[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fV0wrpimZWHjmWhm1b052kSqMdWqKkylLlbdDYsyPrFw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":52,"analysis":148,"fingerprints":229},"search-google","Search by Google","1.9","webvitaly","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebvitaly\u002F","\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002Fsearch-google\u002F\" title=\"Search by Google\" rel=\"nofollow ugc\">Search by Google\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fdonate\u002F\" title=\"Donate\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002F\" title=\"WordPress plugins\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>“Search by Google” plugin adds Google search form widget. It helps user to search on site using Google.\u003C\u002Fp>\n\u003Ch4>Widget options:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>“Title” (title of the widget);\u003C\u002Fli>\n\u003Cli>“Submit button text” (if left blank than “Google search” text will be used);\u003C\u002Fli>\n\u003Cli>“Search on site” (if left blank than Google will search on current site);\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Useful:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpage-list\u002F\" title=\"list of pages with shortcodes\" rel=\"ugc\">“Page-list” – show list of pages with shortcodes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fiframe\u002F\" title=\"embed content\" rel=\"ugc\">“Iframe” – embed content\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002F\" title=\"WordPress Pro plugins\" rel=\"nofollow ugc\">WordPress Pro plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Search by Google widget.",100,29317,96,9,"2020-09-05T15:27:00.000Z","5.5.18","3.0","",[20,21,22,23],"google","search","sidebar","widget","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch-google\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsearch-google.1.9.zip",63,1,"2025-09-05 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-58832","search-by-google-authenticated-administrator-stored-cross-site-scripting","Search by Google \u003C= 1.9 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Search by Google plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.9","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-10 20:39:49",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc1ee67ea-5500-4c06-bfda-5d5bf32db4ef?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},14,128040,81,396,66,"2026-04-04T05:18:36.687Z",[53,75,96,115,132],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":67,"tags":68,"homepage":72,"download_link":73,"security_score":11,"vuln_count":74,"unpatched_count":74,"last_vuln_date":36,"fetched_at":29},"search-console","Search Console","3.1.3","tropicalista","https:\u002F\u002Fprofiles.wordpress.org\u002Ftropicalista\u002F","\u003Cp>This plugin display your Search Console analytics data in the WordPress dashboard and adds the verification code of \u003Cstrong>Google Search Console\u003C\u002Fstrong>, to your site. You can see \u003Cstrong>Clicks\u003C\u002Fstrong>, \u003Cstrong>Posistions\u003C\u002Fstrong>, \u003Cstrong>CTR\u003C\u002Fstrong> and \u003Cstrong>Impressions\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>A nice full-width dashboard is provided out of the box.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fr-BxQ_82sdM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily insert \u003Cstrong>Google Search Console metatag\u003C\u002Fstrong> to verify site ownership\u003C\u002Fli>\n\u003Cli>WordPress widget chart (\u003Cstrong>position|clicks|impressions|CTR\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Filter date (14|30|60 days and custom dates)\u003C\u002Fli>\n\u003Cli>Beautiful full width chart on admin page (\u003Cstrong>position|clicks|impressions|CTR\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Table with all your keywords (\u003Cstrong>position|clicks|impressions|CTR\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Add metabox on pages\u002Fposts to show performance\u003C\u002Fli>\n\u003Cli>Full report with all data\u003C\u002Fli>\n\u003Cli>Filter by page\u003C\u002Fli>\n\u003Cli>Filter by query\u003C\u002Fli>\n\u003Cli>Filter by country\u003C\u002Fli>\n\u003Cli>Filter by device\u003C\u002Fli>\n\u003Cli>Full report with all sitemap\u003C\u002Fli>\n\u003Cli>Full report with all site errors\u003C\u002Fli>\n\u003Cli>Superfast\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>CONTRIBUTE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Search Console is open source and you can \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTropicalista\u002Fsearch-console\" rel=\"nofollow ugc\">contribute here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Search Console uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements.