[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5vI0BxAgNENvQueJa8Imzw7DPbe_BSWULSyLtmf8cgc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":118,"fingerprints":160},"laughing-squid-dashboard-widget","Laughing Squid Web Hosting News & Status WordPress Dashboard Widget","2.0","Shelby DeNike","https:\u002F\u002Fprofiles.wordpress.org\u002Fsdenike\u002F","\u003Cp>The Laughing Squid Web Hosting News & Status WordPress Dashboard Widget provides status information within your WordPress dashboard pulled directly from the \u003Ca href=\"http:\u002F\u002Flaughingsquidhosting.wordpress.com\u002F\" rel=\"nofollow ugc\">Laughing Squid Web Hosting News & Status blog\u003C\u002Fa>.\u003C\u002Fp>\n","The Laughing Squid Web Hosting News & Status WordPress Dashboard Widget provides status information within your dashboard from Laughing Squid Web  …",30,11844,0,"2016-12-07T18:15:00.000Z","4.7.32","3.1","",[19,20,21,22],"dashboard","hosting","news","widget","https:\u002F\u002Flaughingsquid.us","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flaughing-squid-dashboard-widget.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":11,"trust_score":33,"computed_at":34},"sdenike",2,40,84,"2026-04-05T00:09:21.011Z",[36,56,72,91,109],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":53,"download_link":54,"security_score":55,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"periscopio","Periscopio","1.0.0","Fernando Tellado","https:\u002F\u002Fprofiles.wordpress.org\u002Ffernandot\u002F","\u003Cp>Periscopio lets you replace the default “WordPress Events and News” dashboard widget with a fully customizable version that displays news from RSS feeds and events from the WordPress.org API.\u003C\u002Fp>\n\u003Cp>Perfect for agencies, developers, and site owners who want to display relevant news sources on the WordPress dashboard instead of the default WordPress.org news.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Replace or complement the default WordPress news widget\u003C\u002Fli>\n\u003Cli>Customizable widget title\u003C\u002Fli>\n\u003Cli>Events section with WordPress community events and editable location\u003C\u002Fli>\n\u003Cli>News section with aggregated RSS feeds sorted by date\u003C\u002Fli>\n\u003Cli>Add unlimited RSS feeds with URL validation before adding\u003C\u002Fli>\n\u003Cli>Configure items per feed and maximum total items displayed\u003C\u002Fli>\n\u003Cli>Configurable footer links for both events and news sections\u003C\u002Fli>\n\u003Cli>Automatic feed caching with configurable duration\u003C\u002Fli>\n\u003Cli>Fully translatable (all URLs are translatable for locale support)\u003C\u002Fli>\n\u003Cli>Clean, native WordPress admin styling\u003C\u002Fli>\n\u003Cli>Two-column settings page with meta box layout\u003C\u002Fli>\n\u003Cli>Cache management tools\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Default Feeds\u003C\u002Fh4>\n\u003Cp>The plugin comes pre-configured with these feeds (you can change them):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress News (wordpress.org)\u003C\u002Fli>\n\u003Cli>Matt Mullenweg’s blog (ma.tt)\u003C\u002Fli>\n\u003Cli>Make WordPress Project\u003C\u002Fli>\n\u003Cli>WordPress España News\u003C\u002Fli>\n\u003Cli>AyudaWP\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following external services:\u003C\u002Fp>\n\u003Ch4>WordPress.org Events API\u003C\u002Fh4>\n\u003Cp>This plugin uses the WordPress.org Events API to retrieve WordPress community events (meetups, WordCamps) near the user’s location. The user’s configured location and locale are sent to the API when the dashboard widget is loaded or when the location is updated in the settings page.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Service: \u003Ca href=\"https:\u002F\u002Fapi.wordpress.org\u002Fevents\u002F1.0\u002F\" rel=\"nofollow ugc\">WordPress.org Events API\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Data sent: city\u002Flocation name, user locale, and timezone\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\" rel=\"ugc\">WordPress.org Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>RSS feeds\u003C\u002Fh4>\n\u003Cp>This plugin fetches RSS feeds from URLs configured by the site administrator. By default it includes feeds from wordpress.org, ma.tt, make.wordpress.org, and ayudawp.com, but administrators can add, remove, or change feeds in the settings page. Feed content is cached locally for the configured cache duration.