[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_h8s-ph05Lz8ey_WHBsWqeFd4SIp4_JWfgSeFfnyMBM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":136,"fingerprints":248},"time-machine","Time Machine","0.4.1","Aleksandar Urošević","https:\u002F\u002Fprofiles.wordpress.org\u002Furkekg\u002F","\u003Cp>Time Machine is a simple plugin that grab \u003Ccode>N\u003C\u002Fcode> published articles from database (posts and\u002For pages) published on current day and\u002For offset of time in past years, and list them in widget.\u003Cbr \u002F>\nUser can set widget title, number of displayed articles and message printed when there is no public articles on current day or offset of time in past.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>list only published articles (ignore Draft’s)\u003C\u002Fli>\n\u003Cli>it’s safe and will not list password protected articles until you strictly enable this option in widget settings\u003C\u002Fli>\n\u003Cli>option to exclude pages\u003C\u002Fli>\n\u003Cli>option to exclude articles published in current year\u003C\u002Fli>\n\u003Cli>option to hide widget if there is no articles in past (don’t even displays \u003Ccode>no articles\u003C\u002Fcode> message)\u003C\u002Fli>\n\u003Cli>configurable widget title, number of displayed articles, message when there is no articles, and optional display comments number\u003C\u002Fli>\n\u003Cli>use theme based CSS Stylesheet\u003C\u002Fli>\n\u003C\u002Ful>\n","Time Machine widget list articles published in past, relative to current date for specified offset of time, including all years of blogging (Ok, at le …",90,7693,100,2,"2020-12-28T08:08:00.000Z","4.1.42","3.9","",[20,21,22,23,24],"archive","past","posts","time","widget","http:\u002F\u002Fblog.urosevic.net\u002Fwordpress\u002Ftime-machine\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftime-machine.0.4.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"urkekg",8,108100,91,180,73,"2026-04-04T20:14:54.140Z",[41,63,83,103,120],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":61,"download_link":62,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"expanding-archives","Expanding Archives","2.1.0","Ashley","https:\u002F\u002Fprofiles.wordpress.org\u002Fnosegraze\u002F","\u003Cp>Expanding Archives adds a widget that shows your old posts in an expandable\u002Fcollapsible format. Each post is categorized under its year and month, so you can expand all the posts in a given month and year.\u003C\u002Fp>\n\u003Cp>This plugin comes with very minimal CSS styling so you can easily customize it to match your design.\u003C\u002Fp>\n\u003Cp>JavaScript is required. No IE support.\u003C\u002Fp>\n","This plugin adds a new widget where you can view your old posts by expanding certain years and months.",2000,22798,94,6,"2024-03-23T14:55:00.000Z","6.4.8","3.0","7.4",[58,59,22,60,24],"archives","navigation","sidebar","https:\u002F\u002Fshop.nosegraze.com\u002Fproduct\u002Fexpanding-archives\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpanding-archives.zip",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":18,"tags":78,"homepage":81,"download_link":82,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"a-year-before","A Year Before","1.0.3","Ralf","https:\u002F\u002Fprofiles.wordpress.org\u002Fwuerzblog\u002F","\u003Cp>With “A Year Before” you can show the titles of the articles which were written a certain time ago. So you can show in a “historical corner”, what happend in your blog e.g. 30 days, 6 months or a year before. You also can use the “anniversary-mode”, which will display all the posts through the years, which were written on this day and month.\u003C\u002Fp>\n\u003Cp>You can use it as a wordpress-widget or put it in your theme as a php-function with parameters.\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Ch4>Using the widget\u003C\u002Fh4>\n\u003Cp>Just click on the configuration-button of the widget an use the selfexplaining popup-dialog.\u003Cbr \u002F>\nUse the output-pattern to define the look of the found articles. Possible patterns are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>%title% The title of the article\u003C\u002Fli>\n\u003Cli>%link% The link to the article\u003C\u002Fli>\n\u003Cli>%date% The date of the article\u003C\u002Fli>\n\u003Cli>%excerpt% The excerpt of the article. You can define the number of displayed characters bei appending the number like %excerpt80%, which will display 80 characters.