[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNecTR85X_nVwJG2Jm_4dx9kZRcgBmpNUNzi2Dg_d8pw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":138,"fingerprints":228},"image-feed-widget","Image Feed Widget","0.5","yorik","https:\u002F\u002Fprofiles.wordpress.org\u002Fyorik\u002F","\u003Cp>This plugin allows to place widgets on your sidebars, that fetch the contents of one or more RSS feeds, combine them by date if there is more than one, and display the thumbnail images that are included in the feeds items. You can give the widget any number of feeds, and limit the quantity of images to be displayed.\u003C\u002Fp>\n\u003Cp>You can use any kind of RSS feed, but they must contain thumbnails (the plugin will check for, in that order, media:thumbnail tags, or enclosure tags, or, if none of these are found, an img tag inside the feed item description). If you don’t undestand a word of this, just make sure your feed carries thumbnails, otherwise all you’ll see is a “No thumbnail found” text…\u003C\u002Fp>\n\u003Cp>You can also use this plugin from your theme templates, to display images lists anywhere else on your blog and you can easily give them a fixed size or a maximum size with CSS styling.\u003C\u002Fp>\n","A widget to display imges from RSS feeds such as twitter, flickr or youtube",40,13563,100,1,"2011-12-01T18:50:00.000Z","3.2.1","2.8.4","",[20,21,22,23],"feed","image","rss","widget","http:\u002F\u002Fyorik.uncreated.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-feed-widget.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,50,30,84,"2026-04-05T13:40:34.140Z",[38,56,76,99,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":46,"num_ratings":32,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"rss-image-widget","RSS Image Widget","3.0.0","zackdesign","https:\u002F\u002Fprofiles.wordpress.org\u002Fzackdesign\u002F","\u003Cp>RSS Image Widget fetches images from any RSS\u002FAtom feed that uses enclosures and displays them in a responsive grid with a built-in lightbox. Works as both a classic widget and a Gutenberg block.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Widget + Block\u003C\u002Fstrong> — Use in sidebars (classic widget) or anywhere in the block editor\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight\u003C\u002Fstrong> — No jQuery, no external CDN. Just a tiny vanilla JS lightbox (~2 KB)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive grid\u003C\u002Fstrong> — CSS Grid layout adapts to any container width\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lazy loading\u003C\u002Fstrong> — Images use native browser lazy loading\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessible\u003C\u002Fstrong> — Lightbox supports keyboard navigation (Escape to close)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero configuration\u003C\u002Fstrong> — Just add a feed URL and go\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Upgrading from v2.x:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Bootstrap classes (\u003Ccode>row\u003C\u002Fcode>, \u003Ccode>col-xs-12\u003C\u002Fcode>) and external Lightbox2 CDN have been replaced with clean semantic HTML, a responsive CSS Grid layout, and a bundled vanilla JS lightbox. If you had custom CSS targeting the old classes, you will need to update it to use the new \u003Ccode>.rss-image-gallery\u003C\u002Fcode> BEM classes.\u003C\u002Fp>\n","Display images from an RSS or Atom feed as a widget or block with a lightweight lightbox gallery.",60,32807,"2026-02-23T09:43:00.000Z","6.9.4","6.0","7.4",[20,53,21,22,23],"gallery","https:\u002F\u002Fzackdesign.biz\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-image-widget.3.0.0.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":27,"num_ratings":27,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":18,"tags":69,"homepage":73,"download_link":74,"security_score":75,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"demomentsomtres-image-feed-widget","DeMomentSomTres Image Feed Widget","1.1","Marc Queralt i Bassa","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcqueralt\u002F","\u003Cp>This plugin allows to place widgets on your sidebars, that fetch the contents of one or more RSS feeds, combine them by date if there is more than one, and display the thumbnail images that are included in the feeds items. You can give the widget any number of feeds, and limit the quantity of images to be displayed.\u003C\u002Fp>\n\u003Cp>This plugin is a corrected version of Image Feed Widget by yorik to include error control. In case of problems system launched a Fatal Error.