[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9BSLAZGlooB0im8OwLgqgEv6nly-26uNhNb4ExNtdAs":3,"$fT5rTPv3aXaHdh62A5LjpZwIxoQDupwLMzItyVVkWz_I":249},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":145,"fingerprints":225},"tsu","Tsu","1.2.0","noplanman","https:\u002F\u002Fprofiles.wordpress.org\u002Fnoplanman\u002F","\u003Cp>NOTE: This plugin serves as a mini-plugin until Tsu releases an official public API.\u003C\u002Fp>\n\u003Cp>The Tsu plugin adds a widget to place a link to your Tsu profile in your sidebar. Your readers can then easily visit your Tsu profile and use it as your invitation to the network.\u003Cbr \u002F>\nYou can optionally add a name to be displayed and choose if a logo should be shown in different sizes.\u003C\u002Fp>\n\u003Cp>Translations:\u003Cbr \u002F>\n* English, German & Spanish (\u003Ca href=\"https:\u002F\u002Fwww.tsu.co\u002Fnoplanman\" rel=\"nofollow ugc\">Armando Lüscher\u003C\u002Fa>)\u003Cbr \u002F>\n* Dutch (\u003Ca href=\"http:\u002F\u002Ftsunl.nl\" rel=\"nofollow ugc\">Elza van Swieten\u003C\u002Fa>)\u003C\u002Fp>\n","Tsu widget to share your profile \u002F invitation with your readers.",10,2609,60,2,"2014-12-29T17:13:00.000Z","4.0.38","3.0.1","",[20,21,22,23,4],"invitation","invite","profile","share","https:\u002F\u002Fwww.tsu.co\u002Fnoplanman","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftsu.1.2.0.zip",85,0,null,"2026-04-06T09:54:40.288Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},5,140,30,84,"2026-04-06T16:12:19.099Z",[38,55,80,105,126],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":47,"num_ratings":14,"last_updated":48,"tested_up_to":16,"requires_at_least":49,"requires_php":18,"tags":50,"homepage":53,"download_link":54,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"tsu-popup","Tsu Popup","1.0","Md Nurullah","https:\u002F\u002Fprofiles.wordpress.org\u002Fnirob19\u002F","\u003Cp>Your visitors can easily visit your Tsu profile and use it as your invitation to the network. You can optionally add a name to be displayed and choose different logo image.\u003C\u002Fp>\n\u003Ch3>Features List : (100% Free)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fully Responsive Design\u003C\u002Fli>\n\u003Cli>Customizable Text\u003C\u002Fli>\n\u003Cli>Easy Settings & Customization\u003C\u002Fli>\n\u003Cli>Easy and user-friendly setup\u003C\u002Fli>\n\u003Cli>Logo Uploader\u003C\u002Fli>\n\u003Cli>Icon Uploader\u003C\u002Fli>\n\u003Cli>Turn On\u002FOff options\u003C\u002Fli>\n\u003Cli>Works with any WordPress Theme\u003C\u002Fli>\n\u003Cli>Works with any WordPress Version\u003C\u002Fli>\n\u003Cli>WordPress Multi-site Supported\u003C\u002Fli>\n\u003Cli>BuddyPress Supported\u003C\u002Fli>\n\u003Cli>Woo-Commerce Supported\u003C\u002Fli>\n\u003Cli>Full Free Plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","Add your own tsu ( Social Network ) popup in any website.",1782,100,"2015-01-26T12:06:00.000Z","2.0",[51,20,21,52,4],"follow","network","http:\u002F\u002Ftsu.co\u002Ftipstolearn","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftsu-popup.1.0.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":76,"download_link":77,"security_score":47,"vuln_count":78,"unpatched_count":27,"last_vuln_date":79,"fetched_at":29},"facebook-likebox-widget-and-shortcode","Profile Box Shortcode And Widget","1.2.3","A WP Life","https:\u002F\u002Fprofiles.wordpress.org\u002Fawordpresslife\u002F","\u003Ch4>Like Box Widget & Shortcode – Social Profile\u003C\u002Fh4>\n\u003Cp>A very easy and simple Facebook like box widget & shortcode plugin for wordPress websites\u002Fblogs.\u003C\u002Fp>\n\u003Cp>You can promote any page with like box. It is also responsive so you can use it on any page and post.\u003C\u002Fp>\n\u003Cp>You can attract visitor to your page with like box and divert your site traffic to your page.\u003C\u002Fp>\n\u003Cp>To activate like box widget on your website. Go to widgets area in admin dashboard, find the “Like box Widget” named widget and activate in any widget of theme.\u003C\u002Fp>\n\u003Cp>For pages and groups you can choose the user roles whose posts will be shared- page owner\u002F group admin, group member\u002Fpage fans or both. Hashtags and mentions included in posts will be preserved. The page plugin comes with a number of great features and functionality to allow you create anything from free simple feeds to custom feeds, including group events, like box, feed gallery and more to increase engagement of your fans.