[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGfZ8Tx1FEelYXUfAmj2kvUkqQG3KOW6431XDQ9mUngc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":133,"fingerprints":420},"rg-slider","RG Slider","1.4.3","Crinsane","https:\u002F\u002Fprofiles.wordpress.org\u002Fcrinsane\u002F","\u003Cp>A jQuery slideshow on your website\u002Fblog made easy\u003C\u002Fp>\n\u003Cp>Just create a slideshow, upload images, crop them on-site and include the slideshow on your page or post.\u003C\u002Fp>\n\u003Ch4>Main Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Create multiple slideshows\u003C\u002Fli>\n\u003Cli>Crop images to size without the use of Photoshop or something\u003C\u002Fli>\n\u003Cli>Set all kinds of options (image size, image quality, slideshow animation)\u003C\u002Fli>\n\u003Cli>UI that’s very close to the native WordPress feel.\u003C\u002Fli>\n\u003Cli>Available in English and Dutch (Other translations wanted!)\u003C\u002Fli>\n\u003C\u002Ful>\n","A jQuery slideshow on your website\u002Fblog made easy",10,2502,0,"2013-12-02T21:00:00.000Z","3.8.41","3.5","",[19,20,21,22,23],"images","jquery","slider","slides","slideshow","http:\u002F\u002Frobgloudemans.nl\u002Frg-slider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frg-slider.1.4.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"crinsane",1,30,84,"2026-04-04T22:05:12.967Z",[37,58,76,101,118],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":32,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"cycle-responsive-slider","Cycle Responsive Slider","1.2.1","Kiran Antony","https:\u002F\u002Fprofiles.wordpress.org\u002Fkiranantony\u002F","\u003Cp>The Cycle Responsive Slider plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle2 Plugin slideshow of the images.\u003C\u002Fp>\n\u003Cp>Each image can also be given a URL which, when the image is active in the slideshow, will be used as an anchor wrapper around the image, turning the image into a link to the URL you specified.  The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>Images can also be deleted via the plugins Administration page.\u003C\u002Fp>\n\u003Ch3>1.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Improved Code Base (Object Oriented) \u003C\u002Fli>\n\u003Cli>Solved Issues with loading large number of images\u003C\u002Fli>\n\u003Cli>Solved Issue With Multiple Instance of the slider in a sinlge page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.2.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Some Bug Fixes\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin creates an image slideshow in your theme, using the jQuery Cycle2 plugin. You can upload\u002Fdelete images via the administration panel.",50,2607,100,"2024-07-14T18:09:00.000Z","6.5.8","3.0",[19,52,53,23,54],"jquery-cycle2","responsive-slider","wp-cycle","http:\u002F\u002Fwww.kiranantony.com\u002Fwp-cycle2\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcycle-responsive-slider.1.2.1.zip",92,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":47,"num_ratings":32,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":74,"download_link":75,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"haq-slider","HAQ Slider","2.0.1","Husain Ahmed","https:\u002F\u002Fprofiles.wordpress.org\u002Fhusainahmedqureshi\u002F","\u003Cp>This is the most powerful and intuitive WordPress slider plugin. plugin allows you to upload images from your computer. A beautiful transition effect to makes creating slides and efficient.\u003Cbr \u002F>\nEvery slide can also add link URL. Use shortcode  [haq_slider] for page, post, widget etc.\u003C\u002Fp>\n\u003Ch3>Rate This Plugin:\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fhaq-slider\u002Freviews\u002F\" rel=\"ugc\">Please rate HAQ Slider Plugin\u003C\u002Fa>\u003C\u002Fp>\n","Allows you to add fully customizable, responsive. This plugin creates an image slide in your theme. You can upload\u002Fdelete images via the admin panel,",1287,"2024-07-30T12:33:00.000Z","6.6.5","4.0",[71,72,73,21,23],"images-slider","jquery-slider","slide-effect","https:\u002F\u002Fhusain25.wordpress.com\u002Fplugins\u002Fhaq-slider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhaq-slider.