\u003C\u002Fli>\n\u003Cli>%thumbnail% The featured image of the article.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Not using the widget\u003C\u002Fh4>\n\u003Cp>You can call the plugin with a PHP-statement in a WordPress-Theme and pass some parameters in this scheme\u003Cbr \u002F>\nparameter1=value1&parameter2=value2&parameter3=value3 …\u003C\u002Fp>\n\u003Cp>You can use the following parameters\u003C\u002Fp>\n\u003Cul>\n\u003Cli>day : the number of days ago you want to show the articles.\u003C\u002Fli>\n\u003Cli>month : the number of month ago you want to show the articles.\u003C\u002Fli>\n\u003Cli>year : the number of years ago you want to show the articles.\u003C\u002Fli>\n\u003Cli>before : piece of HTML to insert before the title of the articles. Default \u003Ccode>\u003Cli>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>after: piece of HTML to insert after the title of the articles. Default \u003Ccode>\u003C\u002Fli>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>range: number of days the plugin will search back in the future (relative to the values of day, month and year above) for an article. Meant as a “round about this day”-feature. Default 0\u003C\u002Fli>\n\u003Cli>showdate: shows the date (showdate=1) before every title or not (showdate=0)\u003C\u002Fli>\n\u003Cli>dateformat : dateformat as used by PHP. Default ist the german shortform “d.m.y”\u003C\u002Fli>\n\u003Cli>notfound: the text the plugin will output, if no article is found on the defined date.\u003C\u002Fli>\n\u003Cli>anniversary: if set to 1, the plugin will display all articles ever blogged with the same number of day and month. The parameters “day”, “month”, “year” and “range” will be ignored if used.\u003C\u002Fli>\n\u003Cli>private: show private posts? 0: only public posts 1: private and public posts 2: only private posts. Default 0\u003C\u002Fli>\n\u003Cli>showpages: show pages? 0: No, 1: Yes. Default 0\u003C\u002Fli>\n\u003Cli>posts_max: number of articles to be shown. 0 means ‘all’. Default 0\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>ayb_posts(\"day=30&before=&after=\u003Cbr \u002F>&showdate=0\");\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Shows the titles of the articles written 30 days ago without showing the date. The articles will not been showed as a HTML-list but simply seperated by a linebreak \u003Ccode>\u003Cbr \u002F>\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>ayb_posts(\"month=6&day=14&notfound=Nothing blogged on this day.\");\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The titles of the articles written half a year and two weeks before, also showing the date . If there was no article written on that day, the output will be »Nothing blogged on this day.«\u003C\u002Fp>\n\u003Cpre>\u003Ccode>ayb_posts(\"range=14&dateformat=y-m-d\");\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Looks up a year back for written articles. If none are found, the plugin will check the next 14 days in the future. If a article is found on some of this days, all articles of this day will be listed with a “year-month-day”-format.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>ayb_posts(\"anniversary=1\");\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Shows the title of all posts, which were posted on the same day in the same month, independend of the year. E.g. on chistmas day you will see all posts, which are posted on december 24th since the blog was started.\u003C\u002Fp>\n\u003Ch3>Styling\u003C\u002Fh3>\n\u003Cp>If you like CSS, you can style the date with the class \u003Ccode>ayb_date\u003C\u002Fcode>, the link of the article with the class \u003Ccode>ayb_link\u003C\u002Fcode> and the notfound-message by using the class \u003Ccode>ayb_notfound\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Cp>Deactivate the plugin, then select “delete” in the plugin-panel. The files \u003Cem>and\u003C\u002Fem> the options of this plugin will be deleted. Thank you for using “a year before”. 😉\u003C\u002Fp>\n","\"A Year Before\" shows a list of articles, which were written a certain time ago. So you can show in a history, what happend in your blog in  …",50,17754,84,5,"2019-05-19T19:31:00.000Z","5.2.24","2.8.0",[79,80,22,23,24],"date","history","http:\u002F\u002Fherrthees.de\u002F2012\u002F09\u002F15\u002Fwordpress-plugin-a-year-before\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fa-year-before.1.0.3.