[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUMR6nhHcYi1H6i3laYMG6JZpt9qH4UFpVcOnVIgE46Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":134,"fingerprints":409},"linked-pages","Linked Pages","0.2.3","athenaofdelphi","https:\u002F\u002Fprofiles.wordpress.org\u002Fathenaofdelphi\u002F","\u003Cp>The Linked Pages plugin allows links between posts to be created using customisable page pickers and then displayed using the built in widget.\u003C\u002Fp>\n\u003Cp>Making use of custom post types, you can now easily create collections of pages and include structure.  For example, if your site is about football, you could implement two custom post types.  Football clubs and Players.  Using the provided tools, you can link players to their club in seconds and display the clubs current list of players.\u003C\u002Fp>\n\u003Cp>For detailed information about this plugin and how it works, check out it’s wiki page at \u003Ca href=\"http:\u002F\u002Fathena.outer-reaches.com\u002Fwiki\u002Fdoku.php?id=projects:wplp:home\" rel=\"nofollow ugc\">Athena’s Wiki\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Linked Pages, a plugin for WordPress, (C) 2011 by Christina Louise Warne, is licensed under the \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl.html\" title=\"GNU General Public License\" rel=\"nofollow ugc\">GNU General Public License\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Linked Pages is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>Linked Pages is distributed in the hope that it will be useful, but \u003Cstrong>without any warranty\u003C\u002Fstrong>; without even the implied warranty of \u003Cstrong>merchantability\u003C\u002Fstrong> or \u003Cstrong>fitness for a particular purpose\u003C\u002Fstrong>. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with the Linked Pages plugin. If not, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\" title=\"GNU General Public Licenses\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","The Linked Pages plugin allows links between posts to be created using customisable page pickers and then displayed using the built in widget.",10,2238,0,"2011-06-09T20:21:00.000Z","3.1.4","3.0","",[19,20,21,22,23],"custom-field","link","meta","post-meta","widget","http:\u002F\u002Fathena.outer-reaches.com\u002Fwiki\u002Fdoku.php?id=projects:wplp:home","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flinked-pages.0.2.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},3,120,30,84,"2026-04-04T14:10:34.934Z",[37,59,79,98,117],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":56,"download_link":57,"security_score":34,"vuln_count":48,"unpatched_count":13,"last_vuln_date":58,"fetched_at":28},"get-custom-field-values","Get Custom Field Values","4.1","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>This plugin provides a powerful widget, shortcode (with shortcode builder tool), and template tags for easily retrieving and displaying custom field values for posts or pages.\u003C\u002Fp>\n\u003Cp>The power of custom fields gives this plugin the potential to be dozens of plugins all rolled into one.\u003C\u002Fp>\n\u003Cp>This plugin allows you to harness the power of custom fields\u002Fmeta data. Use the “Get Custom Field” widget, the \u003Ccode>[custom_field]\u003C\u002Fcode> shortcode (which has a post editor sidebar widget to help you build the shortcode), or one of six template tags to retrieve and display custom fields. Find a custom field for the current post, a specified post, a recent post, or randomly. And for the custom field values found by the plugin, you may optionally specify text or HTML to appear before and after the results. If nothing is found, then nothing is display (unless you define text to appear when no results are found). If multiple results are found, only the first will be displayed unless you specify a string to be used to join the results together (such as “,”), in which case all will be returned. Visit the Examples section to see how this plugin can be cast in dozens of different ways.\u003C\u002Fp>\n\u003Cp>There are six template tags provided by this plugin. Here they are, with an explanation of when they are appropriate for use:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>c2c_get_custom()\u003C\u002Fcode> : Use this inside “the loop” to retrieve a custom field value for a post\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_current_custom()\u003C\u002Fcode> : This is only available on the permalink post template (single.php) and page template (page.php). Can be used inside or outside “the loop”. Useful for using custom field to define text you want to include on a post or page’s header, footer, or sidebar.