\u003C\u002Fp>\n\u003Cp>You can use any kind of RSS feed, but they must contain thumbnails (the plugin will check for, in that order, media:thumbnail tags, or enclosure tags, or, if none of these are found, an img tag inside the feed item description). If you don’t undestand a word of this, just make sure your feed carries thumbnails, otherwise all you’ll see is a “No thumbnail found” text…\u003C\u002Fp>\n\u003Cp>You can also use this plugin from your theme templates, to display images lists anywhere else on your blog and you can easily give them a fixed size or a maximum size with CSS styling.\u003C\u002Fp>\n","A widget to display imges from RSS feeds such as twitter, flickr or youtube or instagram",10,2205,"2024-11-27T09:53:00.000Z","3.9.40","3.5.1",[20,70,22,71,72],"image-widget","rss-image","rss-widget","http:\u002F\u002Fdemomentsomtres.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdemomentsomtres-image-feed-widget.zip",92,{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":18,"download_link":97,"security_score":26,"vuln_count":14,"unpatched_count":27,"last_vuln_date":98,"fetched_at":29},"meks-easy-instagram-widget","Meks Easy Photo Feed Widget","1.2.8","Meks","https:\u002F\u002Fprofiles.wordpress.org\u002Fmekshq\u002F","\u003Cp>Meks Easy Photo Feed (formerly Instagram) Widget WordPress plugin is made to help you display good looking Instagram photos with a few clicks of the button. Several smart options are provided to fine-tune the widget appearance in order to match your personal taste as well as match any WordPress theme style out of the box.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Pull Instagram images by username\u003C\u002Fli>\n\u003Cli>Multiple usernames\u003C\u002Fli>\n\u003Cli>Choose number of Instagram photos to pull\u003C\u002Fli>\n\u003Cli>Choose in how many columns you would like to display your Instagram photos\u003C\u002Fli>\n\u003Cli>Specify spacing between Instagram images\u003C\u002Fli>\n\u003Cli>Fine-tune widget container size to pull the most optimized Instagram image size and match the current theme layout\u003C\u002Fli>\n\u003Cli>Automatically display the “Follow me” link\u003C\u002Fli>\n\u003Cli>Built-in caching (via transients) for optimized performance\u003C\u002Fli>\n\u003Cli>Shortcode [meks_easy_photo_feed title=”Your Feed Title” username=”your_username” container_size=2000 columns=6 photo_space=5 photos_number=12 link_text=”your_username”]\u003C\u002Fli>\n\u003Cli>Instagram authorization required since Instagram “Basic Permission” API is now Legacy API\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Meks Easy Photo Feed Widget plugin is created by \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n","Easily display Instagram photos as a widget that looks good in (almost) any WordPress theme.",20000,407056,76,12,"2023-09-11T11:53:00.000Z","6.3.8","3.7",[92,93,94,95,96],"instagram","instagram-feed","instagram-gallery","instagram-images","instagram-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmeks-easy-instagram-widget.zip","2021-11-10 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":75,"num_ratings":109,"last_updated":110,"tested_up_to":49,"requires_at_least":111,"requires_php":111,"tags":112,"homepage":115,"download_link":116,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"super-rss-reader","Super RSS Reader – Add attractive RSS Feed Widget","5.4","vaakash","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaakash\u002F","\u003Cp>Super RSS Reader plugin allows you to display RSS feed(s) in an attractive way to your widget. It has options to display multiple RSS feeds separated by tabs in a single widget and has feature to add a news ticker like effect to it. See the features list below for complete list.\u003C\u002Fp>\n\u003Cp>The widget is fully customizable with external styles and also has color themes out of the box. It is a perfect replacement for the default RSS widget in WordPress.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdemos\u002Fsuper-rss-reader\u002F\" rel=\"nofollow ugc\">Check out the \u003Cstrong>LIVE DEMO\u003C\u002Fstrong> of the plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>✨ Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>News ticker\u003C\u002Fstrong> – Add news ticker like effect to the RSS feeds (can turn on of off)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple tabs\u003C\u002Fstrong> – Display multiple feeds in one widget separated by tabs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thumbnail\u003C\u002Fstrong> – Display the thumbnail of the feed item.