[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHhUEmwCPy4rdNxNsUBNhzMdqx0b4r8zUCp_JpdeSOXY":3,"$flriaLRlRIbt81Bvl966LtqbrtKdxCIdcvLm1RU0QZ_Y":299,"$f-qcCeTTmSEW4Go0CXsJYZIEC4sSNF8D10JcyChgjLTQ":303},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":36,"analysis":127,"fingerprints":241},"travel-game","Travel Game – Vacation Widget","1.1","idealesc","https:\u002F\u002Fprofiles.wordpress.org\u002Fidealesc\u002F","\u003Cp>This game is developed by Ideal-Escapes.com Team. We have developed this holiday game in order to help travel passionate get amazing, new and sometimes crazy ideas regarding their travel agenda, impress their partners and surprise them with the ideal plan.\u003Cbr \u002F>\nDiscover new places, evolve your travel knowledge, have fun with your friends while trying to hit hot travel destinations.\u003Cbr \u002F>\nGame is ideal for online fun, kids games, travel education, interesting afternoons, vacation tips.\u003C\u002Fp>\n\u003Cp>Our travel guide Ideal-Escapes.com is the source of this game and your holiday inspiration.\u003Cbr \u002F>\nYou can always study more those winning or losing destinations on our travel guide to prepare the ideal escape.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ideal Escapes Travel Game Rules\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The rules of the game are simple. You will win by hitting destinations with the hottest average temperature.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ex:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you hit Prague with the average temperature 9 and opponent hits Havana with 23 you will lose.\u003C\u002Fp>\n\u003Cp>If you hit Zanzibar with average temperature 27 and opponent hits Monte Carlo with 15 you will win.\u003C\u002Fp>\n\u003Cp>In case players hit the same average temperature, then it’s a draw and they need to hit again.\u003C\u002Fp>\n\u003Ch3>Display the game in your WordPress website using short codes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Normal Size (width:700px; height:500px)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>[card_game_normal]\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Small Size (width:350px; height:280px)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>[card_game_small]\u003C\u002Fp>\n\u003Cp>Currently: 42 available hit destinations, We will add more destinations soon!\u003C\u002Fp>\n","Try to hit the hottest destination and plan vacation early with a recreational travel game. Display the game in your website in seconds with a simple &hellip;",10,2907,0,"2016-01-03T09:11:00.000Z","4.4.34","3.5","",[19,20,21,22,23],"entertainment","funny","game","travel","vacation","https:\u002F\u002Fideal-escapes.com\u002Ftravel-game-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftravel-game.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,84,"2026-05-20T04:48:36.182Z",[37,55,71,91,108],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":52,"download_link":53,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":54},"funny-fruits","Funny fruits","1.0","oleksandr87","https:\u002F\u002Fprofiles.wordpress.org\u002Foleksandr87\u002F","\u003Cp>This is a simple game where you have 90 seconds to score as many points as possible. Simply enter the [funnyfruits] shortcode in a post or page.\u003C\u002Fp>\n","This is a simple game where you have 90 seconds to score as many points as possible.",20,1952,"2017-03-20T20:34:00.000Z","4.7.32","4.7",[51,20,21],"food","http:\u002F\u002Foleksandrustymenko.com\u002Ffunnyfruits","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffunny-fruits.zip","2026-03-15T15:16:48.613Z",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":45,"downloaded":63,"rating":13,"num_ratings":13,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":17,"tags":67,"homepage":69,"download_link":70,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"sudoku-game","Sudoku – The Game","1.0.9","orcas2016","https:\u002F\u002Fprofiles.wordpress.org\u002Forcas2016\u002F","\u003Cp>If you want to learn to play sudoku, you may want to visit https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FSudoku.