[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGmw02mF4hDewhdIaHVmkulN16osSCb6R2mrgcmLEJoo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":18,"download_link":19,"security_score":20,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":30,"analysis":31,"fingerprints":190},"simple-google-news-de","Simple Google News DE","1.8","baynado","https:\u002F\u002Fprofiles.wordpress.org\u002Fbaynado\u002F","\u003Cp>Dieses Plugin kann als Widget oder per Shortcode genutzt werden.\u003C\u002Fp>\n\u003Cp>Das ‘Simple Google News DE’ WordPress Plugin erleichtert die Anzeige der Google News Ergebnisse auf Deiner WordPress Website. Per Shortcode wird der Google News Stream zu einem Thema in Deinem Artikel oder Seite dargestellt nutze dafür einfach folgenden Shortcode:\u003C\u002Fp>\n\u003Cp>[google_news]\u003C\u002Fp>\n\u003Cp>Im Widget kannst Du die Region der Nachrichten auswählen, aktuell sin die Regin auf Deutschland, Österreich, Schweiz, Großbritannien und die USA beschränkt. Auf Anfrage kann ich gerne weitere Regionen hinzufügen.\u003C\u002Fp>\n\u003Ch4>Parameter\u003C\u002Fh4>\n\u003Cp>Es gibt eine Handvoll  optionale Parameter, die man verwenden kann, um die Ausgabe anzupassen.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>query\u003C\u002Fstrong> \u003Cem>Default: none\u003C\u002Fem>. Verwende diese Option, wenn Du Nachrichten zu einem bestimmten Wort oder Ausdruck von Google News einbinden moechtest.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>limit\u003C\u002Fstrong> \u003Cem>Default: 5, Max: 10\u003C\u002Fem>. Mit dem Parameter “Limit”, kannst Du die maximale Anzahl der Ergebnisse festlegen, die in Deinem Beitrag oder Seite angezeigt werden.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>images\u003C\u002Fstrong> \u003Cem>Default: on\u003C\u002Fem>. Die Bilder werden standardmässig angezeigt. Wenn Du sie ausschalten möchtest, stelle den Bildern Parameter auf “Off”. Hinweis: Nicht alle Nachrichten Storys werden ein Bild haben.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>length\u003C\u002Fstrong> \u003Cem>Default: 300\u003C\u002Fem>. Der Parameter “length” steuert die Anzahl der Zeichen in der Beschreibung (wird auf das nächste ganze Wort gerundet), die angezeigt werden sollen.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>region\u003C\u002Fstrong> \u003Cem>Default: de\u003C\u002Fem>. Mit dem Parameter “Region”, kannst Du  Nachrichten von einem bestimmten Teil der Welt anzeigen lassen. Um die Liste der aktuell unterstützten Regionen zu sehen, besuche [link] (https:\u002F\u002Fsupport.google.com\u002Fnews\u002Fanswer\u002F40237?hl=de “Diese Seite”). Beachte den Parameter “definiert”, die in jeder Region Link vorhanden ist. Zum Beispiel Österreich de_at Parameter auf ‘de_at’ eingestellt ist. Das ist der Wert, den Du verwendest, um Nachrichten aus der jeweiligen Region anzuzeigen.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>sort\u003C\u002Fstrong> \u003Cem>Default: relevancy\u003C\u002Fem>. Dieser Parameter gibt Dir zusätzliche Kontrolle über die Ergebnisse, die zurückgegeben werden. Hier ist eine Liste der zulässigen Werte:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>r (Relevanz)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>n nach Datum (neuste zuerst)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>d nach Datum (neuste zuerst mit Duplikaten)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>o nach Datum (Älteste zuerst)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>topic\u003C\u002Fstrong>  \u003Cem>Default: none\u003C\u002Fem>. Dieser Parameter zeigt Neuigkeiten nach einem Thema an (z.B.: Technologie, Unterhaltung, usw. Zum Beispiel, Technik Ergebnisse werden, mit diesen Shortcode angezeigt:\u003C\u002Fp>\n\u003Cp>[google_news limit=”2″ topic=”t”]\u003C\u002Fp>\n\u003Cp>Hinweis: der Themen Parameter überschreibt die Abfrageparameter. Also, wenn Du dieses versuchst:\u003C\u002Fp>\n\u003Cp>[google_news query=”android” topic=”t”]\u003C\u002Fp>\n\u003Cp>Google News wird also diese Abfrage zu ignorieren.