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Color themes\u003C\u002Fstrong> – Options of multiple color themes out of the box. Customizable via CSS.\u003C\u002Fli>\n\u003Cli>Different \u003Cstrong>thumbnail positions\u003C\u002Fstrong> (align left, right and cover)\u003C\u002Fli>\n\u003Cli>Customizable ticker speed.\u003C\u002Fli>\n\u003Cli>Different \u003Cstrong>date formats\u003C\u002Fstrong> for feed item (absolute and relative)\u003C\u002Fli>\n\u003Cli>Supports RSS and atom feed.\u003C\u002Fli>\n\u003Cli>Trim title and description text of the feed item.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order\u003C\u002Fstrong> feed items by date or random.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌄 Display RSS feeds like\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Your own website content like recent posts, comments, forum topics etc.\u003C\u002Fli>\n\u003Cli>Articles, posts from related websites and share with your users.\u003C\u002Fli>\n\u003Cli>Events, job listings etc. from other websites.\u003C\u002Fli>\n\u003Cli>Deals, Craigslist, Google News RSS etc. You got it, any RSS feed on your site !\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F02aOG_-98Tg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>💎 PRO version\u003C\u002Fh3>\n\u003Cp>Super RSS reader has a PRO version which has more features to further enhance and to get more control of the RSS feed you display. With the PRO version you can enjoy below additional features included and also support the development of this plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode\u003C\u002Fstrong> – Display RSS feed anywhere in your website using \u003Ccode>[srr_feed]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Grid display\u003C\u002Fstrong> – Display feed item in rows and columns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Paginated display\u003C\u002Fstrong> – Display feed item in different pages with a pagination bar\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Filter by keyword\u003C\u002Fstrong> – Show\u002Fhide feed items based on keyword\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom feed item template\u003C\u002Fstrong> – Change order of feed item content, add HTML\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fetch thumbnail\u003C\u002Fstrong> – Forcefully fetches the thumbnail from feed URL\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Merge multiple feeds\u003C\u002Fstrong> – Display multiple RSS feeds as one\u003C\u002Fli>\n\u003Cli>\u003Cstrong>4 new\u003C\u002Fstrong> color themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fsuper-rss-reader\u002F?utm_source=readme&utm_medium=description&utm_campaign=srr-pro\" rel=\"nofollow ugc\">\u003Cstrong>More information\u003C\u002Fstrong>\u003C\u002Fa> – \u003Ca href=\"https:\u002F\u002Fwpdemos.aakashweb.com\u002Fsuper-rss-reader\u002F?utm_source=readme&utm_medium=description&utm_campaign=srr-pro\" rel=\"nofollow ugc\">Live demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fsuper-rss-reader\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fsuper-rss-reader\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fforum\u002Fdiscuss\u002Fwordpress-plugins\u002Fsuper-rss-reader\u002F\" rel=\"nofollow ugc\">Support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Display any RSS feed(s) in widget with news ticker effect in multiple tabs, thumbnails, customizable color themes and more.",10000,426421,66,"2025-12-06T07:43:00.000Z","5.3",[20,113,22,114,23],"news","rss-feed","https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fsuper-rss-reader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-rss-reader.5.4.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":13,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":136,"download_link":137,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"send-images-rss","Send Images to RSS","3.4.1","Robin Cornett","https:\u002F\u002Fprofiles.wordpress.org\u002Flittlerchicken\u002F","\u003Cp>\u003Cem>Send Images to RSS\u003C\u002Fem> bridges the gap between large websites and small emails, by replacing images in your feed with smaller, email friendly images, and attempting to add markup which email clients can handle.\u003C\u002Fp>\n\u003Cp>Between larger monitors, retina screens, and better image optimization, the images we serve up on our websites are larger than they’ve ever been. RSS to email services such as MailChimp, however, are constrained to what email clients can display, which is small, small, small. And although it’s possible to try to style images with a max-width in your emails, not all clients will honor it (I’m looking at you, Outlook).