[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJkDUsZE4ZYGICuSC9FDMOuHKgN-h1raTf9TFZ_-0AEk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":398,"crawl_stats":38,"alternatives":405,"analysis":504,"fingerprints":905},"shortcodes-ultimate","WP Shortcodes Plugin — Shortcodes Ultimate","7.4.9","Vova","https:\u002F\u002Fprofiles.wordpress.org\u002Fgn_themes\u002F","\u003Ch3>SHORTCODES ULIMATE – THE #1 SHORTCODES PLUGIN\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=description\" rel=\"nofollow ugc\">Shortcodes Ultimate\u003C\u002Fa> is a huge collection of useful elements, that you can use in the post editor, text widgets or even in template files.\u003C\u002Fp>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F507942335\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fdocs-category\u002Fshortcodes\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=features\" rel=\"nofollow ugc\">Over 50 gorgeous shortcodes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Insert shortcodes in 1 click with Live Preview\u003C\u002Fli>\n\u003Cli>Supports the Block Editor\u003C\u002Fli>\n\u003Cli>Seamlessly integrates with your theme\u003C\u002Fli>\n\u003Cli>Looks great on mobile devices\u003C\u002Fli>\n\u003Cli>Custom CSS editor is included\u003C\u002Fli>\n\u003Cli>Developer-friendly with plenty of hooks and extensive documentation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Included shortcodes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Posts\u003C\u002Fstrong> – allows you to show specific posts anywhere\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accordion\u003C\u002Fstrong> – simple toggle block to show\u002Fhide your content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Button\u003C\u002Fstrong> – highly-customizable button with multiple styles\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightbox\u003C\u002Fstrong> – a lightbox that you can use with virtually any element\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Carousel\u003C\u002Fstrong> – beautiful super-customizable image carousel\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Columns\u003C\u002Fstrong> – must-have tool for creating layouts\u003C\u002Fli>\n\u003Cli>And many more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get Help\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fdocs\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=links-docs\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fshortcodes-ultimate\" rel=\"ugc\">Community Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fsupport\u002Fopen-support-ticket\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=links-support\" rel=\"nofollow ugc\">The Pro Support\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TRY THE PRO VERSION FOR FREE\u003C\u002Fh3>\n\u003Cp>Try Shortcodes Ultimate Pro risk-free for 30 days. You are fully protected by our no questions asked refund policy!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetshortcodes.com\u002Fpricing\u002F?utm_campaign=wporg&utm_medium=readme&utm_source=try-pro\" rel=\"nofollow ugc\">Upgrade to Pro\u003C\u002Fa>\u003C\u002Fp>\n","A comprehensive collection of visual components for your site",400000,24545518,98,5917,"2026-02-02T16:19:00.000Z","6.9.4","5.0","5.4",[20,21,22,23,24],"carousel","columns","posts","shortcode","toggle","https:\u002F\u002Fgetshortcodes.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcodes-ultimate.7.4.9.zip",88,32,0,"2025-11-23 10:11:05","2026-03-15T15:16:48.613Z",[33,49,62,71,84,95,107,118,131,143,154,166,178,190,202,214,225,237,249,264,272,287,294,306,313,320,331,341,349,360,373,387],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-12800","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-administrator-server-side-request-forgery","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.4.5 - Authenticated (Administrator+) Server-Side Request Forgery","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.4.5 via the su_shortcode_csv_table function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. If the 'Unsafe features' option is explicitly enabled by an administrator, this issue becomes exploitable by Contributor+ attackers",null,"\u003C=7.4.5","7.4.6","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Server-Side Request Forgery (SSRF)","2025-11-23 22:26:39",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5cbb7db4-bef7-4799-9b65-ebe77976e21c?source=api-prod",1,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"CVE-2025-8015","shortcodes-ultimate-authenticated-author-stored-cross-site-scripting-via-image-title-and-slide-link","Shortcodes Ultimate \u003C= 7.4.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title and Slide Link","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded image's 'Title' and 'Slide link' fields in all versions up to, and including, 7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.4.2","7.4.3","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-07-21 00:00:00","2025-08-15 19:04:46",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdeba0a29-7fe5-4f94-bee6-9d01e023215e?source=api-prod",26,{"id":63,"url_slug":64,"title":65,"description":66,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":67,"updated_date":68,"references":69,"days_to_patch":48},"CVE-2025-7354","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-plugin-shortcodes","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin Shortcodes","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","2025-07-20 19:04:16","2025-07-21 07:23:25",[70],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F62d32cda-bb6d-4ffa-82b9-f2f6e8d4346f?source=api-prod",{"id":72,"url_slug":73,"title":74,"description":75,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":76,"cvss_vector":77,"vuln_type":78,"published_date":79,"updated_date":80,"references":81,"days_to_patch":83},"CVE-2025-7369","shortcodes-ultimate-cross-site-request-forgery-to-arbitrary-shortcode-execution","Shortcodes Ultimate \u003C= 7.4.2 - Cross-Site Request Forgery to Arbitrary Shortcode Execution","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.4.2. This is due to missing or incorrect nonce validation on the preview function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.\r\nIn combination with CVE-2025-7354, it leads to Reflected Cross-Site Scripting.",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-07-20 19:03:54","2025-08-07 17:39:04",[82],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5934d1c8-1553-4908-aaab-89d2189eb4cd?source=api-prod",18,{"id":85,"url_slug":86,"title":87,"description":88,"plugin_slug":4,"theme_slug":38,"affected_versions":89,"patched_in_version":90,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":91,"updated_date":92,"references":93,"days_to_patch":48},"CVE-2025-5567","shortcodes-ultimate-authenticted-contributor-stored-cross-site-scripting-via-data-url-attribute","Shortcodes Ultimate \u003C= 7.4.0 - Authenticted (Contributor+) Stored Cross-Site Scripting via 'data-url' Attribute","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data-url' DOM element attribute in all versions up to, and including, 7.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.4.0","7.4.1","2025-07-03 14:14:23","2025-07-04 02:22:33",[94],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffbd67145-5b95-4890-a265-1dd7a029aec6?source=api-prod",{"id":96,"url_slug":97,"title":98,"description":99,"plugin_slug":4,"theme_slug":38,"affected_versions":100,"patched_in_version":101,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":102,"updated_date":103,"references":104,"days_to_patch":106},"CVE-2025-49244","shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting","Shortcodes Ultimate \u003C= 7.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 7.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.3.5","7.4.0","2025-06-05 00:00:00","2025-06-11 20:32:54",[105],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F11419311-4369-4882-9841-9523571b2d35?source=api-prod",7,{"id":108,"url_slug":109,"title":110,"description":111,"plugin_slug":4,"theme_slug":38,"affected_versions":112,"patched_in_version":113,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":114,"updated_date":115,"references":116,"days_to_patch":48},"CVE-2025-0370","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-src-parameter","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via src Parameter","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘src’ parameter in all versions up to, and including, 7.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.3.3","7.3.4","2025-03-03 20:32:25","2025-03-04 09:22:52",[117],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff0869c35-9ea8-46a5-8bba-23d7ef47355a?source=api-prod",{"id":119,"url_slug":120,"title":121,"description":122,"plugin_slug":4,"theme_slug":38,"affected_versions":123,"patched_in_version":124,"severity":41,"cvss_score":125,"cvss_vector":126,"vuln_type":56,"published_date":127,"updated_date":128,"references":129,"days_to_patch":48},"CVE-2024-8500","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-dom-based-stored-cross-site-scripting","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 7.