\u003C\u002Fp>\n\u003Cp>Appsero SDK \u003Cstrong>does not gather any data by default.\u003C\u002Fstrong> The SDK only starts gathering basic telemetry data \u003Cstrong>when a user allows it via the admin notice\u003C\u002Fstrong>. We collect the data to ensure a great user experience for all our users.\u003C\u002Fp>\n\u003Cp>Integrating Appsero SDK \u003Cstrong>DOES NOT IMMEDIATELY\u003C\u002Fstrong> start gathering data, \u003Cstrong>without confirmation from users in any case.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>WHAT’S NEXT\u003C\u002Fh3>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fformello\" rel=\"ugc\">Formello\u003C\u002Fa>: a form builder to collect leads, newsletter signup, contact form and more.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpopper\" rel=\"ugc\">Popper\u003C\u002Fa>: a popup builder to increase leads with exit intent.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmortgage\" rel=\"ugc\">Mortgage Calculator\u003C\u002Fa>: a mortgage calculator block for Gutenberg.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpdf-embed\" rel=\"ugc\">Pdf Embed\u003C\u002Fa>: a simple block for Gutenberg to embed a PDF using official Adobe Embed API.\u003C\u002Fli>\n\u003C\u002Ful>\n","View all your Search Console data inside WordPress dashboard.",3000,192485,90,8,"2025-07-16T09:12:00.000Z","6.8.5","5.6",[69,54,70,71],"google-search-console","search-console-metatag","search-console-widget","https:\u002F\u002Fwww.francescopepe.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsearch-console.3.1.3.zip",0,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":66,"requires_at_least":17,"requires_php":18,"tags":88,"homepage":91,"download_link":92,"security_score":93,"vuln_count":94,"unpatched_count":27,"last_vuln_date":95,"fetched_at":29},"ad-widget","Ad Widget for WordPress","2.20.1","Broadstreet","https:\u002F\u002Fprofiles.wordpress.org\u002Fbroadstreetads\u002F","\u003Cp>This is the easiest way to place ads in your WordPress site. Just drag a widget\u003Cbr \u002F>\nto the sidebar, upload, an ad, and save.\u003C\u002Fp>\n\u003Cp>Watch a short video demo: \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FE9CC3ZWOaLU\" rel=\"nofollow ugc\">https:\u002F\u002Fyoutu.be\u002FE9CC3ZWOaLU\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Note: If you have an adblocker installed, it will prevent this widget (and parts of WordPress) from working properly.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Extremely intuitive for beginners\u003C\u002Fli>\n\u003Cli>No clunky ad management interface\u003C\u002Fli>\n\u003Cli>Easily place image banner ads\u003C\u002Fli>\n\u003Cli>Easily place Google ad tags and other ad code\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you like Ad Widget and you’re selling ads, you might like our new \u003Ca href=\"http:\u002F\u002Fbroadstreetads.com\u002Fad-platform\u002Fad-formats\u002F\" rel=\"nofollow ugc\">ad formats for publishers\u003Cbr \u002F>\nand salespeople\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You will not find an easier way to run ads on your website!\u003C\u002Fp>\n\u003Ch3>Demo\u003C\u002Fh3>\n\u003Cp>Watch a short video demo: \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FE9CC3ZWOaLU\" rel=\"nofollow ugc\">https:\u002F\u002Fyoutu.be\u002FE9CC3ZWOaLU\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Cp>The Ad Widget is a very simple plugin. If you are having trouble\u003Cbr \u002F>\nloading ads on your site, please make sure that:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You do not have an ad blocker installed (you would be amazed how often this happens). Disable it and refresh the page a few times to see if the ad appears.\u003C\u002Fli>\n\u003Cli>You don’t have CSS in your theme which is hiding images (rare, but it happens)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have any other trouble, email kenny@broadstreetads.com – try to avoid\u003Cbr \u002F>\nthe WordPress support forums because they’re awful.