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":98,"download_link":99,"security_score":47,"vuln_count":32,"unpatched_count":13,"last_vuln_date":100,"fetched_at":28},"wp-header-images","WP Header Images","2.1.3","Fahad Mahmood","https:\u002F\u002Fprofiles.wordpress.org\u002Ffahadmahmood\u002F","\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fwww.androidbubbles.com\u002Fcontact\" rel=\"nofollow ugc\">Fahad Mahmood\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Project URI: \u003Ca href=\"http:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fplugins\u002Fwp-header-images\" rel=\"nofollow ugc\">http:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fplugins\u002Fwp-header-images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Demo Link: \u003Ca href=\"http:\u002F\u002Fdemo.androidbubble.com\u002Fwp-header-images\" rel=\"nofollow ugc\">http:\u002F\u002Fdemo.androidbubble.com\u002Fwp-header-images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Demo Link:  \u003Ca href=\"http:\u002F\u002Fdemo.androidbubble.com\u002Fwp-header-images-slider\" rel=\"nofollow ugc\">http:\u002F\u002Fdemo.androidbubble.com\u002Fwp-header-images-slider\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Shortcode: [WP_HEADER_IMAGES]\u003C\u002Fp>\n\u003Cp>WP Header Images is a great plugin to implement custom header images for each page. You can set images easily and later can manage CSS from your theme.\u003Cbr \u002F>\nWP Header Images is a WordPress plugin which helps you to choose a unique image for each menu page. Normally a menu item can be either page, post, category, product or even just a link. These menu items can be managed from WordPress Admin > Appearance > Menus.\u003Cbr \u002F>\nWooCommerce categories can have unique header images by using this plugin. It was a difficult thing to manage different slideshow before, most of the times you have to be restricted for banner area for only home page. And that home banners cannot be used for all pages. By this plugin you can use unique header images for each WooCommerce category and product pages too.\u003C\u002Fp>\n\u003Ch4>Tags\u003C\u002Fh4>\n\u003Cp>page header, head image, slideshow, dynamic header, dynamic images\u003C\u002Fp>\n\u003Ch3>Video Tutorials\u003C\u002Fh3>\n\u003Ch4>How it works?\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F4zJpBtWP2mw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Compatibility List\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Guava Pattern\u003C\u002Fli>\n\u003Cli>Genesis\u003C\u002Fli>\n\u003Cli>Thesis\u003C\u002Fli>\n\u003Cli>WooThemes\u003C\u002Fli>\n\u003Cli>Gantry\u003C\u002Fli>\n\u003Cli>Carrington Core\u003C\u002Fli>\n\u003Cli>Hybrid Core\u003C\u002Fli>\n\u003Cli>Options Framework\u003C\u002Fli>\n\u003Cli>Redux Framework\u003C\u002Fli>\n\u003Cli>SMOF\u003C\u002Fli>\n\u003Cli>UPThemes\u003C\u002Fli>\n\u003Cli>Vafpress\u003C\u002Fli>\n\u003Cli>Codestar\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>I would appreciate the suggestions related to new features. Please don’t forget to support this free plugin by giving your awesome reviews.\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>Ordered list:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Can be used with WooCommerce\u003C\u002Fli>\n\u003Cli>Exceptional support is available\u003C\u002Fli>\n\u003Cli>Developed according to the WordPress plugin development standards\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Unordered list:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It can be used with menu pages\u003C\u002Fli>\n\u003Cli>It can be used with menu posts\u003C\u002Fli>\n\u003Cli>It can be used with menu links\u003C\u002Fli>\n\u003Cli>It can be used with menu categories\u003C\u002Fli>\n\u003Cli>It can be used with menu products\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This WordPress Plugin is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or any later version. This free software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this software. If not, see http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html.\u003C\u002Fp>\n","A great WordPress plugin which helps you to choose a unique image for each menu page.",6000,232167,86,36,"2025-04-25T01:20:00.000Z","6.8.5","3.0.1","7.0",[93,94,95,96,97],"custom-header","custom-images","header-images","image-slider","images-slideshow","http:\u002F\u002Fandroidbubble.com\u002Fblog\u002Fwordpress\u002Fplugins\u002Fwp-header-images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-header-images.2.1.3.zip","2021-10-11 00:00:00",{"slug":54,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":50,"requires_php":17,"tags":114,"homepage":116,"download_link":117,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"WP-Cycle","0.1.13","Nathan Rice","https:\u002F\u002Fprofiles.wordpress.org\u002Fnathanrice\u002F","\u003Cp>The WP-Cycle plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow of the images.