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.2.2","7.3.0",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-10-22 00:00:00","2024-10-23 11:04:27",[130],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F78af6e06-4b4c-4f56-a6f8-f98e8f681976?source=api-prod",{"id":132,"url_slug":133,"title":134,"description":135,"plugin_slug":4,"theme_slug":38,"affected_versions":136,"patched_in_version":137,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":138,"updated_date":139,"references":140,"days_to_patch":142},"CVE-2024-4821","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-sulightbox-shortcode","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_lightbox Shortcode","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_lightbox shortcode in all versions up to, and including, 7.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.1.6","7.1.7","2024-06-04 20:15:54","2024-06-17 18:06:19",[141],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fec7649da-5358-4fe2-8706-b945bba02c93?source=api-prod",13,{"id":144,"url_slug":145,"title":146,"description":147,"plugin_slug":4,"theme_slug":38,"affected_versions":148,"patched_in_version":149,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":150,"updated_date":151,"references":152,"days_to_patch":48},"CVE-2024-4553","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-sumembers-shortcode","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_members Shortcode","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_members' shortcode in all versions up to, and including, 7.1.5 due to insufficient input sanitization and output escaping on user supplied 'color' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.1.5","7.1.6","2024-05-20 20:36:37","2024-05-21 09:31:50",[153],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd8db8ed5-ebeb-4102-928f-fe417e429ad2?source=api-prod",{"id":155,"url_slug":156,"title":157,"description":158,"plugin_slug":4,"theme_slug":38,"affected_versions":159,"patched_in_version":160,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":161,"updated_date":162,"references":163,"days_to_patch":165},"CVE-2024-3550","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-shortcode","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.1.2","7.1.3","2024-04-29 00:00:00","2024-05-02 16:52:33",[164],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbf7b0f1b-a6d3-4a96-adaa-0adeb6ea2efd?source=api-prod",4,{"id":167,"url_slug":168,"title":169,"description":170,"plugin_slug":4,"theme_slug":38,"affected_versions":171,"patched_in_version":172,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":173,"updated_date":174,"references":175,"days_to_patch":177},"CVE-2024-3548","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-sulightbox","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_lightbox","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_lightbox shortcode in all versions up to, and including, 7.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.1.0","7.1.2","2024-04-24 00:00:00","2024-05-16 13:24:01",[176],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F71564eec-426a-46fa-b614-388bebae6ebd?source=api-prod",23,{"id":179,"url_slug":180,"title":181,"description":182,"plugin_slug":4,"theme_slug":38,"affected_versions":183,"patched_in_version":184,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":185,"updated_date":186,"references":187,"days_to_patch":189},"CVE-2024-3188","shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-2","Shortcodes Ultimate \u003C= 7.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_dailymotion shortcode in all versions, up to and including 7.0.5, due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.0.5","7.1.0","2024-04-05 00:00:00","2024-04-19 13:25:00",[188],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6b6f6f93-4c24-4b81-bd5d-470f6dccab92?source=api-prod",15,{"id":191,"url_slug":192,"title":193,"description":194,"plugin_slug":4,"theme_slug":38,"affected_versions":195,"patched_in_version":196,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":197,"updated_date":198,"references":199,"days_to_patch":201},"CVE-2024-2583","shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-notecolor-shortcode","Shortcodes Ultimate \u003C= 7.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'note_color' Shortcode","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'note_color' shortcode in all versions up to, and including, 7.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.0.4","7.0.5","2024-03-23 00:00:00","2024-04-25 12:58:06",[200],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1bae6d3a-40eb-4af6-be4e-9bc6be1a4b07?source=api-prod",33,{"id":203,"url_slug":204,"title":205,"description":206,"plugin_slug":4,"theme_slug":38,"affected_versions":207,"patched_in_version":208,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":209,"updated_date":210,"references":211,"days_to_patch":213},"CVE-2024-1808","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-suqrcode-shortcode","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_qrcode Shortcode","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_qrcode' shortcode in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.0.3","7.0.4","2024-02-27 00:00:00","2024-02-28 12:50:50",[212],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F96769a0e-d4a9-4196-8ded-b600046c0943?source=api-prod",2,{"id":215,"url_slug":216,"title":217,"description":218,"plugin_slug":4,"theme_slug":38,"affected_versions":219,"patched_in_version":220,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":221,"updated_date":222,"references":223,"days_to_patch":48},"CVE-2024-1510","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-via-sutooltip-shortcode","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_tooltip Shortcode","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_tooltip shortcode in all versions up to, and including, 7.0.2 due to insufficient input sanitization and output escaping on user supplied attributes and user supplied tags. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.0.2","7.0.3","2024-02-19 00:00:00","2024-02-20 02:34:18",[224],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fee03d780-076b-4501-a353-376198a4bd7b?source=api-prod",{"id":226,"url_slug":227,"title":228,"description":229,"plugin_slug":4,"theme_slug":38,"affected_versions":230,"patched_in_version":231,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":232,"updated_date":233,"references":234,"days_to_patch":236},"CVE-2024-0792","wp-shortcodes-plugin-shortcodes-ultimate-authenticatedcontributor-stored-cross-site-scripting-via-shortcode","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 7.0.1 due to insufficient input sanitization and output escaping on RSS feed content. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.0.1","7.0.2","2024-02-07 00:00:00","2024-07-29 21:35:52",[235],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0d8c043c-e347-4dc8-8a72-943a7e6c4394?source=api-prod",174,{"id":238,"url_slug":239,"title":240,"description":241,"plugin_slug":4,"theme_slug":38,"affected_versions":242,"patched_in_version":243,"severity":41,"cvss_score":125,"cvss_vector":126,"vuln_type":56,"published_date":244,"updated_date":245,"references":246,"days_to_patch":248},"CVE-2023-6488","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 7.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_button', 'su_members', and 'su_tabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=7.0.0","7.0.1","2023-12-18 00:00:00","2024-07-29 21:36:21",[247],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F50a89ad1-a3d0-49e3-8d2e-4cb81ac115ba?source=api-prod",225,{"id":250,"url_slug":251,"title":252,"description":253,"plugin_slug":4,"theme_slug":38,"affected_versions":254,"patched_in_version":255,"severity":41,"cvss_score":256,"cvss_vector":257,"vuln_type":258,"published_date":259,"updated_date":260,"references":261,"days_to_patch":263},"CVE-2023-6226","wp-shortcodes-plugin-shortcodes-ultimate-insecure-direct-object-reference-to-information-disclosure","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 5.13.3 - Insecure Direct Object Reference to Information Disclosure","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.13.3 via the su_meta shortcode due to missing validation on the user controlled keys 'key' and 'post_id'. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve arbitrary post meta values which may contain sensitive information when combined with another plugin.","\u003C=5.13.3","7.0.0",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Authorization Bypass Through User-Controlled Key","2023-11-27 00:00:00","2024-07-29 21:36:19",[262],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4d936a48-b300-4a41-8d28-ba34cb3c5cb7?source=api-prod",246,{"id":265,"url_slug":266,"title":267,"description":268,"plugin_slug":4,"theme_slug":38,"affected_versions":254,"patched_in_version":255,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":259,"updated_date":269,"references":270,"days_to_patch":263},"CVE-2023-6225","wp-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-2","WP Shortcodes Plugin — Shortcodes Ultimate \u003C= 5.