\u003C\u002Fp>\n","Easily upload ad images and ad code to your sidebar. For those that don't need or want a complicated ad management system.",2000,310623,86,16,"2025-09-25T15:37:00.000Z",[89,20,22,90,23],"ad","tag","https:\u002F\u002Fgithub.com\u002Fbroadstreetads\u002Fwordpress-ad-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fad-widget.2.20.1.zip",73,2,"2024-04-26 00:00:00",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":83,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":67,"tags":110,"homepage":113,"download_link":114,"security_score":11,"vuln_count":74,"unpatched_count":74,"last_vuln_date":36,"fetched_at":29},"search-engine-insights","Search Engine Insights for Google Search Console","2.6.5","Alin Marcu","https:\u002F\u002Fprofiles.wordpress.org\u002Fdeconf\u002F","\u003Ch3>Google Search Console site verification\u003C\u002Fh3>\n\u003Cp>Search Engine Insights adds your website to Google Search Console and helps you verify site ownership:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Detects your default WordPress Site URL and gives you the option to add it to Search Console. \u003C\u002Fli>\n\u003Cli>Automatically insert Google Search Console metatag to verify site ownership.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>View Google Search Console stats on your WordPress dashboard\u003C\u002Fh3>\n\u003Cp>Search Engine Insights will help you understand your site’s search engine traffic and performance, by displaying key stats in a widget, on your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>In addition to a set of general Search Console reports, per Page and Post statistics will allow further segmentation of your search engine data, providing search engine insights for your web pages.\u003C\u002Fp>\n\u003Ch4>Google Search Console stats on your admin dashboard\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Four reports with overview stats about Impressions, Clicks, Position and Click Through Rate \u003C\u002Fli>\n\u003Cli>Location statistics with insights about your search engine performance by country   \u003C\u002Fli>\n\u003Cli>Page stats which will show you how your web pages are performing\u003C\u002Fli>\n\u003Cli>Keywords report useful for your keywords research and strategy on search engines\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>In-depth Google Search Console stats for your web pages\u003C\u002Fh4>\n\u003Cp>Individual reports for each web page on your site with per page details as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Impressions and Clicks stats\u003C\u002Fli>\n\u003Cli>Position and Click Through Rate reports\u003C\u002Fli>\n\u003Cli>Location, Pages, and Keywords statistics\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, you can control who can view specific search console reports by setting permissions based on user roles.\u003C\u002Fp>\n\u003Ch4>Further reading\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclicky-analytics\u002F\" rel=\"ugc\">Clicky Analytics\u003C\u002Fa> – An easy to use and cookie-free analytics service for website tracking.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fanalytics-insights\u002F\" rel=\"ugc\">Analytics Insights\u003C\u002Fa> – Connects Google Analytics with your WordPress site.\u003C\u002Fli>\n\u003C\u002Ful>\n","Verify site ownership on Google Search Console! Analyze the Google Search Console stats, to see your site's performance on Google Search.",83459,80,4,"2026-01-04T10:48:00.000Z","6.9.4","3.5",[69,54,111,71,112],"search-console-dashboard","seo","https:\u002F\u002Fdeconf.com\u002Fsearch-engine-insights\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsearch-engine-insights.2.6.5.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":63,"downloaded":123,"rating":74,"num_ratings":74,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":18,"tags":127,"homepage":129,"download_link":130,"security_score":131,"vuln_count":74,"unpatched_count":74,"last_vuln_date":36,"fetched_at":29},"amikelive-adsense-widget","Amikelive Adsense Widget","0.5","mikaelfs","https:\u002F\u002Fprofiles.wordpress.org\u002Fmikaelfs\u002F","\u003Cp>Amikelive Adsense Widget was originally Google Adsense Sidebar Widget accessible at \u003Ca href=\"http:\u002F\u002Ftech.amikelive.com\" title=\"Amikelive Tech\" rel=\"nofollow ugc\">Amikelive Tech\u003C\u002Fa>\u003Cbr \u002F>\nthat has been rewritten to comply with WordPress 2.8 coding style.\u003C\u002Fp>\n\u003Cp>WordPress users who want to display Google Adsense on the sidebar or widget area of their blogs without much hassle can use this plugin.\u003Cbr \u002F>\nOnly by configuring the plugin through the widget interface, everything is ready to rock and you will just wait for some ad revenue to flow\u003Cbr \u002F>\ninto your wallet.