[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fpDdPA0Om3zILNPF8Gv7LT2DeIKRaWcrxvb559f1SRso":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":18,"download_link":19,"security_score":20,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":33,"fingerprints":69},"rss-via-shortcode-on-page-post","RSS Via Shortcode for Page & Post","1.2.b","Susanta K Beura","https:\u002F\u002Fprofiles.wordpress.org\u002Fsusantabeura\u002F","\u003Cp>The “RSS Via Shortcode on Page or Post” is a simple RSS reader for your site using a simple shortcode \u003Ccode>[rssonpage rss=\"Your Feed URL\"]\u003C\u002Fcode>. You can choose how many RSS feed items to display. You also have the option of linking to the RSS feed source articles. RSS Via Shortcode for Page & Post Plugin can also be used to create Amazon associate affiliate and eBay Partner Network listings.\u003C\u002Fp>\n\u003Ch4>Usages:\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>[rssonpage rss=\"Feed URL\" feeds=\"Number of Items\" excerpt=\"summery true\u002Ffalse\" target=\"_blank|_self\"] \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Where:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ccode>rss\u003C\u002Fcode> = URL of your RSS feed. This is the only tag required.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>feeds\u003C\u002Fcode> = Number of RSS items to be fetched from feed. Default is 10\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>excerpt\u003C\u002Fcode> = Extract feed summery? True or False. Default is true.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>target\u003C\u002Fcode> = Default is ‘_blank’. By default it will open links in a new window\u002Ftab.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>NOTE\u003C\u002Fstrong> Feeds will only be displayed. They will not stored in database. So always new contents for search engines.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Live Preview\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fsusantaslab.com\u002Fcareer\u002Ffreelance-job-openings\u002F\" rel=\"nofollow ugc\">Live \u003Cstrong>oDesk\u003C\u002Fstrong> & \u003Cstrong>Elance\u003C\u002Fstrong> Job Feed\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fsusantaslab.com\u002Fblog\u002Fbestsellers-at-amazon\u002F\" rel=\"nofollow ugc\">Live \u003Cstrong>Amazon Bestsellers Listing\u003C\u002Fstrong> \u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fsusantaslab.com\u002Fblog\u002Fhot-trends-at-ebay\u002F\" rel=\"nofollow ugc\">Live \u003Cstrong>eBay Product Listing\u003C\u002Fstrong> \u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Donate link: http:\u002F\u002Fsusantaslab.com\u002F Tags: rss, post, page, shortcode, rss to post, feed to post, auto blogging, App, atom, atom feed, atom reader, f &hellip;",200,14764,86,9,"2017-11-28T21:57:00.000Z","",[],"http:\u002F\u002Fsusantaslab.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-via-shortcode-on-page-post.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":20,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"susantabeura",2,240,30,84,"2026-04-05T03:02:35.480Z",[],{"attackSurface":34,"codeSignals":52,"taintFlows":59,"riskAssessment":60,"analyzedAt":68},{"hooks":35,"ajaxHandlers":43,"restRoutes":44,"shortcodes":45,"cronEvents":50,"entryPointCount":51,"unprotectedCount":21},[36],{"type":37,"name":38,"callback":39,"priority":40,"file":41,"line":42},"filter","plugin_row_meta","Custom_Plugin_Links",10,"rss-via-shortcode.php",82,[],[],[46],{"tag":47,"callback":48,"file":41,"line":49},"rssonpage","SLB_rss_sc",63,[],1,{"dangerousFunctions":53,"sqlUsage":54,"outputEscaping":56,"fileOperations":21,"externalRequests":21,"nonceChecks":21,"capabilityChecks":21,"bundledLibraries":58},[],{"prepared":21,"raw":21,"locations":55},[],{"escaped":21,"rawEcho":21,"locations":57},[],[],[],{"summary":61,"deductions":62},"The plugin \"rss-via-shortcode-on-page-post\" v1.2.b exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and the proper escaping of all outputs are strong indicators of secure coding practices. Furthermore, the lack of file operations, external HTTP requests, and the complete absence of any recorded vulnerabilities in its history further bolster its security profile.\n\nHowever, a significant concern arises from the complete lack of nonce checks and capability checks. While the current attack surface (limited to a single shortcode) is small and there are no unprotected entry points, this absence of authorization and integrity checks presents a potential risk. If the shortcode's functionality were to evolve or if new vulnerabilities were discovered in the future, the lack of these fundamental security mechanisms could make it easier for attackers to exploit the plugin. The plugin's small attack surface and clean code are positive, but the reliance on the absence of vulnerabilities rather than robust security controls is a weakness.",[63,66],{"reason":64,"points":65},"Missing nonce checks",5,{"reason":67,"points":65},"Missing capability checks","2026-03-16T20:16:30.250Z",{"wat":70,"direct":76},{"assetPaths":71,"generatorPatterns":72,"scriptPaths":73,"versionParams":74},[],[],[],[75],"rss-via-shortcode.php?ver=1.2.b",{"cssClasses":77,"htmlComments":79,"htmlAttributes":80,"restEndpoints":81,"jsGlobals":82,"shortcodeOutput":83},[78],"rss_excerpt",[],[],[],[],[84,85,86,87,88,89],"\u003Cul>\u003Cli>\u003Ch3>\u003Ca href=\"","\" target=\"","\" rel=\"external\">","\u003C\u002Fa>\u003C\u002Fh3>","\u003Cbr\u002F>\u003Cspan class=\"rss_excerpt\">","\u003C\u002Fspan>\u003C\u002Fli>\u003C\u002Ful>"]