[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7Ep4tqItnFWtN5xvkErI9Sj8Cih4NKaoVW-qs9CH2rc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":16,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":138,"fingerprints":278},"ob-event-manger","OB Event Manger","1.0","Oudaryamay Burai","https:\u002F\u002Fprofiles.wordpress.org\u002Foudaryamayburai\u002F","\u003Cp>OB Event Manger is a lightweight and full-featured event management plugin for adding event listing functionality to your WordPress site. The shortcode lists all the events with date and time with search funcility, it can work with any theme and is really easy to setup and customise.\u003C\u002Fp>\n\u003Cp>We are currently working on a new functionality, adding soon.\u003C\u002Fp>\n\u003Ch4>Plugin Functionalities:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Import events by csv.\u003C\u002Fli>\n\u003Cli>All event can be fully manage from back-end.\u003C\u002Fli>\n\u003Cli>You can list all events in post or page by in-built shortcode.\u003C\u002Fli>\n\u003Cli>Front-end search funcility by keyword or date.\u003C\u002Fli>\n\u003Cli>All the details will be shown by In-built pop-up.\u003C\u002Fli>\n\u003Cli>All the events are sorted by Date and Time.\u003C\u002Fli>\n\u003Cli>Easy to use and too much lightweight.\u003C\u002Fli>\n\u003Cli>We are adding additional more functionality to this plugin soon…\u003C\u002Fli>\n\u003C\u002Fol>\n","OB Event Manger is a lightweight and full-featured event management plugin for adding event listing functionality to your WordPress site.",0,1141,"2020-10-27T13:50:00.000Z","5.5.18","2.9.0","",[18,19,20,21],"event","eventmanger","manger","ob","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fob-event-manger.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"oudaryamayburai",3,90,30,84,"2026-04-04T13:52:24.263Z",[35,61,82,103,117],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":16,"tags":50,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":11,"last_vuln_date":60,"fetched_at":25},"prevent-landscape-rotation","Prevent Landscape Rotation","2.1","Arul Prasad J","https:\u002F\u002Fprofiles.wordpress.org\u002Farulprasadj\u002F","\u003Cp>This is a lightweight WordPress plugin that prevents landscape rotation on mobile devices and display message!\u003C\u002Fp>\n\u003Cp>Plugin uses standard actions, filters and SweetAlert Js only.\u003Cbr \u002F>\nIf you love this plugin, \u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Farulprasadj?locale.x=en_GB\" rel=\"nofollow ugc\">buy me a cup of coffee\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you need to Prevent Portrait Rotaion, \u003Ca href=\"https:\u002F\u002Farulprasadj.com\" rel=\"nofollow ugc\">Please contact me\u003C\u002Fa>.\u003C\u002Fp>\n","Prevent Landscape Rotation On Mobile Website.",1000,10342,94,7,"2025-04-25T13:24:00.000Z","6.8.5","4.3",[51,52,53,54,55],"dialogue","front-end","landscape","mobile","prevent","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fprevent-landscape-rotation\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-landscape-rotation.2.1.zip",100,1,"2023-11-28 00:00:00",{"slug":62,"name":63,"version":64,"author":63,"author_profile":65,"description":66,"short_description":67,"active_installs":58,"downloaded":68,"rating":58,"num_ratings":46,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":79,"download_link":80,"security_score":81,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"komito-analytics","Komito Analytics","1.2.3","https:\u002F\u002Fprofiles.wordpress.org\u002Fkomito\u002F","\u003Cp>Komito Analytics is a free, open-source enhancement for the most popular web analytics software.