\u003C\u002Fp>\n\u003Cp>This plugin is licensed under GPLv2.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you want to report some malfunction of the plugin or contribute some ideas or features to be included in future releases, you\u003Cbr \u002F>\ncan post it at \u003Ca href=\"http:\u002F\u002Ftech.amikelive.com\u002Fnode-365\u002Fsidebar-adsense-widget-is-now-on-wordpress\u002F\" title=\"Amikelive Adsense Support Thread\" rel=\"nofollow ugc\">Amikelive Adsense Support Thread\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Other questions related to the installations will be better posted at WordPress forum since other users might have the solution for\u003Cbr \u002F>\nyour problem.\u003C\u002Fp>\n","This plugin enables Google adsense display on the sidebar or widget area only by activating and configuring the widget.",24684,"2010-07-05T14:53:00.000Z","3.0.5","2.8.0",[128,20,22,23],"adsense","http:\u002F\u002Ftech.amikelive.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Famikelive-adsense-widget.zip",85,{"slug":133,"name":134,"version":135,"author":18,"author_profile":136,"description":137,"short_description":138,"active_installs":139,"downloaded":140,"rating":74,"num_ratings":74,"last_updated":141,"tested_up_to":142,"requires_at_least":143,"requires_php":18,"tags":144,"homepage":146,"download_link":147,"security_score":131,"vuln_count":74,"unpatched_count":74,"last_vuln_date":36,"fetched_at":29},"live-search-popup","Live Search Popup","1.4.7","https:\u002F\u002Fprofiles.wordpress.org\u002Fschimmi\u002F","\u003Cp>This plugin adds Spotlight ™ like live search with an ajax popup to\u003Cbr \u002F>\nthe default search box. See the screenshot.\u003C\u002Fp>\n\u003Cp>It can be used as a widget or directly as a PHP call in the theme.\u003C\u002Fp>\n\u003Cp>The Live Search Plugin is heavily based on John Nunemaker’s\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.wp-plugins-db.org\u002Fplugin\u002Faddicted-to-live-search\u002F\" rel=\"nofollow ugc\">Addicted To Live Search\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Changelog\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>1.4.7 Fix by Tony for “With mouseover on result in IE, there is no background image or color”.\u003C\u002Fli>\n\u003Cli>1.4.6 Added livesearchpopup_resultsbox(width) to put the popup below a search box of your choice, e.g. from a theme.\u003C\u002Fli>\n\u003Cli>1.4.5 Do not initialize if no livesearchpopup_results is found. In contrast to the original live search this plugin does not make sense without the popup anyway. This fixes a JavaScript bug in IE7.\u003C\u002Fli>\n\u003Cli>1.4.4 Use wpurl instead of siteurl to allow installations of WordPress at different addresses (thanks to Draco)\u003C\u002Fli>\n\u003Cli>1.4.3 Use \u003C?php instead of \u003C? in live-search-popup.php\u003C\u002Fli>\n\u003Cli>1.4.2 Force update script to update the plugin.\u003C\u002Fli>\n\u003Cli>1.4.1 Switched to the_post instead of the deprecated wp_start().\u003C\u002Fli>\n\u003Cli>1.4 Finally permalinks work together with this plugin. In addition a “Show all” links was added at the bottom for the case that there are more posts than shown in the popup (thanks to Marco Luthe).\u003C\u002Fli>\n\u003Cli>1.3.4 Moved the placeholder and autocomplete attributes of the search box to JavaScript as they are not XHTML valid (thanks to Marco Luthe)\u003C\u002Fli>\n\u003Cli>1.3.3 Added some print commands in front of get_bloginfos (thanks to upekshapriya who noticed that)\u003C\u002Fli>\n\u003Cli>1.3.2 Force update script to update the plugin.\u003C\u002Fli>\n\u003Cli>1.3.1 Relative paths in css to allow installation which are not at the domain root.\u003C\u002Fli>\n\u003Cli>1.3 Fixed behaviour for change and blur events of the search box. This fixes the “click-through” bug.\u003C\u002Fli>\n\u003Cli>1.2.1 Updated to reflect that it works with 2.3 as well.