[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdMQI56TAIZlr8eTiYsrOw12aA43FCI3MVOfiKYaC1KE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":140,"fingerprints":238},"shortcodes-analyzer","Shortcodes Analyzer","1.0.1","wpspin","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpspin\u002F","\u003Cp>🔍 \u003Cstrong>Shortcodes Analyzer\u003C\u002Fstrong> is a lightweight WordPress admin tool that scans your entire website and shows you exactly where each shortcode is being used — across posts, pages, and custom post types.\u003C\u002Fp>\n\u003Cp>Whether you are cleaning up unused plugins, migrating content, troubleshooting broken shortcodes, or auditing your site before a redesign, this plugin gives you the complete picture in seconds with a single click.\u003C\u002Fp>\n\u003Cp>No settings to configure. No database entries. Just install, activate, and scan.\u003C\u002Fp>\n\u003Ch4>✨ Key Features\u003C\u002Fh4>\n\u003Cp>✅ \u003Cstrong>One-Click Full Site Scan\u003C\u002Fstrong> — Analyze every registered shortcode across your entire website instantly\u003Cbr \u002F>\n✅ \u003Cstrong>Post, Page & CPT Support\u003C\u002Fstrong> — Detects shortcode usage in posts, pages, and all custom post types\u003Cbr \u002F>\n✅ \u003Cstrong>Plugin Detection\u003C\u002Fstrong> — Shows which plugin provides each shortcode so you know the source\u003Cbr \u002F>\n✅ \u003Cstrong>Direct Edit & View Links\u003C\u002Fstrong> — Jump straight to any post or page using a shortcode\u003Cbr \u002F>\n✅ \u003Cstrong>All Shortcodes List\u003C\u002Fstrong> — View every registered shortcode and its callback function at a glance\u003Cbr \u002F>\n✅ \u003Cstrong>Real-Time Progress\u003C\u002Fstrong> — Watch results appear live as each shortcode is scanned\u003Cbr \u002F>\n✅ \u003Cstrong>Zero Configuration\u003C\u002Fstrong> — Works out of the box with no settings to configure\u003Cbr \u002F>\n✅ \u003Cstrong>Lightweight & Fast\u003C\u002Fstrong> — No frontend scripts, no database bloat, admin-only functionality\u003Cbr \u002F>\n✅ \u003Cstrong>Secure\u003C\u002Fstrong> — Nonce verification, prepared SQL queries, and proper output escaping throughout\u003C\u002Fp>\n\u003Ch4>📋 10+ Use Cases\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>🧹 Plugin Cleanup\u003C\u002Fstrong> — Find out if a plugin’s shortcodes are actually used before deactivating or deleting it\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔧 Troubleshoot Broken Shortcodes\u003C\u002Fstrong> — Quickly locate posts displaying raw shortcode text like \u003Ccode>[shortcode_name]\u003C\u002Fcode> instead of rendered content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📦 Site Migration Prep\u003C\u002Fstrong> — Audit all shortcode dependencies before migrating to a new host or theme\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🎨 Theme Switching\u003C\u002Fstrong> — Check which shortcodes will break when switching themes (theme-registered shortcodes)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📊 Content Audit\u003C\u002Fstrong> — Get a full inventory of shortcode usage as part of a site content review\u003C\u002Fli>\n\u003Cli>\u003Cstrong>⚡ Performance Optimization\u003C\u002Fstrong> — Identify and remove plugins whose shortcodes are no longer in use to speed up your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔄 Plugin Replacement\u003C\u002Fstrong> — When switching from one plugin to another (e.g., changing page builders), find all posts that need updating\u003C\u002Fli>\n\u003Cli>\u003Cstrong>👥 Client Handoff\u003C\u002Fstrong> — Generate a shortcode usage report before handing a site to a client or new developer\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🛡️ Security Review\u003C\u002Fstrong> — Identify shortcodes from outdated or abandoned plugins that may pose security risks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📝 Documentation\u003C\u002Fstrong> — Know exactly which plugins power which content areas when documenting a site’s functionality\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🧪 Staging & Testing\u003C\u002Fstrong> — Verify shortcode usage matches between staging and production environments\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🗑️ Post-Redesign Cleanup\u003C\u002Fstrong> — After a site redesign, find leftover shortcodes from old plugins that are no longer needed\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>🛠️ How to Use\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Step 1: Open the Analyzer\u003C\u002Fstrong>\u003Cbr \u002F>\nNavigate to \u003Cstrong>Settings > Shortcodes Analyzer\u003C\u002Fstrong> in your WordPress admin dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 