[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvd_kT89h8dLSUC6HYa6LcgiIlTUSVon0yNsmMjccnCE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":131,"fingerprints":165},"list-custom-post-with-featured-image","List Custom Post with featured image","1.2","Vikas Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevikas301\u002F","\u003Cp>This plugin allows to create gallery for custom post using short-code.\u003C\u002Fp>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>  [LCPOSTLIST post_type=\"post\" limit=4 order=\"ASC\" pagination=\"off\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Simple plugin. Show feature image, title with pagination on anywhere using shortcode.",10,2216,100,3,"2024-10-06T17:26:00.000Z","6.6.5","3.6","",[20,21,22,23,24],"custom-post-grid","custom-post-list","pagination","rockon","shortcode","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flist-custom-post-with-featured-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flist-custom-post-with-featured-image.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"devikas301",6,3350,94,30,90,"2026-04-04T03:56:00.888Z",[41,59,77,95,113],{"slug":42,"name":43,"version":44,"author":7,"author_profile":8,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":13,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":57,"download_link":58,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"basic-url-shortcodes","Basic URL ShortCodes","4.0.2","\u003Cp>Sometimes you need to display your website’s base URL, active theme URL or uploads folder URL directly inside your content editor.\u003C\u002Fp>\n\u003Cp>Basic URL Shortcodes allows you to easily insert important WordPress URLs using simple shortcodes inside posts, pages and widgets.\u003C\u002Fp>\n\u003Ch4>Available Shortcodes\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>[home_url]\u003C\u002Fstrong>\u003Cbr \u002F>\nOutputs the website’s home URL (as set in WordPress Settings).\u003Cbr \u002F>\nExample:\u003Cbr \u002F>\nhttp:\u002F\u002Flocalhost\u002Fwp-demo\u003C\u002Fp>\n\u003Cp>\u003Cstrong>[theme_url_template]\u003C\u002Fstrong>\u003Cbr \u002F>\nOutputs the URL of the currently active theme (child theme supported).\u003Cbr \u002F>\nExample:\u003Cbr \u002F>\nhttp:\u002F\u002Flocalhost\u002Fwp-demo\u002Fwp-content\u002Fthemes\u002Fmytheme\u003C\u002Fp>\n\u003Cp>\u003Cstrong>[UPLOAD_URL]\u003C\u002Fstrong>\u003Cbr \u002F>\nOutputs the base URL of the WordPress uploads directory.\u003Cbr \u002F>\nExample:\u003Cbr \u002F>\nhttp:\u002F\u002Flocalhost\u002Fwp-demo\u002Fwp-content\u002Fuploads\u003C\u002Fp>\n\u003Cp>These shortcodes are useful when building custom layouts, inserting dynamic links or when theme customization options are limited.\u003C\u002Fp>\n\u003Cp>Lightweight, simple and fully compatible with modern WordPress editors.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin uses the GPLv3 license.\u003C\u002Fp>\n","Provides simple shortcodes to output essential WordPress URLs inside posts, pages and widgets.",3000,7450,2,"2026-02-28T05:52:00.000Z","6.9.4","4.0.0",[54,23,24,55,56],"basic-url","stylesheet","template","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbasic-url-shortcodes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbasic-url-shortcodes.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":13,"downloaded":67,"rating":68,"num_ratings":14,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":74,"download_link":75,"security_score":76,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-smart-pagination","WP Smart Pagination","0.2","Kharis Sulistiyono","https:\u002F\u002Fprofiles.wordpress.org\u002Fkharisblank\u002F","\u003Cp>This simple plugin improves your WordPress powered blog pagination with extra input number where users can jump to any (x) page.\u003C\u002Fp>\n\u003Cp>For custom styling matches your theme’s skin, modify the .less or .css file in the plugin package.\u003C\u002Fp>\n\u003Cp>Check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-smart-pagination\u002Fscreenshots\u002F\" rel=\"ugc\">screenshot\u003C\u002Fa> for the shake of visual before you download.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>After this plugin activated, replace your old-school pagination with this schortcode \u003Ccode>\u003C?php echo do_shortcode('[wpsp]'); ?>\u003C\u002Fcode> in your template file, i.e. index.php, archive.php, search.php, or any template requires pagination.