[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcc1c6rograttKVKFuiGjffKijyZhbxRvXJuzp6xyvks":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":44,"crawl_stats":35,"alternatives":50,"analysis":145,"fingerprints":244},"pinterest-pinboard-widget","Pinterest Pinboard Widget","1.0.7","codefish","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodefish\u002F","\u003Cp>This plugin adds your favorite pins much like the pinboards on Pinterest. It uses the original thumbnails from Pinterest itself. The plugin aims to have the same look and feel as the pinboords on Pinterest. To improve your site’s performance, the pins are cached every 15 minutes.\u003C\u002Fp>\n\u003Cp>The Pinterest Pinboard can be used as a widget in your sidebar or on any page using the shortcode.\u003C\u002Fp>\n\u003Ch3>Get Involved\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Development and pull requests \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodefishnl\u002Fwordpress-pinterest-pinboard-widget\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Bug reports and suggestions on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fpinterest-pinboard-widget\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple must-have widget for the Pinterest addict! Displays thumbnails of your latest Pinterest pins on your website.",600,79264,80,7,"2017-11-28T20:29:00.000Z","4.1.42","3.0","",[20,21,22],"pinboard","pinterest","widget","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpinterest-pinboard-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpinterest-pinboard-widget.1.0.7.zip",63,1,"2025-09-22 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35},"CVE-2025-58248","pinterest-pinboard-widget-authenticated-contributor-stored-cross-site-scripting","Pinterest Pinboard Widget \u003C= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Pinterest Pinboard Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.0.7","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-26 17:38:37",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F12777db6-125e-42dc-b4b5-694826ec3579?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":45,"total_installs":11,"avg_security_score":46,"avg_patch_time_days":47,"trust_score":48,"computed_at":49},2,78,30,79,"2026-04-04T14:06:36.924Z",[51,69,88,107,126],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":59,"num_ratings":26,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":18,"tags":64,"homepage":65,"download_link":66,"security_score":67,"vuln_count":68,"unpatched_count":68,"last_vuln_date":35,"fetched_at":28},"easy-pinterest","Easy Pinterest for WordPress","1.2.9","Steve Struemph","https:\u002F\u002Fprofiles.wordpress.org\u002Fsstruemph\u002F","\u003Cp>This is an early version of the Easy Pinterest widget for WordPress, please let me know at http:\u002F\u002Fthisismyurl.com if you have suggestion how to make it better.\u003C\u002Fp>\n\u003Cp>The plugin adds a 300px wide Widget to your website which fetches your Pinterest RSS feed and displays the images on your website. Currently, you can select the number of images to display, the account to fetch and the title of the Widget.\u003C\u002Fp>\n\u003Cp>Under the Settings > Easy Pinterest page, you can also choose to block Pinterest from indexing your website.\u003C\u002Fp>\n\u003Cp>At the moment, it fetches once per day.