\u003C\u002Fp>\n\u003Cp>\u003Cem>Send Images to RSS\u003C\u002Fem> makes it easy to create beautiful, email friendly RSS campaigns, with minimal setup required, regardless of your feed setup.\u003C\u002Fp>\n\u003Ch4>Full Text RSS Feeds\u003C\u002Fh4>\n\u003Cp>If your site’s RSS feed is set to Full Text, this plugin makes sure your emails look more like your website:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Replace overly large images with email friendly size images.\u003C\u002Fli>\n\u003Cli>Convert galleries from thumbnails to full width images.\u003C\u002Fli>\n\u003Cli>Add email friendly styling\u002Falignment to your images.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Summary Text Feeds\u003C\u002Fh4>\n\u003Cp>If you’ve used Summaries as your RSS feed settings, this plugin has not been for you. \u003Cem>Until now.\u003C\u002Fem> As of 3.0.0, Send Images to RSS brings the awesome to you, too. Here’s the magic for your Summary feed:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add the post’s featured image to your excerpt. Choose the size and alignment. If no featured image is set, the plugin will use the first image uploaded to the post.\u003C\u002Fli>\n\u003Cli>Set a custom length for your RSS summary\u002Fexcerpt. Pick the number of words you want your summary to have, and the plugin will aim for that, but with the added bonus of making sure the final sentence is complete.\u003C\u002Fli>\n\u003Cli>If you add a manual excerpt to your post, because you like to have full control, the plugin will properly use that instead.\u003C\u002Fli>\n\u003Cli>Automatically add a custom “read more” link to the end of every post summary, to keep your feed pointed back to your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Known (non)Issues\u003C\u002Fh4>\n\u003Cp>This plugin should work with any theme. Some themes and plugins do modify the feed for their own purposes. Where possible, I’ve tried to account for them:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>For summary feeds, the \u003Cem>Yoast SEO\u003C\u002Fem> RSS link is removed (the full text feed and front end output are not changed).\u003C\u002Fli>\n\u003Cli>For summary feeds, the excerpt filter added by the \u003Cem>Woo Canvas\u003C\u002Fem> theme is removed (the full text feed and front end output are not changed).\u003C\u002Fli>\n\u003Cli>For summary feeds, this plugin will replace the image settings for \u003Cem>Display Featured Image for Genesis\u003C\u002Fem> for versions 2.3.0 and later (because this plugin is smarter). If you’re using \u003Cem>Display Featured Image for Genesis\u003C\u002Fem> 2.2.2 or lower, this plugin will concede graciously. But you should update, please.\u003C\u002Fli>\n\u003Cli>For full text feeds, this plugin will not duplicate featured images if they are being added by \u003Cem>Display Featured Image for Genesis\u003C\u002Fem>–you will want to disable that feature in \u003Cem>Display Featured Image for Genesis\u003C\u002Fem>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>NOTE: it is up to you to check that your feed output is still working, especially in your email system of choice, once it’s installed.\u003C\u002Fstrong> I’ve attempted to set it up to handle XHTML or HTML5, and function even if your feed is wonky, but \u003Cstrong>please\u003C\u002Fstrong> double check, and let me know if you have issues, and if so, what specifically they are.\u003C\u002Fp>\n\u003Ch4>Props\u003C\u002Fh4>\n\u003Cp>Special thanks to \u003Ca href=\"https:\u002F\u002Fgretchenlouise.com\u002F\" rel=\"nofollow ugc\">Gretchen Louise\u003C\u002Fa> for her summary feed contributions.\u003C\u002Fp>\n\u003Cp>Spanish translation offered by \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Web Hosting Hub\u003C\u002Fa>\u003C\u002Fp>\n","Improve your RSS: for full text feeds, replace large site images with email friendly images. Customize summaries with images and beautiful excerpts.",3000,78948,26,"2020-08-31T21:43:00.000Z","5.5.18","4.9","5.6.20",[133,20,134,135,22],"email","images","mailchimp","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsend-images-rss","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsend-images-rss.3.4.1.zip",{"attackSurface":139,"codeSignals":151,"taintFlows":213,"riskAssessment":214,"analyzedAt":227},{"hooks":140,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":27,"unprotectedCount":27},[141],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","widgets_init","anonymous","image-feed-widget.php",194,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":156,"outputEscaping":158,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":212},[153],{"fn":154,"file":145,"line":146,"context":155},"create_function","add_action( 