[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgZ4xT3NeEZ9lDAu1cVVOjk_T3Yc9W7K3lAvokAAwIUg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":8,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":46,"crawl_stats":35,"alternatives":53,"analysis":153,"fingerprints":374},"namasha-by-mdesign","Namasha By Mdesign","1.2.06","MDZ","https:\u002F\u002Fprofiles.wordpress.org\u002Fmdesignfa\u002F","\u003Cp>اگر بخواهید به روش معمول و با استفاده از افزونه های دیگر تعداد زیادی ویدو از پلتفرم رایگان نماشا را درون یک صفحه از سایت وردپرسی خودتون نمایش بدهید، بدون شک سرعت لود سایت شما بسیار پایین خواهد آمد و این یک مشکل بسیار بسیار بزرگ است.\u003Cbr \u002F>\nاما این افزونه این مشکل را حل کرده است و با استفاده از روشی مدرن بدون افت سرعت لود سایت می توانید هر تعداد ویدیو از سایت نماشا را درون هر صفحه نمایش دهید، برخلاف افزونه های موجود در این زمینه این افزونه صفحه تتظیمات اختصاصی دارد و کاملا مدرن و بهینه کد نویسی شده است.\u003C\u002Fp>\n\u003Cp>Namasha By Mdesign is a free plugin (under the GNU national lisence) that aids you to show your videos in Namasha.com (free video hosting platform) on your wordpress web-site. unlike other plugins in this category, this plugin DO NOT slow down your page-speed even if you want show hundreds of videos inside a single page!.\u003Cbr \u002F>\nNamasha By Mdesign has an exclusive settings page and it has been designed & developed in a very modern and efficent way, this free plugin also has a full optional Elementor widget.\u003C\u002Fp>\n\u003Ch3>لغو نصب افزونه\u003C\u002Fh3>\n\u003Cp>در هنگام غیر فعالسازی از شما سوال می شود که آیا مایلید اطلاعات این افزونه را نگاه دارید؟\u003Cbr \u002F>\nدر هنگام حذف افزونه شما تصمیم گیرنده خواهید بود که اطلاعات این افزونه را در درون دیتابیس سایت خود نگاه دارید یا نه. اگر به طور موقت غیرفعال سازی می کنید، پیشنهاد می شود اطلاعات افزونه را حذف نکنید اما اگر به صورت دائمی تصمیم بر حذف این افزونه گرفته اید، برای سبک سازی و بهینه سازی حجم دیتابیس سایت اطلاعات این افزونه را حذف کنید.\u003C\u002Fp>\n\u003Ch3>صفحه تنظیمات\u003C\u002Fh3>\n\u003Cp>تنظیمات این افزونه در تنظیمات واقع شده است، در صورتی که پیدا نکردید این آدرس را در ادامه آدرس سایت خودتون وارد کنید: https:\u002F\u002Fwww.YOUR-SITE-URL\u002Fwp-admin\u002Foptions-general.php?page=namasha-settings\u003C\u002Fp>\n","نمایش حرفه ای ویدیو های پلتفرم نماشا + آپارات در وردپرس (+ویجت المنتور و گوتنبرگ)",100,69513,1,"2025-08-06T10:41:00.000Z","6.8.5","","7.3",[19,20,21,22,23],"aparat","namasha","%d9%86%d9%85%d8%a7%d8%b4%d8%a7","video","%d8%a2%d9%be%d8%a7%d8%b1%d8%a7%d8%aa","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnamasha-by-mdesign.1.2.06.zip",99,0,"2025-06-25 14:07:03","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":37,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":27,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2025-6537","namasha-by-mdesign-authenticated-contributor-stored-cross-site-scripting-via-playicontitle-parameter","Namasha By Mdesign \u003C= 1.2.00 - Authenticated (Contributor+) Stored Cross-Site Scripting via playicon_title Parameter","The Namasha By Mdesign plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘playicon_title’ parameter in all versions up to, and including, 1.2.00 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.2.00","1.2.05","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-08-11 13:54:38",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3f7616d0-7b42-4b2e-8378-18c24c7bf22b?source=api-prod",47,{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":11,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},"mdesignfa",4,730,87,88,"2026-04-05T10:20:41.573Z",[54,76,96,115,133],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":72,"download_link":73,"security_score":74,"vuln_count":13,"unpatched_count":26,"last_vuln_date":75,"fetched_at":28},"wp-aparat","Aparat for WordPress","2.2.4","Alireza Sedghi","https:\u002F\u002Fprofiles.wordpress.org\u002Fas911\u002F","\u003Cp>Aparat is one of Iran’s video-sharing services. With this plugin, you can easily add your Aparat videos to posts, pages, or widgets in WordPress, or display a list of them in widgets.