[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkFtJnyUTUrt9VTBX1FXVJQWvHeIyvugGcnNA0H0xnbg":3,"$f3k6SJ7nNvFuCA30Mlo7XiVZtazTSrXe2rLXyXo2u_h0":246,"$fUS_XkZROkGMPHjlIaGbgU25TS7z2wR6znaQRxjl2USU":251},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":119,"fingerprints":215},"minequery-widget","Minequery Widget","2.0","sablednah","https:\u002F\u002Fprofiles.wordpress.org\u002Fsablednah\u002F","\u003Cp>Simple lightweight widget to connect to a Bukkit Minecraft server running MineQuery and show information about the server status.\u003C\u002Fp>\n\u003Cp>Now suports multi langages!\u003C\u002Fp>\n","Display Minecraft server information in your Wordpress with this simple Widget.",10,8779,0,"2012-09-14T07:39:00.000Z","3.4.2","3.3.1","",[19,20,21,22,23],"bukkit","minecraft","minequery","server","widget","http:\u002F\u002Fwww.sabletopia.co.uk\u002Fminequery-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminequery-widget.2.0.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,70,30,84,"2026-05-20T08:01:04.479Z",[38,56,74,88,104],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":15,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":53,"download_link":54,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"statusmc","StatusMC","1.1","sync667","https:\u002F\u002Fprofiles.wordpress.org\u002Fsync667\u002F","\u003Ch3>Opis\u003C\u002Fh3>\n\u003Cp>Wyświetla informacje odnośnie serwera bukkit poprzez JSONAPI.\u003C\u002Fp>\n\u003Cp>Plugin wymaga działającego pluginu JsonAPI po stronie serwera bukkit.\u003Cbr \u002F>\nhttp:\u002F\u002Fdev.bukkit.org\u002Fserver-mods\u002Fjsonapi\u002F\u003C\u002Fp>\n\u003Cp>You must install JsonAPI Plugin on bukkit server before use it.\u003C\u002Fp>\n\u003Ch3>Instalacja\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Wgraj plugin StatusMC do \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> na swoim serwerze\u003C\u002Fli>\n\u003Cli>Aktywuj plugin poprzez zakładkę ‘Plugins’ w menu WordPress\u003C\u002Fli>\n\u003Cli>Umieść nowy widget w porządanym miejscu i skonfiguruj go do działania z serwerem.\u003C\u002Fli>\n\u003C\u002Fol>\n","Wyświetla informacje odnośnie serwera bukkit poprzez JSONAPI.\u002F\u002FIts shows server status via JsonAPI Plugin.",3816,100,1,"2012-12-05T23:03:00.000Z","3.0.0",[19,52,20,22,23],"jsonapi","http:\u002F\u002Fsync667.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstatusmc.zip","2026-04-06T09:54:40.288Z",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":34,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":72,"download_link":73,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"minestatus","Minestatus","3.0.1","Jeroen Weustink","https:\u002F\u002Fprofiles.wordpress.org\u002Fjweustink\u002F","\u003Cp>Minestatus is a WordPress Widget that enables you to show data from a \u003Ca href=\"https:\u002F\u002Fminecraft.net\u002F\" rel=\"nofollow ugc\">Minecraft\u003C\u002Fa> server. It uses the \u003Ca href=\"http:\u002F\u002Fminers.me\" rel=\"nofollow ugc\">Miners.me\u003C\u002Fa> REST API to get server data.\u003C\u002Fp>\n\u003Cp>Returned parameters are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Server status\u003C\u002Fli>\n\u003Cli>Server latency\u003C\u002Fli>\n\u003Cli>Server host\u003C\u002Fli>\n\u003Cli>Server ip\u003C\u002Fli>\n\u003Cli>Server port\u003C\u002Fli>\n\u003Cli>Server version\u003C\u002Fli>\n\u003Cli>Server protocol\u003C\u002Fli>\n\u003Cli>Maximum players\u003C\u002Fli>\n\u003Cli>Online players\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>On a personal note\u003C\u002Fstrong>\u003Cbr \u002F>\nMy sincere apologies for the plugin not working, the last 2 years have been really busy. A lot has changed in minecraft land so some features are changed and new features will arrive later on. If you want to be a part of this plugin please let me know.\u003C\u002Fp>\n","Minestatus is a WordPress Widget that enables you to show data from a Minecraft server. It uses the Miners.me REST API to get server data.",29702,60,8,"2016-09-21T07:26:00.000Z","4.6.30","3.0",[20,21,22,71],"status","https:\u002F\u002Fminers.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminestatus.3.0.1.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":11,"downloaded":82,"rating":47,"num_ratings":48,"last_updated":83,"tested_up_to":84,"requires_at_least":69,"requires_php":17,"tags":85,"homepage":86,"download_link":87,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"mcstatus","MCstatus","0.0.1","tim4dev","https:\u002F\u002Fprofiles.wordpress.org\u002Ftim4dev\u002F","\u003Cp>MCstatus is a WordPress Widget that enables you to show data from a Minecraft server.\u003Cbr \u002F>\nIt basen on Minestatus (jeroenweustink) WordPress widget.\u003Cbr \u002F>\nIt uses the PHP-Minecraft-Query class (Pavel xPaw) to get server data.