[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgTFIIR3rDayqZoMd49akkL5sJMb7T4q-fkmg5R5ZD4Q":3,"$fUVADdBoZb6SjY1m-MgQx-MeKvufLgaxUSf5PI4xBFGg":176,"$f6UqQIfDo3MlZO03iePAnr4ca-0rfVB364HZXclhN8UY":181},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":65,"crawl_stats":36,"alternatives":69,"analysis":91,"fingerprints":156},"last-viewed-posts","Last Viewed Posts by WPBeginner","1.0.2","jottlieb","https:\u002F\u002Fprofiles.wordpress.org\u002Fjottlieb\u002F","\u003Cp>Installing this will allow you to use a widget or template tag to show your site’s visitors a personalized list of posts and pages they have viewed.\u003C\u002Fp>\n\u003Cp>The list of posts is saved in each visitor’s web browser, so even if you get millions of visitors a month it won’t affect the performance of your website.\u003C\u002Fp>\n\u003Cp>Note: It doesn’t store a global list of recently viewed posts by all users. Nothing is stored in your site’s database. Every visitor has a custom lists of posts and pages they have viewed.\u003C\u002Fp>\n\u003Cp>If JavaScript is disabled or no single post has been clicked, no output will be displayed.\u003C\u002Fp>\n\u003Cp>The plugin comes with a widget and a template tag.\u003C\u002Fp>\n\u003Cp>This plugin has been adopted and maintained by \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\" title=\"WPBeginner - WordPress Tutorials for Beginners\" rel=\"nofollow ugc\">WPBeginner\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>What’s Next?\u003C\u002Fh4>\n\u003Cp>To learn more about WordPress, you can visit \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002F\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa> for tutorials on topics like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fwordpress-performance-speed\u002F\" title=\"Ultimate Guide to WordPress Speed and Performance\" rel=\"friend nofollow ugc\">WordPress Speed and Performance\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fwordpress-security\u002F\" title=\"Ultimate WordPress Security Guide\" rel=\"friend nofollow ugc\">WordPress Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fwordpress-seo\u002F\" title=\"Ultimate WordPress SEO Guide for Beginners\" rel=\"friend nofollow ugc\">WordPress SEO\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>…and many more \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress tutorials\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you like our Last Viewed Posts plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptinmonster.com\u002F\" rel=\"friend nofollow ugc\">OptinMonster\u003C\u002Fa> – Get More Email Subscribers with the most popular conversion optimization plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – #1 drag & drop online form builder for WordPress (trusted by 4 million sites).\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> – See the Stats that Matter and Grow Your Business with Confidence. Best Google Analytics Plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.seedprod.com\u002F\" rel=\"friend nofollow ugc\">SeedProd\u003C\u002Fa> – Create beautiful landing pages with our powerful drag & drop landing page builder.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmailsmtp.com\u002F\" rel=\"friend nofollow ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frafflepress.com\u002F\" rel=\"friend nofollow ugc\">RafflePress\u003C\u002Fa> – Best WordPress giveaway and contest plugin to grow traffic and social followers.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.smashballoon.com\u002F\" rel=\"friend nofollow ugc\">Smash Balloon\u003C\u002Fa> – #1 social feeds plugin for WordPress – display social media content in WordPress without code.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Faioseo.com\u002F\" rel=\"friend nofollow ugc\">AIOSEO\u003C\u002Fa> – the original WordPress SEO plugin to help you rank higher in search results (trusted by over 2 million sites).\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pushengage.com\u002F\" rel=\"friend nofollow ugc\">PushEngage\u003C\u002Fa> – Connect with visitors after they leave your website with the leading web push notification plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftrustpulse.com\u002F\" rel=\"friend nofollow ugc\">TrustPulse\u003C\u002Fa> – Add real-time social proof notifications to boost your store conversions by up to 15%.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa> to learn from our \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" rel=\"friend nofollow ugc\">WordPress Tutorials\u003C\u002Fa> and find out about other \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F\" rel=\"friend nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","This shows your site's visitors a personalized list of posts and pages they have recently viewed.",500,22817,46,3,"2024-12-09T19:37:00.000Z","6.7.5","4.9","5.6",[4,20,21],"recently-viewed-posts","visited-posts","http:\u002F\u002Fwww.wpbeginner.