[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJaPf5Ha8L0_R2SVslBk1EW0xhsRU5Tk2gncvGZEKZTQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":7,"requires_php":7,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":127,"fingerprints":196},"panoramio-images","Panoramio Images","1.4","","https:\u002F\u002Fprofiles.wordpress.org\u002Frambash\u002F","\u003Cp>A wordpress widget that retrieve images from Panoramio API.\u003C\u002Fp>\n\u003Cp>HOW TO\u003Cbr \u002F>\nTo display the widget, add a custom field to a post called “panoramio”. The value of panoramio should be the coordinate to the area that you want to display pictures from.\u003Cbr \u002F>\nThe value should be formatted like this: X:Y\u003C\u002Fp>\n\u003Cp>It is also possible to supply the script with two coordinates, for a more precise area. Use this format: minx:miny:maxx:maxy\u003C\u002Fp>\n\u003Cp>All coordinates should be given in the decimal form of latitude\u002Flongitude. I recommend using http:\u002F\u002Fmapki.com\u002FgetLonLat.php.\u003C\u002Fp>\n\u003Cp>CHANGELOG\u003Cbr \u002F>\n1.3:\u003Cbr \u002F>\n-Added AJAX support\u003Cbr \u002F>\n-Converted the script into a widget\u003Cbr \u002F>\n-Reduced the code\u003Cbr \u002F>\n-Fixed some bugs\u003C\u002Fp>\n","A wordpress plugin for retrieving images and values through the Panoramio API.",10,3613,0,"2010-11-14T03:08:00.000Z","3.0.5",[17,18,19,20,21],"api","images","panoramio","sidebar","widget","http:\u002F\u002Fwww.letsgeek.com\u002Fplugins\u002Fpanoramio-images\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpanoramio-images.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":29,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"rambash",1,30,84,"2026-04-04T06:08:58.473Z",[35,58,76,91,111],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":30,"unpatched_count":13,"last_vuln_date":57,"fetched_at":26},"newpost-catch","Newpost Catch","1.3.22","Tetsuya Imamura","https:\u002F\u002Fprofiles.wordpress.org\u002Fs56bouya\u002F","\u003Cp>Thumbnails in new articles setting widget.\u003C\u002Fp>\n","Thumbnails in new articles setting widget.",10000,288091,100,2,"2025-03-03T00:21:00.000Z","6.7.5","5.6","7.2",[52,18,53,20,21],"image","posts","http:\u002F\u002Fwww.imamura.biz\u002Fblog\u002Fnewpost-catch\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnewpost-catch.1.3.22.zip",91,"2025-02-20 15:03:22",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":45,"num_ratings":30,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":7,"tags":71,"homepage":74,"download_link":75,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"flickr-me","Flickr Me","1.0.6","Erik Ford","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearepixel8\u002F","\u003Cp>With Flickr Me, you can add Flickr feeds, from an individual account or group, to your widget ready areas. Once installed and activated the widget is an easy to manage, out of box solution for displaying a Flickr gallery of images. Each photo, in the feed, will link to its Flickr permalink and you can optionally set to display the title when stacking images.\u003C\u002Fp>\n","Add Flickr feeds to your widget ready areas.",40,6088,"2016-05-02T15:14:00.000Z","4.5.33","3.1",[72,18,73,20,21],"flickr","photos","http:\u002F\u002Fheavyheavy.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflickr-me.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":31,"downloaded":84,"rating":13,"num_ratings":13,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":7,"tags":88,"homepage":89,"download_link":90,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"flickrapi","Flickr API","0.7","David Walker","https:\u002F\u002Fprofiles.wordpress.org\u002Fpolaraction\u002F","\u003Cp>This plugin allows you to easily display Flickr photos on your site and using the Flickr API doesn’t limit you to\u003Cbr \u002F>\nthe standard 20 photos. It supports user, set, favorite, group and public photostreams.