[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fXvjCH417SbREHuJyNJvEpEOkKRTunNUoVvmluWUEM4E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":36,"analysis":133,"fingerprints":412},"locus","Locus","1.0","Diana K. Cury","https:\u002F\u002Fprofiles.wordpress.org\u002Fdianakc\u002F","\u003Cp>List post from a specific category with options like date format, link text, order and more. Locus is a very simple plugin for display content in diferrent ways:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Display a single post, page or any available post type.\u003C\u002Fli>\n\u003Cli>Display full content or the excerpt, or both!\u003C\u002Fli>\n\u003Cli>Category descriptions are visible by default, if any.\u003C\u002Fli>\n\u003Cli>Configure date format, link text or hide them all.\u003C\u002Fli>\n\u003Cli>Use styles for every block, (refer the stylesheet in \u003Ccode>locus\u002Fcontrol\u002Flocus-style.css\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Set display post orders, such random, by date, by author, comment count (popularity) etc\u003C\u002Fli>\n\u003Cli>Display thumbnails, if available\u003C\u002Fli>\n\u003Cli>Easy to use: you don’t have to learn to use it\u003C\u002Fli>\n\u003Cli>Settings per widget, so you can have different widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n","Locus allows you display any post, page or post type in widgetized areas of you site.",30,5871,100,1,"2014-04-17T04:04:00.000Z","3.9.40","3.0","",[20,21,22,23,24],"categories","pages","post-types","posts","widgets","http:\u002F\u002Fdianakcury.com\u002Fdev\u002Flocus","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flocus.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":11,"trust_score":34,"computed_at":35},"dianakc",84,"2026-04-04T03:36:15.521Z",[37,58,75,97,116],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":48,"unpatched_count":28,"last_vuln_date":57,"fetched_at":30},"essential-widgets","Essential Widgets","3.0.1","Catch Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcatchthemes\u002F","\u003Cp>Essential Widgets – a free WordPress plugin for widgets allows you to create and add interesting widgets on your website to make it more attractive and welcoming. Essential Widgets stays true to the essence of its name and offers exactly what you expect from a widgets plugin—all the “essential” widgets for your website. The plugin has been crafted beautifully to draw the extra attention to the important parts of your website. Essential Widgets provides you with the ability to have more control over the widgets with the various customization options. This free WordPress plugin for widgets allows you to create 7 different interesting widgets on your website. All the 7 widgets provided to you comes with so many customization options and are very easy to use. So, with Essential Widgets plugin, customize the interesting widgets your way and display them anywhere you want on your website to make it more dynamic.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>EW: Archives\u003Cbr \u002F>\nThe Archives widget comes with various customization options. Choose a title, limit the number of posts, select the archive type, post type, order and more with the Archives widget.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>EW: Authors\u003Cbr \u002F>\nDisplaying the author’s information is kind of a must-have feature if your website has multiple authors. Our new WordPress widgets plugin allows you to add Authors widget. With this widget, you can show the list of the authors on your website, the number of posts, select feed type, and more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>EW: Categories\u003Cbr \u002F>\nEssential Widgets Pro supports Categories widget. The widget provides you with various customizable options such as the title of the widget, taxonomy option, order option, number of categories to show, display as a list or none, number of posts to display, sort by option, select feed type ton display and display as text or image.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>EW: Menus\u003Cbr \u002F>\nBored with the same default menu? Our new WordPress plugin for widgets, Essential Widgets Pro supports Menus widget. With the Menus widget filled with various customization options, you can display your menus elegantly anywhere you want on your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>EW: Pages\u003Cbr \u002F>\nDisplay a list of pages with the Pages widget. With various customization options being provided to you, you can showcase the pages that are more important on your website wherever you want with Essential Widgets Pro.