\u003C\u002Fp>\n","Let your website visitors play the famous sudoku game.",7972,"2017-01-02T12:36:00.000Z","4.7.33","4.6",[19,21,68],"sudoku","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsudoku-game\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsudoku-game.zip",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":11,"downloaded":79,"rating":13,"num_ratings":13,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":83,"tags":84,"homepage":88,"download_link":89,"security_score":90,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"amglabs-minesweeper-game","AMG Labs Minesweeper Game","1.0.0","amglabs","https:\u002F\u002Fprofiles.wordpress.org\u002Famglabs\u002F","\u003Cp>AMG Labs Minesweeper Game brings the classic Windows Minesweeper experience to your WordPress website. This plugin faithfully recreates the beloved puzzle game with all its original features and gameplay mechanics.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Classic Gameplay\u003C\u002Fstrong>: Authentic Minesweeper experience matching the original Windows version\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Three Difficulty Levels\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Beginner: 9×9 grid with 10 mines\u003C\u002Fli>\n\u003Cli>Intermediate: 16×16 grid with 40 mines\u003C\u002Fli>\n\u003Cli>Expert: 30×16 grid with 99 mines\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Original Controls\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Left-click to reveal cells\u003C\u002Fli>\n\u003Cli>Right-click to toggle flag\u002Fquestion mark\u003C\u002Fli>\n\u003Cli>Automatic recursive opening of empty cells\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Game Features\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Real-time mine counter\u003C\u002Fli>\n\u003Cli>Timer tracking your progress\u003C\u002Fli>\n\u003Cli>Restart button with expressive face indicator\u003C\u002Fli>\n\u003Cli>Victory and game over detection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessibility\u003C\u002Fstrong>: Full keyboard navigation support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Internationalization\u003C\u002Fstrong>: Available in English, Portuguese (Brazil), and Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Simply add the shortcode to any post or page:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[minesweeper]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also specify the initial difficulty:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[minesweeper difficulty=\"intermediate\"]\n[minesweeper difficulty=\"expert\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Keyboard Controls\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Arrow keys\u003C\u002Fstrong>: Navigate between cells\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enter\u002FSpace\u003C\u002Fstrong>: Reveal cell\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shift + Enter\u002FSpace\u003C\u002Fstrong>: Toggle flag\u003C\u002Fli>\n\u003Cli>\u003Cstrong>F key\u003C\u002Fstrong>: Toggle flag\u003C\u002Fli>\n\u003C\u002Ful>\n","A classic Windows-style Minesweeper game for WordPress. Relive the nostalgia of the iconic puzzle game directly on your website.",208,"2026-02-07T10:50:00.000Z","6.9.4","5.0","7.4",[85,19,21,86,87],"classic-game","minesweeper","puzzle","https:\u002F\u002Famglabs.com\u002Fplugins\u002Fminesweeper","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Famglabs-minesweeper-game.1.0.0.zip",100,{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":11,"downloaded":99,"rating":90,"num_ratings":32,"last_updated":100,"tested_up_to":81,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":106,"download_link":107,"security_score":90,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ev-crosswords","EV Crosswords","2.0.7","Entreveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fentreveloper\u002F","\u003Cp>This plugin requires the WordPress Block Editor (Gutenberg) to embed crosswords on a page. It also requires the EntGenAI companion plugin.\u003Cbr \u002F>\nThe admin interface provides a way to use AI to generate lists of words and hints for your crosswords.\u003Cbr \u002F>\nIt also provides a way to use the Entreveloper crossword generation tool to automatically create a crossword from your word list.\u003C\u002Fp>\n\u003Cp>All the above functionality is optional. You can also create a crossword manually within the plugin by typing your word list, or by adding words to a crossword one by one.\u003C\u002Fp>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>Development happens in Github:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FTheEntreveloper\u002Fev-crosswords\" title=\"GitHub Repository\" rel=\"nofollow ugc\">EV-Crosswords\u003C\u002Fa>\u003C\u002Fp>\n","Easily add crosswords to your Wordpress website, with or without AI help.",1848,"2026-04-12T16:04:00.000Z","6.7","8.1",[104,19,105],"crosswords","word-games","https:\u002F\u002Fentreveloper.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fev-crosswords.2.0.7.