\u003C\u002Fp>\n\u003Cp>Each image can also be given a URL which, when the image is active in the slideshow, will be used as an anchor wrapper around the image, turning the image into a link to the URL you specified.  The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>Images can also be deleted via the plugins Administration page.\u003C\u002Fp>\n","This plugin creates an image slideshow in your theme, using the jQuery Cycle plugin. You can upload\u002Fdelete images via the administration panel, and di &hellip;",3000,235406,72,12,"2012-08-15T03:09:00.000Z","3.4.2",[19,115,23],"jquery-cycle","http:\u002F\u002Fwww.nathanrice.net\u002Fplugins\u002Fwp-cycle\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-cycle.0.1.13.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":47,"downloaded":126,"rating":47,"num_ratings":127,"last_updated":128,"tested_up_to":113,"requires_at_least":50,"requires_php":17,"tags":129,"homepage":131,"download_link":132,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-cycle-plus-captions","WP-Cycle Plus Captions","0.4.5","Snub_Fighter","https:\u002F\u002Fprofiles.wordpress.org\u002Ftech-squawkers\u002F","\u003Cp>The WP-Cycle Plus Captions plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow.\u003C\u002Fp>\n\u003Cp>Each image can be given a URL, the active image will then work just like your basic text link. The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>New!\u003C\u002Fp>\n\u003Cp>Now each image can now be assigned a caption. Each caption will display below its parent image as they rotate.\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch4>Internet Explorer Display issue\u003C\u002Fh4>\n\u003Cp>Images may appear blank or hidden. Check your themes style sheet for IMG { max-width:100%; } and comment or remove it.\u003C\u002Fp>\n\u003Ch3>WP-Cycle Changelog\u003C\u002Fh3>\n\u003Ch4>0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Initial Release\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added automatic defaults database insertion\u003C\u002Fli>\n\u003Cli>Added [wp_cycle] shortcode\u003C\u002Fli>\n\u003Cli>Buggy release, ended up reverting to 0.1\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Unreleased version, used for testing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added stable [wp_cycle] shortcode\u003C\u002Fli>\n\u003Cli>Added transition duration control to settings\u003C\u002Fli>\n\u003Cli>Added transition delay control to settings\u003C\u002Fli>\n\u003Cli>Added new options to the defaults array (for filtering)\u003C\u002Fli>\n\u003Cli>Changed some wording in the settings\u003C\u002Fli>\n\u003Cli>Upgraded jQuery Cycle plugin from 2.63 to 2.65\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added empty alt tag to images to pass vaidation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.5\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed the error that got produced when trying to loop through a non-array variable (duh!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.6\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed the shortcode positioning problem\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.7\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Upgraded jQuery Cycle plugin from 2.65 to 2.81\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.8\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added \u003Ccode>position: relative;\u003C\u002Fcode> to the slideshow div\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.9\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Moved script and args to the \u003Ccode>wp_footer\u003C\u002Fcode> hook\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.10\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed minor bug from 0.1.9\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.11\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Moved WP-Cycle menu location from “Plugins” to “Media”\u003C\u002Fli>\n\u003Cli>Updated the menu registration to comply with new roles methodology.