[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3nAAnD-TO9-Pm4jf7c0m6x0Y6KFEHWDTzVOfnqJImQI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":139,"fingerprints":171},"oembed-gist-files","oEmbed Gists and Files","1.0.2","Andy Fragen","https:\u002F\u002Fprofiles.wordpress.org\u002Fafragen\u002F","\u003Cp>Use an Embed block and enter the URL for the Gist or the URL for a specific file within the Gist. If using the Classic Editor, place the URL on a line by itself. Not as a link.\u003C\u002Fp>\n\u003Cp>Support for \u003Ccode>wp_oembed_get()\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>No shortcodes.\u003C\u002Fp>\n","oEmbed Gist or files within Gists.",30,1587,100,1,"2024-11-01T18:29:00.000Z","6.7.5","5.9","7.1",[20,21,22],"embed","gist","oembed","https:\u002F\u002Fgithub.com\u002Fafragen\u002Foembed-gist-files","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foembed-gist-files.1.0.2.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"afragen",12,42970,96,356,76,"2026-04-04T04:23:42.812Z",[39,62,81,102,122],{"slug":40,"name":41,"version":42,"author":7,"author_profile":8,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":26,"last_vuln_date":61,"fetched_at":28},"embed-pdf-viewer","Embed PDF Viewer","2.4.8","\u003Cp>Embed a PDF from the Media Library or elsewhere via oEmbed or as a block into an \u003Ccode>iframe\u003C\u002Fcode> tag. The URL only has to be world reachable link. Chrome uses Google Doc Viewer as Chrome seems to automatically rendered embedded JS in PDFs automatically. Uses Google Doc Viewer with mobile.\u003C\u002Fp>\n\u003Cp>Inspired by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdirtysuds-embed-pdf\u002F\" rel=\"ugc\">Embed PDF\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frv-embed-pdf\u002F\" rel=\"ugc\">RV Embed PDF\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Many thanks to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fakirk\" rel=\"nofollow ugc\">Alex Kirk\u003C\u002Fa> for making Embed PDF Viewer compatible with the new block editor.\u003C\u002Fp>\n\u003Cp>Development on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fafragen\u002Fembed-pdf-viewer\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Pull requests are welcome against the \u003Ccode>develop\u003C\u002Fcode> branch.\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Cp>Occasionally Google Doc Viewer will not correctly load the PDF. Reloading the page should correct the issue, though this may need to be done several times.\u003C\u002Fp>\n","Embed a PDF from the Media Library or elsewhere via oEmbed or as a block into an iframe tag.",20000,307147,94,19,"2026-02-21T16:59:00.000Z","7.0","6.0","7.4",[54,20,22,55,56],"block","pdf","viewer","https:\u002F\u002Fgithub.com\u002Fafragen\u002Fembed-pdf-viewer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-pdf-viewer.2.4.8.zip",99,2,"2024-12-19 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":77,"download_link":80,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"disable-embeds","Disable Embeds","1.5.0","Pascal Birchler","https:\u002F\u002Fprofiles.wordpress.org\u002Fswissspidy\u002F","\u003Cp>What this plugin does:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Prevents others from embedding your site.\u003C\u002Fli>\n\u003Cli>Prevents you from embedding other non-whitelisted sites.\u003C\u002Fli>\n\u003Cli>Disables all JavaScript related to the feature.\u003C\u002Fli>\n\u003Cli>Removes support for the WordPress embed block in the new block editor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just activate the plugin and you’re good to go.\u003C\u002Fp>\n\u003Cp>Want embeds back again? Simply deactivate the plugin.\u003C\u002Fp>\n","Don’t like the enhanced embeds in WordPress 4.4? Easily disable the feature using this plugin.",10000,270545,86,20,"2025-04-08T09:00:00.000Z","6.8.5","4.4","",[20,79,22],"embeds","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-embeds.1.5.0.