53,"download_link":54,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"chathispano","ChatHispano","1.2.2","Toni Garcia","https:\u002F\u002Fprofiles.wordpress.org\u002Ftonigarcia\u002F","\u003Cp>English:\u003Cbr \u002F>\nThe plugin allows a webmaster to insert webchat to chat in the ChatHispano Chat\u002FIRC Network.\u003C\u002Fp>\n\u003Cp>Spanish:\u003Cbr \u002F>\nEste plugin permite a un webmaster insertar un webchat para chatear en la red de IRC\u002FChat de ChatHispano.\u003C\u002Fp>\n","Integra los servicios de la red de IRC & Chat de ChatHispano en tu WordPress. Inserta un Webchat en tu Web para chatear y conocer a la gente.",40,3403,100,"2020-05-25T11:35:00.000Z","5.4.19","5.4",[19,50,21,51,52],"gente","network","webchat","http:\u002F\u002Fgithub.com\u002FIRCHispano","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchathispano.1.2.2.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":11,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":17,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":75},"conversejs","ConverseJS","4.2.0","brjhcxnnwqjevwc","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrjhcxnnwqjevwc\u002F","\u003Cp>Converse.js is an open source webchat client, that runs in the browser and can be integrated into any website.\u003C\u002Fp>\n\u003Cp>It’s similar to Facebook chat, but also supports multi-user chatrooms.\u003C\u002Fp>\n\u003Cp>Converse.js can connect to any accessible XMPP\u002FJabber server, either from a public provider such as chatme.im, or to one you have set up yourself.\u003C\u002Fp>\n\u003Cp>For more information, check out \u003Ca href=\"https:\u002F\u002Fconversejs.org\u002F\" rel=\"nofollow ugc\">conversejs\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fmotostorie.blog\u002F\" rel=\"nofollow ugc\">MotoStorie\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Special Thanks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>To my sister for having tolerated\u003C\u002Fli>\n\u003Cli>My work for the economic support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Single-user chat\u003C\u002Fli>\n\u003Cli>Multi-user chatrooms \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0045.html\" rel=\"nofollow ugc\">XEP 45\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Direct invitations to chat rooms \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0249.html\" rel=\"nofollow ugc\">XEP 249\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>vCard support \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0054.html\" rel=\"nofollow ugc\">XEP 54\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Service discovery \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0030.html\" rel=\"nofollow ugc\">XEP 30\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>In-band registration \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0077.html\" rel=\"nofollow ugc\">XEP 77\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Contact rosters and groups\u003C\u002Fli>\n\u003Cli>Contact subscriptions\u003C\u002Fli>\n\u003Cli>Roster item exchange \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Ftmp\u002Fxep-0144-1.1.html\" rel=\"nofollow ugc\">XEP 144\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Chat statuses (online, busy, away, offline)\u003C\u002Fli>\n\u003Cli>Custom status messages\u003C\u002Fli>\n\u003Cli>Typing and chat state notifications \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0085.html\" rel=\"nofollow ugc\">XEP 85\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Desktop notification messages\u003C\u002Fli>\n\u003Cli>Messages appear in all connected chat clients \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0280.html\" rel=\"nofollow ugc\">XEP 280\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Third person “\u002Fme” messages \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0245.html\" rel=\"nofollow ugc\">XEP 245\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>XMPP Ping \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0199.html\" rel=\"nofollow ugc\">XEP 199\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Server-side archiving of messages \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0313.html\" rel=\"nofollow ugc\">XEP 313\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Client state indication \u003Ca href=\"http:\u002F\u002Fxmpp.org\u002Fextensions\u002Fxep-0352.html\" rel=\"nofollow ugc\">XEP 352\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Off-the-record encryption\u003C\u002Fli>\n\u003Cli>Translated into 16 languages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hand-crafted, and made with love, in Padova, Italy.\u003C\u002Fp>\n\u003Cp>Based on \u003Ca href=\"http:\u002F\u002Fconversejs.org\u002F\" rel=\"nofollow ugc\">Converse.js\u003C\u002Fa>.\u003C\u002Fp>\n","Converse.js is an open source webchat client, that runs in the browser and can be integrated into any website.",17379,72,5,"6.4.8","4.6","7.3",[19,70,21,71,72],"converse","jabber","xmpp","https:\u002F\u002Fconversejs.