[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0qXkqDjs_EFAbhlhri_8U17eHfaZ1vfyylv1zYCtl20":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":36,"fingerprints":67},"tsp-on-this-day","LAPDI On This Day","1.0.8","Sharron Denice","https:\u002F\u002Fprofiles.wordpress.org\u002Fsharrondenice\u002F","\u003Cp>On This Day allows you to view blog posts with the same month and day in history on your blog’s website (similar to Facebook’s new “On This Day” App) via widget or on pages and posts using shortcodes. On This Day has five (5) layouts and can include thumbnails, post gallery and quotes.\u003C\u002Fp>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cp>Add \u003Ccode>On This Day\u003C\u002Fcode> to posts and pages by using a shortcode inside your text or evaluated from within your theme. You may override page\u002Fpost \u003Ccode>On This Day\u003C\u002Fcode> options with shortcode attributes defined on the plugin’s settings page.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[tsp-on-this-day]\u003C\u002Fcode> – Will display posts with the default options defined in the plugin’s settings page.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[tsp-on-this-day title=\"Title of Posts\" keep_formatting=\"N\" style=\"color: red;\" max_words=10 show_quotes=\"N\" show_thumb=\"Y\" show_event_data=\"N\" show_author=\"Y\" show_date\"N\" display_type=\"0\" show_private=\"N\" show_text_posts=\"N\" number_posts=\"5\" excerpt_max=100 excerpt_min=60 post_class=\"\" fpost_type=\"post\" slider_width=\"865\" slider_height=\"365 layout=\"0\" order_by=\"DESC\" thumb_width=\"80\" thumb_height=\"80\" read_more_text=\"more...\" no_posts_msg=\"No Posts Found\" before_title=\"\" after_title=\"\"]\u003C\u002Fcode> – Will override all attributes defined on the plugin’s settings page.\u003C\u002Fli>\n\u003C\u002Ful>\n","On This Day allows you to view blog posts with the same month and day in history on your blog (similar to Facebook's \"On This Day\" app).",10,2034,100,1,"2021-02-08T22:57:00.000Z","5.6.17","3.5.1","",[20],"on-this-day-display-gallery-slider-jquery-moving-boxes-the-software-people","https:\u002F\u002Fletaprodoit.com\u002Fapps\u002Fplugins\u002Fwordpress\u002Fon-this-day-for-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftsp-on-this-day.1.0.8.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":23,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"sharrondenice",7,220,30,84,"2026-04-04T15:40:19.258Z",[],{"attackSurface":37,"codeSignals":49,"taintFlows":60,"riskAssessment":61,"analyzedAt":66},{"hooks":38,"ajaxHandlers":45,"restRoutes":46,"shortcodes":47,"cronEvents":48,"entryPointCount":24,"unprotectedCount":24},[39],{"type":40,"name":41,"callback":42,"file":43,"line":44},"action","widgets_init","closure","tsp-on-this-day.php",82,[],[],[],[],{"dangerousFunctions":50,"sqlUsage":51,"outputEscaping":53,"fileOperations":24,"externalRequests":24,"nonceChecks":14,"capabilityChecks":24,"bundledLibraries":59},[],{"prepared":24,"raw":24,"locations":52},[],{"escaped":24,"rawEcho":14,"locations":54},[55],{"file":56,"line":57,"context":58},"TSP_Easy_Dev.extend.php",428,"raw output",[],[],{"summary":62,"deductions":63},"The \"tsp-on-this-day\" plugin v1.0.8 exhibits a generally strong security posture based on the provided static analysis.  The absence of any identified dangerous functions, SQL queries (even prepared ones), file operations, or external HTTP requests is commendable. Furthermore, the lack of recorded vulnerabilities or CVEs in its history suggests a history of responsible development and maintenance.  The presence of a nonce check and the complete absence of exploitable taint flows are also positive indicators.\n\nHowever, the analysis reveals a significant concern regarding output escaping. With one output identified and 0% properly escaped, this indicates a potential for Cross-Site Scripting (XSS) vulnerabilities. If user-controlled data is displayed without proper sanitization, an attacker could inject malicious scripts. While the attack surface is currently zero and there are no identified capability checks missing, this single unescaped output represents a tangible risk that needs immediate attention. The plugin's historical lack of vulnerabilities might be misleading if this output escaping issue has been present and undetected or unaddressed.  Therefore, while the plugin has many strengths, the unescaped output is a critical weakness that elevates its risk profile.",[64],{"reason":65,"points":30},"Output escaping is 0% proper","2026-03-17T00:26:17.668Z",{"wat":68,"direct":87},{"assetPaths":69,"generatorPatterns":77,"scriptPaths":78,"versionParams":79},[70,71,72,73,74,75,76],"\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fcss\u002Fmovingboxes.css","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fcss\u002Fmovingboxes-ie.css","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Ftsp-on-this-day.ie.css","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Ftsp-on-this-day.css","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fjs\u002Fjquery.movingboxes.js","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fjs\u002Fslider-scripts.js","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fjs\u002Fscripts.js",[],[74,75,76],[80,81,82,83,84,85,86],"\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fcss\u002Fmovingboxes.css?ver=","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fcss\u002Fmovingboxes-ie.css?ver=","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Ftsp-on-this-day.ie.css?ver=","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Ftsp-on-this-day.css?ver=","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fjs\u002Fjquery.movingboxes.js?ver=","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fjs\u002Fslider-scripts.js?ver=","\u002Fwp-content\u002Fplugins\u002Ftsp-on-this-day\u002Fassets\u002Fjs\u002Fscripts.js?ver=",{"cssClasses":88,"htmlComments":90,"htmlAttributes":92,"restEndpoints":104,"jsGlobals":105,"shortcodeOutput":106},[89],"tsp-on-this-day-widget",[91],"\u003C!-- LAPDI On This Day Widget -->",[93,94,95,96,97,98,99,100,101,102,103],"data-max-words","data-show-author","data-show-event-data","data-show-private","data-read-more-text","data-no-posts-msg","data-show-date","data-display-type","data-show-excerpt","data-excerpt-length","data-excerpt-more",[],[],[107],"[tsp-on-this-day]"]