[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f19ntKRF_KouzmyoSs1Qjsqo7HMaMnGHAbLp708jxOaA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":48,"crawl_stats":38,"alternatives":55,"analysis":146,"fingerprints":233},"meks-easy-ads-widget","Meks Easy Ads Widget","2.0.9","Meks","https:\u002F\u002Fprofiles.wordpress.org\u002Fmekshq\u002F","\u003Cp>With this plugin you can create unlimited number of ads inside your WordPress widget. There are several smart options provided to customize ads for your needs.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create unlimited number of ads inside one widget\u003C\u002Fli>\n\u003Cli>Choose from predefined sizes or define your custom size\u003C\u002Fli>\n\u003Cli>Support for both image ads and script based ads\u003C\u002Fli>\n\u003Cli>Randomize ads ordering\u003C\u002Fli>\n\u003Cli>Limit number of ads per view (page load)\u003C\u002Fli>\n\u003Cli>Autoplay rotate ads\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Meks Easy Ads Widget plugin is created by \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Live example?\u003C\u002Fh3>\n\u003Cp>You can see Meks Easy Ads Widget live example on our \u003Ca href=\"https:\u002F\u002Fmekshq.com\u002Fdemo\u002Fherald\" rel=\"nofollow ugc\">Herald theme demo website\u003C\u002Fa>\u003C\u002Fp>\n","Display unlimited number of ads inside your WordPress widget.",10000,467911,82,14,"2024-07-25T13:08:00.000Z","6.6.5","3.0","",[20,21,22,23,24],"ad","ads","advertising","affiliate","widget","http:\u002F\u002Fmekshq.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmeks-easy-ads-widget.zip",91,1,0,"2024-07-06 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-37548","meks-easy-ads-widget-authenticated-administrator-stored-cross-site-scripting","Meks Easy Ads Widget \u003C= 2.0.8 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Meks Easy Ads Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=2.0.8","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-07-26 20:00:43",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F14ae1f7a-be81-4f4f-8cea-7afb824186aa?source=api-prod",21,{"slug":49,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},"mekshq",116900,89,236,71,"2026-04-03T20:01:00.792Z",[56,76,92,110,126],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":29,"num_ratings":29,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":73,"download_link":74,"security_score":75,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"super-cool-ad-inserter","Super Cool Ad Inserter Plugin","0.7.3","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>This WordPress plugin gives site administrators a way to insert widgets such as ads, newsletter signups, or calls to action into posts at set intervals.\u003C\u002Fp>\n\u003Cp>The plugin registers a configurable number of widget areas.\u003C\u002Fp>\n\u003Cp>The plugin can programmatically insert these widget areas into posts when the page is rendered. This setting can be overridden on a per-post basis via a post meta box or a filter.\u003C\u002Fp>\n\u003Cp>If the programmatic insertion doesn’t work for a particular post, users can choose to place specific widget areas at specific spots in the post using shortcodes or blocks.\u003C\u002Fp>\n","This plugin enables the insertion of widget areas in your post's content via programmatic insertion at display time, via a shortcode, or via bloc &hellip;",600,12781,"2025-08-11T16:10:00.000Z","6.4.8","5.3","7.4",[21,22,71,72,24],"google","shortcode","https:\u002F\u002Fgithub.com\u002FAutomattic\u002Fsuper-cool-ad-inserter-plugin\u002Ftree\u002Ftrunk\u002Fdocs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-cool-ad-inserter.zip",100,{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":29,"num_ratings":29,"last_updated":86,"tested_up_to":87,"requires_at_least":17,"requires_php":18,"tags":88,"homepage":89,"download_link":90,"security_score":91,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"cs-shop","CS Shop","1.2.2","cottonspace","https:\u002F\u002Fprofiles.wordpress.org\u002Fcottonspace\u002F","\u003Cp>Easy to create a affiliate products page of affiliate services in Japan.\u003C\u002Fp>\n\u003Cp>Simply by writing a short code, a shopping mall will be created on your site.\u003C\u002Fp>\n\u003Cp>This plugin is only support affiliate services of Japan.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.csync.net\u002Fwp-plugin\u002Fcs-shop\u002Fcs-shop-readme\u002F\" rel=\"nofollow ugc\">Description in Japanese is here.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Shortcode Example\u003C\u002Fh3>\n\u003Cp>Show the products which have the keyword ‘foo’ automatically.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[csshop service=\"rakuten\" keyword=\"foo\"]\n\n[csshop service=\"amazon\" keyword=\"foo\"]\n\n[csshop service=\"yahoo\" keyword=\"foo\"]\n\n[csshop service=\"linkshare\" keyword=\"foo\"]\n\n[csshop service=\"valuecommerce\" keyword=\"foo\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show the products of specified category automatically.