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting","The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_meta shortcode combined with post meta data in all versions up to, and including, 5.13.3 due to insufficient input sanitization and output escaping on user supplied meta values. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","2024-07-29 21:36:23",[271],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F558e36f6-4678-46a2-8154-42770fbb5574?source=api-prod",{"id":273,"url_slug":274,"title":275,"description":276,"plugin_slug":4,"theme_slug":38,"affected_versions":277,"patched_in_version":278,"severity":41,"cvss_score":279,"cvss_vector":280,"vuln_type":281,"published_date":282,"updated_date":283,"references":284,"days_to_patch":286},"CVE-2023-0911","shortcodes-ultimate-authenticated-subscriber-information-exposure","Shortcodes Ultimate \u003C= 5.12.7 - Authenticated (Subscriber+) Information Exposure","The Shortcodes Ultimate for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 5.12.7  via its shortcodes. This can allow authenticated attackers with subscriber-level privileges or higher to extract sensitive data including user meta information.","\u003C=5.12.7","5.12.8",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2023-02-27 00:00:00","2024-01-22 19:56:02",[285],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F144895c9-5800-435e-9f75-a8de17ca2d93?source=api-prod",330,{"id":288,"url_slug":289,"title":290,"description":291,"plugin_slug":4,"theme_slug":38,"affected_versions":277,"patched_in_version":278,"severity":41,"cvss_score":256,"cvss_vector":257,"vuln_type":258,"published_date":282,"updated_date":283,"references":292,"days_to_patch":286},"CVE-2023-0890","shortcodes-ultimate-authenticated-subscriber-arbitrary-post-access-via-shortcode","Shortcodes Ultimate \u003C= 5.12.7 - Authenticated (Subscriber+) Arbitrary Post Access via Shortcode","The Shortcodes Ultimate plugin for WordPress is vulnerable to unauthorized access of data due to missing authorization controls in a plugin's shortcode in versions up to, and including, 5.12.7. This makes it possible for authenticated attackers with subscriber-level permissions and above to read arbitrary posts.",[293],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2eddfe94-7232-4d3d-9f3a-f53fc476a012?source=api-prod",{"id":295,"url_slug":296,"title":297,"description":298,"plugin_slug":4,"theme_slug":38,"affected_versions":299,"patched_in_version":300,"severity":41,"cvss_score":279,"cvss_vector":280,"vuln_type":301,"published_date":302,"updated_date":283,"references":303,"days_to_patch":305},"CVE-2023-25050","shortcodes-ultimate-authenticated-subscriber-arbitrary-file-read-via-shortcode","Shortcodes Ultimate \u003C= 5.12.6 - Authenticated (Subscriber+) Arbitrary File Read via Shortcode","The Shortcodes Ultimate plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 5.12.6. This is due to insufficient validation on the url being supplied via the \"url\" attribute of the su_table shortcode. This makes it possible for authenticated attackers, with subscriber-level privileges and above, to supply paths to arbitrary files that will be returned when rendering the shortcode. This can be leveraged to read sensitive configuration files like wp-config.php. This is only exploitable when the Unsafe features option is enabled.","\u003C=5.12.6","5.12.7","External Control of File Name or Path","2023-02-10 00:00:00",[304],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5dad7348-39ba-4163-a5eb-939601645edb?source=api-prod",347,{"id":307,"url_slug":308,"title":309,"description":310,"plugin_slug":4,"theme_slug":38,"affected_versions":299,"patched_in_version":300,"severity":41,"cvss_score":279,"cvss_vector":280,"vuln_type":44,"published_date":302,"updated_date":283,"references":311,"days_to_patch":305},"CVE-2023-23800","shortcodes-ultimate-authenticated-subscriber-server-side-request-forgery","Shortcodes Ultimate \u003C= 5.12.6 - Authenticated (Subscriber+) Server-Side Request Forgery","The Shortcodes Ultimate plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 5.12.6. This is due to insufficient validation on the url being supplied via the \"url\" attribute of the su_csv_table shortcode. This makes it possible for authenticated attackers, with subscriber-level privileges and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.",[312],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7bb6caf6-5676-49cd-8577-5a41b44b00c0?source=api-prod",{"id":314,"url_slug":315,"title":316,"description":317,"plugin_slug":4,"theme_slug":38,"affected_versions":299,"patched_in_version":300,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":302,"updated_date":283,"references":318,"days_to_patch":305},"CVE-2023-25040","shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting-3","Shortcodes Ultimate \u003C= 5.12.6 - Authenticated (Contributor+) Stored Cross Site Scripting","The Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 5.12.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",[319],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd449466d-e78a-48a3-8eff-90b56646dd6b?source=api-prod",{"id":321,"url_slug":322,"title":323,"description":324,"plugin_slug":4,"theme_slug":38,"affected_versions":325,"patched_in_version":326,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":56,"published_date":327,"updated_date":283,"references":328,"days_to_patch":330},"WF-2ac1d65c-5e09-41ca-809b-2ab3ab5f62af-shortcodes-ultimate","shortcodes-ultimate-authenticated-subscriber-stored-cross-site-scripting","Shortcodes Ultimate \u003C= 5.12.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting","The Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘settings’ parameter saved via the ajax_add_preset() function in versions up to, and including, 5.12.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=5.12.0","5.12.1","2022-10-13 00:00:00",[329],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2ac1d65c-5e09-41ca-809b-2ab3ab5f62af?source=api-prod",467,{"id":332,"url_slug":333,"title":334,"description":335,"plugin_slug":4,"theme_slug":38,"affected_versions":325,"patched_in_version":326,"severity":336,"cvss_score":337,"cvss_vector":338,"vuln_type":78,"published_date":327,"updated_date":283,"references":339,"days_to_patch":330},"CVE-2022-41136","shortcodes-ultimate-cross-site-request-forgery-2","Shortcodes Ultimate \u003C= 5.12.0 - Cross-Site Request Forgery","The Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.12.0. This is due to missing nonce validation on the ajax_add_preset() function. This makes it possible for unauthenticated attackers to make preset changes and inject malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H",[340],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F431331aa-4d9f-41f2-a522-567bbd9b8831?source=api-prod",{"id":342,"url_slug":343,"title":334,"description":344,"plugin_slug":4,"theme_slug":38,"affected_versions":325,"patched_in_version":326,"severity":336,"cvss_score":337,"cvss_vector":338,"vuln_type":78,"published_date":345,"updated_date":283,"references":346,"days_to_patch":348},"CVE-2022-38086","shortcodes-ultimate-cross-site-request-forgery","The Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.12.0. This is due to missing or incorrect nonce validation on the ajax_remove_preset() and ajax_get_preset() functions. This makes it possible for unauthenticated attackers to make preset changes via forged request granted they can trick a site administrator into performing an action such as clicking on a link.","2022-10-02 00:00:00",[347],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F02540fe4-b690-46ab-b79b-a90c8d796ec4?source=api-prod",478,{"id":350,"url_slug":351,"title":352,"description":353,"plugin_slug":4,"theme_slug":38,"affected_versions":354,"patched_in_version":355,"severity":41,"cvss_score":125,"cvss_vector":126,"vuln_type":56,"published_date":356,"updated_date":283,"references":357,"days_to_patch":359},"CVE-2021-24525","wordpress-shortcodes-plugin-shortcodes-ultimate-authenticated-contributor-stored-cross-site-scripting","WordPress Shortcodes Plugin — Shortcodes Ultimate \u003C= 5.