\u003C\u002Fp>\n\u003Cp>This plugin is maintained by Christopher Ross, http:\u002F\u002Fthisismyurl.com or you can find him on Twitter at http:\u002F\u002Ftwitter.com\u002Fthisismyurl\u002F\u003C\u002Fp>\n\u003Ch3>Updates\u003C\u002Fh3>\n\u003Cp>Updates to the plugin will be posted here, to http:\u002F\u002Fthisismyurl.com\u002Fdownloads\u002Feasy-pinterest-wordpress\u002F\u003C\u002Fp>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>If you would like to donate to help support future development of this tool, please visit\u003Cbr \u002F>\nChristopher Ross at http:\u002F\u002Fthisismyurl.com\u002Fdownloads\u002F\u003C\u002Fp>\n","An easy way to add recent Pinterest posts to your WordPress website as a widget.",100,21704,"2016-04-06T23:52:00.000Z","4.1.0","3.2.0",[20,21,22],"http:\u002F\u002Fthisismyurl.com\u002Fplugins\u002Feasy-pinterest-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-pinterest.zip",85,0,{"slug":70,"name":71,"version":72,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":79,"num_ratings":80,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":18,"tags":84,"homepage":86,"download_link":87,"security_score":67,"vuln_count":68,"unpatched_count":68,"last_vuln_date":35,"fetched_at":28},"pretty-pinterest-pins","Pretty Pinterest Pins","1.3.1","jowilki","https:\u002F\u002Fprofiles.wordpress.org\u002Fjowilki\u002F","\u003Cp>This plugin allows you to display thumbnails and links to yours (or anyones!) latest Pins from Pinterest in your sidebar.  It is styled after Pinterest and offers a clean and modern look to show off your pins.\u003C\u002Fp>\n\u003Cp>This widget is fully customizable, you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>pull the latest pins from any Pinterest user\u003C\u002Fli>\n\u003Cli>display only pins from specific boards\u003C\u002Fli>\n\u003Cli>choose the number of pins to display\u003C\u002Fli>\n\u003Cli>show or hide the image captions\u003C\u002Fli>\n\u003Cli>display a “Follow me on Pinterest” button under your pins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Clean and Modern Look (like Pinterest)\u003C\u002Fli>\n\u003Cli>Looks great on light and dark backgrounds\u003C\u002Fli>\n\u003Cli>Captions scale and look nice with long or short text\u003C\u002Fli>\n\u003Cli>Semantic HTML\u003C\u002Fli>\n\u003Cli>Easy to Install: Simply add a Pinterest username and you’re good to go!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>More to come when Pinterest opens their API!  This project is maintained on github if you’d like to contribute :\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fjowilki\u002Fpretty-pinterest-pins\u003C\u002Fp>\n","A plugin to show off images, captions, and links from your latest Pinterest activity.",300,42403,98,9,"2015-09-21T13:10:00.000Z","4.3.34","2.8",[21,85,22],"sidebar","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpretty-pinterest-pins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpretty-pinterest-pins.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":77,"downloaded":96,"rating":59,"num_ratings":45,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":18,"tags":100,"homepage":105,"download_link":106,"security_score":67,"vuln_count":68,"unpatched_count":68,"last_vuln_date":35,"fetched_at":28},"wpc-pinterest-widget","Pinterest Widget by Angie Makes","1.3","Chris Baldelomar","https:\u002F\u002Fprofiles.wordpress.org\u002Fcbaldelomar\u002F","\u003Cp>See the \u003Ca href=\"http:\u002F\u002Fhallie.angiemakes.com\u002Fblog\u002F\" rel=\"nofollow ugc\">Pinterest widget in action\u003C\u002Fa>\u003C\u002Fp>\n","Add official Pinterest widget to your site. Insert your Pinterest board widget, profile widget, and pin widget to any widget area.",10350,"2017-05-10T20:25:00.000Z","4.7.32","4.2.4",[101,102,103,104],"pinterest-board-widget","pinterest-pin-widget","pinterest-profile-widget","pinterest-widget","http:\u002F\u002Fangiemakes.com\u002Ffeminine-wordpress-blog-themes-women\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpc-pinterest-widget.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":26,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":18,"tags":121,"homepage":124,"download_link":125,"security_score":67,"vuln_count":68,"unpatched_count":68,"last_vuln_date":35,"fetched_at":28},"wp-pinterest","WP Pinterest","1.0","Rahul Arora","https:\u002F\u002Fprofiles.wordpress.org\u002Ftechably\u002F","\u003Cp>Add Pinterest assets like Pin-it button, Follow button and Pinboard to your WordPress site without hassle.