[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0UPcwpqPSEHcd17qJCoQHqerRIheimGLJGzUHiNxAms":3,"$fSfClyJkPM1vzL2uUM5t3lCOgsB6DceZliSry2JCeC5I":413,"$fvtLxPWM_mjwb_AWXJJSvehP--jN0HDYygfpE_Y4z0_8":417},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":127,"fingerprints":378},"slick-slideshow","Slick Slideshow","0.1.2","Blackbam","https:\u002F\u002Fprofiles.wordpress.org\u002Fblackbam\u002F","\u003Cp>Slick Slideshow is a highly customizable, but easy-to-use JQuery Slideshow Plugin, to show dynamic images or contents on your website.\u003Cbr \u002F>\nVisit the \u003Ca href=\"http:\u002F\u002Fwww.blackbam.at\u002Fblackbams-blog\u002Fslick-slideshow\" rel=\"nofollow ugc\">Plugin Page\u003C\u002Fa> to see it in action.\u003C\u002Fp>\n\u003Cp>Inspired by a tutorial from \u003Ca href=\"http:\u002F\u002Fsixrevisions.com\u002Ftutorials\u002Fjavascript_tutorial\u002Fcreate-a-slick-and-accessible-slideshow-using-jquery\u002F\" rel=\"nofollow ugc\">sixrevisions.com\u003C\u002Fa>, we adapted the\u003Cbr \u002F>\nextended work from \u003Ca href=\"http:\u002F\u002Fblog.monnet-usa.com\u002F?p=276\" rel=\"nofollow ugc\">Blog Monnet USA\u003C\u002Fa>. Our part was finally to create a WordPress-Plugin from that.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All Styles, Animation Parameters and Contents are customizable easily over the backend\u003C\u002Fli>\n\u003Cli>Can use Image URLs (unexperienced users) or custom HTML (experienced Users)\u003C\u002Fli>\n\u003Cli>Valid XHTML 1.0 Strict, Valid CSS 2\u003C\u002Fli>\n\u003Cli>Compatibility to other JQuery WordPress Plugins (you can use a Lightbox like Colorbox for example for images in the Slideshow)\u003C\u002Fli>\n\u003Cli>Fast and efficient\u003C\u002Fli>\n\u003Cli>Does not require extra-tables in your database (actually this might be required one day, but currently everything works fine)\u003C\u002Fli>\n\u003Cli>GPLv2 licensed as it is a requirement of the WordPress Codex (donations for the efforts and further development are fair and welcome)\u003C\u002Fli>\n\u003Cli>Languages: English, German\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Known issues\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The Plugin is not tested in combination with the use of other Javascript-Frameworks than jQuery (like Prototype). There might obviously be compability issues.\u003C\u002Fli>\n\u003C\u002Ful>\n","Slick Slideshow is a highly customizable, but easy-to-use JQuery Slideshow Plugin, to show dynamic images or contents on your website.",10,2676,0,"2011-06-19T19:46:00.000Z","3.1.4","3.0","",[19,20,21,22],"html","images","jquery","slideshow","http:\u002F\u002Fblog.blackbam.at\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fslick-slideshow.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"blackbam",4,210,3450,69,"2026-05-20T06:54:24.090Z",[38,57,73,92,111],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":16,"requires_php":17,"tags":52,"homepage":54,"download_link":55,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":56},"wp-cycle","WP-Cycle","0.1.13","Nathan Rice","https:\u002F\u002Fprofiles.wordpress.org\u002Fnathanrice\u002F","\u003Cp>The WP-Cycle plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow of the images.\u003C\u002Fp>\n\u003Cp>Each image can also be given a URL which, when the image is active in the slideshow, will be used as an anchor wrapper around the image, turning the image into a link to the URL you specified.  The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>Images can also be deleted via the plugins Administration page.\u003C\u002Fp>\n","This plugin creates an image slideshow in your theme, using the jQuery Cycle plugin. You can upload\u002Fdelete images via the administration panel, and di &hellip;",3000,235562,72,12,"2012-08-15T03:09:00.000Z","3.4.2",[20,53,22],"jquery-cycle","http:\u002F\u002Fwww.nathanrice.net\u002Fplugins\u002Fwp-cycle\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-cycle.0.1.13.zip","2026-04-16T10:56:18.058Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":65,"num_ratings":67,"last_updated":68,"tested_up_to":51,"requires_at_least":16,"requires_php":17,"tags":69,"homepage":71,"download_link":72,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":56},"wp-cycle-plus-captions","WP-Cycle Plus Captions","0.4.5","Snub_Fighter","https:\u002F\u002Fprofiles.wordpress.org\u002Ftech-squawkers\u002F","\u003Cp>The WP-Cycle Plus Captions plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow.\u003C\u002Fp>\n\u003Cp>Each image can be given a URL, the active image will then work just like your basic text link. The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>New!\u003C\u002Fp>\n\u003Cp>Now each image can now be assigned a caption. Each caption will display below its parent image as they rotate.\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch4>Internet Explorer Display issue\u003C\u002Fh4>\n\u003Cp>Images may appear blank or hidden. Check your themes style sheet for IMG { max-width:100%; } and comment or remove it.\u003C\u002Fp>\n\u003Ch3>WP-Cycle Changelog\u003C\u002Fh3>\n\u003Ch4>0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Initial Release\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added automatic defaults database insertion\u003C\u002Fli>\n\u003Cli>Added [wp_cycle] shortcode\u003C\u002Fli>\n\u003Cli>Buggy release, ended up reverting to 0.1\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Unreleased version, used for testing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added stable [wp_cycle] shortcode\u003C\u002Fli>\n\u003Cli>Added transition duration control to settings\u003C\u002Fli>\n\u003Cli>Added transition delay control to settings\u003C\u002Fli>\n\u003Cli>Added new options to the defaults array (for filtering)\u003C\u002Fli>\n\u003Cli>Changed some wording in the settings\u003C\u002Fli>\n\u003Cli>Upgraded jQuery Cycle plugin from 2.63 to 2.65\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added empty alt tag to images to pass vaidation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.5\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed the error that got produced when trying to loop through a non-array variable (duh!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.6\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed the shortcode positioning problem\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.7\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Upgraded jQuery Cycle plugin from 2.65 to 2.81\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.8\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Added \u003Ccode>position: relative;\u003C\u002Fcode> to the slideshow div\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.9\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Moved script and args to the \u003Ccode>wp_footer\u003C\u002Fcode> hook\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.10\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed minor bug from 0.1.9\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.11\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Moved WP-Cycle menu location from “Plugins” to “Media”\u003C\u002Fli>\n\u003Cli>Updated the menu registration to comply with new roles methodology.\u003C\u002Fli>\n\u003Cli>Added “Settings” link on plugins page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.1.12\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Updated jQuery Cycle plugin to 2.99\u003C\u002Fli>\n\u003C\u002Ful>\n","The WP-Cycle Plus Captions plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle Plugin slideshow.",100,8676,3,"2013-02-06T19:26:00.000Z",[70,20,53,22],"captions","http:\u002F\u002Fwww.tech-squawkers.com\u002Fwp-cycle-plus-captions\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-cycle-plus-captions.0.4.5.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":65,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":16,"requires_php":17,"tags":86,"homepage":89,"download_link":90,"security_score":91,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":56},"cycle-responsive-slider","Cycle Responsive Slider","1.2.1","Kiran Antony","https:\u002F\u002Fprofiles.wordpress.org\u002Fkiranantony\u002F","\u003Cp>The Cycle Responsive Slider plugin allows you to upload images from your computer, which will then be used to generate a jQuery Cycle2 Plugin slideshow of the images.\u003C\u002Fp>\n\u003Cp>Each image can also be given a URL which, when the image is active in the slideshow, will be used as an anchor wrapper around the image, turning the image into a link to the URL you specified.  The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>Images can also be deleted via the plugins Administration page.\u003C\u002Fp>\n\u003Ch3>1.