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Shortcodes Ultimate WordPress plugin before 5.10.2 allows users with Contributor roles to perform stored XSS via shortcode attributes. Note: the plugin is inconsistent in its handling of shortcode attributes; some do escape, most don't, and there are even some attributes that are insecure by design (like [su_button]'s onclick attribute).","\u003C5.10.2","5.10.2","2021-08-23 00:00:00",[358],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F98f87769-d4e4-4e27-9acf-a4e52bdbf734?source=api-prod",883,{"id":361,"url_slug":362,"title":363,"description":364,"plugin_slug":4,"theme_slug":38,"affected_versions":365,"patched_in_version":366,"severity":336,"cvss_score":337,"cvss_vector":367,"vuln_type":368,"published_date":369,"updated_date":283,"references":370,"days_to_patch":372},"CVE-2017-18580","wordpress-shortcodes-plugin-shortcodes-ultimate-authenticated-remote-code-execution","WordPress Shortcodes Plugin — Shortcodes Ultimate \u003C= 5.0.0 - Authenticated Remote Code Execution","The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode.","\u003C5.0.1","5.0.1","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Generation of Code ('Code Injection')","2017-10-31 00:00:00",[371],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe703d411-d608-43cc-8806-1d1e837cf797?source=api-prod",2275,{"id":374,"url_slug":375,"title":376,"description":377,"plugin_slug":4,"theme_slug":38,"affected_versions":378,"patched_in_version":379,"severity":41,"cvss_score":380,"cvss_vector":381,"vuln_type":382,"published_date":383,"updated_date":283,"references":384,"days_to_patch":386},"CVE-2017-2245","wordpress-shortcodes-plugin-shortcodes-ultimate-directory-traversal","WordPress Shortcodes Plugin — Shortcodes Ultimate \u003C 4.10.0 - Directory Traversal","Directory traversal vulnerability in Shortcodes Ultimate prior to version 4.10.0 allows remote attackers to read arbitrary files via unspecified vectors.","\u003C4.10.0","4.10.0",5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:N\u002FA:N","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2017-06-23 00:00:00",[385],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F58a4cb88-033e-48f4-b6fa-2a9754ab6a7f?source=api-prod",2405,{"id":388,"url_slug":389,"title":390,"description":391,"plugin_slug":4,"theme_slug":38,"affected_versions":392,"patched_in_version":393,"severity":41,"cvss_score":76,"cvss_vector":77,"vuln_type":56,"published_date":394,"updated_date":283,"references":395,"days_to_patch":397},"WF-baa720d6-1891-4557-a744-830be56862e9-shortcodes-ultimate","wordpress-shortcodes-plugin-shortcodes-ultimate-cross-site-scripting","WordPress Shortcodes Plugin — Shortcodes Ultimate \u003C= 4.9.3 - Cross-Site Scripting","The WordPress Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘code’ parameter in versions up to, and including, 4.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=4.9.3","4.9.4","2015-05-05 00:00:00",[396],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbaa720d6-1891-4557-a744-830be56862e9?source=api-prod",3185,{"slug":399,"display_name":7,"profile_url":8,"plugin_count":165,"total_installs":400,"avg_security_score":401,"avg_patch_time_days":402,"trust_score":403,"computed_at":404},"gn_themes",400030,86,403,69,"2026-04-03T23:20:44.384Z",[406,433,452,473,488],{"slug":407,"name":408,"version":409,"author":410,"author_profile":411,"description":412,"short_description":413,"active_installs":414,"downloaded":415,"rating":416,"num_ratings":417,"last_updated":418,"tested_up_to":419,"requires_at_least":420,"requires_php":421,"tags":422,"homepage":428,"download_link":429,"security_score":430,"vuln_count":431,"unpatched_count":29,"last_vuln_date":432,"fetched_at":31},"wp-show-posts","WP Show Posts","1.1.6","Tom","https:\u002F\u002Fprofiles.wordpress.org\u002Fedge22\u002F","\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>This plugin is only receiving security updates at this time. Check out our \u003Ca href=\"https:\u002F\u002Fgenerateblocks.com\u002F\" rel=\"nofollow ugc\">GenerateBlocks\u003C\u002Fa> plugin for a more modern solution.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"WP Show Posts\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F175638957?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Cp>WP Show Posts allows you to display posts anywhere on your website using an easy to use shortcode.\u003C\u002Fp>\n\u003Cp>You can pull posts from any post type like WooCommerce, Easy Digital Downloads etc..\u003C\u002Fp>\n\u003Cp>This plugin works with any theme.\u003C\u002Fp>\n\u003Cp>Here are the features in the free version:\u003C\u002Fp>\n\u003Ch4>Posts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Post type\u003C\u002Fli>\n\u003Cli>Taxonomy\u003C\u002Fli>\n\u003Cli>Terms\u003C\u002Fli>\n\u003Cli>Posts per page\u003C\u002Fli>\n\u003Cli>Pagination\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Columns\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Columns\u003C\u002Fli>\n\u003Cli>Columns gutter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Images\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Show images\u003C\u002Fli>\n\u003Cli>Image width\u003C\u002Fli>\n\u003Cli>Image height\u003C\u002Fli>\n\u003Cli>Image alignment\u003C\u002Fli>\n\u003Cli>Image location\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Content\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Content type (excerpt or full post)\u003C\u002Fli>\n\u003Cli>Excerpt length\u003C\u002Fli>\n\u003Cli>Include title\u003C\u002Fli>\n\u003Cli>Read more text\u003C\u002Fli>\n\u003Cli>Read more button class\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Meta\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Include author\u003C\u002Fli>\n\u003Cli>Author location\u003C\u002Fli>\n\u003Cli>Include date\u003C\u002Fli>\n\u003Cli>Date location\u003C\u002Fli>\n\u003Cli>Include terms\u003C\u002Fli>\n\u003Cli>Terms location\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>More settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Author ID\u003C\u002Fli>\n\u003Cli>Exclude current\u003C\u002Fli>\n\u003Cli>Post ID\u003C\u002Fli>\n\u003Cli>Exclude post ID\u003C\u002Fli>\n\u003Cli>Ignore sticky posts\u003C\u002Fli>\n\u003Cli>Offset\u003C\u002Fli>\n\u003Cli>Order\u003C\u002Fli>\n\u003Cli>Order by\u003C\u002Fli>\n\u003Cli>Status\u003C\u002Fli>\n\u003Cli>Meta key\u003C\u002Fli>\n\u003Cli>Meta value\u003C\u002Fli>\n\u003Cli>Tax operator\u003C\u002Fli>\n\u003Cli>No results message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Our *Pro* version has these features\u003C\u002Fh4>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"WP Show Posts Pro\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F175660953?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpshowposts.com\u002F\" title=\"Check out Pro\" rel=\"nofollow ugc\">Check out Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Posts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>AJAX pagination\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Columns\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Masonry\u003C\u002Fli>\n\u003Cli>Featured post\u003C\u002Fli>\n\u003Cli>Background color\u003C\u002Fli>\n\u003Cli>Background color hover\u003C\u002Fli>\n\u003Cli>Border color\u003C\u002Fli>\n\u003Cli>Border color hover\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Images\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Image overlay color\u003C\u002Fli>\n\u003Cli>Image overlay icon\u003C\u002Fli>\n\u003Cli>Image hover effect\u003C\u002Fli>\n\u003Cli>Image lightbox\u003C\u002Fli>\n\u003Cli>Image lightbox gallery\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Content\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Read more style\u003C\u002Fli>\n\u003Cli>Read more color\u003C\u002Fli>\n\u003Cli>Content link color\u003C\u002Fli>\n\u003Cli>Content link color hover\u003C\u002Fli>\n\u003Cli>Content text color\u003C\u002Fli>\n\u003Cli>Title color\u003C\u002Fli>\n\u003Cli>Title color hover\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Meta\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Meta color\u003C\u002Fli>\n\u003Cli>Meta color hover\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Social\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Twitter color + hover\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Facebook color + hover\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Google+ color + hover\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Pinterest color + hover\u003C\u002Fli>\n\u003Cli>Love it\u003C\u002Fli>\n\u003Cli>Alignment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out GeneratePress, our awesome WordPress theme! (https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fgeneratepress)\u003C\u002Fp>\n","Add posts to your website from any post type using a simple shortcode.",70000,604723,94,80,"2024-04-16T19:12:00.000Z","6.1.10","4.5","",[423,424,425,426,427],"display-posts-shortcode","gallery","portfolio","post-columns","show-posts","https:\u002F\u002Fwpshowposts.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-show-posts.1.1.6.zip",90,3,"2024-04-16 00:00:00",{"slug":434,"name":435,"version":436,"author":437,"author_profile":438,"description":439,"short_description":440,"active_installs":441,"downloaded":442,"rating":441,"num_ratings":48,"last_updated":443,"tested_up_to":444,"requires_at_least":445,"requires_php":421,"tags":446,"homepage":449,"download_link":450,"security_score":451,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"mimo-carousel","Mimo Carousel","1.3.5","mimo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmimothemes\u002F","\u003Cp>Creates a shortcode to display Carousels with custom loops. Use the shortcode like this:  [mimo_carousel id=”the carousel id”] , you can use this plugin with Woocommerce to make a products carusel. Mimo Carousel plugin is completely compatible with Page Builder by Siteorigin plugin.\u003C\u002Fp>\n\u003Cp>With its widget or shortcode, this plugin can be used to create a woocommerce products slider with 1,2,3,4 or more columns. with more than 1 column it has a carousel view that works perfectly to showcase your products or posts.