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":11,"downloaded":116,"rating":90,"num_ratings":32,"last_updated":117,"tested_up_to":118,"requires_at_least":49,"requires_php":119,"tags":120,"homepage":125,"download_link":126,"security_score":90,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tim-travel-information-manager","TIM: Travel Information Manager","1.5.7","willyrios","https:\u002F\u002Fprofiles.wordpress.org\u002Fwillyrios\u002F","\u003Cp>TIM is a Cloud-based Web application, which allows managing the full operation of travel agencies, tour operators, hotels and transport companies in the tourism sector.\u003C\u002Fp>\n\u003Cp>This plugin connects you wordpress site with your TIM account.\u003C\u002Fp>\n\u003Cp>Major features in Tim Travel Manager include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Travel itineraries\u003C\u002Fli>\n\u003Cli>Online bookings\u003C\u002Fli>\n\u003Cli>Ease configuration and customization\u003C\u002Fli>\n\u003Cli>SEO ready\u003C\u002Fli>\n\u003Cli>Online availability\u003C\u002Fli>\n\u003Cli>Shopping cart funcionality\u003C\u002Fli>\n\u003Cli>Full integration with payment systems, including Paypal, BAC, Banco de Costa Rica an others\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need help?\u003C\u002Fh4>\n\u003Cp>Give us a call: +1 (646) 205-0826\u003Cbr \u002F>\nOr contact us at https:\u002F\u002Ftimtravel.app\u003C\u002Fp>\n","TIM is a Cloud-based Web application, which allows managing the full operation of travel agencies.",1727,"2025-09-17T15:53:00.000Z","5.4.19","5.6",[121,122,123,22,124],"hotels","tours","transportation","vacation-packages","http:\u002F\u002Ftimtravel.app\u002Fplugins\u002Ftim-travel-information-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftim-travel-information-manager.zip",{"attackSurface":128,"codeSignals":194,"taintFlows":224,"riskAssessment":225,"analyzedAt":240},{"hooks":129,"ajaxHandlers":161,"restRoutes":183,"shortcodes":184,"cronEvents":191,"entryPointCount":192,"unprotectedCount":193},[130,136,140,143,147,151,156],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","wp_enqueue_scripts","wscg_front_enqueue_scripts","classes\\wscg-main.php",65,{"type":131,"name":137,"callback":138,"file":134,"line":139},"admin_enqueue_scripts","wscg_enqueue_scripts",66,{"type":131,"name":141,"callback":141,"file":134,"line":142},"admin_init",67,{"type":131,"name":144,"callback":145,"file":134,"line":146},"admin_menu","wscg_plugin_menu",68,{"type":131,"name":148,"callback":149,"file":134,"line":150},"admin_notices","show_admin_notice",69,{"type":131,"name":152,"callback":153,"file":154,"line":155},"widgets_init","wscg_load_widget","classes\\wscg-widget.php",52,{"type":131,"name":157,"callback":158,"file":159,"line":160},"widget_init","wscg_game_widget_init","travel-game.php",26,[162,166,169,172,174,177,180],{"action":163,"nopriv":164,"callback":163,"hasNonce":164,"hasCapCheck":164,"file":134,"line":165},"wscg_get_card_random",false,76,{"action":163,"nopriv":167,"callback":163,"hasNonce":164,"hasCapCheck":164,"file":134,"line":168},true,77,{"action":170,"nopriv":164,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":134,"line":171},"wscg_get_card_random_small",78,{"action":170,"nopriv":167,"callback":170,"hasNonce":164,"hasCapCheck":164,"file":134,"line":173},79,{"action":175,"nopriv":164,"callback":175,"hasNonce":164,"hasCapCheck":164,"file":134,"line":176},"wscg_set_support_time",80,{"action":178,"nopriv":164,"callback":178,"hasNonce":164,"hasCapCheck":164,"file":134,"line":179},"wscg_set_support_link",81,{"action":181,"nopriv":164,"callback":181,"hasNonce":164,"hasCapCheck":164,"file":134,"line":182},"wscg_set_support_link_check",82,[],[185,188],{"tag":186,"callback":186,"file":134,"line":187},"card_game_normal",48,{"tag":189,"callback":189,"file":134,"line":190},"card_game_small",49,[],9,7,{"dangerousFunctions":195,"sqlUsage":196,"outputEscaping":198,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":223},[],{"prepared":13,"raw":13,"locations":197},[],{"escaped":199,"rawEcho":200,"locations":201},2,11,[202,205,207,209,211,213,215,216,218,220,221],{"file":134,"line":203,"context":204},135,"raw output",{"file":134,"line":206,"context":204},154,{"file":134,"line":208,"context":204},177,{"file":134,"line":210,"context":204},201,{"file":154,"line":212,"context":204},14,{"file":154,"line":214,"context":204},16,{"file":154,"line":45,"context":204},{"file":154,"line":217,"context":204},34,{"file":154,"line":219,"context":204},35,{"file":154,"line":219,"context":204},{"file":222,"line":199,"context":204},"settings.php",[],[],{"summary":226,"deductions":227},"The \"travel-game\" v1.1 plugin exhibits significant security concerns despite a clean vulnerability history. The static analysis reveals a substantial attack surface, with 7 out of 9 entry points lacking authentication checks. This means any unauthenticated user could potentially interact with these endpoints, posing a serious risk.  