\u003C\u002Fp>\n\u003Cp>The plugin is relatively easy to setup and configure via an options panel.\u003Cbr \u002F>\nIt also has support for an image cache located on your server.\u003C\u002Fp>\n\u003Ch3>Feedback and Support\u003C\u002Fh3>\n\u003Cp>For API problems you can visit the plugin page (http:\u002F\u002Fmalton-webdesign.co.uk\u002Fflickrapi)\u003C\u002Fp>\n\u003Ch3>Advanced\u003C\u002Fh3>\n\u003Cp>The plugin also supports a number of parameters, allowing you to have multiple instances across your\u003C\u002Fp>\n\u003Cp>site.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ccode>'type' => 'user'\u003C\u002Fcode> – The type of Flickr images that you want to show. Possible values: ‘user’, \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>‘favorite’, ‘set’, ‘group’, ‘public’\u003Cbr \u002F>\n2. \u003Ccode>'api' => ''\u003C\u002Fcode> – Optional but the point of the plugin!\u003Cbr \u002F>\n2. \u003Ccode>'tags' => ''\u003C\u002Fcode> – Optional: Can be used with type = ‘user’ or ‘public’, comma separated\u003Cbr \u002F>\n3. \u003Ccode>'set' => ''\u003C\u002Fcode> – Optional: To be used with type = ‘set’\u003Cbr \u002F>\n4. \u003Ccode>'id' => ''\u003C\u002Fcode> – Optional: Your Group or User ID. To be used with type = ‘user’ or ‘group’\u003Cbr \u002F>\n5. \u003Ccode>'do_cache' => false\u003C\u002Fcode> – Enable the image cache\u003Cbr \u002F>\n6. \u003Ccode>'cache_sizes' => array('square')\u003C\u002Fcode> – What are the image sizes we want to cache locally? Possible\u003Cbr \u002F>\nvalues: ‘square’, ‘thumbnail’, ‘small’, ‘medium’\u003Cbr \u002F>\n7. \u003Ccode>'cache_path' => ''\u003C\u002Fcode> – Where the images are saved (server path)\u003Cbr \u002F>\n8. \u003Ccode>'cache_uri' => ''\u003C\u002Fcode> – The URI associated to the cache path (web address)\u003Cbr \u002F>\n9. \u003Ccode>'num_items' => 4\u003C\u002Fcode> – The number of images that you want to display\u003Cbr \u002F>\n10. \u003Ccode>'before_list' => ''\u003C\u002Fcode> – The HTML to print before the list of images\u003Cbr \u002F>\n11. \u003Ccode>'html' => '\u003Ca href=\"%flickr_page%\" title=\"%title%\">\u003Cimg src=\"%image_square%\" alt=\"%title%\">\u003C\u002Fa&>'\u003C\u002Fcode> –\u003C\u002Fp>\n\u003Cp>the code to print out for each image.\u003Cbr \u002F>\n Meta tags available: %flickr_page%, %title%, %image_small%, %image_square%, %image_thumbnail%,\u003C\u002Fp>\n\u003Cp>%image_medium%, %image_large%\u003Cbr \u002F>\n12. \u003Ccode>'default_title' => \"Untitled Flickr photo\"\u003C\u002Fcode> – the default title\u003Cbr \u002F>\n13. \u003Ccode>'after_list' => ''\u003C\u002Fcode> – the HTML to print after the list of images\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Example 1\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode> get_flickrAPI(array('num_items' => 36, \n 'type' => 'group', \n 'tags' => '',\n 'id' => '12325216@N00',\n 'api' => '3370ecbd3e604245581eb4955fd6xxxx')); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would show the 36 most recent group photos\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Example 2\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode> get_flickrAPI(array('num_items' => 30, \n 'type' => 'user', \n 'tags' => '',\n 'id' => '10529805@N00',\n 'api' => '3370ecbd3e604245581eb4955fd6xxxx')); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would show the 30 most recent thumbnail sized photos from the specified user’s set.