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shortcode and Block feature to display Aparat videos within posts\u002Fpages.\u003C\u002Fli>\n\u003Cli>Aparat widget for showcasing a video list.\u003C\u002Fli>\n\u003Cli>Option to customize the number of videos displayed in widgets.\u003C\u002Fli>\n\u003Cli>Integration of an Aparat video button into the WordPress editor.\u003C\u002Fli>\n\u003C\u002Ful>\n","Displaying Aparat videos on website content, along with a widget for showing a list of channel videos.",4000,31595,82,9,"2025-01-03T10:07:00.000Z","6.7.5","4.0","7.0",[19,71,22,23],"embed","https:\u002F\u002Falirezasedghi.com\u002Fplugins\u002Faparat-for-wordPress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-aparat.2.2.4.zip",92,"2024-03-25 00:00:00",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":26,"num_ratings":26,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":94,"download_link":95,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":35,"fetched_at":28},"aparat-feed","Aparat WordPress Video Feed Plugin","1.3.1","ParsMizban","https:\u002F\u002Fprofiles.wordpress.org\u002Fparsmizban\u002F","\u003Cp>\u003Cstrong>Aparat Feed\u003C\u002Fstrong> is a powerful and lightweight \u003Cstrong>Aparat WordPress plugin\u003C\u002Fstrong> that automatically displays the latest videos from any Aparat channel directly on your WordPress website.\u003Cbr \u002F>\nInstead of embedding single videos manually, this plugin fetches and shows the newest channel posts dynamically — perfect for content creators, bloggers, businesses, and video publishers.\u003C\u002Fp>\n\u003Cp>Built with performance and simplicity in mind, it runs smoothly on both small blogs and high-traffic websites. Aparat Feed helps you keep your site fresh with minimal effort.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>✅ Automatically display latest Aparat channel posts\u003Cbr \u002F>\n✅ Lightweight and optimized for speed\u003Cbr \u002F>\n✅ Fully responsive video grid\u003Cbr \u002F>\n✅ Easy to configure\u003Cbr \u002F>\n✅ Clean and modern output\u003Cbr \u002F>\n✅ SEO-friendly structure\u003Cbr \u002F>\n✅ No manual video embedding required\u003Cbr \u002F>\n✅ Built-in caching to reduce API requests\u003C\u002Fp>\n\u003Ch3>Live Preview\u003C\u002Fh3>\n\u003Cp>Want to test before using on your site?\u003Cbr \u002F>\n👉 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faparat-feed\u002F?preview=1\" rel=\"ugc\">View live preview of the plugin\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nEnter the Aparat channel username in the plugin settings and display the latest videos on your site automatically.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you encounter any issues, you can ask your question in the plugin support forum:\u003Cbr \u002F>\n👉 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faparat-feed\" rel=\"ugc\">Open a support topic\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>🔥 If you have new feature ideas or improvement suggestions, feel free to share them in the support forum as well.