[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fP3x4LFG7BtKeW-iMczvotV08d3JFUcunLw8h05FMhxY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":57,"crawl_stats":37,"alternatives":62,"analysis":161,"fingerprints":259},"link-view","Link View","0.8.0","mibuthu","https:\u002F\u002Fprofiles.wordpress.org\u002Fmibuthu\u002F","\u003Cp>The purpose of this plugin is to to show the wordpress integrated links in a list or a slider by using a shortcode or a widget.\u003C\u002Fp>\n\u003Ch4>Current Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>the shortcode [linkview] can be used to add the links in a post or page\u003C\u002Fli>\n\u003Cli>the widget “LinkView” can be used to add links in a sidebar\u003C\u002Fli>\n\u003Cli>the links can be displayed in a list or in a slider\u003C\u002Fli>\n\u003Cli>there are many options available to adjust the output of the links (see shortcode options in the “About LinkView” page)\u003C\u002Fli>\n\u003Cli>the image of the link can also be displayed\u003C\u002Fli>\n\u003Cli>categories and\u002For links can be displayed in multicolumn layout\u003C\u002Fli>\n\u003Cli>option to set additional css styles for the link-lists and link-sliders\u003C\u002Fli>\n\u003Cli>the required user roles to edit links can be adjusted in the settings page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Development:\u003C\u002Fh4>\n\u003Cp>If you want to follow the development status have a look at the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmibuthu\u002Fwp-link-view\" title=\"wp-link-view git-repository\" rel=\"nofollow ugc\">git-repository on github\u003C\u002Fa>.\u003Cbr \u002F>\nFeel free to add your merge requests there, if you want to help to improve the plugin.\u003C\u002Fp>\n\u003Ch4>Translations:\u003C\u002Fh4>\n\u003Cp>Please help translating this plugin into multiple languages.\u003Cbr \u002F>\nYou can submit your translations at \u003Ca href=\"https:\u002F\u002Fwww.transifex.com\u002Fprojects\u002Fp\u002Fwp-link-view\" title=\"wp-link-view at transifex\" rel=\"nofollow ugc\">transifex.com\u003C\u002Fa>.\u003Cbr \u002F>\nThere the source strings will be kept in sync with the actual development version. And in each plugin release the available translation files will be updated.\u003C\u002Fp>\n","Display a link-list or link-slider in a post or page by using a shortcode.",800,54976,94,11,"2020-11-29T19:33:00.000Z","5.6.17","4.9","5.6",[20,21,22,23,24],"blogroll","link","links","linkview","view","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flink-view\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flink-view.0.8.0.zip",42,2,"2025-08-25 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-48110","link-view-authenticated-contributor-stored-cross-site-scripting","Link View \u003C= 0.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Link View plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=0.8.0","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-03 20:11:55",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0cebc614-7ceb-49ed-96d7-57f7cc61c396?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":51,"cvss_vector":52,"vuln_type":42,"published_date":53,"updated_date":54,"references":55,"days_to_patch":37},"CVE-2025-49039","link-view-authenticated-administrator-stored-cross-site-scripting","Link View \u003C= 0.8.0 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Link View plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2025-08-19 00:00:00","2025-08-25 18:07:19",[56],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa745ce1b-13fd-470d-9685-62dfc11c9bd5?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":58,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":59,"trust_score":60,"computed_at":61},1,30,53,"2026-04-04T05:01:57.493Z",[63,83,104,124,143],{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":78,"tags":79,"homepage":78,"download_link":80,"security_score":81,"vuln_count":82,"unpatched_count":82,"last_vuln_date":37,"fetched_at":30},"link-manager","Link Manager","0.1-beta","Andrew Nacin","https:\u002F\u002Fprofiles.wordpress.org\u002Fnacin\u002F","\u003Cp>In WordPress 3.5, the Link Manager (which some use to build blogrolls) will\u003Cbr \u002F>\nbe disabled by default. If you have links when you update, it’ll still be there.