[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fQO0GfHp9TdoZrT0z7TwM09rMn39_SbtreKl-YNtJOtE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":42,"crawl_stats":33,"alternatives":45,"analysis":165,"fingerprints":192},"ragic-shortcode","Ragic Shortcode","1.3","ragicsupport","https:\u002F\u002Fprofiles.wordpress.org\u002Fragicsupport\u002F","\u003Cp>Allows the use of a special shortcode for embedding Ragic forms.\u003Cbr \u002F>\nWe suggest that the shortcode is grabbed from Ragic’s Web Embed feature.\u003Cbr \u002F>\nYour shortcode would need to follow the Ragic standard format.\u003C\u002Fp>\n\u003Cp>Example:\u003Cbr \u002F>\n[ragic ragic_url=”https:\u002F\u002Fwww.ragic.com\u002Fexample\u002Fpage\u002F1″ ragic_feature=”form”]\u003C\u002Fp>\n","Allows the use of a special shortcode for embedding Ragic forms.",80,3356,0,"2024-11-22T01:58:00.000Z","6.2.9","2.6","",[19,20,21],"embed-form","ragic","shortcode","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fragic-shortcode.1.3.zip",91,1,"2024-11-27 00:00:00","2026-03-15T15:16:48.613Z",[28],{"id":29,"url_slug":30,"title":31,"description":32,"plugin_slug":4,"theme_slug":33,"affected_versions":34,"patched_in_version":6,"severity":35,"cvss_score":36,"cvss_vector":37,"vuln_type":38,"published_date":25,"updated_date":39,"references":40,"days_to_patch":24},"CVE-2024-11431","ragic-shortcode-authenticated-contributor-stored-cross-site-scripting","Ragic Shortcode \u003C= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Ragic Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ragic' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.2","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-11-28 08:47:31",[41],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4afa0148-ad08-493d-9642-0edbde5e8349?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":24,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":24,"trust_score":43,"computed_at":44},94,"2026-04-04T07:26:23.805Z",[46,72,97,120,142],{"slug":47,"name":48,"version":49,"author":50,"author_profile":51,"description":52,"short_description":53,"active_installs":54,"downloaded":55,"rating":56,"num_ratings":57,"last_updated":58,"tested_up_to":59,"requires_at_least":60,"requires_php":61,"tags":62,"homepage":67,"download_link":68,"security_score":69,"vuln_count":70,"unpatched_count":13,"last_vuln_date":71,"fetched_at":26},"shortcodes-ultimate","WP Shortcodes Plugin — Shortcodes Ultimate","7.4.9","Vova","https:\u002F\u002Fprofiles.wordpress.org\u002Fgn_themes\u002F","\u003Ch3>SHORTCODES ULIMATE – THE #1 SHORTCODES PLUGIN\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=description\" rel=\"nofollow ugc\">Shortcodes Ultimate\u003C\u002Fa> is a huge collection of useful elements, that you can use in the post editor, text widgets or even in template files.\u003C\u002Fp>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F507942335\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fdocs-category\u002Fshortcodes\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=features\" rel=\"nofollow ugc\">Over 50 gorgeous shortcodes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Insert shortcodes in 1 click with Live Preview\u003C\u002Fli>\n\u003Cli>Supports the Block Editor\u003C\u002Fli>\n\u003Cli>Seamlessly integrates with your theme\u003C\u002Fli>\n\u003Cli>Looks great on mobile devices\u003C\u002Fli>\n\u003Cli>Custom CSS editor is included\u003C\u002Fli>\n\u003Cli>Developer-friendly with plenty of hooks and extensive documentation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Included shortcodes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Posts\u003C\u002Fstrong> – allows you to show specific posts anywhere\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accordion\u003C\u002Fstrong> – simple toggle block to show\u002Fhide your content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Button\u003C\u002Fstrong> – highly-customizable button with multiple styles\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightbox\u003C\u002Fstrong> – a lightbox that you can use with virtually any element\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Carousel\u003C\u002Fstrong> – beautiful super-customizable image carousel\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Columns\u003C\u002Fstrong> – must-have tool for creating layouts\u003C\u002Fli>\n\u003Cli>And many more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get Help\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fdocs\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=links-docs\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fshortcodes-ultimate\" rel=\"ugc\">Community Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fsupport\u002Fopen-support-ticket\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=links-support\" rel=\"nofollow ugc\">The Pro Support\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TRY THE PRO VERSION FOR FREE\u003C\u002Fh3>\n\u003Cp>Try Shortcodes Ultimate Pro risk-free for 30 days. You are fully protected by our no questions asked refund policy!