[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFKQdwwCQw9Ux2QRJBG-F-9jIEemQTwTYbUWT2tWcA9c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":13,"tags":16,"homepage":13,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":35,"analysis":127,"fingerprints":221},"orens-unsplash-widget","Oren's Unsplash Widget","1.0.0","Oren Yomtov","https:\u002F\u002Fprofiles.wordpress.org\u002Fornani\u002F","\u003Cp>Quickly display your Unsplash photos inside WordPress widget.\u003C\u002Fp>\n\u003Cp>This plugin uses the \u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fdevelopers\" rel=\"nofollow ugc\">Unsplash API\u003C\u002Fa> to fetch the latest photos from your desired profile.\u003C\u002Fp>\n\u003Cp>Read more about \u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fterms\" rel=\"nofollow ugc\">Unsplash’s terms\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fapi-terms\" rel=\"nofollow ugc\">API terms\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fprivacy\" rel=\"nofollow ugc\">privacy policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Change thumbnail size\u003C\u002Fli>\n\u003Cli>Caching system integrated for better performance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Unsplash Widget plugin is created by \u003Ca href=\"https:\u002F\u002Forenyomtov.com\" rel=\"nofollow ugc\">Oren Yomtov\u003C\u002Fa>, and built upon the prior work of \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Live example?\u003C\u002Fh3>\n\u003Cp>You can see Simple Unsplash Widget live example on my \u003Ca href=\"https:\u002F\u002Forenyomtov.com\" rel=\"nofollow ugc\">website\u003C\u002Fa>\u003C\u002Fp>\n","Quickly display your Unsplash photos inside WordPress widget.",0,933,"","5.3.21","3.0",[17,18,19,20,21],"photos","photostream","sidebar","unsplash","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Forens-unsplash-widget.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"ornani",4,190,89,30,86,"2026-04-05T02:08:05.526Z",[36,55,77,94,111],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":33,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":15,"requires_php":13,"tags":49,"homepage":51,"download_link":52,"security_score":53,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":54},"meks-simple-flickr-widget","Meks Simple Flickr Widget","1.3","Meks","https:\u002F\u002Fprofiles.wordpress.org\u002Fmekshq\u002F","\u003Cp>Quickly display your Flickr photos inside WordPress widget. No authorization required (only provide your user id).\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No authorization required (only provide your user id)\u003C\u002Fli>\n\u003Cli>Support both user Flickr users and Flickr groups \u003C\u002Fli>\n\u003Cli>Change thumbnail size\u003C\u002Fli>\n\u003Cli>Caching system integrated for better performance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Simple Flickr Widget plugin is created by \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Live example?\u003C\u002Fh3>\n\u003Cp>You can see Simple Flickr Widget live example on our \u003Ca href=\"https:\u002F\u002Fmekshq.com\u002Fdemo\u002Fvoice\" rel=\"nofollow ugc\">Voice theme demo website\u003C\u002Fa>\u003C\u002Fp>\n","Quickly display your Flickr photos inside WordPress widget.",20000,405991,3,"2024-07-29T12:33:00.000Z","6.6.5",[50,17,18,19,21],"flickr","https:\u002F\u002Fmekshq.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmeks-simple-flickr-widget.zip",92,"2026-03-15T15:16:48.613Z",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":13,"tags":70,"homepage":73,"download_link":74,"security_score":75,"vuln_count":66,"unpatched_count":66,"last_vuln_date":76,"fetched_at":54},"snapwidget-wp-instagram-widget","SnapWidget Social Photo Feed Widget","1.1.0","snapwidget","https:\u002F\u002Fprofiles.wordpress.org\u002Fsnapwidget\u002F","\u003Cp>SnapWidget Social Photo Feed Widget is an easy way to embed your Instagram photos and videos on your website or blog to display your photos. The widget offers the same functionality and customization available for widgets embedded from \u003Ca href=\"https:\u002F\u002Fsnapwidget.com\" title=\"Instagram widget\" rel=\"nofollow ugc\">SnapWidget\u003C\u002Fa>. Supports the Instagram Basic Display and Graph API’s.