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Improved Code Base (Object Oriented) \u003C\u002Fli>\n\u003Cli>Solved Issues with loading large number of images\u003C\u002Fli>\n\u003Cli>Solved Issue With Multiple Instance of the slider in a sinlge page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.2.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Some Bug Fixes\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin creates an image slideshow in your theme, using the jQuery Cycle2 plugin. You can upload\u002Fdelete images via the administration panel.",50,2651,1,"2024-07-14T18:09:00.000Z","6.5.8",[20,87,88,22,39],"jquery-cycle2","responsive-slider","http:\u002F\u002Fwww.kiranantony.com\u002Fwp-cycle2\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcycle-responsive-slider.1.2.1.zip",92,{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":65,"num_ratings":83,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":17,"tags":105,"homepage":108,"download_link":109,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":110},"jquery-googleslides","jQuery googleslides","1.3","brady.holt","https:\u002F\u002Fprofiles.wordpress.org\u002Fbradyholt\u002F","\u003Cp>jquery.googleslides is a simply jQuery plugin that displays your Google Photos, including Picasa and Google+ albums.  Visit the \u003Ca href=\"http:\u002F\u002Fbradyholt.github.com\u002Fjquery-googleslides\" rel=\"nofollow ugc\">jquery-googleslides project site\u003C\u002Fa> for more information.\u003C\u002Fp>\n","Integrates the googleslides jQuery plugin to display your Google Photos, including Picasa and Google+ albums.",20,3836,"2012-06-15T20:59:00.000Z","3.3.2","2.0.2",[106,20,21,107,22],"gallery","pictures","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjquery-googleslides\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjquery-googleslides.1.3.zip","2026-03-15T15:16:48.613Z",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":11,"downloaded":119,"rating":81,"num_ratings":120,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":17,"tags":124,"homepage":125,"download_link":126,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":56},"abooze-slideshow","Aboozé Slideshow","3.2","Aboobacker.","https:\u002F\u002Fprofiles.wordpress.org\u002Fabooze\u002F","\u003Cp>Easily upload images with links to display a nice slideshow on your website. To manage, Go to \u003Cstrong>Media-> Aboozé Slideshow\u003C\u002Fstrong>. To display the slideshow, add the shortcode in your template: \u003C\u002Fp>\n\u003Cp>or simply adding the shortcode\u003Cbr \u002F>\n    [ab_show]\u003Cbr \u002F>\nin the page from the admin panel.\u003C\u002Fp>\n\u003Cp>Each image can also be given a URL which, when the image is active in the slideshow, will be used as an anchor wrapper around the image, turning the image into a link to the URL you specified.  The slideshow is set to pause when the user hovers over the slideshow images, giving them ample time to click the link.\u003C\u002Fp>\n\u003Cp>Images can also be deleted via the plugins Administration page.\u003C\u002Fp>\n","This plugin creates an image slideshow in your theme. You can upload\u002Fdelete images via the admin panel, and display the images in your theme.",9603,2,"2018-01-23T06:50:00.000Z","4.2.39","4.0",[112,20,53,22],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fabooze-slideshow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fabooze-slideshow.3.2.zip",{"attackSurface":128,"codeSignals":162,"taintFlows":246,"riskAssessment":365,"analyzedAt":377},{"hooks":129,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":161,"entryPointCount":83,"unprotectedCount":13},[130,136,140,143,148,152],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","admin_menu","slick_slideshow_options","slick-slideshow.php",690,{"type":131,"name":137,"callback":138,"file":134,"line":139},"admin_init","slick_slideshow_init",691,{"type":131,"name":141,"callback":141,"file":134,"line":142},"slick_slideshow",695,{"type":131,"name":144,"callback":145,"priority":146,"file":134,"line":147},"wp_head","slick_slideshow_javascript",90,696,{"type":131,"name":144,"callback":149,"priority":150,"file":134,"line":151},"slick_slideshow_css_all",89,697,{"type":131,"name":153,"callback":154,"file":134,"line":155},"wp_footer","slick_slideshow_activate",698,[],[],[159],{"tag":141,"callback":141,"file":134,"line":160},701,[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":245},[],{"prepared":13,"raw":13,"locations":165},[],{"escaped":13,"rawEcho":167,"locations":168},39,[169,172,174,176,178,180,182,184,186,188,190,191,192,194,196,198,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243],{"file":134,"line":170,"context":171},143,"raw