[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVfC6HiK7u3k6sP5XkUlF7A4omlOCDSlUS8OjHhMxclc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":122,"fingerprints":157},"no-more-frames","No More Frames","2017.08.13","klickonit","https:\u002F\u002Fprofiles.wordpress.org\u002Fklickonit\u002F","\u003Cp>** this plugin is no longer being update. Please feel free to adopt me! **\u003C\u002Fp>\n\u003Cp>Many web sites try to load your content into their own frame, to help sell ads on their sites. This simple plugin ensure your site is protect from this using a simple piece of code in your document header.\u003C\u002Fp>\n\u003Cp>The plugin also dramatically reduces comment SPAM by making it significantly more frustrating for the page to be loaded into a secondary browser window.\u003C\u002Fp>\n","Many web sites try to load your content into their own frame, to help sell ads on their sites. This plugin reloads sites such as Google images, forcin …",10,59686,0,"2017-07-13T17:56:00.000Z","4.8.0","4.0.0","",[19],"adopt-me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-more-frames.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},17,130,88,30,86,"2026-04-04T05:03:52.834Z",[33,56,77,98,113],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":11,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":53,"download_link":54,"security_score":55,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"share-on-mastodon","Share on Mastodon","0.20.1","Jan Boddez","https:\u002F\u002Fprofiles.wordpress.org\u002Fjanboddez\u002F","\u003Cp>Automatically share WordPress posts on \u003Ca href=\"https:\u002F\u002Fjoinmastodon.org\u002F\" rel=\"nofollow ugc\">Mastodon\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You choose which post types are shared, and sharing can still be disabled on a per-post basis.\u003C\u002Fp>\n\u003Cp>Supports WordPress’ new block editor, image uploads and alt text, “template tags,” and comes with a number of filter hooks for developers.\u003C\u002Fp>\n\u003Cp>More details can be found on \u003Ca href=\"https:\u002F\u002Fjan.boddez.net\u002Fwordpress\u002Fshare-on-mastodon\" rel=\"nofollow ugc\">this plugin’s web page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credit\u003C\u002Fh4>\n\u003Cp>Share icon by \u003Ca href=\"https:\u002F\u002Fheroicons.dev\u002F\" rel=\"nofollow ugc\">Heroicons\u003C\u002Fa>, licensed under the terms of the MIT License. Elephant illustration sourced from Mastodon’s \u003Ca href=\"https:\u002F\u002Fjoinmastodon.org\u002Fpress-kit.zip\" rel=\"nofollow ugc\">Press Kit\u003C\u002Fa>.\u003C\u002Fp>\n","Automatically share WordPress posts on Mastodon.",1000,29553,96,"2026-01-31T14:49:00.000Z","6.9.4","5.9","7.2",[19,49,50,51,52],"fediverse","mastodon","posse","syndication","https:\u002F\u002Fjan.boddez.net\u002Fwordpress\u002Fshare-on-mastodon","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshare-on-mastodon.0.20.1.zip",100,{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":41,"downloaded":64,"rating":55,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":17,"download_link":75,"security_score":76,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"wp-rest-yoast-meta","WP REST Yoast Meta","2025.1.0","Acato","https:\u002F\u002Fprofiles.wordpress.org\u002Facato\u002F","\u003Cp>\u003Cem>This plugin is no longer updated, but is open for adoption\u003C\u002Fem>\u003Cbr \u002F>\nAs of Yoast SEO version 16.7 the functionality provided by this plugin is now \u003Ca href=\"https:\u002F\u002Fdeveloper.yoast.com\u002Fcustomization\u002Fapis\u002Frest-api\u002F\" rel=\"nofollow ugc\">part of the Yoast SEO plugin\u003C\u002Fa> itself. This plugin will no longer be updated, but is open for adoption. If you are interested in adopting this plugin, please contact the authors.\u003C\u002Fp>\n\u003Cp>Are you using WordPress for a headless set-up, using the WP REST API? And would you like to use the Yoast SEO plugin just like you would for any other project? This plugin adds the meta tags generated by the Yoast SEO plugin to the WP REST API output, allowing your headless set-up to implement them. Also when you are using Yoast SEO Premium you have the option to retrieve redirects throught the API: this plugin adds a custom endpoint (\u003Ccode>\u002Fwp-rest-yoast-meta\u002Fv1\u002Fredirects\u003C\u002Fcode>) to provide those redirects in a JSON format. Since Yoast 11.0 JSON LD Schema.org data is also supported and is now also available through the WP REST API when using this plugin.\u003C\u002Fp>\n\u003Ch3>Installation from within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit ‘Plugins > Add New’ (or ‘My Sites > Network Admin > Plugins > Add New’ if you are on a multisite installation).\u003C\u002Fli>\n\u003Cli>Search for ‘WP REST Yoast Meta’.\u003C\u002Fli>\n\u003Cli>Activate the WP REST Yoast Meta plugin through the ‘Plugins’ menu in WordPress.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Installation manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the \u003Ccode>wp-rest-yoast-meta\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory.\u003C\u002Fli>\n\u003Cli>Activate the WP REST Yoast Meta plugin through the ‘Plugins’ menu in WordPress.\u003C\u002Fli>\n\u003C\u002Fol>\n","Adds meta tags as generated by Yoast SEO to the WP REST API. And adds a custom endpoint to retrieve all redirects as they are set in Yoast SEO Premium …",31743,6,"2025-01-23T09:31:00.000Z","5.7.15","4.7","5.4",[19,71,72,73,74],"api","wp-rest","wp-rest-api","yoast","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rest-yoast-meta.2025.1.0.zip",92,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":13,"num_ratings":13,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":96,"download_link":97,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"mc-divi-title-module","Divi Title Module","1.0.2","Marie Comet","https:\u002F\u002Fprofiles.wordpress.org\u002Fchaton666\u002F","\u003Cp>This plugin adds a new module to the Divi builder, it allows to easily insert titles without going through the text module.