[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqXeZC3JwgmaiLGiWdLuZASGjyfuQu35KFaII94xoFpw":3,"$fZ9ghd1LeFsCOYoK1t67M_YeE-FQBtx-Y2rpODaa5hjg":197,"$f3jhpTaQTPPfxLUlpIyN3wSh5JRnq_VxXbDI2hkZqzxY":202},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":9,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":36,"analysis":112,"fingerprints":160},"music-bar","Music Bar","1.0","dlozano","https:\u002F\u002Fprofiles.wordpress.org\u002Fdlozano\u002F","","Music Bar te ayuda a administrar una barra de musica en la parte inferior de tu web site. Aprovecha las miles de canciones de BUMBABlog gratuitamente.",10,11688,0,"2012-06-14T17:22:00.000Z","3.3.2","3.0",[18,19,20,21,22],"bar","control","music","song","widget","http:\u002F\u002Fbumbablog.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmusic-bar.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},6,70,30,84,"2026-05-20T10:59:57.163Z",[37,48,64,80,97],{"slug":38,"name":39,"version":40,"author":7,"author_profile":8,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":13,"num_ratings":13,"last_updated":44,"tested_up_to":15,"requires_at_least":16,"requires_php":9,"tags":45,"homepage":23,"download_link":46,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":47},"play-songs","Play Songs","1.1","\u003Cp>Este es un plugin que te permitira tener un boton en la parte lateral de tu web el cual muestra un reproductor mp3. Tambien se muestra un menu con 22 generos musicales y miles de canciones que las podras escuchar gratuitamente. Mientras navegas puedes convertir tu reproductor en un popup y escuchar musica sin interrupciones cuando pasas de una pagina a otra.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Escucha musica sin interrupciones.\u003C\u002Fli>\n\u003Cli>Selecciona los generos que desees.\u003C\u002Fli>\n\u003Cli>Abre en un popup el reproductor.\u003C\u002Fli>\n\u003Cli>Playlist de las canciones.\u003C\u002Fli>\n\u003Cli>Tus visitantes escucharan musica mientras visitan tu web.\u003C\u002Fli>\n\u003Cli>No modifica ni altera tu tema.\u003C\u002Fli>\n\u003Cli>No ocupa espacio.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Una demo del plugin lo encontraras en http:\u002F\u002Fbumbablog.com\u003C\u002Fp>\n","Play Songs es un plugin de WordPress que permite visualizar un reproductor de música que aparece y desaparece automáticamente.",6064,"2012-10-03T15:41:00.000Z",[18,19,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplay-songs.zip","2026-04-06T09:54:40.288Z",{"slug":49,"name":50,"version":51,"author":7,"author_profile":8,"description":52,"short_description":53,"active_installs":11,"downloaded":54,"rating":55,"num_ratings":56,"last_updated":57,"tested_up_to":58,"requires_at_least":59,"requires_php":9,"tags":60,"homepage":61,"download_link":62,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":63},"play-video-of-song","Play Video of Song","2.01","\u003Cp>Este plugin te permitira tener un boton en la parte lateral de tu web el cual muestra un reproductor de video de musica. Aprovecha la API de GOODFIDELITY para administrar contenido relevante.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>En un boton tienes una web site.\u003C\u002Fli>\n\u003Cli>Mira y escucha videos musicales.\u003C\u002Fli>\n\u003Cli>Selecciona tus artistas favoritos.\u003C\u002Fli>\n\u003Cli>No modifica ni altera tu tema.\u003C\u002Fli>\n\u003Cli>No ocupa espacio.\u003C\u002Fli>\n\u003Cli>Mejora la experiencia de tus usuarios.\u003C\u002Fli>\n\u003Cli>Utiliza Ajax para cargar la pagina\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Una demo del plugin lo encontraras en http:\u002F\u002Fbumbablog.com\u003C\u002Fp>\n","Este plugin permite tener un reproductor de audio y video en la parte lateral de tu web site el cual aparece y desaparece sin alterar tu tema.",5164,100,1,"2013-06-28T18:49:00.000Z","3.5.2","3.4",[18,19,20,21,22],"http:\u002F\u002Fbumbablog.