[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1DxISziSksSLm8BZGOhbWvT78pa_0LZvqZxMIMPutRA":3,"$fj8a6LyUaSkegH84M75Irhtp5WY9FcR3WepL1oTLpUBU":110,"$fUMKzHYzEfB7kggJg3_dA2xJdTke9UtqNbrHbEpHOhqw":115},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":6,"requires_at_least":6,"requires_php":15,"tags":16,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":32,"analysis":54,"fingerprints":95},"gp-random-post-widget","GP Random Post Widget","1.0","giangmd93","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiangmd93\u002F","\u003Cp>With this plugin you can create Random Post Widget in your theme Wordpres.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No update.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>GP Random Post Widget plugin is created by \u003Ca href=\"http:\u002F\u002Fgithub.com\u002Fgiangmd\" rel=\"nofollow ugc\">Giang Peter\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Source code?\u003C\u002Fh3>\n\u003Cp>You can get GP Random Post Widget source code on our \u003Ca href=\"http:\u002F\u002Fgithub.com\u002Fgiangmd\u002Fgp-random-post-widget\" rel=\"nofollow ugc\">GP Random Post Widget\u003C\u002Fa>\u003C\u002Fp>\n","Create Random Post Widget in your theme Wordpres.",10,1517,0,"2015-11-02T13:32:00.000Z","",[17,18,19],"bai-viet-ngau-nhien-widget","create-random-post-widget","random-post-widget","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgp-create-test-post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp-random-post-widget.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},3,30,84,"2026-05-20T02:05:26.281Z",[33],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":28,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":15,"tags":47,"homepage":52,"download_link":53,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"vi-random-posts-widget","Vi Random Post Widget","1.1","Team Startbit","https:\u002F\u002Fprofiles.wordpress.org\u002Fvivacityinfotechjaipur\u002F","\u003Cp>Vi Random Posts Widget plugin allows us to create a custom random or category posts list as a widget. It gives you a list of random posts via shortcode or widget with thumbnail, excerpt and post date, also you can display it from your custom post type or from a post category.\u003C\u002Fp>\n\u003Cp>=Features=\u003C\u002Fp>\n\u003Cpre>\u003Ccode>WordPress 5.2.1 Support.\nAllow you to add a URL in widget title\nDisplay thumbnails and customizable size.\nDisplay excerpt of customizable length.\nDisplay from all, specific or multiple category.\nDisplay your post date with customomizable format.\nDisplay your post author.\nDisplay post comment counts\nDisplay your custom Post types.    \nUser can add a custom css class in widget.\nAdd custom html or text before and\u002For after posts lists.\nDisplay random post using shortcode '[virp\u002F]'.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Rate Us \u002F Feedback\u003C\u002Fh4>\n\u003Cp>Please take the time to let us and others know about your experiences by leaving a review, so that we can improve the plugin for you and other users.\u003C\u002Fp>\n\u003Ch4>Want More?\u003C\u002Fh4>\n\u003Cp>If You Want more functionality or some modifications, just drop us a line what you want and We will try to add or modify the plugin functions.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Thanks to Aqua Resizer. (http:\u002F\u002Faquagraphite.com)\u003C\u002Fli>\n\u003Cli>Thanks to Font Awesome. (https:\u002F\u002Ffortawesome.github.io\u002FFont-Awesome\u002F)\u003C\u002Fli>\n\u003C\u002Ful>\n","Vi Random Posts Widget plugin allows us to create a custom random or category posts list as a widget. It gives you a list of random posts via shortcod &hellip;",100,6303,74,"2019-06-18T07:34:00.000Z","5.2.24","3.0",[48,49,50,51,19],"custom-post-type-widget","latest-post-widget","post-widget","random-post","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvi-random-posts-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvi-random-posts-widget.1.1.zip",{"attackSurface":55,"codeSignals":67,"taintFlows":87,"riskAssessment":88,"analyzedAt":94},{"hooks":56,"ajaxHandlers":63,"restRoutes":64,"shortcodes":65,"cronEvents":66,"entryPointCount":13,"unprotectedCount":13},[57],{"type":58,"name":59,"callback":60,"file":61,"line":62},"action","widgets_init","gp_create_widget","gp-random-post-widget.php",68,[],[],[],[],{"dangerousFunctions":68,"sqlUsage":69,"outputEscaping":71,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":86},[],{"prepared":13,"raw":13,"locations":70},[],{"escaped":72,"rawEcho":73,"locations":74},2,5,[75,78,80,82,84],{"file":61,"line":76,"context":77},35,"raw output",{"file":61,"line":79,"context":77},36,{"file":61,"line":81,"context":77},51,{"file":61,"line":83,"context":77},52,{"file":61,"line":85,"context":77},63,[],[],{"summary":89,"deductions":90},"The \"gp-random-post-widget\" plugin version 1.0 exhibits a generally positive security posture based on the provided static analysis. The absence of identified dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), file operations, and external HTTP requests are strong indicators of secure coding practices. Furthermore, the lack of any recorded vulnerabilities in its history suggests a stable and well-maintained codebase.  The plugin also boasts a remarkably small attack surface with no identified entry points needing authentication, which is an advantage in reducing potential exploitation vectors.\n\nHowever, a significant concern arises from the low percentage of properly escaped output (29%). This indicates that data rendered by the plugin might be susceptible to Cross-Site Scripting (XSS) attacks, especially if user-controlled input or dynamic content is involved in these unescaped outputs. The lack of nonce checks and capability checks, while not directly indicating a vulnerability given the zero attack surface, means that if any entry points were to be introduced in future versions without proper authentication, these security layers would be missing, creating an immediate risk. The absence of taint analysis flows is a neutral observation; it doesn't necessarily mean there are no potential issues, but rather that the analysis either didn't detect any or wasn't performed comprehensively enough to reveal them. In conclusion, while the plugin has a solid foundation, the unescaped output is a notable weakness that requires attention to prevent potential XSS vulnerabilities.",[91],{"reason":92,"points":93},"Low percentage of properly escaped output",7,"2026-04-16T12:56:28.189Z",{"wat":96,"direct":102},{"assetPaths":97,"generatorPatterns":99,"scriptPaths":100,"versionParams":101},[98],"\u002Fwp-content\u002Fplugins\u002Fgp-random-post-widget\u002Fgp-random-post-widget.php",[],[],[],{"cssClasses":103,"htmlComments":105,"htmlAttributes":106,"restEndpoints":107,"jsGlobals":108,"shortcodeOutput":109},[104],"gp_random_post_list",[],[],[],[],[],{"error":111,"url":112,"statusCode":113,"statusMessage":114,"message":114},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fgp-random-post-widget\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":116,"versions":117},1,[118],{"version":119,"download_url":120,"svn_tag_url":121,"released_at":23,"has_diff":122,"diff_files_changed":123,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":124,"is_current":122},"v.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp-random-post-widget.v.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgp-random-post-widget\u002Ftags\u002Fv.1.0\u002F",false,[],[]]