[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUV60hU1BDEnuwWeE-tPFHXJvzaloCabs_Pg-gDaDBvA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":142,"fingerprints":226},"swfobject-reloaded","swfObject Reloaded","1.6","CodeAndReload","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodeandreload\u002F","\u003Cp>This plugin allows easy embedding of swf files and better media management for swf files, allowing swf files to have a\u003Cbr \u002F>\nheight, width, and their own minimum flash version.  This plugin adds a swfobject shortcode that can be inserted via\u003Cbr \u002F>\nthe “Add media” button while editing a post.  SWF files are now also automatically embedded on their respective\u003Cbr \u002F>\nattachment pages.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Technical support for this plugin will be provided via the WordPress plugin forum.  Additional support may be\u003Cbr \u002F>\navailable at \u003Ca href=\"http:\u002F\u002Fwww.codeandreload.com\u002Fwp-plugins\u002Fswfobjectreloaded\" title=\"swfObject Reloaded\nat Code and Reload\">plugin’s homepage\u003C\u002Fa>.\u003C\u002Fp>\n","Allows easy embedding (shortcode inserted via Add Media button while posting) and better management of swf files.",200,33348,100,1,"2012-10-11T23:22:00.000Z","3.4.2","2.9","",[20,21,22,23,24],"animation","flash","flex","media","swf","http:\u002F\u002Fwww.codeandreload.com\u002Fwp-plugins\u002Fswfobjectreloaded","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fswfobject-reloaded.1.6.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"codeandreload",4,370,30,84,"2026-04-04T14:15:41.642Z",[40,60,80,100,122],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":13,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":58,"download_link":59,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-swfobject","WP-SWFObject","2.4","Kodetop","https:\u002F\u002Fprofiles.wordpress.org\u002Funijimpe\u002F","\u003Cp>This plugin enable insert flash movies into WordPress using \u003Cstrong>SWFObject\u003C\u002Fstrong> with simple quicktag \u003Ccode>[swf][\u002Fswf]\u003C\u002Fcode> .\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy install and easy use on content and widgets\u003C\u002Fli>\n\u003Cli>Insert Flash movie with simple shortcode\u003C\u002Fli>\n\u003Cli>Panel for easy configuration\u003C\u002Fli>\n\u003Cli>Allow config flash player version required\u003C\u002Fli>\n\u003Cli>Allow config message for iPhone Browser\u003C\u002Fli>\n\u003Cli>Support FlashVars param\u003C\u002Fli>\n\u003Cli>Support FullScreen param\u003C\u002Fli>\n\u003Cli>Generate \u003Ccode>\u003Cobject>\u003C\u002Fcode> code for RSS and iPhone compatibility   \u003C\u002Fli>\n\u003Cli>Select version of SWFObject (1.5 or 2.0)\u003C\u002Fli>\n\u003Cli>Allow insert SWFObject from Google AJAX Libraries API\u003C\u002Fli>\n\u003Cli>Detect iPhone Browser to show message o link for Youtube Videos\u003C\u002Fli>\n\u003Cli>Easy integration with Youtube videos\u003C\u002Fli>\n\u003Cli>Support for show Loading image\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To insert swf into post content or text widget use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[swf]movie.swf, width, heigth[\u002Fswf]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To insert swf with flashvars use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[swf]movie.swf, width, heigth, var1=val1&var2=val2[\u002Fswf]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To insert swf on template, use the php code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php wp_swfobject_echo(\"movie.swf\", \"width\", \"heigth\"); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To insert swf with flashvars on template, use the php code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php wp_swfobject_echo(\"movie.swf\", \"width\", \"heigth\", \"var1=val1&var2=val2\"); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For more information visit \u003Ca href=\"http:\u002F\u002Fblog.unijimpe.net\u002Fwp-swfobject\u002F\" title=\"plugin website\" rel=\"nofollow ugc\">plugin website\u003C\u002Fa>\u003C\u002Fp>\n","Insert Flash Movies into WordPress.",1000,148800,3,"2017-11-28T16:58:00.000Z","3.2.1","1.5",[21,55,24,56,57],"flv","swfobject","video","http:\u002F\u002Fblog.unijimpe.net\u002Fwp-swfobject\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-swfobject.2.4.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":34,"last_updated":71,"tested_up_to":72,"requires_at_least":17,"requires_php":18,"tags":73,"homepage":76,"download_link":77,"security_score":78,"vuln_count":14,"unpatched_count":14,"last_vuln_date":79,"fetched_at":30},"easy-flash-embed","Easy Flash Embed","1.0","Vincent Boiardt","https:\u002F\u002Fprofiles.wordpress.org\u002Fvincent-boiardt\u002F","\u003Cp>Embed Flash easily and standard compliant with SWFObject using only a [swf] shortcode!