[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzbJRdunyf477xwV3XSbZetlamPVJa0Bx-8Rbo3Owvp0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":57,"crawl_stats":36,"alternatives":61,"analysis":163,"fingerprints":237},"the-tech-tribe","The Tribal Plugin","1.3.4","thetechtribe","https:\u002F\u002Fprofiles.wordpress.org\u002Fnigelmoore1\u002F","\u003Cp>The Tech Tribe plugin allows members of the Tech Tribe to automatically post blog content to their website from the Monthly Marketing Packs included in their Membership.\u003C\u002Fp>\n\u003Cp>It allows members to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set what Author they want as Default on all the Posts\u003C\u002Fli>\n\u003Cli>Decide between Automatic posting or Manual posting in case they want to check first\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can find out more about The Tech Tribe at: https:\u002F\u002Fthetechtribe.com\u002F\u003C\u002Fp>\n","The Tech Tribe plugin allows Tech Tribe members to automatically post Blog content to their Wordpress website.",800,13824,100,1,"2025-10-06T03:24:00.000Z","6.8.5","5.0","7.0",[20,21,22],"content","syndication","techtribe","http:\u002F\u002Fthetechtribe.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-tech-tribe.1.3.4.zip",98,2,0,"2025-09-26 00:00:00","2026-03-15T15:16:48.613Z",[31,46],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2025-60140","the-tribal-unauthenticated-sensitive-information-exposure","The Tribal \u003C= 1.3.3 - Unauthenticated Sensitive Information Exposure","The The Tribal Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.3. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data.",null,"\u003C=1.3.3","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2025-10-08 20:59:04",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F470d64e6-9dd5-4069-8b16-ea26a3b9f0e1?source=api-prod",13,{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":51,"cvss_vector":52,"vuln_type":53,"published_date":28,"updated_date":54,"references":55,"days_to_patch":45},"CVE-2025-60141","the-tribal-authenticated-administrator-stored-cross-site-scripting","The Tribal \u003C= 1.3.3 - Authenticated (Administrator+) Stored Cross-Site Scripting","The The Tribal plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-10-08 21:00:56",[56],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F67c495dd-ccff-49ff-91cd-40dd66696401?source=api-prod",{"slug":58,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":45,"trust_score":59,"computed_at":60},"nigelmoore1",93,"2026-04-05T18:24:01.896Z",[62,86,109,126,145],{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":83,"download_link":84,"security_score":85,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"post-content-shortcodes","Post Content Shortcodes","1.0.1.1","Curtiss Grymala","https:\u002F\u002Fprofiles.wordpress.org\u002Fcgrymala\u002F","\u003Cp>This plugin adds two shortcodes that allow you to display either the content of a post or a list of posts within the content area of a post. This plugin should be fully compatible with all post types, as it simply uses the \u003Ccode>get_post()\u003C\u002Fcode> and \u003Ccode>get_posts()\u003C\u002Fcode> WordPress functions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Post Content\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The first shortcode is the \u003Ccode>[post-content]\u003C\u002Fcode> shortcode. Using that shortcode will allow you to display the content of one post within another post. This shortcode requires a single attribute with a key of “id”. To use this shortcode to display the content of a post or page with an ID of 25, you would use this shortcode like \u003Ccode>[post-content id=25]\u003C\u002Fcode>. This shortcode also accepts the following optional arguments:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>post_name\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode> – The slug of the post that you want to pull. This can be used in place of the \u003Ccode>id\u003C\u002Fcode> attribute\u003C\u002Fli>\n\u003Cli>\u003Ccode>show_image\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode> – Determines whether or not to display the featured image (if so, this appears before the content)\u003C\u002Fli>\n\u003Cli>\u003Ccode>show_excerpt\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode> – Determines whether to default to showing the post excerpt instead of the post content (still falls back to post content if the excerpt is not set)\u003C\u002Fli>\n\u003Cli>\u003Ccode>excerpt_length\u003C\u002Fcode> => \u003Ccode>0\u003C\u002Fcode> – If you would like to limit the length of the content\u002Fexcerpt shown on the page, specify the maximum number of words that should be shown (a read more link will automatically be appended to any entries that exceed that limit).