[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fslLAqWJ_DREMARDa_2qn4k3Jfko-XVZ9jSHO9Dk6eCg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":47,"crawl_stats":38,"alternatives":54,"analysis":156,"fingerprints":319},"posts-per-cat","Posts per Cat","1.5.0","Aleksandar Urošević","https:\u002F\u002Fprofiles.wordpress.org\u002Furkekg\u002F","\u003Cp>Posts per Cat is a simple plugin that grab all or only selected categories from blog database, and then list recent N posts from each category, organised in 1-5 columns.\u003C\u002Fp>\n\u003Cp>If you are interested to acquisition of plugin, please \u003Ca href=\"https:\u002F\u002Furosevic.net\u002Fwordpress\u002Fcontact\u002F?subject=Posts-per-Cat%20Acquisition\" rel=\"nofollow ugc\">contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>choose how many boxes per row will be displayed (one, two, three, four or five)\u003C\u002Fli>\n\u003Cli>define number of post titles to display per category\u003C\u002Fli>\n\u003Cli>define category ID’s to exclude\u003C\u002Fli>\n\u003Cli>define category ID’s to include\u003C\u002Fli>\n\u003Cli>toggle displaying of child categories\u003C\u002Fli>\n\u003Cli>ordering boxes by category ID, title or custom (manually entered category ID’s as include list)\u003C\u002Fli>\n\u003Cli>toggle displaying sticky posts\u003C\u002Fli>\n\u003Cli>toggle usage of custom list CSS\u003C\u002Fli>\n\u003Cli>SEO optimized permalink URI’s\u003C\u002Fli>\n\u003Cli>integrate to template file, use shortcode [ppc] with options or widget\u003C\u002Fli>\n\u003Cli>ready for localisation\u003C\u002Fli>\n\u003Cli>template system for single post line in box defined by user in plain HTML with macro keywords for post elements\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode options\u003C\u002Fh4>\n\u003Cp>You can use shortcode [ppc], with options below (set option in shortcode to override default settings above):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>columns=2\u003C\u002Fcode> – Number of columns (1, 2, 3, 4 or 5)\u003C\u002Fli>\n\u003Cli>\u003Ccode>minh=0\u003C\u002Fcode> – Minimal height of box (in px, set to 0 for auto)\u003C\u002Fli>\n\u003Cli>\u003Ccode>include=category_ID's\u003C\u002Fcode> – Include category (comma separated category ID’s)\u003C\u002Fli>\n\u003Cli>\u003Ccode>exclude=category_ID's\u003C\u002Fcode> – Exclude category (comma separated category ID’s)\u003C\u002Fli>\n\u003Cli>\u003Ccode>parent=0\u003C\u002Fcode> – Only top level categories (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>order=ID\u003C\u002Fcode> – Order categories by (ID, name or custom)\u003C\u002Fli>\n\u003Cli>\u003Ccode>catonly=0\u003C\u002Fcode> – Only from displayed category archive (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>noctlink=0\u003C\u002Fcode> – Do not link category name (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>more=0\u003C\u002Fcode> – Standalone link to archives (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>moretxt=\"More from\"\u003C\u002Fcode> – Archive link prefix\u003C\u002Fli>\n\u003Cli>\u003Ccode>posts=5\u003C\u002Fcode> – Number of headlines per category block\u003C\u002Fli>\n\u003Cli>\u003Ccode>porderby=date\u003C\u002Fcode> – Order posts by date, modified, title, name, ID, author\u003C\u002Fli>\n\u003Cli>\u003Ccode>porder=DESC\u003C\u002Fcode> – Order sorting DESC or ASC\u003C\u002Fli>\n\u003Cli>\u003Ccode>titlelen=34\u003C\u002Fcode> – Headline length (in characters)\u003C\u002Fli>\n\u003Cli>\u003Ccode>shorten=0\u003C\u002Fcode> – Shorten headline (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>commnum=0\u003C\u002Fcode> – Display comment number (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>nosticky=0\u003C\u002Fcode> – Hide sticky posts (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>excerpts=none\u003C\u002Fcode> – Show excerpt (none, first or all)\u003C\u002Fli>\n\u003Cli>\u003Ccode>content=0\u003C\u002Fcode> – Use post content as excerpt (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>excleng=100\u003C\u002Fcode> – Excerpt length\u003C\u002Fli>\n\u003Cli>\u003Ccode>thumb=0\u003C\u002Fcode> – Show thumbnail with excerpt (0 or 1)\u003C\u002Fli>\n\u003Cli>\u003Ccode>tsize=60\u003C\u002Fcode> – Thumbnail size, set size in px for thumbnail width (height is same); or set in format WIDTHxHEIGHT (example 220×123); or set predefined custom image size (thumbnail, small, medium, large, full or cusotm