[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-GvumoN-ae9Jr6jJZZOlUaOEO7vMXN3hMhpu_kqVk40":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":125,"fingerprints":273},"syndicate-press","Syndicate Press","1.0.33.2","SP developer","https:\u002F\u002Fprofiles.wordpress.org\u002Fhranchfundi\u002F","\u003Cp>Syndicate Press lets you include RSS, RDF or Atom feeds directly in your WordPress Posts, Pages, Widgets or anywhere in your theme. Syndicate Press features an easy to use admin page and includes great features such as feed caching, filters and numerous display options.\u003C\u002Fp>\n\u003Cp>Unlike a number of other news syndication plugins for WordPress, Syndicate Press does not force arbitrary formatting or CSS styling on the feed contents.  This allows the feed items to be displayed in your site like they are a fully integrated part of your content.\u003C\u002Fp>\n\u003Cp>Syndicate Press is actively maintained and regularly updated with new features and enhancements. The Syndicate Press development team at \u003Ca href=\"http:\u002F\u002Fhenryranch.net\u002Fsoftware\u002Fsyndicate-press\u002F\" rel=\"nofollow ugc\">henryranch.net\u003C\u002Fa> has focused on ease of use, performance, stability and functionality to bring you a great plugin that will help keep your WordPress site up to date with the latest in news feeds from every corner of the world.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>Please see the following pages for examples of the syndicated news feeds on a WordPress blog:\u003C\u002Fp>\n\u003Cp>Usage information: http:\u002F\u002Fsyndicatepress.henryranch.net\u002Fdocumentation\u002Fusage\u002F \u003C\u002Fp>\n","Syndicate Press lets you include RSS, RDF or Atom feeds directly in your Wordpress posts, pages, widgets or theme.",200,60702,84,5,"2018-01-23T04:13:00.000Z","4.9.29","2.8","",[20,21,22,23,24],"atom","feed","rdf","rss","syndicate","http:\u002F\u002Fsyndicatepress.henryranch.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsyndicate-press.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":13,"computed_at":36},"hranchfundi",1,30,"2026-04-03T21:29:30.173Z",[38,57,73,91,107],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":16,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":55,"download_link":56,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-feeds","Disable Feeds","1.4.4","WPDeveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevteam\u002F","\u003Cp>This plugin disables all RSS\u002FAtom\u002FRDF feeds on your site. It is useful if you use WordPress purely as a content management system (and not for blogging). All requests for feeds will be redirected to the corresponding HTML content.\u003C\u002Fp>\n\u003Cp>There are a couple of options to tweak the plugin’s behaviour – go to \u003Ccode>Settings -> Reading\u003C\u002Fcode> to see them.\u003C\u002Fp>\n\u003Cp>If you come across any bugs or have suggestions, please use the plugin support forum. I can’t fix it if I don’t know it’s broken! Please check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fdisable-feeds\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for common issues.\u003C\u002Fp>\n\u003Cp>Want to contribute? Here’s the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsolarissmoke\u002Fdisable-feeds\" rel=\"nofollow ugc\">GitHub development repository\u003C\u002Fa>.\u003C\u002Fp>\n","Disables all RSS\u002FAtom\u002FRDF feeds on your WordPress site.",30000,216366,94,31,"2018-03-30T04:50:00.000Z","4.0",[20,53,54,22,23],"disable","feeds","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-feeds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-feeds.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":28,"num_ratings":28,"last_updated":67,"tested_up_to":68,"requires_at_least":68,"requires_php":18,"tags":69,"homepage":71,"download_link":72,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"feed-disabler","FeedDisabler Plugin","0.5","tcloninger","https:\u002F\u002Fprofiles.wordpress.org\u002Ftcloninger\u002F","\u003Cp>Provides a custom error, using wp_die(), when any type of feed is attempted.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Feature Overview\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Removal of ALL feeds\u003C\u002Fli>\n\u003Cli>Allows for private (more secure) blogs\u003C\u002Fli>\n\u003Cli>Works great with the “Private WP” plugin (requires login to view blog)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important Notes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This is my very first plugin.  I found it \u002Fvery\u002F strange that nobody had done this.\u003C\u002Fp>\n","Disables all feeds (rdf, rss, rss2, atom).",40,3314,"2008-09-09T21:07:00.000Z","2.6",[20,21,22,23,70],"rss2","http:\u002F\u002Fwordpress.org\u002F#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeed-disabler.