\u003C\u002Fli>\n\u003Cli>\u003Ccode>image_width\u003C\u002Fcode> => \u003Ccode>0\u003C\u002Fcode> – The width, in pixels, to which the featured image should be sized\u003C\u002Fli>\n\u003Cli>\u003Ccode>image_height\u003C\u002Fcode> => \u003Ccode>0\u003C\u002Fcode> – The height, in pixels, to which the featured image should be sized\u003C\u002Fli>\n\u003Cli>\u003Ccode>show_title\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode> – Whether or not to show the post title at the top of the content. By default, the title is wrapped in \u003Ccode>\u003Ch2>\u003C\u002Fcode> tags, but you can use the \u003Ccode>post-content-shortcodes-title\u003C\u002Fcode> filter to modify the title output.\u003C\u002Fli>\n\u003Cli>\u003Ccode>link_image\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode> (set this to true\u002F1 if you would like to wrap the featured image in a link to the post) – Added in 0.6\u003C\u002Fli>\n\u003Cli>\u003Ccode>view_template\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode> (if you are using the \u003Ca href=\"https:\u002F\u002Fwp-types.com\u002F\" rel=\"nofollow ugc\">Views\u003C\u002Fa> plugin, you can set the ID of an existing Content Template to be used in-place of the default list item output) – Added in 0.6\u003C\u002Fli>\n\u003Cli>\u003Ccode>shortcodes\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode> – By default, this plugin strips shortcodes out of the post content\u002Fexcerpt. If you would like to attempt to process\u002Frender shortcodes in the content, set this flag to true.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Post List\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The second shortcode is the \u003Ccode>[post-list]\u003C\u002Fcode> shortcode. This shortcode does not require any arguments, but will accept the following arguments (most of which are the default arguments used with \u003Ccode>get_posts()\u003C\u002Fcode>):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>numberposts\u003C\u002Fcode> => \u003Ccode>-1\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>offset\u003C\u002Fcode> => \u003Ccode>0\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>category\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode> (can accept category slug [with quotes] or category ID [without quotes])\u003C\u002Fli>\n\u003Cli>\u003Ccode>orderby\u003C\u002Fcode> => \u003Ccode>title\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>order\u003C\u002Fcode> => \u003Ccode>asc\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>include\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>exclude\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>meta_key\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>meta_value\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_type\u003C\u002Fcode> => \u003Ccode>'post'\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_mime_type\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_parent\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>post_status\u003C\u002Fcode> => \u003Ccode>'publish'\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>exclude_current\u003C\u002Fcode> => \u003Ccode>true\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>–blog_id => 0 (the numeric ID of the site from which to pull the posts)–\u003C\u002Fli>\n\u003Cli>\u003Ccode>blog\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode> (can be set to the numeric ID or the blog name [slug] of the site from which to pull the posts – this replaces the old blog_id attribute)\u003C\u002Fli>\n\u003Cli>\u003Ccode>show_image\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>show_excerpt\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>excerpt_length\u003C\u002Fcode> => \u003Ccode>0\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>image_width\u003C\u002Fcode> => \u003Ccode>0\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>image_height\u003C\u002Fcode> => \u003Ccode>0\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>tax_name\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode> (the name of a taxonomy – e.g. “tag”, “category”, etc. – to be used to filter the list of posts) – Added in 0.6\u003C\u002Fli>\n\u003Cli>\u003Ccode>tax_term\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode> (the list of term IDs or slugs to filter the list of posts – multiple IDs or slugs can be separated by spaces) – Added in 0.6\u003C\u002Fli>\n\u003Cli>\u003Ccode>link_image\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode> (set this to true\u002F1 if you would like to