defined)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Since version 1.4.0 you can use template to display custom formatted output (post line element). Example:\u003Cbr \u002F>\n    [ppc]\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"%link%\" rel=\"nofollow ugc\">%title_short%\u003C\u002Fa>\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>\u003Cspan class=\"comments-meta\">(\u003Ca href=\"%comments_link%\">%comments_num% comments\u003C\u002Fa>)\u003C\u002Fspan>\n\u003Cspan class=\"date-meta\">%date% @ %time%\u003C\u002Fspan>\n\u003Cspan class=\"author-meta\">\u003Ca href=\"%author_posts_url%\">%author_displayname%\u003C\u002Fa>\u003C\u002Fspan>\n%thumbnail%\n%excerpt% \u003Ca href=\"%link%\">[read more]\u003C\u002Fa>\n[\u002Fppc]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Supported macros:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>%title%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%title_short%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%post_content%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%excerpt%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%thumbnail%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%link%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%comments_num%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%comments_link%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%comments_form_link%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%datetime%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%date%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%time%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%author_displayname%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%author_firstname%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%author_lastname%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>%author_posts_url%\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","Group recent posts by category and show them inside boxes organized to columns.",300,53057,100,8,"2025-05-12T19:36:00.000Z","6.8.5","5.0","7.4",[20,21,22,23,24],"archives","category","excerpt","posts","recent-posts","http:\u002F\u002Furosevic.net\u002Fwordpress\u002Fplugins\u002Fposts-per-cat\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fposts-per-cat.1.5.0.zip",99,1,0,"2025-05-15 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":28},"CVE-2025-4169","posts-per-cat-unmaintained-authenticated-contributor-stored-cross-site-scripting","Posts per Cat [Unmaintained] \u003C= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Posts per Cat [Unmaintained plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ppc' shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.4.2","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-05-16 02:21:45",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7eb60874-85c1-40a9-b19d-131c2c2d49ba?source=api-prod",{"slug":48,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":49,"avg_security_score":50,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"urkekg",108100,91,180,73,"2026-04-04T00:52:24.434Z",[55,78,99,119,139],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":74,"download_link":75,"security_score":27,"vuln_count":76,"unpatched_count":29,"last_vuln_date":77,"fetched_at":31},"category-posts","Category Posts Widget","4.9.22","ZephyrWest","https:\u002F\u002Fprofiles.wordpress.org\u002Fzephyrwest\u002F","\u003Cp>Category Posts Widget is a light widget designed to do one thing and do it well: display the most recent posts from a certain category.\u003C\u002Fp>\n\u003Ch4>Term and Category based Posts Widget\u003C\u002Fh4>\n\u003Cp>A premium version of that free widget available at \u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002F\" rel=\"nofollow ugc\">tiptoppress.com\u003C\u002Fa> created for big WordPress sites.\u003C\u002Fp>\n\u003Ch4>Premium features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Auto-sizing Grid layout\u003C\u002Fli>\n\u003Cli>Custom field support in the Template\u003C\u002Fli>\n\u003Cli>Shortcode support in the Template\u003C\u002Fli>\n\u003Cli>Image-Slider (or News-Ticker)\u003C\u002Fli>\n\u003Cli>Asymmetrical list layouts\u003C\u002Fli>\n\u003Cli>Full background images\u003C\u002Fli>\n\u003Cli>Masonry responsive grid layout\u003C\u002Fli>\n\u003Cli>More complex filter (ANY, NOT, AND, …)\u003C\u002Fli>\n\u003Cli>Custom Post Types, Events, Products support\u003C\u002Fli>\n\u003Cli>All free features\u003C\u002Fli>\n\u003Cli>E-Mail support\u003C\u002Fli>\n\u003Cli>More examples on the \u003Ca href=\"https:\u002F\u002Fdemo.tiptoppress.com\u002F\" rel=\"nofollow ugc\">demo pages\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002Ftemplate-arrange-post-details\u002F\" rel=\"nofollow ugc\">Template\u003C\u002Fa> to arrange the post details.