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Major features in Like Box plugin include:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Like box Widget\u003C\u002Fli>\n\u003Cli>Like box Shortcode\u003C\u002Fli>\n\u003Cli>Custom Application ID\u003C\u002Fli>\n\u003Cli>Custom Widget Title\u003C\u002Fli>\n\u003Cli>Widget Custom Width (Min Width: 180 – Max Width: 500)\u003C\u002Fli>\n\u003Cli>Widget Custom Height (Min Height: 70 )\u003C\u002Fli>\n\u003Cli>Full Width Widget\u003C\u002Fli>\n\u003Cli>Show Page Cover\u003C\u002Fli>\n\u003Cli>Show Page Header\u003C\u002Fli>\n\u003Cli>Small And Large Page Header\u003C\u002Fli>\n\u003Cli>Show Friends\u003C\u002Fli>\n\u003Cli>Show Page Post\u002FStream\u003C\u002Fli>\n\u003Cli>43 Language support for like box\u003C\u002Fli>\n\u003C\u002Ful>\n","A very easy and simple Facebook like box shortcode and widget plugin with mini profile, like Button, Share Button plugin For WordPress",2000,245158,78,8,"2025-12-03T09:03:00.000Z","6.9.4","7.0",[71,72,73,74,75],"facebook-likebox-widget","like-box","like-button","mini-profile-box","share-button","https:\u002F\u002Fawplife.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffacebook-likebox-widget-and-shortcode.1.2.3.zip",1,"2024-02-27 00:00:00",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":18,"tags":95,"homepage":100,"download_link":101,"security_score":102,"vuln_count":103,"unpatched_count":27,"last_vuln_date":104,"fetched_at":29},"invite-anyone","Invite Anyone","1.4.10","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>Invite Anyone has two components:\u003C\u002Fp>\n\u003Cp>1) The ability to invite members to the site by email. The plugin creates a tab on each member’s Profile page called “Send Invites”, which contains a form where users can invite outsiders to join the site. There is a field for a custom message. Also, inviters can optionally select any number of their groups, and when the invitee accepts the invitation he or she automatically receive invitations to join those groups.\u003C\u002Fp>\n\u003Cp>The email invitation part of the plugin is customizable by the BP administrator, via Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Cp>2) By default, BuddyPress only allows group admins to invite their friends to groups. In some communities, you might want members to be able to invite non-friends to groups as well. This plugin allows you to do so, by populating the invitation checklist with the entire membership of the site, rather than just a friend list.\u003C\u002Fp>\n\u003Cp>Because member lists can get very long and hard to navigate, this plugin adds a autosuggest search box to the Send Invites screen – the same one that appears on the Compose Message screen – which allows inviters to navigate directly to the members they want to invite.\u003C\u002Fp>\n\u003Cp>Invite Anyone features optional integration with CloudSponge http:\u002F\u002Fcloudsponge.com, a premium address book service, that allows your users to invite their friends to the site in a way that’s easy and fun. Enable it at Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Ch3>Translation credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Belarussian: Alexander Ovsov (\u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002Fscience\" rel=\"nofollow ugc\">Web Geek Science\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese: Celso Bessa\u003C\u002Fli>\n\u003Cli>Catalan: Mònica Grau and Toni Ginard\u003C\u002Fli>\n\u003Cli>Danish: Mort3n\u003C\u002Fli>\n\u003Cli>Dutch: Jesper Popma, Tim de Hoog\u003C\u002Fli>\n\u003Cli>French: Guillaume Coulon, Nicolas Mollet\u003C\u002Fli>\n\u003Cli>German: Lars Berning, Thorsten Wollenhöfer, Matthias Lunz\u003C\u002Fli>\n\u003Cli>Greek: Lena Stergatou\u003C\u002Fli>\n\u003Cli>Italian: Luca Camellini\u003C\u002Fli>\n\u003Cli>Norwegian: Stig Ulfsby\u003C\u002Fli>\n\u003Cli>Russian: Jettochkin, Roman Leonov\u003C\u002Fli>\n\u003Cli>Serbo-Croatian: Anja Skrba\u003C\u002Fli>\n\u003Cli>Spanish: Mauricio Camayo, Gregor Gimmy\u003C\u002Fli>\n\u003Cli>Swedish: Alexander Berthelsen, Jan Anderson\u003C\u002Fli>\n\u003Cli>Ukrainian: \u003Ca href=\"http:\u002F\u002Fwww.coupofy.com\u002F\" rel=\"nofollow ugc\">Ivanka\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additional details about the plugin