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fpricing\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=try-pro\" rel=\"nofollow ugc\">Upgrade to Pro\u003C\u002Fa>\u003C\u002Fp>\n","A comprehensive collection of visual components for your site",400000,24545518,98,5917,"2026-02-02T16:19:00.000Z","6.9.4","5.0","5.4",[63,64,65,21,66],"carousel","columns","posts","toggle","https:\u002F\u002Fgetshortcodes.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcodes-ultimate.7.4.9.zip",88,32,"2025-11-23 10:11:05",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":82,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":17,"tags":87,"homepage":92,"download_link":93,"security_score":94,"vuln_count":95,"unpatched_count":13,"last_vuln_date":96,"fetched_at":26},"mw-wp-form","MW WP Form","5.1.0","Takashi Kitajima","https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\u002F","\u003Cp>\u003Cstrong>This plugin currently has only the minimum required maintenance releases.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Main maintainer has been handed over from @inc2734 to @websoudan.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MW WP Form can create mail form with a confirmation screen using shortcode.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Form created using shortcodes\u003C\u002Fli>\n\u003Cli>Using confirmation page is possible.\u003C\u002Fli>\n\u003Cli>The page changes by the same URL or individual URL are possible.\u003C\u002Fli>\n\u003Cli>Many validation rules\u003C\u002Fli>\n\u003Cli>Saving inquiry data is possible.\u003C\u002Fli>\n\u003Cli>Displaying Chart using saved inquiry data is possible.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Official\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fmw-wp-form.web-soudan.co.jp\u003C\u002Fp>\n\u003Ch4>GitHub\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fweb-soudan\u002Fmw-wp-form\u003C\u002Fp>\n\u003Ch4>The following third-party resources\u003C\u002Fh4>\n\u003Cp>Google Charts\u003Cbr \u002F>\nSource: https:\u002F\u002Fdevelopers.google.com\u002Fchart\u002F\u003C\u002Fp>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F2inc.org\" rel=\"nofollow ugc\">Takashi Kitajima\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\" rel=\"nofollow ugc\">inc2734\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwebcre-archive.com\" rel=\"nofollow ugc\">Ryujiro Yamamoto\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fryu263\" rel=\"nofollow ugc\">ryu263\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fkee-non.com\" rel=\"nofollow ugc\">Tsujimoto Tomoyuki\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ftomothumb\" rel=\"nofollow ugc\">tomothumb\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>[Naoyuki Ohata] ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnanniku\" rel=\"nofollow ugc\">nanniku\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmt8.biz\u002F\" rel=\"nofollow ugc\">Kazuto Takeshita\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmt8biz\u002F\" rel=\"nofollow ugc\">moto hachi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.next-season.net\u002F\" rel=\"nofollow ugc\">Atsushi Ando\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnext-season\u002F\" rel=\"nofollow ugc\">NExt-Season\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvisualive.jp\u002F\" rel=\"nofollow ugc\">Kazuki Tomiyasu\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fkuck1u\u002F\" rel=\"nofollow ugc\">KUCKLU\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmypacecreator.net\u002F\" rel=\"nofollow ugc\">Kei Nomura\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmypacecreator\u002F\" rel=\"nofollow ugc\">mypacecreator\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmh35\" rel=\"nofollow ugc\">mh35\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnojimage\" rel=\"nofollow ugc\">Takashi Nojima\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fherikutu\" rel=\"nofollow ugc\">herikutu\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftsucharoku\" rel=\"nofollow ugc\">tsucharoku\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ft-hamano\" rel=\"nofollow ugc\">Tetsuaki Hamano\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwildworks\u002F\" rel=\"nofollow