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":70,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":17,"requires_php":94,"tags":95,"homepage":77,"download_link":100,"security_score":13,"vuln_count":14,"unpatched_count":26,"last_vuln_date":101,"fetched_at":28},"embed-privacy","Embed Privacy","1.12.3","epiphyt","https:\u002F\u002Fprofiles.wordpress.org\u002Fepiphyt\u002F","\u003Cp>Content embedded from external sites such as YouTube or Twitter is loaded immediately when visitors access your site. Embed Privacy addresses this issue and prevents the loading of these contents until the visitor decides to allow loading of external content.\u003Cbr \u002F>\nBut Embed Privacy not only protects your visitor’s privacy but also makes your site load faster.\u003C\u002Fp>\n\u003Cp>All embeds will be replaced by placeholders, ready for you to apply style as you wish. With only a couple of lines of CSS.\u003C\u002Fp>\n\u003Cp>By clicking on the placeholder the respective content will then be loaded.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note: This plugins requires the PHP extension \u003Ca href=\"https:\u002F\u002Fwww.php.net\u002Fmanual\u002Fen\u002Fbook.dom.php\" rel=\"nofollow ugc\">“Document Object Model” (php-dom)\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n","Embed Privacy prevents the loading of embedded external content and allows your site visitors to opt-in.",531266,98,26,"2026-01-20T16:55:00.000Z","6.9.4","5.6",[96,97,22,98,99],"gutenberg","iframes","performance","privacy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-privacy.1.12.3.zip","2023-11-18 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":13,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":119,"download_link":120,"security_score":121,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"oembed-plus","oEmbed Plus","1.6","Ayesh Karunaratne","https:\u002F\u002Fprofiles.wordpress.org\u002Fayeshrajans\u002F","\u003Cp>Adds support for embedding Facebook and Instagram posts in Block Editor (Gutenberg) and Classic Editor. This feature was removed in WordPress core due to deprecation of legacy APIs WordPress core used.\u003C\u002Fp>\n\u003Cp>Prior to WordPress 5.5.1, WordPress had support to embed Instagram and Facebook photos, videos, notes, quizes, etc in posts created with Block Editor and Classic Editor. However, Facebook removed this legacy API in October 2020, and this plugin implements the new APIs to bring back support for Facebook and Instagram content embedding.\u003C\u002Fp>\n\u003Cp>Note that you will need to register a Facebook developer account and create an app to get API credentials that this plugin uses. There is no coding necessary, but an API key needs to be created and set for the plugin.\u003C\u002Fp>\n\u003Cp>Detailed setup instructions are available in \u003Ca href=\"https:\u002F\u002Fphp.watch\u002Farticles\u002Fwordpress-facebook-instagram-oembed\" rel=\"nofollow ugc\">oEmbed Plus guide at PHP.Watch\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This project is not owned, endorsed, or otherwise affiliated with Facebook Inc. or Instagram LLC.\u003C\u002Fp>\n","Adds support for embedding Facebook and Instagram posts in Block Editor (Gutenberg) and Classic Editor.",4000,108320,7,"2021-07-15T10:24:00.000Z","5.6.17","4.9",[20,117,118,22],"facebook","instagram","https:\u002F\u002Fphp.watch\u002Farticles\u002Fwordpress-facebook-instagram-oembed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foembed-plus.1.6.zip",85,{"slug":123,"name":124,"version":125,"author":124,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":73,"last_updated":132,"tested_up_to":93,"requires_at_least":133,"requires_php":52,"tags":134,"homepage":137,"download_link":138,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"embedly","Embedly","4.9.3","https:\u002F\u002Fprofiles.wordpress.org\u002Fembedly\u002F","\u003Cp>Enhance the default WordPress embedding to get previews for any article,\u003Cbr \u002F>\nincluding your own blog posts. You also get embeds for YouTube, Vimeo, Twitch,\u003Cbr \u002F>\nGoogle Maps, and Embedly’s growing list of \u003Ca href=\"https:\u002F\u002Fembed.ly\u002Fproviders\" rel=\"nofollow ugc\">1000+ supported\u003Cbr \u002F>\nproviders\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You can customize the style of the embeds, to optimize for darker WP themes,\u003Cbr \u002F>\nalignment, and width. In addition, social buttons can be added around the embeds\u003Cbr \u002F>\nto make it easier to share content from your blog posts.