[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feFZeJlMiu7nB6s4oe3uCgEQer74JZ6vZpgLjyvDzGOE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":98,"fingerprints":451},"gravitation-portfolios","Gravitation Portfolios","1.0.0","UlisesFreitas","https:\u002F\u002Fprofiles.wordpress.org\u002Fulisesfreitas\u002F","\u003Cp>Gravitation portfolios, is a plugin to display portfolios on your site, with a page template, or shortcodes is mainly for bootstrap ready templates.\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>Features ShortCodes:\u003C\u002Fp>\n\u003Col>\n\u003Cli>All portfolios [gravitation_portfolios]\u003C\u002Fli>\n\u003C\u002Fol>\n","A Plugin to integrate portfolios",10,1385,0,"2016-05-16T22:30:00.000Z","4.5.33","4.3.1","",[19,20,21],"portfolios","portfolios-on-widgets","portfolios-shortcodes","https:\u002F\u002Fgithub.com\u002FUlisesFreitas\u002Fgravitation-portfolios","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgravitation-portfolios.1.0.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"ulisesfreitas",5,50,88,30,86,"2026-04-05T02:53:37.520Z",[37,59,77],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"cozy-essential-addons","Theme Demo Importer and Patterns Library for CozyThemes – Cozy Essential Addons","1.3.4","CozyThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcozythemes\u002F","\u003Cp>Cozy Essentials Addons is the ultimate companion plugin for CozyThemes users, offering seamless one-click demo imports and a rich library of pre-designed block patterns to help you quickly build stunning websites. Designed to work perfectly with themes like FotaWP, ReviveNews, Storemate, and more, this lightweight plugin lets you instantly replicate professional starter sites, complete with layouts and content, while also enabling theme-specific enhancements for an optimized building experience. Whether you’re launching a blog, store, or business site, Cozy Essentials Addons makes website creation faster, easier, and more powerful.\u003C\u002Fp>\n\u003Ch4>Display shortcode of post type in site\u003C\u002Fh4>\n\u003Cp>To display post data in your site, please checkout [shortcodes][https:\u002F\u002Fcozythemes.com\u002Fcozy-essential-addons\u002F] in plugin details page.\u003C\u002Fp>\n","Cozy Essential Addons is the free WordPress plugin for Custom post type and provides basic skeletal for custom post type list.",7000,198409,"2025-10-13T15:03:00.000Z","6.8.5","5.9","7.3.0",[52,53,19,54,55],"demo-importer","faqs","teams","testimonials","https:\u002F\u002Fcozythemes.com\u002Fcozy-essential-addons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcozy-essential-addons.1.3.4.zip",100,{"slug":19,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":58,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":17,"requires_php":17,"tags":71,"homepage":17,"download_link":76,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"Portfolios","1.1.6","Jason","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeblvd\u002F","\u003Cp>This plugin adds a “Portfolio Item” custom post type with associated “Portfolio” and “Porfolio Tag” taxonomies.\u003C\u002Fp>\n\u003Cp>Any instances of \u003Ccode>the_tags()\u003C\u002Fcode> by your theme when on a portfolio item post are filtered to use Portfolio Tags.\u003C\u002Fp>\n\u003Ch4>Theme Blvd Integration\u003C\u002Fh4>\n\u003Cp>If you’re using a theme with \u003Ca href=\"http:\u002F\u002Fwww.themeblvd.com\" rel=\"nofollow ugc\">Theme Blvd\u003C\u002Fa> framework v2.3+, this plugin has some cool integration features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Breadcrumb integration for Portfolio Items and associated taxonomy archives.\u003C\u002Fli>\n\u003Cli>Portfolio and Portfolio Tag WordPress can display in grid mode.\u003C\u002Fli>\n\u003Cli>Post List and Post Grid page templates can accept “portfolio” and “portfolio_tag” custom fields to filter posts.\u003C\u002Fli>\n\u003Cli>Standard “Post Options” meta box is integrated into the portfolio item custom post type.