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"http:\u002F\u002Ftechably.com\u002Fwp-pinterest-wordpress-plugin\u002F7225\u002F\" rel=\"nofollow ugc\">Plugin FAQ and News\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>[PHP5 is required to avoid any problems with the plugin]\u003C\u002Fp>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cp>Pin-it button\u003Cbr \u002F>\n        – Shortcode     :   [pinit]\u003Cbr \u002F>\n        – Parameters    :   layout      \u002F\u002F Button Layout\u003Cbr \u002F>\n        – Usage         :   [pinit layout=”horizontal|vertical|none”]\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Pinterest Follow button\n    - Shortcode     :   [pinme]\n    - Parameters    :   username, layout        \u002F\u002F Pinterest Username, Button Layout\n    - Usage         :   [pinme username=\"your_pinterest_username\" layout=\"large-white | medium-white | icon-white | tiny-white | large-red | medium-red | icon-red | tiny-red | icon-text\"]\n\nPinterest Pinboard\n    - Shortcode     :   [pinboard]\n    - Parameters    :   username, board, pins, width, height, maxheight, description, follow, columns       \u002F\u002F Pinterest Username, Pinboard Name, Number of Pins to display, Pin width, Pin height, Pin maximum height, Show or hide description, Follow link below the Pinboard, Number of Columns the Pinboard should have\n    - Usage         :   [pinboard username=\"your_pinterest_username\" board=\"your_pinterest_board_name\" pins=\"number_of_pins_to_display\" width=\"width_of_a_pin\" height=\"height_of_a_pin\" maxheight=\"maximum_height_of_a_pin\" description=\"0 | 1\" follow=\"large-white | medium-white | icon-white | tiny-white | large-red | medium-red | icon-red | tiny-red | icon-text | icon-text-red | icon-text-white | none\" columns=\"number_of_columns_for_pinboard\"]\u003Ch3>PHP functions\u003C\u002Fh3>\nPin-it button\n    Function        :   wp_pinterest_pin_it_button\n    Parameters      :   $layout     \u002F\u002F Button Layout\n    Usage           :   `\u003C?php wp_pinterest_pin_it_button('horizontal | vertical | none'); ?>`\n\nPinterest Follow button\n    Function        :   wp_pinterest_follow_button\n    Parameters      :   $username, $layout      \u002F\u002F Pinterest Username, Button Layout\n    Usage           :   `\u003C?php wp_pinterest_follow_button('your_pinterest_username', 'large-white | medium-white | icon-white | tiny-white | large-red | medium-red | icon-red | tiny-red'); ?>`\n\nPinterest Pinboard\n    Function        :   wp_pinterest_pinboard\n    Parameters      :   $username, $board, $pins, $width, $height, $maxheight, $description, $follow, $columns      \u002F\u002F Pinterest Username, Pinboard Name, Number of Pins to display, Pin width, Pin height, Pin maximum height, Show or hide description, Follow link below the Pinboard, Number of Columns the Pinboard should have\n    Usage           :   `\u003C?php wp_pinterest_pinboard('your_pinterest_username', 'your_pinterest_board_name', 'number_of_pins_to_display', 'width_of_a_pin', 'height_of_a_pin', 'maximum_height_of_a_pin', '0 | 1', 'large-white | medium-white | icon-white | tiny-white | large-red | medium-red | icon-red | tiny-red | icon-text | icon-text-red | icon-text-white | none', 'number_of_columns_for_pinboard'); ?>`\n\n= NOTE: The parameters 'pins', 'width', 'height', 'maxheight', 'columns' should be supplied an integer value only. Parameter 'description', which controls showing\u002Fhiding of Pin title on Pinboard, is a binary parameter which should be provided with a value either '0' (false) or '1' (true).