ugc\">t-hamano\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmusus\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmusus\u002F\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flikr\" rel=\"nofollow ugc\">Yosuke Onoue\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Flikr\u002F\" rel=\"nofollow ugc\">likr\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fyudai524\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fyudai524\u002F\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnoldorinfo\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnoldorinfo\u002F\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> )\u003C\u002Fli>\n\u003C\u002Ful>\n","MW WP Form is shortcode base contact form plugin. This plugin have many features. For example you can use many validation rules, inquiry data saving,  &hellip;",200000,1771027,86,22,"2024-03-13T02:48:00.000Z","6.4.8","6.0",[88,89,90,91,21],"confirm","form","mail","preview","https:\u002F\u002Fmw-wp-form.web-soudan.co.jp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmw-wp-form.5.1.0.zip",81,5,"2024-01-31 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":56,"num_ratings":107,"last_updated":108,"tested_up_to":59,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":116,"download_link":117,"security_score":56,"vuln_count":118,"unpatched_count":13,"last_vuln_date":119,"fetched_at":26},"shortcoder","Shortcoder — Create Shortcodes for Anything","6.5.2","vaakash","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaakash\u002F","\u003Cp>Shortcoder plugin allows to create a custom shortcodes for HTML, JavaScript, CSS and other code snippets. Now the shortcodes can be used in posts\u002Fpages and the snippet will be replaced in place.\u003C\u002Fp>\n\u003Ch3>✍ Create shortcodes easily\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Give a name for the shortcode\u003C\u002Fli>\n\u003Cli>Paste the HTML\u002FJavaScript\u002FCSS as shortcode content\u003C\u002Fli>\n\u003Cli>Save !\u003C\u002Fli>\n\u003Cli>Now insert the shortcode \u003Ccode>[sc name=\"my_shortcode\"]\u003C\u002Fcode> in your post\u002Fpage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Voila !\u003C\u002Fstrong> You got the HTML\u002FJavascript\u002FCSS in your post.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>✨ Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create \u003Cstrong>custom shortcodes\u003C\u002Fstrong> easily and use them in any place where shortcode is supported.\u003C\u002Fli>\n\u003Cli>Have any \u003Cstrong>HTML\u003C\u002Fstrong>, \u003Cstrong>Javascript\u003C\u002Fstrong>, \u003Cstrong>CSS\u003C\u002Fstrong> as Shortcode content.\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>Custom parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>WordPress parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Multiple editors: Code, Visual and text modes.\u003C\u002Fli>\n\u003Cli>Globally disable the shortcode when not needed.\u003C\u002Fli>\n\u003Cli>Disable shortcode on desktop, mobile devices.\u003C\u002Fli>\n\u003Cli>A button in post editor to pick the shortcodes to insert.\u003C\u002Fli>\n\u003Cli>Execute blocks HTML in shortcode content.\u003C\u002Fli>\n\u003Cli>Insert shortcodes in Gutenberg\u002Fblock editor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎲 An example usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Create a shortcode named “adsenseAd” in the Shortcoder admin page.\u003C\u002Fli>\n\u003Cli>Paste the adsense code in the box given and save it.\u003C\u002Fli>\n\u003Cli>Use \u003Ccode>[sc name=\"adsenseAd\"]\u003C\u002Fcode> in your posts and pages.\u003C\u002Fli>\n\u003Cli>Tada !!! the ad code is replaced and it appears in the post.\u003C\u002Fli>\n\u003Cli>Now you can edit the ad code at one place and the code is updated in all the locations where the shortcode is used.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Similarly shortcodes can be created for frequently used snippets.\u003C\u002Fp>\n\u003Cp>You can also add \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">custom parameters\u003C\u002Fa> (like \u003Ccode>%%id%%\u003C\u002Fcode>) inside the snippets, and change it’s value like \u003Ccode>[sc name=\"youtube\" id=\"GrlRADfvjII\"]\u003C\u002Fcode> when using them.\u003C\u002Fp>\n\u003Ch3>🧱 Using in block editor\u003C\u002Fh3>\n\u003Cp>Though shortcodes can be used in \u003Cstrong>any\u003C\u002Fstrong> place manually, Shortcoder provides below options to select and insert the shortcodes created easily when working with the block editor.