[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f57I38upD2VQ4JAdz3R9bcziDBQrmB1xDg0z1OZkMKWk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":15,"tags":17,"homepage":15,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":32,"analysis":132,"fingerprints":185},"top-songs","Top Songs","1.0.0","brainwithstorm","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainwithstorm\u002F","\u003Cp>Plugin to show top songs – admin can set it to widget area, set its title and number of songs and some special display options.\u003Cbr \u002F>\nSimple stand-alone widget displaying daily top songs via ajax script (that is cached for 2 hours after loading data) from external source (check external source section). There are some display customization options like number of displayed songs, song images display and link to songs option (default: false)\u003C\u002Fp>\n\u003Cp>** External source **\u003C\u002Fp>\n\u003Cp>External source page External source URL: http:\u002F\u002Fwww.mytopnewsongs.com is owned by Tomaz Miholic and it’s not in privacy policy conflict with the website privacy. External source is necessary part of this plugin because the data is coming from this source.\u003Cbr \u002F>\nPlease not that if image display option is enabled that this can have impact on your wordpress website loading time, because images are loaded from external source from four different subdomains (External source domain: mytopnewsongs.com, subdomains: imga,imgb,imgc,imgd).\u003C\u002Fp>\n\u003Cp>In next upgrade it’s planned to add the categories (music genres) so user can select most appropriate genre for his blog\u002Fmusic style.\u003C\u002Fp>\n\u003Ch3>Arbitrary section 1\u003C\u002Fh3>\n","Plugin - widget that will show top songs every day - set this to your sidebar and you will have amazing content.",10,3476,0,"2013-11-20T20:26:00.000Z","","2.9",[18,19,20,21,4],"artists","charts","music","songs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftop-songs.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,84,"2026-04-05T03:37:42.586Z",[33,54,78,98,115],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":15,"tags":48,"homepage":52,"download_link":53,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"widget-music-chart","Widget Music Chart","1.0","Mr. Meo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeohen1989\u002F","\u003Cp>Widget Music Chart allows you to show charts from billboard.com or officialcharts.com\u003C\u002Fp>\n\u003Cp>Supported charts:\u003Cbr \u002F>\n– billboard hot 100\u003Cbr \u002F>\n– billboard 200\u003Cbr \u002F>\n– billboard artist 100\u003Cbr \u002F>\n– uk single top 100\u003Cbr \u002F>\n– uk album top 100\u003Cbr \u002F>\n– keep adding…\u003C\u002Fp>\n\u003Cp>If you want any chart, just tell me.\u003C\u002Fp>\n\u003Ch3>This plugin doens’t work anymore\u003C\u002Fh3>\n\u003Cp>I no longer develope this plugin. Stop using it.\u003C\u002Fp>\n\u003Ch3>Override support\u003C\u002Fh3>\n\u003Cp>You can create layout on ‘layouts’ folder, or create new layout at your theme at directory\u003C\u002Fp>\n\u003Cp>[theme_directory] \u002F widget-music-chart \u002F layout.php\u003C\u002Fp>\n\u003Cp>Then pick layout you want at widget setting\u003C\u002Fp>\n\u003Cp>Demo: \u003Ca href=\"https:\u002F\u002Fuser-images.githubusercontent.com\u002F20571336\u002F75089293-dfb0ae00-5589-11ea-87ea-2f5cce073481.png\" rel=\"nofollow ugc\">Link\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Like my work?\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fmrmeo89\" rel=\"nofollow ugc\">By me a coffee\u003C\u002Fa>\u003C\u002Fp>\n","Widget Music Chart allows you to show charts from billboard.com or officialcharts.com",20,3405,100,4,"2022-02-17T10:00:00.000Z","5.3.21","4.0",[49,50,20,51,4],"billboard","chart","officialchart","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-music-chart\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-music-chart.