can be found in the following languages:\u003Cbr \u002F>\n* Serbo-Croatian: \u003Ca href=\"http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\" rel=\"nofollow ugc\">http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\u003C\u002Fa>\u003C\u002Fp>\n","Makes BuddyPress's invitation features more powerful.",1000,262178,86,26,"2024-08-19T17:09:00.000Z","6.6.5","3.2",[96,97,98,99,21],"buddypress","friends","group","invitations","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Finvite-anyone\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvite-anyone.1.4.10.zip",83,6,"2024-08-16 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":115,"num_ratings":91,"last_updated":116,"tested_up_to":68,"requires_at_least":17,"requires_php":18,"tags":117,"homepage":122,"download_link":123,"security_score":124,"vuln_count":78,"unpatched_count":27,"last_vuln_date":125,"fetched_at":29},"wp-ecards-invites","WP eCards – Branded Digital Greeting Cards","1.4.12","Tim from eCardWidget","https:\u002F\u002Fprofiles.wordpress.org\u002Ftimsayshey\u002F","\u003Cp>Add a branded eCard form or eCard gallery directly to your WordPress site with just a few clicks. Visitors can browse your collection of digital greeting cards, personalize a message, and send it instantly via email or social media — no coding required.\u003C\u002Fp>\n\u003Cp>Perfect for organizations, nonprofits, churches, and businesses looking to engage their community, show appreciation, or run creative campaigns with custom-designed cards.\u003C\u002Fp>\n\u003Cp>This plugin is powered by \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002F\" rel=\"nofollow ugc\">eCardWidget\u003C\u002Fa> — the leading platform for customizable digital greeting card forms used by top brands and mission-driven organizations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Add Digital Greeting Cards?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Boost engagement. Encourage sharing. Celebrate people. Whether it’s for volunteer appreciation, donor thank-yous, team recognition, or holiday outreach — eCards help you connect in a meaningful way.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Popular Use Cases\u003C\u002Fstrong>\u003Cbr \u002F>\nExplore how businesses, nonprofits, and churches are using eCards to boost engagement and grow impact: \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fexamples\u002F\" rel=\"nofollow ugc\">See real examples\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 New: Built-in WooCommerce Integration!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily sell digital eCards as WooCommerce products and let customers send cards right after checkout. No extra plugin required—it’s all built-in! Perfect for organizations, nonprofits, churches, and businesses who want to offer eCards with full e-commerce power.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Embed branded eCard galleries or individual cards anywhere using a simple shortcode\u003C\u002Fli>\n\u003Cli>Fully customizable card designs, branding, and messaging\u003C\u002Fli>\n\u003Cli>Add your logo, links, and custom background\u003C\u002Fli>\n\u003Cli>Choose from a professional template library or upload your own artwork\u003C\u002Fli>\n\u003Cli>Track sent cards and export sender\u002Frecipient emails (CSV)\u003C\u002Fli>\n\u003Cli>Reliable email delivery with spam protection\u003C\u002Fli>\n\u003Cli>Emoji and animated GIF support\u003C\u002Fli>\n\u003Cli>Responsive design, mobile-friendly\u003C\u002Fli>\n\u003Cli>BCC all outgoing eCards for recordkeeping\u003C\u002Fli>\n\u003Cli>Change layouts, fonts, and colors to match your site\u003C\u002Fli>\n\u003Cli>Custom CSS support\u003C\u002Fli>\n\u003Cli>Send eCards to Facebook friends\u003C\u002Fli>\n\u003Cli>Built-in analytics to track card engagement\u003C\u002Fli>\n\u003Cli>Multilingual support (French, German, Dutch, Spanish, Hebrew, Polish, and more)\u003C\u002Fli>\n\u003Cli>And many more features!