[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flFu2gEBkCLCmLvZ-lMxuzCjEU7tJN6v_xBCO_Ua6K80":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":136,"fingerprints":478},"simple-video-gallery","Simple Video Gallery","1.0.1","mch0lic","https:\u002F\u002Fprofiles.wordpress.org\u002Fmch0lic\u002F","\u003Cp>Simple Video Gallery (SVG) is easy to use plugin that allows adding videos and playlists (series of videos) into your blog page or post. Currently SVG supports only youtube.com videos with other services to be supported upon request. Plugin has built in stylesheet editor and therefore it should be quite simple to adapt the looks you desire.\u003C\u002Fp>\n\u003Cp>You can help us to improve Simple Video Gallery plugin by suggesting new features or report existing bugs \u003Ca href=\"http:\u002F\u002Fmindomobile.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>. We appreciate any help!\u003C\u002Fp>\n\u003Cp>Become our \u003Ca href=\"http:\u002F\u002Fwww.facebook.com\u002FMindoMobileSolutions\" rel=\"nofollow ugc\">\u003Cstrong>Facebook\u003C\u002Fstrong>\u003C\u002Fa> fan to keep up with the latest updates. You can also find us on \u003Cstrong>Google+\u003C\u002Fstrong> circles \u003Ca href=\"https:\u002F\u002Fplus.google.com\u002F116940685804905541644\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>ENJOY!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Translations Credits\u003C\u002Fstrong>\u003Cbr \u002F>\nSerbo\u002FCroatian – Borisa Djuraskovic\u003C\u002Fp>\n","Simple video gallery plugin for WordPress!",10,5252,100,2,"2013-11-17T11:20:00.000Z","3.7.41","3.0","",[20,21,22,23,24],"admin","page","posts","video","youtube","http:\u002F\u002Fmindomobile.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-video-gallery.1.0.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},3,40,30,84,"2026-04-05T17:25:20.060Z",[39,61,82,100,119],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":57,"download_link":58,"security_score":59,"vuln_count":14,"unpatched_count":28,"last_vuln_date":60,"fetched_at":30},"wp-admin-ui-customize","WP Admin UI Customize","1.5.14","gqevu6bsiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fgqevu6bsiz\u002F","\u003Cul>\n\u003Cli>Dashboard\u003C\u002Fli>\n\u003Cli>Display options tab\u003C\u002Fli>\n\u003Cli>Output-meta site\u003C\u002Fli>\n\u003Cli>Admin bar (Toolbar)\u003C\u002Fli>\n\u003Cli>Admin menu (Side menu)\u003C\u002Fli>\n\u003Cli>Management of meta boxes\u003C\u002Fli>\n\u003Cli>Login screen\u003C\u002Fli>\n\u003Cli>Other features.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These to Customization is possible.\u003C\u002Fp>\n\u003Ch3>日本語でのご説明\u003C\u002Fh3>\n\u003Cp>このプラグインは、管理画面UIのカスタマイズをするプラグインです。\u003Cbr \u002F>\n「ダッシュボード」「オプションタブ」「サイトのメタタグ管理」「管理バー」「管理メニュー」「メタボックス」「ログイン画面」\u003Cbr \u002F>\nこれらのカスタマイズを、このプラグインひとつで出来ます。\u003C\u002Fp>\n","Customize the management screen UI.",30000,390623,92,59,"2024-11-20T02:52:00.000Z","4.9.29","4.2",[20,55,21,56,22],"option","post","http:\u002F\u002Fwpadminuicustomize.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-admin-ui-customize.1.5.14.zip",91,"2024-11-26 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":18,"tags":76,"homepage":80,"download_link":81,"security_score":49,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"lh-archived-post-status","LH Archived Post Status","3.11","shawfactor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawfactor\u002F","\u003Cp>This plugin allows you to archive your WordPress content similar to the way you archive your e-mail. Unlike other archiving solutions though this actually does it all and does it properly\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Makes a new post status available in the drop down called Archived\u003C\u002Fli>\n\u003Cli>Hides or removes your content without having to trash the content\u003C\u002Fli>\n\u003Cli>Content can either be hidden entirely from public view  or simply from the main loop and feed and pages, with other solutions you can only hide it from public view.