[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRuOSplq1PEQrN0ogKGK04yNw8jI1o0zqGhVedIovgCc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":79,"fingerprints":231},"my-xbox-profile","My Xbox Profile","2.0","peterjharrison","https:\u002F\u002Fprofiles.wordpress.org\u002Fpeterjharrison\u002F","\u003Cp>Xbox 360 Gamercard Plugin, that displays your Xbox 360 gamertag details anywhere on your website.\u003C\u002Fp>\n\u003Cp>This is the first version of the plugin, its quite simple with a few options but the biggest feature about it is that it is completely customisable using CSS.\u003C\u002Fp>\n\u003Cp>Also uses jQuery to display the 5 most recent games played and the amount of achievements.\u003C\u002Fp>\n","Xbox 360 Gamercard Plugin, that displays your Xbox 360 gamertag details anywhere on your website.",10,3943,0,"2010-05-27T08:42:00.000Z","2.9.2","2.9.0","",[19,20,21,22],"xbox","xbox-gamercard","xbox-gamertag","xbox-live","http:\u002F\u002Fwww.peterjharrison.me\u002F2010\u002F01\u002Fmy-xbox-profile-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-xbox-profile.2.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},2,40,30,84,"2026-04-05T17:47:36.546Z",[36,58],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":56,"download_link":57,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"flexblocks","Flexblocks","1.2.3","cabezi","https:\u002F\u002Fprofiles.wordpress.org\u002Fcabezi\u002F","\u003Cp>Flexblocks is the most comprehensive flexbox solution for the Gutenberg Block Editor.  Flexblocks was designed to work best with \u003Ca href=\"https:\u002F\u002Fwww.cabezi.com\u002F\" rel=\"nofollow ugc\">Cabezi Headless Hosting\u003C\u002Fa>, but should work great with any block theme.  Some features like Cabezi Products will only work with Cabezi Headless Hosting.\u003C\u002Fp>\n\u003Cp>Tired of installing bloated block libraries to implement some ultra-specific layout?  Flexblocks fixes that, since we enable nearly any layout possible with flexbox.\u003C\u002Fp>\n\u003Cp>Flexblocks is built for pro web developers and power users who are familiar with designing layouts with flexbox.\u003C\u002Fp>\n\u003Cp>Flexblocks is ultra lightweight, allowing for perfect lighthouse scores.\u003C\u002Fp>\n\u003Cp>Flexblocks includes the following blocks:\u003Cbr \u002F>\n* Flexblocks Container\u003Cbr \u002F>\n* Flexblocks Item\u003Cbr \u002F>\n* Button (more configurable that the core\u002Fbutton block)\u003Cbr \u002F>\n* Span (used to create semantically correct buttons)\u003Cbr \u002F>\n* Divider (an improved divider that works in Flexblocks containers)\u003Cbr \u002F>\n* Embed Block\u003Cbr \u002F>\n* Social Sharing Block\u003Cbr \u002F>\n* Accordion Block\u003C\u002Fp>\n\u003Cp>Flexblocks also supports background blur, eager loading images, conditional rendering, and much more.\u003C\u002Fp>\n","Unleash the power of Flexbox from the Block Editor.  Flexbox is the easiest way to implement custom advanced layouts in WordPress.",90,3854,"2023-04-04T19:02:00.000Z","6.2.9","6.0","7.0",[51,52,53,54,55],"block-library","block-editor","flexbox","flexbox-layout","page-builder","https:\u002F\u002Fwww.cabezi.com\u002Fflexblocks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflexblocks.1.2.3.