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Live Examples\u003C\u002Fh3>\n\u003Cp>See how others are using WP eCards:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Business \u002F Marketing\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fraising_canes.html\" rel=\"nofollow ugc\">Raising Cane’s\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fmanagrams.html\" rel=\"nofollow ugc\">Teremana Tequila\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Nonprofits & Fundraising\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fhabitforhumanity.html\" rel=\"nofollow ugc\">Habitat for Humanity\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fmdfoodbank.html\" rel=\"nofollow ugc\">Maryland Food Bank\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Churches\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fvineyardnorthphoenix.html\" rel=\"nofollow ugc\">Vineyard North Phoenix\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Employee Recognition\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fapp.ecardwidget.com\u002Fwidget\u002F5095\" rel=\"nofollow ugc\">Modivcare\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fcircalogica.html\" rel=\"nofollow ugc\">Circalogica\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>View more at \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fexamples\u002F\" rel=\"nofollow ugc\">ecardwidget.com\u002Fexamples\u003C\u002Fa>\u003C\u002Fp>\n","Add interactive digital greeting cards to your WordPress site — fully branded, customizable, and shareable by visitors through email or social media.",300,12017,88,"2025-12-06T14:57:00.000Z",[118,119,99,120,121],"ecards","evites","invites","recognition","http:\u002F\u002Fecardwidget.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-ecards-invites.zip",99,"2024-12-03 00:00:00",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":34,"downloaded":134,"rating":135,"num_ratings":103,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":18,"tags":139,"homepage":143,"download_link":144,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"invitations-for-slack","Invitations for Slack","1.0.2","rheinardkorf","https:\u002F\u002Fprofiles.wordpress.org\u002Frheinardkorf\u002F","\u003Cp>Invitations for Slack lets you use convenient shortcodes to show “Join us on Slack.” buttons or Slack badges. Just add\u003Cbr \u002F>\nyour Slack token and use the shortcodes wherever you want your visitors to be able to invite themselves from.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy to use:\n\u003Cul>\n\u003Cli>Visit \u003Ca href=\"https:\u002F\u002Fapi.slack.com\u002Fweb\" rel=\"nofollow ugc\">https:\u002F\u002Fapi.slack.com\u002Fweb\u003C\u002Fa> to generate your Slack token.\u003C\u002Fli>\n\u003Cli>Add the token to the plugin settings.\u003C\u002Fli>\n\u003Cli>Use the [invitations_for_slack] or [invitations_for_slack_badge] shortcodes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Invitations are performed using the WP REST API which in turn communicates with the Slack API. No page reloads.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>A Slack team and the team’s access token.\u003C\u002Fli>\n\u003Cli>A self-hosted WordPress website (Not a WordPress.com website.)\u003C\u002Fli>\n\u003C\u002Ful>\n","Build a Slack community by allowing your visitors (or registered users) to invite themselves to your Slack team.",5761,76,"2016-01-29T01:14:00.000Z","4.4.34","4.4",[140,99,120,141,142],"community","join","slack","http:\u002F\u002Frheinard.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvitations-for-slack.zip",{"attackSurface":146,"codeSignals":176,"taintFlows":214,"riskAssessment":215,"analyzedAt":224},{"hooks":147,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":27,"unprotectedCount":27},[148,154,159,164,168],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","admin_notices","disabled_notice","inc\\class-tsu-version-check.php",80,{"type":149,"name":155,"callback":156,"file":157,"line":158},"wp_head","add_inline_css","inc\\class-tsu-widget.php",48,{"type":149,"name":160,"callback":161,"file":162,"line":163},"admin_init","check_version","tsu.php",39,{"type":149,"name":165,"callback":166,"file":162,"line":167},"widgets_init","register",109,{"type":149,"name":169,"callback":170,"file":162,"line":171},"plugins_loaded","setup",149,[],[],[],[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":180,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":213},[],{"prepared":27,"raw":27,"locations":179},[],{"escaped":78,"rawEcho":181,"locations":182},19,[183,186,188,190,192,193,194,196,197,198,200,201,202,204,205,207,208,210,211],{"file":157,"line":184,"context":185},77,"raw