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":15,"tags":69,"homepage":73,"download_link":74,"security_score":75,"vuln_count":76,"unpatched_count":13,"last_vuln_date":77,"fetched_at":25},"transcoder","Transcoder","1.4.1","rtCamp","https:\u002F\u002Fprofiles.wordpress.org\u002Frtcamp\u002F","\u003Cp>\u003Cstrong>Transcoder plugin has been discontinued and no longer maintained\u003C\u002Fstrong>, we recommend to use our new video management solution \u003Ca href=\"https:\u002F\u002Fgodam.io\u002F?utm_source=readme&utm_medium=plugin&utm_campaign=transcoder\" rel=\"nofollow ugc\">GoDAM\u003C\u002Fa> which provides smart transcoding & adaptive bitrate, generate thumbnail, add custom layers, better way to organize media files, serve via CDN and do a lot more. Install the GoDAM plugin from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgodam\" rel=\"ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Transcoder easily converts all audio and video files uploaded to your website to a web-friendly format.\u003C\u002Fp>\n\u003Cp>Transcoder eliminates the need for a dedicated media node- no fiddling with installation, managing dependancies or renting servers! Transcoder also works on shared hosting- just install, subscribe and go!\u003C\u002Fp>\n\u003Cp>All transcoding services are available via a subscription plan through this plugin.\u003Cbr \u002F>\nSubscribe to our free plan from the plugin’s settings or from our \u003Ca href=\"https:\u002F\u002Frtmedia.io\u002Ftranscoder\u002F?utm_source=readme&utm_medium=plugin&utm_campaign=transcoder\" rel=\"nofollow ugc\">product page\u003C\u002Fa>. Note that Transcoder will not provide any services without a subscription plan.\u003C\u002Fp>\n\u003Ch4>Supported input media types:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Audio: mp3, m4a, wav, ogg, wma\u003C\u002Fli>\n\u003Cli>Video: 3g2, 3gp, avi, flv, m4v, mp4, mpg, ogv, webm, wmv\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported output media types:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Audio: mp3\u003C\u002Fli>\n\u003Cli>Video: mp4\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Create the ultimate niche community by combining Transcoder with our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress-media\u002F\" rel=\"ugc\">rtMedia\u003C\u002Fa> plugin. Transcoder works perfectly with rtMedia to create a social experience that is accessible across all desktop and mobile devices.\u003C\u002Fp>\n\u003Ch4>Transcoder Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Works with ANY WordPress website\u003C\u002Fstrong> – Transcoder plugs into your current website seamlessly, instantly improving user audio\u002Fvideo experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>rtMedia integration\u003C\u002Fstrong> – Works perfectly with our own \u003Ca href=\"https:\u002F\u002Frtmedia.io\u002F?utm_source=readme&utm_medium=plugin&utm_campaign=transcoder\" rel=\"nofollow ugc\">rtMedia\u003C\u002Fa>, for a complete social media platform.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thumbnail generation\u003C\u002Fstrong> – Automatically generate up to 10 thumbnails for every video, from which your users can choose one.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>[rt_media] shortcode\u003C\u002Fstrong> – Use our shortcode to display transcoded audio\u002Fvideo file on any post or page. For example, [rt_media attachment_id=xx] the attachment_id parameter specifies the file to be displayed.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Privacy Warning\u003C\u002Fh4>\n\u003Cp>In order for us to transcode your media files, we need to copy it over to our server.