wrap the featured image in a link to the post) – Added in 0.6\u003C\u002Fli>\n\u003Cli>\u003Ccode>ignore_protected\u003C\u002Fcode> => \u003Ccode>false\u003C\u002Fcode> (set this to true\u002F1 if you would like the post list to exclude any password-protected posts) – Added in 0.6\u003C\u002Fli>\n\u003Cli>\u003Ccode>view_template\u003C\u002Fcode> => \u003Ccode>null\u003C\u002Fcode> (if you are using the \u003Ca href=\"https:\u002F\u002Fwp-types.com\u002F\" rel=\"nofollow ugc\">Views\u003C\u002Fa> plugin, you can set the ID of an existing Content Template to be used in-place of the default list item output) – Added in 0.6\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The first 13 arguments are standard arguments for the \u003Ccode>get_posts()\u003C\u002Fcode> function.\u003C\u002Fp>\n\u003Cp>The \u003Ccode>exclude_current\u003C\u002Fcode> argument is not a standard argument for the \u003Ccode>get_posts()\u003C\u002Fcode> function. It is a custom argument for this plugin. When that argument is set to \u003Ccode>true\u003C\u002Fcode>, the current page or post will be excluded from the list of posts. If it is set to \u003Ccode>false\u003C\u002Fcode>, \u003Ccode>\"false\"\u003C\u002Fcode> or \u003Ccode>0\u003C\u002Fcode>, the current page or post will be included in the post list.\u003C\u002Fp>\n\u003Cp>The \u003Ccode>blog_id\u003C\u002Fcode> argument is also not standard. That argument allows you to pull a post from a site other than the current site when using WordPress multisite. Simply set that argument to the ID of the site from which you want to pull the post, and the post with the \u003Ccode>id\u003C\u002Fcode> you specify will be pulled from the blog\u002Fsite with the \u003Ccode>blog_id\u003C\u002Fcode> you specify.\u003C\u002Fp>\n\u003Cp>The \u003Ccode>show_image\u003C\u002Fcode>, \u003Ccode>image_width\u003C\u002Fcode> and \u003Ccode>image_height\u003C\u002Fcode> arguments only apply to the \u003Ccode>post-list\u003C\u002Fcode> shortcode. They determine whether to display the featured image and how to display it for each post within the list. If the \u003Ccode>image_width\u003C\u002Fcode> and \u003Ccode>image_height\u003C\u002Fcode> arguments are both set to 0 (which is the default), the “thumbnail” size will be used (assuming the \u003Ccode>show_image\u003C\u002Fcode> argument is set to 1 or “true”). If only one of the \u003Ccode>image_width\u003C\u002Fcode> or \u003Ccode>image_height\u003C\u002Fcode> arguments are set, the other argument will be set to 999999 to ensure that the specified dimension is met.\u003C\u002Fp>\n\u003Cp>The \u003Ccode>show_excerpt\u003C\u002Fcode> and \u003Ccode>excerpt_length\u003C\u002Fcode> arguments also apply to the post-list shortcode. If you set \u003Ccode>show_excerpt\u003C\u002Fcode> to 1 or “true”, the post excerpt will be shown if it exists. If it doesn’t exist (or is empty), the post content will be shown (with HTML stripped out of it). You can truncate the length of the excerpts that are shown in the post list by setting the \u003Ccode>excerpt_length\u003C\u002Fcode> value. The \u003Ccode>excerpt_length\u003C\u002Fcode> is measured in words, so if you would like each excerpt to display no more than 50 words, you would set the \u003Ccode>excerpt_length\u003C\u002Fcode> parameter to 50. If you leave it set to 0 (which is the default), the entire excerpt or content will be shown in the post list. In the \u003Ccode>post-list\u003C\u002Fcode> shortcode, if \u003Ccode>show_excerpt\u003C\u002Fcode> is set to 0 or false, no content will be shown in the list (as opposed to the behavior of the \u003Ccode>show_excerpt\u003C\u002Fcode> parameter in the \u003Ccode>post-content\u003C\u002Fcode> shortcode).\u003C\u002Fp>\n\u003Cp>The \u003Ccode>view_template\u003C\u002Fcode> argument can be a bit complicated to get working properly, and is still a bit \u003Cem>experimental\u003C\u002Fem>. Please use it at your own risk. Unfortunately, the standard [wpv-post-featured-image] and [wpv-post-url] shortcodes (and, by extension, the [wpv-post-link] shortcode) do not work properly, especially when trying to display content from another site in the network. There are three extra shortcodes created for use in your Content Template, the first two of which replace the [wpv-post-featured-image] and [wpv-post-url] shortcodes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[pcs-thumbnail]\u003C\u002Fcode> – will output the post thumbnail (at the width\u002Fheight you set in the post-content\u002Fpost-list shortcode attributes)\u003C\u002Fli>\n\u003Cli>\u003Ccode>[pcs-post-url]\u003C\u002Fcode> – will return\u002Foutput the URL to the post\u003C\u002Fli>\n\u003Cli>\u003Ccode>[pcs-entry-classes]\u003C\u002Fcode> – will