\u003Cbr \u002F>\nUnlocks the power of digital analytics with additional insights about visitor’s behavior such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Social interaction tracking\u003C\u002Fli>\n\u003Cli>Form submissions\u003C\u002Fli>\n\u003Cli>Tracking pageviews by users logged in to social networks\u003C\u002Fli>\n\u003Cli>CTA links clicks\u003C\u002Fli>\n\u003Cli>Downloads and outbound links\u003C\u002Fli>\n\u003Cli>Video and audio events\u003C\u002Fli>\n\u003Cli>Scroll and print events\u003C\u002Fli>\n\u003Cli>Tracking pageviews with blocked ads\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For further information and instructions please see the \u003Ca href=\"https:\u002F\u002Fkomito.net\u002Fintegration\u002F\" rel=\"nofollow ugc\">Komito Analytics integration page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>3rd Party External Script\u003C\u002Fh3>\n\u003Cp>This plugin leverages the functionality of Komito Analytics and it utilizes an external JavaScript file (https:\u002F\u002Fkomito.net\u002Fkomito.js).\u003Cbr \u002F>\nBy using this plugin, you acknowledge that a third party script will be embedded into the website.\u003C\u002Fp>\n\u003Cp>We understand the importance of data privacy and transparency, however, privacy is not a concern: Komito Analytics does not store any data.\u003Cbr \u002F>\nWhy? Because it’s an extension for the most popular web analytics software, not a data collection service.\u003C\u002Fp>\n\u003Cp>Here are some resources to learn more about Komito Analytics:\u003Cbr \u002F>\n* https:\u002F\u002Fkomito.net\u002F\u003Cbr \u002F>\n* https:\u002F\u002Fkomito.net\u002Fabout\u002F\u003Cbr \u002F>\n* https:\u002F\u002Fkomito.net\u002Fintegration\u002F\u003C\u002Fp>\n","Komito Analytics is a free, open-source enhancement for the most popular web analytics software.",128713,"2024-07-12T16:17:00.000Z","6.5.8","4.6","7.2",[74,75,76,77,78],"adobe-analytics","analytics","event-tracking","google-analytics","yandex-metrica","https:\u002F\u002Fkomito.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkomito-analytics.1.2.3.zip",92,{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":58,"num_ratings":59,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":16,"download_link":102,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"auto-fixture-generator-for-sportspress","Auto Fixture Generator for SportsPress","1.7","Savvas","https:\u002F\u002Fprofiles.wordpress.org\u002Fsavvasha\u002F","\u003Cp>Auto Fixture Generator for SportsPress helps you generate complete league match schedules automatically in just a few clicks.\u003Cbr \u002F>\nWhether you are managing a simple round-robin tournament or a professional season with advanced scheduling rules, this plugin integrates seamlessly with the SportsPress plugin and takes care of the fixture creation for you.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FYF2CS6T0Cu0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>Features included:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Single Round Robin algorithm — every team plays each other once.\u003Cbr \u002F>\n* Select your League, Season and Start Date.\u003Cbr \u002F>\n* Define a naming template for gameweeks\u002Fmatchdays (e.g. “Gameweek 1”, “Gameweek 2”, etc.).\u003Cbr \u002F>\n* Automatically create calendar and league table entries in SportsPress.\u003Cbr \u002F>\n* All teams in the selected season are included by default.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Upgrade to the Premium version for advanced control:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Double Round Robin algorithm — home and away matches for every team.\u003Cbr \u002F>\n* Custom Gameweeks Algorithm: Let users define the exact number of gameweeks for their schedule. The generator will automatically distribute all matches as evenly as possible across the specified number of gameweeks, with flexible support for non-standard league structures and scheduling needs.\u003Cbr \u002F>\n* League Phase algorithm: Split teams into customizable “pots” and define how many opponents from each pot to play. Supports real-world league phase structures like UEFA, custom seeding, and pot-based draws for complex tournament scenarios. Assign teams to pots, set pots\u002Fopponents per pot, and generate bespoke schedules — exclusive to Premium!