2: Start Scanning\u003C\u002Fstrong>\u003Cbr \u002F>\nClick the \u003Cstrong>“Start Analyzing”\u003C\u002Fstrong> button. The plugin will begin scanning all registered shortcodes across your website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 3: Review Results\u003C\u002Fstrong>\u003Cbr \u002F>\nAs each shortcode is processed, results appear in a table showing:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Plugin\u003C\u002Fstrong> — Which plugin provides the shortcode\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode\u003C\u002Fstrong> — The shortcode name\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Type\u003C\u002Fstrong> — Whether it is used in a post, page, or custom post type\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Title\u003C\u002Fstrong> — The title of the content using the shortcode\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Actions\u003C\u002Fstrong> — Quick links to View or Edit the post\u002Fpage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Step 4: Browse All Shortcodes\u003C\u002Fstrong>\u003Cbr \u002F>\nSwitch to the \u003Cstrong>“All Available Shortcodes”\u003C\u002Fstrong> tab to see every shortcode registered on your site along with its callback function.\u003C\u002Fp>\n\u003Ch4>⚙️ Settings\u003C\u002Fh4>\n\u003Cp>This plugin requires \u003Cstrong>no configuration\u003C\u002Fstrong>. It works immediately after activation:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Location:\u003C\u002Fstrong> Settings > Shortcodes Analyzer\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Access:\u003C\u002Fstrong> Administrator role required (manage_options capability)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database:\u003C\u002Fstrong> No options or tables are created — the plugin is a pure scanning tool\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frontend:\u003C\u002Fstrong> No scripts or styles are loaded on the frontend — admin only\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🤝 Works Great With These Popular Plugins\u003C\u002Fh4>\n\u003Cp>Shortcodes Analyzer works with \u003Cstrong>any plugin or theme that registers shortcodes\u003C\u002Fstrong>. Here are some popular plugins it pairs well with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WPBakery Page Builder\u003C\u002Fstrong> — Find all pages built with WPBakery shortcodes before migrating to another builder\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor\u003C\u002Fstrong> — Detect legacy shortcode-based widgets when transitioning between builders\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contact Form 7\u003C\u002Fstrong> — Locate every page where your contact forms are embedded\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gravity Forms\u003C\u002Fstrong> — Track which posts and pages use your Gravity Forms shortcodes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong> — Find WooCommerce shortcodes like \u003Ccode>[products]\u003C\u002Fcode>, \u003Ccode>[cart]\u003C\u002Fcode>, and \u003Ccode>[checkout]\u003C\u002Fcode> across your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>TablePress\u003C\u002Fstrong> — Identify all posts displaying TablePress tables\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Custom Fields (ACF)\u003C\u002Fstrong> — Detect ACF shortcode usage across content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcodes Ultimate\u003C\u002Fstrong> — Audit usage of the many shortcodes this plugin registers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Digital Downloads\u003C\u002Fstrong> — Track where EDD purchase buttons and download shortcodes appear\u003C\u002Fli>\n\u003Cli>\u003Cstrong>bbPress \u002F BuddyPress\u003C\u002Fstrong> — Locate forum and community shortcodes embedded in pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔗 Need a Custom Plugin or Feature?\u003C\u002Fh4>\n\u003Cp>Looking for custom WordPress development? Get in touch with us at \u003Ca href=\"https:\u002F\u002Fwpspins.com\u002F\" rel=\"nofollow ugc\">WPspin LLC\u003C\u002Fa> for custom plugin development and feature requests.\u003C\u002Fp>\n","Scan your entire WordPress site in one click to find exactly where every shortcode is used across posts, pages, and custom post types.",10,581,0,"2026-02-12T21:45:00.000Z","6.9.4","4.0.0","",[19,20,21,22,23],"cleanup","shortcode","shortcode-detector","shortcode-finder","unused-plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcodes-analyzer.1.0.1.