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":13,"num_ratings":13,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":17,"download_link":77,"security_score":78,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"products-lists-from-prestashop","Products Lists from PrestaShop – Listados Personalizados","2.2","Konstantin","https:\u002F\u002Fprofiles.wordpress.org\u002Fkonstantinwdk\u002F","\u003Cp>Plugin que muestra productos de una tienda PrestaShop en WordPress usando su API, con diseño responsive y opciones de listado en el backoffice\u003C\u002Fp>\n\u003Ch3>Descripción\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Prestashop products lists\u003C\u002Fstrong> es una herramienta diseñada para integrarse con tu tienda PrestaShop a través de su API, permitiéndote mostrar productos directamente en tu sitio de WordPress mediante un shortcode. La interfaz del plugin es completamente configurable desde el backoffice de WordPress, donde puedes crear múltiples listados de productos con parámetros personalizados como la moneda, las categorías y el orden de los productos.\u003C\u002Fp>\n\u003Ch3>Características principales:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Muestra productos de PrestaShop mediante un shortcode en cualquier página o post de WordPress.\u003C\u002Fli>\n\u003Cli>Opciones para configurar la moneda (euros o dólares) y seleccionar categorías específicas.\u003C\u002Fli>\n\u003Cli>Permite establecer un número máximo de productos a mostrar.\u003C\u002Fli>\n\u003Cli>Utiliza Flexbox para una visualización responsive de los productos.\u003C\u002Fli>\n\u003Cli>Ordena los productos de manera ascendente, descendente o aleatoria.\u003C\u002Fli>\n\u003Cli>Crea y gestiona múltiples listados personalizados desde el panel de administración.\u003C\u002Fli>\n\u003Cli>Genera automáticamente shortcodes para cada listado de productos.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Instalación\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Sube los archivos del plugin al directorio \u003Ccode>\u002Fwp-content\u002Fplugins\u002Fproducts-lists-from-prestashop\u003C\u002Fcode> o instálalo directamente desde el directorio de plugins de WordPress.\u003C\u002Fli>\n\u003Cli>Activa el plugin desde el menú ‘Plugins’ de WordPress.\u003C\u002Fli>\n\u003Cli>Dirígete al menú “Listados” en el panel de administración de WordPress para configurar y gestionar los listados de productos.\u003C\u002Fli>\n\u003Cli>Usa el shortcode \u003Ccode>[plfp_listado id=\"ID_DEL_LISTADO\"]\u003C\u002Fcode> para mostrar productos en cualquier página o post.\u003C\u002Fli>\n\u003Cli>Mas info en https:\u002F\u002Fwebdesignerk.com\u002Fwordpress\u002Fplugins\u002Fmostrar-productos-de-prestashop-en-wordpress\u002F\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Frequently Asked Questions (FAQ)\u003C\u002Fh3>\n\u003Ch4>¿Cómo obtengo la clave API de PrestaShop?\u003C\u002Fh4>\n\u003Cp>La clave API de PrestaShop se puede generar desde el panel de administración de PrestaShop, en la sección “Parámetros Avanzados > Webservices”.\u003Cbr \u002F>\nAñade permisos ver GET a tu API de “categories, images, price_ranges, products\u003C\u002Fp>\n\u003Ch4>¿Cómo agrego los productos en una página o post?\u003C\u002Fh4>\n\u003Cp>Usa el shortcode \u003Ccode>[plfp_listado id=\"ID_DEL_LISTADO\"]\u003C\u002Fcode> para mostrar un listado de productos en cualquier página o post de WordPress.\u003C\u002Fp>\n\u003Ch4>¿Qué hacer si no veo los productos correctamente?\u003C\u002Fh4>\n\u003Cp>Asegúrate de que la URL de tu tienda PrestaShop y la clave API estén configuradas correctamente en los ajustes del plugin.\u003C\u002Fp>\n\u003Ch3>Compatibilidad\u003C\u002Fh3>\n\u003Cp>Este plugin ha sido testeado con las siguientes versiones de PrestaShop:\u003Cbr \u002F>\n– 1.7.6\u003Cbr \u002F>\n– 1.8.8\u003Cbr \u002F>\n– 8.1.7\u003C\u002Fp>\n\u003Cp>Y con las siguientes versiones de WordPress:\u003Cbr \u002F>\n– 5.8\u003Cbr \u002F>\n– 6.6\u003C\u002Fp>\n","Plugin que muestra productos de una tienda PrestaShop en WordPress usando su API, con diseño responsive y opciones de listado en el