\u003C\u002Fli>\n\u003Cli>The Template text can be a post details placeholder, plain text, HTML or a font-icons.\u003C\u002Fli>\n\u003Cli>Font-icon support.\u003C\u002Fli>\n\u003Cli>‘Load more’ button \u002F Ajax API\u003C\u002Fli>\n\u003Cli>Item Title heading level buttons\u003C\u002Fli>\n\u003Cli>Excerpt length and item title in lines (line-clamp)\u003C\u002Fli>\n\u003Cli>Shortcode (Easily change all Shortcode options in the customizer).\u003C\u002Fli>\n\u003Cli>Date range filter\u003C\u002Fli>\n\u003Cli>New date format: Time since plublished\u003C\u002Fli>\n\u003Cli>Filter by post status: Published, scheduled, private.\u003C\u002Fli>\n\u003Cli>Multiple shortcodes at the same site or post.\u003C\u002Fli>\n\u003Cli>Add option for post offset (use two or more widgets after another).\u003C\u002Fli>\n\u003Cli>Admin UI: Buttons in the editor toolbar to insert shortcode.\u003C\u002Fli>\n\u003Cli>Option to touch device friendly “everything is a link”.\u003C\u002Fli>\n\u003Cli>For editing shortcode adds a Customizer link to the admin-bar (“With one click to the Customizer”).\u003C\u002Fli>\n\u003Cli>Set thumbnail width & height \u002F image crop with CSS (object-fit).\u003C\u002Fli>\n\u003Cli>Fluid images (max-width in %).\u003C\u002Fli>\n\u003Cli>One thumb dimension can be left empty.\u003C\u002Fli>\n\u003Cli>Option to set mouse hover effects for post thumbnail.\u003C\u002Fli>\n\u003Cli>Set a default thumbnail.\u003C\u002Fli>\n\u003Cli>Hide widget text or text, if there is no post.\u003C\u002Fli>\n\u003Cli>Option to hide posts which have no thumbnail.\u003C\u002Fli>\n\u003Cli>Option exclude current post.\u003C\u002Fli>\n\u003Cli>Option show post author, comment’s count, post date.\u003C\u002Fli>\n\u003Cli>Admin UI: Set \u002F find thumbnail size buttons: +, ¼, ½, 2x, -, ratio and Media sizes\u003C\u002Fli>\n\u003Cli>Admin UI: Buttons to easy add post details placeholder.\u003C\u002Fli>\n\u003Cli>Multi sites support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Full \u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002Fcategory-posts-widget\u002Fdocumentation-4-9\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Shortcode: Use [catposts] in the content and \u003Ca href=\"https:\u002F\u002Ftiptoppress.com\u002Fuse-shortcode-to-add-category-posts-widget-to-the-content\u002F\" rel=\"nofollow ugc\">edit in the customizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Formatting date and time: See \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFormatting_Date_and_Time\" rel=\"nofollow ugc\">Formatting Date and Time\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>While using this plugin if you find any bug or any conflict, please submit an issue at\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDanielFloeter\u002Fcategory-posts-widget\" rel=\"nofollow ugc\">Github\u003C\u002Fa> (If possible with a pull request).\u003C\u002Fp>\n","Adds a widget that shows the most recent posts from a single category.",40000,1787954,90,79,"2026-02-07T16:33:00.000Z","6.9.4","2.8","5.3",[72,73,21,23,24],"block","categories","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcategory-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-posts.4.9.22.zip",2,"2025-04-03 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":93,"download_link":97,"security_score":98,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"recent-posts-by-category-widget","Recent Posts by Category Widget","1.3","Ross Cornell","https:\u002F\u002Fprofiles.wordpress.org\u002Frossc\u002F","\u003Cp>This plugin adds a simple widget that allows you to display a number of recent blog posts from a specific category. You have the options to choose a title, category, number of posts and whether or not to show the post date. The posts will be ordered by date just like the default Recent Posts widget included with WordPress.