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Example 3\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode> get_flickrAPI(array('num_items' => 30, \n 'type' => 'public', \n 'text' => '',\n 'tags' => '',\n 'api' => '3370ecbd3e604245581eb4955fd6xxxx')); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would show the 30 most recent photos from all of FLickr.\u003C\u002Fp>\n\u003Ch3>Plugin History\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>0.7 – Change of the Support page to new website\u003C\u002Fli>\n\u003Cli>0.6 – Removed the Large option as FLickr seem to have removed it.\u003C\u002Fli>\n\u003Cli>0.5 – Added search by Text facilty\u003C\u002Fli>\n\u003Cli>0.4 – Debug Option Added \u003C\u002Fli>\n\u003Cli>0.3 – Upgrade bug fix. \u003C\u002Fli>\n\u003Cli>0.2 – Readme.txt updated properly\u003C\u002Fli>\n\u003Cli>0.1 – Beta release (Plugin amended from the original “eightface” flickrRSS plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin is an amended version of flickrRSS by \"eightface\". As well as allowing you to integrate Flickr photos into your site, supportin …",10412,"2012-04-24T16:05:00.000Z","3.3.2","2.6",[17,72,18,73,20],"http:\u002F\u002Fmalton-webdesign.co.uk\u002FflickrAPI\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflickrapi.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":13,"num_ratings":13,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":7,"tags":104,"homepage":7,"download_link":110,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"be-rest-endpoints","BE REST Endpoints","1.0.0","Edwin Cromley","https:\u002F\u002Fprofiles.wordpress.org\u002Fchopinbach\u002F","\u003Cp>Major features in BE REST Endpoints include:\u003C\u002Fp>\n\u003Cp>Sidebars and Widget endpoints for the WP REST API v2.\u003C\u002Fp>\n\u003Cp>More improvements will come.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>This plugin has not been tested for all themes.\u003C\u002Fp>\n\u003Cp>It is possible that this plugin may not work as intended depending on your theme or if a plugin is modifying the underlying Widgets API.\u003C\u002Fp>\n\u003Cp>Themes that are built on top of _s (http:\u002F\u002Funderscores.me) and default themes should work fine.\u003C\u002Fp>\n\u003Cp>If you are having issues please contact us at (http:\u002F\u002Fbe-webdesign.com\u002Fcontact\u002F)\u003C\u002Fp>\n\u003Cp>Also important to note is that this plugin is more of an experiment and should not be used on a production environment.\u003C\u002Fp>\n\u003Cp>Improvements to the JSON schema and inference of schema data from widgets will need to be improved before this plugin is secure.\u003C\u002Fp>\n\u003Cp>This plugin is mainly just an illustration of one possibility for a widgets and sidebars endpoint in the WP REST API v2.\u003C\u002Fp>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>Coming soon, maybe.\u003C\u002Fp>\n","Major features in BE REST Endpoints include:",20,2045,"2016-02-07T23:58:00.000Z","4.4.34","4.4.0",[105,106,107,108,109],"rest-api-widgets","sidebars","widget-areas","widgets","wp-rest-api-widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbe-rest-endpoints.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":11,"downloaded":119,"rating":45,"num_ratings":30,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":7,"tags":123,"homepage":125,"download_link":126,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"social-icon-links","Social Icon Links","1.2","Phuc Pham","https:\u002F\u002Fprofiles.wordpress.org\u002Fsvincoll4\u002F","\u003Cp>Just place the Widget on your sidebar to display these icons.