\u003C\u002Fp>\n\u003Cp>In the text editor simply write something like:\u003C\u002Fp>\n\u003Cp>[swf src=”http:\u002F\u002Fwww.example.com\u002Fmy-flash-file.swf” width=300 height=100]\u003C\u002Fp>\n\u003Cp>The attributes \u003Cem>src\u003C\u002Fem>, \u003Cem>width\u003C\u002Fem> and \u003Cem>height\u003C\u002Fem> are \u003Cstrong>required\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Additional attributes includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>params\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cem>flashvars\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cem>version\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The attributes \u003Cem>params\u003C\u002Fem>, and \u003Cem>flashvars\u003C\u002Fem> should be written like “flashvar1=value&flashvar2=value” to function properly. If you want to specify a Flash version use \u003Cem>version\u003C\u002Fem> attribute. \u003Cstrong>Default is 9\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>To provide alternative content for people without Flash, simply put some text between the [swf] brackets, e.g.\u003C\u002Fp>\n\u003Cp>[swf src=”http:\u002F\u002Fwww.example.com\u002Fmy-flash-file.swf” width=300 height=100]You must have Flash to view this file[\u002Fswf]\u003C\u002Fp>\n","Embed Flash easily and standard compliant with SWFObject using only a [swf] shortcode!",900,54934,80,"2017-11-28T21:45:00.000Z","2.9.2",[74,75,21,24,56],"embed","embedding","http:\u002F\u002Fwpquicktips.wordpress.com\u002Feasy-flash-embedding","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-flash-embed.1.0.zip",63,"2025-09-02 00:00:00",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":37,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":98,"download_link":99,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"allow-swf-upload","Allow Swf Upload","1.1","behrouzpc","https:\u002F\u002Fprofiles.wordpress.org\u002Fbehrouzpc\u002F","\u003Cp>Allow user to upload SWF file inside Upload panel for all user important need this permission.\u003C\u002Fp>\n","Allow Admin to Upload SWF file",500,19929,5,"2013-12-24T15:54:00.000Z","3.7.41","2.0.2",[95,96,24,97],"allow-upload","iflashlord","upload","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fallow-swf-upload\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallow-swf-upload.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":13,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":18,"tags":114,"homepage":120,"download_link":121,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"zbplayer","zbPlayer","2.4.2","zubaka","https:\u002F\u002Fprofiles.wordpress.org\u002Fzubaka\u002F","\u003Cp>zbPlayer is a very easy audio plugin – you can select some options like: include Download link or no, enable autoplay or no and setup width of player. Other things will be done by zbPlayer plugun automatically. One nice feature – player support cyrillic filenames without problem.\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Ch4>Sometime my .m4a fields doesn’t play. Why is it?\u003C\u002Fh4>\n\u003Cp>Unfortunately, some of .m4a files has nuances and cannot play by player. We can’t fix that. Use .mp3 files – they works always.\u003C\u002Fp>\n","zbPlayer is a small and very easy plugin. It does one thing: capture mp3 links and insert a small flash player instead.",300,36699,7,"2020-09-30T20:37:00.000Z","5.5.18","3.5",[115,116,117,118,119],"audio-player","flash-player","media-player","mp3","small-mp3-player","http:\u002F\u002Fgilevich.com\u002Fportfolio\u002Fzbplayer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzbplayer.2.4.2.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":92,"requires_at_least":135,"requires_php":18,"tags":136,"homepage":140,"download_link":141,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"gamma-gallery","Gamma Gallery","1.9","ezhil","https:\u002F\u002Fprofiles.wordpress.org\u002Fezhil\u002F","\u003Cp>Gamma gallery is a stylish responsive image gallery for wordpress. It comes with a great full screen view and options for slideshow play\u002Fpause and automatically enhances itself to any resolution. version 1.4 supports native wordpress features like random order, include\u002Fexclude images, rearrange order. Use with the theme \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fthemes\u002Fpinpress\" rel=\"ugc\">Pinpress\u003C\u002Fa> to view a great mobile site.