\u003C\u002Fli>\n\u003Cli>Added “Settings” link on plugins page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.12\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Updated jQuery Cycle plugin to 2.99\u003C\u002Fli>\n\u003C\u002Ful>\n","The WP-Cycle Plus Captions plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow.",8596,3,"2013-02-06T19:26:00.000Z",[130,19,115,23],"captions","http:\u002F\u002Fwww.tech-squawkers.com\u002Fwp-cycle-plus-captions\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-cycle-plus-captions.0.4.5.zip",{"attackSurface":134,"codeSignals":215,"taintFlows":306,"riskAssessment":409,"analyzedAt":419},{"hooks":135,"ajaxHandlers":199,"restRoutes":208,"shortcodes":209,"cronEvents":213,"entryPointCount":127,"unprotectedCount":214},[136,142,145,148,152,155,161,165,169,173,177,180,183,187,191,195],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_menu","setup_crop_page","rg-slider-croppage.php",7,{"type":137,"name":138,"callback":143,"file":144,"line":141},"setup_main_page","rg-slider-mainpage.php",{"type":137,"name":138,"callback":146,"file":147,"line":141},"setup_options_page","rg-slider-optionspage.php",{"type":137,"name":149,"callback":150,"file":151,"line":141},"init","add_custom_posttype","rg-slider-posttype.php",{"type":137,"name":149,"callback":153,"file":151,"line":154},"add_custom_taxonomy",8,{"type":156,"name":157,"callback":158,"file":159,"line":160},"filter","upload_dir","set_upload_dir","rg-slider-slide.php",347,{"type":137,"name":162,"callback":163,"file":164,"line":87},"plugins_loaded","plugin_textdomain","rg-slider.php",{"type":137,"name":166,"callback":167,"file":164,"line":168},"admin_action_upload_slide","upload",54,{"type":137,"name":170,"callback":171,"file":164,"line":172},"admin_action_create_slide","create",55,{"type":137,"name":174,"callback":175,"file":164,"line":176},"admin_action_update_slide","update",56,{"type":137,"name":178,"callback":171,"file":164,"line":179},"admin_action_create_slideshow",57,{"type":137,"name":181,"callback":175,"file":164,"line":182},"admin_action_update_slideshow",58,{"type":137,"name":184,"callback":185,"file":164,"line":186},"admin_action_delete_slideshow","delete",59,{"type":137,"name":188,"callback":189,"file":164,"line":190},"admin_notices","rg_slider_admin_notifications",64,{"type":137,"name":192,"callback":193,"file":164,"line":194},"admin_enqueue_scripts","enqueue_admin_scripts",71,{"type":137,"name":196,"callback":197,"file":164,"line":198},"wp_enqueue_scripts","register_frontend_scripts",74,[200,205],{"action":201,"nopriv":202,"callback":203,"hasNonce":202,"hasCapCheck":202,"file":164,"line":204},"get_rg_slider_options",false,"get_options",77,{"action":206,"nopriv":202,"callback":206,"hasNonce":202,"hasCapCheck":202,"file":164,"line":207},"get_pages_and_posts",80,[],[210],{"tag":4,"callback":211,"file":164,"line":212},"rg_slider_shortcode",247,[],2,{"dangerousFunctions":216,"sqlUsage":217,"outputEscaping":219,"fileOperations":154,"externalRequests":13,"nonceChecks":214,"capabilityChecks":13,"bundledLibraries":305},[],{"prepared":13,"raw":13,"locations":218},[],{"escaped":220,"rawEcho":221,"locations":222},40,47,[223,225,227,228,230,232,234,235,236,237,239,241,242,244,246,247,250,252,253,255,256,257,259,261,263,265,267,269,270,271,273,275,276,277,279,281,283,285,287,289,291,293,295,297,299,301,303],{"file":140,"line":194,"context":224},"raw output",{"file":140,"line":226,"context":224},76,{"file":140,"line":207,"context":224},{"file":140,"line":229,"context":224},81,{"file":140,"line":231,"context":224},82,{"file":140,"line":233,"context":224},83,{"file":140,"line":34,"context":224},{"file":140,"line":26,"context":224},{"file":140,"line":86,"context":224},{"file":140,"line":238,"context":224},88,{"file":140,"line":240,"context":224},93,{"file":140,"line":240,"context":224},{"file":140,"line":243,"context":224},116,{"file":140,"line":245,"context":224},124,{"file":140,"line":245,"context":224},{"file":248,"line":249,"context":224},"rg-slider-listtable.php",233,{"file":144,"line":251,"context":224},61,{"file":144,"line":190,"context":224},{"file":144,"line":254,"context":224},75,{"file":144,"line":254,"context":224},{"file":144,"line":86,"context":224},{"file":144,"line":258,"context":224},114,{"file":144,"line":260,"context":224},115