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},6,1290,22,94,"2026-04-04T05:02:18.225Z",[36,57,74,92,116],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"shortcode-search","Shortcode Search | WordPress Search Bar Shortcode Plugin","1.1","Kulwant Agarwal","https:\u002F\u002Fprofiles.wordpress.org\u002Fkulwantagarwal\u002F","\u003Cp>Shortcode Search is a simple plugin that lets users add a search bar anywhere on their WordPress website using the shortcode [search].\u003C\u002Fp>\n\u003Cp>With this plugin, you can easily insert a search form with customizable placeholder text and button label. The plugin automatically renders a user-friendly search form where users can type in their search queries.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>To display the search form, simply use the \u003Ccode>[search]\u003C\u002Fcode> shortcode. You can also customize the placeholder text and button label by passing attributes.\u003C\u002Fp>\n\u003Cp>Example:\u003Cbr \u002F>\n    `[search placeholder=”Search for something…” button_text=”Go”]“`\u003C\u002Fp>\n\u003Cp>This will display the search form with “Search for something…” as the placeholder text and “Go” as the button text.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Developed by kulwantagarwal.\u003C\u002Fli>\n\u003Cli>WordPress core for plugin framework.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL-2.0+ license.\u003C\u002Fp>\n","Shortcode Search is a simple plugin that lets users add a search bar anywhere on their WordPress website using the shortcode [search].",50,662,"2025-02-13T13:53:00.000Z","6.7.5","5.0",[50,22,51,52,53],"search-shortcode","shortcode-search-wordpress","wordpress-search-bar","wp-search-shortcode","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortcode-search\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcode-search.1.1.zip",92,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":67,"tested_up_to":47,"requires_at_least":17,"requires_php":17,"tags":68,"homepage":72,"download_link":73,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"cf7-shortcode-finder","CF7 Shortcode Finder","1.0.0","HK","https:\u002F\u002Fprofiles.wordpress.org\u002Fhk1993\u002F","\u003Cp>This plugin is compatible with Contact form 7 and it will help you to locate which form is placed on which page. This will be helpful in tracking down when your site has multiple forms. Just install our plugin and see the charm 🙂\u003C\u002Fp>\n\u003Cp>Our field builder allows you to quickly and easily add fields to WP edit screens with only the click of a few buttons!\u003C\u002Fp>\n\u003Cp>Fields can be added all over WP including posts, users, taxonomy terms, media, comments and even custom options pages!\u003C\u002Fp>\n\u003Cp>Load and display your custom field values in any theme template file with our hassle free developer friendly functions!\u003C\u002Fp>\n","This plugin is compatible with Contact form 7 and it will help you to locate which form is placed on which page. This will be helpful in tracking down …",40,1761,"2024-11-29T07:03:00.000Z",[69,70,71,58,22],"cf7","cf7-finder","cf7-shortcode","https:\u002F\u002Fcontactform7.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-shortcode-finder.zip",{"slug":75,"name":76,"version":60,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":13,"downloaded":81,"rating":25,"num_ratings":82,"last_updated":83,"tested_up_to":15,"requires_at_least":48,"requires_php":84,"tags":85,"homepage":90,"download_link":91,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"remove-empty-shortcodes","Remove Empty Shortcodes","Tom McFarlin","https:\u002F\u002Fprofiles.wordpress.org\u002Ftommcfarlin\u002F","\u003Cp>Remove Empty Shortcodes helps maintain clean content by removing shortcodes that no longer work or generate output. This commonly happens when:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You’ve deactivated a plugin that provided shortcodes\u003C\u002Fli>\n\u003Cli>You’re trying different plugins and some left behind inactive shortcodes\u003C\u002Fli>\n\u003Cli>You have shortcodes from plugins that weren’t properly uninstalled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically removes inactive shortcodes from displayed content\u003C\u002Fli>\n\u003Cli>Preserves your original content in the database\u003C\u002Fli>\n\u003Cli>Works with all public post types\u003C\u002Fli>\n\u003Cli>Handles both self-closing and wrapped shortcodes\u003C\u002Fli>\n\u003Cli>Admin scanner to find and review unregistered shortcodes\u003C\u002Fli>\n\u003Cli>On-demand scanning with cached results\u003C\u002Fli>\n\u003Cli>Ignore specific shortcodes you want to keep\u003C\u002Fli>\n\u003Cli>Zero configuration required for automatic removal\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>The plugin checks your content for shortcodes when pages are displayed. If it finds shortcodes that:\u003Cbr \u002F>\n* Don’t produce any output\u003Cbr \u002F>\n* Aren’t registered with WordPress\u003Cbr \u002F>\n* Are empty or inactive\u003C\u002Fp>\n\u003Cp>It removes them from the displayed content while keeping your original content intact in the database.