\u003Cbr \u002F>\nAfter transcoding is completed, the media can reside on our server for a maximum of 24 hours, before it is permanently and irreversibly removed by a Cron job.\u003C\u002Fp>\n\u003Ch4>Future Roadmap\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Additional output formats for video- ogg, webm\u003C\u002Fli>\n\u003Cli>Downsampling capabilities for output video resolution\u003C\u002Fli>\n\u003Cli>RESTful API\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Important Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frtmedia.io\u002Ftranscoder\u002F?utm_source=readme&utm_medium=plugin&utm_campaign=transcoder\" title=\"Visit Transcoder's Homepage\" rel=\"nofollow ugc\">Project Homepage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frtmedia.io\u002Fdocs\u002Ftranscoder\u002F?utm_source=readme&utm_medium=plugin&utm_campaign=transcoder\" title=\"Visit Transcoder's Documentation page\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frtmedia.io\u002Ftranscoder\u002F?utm_source=readme&utm_medium=plugin&utm_campaign=transcoder#frequently-asked-questions\" title=\"Visit FAQ page\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FrtCamp\u002Ftranscoder\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> – Please mention your wordpress.org username when sending pull requests.\u003C\u002Fli>\n\u003C\u002Ful>\n","Transcoding services for ANY WordPress website. Convert audio\u002Fvideo files of any format to a web-friendly format (mp3\u002Fmp4).",500,87382,72,8,"2025-08-22T11:38:00.000Z","6.8.5","4.1",[70,71,72,20,21],"audio","media","multimedia","https:\u002F\u002Frtmedia.io\u002Ftranscoder\u002F?utm_source=dashboard&utm_medium=plugin&utm_campaign=transcoder","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftranscoder.1.4.1.zip",98,2,"2025-08-27 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":43,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":15,"download_link":97,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"wp-chords","WP Chords","1.1.0","emreplt","https:\u002F\u002Fprofiles.wordpress.org\u002Femreplt\u002F","\u003Cp>WP Chords allows you to format and display the chords on your blog. You can set font sizes, enable transposing chords especially in your posts. \u003Cstrong>Compatible with \u003Ca href=\"http:\u002F\u002Famp.dev\" rel=\"nofollow ugc\">Google AMP\u003C\u002Fa> (Accelerated Mobile Pages)\u003C\u002Fstrong>.  It’s fully supported different devices such as tablets, mobile phones and most of web browsers.\u003C\u002Fp>\n\u003Ch3>Eazy Real Time Demo\u003C\u002Fh3>\n\u003Cp>As soon as you install the WP Chords plugin, you will find live demo playground under \u003Cstrong>Settings\u003C\u002Fstrong>->\u003Cstrong>WP Chords\u003C\u002Fstrong>. You even don’t need to create a post or a record in your database!\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Please follow \u003Cstrong>How can I test it?\u003C\u002Fstrong> directions in FAQ page.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Formatting\u003C\u002Fh3>\n\u003Cp>You can define your chords at the correct positions in your song using chord shortcodes. 187 codes are available in below. On your final post view your chords will be automatically placed in their correct positions. You can configure formatting with some options such as below\u003C\u002Fp>\n\u003Ch4>Formatting Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display with \u003Cem>monospace\u003C\u002Fem> font.\u003C\u002Fli>\n\u003Cli>Display with alternating chords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Transposing\u003C\u002Fh3>\n\u003Cp>On your final post view, visitors can adjust chord transposing as they wish with 17 half tones. On the transpose bar, the first chord in the song will be automatically selected as default tone.\u003C\u002Fp>\n\u003Ch4>Transposing Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Tones are: Ab, A, A#, Bb, B, C, C#, Db, D, D#, Db, E, F, F#, Gb, G, G#.