[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbpg6xfmJAgDjloyzwIC0tSCmkLZ8djLOrDg8o4g-jX0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":77,"fingerprints":164},"newsletter-chat","Newsletter Chat","1.2","Geeky Nigeria","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnvictor82\u002F","\u003Cp>Newsletter Chat is a lite plugin that allows you to share today’s posts to your WhatsApp subscribers. Simply enter your preferred Newsletter title and Newsletter footer. The posts are automatically set up for sharing on the Newsletter Page.\u003C\u002Fp>\n\u003Cp>Visit the Newsletter page everyday, after posting, to share your published posts on WhatsApp.\u003C\u002Fp>\n\u003Cp>The newsletter page can also be shared, so that others can assist to distribute.\u003C\u002Fp>\n\u003Cp>If posts haven’t been set up, kindly update your Timezone in Settings -> General -> Timezone\u003C\u002Fp>\n\u003Cp>Major features in Newsletter for WhatsApp include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Share Posts Published Today\u003C\u002Fli>\n\u003Cli>Set Newsletter Title and Footer\u003C\u002Fli>\n\u003Cli>Link To Read Posts Below Newsletter  \u003C\u002Fli>\n\u003Cli>Shareable Newsletter page for fans\u003C\u002Fli>\n\u003Cli>Support Inclusion\u003C\u002Fli>\n\u003C\u002Ful>\n","Newsletter Chat is a lite plugin that allows you to share today's posts to your WhatsApp subscribers. Simply enter your preferred Newsletter titl …",10,1128,100,2,"2020-07-18T04:26:00.000Z","5.4.19","5.2","7.2",[20,4,21,22,23],"geeky-nigeria","posts-newsletter-for-whatsapp","share-latest-posts-to-whatsapp","whatsapp-newsletter-plugin","https:\u002F\u002Fgeeky.com.ng\u002Fnewsletter-chat-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnewsletter-chat.1.2.zip",85,0,null,"2026-03-15T14:54:45.397Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":13,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"johnvictor82",4,89,30,86,"2026-04-05T17:47:35.687Z",[39,59],{"slug":40,"name":41,"version":42,"author":7,"author_profile":8,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":33,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":58},"wp-tic-tac-toe","Wp Tic-Tac-Toe","1.8","\u003Cp>Wp Tic-Tac-Toe allows visitors to play the game on your website, thereby driving engagement. There are four defined levels; Beginner, Learner, Pro, and Geek. Players can choose to learn with the Beginner & Learner Levels or Play to Beat the AI in Pro and Geek.\u003C\u002Fp>\n\u003Cp>The Game can be added to any page or post via an easily accessible shortcode, [wp-tic-tac-toe] or conveniently set up on a sidebar in Appearance >> Widgets. Add the plugin, and you are ready to play!\u003C\u002Fp>\n\u003Cp>Major features in Wp Tic-Tac-Toe include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Increasing Levels of Difficulty.\u003C\u002Fli>\n\u003Cli>Shortcode for Page\u002FPost Inclusion.  \u003C\u002Fli>\n\u003Cli>Low memory usage.\u003C\u002Fli>\n\u003Cli>Well designed Game Layout\u003C\u002Fli>\n\u003C\u002Ful>\n","Drive engagement to your website with the Tic-Tac-Toe Game.",70,4171,"2025-06-30T15:47:00.000Z","6.8.5","","8.0",[20,52,53,54,55],"play-tic-tac-toe-on-wordpress","simple-tic-tac-toe-game","tic-tac-toe-game-for-wordpress","wordpress-tic-tac-toe-plugin","https:\u002F\u002Fgeeky.com.ng\u002Fwp-tic-tac-toe-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-tic-tac-toe.1.8.zip","2026-03-15T15:16:48.613Z",{"slug":60,"name":61,"version":62,"author":7,"author_profile":8,"description":63,"short_description":64,"active_installs":11,"downloaded":65,"rating":13,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":49,"tags":70,"homepage":75,"download_link":76,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":58},"share-christmas-tunes-decorations","Share Christmas – Tunes and Decorations","1.0.2","\u003Cp>Share Christmas – Tunes and Decorations is an all-in-one inclusive plugin that uniquely features decorations, music and a lovely Christmas font to your WordPress visitors. It is neatly designed, with a user-friendly interface. Simple visit the settings to choose your desired effect.\u003C\u002Fp>\n\u003Cp>A major feature of Share Christmas plugin is that it is extremely lightweight, despite its options, which makes it suitable, even for low-budget websites with limited resources. The tunes have low file size and is perfectly integrated to work with modern browsers.\u003C\u002Fp>\n\u003Cp>With an autoplay feature, the tune plays automatically when the visitor goes through your site content. Visitors even have the option to pause the song, to foucs on the site’s content.\u003C\u002Fp>\n\u003Cp>Install and share the love of Christmas with your visitors. Your can also drop us a review.