add some additional classes to the entry wrapper. Accepts 2 parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>classes\u003C\u002Fcode> – a space-separated list of the CSS classes you want to apply to the entry\u003C\u002Fli>\n\u003Cli>\u003Ccode>columns\u003C\u002Fcode> – a numerical value representing how many columns you want in the list (which will automatically add column-1, column-2, etc. to the list of entry classes, as well as adding a class of “first” to the first item in each row – for instance, if you have 6 items, and you use \u003Ccode>[pcs-entry-classes classes=\"foo bar entry\" columns=\"3\"]\u003C\u002Fcode>, the class list for the first and fourth items will be \u003Ccode>foo bar entry column-1 first\u003C\u002Fcode>, the class list for the second and fifth items will be \u003Ccode>foo bar entry column-2\u003C\u002Fcode> and the class list for the third and sixth items will be \u003Ccode>foo bar entry column-3\u003C\u002Fcode>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>I have created a Gist showing a \u003Ca href=\"https:\u002F\u002Fgist.github.com\u002Fcgrymala\u002F5e6b7b36d2e8c8eaea33\" rel=\"nofollow ugc\">simple example of a Views Content Template used with a Post List widget\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>To read more about the other arguments, please \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_posts\" rel=\"nofollow ugc\">visit the codex page for the \u003Ccode>get_posts()\u003C\u002Fcode> function\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you are looking to display a list of attachments in a post, rather than displaying a list of posts or pages, you might want to check out the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flist-attachments-shortcode\u002F\" rel=\"ugc\">List Attachments Shortcode plugin\u003C\u002Fa> instead.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Multisite – Pulling Posts From Another Blog\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>To pull a list of posts from another blog, simply provide the blog’s ID as the \u003Ccode>blog_id\u003C\u002Fcode> argument in the shortcode. With that argument, this plugin will pull a list of posts that match the other criteria you provided. If the \u003Ccode>blog_id\u003C\u002Fcode> argument is provided, and the \u003Ccode>blog_id\u003C\u002Fcode> doesn’t match the ID of the current blog, the \u003Ccode>exclude_current\u003C\u002Fcode> argument will be ignored (otherwise, this plugin would automatically exclude whatever post on the other blog happens to have the same ID as the current post).\u003C\u002Fp>\n\u003Cp>When the list is displayed, shortlinks (that blog’s URL with \u003Ccode>?p=[post_id]\u003C\u002Fcode>) will be used, rather than the proper permalink, since it would require a lot more resources to build the proper permalink.\u003C\u002Fp>\n\u003Cp>The usage would look something like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[post-list blog_id=12 post_type=\"page\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>When displaying a post list, you can use any \u003Ccode>post_type\u003C\u002Fcode> that is registered on that blog (that post_type does not have to be registered on the current site).\u003C\u002Fp>\n\u003Cp>To display the content of a single post from another blog, again, simply provide the blog’s ID as the \u003Ccode>blog_id\u003C\u002Fcode> argument. That will pull the content of that post. Unfortunately, at this time, there is no way to invoke all of the plugins from the blog from which you’re pulling the content, so any shortcodes, filters, etc. that may be active on the source blog will not be parsed when the content is displayed on the current blog. Obviously, if all of the same plugins and themes are active (or, if any plugins\u002Fthemes that introduce shortcodes and filters are active) on both the source blog and the current blog, then there is nothing to worry about.\u003C\u002Fp>\n\u003Cp>The usage would look something like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[post-content blog_id=12 id=25]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>That would pull the content for the post with an ID of 25 from the blog with an ID of 12.