\u003C\u002Fp>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Clean up content after removing plugins that used shortcodes\u003C\u002Fli>\n\u003Cli>Remove inactive shortcodes without editing posts manually\u003C\u002Fli>\n\u003Cli>Maintain clean content for readers and search engines\u003C\u002Fli>\n\u003Cli>Preserve original content in case you reinstall removed plugins\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically removes empty or inactive shortcodes from your content while preserving your original database entries.",646,1,"2026-02-06T15:46:00.000Z","7.4",[19,86,87,88,89],"content","content-management","maintenance","shortcodes","https:\u002F\u002Fgithub.com\u002Ftommcfarlin\u002Fremove-empty-shortcodes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-empty-shortcodes.1.0.0.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":102,"num_ratings":103,"last_updated":104,"tested_up_to":15,"requires_at_least":48,"requires_php":105,"tags":106,"homepage":111,"download_link":112,"security_score":113,"vuln_count":114,"unpatched_count":13,"last_vuln_date":115,"fetched_at":27},"shortcodes-ultimate","WP Shortcodes Plugin — Shortcodes Ultimate","7.4.9","Vova","https:\u002F\u002Fprofiles.wordpress.org\u002Fgn_themes\u002F","\u003Ch3>SHORTCODES ULIMATE – THE #1 SHORTCODES PLUGIN\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=description\" rel=\"nofollow ugc\">Shortcodes Ultimate\u003C\u002Fa> is a huge collection of useful elements, that you can use in the post editor, text widgets or even in template files.\u003C\u002Fp>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F507942335\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fdocs-category\u002Fshortcodes\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=features\" rel=\"nofollow ugc\">Over 50 gorgeous shortcodes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Insert shortcodes in 1 click with Live Preview\u003C\u002Fli>\n\u003Cli>Supports the Block Editor\u003C\u002Fli>\n\u003Cli>Seamlessly integrates with your theme\u003C\u002Fli>\n\u003Cli>Looks great on mobile devices\u003C\u002Fli>\n\u003Cli>Custom CSS editor is included\u003C\u002Fli>\n\u003Cli>Developer-friendly with plenty of hooks and extensive documentation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Included shortcodes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Posts\u003C\u002Fstrong> – allows you to show specific posts anywhere\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accordion\u003C\u002Fstrong> – simple toggle block to show\u002Fhide your content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Button\u003C\u002Fstrong> – highly-customizable button with multiple styles\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightbox\u003C\u002Fstrong> – a lightbox that you can use with virtually any element\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Carousel\u003C\u002Fstrong> – beautiful super-customizable image carousel\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Columns\u003C\u002Fstrong> – must-have tool for creating layouts\u003C\u002Fli>\n\u003Cli>And many more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get Help\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fdocs\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=links-docs\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fshortcodes-ultimate\" rel=\"ugc\">Community Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fsupport\u002Fopen-support-ticket\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=links-support\" rel=\"nofollow ugc\">The Pro Support\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TRY THE PRO VERSION FOR FREE\u003C\u002Fh3>\n\u003Cp>Try Shortcodes Ultimate Pro risk-free for 30 days. You are fully protected by our no questions asked refund policy!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fpricing\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=try-pro\" rel=\"nofollow ugc\">Upgrade to Pro\u003C\u002Fa>\u003C\u002Fp>\n","A comprehensive collection of visual components for your site",400000,24545518,98,5917,"2026-02-02T16:19:00.000Z","5.4",[107,108,109,20,110],"carousel","columns","posts","toggle","https:\u002F\u002Fgetshortcodes.