backoffice",50,562,"2024-11-06T15:22:00.000Z","6.6.5","5.0","7.2",[73,53,74,75,76],"ecommerce","listados","prestashop","productos","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproducts-lists-from-prestashop.2.2.zip",92,{"attackSurface":80,"codeSignals":100,"taintFlows":148,"riskAssessment":218,"analyzedAt":230},{"hooks":81,"ajaxHandlers":92,"restRoutes":93,"shortcodes":94,"cronEvents":98,"entryPointCount":99,"unprotectedCount":13},[82,88],{"type":83,"name":84,"callback":85,"file":86,"line":87},"action","wp_head","meta_myxboxprofile","index.php",179,{"type":83,"name":89,"callback":90,"file":86,"line":91},"admin_menu","menu_myxboxprofile",217,[],[],[95],{"tag":96,"callback":96,"file":86,"line":97},"myxboxprofile",160,[],1,{"dangerousFunctions":101,"sqlUsage":102,"outputEscaping":104,"fileOperations":146,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":147},[],{"prepared":13,"raw":13,"locations":103},[],{"escaped":13,"rawEcho":105,"locations":106},19,[107,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144],{"file":86,"line":108,"context":109},121,"raw output",{"file":86,"line":111,"context":109},123,{"file":86,"line":113,"context":109},124,{"file":86,"line":115,"context":109},125,{"file":86,"line":117,"context":109},126,{"file":86,"line":119,"context":109},137,{"file":86,"line":121,"context":109},145,{"file":86,"line":123,"context":109},146,{"file":86,"line":125,"context":109},147,{"file":86,"line":127,"context":109},148,{"file":86,"line":129,"context":109},166,{"file":86,"line":131,"context":109},177,{"file":86,"line":133,"context":109},246,{"file":86,"line":135,"context":109},251,{"file":86,"line":137,"context":109},253,{"file":86,"line":139,"context":109},272,{"file":86,"line":141,"context":109},285,{"file":86,"line":143,"context":109},298,{"file":86,"line":145,"context":109},308,3,[],[149,197],{"entryPoint":150,"graph":151,"unsanitizedCount":195,"severity":196},"admin_myxboxprofile (index.php:223)",{"nodes":152,"edges":188},[153,158,163,167,169,173,175,179,181,184],{"id":154,"type":155,"label":156,"file":86,"line":157},"n0","source","$_POST['tag_myxboxprofile']",229,{"id":159,"type":160,"label":161,"file":86,"line":157,"wp_function":162},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":164,"type":155,"label":165,"file":86,"line":166},"n2","$_POST['gis_myxboxprofile']",231,{"id":168,"type":160,"label":161,"file":86,"line":166,"wp_function":162},"n3",{"id":170,"type":155,"label":171,"file":86,"line":172},"n4","$_POST['srg_myxboxprofile']",233,{"id":174,"type":160,"label":161,"file":86,"line":172,"wp_function":162},"n5",{"id":176,"type":155,"label":177,"file":86,"line":178},"n6","$_POST['hidejs_myxboxprofile']",235,{"id":180,"type":160,"label":161,"file":86,"line":178,"wp_function":162},"n7",{"id":182,"type":155,"label":183,"file":86,"line":137},"n8","$_SERVER['REQUEST_URI']",{"id":185,"type":160,"label":186,"file":86,"line":137,"wp_function":187},"n9","echo() [XSS]","echo",[189,191,192,193,194],{"from":154,"to":159,"sanitized":190},false,{"from":164,"to":168,"sanitized":190},{"from":170,"to":174,"sanitized":190},{"from":176,"to":180,"sanitized":190},{"from":182,"to":185,"sanitized":190},5,"medium",{"entryPoint":198,"graph":199,"unsanitizedCount":195,"severity":217},"\u003Cindex> (index.php:0)",{"nodes":200,"edges":211},[201,202,203,204,205,206,207,208,209,210],{"id":154,"type":155,"label":156,"file":86,"line":157},{"id":159,"type":160,"label":161,"file":86,"line":157,"wp_function":162},{"id":164,"type":155,"label":165,"file":86,"line":166},{"id":168,"type":160,"label":161,"file":86,"line":166,"wp_function":162},{"id":170,"type":155,"label":171,"file":86,"line":172},{"id":174,"type":160,"label":161,"file":86,"line":172,"wp_function":162},{"id":176,"type":155,"label":177,"file":86,"line":178},{"id":180,"type":160,"label":161,"file":86,"line":178,"wp_function":162},{"id":182,"type":155,"label":183,"file":86,"line":137},{"id":185,"type":160,"label":186,"file":86,"line":137,"wp_function":187},[212,213,214,215,216],{"from":154,"to":159,"sanitized":190},{"from":164,"to":168,"sanitized":190},{"from":170,"to":174,"sanitized":190},{"from":176,"to":180,"sanitized":190},{"from":182,"to":185,"sanitized":190},"low",{"summary":219,"deductions":220},"The