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fconversejs.4.2.0.zip","2026-03-15T10:48:56.248Z",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":11,"downloaded":84,"rating":45,"num_ratings":30,"last_updated":85,"tested_up_to":15,"requires_at_least":17,"requires_php":17,"tags":86,"homepage":88,"download_link":89,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"my-quakenet-irc","My QuakeNet IRC","1.0.3","leaklords","https:\u002F\u002Fprofiles.wordpress.org\u002Fkwark\u002F","\u003Cul>\n\u003Cli>Add a main chat zone where you want in your code or in a page easily with shortcode \u003Ccode>[quake]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Add multiple irc chat Quakenet on your site with shortcode \u003Ccode>[quake channels=\"...\"]\u003C\u002Fcode> with optional parameters width, height, status, message, button\u003C\u002Fli>\n\u003Cli>Option AutoFill input nickname (based on user->display_name from WordPress)\u003C\u002Fli>\n\u003Cli>One option to leave the choice of changes the NickName to yours users (or not)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>e.g.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>basics\u003C\u002Fp>\n\u003Cp>[quake channels=”allwebtuts”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>full example\u003C\u002Fp>\n\u003Cp>[quake width=”600″ height=”400″ channels=”style-cataclysm” status=”user only” message=”Please login to view this chat” button=”yes” autofill=”yes” prompt=”no”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>button may take parameters yes or no (if nothing is defined – default no)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>yes, a link named IRC appears to hide\u002Fshow the current IRC\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>status may take parameters user only or public (if nothing is defined – default public)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>public, all visitors on your wordpress installation view the channel ongoing\u003C\u002Fli>\n\u003Cli>user only, only the connected users view the channel ongoing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>autofill may take parameters yes or no (if nothing is defined – default from administration)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>yes, AutoFill of the input nickname with the display_name from wordpress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>prompt may take parameters yes or no (if nothing is defined – default from administration)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>yes, autofill but leave the choice to your user to change its nickname if autofill is enable\u003C\u002Fli>\n\u003Cli>no, force user to use only its display_name from wordpress\u003C\u002Fli>\n\u003C\u002Ful>\n","My QuakeNet IRC chat plugin for Wordpress. Add a zone for your QuakeNet IRC chat.",4539,"2012-07-02T18:43:00.000Z",[19,21,87],"quakenet","http:\u002F\u002Fkwark.allwebtuts.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-quakenet-irc.1.0.3.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":11,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":17,"tags":104,"homepage":106,"download_link":107,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"powies-irc-chat","Powie's IRC Chat","0.9.2","PowieT","https:\u002F\u002Fprofiles.wordpress.org\u002Fpowiet\u002F","\u003Cp>This plugin includes a IRC chat system on a wordpress page or post. It makes\u003Cbr \u002F>\nusage of the coolsmile IRC applet. Just enter irc server, port and channels to join\u003Cbr \u002F>\non the settings page. Include shortcode PIRC on a page and your chat is ready.\u003C\u002Fp>\n\u003Ch4>Including:\u003C\u002Fh4>\n\u003Cp>Coolsmile Chat Software\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Support Forum @ \u003Ca href=\"http:\u002F\u002Fgoo.gl\u002FlfR7B\" rel=\"nofollow ugc\">powie.de\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Remove plugin\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Delete plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>To do\u003C\u002Fh3>\n\u003Cp>Maybee Translations. Does someone wants to help?\u003C\u002Fp>\n","IRC Chat",23265,60,3,"2013-12-19T07:40:00.000Z","3.7.41","2.8",[19,21,105],"shortcode","http:\u002F\u002Fwww.powie.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowies-irc-chat.0.9.2.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":11,"downloaded":116,"rating":45,"num_ratings":100,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":123,"download_link":124,"security_score":125,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-romaniachat","Romania Chat","2.0","romaniachat","https:\u002F\u002Fprofiles.wordpress.org\u002Fromaniachat\u002F","\u003Cp>Integrati serviciile retelei IRC RomaniaChat in WordPress.  Daca ai un blog pe orice platforma cu WordPress si vrei sa integrezi un WebChat, iti oferim solutia perfecta.\u003C\u002Fp>\n\u003Ch3>Descriere\u003C\u002Fh3>\n\u003Cp>English:\u003Cbr \u002F>\nThe plugin allows a webmaster to insert webchat to chat in the RomaniaChat Chat\u002FIRC Network.\u003C\u002Fp>\n\u003Cp>Romana:\u003Cbr \u002F>\nAcest plugin permite unui webmaster sa introduca un webchat pentru chat in reteaua IRC \u002F RomaniaChat.