\u003C\u002Fli>\n\u003Cli>With our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-blvd-layout-builder\" rel=\"ugc\">Layout Builder\u003C\u002Fa> plugin, options to pull posts by Portfolio or Portfolio Tag are added to verious elements.\u003C\u002Fli>\n\u003Cli>With our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-blvd-shortcodes\u002F\" rel=\"ugc\">Shortcodes\u003C\u002Fa> plugin, you can use “portfolio” and “portfolio_tag” parameters for \u003Ccode>[post_list]\u003C\u002Fcode> and \u003Ccode>[post_grid]\u003C\u002Fcode> shortcodes.\u003C\u002Fli>\n\u003Cli>With our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-blvd-sliders\u002F\" rel=\"ugc\">Sliders\u003C\u002Fa> plugin, you can use “portfolio” and “portfolio_tag” parameters with \u003Ccode>[post_slider]\u003C\u002Fcode> shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds a \"Portfolio Item\" custom post type with associated \"Portfolio\" and \"Porfolio Tag\" taxonomies.",700,27244,2,"2019-01-20T22:26:00.000Z","5.0.25",[72,73,19,74,75],"bundle","jason-bobich","theme-blvd","themeblvd","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fportfolios.1.1.6.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":13,"downloaded":85,"rating":58,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":17,"download_link":96,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":97},"cb-portfolio-work","CB Portfolio Work For Elementor","1.1","Md Abul Bashar","https:\u002F\u002Fprofiles.wordpress.org\u002Fhmbashar\u002F","\u003Cp>Show your works history as a portfolio on your website by using elementor widget or shortcode [cb-pwork-our-works]\u003C\u002Fp>\n","Show your works history as a portfolio on your website by using elementor widget or shortcode [cb-pwork-our-works]",1317,1,"2023-10-02T17:43:00.000Z","6.3.8","4.7","7.0",[92,93,94,95],"elementor-widget","portfolio","portfolios-widget","work-works","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcb-portfolio-work.1.1.zip","2026-03-15T14:54:45.397Z",{"attackSurface":99,"codeSignals":205,"taintFlows":393,"riskAssessment":441,"analyzedAt":450},{"hooks":100,"ajaxHandlers":197,"restRoutes":198,"shortcodes":199,"cronEvents":204,"entryPointCount":86,"unprotectedCount":13},[101,107,112,116,119,124,127,131,135,139,143,147,151,155,158,162,166,170,173,177,181,185,190,193],{"type":102,"name":103,"callback":104,"file":105,"line":106},"filter","image_size_names_choose","gravitaion_portfolios_thumbnail","gravitation-portfolios.php",64,{"type":108,"name":109,"callback":110,"file":105,"line":111},"action","init","gravitaion_portfolios_img_size",72,{"type":108,"name":113,"callback":114,"file":105,"line":115},"plugins_loaded","gravitation_portfolios_load_textdomain",77,{"type":102,"name":117,"callback":118,"file":105,"line":34},"widget_text","do_shortcode",{"type":102,"name":120,"callback":121,"priority":122,"file":105,"line":123},"excerpt_length","custom_excerpt_length",999,90,{"type":108,"name":113,"callback":125,"file":105,"line":126},"get_instance",93,{"type":102,"name":128,"callback":129,"file":105,"line":130},"single_template","get_gravitation_portfolios_single_template",103,{"type":102,"name":132,"callback":133,"file":105,"line":134},"archive_template","get_gravitation_portfolios_archive_template",112,{"type":108,"name":136,"callback":137,"file":105,"line":138},"wp_enqueue_scripts","gravitation_portfolios_stylesheet",135,{"type":108,"name":136,"callback":140,"priority":141,"file":105,"line":142},"gravitation_portfolios_scripts",160,162,{"type":102,"name":144,"callback":145,"file":105,"line":146},"manage_gv_portfolios_posts_columns","gravitation_set_custom_edit_portfolios_columns",175,{"type":108,"name":148,"callback":149,"priority":11,"file":105,"line":150},"manage_gv_portfolios_posts_custom_column","gravitation_custom_portfolios_column",201,{"type":108,"name":152,"callback":153,"file":105,"line":154},"admin_menu","gravitation_portfolios_help_admin_menu",496,{"type":108,"name":109,"callback":156,"file":105