[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDYo2uPfbHwu6rkO4JTf5C8YBYQzgcRCx5yzTG69-bkg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":125,"fingerprints":218},"nantuki-yify-torrent-adder","NanTuki YiFy-Torrent Adder","1.0","Nazmul Alam","https:\u002F\u002Fprofiles.wordpress.org\u002Fnazmul-alam\u002F","\u003Cp>This plugin helps to add movie information (from YTS) in wordpress post using shortcode [yts id=”ytsmovieid”].\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NanTuki YiFy-Torrent Adder\u003C\u002Fstrong> is using YiFy API which provides information for the movies.\u003C\u002Fp>\n\u003Cp>Thanks to YTS team, for the api and all the hard work You guys do. You guys are amazing 🙂 .\u003C\u002Fp>\n","Display movie information from YTS in wordpress post, it includes all the fields that are in IMDB, including screenshots of the movie and direct torre …",10,2721,0,"2014-11-14T02:57:00.000Z","4.0.38","2.8","",[19,20,21,22],"imdb","movie","shortcode","yts","http:\u002F\u002Fwordpress.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnantuki-yify-torrent-adder.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"nazmul-alam",1,30,84,"2026-04-05T02:09:30.313Z",[36,58,76,91,108],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":46,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"lumiere-movies","Lumière Movies","4.7.3","JCV","https:\u002F\u002Fprofiles.wordpress.org\u002Fpsykonevro\u002F","\u003Cp>Visit the \u003Ca href=\"https:\u002F\u002Fwww.jcvignoli.com\u002Fblog\u002Fen\u002Flumiere-movies-wordpress-plugin\" title=\"Official website\" rel=\"nofollow ugc\">Official website\u003C\u002Fa> to see how the plugin can enhance your website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lumiere! Movies\u003C\u002Fstrong> helps you integrate loads of information about movies and stars in your blog. Widgets, links to informative popup, and dedicated taxonomy pages are available. Everything is automatised and no further configuration is required from the user. However, should you want to access advanced features, your can change the themes, add taxonomy to your pages, remove links, display automatically information according to your blog posts’ titles, and use many hidden features. The information is retrieved from the popular \u003Ca href=\"https:\u002F\u002Fwww.imdb.com\" title=\"Internet Movie Database\" rel=\"nofollow ugc\">IMDb\u003C\u002Fa> website. Lumière! ensures that you have the most accurate and reliable information always available on your blog.\u003C\u002Fp>\n\u003Cp>It is \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FHTTP\u002FCSP\" title=\"Content Security Policy on Mozilla\" rel=\"nofollow ugc\">Content Security Policy\u003C\u002Fa> (CSP) compliant, takes advantage of Polylang plugin and is fully compatible with AMP plugin. It is also fully compatible with Classic Editor, Classic Widgets plugins, and Intelly related posts. It supports any WordPress theme and is adapted to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Foceanwp\u002F\" title=\"OceanWP theme\" rel=\"ugc\">OceanWP\u003C\u002Fa> theme.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lumière!\u003C\u002Fstrong> is a great tool to illustrate your articles. You can display movie and people details by several ways, such as in popups, widgets, and straight inside your posts. It can be extensively fine-tuned in the admin options panel.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Flumiere-movies\u002F\" title=\"WordPress Support\" rel=\"ugc\">WordPress Support\u003C\u002Fa> for general issues, or to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjcvignoli\u002Flumiere-movies\" title=\"GIT repository\" rel=\"nofollow ugc\">GIT repository\u003C\u002Fa> for technical requests (developper-oriented).\u003C\u002Fp>\n\u003Cp>It’s always a good idea to look at the \u003Ca href=\"https:\u002F\u002Fwww.jcvignoli.com\u002Fblog\u002Fen\u002Flumiere-movies-wordpress-plugin\" title=\"Lumière! official website\" rel=\"nofollow ugc\">official website\u003C\u002Fa>\u003C\u002Fp>\n","Lumière! Movies is a WordPress plugin that retrieves data from www.imdb.com and helps you include it in your posts and in your widgets.",40,10279,100,3,"2025-12-25T17:56:00.000Z","6.9.4","6.1","8.1",[53,54,55,19,20],"actor","cinema","film","https:\u002F\u002Fwww.wordpress.org\u002Fplugins\u002Flumiere-movies\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flumiere-movies.4.7.3.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":32,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":74,"download_link":75,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"f13-movie-shortcode","F13 Movies","2.1.4","f13dev","https:\u002F\u002Fprofiles.wordpress.org\u002Ff13dev\u002F","\u003Cp>Using Movie Shortcode you can easily add information about a movie, tv show, episode or actor to a blog post.