\u003C\u002Fp>\n\u003Cp>Set different options\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Loop options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>-offset\u003C\u002Fli>\n\u003Cli>-Categories to show\u003C\u002Fli>\n\u003Cli>Number of posts\u003C\u002Fli>\n\u003Cli>Image size to use\u003C\u002Fli>\n\u003Cli>Custom Post Type to use, you can use Woocommerce products for example in the Carousels\u003C\u002Fli>\n\u003Cli>Exclude Post\u003C\u002Fli>\n\u003Cli>Order\u003C\u002Fli>\n\u003Cli>Order by\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Design Options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Hide Title of posts\u003C\u002Fli>\n\u003Cli>Hide Excerpt of posts\u003C\u002Fli>\n\u003Cli>Hide images of posts\u003C\u002Fli>\n\u003Cli>Use your own theme templates, for theme developers, see developer instructions\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Carousel Options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Show\u002FHide \u003Cstrong>dots\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Show\u002FHide \u003Cstrong>arrows\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Accessibility: Enables tabbing and arrow key navigation\u003C\u002Fli>\n\u003Cli>Adaptive Height: Enables adaptive height for single slide horizontal carousels.\u003C\u002Fli>\n\u003Cli>Autoplay\u003C\u002Fli>\n\u003Cli>Autoplay Speed\u003C\u002Fli>\n\u003Cli>As Nav for: Set the slider to be the navigation of other slider (Class or ID Name)\u003C\u002Fli>\n\u003Cli>draggable\u003C\u002Fli>\n\u003Cli>Kind of easing\u003C\u002Fli>\n\u003Cli>lazyLoad\u003C\u002Fli>\n\u003Cli>pauseOnHover\u003C\u002Fli>\n\u003Cli>mobileFirst : Responsive settings use mobile first calculation\u003C\u002Fli>\n\u003Cli>pauseOnDotsHover\u003C\u002Fli>\n\u003Cli>rows\u003C\u002Fli>\n\u003Cli>slidesPerRow\u003C\u002Fli>\n\u003Cli>\u003Cstrong>slidesToShow: Number of posts to show\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>slidesToScroll\u003C\u002Fstrong>: In each horizontal scroll\u003C\u002Fli>\n\u003Cli>speed\u003C\u002Fli>\n\u003Cli>touchMove\u003C\u002Fli>\n\u003Cli>vertical\u003C\u002Fli>\n\u003Cli>rtl\u003C\u002Fli>\n\u003Cli>variableWidth: Variable width slides\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp> \u003C\u002Fp>\n\u003Ch3>Usage instructions\u003C\u002Fh3>\n\u003Cp>Create your Carousels in WordPress Dashboard\u002FCarousels\u003C\u002Fp>\n\u003Cp>Use shortcode [mimo_carousel id=”the carousel post id”] to display carousels or use Mimo Carousel Widget\u003C\u002Fp>\n\u003Ch3>Developer instructions\u003C\u002Fh3>\n\u003Cp>Apart from the options inside widget you can manipulate the before\u002Fafter loop and articles content with this actions:\u003C\u002Fp>\n\u003Cp>do_action(‘mimo_carousel_before_content’); \u002F\u002F The beginnning of content inside each article\u003Cbr \u002F>\ndo_action(‘mimo_carousel_after_content’); \u002F\u002F The end of content inside each article\u003Cbr \u002F>\ndo_action(‘mimo_carousel_before_loop’); \u002F\u002F Out of the loop\u003Cbr \u002F>\ndo_action(‘mimo_carousel_after_loop’); \u002F\u002F Out of the loop\u003C\u002Fp>\n\u003Cp>Create a folder in your theme called ‘mimo-carousel’ and inside a folder called ‘partials’, then create a file insise, called ‘mimo-carousel-content.php’, to overwrite content template for posts. You can especify here which template to use for the posts view inside carousel. This would be normally the template called content.php in your theme.\u003C\u002Fp>\n\u003Cp>Example of file ‘mimo-carousel-content.php’ :\u003C\u002Fp>\n\u003Cp>[Example 1][markdown syntax]\u003C\u002Fp>\n\u003Cpre>\u003Ccode>if(class_exists('Woocommerce') && get_post_type() == 'product' ) {\n    \u002F\u002FUse woocommerce template of theme\n    get_template_part( 'woocommerce\u002Fcontent','product');  \n\n} else {\n    \u002F\u002FUse post template of theme\n    get_template_part( 'template-parts\u002Fcontent');  \n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>[markdown syntax]\u003C\u002Fp>\n\u003Cp>Find plugin and issues solved at \u003Ca href=\"http:\u002F\u002Fmimo.studio\" title=\"Wordpress developer\" rel=\"nofollow ugc\">Mimo Studio\u003C\u002Fa>\u003C\u002Fp>\n","Create Custom Carousels with no code knowledge. Choose Columns, show\u002Fhide arrows\u002Fdots and a lot of options, display any taxonomy.",20,3761,"2016-06-10T06:42:00.000Z","4.5.33","4.3",[20,21,447,448,22],"content","jquery","http:\u002F\u002Fmimo.studio","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmimo-carousel.zip",85,{"slug":453,"name":454,"version":455,"author":456,"author_profile":457,"description":458,"short_description":459,"active_installs":460,"downloaded":461,"rating":462,"num_ratings":48,"last_updated":421,"tested_up_to":463,"requires_at_least":421,"requires_php":421,"tags":464,"homepage":470,"download_link":471,"security_score":462,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":472},"latest-post-shortcode-slider-extension","Latest Post Shortcode Slider","2.2","Iulia Cazan","https:\u002F\u002Fprofiles.wordpress.org\u002Fiulia-cazan\u002F","\u003Cp>The plugin is an extension for the Latest Post Shortcode plugin, and allows you to output the static or dynamical selection you make as a responsive slider with different configuration.\u003C\u002Fp>\n\u003Ch4>Latest Post Shortcode\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flatest-post-shortcode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Hooks\u003C\u002Fh3>\n\u003Cp>admin_enqueue_scripts, init, plugins_loaded, media_buttons_context, admin_footer, admin_head, wp_head\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n\u003Ch3>Version history\u003C\u002Fh3>\n\u003Cp>2.2 – Tested up to 4.8.2, add support for Latest Post Shortcode 7.4\u003Cbr \u002F>\n2.1 – Add support for Latest Post Shortcode 7.3\u003Cbr \u002F>\n2.0 – Tested up to 4.8, compatible with Latest Post Shortcode 7.0\u003Cbr \u002F>\n1.1 – Add status support.\u003Cbr \u002F>\n1.0 – Initial version.\u003C\u002Fp>\n","The plugin is an extension for the Latest Post Shortcode plugin, and allows you to output the static or dynamical selection you make as a responsive s …",10,3923,100,"4.8.28",[465,466,467,468,469],"carousel-from-posts","carousel-shortcode","latest-post-carousel","post","slider-from-posts","http:\u002F\u002Fiuliacazan.ro\u002Flatest-post-shortcode-slider-extension\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatest-post-shortcode-slider-extension.2.2.zip","2026-03-15T10:48:56.248Z",{"slug":474,"name":475,"version":476,"author":477,"author_profile":478,"description":479,"short_description":480,"active_installs":29,"downloaded":481,"rating":29,"num_ratings":29,"last_updated":482,"tested_up_to":483,"requires_at_least":445,"requires_php":421,"tags":484,"homepage":421,"download_link":487,"security_score":451,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"360crest-themeone-tinymce-shortcodes","TinyMCE shortcode Addon","1.0.0","360crest","https:\u002F\u002Fprofiles.wordpress.org\u002F360crest\u002F","\u003Cp>\u003Cstrong>Foreigncodes Tinymce Shortcodes, is a wordpress tinymce addon, that jazz up your wordpress post with cool design.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin comes with over 10 preset button styles, toggles, accordion and grid layout you can easily input in your article.\u003C\u002Fp>\n\u003Cp>Simple to use \u002F understand feature, loads of options to select from\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch3>Shortcodes Included\u003C\u002Fh3>\n\u003Cp>Buttons, Videos, Alerts, Google Maps, Toggle, Tabs, dividers, Columns And much more! Easily add nice looking elements to your WordPress website without any knowledge of coding!\u003C\u002Fp>\n\u003Ch4>Wide-range of field types and options\u003C\u002Fh4>\n\u003Cp>Support\u003C\u002Fp>\n\u003Cp>All support for this plugin is provided through our forums. If you have not registered yet, you can do so here for FREE\u003Cbr \u002F>\nhttps:\u002F\u002Fforeigncodes.com\u002Fcommunity\u002Fplugin_surport\u002F\u003C\u002Fp>\n\u003Ch3>Plugin Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Report Bugs\u002FIssues]https:\u002F\u002Fforeigncodes.com\u002Fcommunity\u002Fplugin_surport\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","Foreigncodes Tinymce Shortcodes, is a wordpress tinymce addon, that jazz up your wordpress post with cool design.",1614,"2018-06-02T12:12:00.000Z","4.9.29",[485,21,23,486,24],"button","slider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F360crest-themeone-tinymce-shortcodes.zip",{"slug":489,"name":490,"version":476,"author":491,"author_profile":492,"description":493,"short_description":494,"active_installs":29,"downloaded":495,"rating":29,"num_ratings":29,"last_updated":496,"tested_up_to":497,"requires_at_least":17,"requires_php":498,"tags":499,"homepage":502,"download_link":503,"security_score":462,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"featured-post-carousel-tag","Featured Post Carousel by Tag","Daniel Esparza","https:\u002F\u002Fprofiles.wordpress.org\u002Fdesparza\u002F","\u003Cp>Muestra entradas, páginas, productos y otros tipos de contenido personalizado por etiqueta en un carrusel responsive con OwlCarousel2.