,"line":157},"gravitation_portfolios_create_post_type",680,{"type":108,"name":159,"callback":160,"priority":86,"file":105,"line":161},"save_post","gravitation_portfolios_post_save_meta",793,{"type":102,"name":109,"callback":163,"file":164,"line":165},"load_textdomain","meta-box-class\\my-meta-box-class.php",116,{"type":108,"name":167,"callback":168,"file":164,"line":169},"add_meta_boxes","add",137,{"type":108,"name":159,"callback":171,"file":164,"line":172},"save",139,{"type":108,"name":174,"callback":175,"file":164,"line":176},"admin_print_styles","load_scripts_styles",142,{"type":102,"name":178,"callback":179,"file":164,"line":180},"wp_handle_upload_prefilter","Validate_upload_file_type",144,{"type":108,"name":182,"callback":183,"file":164,"line":184},"post_edit_form_tag","add_enctype",221,{"type":102,"name":186,"callback":187,"file":188,"line":189},"page_attributes_dropdown_pages_args","register_project_templates","Portfolios.php",42,{"type":102,"name":191,"callback":187,"file":188,"line":192},"wp_insert_post_data",49,{"type":102,"name":194,"callback":195,"file":188,"line":196},"template_include","view_project_template",57,[],[],[200],{"tag":201,"callback":202,"file":105,"line":203},"gravitation_portfolios","gravitation_portfolios_shortcode",494,[],{"dangerousFunctions":206,"sqlUsage":207,"outputEscaping":209,"fileOperations":13,"externalRequests":13,"nonceChecks":388,"capabilityChecks":68,"bundledLibraries":389},[],{"prepared":13,"raw":13,"locations":208},[],{"escaped":210,"rawEcho":211,"locations":212},18,94,[213,217,218,219,221,223,225,226,227,228,230,233,235,236,238,239,241,243,244,246,247,249,250,252,255,256,257,258,259,261,263,265,267,269,271,273,274,276,278,280,282,283,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,317,319,321,323,325,327,329,331,333,335,337,338,340,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386],{"file":214,"line":215,"context":216},"content-archive-gravitation-portfolio.php",47,"raw output",{"file":214,"line":31,"context":216},{"file":214,"line":106,"context":216},{"file":214,"line":220,"context":216},66,{"file":214,"line":222,"context":216},75,{"file":214,"line":224,"context":216},83,{"file":214,"line":224,"context":216},{"file":214,"line":24,"context":216},{"file":214,"line":24,"context":216},{"file":214,"line":229,"context":216},87,{"file":231,"line":232,"context":216},"content-single-gravitation-portfolio.php",39,{"file":231,"line":234,"context":216},54,{"file":231,"line":196,"context":216},{"file":231,"line":237,"context":216},81,{"file":231,"line":224,"context":216},{"file":231,"line":240,"context":216},92,{"file":231,"line":242,"context":216},96,{"file":231,"line":242,"context":216},{"file":231,"line":245,"context":216},97,{"file":231,"line":245,"context":216},{"file":231,"line":248,"context":216},98,{"file":231,"line":248,"context":216},{"file":231,"line":251,"context":216},102,{"file":253,"line":254,"context":216},"gravitation-portfolios-page.php",56,{"file":253,"line":32,"context":216},{"file":253,"line":32,"context":216},{"file":253,"line":123,"context":216},{"file":253,"line":211,"context":216},{"file":105,"line":260,"context":216},184,{"file":105,"line":262,"context":216},190,{"file":105,"line":264,"context":216},194,{"file":105,"line":266,"context":216},255,{"file":105,"line":268,"context":216},256,{"file":105,"line":270,"context":216},436,{"file":105,"line":272,"context":216},455,{"file":105,"line":272,"context":216},{"file":105,"line":275,"context":216},457,{"file":105,"line":277,"context":216},460,{"file":105,"line":279,"context":216},462,{"file":105,"line":281,"context":216},468,{"file":105,"line":281,"context":216},{"file":105,"line":284,"context":216},546,{"file":105,"line":286,"context":216},564,{"file":105,"line":288,"context":216},571,{"file":105,"line":290,"context":216},689,{"file":105,"line":292,"context":216},724,{"file":105,"line":294,"context":216},734,{"file":164,"line":296,"context":216},378,{"file":164,"line":298,"context":216},389,{"file":164,"line":300