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":28,"num_ratings":28,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":18,"tags":86,"homepage":88,"download_link":89,"security_score":90,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-rss-rdf-atom-feeds","Disable RSS, RDF, and Atom Feeds","1.1","Roxnor","https:\u002F\u002Fprofiles.wordpress.org\u002Froxnor\u002F","\u003Cp>The “Disable RSS, RDF, and Atom Feeds” plugin allows you to disable all RSS, RDF, and Atom feeds easily on your WordPress website. This plugin provides options to redirect feed requests to the corresponding HTML content or issue a 404 error. You can also allow the global post and comment feeds if desired.\u003C\u002Fp>\n\u003Cp>This plugin is handy if you do not use RSS feeds and want to reduce your site’s exposure. It prevents unauthorized users from accessing your site’s content via feeds.\u003C\u002Fp>\n\u003Ch3>USEFUL LINK\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwpmet.com\u002Fsupport-help\u002F\" rel=\"nofollow ugc\">Get a Quick Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>✔️ Disable all feeds: RSS, RDF, and Atom.\u003C\u002Fp>\n\u003Cp>✔️ Options to redirect feed requests or issue a 404 error.\u003C\u002Fp>\n\u003Cp>✔️ Allow global post feed and comment feed.\u003C\u002Fp>\n\u003Cp>✔️ Integration with bbPress to disable forum\u002Ftopic\u002Freply feeds.\u003C\u002Fp>\n\u003Cp>✔️ Simple configuration through WordPress settings.\u003C\u002Fp>\n","Disable all RSS, RDF, and Atom feeds on your WordPress site with the option to control behavior such as redirection or issuing a 404 error.",10,972,"2024-12-22T09:13:00.000Z","6.7.5","5.0",[20,87,54,22,23],"disable-feed","https:\u002F\u002Fwpmet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-rss-rdf-atom-feeds.1.1.zip",92,{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":81,"downloaded":99,"rating":100,"num_ratings":34,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":18,"tags":104,"homepage":105,"download_link":106,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"rssupplement","RSSupplement","16.07","Jerry Stephens","https:\u002F\u002Fprofiles.wordpress.org\u002Fleftville\u002F","\u003Cp>Adds WP functions, copyright, and more to your RSS feed items.\u003C\u002Fp>\n","Adds WP functions, copyright, and more to your RSS feed items.",9285,80,"2016-06-08T16:39:00.000Z","4.5.33","3.0",[20,21,22,23,70],"http:\u002F\u002Fwayofthegeek.org\u002Fdownloads\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frssupplement.16.07.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":45,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":14,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":123,"download_link":124,"security_score":116,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-feeds-wp","Disable Feeds WP","1.7","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>Disable Feeds WP is a WordPress plugin to disable all RSS\u002FAtom\u002FRDF WordPress feeds on your website\u002Fblog. It is very useful if you use WordPress purely as a content management system (and not for blogging). All requests for feeds will be redirected to the corresponding HTML content.\u003C\u002Fp>\n\u003Cp>There are a couple of options to tweak the plugin’s behavior – go to \u003Ccode>Settings -> Reading\u003C\u002Fcode> to see them.\u003C\u002Fp>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Fdisable-feeds-wp\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n",10000,26094,100,"2025-07-17T11:10:00.000Z","6.8.5","4.9","7.4",[20,53,54,23,122],"wordpress-feeds","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-feeds-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-feeds-wp.1.7.zip",{"attackSurface":126,"codeSignals":158,"taintFlows":229,"riskAssessment":258,"analyzedAt":272},{"hooks":127,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":28,"unprotectedCount":28},[128,134,138,142,147,150],{"type":129,"name":130,"callback":131,"file":132,"line":133},"action","admin_enqueue_scripts","my_admin_enqueue_scripts","syndicate-press-plugin.php",1763,{"type":129,"name":135,"callback":136,"file":132,"line":137},"admin_menu","SyndicatePressPlugin_ap",1771,{"type":129,"name":139,"callback":140,"file":132,"line":141},"activate_syndicatePress-plugin\u002FsyndicatePress-plugin.php","init",1772,{"type":143,"name":144,"callback":145,"file":132,"line":146},"filter","the_content","sp_ContentFilter",1775,{"type":143,"name":148,"callback":145,"file":132,"line":149},"widget_text",1776,{"type":129,"name":151,"callback":152,"file":132,"line":153},"wp_enqueue_scripts","my_enqueue_scripts",1779,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":162,"fileOperations":227,"externalRequests":34,"nonceChecks":34,"capabilityChecks":28,"bundledLibraries":228},[],{"prepared":28,"raw":28,"locations":161},[],{"escaped":28,"rawEcho":163,"locations":164},32,[165,169,171,173,175,177,179,181,183,185,187,189,191,193,195,197,199,200,202,203,205,207,208,210,212,213,215,217,219,221,223,225],{"file":166,"line":167,"context":168},"php\\TinyHttpClient.php",119,"raw