[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWNxpSVGgYu7ZptmTOTmAHhRPWrDBNNxb2e-UiGM4VJA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":32,"analysis":33,"fingerprints":97},"last-video-widget","Last Video Widget","0.1","yorik","https:\u002F\u002Fprofiles.wordpress.org\u002Fyorik\u002F","\u003Cp>This plugin allows to place a widget on your sidebar, that will fetch the last post of the category you specify, and display it inside the widget. In addition, if that post contains a youtube video tag inserted by the Viper’s Video Quicktags plugin, that video will be resized to the specified size, so you can fit it nicely in your sidebar width.\u003C\u002Fp>\n","A widget that displays the last post af a category and resize its video. Viper's Video Quicktags plugin needed.",10,2639,0,"2009-11-19T19:28:00.000Z","2.8.5","2.8.4","",[19],"video-sidebar-post-viper","http:\u002F\u002Fyorik.uncreated.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-video-widget.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},2,50,30,84,"2026-04-05T18:09:18.927Z",[],{"attackSurface":34,"codeSignals":46,"taintFlows":82,"riskAssessment":83,"analyzedAt":96},{"hooks":35,"ajaxHandlers":42,"restRoutes":43,"shortcodes":44,"cronEvents":45,"entryPointCount":13,"unprotectedCount":13},[36],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","widgets_init","anonymous","last-video-widget.php",102,[],[],[],[],{"dangerousFunctions":47,"sqlUsage":51,"outputEscaping":53,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":81},[48],{"fn":49,"file":40,"line":41,"context":50},"create_function","add_action( 'widgets_init', create_function('', 'return register_widget(\"Last_Video_Widget\");') );",{"prepared":13,"raw":13,"locations":52},[],{"escaped":13,"rawEcho":54,"locations":55},16,[56,59,60,62,64,66,67,68,69,71,73,74,76,78,79,80],{"file":40,"line":57,"context":58},48,"raw output",{"file":40,"line":28,"context":58},{"file":40,"line":61,"context":58},55,{"file":40,"line":63,"context":58},57,{"file":40,"line":65,"context":58},75,{"file":40,"line":65,"context":58},{"file":40,"line":65,"context":58},{"file":40,"line":65,"context":58},{"file":40,"line":70,"context":58},77,{"file":40,"line":72,"context":58},79,{"file":40,"line":72,"context":58},{"file":40,"line":75,"context":58},89,{"file":40,"line":77,"context":58},95,{"file":40,"line":77,"context":58},{"file":40,"line":77,"context":58},{"file":40,"line":77,"context":58},[],[],{"summary":84,"deductions":85},"The \"last-video-widget\" plugin v0.1 exhibits a mixed security posture. On one hand, the absence of known CVEs and the use of prepared statements for SQL queries are positive indicators. The plugin also shows no external HTTP requests or file operations, reducing potential attack vectors. However, significant concerns arise from the code analysis. The presence of the \"create_function\" dangerous function is a notable risk, as it can be exploited for code injection if user input is not meticulously sanitized before being passed to it. Furthermore, the alarming statistic that 0% of its 16 outputs are properly escaped suggests a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. The lack of nonce checks and capability checks on its entry points, although the entry points are currently zero, leaves it open to potential future expansion with unauthenticated actions if not handled carefully. The vulnerability history is clean, which is good, but doesn't negate the immediate risks identified in the code analysis, especially the lack of output escaping.",[86,89,91,94],{"reason":87,"points":88},"Dangerous function detected (create_function)",15,{"reason":90,"points":88},"Output escaping is not implemented",{"reason":92,"points":93},"No nonce checks on entry points",5,{"reason":95,"points":93},"No capability checks on entry points","2026-03-16T23:56:33.355Z",{"wat":98,"direct":104},{"assetPaths":99,"generatorPatterns":101,"scriptPaths":102,"versionParams":103},[100],"\u002Fwp-content\u002Fplugins\u002Flast-video-widget\u002Flast-video-widget.php",[],[],[],{"cssClasses":105,"htmlComments":107,"htmlAttributes":108,"restEndpoints":115,"jsGlobals":116,"shortcodeOutput":117},[106],"Last_Video_Widget",[],[109,110,111,112,113,114],"id=\"last_video_widget-title\"","name=\"last_video_widget-title\"","id=\"last_video_widget-category\"","name=\"last_video_widget-category\"","id=\"last_video_widget-width\"","name=\"last_video_widget-width\"",[],[],[118],"[youtube width=\""]