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[csshop service=\"rakuten\" category=\"100026\"]\n\n[csshop service=\"amazon\" category=\"Electronics\"]\n\n[csshop service=\"yahoo\" category=\"2505\"]\n\n[csshop service=\"linkshare\" category=\"Electronics\"]\n\n[csshop service=\"valuecommerce\" category=\"electronics\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Easy to create a affiliate products page of affiliate services in Japan.",400,10890,"2018-03-28T15:18:00.000Z","4.9.29",[20,21,22,23,72],"http:\u002F\u002Fwww.csync.net\u002Fcategory\u002Fblog\u002Fwp-plugin\u002Fcs-shop\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcs-shop.1.2.2.zip",85,{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":29,"num_ratings":29,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":69,"tags":105,"homepage":108,"download_link":109,"security_score":75,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"listdom-ads","Listdom Ads Addon – Display Ads on Listing Pages","2.1.0","Webilia Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebilia\u002F","\u003Cp>The Listdom Ads Addon allows you to insert advertising content into your directory’s listing pages without any coding. Whether you want to monetize using Google AdSense, display affiliate banners, or insert promotional content, this addon lets you place global or per-listing ads directly inside your Listdom Single Listing pages.\u003C\u002Fp>\n\u003Cp>After activating the addon, two ad placement options are available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Global Ad\u003C\u002Fstrong>: Enter your ad code, HTML, or shortcode in Listdom \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Addons \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Ads Addon. This content will be displayed on all listings by default.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Listing-Specific Ad\u003C\u002Fstrong>: On each Add\u002FEdit Listing screen (in both backend and frontend dashboard), you’ll see an ad input field that overrides the global ad for that particular listing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The ads are displayed in a predefined section of the single listing layout, making them blend in cleanly with your design. You don’t need to edit any template files or write code — just paste your content, and it will appear where it should.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Display ads on listing detail pages to generate revenue  \u003C\u002Fli>\n\u003Cli>Use Google AdSense, affiliate banners, HTML code, or shortcodes  \u003C\u002Fli>\n\u003Cli>Global ads show across all listings with a single configuration  \u003C\u002Fli>\n\u003Cli>Per-listing ads override the global ad for custom sponsorships  \u003C\u002Fli>\n\u003Cli>Supports frontend dashboard and display option control (Listdom Pro Addon)  \u003C\u002Fli>\n\u003Cli>Seamlessly integrates with your site design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>✅ \u003Ca href=\"https:\u002F\u002Fdemo.webilia.com\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> – See Listdom in action (including add-ons)\u003Cbr \u002F>\n✅ \u003Ca href=\"https:\u002F\u002Fapi.webilia.com\u002Fgo\u002Flistdom-docs\" rel=\"nofollow ugc\">Listdom Documentation\u003C\u002Fa> – Learn how to configure this addon\u003Cbr \u002F>\n✅ \u003Ca href=\"https:\u002F\u002Flistdom.net\" rel=\"nofollow ugc\">Official Site\u003C\u002Fa> – More add-ons, themes, and support\u003C\u002Fp>\n","Easily monetize your Listdom directory by displaying ads (Google AdSense, affiliate banners, HTML content, shortcodes) on listing detail pages.",50,674,"2026-02-26T00:56:00.000Z","6.9.4","4.2",[21,106,22,23,107],"adsense","listdom","https:\u002F\u002Flistdom.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flistdom-ads.2.1.0.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":29,"num_ratings":29,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":124,"download_link":125,"security_score":91,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"really-simple-ad-injection","Really Simple Ad Injection","0.120508","poer","https:\u002F\u002Fprofiles.wordpress.org\u002Fpoer\u002F","\u003Cp>Really Simple Ad Injection plugin will help you automatically inject any kind of ad code inside your post content.\u003C\u002Fp>\n","Really Simple Ad Injection plugin will help you automatically inject any kind of ad code inside your post content.",30,7788,"2012-05-09T06:16:00.000Z","3.1.4","2.8",[20,21,106,22,23],"http:\u002F\u002Fexclusivewp.com\u002Freally-simple-ad-injection\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freally-simple-ad-injection.zip",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":29,"num_ratings":29,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":18,"tags":139,"homepage":144,"download_link":145,"security_score":91,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"ads-management","Ads Management","0.2.2","Shah Alom","https:\u002F\u002Fprofiles.wordpress.org\u002Fshahalom\u002F","\u003Cp>Ads Management plugin helps you to save your advertisement script and get specific shortcode for every script categories by different size, different sponsor and type to use in your post. so you can change the script any time to update in your unlimited posts!