,"context":216},416,{"file":164,"line":302,"context":216},418,{"file":164,"line":304,"context":216},427,{"file":164,"line":306,"context":216},431,{"file":164,"line":308,"context":216},458,{"file":164,"line":310,"context":216},465,{"file":164,"line":312,"context":216},508,{"file":164,"line":314,"context":216},524,{"file":164,"line":316,"context":216},538,{"file":164,"line":318,"context":216},555,{"file":164,"line":320,"context":216},570,{"file":164,"line":322,"context":216},585,{"file":164,"line":324,"context":216},598,{"file":164,"line":326,"context":216},612,{"file":164,"line":328,"context":216},630,{"file":164,"line":330,"context":216},632,{"file":164,"line":332,"context":216},654,{"file":164,"line":334,"context":216},671,{"file":164,"line":336,"context":216},688,{"file":164,"line":292,"context":216},{"file":164,"line":339,"context":216},725,{"file":164,"line":341,"context":216},726,{"file":164,"line":343,"context":216},728,{"file":164,"line":345,"context":216},730,{"file":164,"line":347,"context":216},760,{"file":164,"line":349,"context":216},761,{"file":164,"line":351,"context":216},762,{"file":164,"line":353,"context":216},764,{"file":164,"line":355,"context":216},766,{"file":164,"line":357,"context":216},785,{"file":164,"line":359,"context":216},787,{"file":164,"line":361,"context":216},788,{"file":164,"line":363,"context":216},789,{"file":164,"line":365,"context":216},816,{"file":164,"line":367,"context":216},832,{"file":164,"line":369,"context":216},847,{"file":164,"line":371,"context":216},869,{"file":164,"line":373,"context":216},874,{"file":164,"line":375,"context":216},878,{"file":164,"line":377,"context":216},907,{"file":164,"line":379,"context":216},912,{"file":164,"line":381,"context":216},914,{"file":164,"line":383,"context":216},937,{"file":164,"line":385,"context":216},941,{"file":188,"line":387,"context":216},127,4,[390],{"name":391,"version":25,"knownCves":392},"Select2",[],[394,412,420,433],{"entryPoint":395,"graph":396,"unsanitizedCount":13,"severity":411},"gravitation_portfolios_help_page (gravitation-portfolios.php:502)",{"nodes":397,"edges":408},[398,403],{"id":399,"type":400,"label":401,"file":105,"line":402},"n0","source","$_POST['portfolios_count']",511,{"id":404,"type":405,"label":406,"file":105,"line":402,"wp_function":407},"n1","sink","update_option() [Settings Manipulation]","update_option",[409],{"from":399,"to":404,"sanitized":410},true,"low",{"entryPoint":413,"graph":414,"unsanitizedCount":13,"severity":411},"\u003Cgravitation-portfolios> (gravitation-portfolios.php:0)",{"nodes":415,"edges":418},[416,417],{"id":399,"type":400,"label":401,"file":105,"line":402},{"id":404,"type":405,"label":406,"file":105,"line":402,"wp_function":407},[419],{"from":399,"to":404,"sanitized":410},{"entryPoint":421,"graph":422,"unsanitizedCount":13,"severity":411},"save (meta-box-class\\my-meta-box-class.php:968)",{"nodes":423,"edges":431},[424,427],{"id":399,"type":400,"label":425,"file":164,"line":426},"$_POST (x2)",988,{"id":404,"type":405,"label":428,"file":164,"line":429,"wp_function":430},"call_user_func() [RCE]",993,"call_user_func",[432],{"from":399,"to":404,"sanitized":410},{"entryPoint":434,"graph":435,"unsanitizedCount":13,"severity":411},"\u003Cmy-meta-box-class> (meta-box-class\\my-meta-box-class.php:0)",{"nodes":436,"edges":439},[437,438],{"id":399,"type":400,"label":425,"file":164,"line":426},{"id":404,"type":405,"label":428,"file":164,"line":429,"wp_function":430},[440],{"from":399,"to":404,"sanitized":410},{"summary":442,"deductions":443},"The 'gravitation-portfolios' v1.0.0 plugin presents a generally good security posture with some notable areas for improvement.  Its limited attack surface, with only one shortcode and no unprotected entry points, is a significant strength. The complete absence of raw SQL queries and the consistent use of prepared statements for database interactions are excellent practices. Furthermore, the plugin incorporates nonce and capability checks, indicating an awareness of common WordPress security vulnerabilities.  