\u003C\u002Fp>\n\u003Ch3>To Do\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add AJAX features to allow user to choose from a list of posts\u002Fsites, instead of requiring them to manually enter the ID\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds shortcodes to display the content of a post or a list of posts.",2000,99758,96,31,"2018-04-03T19:13:00.000Z","4.9.29","4.3","",[79,80,81,82,21],"clone","post-content","post-list","shortcode","http:\u002F\u002Fplugins.ten-321.com\u002Fpost-content-shortcodes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-content-shortcodes.1.0.1.1.zip",85,{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":77,"tags":101,"homepage":107,"download_link":108,"security_score":85,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"canonical-seo-content-syndication","Canonical SEO Content Syndication WordPress Plugin","3.0","Harsh Agrawal","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenharsh\u002F","\u003Cp>Content syndication is a process of amplifying your content to other blogs without hurting the SEO of your original content. You can let other blogs to republish your content in exact format with rel=canonical tag.\u003C\u002Fp>\n\u003Cp>You can read about Rel=canonical tag here at pt.4: https:\u002F\u002Fsupport.google.com\u002Fwebmasters\u002Fanswer\u002F139066?hl=en\u003C\u002Fp>\n\u003Cp>In this guide you can learn everything about using content syndication for content marketing: http:\u002F\u002Fwww.shoutmeloud.com\u002Frelcanonical-wordpresss-content-syndication-seo.html\u003C\u002Fp>\n\u003Cp>\u003Cem>Canonical SEO Content syndication plugin\u003C\u002Fem> adds a meta box at post editor section. You can add permalink of post where the content was originally published. Popular blogs like bufferblog, readwriteweb are taking advantage of content syndication and rel=canonical tags.\u003C\u002Fp>\n","Canonical SEO Content syndication plugin adds rel=canonical tag for content syndication. The meta box is added at edit post section.",500,15480,80,4,"2019-04-01T12:55:00.000Z","5.1.22","3.1",[102,103,104,105,106],"canonical","content-marketing","content-syndication","search-engine-optimisation","seo","https:\u002F\u002Fwww.shoutmeloud.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcanonical-seo-content-syndication.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":27,"num_ratings":27,"last_updated":77,"tested_up_to":16,"requires_at_least":119,"requires_php":18,"tags":120,"homepage":77,"download_link":124,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":125},"headlines-plus-widget","The Publisher Desk – Headlines Plus Widget","1.0.8","PublisherDesk","https:\u002F\u002Fprofiles.wordpress.org\u002Fthepublisherdesk\u002F","\u003Cp>Unlock the potential of your content with \u003Cstrong>Headlines Plus\u003C\u002Fstrong>, the ultimate free plugin designed to help WordPress publishers grow their audience. With tools for syndication, content sharing, and performance optimization, \u003Cstrong>Headlines Plus\u003C\u002Fstrong> connects you to a network of quality publishers to boost your reach and engagement—at no cost.\u003C\u002Fp>\n\u003Ch3>Why Choose Headlines Plus?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Free Traffic Sharing:\u003C\u002Fstrong> Gain access to a trusted network of publishers to exchange traffic and grow your audience organically.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Effortless Syndication:\u003C\u002Fstrong> Share and receive content seamlessly, driving quality traffic to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Integration:\u003C\u002Fstrong> Use customizable widgets, shortcodes, or SDK snippets to display syndicated content anywhere on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lazy Load for Performance:\u003C\u002Fstrong> Reduce initial page load time with lazy-loaded widgets that fetch content dynamically when visible.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple and Intuitive:\u003C\u002Fstrong> Designed specifically for WordPress, the plugin is easy to install, configure, and use.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Headlines Plus is your solution to building meaningful traffic without compromising on quality.\u003C\u002Fp>\n\u003Cp>Join the growing community of publishers and start sharing for free with Headlines Plus today!\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to various external services to provide its functionality. Below is an outline of the services used, the data collected, and their purpose:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Publisher Details Submission\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service\u003C\u002Fstrong>: https:\u002F\u002Fwww.publisherdesk.com\u002Fwp-json\u002Fheadlines-plus\u002Fv1\u002F*\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Collects publisher details during initial plugin setup to improve service quality and track publisher activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Collected\u003C\u002Fstrong>: Name, email, domain, and feed URL (provided during setup).