\u003Cbr \u002F>\nℹ️️ Please make sure to follow the official support rules: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fguidelines\" rel=\"ugc\">WordPress support guidelines\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Pro Version\u003C\u002Fh3>\n\u003Cp>🚀 Want more power? Unlock advanced features and get priority help with the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fparsmizban.com\" rel=\"nofollow ugc\">Aparat Feed Pro version & Premium Support\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>👉 Need fast and reliable \u003Cstrong>WordPress hosting\u003C\u002Fstrong> or \u003Cstrong>expert website design services\u003C\u002Fstrong>? Visit \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fparsmizban.com\" rel=\"nofollow ugc\">Pars Mizban – WordPress Hosting & Web Design\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Love Aparat Feed?\u003C\u002Fh3>\n\u003Cp>If this plugin helps your site grow, please support us:\u003Cbr \u002F>\n⭐ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faparat-feed\u002Freviews\u002F#new-post\" rel=\"ugc\">Give us a 5-star rating\u003C\u002Fa>\u003Cbr \u002F>\nYour feedback helps us improve the plugin and add more powerful features.\u003C\u002Fp>\n\u003Ch3>Translate and Contribute\u003C\u002Fh3>\n\u003Cp>❤️ We welcome contributions from the community\u003C\u002Fp>\n\u003Cp>🌍 Want to translate the plugin into your preferred language?:\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Faparat-feed\" rel=\"nofollow ugc\">Start translate easily!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>📈 View translation activity: \u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Faparat-feed\u002Fcontributors\" rel=\"nofollow ugc\">Translation contributors\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>💻 Want to contribute to development?\u003Cbr \u002F>\nBrowse or collaborate on our codes and \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDediData\u002Faparat-feed\" rel=\"nofollow ugc\">Join development on GitHub repository\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Advanced Statistics\u003C\u002Fh3>\n\u003Cp>Curious about plugin growth?\u003Cbr \u002F>\n📊 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faparat-feed\u002Fadvanced\" rel=\"ugc\">View advanced plugin statistics\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Validated by:\u003Cbr \u002F>\nhttps:\u002F\u002Fwpreadme.com\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdevelopers\u002Freadme-validator\u003C\u002Fp>\n","Easily display the latest videos from any Aparat channel on your WordPress site with a lightweight, fast and responsive Aparat video WordPress plugin.",70,3269,"2026-02-14T17:48:00.000Z","6.9.4","6.0","7.4",[19,91,92,93,23],"aparat-video","latest-posts","video-widget","https:\u002F\u002Fparsmizban.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faparat-feed.1.3.1.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":84,"downloaded":104,"rating":11,"num_ratings":13,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":108,"tags":109,"homepage":16,"download_link":113,"security_score":114,"vuln_count":26,"unpatched_count":26,"last_vuln_date":35,"fetched_at":28},"grad-aparat-rss","Aparat Videos RSS Reader | GRAD","1.2.1","Hossein G Rad","https:\u002F\u002Fprofiles.wordpress.org\u002Fhosseingrad\u002F","\u003Cp>Reading video RSS from Aparat.com and showing them in a widget.\u003Cbr \u002F>\nافزودن ویجت اختصاصی، جهت نمایش آخرین ویدئوهای آپلود شده در کانال آپارات شما.\u003C\u002Fp>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>The shortcode name is [aparat-video src=”{video_link}”] which you can insert it anywhere.