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple and easy to use\u003C\u002Fli>\n\u003Cli>Multiple layout options (Grid, Board, Scrolling, Slideshow and Map)\u003C\u002Fli>\n\u003Cli>Secure, supports HTTPS websites\u003C\u002Fli>\n\u003Cli>Refreshes with new photos every 15 minutes (5 minutes for Pro widgets)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Pro Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hashtag Widgets\u003C\u002Fli>\n\u003Cli>Widget Analytics\u003C\u002Fli>\n\u003Cli>Shoppable features\u003C\u002Fli>\n\u003Cli>Add your own custom CSS\u003C\u002Fli>\n\u003Cli>Display photos in a lightbox\u003C\u002Fli>\n\u003Cli>Previous \u002F Next buttons to display older content\u003C\u002Fli>\n\u003Cli>Creating widgets for other users\u003C\u002Fli>\n\u003C\u002Ful>\n","SnapWidget Social Photo Feed Widget is an easy way to embed your Instagram photos and videos on your website or blog to display your photos.",600,15422,60,2,"2021-02-25T15:41:00.000Z","5.6.17","4.4",[71,17,19,21,72],"instagram","widgets","https:\u002F\u002Fsnapwidget.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsnapwidget-wp-instagram-widget.1.2.0.zip",42,"2025-09-22 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":63,"downloaded":85,"rating":23,"num_ratings":66,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":13,"tags":89,"homepage":13,"download_link":92,"security_score":93,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":54},"tz-flickr-widget","TZ Flickr Widget","1.0.3","tuyennv","https:\u002F\u002Fprofiles.wordpress.org\u002Ftuyennv\u002F","\u003Cp>This is a simple widget to display your Flickr latest photostream in widget area using Pretty Photo to open gallery images.\u003Cbr \u002F>\nYou can get your Flickr ID at http:\u002F\u002Fidgettr.com\u002F.\u003Cbr \u002F>\nWith its very beautiful widget interface, tabbed system, and powered by jQuery makes this plugin easier to customize.\u003Cbr \u002F>\nJust put your Flickr ID and your widget will be ready to lunch.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Features & Options\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Beautiful widget interface\u003C\u002Fli>\n\u003Cli>The type of images from user id.\u003C\u002Fli>\n\u003Cli>Get the latest image.\u003C\u002Fli>\n\u003Cli>Put your number images you want to display.\u003C\u002Fli>\n\u003Cli>Optional image sizes.\u003C\u002Fli>\n\u003Cli>PrettyPhoto for image thumb.\u003C\u002Fli>\n\u003Cli>Free supports.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>Note: If you don’t know your ID of Flickr you can go to http:\u002F\u002Fidgettr.com\u002F get your ID.\u003C\u002Fp>\n","Plugin has get your Flickr photostream in a sidebar easily without authentication.",21474,"2015-08-24T08:33:00.000Z","4.2.39","3.0.1",[90,91,50,18,21],"badge","feed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftz-flickr-widget.zip",85,{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":23,"downloaded":102,"rating":11,"num_ratings":11,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":13,"tags":106,"homepage":109,"download_link":110,"security_score":93,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":54},"simple-flickr-photostream-widget","Simple Flickr Photostream","1.3.7","Bensventures","https:\u002F\u002Fprofiles.wordpress.org\u002Fvalidben\u002F","\u003Cp>Simple Flickr Photostream widget is another Flickr photo display. I exists because no other plugins were doing what the author needed.\u003C\u002Fp>\n\u003Cp>The plugin is essentially a widget that will show pictures from a chosen Flickr source, be it your own photostream, someone else’s, one of your sets, a group, your favorite, etc…\u003C\u002Fp>\n\u003Cp>The code is based on \u003Ca href=\"http:\u002F\u002Feightface.com\u002Fwordpress\u002Fflickrrss\u002F\" rel=\"nofollow ugc\">FlickrRss\u003C\u002Fa> plugin made by Dave Kellam and Stefano Verna and improves by placing the controls in the widget itself rather than an admin page. This new approach, combined with the way WP 2.7 handles widgets makes it multiwidgets enabled with different options for each widgets.