output",{"file":134,"line":173,"context":171},144,{"file":134,"line":175,"context":171},145,{"file":134,"line":177,"context":171},147,{"file":134,"line":179,"context":171},148,{"file":134,"line":181,"context":171},200,{"file":134,"line":183,"context":171},389,{"file":134,"line":185,"context":171},391,{"file":134,"line":187,"context":171},394,{"file":134,"line":189,"context":171},400,{"file":134,"line":189,"context":171},{"file":134,"line":189,"context":171},{"file":134,"line":193,"context":171},401,{"file":134,"line":195,"context":171},402,{"file":134,"line":197,"context":171},403,{"file":134,"line":197,"context":171},{"file":134,"line":200,"context":171},404,{"file":134,"line":202,"context":171},414,{"file":134,"line":204,"context":171},464,{"file":134,"line":206,"context":171},470,{"file":134,"line":208,"context":171},515,{"file":134,"line":210,"context":171},521,{"file":134,"line":212,"context":171},527,{"file":134,"line":214,"context":171},533,{"file":134,"line":216,"context":171},539,{"file":134,"line":218,"context":171},545,{"file":134,"line":220,"context":171},581,{"file":134,"line":222,"context":171},582,{"file":134,"line":224,"context":171},588,{"file":134,"line":226,"context":171},592,{"file":134,"line":228,"context":171},597,{"file":134,"line":230,"context":171},598,{"file":134,"line":232,"context":171},606,{"file":134,"line":234,"context":171},615,{"file":134,"line":236,"context":171},617,{"file":134,"line":238,"context":171},624,{"file":134,"line":240,"context":171},626,{"file":134,"line":242,"context":171},641,{"file":134,"line":244,"context":171},645,[],[247],{"entryPoint":248,"graph":249,"unsanitizedCount":363,"severity":364},"\u003Cslick-slideshow> (slick-slideshow.php:0)",{"nodes":250,"edges":346},[251,256,261,265,267,271,273,277,279,283,285,289,291,295,297,301,303,307,309,313,315,319,321,325,327,331,333,337,340,342],{"id":252,"type":253,"label":254,"file":134,"line":255},"n0","source","$_POST['slick_slideshow_css']",51,{"id":257,"type":258,"label":259,"file":134,"line":255,"wp_function":260},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":262,"type":253,"label":263,"file":134,"line":264},"n2","$_POST['slick_slideshow_width']",52,{"id":266,"type":258,"label":259,"file":134,"line":264,"wp_function":260},"n3",{"id":268,"type":253,"label":269,"file":134,"line":270},"n4","$_POST['slick_slideshow_height']",53,{"id":272,"type":258,"label":259,"file":134,"line":270,"wp_function":260},"n5",{"id":274,"type":253,"label":275,"file":134,"line":276},"n6","$_POST['slick_slideshow_background']",54,{"id":278,"type":258,"label":259,"file":134,"line":276,"wp_function":260},"n7",{"id":280,"type":253,"label":281,"file":134,"line":282},"n8","$_POST['slick_slideshow_color']",55,{"id":284,"type":258,"label":259,"file":134,"line":282,"wp_function":260},"n9",{"id":286,"type":253,"label":287,"file":134,"line":288},"n10","$_POST['slick_slideshow_previous']",56,{"id":290,"type":258,"label":259,"file":134,"line":288,"wp_function":260},"n11",{"id":292,"type":253,"label":293,"file":134,"line":294},"n12","$_POST['slick_slideshow_next']",57,{"id":296,"type":258,"label":259,"file":134,"line":294,"wp_function":260},"n13",{"id":298,"type":253,"label":299,"file":134,"line":300},"n14","$_POST['slick_slideshow_transition_time']",58,{"id":302,"type":258,"label":259,"file":134,"line":300,"wp_function":260},"n15",{"id":304,"type":253,"label":305,"file":134,"line":306},"n16","$_POST['slick_slideshow_viewing_time']",59,{"id":308,"type":258,"label":259,"file":134,"line":306,"wp_function":260},"n17",{"id":310,"type":253,"label":311,"file":134,"line":312},"n18","$_POST['slick_slideshow_embed_jquery']",60,{"id":314,"type":258,"label":259,"file":134,"line":312,"wp_function":260},"n19",{"id":316,"type":253,"label":317,"file":134,"line":318},"n20","$_POST['slick_slideshow_autostart_slideshow']",61,{"id":320,"type":258,"label":259,"file":134,"line":318,"wp_function":260},"n21",{"id":322,"type":253,"label":323,"file":134,"line":324},"n22","$_POST['slick_slideshow_display_slideshow_control_panel']",62,{"id":326,"type":258,"label":259,"file":134,"line":324,"wp_function":260},"n23",{"id":328,"type":253,"label":329,"file":134,"line":330