[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxRU-4PDulmmIP4M2Lp31WoRwzq3lLmp_Ne-BGku5OgY":3,"$fuqfpP0iKo0tbIg04lCy4JVp6a6EfTeuq1XkiTNKmA-4":221,"$fZh7pEPqvNIowDk6ddXMGa1_uG_958Za6l_PlLEFDrNI":226},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":36,"analysis":129,"fingerprints":203},"query-slideshow","Query Slideshow","1.2","Jonathan Daggerhart","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaggerhart\u002F","\u003Cp>\u003Cstrong>Requires \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fquery-wrangler\u002F\" title=\"Query Wrangler\" rel=\"ugc\">Query Wrangler\u003C\u002Fa> version 1.5+.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When editing a query, this creates ‘Slideshow’ as a Template Style, using jquery.cycle.\u003C\u002Fp>\n","Query Slideshow is a plugin that adds 'Slideshow' as a Template Style for Query Wrangler.",10,2597,0,"2014-09-05T14:11:00.000Z","4.0.38","3","",[19,20,21],"query","query-wrangler","slideshow","http:\u002F\u002Fwww.daggerhart.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquery-slideshow.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":24,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"daggerhart",5,10920,331,69,"2026-05-20T02:03:02.941Z",[37,57,74,92,107],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":55,"download_link":56,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-cycle","WP-Cycle","0.1.13","Nathan Rice","https:\u002F\u002Fprofiles.wordpress.org\u002Fnathanrice\u002F","\u003Cp>The WP-Cycle plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow of the images.\u003C\u002Fp>\n\u003Cp>Each image can also be given a URL which, when the image is active in the slideshow, will be used as an anchor wrapper around the image, turning the image into a link to the URL you specified.  The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>Images can also be deleted via the plugins Administration page.\u003C\u002Fp>\n","This plugin creates an image slideshow in your theme, using the jQuery Cycle plugin. You can upload\u002Fdelete images via the administration panel, and di &hellip;",3000,235562,72,12,"2012-08-15T03:09:00.000Z","3.4.2","3.0",[53,54,21],"images","jquery-cycle","http:\u002F\u002Fwww.nathanrice.net\u002Fplugins\u002Fwp-cycle\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-cycle.0.1.13.zip",{"slug":21,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":51,"requires_php":17,"tags":68,"homepage":72,"download_link":73,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"Slideshow","0.1","Justin Tadlock","https:\u002F\u002Fprofiles.wordpress.org\u002Fgreenshady\u002F","\u003Cp>The Slideshow plugin gives you a shortcode called \u003Ccode>[slideshow]\u003C\u002Fcode>, which pulls any image attachments for a post (or any post type) and formats them into a nicely-designed slideshow.\u003C\u002Fp>\n\u003Cp>The Slideshow plugin was originally developed as a feature of the \u003Ca href=\"http:\u002F\u002Fdevpress.com\u002Fthemes\u002Fnews\" title=\"News WordPress theme\" rel=\"nofollow ugc\">News theme\u003C\u002Fa> (if you’re using that theme, please don’t install this plugin).  Realizing that users sometimes switch themes, we wanted to give those users a way to continue using their slideshows with other themes.  This also allows us to make the slideshow feature something that anyone can use, even if they’re not using one of our themes.\u003C\u002Fp>\n","A shortcode for displaying a slideshow of image attachments for a post.",1000,110878,"2017-11-28T14:07:00.000Z","3.0.5",[69,70,71,21],"javascript","jquery","shortcode","http:\u002F\u002Fdevpress.com\u002Fplugins\u002Fslideshow","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fslideshow.0.1.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":13,"num_ratings":13,"last_updated":84,"tested_up_to":85,"requires_at_least":51,"requires_php":17,"tags":86,"homepage":90,"download_link":91,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"all-in-one-slideshow","All-In-One Slideshow","1.3.3","wptom","https:\u002F\u002Fprofiles.wordpress.org\u002Fhellysium\u002F","\u003Cp>You can combine 27 transition and 8 easing effects! The plugin comes with package of 8 cufon fonts. You can easlily add new fonts. Choose between arrow and numbered navigation. Or use both at once. Try out how easy it is to customize this slideshow gallery without knowledge of programming.\u003Cbr \u002F>\n Please, go to the \u003Ca href=\"http:\u002F\u002Flizatom.com\u002Fwordpress-plugin\u002Fall-in-one-slideshow\u002F\" rel=\"nofollow ugc\">All-In-One Slideshow\u003C\u002Fa>‘s page to get more info.\u003C\u002Fp>\n\u003Ch3>Contributors\u002FChangelog\u003C\u002Fh3>\n\u003Cpre>\u003Ccode> Version   Date       Changes\n\n 1.0.0     2010\u002F11\u002F29 Initial release\n 1.1.0     2010\u002F11\u002F29 minor fix\n 1.2.0     2010\u002F12\u002F01 conflict with custom menus solved.\n 1.2.1     2010\u002F12\u002F02 identifier #nav changed to #aio-nav, added upload tutorial, fixed 'settings link'. I apologize for the 3rd update in 3 days but I just want all users to be satisfied with the plugin. thank you!