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shortcoder block\u003C\u002Fli>\n\u003Cli>Toolbar button to select and insert shortcodes inline (under “more”)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Upgrade to PRO\u003C\u002Fh3>\n\u003Cp>Shortcoder also provides a \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa> which has additional features to further enhance the experience. Below features are offered in the PRO version.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom editor\u003C\u002Fstrong> – Edit Shortcode content using block editor or page builder plugins like Elementor and WPBakery.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>(New) Translation with WPML\u003C\u002Fstrong> – Translate Shortcode content with WPML.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Revisions\u003C\u002Fstrong> – Revisions support for Shortcode content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Locate shortcode\u003C\u002Fstrong> – Search posts and pages where a shortcode is used.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extra code\u003C\u002Fstrong> – Include extra code to the footer when a shortcode is used in a page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Get started with Shortcoder – PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fforum\u002F\" rel=\"nofollow ugc\">Support forum\u002FReport bugs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F#pro\" rel=\"nofollow ugc\">PRO features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Create custom \"Shortcodes\" easily for HTML, JavaScript, CSS code snippets and use the shortcodes within posts, pages & widgets",100000,1888190,225,"2026-03-01T17:44:00.000Z","4.9.0","5.3",[112,113,114,21,115],"code","html","javascript","snippets","https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcoder.6.5.2.zip",2,"2026-01-09 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":17,"tags":135,"homepage":139,"download_link":140,"security_score":141,"vuln_count":13,"unpatched_count":13,"last_vuln_date":33,"fetched_at":26},"display-posts-shortcode","Display Posts – Easy lists, grids, navigation, and more","3.0.3","Bill Erickson","https:\u002F\u002Fprofiles.wordpress.org\u002Fbillerickson\u002F","\u003Cp>Display Posts allows you easily list content from all across your website. Start by adding this shortcode in the content editor to display a list of your most recent posts:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[display-posts]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Filter by Category\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>To only show posts within a certain category, use the category parameter:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[display-posts category=\"news\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Display as Post Grid\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can create a great looking, column-based grid of posts with a bit of styling. \u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002F2019\u002F01\u002F04\u002Fpost-grid-styling\u002F\" rel=\"nofollow ugc\">Here’s how!\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>List Popular Posts\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can highlight your popular content in multiple ways. If you want to feature the posts with the most comments, use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[display-posts orderby=\"comment_count\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also list \u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002F2019\u002F01\u002F04\u002Fmost-popular-posts-by-social-shares\u002F\" rel=\"nofollow ugc\">most popular posts by social shares\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Include thumbnails, excerpts, and more\u003C\u002Fstrong>\u003Cbr \u002F>\nThe \u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002Fdocs\u002Fparameters\u002F#display-parameters\" rel=\"nofollow ugc\">display parameters\u003C\u002Fa> let you control what information is displayed for each post. To include an image and summary, use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[display-posts include_excerpt=\"true\" image_size=\"thumbnail\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can use any image size added by WordPress (thumbnail, medium, medium_large, large) OR any custom image size added by your theme or other plugins.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Sort the list however you like\u003C\u002Fstrong>\u003Cbr \u002F>\nBy default the listing will list the newest content first, but you can order by title, menu order, relevance, content type, metadata, and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>List upcoming events\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can easily list upcoming events from any event calendar. Each plugin will require slightly different code.