\u003C\u002Fli>\n\u003Cli>Transposing can be turned off.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Font Sizing\u003C\u002Fh3>\n\u003Cp>Your visitor can adjust font size for the song, while playing it.\u003C\u002Fp>\n\u003Ch4>Font Sizing Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>It can be turned off\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Printing\u003C\u002Fh3>\n\u003Cp>Your visitor can print the chord itself for using outside.\u003C\u002Fp>\n\u003Ch4>Printing Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>It can be turned off\u003C\u002Fli>\n\u003Cli>Footer text can be adjusted\u003C\u002Fli>\n\u003Cli>Font size applies\u003C\u002Fli>\n\u003Cli>Transpose applies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported Chords:\u003C\u002Fh3>\n\u003Cp>Ab, Abm, Ab6, Ab7, Ab9, Abm6, Abm7, Abmaj7, Abdim, Ab+, Absus, A, Am, A6, A7, A9, Am6, Am7, Amaj7, Adim, A+, Asus, A#, A#m, A#6, A#7, A#9, A#m6, A#m7, A#maj7, A#dim, A#+, A#sus, Bb, Bbm, Bb6, Bb7, Bb9, Bbm6, Bbm7, Bbmaj7, Bbdim, Bb+, Bbsus, B, Bm, B6, B7, B9, Bm6, Bm7, Bmaj7, Bdim, B+, Bsus, C, Cm, C6, C7, C9, Cm6, Cm7, Cmaj7, Cdim, C+, Csus, C#, C#m, C#6, C#7, C#9, C#m6, C#m7, C#maj7, C#dim, C#+, C#sus, Db, Dbm, Db6, Db7, Db9, Dbm6, Dbm7, Dbmaj7, Dbdim, Db+, Dbsus, D, Dm, D6, D7, D9, Dm6, Dm7, Dmaj7, Ddim, D+, Dsus, D#, D#m, D#6, D#7, D#9, D#m6, D#m7, D#maj7, D#dim, D#+, D#sus, Eb, Ebm, Eb6, Eb7, Eb9, Ebm6, Ebm7, Ebmaj7, Ebdim, Eb+, Ebsus, E, Em, E6, E7, E9, Em6, Em7, Emaj7, Edim, E+, Esus, F, Fm, F6, F7, F9, Fm6, Fm7, Fmaj7, Fdim, F+, Fsus, F#, F#m, F#6, F#7, F#9, F#m6, F#m7, F#maj7, F#dim, F#+, F#sus, Gb, Gbm, Gb6, Gb7, Gb9, Gbm6, Gbm7, Gbmaj7, Gbdim, Gb+, Gbsus, G, Gm, G6, G7, G9, Gm6, Gm7, Gmaj7, Gdim, G+, Gsus, G#, G#m, G#6, G#7, G#9, G#m6, G#m7, G#maj7, G#dim, G#+, G#sus\u003C\u002Fp>\n","WP Chords allows you to format and display the chords on your blog including mobile friendly interface and AMP functionality.",200,5911,6,"2021-05-10T00:59:00.000Z","5.7.15","4.6","5.2.4",[94,95,20,21,96],"chords","guitar","ukulele","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-chords.zip",{"slug":99,"name":100,"version":81,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":29,"downloaded":105,"rating":106,"num_ratings":76,"last_updated":15,"tested_up_to":107,"requires_at_least":108,"requires_php":15,"tags":109,"homepage":112,"download_link":113,"security_score":43,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":114},"top-music-charts-widget","Top Music Charts Widget","Garrett Grimm","https:\u002F\u002Fprofiles.wordpress.org\u002Fgrimmdude\u002F","\u003Cp>Displays a widget listing the top iTunes charts of your choosing.  You can also specify the number of results you would like to see.  Caches chart for 12 hours for best performance.\u003C\u002Fp>\n","Displays a widget listing the top iTunes charts of your choosing.",6221,60,"4.9.29","3.2",[49,19,20,110,111],"top-40","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftop-music-charts-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftop-music-charts-widget.1.1.0.zip","2026-03-15T10:48:56.248Z",{"slug":116,"name":117,"version":36,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":11,"downloaded":122,"rating":123,"num_ratings":44,"last_updated":15,"tested_up_to":124,"requires_at_least":125,"requires_php":15,"tags":126,"homepage":130,"download_link":131,"security_score":43,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":114},"itunes-charts","iTunes Charts","Ollie","https:\u002F\u002Fprofiles.wordpress.org\u002Fwodco\u002F","\u003Cp>iTunes widget that automatically updates to reflect the latest charts\u003C\u002Fp>\n","iTunes widget that automatically updates to reflect the latest charts.",2869,80,"4.2.39","3.0.1",[19,127,128,20,129],"itunes","itunes-chart","music-chart","http:\u002F\u002Fwodco.