[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fz6yY44jWR0rRfSQo-0qph9zJlbCaQP_HKnsESLOCiSc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":119,"fingerprints":209},"rivercraft","RiverCraft","1.3.2","RiverNight","https:\u002F\u002Fprofiles.wordpress.org\u002Frivernight\u002F","\u003Cp>\u003Cstrong>RiveCraft\u003C\u002Fstrong> permet d’unir votre serveur Minecraft et votre site\u002Fblog WordPress à l’aide de JSONAPI.\u003Cbr \u002F>\nPour plus d’information, cliquez \u003Ca href=\"http:\u002F\u002Fwww.bukkit.fr\u002Findex.php?threads\u002Fweb-rivercraft-union-de-wordpress-et-de-minecraft.5048\u002F\" rel=\"nofollow ugc\">ici\u003C\u002Fa>\u003C\u002Fp>\n","RiverCraft permet d'unir votre serveur Minecraft et votre site\u002Fblog Wordpress à l'aide de JSONAPI.",10,4218,100,2,"2013-09-08T12:47:00.000Z","3.6.1","3.0","",[20,21,22],"bukkit","jsonapi","minecraft","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frivercraft.1.3.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"rivernight",1,30,84,"2026-04-04T21:21:54.167Z",[36,53,70,87,102],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":13,"num_ratings":31,"last_updated":18,"tested_up_to":45,"requires_at_least":46,"requires_php":18,"tags":47,"homepage":50,"download_link":51,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":52},"statusmc","StatusMC","1.1","sync667","https:\u002F\u002Fprofiles.wordpress.org\u002Fsync667\u002F","\u003Ch3>Opis\u003C\u002Fh3>\n\u003Cp>Wyświetla informacje odnośnie serwera bukkit poprzez JSONAPI.\u003C\u002Fp>\n\u003Cp>Plugin wymaga działającego pluginu JsonAPI po stronie serwera bukkit.\u003Cbr \u002F>\nhttp:\u002F\u002Fdev.bukkit.org\u002Fserver-mods\u002Fjsonapi\u002F\u003C\u002Fp>\n\u003Cp>You must install JsonAPI Plugin on bukkit server before use it.\u003C\u002Fp>\n\u003Ch3>Instalacja\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Wgraj plugin StatusMC do \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> na swoim serwerze\u003C\u002Fli>\n\u003Cli>Aktywuj plugin poprzez zakładkę ‘Plugins’ w menu WordPress\u003C\u002Fli>\n\u003Cli>Umieść nowy widget w porządanym miejscu i skonfiguruj go do działania z serwerem.\u003C\u002Fli>\n\u003C\u002Fol>\n","Wyświetla informacje odnośnie serwera bukkit poprzez JSONAPI.\u002F\u002FIts shows server status via JsonAPI Plugin.",3783,"3.4.2","3.0.0",[20,21,22,48,49],"server","widget","http:\u002F\u002Fsync667.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstatusmc.zip","2026-03-15T10:48:56.248Z",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":11,"downloaded":61,"rating":13,"num_ratings":31,"last_updated":62,"tested_up_to":63,"requires_at_least":16,"requires_php":18,"tags":64,"homepage":68,"download_link":69,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"minecraft-control-panel","Minecraft Control Panel","0.7","Liath","https:\u002F\u002Fprofiles.wordpress.org\u002Fliath\u002F","\u003Ch4>Beschreibung\u003C\u002Fh4>\n\u003Cp>Dieses Plugin ermöglicht Dir die komplette Steuerung Deines Minecraftservers, deren Spielern und Gruppen. Man hat die Möglichkeit ein Widget anzeigen zu lassen, welches die Informationen direkt im Frontend wiedergibt.\u003C\u002Fp>\n\u003Ch4>Geplante Funktionen\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Starten\u002FStoppen\u002FResetten des Servers\u003C\u002Fli>\n\u003Cli>ent\u002Fladen einzelner Plugins\u003C\u002Fli>\n\u003Cli>Benutzerverwaltung inkl. der Vergabe von Items (Shop?!?)\u003C\u002Fli>\n\u003Cli>Gruppenverwaltung\u003C\u002Fli>\n\u003Cli>Chat mit Verbindung ins Spiel für erlaubte Benutzer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Achtung\u003C\u002Fh4>\n\u003Cp>Um das Plugin nutzen zu können, muss auf Deinem Minecraft-Server “JSONAPI” von Alec Gorge installiert und funktionsfähig sein.\u003C\u002Fp>\n\u003Ch4>Download JSONAPI\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Falecgorge\u002Fjsonapi\u002Freleases\u003C\u002Fp>\n\u003Ch4>Feedback\u003C\u002Fh4>\n\u003Cp>Damit das Plugin stetig verbessert werden kann, möchte ich Dich bitten es hier zu bewerten und ein Review zu hinterlassen, damit ich mir Deine Anregungen anschauen und bei Bedarf umsetzen kann.