\u003C\u002Fp>\n\u003Cp>This plugin was based on the tutorial from codrops\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Ftympanus.net\u002Fcodrops\u002F2012\u002F11\u002F06\u002Fgamma-gallery-a-responsive-image-gallery-experiment\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Ftympanus.net\u002Fcodrops\u002F2012\u002F11\u002F06\u002Fgamma-gallery-a-responsive-image-gallery-experiment\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>See \u003Ca href=\"http:\u002F\u002Ftympanus.net\u002FDevelopment\u002FGammaGallery\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Main features \u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Responsive design\u003C\u002Fli>\n\u003Cli>Montage image arrangements\u003C\u002Fli>\n\u003Cli>fullscreen view\u003C\u002Fli>\n\u003Cli>Slideshow with play pause\u003C\u002Fli>\n\u003Cli>sync with wordpress gallery settings(order,include\u002Fexclude,random)\u003C\u002Fli>\n\u003C\u002Ful>\n","A responsive wordpress gallery with montage image arrangement.",40,16647,44,11,"2014-03-18T04:33:00.000Z","3.1",[21,137,138,139,23],"gallery","image","images","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fgamma-gallery\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamma-gallery.zip",{"attackSurface":143,"codeSignals":182,"taintFlows":214,"riskAssessment":215,"analyzedAt":225},{"hooks":144,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":180,"entryPointCount":181,"unprotectedCount":28},[145,151,155,161,164,169],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","admin_init","eg_settings_api_init","wp_swf_media_options.php",33,{"type":146,"name":152,"callback":153,"file":154,"line":150},"init","mc_head","wp_swf_object.php",{"type":156,"name":157,"callback":158,"file":159,"line":160},"filter","attachment_fields_to_edit","mc_image_attachment_fields_to_edit","wp_swf_shortcode.php",6,{"type":156,"name":162,"callback":163,"file":159,"line":110},"attachment_fields_to_save","mc_image_attachment_fields_to_save",{"type":156,"name":165,"callback":166,"priority":167,"file":159,"line":168},"media_send_to_editor","send_swf_to_editor",10,8,{"type":156,"name":170,"callback":171,"file":159,"line":167},"the_content","mc_content",[],[],[175,177],{"tag":56,"callback":176,"file":159,"line":34},"mc_swf_shortcode",{"tag":178,"callback":179,"file":159,"line":90},"swflink","mc_swf_link",[],2,{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":186,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":213},[],{"prepared":28,"raw":28,"locations":185},[],{"escaped":28,"rawEcho":187,"locations":188},12,[189,192,193,195,197,199,201,203,205,207,209,211],{"file":149,"line":190,"context":191},45,"raw output",{"file":149,"line":78,"context":191},{"file":149,"line":194,"context":191},69,{"file":149,"line":196,"context":191},74,{"file":149,"line":198,"context":191},81,{"file":149,"line":200,"context":191},87,{"file":149,"line":202,"context":191},93,{"file":149,"line":204,"context":191},94,{"file":149,"line":206,"context":191},98,{"file":149,"line":208,"context":191},99,{"file":159,"line":210,"context":191},220,{"file":159,"line":212,"context":191},241,[],[],{"summary":216,"deductions":217},"The swfobject-reloaded plugin v1.6 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, dangerous functions, direct SQL queries (all prepared statements), file operations, or external HTTP requests is commendable. Crucially, all identified entry points (shortcodes) are reported as unprotected. This suggests the plugin is designed with a focus on preventing common attack vectors.\n\nHowever, a significant concern is the complete lack of output escaping for all 12 identified outputs. This means that any data processed or displayed by the plugin, if originating from untrusted sources, could be vulnerable to cross-site scripting (XSS) attacks. The absence of nonce and capability checks on the entry points, while not directly linked to a vulnerability in this specific version due to no recorded issues, represents a potential gap that could be exploited if the plugin's functionality were to change or new vulnerabilities were discovered in the future. The lack of taint analysis data is neutral, as it could indicate no flows were found or that the analysis was not performed.\n\nIn conclusion, while the plugin has a clean vulnerability history and avoids many risky coding practices, the universal lack of output escaping presents a clear and present danger. The absence of robust authentication and authorization checks on its entry points, though not currently exploited, also warrants attention. Addressing the output escaping issue should be the top priority to mitigate XSS risks.",[218,221,223],{"reason":219,"points":220},"No output escaping for any output",20,{"reason":222,"points":90},"No nonce checks on entry points",{"reason":224,"points":90},"No capability checks on entry points","2026-03-16T20:25:01.389Z",{"wat":227,"direct":232},{"assetPaths":228,"generatorPatterns":229,"scriptPaths":230,"versionParams":231},[],[],[],[],{"cssClasses":233,"htmlComments":234,"htmlAttributes":235,"restEndpoints":236,"jsGlobals":237,"shortcodeOutput":238},[],[],[],[],[56],[239,240],"[swfobject]","[swflink]"]