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>EW: Posts\u003Cbr \u002F>\nEssential Widgets Pro supports Posts widget. With the widget and its customizable options, you can easily display a list of posts on your website. You can add a title, select the post type, number of items to display, order, sort by, and more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>EW: Tags\u003Cbr \u002F>\nAnd last, but definitely not the least, the Tags widget. You can display a list of tags as cloud or list, select the order of the tags, sort by option and the number of items to be displayed. The widget also provides you with more customization options including the unit, separator, search, text type, and more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>To translate the plugin, use translate.wordpress.org (GlotPress). You only need your WordPress.org account to join the collaborative translation project.\u003C\u002Fp>\n\u003Cp>You can translate Essential Widgets on \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fessential-widgets\u002F\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n","Essential Widgets is a WordPress plugin for widgets that allows you to create and add amazing widgets with high customization option",10000,488631,70,2,"2026-01-26T17:59:00.000Z","6.9.4","5.9",[20,21,23,53,24],"tags","https:\u002F\u002Fcatchplugins.com\u002Fplugins\u002Fessential-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fessential-widgets.3.0.1.zip",98,"2026-02-04 18:41:50",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":13,"num_ratings":14,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":73,"download_link":74,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"selectable-post-and-page","Selectable Post and Page","1.3.4","happymox","https:\u002F\u002Fprofiles.wordpress.org\u002Fhappymox\u002F","\u003Cp>Display your selected post and page.\u003Cbr \u002F>\nA very simple plugin to add selectable post and page – for WordPress.\u003C\u002Fp>\n\u003Ch4>Features include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy to install\u003C\u002Fli>\n\u003Cli>Use for any sidebar.\u003C\u002Fli>\n\u003Cli>Get post(s) directly by a list of selected posts.\u003C\u002Fli>\n\u003Cli>Widget to display the post feature image. \u003C\u002Fli>\n\u003Cli>It will be displayed at random as the featured image of any post without an image.\u003C\u002Fli>\n\u003C\u002Ful>\n","Display your selected post and page.",10,1337,"2017-02-21T14:51:00.000Z","4.7.32","4.7",[20,21,23,72,24],"widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fselectable-post-and-page\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fselectable-post-and-page.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":45,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":18,"download_link":94,"security_score":95,"vuln_count":48,"unpatched_count":28,"last_vuln_date":96,"fetched_at":30},"no-page-comment","No Page Comment","1.3.1","Seth Alling","https:\u002F\u002Fprofiles.wordpress.org\u002Fsethta\u002F","\u003Cp>Up until recently, WordPress gave two options: You could either disable comments and trackbacks by default for all pages and posts, or you could have them active by default. In WordPress version 4.3, this finally changed so comments are always disabled on new pages.\u003C\u002Fp>\n\u003Cp>While the new change makes it easier for many of the sites, it make it harder for people who need to get the reverse and enable comments on all pages, or if they need to change the default for a custom post type. This plugin allows you to choose whether comments are enabled or disabled by default on all new posts, pages and custom post types, while still giving the ability to individually enable comments on posts or pages.\u003C\u002Fp>\n\u003Cp>Also, this plugin provides a way to quickly disable all comments or pingbacks for a specific custom post type. It directly interacts with your database to modify the status, so it is highly recommended that you backup your database first. There shouldn’t be any issues using this feature, but it’s always good to play it safe.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\" title=\"No Page Comment Development on Github\" rel=\"nofollow ugc\">View No Page Comment Development on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsethta\u002Fno-page-comment\u002Fissues\" title=\"Report an Issue about No Page Comment on Github\" rel=\"nofollow ugc\">Please Report any Issues about No Page Comment on Github\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=5WWP2EDSCAJR4\" title=\"Donate to support the No Page Comment Plugin development\" rel=\"nofollow ugc\">Donate to Support No Page Comment Development\u003C\u002Fa>\u003C\u002Fp>\n","An admin interface to control the default comment and trackback settings on new posts, pages and custom post types.",250545,96,23,"2025-11-17T15:09:00.000Z","6.8.5","6.2","7.4",[91,92,93,21,23],"comments","custom-post-types","discussion","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-page-comment.zip",99,"2022-09-21 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":45,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":17,"requires_php":18,"tags":110,"homepage":113,"download_link":114,"security_score":34,"vuln_count":14,"unpatched_count":28,"last_vuln_date":115,"fetched_at":30},"posts-in-page","Posts in Page","1.4.4","ivycat","https:\u002F\u002Fprofiles.wordpress.org\u002Fivycat\u002F","\u003Cp>Easily add one or more posts to any page using simple shortcodes.