\u003C\u002Fp>\n","Share Christmas for Wordpress gives visitors the memorable christmas experience of classic tunes and decorations for an immersive and pleasant yuletid …",2274,1,"2023-11-18T13:36:00.000Z","6.4.8","4.3",[71,72,73,20,74],"carol","christmas","christmas-font","music","https:\u002F\u002Fgeeky.com.ng","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshare-christmas-tunes-decorations.1.0.2.zip",{"attackSurface":78,"codeSignals":113,"taintFlows":152,"riskAssessment":153,"analyzedAt":163},{"hooks":79,"ajaxHandlers":105,"restRoutes":106,"shortcodes":107,"cronEvents":112,"entryPointCount":66,"unprotectedCount":27},[80,86,90,93,97,101],{"type":81,"name":82,"callback":83,"file":84,"line":85},"action","activated_plugin","NWCGNIG_activate_redirect","newsletter-chat.php",15,{"type":81,"name":87,"callback":88,"file":84,"line":89},"wp_enqueue_scripts","NWCGNIG_newsletter_plugin_styles",32,{"type":81,"name":91,"callback":88,"file":84,"line":92},"admin_head",33,{"type":81,"name":94,"callback":95,"file":84,"line":96},"admin_menu","NWCGNIG_chat_settings_menu",34,{"type":81,"name":98,"callback":99,"file":84,"line":100},"admin_init","NWCGNIG_register_settings",51,{"type":81,"name":102,"callback":103,"file":84,"line":104},"init","NWCGNIG_newschat_shortcode",136,[],[],[108],{"tag":109,"callback":110,"file":84,"line":111},"NewsChatNG","NWCGNIG_newsletter_prev",133,[],{"dangerousFunctions":114,"sqlUsage":115,"outputEscaping":117,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":151},[],{"prepared":27,"raw":27,"locations":116},[],{"escaped":27,"rawEcho":118,"locations":119},18,[120,123,125,127,128,130,131,133,135,136,138,140,141,143,144,146,148,149],{"file":84,"line":121,"context":122},90,"raw output",{"file":84,"line":124,"context":122},101,{"file":84,"line":126,"context":122},102,{"file":84,"line":126,"context":122},{"file":84,"line":129,"context":122},107,{"file":84,"line":129,"context":122},{"file":84,"line":132,"context":122},111,{"file":84,"line":134,"context":122},112,{"file":84,"line":134,"context":122},{"file":84,"line":137,"context":122},196,{"file":84,"line":139,"context":122},197,{"file":84,"line":139,"context":122},{"file":84,"line":142,"context":122},216,{"file":84,"line":142,"context":122},{"file":84,"line":145,"context":122},219,{"file":84,"line":147,"context":122},223,{"file":84,"line":147,"context":122},{"file":84,"line":150,"context":122},275,[],[],{"summary":154,"deductions":155},"The \"newsletter-chat\" plugin version 1.2 exhibits a mixed security posture. On the positive side, it has a very small attack surface with only one shortcode and no AJAX handlers, REST API routes, or cron events. The code analysis also shows a complete absence of dangerous functions, file operations, external HTTP requests, and SQL queries that are not using prepared statements. This indicates good practices in these specific areas.\n\nHowever, there are significant concerns. The most alarming finding is that 0% of the 18 identified output operations are properly escaped. This creates a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data rendered on the page could be executed as malicious scripts. The lack of nonce checks and capability checks, coupled with the absence of any identified taint flows (which might be due to the limited scope of analysis or the absence of complex data handling), means that even if the shortcode were to process user input, there are no built-in security mechanisms to prevent unauthorized actions or data manipulation.\n\nWith no recorded vulnerability history, it's difficult to infer patterns. This could mean the plugin is genuinely secure, or it could indicate a lack of historical security auditing or that vulnerabilities have been missed. Given the critical unescaped output issue, the absence of historical CVEs is not a strong indicator of robust security. The plugin's strengths lie in its limited attack surface and secure handling of database queries, but these are overshadowed by the severe lack of output sanitization, leaving it highly vulnerable to XSS attacks.",[156,158,161],{"reason":157,"points":85},"0% of outputs properly escaped",{"reason":159,"points":160},"No nonce checks",5,{"reason":162,"points":160},"No capability checks","2026-03-16T23:39:20.708Z",{"wat":165,"direct":171},{"assetPaths":166,"generatorPatterns":168,"scriptPaths":169,"versionParams":170},[167],"\u002Fwp-content\u002Fplugins\u002Fnewsletter-chat\u002Fcss\u002Fstyles.css",[],[],[],{"cssClasses":172,"htmlComments":186,"htmlAttributes":187,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":191},[173,174,175,176,177,178,179,180,181,182,183,184,185],"NWCGNIG_newschat-box","NWCGNIG_newschat-footer","NWCGNIG_post_newsletter","NWCGNIG_center-align","NWCGNIG_settings-intro","NWCGNIG_admin-option","NWCGNIG_option-format","NWCGNIG_page-link","NWCGNIG_newsletter-label","NWCGNIG_newsletter-title","NWCGNIG_newsletter-value","NWCGNIG_newsletter-footer","NWCGNIG_page-link-section",[],[188],"data-no-meta-auto-generated",[],[],[192],"[NewsChatNG]"]