\u003C\u002Fp>\n\u003Cp>Simply enter the shortcode: [movie imdb=”an IMDB ID”] or [movie title=”A Movie Title”] to a blog post to add an array of information about the movie, tv show or episode; or enter the shortcode [actor tmdb=”a TMDB person ID”] or [actor name=”An actors name”] to a blog post to add an array of information about the actor.\u003C\u002Fp>\n\u003Ch3>Movie\u003C\u002Fh3>\n\u003Cp>Optional attributes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>cachetime=”A time in minutes” – default is 1440 (24 hours)\u003C\u002Fli>\n\u003Cli>plot=”short|full” – default is full\u003C\u002Fli>\n\u003Cli>disable=”title,image,plot,information,rating” – comma separated list of sections to remove\u003C\u002Fli>\n\u003Cli>image_size=”1200″ – maximum image size in pixels\u003C\u002Fli>\n\u003Cli>trailer=”youtube video ID” – a youtube video ID for the movie trailer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If adding the shortcode with a title, rather than an IMDB ID, the following attributes are also optional to find the correct entry:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>type=”movie|series|episode”\u003C\u002Fli>\n\u003Cli>year=”The year of the movie”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Actor\u003C\u002Fh3>\n\u003Cp>Optional attributes (actor):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>cachetime=”A time in minutes” – default is 1440 (24 hours)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Styled appearance\u003C\u002Fli>\n\u003Cli>Shows film title, year, release date\u003C\u002Fli>\n\u003Cli>If showing a series, the total number of seasons is displayed\u003C\u002Fli>\n\u003Cli>If showing an episode, the season and episode number are displayed\u003C\u002Fli>\n\u003Cli>Displays the plot or synopsis\u003C\u002Fli>\n\u003Cli>Displays a poster image if one is available\u003C\u002Fli>\n\u003Cli>If a poster image is available it is added to your media library and loaded locally\u003C\u002Fli>\n\u003Cli>Displays movie stats such as the runtime, genre, awards, director, writer, Actors\u003C\u002Fli>\n\u003Cli>Displays the available languages and country of origin\u003C\u002Fli>\n\u003Cli>Provides the IMDB rating, including a star rating image\u003C\u002Fli>\n\u003Cli>Adds a link to the movie on IMDB\u003C\u002Fli>\n\u003Cli>Utilizes transient caching to reduce page load times and api calls\u003C\u002Fli>\n\u003Cli>Disable widget blocks to customize the appearance to your needs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n","Do you blog about movies? It can be tedious adding movie information manually, now you can add movie information with shortcode using an IMDB ID.",5438,"2023-07-08T10:51:00.000Z","6.2.9","3.0.1",[71,72,20,21,73],"embed","episode","tv-show","https:\u002F\u002Ff13.dev\u002Fwordpress-plugins\u002Fwordpress-plugin-movies\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ff13-movie-shortcode.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":17,"short_description":82,"active_installs":83,"downloaded":84,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":85,"requires_at_least":69,"requires_php":17,"tags":86,"homepage":88,"download_link":89,"security_score":46,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":90},"wp-imdb-api","IMDb API","1.2.0","tuyenlaptrinh","https:\u002F\u002Fprofiles.wordpress.org\u002Ftuyenlaptrinh\u002F","The IMDb API is a RESTful web service to obtain movie information, all content and images on the site are contributed and maintained by our users.",20,6252,"4.7.32",[19,87,20],"imdb-api","http:\u002F\u002Fimdbapi.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-imdb-api.1.2.0.zip","2026-03-15T10:48:56.248Z",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":11,"downloaded":99,"rating":13,"num_ratings":13,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":17,"tags":103,"homepage":106,"download_link":107,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"filmgetter","FilmGetter","0.1.4.1","confact","https:\u002F\u002Fprofiles.wordpress.org\u002Fconfact\u002F","\u003Cp>Filmgetter gets the information from TMDb about a movie you have choosen. Adding it to the database and you can now use it’s information with using the tags defined below. It will write out the information about the movie you want.\u003C\u002Fp>\n","FilmGetter uses tags to show information like Poster, plot, rating, release date, TMDb and imdb urls.",5505,"2011-09-05T22:04:00.000Z","3.2.1","2.1",[55,19,20,104,105],"poster","tmdb","http:\u002F\u002Fdun.se\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilmgetter.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":11,"downloaded":116,"rating":13,"num_ratings":13,"last_updated":117,"tested_up_to":101,"requires_at_least":118,"requires_php":17,"tags":119,"homepage":123,"download_link":124,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"icheckmovies-widget","iCheckMovies Widget","1.1","madalinoprea","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadalinoprea\u002F","\u003Cp>This is a widget that loads recent movies checked on iCheckMovies (http:\u002F\u002Fwww.icheckmovies.com\u002F) and display their nice\u003Cbr \u002F>\ncovers.