\u003C\u002Fp>\n\u003Cp>If you have an Embedly Cards account, you can link it to the plugin with your Embedly API key. Not only does this remove branding from the cards, it also gives you access to analytics and viewer behaviors for most popular music and video player embeds (YouTube, Vimeo, Instagram, SoundCloud). Find out how many people viewed your embeds for how long. To learn more about Embedly Cards please visit \u003Ca href=\"https:\u002F\u002Fembed.ly\u002Fcards\" rel=\"nofollow ugc\">our website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Using it is as simple as the default WordPress embedding. Embed media by pasting its URL in a single line when writing a post.\u003C\u002Fp>\n\u003Cp>The plugin automatically displays an embed of the media in the WordPress post editor.\u003C\u002Fp>\n\u003Cp>Fair Warning: This plugin generates static HTML content for your posts.  After you deactivate\u003Cbr \u002F>\nthe plugin, that HTML will still remain behind in all posts where the plugin was used to create\u003Cbr \u002F>\nembeds.\u003C\u002Fp>\n","The Embedly Plugin extends WordPress's auto-embed feature to give your blog more media types and style options.",2000,203815,70,"2026-02-20T06:02:00.000Z","5.0",[20,135,22,55,136],"image","video","https:\u002F\u002Fembed.ly\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembedly.4.9.3.zip",{"attackSurface":140,"codeSignals":152,"taintFlows":159,"riskAssessment":160,"analyzedAt":170},{"hooks":141,"ajaxHandlers":148,"restRoutes":149,"shortcodes":150,"cronEvents":151,"entryPointCount":26,"unprotectedCount":26},[142],{"type":143,"name":144,"callback":144,"priority":145,"file":146,"line":147},"filter","pre_oembed_result",10,"oembed-gist-files.php",45,[],[],[],[],{"dangerousFunctions":153,"sqlUsage":154,"outputEscaping":156,"fileOperations":26,"externalRequests":14,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":158},[],{"prepared":26,"raw":26,"locations":155},[],{"escaped":14,"rawEcho":26,"locations":157},[],[],[],{"summary":161,"deductions":162},"The oembed-gist-files v1.0.2 plugin exhibits a strong security posture based on the provided static analysis. The absence of any entry points like AJAX handlers, REST API routes, or shortcodes significantly limits the potential attack surface. Furthermore, the code demonstrates good security practices by using prepared statements for all SQL queries and properly escaping all outputs, indicating a low risk of common injection and cross-site scripting vulnerabilities. The plugin also avoids dangerous functions and file operations, further enhancing its security.\n\nHowever, the analysis does highlight a couple of areas for potential concern. The presence of an external HTTP request without clear details on its purpose or sanitization could be a minor risk if it's susceptible to man-in-the-middle attacks or if the target endpoint is compromised. Additionally, the complete lack of nonce checks and capability checks across all zero entry points, while seemingly inconsequential given there are no entry points, suggests a potential lack of security awareness that could become a problem if functionality is added in the future. The vulnerability history being entirely clean is a positive indicator, suggesting the developers have a track record of producing secure code or have not historically exposed the plugin to significant risks.\n\nIn conclusion, oembed-gist-files v1.0.2 appears to be a secure plugin with a minimal attack surface and adherence to good coding practices. The main areas for vigilance would be understanding the security implications of the external HTTP request and ensuring that any future additions of entry points include proper authentication and authorization mechanisms.",[163,166,168],{"reason":164,"points":165},"External HTTP request without clear context",5,{"reason":167,"points":165},"No nonce checks implemented",{"reason":169,"points":165},"No capability checks implemented","2026-03-16T22:36:36.574Z",{"wat":172,"direct":178},{"assetPaths":173,"generatorPatterns":174,"scriptPaths":175,"versionParams":177},[],[],[176],"\u002Fwp-content\u002Fplugins\u002Foembed-gist-files\u002Foembed-gist-files.php",[],{"cssClasses":179,"htmlComments":180,"htmlAttributes":181,"restEndpoints":182,"jsGlobals":183,"shortcodeOutput":184},[],[],[],[],[],[185],"\u003Cscript src=\""]