\u003C\u002Fp>\n","Simple Flickr Photostream widget allow you display pictures from Flickr in a widgetized area of you choice. Based on the WP 2.7 widget model",26131,"2015-03-27T18:09:00.000Z","4.1.42","2.8",[50,107,108,18],"flickr-photostream","flickr-widget","http:\u002F\u002Fwww.ai-development.com\u002Fwordpress-plugins\u002Fsimple-flickr-photostream-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-flickr-photostream-widget.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":65,"downloaded":119,"rating":11,"num_ratings":11,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":13,"tags":123,"homepage":125,"download_link":126,"security_score":93,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":54},"recent-photos","Recent Photos","0.0.2","Hemant Nandrajog (instruite)","https:\u002F\u002Fprofiles.wordpress.org\u002Finstruite\u002F","\u003Cp>Recent Photos Plugin provides with a widget to display n numbers of recent photos from the media library in the sidebar.\u003Cbr \u002F>\nThe display can be customized through custom css or integrated in main style sheet file.\u003Cbr \u002F>\nAlso provides an option to use Thickbox (along with the patch code necessary for running thickbox)\u003C\u002Fp>\n\u003Cp>Demosites:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fplayground.instruite.com\u002F\" title=\"Operation with Default wp theme\" rel=\"nofollow ugc\">Operation with default theme\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.instruite.com\u002F\" title=\"Example of how widget can be customized\" rel=\"nofollow ugc\">Customized Version\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Author info:\u003C\u002Fp>\n\u003Cp>Follow me on \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Finstruite\u002F\" title=\"Follow instruite on twitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> or become my Friend on \u003Ca href=\"http:\u002F\u002Fwww.facebook.com\u002Finstruite\u002F\" title=\"Instruite's Facebook page\" rel=\"nofollow ugc\">facebook\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Configuration Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Title: Title for the widget will be displayed as per your theme\u003C\u002Fli>\n\u003Cli>Number of the photos: Number of photos that will be displayed in the sidebar\u003C\u002Fli>\n\u003Cli>Randomize: Check to display photos in random order\u003C\u002Fli>\n\u003Cli>Browse Photo Link: Full link to your photos\u002Fgallery page\u003Cbr \u002F>\n      Leave blank if you don’t want to show the link.\u003C\u002Fli>\n\u003Cli>Use Thickbox: Enables\u002FDisables the use of thickbox for this widget \u003C\u002Fli>\n\u003Cli>WordPress Path: Applicable only if Thickbox is enabled\u003Cbr \u002F>\n    This option is necessary to provide the patch for thickbox to correctly display thickbox related images\u003Cbr \u002F>\n    (loadinganimation and close). If your wordpress installation is in a subdirectory provide the path for the same\u003Cbr \u002F>\n    followed by a forward slash\u003Cbr \u002F>\n    Eg. wordpress\u002F\u003Cbr \u002F>\n        When the WP installation is in ‘wordpress’ subdirectory\u003C\u002Fli>\n\u003Cli>Use Custom CSS: Enable\u002FDisables the use of Custom CSS\u003C\u002Fli>\n\u003Cli>Custom CSS: For styling this plugin requires following CSS ids and classes to be defined\u003Cbr \u002F>\n            #recent_photos_envelope{margin:0 0 30px 0;}\u003Cbr \u002F>\n            .recent_photo_image a {float:left;display:inline;margin:0 16px 15px 0;border:1px dashed #888;padding:5px}\u003Cbr \u002F>\n            .recent_photo_image a:hover {border:1px dashed #000}\u003Cbr \u002F>\n          The above css code is default css provided with the plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","Recent Photos Plugin provides with a widget to display n numbers of recent photos from the media library in the