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Storage\u003C\u002Fstrong>: This data is securely stored in the WordPress database and shared with our API for service enhancement.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy\u003C\u002Fstrong>: All data is handled in compliance with applicable privacy standards.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Content Recommendations with PubExchange\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service\u003C\u002Fstrong>: https:\u002F\u002Fmodule.pubexchange.com\u002Fjson\u002F*\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Enhances content recommendations using AI-powered analysis of reader behavior to deliver personalized story recommendations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Collected\u003C\u002Fstrong>: Articles being read (via feed data and plugin settings) and metadata.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.pubexchange.com\u002Flegal\u002Fprivacy\" rel=\"nofollow ugc\">PubExchange API\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Feed URL Integration\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service\u003C\u002Fstrong>: https:\u002F\u002Frss.app\u002Ffeeds\u002F_uGSbjZRP8ggLzOLF.xml\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Fetches data during the approval process to create a grid of posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Collected\u003C\u002Fstrong>: None (the feed URL provides publicly available content).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Headlines Plus SDK Integration\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service\u003C\u002Fstrong>: https:\u002F\u002Fsdk.headlinesplus.com\u002Fheadlines-plus-sdk.min.js\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Collects data from SDK widget attributes to pass to Dappier’s API and retrieve relevant content recommendations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Collected\u003C\u002Fstrong>: Metadata and configuration parameters from the SDK.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy\u003C\u002Fstrong>: Data is sent securely to the API.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Terms of Use and Privacy Policies\u003C\u002Fstrong>:\u003Cbr \u002F>\n– \u003Cstrong>Publisher Desk API\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.publisherdesk.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Cstrong>PubExchange API\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.pubexchange.com\u002Flegal\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All external integrations are designed to enhance functionality and user experience. Data transmission is conducted securely and in accordance with privacy regulations. Users are encouraged to review the terms and privacy policies of these services.\u003C\u002Fp>\n\u003Ch3>How the Widget Works\u003C\u002Fh3>\n\u003Cp>The \u003Cstrong>Headlines Plus Widget\u003C\u002Fstrong> dynamically displays a grid or list of articles by fetching curated content from an external API at \u003Ccode>api.dappier.com\u003C\u002Fcode>. Depending on the publisher’s settings, the widget pulls content from:\u003Cbr \u002F>\n– \u003Cstrong>Your website’s feed URL upon aproval\u003C\u002Fstrong> (submitted during form setup),\u003Cbr \u002F>\n– \u003Cstrong>Curated articles\u003C\u002Fstrong> sourced via the Headlines Plus publisher network.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Ch3>Widgets:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Go to \u003Cstrong>Appearance > Widgets\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Add the “Headlines Plus Widget” to your sidebar or footer area.\u003C\u002Fli>\n\u003Cli>Configure options like headline, lazy loading, and display style.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcodes:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add the following shortcode to any post or page:\u003Cbr \u002F>\n[headlines_plus_shortcode lazy_load=”true” view_style=”grid” query=”your-query”]\u003C\u002Fli>\n\u003Cli>Parameters:\u003C\u002Fli>\n\u003Cli>\u003Ccode>similarity_top_k\u003C\u002Fcode>: Number of total articles to display.\u003C\u002Fli>\n\u003Cli>\u003Ccode>lazy_load\u003C\u002Fcode>: Enable lazy loading (\u003Ccode>true\u003C\u002Fcode> or \u003Ccode>false\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Ccode>view_style\u003C\u002Fcode>: Display content in \u003Ccode>grid\u003C\u002Fcode> or \u003Ccode>list\u003C\u002Fcode> format.\u003C\u002Fli>\n\u003Cli>\u003Ccode>query\u003C\u002Fcode>: Custom search query to fetch specific content. Normally defaults to the post slug.