\u003C\u002Fp>\n","Just like the default Recent Posts widget except you can choose a category to pull posts from.",4000,33251,94,12,"2017-11-28T16:45:00.000Z","4.2.39","3.0.1","",[73,21,24,95,96],"sidebar","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecent-posts-by-category-widget.zip",85,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":93,"tags":114,"homepage":117,"download_link":118,"security_score":98,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"custom-recent-posts-widget","Custom Recent Posts Widget","2.1.1","Prasanna SP","https:\u002F\u002Fprofiles.wordpress.org\u002Fprasannasp\u002F","\u003Cp>This plugin creates a new widget which lets you show a list of recent posts based on categories or tags. This is a must have plugin if you want to exclude some categories in recent posts widget or if you want to show recent posts based on tags. By default the wordpress recent posts widget shows a posts from all category. But this plugin gives you more power to customize your recent posts widget. You can also display post date in the widget.\u003C\u002Fp>\n\u003Cp>See the live action of this plugin on \u003Ca href=\"http:\u002F\u002Fdemo.prasannasp.net\u002Fcustom-recent-posts-widget\u002F\" rel=\"nofollow ugc\">demo site\u003C\u002Fa> or on Kennneth John Odle’s \u003Ca href=\"http:\u002F\u002Fblog.kjodle.net\u002F\" rel=\"nofollow ugc\">blog\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Have any questions or suggestions? Create a thread in the \u003Ca href=\"http:\u002F\u002Fforum.prasannasp.net\u002Fforum\u002Fplugin-support\u002Fcustom-recent-posts-widget\u002F\" rel=\"nofollow ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.prasannasp.net\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">this page\u003C\u002Fa> for more \u003Cstrong>WordPress Plugins\u003C\u002Fstrong> from the developer.\u003C\u002Fp>\n\u003Cp>A special thanks to \u003Ca href=\"http:\u002F\u002Fblog.kjodle.net\u002F\" rel=\"nofollow ugc\">Ken\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Fwww.joshlobe.com\" rel=\"nofollow ugc\">Josh\u003C\u002Fa> for testing the code.\u003C\u002Fp>\n","A widget to show recent posts list based on categories or tags",1000,51454,98,9,"2017-11-28T18:35:00.000Z","3.5.2","3.1",[73,21,24,115,116],"tag","tags","http:\u002F\u002Fwww.prasannasp.net\u002Fcustom-recent-posts-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-recent-posts-widget.2.1.1.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":107,"downloaded":127,"rating":128,"num_ratings":129,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":93,"tags":133,"homepage":137,"download_link":138,"security_score":98,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"tw-recent-posts-widget","TW Recent Posts Widget","1.0.5","tweetysha","https:\u002F\u002Fprofiles.wordpress.org\u002Ftweetysha\u002F","\u003Cp>TW Recent Posts Widget is advanced version of the WordPress Recent Posts widget allowing increased customization to display recent posts from category you define.\u003C\u002Fp>\n\u003Cp>Output will depend on your settings, and you may define to set post title, post date, featured image and post excerpt.\u003C\u002Fp>\n\u003Cp>If you set to display featured image, than you will be able to define image width and height in px.\u003C\u002Fp>\n\u003Cp>If you set to display excerpt, than you will be able to define how many characters to print and also you may add custom \u003Ccode>read more\u003C\u002Fcode> text.\u003C\u002Fp>\n","A simple and flexible widget for WordPress which will show recent posts from selected category allowing increased customization to display recent post &hellip;",69153,88,15,"2017-11-28T16:18:00.000Z","4.4.34","3.0",[134,135,21,24,136],"advanced-recent-posts","advanced-recent-posts-widget","recent-posts-widget","http:\u002F\u002Fvuckovic.biz\u002Fwordpress-plugins\u002Ftw-recent-posts-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftw-recent-posts-widget.zip",{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":147,"downloaded":148,"rating":13,"num_ratings":28,"last_updated":149,"tested_up_to":150,"requires_at_least":151,"requires_php":93,"tags":152,"homepage":154,"download_link":155,"security_score":98,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"recent-posts-widget-plus","Recent Posts Widget Plus","1.2.1","Johan van der Wijk","https:\u002F\u002Fprofiles.wordpress.org\u002Fvanderwijk\u002F","\u003Cp>The Recent Posts Widget Plus plugin allows you to display a list of the most recent posts from all or a specific category or tag. It not only shows the post title, but also an excerpt of the post.