Furthermore, only 15% of the observed output operations are properly escaped, indicating a high probability of Cross-Site Scripting (XSS) vulnerabilities. The complete absence of nonce checks on AJAX handlers is a critical oversight, making these endpoints susceptible to Cross-Site Request Forgery (CSRF) attacks.\n\nWhile the plugin demonstrates good practices by not using dangerous functions, performing no file operations, making no external HTTP requests, and utilizing prepared statements for its SQL queries (although no SQL queries were detected), these strengths are overshadowed by the critical weaknesses in authentication and output sanitization. The lack of any recorded vulnerabilities in its history is positive but should not be a sole indicator of current security, especially given the identified code signals. The absence of taint analysis results is noted, but the direct code signals are sufficient to raise alarms.\n\nIn conclusion, \"travel-game\" v1.1 has a concerning security posture primarily due to its numerous unprotected entry points and inadequate output escaping. The lack of explicit capability checks and nonce validations on AJAX handlers further exacerbates these risks. While the absence of past vulnerabilities is a plus, the current code analysis points to significant potential for exploitation. Remediation should prioritize securing all entry points and implementing robust output sanitization.",[228,230,232,235,237],{"reason":229,"points":11},"AJAX handlers without auth checks",{"reason":231,"points":11},"AJAX handlers without nonce checks",{"reason":233,"points":234},"Low percentage of properly escaped output",8,{"reason":236,"points":193},"Entry points without authorization checks",{"reason":238,"points":239},"Entry points without capability checks",5,"2026-03-17T01:38:52.312Z",{"wat":242,"direct":257},{"assetPaths":243,"generatorPatterns":248,"scriptPaths":249,"versionParams":252},[244,245,246,247],"\u002Fwp-content\u002Fplugins\u002Ftravel-game\u002Fcss\u002Fwscg-user.css","\u002Fwp-content\u002Fplugins\u002Ftravel-game\u002Fjs\u002Fwscg-user.js","\u002Fwp-content\u002Fplugins\u002Ftravel-game\u002Fjs\u002Fwscg_admin.js","\u002Fwp-content\u002Fplugins\u002Ftravel-game\u002Fcss\u002Fwscg_admin.css",[],[250,251],"wp-content\u002Fplugins\u002Ftravel-game\u002Fjs\u002Fwscg-user.js","wp-content\u002Fplugins\u002Ftravel-game\u002Fjs\u002Fwscg_admin.js",[253,254,255,256],"travel-game\u002Fcss\u002Fwscg-user.css?ver=","travel-game\u002Fjs\u002Fwscg-user.js?ver=","travel-game\u002Fjs\u002Fwscg_admin.js?ver=","travel-game\u002Fcss\u002Fwscg_admin.css?ver=",{"cssClasses":258,"htmlComments":271,"htmlAttributes":272,"restEndpoints":287,"jsGlobals":293,"shortcodeOutput":296},[259,260,261,262,263,264,265,266,267,268,269,270],"card_game_panel","wscg_player_panel","wscg_dealer_panel","wscg_control_panel","wscg_result_message","wscg_control_button","wscg_player_panel_small","wscg_dealer_panel_small","wscg_control_panel_small","wscg_result_message_small","wscg_control_button_small","card_game_panel_small",[],[273,274,275,276,277,278,279,280,281,282,283,284,285,286],"id=\"wscg_player_link\"","id=\"wscg_player_image\"","id=\"wscg_dealer_link\"","id=\"wscg_dealer_image\"","id=\"wscg_result_message\"","id=\"wscg_start_game\"","id=\"wscg_start_image\"","id=\"wscg_player_link_small\"","id=\"wscg_player_image_small\"","id=\"wscg_dealer_link_small\"","id=\"wscg_dealer_image_small\"","id=\"wscg_result_message_small\"","id=\"wscg_start_game_small\"","id=\"wscg_start_image_small\"",[288,289,290,291,292],"\u002Fwp-json\u002Fwp\u002Fv2\u002Fwscg_get_card_random","\u002Fwp-json\u002Fwp\u002Fv2\u002Fwscg_get_card_random_small","\u002Fwp-json\u002Fwp\u002Fv2\u002Fwscg_set_support_time","\u002Fwp-json\u002Fwp\u002Fv2\u002Fwscg_set_support_link","\u002Fwp-json\u002Fwp\u002Fv2\u002Fwscg_set_support_link_check",[294,295],"ajax_object","message_object",[297,298],"\u003Cdiv class=\"card_game_panel\"","\u003Cdiv class=\"card_game_panel_small\"",{"error":167,"url":300,"statusCode":301,"statusMessage":302,"message":302},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ftravel-game\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":304},[]]