\u003C\u002Fp>\n\u003Cp>Die Themen Werte kannst Du nutzen:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>b (Wirtschaft)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>t (Technik)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>e (Unterhaltung)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>s (Sport)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>snc (Wissenschaft)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>m (Gesundheit)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>ir (Schlagzeilen)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Donate link: https:\u002F\u002Finternet-pr-beratung.de\u002F Author URI: https:\u002F\u002Finternet-pr-beratung.de\u002F Plugin URI: https:\u002F\u002Finternet-pr-beratung.",30,14646,80,6,"2019-12-05T13:17:00.000Z","",[],"https:\u002F\u002Finternet-pr-beratung.de\u002Fsimple-google-news-de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-google-news-de.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":20,"avg_patch_time_days":11,"trust_score":28,"computed_at":29},3,140,84,"2026-04-04T21:03:08.812Z",[],{"attackSurface":32,"codeSignals":64,"taintFlows":174,"riskAssessment":175,"analyzedAt":189},{"hooks":33,"ajaxHandlers":53,"restRoutes":54,"shortcodes":55,"cronEvents":62,"entryPointCount":63,"unprotectedCount":21},[34,40,44,49,51],{"type":35,"name":36,"callback":37,"file":38,"line":39},"action","widgets_init","anonymous","languages\\simple-google-news-de.php",369,{"type":35,"name":41,"callback":42,"file":38,"line":43},"admin_menu","simple_google_news_de_menu",374,{"type":35,"name":45,"callback":46,"file":47,"line":48},"admin_print_footer_scripts","custom_quicktags","simple-google-news-de.php",274,{"type":35,"name":36,"callback":37,"file":47,"line":50},411,{"type":35,"name":41,"callback":42,"file":47,"line":52},415,[],[],[56,60],{"tag":57,"callback":58,"file":38,"line":59},"google_news","init_google_news",51,{"tag":57,"callback":58,"file":47,"line":61},50,[],2,{"dangerousFunctions":65,"sqlUsage":70,"outputEscaping":72,"fileOperations":172,"externalRequests":21,"nonceChecks":21,"capabilityChecks":63,"bundledLibraries":173},[66,69],{"fn":67,"file":38,"line":39,"context":68},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"google_news_widget\");'))",{"fn":67,"file":47,"line":50,"context":68},{"prepared":21,"raw":21,"locations":71},[],{"escaped":21,"rawEcho":73,"locations":74},64,[75,78,80,81,82,84,86,87,88,90,92,93,95,96,98,100,101,103,104,106,108,109,110,112,114,115,117,118,120,122,123,125,127,129,131,132,133,134,135,136,137,138,139,140,142,143,144,145,146,148,149,151,153,154,155,157,159,160,162,163,165,167,168,170],{"file":38,"line":76,"context":77},264,"raw output",{"file":38,"line":79,"context":77},265,{"file":38,"line":79,"context":77},{"file":38,"line":79,"context":77},{"file":38,"line":83,"context":77},271,{"file":38,"line":85,"context":77},272,{"file":38,"line":85,"context":77},{"file":38,"line":85,"context":77},{"file":38,"line":89,"context":77},277,{"file":38,"line":91,"context":77},278,{"file":38,"line":91,"context":77},{"file":38,"line":94,"context":77},283,{"file":38,"line":94,"context":77},{"file":38,"line":97,"context":77},291,{"file":38,"line":99,"context":77},292,{"file":38,"line":99,"context":77},{"file":38,"line":102,"context":77},297,{"file":38,"line":102,"context":77},{"file":38,"line":105,"context":77},305,{"file":38,"line":107,"context":77},306,{"file":38,"line":107,"context":77},{"file":38,"line":107,"context":77},{"file":38,"line":111,"context":77},311,{"file":38,"line":113,"context":77},312,{"file":38,"line":113,"context":77},{"file":38,"line":116,"context":77},317,{"file":38,"line":116,"context":77},{"file":38,"line":119,"context":77},327,{"file":38,"line":121,"context":77},328,{"file":38,"line":121,"context":77},{"file":38,"line":124,"context":77},361,{"file":47,"line":126,"context":77},166,{"file":47,"line":128,"context":77},298,{"file":47,"line":130,"context":77},299,{"file":47,"line":130,"