[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqbMoht0cyU2m3h8HueG_NQBOacYfUw7kf_ifhpoy430":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":127,"fingerprints":200},"pmid-citation-plus","PMID Citation Plus","1.0.8","mdanielpatrick","https:\u002F\u002Fprofiles.wordpress.org\u002Fmdanielpatrick\u002F","\u003Cp>Feature request?\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwww.mdpatrick.com\u002Fdonate\u002F\" rel=\"nofollow ugc\">Consider dropping me a few bucks (donate page)\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>.. or ..\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmdpatrick\u002FPMID-Citation-Plus\" rel=\"nofollow ugc\">You can make your own feature and create a pull request on GitHub. This plug is open source.\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin makes citing scientific studies in an \u003Cem>aesthetically pleasing manner\u003C\u002Fem> much more easy.\u003C\u002Fp>\n\u003Cp>It allows you to simply enter in PubMed IDs on the composition page and have a references list (very similar to Wikipedia’s) automatically built for you. At the moment it only supports PMIDs, but in the future will also support citation via DOI.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Creates an input box on your post composition page where you can input PubMed IDs.\u003C\u002Fli>\n\u003Cli>PubMed IDs are then stored in the database along with your post, and this data is used to create a references block at the bottom of your post.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows you to simply enter in PubMed IDs (PMIDs) and have a references list automatically built at the bottom of your post for you.",10,3495,70,2,"2013-10-13T01:16:00.000Z","3.6.1","3.1.2","",[20,21,22,23,24],"citation","cite","citing","pmid","pubmed","http:\u002F\u002Fwww.mdpatrick.com\u002F2011\u002Fpmidcitationplus\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpmid-citation-plus.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-04T15:24:36.651Z",[38,57,77,96,111],{"slug":21,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":55,"download_link":56,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Cite","1.2.2","Maeve Lander","https:\u002F\u002Fprofiles.wordpress.org\u002Fenigmaweb\u002F","\u003Cp>Help readers know how to cite your article correctly. Use Cite plugin to display a box at the bottom of each page\u002Fpost with reference information. Add to any page\u002Fpost using shortcode \u003Ccode>[cite]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple & lightweight\u003C\u002Fli>\n\u003Cli>Dynamically generate tags such as site name, post title, permalink, publication date, last accessed date\u003C\u002Fli>\n\u003Cli>Works in all major browsers – IE7, IE8, IE9, Safari, Firefox, Chrome\u003C\u002Fli>\n\u003Cli>Add to any page using shortcode \u003Ccode>[cite]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdemo.enigmaweb.com.au\u002Fcite\u002F\" rel=\"nofollow ugc\">Click here\u003C\u002Fa> for out-of-the-box demo\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cp>Would you like to help translate the plugin into more languages? It’s very easy – you don’t have to know any code. Please \u003Ca href=\"http:\u002F\u002Fwww.enigmaplugins.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">contact Maeve\u003C\u002Fa>\u003C\u002Fp>\n","Help readers know how to cite your article correctly",100,5439,90,15,"2015-07-29T05:50:00.000Z","4.7.32","3.1",[20,21,53,54],"reference","referencing","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcite","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcite.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":47,"num_ratings":14,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":75,"download_link":76,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"kcite","KCite","1.6.3","knowledgeblog","https:\u002F\u002Fprofiles.wordpress.org\u002Fknowledgeblog\u002F","\u003Cp>Interprets the [cite] shortcode to produce citations from the\u003Cbr \u002F>\nappropriate sources, also produces a formatted bibliography at the foot of the\u003Cbr \u002F>\npost, with appropriate links to articles.\u003C\u002Fp>\n\u003Cp>This plugin now uses multiple resources to retrieve metadata about the\u003Cbr \u002F>\nreferences in question, including CrossRef, DataCite, arXiv, PubMed and\u003Cbr \u002F>\narbitrary URLs.