\u003Cbr \u002F>\nBut you can use this plugin to ensure it will always be there, even if you\u003Cbr \u002F>\nupdate to a later version of WordPress or remove all of your current links.\u003C\u002Fp>\n","Enables the Link Manager that existed in WordPress until version 3.5.",20000,417113,90,33,"2017-11-28T04:40:00.000Z","6.1.10","3.5","",[20,64,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flink-manager.zip",85,0,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":77,"requires_php":78,"tags":97,"homepage":78,"download_link":103,"security_score":81,"vuln_count":82,"unpatched_count":82,"last_vuln_date":37,"fetched_at":30},"display-all-image-sizes","Display All Image Sizes","1.1.6","pressupinc","https:\u002F\u002Fprofiles.wordpress.org\u002Fpressupinc\u002F","\u003Ch4>View and Use Every Size of Your Images\u003C\u002Fh4>\n\u003Cp>When you upload an image to your WordPress site, WordPress auto-generates lots of sizes of it. However, there aren’t many good ways to see and use those sizes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The Media Attachment page in “Media” doesn’t list anything about the different image sizes, or the permalinks to use them.\u003C\u002Fli>\n\u003Cli>“Add Media” in the post editor doesn’t always show you all the sizes that exist (such as sizes intended for featured images).\u003C\u002Fli>\n\u003Cli>There’s no easy way to simply copy a custom-sized image’s permalink.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Until now! Display All Image Sizes displays information about every size of every image: name, dimensions, and permalink.\u003C\u002Fp>\n\u003Ch4>How to Use\u003C\u002Fh4>\n\u003Cp>Just install and activate the plugin, and you’ll see a list of all sizes of each image in both the “Add Media” pop-up modal, and in each image’s individual page in “Media.” (See Screenshots.)\u003C\u002Fp>\n\u003Ch4>Anything else?\u003C\u002Fh4>\n\u003Cp>Well, read \u003Ca href=\"http:\u002F\u002Fwpshout.com\u002F\" rel=\"nofollow ugc\">read WPShout\u003C\u002Fa> for WordPress news and tutorials! And \u003Ca href=\"http:\u002F\u002Fpressupinc.com\u002F\" rel=\"nofollow ugc\">contact us\u003C\u002Fa> if you need help with WordPress.\u003C\u002Fp>\n\u003Cp>Image credit for banner: \u003Ca href=\"https:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Fwwworks\u002F\" rel=\"nofollow ugc\">woodleywonderworks\u003C\u002Fa>\u003C\u002Fp>\n","Displays all sizes of each image, including name, dimensions, and permalink for each size.",1000,27093,100,10,"2017-05-04T18:52:00.000Z","4.7.32",[98,99,100,101,102],"different-image-sizes","image-sizes","picture-sizes","view-image-size-links","view-image-sizes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-all-image-sizes.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":91,"downloaded":112,"rating":93,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":78,"tags":117,"homepage":121,"download_link":122,"security_score":123,"vuln_count":82,"unpatched_count":82,"last_vuln_date":37,"fetched_at":30},"eazy-enable-blogroll","Eazy Enable Blogroll","1.0.2","Tamás","https:\u002F\u002Fprofiles.wordpress.org\u002Fplaywithpixels\u002F","\u003Cp>You missed the Blogroll. But now the sad times are over! Eazy Enable Blorgroll helps you unleash the full control of your links to partners \u002F affiliates \u002F friends and other interesting stuff on the interwebs.\u003C\u002Fp>\n","Eazy Enable Blogroll brings back the one and only WordPress Blogroll Feature, with nearly one click!",23286,7,"2024-04-03T17:06:00.000Z","6.5.8","3.5.0",[20,118,119,120,22],"easy","eazy","enable","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Feazy-enable-blogroll\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feazy-enable-blogroll.1.0.2.zip",92,{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":82,"num_ratings":82,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":137,"tags":138,"homepage":141,"download_link":142,"security_score":93,"vuln_count":82,"unpatched_count":82,"last_vuln_date":37,"fetched_at":30},"blogroll-links","Blogroll Links","3.0.0","rajivpant","https:\u002F\u002Fprofiles.wordpress.org\u002Frajivpant\u002F","\u003Cp>Blogroll Links is a WordPress plugin that displays your site’s link bookmarks (formerly called “blogroll”) within posts and pages using a simple shortcode.