sidebar.",10155,"2010-03-29T14:11:00.000Z","2.9.2","2.9",[17,19,124,21],"thickbox","http:\u002F\u002Fwww.instruite.com\u002Fblog\u002F2010\u002F02\u002F28\u002Frecent-photos-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecent-photos.0.0.2.zip",{"attackSurface":128,"codeSignals":149,"taintFlows":205,"riskAssessment":206,"analyzedAt":220},{"hooks":129,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":11,"unprotectedCount":11},[130,136,141],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","wp_enqueue_scripts","enqueue_styles","inc\\class-unsplash-widget.php",16,{"type":131,"name":137,"callback":138,"file":139,"line":140},"widgets_init","unsplash_widget_init","orens-unsplash-widget.php",43,{"type":131,"name":142,"callback":143,"file":139,"line":144},"plugins_loaded","load_unsplash_widget_text_domain",50,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":11,"externalRequests":203,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":204},[],{"prepared":11,"raw":11,"locations":152},[],{"escaped":154,"rawEcho":155,"locations":156},17,27,[157,160,162,164,166,168,170,171,173,175,176,178,180,181,183,185,186,188,190,191,192,194,196,197,198,200,202],{"file":134,"line":158,"context":159},47,"raw output",{"file":134,"line":161,"context":159},49,{"file":134,"line":163,"context":159},65,{"file":134,"line":165,"context":159},70,{"file":134,"line":167,"context":159},126,{"file":134,"line":169,"context":159},127,{"file":134,"line":169,"context":159},{"file":134,"line":172,"context":159},130,{"file":134,"line":174,"context":159},131,{"file":134,"line":174,"context":159},{"file":134,"line":177,"context":159},135,{"file":134,"line":179,"context":159},136,{"file":134,"line":179,"context":159},{"file":134,"line":182,"context":159},140,{"file":134,"line":184,"context":159},141,{"file":134,"line":184,"context":159},{"file":134,"line":187,"context":159},145,{"file":134,"line":189,"context":159},146,{"file":134,"line":189,"context":159},{"file":134,"line":189,"context":159},{"file":134,"line":193,"context":159},150,{"file":134,"line":195,"context":159},151,{"file":134,"line":195,"context":159},{"file":134,"line":195,"context":159},{"file":134,"line":199,"context":159},156,{"file":134,"line":201,"context":159},157,{"file":134,"line":201,"context":159},1,[],[],{"summary":207,"deductions":208},"The orens-unsplash-widget plugin, version 1.0.0, presents a generally favorable security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, critical taint flows, dangerous functions, file operations, or raw SQL queries is a significant strength.  Furthermore, the plugin appears to have no direct attack surface through AJAX, REST API, shortcodes, or cron events, which effectively limits potential entry points for attackers.\n\nHowever, there are notable areas for concern that detract from an otherwise positive assessment. The most prominent issue is the low percentage of properly escaped output (39%). This suggests a significant risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied or dynamically generated content may be rendered directly in the browser without adequate sanitization, allowing for arbitrary code execution in the context of the user's session.\n\nAdditionally, the complete lack of nonce checks and capability checks across all identified entry points (even though there are none explicitly listed) is a potential weakness if the attack surface were to expand in future versions or if indirect entry points exist. The presence of an external HTTP request without any described sanitization or validation also warrants caution. Overall, while the plugin has a clean history and a minimal attack surface, the high proportion of unescaped output introduces a substantial risk that requires immediate attention.",[209,212,215,217],{"reason":210,"points":211},"Low output escaping percentage",12,{"reason":213,"points":214},"No nonce checks",7,{"reason":216,"points":214},"No capability checks",{"reason":218,"points":219},"External HTTP requests without checks",5,"2026-03-17T06:02:50.233Z",{"wat":222,"direct":229},{"assetPaths":223,"generatorPatterns":225,"scriptPaths":226,"versionParams":227},[224],"\u002Fwp-content\u002Fplugins\u002Forens-unsplash-widget\u002Fcss\u002Fstyle.css",[],[],[228],"orens-unsplash-widget\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":230,"htmlComments":232,"htmlAttributes":233,"restEndpoints":240,"jsGlobals":241,"shortcodeOutput":242},[231,20],"unsplash_widget",[],[234,235,236,237,238,239],"data-unsplash_widget_id","data-unsplash_widget_count","data-unsplash_widget_access_key","data-unsplash_widget_t_width","data-unsplash_widget_t_height","data-unsplash_widget_randomize",[],[],[]]