\u003C\u002Fp>\n\u003Cp>Additional documentation is available at\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fprocess.knowledgeblog.org\u002Fcategory\u002Fkcite\" rel=\"nofollow ugc\">Process\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Syntax\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>DOI Example – [cite source=’doi’]10.1021\u002Fjf904082b[\u002Fcite]\u003C\u002Fp>\n\u003Cp>PMID example – [cite source=’pubmed’]17237047[\u002Fcite]\u003C\u002Fp>\n\u003Cp>Whichever ‘source’ is identified as the default (see Installation), will work\u003Cbr \u002F>\nwithout the source attribute being set in the shortcode. so:\u003C\u002Fp>\n\u003Cp>[cite]10.1021\u002Fjf904082b[\u002Fcite]\u003C\u002Fp>\n\u003Cp>Will be interpreted correctly as long as DOI is set as the default metadata\u003Cbr \u002F>\nsource.\u003C\u002Fp>\n\u003Cp>Kcite now supports DOIs from both \u003Ca href=\"http:\u002F\u002Fwww.crossref.org\" rel=\"nofollow ugc\">CrossRef\u003C\u002Fa> and\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.datacite.org\" rel=\"nofollow ugc\">DataCite\u003C\u002Fa>. Identifiers from\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.pubmed.org\" rel=\"nofollow ugc\">PubMed\u003C\u002Fa> or \u003Ca href=\"http:\u002F\u002Fwww.arxiv.org\" rel=\"nofollow ugc\">arXiv\u003C\u002Fa> are directly\u003Cbr \u002F>\nsupported. URLs are supported via\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fgreycite.knowledgeblog.org\" rel=\"nofollow ugc\">Greycite\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>From Kcite 1.4, Citeproc-js\u003Cbr \u002F>\n(https:\u002F\u002Fbitbucket.org\u002Ffbennett\u002Fciteproc-js\u002Fwiki\u002FHome) is used to render the\u003Cbr \u002F>\nbibliography on the browser; the main visible change it that Author-Year\u003Cbr \u002F>\ncitation is used. There is now experimental support for reader switching. This\u003Cbr \u002F>\nmust be enabled in the settings page as it is off by default.\u003C\u002Fp>\n\u003Cp>Kcite is developed at http:\u002F\u002Fcode.google.com\u002Fp\u002Fknowledgeblog\u002F in Mercurial. To\u003Cbr \u002F>\ncontact the authors, please email knowledgeblog@googlegroups.com.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>This plugin is copyright Phillip Lord, Simon Cockell and Newcastle University\u003Cbr \u002F>\nand is licensed under GPLv3. Citeproc-js which is included is used under the\u003Cbr \u002F>\nAGPLv3.\u003C\u002Fp>\n","A tool for producing citations and bibliographies in Wordpress posts. Developed for the Knowledgeblog project (http:\u002F\u002Fknowledgeblog.org).",50,7744,"2016-04-07T08:55:00.000Z","4.4.34","3.0",[71,72,73,24,74],"citations","crossref","doi","references","http:\u002F\u002Fknowledgeblog.org\u002Fkcite-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkcite.1.6.3.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":34,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":69,"requires_php":18,"tags":90,"homepage":94,"download_link":95,"security_score":45,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-attribution","Simple Attribution","2.1.3","DigitalME","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalmeactivecampaign\u002F","\u003Cp>Simple Attribution is just that… simple! It adds a meta box on post pages\u003Cbr \u002F>\nwhich allows bloggers to specify the name and URL of the site a sourced article\u003Cbr \u002F>\noriginated from. Assuming both these fields are filled out, it appends the\u003Cbr \u002F>\nattribution link to the bottom of the post.\u003C\u002Fp>\n\u003Cp>Simple Attribution allows links to be generated in both text and image form,\u003Cbr \u002F>\nallowing you to customize it to the feel of your website. Natively, it includes\u003Cbr \u002F>\n5 icons which can be used to identify the attribution link instead of the\u003Cbr \u002F>\nstandard caption (which is editable through the options panel), and custom\u003Cbr \u002F>\nicons can be used as well.\u003C\u002Fp>\n\u003Cp>Don’t like where we put the link? You have the option to disable\u003Cbr \u002F>\nauto-attribution and put the link wherever you want it to display simply by\u003Cbr \u002F>\nadding \u003C?php echo display_attribution(); ?> to your template!