\u003Cbr \u002F>\n* Multiple time slots per match day.\u003Cbr \u002F>\n* Block specific dates (e.g. holidays).\u003Cbr \u002F>\n* Select exactly which teams will participate.\u003Cbr \u002F>\n* Shuffle team order for fair fixtures.\u003Cbr \u002F>\n* Avoid consecutive away games in your schedule.\u003Cbr \u002F>\n* More algorithms coming soon.\u003C\u002Fp>\n\u003Cp>With the premium upgrade, you’ll get full flexibility and professional scheduling capability — perfect for clubs, leagues and tournament organisers who demand complete control over their season structure.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fsavvasha.com\u002Fauto-fixture-generator-for-sportspress\u002F\" rel=\"nofollow ugc\">Upgrade to Premium\u003C\u002Fa>\u003C\u002Fp>\n","Save hours of manual scheduling and let your SportsPress league build itself automatically.",20,637,"2026-02-28T06:24:00.000Z","6.9.4","5.3","7.4",[97,98,99,100,101],"events","fixtures","generator","roundrobin","schedule","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-fixture-generator-for-sportspress.1.7.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":90,"downloaded":111,"rating":11,"num_ratings":11,"last_updated":112,"tested_up_to":93,"requires_at_least":113,"requires_php":95,"tags":114,"homepage":16,"download_link":116,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"connector-mobilizon","Connector for Mobilizon","2.2.0","Daniel","https:\u002F\u002Fprofiles.wordpress.org\u002Fdwaxweiler\u002F","\u003Cp>Connector for Mobilizon allows you to display the upcoming events of \u003Ca href=\"https:\u002F\u002Fjoinmobilizon.org\u002F\" rel=\"nofollow ugc\">Mobilizon\u003C\u002Fa>, which is a federated event listing platform, on your WordPress website.\u003C\u002Fp>\n\u003Cp>Features\u003Cbr \u002F>\n– Display events as Gutenberg block, as widget and as shortcut\u003Cbr \u002F>\n– Display events’ picture, if available, title with link, date, and location, if available\u003Cbr \u002F>\n– Cache requests’ responses for 2 minutes in the database\u003Cbr \u002F>\n– Configure number of events to show per block, per widget and per shortcut\u003Cbr \u002F>\n– Optionally filter events by one or more public groups per block, per widget and per shortcut\u003Cbr \u002F>\n– Set the URL of the Mobilizon instance in the settings\u003C\u002Fp>\n\u003Cp>This plugin requests the events via Mobilizon’s GraphQL API.\u003C\u002Fp>\n\u003Cp>The source code is available on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdwaxweiler\u002Fconnector-mobilizon\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fp>\n","Display Mobilizon events in WordPress.",3075,"2026-01-21T20:37:00.000Z","5.6",[97,115],"mobilizon","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fconnector-mobilizon.2.2.0.zip",{"slug":118,"name":119,"version":85,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":90,"downloaded":124,"rating":58,"num_ratings":125,"last_updated":126,"tested_up_to":93,"requires_at_least":127,"requires_php":16,"tags":128,"homepage":133,"download_link":134,"security_score":135,"vuln_count":136,"unpatched_count":29,"last_vuln_date":137,"fetched_at":25},"ultimate-classified-listings","Ultimate Classified Listings","webcodingplace","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebcodingplace\u002F","\u003Cp>Ultimate Classified Listings is a Responsive Classifieds or listings plugin for WordPress. It has nice & clean designs for listing templates and comes with special integration features like Unlimited Custom Fields, Gallery Sliders + Grids, Advanced AJAX Search, Google Maps or Open Street Maps, and much more…\u003C\u002Fp>\n\u003Cp>It is also a WordPress-based Listing Management System that allows you to own and maintain a listing or ads marketplace, approve registered sellers, accept listing submissions, seller profile management, etc.