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_post_custom()\u003C\u002Fcode> : Useful when you know the ID of the post whose custom field value you want.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_random_custom()\u003C\u002Fcode> : Retrieve the value of a random instance of the specified custom field key, as long as the field is associated with a published posted, non-passworded post (you can modify a setting in the plugin file to search passworded posts as well).\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_random_post_custom()\u003C\u002Fcode> : Retrieves the value of random custom field(s) from a post when you know the ID of the post you’re interested in.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_recent_custom()\u003C\u002Fcode> : Retrieves the most recent (according to the associated post’s publish date) value of the specified custom field.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can filter the custom field values that the plugin would display. Add filters for ‘\u003Ccode>the_meta\u003C\u002Fcode>‘ to filter custom field data (see the end of the code file for commented out samples you may wish to include). You can also add per-meta filters by hooking ‘\u003Ccode>the_meta_$sanitized_field\u003C\u002Fcode>‘. \u003Ccode>$sanitized_field\u003C\u002Fcode> is a clean version of the value of \u003Ccode>$field\u003C\u002Fcode> where everything but alphanumeric and underscore characters have been removed. So to filter the value of the “Related Posts” custom field, you would need to add a filter for ‘\u003Ccode>the_meta_RelatedPosts\u003C\u002Fcode>‘.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fget-custom-field-values\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fget-custom-field-values\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fget-custom-field-values\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Developer Documentation\u003C\u002Fh3>\n\u003Cp>Developer documentation can be found in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fget-custom-field-values\u002Fblob\u002Fmaster\u002FDEVELOPER-DOCS.md\" rel=\"nofollow ugc\">DEVELOPER-DOCS.md\u003C\u002Fa>. That documentation covers the numerous template tags, hooks, and shortcode provided by the plugin.\u003C\u002Fp>\n\u003Cp>As an overview, these are the template tags provided the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>c2c_get_custom()\u003C\u002Fcode>             : Template tag for use inside “the loop” and applies to the currently listed post.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_current_custom()\u003C\u002Fcode>     : Template tag for use on permalink (aka single) page templates for posts and pages.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_post_custom()\u003C\u002Fcode>        : Template tag for use when you know the ID of the post you’re interested in.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_random_custom()\u003C\u002Fcode>      : Template tag for use to retrieve a random custom field value.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_random_post_custom()\u003C\u002Fcode> : Template tag for use to retrieve random custom field value(s) from a post when you know the ID of the post you’re interested in.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_recent_custom()\u003C\u002Fcode>      : Template tag for use outside “the loop” and applies for custom fields regardless of post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These are the hooks provided by the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>c2c_get_custom_field_values_shortcode\u003C\u002Fcode>  : Filter to customize the name of the plugin’s shortcode.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_get_custom_field_values_post_types\u003C\u002Fcode> : Filter to customize the post types that should support the shortcode builder metabox.\u003C\u002Fli>\n\u003Cli>\u003Ccode>get_custom_field_values\u002Fcan_author_use_shortcodes\u003C\u002Fcode> : Filter to customize if post author can make use of the ‘custom_field’ shortcode.