\u003C\u002Fp>\n\u003Cp>For people who maintain their website or blog using the WordPress content management system, Blogroll Links uses WordPress’ built-in Links feature and presents links to friends’ pages, resources, and social networking profiles.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display links by category using the category slug\u003C\u002Fli>\n\u003Cli>Customizable sorting (by name, URL, rating, or ID)\u003C\u002Fli>\n\u003Cli>Honors link visibility settings (show\u002Fhidden)\u003C\u002Fli>\n\u003Cli>Respects target window settings for each link\u003C\u002Fli>\n\u003Cli>Displays link descriptions and images if available\u003C\u002Fli>\n\u003Cli>Works with WordPress’ built-in Links Manager\u003C\u002Fli>\n\u003Cli>Supports XFN (XHTML Friends Network) relationship tags\u003C\u002Fli>\n\u003Cli>Full PHP 8+ compatibility\u003C\u002Fli>\n\u003Cli>Secure: Protected against SQL injection, XSS, and CSRF attacks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Add this shortcode to any post or page:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[blogroll-links categoryslug=\"my-links\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Full Shortcode Options\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>[blogroll-links categoryslug=\"my-links\" sortby=\"link_name\" sortorder=\"asc\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Parameters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>categoryslug\u003C\u002Fcode> – The slug of the link category to display (required)\u003C\u002Fli>\n\u003Cli>\u003Ccode>sortby\u003C\u002Fcode> – Sort field: link_name, link_url, link_rating, link_id (default: link_name)\u003C\u002Fli>\n\u003Cli>\u003Ccode>sortorder\u003C\u002Fcode> – Sort direction: asc or desc (default: asc)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Display friends’ websites sorted by name:\u003C\u002Fstrong>\u003Cbr \u002F>\n    [blogroll-links categoryslug=”friends” sortby=”link_name” sortorder=”asc”]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Display resources sorted by rating (highest first):\u003C\u002Fstrong>\u003Cbr \u002F>\n    [blogroll-links categoryslug=”resources” sortby=”link_rating” sortorder=”desc”]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Display social media profiles:\u003C\u002Fstrong>\u003Cbr \u002F>\n    [blogroll-links categoryslug=”social-profiles”]\u003C\u002Fp>\n\u003Ch4>Live Examples\u003C\u002Fh4>\n\u003Cp>See this plugin in action:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.rajiv.com\u002Ffriends\u002F\" rel=\"nofollow ugc\">www.rajiv.com\u002Ffriends\u002F\u003C\u002Fa> – Social networking links with XFN tags\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.rajiv.com\u002Fcharity\u002F\" rel=\"nofollow ugc\">www.rajiv.com\u002Fcharity\u002F\u003C\u002Fa> – Charitable organizations list\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Thanks to Dave Grega and Adam E. Falk (xenograg) for their contributions to this code.\u003C\u002Fp>\n\u003Cp>Version 3.0 was modernized using \u003Ca href=\"https:\u002F\u002Frajiv.com\u002Fblog\u002F2025\u002F11\u002F09\u002Fsynthesis-engineering-with-claude-code-technical-implementation-and-workflows\u002F\" rel=\"nofollow ugc\">Synthesis Coding\u003C\u002Fa> with Claude Code – a human-AI collaborative development approach.\u003C\u002Fp>\n","Display your blogroll links anywhere in posts or pages using a simple shortcode.",300,33136,"2025-11-29T18:37:00.000Z","6.7.5","5.0","7.4",[20,139,22,140],"bookmarks","shortcode","https:\u002F\u002Fgithub.com\u002Frajivpant\u002Fblogroll-links","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblogroll-links.3.0.0.zip",{"slug":144,"name":145,"version":146,"author":147,"author_profile":148,"description":149,"short_description":150,"active_installs":151,"downloaded":152,"rating":93,"num_ratings":58,"last_updated":153,"tested_up_to":154,"requires_at_least":155,"requires_php":78,"tags":156,"homepage":159,"download_link":160,"security_score":81,"vuln_count":82,"unpatched_count":82,"last_vuln_date":37,"fetched_at":30},"blogroll-rss-widget","Blogroll Widget with RSS Feeds","2.2","Jan Teriete","https:\u002F\u002Fprofiles.wordpress.org\u002Fleisurelarry\u002F","\u003Cp>This WordPress Widget allows you to display the recent posts of your blogroll links via RSS Feeds as a sidebar widget.