\u003C\u002Fp>\n\u003Cp>Shortcode parametes:\u003Cbr \u002F>\n1. src:     you have to give an aparat video link. (such as: https:\u002F\u002Fwww.aparat.com\u002Fv\u002FkdHL5\u002F)\u003Cbr \u002F>\n2. format:  must be “iframe” or “html5”. (iframe for using aparat embed code, then view counter will work)\u003Cbr \u002F>\n3. float:   must be “left” or “right”. (then the video frame would be in left or right of your text body)\u003Cbr \u002F>\n4. width:   the value must be in percent (from 0% to 100%)\u003Cbr \u002F>\n5. height:  the value must be in pixels (eg. 250px – this is works in “iframe” format only)\u003Cbr \u002F>\n3. display_meta:    must be “yes” or “no”. (if yes! then will show the video Title and some more details on the bottom of the video)\u003C\u002Fp>\n\u003Cp>Example:\u003Cbr \u002F>\n[aparat-video src=”https:\u002F\u002Fwww.aparat.com\u002Fv\u002FkdHL5\u002F” format=”html5″ float=”left” width=”50%” height=”300px” display_meta=”yes”]\u003C\u002Fp>\n","دریافت آر.اس.اس کانال آپارات و نمایش (به ترتیب یا تصادفی) ویدئوهای کانال آپارات، در ویجت‌های وردپرس. Widgets for listing videos uploaded to Aparat.",4206,"2020-09-30T09:02:00.000Z","5.5.18","4.6","5.6.0",[19,110,111,112],"rss","rss-aggregator","video-rss","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgrad-aparat-rss.1.2.1.zip",85,{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":11,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":16,"tags":129,"homepage":131,"download_link":132,"security_score":114,"vuln_count":26,"unpatched_count":26,"last_vuln_date":35,"fetched_at":28},"aparat-embed","Aparat Embed","0.1","shazdeh","https:\u002F\u002Fprofiles.wordpress.org\u002Fshazdeh\u002F","\u003Cp>با استفاده از این افزونه میتوانید ویدئوهای آپارات را به راحتی در سایت خود بگنجانید. پس از نصب افزونه کافیست آدرس ویدئو را در متن نوشته خود بچسبانید تا ویدئو به نوشته شما اضافه شود.\u003Cbr \u002F>\nاین افزونه همچنین امکان گنجاندن کانال (مجموعه ای از ویدئوها) را دارد.\u003C\u002Fp>\n","Display Aparat videos and channels in WordPress.",60,3567,2,"2015-01-07T22:50:00.000Z","4.1.42","3.1",[19,71,130,22],"oembed","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Faparat-embed\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faparat-embed.zip",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":141,"downloaded":142,"rating":11,"num_ratings":143,"last_updated":144,"tested_up_to":145,"requires_at_least":146,"requires_php":16,"tags":147,"homepage":149,"download_link":150,"security_score":151,"vuln_count":13,"unpatched_count":13,"last_vuln_date":152,"fetched_at":28},"aparat-shortcode","Aparat Video Shortcode","0.2.4","Ali Aghdam","https:\u002F\u002Fprofiles.wordpress.org\u002Faliaghdam\u002F","\u003Cp>AparatVideoShortcode allows you to easily post \u003Ca href=\"http:\u002F\u002Faparat.com\" rel=\"nofollow ugc\">Aparat.com\u003C\u002Fa> video to your site with [aparat] shortcode.\u003C\u002Fp>\n\u003Ch3>Plugin Usage\u003C\u002Fh3>\n\u003Cp>Just wrap your Aparat video link in \u003Ccode>[aparat]\u003C\u002Fcode> or paste and select Aparat video link and then press “Aparat Video Shortcode” button.\u003Cbr \u002F>\nsimple example: \u003Ccode>[aparat]http:\u002F\u002Fwww.aparat.com\u002Fv\u002Fnjf6r[\u002Faparat]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>You can define video width and height with ‘width’ and ‘height’ parameters. also you can define ability of fullscreen mode for videos with ‘fullscreen’ with boolean value.