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcodes-ultimate.7.4.9.zip",88,32,"2025-11-23 10:11:05",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":32,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":17,"tags":130,"homepage":135,"download_link":136,"security_score":137,"vuln_count":138,"unpatched_count":13,"last_vuln_date":139,"fetched_at":27},"mw-wp-form","MW WP Form","5.1.0","Takashi Kitajima","https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\u002F","\u003Cp>\u003Cstrong>This plugin currently has only the minimum required maintenance releases.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Main maintainer has been handed over from @inc2734 to @websoudan.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MW WP Form can create mail form with a confirmation screen using shortcode.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Form created using shortcodes\u003C\u002Fli>\n\u003Cli>Using confirmation page is possible.\u003C\u002Fli>\n\u003Cli>The page changes by the same URL or individual URL are possible.\u003C\u002Fli>\n\u003Cli>Many validation rules\u003C\u002Fli>\n\u003Cli>Saving inquiry data is possible.\u003C\u002Fli>\n\u003Cli>Displaying Chart using saved inquiry data is possible.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Official\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fmw-wp-form.web-soudan.co.jp\u003C\u002Fp>\n\u003Ch4>GitHub\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fweb-soudan\u002Fmw-wp-form\u003C\u002Fp>\n\u003Ch4>The following third-party resources\u003C\u002Fh4>\n\u003Cp>Google Charts\u003Cbr \u002F>\nSource: https:\u002F\u002Fdevelopers.google.com\u002Fchart\u002F\u003C\u002Fp>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F2inc.org\" rel=\"nofollow ugc\">Takashi Kitajima\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\" rel=\"nofollow ugc\">inc2734\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwebcre-archive.com\" rel=\"nofollow ugc\">Ryujiro Yamamoto\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fryu263\" rel=\"nofollow ugc\">ryu263\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fkee-non.com\" rel=\"nofollow ugc\">Tsujimoto Tomoyuki\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ftomothumb\" rel=\"nofollow ugc\">tomothumb\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>[Naoyuki Ohata] ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnanniku\" rel=\"nofollow ugc\">nanniku\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmt8.biz\u002F\" rel=\"nofollow ugc\">Kazuto Takeshita\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmt8biz\u002F\" rel=\"nofollow ugc\">moto hachi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.next-season.net\u002F\" rel=\"nofollow ugc\">Atsushi Ando\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnext-season\u002F\" rel=\"nofollow ugc\">NExt-Season\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvisualive.jp\u002F\" rel=\"nofollow ugc\">Kazuki Tomiyasu\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fkuck1u\u002F\" rel=\"nofollow ugc\">KUCKLU\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmypacecreator.net\u002F\" rel=\"nofollow ugc\">Kei Nomura\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmypacecreator\u002F\" rel=\"nofollow ugc\">mypacecreator\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmh35\" rel=\"nofollow ugc\">mh35\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnojimage\" rel=\"nofollow ugc\">Takashi Nojima\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fherikutu\" rel=\"nofollow ugc\">herikutu\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftsucharoku\" rel=\"nofollow ugc\">tsucharoku\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ft-hamano\" rel=\"nofollow ugc\">Tetsuaki Hamano\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwildworks\u002F\" rel=\"nofollow ugc\">t-hamano\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmusus\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmusus\u002F\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flikr\" rel=\"nofollow ugc\">Yosuke Onoue\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Flikr\u002F\" rel=\"nofollow ugc\">likr\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fyudai524\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fyudai524\u002F\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnoldorinfo\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnoldorinfo\u002F\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> )\u003C\u002Fli>\n\u003C\u002Ful>\n","MW WP Form is shortcode base contact form plugin. This plugin have many features. For example you can use many validation rules, inquiry data saving,  …",200000,1771027,86,"2024-03-13T02:48:00.000Z","6.4.8","6.0",[131,132,133,134,20],"confirm","form","mail","preview","https:\u002F\u002Fmw-wp-form.web-soudan.co.jp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmw-wp-form.5.1.0.zip",81,5,"2024-01-31 