\u003C\u002Fp>\n\u003Cp>Supports categories, tags, custom post types, custom taxonomies, date ranges, post status, and much more.\u003C\u002Fp>\n\u003Cp>You can get all of the same functionality provided by this plugin by modifying your theme’s template files; this plugin just makes it easy for anyone to \u003Cem>pull\u003C\u002Fem> posts into other areas of the site without having to get their hands dirty with code.\u003C\u002Fp>\n\u003Cp>Plugin is depending upon your theme’s styling; version 1.x of this plugin \u003Cem>does not\u003C\u002Fem> contain native styles.\u003C\u002Fp>\n\u003Cp>This is a minimal plugin, function over form. Give us feedback, suggestions, bug reports, and any other contributions on the in the plugin’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fivycat\u002Fposts-in-page\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Easily add one or more posts to any page using simple shortcodes.",377586,88,86,"2019-05-13T16:13:00.000Z","5.2.24",[92,21,23,111,112],"shortcode","taxonomy","https:\u002F\u002Fivycat.com\u002Fwordpress\u002Fwordpress-plugins\u002Fposts-in-page\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fposts-in-page.1.4.4.zip","2017-02-13 00:00:00",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":127,"last_updated":128,"tested_up_to":69,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":131,"download_link":132,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"flexible-posts-widget","Flexible Posts Widget","3.5.0","DaveE","https:\u002F\u002Fprofiles.wordpress.org\u002Fdpe415\u002F","\u003Cp>The default Recent Posts widget is exceptionally basic. I always find myself in need of a way to easily display a selection of posts from any combination post type or taxonomy. Hence, Flexible Posts Widget.\u003C\u002Fp>\n\u003Cp>Flexible Posts Widget (FPW) is more than just a simple alternative to the default Recent Posts widget.  With many per-instance options it is highly customizable and allows advanced users to display the resulting posts virtually any way imaginable.\u003C\u002Fp>\n\u003Ch4>Features & options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customizable widget title\u003C\u002Fli>\n\u003Cli>Get posts by post type(s) and\u002For taxonomy & term(s) or directly by a list of post IDs.\u003C\u002Fli>\n\u003Cli>Control the number of posts displayed and the number of posts to offset.\u003C\u002Fli>\n\u003Cli>Option to display the post feature image.\u003C\u002Fli>\n\u003Cli>Select the post feature image size to display from existing image sizes: thumbnail, medium, large, post-thumbnail or any size defined by the current theme.\u003C\u002Fli>\n\u003Cli>Order posts by: date, modified date, ID, title, menu order, random, Post ID Order; and sort posts: ascending or descending.\u003C\u002Fli>\n\u003Cli>Each widget’s output can be customized by user-defined templates added to the current theme folder.\u003C\u002Fli>\n\u003Cli>Multi Language support. Compatible with \u003Ca href=\"http:\u002F\u002Fwpml.org\u002F\" rel=\"nofollow ugc\">WPML\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpolylang\u002F\" rel=\"ugc\">PolyLang\u003C\u002Fa> for sure. Not tested with other multi-language plugins, but it should work.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Hooks\u003C\u002Fh4>\n\u003Cp>Flexible posts widget currently has two public hooks:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Filter: \u003Ca href=\"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fflexible-posts-widget\u002Ftrunk\u002Fincludes\u002Fclass-fpw-widget.php#L191\" rel=\"nofollow ugc\">\u003Ccode>dpe_fpw_args\u003C\u002Fcode>\u003C\u002Fa> allows filtering the query vars before submitting the widget posts query.\u003C\u002Fli>\n\u003Cli>Filter: \u003Ca href=\"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fflexible-posts-widget\u002Ftrunk\u002Fincludes\u002Fclass-fpw-widget.php#L354\" rel=\"nofollow ugc\">\u003Ccode>dpe_fpw_template_{$template_name}\u003C\u002Fcode>\u003C\u002Fa> filters the template file path used to display the widget output.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Future updates & feature requests list\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Use search box instead of ID text field for post id’s\u003C\u002Fli>\n\u003Cli>Shortcode functionality.