\u003Cbr \u002F>\ncomplex example: \u003Ccode>[aparat fullscreen=\"false\" width=\"500\" height=\"300\"]http:\u002F\u002Fwww.aparat.com\u002Fv\u002Fnjf6r[\u002Faparat]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Send email for Translation files: alitopack[a]gmail[dot].com\u003C\u002Fp>\n","Add [aparat] shortcode to WordPress for easy video sharing in WordPress",50,7162,3,"2013-08-06T07:29:00.000Z","3.6.1","2.0.2",[19,148,22],"shortcode","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Faparat-shortcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faparat-shortcode.zip",63,"2025-09-05 00:00:00",{"attackSurface":154,"codeSignals":226,"taintFlows":338,"riskAssessment":357,"analyzedAt":373},{"hooks":155,"ajaxHandlers":208,"restRoutes":216,"shortcodes":217,"cronEvents":225,"entryPointCount":48,"unprotectedCount":125},[156,162,166,170,173,177,182,185,189,195,198,203,205],{"type":157,"name":158,"callback":159,"file":160,"line":161},"action","admin_menu","addmenue","admin\\class-admin.php",35,{"type":157,"name":163,"callback":164,"file":160,"line":165},"enqueue_block_editor_assets","closure",43,{"type":157,"name":167,"callback":168,"file":160,"line":169},"admin_footer","doredirect",96,{"type":157,"name":167,"callback":171,"file":160,"line":172},"emptyonDeactivate",117,{"type":157,"name":174,"callback":175,"file":160,"line":176},"admin_head","add_mce_translations",190,{"type":178,"name":179,"callback":180,"priority":26,"file":160,"line":181},"filter","mce_buttons","mce_editor_botton",191,{"type":157,"name":174,"callback":183,"file":160,"line":184},"plugin_add_tinymce",192,{"type":178,"name":186,"callback":187,"file":160,"line":188},"mce_external_plugins","add_tinymce_plugin",230,{"type":157,"name":190,"callback":191,"priority":192,"file":193,"line":194},"elementor\u002Fwidgets\u002Fregister","register_elem_widget",10,"front\\class-core.php",31,{"type":157,"name":196,"callback":164,"file":193,"line":197},"plugins_loaded",37,{"type":157,"name":199,"callback":200,"file":201,"line":202},"init","namashabymdz_add_block_1","includes\\guten-blocks.php",21,{"type":157,"name":163,"callback":164,"file":201,"line":204},23,{"type":157,"name":199,"callback":206,"file":207,"line":123},"namashabymdz_i18n","namasha-by-mdesign.php",[209,213],{"action":210,"nopriv":211,"callback":210,"hasNonce":211,"hasCapCheck":211,"file":212,"line":45},"namashabymdz_emptyOptions_AjaxConf",false,"admin\\admin-ajax.php",{"action":214,"nopriv":211,"callback":214,"hasNonce":211,"hasCapCheck":211,"file":212,"line":215},"namashabymdz_nightMode_ajax",68,[],[218,222],{"tag":219,"callback":220,"file":193,"line":221},"namashabymdz","shortcode_func",26,{"tag":19,"callback":223,"file":193,"line":224},"aparat_func",40,[],{"dangerousFunctions":227,"sqlUsage":228,"outputEscaping":230,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":334},[],{"prepared":26,"raw":26,"locations":229},[],{"escaped":231,"rawEcho":232,"locations":233},142,53,[234,237,239,242,245,247,249,251,252,254,255,257,259,261,262,264,266,268,269,271,273,275,277,278,280,281,283,284,286,288,289,291,293,295,297,299,301,303,305,306,308,310,312,314,316,318,320,322,324,325,327,329,332],{"file":160,"line":235,"context":236},129,"raw output",{"file":160,"line":238,"context":236},202,{"file":240,"line":241,"context":236},"admin\\css\\admin-css.php",110,{"file":243,"line":244,"context":236},"admin\\html\\settings-pagehtml.php",17,{"file":243,"line":246,"context":236},32,{"file":243,"line":248,"context":236},39,{"file":243,"line":250,"context":236},46,{"file":243,"line":232,"context":236},{"file":243,"line":253,"context":236},57,{"file":243,"line":253,"context":236},{"file":243,"line":256,"context":236},58,{"file":243,"line":258,"context":236},59,{"file":243,"line":260,"context":236},64,{"file":243,"line":260,"context":236},{"file":243,"line":263,"context":236},65,{"file":243,"line":265,"context":236},66,{"file":243,"line":267,"context":236},71,{"file":243,"line":267,"context":236},{"file":243,"line":270,"context":236},72,{"file":243,"line":272,"context":236},73,{"file":243,"line":274