\u003C\u002Fp>\n","A simple plugin to allow bloggers to add attribution to sourced posts.",13231,80,4,"2026-02-04T16:43:00.000Z","6.9.4",[91,20,21,92,93],"attribution","link","post","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-attribution\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-attribution.2.1.3.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":11,"downloaded":104,"rating":45,"num_ratings":33,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":18,"tags":108,"homepage":18,"download_link":110,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"blockquote-cite","Blockquote Cite","0.50","fergbrain","https:\u002F\u002Fprofiles.wordpress.org\u002Ffergbrain\u002F","\u003Cp>Blockquote Cite allows you to add easily cite references when using the blockquote tag. To add a reference, simply use the cite element and then enter the URL of site the content was quoted from. If a logo is available for that site, it will be displayed. Otherwise a text link will be used.\u003C\u002Fp>\n","Blockquote Cite allows you to add easily cite references when using the blockquote tag.",4592,"2017-06-13T23:06:00.000Z","4.8.28","4.4",[109,20,21],"blockquote","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblockquote-cite.0.50.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":28,"downloaded":119,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":89,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":18,"download_link":125,"security_score":45,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":126},"citation-note","Citation Note","1.1.1","Santosh Thapa Magar","https:\u002F\u002Fprofiles.wordpress.org\u002Fsantoshtmp7\u002F","\u003Cp>\u003Cstrong>Citation Note\u003C\u002Fstrong> plugin easily add, manage, and display citations, references, and footnotes in posts, pages, or custom post types using a user-friendly editor interface.\u003C\u002Fp>\n\u003Cp>This is developed to help content creators manage and display content citations or references directly from the post\u002Fpage editor.\u003C\u002Fp>\n\u003Cp>This plugin adds a custom meta box with dynamic citation fields that allow users to:\u003Cbr \u002F>\n– Add multiple citation entries.\u003Cbr \u002F>\n– Remove or reorder citations.\u003Cbr \u002F>\n– Output citations in the frontend or within blocks.\u003C\u002Fp>\n\u003Cp>Ideal for blogs, research publications, or any content that benefits from structured citation management.\u003C\u002Fp>\n\u003Ch3>How to use\u003C\u002Fh3>\n\u003Col>\n\u003Cli>After activate the plugin and select the post type to apply citations.\u003C\u002Fli>\n\u003Cli>Go to the edit screen of any selected post type.\u003C\u002Fli>\n\u003Cli>Scroll down to the \u003Cstrong>Citation List\u003C\u002Fstrong> meta box.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Add Citation\u003C\u002Fstrong> to insert new fields.\u003C\u002Fli>\n\u003Cli>Fill in your citation data (citation number and description).\u003C\u002Fli>\n\u003Cli>In the content editor, insert the placeholder (e.g., \u003Ccode>citation_1\u003C\u002Fcode>) where the citation reference should appear.\u003C\u002Fli>\n\u003Cli>Save or update the post.\u003C\u002Fli>\n\u003Cli>Use the shortcode \u003Ccode>[citenote_display_list]\u003C\u002Fcode> or template function \u003Ccode>do_shortcode('[citenote_display_list]')\u003C\u002Fcode> to render the citation list on the frontend.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. For more information, see https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html.\u003C\u002Fp>\n","Easily add, manage, and display citations, references, and footnotes in posts, pages, or custom post types using a user-friendly editor interface.",412,"6.8","8.0",[20,112,123,124,53],"citenote","footnotes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcitation-note.1.1.1.zip","2026-03-15T10:48:56.248Z",{"attackSurface":128,"codeSignals":172,"taintFlows":192,"riskAssessment":193,"analyzedAt":199},{"hooks":129,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":171,"entryPointCount":33,"unprotectedCount":28},[130,136,140,144,150,154,157,161],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","wp_enqueue_scripts","enqueue_pmid_scripts","pmid-citation-plus.php",11,{"type":131,"name":137,"callback":138,"file":134,"line":139},"admin_init","pmidplus_add_meta",12,{"type":131,"name":141,"callback":142,"file