\n 1.3.0     2011\u002F02\u002F02 one more save button, option to load scripts\u002Fstyles only when you need them\n 1.3.1     bug fix for 1.3.0\n 1.3.2     cufon-yui 1.09i, minor changes, tested on WordPress 3.3\n 1.3.3     minor changes\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Thanks to all who sent bug reports and ideas for\u003Cbr \u002F>\nimprovements.\u003C\u002Fp>\n","All-In-One Slideshow plugin implements jCycle, Easing and Cufon scripts into the highly customizable slideshow gallery.",100,40412,"2012-02-05T14:42:00.000Z","3.3.2",[87,88,89,54,21],"easing","gallery","jcycle","http:\u002F\u002Flizatom.com\u002Fwordpress-plugin\u002Fall-in-one-slideshow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fall-in-one-slideshow.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":82,"downloaded":100,"rating":82,"num_ratings":101,"last_updated":102,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":103,"homepage":105,"download_link":106,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-cycle-plus-captions","WP-Cycle Plus Captions","0.4.5","Snub_Fighter","https:\u002F\u002Fprofiles.wordpress.org\u002Ftech-squawkers\u002F","\u003Cp>The WP-Cycle Plus Captions plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow.\u003C\u002Fp>\n\u003Cp>Each image can be given a URL, the active image will then work just like your basic text link. The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>New!\u003C\u002Fp>\n\u003Cp>Now each image can now be assigned a caption. Each caption will display below its parent image as they rotate.\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch4>Internet Explorer Display issue\u003C\u002Fh4>\n\u003Cp>Images may appear blank or hidden. Check your themes style sheet for IMG { max-width:100%; } and comment or remove it.\u003C\u002Fp>\n\u003Ch3>WP-Cycle Changelog\u003C\u002Fh3>\n\u003Ch4>0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Initial Release\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added automatic defaults database insertion\u003C\u002Fli>\n\u003Cli>Added [wp_cycle] shortcode\u003C\u002Fli>\n\u003Cli>Buggy release, ended up reverting to 0.1\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Unreleased version, used for testing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added stable [wp_cycle] shortcode\u003C\u002Fli>\n\u003Cli>Added transition duration control to settings\u003C\u002Fli>\n\u003Cli>Added transition delay control to settings\u003C\u002Fli>\n\u003Cli>Added new options to the defaults array (for filtering)\u003C\u002Fli>\n\u003Cli>Changed some wording in the settings\u003C\u002Fli>\n\u003Cli>Upgraded jQuery Cycle plugin from 2.63 to 2.65\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added empty alt tag to images to pass vaidation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.5\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed the error that got produced when trying to loop through a non-array variable (duh!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.6\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed the shortcode positioning problem\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.7\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Upgraded jQuery Cycle plugin from 2.65 to 2.81\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.8\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added \u003Ccode>position: relative;\u003C\u002Fcode> to the slideshow div\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.9\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Moved script and args to the \u003Ccode>wp_footer\u003C\u002Fcode> hook\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.10\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed minor bug from 0.1.9\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.11\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Moved WP-Cycle menu location from “Plugins” to “Media”\u003C\u002Fli>\n\u003Cli>Updated the menu registration to comply with new roles methodology.\u003C\u002Fli>\n\u003Cli>Added “Settings” link on plugins page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.12\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Updated jQuery Cycle plugin to 2.99\u003C\u002Fli>\n\u003C\u002Ful>\n","The WP-Cycle Plus Captions plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow.",8676,3,"2013-02-06T19:26:00.000Z",[104,53,54,21],"captions","http:\u002F\u002Fwww.tech-squawkers.com\u002Fwp-cycle-plus-captions\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-cycle-plus-captions.0.4.5.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":118,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":17,"tags":122,"homepage":127,"download_link":128,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"simple-content-slider","Simple Content Slider \u002F Slideshow","1.0.2","Arthur Ronconi","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebarthur\u002F","\u003Cp>A responsive content slider and slideshow plug-in for jQuery with features like touch and CSS3 transitions.