\u003C\u002Fp>\n","Improve your WordPress powered blog pagination with extra input number where users can jump to any (x) page.",11980,74,"2013-11-19T09:27:00.000Z","3.7.41","2.1.0",[73,22,24],"page","https:\u002F\u002Fgithub.com\u002Fkharissulistiyo\u002FWP-Smart-Pagination","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-smart-pagination.zip",85,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":28,"num_ratings":28,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":93,"download_link":94,"security_score":76,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"advanced-custom-fields-w4-post-list-bridge","Advanced Custom Fields: W4 Post List Bridge","1.0.0","pmill","https:\u002F\u002Fprofiles.wordpress.org\u002Fpmill\u002F","\u003Cp>This plugin provides a [post_field field=”field-name”] shortcode connecting an Advanced Custom Fields field to your W4\u003Cbr \u002F>\nPost List list template.\u003C\u002Fp>\n","This plugin provides a [post_field field=\"field-name\"] shortcode connecting an Advanced Custom Fields field to your W4 Post List list templa &hellip;",70,2666,"2015-07-17T09:54:00.000Z","3.4.2","3.0.0",[91,21,92,24],"acf","post-list","http:\u002F\u002Fgithub.com\u002Fpmill\u002Facf-w4-post-list-bridge\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-custom-fields-w4-post-list-bridge.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":11,"downloaded":103,"rating":28,"num_ratings":28,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":111,"download_link":112,"security_score":76,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cc-list-posts","CC-List-Posts","1.0.1","Clearcode","https:\u002F\u002Fprofiles.wordpress.org\u002Fclearcodehq\u002F","\u003Cp>The CC-List-Posts plugin works out of the box.\u003Cbr \u002F>\nThere is no settings page for it.\u003Cbr \u002F>\nAfter activation you can start using \u003Ccode>wp_list_posts\u003C\u002Fcode> function and\u002For shortcode with the parameters listed below.\u003C\u002Fp>\n\u003Cp>\u003Cem>\u003Cstrong>Notice\u003C\u002Fstrong>: the plugin can be used with the \u003Ccode>wp_link_pages\u003C\u002Fcode> built-in functionality if you use \u003Ccode>pagination\u003C\u002Fcode> parameter with integer value.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>Defaults\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>before\u003C\u002Fstrong>: (string) \u003Cul>,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>after\u003C\u002Fstrong>: (string) \u003C\u002Ful>,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>link_before\u003C\u002Fstrong>: (string) \u003Cem>empty string\u003C\u002Fem>,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>link_after\u003C\u002Fstrong>: (string) \u003Cem>empty string\u003C\u002Fem>,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>type\u003C\u002Fstrong>: (string) postbypost,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>echo\u003C\u002Fstrong>: (integer) 0,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pagination\u003C\u002Fstrong>: (boolean|integer) false,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>format\u003C\u002Fstrong>: (string) html\u003C\u002Fli>\n\u003Cli>\u003Cstrong>type\u003C\u002Fstrong>: (string) monthly,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>limit\u003C\u002Fstrong>: (string) \u003Cem>empty string\u003C\u002Fem>,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>show_post_count\u003C\u002Fstrong>: (boolean) false,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>order\u003C\u002Fstrong>: (string) DESC,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>post_type\u003C\u002Fstrong>: (string) post\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>\u003Cstrong>Notice\u003C\u002Fstrong>: plugin uses \u003Ccode>wp_get_archives\u003C\u002Fcode> function to list posts, so you can also use additional parameters. A full list is available at WordPress \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fwp_get_archives\" rel=\"nofollow ugc\">codex\u003C\u002Fa> page documentation.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>wp_list_posts parameter mapped to wp_get_archives\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>link_before\u003C\u002Fstrong>: before\u003C\u002Fli>\n\u003Cli>\u003Cstrong>link_after\u003C\u002Fstrong>: after\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Default usage\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Function\u003C\u002Fstrong>: \u003Ccode>wp_list_posts( array( 'pagination' => 50 ) )\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode\u003C\u002Fstrong>: \u003Ccode>[wp_list_posts pagination=50]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin adds similar to wp_list_pages, missing function and shortcode wp_list_posts with pagination support.",1496,"2022-03-16T14:37:00.000Z","5.9.13","4.7",[22,24,108,109,110],"wp_get_archives","wp_list_pages","wp_list_posts","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcc-list-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcc-list-posts.