\u003C\u002Fli>\n\u003Cli>Allows you to add a label to the title of those posts\u002Fpages etc that are archived\u003C\u002Fli>\n\u003Cli>Allows you to add a message to the top of the post\u002Fpage etc that the content is no longer up too date\u003C\u002Fli>\n\u003Cli>Allows you to set an archiving date after which content is automatically changed to having an archived status\u003C\u002Fli>\n\u003Cli>Compatible with posts, pages and custom post types\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is ideal for sites where certain kinds of content is not meant to be evergreen\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like this plugin? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Flh-archived-post-status\u002F\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Love this plugin or want to help the LocalHero Project? Please consider \u003Ca href=\"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-archived-post-status\u002F\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n","Allows posts and pages to be archived so you can remove content from the main loop and feed without having to trash it.",4000,50462,82,18,"2024-10-16T05:00:00.000Z","6.6.5","5.0",[20,77,22,78,79],"pages","status","workflow","https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-archived-post-status\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-archived-post-status.zip",{"slug":83,"name":84,"version":6,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":98,"download_link":99,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"hifi","HiFi (Head Injection, Foot Injection)","farinspace","https:\u002F\u002Fprofiles.wordpress.org\u002Ffarinspace\u002F","\u003Cp>HiFi is a head injection and foot injection plugin (or head include, foot include, head insert, foot insert, what ever you want to call it). It basically allows you to inject \u003Ccode>\u003Cscript>\u003C\u002Fcode>, \u003Ccode>\u003Cstyle>\u003C\u002Fcode>, \u003Ccode>\u003Cmeta>\u003C\u002Fcode> and any other code you want into the head and foot areas of your posts and pages. The code injected is page-specific, this means that only the pages you want code inserted into will be affected.\u003C\u002Fp>\n\u003Cp>This plugin is most useful when you have specific functionality that needs to be added on a per-post\u002Fpage basis.\u003C\u002Fp>\n","HiFi is a head and foot injection plugin. It allows you to inject code into the head and foot areas of your posts and pages on a per-page basis.",2000,29744,96,5,"2010-12-01T20:47:00.000Z","3.0.5","2.9.2",[20,97,21,56,22],"head","http:\u002F\u002Ffarinspace.com\u002F2010\u002F03\u002Fwordpress-hifi-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhifi.1.0.1.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":89,"downloaded":108,"rating":109,"num_ratings":11,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":117,"download_link":118,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"sortable-word-count-reloaded","Sortable Word Count Reloaded","1.0.3","apasionados","https:\u002F\u002Fprofiles.wordpress.org\u002Fapasionados\u002F","\u003Cp>Adds a sortable column to the posts and pages admin list with the word count of each page\u002Fpost.\u003C\u002Fp>\n\u003Cp>With this plugin you can see the word count for the posts and pages in the list view and sort them.\u003C\u002Fp>\n\u003Cp>This plugin is an enhanced version of the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsortable-word-count\u002F\" rel=\"ugc\">Sortable Word Count\u003C\u002Fa>. We decided to create this reloaded version of the plugin, because we wanted to be able to translate it and change the word count function so that it gets the correct word count by filtering comments and other page builder code.\u003C\u002Fp>\n\u003Ch4>What can I do with this plugin?\u003C\u002Fh4>\n\u003Cp>The plugin adds a sortable column to the posts and pages admin list with the word count of each page\u002Fpost.\u003C\u002Fp>\n\u003Ch4>System requirements\u003C\u002Fh4>\n\u003Cp>PHP version 5.6 or greater.\u003C\u002Fp>\n\u003Ch4>Sortable Word Count Reloaded Plugin in your Language!\u003C\u002Fh4>\n\u003Cp>This first release is avaliable in English and Spanish. In the “languages” folder we have included the necessary files to translate this plugin.