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":13,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":18,"tags":97,"homepage":101,"download_link":102,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"category-recent-posts-widget","Categories Recent Posts Widget","1.1","The Medios","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemedios\u002F","\u003Cp>An easy to use Recent Posts Plugin. This plugin will allow you to display the recent posts in a sidebar only on a category page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New Features Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Specify the number of posts to display in the sidebar\u003C\u002Fli>\n\u003Cli>Show\u002F hide excerpt\u003C\u002Fli>\n\u003Cli>Specify the number of words to be displayed in the excerpt\u003C\u002Fli>\n\u003Cli>Option to specify custom Read More text\u003C\u002Fli>\n\u003Cli>The Read More text is also a link to the posts permalink\u003C\u002Fli>\n\u003C\u002Ful>\n","This widget displays the recent posts on a category page for that category",40,8389,1,"2014-01-25T15:41:00.000Z","3.7.41","3.1.0",[98,99,100,60,24],"archive-page","post","recent-posts","http:\u002F\u002Fthemedios.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-recent-posts-widget.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":13,"num_ratings":14,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":118,"download_link":119,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cpk-ultimate-archives","CPK Ultimate Archives","1.0","CPK Web Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fcpkwebsolutions\u002F","\u003Cp>Use this widget to filter your archives.  For example if you’d only like archives for posts in category 2, simply enter ‘cat=2’ into the widget settings form.  The widget allows very complex filtering rules.  You can even alter the number of posts displayed on an archive page.\u003C\u002Fp>\n","An improved version of the default WP Archives widget that allows complex filtering.",20,2380,"2013-03-09T06:44:00.000Z","3.5.2","3.3",[20,117,22,60,24],"list","http:\u002F\u002Fcpkwebsolutions.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcpk-ultimate-archives.1.0.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":13,"num_ratings":14,"last_updated":130,"tested_up_to":131,"requires_at_least":115,"requires_php":18,"tags":132,"homepage":134,"download_link":135,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"azurecurve-posts-archive","azurecurve Posts Archive","2.0.2","azurecurve","https:\u002F\u002Fprofiles.wordpress.org\u002Fazurecurve\u002F","\u003Cp>The Posts Archive plugin is based on the \u003Ca href=\"http:\u002F\u002Fplanetozh.com\u002Fblog\u002Fmy-projects\u002Fozh-tweet-archive-theme-for-wordpress\u002F\" rel=\"nofollow ugc\">Ozh Tweet Archive – a theme for WordPress\u003C\u002Fa>. The tweet archive was extracted, enhanced and turned into this plugin which lets the posts archive to be displayed in a page or in a widget.\u003C\u002Fp>\n\u003Cp>This plugin supports language translations. If you want to translate this plugin please sent the .po and .mo files to wordpress.translations@azurecurve.co.uk for inclusion in the next version (full credit will be given). The .pot fie is in the languages folder of the plugin and can also be downloaded from the plugin page on http:\u002F\u002Fdevelopment.azurecurve.co.uk.\u003C\u002Fp>\n","Posts Archive (multi-site compatible) based on Ozh Tweet Archive Theme; archive can be displayed in a widget, post or page.",10,2298,"2018-12-06T19:35:00.000Z","5.0.0",[20,133,22,24],"page","http:\u002F\u002Fdevelopment.azurecurve.co.uk\u002Fplugins\u002Fposts-archive","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fazurecurve-posts-archive.2.0.2.zip",{"attackSurface":137,"codeSignals":149,"taintFlows":241,"riskAssessment":242,"analyzedAt":247},{"hooks":138,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":28,"unprotectedCount":28},[139],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","widgets_init","closure","inc\\widget.php",399,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":28,"externalRequests":28,"nonceChecks":93,"capabilityChecks":93,"bundledLibraries":240},[],{"prepared":93,"raw":28,"locations":152},[],{"escaped":154,"rawEcho":155,"locations":156},14,49,[157,160,162,164,165,167,169,170,172,174,175,177,179,180,182,184,185,187,189,190,192,194,195,197,199,200,202,204,205,207,209,210,212,214,215,217,219,220,222,224,225,227,229,230,232,234,235,237,239],{"file":143,"line":158,"context":159},223,"raw