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.1.0.2.zip",88,2,0,"2024-12-10 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[31,48],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":27,"updated_date":42,"references":43,"days_to_patch":45,"patch_diff_files":46,"patch_trac_url":36,"research_status":36,"research_verified":47,"research_rounds_completed":26,"research_plan":36,"research_summary":36,"research_vulnerable_code":36,"research_fix_diff":36,"research_exploit_outline":36,"research_model_used":36,"research_started_at":36,"research_completed_at":36,"research_error":36,"poc_status":36,"poc_video_id":36,"poc_summary":36,"poc_steps":36,"poc_tested_at":36,"poc_wp_version":36,"poc_php_version":36,"poc_playwright_script":36,"poc_exploit_code":36,"poc_has_trace":47,"poc_model_used":36,"poc_verification_depth":36},"CVE-2024-12294","last-viewed-posts-by-wpbeginner-unauthenticated-sensitive-information-exposure","Last Viewed Posts by WPBeginner \u003C= 1.0.1 - Unauthenticated Sensitive Information Exposure","The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1 via the 'get_legacy_cookies' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and permalinks of private, password-protected, pending, and draft posts.",null,"\u003C=1.0.1","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Improper Access Control","2024-12-11 10:58:00",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdb838a3f-6afa-4686-8e6a-01edab2dcc96?source=api-prod",1,[],false,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":36,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63,"patch_diff_files":64,"patch_trac_url":36,"research_status":36,"research_verified":47,"research_rounds_completed":26,"research_plan":36,"research_summary":36,"research_vulnerable_code":36,"research_fix_diff":36,"research_exploit_outline":36,"research_model_used":36,"research_started_at":36,"research_completed_at":36,"research_error":36,"poc_status":36,"poc_video_id":36,"poc_summary":36,"poc_steps":36,"poc_tested_at":36,"poc_wp_version":36,"poc_php_version":36,"poc_playwright_script":36,"poc_exploit_code":36,"poc_has_trace":47,"poc_model_used":36,"poc_verification_depth":36},"CVE-2024-3070","last-viewed-posts-by-wpbeginner-unauthenticated-php-object-injection","Last Viewed Posts by WPBeginner \u003C= 1.0.0 - Unauthenticated PHP Object Injection","The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input from the LastViewedPosts Cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.","\u003C=1.0.0","1.0.1","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2024-05-02 00:00:00","2024-05-09 20:03:37",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb6c5cc05-b147-46f6-aaa9-4c82aae1b544?source=api-prod",8,[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":45,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":66,"trust_score":67,"computed_at":68},5,92,"2026-05-20T02:36:39.875Z",[70],{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":26,"downloaded":78,"rating":26,"num_ratings":26,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":82,"tags":83,"homepage":88,"download_link":89,"security_score":90,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":28},"arewa-recently-viewed-content","Arewa Recently Viewed Content","2.0.6","arewadev","https:\u002F\u002Fprofiles.wordpress.org\u002Farewadev\u002F","\u003Cp>Arewa Recently Viewed Content is a lightweight and professional WordPress plugin that tracks and displays recently viewed content for both logged-in and guest users. All data is stored on your server; no external tracking or third-party services are used.\u003C\u002Fp>\n\u003Cp>When users are logged in, viewing history is saved to their user account. When they are not logged in, the plugin uses cookies to store history locally. After login, cookie-based history is automatically merged into the user account so nothing is lost. The plugin is designed to work correctly in WebView and mobile app contexts, supports multiple content types and layouts, and is optimized for performance and user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Highlights:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Dual Tracking System\u003C\u002Fstrong>: Tracks viewing history for both logged-in users (via user meta) and guest users (via cookies)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Sync\u003C\u002Fstrong>: Merges guest history into user account upon login\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy-Friendly\u003C\u002Fstrong>: No external tracking services or third-party dependencies\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Layouts\u003C\u002Fstrong>: Choose from Video, Article, Shop, and Carousel