\n        Implement the best practice to use PHP functions in your WordPress Theme by following the below given example:\n            \u003C?php if(function_exists('wp_pinterest_follow_button')) echo wp_pinterest_follow_button('your_pinterest_username', 'large-white | medium-white | icon-white | tiny-white | large-red | medium-red | icon-red | tiny-red'); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Integrates Pinterest and it's different assets and goodies with your WordPress site.",90,18990,20,"2012-07-02T12:50:00.000Z","3.4.2","3.1",[122,20,123,21],"pin","pinit","http:\u002F\u002Ftechably.com\u002Fwp-pinterest-wordpress-plugin\u002F7225\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-pinterest.zip",{"slug":127,"name":128,"version":110,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":117,"downloaded":133,"rating":68,"num_ratings":68,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":18,"tags":137,"homepage":143,"download_link":144,"security_score":67,"vuln_count":68,"unpatched_count":68,"last_vuln_date":35,"fetched_at":28},"animated-pinterest-pin-it-button-for-images","Animated Pinterest \"Pin It\" Button for Images","Plamen Marinov","https:\u002F\u002Fprofiles.wordpress.org\u002Fptmbg\u002F","\u003Cp>Animated Pinterest “Pin It” Button for Images is a WordPress plugin that allows your visitors to easily share your images via Pinterest.\u003C\u002Fp>\n\u003Cp>The plugin allows you to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add hover animated button to each image.\u003C\u002Fli>\n\u003Cli>Disable button for selected image(s).\u003C\u002Fli>\n\u003Cli>Styling and positioning and animating the button.\u003C\u002Fli>\n\u003Cli>Customizing Pin description.\u003C\u002Fli>\n\u003Cli>Can add different buttons and settings to each image.\u003C\u002Fli>\n\u003Cli>Works on desktop and mobile devices\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note:\u003Cbr \u002F>\nIn lite version part of settings is disabled.\u003Cbr \u002F>\nPlease visit \u003Ca href=\"https:\u002F\u002Fpinitbutton.webwapstudio.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fpinitbutton.webwapstudio.com\u002F\u003C\u002Fa> to see full features and demo.\u003C\u002Fp>\n\u003Cp>Please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fanimated-pinterest-pin-it-button-for-images\" rel=\"ugc\">\u003Cstrong>rate\u003C\u002Fstrong>\u003C\u002Fa> this Plugin if you find it useful. It only takes a moment but it’s very much appreciated. 🙂\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.3.0 or higher\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a Animated Pinterest \"Pin It\" Button to your images.",2318,"2021-04-17T07:52:00.000Z","5.7.15","3.3.0",[138,139,140,141,142],"advanced-pinterest","board","feed","free","free-pinterest-widget","http:\u002F\u002FPinItButton.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanimated-pinterest-pin-it-button-for-images.zip",{"attackSurface":146,"codeSignals":166,"taintFlows":226,"riskAssessment":227,"analyzedAt":243},{"hooks":147,"ajaxHandlers":162,"restRoutes":163,"shortcodes":164,"cronEvents":165,"entryPointCount":68,"unprotectedCount":68},[148,154,158],{"type":149,"name":150,"callback":151,"file":152,"line":153},"filter","wp_feed_cache_transient_lifetime","anonymous","pinterest-pinboard-widget.php",105,{"type":155,"name":156,"callback":151,"file":152,"line":157},"action","widgets_init",267,{"type":155,"name":159,"callback":160,"file":152,"line":161},"wp_enqueue_scripts","pinterest_pinboard_widget_css",275,[],[],[],[],{"dangerousFunctions":167,"sqlUsage":173,"outputEscaping":175,"fileOperations":68,"externalRequests":68,"nonceChecks":68,"capabilityChecks":68,"bundledLibraries":225},[168,171],{"fn":169,"file":152,"line":153,"context":170},"create_function","add_filter('wp_feed_cache_transient_lifetime', create_function('$a', 'return '. $this->cache_lifetim",{"fn":169,"file":152,"line":157,"context":172},"add_action('widgets_init', create_function('', 'return register_widget(\"Pinterest_Pinboard_Widget\");",{"prepared":68,"raw":68,"locations":174},[],{"escaped":176,"rawEcho":177,"locations":178},5,28,[179,182,184,185,186,188,190,192,194,195,196,198,200,201,202,204,206,207,208,210,212,213,214,216,217,219,221,223],{"file":152,"line":180,"context":181},62,"raw