\u003C\u002Fli>\n\u003Cli>Get posts by Author.\u003C\u002Fli>\n\u003Cli>Filter out the post currently being viewed.\u003C\u002Fli>\n\u003Cli>Get posts from the same archive (term\u002Fpost type\u002Fetc).\u003C\u002Fli>\n\u003Cli>Limit results by a time period.\u003C\u002Fli>\n\u003C\u002Ful>\n","An advanced posts display widget with many options. Display posts in your sidebars any way you'd like!",8000,214074,92,57,"2017-11-28T09:10:00.000Z","3.2",[20,23,53,72,24],"http:\u002F\u002Fflexiblepostswidget.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflexible-posts-widget.3.5.0.zip",{"attackSurface":134,"codeSignals":178,"taintFlows":399,"riskAssessment":400,"analyzedAt":411},{"hooks":135,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":28,"unprotectedCount":28},[136,142,144,148,151,154,159,164,170],{"type":137,"name":138,"callback":139,"priority":14,"file":140,"line":141},"action","init","locus_setup","locus.php",15,{"type":137,"name":138,"callback":139,"priority":48,"file":140,"line":143},19,{"type":137,"name":145,"callback":146,"priority":147,"file":140,"line":85},"widgets_init","anonymous",3,{"type":137,"name":145,"callback":146,"priority":149,"file":140,"line":150},4,24,{"type":137,"name":145,"callback":146,"priority":152,"file":140,"line":153},5,25,{"type":137,"name":155,"callback":156,"priority":157,"file":140,"line":158},"admin_menu","lc_add_pages",6,26,{"type":137,"name":160,"callback":161,"priority":162,"file":140,"line":163},"admin_head","locus_header",7,27,{"type":165,"name":166,"callback":167,"priority":168,"file":140,"line":169},"filter","excerpt_length","new_excerpt_length",8,28,{"type":165,"name":171,"callback":172,"file":140,"line":173},"get_header","data_style",32,[],[],[],[],{"dangerousFunctions":179,"sqlUsage":187,"outputEscaping":189,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":48,"bundledLibraries":398},[180,183,185],{"fn":181,"file":140,"line":85,"context":182},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"PPostTypeWidget\");'),3);",{"fn":181,"file":140,"line":150,"context":184},"add_action('widgets_init', create_function('', 'return register_widget(\"PPWidget\");'),4);",{"fn":181,"file":140,"line":153,"context":186},"add_action('widgets_init', create_function('', 'return register_widget(\"PlacedSingleContent\");'),5);",{"prepared":28,"raw":28,"locations":188},[],{"escaped":162,"rawEcho":190,"locations":191},123,[192,196,198,200,202,204,205,207,208,210,212,214,216,217,218,219,221,222,224,226,228,229,231,233,234,236,238,240,241,243,245,247,248,249,251,253,254,255,257,258,260,262,263,265,267,268,270,272,273,275,277,278,280,282,284,286,288,290,292,293,294,296,298,299,301,303,305,306,308,310,311,313,315,317,319,320,321,323,325,326,327,329,330,332,334,335,337,339,340,342,344,345,347,349,351,353,355,357,359,360,362,364,365,366,368,370,371,372,374,376,377,378,380,381,383,385,386,388,390,391,393,395,396],{"file":193,"line":194,"context":195},"control\\widgets.php",34,"raw output",{"file":193,"line":197,"context":195},39,{"file":193,"line":199,"context":195},42,{"file":193,"line":201,"context":195},44,{"file":193,"line":203,"context":195},45,{"file":193,"line":203,"context":195},{"file":193,"line":206,"context":195},50,{"file":193,"line":206,"context":195},{"file":193,"line":209,"context":195},61,{"file":193,"line":211,"context":195},68,{"file":193,"line":213,"context":195},119,{"file":193,"line":215,"context":195},120,{"file":193,"line":215,"context":195},{"file":193,"line":215,"context":195},{"file":193,"line":190,"context":195},{"file":193,"line":220,"context":195},124,{"file":193,"line":220,"context":195},{"file":193,"line":223,"context":195},127,{"file":193,"line":225,"context":195},134,{"file":193,"line":227,"context":195},135,{"file":193,"line":227,"context":195},{"file":193,"line":230,"context":195},147,{"file":193,"line":232,"context":195},148,{"file":193,"line":232,"context":195},{"file":193,"line":235,"context":195},152,{"file":193,"line":237,"context":195},159,{"file":193,"line":239,"context":195},160,{"file":193,"line":239,"context":195},{"file":193,"line":242,"context":195},164,{"file":193,"line":244,"context":195},173,{"file":193,"line":246,"context":195},174,{"file":193,"line":246,"context":195},{"file":193,"line":246,"context":195},{"file":193,"line":250,"context":195},178,{"file":193,"line":252,"context":195},179,{"file":193,"line":252,"context":195},{"file":193,"line":252,"context":195},{"file":193,"line":256,"context":195},182,{"file":193,"line":256,"context":195},{"file":193,"line":259,"context":195},183,{"file":193,"line":261,"context":195},185,{"file":193,"line":261,"context":195},{"file":193,"line":264,"context":195},186,{"file":193,"line":266,"context":195},188,{"file":193,"line":266,"context":195},{"file