context":77},{"file":47,"line":130,"context":77},{"file":47,"line":105,"context":77},{"file":47,"line":107,"context":77},{"file":47,"line":107,"context":77},{"file":47,"line":107,"context":77},{"file":47,"line":111,"context":77},{"file":47,"line":113,"context":77},{"file":47,"line":113,"context":77},{"file":47,"line":141,"context":77},319,{"file":47,"line":141,"context":77},{"file":47,"line":119,"context":77},{"file":47,"line":121,"context":77},{"file":47,"line":121,"context":77},{"file":47,"line":147,"context":77},335,{"file":47,"line":147,"context":77},{"file":47,"line":150,"context":77},343,{"file":47,"line":152,"context":77},344,{"file":47,"line":152,"context":77},{"file":47,"line":152,"context":77},{"file":47,"line":156,"context":77},349,{"file":47,"line":158,"context":77},350,{"file":47,"line":158,"context":77},{"file":47,"line":161,"context":77},357,{"file":47,"line":161,"context":77},{"file":47,"line":164,"context":77},367,{"file":47,"line":166,"context":77},368,{"file":47,"line":166,"context":77},{"file":47,"line":169,"context":77},403,{"file":47,"line":171,"context":77},511,13,[],[],{"summary":176,"deductions":177},"The \"simple-google-news-de\" plugin version 1.8 presents a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and has a clean vulnerability history with no recorded CVEs.  Furthermore, the static analysis shows a limited attack surface with no exposed AJAX handlers or REST API routes without proper authentication, and no discovered taint flows indicating potential security risks.\n\nHowever, several significant concerns emerge from the code analysis. The presence of two instances of the deprecated `create_function()` function is a major red flag, as this function is known to be a potential source of security vulnerabilities. Additionally, a concerning 0% of the 64 total output operations are properly escaped, leaving the plugin highly susceptible to Cross-Site Scripting (XSS) attacks. The absence of any nonce checks, combined with limited capability checks on the identified entry points (shortcodes), further exacerbates the XSS risk and opens potential avenues for unauthorized actions.\n\nWhile the plugin's lack of historical vulnerabilities is a positive indicator, it does not negate the immediate risks identified in the current code. The combination of unescaped output and the insecure `create_function()` creates a substantial risk of XSS vulnerabilities that could be exploited.  Therefore, despite a clean history, the plugin's current implementation requires significant attention to address the identified security weaknesses.",[178,181,184,187],{"reason":179,"points":180},"Use of deprecated create_function()",10,{"reason":182,"points":183},"Output escaping is 0%",8,{"reason":185,"points":186},"No nonce checks",7,{"reason":188,"points":26},"Limited capability checks","2026-03-16T22:27:06.572Z",{"wat":191,"direct":198},{"assetPaths":192,"generatorPatterns":194,"scriptPaths":195,"versionParams":196},[193],"\u002Fwp-content\u002Fplugins\u002Fsimple-google-news-de\u002Fcss\u002Fstyle.css",[],[],[197],"simple-google-news-de\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":199,"htmlComments":205,"htmlAttributes":206,"restEndpoints":214,"jsGlobals":215,"shortcodeOutput":216},[200,201,202,203,204],"googlenewscontainer","newsresult","google_news_title","newsimage","smallattribution",[],[207,208,209,210,211,212,213],"data-query","data-region","data-topic","data-limit","data-images","data-length","data-sort",[],[],[217,218,219,220,221,222,223,224,225,226,227,220,228,229,230,231,232,233],"\u003Cdiv id=\"googlenewscontainer\">","\u003Cdiv class=\"newsresult\">","\u003Ca href=\"","\" class=\"google_news_title\" rel=\"nofollow\" target=\"_blank\">","\u003Cdiv class=\"newsimage\">","\u003Cimg src=\"","\" alt=\"","\" title=\"","\u002F>\u003C\u002Fdiv>","\u003Ca title=\"","\" href=\"","\u003C\u002Fa>","\u003Cp>\u003Cspan class=\"smallattribution\">"," - ","\u003C\u002Fspan>\u003Cbr \u002F>","...\u003C\u002Fp>","\u003C\u002Fdiv>"]