layouts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Compatible\u003C\u002Fstrong>: Dedicated shop layout for product tracking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile & WebView Ready\u003C\u002Fstrong>: Works seamlessly in mobile apps and WebView environments\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance Optimized\u003C\u002Fstrong>: Efficient database queries and caching mechanisms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully Responsive\u003C\u002Fstrong>: All layouts adapt beautifully to any screen size\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin is ideal for news sites, blogs, online stores, video platforms, and any WordPress site that wants to improve user engagement by showing personalized recently viewed content.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Recently Viewed Tracking\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatic tracking of posts, pages, products, and custom post types\u003C\u002Fli>\n\u003Cli>Configurable maximum items (default: 100 for logged-in users, 50 for guests)\u003C\u002Fli>\n\u003Cli>Timestamp-based ordering (most recent first)\u003C\u002Fli>\n\u003Cli>Duplicate prevention with automatic repositioning\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Logged-in users: History stored in user meta\u003C\u002Fli>\n\u003Cli>Guest users: History stored in cookies (30-day expiration)\u003C\u002Fli>\n\u003Cli>Automatic merge on login\u003C\u002Fli>\n\u003Cli>Per-user history management\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Layout Options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Video Layout: Media-focused grid with overlay text\u003C\u002Fli>\n\u003Cli>Article Layout: Magazine-style responsive grid\u003C\u002Fli>\n\u003Cli>Shop Layout: WooCommerce product grid or carousel\u003C\u002Fli>\n\u003Cli>Carousel Layout: Horizontal scrolling with navigation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shortcode-based rendering with multiple parameters\u003C\u002Fli>\n\u003Cli>Configurable items per page\u003C\u002Fli>\n\u003Cli>Show\u002Fhide images and dates\u003C\u002Fli>\n\u003Cli>Pagination support\u003C\u002Fli>\n\u003Cli>Post type filtering\u003C\u002Fli>\n\u003Cli>Category and taxonomy filtering\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Privacy & Security\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No external tracking services\u003C\u002Fli>\n\u003Cli>GDPR-friendly cookie usage\u003C\u002Fli>\n\u003Cli>Secure nonce verification\u003C\u002Fli>\n\u003Cli>Data sanitization and validation\u003C\u002Fli>\n\u003Cli>Optional data removal on uninstall\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Performance\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optimized database queries\u003C\u002Fli>\n\u003Cli>Efficient post retrieval\u003C\u002Fli>\n\u003Cli>No impact on page load times\u003C\u002Fli>\n\u003Cli>Clean code following WordPress standards\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Compatibility\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works with any WordPress theme\u003C\u002Fli>\n\u003Cli>WooCommerce integration\u003C\u002Fli>\n\u003Cli>Mobile app and WebView support\u003C\u002Fli>\n\u003Cli>Multisite compatible\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>For Logged-In Users:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When a logged-in user views a post, page, or product, the plugin automatically saves the post ID, post type, and timestamp to the user’s meta data. The history is stored in the database under the meta key \u003Ccode>arewa_recently_viewed\u003C\u002Fcode> and persists across sessions and devices.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For Guest Users:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When a guest (non-logged-in) user views content, the plugin stores the viewing history in a browser cookie named \u003Ccode>arewa_recently_viewed\u003C\u002Fcode>. The cookie expires after 30 days and is accessible across the same browser sessions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic Sync on Login:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When a guest user logs in, the plugin automatically:\u003Cbr \u002F>\n1. Reads the guest history from the cookie\u003Cbr \u002F>\n2. Merges it with any existing user history\u003Cbr \u002F>\n3. Removes duplicates (keeping the most recent timestamp)\u003Cbr \u002F>\n4. Saves the merged history to user meta\u003Cbr \u002F>\n5. Clears the guest cookie\u003C\u002Fp>\n\u003Cp>This ensures a seamless experience where users never lose their browsing history when they log in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Revisiting Content:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When a user revisits previously viewed content, the plugin:\u003Cbr \u002F>\n1. Updates the timestamp to the current time\u003Cbr \u002F>\n2. Moves the item to the first position in the history\u003Cbr \u002F>\n3. Maintains the most-recent-first ordering\u003C\u002Fp>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Basic Usage:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Displays recently viewed content using default settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Layout Types:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history layout_type=\"video\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Displays content in video\u002Fmedia layout with overlay text.