\u003C\u002Fp>\n\u003Cp>If you would like the plugin in your language and you’re good at translating, please drop us a line at \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-sortable-word-count-reloaded-home\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cp>You can access the description of the plugin in Spanish at: \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fblog\u002F\" rel=\"nofollow ugc\">Columna palabras ordenable | WordPress Plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For further information please send us an \u003Ca href=\"https:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-sortable-word-count-reloaded\" rel=\"nofollow ugc\">email\u003C\u002Fa>.\u003C\u002Fp>\n","Adds a sortable column to the posts and pages admin list with the word count of each page\u002Fpost.",12999,74,"2026-01-27T14:07:00.000Z","6.9.4","4.0.1","5.6",[20,115,77,22,116],"column","word-count","https:\u002F\u002Fapasionados.es\u002Fblog\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsortable-word-count-reloaded.zip",{"slug":120,"name":121,"version":122,"author":43,"author_profile":44,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":18,"tags":132,"homepage":134,"download_link":135,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"post-lists-view-custom","Post Lists View Custom","1.7.4","\u003Cul>\n\u003Cli>All Posts List View\u003C\u002Fli>\n\u003Cli>All Page List View\u003C\u002Fli>\n\u003Cli>Custom Post Type List View\u003C\u002Fli>\n\u003Cli>Media Library List View\u003C\u002Fli>\n\u003Cli>Comments List View\u003C\u002Fli>\n\u003Cli>Available Widgets List View\u003C\u002Fli>\n\u003Cli>Menus to show on screen\u003C\u002Fli>\n\u003Cli>Menus to show advanced menu properties\u003C\u002Fli>\n\u003Cli>Users List View\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These list to customization is possible.\u003C\u002Fp>\n\u003Ch3>日本語でのご説明\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>投稿一覧\u003C\u002Fli>\n\u003Cli>ページ一覧\u003C\u002Fli>\n\u003Cli>カスタム投稿タイプ一覧\u003C\u002Fli>\n\u003Cli>メディア一覧\u003C\u002Fli>\n\u003Cli>コメント一覧\u003C\u002Fli>\n\u003Cli>利用できるウィジェット一覧\u003C\u002Fli>\n\u003Cli>メニューの表示一覧\u003C\u002Fli>\n\u003Cli>メニューの拡張表示一覧\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>これらの一覧表示をカスタマイズするプラグインです。\u003Cbr \u002F>\nアイキャッチ画像やカスタムフィールドの項目、記事のIDを一覧に表示することが可能です。\u003Cbr \u002F>\nまた、表示の順番も自由に変更できます。\u003C\u002Fp>\n","Customize the list of the post and page and the custom post type.",1000,21691,80,7,"2015-08-13T17:25:00.000Z","4.3.34","3.8",[20,21,56,22,133],"upload","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpost-lists-view-custom\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-lists-view-custom.1.7.4.zip",{"attackSurface":137,"codeSignals":169,"taintFlows":221,"riskAssessment":462,"analyzedAt":477},{"hooks":138,"ajaxHandlers":148,"restRoutes":157,"shortcodes":158,"cronEvents":167,"entryPointCount":168,"unprotectedCount":14},[139,144],{"type":140,"name":141,"callback":141,"file":142,"line":143},"action","admin_menu","simple-video-gallery.php",33,{"type":140,"name":145,"callback":146,"file":142,"line":147},"admin_init","admin_install",34,[149,155],{"action":150,"nopriv":151,"callback":152,"hasNonce":153,"hasCapCheck":153,"file":142,"line":154},"svg-request",true,"ajax_request",false,41,{"action":150,"nopriv":153,"callback":152,"hasNonce":153,"hasCapCheck":153,"file":142,"line":156},42,[],[159,163],{"tag":160,"callback":161,"file":142,"line":162},"svgvideo","getVideoShortcode",37,{"tag":164,"callback":165,"file":142,"line":166},"svgplaylist","getPlaylistShortcode",38,[],4,{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":211,"fileOperations":92,"externalRequests":172,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":220},[],{"prepared":172,"raw":173,"locations":174},1,15,[175,179,182,184,186,188,191,194,196,198,200,202,204,206,209],{"file":176,"line":177,"context":178},"components\\svg_default.php",68,"$wpdb->get_results() with variable interpolation",{"file":176,"line":180,"context":181},105,"$wpdb->get_row() with variable interpolation",{"file":176,"line":183,"context":181},127,{"file":176,"line":185,"context":178},131,{"file":176,"line":187,"context":178},213,{"file":176,"line":189,"context":190},256,"$wpdb->query() with variable interpolation",{"file":192,"line":193,"context":178},"components\\svg_playlists.php",64,{"file":192,"line":195,"context":181},99,{"file":192,"line":197,"context":181},130,{"file":192,"line":199,"context":190},157,{"file":192,"line":201,"context":190},158,{"file":142,"line":203,"context":181},150,{"file":142,"line":205,"context":178},190,{"file":142,"line":207,"context":208},208,"$wpdb->get_var() with