\u003Cbr \u002F>\nThe Plugin works without Javascript and without AJAX. It uses the WordPress standard links database and honors the\u003Cbr \u002F>\nvisible and target settings as defined for each link (private links are not shown, links are displayed in the same or\u003Cbr \u002F>\nin a new window as specified). The Plugin is easy to install, the Widget is simple to use and highly customizable.\u003Cbr \u002F>\nYou can simply switch on \u002F off, select or type in the various configurations and settings.\u003C\u002Fp>\n\u003Cp>You can configure this Widget in the WordPress Appearance Widgets SubPanel as follows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>add an own title to the sidebar widget\u003C\u002Fli>\n\u003Cli>define how many items you want to display \u003C\u002Fli>\n\u003Cli>choose the link category of the items (all links or one of your link categories)\u003C\u002Fli>\n\u003Cli>select the item order (link name ascending, link name descending, link id ascending, link id descending, random order)\u003C\u002Fli>\n\u003Cli>show the images entered to the respective links or let the plugin generate website thumbnails (via m-software.de) – NOT RECOMMENDED, as this service does not work properly anymore!\u003C\u002Fli>\n\u003Cli>define the image size\u003C\u002Fli>\n\u003Cli>show blogroll links\u003C\u002Fli>\n\u003Cli>add the ‘rel=nofollow’ attribute to the blogroll links\u003C\u002Fli>\n\u003Cli>define how many feed post links you want to display\u003C\u002Fli>\n\u003Cli>choose if you want to shorten the feed post link text and define the length in characters\u003C\u002Fli>\n\u003Cli>add the ‘rel=nofollow’ attribute to the feed post links\u003C\u002Fli>\n\u003Cli>show feed post excerpts\u003C\u002Fli>\n\u003Cli>define how many characters of the feed post excerpt you want to display\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Before using the Blogroll Widget with RSS Feeds make sure, that you have entered the right RSS Addresses to your links in the Links\u003Cbr \u002F>\nSubpanel. Otherwise this Plugin will not work correctly. No item is shown when no RSS Address is entered! With this you\u003Cbr \u002F>\nhave a further possibility to configure the Widget output. When you do not enter a RSS Address to a link, it will not be\u003Cbr \u002F>\ndisplayed in the Widget.\u003C\u002Fp>\n\u003Cp>Alternative to the WordPress Appearance Widgets SubPanel you can add and configure the Blogroll Widget with RSS Feeds directly\u003Cbr \u002F>\nin your theme file (e.g. sidebar.php). For details please see the installation tab.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Blogroll Widget with RSS Feeds requires WordPress Version 2.8 or higher\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Italian – Thanks to talksina\u003C\u002Fli>\n\u003Cli>French – Thanks to \u003Ca href=\"http:\u002F\u002Fmaitremo.fr\u002F\" title=\"Maître Mô\" rel=\"nofollow ugc\">Maître Mô\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Belorussian – Thanks to \u003Ca href=\"http:\u002F\u002Fpc.de\u002F\" title=\"Marcis G.\" rel=\"nofollow ugc\">Marcis G.\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Bulgarian – Thanks to \u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002F\" title=\"Web Geek\" rel=\"nofollow ugc\">Web Geek\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Displays the recent posts of your blogroll links via RSS Feeds in a customizable sidebar widget",200,52814,"2013-08-03T17:14:00.000Z","3.4.2","2.8",[20,139,157,22,158],"last-post","recent-post","http:\u002F\u002Fwww.officetrend.de\u002F2684\u002Fwordpress-plugin-blogroll-widget-with-rss-feeds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblogroll-rss-widget.zip",{"attackSurface":162,"codeSignals":214,"taintFlows":228,"riskAssessment":248,"analyzedAt":258},{"hooks":163,"ajaxHandlers":207,"restRoutes":208,"shortcodes":209,"cronEvents":213,"entryPointCount":58,"unprotectedCount":82},[164,170,173,178,183,187,191,195,199,204],{"type":165,"name":166,"callback":167,"file":168,"line":169},"action","admin_menu","register_pages","admin\\admin.php",52,{"type":165,"name":171,"callback":172,"file":168,"line":60},"plugins_loaded","version_upgrade",{"type":165,"name":174,"callback":175,"file":176,"line":177},"admin_init","