output",{"file":152,"line":183,"context":181},74,{"file":152,"line":46,"context":181},{"file":152,"line":115,"context":181},{"file":152,"line":187,"context":181},93,{"file":152,"line":189,"context":181},96,{"file":152,"line":191,"context":181},212,{"file":152,"line":193,"context":181},213,{"file":152,"line":193,"context":181},{"file":152,"line":193,"context":181},{"file":152,"line":197,"context":181},216,{"file":152,"line":199,"context":181},217,{"file":152,"line":199,"context":181},{"file":152,"line":199,"context":181},{"file":152,"line":203,"context":181},220,{"file":152,"line":205,"context":181},221,{"file":152,"line":205,"context":181},{"file":152,"line":205,"context":181},{"file":152,"line":209,"context":181},224,{"file":152,"line":211,"context":181},225,{"file":152,"line":211,"context":181},{"file":152,"line":211,"context":181},{"file":152,"line":215,"context":181},228,{"file":152,"line":215,"context":181},{"file":152,"line":218,"context":181},229,{"file":152,"line":220,"context":181},246,{"file":152,"line":222,"context":181},248,{"file":152,"line":224,"context":181},261,[],[],{"summary":228,"deductions":229},"The \"pinterest-pinboard-widget\" plugin v1.0.7 exhibits a mixed security posture. While it demonstrates good practices by not exposing a broad attack surface through AJAX, REST API, shortcodes, or cron events, and correctly uses prepared statements for all SQL queries, significant concerns remain. The presence of \"create_function\" is a major red flag, as it can lead to arbitrary code execution if not handled with extreme caution and sanitization, which is not evident from the static analysis. Furthermore, the low percentage of properly escaped output (15%) indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into user interfaces.\n\nThe plugin's vulnerability history, featuring one known medium-severity CVE of the XSS type, reinforces the concerns raised by the static analysis regarding output escaping. The fact that this vulnerability is currently unpatched suggests a potential ongoing risk to users who have not updated their WordPress installations or are unaware of the necessary manual remediation. While the lack of critical or high-severity vulnerabilities in the history is a positive sign, the combination of the \"create_function\" usage, poor output escaping, and an unpatched CVE points to a plugin that requires immediate attention to address these security weaknesses.",[230,233,236,239,241],{"reason":231,"points":232},"Unpatched CVE",17,{"reason":234,"points":235},"Dangerous function: create_function",10,{"reason":237,"points":238},"Low percentage of properly escaped output",8,{"reason":240,"points":176},"No nonce checks",{"reason":242,"points":176},"No capability checks","2026-03-16T19:28:57.121Z",{"wat":245,"direct":250},{"assetPaths":246,"generatorPatterns":247,"scriptPaths":248,"versionParams":249},[],[],[],[],{"cssClasses":251,"htmlComments":256,"htmlAttributes":258,"restEndpoints":262,"jsGlobals":263,"shortcodeOutput":264},[20,252,253,254,255],"row","pin_link","pin_logo","pin_text",[257],"Version: 1.0.7 \u002F\u002F Execution Time: ",[259,260,261],"target=\"_blank\"","alt=\"","title=\"",[],[],[265,266,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283],"\u003Cdiv class=\"pinboard\">\n","\u003Cdiv class=\"row\">\n","\u003Ca href=\""," target=\"_blank\"",">\u003Cimg src=\"","\" alt=\"","\" title=\"","\" \u002F>\u003C\u002Fa>","\u003C\u002Fdiv>\n","\u003Cdiv class=\"pin_link\">\n","\u003Ca class=\"pin_logo\" href=\"http:\u002F\u002Fpinterest.com\u002F","\u002F\">\n","\u003Cimg src=\"\u002F\u002Fpassets-cdn.pinterest.com\u002Fimages\u002Fsmall-p-button.png\" width=\"16\" height=\"16\" alt=\"Follow Me on Pinterest\" \u002F>\n","\u003C\u002Fa>\n","\u003Cspan class=\"pin_text\">\u003Ca href=\"http:\u002F\u002Fpinterest.com\u002F","\u002F\" ",">","\u003C\u002Fa>\u003C\u002Fspan>\n","\u003C\u002Fdiv>"]