\u003C\u002Fp>\n","To customize the social icon link with your own icons easier.",4541,"2014-11-07T07:09:00.000Z","3.4.2","3.0.1",[18,124,20,21],"links","http:\u002F\u002Ffacebook.com\u002Fsvincoll4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-icon-links.zip",{"attackSurface":128,"codeSignals":140,"taintFlows":188,"riskAssessment":189,"analyzedAt":195},{"hooks":129,"ajaxHandlers":136,"restRoutes":137,"shortcodes":138,"cronEvents":139,"entryPointCount":13,"unprotectedCount":13},[130],{"type":131,"name":132,"callback":133,"priority":13,"file":134,"line":135},"action","wp_head","snoppinit","pam.php",27,[],[],[],[],{"dangerousFunctions":141,"sqlUsage":142,"outputEscaping":144,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":187},[],{"prepared":13,"raw":13,"locations":143},[],{"escaped":13,"rawEcho":99,"locations":145},[146,149,151,153,155,157,159,161,163,165,167,169,171,173,175,177,179,181,183,185],{"file":134,"line":147,"context":148},48,"raw output",{"file":134,"line":150,"context":148},50,{"file":134,"line":152,"context":148},53,{"file":134,"line":154,"context":148},106,{"file":134,"line":156,"context":148},108,{"file":134,"line":158,"context":148},109,{"file":134,"line":160,"context":148},110,{"file":134,"line":162,"context":148},113,{"file":134,"line":164,"context":148},115,{"file":134,"line":166,"context":148},129,{"file":134,"line":168,"context":148},130,{"file":134,"line":170,"context":148},131,{"file":134,"line":172,"context":148},132,{"file":134,"line":174,"context":148},134,{"file":134,"line":176,"context":148},135,{"file":134,"line":178,"context":148},181,{"file":134,"line":180,"context":148},195,{"file":134,"line":182,"context":148},196,{"file":134,"line":184,"context":148},205,{"file":134,"line":186,"context":148},206,[],[],{"summary":190,"deductions":191},"The \"panoramio-images\" v1.4 plugin exhibits a generally positive security posture based on the static analysis provided. The absence of any detected AJAX handlers, REST API routes, shortcodes, or cron events with exposed entry points, and a complete lack of dangerous function usage, SQL injection risks (due to prepared statements), and file operations are all strong indicators of well-written and secure code. The zero recorded CVEs and lack of historical vulnerabilities further reinforce this positive assessment, suggesting a mature and stable plugin. However, a significant concern arises from the output escaping analysis: 100% of outputs are not properly escaped. This represents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious code could be injected into the website and executed by users' browsers. While the plugin's attack surface is minimal and free of common injection vectors, the lack of output sanitization is a critical oversight that requires immediate attention.",[192],{"reason":193,"points":194},"No properly escaped output",8,"2026-03-17T05:40:08.260Z",{"wat":197,"direct":208},{"assetPaths":198,"generatorPatterns":201,"scriptPaths":202,"versionParams":205},[199,200],"\u002Fwp-content\u002Fplugins\u002Fpanoramio-images\u002Fjs\u002Fjquery.js","\u002Fwp-content\u002Fplugins\u002Fpanoramio-images\u002Fjs\u002Fpamjax.js",[],[203,204],"jquery","pamjax",[206,207],"panoramio-images\u002Fjs\u002Fjquery.js?ver=","panoramio-images\u002Fjs\u002Fpamjax.js?ver=",{"cssClasses":209,"htmlComments":210,"htmlAttributes":214,"restEndpoints":229,"jsGlobals":230,"shortcodeOutput":238},[],[211,212,213],"\u003C!-- Panoramio Images: START -->","\u003C!-- Widget made by Rambash - http:\u002F\u002Fwww.letsgeek.com -->","\u003C!-- Panoramio Images: END -->",[215,216,217,218,219,220,221,222,223,224,225,226,227,228],"id=\"widget_pam\"","id=\"pamdiv\"","id=\"pamore\"","id=\"panoramio\"","id=\"pam-title\"","name=\"pam-title\"","id=\"pam-size\"","name=\"pam-size\"","id=\"pam-quantity\"","name=\"pam-quantity\"","id=\"pam-boxsize\"","name=\"pam-boxsize\"","id=\"pam-submit\"","name=\"pam-submit\"",[],[231,232,233,234,235,236,237],"var maxx =","var maxy =","var minx =","var miny =","var start =","var end =","var size =",[239],"\u003Cdiv id=\"widget_pam\">"]