[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fl1kx4SS9Tg5YaNUEhpa141a0c2A4BzZG1i-2FXegqAE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":124,"fingerprints":177},"mm-content-manage","mm Content Manage","1.1","mancabelli","https:\u002F\u002Fprofiles.wordpress.org\u002Fmancabelli\u002F","\u003Cp>Utilizzabile per la gestione del content di pagine e posts. In homepage puoi scegliere se visualizzare l’intero contenuto o un riassunto. Nella visualizzazione singola della pagina o del post puoi scegliere se visualizzare il contenuto aperto al pubblico o riservarlo ad utenti.\u003C\u002Fp>\n\u003Ch3>Version History\u003C\u002Fh3>\n","Gestione del contenuto e del riassunto. Gestione di Posts e Pagine private.",10,1622,0,"2013-05-26T07:39:00.000Z","3.5.2","2.5.0","",[19,20,21,22],"content","excerpt","posts","private","http:\u002F\u002Fplugin.sipl.it\u002Fmm-cm\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmm-content-manage.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-05T09:24:27.669Z",[35,52,70,88,104],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":13,"num_ratings":13,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":17,"tags":48,"homepage":50,"download_link":51,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"protect-wp-videos","Protect WordPress Videos","1.1.4","gaupoit","https:\u002F\u002Fprofiles.wordpress.org\u002Fgaupoit\u002F","\u003Cp>Protect WordPress Videos built on Video.js HTML5 video player library offers a simple, fast and secure way to embed and protect your WordPress videos.\u003C\u002Fp>\n\u003Cp>Your videos will be automatically uploaded and served from Amazon S3 for free. So your videos won’t slow down your website, nor take up too much bandwidth of your hosting.\u003Cbr \u002F>\nAt the same time, your video links are also protected and cannot be accessed directly by anyone even if their links are shared with others.\u003C\u002Fp>\n\u003Cp>In short, Protect WordPress Videos Free Version offers these features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Videos are uploaded and served from Amazon S3\u003C\u002Fli>\n\u003Cli>Your displayed videos are protected and cannot be accessed directly\u003C\u002Fli>\n\u003Cli>Friendly UI to embed your videos to any posts, pages and content widget that you want. You don’t even need to use nor understand any shortcode. It’s automatically embedded on your content\u003C\u002Fli>\n\u003Cli>Built-in HTML5 video player – no Flash required\u003C\u002Fli>\n\u003Cli>Works on desktop, tablet and all mobile devices\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please note that\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Our Free version only allows you to protect up to 3 video files with maximum 300MB per video.\u003C\u002Fli>\n\u003Cli>Your videos are also uploaded directly to your server (WordPress Media), together with Amazon S3. So their original links are not protected and still accessible to the public.\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect WordPress Videos offers a simple, fast and secure way to embed and protect your WordPress videos.",100,3508,"2022-03-15T07:42:00.000Z","4.8.28","4.0.0",[19,21,22,49],"videos","https:\u002F\u002Fwww.buildwps.com\u002Fprotect-wordpress-videos-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotect-wp-videos.zip",{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":11,"downloaded":60,"rating":13,"num_ratings":13,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":17,"tags":64,"homepage":68,"download_link":69,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"contentresize","content-resize","1.0","viniciusgomes","https:\u002F\u002Fprofiles.wordpress.org\u002Fviniciusgomes\u002F","\u003Cp>Plugin simples para criar resumos com determinado número de palavras de um conteúdo..\u003C\u002Fp>\n","Plugin simples para criar resumos com determinado número de palavras de um conteúdo.",1844,"2011-08-18T19:10:00.000Z","3.1.4","3.1",[19,20,65,66,67],"posts-resize","resize","write","http:\u002F\u002Fviniwp.wordpress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontentresize.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":11,"downloaded":78,"rating":13,"num_ratings":13,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":17,"tags":82,"homepage":86,"download_link":87,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"end-content","End Content","0.1","slee","https:\u002F\u002Fprofiles.wordpress.org\u002Fslee\u002F","\u003Cp>This plug-in allows you to add code such as a PayPal donate button to end of a post or page.\u003Cbr \u002F>\nYou can select certain post categories or certain pages to show the content or have it shown on all content.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Support is provided at http:\u002F\u002Fwww.thefunkhouse.co.uk\u002Fwordpress-plugins\u002Fend-content\u003C\u002Fp>\n","Allows you to add content to the end of pages, posts or both.",3010,"2008-11-05T22:54:00.000Z","2.6.3","2.5",[71,83,84,21,85],"excerpts","pages","signature","http:\u002F\u002Fwww.thefunkhouse.co.uk\u002Fwordpress-plugins\u002Fend-content","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fend-content.0.1.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":11,"downloaded":96,"rating":13,"num_ratings":13,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":17,"tags":100,"homepage":102,"download_link":103,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"va-excerpt-from-content","VA Excerpt From Content","1.0.1","kuck1u","https:\u002F\u002Fprofiles.wordpress.org\u002Fkuck1u\u002F","\u003Cp>You don’t need to enter an excerpt. Plug-ins auto-create excerpt from the content.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Is the number of characters set in the “excerpt_length” filter.\u003C\u002Fli>\n\u003Cli>“Continue reading” setting in the “excerpt_more” filter.\u003C\u002Fli>\n\u003Cli>If there is “\u003C!–more–>” does not create an excerpt.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Remove the HTML to “va_excerpt_from_content_strip_all_tags” filter is true.\u003C\u002Fp>\n\u003Cp>\u002F\u002F remove the html.\u003Cbr \u002F>\nadd_filter( ‘va_excerpt_from_content_strip_all_tags’, ‘__return_true’ );\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requires\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 4.5 or higher\u003C\u002Fli>\n\u003Cli>PHP 5.6+\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute!\u003C\u002Fh4>\n\u003Cp>You can fork the plugin from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fvisualive\u002Fva-excerpt-from-content\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n","Automatically create the excerpt from content.",1577,"2016-06-09T08:14:00.000Z","4.5.33","4.5.2",[19,20,101,21],"post","https:\u002F\u002Fgithub.com\u002Fvisualive\u002Fva-excerpt-from-content","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fva-excerpt-from-content.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":17,"tags":119,"homepage":122,"download_link":123,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"advanced-excerpt","Advanced Excerpt","4.4.1","WPKube","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpkube\u002F","\u003Cp>This plugin adds several improvements to WordPress’ default way of creating excerpts.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Keeps HTML markup in the excerpt (and you get to choose which tags are included)\u003C\u002Fli>\n\u003Cli>Trims the excerpt to a given length using either character count or word count\u003C\u002Fli>\n\u003Cli>Only the ‘real’ text is counted (HTML is ignored but kept)\u003C\u002Fli>\n\u003Cli>Customizes the excerpt length and the ellipsis character that are used\u003C\u002Fli>\n\u003Cli>Completes the last word or sentence in an excerpt (no weird cuts)\u003C\u002Fli>\n\u003Cli>Adds a \u003Cem>read-more\u003C\u002Fem> link to the text\u003C\u002Fli>\n\u003Cli>Ignores custom excerpts and use the generated one instead\u003C\u002Fli>\n\u003Cli>Theme developers can use \u003Ccode>the_advanced_excerpt()\u003C\u002Fcode> for even more control (see the FAQ)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Most of the above features are optional and\u002For can be customized by the user or theme developer.