\u003C\u002Fp>\n\u003Cp>Show parameters are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Server status: online\u002Foffline\u003C\u002Fli>\n\u003Cli>Server name\u003C\u002Fli>\n\u003Cli>Server host:port\u003C\u002Fli>\n\u003Cli>Server version\u003C\u002Fli>\n\u003Cli>Plugins\u003C\u002Fli>\n\u003Cli>Maximum players\u003C\u002Fli>\n\u003Cli>Online players\u003C\u002Fli>\n\u003Cli>Player list\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Language Localization\u003C\u002Fh3>\n\u003Cp>Localization is ready. Currently, we support the following languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This work is licensed under a GNU GPLv2\u003C\u002Fp>\n","MCstatus is a WordPress Widget that enables you to show data from a Minecraft server.",5359,"2014-09-15T19:58:00.000Z","4.0.0",[20,21,22,71],"https:\u002F\u002Fgithub.com\u002Ftim4dev\u002Fwordpress\u002Ftree\u002Fmaster\u002Fmcstatus","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmcstatus.0.0.1.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":11,"downloaded":96,"rating":13,"num_ratings":13,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":17,"tags":100,"homepage":102,"download_link":103,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"minecraft-server-status-checker","Minecraft Server Status Checker","0.1","verblick","https:\u002F\u002Fprofiles.wordpress.org\u002Fverblick\u002F","\u003Cp>This plugin will detect and show the Minecraft Server Status. Works with any kinds of server.\u003C\u002Fp>\n\u003Ch3>Template tags\u003C\u002Fh3>\n\u003Cp>Coming soon in the next version.\u003C\u002Fp>\n","This plugin will detect and show the Minecraft Server Status. Works with any kinds of server.",14119,"2012-05-20T19:28:00.000Z","3.3.2","2.5",[19,101,20,22,71],"checker","http:\u002F\u002Fwww.minecraftsv.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminecraft-server-status-checker.0.1.1.zip",{"slug":105,"name":106,"version":41,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":11,"downloaded":111,"rating":13,"num_ratings":13,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":17,"tags":115,"homepage":117,"download_link":118,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"minecraft-server-status-widget","MCStatusWidget","WhiteSK","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhitesk\u002F","\u003Cp>It show:\u003Cbr \u002F>\nHostName, IP:Port, Version, World, Player online \u002F Player max, Player list, Plugin list.\u003Cbr \u002F>\nDont need MineQuery Plugin.\u003Cbr \u002F>\nNeed only enable-query=true line in server.properties.\u003C\u002Fp>\n","MCStatusWidget is a widget which show INFO Of Bukkit server.",6739,"2012-06-24T21:55:00.000Z","2.1","2.0.2",[19,20,22,116,71],"serverstatus","Waiting for URI","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminecraft-server-status-widget.zip",{"attackSurface":120,"codeSignals":136,"taintFlows":180,"riskAssessment":199,"analyzedAt":214},{"hooks":121,"ajaxHandlers":132,"restRoutes":133,"shortcodes":134,"cronEvents":135,"entryPointCount":13,"unprotectedCount":13},[122,128],{"type":123,"name":124,"callback":125,"file":126,"line":127},"action","widgets_init","anonymous","minequery-widget.php",44,{"type":123,"name":129,"callback":130,"priority":13,"file":126,"line":131},"wp_head","add_javascript",56,[],[],[],[],{"dangerousFunctions":137,"sqlUsage":141,"outputEscaping":143,"fileOperations":32,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":179},[138],{"fn":139,"file":126,"line":127,"context":140},"create_function","add_action( 'widgets_init', create_function( '', 'register_widget(\"MineQueryWidget\");' ) );",{"prepared":13,"raw":13,"locations":142},[],{"escaped":13,"rawEcho":144,"locations":145},20,[146,149,151,153,155,156,158,160,161,162,164,166,167,168,170,172,173,174,176,178],{"file":126,"line":147,"context":148},74,"raw output",{"file":126,"line":150,"context":148},76,{"file":126,"line":152,"context":148},79,{"file":126,"line":154,"context":148},80,{"file":126,"line":26,"context":148},{"file":126,"line":157,"context":148},96,{"file":126,"line":159,"context":148},97,{"file":126,"line":159,"context":148},{"file":126,"line":159,"context":148},{"file":126,"line":163,"context":148},101,{"file":126,"line":165,"context":148},102,{"file":126,"line":165,"context":148},{"file":126,"line":165,"context":148},{"file":126,"line":169,"context":148},106,{"file":126,"line":171,"context":148},107,{"file":126,"line":171,"context":148},{"file":126,"line":171,"context":148},{"file":175,"line":144,"context":148},"query.php",{"file":175,"line":177,"context":148},25,{"file":175,"line":34,"context":148},[],[181],{"entryPoint":182,"graph":183,"unsanitizedCount":48,"severity":198},"\u003Cquery> (query.php:0)",{"nodes":184,"edges":195},[185,190],{"id":186,"type":187,"label":188,"file":175,"line":189},"n0","source","$_GET",7,{"id":191,"type":192,"label":193,"file":175,"line":34,"wp_function":194},"n1","sink","echo() [XSS]","echo",[196],{"from":186,"to":191,"sanitized":197},false,"low",{"summary":200,"deductions":201},"The \"minequery-widget\" v2.0 plugin exhibits a generally positive security posture with some notable exceptions. The absence of known vulnerabilities in its history is a strong indicator of good past development practices. Furthermore, the plugin avoids common attack vectors like AJAX handlers, REST API routes, shortcodes, and cron events that are not properly authenticated, resulting in a zero attack surface in these areas. All SQL queries are also properly prepared, which is excellent. However, the static analysis reveals critical weaknesses. The use of the `create_function` is a significant concern as it's a deprecated and inherently insecure PHP function that can lead to arbitrary code execution if its input is not strictly controlled.  The fact that 100% of output is not properly escaped is a major red flag for potential Cross-Site Scripting (XSS) vulnerabilities. The taint analysis showing a flow with unsanitized paths, even if not flagged as critical or high severity in this specific run, combined with the unescaped output, points to a high likelihood of exploitable XSS.\n\nWhile the lack of known CVEs is reassuring, the presence of `create_function` and widespread unescaped output represents a substantial risk that requires immediate attention. The plugin's strengths lie in its controlled entry points and secure database interactions, but these are overshadowed by the potential for arbitrary code execution and XSS due to insecure coding practices in output handling and function usage. A balanced conclusion is that the plugin is built on a foundation of some good security principles, but critical flaws in `create_function` usage and output sanitization introduce significant vulnerabilities.",[202,205,207,209,212],{"reason":203,"points":204},"Use of deprecated\u002Fdangerous function create_function",15,{"reason":206,"points":204},"100% of outputs are not properly escaped (XSS risk)",{"reason":208,"points":11},"Flow with unsanitized paths found in taint analysis",{"reason":210,"points":211},"No nonce checks implemented",5,{"reason":213,"points":211},"No capability checks implemented","2026-04-16T12:26:33.603Z",{"wat":216,"direct":223},{"assetPaths":217,"generatorPatterns":219,"scriptPaths":220,"versionParams":221},[218],"\u002Fwp-content\u002Fplugins\u002Fminequery-widget\u002Fassets\u002Fjs\u002Fminequery.js",[],[218],[222],"minequery-js?ver=",{"cssClasses":224,"htmlComments":229,"htmlAttributes":230,"restEndpoints":238,"jsGlobals":239,"shortcodeOutput":240},[4,225,226,227,228],"minequery-widget-data","minequery-widget-lang","minequery-widget-url","minequery-widget-result",[],[231,232,233,234,235,236,237],"data-mq_ip","data-mq_port","data-online","data-latency","data-offline","data-players","data-url",[],[],[241,242,243,244,245],"\u003Cdiv class=\"minequery-widget\">","\u003Cdiv class=\"minequery-widget-data\"","\u003Cdiv class=\"minequery-widget-lang\"","\u003Cdiv class=\"minequery-widget-url\"","\u003Cdiv class=\"minequery-widget-result\">",{"error":247,"url":248,"statusCode":249,"statusMessage":250,"message":250},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fminequery-widget\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":252,"versions":253},3,[254,259,265],{"version":6,"download_url":25,"svn_tag_url":255,"released_at":27,"has_diff":197,"diff_files_changed":256,"diff_lines":27,"trac_diff_url":257,"vulnerabilities":258,"is_current":247},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fminequery-widget\u002Ftags\u002F2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fminequery-widget%2Ftags%2F1.1&new_path=%2Fminequery-widget%2Ftags%2F2.0",[],{"version":41,"download_url":260,"svn_tag_url":261,"released_at":27,"has_diff":197,"diff_files_changed":262,"diff_lines":27,"trac_diff_url":263,"vulnerabilities":264,"is_current":197},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminequery-widget.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fminequery-widget\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fminequery-widget%2Ftags%2F1.0&new_path=%2Fminequery-widget%2Ftags%2F1.1",[],{"version":266,"download_url":267,"svn_tag_url":268,"released_at":27,"has_diff":197,"diff_files_changed":269,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":270,"is_current":197},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminequery-widget.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fminequery-widget\u002Ftags\u002F1.0\u002F",[],[]]