\u003Cbr \u002F>\nThough we have tried our best to make it useful for you and we are using this plugin on different websites, please let us know if you find any issue that is need to be fix for batter usability.\u003C\u002Fp>\n","Ads Management plugin helps you to save your advertisement script and to use on post and page using shortcode.",10,3199,"2015-05-14T11:08:00.000Z","4.2.39","3.6",[106,140,141,142,143],"affiliate-advertising","manage-ads","manage-advertisements","post-ads","http:\u002F\u002Fmicrosolutionsbd.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fads-management.0.2.2.zip",{"attackSurface":147,"codeSignals":182,"taintFlows":218,"riskAssessment":219,"analyzedAt":232},{"hooks":148,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":181,"entryPointCount":28,"unprotectedCount":29},[149,155,159,164,168],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","wp_enqueue_scripts","enqueue_scripts","inc\\class-ads-widget.php",15,{"type":150,"name":156,"callback":157,"file":153,"line":158},"admin_enqueue_scripts","enqueue_admin_scripts",16,{"type":160,"name":161,"callback":162,"file":153,"line":163},"filter","use_widgets_block_editor","__return_false",17,{"type":150,"name":165,"callback":166,"file":153,"line":167},"plugins_loaded","mks_load_ads_widget_text_domain",323,{"type":150,"name":169,"callback":170,"file":171,"line":172},"widgets_init","mks_ads_widget_init","meks-easy-ads-widget.php",29,[],[],[176],{"tag":177,"callback":178,"file":179,"line":180},"meks_easy_ads_blocker_message","meks_shortcode_easy_ads","inc\\template-functions.php",3,[],{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":186,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":217},[],{"prepared":29,"raw":29,"locations":185},[],{"escaped":187,"rawEcho":188,"locations":189},158,13,[190,194,196,198,200,202,204,205,207,209,211,213,215],{"file":191,"line":192,"context":193},"inc\\class-ads-blocker-widget.php",35,"raw output",{"file":191,"line":195,"context":193},37,{"file":191,"line":197,"context":193},45,{"file":153,"line":199,"context":193},60,{"file":153,"line":201,"context":193},62,{"file":153,"line":203,"context":193},103,{"file":153,"line":203,"context":193},{"file":153,"line":206,"context":193},104,{"file":153,"line":208,"context":193},110,{"file":153,"line":210,"context":193},111,{"file":153,"line":212,"context":193},170,{"file":153,"line":214,"context":193},224,{"file":153,"line":216,"context":193},310,[],[],{"summary":220,"deductions":221},"The meks-easy-ads-widget plugin version 2.0.9 exhibits a generally good security posture based on static analysis. The absence of dangerous functions, file operations, and external HTTP requests is a strong positive. Furthermore, all identified SQL queries utilize prepared statements, which is a best practice for preventing SQL injection vulnerabilities. The high percentage of properly escaped output (92%) also indicates a good effort to mitigate cross-site scripting (XSS) risks. The plugin has a small attack surface, with only one shortcode and no unprotected entry points detected.\n\nHowever, there are a few areas of concern. The static analysis reveals zero nonce checks and zero capability checks. This is a significant weakness, as these are fundamental WordPress security mechanisms for preventing unauthorized actions and ensuring that actions are performed by legitimate users. The fact that the plugin has a known medium severity vulnerability related to Cross-site Scripting, even though it is currently patched, suggests a historical pattern of input sanitization issues. While the latest vulnerability was in 2024, the type of vulnerability indicates that improper input handling could be a recurring challenge.\n\nIn conclusion, while the plugin implements several good security practices like prepared statements and output escaping, the complete lack of nonce and capability checks presents a notable risk. The historical XSS vulnerability, though patched, warrants attention to ensure future versions continue to prioritize robust input validation and authorization mechanisms.",[222,224,226,229],{"reason":223,"points":134},"Zero nonce checks detected",{"reason":225,"points":134},"Zero capability checks detected",{"reason":227,"points":228},"Past medium severity XSS vulnerability",7,{"reason":230,"points":231},"8% of output is not properly escaped",5,"2026-03-16T17:40:16.103Z",{"wat":234,"direct":245},{"assetPaths":235,"generatorPatterns":239,"scriptPaths":240,"versionParams":241},[236,237,238],"\u002Fwp-content\u002Fplugins\u002Fmeks-easy-ads-widget\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fmeks-easy-ads-widget\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fmeks-easy-ads-widget\u002Fjs\u002Fmain.js",[],[238],[242,243,244],"meks-easy-ads-widget\u002Fcss\u002Fstyle.css?ver=","meks-easy-ads-widget\u002Fcss\u002Fadmin-style.css?ver=","meks-easy-ads-widget\u002Fjs\u002Fmain.js?ver=",{"cssClasses":246,"htmlComments":249,"htmlAttributes":252,"restEndpoints":254,"jsGlobals":255,"shortcodeOutput":258},[247,248],"mks_ads_widget","mks_adswidget_ul",[250,251],"\u003C!\t[CDATA[","]]>",[253],"data-showind",[],[256,257],"li_ind_","slide_ads_",[259],"\u003Cdiv "]