output",{"file":143,"line":161,"context":159},258,{"file":143,"line":163,"context":159},259,{"file":143,"line":163,"context":159},{"file":143,"line":166,"context":159},263,{"file":143,"line":168,"context":159},264,{"file":143,"line":168,"context":159},{"file":143,"line":171,"context":159},268,{"file":143,"line":173,"context":159},269,{"file":143,"line":173,"context":159},{"file":143,"line":176,"context":159},273,{"file":143,"line":178,"context":159},274,{"file":143,"line":178,"context":159},{"file":143,"line":181,"context":159},277,{"file":143,"line":183,"context":159},278,{"file":143,"line":183,"context":159},{"file":143,"line":186,"context":159},281,{"file":143,"line":188,"context":159},282,{"file":143,"line":188,"context":159},{"file":143,"line":191,"context":159},285,{"file":143,"line":193,"context":159},286,{"file":143,"line":193,"context":159},{"file":143,"line":196,"context":159},289,{"file":143,"line":198,"context":159},290,{"file":143,"line":198,"context":159},{"file":143,"line":201,"context":159},297,{"file":143,"line":203,"context":159},298,{"file":143,"line":203,"context":159},{"file":143,"line":206,"context":159},302,{"file":143,"line":208,"context":159},303,{"file":143,"line":208,"context":159},{"file":143,"line":211,"context":159},313,{"file":143,"line":213,"context":159},314,{"file":143,"line":213,"context":159},{"file":143,"line":216,"context":159},323,{"file":143,"line":218,"context":159},324,{"file":143,"line":218,"context":159},{"file":143,"line":221,"context":159},328,{"file":143,"line":223,"context":159},329,{"file":143,"line":223,"context":159},{"file":143,"line":226,"context":159},332,{"file":143,"line":228,"context":159},333,{"file":143,"line":228,"context":159},{"file":143,"line":231,"context":159},336,{"file":143,"line":233,"context":159},337,{"file":143,"line":233,"context":159},{"file":143,"line":236,"context":159},339,{"file":143,"line":238,"context":159},340,{"file":143,"line":238,"context":159},[],[],{"summary":243,"deductions":244},"The \"time-machine\" plugin v0.4.1 exhibits a generally strong security posture based on the provided static analysis. The absence of any detected AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the analysis indicates a complete lack of direct SQL queries without prepared statements, no file operations, and no external HTTP requests, all of which are positive security indicators. The presence of nonce and capability checks, even with a limited entry point, demonstrates an awareness of fundamental WordPress security practices.\n\nHowever, a notable concern arises from the output escaping. With 63 total outputs and only 22% properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This means that user-supplied data, or data that passes through the plugin without proper sanitization before output, could potentially be injected and executed in the browser of other users. The taint analysis, while showing zero flows with unsanitized paths, might be limited by the analyzed scope. Given the limited entry points, it's possible that more complex or indirect taint chains were not detected, but the unescaped output remains the primary, evidence-backed concern.\n\nThe plugin's vulnerability history is clean, with zero recorded CVEs. This is a positive sign, suggesting a history of secure development. However, it's important to note that a clean history doesn't guarantee future security, especially when combined with a weakness like poor output escaping. The lack of any detected vulnerabilities so far might also be attributed to the limited attack surface and the fact that this version is relatively recent, or that the plugin might not have been subjected to extensive external security audits or fuzzing.",[245],{"reason":246,"points":34},"Insufficient output escaping detected","2026-03-16T21:17:49.858Z",{"wat":249,"direct":258},{"assetPaths":250,"generatorPatterns":252,"scriptPaths":253,"versionParams":255},[251],"\u002Fwp-content\u002Fplugins\u002Ftime-machine\u002Fcss\u002Fstyle.css",[],[254],"\u002Fwp-content\u002Fplugins\u002Ftime-machine\u002Fjs\u002Fscript.js",[256,257],"time-machine\u002Fcss\u002Fstyle.css?ver=","time-machine\u002Fjs\u002Fscript.js?ver=",{"cssClasses":259,"htmlComments":262,"htmlAttributes":263,"restEndpoints":265,"jsGlobals":266,"shortcodeOutput":267},[260,261],"article-title","meta-date",[],[264],"style=\"cursor:help\"",[],[],[]]