},"n24","$_POST['slick_slideshow_rewind_slideshow']",63,{"id":332,"type":258,"label":259,"file":134,"line":330,"wp_function":260},"n25",{"id":334,"type":253,"label":335,"file":134,"line":336},"n26","$_POST",74,{"id":338,"type":258,"label":259,"file":134,"line":339,"wp_function":260},"n27",78,{"id":341,"type":253,"label":335,"file":134,"line":336},"n28",{"id":343,"type":258,"label":344,"file":134,"line":189,"wp_function":345},"n29","echo() [XSS]","echo",[347,349,350,351,352,353,354,355,356,357,358,359,360,361,362],{"from":252,"to":257,"sanitized":348},false,{"from":262,"to":266,"sanitized":348},{"from":268,"to":272,"sanitized":348},{"from":274,"to":278,"sanitized":348},{"from":280,"to":284,"sanitized":348},{"from":286,"to":290,"sanitized":348},{"from":292,"to":296,"sanitized":348},{"from":298,"to":302,"sanitized":348},{"from":304,"to":308,"sanitized":348},{"from":310,"to":314,"sanitized":348},{"from":316,"to":320,"sanitized":348},{"from":322,"to":326,"sanitized":348},{"from":328,"to":332,"sanitized":348},{"from":334,"to":338,"sanitized":348},{"from":341,"to":343,"sanitized":348},15,"low",{"summary":366,"deductions":367},"The \"slick-slideshow\" plugin v0.1.2 exhibits a mixed security posture.  While it has a very small attack surface with only one shortcode and no AJAX handlers, REST API routes, or cron events, indicating a generally focused design, several significant code signals raise concerns.  The complete lack of output escaping is a critical flaw, leaving the plugin highly vulnerable to cross-site scripting (XSS) attacks.  Furthermore, the presence of unsanitized paths in the taint analysis suggests a potential for directory traversal or similar file system vulnerabilities, even if no file operations were directly detected.\n\nThe plugin's vulnerability history is clean, with no known CVEs. This might suggest a relatively new plugin or one that has not been extensively targeted or analyzed for vulnerabilities. However, the absence of past issues should not be mistaken for present security. The lack of nonces and capability checks on its single entry point (the shortcode) means that even though there are no direct vulnerabilities indicated, a malicious actor could potentially trigger the shortcode's functionality in an uncontrolled manner if the shortcode's output is vulnerable to XSS.\n\nIn conclusion, the \"slick-slideshow\" plugin's primary strengths are its minimal attack surface and clean vulnerability history. However, these are heavily outweighed by critical weaknesses in output escaping and potential taint flow issues. The lack of authentication checks on its sole entry point further exacerbates these risks. This plugin requires immediate attention to address the output escaping and taint analysis findings to mitigate significant security risks.",[368,370,372,375],{"reason":369,"points":363},"No output escaping detected",{"reason":371,"points":11},"Unsanitized path in taint analysis",{"reason":373,"points":374},"No nonce checks on shortcode",5,{"reason":376,"points":374},"No capability checks on shortcode","2026-04-16T11:48:49.884Z",{"wat":379,"direct":386},{"assetPaths":380,"generatorPatterns":383,"scriptPaths":384,"versionParams":385},[381,382],"\u002Fwp-content\u002Fplugins\u002Fslick-slideshow\u002Fimages\u002FControl_play.png","\u002Fwp-content\u002Fplugins\u002Fslick-slideshow\u002Fimages\u002FControl_pause.png",[],[],[],{"cssClasses":387,"htmlComments":390,"htmlAttributes":393,"restEndpoints":401,"jsGlobals":402,"shortcodeOutput":411},[388,389],"slide","control",[391,392,391],"\u003C!-- Slideshow HTML -->","\u003C!-- slide div -->",[394,395,396,397,398,399,400],"id=\"slideshow\"","id=\"slidesContainer\"","id=\"pageContainer\"","id=\"slideInner\"","id=\"leftControl\"","id=\"rightControl\"","id=\"slideshow_control_panel\"",[],[403,404,405,406,407,408,409,410],"slideshow_start_mode","autostart_slideshow","rewind_slideshow","display_slideshow_control_panel","slide_transition_time","slide_viewing_time","slideshow_control_icons","interval",[412],"\u003Cdiv id=\"pageContainer\">\n  \u003C!-- Slideshow HTML -->\n  \u003Cdiv id=\"slideshow\" style=\"display:none;\">\n    \u003Cdiv id=\"slidesContainer\">",{"error":414,"url":415,"statusCode":200,"statusMessage":416,"message":416},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fslick-slideshow\u002Fbundle","no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":418},[]]