\u003C\u002Fp>\n\u003Cp>Here are \u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002Ftag\u002Fevents\u002F\" rel=\"nofollow ugc\">tutorials for popular event calendar plugins\u003C\u002Fa>. If your plugin is not listed here, submit a support request and I’ll add it!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Tutorials\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002Ftutorials\u002F\" rel=\"nofollow ugc\">Our tutorials\u003C\u002Fa> cover common customization requests, and are updated often.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Full Documentation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002Fdocs\u002Fparameters\u002F#query-parameters\" rel=\"nofollow ugc\">Query parameters\u003C\u002Fa> for customizing which posts are listed (filter by category, tag, date…)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002Fdocs\u002Fparameters\u002F#display-parameters\" rel=\"nofollow ugc\">Display parameters\u003C\u002Fa> determine how the posts appear (title, excerpt, image…)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002F2019\u002F01\u002F04\u002Fuse-template-parts-to-match-your-themes-styling\u002F\" rel=\"nofollow ugc\">Template parts\u003C\u002Fa> for Display Posts to perfectly match your theme’s post listings\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002Fdocs\u002Fthe-output-filter\u002F\" rel=\"nofollow ugc\">Output filter\u003C\u002Fa> for complete control over how the listing looks on your site\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdisplayposts.com\u002Fdocs\u002Fparameters\u002F#display-parameters\" rel=\"nofollow ugc\">Filters\u003C\u002Fa> for even more powerful customizations for developers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Extensions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbillerickson\u002FDisplay-Posts-Pagination\" rel=\"nofollow ugc\">Display Posts – Pagination\u003C\u002Fa> – Allow results of Display Posts to be paginated\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisplay-posts-date-view\u002F\" rel=\"ugc\">Display Posts – Date View\u003C\u002Fa> – Lets you break your content down by month or year.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbillerickson\u002FDisplay-Posts-Alpha-View\" rel=\"nofollow ugc\">Display Posts – Alpha View\u003C\u002Fa> – Display an alphabetical listing of your content, broken down by letter\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbillerickson\u002FDisplay-Posts-Transient-Cache\" rel=\"nofollow ugc\">Display Posts – Transient Cache\u003C\u002Fa> – Cache the output using transients\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbillerickson\u002Fdps-coauthor-addon\" rel=\"nofollow ugc\">Co-Authors Plus Addon\u003C\u002Fa> – multiple authors on posts\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbillerickson\u002Fdps-columns-extension\" rel=\"nofollow ugc\">Columns Extension\u003C\u002Fa> – display posts in columns\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbillerickson\u002FDPS-Exclude-Sticky\" rel=\"nofollow ugc\">DPS Exclude Sticky\u003C\u002Fa> – exclude sticky posts unless specifically requested\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fshazahm1\u002FDisplay-Posts-Shortcode-Pinch-Zoomer\" rel=\"nofollow ugc\">DPS Pinch Zoomer\u003C\u002Fa> – adds support pinch zooming post images on mobile devices and mouse wheel zooming on desktops\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fshazahm1\u002FDisplay-Posts-Shortcode-Remote\" rel=\"nofollow ugc\">Display Posts Shortcode Remote\u003C\u002Fa> – display posts from a remote WordPress site utilizing the WP REST API.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a listing of content on your website using a simple shortcode. Filter the results by category, author, and more.",80000,1250447,96,164,"2024-10-14T16:53:00.000Z","6.6.5","3.0",[136,137,65,138,21],"page","pages","query","https:\u002F\u002Fdisplayposts.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-posts-shortcode.3.0.3.zip",92,{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":150,"downloaded":151,"rating":43,"num_ratings":11,"last_updated":152,"tested_up_to":153,"requires_at_least":154,"requires_php":17,"tags":155,"homepage":160,"download_link":161,"security_score":162,"vuln_count":163,"unpatched_count":13,"last_vuln_date":164,"fetched_at":26},"wp-show-posts","WP Show Posts","1.1.6","Tom","https:\u002F\u002Fprofiles.wordpress.org\u002Fedge22\u002F","\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>This plugin is only receiving security updates at this time. Check out our \u003Ca href=\"https:\u002F\u002Fgenerateblocks.com\u002F\" rel=\"nofollow ugc\">GenerateBlocks\u003C\u002Fa> plugin for a more modern solution.