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fitunes-charts.zip",{"attackSurface":133,"codeSignals":145,"taintFlows":173,"riskAssessment":174,"analyzedAt":184},{"hooks":134,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":144,"entryPointCount":13,"unprotectedCount":13},[135],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","widgets_init","topsongs_widget_Init","top-songs.php",36,[],[],[],[],{"dangerousFunctions":146,"sqlUsage":147,"outputEscaping":149,"fileOperations":13,"externalRequests":28,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":172},[],{"prepared":13,"raw":13,"locations":148},[],{"escaped":13,"rawEcho":150,"locations":151},12,[152,155,156,157,159,161,163,164,165,167,168,170],{"file":139,"line":153,"context":154},83,"raw output",{"file":139,"line":30,"context":154},{"file":139,"line":23,"context":154},{"file":139,"line":158,"context":154},86,{"file":139,"line":160,"context":154},87,{"file":139,"line":162,"context":154},112,{"file":139,"line":162,"context":154},{"file":139,"line":162,"context":154},{"file":139,"line":166,"context":154},113,{"file":139,"line":166,"context":154},{"file":139,"line":169,"context":154},114,{"file":139,"line":171,"context":154},117,[],[],{"summary":175,"deductions":176},"The 'top-songs' plugin v1.0.0 exhibits a mixed security posture.  While the static analysis indicates a lack of direct attack vectors like AJAX handlers, REST API routes, shortcodes, and cron events, and all SQL queries are prepared, significant concerns arise from the complete absence of output escaping. This means that any data rendered to the user interface could potentially be exploited through cross-site scripting (XSS) vulnerabilities, even without obvious input sanitization issues identified in the taint analysis.\n\nThe absence of nonce and capability checks across all identified entry points, combined with the lack of output escaping, suggests a fundamental oversight in implementing standard WordPress security practices. The single external HTTP request is a minor concern in isolation, but its lack of authentication or input validation context makes it impossible to fully assess. The vulnerability history is clean, which is positive, but it's important to note that this could be due to the plugin's limited exposure or a lack of past security audits rather than inherent robustness.\n\nOverall, the plugin has a low attack surface and good SQL hygiene, but the critical lack of output escaping and fundamental security checks like nonces and capability checks on potential future entry points represent a significant risk. The clean vulnerability history is a small positive, but it doesn't negate the readily identifiable flaws in the current code.",[177,179,182],{"reason":178,"points":65},"Unescaped output detected",{"reason":180,"points":181},"No capability checks on entry points",7,{"reason":183,"points":181},"No nonce checks on entry points","2026-03-17T01:45:29.546Z",{"wat":186,"direct":191},{"assetPaths":187,"generatorPatterns":188,"scriptPaths":189,"versionParams":190},[],[],[],[],{"cssClasses":192,"htmlComments":193,"htmlAttributes":194,"restEndpoints":195,"jsGlobals":196,"shortcodeOutput":197},[],[],[],[],[],[198,199,200,201,202,203,204,205,206,207,208],"\u003Cdiv style=\"width:100%;height:1%\">","\u003Cdiv style=\"width:30%;float:left;\">","\u003Cimg style=\"width:100%;height:100%;-moz-border-radius: 3px;border-radius: 3px;\"","\u003Cdiv style=\"padding:3px;width:66%;float:right;text-align:left\">","\u003Cul style=\"width:100%;margin:0px;list-style-type:none\">\u003Cli>\u003Cb>","\u003Ca target=\"_blank\" href=\"","\u003C\u002Fb>","\u003C\u002Fa>","\u003C\u002Fli>\u003C\u002Ful>","\u003C\u002Fdiv>","\u003Cdiv style=\"clear:both;padding-top:5px;\">\u003C\u002Fdiv>"]