\u003C\u002Fli>\n\u003Cli>\u003Ccode>get_custom_field_values\u002Fshow_metabox\u003C\u002Fcode>   : Filter to customize if the shortcode builder metabox is shown.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The shortcode provided is \u003Ccode>[custom-field]\u003C\u002Fcode>, which has a number of attributes to customize its behavior and output.\u003C\u002Fp>\n","Use widgets, shortcodes, and\u002For template tags to easily retrieve and display custom field values for posts or pages.",1000,132121,100,4,"2023-10-10T04:37:00.000Z","6.3.8","3.6",[53,21,54,23,55],"custom-fields","shortcode","widgets","https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fget-custom-field-values\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fget-custom-field-values.4.1.zip","2023-10-11 00:00:00",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":47,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":77,"download_link":78,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ultimate-fields","Ultimate Fields","3.0.2","Radoslav Georgiev","https:\u002F\u002Fprofiles.wordpress.org\u002Fradogeorgiev\u002F","\u003Cp>With Ultimate Fields you can easily create fields in the admin. Those fields can be displayed when you are editing a post or page (any post type actually) or in an options page (ex. Theme Options) anywhere in the admin.\u003C\u002Fp>\n\u003Cp>Please visit \u003Ca href=\"https:\u002F\u002Fwww.ultimate-fields.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.ultimate-fields.com\u002F\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy to use.\u003C\u002Fli>\n\u003Cli>Various field types (listed below)\u003C\u002Fli>\n\u003Cli>Support for Post Type and Options Page as locations for fields. All locations have advanced placement rules, in order to only show them when needed.\u003C\u002Fli>\n\u003Cli>WYSIWYG Field Creation\u003C\u002Fli>\n\u003Cli>Focused on developers: A clean object-oriented API allows you to cleanly define all of your fields through code.\u003C\u002Fli>\n\u003Cli>Perfected tabs, alignment and styles\u003C\u002Fli>\n\u003Cli>Import, Export and in-theme JSON Synchronization\u003C\u002Fli>\n\u003Cli>JavaScript-based interface\u003C\u002Fli>\n\u003Cli>Unlimited field nesting with the Repeater and Complex fields\u003C\u002Fli>\n\u003Cli>Conditional Logic between fields in the same container (and ones on upper levels)\u003C\u002Fli>\n\u003Cli>REST API Support\u003C\u002Fli>\n\u003Cli>Admin Columns\u003C\u002Fli>\n\u003Cli>Integration with WordPress SEO for automatic field content ratings\u003C\u002Fli>\n\u003Cli>Clean styles: Ultimate Fields follows WordPress’ built in styles as much as possible and provides a seamless experience. It’s even fully responsive.\u003C\u002Fli>\n\u003Cli>Full-featured interface for data loading\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Fields\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Text\u003C\u002Fli>\n\u003Cli>Textarea\u003C\u002Fli>\n\u003Cli>WYSIWYG Editor\u003C\u002Fli>\n\u003Cli>Password\u003C\u002Fli>\n\u003Cli>Number\u003C\u002Fli>\n\u003Cli>Checkbox\u003C\u002Fli>\n\u003Cli>Select\u003C\u002Fli>\n\u003Cli>Multiselect\u003C\u002Fli>\n\u003Cli>Image-Select (a visual select)\u003C\u002Fli>\n\u003Cli>File\u003C\u002Fli>\n\u003Cli>Image\u003C\u002Fli>\n\u003Cli>WP Object (for selection of an object among posts, terms and users)\u003C\u002Fli>\n\u003Cli>WP Objects (for multiple objects)\u003C\u002Fli>\n\u003Cli>Link\u003C\u002Fli>\n\u003Cli>Section\u003C\u002Fli>\n\u003Cli>Tab\u003C\u002Fli>\n\u003Cli>Complex\u003C\u002Fli>\n\u003Cli>Repeater\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Repeaters\u003C\u002Fh4>\n\u003Cp>Repeaters can be used to add repeatable groups of fields. You can combine a text and a file field into a Slide group and allow the user to add as many slides as he needs. The value is saved in a single field!\u003C\u002Fp>\n\u003Cp>Additionally you can add different types of groups into a single repeater. This way the user could add both Video Slides and Image Slides through the same place.\u003C\u002Fp>\n\u003Ch4>Embedding in themes and plugins\u003C\u002Fh4>\n\u003Cp>Ultimate Fields has all the necessary logic built in. Just place it wherever you need and include ultimate-fields.php\u003C\u002Fp>\n","Easy and powerful custom fields management: Post Meta, Options Pages, Repeaters and many field types!",900,14539,20,"2018-05-15T13:59:00.000Z","4.9.29","4.9","5.4",[53,21,22,75,76],"repeater","theme-options","https:\u002F\u002Fwww.ultimate-fields.