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplay-video-of-song.2.01.zip","2026-03-15T15:16:48.613Z",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":33,"downloaded":72,"rating":13,"num_ratings":13,"last_updated":73,"tested_up_to":15,"requires_at_least":74,"requires_php":9,"tags":75,"homepage":78,"download_link":79,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-spotify","WP-Spotify","2.0","NEOLiNES","https:\u002F\u002Fprofiles.wordpress.org\u002Fneolines\u002F","\u003Cp>Link Spotify tracks to your posts and pages using uri-based shortcodes.\u003C\u002Fp>\n\u003Cp>Ex.\u003Cbr \u002F>\n[spotify:track:2lBpN5CZ3zLyVIPejUhN6Y]\u003C\u002Fp>\n\u003Cp>Attention!\u003Cbr \u002F>\nAt this moment you can NOT link albums, playlists or artists, just tracks.\u003C\u002Fp>\n","Link Spotify tracks to your posts and pages. Including widget.",8524,"2012-02-06T20:36:00.000Z","2.0.2",[20,76,21,77,22],"post","spotify","http:\u002F\u002Fhermanssondavid.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-spotify.2.0.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":11,"downloaded":88,"rating":13,"num_ratings":13,"last_updated":89,"tested_up_to":90,"requires_at_least":74,"requires_php":9,"tags":91,"homepage":95,"download_link":96,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"plastic-tunes","Plastic Tunes","1.4","unalignedcoder","https:\u002F\u002Fprofiles.wordpress.org\u002Funalignedcoder\u002F","\u003Cp>Plastic Tunes is a “now-playing” plugin that allows your blog to display informations about the music you play in your media player, and most importantly, to insert them into your database. Artists, titles, albums and pretty much any information included in your digital music files goes into your database for real-time or later use, ready to be displayed on your sidebar, on a dedicated page or wherever you want.\u003Cbr \u002F>\nThe concept of this plugin, and quite a few lines of code were originally taken from version 0.1 of the \u003Ca href=\"http:\u002F\u002Fwww.thesmithsplace.com\u002Fmutunes\" rel=\"nofollow ugc\">muTunes\u003C\u002Fa> plugin, made by Ken Smith — although Plastic Tunes grew a lot since then.\u003C\u002Fp>\n","A Multi-User \"Now Playing\" plugin that accepts input from iTunes, WinAmp, and many more. Saves your information to your DB and will accomodate multiple users. Widget compatible and highly customizable.",5588,"2009-09-09T11:32:00.000Z","2.5",[92,20,93,94,22],"media","nowplaying","sidebar","http:\u002F\u002Funalignedcode.wordpress.com\u002Fplastic_tunes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplastic-tunes.1.4.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":11,"downloaded":105,"rating":13,"num_ratings":13,"last_updated":106,"tested_up_to":58,"requires_at_least":107,"requires_php":9,"tags":108,"homepage":110,"download_link":111,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":47},"pledgemusic","PledgeMusic","1.2.1","45PRESS","https:\u002F\u002Fprofiles.wordpress.org\u002F45press\u002F","\u003Cp>PledgeMusic is a platform that provides artists the resources they need to build successful long-term careers.\u003Cbr \u002F>\nThrough our easy to use direct-to-fan model, we’ve fuzed advanced technologies and social media techniques with decades of music business expertise to create the most effective music fundraising, marketing, and sales tool in the world.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Connect your PledgeMusic campaign to your WordPress site.\u003C\u002Fli>\n\u003Cli>Two display options: Sidebar widget, or lightbox popup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Sign up with \u003Ca href=\"http:\u002F\u002Fwww.pledgemusic.com\u002Fsign_up\u002Fartist?referrer=wpplugin\" title=\"PledgeMusic\" rel=\"nofollow ugc\">PledgeMusic\u003C\u002Fa> now!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin developed by \u003Ca href=\"http:\u002F\u002Fwww.45press.com\" title=\"45PRESS\" rel=\"nofollow ugc\">45PRESS\u003C\u002Fa> – a digital marketing agency that specializes in website creation, development, hosting, & video production.\u003C\u002Fstrong>\u003C\u002Fp>\n","Provides the ability to display your PledgeMusic campaign on your WordPress site.",3161,"2013-08-10T19:27:00.000Z","3.0.1",[20,109,98,94,22],"pledge-music","http:\u002F\u002Fwww.pledgemusic.