my-xbox-profile plugin version 2.0 exhibits a mixed security posture. On one hand, it demonstrates good practices by avoiding known dangerous functions, utilizing prepared statements for all SQL queries, and having no recorded vulnerabilities or CVEs. The absence of external HTTP requests and bundled libraries also contributes positively. However, significant concerns arise from the lack of output escaping, which is a critical weakness. With 19 outputs analyzed and 0% properly escaped, this opens the door to Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis revealed two flows with unsanitized paths, indicating potential issues with how user-provided data is handled, even if no critical or high severity issues were flagged. The absence of nonce checks and capability checks on its single shortcode entry point is also a notable oversight, potentially allowing unauthorized execution of its functionality. While the plugin has a clean vulnerability history, the identified code analysis issues present real risks that need immediate attention.",[221,224,226,228],{"reason":222,"points":223},"Output escaping is completely missing",16,{"reason":225,"points":11},"Taint analysis shows unsanitized paths",{"reason":227,"points":195},"Shortcode lacks nonce check",{"reason":229,"points":195},"Shortcode lacks capability check","2026-03-17T05:39:47.525Z",{"wat":232,"direct":240},{"assetPaths":233,"generatorPatterns":236,"scriptPaths":237,"versionParams":239},[234,235],"\u002Fwp-content\u002Fplugins\u002Fmy-xbox-profile\u002Fcss\u002Fmyxboxprofile.css","\u002Fwp-content\u002Fplugins\u002Fmy-xbox-profile\u002Fjs\u002Fmyxboxprofile_hide.js",[],[238],"http:\u002F\u002Fajax.googleapis.com\u002Fajax\u002Flibs\u002Fjquery\u002F1.3.2\u002Fjquery.min.js",[],{"cssClasses":241,"htmlComments":244,"htmlAttributes":247,"restEndpoints":261,"jsGlobals":262,"shortcodeOutput":264},[242,243],"show_gamedetails","xboxgamercard_gamedetails",[245,246],"Start Of Code Generated By My Xbox Profile","End Of Code Generated By My Xbox Profile",[248,249,250,251,252,253,254,255,256,257,258,259,260,255],"id=\"xboxgamercard\"","id=\"xboxgamercard_tileurl\"","id=\"gamerinfo\"","id=\"xboxgamercard_gamertag\"","id=\"xboxgamercard_info\"","id=\"xboxgamercard_moreinfo\"","id=\"xboxgamercard_zone\"","id=\"xboxgamercard_gamerscore\"","class=\"show_gamedetails\"","id=\"game_id_","class=\"xboxgamercard_gamedetails\"","id=\"xboxgamercard_name\"","id=\"xboxgamercard_achievements\"",[],[263],"jQuery",[265,266,267,268,269,270,271,272,273,274,273,275,273,276,277,278,273,279,280,281,282,268,269,283,284,285,286,287,273,288,287,273,289,290,289],"\u003Cdiv id=\"xboxgamercard\">","\u003Ca href=\"","\" target=\"_blank\">\u003Cimg id=\"xboxgamercard_tileurl\" src=\"","\" alt=\"","\" title=\"","\" \u002F>\u003C\u002Fa>","\u003Cul id=\"gamerinfo\">","\u003Cli id=\"xboxgamercard_gamertag\">","\u003C\u002Fli>","\u003Cli id=\"xboxgamercard_info\">","\u003Cli id=\"xboxgamercard_moreinfo\">","\u003Cli id=\"xboxgamercard_zone\">G: ","\u003Cspan id=\"xboxgamercard_gamerscore\">Zone: ","\u003C\u002Fspan>","\u003C\u002Ful>","\u003Cul class=\"xboxgamercard_gamedetails\"","\u003Cli>\u003Cimg id=\"game_id_","\" src=\"","\" \u002F>\u003C\u002Fli>","\u003Cdiv id=\"xboxgamercard_gameholder\">","\u003Cli id=\"xboxgamercard_name\">","\u003Cli id=\"xboxgamercard_achievements\">Achievements: ","\u002F","\u003Cli id=\"xboxgamercard_gamerscore\">GamerScore: ","\u003C\u002Fdiv>","\u003Cdiv style=\"clear: both;\">\u003C\u002Fdiv>"]