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history layout_type=\"article\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Displays content in magazine-style article layout.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history layout_type=\"shop\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Displays WooCommerce products in shop layout.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history layout_type=\"carousel\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Displays content in horizontal scrolling carousel.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Display Options:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history limit=\"10\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Limits the number of items displayed.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history show_image=\"yes\" show_date=\"yes\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Controls visibility of images and dates.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history pagination=\"yes\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Enables pagination for large histories.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history show_clear_all_history=\"no\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Hides the “Clear All History” button. Default is “yes” (button visible).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Filtering:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history post_type=\"post\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Shows only blog posts.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history post_type=\"product\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Shows only WooCommerce products.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history category=\"news,sports\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Filters by category names or slugs.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history taxonomy=\"genre:action,comedy\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Filters by custom taxonomy terms.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Combined Examples:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[watch_history layout_type=\"article\" limit=\"6\" show_date=\"yes\"]\n\n[watch_history layout_type=\"shop\" post_type=\"product\" limit=\"8\"]\n\n[watch_history layout_type=\"carousel\" limit=\"12\" pagination=\"no\"]\n\n[watch_history layout_type=\"carousel\" post_type=\"movies\" limit=\"20\" pagination=\"no\" show_clear_all_history=\"no\"]\u003Ch3>Layout Types\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Video Layout\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A grid-based layout optimized for video content and media. Features:\u003Cbr \u002F>\n* Responsive grid (configurable columns)\u003Cbr \u002F>\n* Large thumbnail images\u003Cbr \u002F>\n* Overlay text with title and metadata\u003Cbr \u002F>\n* Play button icon overlay\u003Cbr \u002F>\n* Hover effects\u003Cbr \u002F>\n* Best for: Video sites, media libraries, movie databases\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Article Layout\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A magazine-style layout perfect for blog posts and articles. Features:\u003Cbr \u002F>\n* 2-column grid on desktop and tablet\u003Cbr \u002F>\n* 1-column on mobile devices\u003Cbr \u002F>\n* Featured images with gradient overlay\u003Cbr \u002F>\n* Excerpt display\u003Cbr \u002F>\n* Category badges\u003Cbr \u002F>\n* “Continue Reading” button\u003Cbr \u002F>\n* Best for: Blogs, news sites, magazine-style websites\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Shop Layout\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A WooCommerce-optimized layout for product display. Features:\u003Cbr \u002F>\n* Product images with sale badges\u003Cbr \u002F>\n* Price display\u003Cbr \u002F>\n* “Add to Cart” button\u003Cbr \u002F>\n* “View Product” link\u003Cbr \u002F>\n* Stock status indicators\u003Cbr \u002F>\n* Recently viewed badge\u003Cbr \u002F>\n* Best for: Online stores, WooCommerce shops\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Carousel Layout\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A horizontal scrolling layout with navigation