\u003C\u002Fp>\n\u003Cp>You’ll need to have a profile on iCheckMovies website, use this site to track your seen movies. If you don’t know\u003Cbr \u002F>\nthe site you should check it because is really nice.\u003C\u002Fp>\n\u003Cp>More info: \u003Ca href=\"http:\u002F\u002Fmoprea.ro\u002F2011\u002F11\u002F28\u002Ficheckmovies-widget-for-wordpress\" title=\"iCheckMovies Widget Details\" rel=\"nofollow ugc\">iCheckMovies Widget\u003C\u002Fa>\u003C\u002Fp>\n","Looks cool to share your latest seen movies on your blog.",1997,"2012-01-14T13:14:00.000Z","3.0",[120,19,121,122],"icheckmovies","movies","widget","http:\u002F\u002Fmoprea.ro\u002F2011\u002F11\u002F28\u002Ficheckmovies-widget-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ficheckmovies-widget.zip",{"attackSurface":126,"codeSignals":142,"taintFlows":204,"riskAssessment":205,"analyzedAt":217},{"hooks":127,"ajaxHandlers":134,"restRoutes":135,"shortcodes":136,"cronEvents":141,"entryPointCount":31,"unprotectedCount":13},[128],{"type":129,"name":130,"callback":131,"file":132,"line":133},"action","admin_menu","nantuki_ytsadm","yifyset.php",2,[],[],[137],{"tag":22,"callback":138,"file":139,"line":140},"nantuki_yts","nantuki_yts.php",27,[],{"dangerousFunctions":143,"sqlUsage":144,"outputEscaping":146,"fileOperations":133,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":203},[],{"prepared":13,"raw":13,"locations":145},[],{"escaped":13,"rawEcho":147,"locations":148},33,[149,153,155,157,158,160,162,164,166,168,170,172,173,175,177,179,181,183,185,187,188,189,190,191,192,193,194,196,197,198,199,200,201],{"file":150,"line":151,"context":152},"getid.php",7,"raw output",{"file":150,"line":154,"context":152},8,{"file":150,"line":156,"context":152},9,{"file":150,"line":11,"context":152},{"file":150,"line":159,"context":152},11,{"file":150,"line":161,"context":152},12,{"file":150,"line":163,"context":152},13,{"file":150,"line":165,"context":152},14,{"file":150,"line":167,"context":152},15,{"file":150,"line":169,"context":152},17,{"file":150,"line":171,"context":152},18,{"file":150,"line":83,"context":152},{"file":150,"line":174,"context":152},21,{"file":150,"line":176,"context":152},22,{"file":150,"line":178,"context":152},23,{"file":150,"line":180,"context":152},24,{"file":150,"line":182,"context":152},25,{"file":150,"line":184,"context":152},26,{"file":186,"line":154,"context":152},"getimdb.php",{"file":186,"line":156,"context":152},{"file":186,"line":11,"context":152},{"file":186,"line":159,"context":152},{"file":186,"line":161,"context":152},{"file":186,"line":163,"context":152},{"file":186,"line":169,"context":152},{"file":186,"line":171,"context":152},{"file":186,"line":195,"context":152},19,{"file":186,"line":83,"context":152},{"file":186,"line":174,"context":152},{"file":186,"line":178,"context":152},{"file":186,"line":180,"context":152},{"file":186,"line":184,"context":152},{"file":186,"line":202,"context":152},31,[],[],{"summary":206,"deductions":207},"The \"nantuki-yify-torrent-adder\" plugin version 1.0 exhibits a mixed security posture.  On the positive side, the plugin has no known CVEs and uses prepared statements for its SQL queries. The attack surface appears minimal with only one shortcode and no AJAX handlers or REST API routes exposed without checks.  However, several significant concerns arise from the static analysis.  The complete absence of output escaping for all 33 identified outputs is a critical vulnerability, opening the door to cross-site scripting (XSS) attacks.  Furthermore, the lack of nonce and capability checks means that the shortcode handler is likely unprotected, allowing unauthenticated users to trigger its functionality, potentially leading to unintended actions or information disclosure. The plugin also performs file operations without any apparent sanitization or permission checks, which could be exploited for file manipulation or directory traversal. The lack of vulnerability history might suggest it hasn't been widely targeted or analyzed, but the current code analysis reveals critical weaknesses that need immediate attention.",[208,210,212,214],{"reason":209,"points":83},"Unescaped output (all 33 outputs)",{"reason":211,"points":167},"Shortcode without capability checks",{"reason":213,"points":11},"File operations without apparent checks",{"reason":215,"points":216},"Missing nonce checks",5,"2026-03-17T01:08:50.981Z",{"wat":219,"direct":224},{"assetPaths":220,"generatorPatterns":221,"scriptPaths":222,"versionParams":223},[],[],[],[],{"cssClasses":225,"htmlComments":226,"htmlAttributes":227,"restEndpoints":228,"jsGlobals":229,"shortcodeOutput":230},[],[],[],[],[],[231],"[yts id=\"ytsmovieid\"]"]