\u003C\u002Fp>\n\u003Ch3>Contribute to this project\u003C\u002Fh3>\n\u003Cp>Rapoartele de erori și solicitările de extragere sunt binevenite pe \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FRomaniaChat\u002Fwp-romaniachat\" title=\"GitHub\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003Cbr \u002F>\nDacă găsiți erori sau doriți să îmbunătățiți unele părți ale pluginului, puteți face acest lucru deschizând o problemă sau o solicitare de extragere\u003C\u002Fp>\n","Integrati serviciile retelei IRC RomaniaChat in WordPress.  Daca ai un blog pe orice platforma cu Wordpress si vrei sa integrezi un WebChat, iti oferi &hellip;",1937,"2024-09-19T20:03:00.000Z","6.6.5","6.0","6.1",[19,21,122,112,52],"romania","https:\u002F\u002Fwp.romaniachat.eu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-romaniachat.2.0.zip",92,{"attackSurface":127,"codeSignals":163,"taintFlows":181,"riskAssessment":182,"analyzedAt":192},{"hooks":128,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":162,"entryPointCount":159,"unprotectedCount":13},[129,135,139,142],{"type":130,"name":131,"callback":132,"file":133,"line":134},"action","admin_menu","geekshed_embed_menu","geekshed-embed.php",28,{"type":130,"name":136,"callback":137,"file":133,"line":138},"admin_init","register_gse_settings",29,{"type":130,"name":140,"callback":141,"file":133,"line":31},"admin_notices","gse_setup_notice",{"type":143,"name":144,"callback":145,"file":133,"line":146},"filter","the_content","gse_chat_page",202,[],[],[150,154,157,160],{"tag":20,"callback":151,"file":152,"line":153},"geekshed_embed","shortcode.php",2,{"tag":155,"callback":156,"file":152,"line":100},"geekshed_chat","gse_display_chat",{"tag":158,"callback":158,"file":152,"line":159},"geekshed_badge",4,{"tag":161,"callback":161,"file":152,"line":65},"geekshed_list",[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":180},[],{"prepared":13,"raw":13,"locations":166},[],{"escaped":13,"rawEcho":65,"locations":168},[169,172,174,176,178],{"file":133,"line":170,"context":171},97,"raw output",{"file":133,"line":173,"context":171},103,{"file":133,"line":175,"context":171},109,{"file":133,"line":177,"context":171},133,{"file":133,"line":179,"context":171},139,[],[],{"summary":183,"deductions":184},"The geekshed-embed plugin v2.0.1 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and has no recorded vulnerabilities (CVEs) in its history.  The static analysis also shows no dangerous functions or file operations, and no external HTTP requests, which generally contributes to a more secure profile.  Furthermore, the identified entry points (shortcodes) are not directly associated with missing authentication or permission checks in the provided static analysis, suggesting a potentially limited attack surface from that perspective.\n\nHowever, significant concerns arise from the output escaping results. With 5 total outputs and 0% properly escaped, this indicates a high probability of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data, or data processed by the plugin and then displayed to users, could be vulnerable to injection attacks.  The absence of nonce checks and capability checks for the identified entry points, while not explicitly flagged as unprotected in the static analysis of entry points, is a general best practice that is missing and could be exploited in conjunction with other weaknesses. The taint analysis showing zero flows, while seemingly good, is also nullified by the lack of proper output escaping, meaning any potential tainted data would likely result in an unescaped output vulnerability.\n\nIn conclusion, while the plugin avoids common pitfalls like raw SQL queries or known vulnerabilities, the complete lack of output escaping presents a critical security weakness. This alone significantly elevates the risk associated with the plugin's use, making it a prime target for XSS attacks. The absence of nonce and capability checks, though not directly tied to an attack vector in the provided data, further contributes to potential vulnerabilities if combined with any data processing that isn't strictly sanitized.",[185,188,190],{"reason":186,"points":187},"All outputs are unescaped",15,{"reason":189,"points":65},"No nonce checks for entry points",{"reason":191,"points":65},"No capability checks for entry points","2026-03-17T01:05:21.538Z",{"wat":194,"direct":203},{"assetPaths":195,"generatorPatterns":197,"scriptPaths":198,"versionParams":200},[196],"\u002Fwp-content\u002Fplugins\u002Fgeekshed-embed\u002Fcss\u002Fgeekshed-embed.css",[],[199],"\u002Fwp-content\u002Fplugins\u002Fgeekshed-embed\u002Fjs\u002Fgeekshed-embed.js",[201,202],"geekshed-embed\u002Fcss\u002Fgeekshed-embed.css?ver=","geekshed-embed\u002Fjs\u002Fgeekshed-embed.js?ver=",{"cssClasses":204,"htmlComments":211,"htmlAttributes":215,"restEndpoints":224,"jsGlobals":225,"shortcodeOutput":228},[205,206,207,208,209,210],"geekshed-embed-notice","gse-chat-container","gse-chat-header","gse-chat-body","gse-chat-footer","gse-nicklist",[212,213,214],"\u003C!-- GeekShed Embed Settings -->","\u003C!-- This will be overwritten by the GeekShed Embed plugin -->","\u003C!-- End GeekShed Embed -->",[216,217,218,219,220,221,222,223],"data-channel","data-width","data-height","data-chat-only","data-restricted","data-user-badge","data-background-color","data-header-color",[],[226,227],"geekshedEmbed","gse_config",[229,230],"[geekshed]","[geekshed_chat]"]