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-fields.3.0.2.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":17,"tags":94,"homepage":96,"download_link":97,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"show-hidden-post-meta","Show Hidden Post Meta","1.0.1","Philip Newcomer","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilipnewcomer\u002F","\u003Cp>This plugin makes all custom fields (post meta) visible in the “Custom Fields” meta box on post edit screens.\u003C\u002Fp>\n","Makes hidden post meta visible on post edit screens",300,8139,86,6,"2019-09-25T22:40:00.000Z","5.2.24","3.2",[95,53,21,22],"admin","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshow-hidden-post-meta\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-hidden-post-meta.1.0.1.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":87,"downloaded":106,"rating":89,"num_ratings":11,"last_updated":107,"tested_up_to":108,"requires_at_least":72,"requires_php":109,"tags":110,"homepage":114,"download_link":115,"security_score":116,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-admin-search-meta","WP-Admin Search Post Meta","0.3","meloniq","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeloniq\u002F","\u003Cp>Enables searching post meta fields on admin pages.\u003C\u002Fp>\n","Enables searching post meta fields on admin pages.",6412,"2024-11-21T22:59:00.000Z","6.7.5","5.6",[53,22,111,112,113],"postmeta","search","wp-admin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-admin-search-meta\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-admin-search-meta.0.3.zip",92,{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":47,"num_ratings":127,"last_updated":128,"tested_up_to":50,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":132,"download_link":133,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"post-meta-viewer","Post Meta Viewer","2.0","Yong","https:\u002F\u002Fprofiles.wordpress.org\u002Fyongkiagustinus\u002F","\u003Cp>This plugin is useful if you want to see all post metas that stored in a post or page and the value of each meta.\u003Cbr \u002F>\nWhether for debugging, quick view a data or just curious what is saved inside your post or page meta.\u003C\u002Fp>\n\u003Cp>Just install and activate, \u003Cstrong>Post Meta Viewer\u003C\u002Fstrong> plugin will show a metabox contain the list table of all post metas that saved for each post or page in easily readable format.\u003C\u002Fp>\n\u003Cp>No settings needed just plug and play.\u003C\u002Fp>\n\u003Ch4>Thanks to Contributors\u003C\u002Fh4>\n\u003Cp>Thank you for the contibution to this plugin to\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnobnob\u002F\" rel=\"nofollow ugc\">Javier Esteban\u003C\u002Fa> for translating this plugin to Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n","View all post meta that saved in a post, page or custom post type in easily readable format. No settings needed just plug and play.",200,3590,2,"2023-08-12T11:44:00.000Z","4.8","7.4",[19,22,118],"https:\u002F\u002Fvinceredigital.com\u002Fwp\u002Fpost-meta-viewer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-meta-viewer.2.0.zip",{"attackSurface":135,"codeSignals":158,"taintFlows":321,"riskAssessment":402,"analyzedAt":408},{"hooks":136,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":13,"unprotectedCount":13},[137,143,146,150],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","admin_menu","lp_linker_menu","linkedpages.php",525,{"type":138,"name":139,"callback":144,"file":141,"line":145},"lp_create_meta_boxes",526,{"type":138,"name":147,"callback":148,"file":141,"line":149},"save_post","lp_save_meta_boxes",527,{"type":138,"name":151,"callback":152,"file":141,"line":153},"init","wp_widget_linked_pages_register",1037,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":166,"fileOperations":13,"externalRequests":13,"nonceChecks":127,"capabilityChecks":319,"bundledLibraries":320},[],{"prepared":127,"raw":161,"locations":162},1,[163],{"file":141,"line":164,"context":165},651,"$wpdb->get_results() with variable interpolation",{"escaped":167,"rawEcho":168,"locations":169},21,91,[170,173,174,175,177,179,181,183,185,187,189,191,192,194,195,197,198,200,201,203,205,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,243,244,246,248,249,250,252,254,255,256,258,260,261,262,264,265,266,267,269,271,272,273,275,277,278,279,281,283,284,285,287,289,290,291,293,295,296,297,299,301,302,303,305,307,308,310,312,313,315,317,318],{"file":141,"line":171,"context":172},82,"raw