\u003C\u002Fli>\n\u003Cli>1.2 Bugfixes\u003C\u002Fli>\n\u003Cli>1.1 Bugfixes\u003C\u002Fli>\n\u003Cli>1.0 First release\u003C\u002Fli>\n\u003C\u002Ful>\n","Spotlight (tm) like live search with an ajax popup",40,28002,"2008-04-11T07:35:00.000Z","2.5","2.0.2",[145,21,22,23],"ajax","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flive-search-popup","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flive-search-popup.1.4.7.zip",{"attackSurface":149,"codeSignals":174,"taintFlows":212,"riskAssessment":213,"analyzedAt":228},{"hooks":150,"ajaxHandlers":170,"restRoutes":171,"shortcodes":172,"cronEvents":173,"entryPointCount":74,"unprotectedCount":74},[151,157,161,164],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","widgets_init","anonymous","search-google.php",84,{"type":152,"name":158,"callback":159,"file":155,"line":160},"wp_enqueue_scripts","search_google_unqprfx_enqueue_scripts",94,{"type":152,"name":162,"callback":163,"file":155,"line":11},"plugins_loaded","search_google_unqprfx_load_textdomain",{"type":165,"name":166,"callback":167,"priority":168,"file":155,"line":169},"filter","plugin_row_meta","search_google_unqprfx_plugin_meta",10,110,[],[],[],[],{"dangerousFunctions":175,"sqlUsage":179,"outputEscaping":181,"fileOperations":74,"externalRequests":74,"nonceChecks":74,"capabilityChecks":74,"bundledLibraries":211},[176],{"fn":177,"file":155,"line":156,"context":178},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"WP_Widget_Search_Google\");')",{"prepared":74,"raw":74,"locations":180},[],{"escaped":182,"rawEcho":183,"locations":184},6,15,[185,188,190,191,193,195,197,199,201,202,204,206,207,209,210],{"file":155,"line":186,"context":187},31,"raw output",{"file":155,"line":189,"context":187},33,{"file":155,"line":139,"context":187},{"file":155,"line":192,"context":187},41,{"file":155,"line":194,"context":187},42,{"file":155,"line":196,"context":187},45,{"file":155,"line":198,"context":187},57,{"file":155,"line":200,"context":187},58,{"file":155,"line":200,"context":187},{"file":155,"line":203,"context":187},61,{"file":155,"line":205,"context":187},62,{"file":155,"line":205,"context":187},{"file":155,"line":208,"context":187},65,{"file":155,"line":50,"context":187},{"file":155,"line":50,"context":187},[],[],{"summary":214,"deductions":215},"The \"search-google\" plugin v1.9 exhibits a mixed security posture.  While it has no identified entry points in the static analysis (AJAX, REST API, shortcodes, cron), indicating a small attack surface, several code signals raise concerns. The presence of the dangerous `create_function` is a significant red flag, as it can lead to code injection vulnerabilities if user input is not meticulously sanitized before being passed to it.  Furthermore, only 29% of output is properly escaped, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities where untrusted data could be rendered in the browser without adequate sanitization.\n\nThe plugin's vulnerability history shows one known medium severity CVE related to XSS, which is currently unpatched. This unpatched vulnerability, combined with the static analysis findings pointing to potential XSS issues (low output escaping), strongly suggests that the plugin is susceptible to XSS attacks. The lack of nonce checks and capability checks, while not directly penalized due to the absence of unprotected entry points, are generally considered good security practices that are missing here.  Overall, the absence of immediate critical threats in taint analysis is positive, but the presence of the dangerous function and poor output escaping, alongside an unpatched XSS vulnerability, creates a substantial risk.\n\nIn conclusion, while the plugin's limited attack surface is a strength, the code quality issues, particularly the use of `create_function` and inadequate output escaping, coupled with an unpatched XSS vulnerability, significantly lower its security. Users should exercise caution and prioritize updating or replacing this plugin. The identified risks are not theoretical but are supported by both static analysis and historical vulnerability data.",[216,218,220,223,226],{"reason":217,"points":183},"Unpatched CVE (medium severity)",{"reason":219,"points":168},"Dangerous function: create_function",{"reason":221,"points":222},"Low output escaping (29%)",7,{"reason":224,"points":225},"Missing nonce checks",5,{"reason":227,"points":225},"Missing capability checks","2026-03-16T20:32:18.393Z",{"wat":230,"direct":239},{"assetPaths":231,"generatorPatterns":234,"scriptPaths":235,"versionParams":236},[232,233],"\u002Fwp-content\u002Fplugins\u002Fsearch-google\u002Fcss\u002Fsearch-google.css","\u002Fwp-content\u002Fplugins\u002Fsearch-google\u002Fjs\u002Fsearch-google.js",[],[233],[237,238],"search-google\u002Fcss\u002Fsearch-google.css?ver=","search-google\u002Fjs\u002Fsearch-google.js?ver=",{"cssClasses":240,"htmlComments":246,"htmlAttributes":248,"restEndpoints":250,"jsGlobals":251,"shortcodeOutput":252},[241,242,243,244,245],"widget_search_google","search_google_form","pseudoq","pseudosite","searchgoogle",[247],"\u003C!-- Search by Google plugin v.",[243,244,245,249],"btnG",[],[],[]]