\u003C\u002Fli>\n\u003Cli>\u003Ccode>logo_style\u003C\u002Fcode>: full-size-logo, short-logo\u003C\u002Fli>\n\u003Cli>\u003Ccode>internal_articles\u003C\u002Fcode>: Number of internal articles to include in the recommendations.\u003C\u002Fli>\n\u003C\u002Ful>\n","Headlines Plus: Free plugin for WordPress to grow your audience with traffic sharing, syndication, and lazy-loading widgets or shortcodes.",10,552,"6.0.2",[121,104,122,123],"content-sharing","traffic-sharing","wordpress-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheadlines-plus-widget.zip","2026-03-15T10:48:56.248Z",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":117,"downloaded":134,"rating":13,"num_ratings":14,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":143,"download_link":144,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"revive-to-sky","Revive To Sky – Post old content to Bluesky","1.1.1","Rhys Wynne","https:\u002F\u002Fprofiles.wordpress.org\u002Frhyswynne\u002F","\u003Cp>Revive To Sky is a WordPress plugin that helps you automatically share your old blog posts to \u003Ca href=\"https:\u002F\u002Fbsky.app\u002F\" rel=\"nofollow ugc\">Bluesky\u003C\u002Fa>, helping you increase traffic and engagement on your website. The plugin runs on a scheduled basis, ensuring your content reaches new audiences without manual intervention.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically shares old blog posts to Bluesky\u003C\u002Fli>\n\u003Cli>Configurable sharing schedule\u003C\u002Fli>\n\u003Cli>Customizable post format\u003C\u002Fli>\n\u003Cli>Image support for shared posts\u003C\u002Fli>\n\u003Cli>Easy setup and configuration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Stay Updated\u003C\u002Fh4>\n\u003Cp>Get notified about future updates and improvements by subscribing to \u003Ca href=\"https:\u002F\u002Fdwinrhys.com\u002Fnewsletter\u002F\" rel=\"nofollow ugc\">my newsletter\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>The plugin connects to the following services and uses the following API’s:-\u003C\u002Fp>\n\u003Ch4>Bluesky\u003C\u002Fh4>\n\u003Cp>This plugin connects to the Bluesky API to post messages to your Bluesky account. It will post the post title, URL to a post and a featured image, as well as any message you write, on your behalf – at intervals requested. It is needed to run the plugin.\u003C\u002Fp>\n\u003Cp>This service is provided by Bluesky Social, \u003Ca href=\"https:\u002F\u002Fbsky.social\u002Fabout\u002Fsupport\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fbsky.social\u002Fabout\u002Fsupport\u002Ftos\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Mailerlite\u003C\u002Fh4>\n\u003Cp>This plugin connects to allow users to sign up for a newsletter to receive updates on the plugin from within the plugin’s option page. Should you choose to, it will collect a name and email if you fill in the clearly defined form in the plugin’s option page. The email list is a double opt in and you can unsubscribe at any time.\u003C\u002Fp>\n\u003Cp>This service is provided by Mailerlite, \u003Ca href=\"https:\u002F\u002Fwww.mailerlite.com\u002Flegal\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.mailerlite.com\u002Flegal\u002Fterms-of-service\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Gravatar\u003C\u002Fh4>\n\u003Cp>This plugin connects to Gravatar to load an image of the plugin developer – Rhys Wynne – to put into the plugin’s option page.\u003C\u002Fp>\n\u003Cp>This service is provided by Gravatar, \u003Ca href=\"https:\u002F\u002Fsupport.gravatar.com\u002Fprivacy-and-security\u002Fdata-privacy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For urgent, paid support, please visit \u003Ca href=\"https:\u002F\u002Fdwinrhys.com\u002Fcontact-me\u002F\" rel=\"nofollow ugc\">dwinrhys.com\u002Fcontact-me\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For general support and questions, please use the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Frevive-to-sky\u002F\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>.\u003C\u002Fp>\n","Automatically syndicate your old blog posts to Bluesky on a regular basis, increasing traffic and engagement automatically.",477,"2026-01-20T15:31:00.000Z","6.9.4","5.8","7.4",[140,141,121,142,21],"automation","bluesky","social-media","https:\u002F\u002Frevivetosky.dwinrhys.