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"WP Show Posts\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F175638957?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Cp>WP Show Posts allows you to display posts anywhere on your website using an easy to use shortcode.\u003C\u002Fp>\n\u003Cp>You can pull posts from any post type like WooCommerce, Easy Digital Downloads etc..\u003C\u002Fp>\n\u003Cp>This plugin works with any theme.\u003C\u002Fp>\n\u003Cp>Here are the features in the free version:\u003C\u002Fp>\n\u003Ch4>Posts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Post type\u003C\u002Fli>\n\u003Cli>Taxonomy\u003C\u002Fli>\n\u003Cli>Terms\u003C\u002Fli>\n\u003Cli>Posts per page\u003C\u002Fli>\n\u003Cli>Pagination\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Columns\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Columns\u003C\u002Fli>\n\u003Cli>Columns gutter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Images\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Show images\u003C\u002Fli>\n\u003Cli>Image width\u003C\u002Fli>\n\u003Cli>Image height\u003C\u002Fli>\n\u003Cli>Image alignment\u003C\u002Fli>\n\u003Cli>Image location\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Content\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Content type (excerpt or full post)\u003C\u002Fli>\n\u003Cli>Excerpt length\u003C\u002Fli>\n\u003Cli>Include title\u003C\u002Fli>\n\u003Cli>Read more text\u003C\u002Fli>\n\u003Cli>Read more button class\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Meta\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Include author\u003C\u002Fli>\n\u003Cli>Author location\u003C\u002Fli>\n\u003Cli>Include date\u003C\u002Fli>\n\u003Cli>Date location\u003C\u002Fli>\n\u003Cli>Include terms\u003C\u002Fli>\n\u003Cli>Terms location\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>More settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Author ID\u003C\u002Fli>\n\u003Cli>Exclude current\u003C\u002Fli>\n\u003Cli>Post ID\u003C\u002Fli>\n\u003Cli>Exclude post ID\u003C\u002Fli>\n\u003Cli>Ignore sticky posts\u003C\u002Fli>\n\u003Cli>Offset\u003C\u002Fli>\n\u003Cli>Order\u003C\u002Fli>\n\u003Cli>Order by\u003C\u002Fli>\n\u003Cli>Status\u003C\u002Fli>\n\u003Cli>Meta key\u003C\u002Fli>\n\u003Cli>Meta value\u003C\u002Fli>\n\u003Cli>Tax operator\u003C\u002Fli>\n\u003Cli>No results message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Our *Pro* version has these features\u003C\u002Fh4>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"WP Show Posts Pro\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F175660953?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpshowposts.com\u002F\" title=\"Check out Pro\" rel=\"nofollow ugc\">Check out Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Posts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>AJAX pagination\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Columns\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Masonry\u003C\u002Fli>\n\u003Cli>Featured post\u003C\u002Fli>\n\u003Cli>Background color\u003C\u002Fli>\n\u003Cli>Background color hover\u003C\u002Fli>\n\u003Cli>Border color\u003C\u002Fli>\n\u003Cli>Border color hover\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Images\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Image overlay color\u003C\u002Fli>\n\u003Cli>Image overlay icon\u003C\u002Fli>\n\u003Cli>Image hover effect\u003C\u002Fli>\n\u003Cli>Image lightbox\u003C\u002Fli>\n\u003Cli>Image lightbox gallery\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Content\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Read more style\u003C\u002Fli>\n\u003Cli>Read more color\u003C\u002Fli>\n\u003Cli>Content link color\u003C\u002Fli>\n\u003Cli>Content link color hover\u003C\u002Fli>\n\u003Cli>Content text color\u003C\u002Fli>\n\u003Cli>Title color\u003C\u002Fli>\n\u003Cli>Title color hover\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Meta\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Meta color\u003C\u002Fli>\n\u003Cli>Meta color hover\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Social\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Twitter color + hover\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Facebook color + hover\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Google+ color + hover\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Pinterest color + hover\u003C\u002Fli>\n\u003Cli>Love it\u003C\u002Fli>\n\u003Cli>Alignment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out GeneratePress, our awesome WordPress theme! (https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fgeneratepress)\u003C\u002Fp>\n","Add posts to your website from any post type using a simple shortcode.",70000,604723,"2024-04-16T19:12:00.000Z","6.1.10","4.5",[121,156,157,158,159],"gallery","portfolio","post-columns","show-posts","https:\u002F\u002Fwpshowposts.