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: standard HTTP requests to the configured feed URLs\u003C\u002Fli>\n\u003Cli>No personal user data is transmitted to the feed providers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help or have suggestions?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fservicios.ayudawp.com\" rel=\"nofollow ugc\">Official website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fperiscopio\u002F\" rel=\"ugc\">WordPress support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002FAyudaWordPressES\" rel=\"nofollow ugc\">YouTube channel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fayudawp.com\" rel=\"nofollow ugc\">Documentation and tutorials\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Love the plugin? Please leave us a 5-star review and help spread the word!\u003C\u002Fp>\n\u003Ch3>About AyudaWP\u003C\u002Fh3>\n\u003Cp>We are specialists in WordPress security, SEO, and performance optimization plugins. We create tools that solve real problems for WordPress site owners while maintaining the highest coding standards and accessibility requirements.\u003C\u002Fp>\n","Replace the default WordPress News widget with your own customizable RSS feeds and events.",20,156,"2026-03-06T12:29:00.000Z","6.9.4","5.0","7.4",[19,51,21,52,22],"feeds","rss","https:\u002F\u002Fservicios.ayudawp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fperiscopio.1.0.0.zip",100,{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":55,"num_ratings":31,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":17,"download_link":70,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":71},"a-better-planet","A Better Planet","0.1","themefurnace","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemefurnace\u002F","\u003Cp>A Better Planet is a widget for your dashboard which will show up to date news, tutorials and resources from over 30 contributing sites.\u003Cbr \u002F>\nFor more information about the project visit the official site: http:\u002F\u002Fabetterplanetwp.com\u003C\u002Fp>\n\u003Cp>You may also follow the feed via RSS : http:\u002F\u002Fabetterplanetwp.com\u002Fmasterfeed\u003C\u002Fp>\n\u003Cp>And on Twitter : https:\u002F\u002Ftwitter.com\u002Fabetterplanetwp\u003C\u002Fp>\n\u003Cp>If you would like to submit your site, please do so at WPlift http:\u002F\u002Fwplift.com\u002Fcontact\u003C\u002Fp>\n\u003Cp>Thanks to WPtips for the code for the widget : http:\u002F\u002Fwpti.ps\u002Ffunctions\u002Fmake-latest-news-dashboard-widget\u003C\u002Fp>\n","A Better Planet is a widget for your dashboard which will show up to date news, tutorials and resources from over 30 contributing sites.",10,2983,"2013-05-22T12:09:00.000Z","3.6.1","3.2",[19,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fa-better-planet.zip","2026-03-15T14:54:45.397Z",{"slug":73,"name":74,"version":39,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":64,"downloaded":79,"rating":55,"num_ratings":80,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":17,"tags":84,"homepage":89,"download_link":90,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"better-press-newsfeed","Better Press Newsfeed","Andrew Norcross","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorcross\u002F","\u003Cp>A simple plugin to provide a dashboard widget for WP Tavern and Post Status news feeds. As the go-to news sites, some people want easy access to their news items. This gives you that.\u003C\u002Fp>\n","A plugin to provide a dashboard widget for WP Tavern and Post Status.",1923,1,"2014-04-17T17:04:00.000Z","3.9.40","3.0",[85,86,87,88],"dashboard-widgets","news-feeds","post-status","wp-tavern","http:\u002F\u002Freaktivstudios.com\u002Fcustom-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-press-newsfeed.1.0.0.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":64,"downloaded":99,"rating":13,"num_ratings":13,"last_updated":100,"tested_up_to":67,"requires_at_least":101,"requires_php":17,"tags":102,"homepage":107,"download_link":108,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"nova-dashboard-widget-bbc-news-politics","Nova Dashboard Widget – BBC News – Politics","1.0","Conor Lyons","https:\u002F\u002Fprofiles.wordpress.org\u002Fspike2828\u002F","\u003Cp>Welcome to the Nova Digital Media Dashboard Widget Plugin\u003C\u002Fp>\n\u003Cp>This plugin Adds the RSS Feed of BBC News Politics\u003C\u002Fp>\n\u003Ch3>Looking To Add All The BBC RSS Feeds To Your Dashboard?