\u003C\u002Fp>\n\u003Ch3>Descripción\u003C\u002Fh3>\n\u003Cp>Featured Post Carousel by Tag te permite mostrar contenido (entradas, páginas, productos y otros custom post types) que están etiquetados con el slug “featured” o “destacado” dentro de un carrusel responsive impulsado por OwlCarousel2. Inserta el carrusel usando el shortcode [featured-post-carousel-tag]. Desde los ajustes del plugin puedes elegir qué tipos de contenido incluir.\u003C\u002Fp>\n\u003Cp>Características principales:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Shortcode [featured-post-carousel-tag] para mostrar un carrusel de elementos.\u003C\u002Fli>\n\u003Cli>Muestra imagen destacada (clic \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> ficha), título (clic \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> ficha) y una acción “leer más” \u002F añadir al carrito para productos.\u003C\u002Fli>\n\u003Cli>Soporta entradas, páginas, productos de WooCommerce y otros custom post types.\u003C\u002Fli>\n\u003Cli>Detecta taxonomías tipo etiqueta (post_tag, product_tag, o taxonomías personalizadas no jerárquicas) y busca términos con slug “featured” o “destacado”.\u003C\u002Fli>\n\u003Cli>Caché con transients para reducir el trabajo en la base de datos en accesos repetidos.\u003C\u002Fli>\n\u003Cli>Preparado para traducción (text domain: featured-post-carousel-tag).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Video\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fnp8SGK7MsZQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Instalación\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Sube la carpeta \u003Ccode>featured-post-carousel-tag\u003C\u002Fcode> a \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Activa el plugin desde el admin de WordPress.\u003C\u002Fli>\n\u003Cli>Ve a \u003Cstrong>Featured Post Carousel\u003C\u002Fstrong> en el menú del admin y selecciona qué tipos de contenido incluir.\u003C\u002Fli>\n\u003Cli>Coloca los archivos de OwlCarousel2 (2.3.4) si quieres copias locales:\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cul>\n\u003Cli>\u003Ccode>public\u002Fjs\u002Fowl.carousel.min.js\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>public\u002Fcss\u002Fowl.carousel.min.css\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>public\u002Fcss\u002Fowl.theme.default.min.css\u003C\u002Fcode>\u003Cbr \u002F>\n (Si faltan los archivos, el plugin muestra una notificación en el admin.)\u003C\u002Fp>\n\u003Col>\n\u003Cli>Inserta el shortcode donde lo necesites: \u003Ccode>[featured-post-carousel-tag]\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Uso\u003C\u002Fh3>\n\u003Cp>Ejemplo de shortcode:\u003Cbr \u002F>\n[featured-post-carousel-tag per_page=”8″ items=”3″ autoplay=”true”]\u003C\u002Fp>\n\u003Cp>Atributos:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>per_page — número de elementos a consultar (por defecto 8)\u003C\u002Fli>\n\u003Cli>items — número de elementos visibles en escritorio (por defecto 3)\u003C\u002Fli>\n\u003Cli>autoplay — “true” o “false” (por defecto “true”)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Preguntas frecuentes\u003C\u002Fh3>\n\u003Cp>= ¿Qué etiquetas busca el plugin? =\u003Cbr \u002F>\nEl plugin busca etiquetas con slug \u003Ccode>featured\u003C\u002Fcode> o \u003Ccode>destacado\u003C\u002Fcode> en las taxonomías registradas para los tipos de contenido seleccionados (por ejemplo \u003Ccode>post_tag\u003C\u002Fcode>, \u003Ccode>product_tag\u003C\u002Fcode> o taxonomías personalizadas no jerárquicas).\u003C\u002Fp>\n\u003Ch4>Mis páginas no tienen etiquetas — ¿qué puedo hacer?\u003C\u002Fh4>\n\u003Cp>Por defecto WordPress no añade etiquetas ni categorías a las páginas. Para habilitar etiquetas\u002Fcategorías en páginas puedes añadir lo siguiente al \u003Ccode>functions.php\u003C\u002Fcode> de tu tema o a un pequeño plugin:\u003C\u002Fp>\n\u003Cp>function fpct_enable_tags_for_pages() {\u003Cbr \u002F>\n\u002F\u002F Añadir post_tag a páginas\u003Cbr \u002F>\nregister_taxonomy_for_object_type( ‘post_tag’, ‘page’ );\u003Cbr \u002F>\n\u002F\u002F Añadir category a páginas\u003Cbr \u002F>\nregister_taxonomy_for_object_type( ‘category’, ‘page’ );\u003Cbr \u002F>\n}\u003Cbr \u002F>\nadd_action( ‘init’, ‘fpct_enable_tags_for_pages’ );\u003C\u002Fp>\n\u003Ch3>Servicios externos\u003C\u002Fh3>\n\u003Cp>Este plugin incluye el archivo JavaScript oficial de OwlCarousel 2.3.4. La distribución estándar de OwlCarousel contiene opcionalmente código para soportar vídeos embebidos desde proveedores externos (por ejemplo Vimeo o Vzaar) y en esas configuraciones específicas puede solicitar miniaturas o metadatos públicos a dichos servicios.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Importante:\u003C\u002Fstrong>\u003Cbr \u002F>\nEl plugin \u003Cstrong>no utiliza ni activa estas funciones de vídeo por defecto\u003C\u002Fstrong>.\u003Cbr \u002F>\nEn la configuración actual del plugin \u003Cstrong>no se realizan peticiones a servicios externos\u003C\u002Fstrong>.\u003Cbr \u002F>\nLas solicitudes externas solo ocurrirían si un administrador incluye intencionadamente vídeos de esos proveedores en un carrusel.\u003C\u002Fp>\n\u003Ch3>Registro de cambios\u003C\u002Fh3>\n\u003Cp>= 1.0.0 =\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Versión inicial.\u003C\u002Fli>\n\u003Cli>Shortcode [featured-post-carousel-tag].\u003C\u002Fli>\n\u003Cli>Página de ajustes en el admin.\u003C\u002Fli>\n\u003Cli>Saneamiento, escapado y caché implementados siguiendo buenas prácticas de WP.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donaciones\u003C\u002Fh3>\n\u003Cp>Si te resultó útil este plugin y quieres apoyar el desarrollo, invítame a un café. ¡Gracias! ☕️\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fbuy.stripe.com\u002FaFadR96KU6oU5Mxfw68N200\" rel=\"nofollow ugc\">Buy me a coffee\u003C\u002Fa>\u003C\u002Fp>\n","Muestra entradas, páginas, productos y otros tipos de contenido personalizado por etiqueta en un carrusel responsive con OwlCarousel2.",193,"2025-10-06T13:03:00.000Z","6.8.5","7.2",[20,500,501,22,23],"custom-post-types","owlcarousel","https:\u002F\u002Fd3veloper.es\u002Ffeatured-post-carousel-tag\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeatured-post-carousel-tag.1.0.0.zip",{"attackSurface":505,"codeSignals":692,"taintFlows":772,"riskAssessment":893,"analyzedAt":904},{"hooks":506,"ajaxHandlers":659,"restRoutes":688,"shortcodes":689,"cronEvents":690,"entryPointCount":691,"unprotectedCount":165},[507,512,515,518,520,524,526,530,533,537,538,539,543,549,553,555,556,559,564,569,573,575,579,581,583,585,588,592,596,600,602,604,608,613,617,620,624,628,632,635,639,643,646,650,654,657],{"type":508,"name":509,"callback":510,"file":511,"line":441},"action","wp_head","register","inc\\core\\assets.php",{"type":508,"name":513,"callback":510,"file":511,"line":514},"admin_head",21,{"type":508,"name":516,"callback":510,"file":511,"line":517},"su\u002Fgenerator\u002Fpreview\u002Fbefore",22,{"type":508,"name":519,"callback":510,"file":511,"line":177},"su\u002Fexamples\u002Fpreview\u002Fbefore",{"type":508,"name":521,"callback":522,"file":511,"line":523},"wp_footer","enqueue",25,{"type":508,"name":525,"callback":522,"file":511,"line":61},"admin_footer",{"type":508,"name":527,"callback":528,"file":511,"line":529},"su\u002Fgenerator\u002Fpreview\u002Fafter","prnt",28,{"type":508,"name":531,"callback":528,"file":511,"line":532},"su\u002Fexamples\u002Fpreview\u002Fafter",29,{"type":508,"name":521,"callback":534,"priority":535,"file":511,"line":536},"custom_css",99,31,{"type":508,"name":527,"callback":534,"priority":535,"file":511,"line":28},{"type":508,"name":531,"callback":534,"priority":535,"file":511,"line":201},{"type":508,"name":540,"callback":541,"file":511,"line":542},"su\u002Fassets\u002Fcustom_css\u002Fafter","rtl_shortcodes",35,{"type":508,"name":544,"callback":545,"priority":546,"file":547,"line":548},"media_buttons","button_classic_editor",1000,"inc\\core\\generator.php",11,{"type":508,"name":550,"callback":551,"file":547,"line":552},"enqueue_block_editor_assets","button_block_editor",16,{"type":508,"name":521,"callback":554,"file":547,"line":514},"popup",{"type":508,"name":525,"callback":554,"file":547,"line":517},{"type":508,"name":557,"callback":558,"file":547,"line":61},"su\u002Fgenerator\u002Factions","presets",{"type":508,"name":560,"callback":561,"file":562,"line":563},"delete_attachment","su_delete_resized_images","inc\\core\\tools.php",344,{"type":508,"name":565,"callback":566,"file":567,"line":568},"admin_init","maybe_upgrade","includes\\class-shortcodes-ultimate.php",205,{"type":508,"name":570,"callback":571,"priority":29,"file":567,"line":572},"admin_menu","add_menu_pages",211,{"type":508,"name":570,"callback":571,"priority":29,"file":567,"line":574},217,{"type":508,"name":576,"callback":577,"file":567,"line":578},"admin_enqueue_scripts","enqueue_scripts",218,{"type":508,"name":570,"callback":571,"priority":441,"file":567,"line":580},224,{"type":508,"name":565,"callback":582,"file":567,"line":248},"add_settings",{"type":508,"name":576,"callback":577,"file":567,"line":584},226,{"type":508,"name":565,"callback":586,"file":567