\u003C\u002Fp>\n\u003Cp>This is an essential plugin for your WordPress websites:\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Responsive slideshow\u003C\u002Fli>\n\u003Cli>Content slides (images, texts, videos, etc)\u003C\u002Fli>\n\u003Cli>Slide or Fade effect\u003C\u002Fli>\n\u003Cli>Uses SlidesJS 3.0\u003C\u002Fli>\n\u003Cli>Each slide is a post type\u003C\u002Fli>\n\u003Cli>Shortcode makes it easy\u003C\u002Fli>\n\u003Cli>Function the_slideshow() can be used in hardcode\u003C\u002Fli>\n\u003Cli>Exemple: the_slideshow(“cat=10”);\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Showcase\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Facademiaciadocorpo.net\u002F\" rel=\"nofollow ugc\">academiaciadocorpo.net\u003C\u002Fa> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>“Simplicity is the ultimate sophistication” — Da Vinci\u003C\u002Fp>\n\u003Cp>Visit: http:\u002F\u002Faraujo.cc\u002F\u003C\u002Fp>\n","A simple and responsive content slider and slideshow plug-in for jQuery with features like touch and CSS3 transitions.",90,13289,56,4,"2016-07-15T04:51:00.000Z","4.5.33","4.5.3",[123,124,125,21,126],"jquery-slider","slide","slider","slidesjs","http:\u002F\u002Faraujo.cc\u002Fportfolio\u002Fsimple-content-slider-slideshow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-content-slider.1.0.2.zip",{"attackSurface":130,"codeSignals":156,"taintFlows":191,"riskAssessment":192,"analyzedAt":202},{"hooks":131,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":13,"unprotectedCount":13},[132,139,144,148],{"type":133,"name":134,"callback":135,"priority":136,"file":137,"line":138},"filter","qw_styles","query_slideshow_styles",20,"query-slideshow.php",45,{"type":140,"name":141,"callback":142,"file":137,"line":143},"action","qw_pre_render","query_slideshow_pre_render",68,{"type":140,"name":145,"callback":146,"file":137,"line":147},"qw_pre_preview","query_slideshow_preview",79,{"type":140,"name":149,"callback":150,"file":137,"line":151},"qw_pre_save","query_slideshow_pre_save",87,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":190},[],{"prepared":13,"raw":13,"locations":159},[],{"escaped":13,"rawEcho":161,"locations":162},15,[163,166,168,169,171,173,175,177,178,179,182,183,185,186,188],{"file":137,"line":164,"context":165},75,"raw output",{"file":137,"line":167,"context":165},98,{"file":137,"line":82,"context":165},{"file":137,"line":170,"context":165},108,{"file":137,"line":172,"context":165},110,{"file":137,"line":174,"context":165},117,{"file":137,"line":176,"context":165},137,{"file":137,"line":176,"context":165},{"file":137,"line":176,"context":165},{"file":180,"line":181,"context":165},"templates\u002Fquery-slideshow.php",14,{"file":180,"line":181,"context":165},{"file":180,"line":184,"context":165},17,{"file":180,"line":136,"context":165},{"file":180,"line":187,"context":165},25,{"file":180,"line":189,"context":165},26,[],[],{"summary":193,"deductions":194},"Based on the provided static analysis and vulnerability history, the \"query-slideshow\" v1.2 plugin exhibits a concerning security posture, primarily due to a lack of output escaping and a complete absence of capability checks and nonce verification. While the plugin boasts zero AJAX handlers, REST API routes, shortcodes, or cron events as direct entry points and all SQL queries utilize prepared statements, the lack of output escaping presents a significant risk. This means that any data displayed to users, if it originates from an untrusted source or is manipulated by an attacker, could be rendered without proper sanitization, potentially leading to cross-site scripting (XSS) vulnerabilities. The absence of capability and nonce checks on any potential, albeit undiscovered, entry points is also a red flag. The plugin's vulnerability history is clean, with no known CVEs, which is a positive sign. However, this might be more indicative of limited security research on this specific plugin rather than inherent robustness, especially given the identified code weaknesses. In conclusion, while the plugin has avoided publicly known vulnerabilities and uses secure SQL practices, the critical oversight in output escaping and the missing security controls on potential entry points create a substantial risk that requires immediate attention.",[195,198,200],{"reason":196,"points":197},"Output escaping: 0% properly escaped",8,{"reason":199,"points":31},"Nonce checks: 0",{"reason":201,"points":31},"Capability checks: 0","2026-04-16T12:31:56.703Z",{"wat":204,"direct":210},{"assetPaths":205,"generatorPatterns":207,"scriptPaths":208,"versionParams":209},[206],"\u002Fwp-content\u002Fplugins\u002Fquery-slideshow\u002Fjs\u002Fjquery.cycle.all.js",[],[206],[],{"cssClasses":211,"htmlComments":213,"htmlAttributes":214,"restEndpoints":218,"jsGlobals":219,"shortcodeOutput":220},[212],"qw-label",[],[215,216,217],"name=\"[display][speed]\"","name=\"[display][timeout]\"","name=\"[display][fx]\"",[],[],[],{"error":222,"url":223,"statusCode":224,"statusMessage":225,"message":225},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fquery-slideshow\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":227},[]]