output",{"file":141,"line":34,"context":172},{"file":141,"line":89,"context":172},{"file":141,"line":176,"context":172},89,{"file":141,"line":178,"context":172},93,{"file":141,"line":180,"context":172},418,{"file":141,"line":182,"context":172},422,{"file":141,"line":184,"context":172},431,{"file":141,"line":186,"context":172},432,{"file":141,"line":188,"context":172},447,{"file":141,"line":190,"context":172},449,{"file":141,"line":190,"context":172},{"file":141,"line":193,"context":172},452,{"file":141,"line":193,"context":172},{"file":141,"line":196,"context":172},455,{"file":141,"line":196,"context":172},{"file":141,"line":199,"context":172},458,{"file":141,"line":199,"context":172},{"file":141,"line":202,"context":172},461,{"file":141,"line":204,"context":172},466,{"file":141,"line":204,"context":172},{"file":141,"line":207,"context":172},487,{"file":141,"line":209,"context":172},490,{"file":141,"line":211,"context":172},493,{"file":141,"line":213,"context":172},496,{"file":141,"line":215,"context":172},504,{"file":141,"line":217,"context":172},696,{"file":141,"line":219,"context":172},698,{"file":141,"line":221,"context":172},699,{"file":141,"line":223,"context":172},700,{"file":141,"line":225,"context":172},703,{"file":141,"line":227,"context":172},705,{"file":141,"line":229,"context":172},706,{"file":141,"line":231,"context":172},707,{"file":141,"line":233,"context":172},708,{"file":141,"line":235,"context":172},869,{"file":141,"line":237,"context":172},871,{"file":141,"line":239,"context":172},878,{"file":141,"line":241,"context":172},879,{"file":141,"line":241,"context":172},{"file":141,"line":241,"context":172},{"file":141,"line":245,"context":172},886,{"file":141,"line":247,"context":172},887,{"file":141,"line":247,"context":172},{"file":141,"line":247,"context":172},{"file":141,"line":251,"context":172},890,{"file":141,"line":253,"context":172},891,{"file":141,"line":253,"context":172},{"file":141,"line":253,"context":172},{"file":141,"line":257,"context":172},895,{"file":141,"line":259,"context":172},896,{"file":141,"line":259,"context":172},{"file":141,"line":259,"context":172},{"file":141,"line":263,"context":172},899,{"file":141,"line":67,"context":172},{"file":141,"line":67,"context":172},{"file":141,"line":67,"context":172},{"file":141,"line":268,"context":172},904,{"file":141,"line":270,"context":172},905,{"file":141,"line":270,"context":172},{"file":141,"line":270,"context":172},{"file":141,"line":274,"context":172},908,{"file":141,"line":276,"context":172},909,{"file":141,"line":276,"context":172},{"file":141,"line":276,"context":172},{"file":141,"line":280,"context":172},918,{"file":141,"line":282,"context":172},919,{"file":141,"line":282,"context":172},{"file":141,"line":282,"context":172},{"file":141,"line":286,"context":172},922,{"file":141,"line":288,"context":172},923,{"file":141,"line":288,"context":172},{"file":141,"line":288,"context":172},{"file":141,"line":292,"context":172},927,{"file":141,"line":294,"context":172},928,{"file":141,"line":294,"context":172},{"file":141,"line":294,"context":172},{"file":141,"line":298,"context":172},931,{"file":141,"line":300,"context":172},932,{"file":141,"line":300,"context":172},{"file":141,"line":300,"context":172},{"file":141,"line":304,"context":172},938,{"file":141,"line":306,"context":172},939,{"file":141,"line":306,"context":172},{"file":141,"line":309,"context":172},942,{"file":141,"line":311,"context":172},943,{"file":141,"line":311,"context":172},{"file":141,"line":314,"context":172},949,{"file":141,"line":316,"context":172},950,{"file":141,"line":316,"context":172},{"file":141,"line":316,"context":172},5,[],[322,376],{"entryPoint":323,"graph":324,"unsanitizedCount":13,"severity":375},"lp_pickers (linkedpages.php:292)",{"nodes":325,"edges":366},[326,331,336,339,341,344,346,349,351,354,356,359,361,364],{"id":327,"type":328,"label":329,"file":141,"line":330},"n0","source","$_POST (x2)",340,{"id":332,"type":333,"label":334,"file":141,"line":180,"wp_function":335},"n1","sink","echo() [XSS]","echo",{"id":337,"type":328,"label":338,"file":141,"line":184},"n2","$_SERVER['REQUEST_URI']",{"id":340,"type":333,"label":334,"file":141,"line":184,"wp_function":335},"n3",{"id":342,"type":328,"label":343,"file":141,"line":207},"n4","$_POST['lpptitle-new']",{"id":345,"type":333,"label":334,"file":141,"line":207,"wp_function":335},"n5",{"id":347,"type":328,"label":348,"file":141,"line":209},"n6","$_POST['lppfield-new']",{"id":350,"type":333,"label":334,"file":141,"line":209,"wp_function":335},"n7",{"id":352,"type":328,"label":353,"file":141,"line":211},"n8","$_POST['lppposttype-new']",{"id":355,"type":333,"label":334,"file":141,"line":211,"wp_function":335},"n9",{"id":357,"type":328,"label":358,"file":141,"line":213},"n10","$_POST['lpplinkposttype-new']",{"id":360,"type":333,"label":334,"file":141,"line":213,"wp_function":335},"n11",{"id":362,"type":328,"label":363,"file":141,"line":215},"n12","$_POST['lppcomment-new']",{"id":365,"type":333,"label":334,"file":141,"line":215,"wp_function":335},"n13",[367,369,370,371,372,373,374],{"from":327,"to":332,"sanitized":368},true,{"from":337,"to":340,"sanitized":368},{"from":342,"to":345,"sanitized":368},{"from":347,"to":350,"sanitized":368},{"from":352,"to":355,"sanitized":368},{"from":357,"to":360,"sanitized":368},{"from":362,"to":365,"sanitized":368},"low",{"entryPoint":377,"graph":378,"unsanitizedCount":13,"severity":375},"\u003Clinkedpages> (linkedpages.php:0)",{"nodes":379,"edges":394},[380,381,382,383,384,385,386,387,388,389,390,391,392,393],{"id":327,"type":328,"label":329,"file":141,"line":330},{"id":332,"type":333,"label":334,"file":141,"line":180,"wp_function":335},{"id":337,"type":328,"label":338,"file":141,"line":184},{"id":340,"type":333,"label":334,"file":141,"line":184,"wp_function":335},{"id":342,"type":328,"label":343,"file":141,"line":207},{"id":345,"type":333,"label":334,"file":141,"line":207,"wp_function":335},{"id":347,"type":328,"label":348,"file":141,"line":209},{"id":350,"type":333,"label":334,"file":141,"line":209,"wp_function":335},{"id":352,"type":328,"label":353,"file":141,"line":211},{"id":355,"type":333,"label":334,"file":141,"line":211,"wp_function":335},{"id":357,"type":328,"label":358,"file":141,"line":213},{"id":360,"type":333,"label":334,"file":141,"line":213,"wp_function":335},{"id":362,"type":328,"label":363,"file":141,"line":215},{"id":365,"type":333,"label":334,"file":141,"line":215,"wp_function":335},[395,396,397,398,399,400,401],{"from":327,"to":332,"sanitized":368},{"from":337,"to":340,"sanitized":368},{"from":342,"to":345,"sanitized":368},{"from":347,"to":350,"sanitized":368},{"from":352,"to":355,"sanitized":368},{"from":357,"to":360,"sanitized":368},{"from":362,"to":365,"sanitized":368},{"summary":403,"deductions":404},"The \"linked-pages\" plugin version 0.2.3 exhibits a generally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with exploitable attack vectors is a significant positive. Furthermore, the plugin demonstrates good practices with a substantial number of capability checks and the presence of nonce checks, indicating an effort to secure its functionality. The limited number of SQL queries and the relatively high percentage using prepared statements is also encouraging, minimizing the risk of SQL injection vulnerabilities.\n\nHowever, a notable concern arises from the low percentage of properly escaped output (19%). This suggests that a significant portion of the plugin's output may be vulnerable to Cross-Site Scripting (XSS) attacks. While no critical or high severity taint flows were detected, the lack of proper output escaping presents a direct avenue for attackers to inject malicious scripts into the WordPress site. The vulnerability history being entirely clean is a positive indicator of past security diligence, but it doesn't mitigate the immediate risks identified in the static analysis.\n\nIn conclusion, while the plugin has a low attack surface and implements some crucial security checks, the widespread lack of output escaping is a significant weakness. This needs to be addressed to prevent potential XSS vulnerabilities. The plugin's clean vulnerability history is commendable, but current code-level issues must be prioritized.",[405],{"reason":406,"points":407},"Low percentage of properly escaped output",15,"2026-03-17T00:35:14.422Z",{"wat":410,"direct":415},{"assetPaths":411,"generatorPatterns":412,"scriptPaths":413,"versionParams":414},[],[],[],[],{"cssClasses":416,"htmlComments":418,"htmlAttributes":419,"restEndpoints":420,"jsGlobals":421,"shortcodeOutput":422},[417],"widefat",[],[],[],[],[]]