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-show-posts.1.1.6.zip",90,3,"2024-04-16 00:00:00",{"attackSurface":166,"codeSignals":176,"taintFlows":183,"riskAssessment":184,"analyzedAt":191},{"hooks":167,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":175,"entryPointCount":24,"unprotectedCount":13},[],[],[],[171],{"tag":20,"callback":172,"file":173,"line":174},"createRagicEmbedJS","ragic.php",55,[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":180,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":182},[],{"prepared":13,"raw":13,"locations":179},[],{"escaped":13,"rawEcho":13,"locations":181},[],[],[],{"summary":185,"deductions":186},"The \"ragic-shortcode\" plugin v1.3 exhibits a generally positive security posture based on the static analysis.  It adheres to several good security practices, notably by not using any dangerous functions, executing all SQL queries with prepared statements, and ensuring all output is properly escaped.  Furthermore, it avoids file operations, external HTTP requests, and does not bundle any external libraries, which reduces potential attack vectors. The attack surface is minimal, consisting solely of one shortcode, and importantly, there are no unprotected entry points identified in this analysis.  Taint analysis also indicates no critical or high severity flows, suggesting a lack of easily exploitable data handling vulnerabilities within the current code. \n\nHowever, the plugin's security record is tarnished by its vulnerability history. The presence of one known CVE, even if currently patched, suggests past issues that required remediation. The fact that this vulnerability was of medium severity and related to Cross-site Scripting (XSS) is a concern, as XSS can lead to account takeovers and other serious security breaches. While the current version may be patched, the historical pattern warrants caution. The absence of nonce and capability checks on its single shortcode entry point is also a potential weakness, as it means any user could potentially trigger its functionality, although the lack of other exploitable code signals mitigates this risk significantly in the current version. The lack of these checks on shortcodes could be a future vulnerability if the shortcode's functionality evolves to handle sensitive data or actions.\n\nIn conclusion, while \"ragic-shortcode\" v1.3 demonstrates commendable coding practices in its current implementation, particularly regarding SQL and output handling, its past vulnerability history and the absence of explicit authorization checks on its shortcode are points of concern. The plugin is relatively secure due to its minimal attack surface and good coding hygiene, but users should remain vigilant regarding future updates and the potential for new vulnerabilities, especially given the historical XSS issue.  The absence of capability checks on the shortcode is a weakness that, while not currently exploitable due to other code characteristics, represents a risk if the shortcode's functionality changes.",[187,189],{"reason":188,"points":95},"Known CVE (medium severity)",{"reason":190,"points":95},"Shortcode lacks capability checks","2026-03-16T21:27:34.616Z",{"wat":193,"direct":204},{"assetPaths":194,"generatorPatterns":197,"scriptPaths":198,"versionParams":201},[195,196],"\u002Fwp-content\u002Fplugins\u002Fragic-shortcode\u002Fintl\u002Fcommon\u002Fload.js","\u002Fwp-content\u002Fplugins\u002Fragic-shortcode\u002Fintl\u002Fcommon\u002Floadfts.js",[],[199,200],"\u002F\u002Fa.hostname\u002Fintl\u002Fcommon\u002Fload.js?wp","\u002F\u002Fa.hostname\u002Fintl\u002Fcommon\u002Floadfts.js?wp",[202,203],"ragic-shortcode\u002Fintl\u002Fcommon\u002Fload.js?ver=","ragic-shortcode\u002Fintl\u002Fcommon\u002Floadfts.js?ver=",{"cssClasses":205,"htmlComments":207,"htmlAttributes":210,"restEndpoints":212,"jsGlobals":213,"shortcodeOutput":217},[206],"ragic_rawembed",[208,209]," * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * "," * * DON'T EDIT BELOW THIS LINE * * ",[211],"sandbox=\"allow-modals allow-forms allow-popups allow-scripts allow-same-origin\"",[],[214,215,216],"ragic_url","ragic_feature","webFormVersionIsNew",[218,219],"\u003Cdiv id='ragic_webview'>\u003C\u002Fdiv>","\u003Cdiv style='height:200;width:300;text-align:center'>\u003Ch3>There is something wrong with your short code parameter!\u003C\u002Fh3>\u003C\u002Fdiv>"]