'widgets_init', create_function('', 'return register_widget(\"Image_Feed_Widget\");') );",{"prepared":27,"raw":27,"locations":157},[],{"escaped":27,"rawEcho":159,"locations":160},33,[161,164,166,168,170,171,173,175,177,179,181,183,185,187,188,189,190,192,193,194,195,197,198,199,200,202,203,204,206,207,208,210,211],{"file":145,"line":162,"context":163},53,"raw output",{"file":145,"line":165,"context":163},54,{"file":145,"line":167,"context":163},56,{"file":145,"line":169,"context":163},59,{"file":145,"line":46,"context":163},{"file":145,"line":172,"context":163},63,{"file":145,"line":174,"context":163},64,{"file":145,"line":176,"context":163},68,{"file":145,"line":178,"context":163},75,{"file":145,"line":180,"context":163},98,{"file":145,"line":182,"context":163},107,{"file":145,"line":184,"context":163},123,{"file":145,"line":186,"context":163},147,{"file":145,"line":186,"context":163},{"file":145,"line":186,"context":163},{"file":145,"line":186,"context":163},{"file":145,"line":191,"context":163},149,{"file":145,"line":191,"context":163},{"file":145,"line":191,"context":163},{"file":145,"line":191,"context":163},{"file":145,"line":196,"context":163},151,{"file":145,"line":196,"context":163},{"file":145,"line":196,"context":163},{"file":145,"line":196,"context":163},{"file":145,"line":201,"context":163},153,{"file":145,"line":201,"context":163},{"file":145,"line":201,"context":163},{"file":145,"line":205,"context":163},165,{"file":145,"line":205,"context":163},{"file":145,"line":205,"context":163},{"file":145,"line":209,"context":163},177,{"file":145,"line":209,"context":163},{"file":145,"line":209,"context":163},[],[],{"summary":215,"deductions":216},"The \"image-feed-widget\" plugin version 0.5 exhibits a mixed security posture. On the positive side, it has no known vulnerabilities (CVEs) and demonstrates good practices in handling SQL queries, exclusively using prepared statements.  The absence of external HTTP requests, file operations, and a seemingly small attack surface (0 entry points) are also encouraging signs. However, significant concerns arise from the static code analysis. The presence of the `create_function` is a notable risk, as it can be leveraged for code injection if user input is passed to it without proper sanitization. Furthermore, a critical weakness is the complete lack of output escaping for all identified output points. This means any data displayed by the plugin, if it originates from user input or other untrusted sources, could be vulnerable to cross-site scripting (XSS) attacks. The lack of nonces and capability checks, while not directly indicative of a vulnerability given the zero identified entry points, represents a potential gap if the plugin's functionality were to expand or if new entry points were introduced in future versions without corresponding security checks.\n\nWhile the plugin has no recorded vulnerability history, this might be due to its limited functionality or the lack of thorough security auditing. The identified code signals, particularly the use of `create_function` and the complete absence of output escaping, represent tangible risks that could be exploited. The plugin's strengths lie in its SQL handling and lack of external interactions, but these are overshadowed by the potential for code injection and XSS. A balanced conclusion suggests that while the plugin is not actively known to be vulnerable, the identified code flaws present significant potential risks that require immediate attention. The absence of known vulnerabilities should not be interpreted as a guarantee of security, especially with the presence of insecure coding practices.",[217,219,222,225],{"reason":218,"points":64},"Use of dangerous function: create_function",{"reason":220,"points":221},"Output escaping: 0% properly escaped",15,{"reason":223,"points":224},"Non-existent nonce checks",5,{"reason":226,"points":224},"Non-existent capability checks","2026-03-16T22:12:50.609Z",{"wat":229,"direct":235},{"assetPaths":230,"generatorPatterns":232,"scriptPaths":233,"versionParams":234},[231],"\u002Fwp-content\u002Fplugins\u002Fimage-feed-widget\u002Fimage-feed-widget.php",[],[],[],{"cssClasses":236,"htmlComments":240,"htmlAttributes":241,"restEndpoints":243,"jsGlobals":244,"shortcodeOutput":245},[237,238,239],"image-feed-list","image-feed-","imgtitle",[],[242],"image_feed_widget",[],[],[]]