\u003C\u002Fp>\n\u003Ch4>Quick Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wpclassifiedlistings.com\u002Fdemo\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wpclassifiedlistings.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wpclassifiedlistings.com\u002Fdemo\u002Fsearch-listings-ajax\u002F\" rel=\"nofollow ugc\">AJAX Search\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple yet complete classifieds and listings system for WordPress.",3145,2,"2025-12-04T03:16:00.000Z","3.5",[129,18,130,131,132],"classifieds-ads","job","listings","rent","https:\u002F\u002Fwww.wpclassifiedlistings.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-classified-listings.1.7.zip",34,9,"2025-09-10 18:52:29",{"attackSurface":139,"codeSignals":181,"taintFlows":244,"riskAssessment":272,"analyzedAt":277},{"hooks":140,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":180,"entryPointCount":59,"unprotectedCount":11},[141,147,151,155,160,164,168],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","admin_enqueue_scripts","obem_admin_wp_enqueue_scripts","ob-event-manager.php",18,{"type":142,"name":148,"callback":149,"file":145,"line":150},"wp_enqueue_scripts","obem_shortcode_wp_enqueue_scripts",26,{"type":142,"name":152,"callback":153,"file":145,"line":154},"admin_menu","obem_admin_menu",28,{"type":156,"name":157,"callback":158,"file":145,"line":159},"filter","enter_title_here","obem_change_title_text",82,{"type":142,"name":161,"callback":162,"file":145,"line":163},"add_meta_boxes","obem_details_add_meta_box",106,{"type":142,"name":165,"callback":166,"file":145,"line":167},"save_post","obem_details_save",230,{"type":142,"name":169,"callback":170,"file":145,"line":171},"init","obem_setup_postType",245,[],[],[175],{"tag":176,"callback":177,"file":178,"line":179},"ob-event-manager","obem_front_listing","inc\\front.php",4,[],{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":185,"fileOperations":59,"externalRequests":11,"nonceChecks":125,"capabilityChecks":125,"bundledLibraries":240},[],{"prepared":11,"raw":11,"locations":184},[],{"escaped":186,"rawEcho":154,"locations":187},16,[188,191,193,195,197,198,200,201,203,205,207,209,211,212,213,216,217,219,221,222,224,226,228,230,232,234,236,238],{"file":178,"line":189,"context":190},41,"raw output",{"file":178,"line":192,"context":190},60,{"file":178,"line":194,"context":190},65,{"file":178,"line":196,"context":190},67,{"file":178,"line":196,"context":190},{"file":178,"line":199,"context":190},68,{"file":178,"line":199,"context":190},{"file":178,"line":202,"context":190},69,{"file":178,"line":204,"context":190},70,{"file":178,"line":206,"context":190},71,{"file":208,"line":194,"context":190},"inc\\import.php",{"file":208,"line":210,"context":190},76,{"file":208,"line":210,"context":190},{"file":208,"line":210,"context":190},{"file":214,"line":215,"context":190},"inc\\welcome.php",8,{"file":214,"line":186,"context":190},{"file":214,"line":218,"context":190},24,{"file":214,"line":220,"context":190},25,{"file":214,"line":150,"context":190},{"file":145,"line":223,"context":190},115,{"file":145,"line":225,"context":190},119,{"file":145,"line":227,"context":190},124,{"file":145,"line":229,"context":190},128,{"file":145,"line":231,"context":190},133,{"file":145,"line":233,"context":190},138,{"file":145,"line":235,"context":190},143,{"file":145,"line":237,"context":190},148,{"file":145,"line":239,"context":190},153,[241],{"name":242,"version":24,"knownCves":243},"DataTables",[],[245,264],{"entryPoint":246,"graph":247,"unsanitizedCount":11,"severity":263},"obem_import (inc\\import.php:3)",{"nodes":248,"edges":260},[249,254],{"id":250,"type":251,"label":252,"file":208,"line":253},"n0","source","$_FILES",11,{"id":255,"type":256,"label":257,"file":208,"line":258,"wp_function":259},"n1","sink","fopen() [File