controls. Features:\u003Cbr \u002F>\n* Smooth horizontal scrolling\u003Cbr \u002F>\n* Previous\u002FNext navigation buttons\u003Cbr \u002F>\n* Dot indicators\u003Cbr \u002F>\n* Touch\u002Fswipe support\u003Cbr \u002F>\n* Auto-height adjustment\u003Cbr \u002F>\n* Responsive breakpoints\u003Cbr \u002F>\n* Best for: Homepage widgets, sidebar displays, featured content\u003C\u002Fp>\n","Track and display recently viewed content for both logged-in and guest users with automatic history sync and multiple layout options.",266,"2026-02-27T18:54:00.000Z","6.9.4","5.8","7.4",[20,84,85,86,87],"recently-viewed-products","recently-viewed","user-history","woocommerce","https:\u002F\u002Farewa.dev\u002Farewa-recently-viewed-content\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farewa-recently-viewed-content.2.0.6.zip",100,{"attackSurface":92,"codeSignals":117,"taintFlows":139,"riskAssessment":140,"analyzedAt":155},{"hooks":93,"ajaxHandlers":113,"restRoutes":114,"shortcodes":115,"cronEvents":116,"entryPointCount":26,"unprotectedCount":26},[94,100,103,108,110],{"type":95,"name":96,"callback":97,"file":98,"line":99},"action","wp_enqueue_scripts","anonymous","inc\\namespace.php",12,{"type":95,"name":101,"callback":97,"file":98,"line":102},"widgets_init",13,{"type":104,"name":105,"callback":106,"priority":66,"file":98,"line":107},"filter","am.last_viewed_posts.expiration_period","closure",36,{"type":104,"name":109,"callback":106,"priority":66,"file":98,"line":13},"am.last_viewed_posts.number_posts_to_display",{"type":104,"name":111,"callback":106,"priority":66,"file":98,"line":112},"am.last_viewed_posts.post_types",56,[],[],[],[],{"dangerousFunctions":118,"sqlUsage":119,"outputEscaping":121,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":138},[],{"prepared":26,"raw":26,"locations":120},[],{"escaped":66,"rawEcho":122,"locations":123},7,[124,128,130,132,134,135,137],{"file":125,"line":126,"context":127},"inc\\class-widget.php",47,"raw output",{"file":125,"line":129,"context":127},50,{"file":125,"line":131,"context":127},55,{"file":125,"line":133,"context":127},61,{"file":125,"line":90,"context":127},{"file":125,"line":136,"context":127},101,{"file":125,"line":136,"context":127},[],[],{"summary":141,"deductions":142},"The \"last-viewed-posts\" plugin v1.0.2 exhibits a mixed security posture. On the positive side, the static analysis shows no identified entry points such as AJAX handlers, REST API routes, or shortcodes that are directly exposed without authentication. The code also demonstrates good practices with 100% of SQL queries using prepared statements and no identified dangerous functions or file operations.  However, a significant concern is the moderate output escaping, with only 42% of outputs properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if data is not handled carefully before being displayed.\n\nThe plugin's vulnerability history is a major red flag. With two known CVEs, including one critical and one medium, and a recent vulnerability discovered in December 2024, it indicates a pattern of past security weaknesses. The common vulnerability types of Improper Access Control and Deserialization of Untrusted Data suggest that the plugin has historically struggled with securely handling user input and managing permissions.  While there are currently no unpatched vulnerabilities, the existence of past critical issues and the lack of any capability checks or nonce checks in the static analysis are concerning, especially given the historical context.\n\nIn conclusion, while the current static analysis does not reveal immediate, exploitable attack vectors, the plugin's past vulnerability history, particularly critical ones, combined with the moderate output escaping and absence of capability checks, presents a significant risk.  Users should exercise caution and consider whether the benefits of the plugin outweigh the potential risks and the ongoing need for vigilant monitoring and potential future patching.",[143,145,148,151,153],{"reason":144,"points":66},"Unescaped output detected (58% not escaped)",{"reason":146,"points":147},"Past critical vulnerability (1)",20,{"reason":149,"points":150},"Past medium vulnerability (1)",10,{"reason":152,"points":66},"No capability checks",{"reason":154,"points":66},"No nonce checks","2026-03-16T19:35:47.458Z",{"wat":157,"direct":164},{"assetPaths":158,"generatorPatterns":160,"scriptPaths":161,"versionParams":162},[159],"\u002Fwp-content\u002Fplugins\u002Flast-viewed-posts\u002Fassets\u002Findex.js",[],[159],[163,163],"am.view_last_posts?ver=",{"cssClasses":165,"htmlComments":168,"htmlAttributes":169,"restEndpoints":170,"jsGlobals":171,"shortcodeOutput":173},[166,167],"am.last-viewed-posts.display-none","viewed_posts",[],[],[],[172],"amViewLastPosts",[174,175],"\u003Cul class=\"viewed_posts