,"line":587},"maybe_disable_unsafe_features",227,{"type":508,"name":589,"callback":590,"file":567,"line":591},"load-plugins.php","defer_first_time",232,{"type":508,"name":593,"callback":594,"file":567,"line":595},"admin_notices","display_notice",233,{"type":508,"name":597,"callback":598,"file":567,"line":599},"admin_post_su_dismiss_notice","dismiss_notice",234,{"type":508,"name":593,"callback":594,"file":567,"line":601},239,{"type":508,"name":597,"callback":598,"file":567,"line":603},240,{"type":508,"name":605,"callback":606,"priority":460,"file":567,"line":607},"update_option_su_option_unsafe_features","hide_notice_on_option_change",241,{"type":609,"name":610,"callback":611,"priority":460,"file":567,"line":612},"filter","attachment_fields_to_edit","su_slide_link_input",250,{"type":609,"name":614,"callback":615,"priority":460,"file":567,"line":616},"attachment_fields_to_save","su_slide_link_save",256,{"type":508,"name":565,"callback":618,"file":567,"line":619},"register_shortcodes",266,{"type":609,"name":621,"callback":622,"file":567,"line":623},"su\u002Fdata\u002Fgroups","register_group",267,{"type":609,"name":625,"callback":626,"file":567,"line":627},"su\u002Fdata\u002Fshortcodes","add_generator_cta",268,{"type":508,"name":629,"callback":630,"priority":441,"file":567,"line":631},"init","add_default_shortcodes",282,{"type":508,"name":629,"callback":510,"priority":633,"file":567,"line":634},40,286,{"type":609,"name":636,"callback":637,"priority":460,"file":567,"line":638},"no_texturize_shortcodes","su_filter_disable_wptexturize",290,{"type":609,"name":640,"callback":641,"file":567,"line":642},"term_description","do_shortcode",296,{"type":609,"name":644,"callback":641,"file":567,"line":645},"widget_text",299,{"type":609,"name":647,"callback":648,"file":567,"line":649},"the_content","su_filter_custom_formatting",305,{"type":508,"name":651,"callback":510,"file":652,"line":653},"widgets_init","includes\\deprecated\\class-su-widget.php",61,{"type":508,"name":629,"callback":655,"priority":48,"file":656,"line":548},"closure","plugin.php",{"type":508,"name":651,"callback":510,"file":656,"line":658},17,[660,665,669,672,675,679,682,685],{"action":661,"nopriv":662,"callback":663,"hasNonce":662,"hasCapCheck":662,"file":547,"line":664},"su_generator_settings",false,"settings",24,{"action":666,"nopriv":662,"callback":667,"hasNonce":668,"hasCapCheck":662,"file":547,"line":523},"su_generator_preview","preview",true,{"action":670,"nopriv":662,"callback":671,"hasNonce":662,"hasCapCheck":662,"file":547,"line":529},"su_generator_get_icons","ajax_get_icons",{"action":673,"nopriv":662,"callback":674,"hasNonce":662,"hasCapCheck":662,"file":547,"line":532},"su_generator_get_terms","ajax_get_terms",{"action":676,"nopriv":662,"callback":677,"hasNonce":662,"hasCapCheck":662,"file":547,"line":678},"su_generator_get_taxonomies","ajax_get_taxonomies",30,{"action":680,"nopriv":662,"callback":681,"hasNonce":668,"hasCapCheck":662,"file":547,"line":536},"su_generator_add_preset","ajax_add_preset",{"action":683,"nopriv":662,"callback":684,"hasNonce":668,"hasCapCheck":662,"file":547,"line":28},"su_generator_remove_preset","ajax_remove_preset",{"action":686,"nopriv":662,"callback":687,"hasNonce":668,"hasCapCheck":662,"file":547,"line":201},"su_generator_get_preset","ajax_get_preset",[],[],[],8,{"dangerousFunctions":693,"sqlUsage":694,"outputEscaping":696,"fileOperations":48,"externalRequests":48,"nonceChecks":380,"capabilityChecks":380,"bundledLibraries":767},[],{"prepared":165,"raw":29,"locations":695},[],{"escaped":697,"rawEcho":698,"locations":699},475,37,[700,704,706,709,711,713,715,717,719,720,722,723,724,726,728,730,732,734,736,738,740,742,744,746,748,749,750,751,752,754,756,757,758,760,761,762,765],{"file":701,"line":702,"context":703},"admin\\class-shortcodes-ultimate-admin.php",280,"raw output",{"file":701,"line":705,"context":703},459,{"file":707,"line":708,"context":703},"admin\\class-shortcodes-ultimate-widget.php",59,{"file":710,"line":380,"context":703},"admin\\partials\\notices\\rate.php",{"file":712,"line":517,"context":703},"admin\\partials\\settings\\fields\\checkbox-group.php",{"file":714,"line":380,"context":703},"admin\\partials\\settings\\fields\\checkbox.php",{"file":716,"line":380,"context":703},"admin\\partials\\settings\\fields\\text.php",{"file":718,"line":460,"context":703},"admin\\partials\\tabs.php",{"file":718,"line":460,"context":703},{"file":718,"line":721,"context":703},12,{"file":718,"line":721,"context":703},{"file":547,"line":535,"context":703},{"file":547,"line":725,"context":703},136,{"file":547,"line":727,"context":703},242,{"file":547,"line":729,"context":703},248,{"file":547,"line":731,"context":703},264,{"file":547,"line":733,"context":703},270,{"file":547,"line":735,"context":703},271,{"file":547,"line":737,"context":703},272,{"file":547,"line":739,"context":703},363,{"file":547,"line":741,"context":703},383,{"file":547,"line":743,"context":703},480,{"file":547,"line":745,"context":703},483,{"file":547,"line":747,"context":703},487,{"file":652,"line":529,"context":703},{"file":652,"line":532,"context":703},{"file":652,"line":678,"context":703},{"file":652,"line":536,"context":703},{"file":652,"line":753,"context":703},49,{"file":652,"line":755,"context":703},50,{"file":652,"line":755,"context":703},{"file":652,"line":755,"context":703},{"file":652,"line":759,"context":703},54,{"file":652,"line":759,"context":703},{"file":652,"line":759,"context":703},{"file":763,"line":764,"context":703},"includes\\functions-helpers.php",110,{"file":763,"line":766,"context":703},436,[768],{"name":769,"version":770,"knownCves":771},"Freemius","1.0",[],[773,794,804,814,825,838,848,882],{"entryPoint":774,"graph":775,"unsanitizedCount":48,"severity":41},"the_menu_page (admin\\class-shortcodes-ultimate-admin.php:206)",{"nodes":776,"edges":791},[777,782,786],{"id":778,"type":779,"label":780,"file":701,"line":781},"n0","source","$_GET",214,{"id":783,"type":784,"label":785,"file":701,"line":781},"n1","transform","→ the_template()",{"id":787,"type":788,"label":789,"file":701,"line":705,"wp_function":790},"n2","sink","echo() [XSS]","echo",[792,793],{"from":778,"to":783,"sanitized":662},{"from":783,"to":787,"sanitized":662},{"entryPoint":795,"graph":796,"unsanitizedCount":48,"severity":41},"\u003Cclass-shortcodes-ultimate-admin> (admin\\class-shortcodes-ultimate-admin.php:0)",{"nodes":797,"edges":801},[798,799,800],{"id":778,"type":779,"label":780,"file":701,"line":781},{"id":783,"type":784,"label":785,"file":701,"line":781},{"id":787,"type":788,"label":789,"file":701,"line":705,"wp_function":790},[802,803],{"from":778,"to":783,"sanitized":662},{"from":783,"to":787,"sanitized":662},{"entryPoint":805,"graph":806,"unsanitizedCount":48,"severity":41},"presets (inc\\core\\generator.php:443)",{"nodes":807,"edges":812},[808,811],{"id":778,"type":779,"label":809,"file":547,"line":810},"$_REQUEST['shortcode']",447,{"id":783,"type":788,"label":789,"file":547,"line":810,"wp_function":790},[813],{"from":778,"to":783,"sanitized":662},{"entryPoint":815,"graph":816,"unsanitizedCount":29,"severity":824},"preview (inc\\core\\generator.php:370)",{"nodes":817,"edges":822},[818,821],{"id":778,"type":779,"label":819,"file":547,"line":820},"$_POST['shortcode']",384,{"id":783,"type":788,"label":789,"file":547,"line":820,"wp_function":790},[823],{"from":778,"to":783,"sanitized":668},"low",{"entryPoint":826,"graph":827,"unsanitizedCount":29,"severity":824},"ajax_add_preset (inc\\core\\generator.php:490)",{"nodes":828,"edges":836},[829,832],{"id":778,"type":779,"label":830,"file":547,"line":831},"$_POST (x2)",513,{"id":783,"type":788,"label":833,"file":547,"line":834,"wp_function":835},"update_option() [Settings Manipulation]",532,"update_option",[837],{"from":778,"to":783,"sanitized":668},{"entryPoint":839,"graph":840,"unsanitizedCount":29,"severity":824},"ajax_remove_preset (inc\\core\\generator.php:537)",{"nodes":841,"edges":846},[842,844],{"id":778,"type":779,"label":830,"file":547,"line":843},555,{"id":783,"type":788,"label":833,"file":547,"line":845,"wp_function":835},566,[847],{"from":778,"to":783,"sanitized":668},{"entryPoint":849,"graph":850,"unsanitizedCount":29,"severity":824},"\u003Cgenerator> (inc\\core\\generator.php:0)",{"nodes":851,"edges":876},[852,855,859,861,863,865,867,869,871,874],{"id":778,"type":779,"label":853,"file":547,"line":854},"$_REQUEST (x2)",292,{"id":783,"type":788,"label":856,"file":547,"line":857,"wp_function":858},"call_user_func() [RCE]",298,"call_user_func",{"id":787,"type":779,"label":860,"file":547,"line":854},"$_REQUEST",{"id":862,"type":788,"label":789,"file":547,"line":739,"wp_function":790},"n3",{"id":864,"type":779,"label":819,"file":547,"line":820},"n4",{"id":866,"type":788,"label":789,"file":547,"line":820,"wp_function":790},"n5",{"id":868,"type":779,"label":809,"file":547,"line":810},"n6",{"id":870,"type":788,"label":789,"file":547,"line":810,"wp_function":790},"n7",{"id":872,"type":779,"label":873,"file":547,"line":831},"n8","$_POST (x4)",{"id":875,"type":788,"label":833,"file":547,"line":834,"wp_function":835},"n9",[877,878,879,880,881],{"from":778,"to":783,"sanitized":668},{"from":787,"to":862,"sanitized":668},{"from":864,"to":866,"sanitized":668},{"from":868,"to":870,"sanitized":668},{"from":872,"to":875,"sanitized":668},{"entryPoint":883,"graph":884,"unsanitizedCount":431,"severity":336},"settings (inc\\core\\generator.php:285)",{"nodes":885,"edges":890},[886,887,888,889],{"id":778,"type":779,"label":853,"file":547,"line":854},{"id":783,"type":788,"label":856,"file":547,"line":857,"wp_function":858},{"id":787,"type":779,"label":860,"file":547,"line":854},{"id":862,"type":788,"label":789,"file":547,"line":739,"wp_function":790},[891,892],{"from":778,"to":783,"sanitized":662},{"from":787,"to":862,"sanitized":662},{"summary":894,"deductions":895},"The Shortcodes Ultimate plugin version 7.4.9 exhibits a mixed security posture. While it demonstrates good practices in handling SQL queries with 100% prepared statements and a high rate of output escaping (93%), significant concerns arise from its attack surface. The presence of 8 AJAX handlers, with 4 of them lacking authentication checks, presents a substantial risk of unauthorized actions. This is further amplified by taint analysis revealing one high severity flow with unsanitized paths, indicating a potential for attackers to exploit these entry points. The plugin's historical vulnerability record is a major red flag, with 32 known CVEs, predominantly in medium and high severity categories, including critical types like SSRF, XSS, and Path Traversal. Although there are currently no unpatched vulnerabilities, the sheer volume and nature of past issues suggest a recurring pattern of security weaknesses that require diligent attention. The plugin's strengths lie in its secure data handling for SQL and output, but the exposed entry points and past vulnerability trends necessitate caution.",[896,898,900,902],{"reason":897,"points":460},"Unprotected AJAX handlers",{"reason":899,"points":721},"High severity taint flow (unsanitized path)",{"reason":901,"points":189},"Numerous past high\u002Fmedium severity CVEs",{"reason":903,"points":431},"Bundled Freemius v1.0 library","2026-03-16T17:01:14.390Z",{"wat":906,"direct":918},{"assetPaths":907,"generatorPatterns":911,"scriptPaths":912,"versionParams":914},[908,909,910],"\u002Fwp-content\u002Fplugins\u002Fshortcodes-ultimate\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fshortcodes-ultimate\u002Fjs\u002Fabout\u002Findex.js","\u002Fwp-content\u002Fplugins\u002Fshortcodes-ultimate\u002Fvendor\u002Ffreemius\u002Fstart.php",[],[913],"https:\u002F\u002Fplayer.vimeo.com\u002Fapi\u002Fplayer.js",[915,916,917],"shortcodes-ultimate\u002Fstyle.css?ver=","shortcodes-ultimate\u002Fjs\u002Fabout\u002Findex.js?ver=","shortcodes-ultimate\u002Fcss\u002Fadmin.css?ver=",{"cssClasses":919,"htmlComments":984,"htmlAttributes":985,"restEndpoints":1163,"jsGlobals":1164,"shortcodeOutput":1166},[920,921,922,923,924,925,926,927,928,929,930,931,932,933,934,935,936,937,938,939,940,941,942,943,944,945,946,947,948,949,950,951,952,953,954,955,956,957,958,959,960,961,962,963,964,965,966,967,968,969,970,971,972,973,974,975,976,977,978,979,980,981,982,983],"su-btn","su-shortcode","su-section","su-tabs","su-accordion","su-spoiler","su-slider","su-carousel","su-gallery","su-image","su-modal","su-map","su-button","su-infobox","su-box","su-dropcap","su-highlight","su-label","su-qrcode","su-embed","su-post-info","su-post-meta","su-post-taxonomies","su-post-content","su-post-title","su-post-excerpt","su-post-image","su-post-permalink","su-posts","su-testimonials","su-testimonial","su-pricing-table","su-pricing-column","su-feature-box","su-counter","su-progressbar","su-skillbar","su-timeline","su-timeline-item","su-call-to-action","su-countdown","su-divider","su-google-map","su-icon","su-list","su-list-item","su-note","su-page-break","su-parallax","su-responsive","su-responsive-child","su-separator","su-share","su-social-icons","su-social-icon","su-sticky","su-tabs-content","su-tabs-pane","su-tag","su-tooltip","su-tour","su-tour-step","su-video","su-wrap",[],[986,987,988,989,990,991,992,993,994,995,996,997,998,999,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1011,1012,1013,1014,1015,1016,1017,1018,1019,1020,1021,1022,1023,1024,1025,1026,1027,1028,1029,1030,1031,1032,1033,1034,1035,1036,1037,1038,1039,1040,1041,1042,1043,1044,1045,1046,1047,1048,1049,1050,1051,1052,1053,1054,1055,1056,1057,1058,1059,1060,1061,1062,1063,1064,1065,1066,1067,1068,1069,1070,1071,1072,1073,1074,1075,1076,1077,1078,1079,1080,1081,1082,1083,1084,1085,1086,1087,1088,1089,1090,1091,1092,1093,1094,1095,1096,1097,1098,1099,1100,1101,1102,1103,1104,1105,1106,1107,1108,1109,1110,1111,1112,1113,1114,1115,1116,1117,1118,1119,1120,1121,1122,1123,1124,1125,1126,1127,1128,1129,1130,1131,1132,1133,1134,1135,1136,1137,1138,1139,1140,1141,1142,1143,1144,1145,1146,1147,1148,1149,1150,1151,1152,1153,1154,1155,1156,1157,1158,1159,1160,1161,1162],"data-su-id","data-su-title","data-su-content","data-su-type","data-su-width","data-su-height","data-su-animation","data-su-effect","data-su-delay","data-su-timeout","data-su-speed","data-su-interval","data-su-autoplay","data-su-loop","data-su-nav","data-su-dots","data-su-center","data-su-margin","data-su-items","data-su-responsive","data-su-breakpoint","data-su-settings","data-su-tabs","data-su-active-tab","data-su-accordion","data-su-active-accordion","data-su-spoiler","data-su-active-spoiler","data-su-slider","data-su-active-slide","data-su-map-style","data-su-zoom","data-su-scrollwheel","data-su-draggable","data-su-controls","data-su-marker-title","data-su-marker-content","data-su-marker-icon","data-su-marker-color","data-su-infobox-type","data-su-infobox-title","data-su-infobox-content","data-su-button-style","data-su-button-size","data-su-button-color","data-su-button-hover-color","data-su-button-text-color","data-su-button-hover-text-color","data-su-button-border-color","data-su-button-hover-border-color","data-su-button-border-radius","data-su-button-icon","data-su-button-icon-position","data-su-label-color","data-su-label-text-color","data-su-qrcode-size","data-su-qrcode-level","data-su-qrcode-color","data-su-qrcode-background","data-su-embed-width","data-su-embed-height","data-su-post-type","data-su-posts-per-page","data-su-orderby","data-su-order","data-su-category","data-su-tag","data-su-author","data-su-post-status","data-su-offset","data-su-exclude","data-su-include","data-su-meta-key","data-su-meta-value","data-su-taxonomy","data-su-terms","data-su-date-query","data-su-date-query-before","data-su-date-query-after","data-su-date-query-inclusive","data-su-tax-query","data-su-tax-query-field","data-su-tax-query-terms","data-su-tax-query-operator","data-su-tax-query-include-children","data-su-author-meta","data-su-featured-image-size","data-su-featured-image-class","data-su-featured-image-style","data-su-read-more-text","data-su-read-more-url","data-su-testimonial-author","data-su-testimonial-company","data-su-testimonial-image","data-su-pricing-plan-title","data-su-pricing-plan-price","data-su-pricing-plan-period","data-su-pricing-plan-features","data-su-pricing-plan-button-text","data-su-pricing-plan-button-url","data-su-pricing-plan-highlight","data-su-pricing-column-title","data-su-pricing-column-price","data-su-pricing-column-period","data-su-pricing-column-features","data-su-pricing-column-button-text","data-su-pricing-column-button-url","data-su-pricing-column-highlight","data-su-feature-box-title","data-su-feature-box-icon","data-su-feature-box-image","data-su-feature-box-link","data-su-counter-from","data-su-counter-to","data-su-counter-speed","data-su-counter-decimals","data-su-counter-decimalseparator","data-su-counter-thousandsseparator","data-su-counter-suffix","data-su-counter-prefix","data-su-progressbar-value","data-su-progressbar-color","data-su-progressbar-height","data-su-skillbar-value","data-su-timeline-icon","data-su-timeline-color","data-su-timeline-date","data-su-timeline-title","data-su-timeline-content","data-su-call-to-action-text","data-su-call-to-action-button-text","data-su-call-to-action-button-url","data-su-call-to-action-button-color","data-su-countdown-date","data-su-countdown-format","data-su-divider-style","data-su-divider-color","data-su-divider-height","data-su-icon-name","data-su-icon-size","data-su-icon-color","data-su-icon-background","data-su-icon-animation","data-su-list-icon","data-su-list-icon-color","data-su-list-icon-background","data-su-list-item-icon","data-su-list-item-icon-color","data-su-list-item-icon-background","data-su-note-type","data-su-note-title","data-su-page-break-text","data-su-parallax-speed","data-su-parallax-image","data-su-responsive-child-breakpoint","data-su-separator-style","data-su-separator-color","data-su-separator-height","data-su-share-url","data-su-share-title","data-su-social-icon-type","data-su-social-icon-url","data-su-social-icon-color","data-su-social-icon-background","data-su-sticky-top","data-su-sticky-bottom","data-su-sticky-offset","data-su-sticky-class","data-su-tooltip-content","data-su-tooltip-position","data-su-tooltip-animation","data-su-tour-step-title","data-su-tour-step-content","data-su-tour-step-arrow","data-su-video-width","data-su-video-height","data-su-wrap-padding",[],[1165],"window.vimeo",[]]