,{"file":144,"line":262,"context":224},117,{"file":144,"line":264,"context":224},120,{"file":144,"line":266,"context":224},130,{"file":147,"line":268,"context":224},37,{"file":147,"line":268,"context":224},{"file":147,"line":179,"context":224},{"file":147,"line":272,"context":224},60,{"file":147,"line":274,"context":224},69,{"file":147,"line":110,"context":224},{"file":147,"line":86,"context":224},{"file":147,"line":278,"context":224},89,{"file":147,"line":280,"context":224},95,{"file":147,"line":282,"context":224},98,{"file":147,"line":284,"context":224},104,{"file":147,"line":286,"context":224},107,{"file":147,"line":288,"context":224},148,{"file":147,"line":290,"context":224},157,{"file":147,"line":292,"context":224},171,{"file":147,"line":294,"context":224},174,{"file":147,"line":296,"context":224},183,{"file":147,"line":298,"context":224},192,{"file":159,"line":300,"context":224},403,{"file":164,"line":302,"context":224},205,{"file":164,"line":304,"context":224},228,[],[307,324,336,346,365,374,384,393],{"entryPoint":308,"graph":309,"unsanitizedCount":127,"severity":323},"display (rg-slider-croppage.php:19)",{"nodes":310,"edges":321},[311,316],{"id":312,"type":313,"label":314,"file":140,"line":315},"n0","source","$_GET (x3)",24,{"id":317,"type":318,"label":319,"file":140,"line":86,"wp_function":320},"n1","sink","echo() [XSS]","echo",[322],{"from":312,"to":317,"sanitized":202},"medium",{"entryPoint":325,"graph":326,"unsanitizedCount":32,"severity":323},"create (rg-slider-slide.php:47)",{"nodes":327,"edges":334},[328,330],{"id":312,"type":313,"label":329,"file":159,"line":172},"$_POST",{"id":317,"type":318,"label":331,"file":159,"line":332,"wp_function":333},"wp_redirect() [Open Redirect]",108,"wp_redirect",[335],{"from":312,"to":317,"sanitized":202},{"entryPoint":337,"graph":338,"unsanitizedCount":32,"severity":323},"update (rg-slider-slide.php:114)",{"nodes":339,"edges":344},[340,342],{"id":312,"type":313,"label":329,"file":159,"line":341},118,{"id":317,"type":318,"label":331,"file":159,"line":343,"wp_function":333},144,[345],{"from":312,"to":317,"sanitized":202},{"entryPoint":347,"graph":348,"unsanitizedCount":214,"severity":323},"update (rg-slider-slideshow.php:56)",{"nodes":349,"edges":362},[350,354,357,360],{"id":312,"type":313,"label":351,"file":352,"line":353},"$_POST['show_slug']","rg-slider-slideshow.php",123,{"id":317,"type":318,"label":355,"file":352,"line":353,"wp_function":356},"update_option() [Settings Manipulation]","update_option",{"id":358,"type":313,"label":351,"file":352,"line":359},"n2",138,{"id":361,"type":318,"label":331,"file":352,"line":359,"wp_function":333},"n3",[363,364],{"from":312,"to":317,"sanitized":202},{"from":358,"to":361,"sanitized":202},{"entryPoint":366,"graph":367,"unsanitizedCount":127,"severity":373},"\u003Crg-slider-croppage> (rg-slider-croppage.php:0)",{"nodes":368,"edges":371},[369,370],{"id":312,"type":313,"label":314,"file":140,"line":315},{"id":317,"type":318,"label":319,"file":140,"line":86,"wp_function":320},[372],{"from":312,"to":317,"sanitized":202},"low",{"entryPoint":375,"graph":376,"unsanitizedCount":13,"severity":373},"\u003Crg-slider-slide> (rg-slider-slide.php:0)",{"nodes":377,"edges":381},[378,380],{"id":312,"type":313,"label":379,"file":159,"line":172},"$_POST (x2)",{"id":317,"type":318,"label":331,"file":159,"line":332,"wp_function":333},[382],{"from":312,"to":317,"sanitized":383},true,{"entryPoint":385,"graph":386,"unsanitizedCount":13,"severity":373},"create (rg-slider-slideshow.php:5)",{"nodes":387,"edges":391},[388,390],{"id":312,"type":313,"label":329,"file":352,"line":389},14,{"id":317,"type":318,"label":331,"file":352,"line":45,"wp_function":333},[392],{"from":312,"to":317,"sanitized":383},{"entryPoint":394,"graph":395,"unsanitizedCount":13,"severity":373},"\u003Crg-slider-slideshow> (rg-slider-slideshow.php:0)",{"nodes":396,"edges":405},[397,398,399,400,401,403],{"id":312,"type":313,"label":329,"file":352,"line":389},{"id":317,"type":318,"label":331,"file":352,"line":45,"wp_function":333},{"id":358,"type":313,"label":351,"file":352,"line":353},{"id":361,"type":318,"label":355,"file":352,"line":353,"wp_function":356},{"id":402,"type":313,"label":351,"file":352,"line":359},"n4",{"id":404,"type":318,"label":331,"file":352,"line":359,"wp_function":333},"n5",[406,407,408],{"from":312,"to":317,"sanitized":383},{"from":358,"to":361,"sanitized":383},{"from":402,"to":404,"sanitized":383},{"summary":410,"deductions":411},"The \"rg-slider\" v1.4.3 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by not containing any dangerous functions, all SQL queries utilize prepared statements, and there's no recorded vulnerability history, suggesting a generally secure development approach. However, significant concerns arise from the attack surface and output escaping. Two AJAX handlers lack authentication checks, presenting a direct entry point for potential unauthorized actions. Furthermore, less than half of the output operations are properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities where user-supplied data could be injected and executed in a user's browser. While no critical taint flows or raw SQL queries were detected, the combination of unprotected entry points and inadequate output sanitization creates a notable risk.\n\nThe absence of known CVEs and a clean vulnerability history is a strong positive indicator. It implies that the plugin has not been a target for widespread exploitation or has been actively maintained to address past issues. However, this absence does not negate the risks identified in the static analysis. The taint analysis, while not flagging critical or high severity issues, did identify five flows with unsanitized paths, which, when combined with the unprotected AJAX endpoints, could potentially be exploited. The plugin also has a relatively small attack surface with only three entry points, two of which are unprotected, which is a concern. Overall, while the plugin has strengths in its SQL handling and lack of known vulnerabilities, the insufficient output escaping and unprotected AJAX handlers represent actionable security weaknesses that should be addressed.",[412,414,416],{"reason":413,"points":11},"Unprotected AJAX handlers",{"reason":415,"points":154},"Low percentage of properly escaped output",{"reason":417,"points":418},"Flows with unsanitized paths detected",5,"2026-03-17T01:04:02.006Z",{"wat":421,"direct":442},{"assetPaths":422,"generatorPatterns":431,"scriptPaths":432,"versionParams":433},[423,424,425,426,427,428,429,430],"\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fcss\u002Frg-slider-menu-style.css","\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fcss\u002Frg-slider-style.css","\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fjs\u002Frg-slider-scripts-crop.js","\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fjs\u002Frg-slider-scripts-options.js","\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fjs\u002Frg-slider-scripts.js","\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fcss\u002Fcoin-slider-styles.css","\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fjs\u002Fcoin-slider.js","\u002Fwp-content\u002Fplugins\u002Frg-slider\u002Fassets\u002Fjs\u002Frg-slider.js",[],[425,426,427,429,430],[434,435,436,437,438,439,440,441],"rg-slider\u002Fassets\u002Fcss\u002Frg-slider-menu-style.css?ver=","rg-slider\u002Fassets\u002Fcss\u002Frg-slider-style.css?ver=","rg-slider\u002Fassets\u002Fjs\u002Frg-slider-scripts-crop.js?ver=","rg-slider\u002Fassets\u002Fjs\u002Frg-slider-scripts-options.js?ver=","rg-slider\u002Fassets\u002Fjs\u002Frg-slider-scripts.js?ver=","rg-slider\u002Fassets\u002Fcss\u002Fcoin-slider-styles.css?ver=","rg-slider\u002Fassets\u002Fjs\u002Fcoin-slider.js?ver=","rg-slider\u002Fassets\u002Fjs\u002Frg-slider.js?ver=",{"cssClasses":443,"htmlComments":448,"htmlAttributes":451,"restEndpoints":463,"jsGlobals":464,"shortcodeOutput":466},[444,445,446,447],"rg-slider-slideshow-container","rg-slider-slide-caption","rg-slider-slide-title","rg-slider-slide-description",[449,450],"\u003C!-- Get the ball rollin... -->","\u003C!-- Alias the main rg_nivoslider function to a shortcode -->",[452,453,454,455,456,457,458,459,460,461,462],"data-delay","data-navigation","data-next-prev","data-prev","data-next","data-caption-opacity","data-caption-bgcolor","data-caption-textcolor","data-slide-width","data-slide-height","data-quality",[],[465],"rg_l10n_object",[467],"\u003Cdiv class=\"rg-slider-slideshow-container\" data-delay=\"5000\" data-navigation=\"1\" data-next-prev=\"1\" data-caption-opacity=\"70\" data-caption-bgcolor=\"#000000\" data-caption-textcolor=\"#ffffff\" data-slide-width=\"400\" data-slide-height=\"400\" data-quality=\"80\">"]