\u003Cbr \u002F>\nYou will be able to set the level of the title (h1, h2, etc), its color, its size, among others.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fgallery\u002Fdivi\u002F\" rel=\"nofollow ugc\">Divi\u003C\u002Fa> is a registered trademark of Elegant Themes, Inc. This plugin is not affiliated with nor endorsed by \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\" rel=\"nofollow ugc\">Elegant Themes\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin adds a new module to the Divi builder, it allows to easily insert titles without going through the text module.",200,5133,"2020-04-08T11:08:00.000Z","5.4.19","4.4","5.2.4",[19,92,93,94,95],"divi","divi-builder","divi-module","divi-title","https:\u002F\u002Fgithub.com\u002FMarieComet\u002FMC-Divi-Module-Title\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmc-divi-title-module.1.0.2.zip",{"slug":99,"name":100,"version":101,"author":37,"author_profile":38,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":55,"num_ratings":106,"last_updated":107,"tested_up_to":45,"requires_at_least":17,"requires_php":17,"tags":108,"homepage":17,"download_link":112,"security_score":55,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"share-on-pixelfed","Share on Pixelfed","0.9.0","\u003Cp>Automatically share WordPress posts on \u003Ca href=\"https:\u002F\u002Fpixelfed.org\u002F\" rel=\"nofollow ugc\">Pixelfed\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You choose which Post Types are shared—though sharing can still be disabled on a per-post basis. Posts without a Featured Image will not be shared. (The plugin currently doesn’t look for other images inside the post, that is.)\u003C\u002Fp>\n\u003Cp>Supports a number of filter hooks for developers, and is fully compatible with WordPress’s new block editor.\u003C\u002Fp>\n\u003Cp>More details can be found on \u003Ca href=\"https:\u002F\u002Fjan.boddez.net\u002Fwordpress\u002Fshare-on-pixelfed\" rel=\"nofollow ugc\">this plugin’s web page\u003C\u002Fa>.\u003C\u002Fp>\n","Automatically share WordPress (image) posts on Pixelfed.",70,3325,1,"2026-02-07T10:24:00.000Z",[19,109,49,110,111],"crosspost","pixelfed","share","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshare-on-pixelfed.0.9.0.zip",{"slug":114,"name":115,"version":6,"author":7,"author_profile":8,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":120,"homepage":17,"download_link":121,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"add-image-to-rss-feed","Add Image to RSS Feed","\u003Cp>** this plugin is no longer being update. Please feel free to adopt me! **\u003C\u002Fp>\n\u003Cp>Automatically adds the featured image to RSS feed posts\u003C\u002Fp>\n","** this plugin is no longer being update. Please feel free to adopt me! **",20,2944,[19],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-image-to-rss-feed.zip",{"attackSurface":123,"codeSignals":135,"taintFlows":144,"riskAssessment":145,"analyzedAt":156},{"hooks":124,"ajaxHandlers":131,"restRoutes":132,"shortcodes":133,"cronEvents":134,"entryPointCount":13,"unprotectedCount":13},[125],{"type":126,"name":127,"callback":128,"file":129,"line":130},"filter","wp_footer","no_more_frames","no-more-frames.php",71,[],[],[],[],{"dangerousFunctions":136,"sqlUsage":137,"outputEscaping":139,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":143},[],{"prepared":13,"raw":13,"locations":138},[],{"escaped":13,"rawEcho":106,"locations":140},[141],{"file":129,"line":55,"context":142},"raw output",[],[],{"summary":146,"deductions":147},"The \"no-more-frames\" v2017.08.13 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of any recorded vulnerabilities (CVEs) and the clean taint analysis suggest a low risk of known exploits.  Furthermore, the code demonstrates good practices by not utilizing dangerous functions, all SQL queries being prepared, and no file operations or external HTTP requests being present. This indicates a limited attack surface and careful coding in these areas.\n\nHowever, a significant concern arises from the complete lack of output escaping. With one output identified and zero percent properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data rendered to the user interface that originates from user input or other potentially untrusted sources could be maliciously manipulated. Additionally, the absence of any nonce or capability checks, even though the attack surface appears minimal (0 AJAX, REST API, shortcodes, or cron events), means that if any such entry points were to be introduced in the future without proper authentication and authorization, they would be entirely unprotected.\n\nIn conclusion, while the plugin has a history of being clean and avoids many common pitfalls, the unescaped output is a critical weakness that significantly increases the risk of exploitation. The lack of any security checks on potential entry points also represents a latent risk. Developers should prioritize addressing the output escaping issue immediately and consider implementing basic capability checks on any future additions to the plugin's functionality.",[148,151,154],{"reason":149,"points":150},"Output not properly escaped",8,{"reason":152,"points":153},"Missing nonce checks",5,{"reason":155,"points":153},"Missing capability checks","2026-03-16T23:51:34.170Z",{"wat":158,"direct":164},{"assetPaths":159,"generatorPatterns":161,"scriptPaths":162,"versionParams":163},[160],"\u002Fwp-content\u002Fplugins\u002Fno-more-frames\u002Fhorshipsrectors-common.php",[],[],[],{"cssClasses":165,"htmlComments":166,"htmlAttributes":169,"restEndpoints":170,"jsGlobals":171,"shortcodeOutput":175},[],[167,168],"\u003C!-- No More Frames ( start ) -->","\u003C!-- No More Frames ( end ) -->",[],[],[172,173,174],"parent_location","top_location","cur_location",[]]