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Hilfe zu diesem Plugin bekommst Du hier: http:\u002F\u002Fplay4pain.tk\u002Fforum\u002F?mingleforumaction=viewtopic&t=4 Beachte bitte, dass ich Dir keinen Support zu dem Minecraftplugin “JSONAPI” geben kann.\u003C\u002Fp>\n\u003Ch4>Information\u003C\u002Fh4>\n\u003Cp>Derzeit werden die Berechtigungen für den Chat noch über den Userlevel geregelt. Eine Möglichkeit diese zu beeinflussen, bietet das WordPressplugin “User Role Editor”. Ich arbeite aber an einer anderen Lösung.\u003C\u002Fp>\n","Zeigt Informationen über Deinen Minecraftserver im Front- und Backend an. Mit User- und Gruppenverwaltung, Pluginsteuerung und Serverkontrolle.",4750,"2014-03-16T23:39:00.000Z","3.7.41",[65,66,21,22,67],"control","info","settings","http:\u002F\u002Fplay4pain.tk\u002Fforum\u002F?mingleforumaction=viewtopic&t=4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminecraft-control-panel.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":11,"downloaded":78,"rating":25,"num_ratings":25,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":18,"tags":82,"homepage":85,"download_link":86,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"minecraft-server-status-checker","Minecraft Server Status Checker","0.1","verblick","https:\u002F\u002Fprofiles.wordpress.org\u002Fverblick\u002F","\u003Cp>This plugin will detect and show the Minecraft Server Status. Works with any kinds of server.\u003C\u002Fp>\n\u003Ch3>Template tags\u003C\u002Fh3>\n\u003Cp>Coming soon in the next version.\u003C\u002Fp>\n","This plugin will detect and show the Minecraft Server Status. Works with any kinds of server.",14051,"2012-05-20T19:28:00.000Z","3.3.2","2.5",[20,83,22,48,84],"checker","status","http:\u002F\u002Fwww.minecraftsv.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminecraft-server-status-checker.0.1.1.zip",{"slug":88,"name":89,"version":39,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":11,"downloaded":94,"rating":25,"num_ratings":25,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":100,"download_link":101,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"minecraft-server-status-widget","MCStatusWidget","WhiteSK","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhitesk\u002F","\u003Cp>It show:\u003Cbr \u002F>\nHostName, IP:Port, Version, World, Player online \u002F Player max, Player list, Plugin list.\u003Cbr \u002F>\nDont need MineQuery Plugin.\u003Cbr \u002F>\nNeed only enable-query=true line in server.properties.\u003C\u002Fp>\n","MCStatusWidget is a widget which show INFO Of Bukkit server.",6684,"2012-06-24T21:55:00.000Z","2.1","2.0.2",[20,22,48,99,84],"serverstatus","Waiting for URI","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminecraft-server-status-widget.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":13,"downloaded":110,"rating":13,"num_ratings":14,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":117,"download_link":118,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"mc-server-status","MC Server Status","1.5.1","Marc Tönsing","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcdk\u002F","\u003Cp>This plugin provides a dynamic display of your Minecraft server’s status, including current active players. Simply input your server’s address and port to get started.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Real-time Server Status: Instantly view whether your Minecraft server is online or offline.\u003C\u002Fli>\n\u003Cli>Active Player Display: See a list of currently active players on your server.\u003C\u002Fli>\n\u003Cli>Supports only Java Minecraft. Bedrock may be supported on popular demand.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Technology\u003C\u002Fh4>\n\u003Cp>Utilizes the robust PHP-Minecraft-Query library for retrieving server information. More details can be found on \u003Ca href=\"https:\u002F\u002Fpackagist.org\u002Fpackages\u002Fxpaw\u002Fphp-minecraft-query\" rel=\"nofollow ugc\">Packagist\u003C\u002Fa>.\u003C\u002Fp>\n","Displays the Minecraft server status along with the active players.",4151,"2026-01-08T15:37:00.000Z","6.8.5","6.1","7.0",[116,22,48],"gutenberg","https:\u002F\u002Ftoensing.