variable interpolation",{"file":142,"line":210,"context":181},266,{"escaped":172,"rawEcho":33,"locations":212},[213,216,218],{"file":142,"line":214,"context":215},133,"raw output",{"file":142,"line":217,"context":215},267,{"file":142,"line":219,"context":215},268,[],[222,284,310,321,333,341,358,374,396,410,423,437,451],{"entryPoint":223,"graph":224,"unsanitizedCount":282,"severity":283},"viewIndex (components\\svg_configure.php:46)",{"nodes":225,"edges":274},[226,231,236,239,241,245,247,251,253,257,259,263,265,269],{"id":227,"type":228,"label":229,"file":230,"line":195},"n0","source","$_REQUEST['playlistline']","components\\svg_configure.php",{"id":232,"type":233,"label":234,"file":230,"line":195,"wp_function":235},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":237,"type":228,"label":238,"file":230,"line":13},"n2","$_REQUEST['playlistpage']",{"id":240,"type":233,"label":234,"file":230,"line":13,"wp_function":235},"n3",{"id":242,"type":228,"label":243,"file":230,"line":244},"n4","$_REQUEST['embed']",101,{"id":246,"type":233,"label":234,"file":230,"line":244,"wp_function":235},"n5",{"id":248,"type":228,"label":249,"file":230,"line":250},"n6","$_REQUEST['playlistthumbnailsize']",102,{"id":252,"type":233,"label":234,"file":230,"line":250,"wp_function":235},"n7",{"id":254,"type":228,"label":255,"file":230,"line":256},"n8","$_REQUEST['playlisttitle']",103,{"id":258,"type":233,"label":234,"file":230,"line":256,"wp_function":235},"n9",{"id":260,"type":228,"label":261,"file":230,"line":262},"n10","$_REQUEST['playlistplayback']",104,{"id":264,"type":233,"label":234,"file":230,"line":262,"wp_function":235},"n11",{"id":266,"type":228,"label":267,"file":230,"line":268},"n12","$_GET (x2)",50,{"id":270,"type":233,"label":271,"file":230,"line":272,"wp_function":273},"n13","wp_redirect() [Open Redirect]",106,"wp_redirect",[275,276,277,278,279,280,281],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"from":242,"to":246,"sanitized":153},{"from":248,"to":252,"sanitized":153},{"from":254,"to":258,"sanitized":153},{"from":260,"to":264,"sanitized":153},{"from":266,"to":270,"sanitized":153},8,"medium",{"entryPoint":285,"graph":286,"unsanitizedCount":282,"severity":283},"\u003Csvg_configure> (components\\svg_configure.php:0)",{"nodes":287,"edges":302},[288,289,290,291,292,293,294,295,296,297,298,299,300,301],{"id":227,"type":228,"label":229,"file":230,"line":195},{"id":232,"type":233,"label":234,"file":230,"line":195,"wp_function":235},{"id":237,"type":228,"label":238,"file":230,"line":13},{"id":240,"type":233,"label":234,"file":230,"line":13,"wp_function":235},{"id":242,"type":228,"label":243,"file":230,"line":244},{"id":246,"type":233,"label":234,"file":230,"line":244,"wp_function":235},{"id":248,"type":228,"label":249,"file":230,"line":250},{"id":252,"type":233,"label":234,"file":230,"line":250,"wp_function":235},{"id":254,"type":228,"label":255,"file":230,"line":256},{"id":258,"type":233,"label":234,"file":230,"line":256,"wp_function":235},{"id":260,"type":228,"label":261,"file":230,"line":262},{"id":264,"type":233,"label":234,"file":230,"line":262,"wp_function":235},{"id":266,"type":228,"label":267,"file":230,"line":268},{"id":270,"type":233,"label":271,"file":230,"line":272,"wp_function":273},[303,304,305,306,307,308,309],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"from":242,"to":246,"sanitized":153},{"from":248,"to":252,"sanitized":153},{"from":254,"to":258,"sanitized":153},{"from":260,"to":264,"sanitized":153},{"from":266,"to":270,"sanitized":153},{"entryPoint":311,"graph":312,"unsanitizedCount":33,"severity":283},"viewAddVideo (components\\svg_default.php:174)",{"nodes":313,"edges":319},[314,317],{"id":227,"type":228,"label":315,"file":176,"line":316},"$_GET (x3)",178,{"id":232,"type":233,"label":271,"file":176,"line":318,"wp_function":273},203,[320],{"from":227,"to":232,"sanitized":153},{"entryPoint":322,"graph":323,"unsanitizedCount":172,"severity":332},"viewIndex (components\\svg_css.php:45)",{"nodes":324,"edges":330},[325,329],{"id":227,"type":228,"label":326,"file":327,"line":328},"$_REQUEST['css']","components\\svg_css.php",60,{"id":232,"type":233,"label":234,"file":327,"line":328,"wp_function":235},[331],{"from":227,"to":232,"sanitized":153},"low",{"entryPoint":334,"graph":335,"unsanitizedCount":172,"severity":332},"\u003Csvg_css> (components\\svg_css.php:0)",{"nodes":336,"edges":339},[337,338],{"id":227,"type":228,"label":326,"file":327,"line":328},{"id":232,"type":233,"label":234,"file":327,"line":328,"wp_function":235},[340],{"from":227,"to":232,"sanitized":153},{"entryPoint":342,"graph":343,"unsanitizedCount":33,"severity":357},"viewEditVideo (components\\svg_default.php:95)",{"nodes":344,"edges":354},[345,347,350,352],{"id":227,"type":228,"label":346,"file":176,"line":180},"$_REQUEST['video_id'] (x2)",{"id":232,"type":233,"label":348,"file":176,"line":180,"wp_function":349},"get_row() [SQLi]","get_row",{"id":237,"type":228,"label":351,"file":176,"line":195},"$_GET",{"id":240,"type":233,"label":271,"file":176,"line":353,"wp_function":273},124,[355,356],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},"high",{"entryPoint":359,"graph":360,"unsanitizedCount":14,"severity":357},"viewDeleteVideo (components\\svg_default.php:250)",{"nodes":361,"edges":371},[362,364,367,369],{"id":227,"type":228,"label":363,"file":176,"line":189},"$_REQUEST['video_id']",{"id":232,"type":233,"label":365,"file":176,"line":189,"wp_function":366},"query() [SQLi]","query",{"id":237,"type":228,"label":351,"file":176,"line":368},253,{"id":240,"type":233,"label":271,"file":176,"line":370,"wp_function":273},260,[372,373],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"entryPoint":375,"graph":376,"unsanitizedCount":395,"severity":357},"\u003Csvg_default> (components\\svg_default.php:0)",{"nodes":377,"edges":390},[378,379,380,382,383,384,385,386],{"id":227,"type":228,"label":346,"file":176,"line":180},{"id":232,"type":233,"label":348,"file":176,"line":180,"wp_function":349},{"id":237,"type":228,"label":381,"file":176,"line":195},"$_GET (x5)",{"id":240,"type":233,"label":271,"file":176,"line":353,"wp_function":273},{"id":242,"type":228,"label":363,"file":176,"line":189},{"id":246,"type":233,"label":365,"file":176,"line":189,"wp_function":366},{"id":248,"type":228,"label":351,"file":176,"line":217},{"id":252,"type":233,"label":387,"file":176,"line":388,"wp_function":389},"file_get_contents() [SSRF\u002FLFI]",298,"file_get_contents",[391,392,393,394],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"from":242,"to":246,"sanitized":153},{"from":248,"to":252,"sanitized":153},9,{"entryPoint":397,"graph":398,"unsanitizedCount":168,"severity":357},"viewEditPlaylist (components\\svg_playlists.php:89)",{"nodes":399,"edges":407},[400,402,403,405],{"id":227,"type":228,"label":401,"file":192,"line":195},"$_REQUEST['playlist_id'] (x2)",{"id":232,"type":233,"label":348,"file":192,"line":195,"wp_function":349},{"id":237,"type":228,"label":267,"file":192,"line":404},93,{"id":240,"type":233,"label":271,"file":192,"line":406,"wp_function":273},123,[408,409],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"entryPoint":411,"graph":412,"unsanitizedCount":33,"severity":357},"viewDeletePlaylist (components\\svg_playlists.php:151)",{"nodes":413,"edges":420},[414,415,416,418],{"id":227,"type":228,"label":401,"file":192,"line":199},{"id":232,"type":233,"label":365,"file":192,"line":199,"wp_function":366},{"id":237,"type":228,"label":351,"file":192,"line":417},154,{"id":240,"type":233,"label":271,"file":192,"line":419,"wp_function":273},161,[421,422],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"entryPoint":424,"graph":425,"unsanitizedCount":128,"severity":357},"\u003Csvg_playlists> (components\\svg_playlists.php:0)",{"nodes":426,"edges":433},[427,428,429,430,431,432],{"id":227,"type":228,"label":401,"file":192,"line":195},{"id":232,"type":233,"label":348,"file":192,"line":195,"wp_function":349},{"id":237,"type":228,"label":315,"file":192,"line":404},{"id":240,"type":233,"label":271,"file":192,"line":406,"wp_function":273},{"id":242,"type":228,"label":401,"file":192,"line":199},{"id":246,"type":233,"label":365,"file":192,"line":199,"wp_function":366},[434,435,436],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"from":242,"to":246,"sanitized":153},{"entryPoint":438,"graph":439,"unsanitizedCount":33,"severity":357},"ajax_request (simple-video-gallery.php:259)",{"nodes":440,"edges":448},[441,442,443,445],{"id":227,"type":228,"label":363,"file":142,"line":210},{"id":232,"type":233,"label":348,"file":142,"line":210,"wp_function":349},{"id":237,"type":228,"label":444,"file":142,"line":210},"$_REQUEST (x2)",{"id":240,"type":233,"label":446,"file":142,"line":217,"wp_function":447},"echo() [XSS]","echo",[449,450],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"entryPoint":452,"graph":453,"unsanitizedCount":33,"severity":357},"\u003Csimple-video-gallery> (simple-video-gallery.php:0)",{"nodes":454,"edges":459},[455,456,457,458],{"id":227,"type":228,"label":363,"file":142,"line":210},{"id":232,"type":233,"label":348,"file":142,"line":210,"wp_function":349},{"id":237,"type":228,"label":444,"file":142,"line":210},{"id":240,"type":233,"label":446,"file":142,"line":217,"wp_function":447},[460,461],{"from":227,"to":232,"sanitized":153},{"from":237,"to":240,"sanitized":153},{"summary":463,"deductions":464},"The \"simple-video-gallery\" v1.0.1 plugin exhibits a concerning security posture primarily due to significant vulnerabilities identified in static and taint analysis. While the plugin has no recorded vulnerability history, suggesting it hasn't been publicly exploited or discovered in the past, this does not negate the immediate risks present in the current code.  The analysis highlights two unprotected AJAX handlers, which are direct entry points for potential attacks.  Furthermore, a high number of taint flows (8 out of 13 analyzed) with unsanitized paths indicate a strong likelihood of data being processed without proper validation or sanitization, especially concerning as these are flagged as high severity.  The plugin also uses prepared statements for only 6% of its SQL queries, increasing the risk of SQL injection vulnerabilities.  The lack of nonce checks and capability checks on its entry points, combined with limited output escaping (only 25% properly escaped), leaves the plugin exposed to various attacks, including Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF).\n\nDespite the absence of known CVEs, the internal code analysis reveals substantial weaknesses that require immediate attention. The plugin's attack surface, while relatively small in terms of total entry points, is significantly weakened by the lack of authentication and authorization checks on critical handlers. The high volume of unsanitized paths in taint analysis is a critical indicator of potential security flaws that could be exploited. While the plugin doesn't bundle external libraries, the direct use of dangerous functions is also absent.  The plugin's strengths lie in its lack of known historical vulnerabilities and the absence of dangerous functions, which suggests a potentially contained initial development. However, the identified code analysis findings strongly suggest that the plugin is not robustly secured and carries a high risk of exploitation without urgent remediation.",[465,467,469,471,473,475],{"reason":466,"points":11},"Unprotected AJAX handlers",{"reason":468,"points":173},"High severity taint flows with unsanitized paths",{"reason":470,"points":11},"Low percentage of SQL queries using prepared statements",{"reason":472,"points":282},"Low percentage of properly escaped output",{"reason":474,"points":11},"Missing nonce checks on entry points",{"reason":476,"points":11},"Missing capability checks on entry points","2026-03-16T23:45:43.098Z",{"wat":479,"direct":488},{"assetPaths":480,"generatorPatterns":483,"scriptPaths":484,"versionParams":485},[481,482],"\u002Fwp-content\u002Fplugins\u002Fsimple-video-gallery\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fsimple-video-gallery\u002Fjs\u002Fsvg-video.js",[],[482],[486,487],"simple-video-gallery\u002Fcss\u002Fstyle.css?ver=","simple-video-gallery\u002Fjs\u002Fsvg-video.js?ver=",{"cssClasses":489,"htmlComments":493,"htmlAttributes":494,"restEndpoints":495,"jsGlobals":496,"shortcodeOutput":498},[490,491,492],"svg-video-item","svg-video-item-title","svg-video-item-padding",[],[23],[],[497],"svgAjax",[499,500,501,502],"\u003Cdiv id=\"svg-video\">","\u003Cdiv class=\"svg-video-item","\u003Cdiv class=\"svg-video-item-title","\u003Ca href=\"#\" class=\"playVideo\""]