register","includes\\config.php",48,{"type":179,"name":180,"callback":181,"file":176,"line":182},"filter","pre_update_option_lvw_req_manages_link_role","update_manage_links_role",49,{"type":165,"name":171,"callback":184,"file":185,"line":186},"load_textdomain","link-view.php",79,{"type":165,"name":188,"callback":189,"file":185,"line":190},"widgets_init","widget_init",81,{"type":179,"name":192,"callback":193,"file":185,"line":194},"pre_option_link_manager_enabled","__return_true",84,{"type":165,"name":196,"callback":197,"file":185,"line":198},"wp_enqueue_scripts","register_scripts",93,{"type":165,"name":200,"callback":201,"file":202,"line":203},"print_late_styles","print_styles","shortcode\\factory.php",51,{"type":165,"name":205,"callback":206,"priority":58,"file":202,"line":169},"wp_footer","enqueue_scripts",[],[],[210],{"tag":23,"callback":211,"file":185,"line":212},"shortcode_linkview",80,[],{"dangerousFunctions":215,"sqlUsage":216,"outputEscaping":218,"fileOperations":82,"externalRequests":82,"nonceChecks":82,"capabilityChecks":28,"bundledLibraries":227},[],{"prepared":82,"raw":82,"locations":217},[],{"escaped":186,"rawEcho":28,"locations":219},[220,224],{"file":221,"line":222,"context":223},"admin\\settings.php",60,"raw output",{"file":225,"line":226,"context":223},"widget\\widget.php",63,[],[229],{"entryPoint":230,"graph":231,"unsanitizedCount":82,"severity":247},"\u003Cabout> (admin\\about.php:0)",{"nodes":232,"edges":244},[233,239],{"id":234,"type":235,"label":236,"file":237,"line":238},"n0","source","$_GET","admin\\about.php",59,{"id":240,"type":241,"label":242,"file":237,"line":198,"wp_function":243},"n1","sink","echo() [XSS]","echo",[245],{"from":234,"to":240,"sanitized":246},true,"low",{"summary":249,"deductions":250},"The 'link-view' plugin v0.8.0 exhibits a mixed security posture. On the positive side, static analysis reveals excellent practices with 100% of SQL queries using prepared statements and a very high percentage (98%) of output escaping. The attack surface is minimal, with only one shortcode and no unprotected entry points from AJAX, REST API, or cron events. There are also capability checks present in the code.\n\nHowever, significant concerns arise from the plugin's vulnerability history. With two known CVEs, both currently unpatched and classified as medium severity, this indicates a recurring pattern of potential vulnerabilities. The common vulnerability type being Cross-site Scripting (XSS) suggests that user-supplied data might not always be handled securely, despite the generally good output escaping observed in static analysis. The presence of these unpatched vulnerabilities is the most critical risk factor.\n\nIn conclusion, while the code itself appears to follow many good security practices, the existence of two unpatched medium severity vulnerabilities, specifically XSS, is a substantial risk. The plugin's developers need to address these known issues promptly. Users should be aware that despite the static analysis results showing good code hygiene, the historical data points to a past need for more robust input validation and output sanitization that may not have been fully addressed.",[251,254,255],{"reason":252,"points":253},"Unpatched CVE (Medium severity)",15,{"reason":252,"points":253},{"reason":256,"points":257},"0 Nonce checks present",5,"2026-03-16T19:19:02.579Z",{"wat":260,"direct":273},{"assetPaths":261,"generatorPatterns":266,"scriptPaths":267,"versionParams":268},[262,263,264,265],"\u002Fwp-content\u002Fplugins\u002Flink-view\u002Fadmin\u002Fcss\u002Fabout.css","\u002Fwp-content\u002Fplugins\u002Flink-view\u002Fadmin\u002Fcss\u002Fsettings.css","\u002Fwp-content\u002Fplugins\u002Flink-view\u002Fincludes\u002Fjs\u002FeasySlider.min.js","\u002Fwp-content\u002Fplugins\u002Flink-view\u002Fincludes\u002Fjs\u002Fmasonry.pkgd.min.js",[],[264,265],[269,270,271,272],"link-view\u002Fadmin\u002Fcss\u002Fabout.css?ver=","link-view\u002Fadmin\u002Fcss\u002Fsettings.css?ver=","link-view\u002Fincludes\u002Fjs\u002FeasySlider.min.js?ver=","link-view\u002Fincludes\u002Fjs\u002Fmasonry.pkgd.min.js?ver=",{"cssClasses":274,"htmlComments":275,"htmlAttributes":276,"restEndpoints":279,"jsGlobals":280,"shortcodeOutput":281},[],[],[277,278],"data-lvw-slider","data-lvw-slider-options",[],[],[282],"[linkview"]