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":11,"downloaded":121,"rating":28,"num_ratings":28,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":128,"download_link":129,"security_score":76,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":130},"nextpage-link","NextPage Link","1.0.2","NewsFront","https:\u002F\u002Fprofiles.wordpress.org\u002Fnewsfront\u002F","\u003Cp>A link to the next page can be displayed using a short code.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>PHP version 5.3 or greater.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>All files and scripts are licensed under GNU General Public License.\u003C\u002Fp>\n","A link to the next page can be displayed using a short code.",1438,"2022-11-04T00:55:00.000Z","6.1.10","5.7","5.3",[127,22,24],"nextpage","https:\u002F\u002Fwww.newsfront.jp\u002Fwordpress\u002Fplugins\u002Fnextpage-link\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnextpage-link.1.0.2.zip","2026-03-15T14:54:45.397Z",{"attackSurface":132,"codeSignals":149,"taintFlows":156,"riskAssessment":157,"analyzedAt":164},{"hooks":133,"ajaxHandlers":140,"restRoutes":141,"shortcodes":142,"cronEvents":147,"entryPointCount":148,"unprotectedCount":28},[134],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","wp_enqueue_scripts","lcpfi_enqueue_styles","list-cp-featured-image.php",132,[],[],[143],{"tag":144,"callback":145,"file":138,"line":146},"LCPOSTLIST","lcpfi_listpost",82,[],1,{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":155},[],{"prepared":28,"raw":28,"locations":152},[],{"escaped":28,"rawEcho":28,"locations":154},[],[],[],{"summary":158,"deductions":159},"The plugin \"list-custom-post-with-featured-image\" v1.2 demonstrates a generally strong security posture based on the provided static analysis.  There are no identified dangerous functions, external HTTP requests, or file operations. All SQL queries utilize prepared statements, and all observed outputs are properly escaped, indicating good development practices in these areas. The absence of known vulnerabilities and CVEs in its history further contributes to a positive security outlook. The attack surface is minimal, consisting solely of a single shortcode, and importantly, there are no unprotected entry points identified in the static analysis. Taint analysis also yielded no critical or high severity issues, suggesting no readily exploitable data flows.\n\nDespite these strengths, a significant concern arises from the complete absence of nonce checks and capability checks. While the static analysis reported zero unprotected entry points, the lack of these fundamental WordPress security mechanisms on the shortcode leaves it vulnerable to CSRF (Cross-Site Request Forgery) attacks if the shortcode's functionality, when processed, involves any state-changing operations or sensitive data manipulation. This oversight is a critical weakness that could be exploited by an attacker to perform actions on behalf of an unsuspecting user. The plugin's vulnerability history of zero CVEs is excellent, but the lack of these checks represents a potential for future vulnerabilities if the plugin's functionality evolves without addressing this gap.",[160,162],{"reason":161,"points":11},"Missing nonce checks",{"reason":163,"points":11},"Missing capability checks","2026-03-17T01:19:50.844Z",{"wat":166,"direct":173},{"assetPaths":167,"generatorPatterns":169,"scriptPaths":170,"versionParams":171},[168],"\u002Fwp-content\u002Fplugins\u002Flist-custom-post-with-featured-image\u002Fcss\u002Flcpfi_style.css",[],[],[172],"list-custom-post-with-featured-image\u002Fcss\u002Flcpfi_style.css?ver=",{"cssClasses":174,"htmlComments":180,"htmlAttributes":181,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":187},[175,176,177,178,179],"lcpfi-post-gallery","lcpfi-section","lcpfi-wrapper","lcpfi-pagination-section","lcpfi-glpagination",[],[182,183,184,22],"post_type","limit","order",[],[],[188,189,190,191,190,192],"\u003Cdiv class=\"lcpfi-post-gallery\">\u003Cdiv class=\"row\">","\u003Cdiv class=\"col-md-3 lcpfi-section\">\u003Cdiv class=\"wpb_wrapper\">\u003Cdiv class=\"lcpfi-wrapper\">\u003Ca href=\"","\">","\u003C\u002Fa>\u003C\u002Fdiv>\u003Ch4>\u003Ca href=\"","\u003C\u002Fa>\u003C\u002Fh4>\u003C\u002Fdiv>\u003C\u002Fdiv>"]