\u003C\u002Fp>\n\u003Cp>Banner image credit – \u003Ca href=\"https:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Fchillihead\u002F\" rel=\"nofollow ugc\">chillihead\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Original plugin author – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fbasvd\" rel=\"nofollow ugc\">basvd\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Useful Resources\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffancythemes.com\u002Fwhat-is-wordpress\u002F\" rel=\"friend nofollow ugc\">What is WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffancythemes.com\u002Fwordpress-themes\" rel=\"friend nofollow ugc\">Fee Themes\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Ffancythemes.com\u002Fwordpress-plugins\u002F\" rel=\"friend nofollow ugc\">plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Control the appearance of WordPress post excerpts",80000,1542295,86,101,"2024-01-19T20:32:00.000Z","6.4.8","3.2",[19,20,120,101,121],"formatting","post-excerpt","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-excerpt\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-excerpt.4.4.1.zip",{"attackSurface":125,"codeSignals":146,"taintFlows":169,"riskAssessment":170,"analyzedAt":176},{"hooks":126,"ajaxHandlers":142,"restRoutes":143,"shortcodes":144,"cronEvents":145,"entryPointCount":13,"unprotectedCount":13},[127,133,138],{"type":128,"name":129,"callback":130,"file":131,"line":132},"filter","the_content","MMContentManage_filter","MM_content_manage.php",49,{"type":134,"name":135,"callback":136,"file":131,"line":137},"action","add_meta_boxes","MMContentManage_add_CustBox",52,{"type":134,"name":139,"callback":140,"file":131,"line":141},"save_post","MMContentManage_save_postdata",58,[],[],[],[],{"dangerousFunctions":147,"sqlUsage":148,"outputEscaping":150,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":167,"bundledLibraries":168},[],{"prepared":13,"raw":13,"locations":149},[],{"escaped":151,"rawEcho":152,"locations":153},2,6,[154,157,159,161,163,165],{"file":131,"line":155,"context":156},87,"raw output",{"file":131,"line":158,"context":156},89,{"file":131,"line":160,"context":156},90,{"file":131,"line":162,"context":156},91,{"file":131,"line":164,"context":156},93,{"file":131,"line":166,"context":156},108,3,[],[],{"summary":171,"deductions":172},"The 'mm-content-manage' plugin v1.1 exhibits a strong security posture based on the provided static analysis. The absence of identified AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its potential attack surface. Furthermore, the code signals show a positive trend with no dangerous functions detected, all SQL queries utilizing prepared statements, and no file operations or external HTTP requests that could be exploited. The presence of capability checks, although limited, is also a good sign.\n\nHowever, a notable concern arises from the output escaping. With 8 total outputs and only 25% properly escaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. This means that user-supplied input displayed on the frontend or backend might not be sufficiently sanitized, allowing attackers to inject malicious scripts. The lack of any taint analysis results or historical vulnerabilities is positive but doesn't negate the immediate XSS risk identified in the output escaping. The absence of nonce checks on AJAX, while not applicable here due to 0 AJAX handlers, would typically be a concern.\n\nIn conclusion, while the plugin has commendable practices regarding its attack surface and SQL handling, the poor output escaping represents a critical weakness that requires immediate attention. Addressing the XSS risk is paramount for improving its overall security. The clean vulnerability history is a positive indicator, but proactive security measures, especially concerning output sanitization, are essential for maintaining this record.",[173],{"reason":174,"points":175},"Insufficient output escaping leading to XSS risk",8,"2026-03-17T01:12:46.435Z",{"wat":178,"direct":183},{"assetPaths":179,"generatorPatterns":180,"scriptPaths":181,"versionParams":182},[],[],[],[],{"cssClasses":184,"htmlComments":185,"htmlAttributes":186,"restEndpoints":196,"jsGlobals":197,"shortcodeOutput":198},[],[],[187,188,189,190,191,192,193,194,195],"id=\"MM_content_manage_radio_content\"","id=\"MM_content_manage_radio_excerpt\"","id=\"MM_content_manage_radio_private\"","id=\"MM_content_manage_text_cap\"","name=\"MM_content_manage_radio\"","name=\"MM_content_manage_text_cap\"","value=\"CONTENT\"","value=\"EXCERPT\"","value=\"PRIVATE\"",[],[],[199],"[MORE]"]