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frevive-to-sky.1.1.1.zip",{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":117,"downloaded":153,"rating":27,"num_ratings":27,"last_updated":154,"tested_up_to":155,"requires_at_least":156,"requires_php":138,"tags":157,"homepage":161,"download_link":162,"security_score":85,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"tce-sharing","Tce Sharing","2.0.9","tcenl","https:\u002F\u002Fprofiles.wordpress.org\u002Ftcenl\u002F","\u003Cp>With the WordPress Plugin you can easily publish your content on TCE and sell it to publishers all over the world. It enables you to connect your WordPress CMS directly to the TCE content library, so you can join other publishers to reach a larger target audience for your content. For more information please visit: https:\u002F\u002Ftce.exchange\u002Fwordpress-plugin\u002F\u003C\u002Fp>\n","Publish content on https:\u002F\u002Ftce.exchange",3869,"2022-01-18T09:27:00.000Z","5.8.13","5.4",[158,159,21,160],"content-exchange","sharing","tce","https:\u002F\u002Ftce.exchange\u002Fen\u002Fwordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftce-sharing.2.0.9.zip",{"attackSurface":164,"codeSignals":206,"taintFlows":226,"riskAssessment":227,"analyzedAt":236},{"hooks":165,"ajaxHandlers":193,"restRoutes":200,"shortcodes":201,"cronEvents":202,"entryPointCount":14,"unprotectedCount":14},[166,172,177,180,182,185,190],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","admin_menu","adminMenu","app\\WPMenu.php",46,{"type":167,"name":173,"callback":174,"file":175,"line":176},"plugins_loaded","anonymous","includes\\class-the-tribal-plugin.php",142,{"type":167,"name":178,"callback":174,"file":175,"line":179},"admin_enqueue_scripts",157,{"type":167,"name":178,"callback":174,"file":175,"line":181},158,{"type":167,"name":183,"callback":174,"file":175,"line":184},"ttt_user_cron_hook",159,{"type":167,"name":186,"callback":187,"file":188,"line":189},"init","run_the_tribal_plugin","the-tribal-plugin.php",121,{"type":167,"name":186,"callback":191,"file":188,"line":192},"ttt_init_client",127,[194],{"action":195,"nopriv":196,"callback":197,"hasNonce":196,"hasCapCheck":196,"file":198,"line":199},"ttt_import_post",false,"import","app\\AjaxImportPost.php",43,[],[],[203],{"hook":183,"callback":183,"file":204,"line":205},"helpers\\utilities.php",166,{"dangerousFunctions":207,"sqlUsage":208,"outputEscaping":213,"fileOperations":224,"externalRequests":97,"nonceChecks":26,"capabilityChecks":27,"bundledLibraries":225},[],{"prepared":26,"raw":14,"locations":209},[210],{"file":204,"line":211,"context":212},160,"$wpdb->query() with variable interpolation",{"escaped":214,"rawEcho":215,"locations":216},16,3,[217,220,222],{"file":218,"line":14,"context":219},"admin\\partials\\dashboard\\api.php","raw output",{"file":221,"line":14,"context":219},"admin\\partials\\dashboard\\import.php",{"file":223,"line":14,"context":219},"admin\\partials\\dashboard\\settings.php",5,[],[],{"summary":228,"deductions":229},"The plugin exhibits a mixed security posture. While it shows good practices such as a high percentage of prepared SQL statements and properly escaped output, there are significant areas of concern. The presence of an unprotected AJAX handler represents a critical vulnerability in the attack surface, as it can be invoked by unauthenticated users. This is further amplified by the complete absence of capability checks, meaning any functionality exposed via this handler is accessible to anyone.  The vulnerability history, with two medium severity CVEs in the past, including Cross-Site Scripting and Exposure of Sensitive Information, suggests a recurring pattern of insecure coding practices despite the apparent good intentions in other areas. The fact that the last vulnerability was recently patched, and there are no currently unpatched CVEs, is a positive sign, but the historical context warrants caution. Overall, the plugin has potential but requires immediate attention to its unprotected entry points and a more robust approach to user authorization.",[230,232,234],{"reason":231,"points":117},"Unprotected AJAX handler",{"reason":233,"points":117},"No capability checks",{"reason":235,"points":117},"2 medium severity CVEs historically","2026-03-16T19:16:45.520Z",{"wat":238,"direct":251},{"assetPaths":239,"generatorPatterns":244,"scriptPaths":245,"versionParams":246},[240,241,242,243],"\u002Fwp-content\u002Fplugins\u002Fthe-tech-tribe\u002Fassets\u002Fcss\u002Fbootstrap-iso-v5.3.3.min.css","\u002Fwp-content\u002Fplugins\u002Fthe-tech-tribe\u002Fassets\u002Fjs\u002Fbootstrap-v5.3.2.bundle.min.js","\u002Fwp-content\u002Fplugins\u002Fthe-tech-tribe\u002Fcss\u002Fthe-tribal-plugin-admin.css","\u002Fwp-content\u002Fplugins\u002Fthe-tech-tribe\u002Fjs\u002Fthe-tribal-plugin-admin.js",[],[243],[247,248,249,250],"the-tribal-plugin-admin.css?ver=","bootstrap-iso-v5.3.3.min.css?ver=","the-tribal-plugin-admin.js?ver=","bootstrap-v5.3.2.bundle.min.js?ver=",{"cssClasses":252,"htmlComments":253,"htmlAttributes":254,"restEndpoints":255,"jsGlobals":256,"shortcodeOutput":258},[],[],[],[],[257],"ttt_admin_ajax_object",[]]