\u003C\u002Fh3>\n\u003Cp>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnova-dashboard-widget-bbc-news\u002F\" rel=\"ugc\">Look No Further\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Big Thanks to some of \u003Ca href=\"http:\u002F\u002Fwww.novadigitalmedia.com\" rel=\"nofollow ugc\">The Best local marketing experts In Essex\u003C\u002Fa> \u003Ca href=\"http:\u002F\u002Fwww.novadigitalmedia.com\" rel=\"nofollow ugc\">Nova Digital Media\u003C\u002Fa>\u003C\u002Fp>\n","The Nova Dashboard widget adds the BBC News Politics rss feed to your Dashboard",1674,"2013-10-12T10:48:00.000Z","3.0.1",[103,104,105,52,106],"bbc-news","dashboard-widget","nova-dashboard-widget","rss-feed","http:\u002F\u002Fwww.novadigitalmedia.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnova-dashboard-widget-bbc-news-politics.zip",{"slug":110,"name":111,"version":94,"author":95,"author_profile":96,"description":112,"short_description":113,"active_installs":64,"downloaded":114,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":67,"requires_at_least":101,"requires_php":17,"tags":115,"homepage":107,"download_link":116,"security_score":55,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":117},"nova-dashboard-widget-bbc-news-technology","Nova Dashboard Widget – BBC News – Technology","\u003Cp>Welcome to the Nova Digital Media Dashboard Widget Plugin\u003C\u002Fp>\n\u003Cp>This plugin Adds the RSS Feed of BBC News Technology\u003C\u002Fp>\n\u003Ch3>Looking To Add All The BBC RSS Feeds To Your Dashboard?\u003C\u002Fh3>\n\u003Cp>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnova-dashboard-widget-bbc-news\u002F\" rel=\"ugc\">Look No Further\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Big Thanks to some of \u003Ca href=\"http:\u002F\u002Fwww.novadigitalmedia.com\" rel=\"nofollow ugc\">The Best local marketing experts In Essex\u003C\u002Fa> \u003Ca href=\"http:\u002F\u002Fwww.novadigitalmedia.com\" rel=\"nofollow ugc\">Nova Digital Media\u003C\u002Fa>\u003C\u002Fp>\n","The Nova Dashboard widget adds the BBC News Technology rss feed to your Dashboard",1830,[103,104,105,52,106],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnova-dashboard-widget-bbc-news-technology.zip","2026-03-15T10:48:56.248Z",{"attackSurface":119,"codeSignals":140,"taintFlows":150,"riskAssessment":151,"analyzedAt":159},{"hooks":120,"ajaxHandlers":136,"restRoutes":137,"shortcodes":138,"cronEvents":139,"entryPointCount":13,"unprotectedCount":13},[121,127,132],{"type":122,"name":123,"callback":124,"file":125,"line":126},"action","wp_dashboard_setup","ls_rss_add_dashboard_widget","laughing-squid-dashboard-widget.php",62,{"type":122,"name":128,"callback":129,"priority":130,"file":125,"line":131},"admin_bar_menu","lshosting_links",31,67,{"type":122,"name":133,"callback":134,"file":125,"line":135},"init","LSHostingMenuInit",103,[],[],[],[],{"dangerousFunctions":141,"sqlUsage":142,"outputEscaping":144,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":80,"bundledLibraries":149},[],{"prepared":13,"raw":13,"locations":143},[],{"escaped":80,"rawEcho":80,"locations":145},[146],{"file":125,"line":147,"context":148},48,"raw output",[],[],{"summary":152,"deductions":153},"The \"laughing-squid-dashboard-widget\" plugin v2.0 exhibits a strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface.  Furthermore, the plugin demonstrates good development practices by utilizing prepared statements for all SQL queries and avoiding dangerous functions, file operations, and external HTTP requests.\n\nWhile the static analysis reveals no critical or high-severity vulnerabilities in taint flows and a clean vulnerability history with no known CVEs, there are minor areas for improvement. The plugin has only two output points, with one being improperly escaped, which could present a low-risk cross-site scripting (XSS) vulnerability if user-controlled data is involved. The lack of nonce checks on any entry points, though the entry points are currently zero, could become a concern if future updates introduce them without proper security measures.\n\nOverall, the plugin appears to be developed with security in mind, evidenced by its minimal attack surface and proper data handling in SQL. The vulnerability history being completely clear is a positive indicator. However, the single instance of unescaped output warrants attention, even if the attack surface is currently small.",[154,157],{"reason":155,"points":156},"Unescaped output detected",5,{"reason":158,"points":31},"No nonce checks implemented","2026-03-16T22:32:58.729Z",{"wat":161,"direct":166},{"assetPaths":162,"generatorPatterns":163,"scriptPaths":164,"versionParams":165},[],[],[],[],{"cssClasses":167,"htmlComments":168,"htmlAttributes":169,"restEndpoints":170,"jsGlobals":171,"shortcodeOutput":172},[],[],[],[],[],[]]