am.last-viewed-posts.display-none\">\u003C\u002Ful>","\u003Cscript>\n\t\t( 'amViewLastPosts' in window && 'script' in amViewLastPosts && amViewLastPosts.script(amViewLastPosts.settings, window, document) )\n\t\u003C\u002Fscript>",{"error":177,"url":178,"statusCode":179,"statusMessage":180,"message":180},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Flast-viewed-posts\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":63,"versions":182},[183,188,195,204,213,222,231,240],{"version":6,"download_url":23,"svn_tag_url":184,"released_at":36,"has_diff":47,"diff_files_changed":185,"diff_lines":36,"trac_diff_url":186,"vulnerabilities":187,"is_current":177},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flast-viewed-posts%2Ftags%2F1.0.1&new_path=%2Flast-viewed-posts%2Ftags%2F1.0.2",[],{"version":54,"download_url":189,"svn_tag_url":190,"released_at":36,"has_diff":47,"diff_files_changed":191,"diff_lines":36,"trac_diff_url":192,"vulnerabilities":193,"is_current":47},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flast-viewed-posts%2Ftags%2F1.0.0&new_path=%2Flast-viewed-posts%2Ftags%2F1.0.1",[194],{"id":32,"url_slug":33,"title":34,"severity":38,"cvss_score":39,"vuln_type":41,"patched_in_version":6},{"version":196,"download_url":197,"svn_tag_url":198,"released_at":36,"has_diff":47,"diff_files_changed":199,"diff_lines":36,"trac_diff_url":200,"vulnerabilities":201,"is_current":47},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F1.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flast-viewed-posts%2Ftags%2F0.7.3&new_path=%2Flast-viewed-posts%2Ftags%2F1.0.0",[202,203],{"id":49,"url_slug":50,"title":51,"severity":55,"cvss_score":56,"vuln_type":58,"patched_in_version":54},{"id":32,"url_slug":33,"title":34,"severity":38,"cvss_score":39,"vuln_type":41,"patched_in_version":6},{"version":205,"download_url":206,"svn_tag_url":207,"released_at":36,"has_diff":47,"diff_files_changed":208,"diff_lines":36,"trac_diff_url":209,"vulnerabilities":210,"is_current":47},"0.7.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.0.7.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F0.7.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flast-viewed-posts%2Ftags%2F0.7.2&new_path=%2Flast-viewed-posts%2Ftags%2F0.7.3",[211,212],{"id":49,"url_slug":50,"title":51,"severity":55,"cvss_score":56,"vuln_type":58,"patched_in_version":54},{"id":32,"url_slug":33,"title":34,"severity":38,"cvss_score":39,"vuln_type":41,"patched_in_version":6},{"version":214,"download_url":215,"svn_tag_url":216,"released_at":36,"has_diff":47,"diff_files_changed":217,"diff_lines":36,"trac_diff_url":218,"vulnerabilities":219,"is_current":47},"0.7.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.0.7.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F0.7.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flast-viewed-posts%2Ftags%2F0.7.1&new_path=%2Flast-viewed-posts%2Ftags%2F0.7.2",[220,221],{"id":49,"url_slug":50,"title":51,"severity":55,"cvss_score":56,"vuln_type":58,"patched_in_version":54},{"id":32,"url_slug":33,"title":34,"severity":38,"cvss_score":39,"vuln_type":41,"patched_in_version":6},{"version":223,"download_url":224,"svn_tag_url":225,"released_at":36,"has_diff":47,"diff_files_changed":226,"diff_lines":36,"trac_diff_url":227,"vulnerabilities":228,"is_current":47},"0.7.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.0.7.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F0.7.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flast-viewed-posts%2Ftags%2F0.7&new_path=%2Flast-viewed-posts%2Ftags%2F0.7.1",[229,230],{"id":49,"url_slug":50,"title":51,"severity":55,"cvss_score":56,"vuln_type":58,"patched_in_version":54},{"id":32,"url_slug":33,"title":34,"severity":38,"cvss_score":39,"vuln_type":41,"patched_in_version":6},{"version":232,"download_url":233,"svn_tag_url":234,"released_at":36,"has_diff":47,"diff_files_changed":235,"diff_lines":36,"trac_diff_url":236,"vulnerabilities":237,"is_current":47},"0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flast-viewed-posts%2Ftags%2F0.6&new_path=%2Flast-viewed-posts%2Ftags%2F0.7",[238,239],{"id":49,"url_slug":50,"title":51,"severity":55,"cvss_score":56,"vuln_type":58,"patched_in_version":54},{"id":32,"url_slug":33,"title":34,"severity":38,"cvss_score":39,"vuln_type":41,"patched_in_version":6},{"version":241,"download_url":242,"svn_tag_url":243,"released_at":36,"has_diff":47,"diff_files_changed":244,"diff_lines":36,"trac_diff_url":36,"vulnerabilities":245,"is_current":47},"0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-viewed-posts.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flast-viewed-posts\u002Ftags\u002F0.6\u002F",[],[246,247],{"id":49,"url_slug":50,"title":51,"severity":55,"cvss_score":56,"vuln_type":58,"patched_in_version":54},{"id":32,"url_slug":33,"title":34,"severity":38,"cvss_score":39,"vuln_type":41,"patched_in_version":6}]