,"context":236},80,{"file":243,"line":276,"context":236},84,{"file":243,"line":51,"context":236},{"file":243,"line":279,"context":236},95,{"file":243,"line":25,"context":236},{"file":243,"line":282,"context":236},106,{"file":243,"line":241,"context":236},{"file":243,"line":285,"context":236},119,{"file":243,"line":287,"context":236},123,{"file":243,"line":287,"context":236},{"file":243,"line":290,"context":236},124,{"file":243,"line":292,"context":236},125,{"file":243,"line":294,"context":236},131,{"file":243,"line":296,"context":236},135,{"file":243,"line":298,"context":236},137,{"file":243,"line":300,"context":236},138,{"file":243,"line":302,"context":236},144,{"file":243,"line":304,"context":236},149,{"file":243,"line":304,"context":236},{"file":243,"line":307,"context":236},151,{"file":243,"line":309,"context":236},153,{"file":243,"line":311,"context":236},155,{"file":243,"line":313,"context":236},164,{"file":243,"line":315,"context":236},168,{"file":243,"line":317,"context":236},170,{"file":243,"line":319,"context":236},172,{"file":243,"line":321,"context":236},179,{"file":243,"line":323,"context":236},187,{"file":243,"line":181,"context":236},{"file":243,"line":326,"context":236},206,{"file":243,"line":328,"context":236},220,{"file":330,"line":331,"context":236},"includes\\elem-widget.php",630,{"file":330,"line":333,"context":236},699,[335],{"name":336,"version":35,"knownCves":337},"TinyMCE",[],[339],{"entryPoint":340,"graph":341,"unsanitizedCount":65,"severity":356},"\u003Csettingspage> (admin\\settingspage.php:0)",{"nodes":342,"edges":354},[343,349],{"id":344,"type":345,"label":346,"file":347,"line":348},"n0","source","$_POST (x9)","admin\\settingspage.php",25,{"id":350,"type":351,"label":352,"file":347,"line":221,"wp_function":353},"n1","sink","update_option() [Settings Manipulation]","update_option",[355],{"from":344,"to":350,"sanitized":211},"low",{"summary":358,"deductions":359},"The \"namasha-by-mdesign\" plugin v1.2.06 exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, utilizing prepared statements exclusively, and shows no instances of file operations or external HTTP requests. The plugin also leverages TinyMCE, a common and generally well-maintained bundled library. However, significant concerns arise from the attack surface analysis, which reveals two unprotected AJAX handlers. Furthermore, the taint analysis identified one flow with unsanitized paths, although it was not classified as critical or high severity in this instance.  The vulnerability history, while showing no currently unpatched CVEs, does include one past medium severity vulnerability related to Cross-site Scripting. This suggests a potential for input validation issues that require careful attention.",[360,362,365,368,371],{"reason":361,"points":192},"Unprotected AJAX handlers found",{"reason":363,"points":364},"Taint flow with unsanitized paths",8,{"reason":366,"points":367},"Past medium severity XSS vulnerability history",7,{"reason":369,"points":370},"Low percentage of properly escaped output",5,{"reason":372,"points":370},"Missing nonce checks on AJAX handlers","2026-03-16T20:44:51.888Z",{"wat":375,"direct":382},{"assetPaths":376,"generatorPatterns":378,"scriptPaths":379,"versionParams":380},[377],"\u002Fwp-content\u002Fplugins\u002Fnamasha-by-mdesign\u002Fadmin\u002Fcss\u002Fguten-styles.css",[],[],[381],"namasha-by-mdesign\u002Fadmin\u002Fcss\u002Fguten-styles.css?ver=",{"cssClasses":383,"htmlComments":385,"htmlAttributes":386,"restEndpoints":387,"jsGlobals":388,"shortcodeOutput":392},[384],"namashabymdz_admin_class",[],[],[],[389,390,210,391],"namasha-settings","namashabymdz_redirect_onActivate","noguten_nwmdz",[]]