00:00:00",{"attackSurface":141,"codeSignals":166,"taintFlows":194,"riskAssessment":229,"analyzedAt":237},{"hooks":142,"ajaxHandlers":153,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":165,"unprotectedCount":13},[143,149],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","admin_menu","wpxsa_admin_menu_page","classes\\class-wpxsa-admin.php",34,{"type":144,"name":150,"callback":151,"file":147,"line":152},"admin_enqueue_scripts","wpxsa_admin_enqueue_scripts",35,[154,160],{"action":155,"nopriv":156,"callback":155,"hasNonce":157,"hasCapCheck":156,"file":158,"line":159},"wpxsa_shortcodes_list",false,true,"classes\\class-wpxsa-admin-ajax.php",47,{"action":155,"nopriv":157,"callback":155,"hasNonce":157,"hasCapCheck":156,"file":158,"line":161},48,[],[],[],2,{"dangerousFunctions":167,"sqlUsage":168,"outputEscaping":170,"fileOperations":13,"externalRequests":13,"nonceChecks":165,"capabilityChecks":13,"bundledLibraries":193},[],{"prepared":165,"raw":13,"locations":169},[],{"escaped":65,"rawEcho":171,"locations":172},9,[173,177,179,181,183,185,187,189,191],{"file":174,"line":175,"context":176},"templates\\admin\\analyze.php",8,"raw output",{"file":178,"line":171,"context":176},"templates\\admin\\main.php",{"file":178,"line":180,"context":176},18,{"file":178,"line":182,"context":176},19,{"file":178,"line":184,"context":176},20,{"file":178,"line":186,"context":176},38,{"file":178,"line":188,"context":176},39,{"file":190,"line":114,"context":176},"templates\\admin\\plugins.php",{"file":190,"line":192,"context":176},49,[],[195,219],{"entryPoint":196,"graph":197,"unsanitizedCount":82,"severity":218},"wpxsa_shortcodes_list (classes\\class-wpxsa-admin-ajax.php:56)",{"nodes":198,"edges":215},[199,204,208],{"id":200,"type":201,"label":202,"file":158,"line":203},"n0","source","$_POST",64,{"id":205,"type":206,"label":207,"file":158,"line":203},"n1","transform","→ wpxsa_get_post_by_shortcode()",{"id":209,"type":210,"label":211,"file":212,"line":213,"wp_function":214},"n2","sink","get_results() [SQLi]","inc\\admin-utilities.php",36,"get_results",[216,217],{"from":200,"to":205,"sanitized":156},{"from":205,"to":209,"sanitized":156},"high",{"entryPoint":220,"graph":221,"unsanitizedCount":82,"severity":218},"\u003Cclass-wpxsa-admin-ajax> (classes\\class-wpxsa-admin-ajax.php:0)",{"nodes":222,"edges":226},[223,224,225],{"id":200,"type":201,"label":202,"file":158,"line":203},{"id":205,"type":206,"label":207,"file":158,"line":203},{"id":209,"type":210,"label":211,"file":212,"line":213,"wp_function":214},[227,228],{"from":200,"to":205,"sanitized":156},{"from":205,"to":209,"sanitized":156},{"summary":230,"deductions":231},"The 'shortcodes-analyzer' plugin v1.0.1 exhibits a generally strong security posture based on the provided static analysis. It demonstrates good practices by utilizing prepared statements for all SQL queries and performing nonce checks on its AJAX endpoints. Furthermore, the absence of known CVEs and a clean vulnerability history suggest a well-maintained and secure codebase.\n\nHowever, there are areas of concern. The taint analysis reveals two flows with unsanitized paths, flagged as high severity. While the total attack surface is small, and all entry points have some form of protection, these unsanitized paths represent a potential risk if user-supplied data is involved in file operations or sensitive logic without proper sanitization. The static analysis also indicates that 18% of outputs are not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if sensitive data is displayed without adequate sanitization.\n\nIn conclusion, while the plugin has a solid foundation with secure database interactions and input validation for its AJAX handlers, the identified high-severity taint flows and the proportion of unescaped outputs warrant attention. Addressing these specific issues will further solidify the plugin's security and mitigate potential risks.",[232,235],{"reason":233,"points":234},"High severity taint flows with unsanitized paths",12,{"reason":236,"points":30},"Significant percentage of unescaped outputs","2026-03-16T23:55:56.257Z",{"wat":239,"direct":248},{"assetPaths":240,"generatorPatterns":243,"scriptPaths":244,"versionParams":245},[241,242],"\u002Fwp-content\u002Fplugins\u002Fshortcodes-analyzer\u002Fassets\u002Fcss\u002Fstyles.css","\u002Fwp-content\u002Fplugins\u002Fshortcodes-analyzer\u002Fassets\u002Fjs\u002Fscripts.js",[],[242],[246,247],"shortcodes-analyzer\u002Fassets\u002Fcss\u002Fstyles.css?ver=","shortcodes-analyzer\u002Fassets\u002Fjs\u002Fscripts.js?ver=",{"cssClasses":249,"htmlComments":250,"htmlAttributes":251,"restEndpoints":252,"jsGlobals":253,"shortcodeOutput":255},[],[],[],[],[254],"admin_ajax",[]]