output",{"file":166,"line":170,"context":168},149,{"file":166,"line":172,"context":168},160,{"file":166,"line":174,"context":168},173,{"file":166,"line":176,"context":168},176,{"file":166,"line":178,"context":168},204,{"file":132,"line":180,"context":168},1264,{"file":132,"line":182,"context":168},1265,{"file":132,"line":184,"context":168},1289,{"file":132,"line":186,"context":168},1290,{"file":132,"line":188,"context":168},1295,{"file":132,"line":190,"context":168},1296,{"file":132,"line":192,"context":168},1301,{"file":132,"line":194,"context":168},1303,{"file":132,"line":196,"context":168},1318,{"file":132,"line":198,"context":168},1397,{"file":132,"line":198,"context":168},{"file":132,"line":201,"context":168},1401,{"file":132,"line":201,"context":168},{"file":132,"line":204,"context":168},1402,{"file":132,"line":206,"context":168},1406,{"file":132,"line":206,"context":168},{"file":132,"line":209,"context":168},1407,{"file":132,"line":211,"context":168},1411,{"file":132,"line":211,"context":168},{"file":132,"line":214,"context":168},1439,{"file":132,"line":216,"context":168},1464,{"file":132,"line":218,"context":168},1547,{"file":132,"line":220,"context":168},1636,{"file":132,"line":222,"context":168},1641,{"file":132,"line":224,"context":168},1690,{"file":132,"line":226,"context":168},1812,14,[],[230,248],{"entryPoint":231,"graph":232,"unsanitizedCount":246,"severity":247},"sp_printAdminPage (syndicate-press-plugin.php:1071)",{"nodes":233,"edges":243},[234,238],{"id":235,"type":236,"label":237,"file":132,"line":184},"n0","source","$_SERVER['REQUEST_URI'] (x3)",{"id":239,"type":240,"label":241,"file":132,"line":184,"wp_function":242},"n1","sink","echo() [XSS]","echo",[244],{"from":235,"to":239,"sanitized":245},false,3,"medium",{"entryPoint":249,"graph":250,"unsanitizedCount":28,"severity":257},"\u003Csyndicate-press-plugin> (syndicate-press-plugin.php:0)",{"nodes":251,"edges":254},[252,253],{"id":235,"type":236,"label":237,"file":132,"line":184},{"id":239,"type":240,"label":241,"file":132,"line":184,"wp_function":242},[255],{"from":235,"to":239,"sanitized":256},true,"low",{"summary":259,"deductions":260},"The 'syndicate-press' plugin version 1.0.33.2 exhibits a generally positive security posture, with a notable lack of known vulnerabilities and a clean record of past security issues. The static analysis reveals a very limited attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that are not properly authenticated or permission-checked. Furthermore, all identified SQL queries are properly prepared, which is a strong indicator of good database security practices.  The plugin also demonstrates an awareness of WordPress security by including nonce checks.  \n\nHowever, a significant concern arises from the output escaping. The static analysis indicates that 100% of the 32 identified outputs are not properly escaped, presenting a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This is further corroborated by the taint analysis, which shows one flow with an unsanitized path, suggesting a potential avenue for malicious input to be rendered without proper sanitization. The presence of file operations and an external HTTP request, while not inherently insecure, could become risky if not handled with robust input validation and sanitization, especially given the output escaping issue.\n\nIn conclusion, while the plugin is commendably free of known vulnerabilities and demonstrates good practices in areas like SQL query handling and authentication for entry points, the complete lack of output escaping is a critical weakness. This deficiency, coupled with the identified unsanitized path in taint analysis, creates a high risk of XSS attacks. Addressing the output escaping issue should be the highest priority to improve the plugin's security.",[261,264,267,270],{"reason":262,"points":263},"All outputs are unescaped",16,{"reason":265,"points":266},"Flow with unsanitized path found",12,{"reason":268,"points":269},"File operations present without explicit sanitization checks",4,{"reason":271,"points":269},"External HTTP request present without explicit sanitization checks","2026-03-16T20:28:07.427Z",{"wat":274,"direct":287},{"assetPaths":275,"generatorPatterns":280,"scriptPaths":281,"versionParams":282},[276,277,278,279],"\u002Fwp-content\u002Fplugins\u002Fsyndicate-press\u002Fadmin\u002Fjs\u002Fsyndicate-press-admin.js","\u002Fwp-content\u002Fplugins\u002Fsyndicate-press\u002Fadmin\u002Fcss\u002Fsyndicate-press-admin.css","\u002Fwp-content\u002Fplugins\u002Fsyndicate-press\u002Fcss\u002Fsyndicate-press.css","\u002Fwp-content\u002Fplugins\u002Fsyndicate-press\u002Fjs\u002Fsyndicate-press.js",[],[276,279],[283,284,285,286],"syndicate-press\u002Fcss\u002Fsyndicate-press.css?ver=","syndicate-press\u002Fjs\u002Fsyndicate-press.js?ver=","syndicate-press\u002Fadmin\u002Fcss\u002Fsyndicate-press-admin.css?ver=","syndicate-press\u002Fadmin\u002Fjs\u002Fsyndicate-press-admin.js?ver=",{"cssClasses":288,"htmlComments":290,"htmlAttributes":294,"restEndpoints":299,"jsGlobals":300,"shortcodeOutput":302},[289],"lightbox_content",[291,292,293],"\u003C!--syn-press#(.*)-->","\u003C!--sp#(.*)-->","\u003C!--syndicate press version check-->",[295,296,297,298],"id=\"lightbox-external\"","id=\"external-content-iframe\"","name=\"external-content-iframe\"","class=\"lightbox_content\"",[],[301],"var syndicatePressPluginObjectRef",[303],"[sp#(.*)]"]