":193,"line":269,"context":195},189,{"file":193,"line":271,"context":195},191,{"file":193,"line":271,"context":195},{"file":193,"line":274,"context":195},192,{"file":193,"line":276,"context":195},194,{"file":193,"line":276,"context":195},{"file":193,"line":279,"context":195},195,{"file":193,"line":281,"context":195},232,{"file":193,"line":283,"context":195},236,{"file":193,"line":285,"context":195},244,{"file":193,"line":287,"context":195},250,{"file":193,"line":289,"context":195},303,{"file":193,"line":291,"context":195},304,{"file":193,"line":291,"context":195},{"file":193,"line":291,"context":195},{"file":193,"line":295,"context":195},307,{"file":193,"line":297,"context":195},308,{"file":193,"line":297,"context":195},{"file":193,"line":300,"context":195},311,{"file":193,"line":302,"context":195},318,{"file":193,"line":304,"context":195},319,{"file":193,"line":304,"context":195},{"file":193,"line":307,"context":195},331,{"file":193,"line":309,"context":195},332,{"file":193,"line":309,"context":195},{"file":193,"line":312,"context":195},333,{"file":193,"line":314,"context":195},335,{"file":193,"line":316,"context":195},344,{"file":193,"line":318,"context":195},345,{"file":193,"line":318,"context":195},{"file":193,"line":318,"context":195},{"file":193,"line":322,"context":195},349,{"file":193,"line":324,"context":195},350,{"file":193,"line":324,"context":195},{"file":193,"line":324,"context":195},{"file":193,"line":328,"context":195},353,{"file":193,"line":328,"context":195},{"file":193,"line":331,"context":195},354,{"file":193,"line":333,"context":195},356,{"file":193,"line":333,"context":195},{"file":193,"line":336,"context":195},357,{"file":193,"line":338,"context":195},359,{"file":193,"line":338,"context":195},{"file":193,"line":341,"context":195},360,{"file":193,"line":343,"context":195},362,{"file":193,"line":343,"context":195},{"file":193,"line":346,"context":195},363,{"file":193,"line":348,"context":195},402,{"file":193,"line":350,"context":195},406,{"file":193,"line":352,"context":195},414,{"file":193,"line":354,"context":195},420,{"file":193,"line":356,"context":195},458,{"file":193,"line":358,"context":195},459,{"file":193,"line":358,"context":195},{"file":193,"line":361,"context":195},466,{"file":193,"line":363,"context":195},467,{"file":193,"line":363,"context":195},{"file":193,"line":363,"context":195},{"file":193,"line":367,"context":195},471,{"file":193,"line":369,"context":195},472,{"file":193,"line":369,"context":195},{"file":193,"line":369,"context":195},{"file":193,"line":373,"context":195},476,{"file":193,"line":375,"context":195},477,{"file":193,"line":375,"context":195},{"file":193,"line":375,"context":195},{"file":193,"line":379,"context":195},480,{"file":193,"line":379,"context":195},{"file":193,"line":382,"context":195},481,{"file":193,"line":384,"context":195},483,{"file":193,"line":384,"context":195},{"file":193,"line":387,"context":195},484,{"file":193,"line":389,"context":195},486,{"file":193,"line":389,"context":195},{"file":193,"line":392,"context":195},487,{"file":193,"line":394,"context":195},489,{"file":193,"line":394,"context":195},{"file":193,"line":397,"context":195},490,[],[],{"summary":401,"deductions":402},"The plugin \"locus\" v1.0 exhibits a mixed security posture.  On the positive side, there are no reported CVEs, no evidence of taint flows, and all SQL queries utilize prepared statements.  File operations and external HTTP requests are also absent, which reduces potential attack vectors.  However, several significant concerns are raised by the static analysis. The presence of three instances of `create_function` is a major red flag, as this deprecated function is notoriously prone to security vulnerabilities, particularly code injection. Furthermore, only 5% of output is properly escaped, leaving a substantial portion of the plugin's output vulnerable to Cross-Site Scripting (XSS) attacks.  The complete lack of nonce checks and the minimal use of capability checks (only 2) on the identified entry points are also critical weaknesses, meaning that even if entry points existed, they would likely be unprotected against unauthorized actions.",[403,405,407,409],{"reason":404,"points":141},"Dangerous function 'create_function' found",{"reason":406,"points":66},"Low output escaping (5%)",{"reason":408,"points":152},"No nonce checks on entry points",{"reason":410,"points":152},"Minimal capability checks","2026-03-16T22:31:54.377Z",{"wat":413,"direct":419},{"assetPaths":414,"generatorPatterns":416,"scriptPaths":417,"versionParams":418},[415],"\u002Fwp-content\u002Fplugins\u002Flocus\u002Fcontrol\u002Flocus-style.css",[],[],[],{"cssClasses":420,"htmlComments":423,"htmlAttributes":424,"restEndpoints":425,"jsGlobals":426,"shortcodeOutput":427},[421,422],"locus-admin","special",[],[],[],[],[]]