output",{"file":157,"line":187,"context":185},81,{"file":157,"line":189,"context":185},92,{"file":157,"line":191,"context":185},145,{"file":157,"line":191,"context":185},{"file":157,"line":191,"context":185},{"file":157,"line":195,"context":185},146,{"file":157,"line":195,"context":185},{"file":157,"line":195,"context":185},{"file":157,"line":199,"context":185},147,{"file":157,"line":199,"context":185},{"file":157,"line":199,"context":185},{"file":157,"line":203,"context":185},148,{"file":157,"line":203,"context":185},{"file":157,"line":206,"context":185},150,{"file":157,"line":206,"context":185},{"file":157,"line":209,"context":185},152,{"file":157,"line":209,"context":185},{"file":157,"line":212,"context":185},186,[],[],{"summary":216,"deductions":217},"The \"tsu\" plugin version 1.2.0 demonstrates a generally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant positive. Furthermore, the plugin shows good practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and not making external HTTP requests or using bundled libraries. The lack of any recorded vulnerabilities or CVEs in its history also suggests a well-maintained and secure codebase.\n\nHowever, a notable area of concern is the output escaping. With 20 total outputs, only 5% are properly escaped. This indicates a significant risk of Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled with sufficient sanitization before being displayed to users. While taint analysis did not reveal any specific unsanitized paths, the low rate of output escaping is a clear weakness that requires immediate attention. The complete lack of nonce checks and capability checks across all potential (though currently zero) entry points also presents a future risk should new entry points be introduced without proper security measures.",[218,220,222],{"reason":219,"points":66},"Low output escaping rate",{"reason":221,"points":32},"No nonce checks implemented",{"reason":223,"points":32},"No capability checks implemented","2026-03-17T01:28:41.545Z",{"wat":226,"direct":237},{"assetPaths":227,"generatorPatterns":234,"scriptPaths":235,"versionParams":236},[228,229,230,231,232,233],"\u002Fwp-content\u002Fplugins\u002Ftsu\u002Fimages\u002Ftsu-logo-16x16.png","\u002Fwp-content\u002Fplugins\u002Ftsu\u002Fimages\u002Ftsu-logo-32x32.png","\u002Fwp-content\u002Fplugins\u002Ftsu\u002Fimages\u002Ftsu-logo-48x48.png","\u002Fwp-content\u002Fplugins\u002Ftsu\u002Fimages\u002Ftsu-logo-64x64.png","\u002Fwp-content\u002Fplugins\u002Ftsu\u002Fimages\u002Ftsu-logo-96x96.png","\u002Fwp-content\u002Fplugins\u002Ftsu\u002Fimages\u002Ftsu-logo-128x128.png",[],[],[],{"cssClasses":238,"htmlComments":240,"htmlAttributes":241,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[239],"widget-tsu",[],[242,243,244,245],"data-tsu-user-id","data-tsu-name","data-tsu-show-logo","data-tsu-logo-size",[],[],[],{"slug":4,"current_version":6,"total_versions":250,"versions":251},4,[252,259,266,272],{"version":6,"download_url":25,"svn_tag_url":253,"released_at":28,"has_diff":254,"diff_files_changed":255,"diff_lines":28,"trac_diff_url":256,"vulnerabilities":257,"is_current":258},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftsu\u002Ftags\u002F1.2.0\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftsu%2Ftags%2F1.1.0&new_path=%2Ftsu%2Ftags%2F1.2.0",[],true,{"version":260,"download_url":261,"svn_tag_url":262,"released_at":28,"has_diff":254,"diff_files_changed":263,"diff_lines":28,"trac_diff_url":264,"vulnerabilities":265,"is_current":254},"1.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftsu.1.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftsu\u002Ftags\u002F1.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftsu%2Ftags%2F1.0.2&new_path=%2Ftsu%2Ftags%2F1.1.0",[],{"version":129,"download_url":267,"svn_tag_url":268,"released_at":28,"has_diff":254,"diff_files_changed":269,"diff_lines":28,"trac_diff_url":270,"vulnerabilities":271,"is_current":254},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftsu.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftsu\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftsu%2Ftags%2F1.0.1&new_path=%2Ftsu%2Ftags%2F1.0.2",[],{"version":273,"download_url":274,"svn_tag_url":275,"released_at":28,"has_diff":254,"diff_files_changed":276,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":277,"is_current":254},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftsu.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftsu\u002Ftags\u002F1.0.1\u002F",[],[]]