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpledgemusic.1.2.1.zip",{"attackSurface":113,"codeSignals":128,"taintFlows":153,"riskAssessment":154,"analyzedAt":159},{"hooks":114,"ajaxHandlers":124,"restRoutes":125,"shortcodes":126,"cronEvents":127,"entryPointCount":13,"unprotectedCount":13},[115,121],{"type":116,"name":117,"callback":118,"file":119,"line":120},"action","widgets_init","fb_load_widgets","1.0\u002Fmusic-bar.php",11,{"type":116,"name":117,"callback":118,"file":122,"line":123},"music-bar.php",12,[],[],[],[],{"dangerousFunctions":129,"sqlUsage":130,"outputEscaping":132,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":152},[],{"prepared":13,"raw":13,"locations":131},[],{"escaped":13,"rawEcho":133,"locations":134},8,[135,138,140,142,144,146,148,150],{"file":119,"line":136,"context":137},43,"raw output",{"file":119,"line":139,"context":137},118,{"file":119,"line":141,"context":137},135,{"file":119,"line":143,"context":137},155,{"file":122,"line":145,"context":137},44,{"file":122,"line":147,"context":137},121,{"file":122,"line":149,"context":137},138,{"file":122,"line":151,"context":137},158,[],[],{"summary":155,"deductions":156},"The \"music-bar\" v1.0 plugin exhibits a very limited attack surface and no known vulnerabilities, suggesting a potentially secure codebase. The static analysis shows no AJAX handlers, REST API routes, shortcodes, or cron events, which are common entry points for attackers. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests is a positive indicator. The plugin also correctly utilizes prepared statements for its SQL queries.\n\nHowever, the analysis highlights a significant concern regarding output escaping, with 0% of outputs being properly escaped. This means that any data displayed to users, if it originates from an untrusted source, could be vulnerable to Cross-Site Scripting (XSS) attacks. The lack of explicit capability checks and nonce checks on its non-existent entry points is not a direct risk in itself given the current attack surface, but it means that if the plugin were to gain new entry points in the future, these crucial security measures would be absent.\n\nThe plugin's vulnerability history is entirely clean, with no recorded CVEs. This is an excellent sign, indicating either responsible development or a lack of targeted exploitation. However, this positive trend, combined with the significant output escaping issue, could be misleading. A clean history doesn't guarantee future security, especially when fundamental security practices like output escaping are overlooked. The plugin is best described as having a small attack surface and no known vulnerabilities, but with a critical flaw in output sanitation that needs immediate attention.",[157],{"reason":158,"points":133},"Output escaping is 0% properly escaped","2026-04-16T12:20:39.375Z",{"wat":161,"direct":167},{"assetPaths":162,"generatorPatterns":164,"scriptPaths":165,"versionParams":166},[163],"\u002Fwp-content\u002Fplugins\u002Fmusic-bar\u002Fbarra.html",[],[],[],{"cssClasses":168,"htmlComments":170,"htmlAttributes":173,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":196},[169],"fbrelatedpost",[171,172],"-->","\u003C!--",[174,175,176,177,178,179,180,181,182,183,184,185,186,187,188],"id=\"boton\"","name=\"boton\"","onClick=\"iniciar()\"","id=\"boton_ce\"","name=\"boton_ce\"","onClick=\"cerrar()\"","id=\"boton_ab\"","name=\"boton_ab\"","onClick=\"abrir()\"","id=\"boton_am\"","name=\"boton_am\"","onClick=\"ampliar()\"","id=\"boton_de\"","name=\"boton_de\"","onClick=\"desactivar()\"",[],[191,192,193,194,195],"iniciar","desactivar","ampliar","abrir","cerrar",[],{"error":198,"url":199,"statusCode":200,"statusMessage":201,"message":201},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmusic-bar\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":56,"versions":203},[204],{"version":205,"download_url":206,"svn_tag_url":207,"released_at":26,"has_diff":208,"diff_files_changed":209,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":210,"is_current":208},"music-bar.log","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmusic-bar.music-bar.log.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmusic-bar\u002Ftags\u002Fmusic-bar.log\u002F",false,[],[]]