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmc-server-status.1.5.1.zip",{"attackSurface":120,"codeSignals":137,"taintFlows":197,"riskAssessment":198,"analyzedAt":208},{"hooks":121,"ajaxHandlers":133,"restRoutes":134,"shortcodes":135,"cronEvents":136,"entryPointCount":25,"unprotectedCount":25},[122,128],{"type":123,"name":124,"callback":125,"file":126,"line":127},"action","admin_menu","panel","panel.php",12,{"type":123,"name":129,"callback":130,"file":131,"line":132},"widgets_init","rcou_widget","widget.php",16,[],[],[],[],{"dangerousFunctions":138,"sqlUsage":139,"outputEscaping":141,"fileOperations":25,"externalRequests":31,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":196},[],{"prepared":25,"raw":25,"locations":140},[],{"escaped":142,"rawEcho":143,"locations":144},5,31,[145,148,150,152,154,156,158,160,161,162,164,166,168,170,171,172,174,176,177,178,180,182,183,184,186,188,189,190,192,194,195],{"file":126,"line":146,"context":147},53,"raw output",{"file":126,"line":149,"context":147},61,{"file":126,"line":151,"context":147},69,{"file":126,"line":153,"context":147},77,{"file":131,"line":155,"context":147},51,{"file":131,"line":157,"context":147},52,{"file":131,"line":159,"context":147},68,{"file":131,"line":159,"context":147},{"file":131,"line":151,"context":147},{"file":131,"line":163,"context":147},76,{"file":131,"line":165,"context":147},83,{"file":131,"line":167,"context":147},119,{"file":131,"line":169,"context":147},120,{"file":131,"line":169,"context":147},{"file":131,"line":169,"context":147},{"file":131,"line":173,"context":147},124,{"file":131,"line":175,"context":147},125,{"file":131,"line":175,"context":147},{"file":131,"line":175,"context":147},{"file":131,"line":179,"context":147},129,{"file":131,"line":181,"context":147},130,{"file":131,"line":181,"context":147},{"file":131,"line":181,"context":147},{"file":131,"line":185,"context":147},134,{"file":131,"line":187,"context":147},135,{"file":131,"line":187,"context":147},{"file":131,"line":187,"context":147},{"file":131,"line":191,"context":147},139,{"file":131,"line":193,"context":147},140,{"file":131,"line":193,"context":147},{"file":131,"line":193,"context":147},[],[],{"summary":199,"deductions":200},"The \"rivercraft\" plugin version 1.3.2 demonstrates a generally positive security posture based on the provided static analysis. The absence of any registered AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. Furthermore, the code signals indicate a lack of dangerous functions, no file operations, and the use of prepared statements for all SQL queries, which are excellent security practices. The plugin also refrains from making external HTTP requests, further reducing potential vulnerabilities.\n\nHowever, the analysis does reveal some areas for concern. A notable weakness is the low percentage of properly escaped output (14%). This indicates a significant risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or dynamic content may not be adequately neutralized before being displayed to users. Additionally, the absence of nonce checks and capability checks across any identified entry points (though there are none explicitly listed as unprotected) suggests a potential for security bypasses if new entry points were introduced or if the plugin's scope were to expand.\n\nThe vulnerability history showing zero known CVEs and no past issues is a strong indicator of good development practices over time. This, combined with the limited attack surface and secure SQL handling, suggests a robust foundation. Nevertheless, the unescaped output remains a critical flaw that requires immediate attention. The overall conclusion is that while \"rivercraft\" has a strong foundation in terms of attack surface management and data handling, the high prevalence of unescaped output presents a substantial XSS risk that overshadows its other strengths.",[201,204,206],{"reason":202,"points":203},"Low output escaping percentage",8,{"reason":205,"points":142},"Missing nonce checks",{"reason":207,"points":142},"Missing capability checks","2026-03-17T00:12:46.496Z",{"wat":210,"direct":217},{"assetPaths":211,"generatorPatterns":213,"scriptPaths":214,"versionParams":215},[212],"\u002Fwp-content\u002Fplugins\u002Frivercraft\u002Fcss\u002Fstyle.css",[],[],[216],"rivercraft\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":218,"htmlComments":219,"htmlAttributes":220,"restEndpoints":221,"jsGlobals":222,"shortcodeOutput":223},[],[],[],[],[],[]]