\u003C\u002Fp>\n","This plugin allows you to display the most recent posts with an excerpt in a WordPress sidebar widget area.",600,28667,"2023-10-30T15:07:00.000Z","6.4.8","2.9.3",[22,153,24,95,96],"recent-post","http:\u002F\u002Fvanderwijk.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecent-posts-widget-plus.1.2.1.zip",{"attackSurface":157,"codeSignals":197,"taintFlows":305,"riskAssessment":306,"analyzedAt":318},{"hooks":158,"ajaxHandlers":190,"restRoutes":191,"shortcodes":192,"cronEvents":196,"entryPointCount":28,"unprotectedCount":29},[159,165,170,175,179,183,187],{"type":160,"name":161,"callback":162,"file":163,"line":164},"action","redux\u002Fplugin\u002Fhooks","remove_demo","inc\\config.php",29,{"type":160,"name":166,"callback":167,"file":168,"line":169},"widgets_init","register_ppc_widget","inc\\widget.php",269,{"type":160,"name":171,"callback":172,"file":173,"line":174},"init","load_textdomain","wp-postspercat.php",49,{"type":160,"name":171,"callback":176,"priority":177,"file":173,"line":178},"settings_init",900,53,{"type":160,"name":180,"callback":181,"file":173,"line":182},"ppc","echo_shortcode",63,{"type":160,"name":184,"callback":185,"file":173,"line":186},"wp_enqueue_scripts","enqueue_scripts",68,{"type":160,"name":188,"callback":189,"file":173,"line":27},"admin_notices","admin_notice",[],[],[193],{"tag":180,"callback":194,"file":173,"line":195},"shortcode",66,[],{"dangerousFunctions":198,"sqlUsage":199,"outputEscaping":201,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":304},[],{"prepared":29,"raw":29,"locations":200},[],{"escaped":202,"rawEcho":186,"locations":203},25,[204,207,209,210,211,212,213,215,216,218,219,221,222,224,225,227,228,229,231,233,234,236,237,238,240,241,242,244,245,246,248,249,251,253,254,256,258,259,261,262,264,265,267,268,269,271,272,273,275,276,277,279,281,282,284,285,286,288,289,291,292,293,295,296,298,300,301,303],{"file":168,"line":205,"context":206},54,"raw output",{"file":168,"line":208,"context":206},58,{"file":168,"line":65,"context":206},{"file":168,"line":50,"context":206},{"file":168,"line":50,"context":206},{"file":168,"line":88,"context":206},{"file":168,"line":214,"context":206},95,{"file":168,"line":214,"context":206},{"file":168,"line":217,"context":206},106,{"file":168,"line":217,"context":206},{"file":168,"line":220,"context":206},111,{"file":168,"line":220,"context":206},{"file":168,"line":223,"context":206},116,{"file":168,"line":223,"context":206},{"file":168,"line":226,"context":206},120,{"file":168,"line":226,"context":206},{"file":168,"line":226,"context":206},{"file":168,"line":230,"context":206},124,{"file":168,"line":232,"context":206},125,{"file":168,"line":232,"context":206},{"file":168,"line":235,"context":206},133,{"file":168,"line":235,"context":206},{"file":168,"line":235,"context":206},{"file":168,"line":239,"context":206},137,{"file":168,"line":239,"context":206},{"file":168,"line":239,"context":206},{"file":168,"line":243,"context":206},141,{"file":168,"line":243,"context":206},{"file":168,"line":243,"context":206},{"file":168,"line":247,"context":206},146,{"file":168,"line":247,"context":206},{"file":168,"line":250,"context":206},152,{"file":168,"line":252,"context":206},153,{"file":168,"line":252,"context":206},{"file":168,"line":255,"context":206},166,{"file":168,"line":257,"context":206},167,{"file":168,"line":257,"context":206},{"file":168,"line":260,"context":206},174,{"file":168,"line":260,"context":206},{"file":168,"line":263,"context":206},179,{"file":168,"line":263,"context":206},{"file":168,"line":266,"context":206},183,{"file":168,"line":266,"context":206},{"file":168,"line":266,"context":206},{"file":168,"line":270,"context":206},187,{"file":168,"line":270,"context":206},{"file":168,"line":270,"context":206},{"file":168,"line":274,"context":206},191,{"file":168,"line":274,"context":206},{"file":168,"line":274,"context":206},{"file":168,"line":278,"context":206},196,{"file":168,"line":280,"context":206},197,{"file":168,"line":280,"context":206},{"file":168,"line":283,"context":206},205,{"file":168,"line":283,"context":206},{"file":168,"line":283,"context":206},{"file":168,"line":287,"context":206},210,{"file":168,"line":287,"context":206},{"file":168,"line":290,"context":206},213,{"file":168,"line":290,"context":206},{"file":168,"line":290,"context":206},{"file":168,"line":294,"context":206},217,{"file":168,"line":294,"context":206},{"file":168,"line":297,"context":206},222,{"file":168,"line":299,"context":206},223,{"file":168,"line":299,"context":206},{"file":173,"line":302,"context":206},104,{"file":173,"line":226,"context":206},[],[],{"summary":307,"deductions":308},"The 