Access]",15,"fopen",[261],{"from":250,"to":255,"sanitized":262},true,"low",{"entryPoint":265,"graph":266,"unsanitizedCount":11,"severity":263},"\u003Cimport> (inc\\import.php:0)",{"nodes":267,"edges":270},[268,269],{"id":250,"type":251,"label":252,"file":208,"line":253},{"id":255,"type":256,"label":257,"file":208,"line":258,"wp_function":259},[271],{"from":250,"to":255,"sanitized":262},{"summary":273,"deductions":274},"The \"ob-event-manger\" v1.0 plugin demonstrates a generally strong security posture based on the static analysis. The plugin has a minimal attack surface, with only one shortcode identified as an entry point, and importantly, no unprotected entry points were found. The absence of dangerous functions, external HTTP requests, and raw SQL queries is also a significant positive. The reliance on prepared statements for SQL queries and the presence of nonce and capability checks indicate an awareness of common security best practices.\n\nHowever, a notable concern arises from the output escaping. With 44 total outputs and only 36% properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This means that user-supplied data or data processed by the plugin could be injected into the output without proper sanitization, potentially allowing malicious scripts to execute in the user's browser. While the taint analysis did not reveal any unsanitized paths, the high percentage of unescaped output is a critical weakness that needs immediate attention.\n\nThe plugin's vulnerability history is clean, with no known CVEs recorded. This is a positive indicator, suggesting that the plugin has either been developed with security in mind or has not yet been subjected to widespread security scrutiny. Nevertheless, the lack of historical vulnerabilities should not lead to complacency, especially given the identified output escaping issues. The plugin's strengths lie in its controlled attack surface and good use of WordPress security features, but the unescaped output represents a significant and actionable security risk.",[275],{"reason":276,"points":215},"Poor output escaping (high percentage unescaped)","2026-03-17T06:40:08.251Z",{"wat":279,"direct":293},{"assetPaths":280,"generatorPatterns":286,"scriptPaths":287,"versionParams":288},[281,282,283,284,285],"\u002Fwp-content\u002Fplugins\u002Fob-event-manger\u002Fassets\u002Fcss\u002Fjquery-ui.min.css","\u002Fwp-content\u002Fplugins\u002Fob-event-manger\u002Fassets\u002Fcss\u002Fjquery.dataTables.min.css","\u002Fwp-content\u002Fplugins\u002Fob-event-manger\u002Fassets\u002Fcss\u002Fjquery.modal.min.css","\u002Fwp-content\u002Fplugins\u002Fob-event-manger\u002Fassets\u002Fjs\u002Fjquery.dataTables.min.js","\u002Fwp-content\u002Fplugins\u002Fob-event-manger\u002Fassets\u002Fjs\u002Fjquery.modal.min.js",[],[],[289,290,291,292],"ob-event-manger\u002Fassets\u002Fcss\u002Fjquery.dataTables.min.css?ver=","ob-event-manger\u002Fassets\u002Fcss\u002Fjquery.modal.min.css?ver=","ob-event-manger\u002Fassets\u002Fjs\u002Fjquery.dataTables.min.js?ver=","ob-event-manger\u002Fassets\u002Fjs\u002Fjquery.modal.min.js?ver=",{"cssClasses":294,"htmlComments":297,"htmlAttributes":298,"restEndpoints":316,"jsGlobals":317,"shortcodeOutput":319},[295,296],"event-input-width","event-heading",[],[299,300,301,302,303,304,305,306,307,308,309,310,311,312,313,314,315],"id=\"eventStartDate\"","id=\"eventEndDate\"","id=\"eventStartTime\"","id=\"eventEndTime\"","id=\"event_details_event_start_date\"","id=\"event_details_event_end_date\"","id=\"event_details_event_start_time\"","id=\"event_details_event_end_time\"","name=\"event_details_event_start_date\"","name=\"event_details_event_end_date\"","name=\"event_details_event_start_time\"","name=\"event_details_event_end_time\"","name=\"event_details_event_name\"","name=\"event_details_event_location\"","name=\"event_details_event_category\"","name=\"event_details_event_type\"","name=\"event_details_event_description\"",[],[318],"jQuery(document).ready(function($)",[320],":::Details of this event:::"]