":134,"line":143},"save_post","pmidplus_save_postdata",13,{"type":145,"name":146,"callback":147,"priority":148,"file":134,"line":149},"filter","the_content","pmidplus_append_bibliography",9,14,{"type":131,"name":151,"callback":152,"priority":148,"file":134,"line":153},"admin_menu","pmidplus_admin_menu",209,{"type":131,"name":137,"callback":155,"priority":148,"file":134,"line":156},"register_pmidplus_settings",210,{"type":131,"name":158,"callback":159,"file":134,"line":160},"admin_notices","pmidplus_rate_plugin_notice",212,{"type":131,"name":162,"callback":163,"file":134,"line":164},"admin_enqueue_scripts","pmidplus_enqueue_admin_scripts",213,[],[],[168],{"tag":169,"callback":170,"file":134,"line":48},"pmidplus","shortcode_cite",[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":14,"externalRequests":33,"nonceChecks":33,"capabilityChecks":14,"bundledLibraries":191},[],{"prepared":28,"raw":28,"locations":175},[],{"escaped":14,"rawEcho":177,"locations":178},5,[179,183,185,187,189],{"file":180,"line":181,"context":182},"includes\\pmidplus-settings.php",26,"raw output",{"file":134,"line":184,"context":182},103,{"file":134,"line":186,"context":182},106,{"file":134,"line":188,"context":182},108,{"file":134,"line":190,"context":182},138,[],[],{"summary":194,"deductions":195},"The pmid-citation-plus plugin, in version 1.0.8, exhibits a generally strong security posture based on the static analysis.  It demonstrates excellent practices with zero AJAX handlers and REST API routes lacking authentication, as well as 100% of SQL queries utilizing prepared statements. The plugin also correctly implements nonce checks and capability checks, further bolstering its defenses.  However, a significant concern arises from the low rate of proper output escaping (29%), which indicates a potential for Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed on the frontend. The absence of any recorded vulnerabilities in its history is a positive indicator, suggesting a history of responsible development or simply a lack of past exploitable issues, but it does not negate the identified code signals.\n\nWhile the plugin boasts zero total and unpatched CVEs, and no critical or high-severity taint flows, the output escaping deficiency presents a clear and actionable risk. The limited attack surface, with only one shortcode and no unprotected entry points, is a commendable aspect. The presence of file operations and external HTTP requests, while not inherently insecure, warrants attention if the data involved in these operations is not handled with extreme care.  Overall, pmid-citation-plus v1.0.8 is well-defended against common injection and unauthorized access vulnerabilities, but the insufficient output escaping leaves it susceptible to XSS attacks, which is the primary area requiring immediate attention.",[196],{"reason":197,"points":198},"Low output escaping rate",6,"2026-03-17T00:00:50.313Z",{"wat":201,"direct":209},{"assetPaths":202,"generatorPatterns":206,"scriptPaths":207,"versionParams":208},[203,204,205],"\u002Fwp-content\u002Fplugins\u002Fpmid-citation-plus\u002Fcss\u002Fpmidplus.css","\u002Fwp-content\u002Fplugins\u002Fpmid-citation-plus\u002Fjs\u002Fjquery-tooltip\u002Fjquery.tooltip.css","\u002Fwp-content\u002Fplugins\u002Fpmid-citation-plus\u002Fjs\u002Fjquery-tooltip\u002Fjquery.tooltip.js",[],[205],[],{"cssClasses":210,"htmlComments":212,"htmlAttributes":220,"restEndpoints":226,"jsGlobals":227,"shortcodeOutput":230},[211],"pmidcitationplus",[213,214,215,216,217,218,219],"\u003C!-- The actual fields for data entry -->","\u003C!--SYNTAX: add_meta_box( $id, $title, $callback, $page, $context, $priority, $callback_args ); -->","\u003C!-- Make sure save is intentional, not just autosave. -->","\u003C!-- Verify this came from the our screen and with proper authorization -->","\u003C!-- Check permissions -->","\u003C!-- So far so good. Now we need to save the data. Only do it if the field doesn't match. -->","\u003C!-- Take the form input, scrape the info from the pubmed pages, output multidimensional array, and save update. -->",[221,222,223,224,225],"id=\"cit","id=\"pmidinput\"","name=\"pmidinput\"","id=\"pmidplusmeta\"","name=\"pmidplus_nonce\"",[],[228,229],"jQuery(document).ready","jQuery(\"#cit",[231,232],"\u003Ch1>References\u003C\u002Fh1>","\u003Cul>"]