'posts-per-cat' plugin version 1.5.0 exhibits a mixed security posture. On the positive side, the code analysis reveals no direct SQL injection vulnerabilities due to the exclusive use of prepared statements and a lack of file operations or external HTTP requests. Furthermore, there are no reported critical or high-severity vulnerabilities in its history. The limited attack surface, with only one shortcode and no unprotected AJAX handlers or REST API routes, is also a positive indicator.\n\nHowever, significant concerns arise from the output escaping. With 93 outputs and only 27% properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This is further compounded by the presence of a past medium-severity XSS vulnerability in the plugin's history, suggesting a recurring weakness in input sanitization and output encoding. The complete absence of nonce and capability checks, while not directly flagged in the static analysis as an entry point issue, leaves functionalities exposed if they were to become accessible through other means or future modifications, and it's a notable deviation from standard WordPress security practices.\n\nIn conclusion, while the plugin avoids common pitfalls like raw SQL and direct code execution through dangerous functions, the poor output escaping and history of XSS vulnerabilities present a significant risk. Users should be aware that improper output handling could lead to XSS attacks. The lack of explicit authentication checks on its single entry point (shortcode) and the historical trend of XSS vulnerabilities warrant caution.",[309,311,313,316],{"reason":310,"points":14},"High percentage of improperly escaped output",{"reason":312,"points":14},"Medium severity XSS vulnerability in history",{"reason":314,"points":315},"Missing nonce checks",5,{"reason":317,"points":315},"Missing capability checks","2026-03-16T20:00:00.495Z",{"wat":320,"direct":328},{"assetPaths":321,"generatorPatterns":325,"scriptPaths":326,"versionParams":327},[322,323,324],"\u002Fwp-content\u002Fplugins\u002Fposts-per-cat\u002Finc\u002Fwidget.php","\u002Fwp-content\u002Fplugins\u002Fposts-per-cat\u002Finc\u002Ftools.php","\u002Fwp-content\u002Fplugins\u002Fposts-per-cat\u002Finc\u002Fconfig.php",[],[],[],{"cssClasses":329,"htmlComments":330,"htmlAttributes":359,"restEndpoints":360,"jsGlobals":361,"shortcodeOutput":362},[],[331,332,333,334,335,336,337,338,339,340,341,342,343,344,345,346,347,348,349,350,351,352,353,354,355,356,357,358],"\u003C!-- WP Posts per Cat list titles of recent posts in boxes for all single categories -->","\u003C!-- Copyright (C) 2009-2025 Aleksandar Urošević \u003Curke.kg@gmail.com> -->","\u003C!-- This program is free software: you can redistribute it and\u002For modify -->","\u003C!-- it under the terms of the GNU General Public License as published by -->","\u003C!-- the Free Software Foundation, either version 3 of the License, or -->","\u003C!-- (at your option) any later version. -->","\u003C!-- This program is distributed in the hope that it will be useful, -->","\u003C!-- but WITHOUT ANY WARRANTY; without even the implied warranty of -->","\u003C!-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the -->","\u003C!-- GNU General Public License for more details. -->","\u003C!-- You should have received a copy of the GNU General Public License -->","\u003C!-- along with this program.  If not, see \u003Chttp:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F>. -->","\u003C!-- Init textdomain for localisation -->","\u003C!-- Initialize Plugin Settings Magic -->","\u003C!-- Load tool functions -->","\u003C!-- Load widget definition -->","\u003C!-- Add 'ppc' action -->","\u003C!-- Add 'ppc' shortcode -->","\u003C!-- Load Redux Framework -->","\u003C!-- Add Settings link on Plugins page if Redux is installed -->","\u003C!-- Load Settings Page configuration -->","\u003C!-- Add admin notice for Redux Framework -->","\u003C!-- Get global plugin options -->","\u003C!-- Deal with placebo category from ReduxFramework -->","\u003C!-- Prepare shortcode attributes -->","\u003C!-- Define valid values for custom sanizization -->","\u003C!-- Sanitize shortcode values -->","\u003C!-- Define thumbnail size -->",[],[],[],[363],"[ppc]"]