The vulnerability history is clean, with no recorded CVEs, which is a positive indicator of past development quality.\n\nHowever, a critical concern arises from the low percentage of properly escaped output. With 112 total outputs and only 16% properly escaped, there is a high likelihood of cross-site scripting (XSS) vulnerabilities. Any user-supplied data that is displayed without proper sanitization could be exploited by an attacker to inject malicious scripts. The inclusion of the Select2 library, while potentially useful, also introduces a risk if it's an outdated version, as bundled libraries can be vectors for vulnerabilities if not maintained.\n\nIn conclusion, while 'gravitation-portfolios' v1.0.0 demonstrates strengths in limiting its attack surface and securing database interactions, the significant lack of output escaping represents a substantial security risk that requires immediate attention. Addressing this output sanitization issue is paramount to improving the plugin's overall security.",[444,447],{"reason":445,"points":446},"Insufficient output escaping",8,{"reason":448,"points":449},"Bundled library (Select2) potentially outdated",3,"2026-03-17T00:46:24.758Z",{"wat":452,"direct":465},{"assetPaths":453,"generatorPatterns":458,"scriptPaths":459,"versionParams":460},[454,455,456,457],"\u002Fwp-content\u002Fplugins\u002Fgravitation-portfolios\u002Fcss\u002Fportfolio-styles.css","\u002Fwp-content\u002Fplugins\u002Fgravitation-portfolios\u002Fjs\u002Fjquery.easing.1.3.js","\u002Fwp-content\u002Fplugins\u002Fgravitation-portfolios\u002Fjs\u002Fjquery.quicksand.js","\u002Fwp-content\u002Fplugins\u002Fgravitation-portfolios\u002Fjs\u002Ffunctions.js",[],[455,456,457],[461,462,463,464],"gravitation_portfolios_style?ver=","gravitation_portfolios_easing?ver=","gravitation_portfolios_quicksand?ver=","gravitation_portfolios_functions?ver=",{"cssClasses":466,"htmlComments":470,"htmlAttributes":502,"restEndpoints":505,"jsGlobals":506,"shortcodeOutput":509},[467,468,469],"gravitation-portfolios-item","gravitation-portfolio-title","gravitation-portfolio-category",[471,472,473,474,475,476,477,478,479,480,481,482,483,484,485,486,487,488,489,490,491,492,493,494,495,496,497,498,499,500,501],"\u003C!-- Gravitation portfolios","Copyright (C) 2016 Gravitation portfolios","This library is free software; you can redistribute it and\u002For","modify it under the terms of the GNU Lesser General Public","License as published by the Free Software Foundation; either","version 2.1 of the License, or (at your option) any later version.","This library is distributed in the hope that it will be useful,","but WITHOUT ANY WARRANTY; without even the implied warranty of","MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU","Lesser General Public License for more details.","You should have received a copy of the GNU Lesser General Public","License along with this library; if not, write to the Free Software","Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301","USA","Disenialia©, hereby disclaims all copyright interest in the","library Gravitation portfolios (a library for display portfolios on Wordpress)","written by Ulises Freitas.","Disenialia©, 12 May 2016","CEO Ulises Freitas.","Trigger our function that registers the custom post type","Our post type will be automatically removed, so no need to unregister it","Clear the permalinks after the post type has been registered","Clear the permalinks to remove our post type's rules","Portfolio thumbnail","Load plugin textdomain.","This first part of our function is a fallback","for custom pagination inside a regular loop that","uses the global $paged and global $wp_query variables.","It's good because we can now override default pagination","in our theme, and use this function in default quries","and custom queries.",[503,504],"data-filter","data-id",[],[507,508],"jQuery(document).ready","jQuery().quicksand",[510],"[gravitation_portfolios ids=\""]