[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foAXyKJaypX_x1Ozv_MvxNisUB2QixbZpqGEEhnQtbKs":3,"$fGY3iCR9pzlWpoHxsjEdxWeUlG05YJSAU9KECcmJ1isI":361},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":74,"crawl_stats":33,"alternatives":80,"analysis":198,"fingerprints":339},"viewmedica","ViewMedica 9","1.4.21","Swarm Interactive","https:\u002F\u002Fprofiles.wordpress.org\u002Fswarminteractive\u002F","\u003Cp>This plugin is to help embed the ViewMedica&reg; Patient Education system on your WordPress site. It will help prevent WYSIWYG editors from stripping out script and HTML code that is required by your ViewMedica embed. You can also generate a full patient education section on your site in seconds!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Instantly Embed ViewMedica\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The ViewMedica plugin for WordPress adds a button to the WYSIWG editor which allows you to instantly embed any video in your account. Simply click the button, select your video and press Embed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Create a page with links to your ViewMedica content\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Use the plugin’s Page Generator to instantly make a Web page that features all of your ViewMedica videos. You can choose to show your video links in list form, or with a thumbnail image and description.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Change ViewMedica player settings globally\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Global Options settings change the behavior of ViewMedica across your entire site. Set things like your player width, default language and other features.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Change player settings for a single embed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Inline Options settings give you control of individual ViewMedica embeds on your site. For example, you may want to disable menu access on a page so your users only see one specific video. Checkout the Shortcode Generator to see the options available, or head to a post and use our inline tool.\u003C\u002Fp>\n\u003Ch3>Download\u003C\u002Fh3>\n\u003Cp>Download the latest release of the plugin at https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fviewmedica\u002F\u003C\u002Fp>\n","ViewMedica 9 for WordPress Instantly embed your ViewMedica On-Demand in to your website",200,12471,0,"2025-02-24T16:08:00.000Z","6.1.10","3.0.0","5.2.4",[19,20,4],"medical","videos","http:\u002F\u002Fviewmedica.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.21.zip",90,3,"2025-01-14 16:50:48","2026-04-16T10:56:18.058Z",[28,46,62],{"id":29,"url_slug":30,"title":31,"description":32,"plugin_slug":4,"theme_slug":33,"affected_versions":34,"patched_in_version":35,"severity":36,"cvss_score":37,"cvss_vector":38,"vuln_type":39,"published_date":25,"updated_date":40,"references":41,"days_to_patch":43,"patch_diff_files":44,"patch_trac_url":33,"research_status":33,"research_verified":45,"research_rounds_completed":13,"research_plan":33,"research_summary":33,"research_vulnerable_code":33,"research_fix_diff":33,"research_exploit_outline":33,"research_model_used":33,"research_started_at":33,"research_completed_at":33,"research_error":33,"poc_status":33,"poc_video_id":33,"poc_summary":33,"poc_steps":33,"poc_tested_at":33,"poc_wp_version":33,"poc_php_version":33,"poc_playwright_script":33,"poc_exploit_code":33,"poc_has_trace":45,"poc_model_used":33,"poc_verification_depth":33},"CVE-2024-13394","viewmedica-9-authenticated-contributor-stored-cross-site-scripting","ViewMedica 9 \u003C= 1.4.18 - Authenticated (Contributor+) Stored Cross-Site Scripting","The ViewMedica 9 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'viewmedica' shortcode in all versions up to, and including, 1.4.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.4.18","1.4.19","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-11-05 19:05:56",[42],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb32c1b63-564c-4c38-a149-d5adabda8a8b?source=api-prod",295,[],false,{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":33,"affected_versions":51,"patched_in_version":52,"severity":36,"cvss_score":53,"cvss_vector":54,"vuln_type":55,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60,"patch_diff_files":61,"patch_trac_url":33,"research_status":33,"research_verified":45,"research_rounds_completed":13,"research_plan":33,"research_summary":33,"research_vulnerable_code":33,"research_fix_diff":33,"research_exploit_outline":33,"research_model_used":33,"research_started_at":33,"research_completed_at":33,"research_error":33,"poc_status":33,"poc_video_id":33,"poc_summary":33,"poc_steps":33,"poc_tested_at":33,"poc_wp_version":33,"poc_php_version":33,"poc_playwright_script":33,"poc_exploit_code":33,"poc_has_trace":45,"poc_model_used":33,"poc_verification_depth":33},"CVE-2024-12170","viewmedica-embed-cross-site-request-forgery-to-sql-injection","ViewMedica Embed \u003C= 1.4.15 - Cross-Site Request Forgery to SQL Injection","The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=1.4.17","1.4.18",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:L","Cross-Site Request Forgery (CSRF)","2025-01-06 15:39:41","2025-11-05 19:04:20",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F58209530-9e68-4d2c-a723-e6a164db7f46?source=api-prod",303,[],{"id":63,"url_slug":64,"title":65,"description":66,"plugin_slug":4,"theme_slug":33,"affected_versions":51,"patched_in_version":52,"severity":36,"cvss_score":67,"cvss_vector":68,"vuln_type":55,"published_date":69,"updated_date":70,"references":71,"days_to_patch":60,"patch_diff_files":73,"patch_trac_url":33,"research_status":33,"research_verified":45,"research_rounds_completed":13,"research_plan":33,"research_summary":33,"research_vulnerable_code":33,"research_fix_diff":33,"research_exploit_outline":33,"research_model_used":33,"research_started_at":33,"research_completed_at":33,"research_error":33,"poc_status":33,"poc_video_id":33,"poc_summary":33,"poc_steps":33,"poc_tested_at":33,"poc_wp_version":33,"poc_php_version":33,"poc_playwright_script":33,"poc_exploit_code":33,"poc_has_trace":45,"poc_model_used":33,"poc_verification_depth":33},"CVE-2024-12291","viewmedica-9-cross-site-request-forgery-to-reflected-cross-site-scripting","ViewMedica 9 \u003C= 1.4.17 - Cross-Site Request Forgery to Reflected Cross-Site Scripting","The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.17. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2025-01-06 15:39:24","2025-11-05 19:04:53",[72],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F646ba700-28d5-455f-88de-2864ef8f202c?source=api-prod",[],{"slug":75,"display_name":7,"profile_url":8,"plugin_count":76,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":77,"trust_score":78,"computed_at":79},"swarminteractive",1,300,72,"2026-04-18T21:17:50.773Z",[81,106,132,155,175],{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":103,"download_link":104,"security_score":105,"vuln_count":13,"unpatched_count":13,"last_vuln_date":33,"fetched_at":26},"feeds-for-tiktok","Feeds for TikTok (TikTok feed, video, and gallery plugin)","1.5.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Feeds for TikTok is a WordPress plugin that allows you to seamlessly integrate your TikTok account’s videos into your WordPress website. With Feeds for TikTok, you can easily connect your TikTok account to the TikTok API and display your latest videos in a customizable grid on your site.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Display TikTok Videos on Your WordPress Website | FREE TikTok Feed Plugin for WordPress\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F1174863183?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Connect TikTok Account\u003C\u002Fstrong>: Easily connect your TikTok account to the TikTok API for seamless integration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Retrieve Latest Videos\u003C\u002Fstrong>: Retrieve and display the latest videos from your connected TikTok account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display TikTok Account Information\u003C\u002Fstrong>: Display account information such as name and avatar in a customizable header.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customized Grid Display\u003C\u002Fstrong>: Create a customized grid of TikTok video thumbnails to display on your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Popup Lightbox\u003C\u002Fstrong>: TikTok videos play in a pop-up lightbox when clicked for a seamless viewing experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Caching for Quick Loading\u003C\u002Fstrong>: All data is cached for quick page loading and improved performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize Feed Display\u003C\u002Fstrong>: Customize the number of videos shown in the feed and the number of grid columns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Feed Customizer\u003C\u002Fstrong>: Style the feed with size and color settings using our feed customizer.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Benefits of Having a TikTok Feed\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Engage Your Audience\u003C\u002Fstrong>: Keep your website visitors engaged with fresh and dynamic content directly from your TikTok account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Showcase Your Creativity\u003C\u002Fstrong>: Highlight your creative work and talent by showcasing your latest TikTok videos on your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Increase User Interaction\u003C\u002Fstrong>: Encourage user interaction by allowing visitors to view, like, and share your TikTok videos without leaving your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhance Social Proof\u003C\u002Fstrong>: Displaying your TikTok feed on your website can enhance your social proof and credibility, showing that you’re active and influential on social media.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Drive Traffic to Your TikTok Account\u003C\u002Fstrong>: By featuring your TikTok content on your WordPress site, you can drive traffic and followers to your TikTok account, expanding your reach and influence.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Ways to Display Your TikTok Feed\u003C\u002Fh3>\n\u003Cp>There are several ways you can display your TikTok Feed. You can add a TikTok widget by using a plain text or shortcode block and adding the shortcode [sbtt-tiktok feed=1] to the content. You can also use our handy TikTok block to display your feed anywhere the block editor is used.\u003C\u002Fp>\n\u003Ch3>Pro Version\u003C\u002Fh3>\n\u003Cp>In order to maintain the free version of the plugin on an ongoing basis, and to provide quick and effective support for free, we offer a Pro version of the plugin. The Pro version allows you to:\u003Cbr \u002F>\n* Play .mp4 videos with a clean, distraction free video player instead of an iframe.\u003Cbr \u002F>\n* Connect multiple TikTok accounts\u003Cbr \u002F>\n* Create multiple TikTok feeds with different settings\u003Cbr \u002F>\n* Display videos from multiple TikTok accounts in a single feed\u003Cbr \u002F>\n* Moderate your TikTok feed by including or excluding videos by hashtag or phrase\u003Cbr \u002F>\n* Sort your TikTok videos by popularity, or randomly\u003Cbr \u002F>\n* Choose from several layout types including masonry and carousel layout\u003Cbr \u002F>\n* Display video captions\u003Cbr \u002F>\n* Display your TikTok feed in a sidebar or widget area\u003Cbr \u002F>\n* Use the ‘Load More’ button to view more videos\u003Cbr \u002F>\n* And much more…\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsmashballoon.com\u002Ftiktok-feeds\u002F?utm_campaign=tiktok-free-readme&utm_source=proversion&utm_medium=profindout\" title=\"TikTok Feed Pro\" rel=\"nofollow ugc\">Find out more about the Pro version\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fsmashballoon.com\u002Ftiktok-feeds\u002Fdemo\u002F?utm_campaign=tiktok-free-readme&utm_source=proversion&utm_medium=readmedemo\" title=\"TikTok Feed Pro Demo\" rel=\"nofollow ugc\">try out the Pro demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>What’s Next\u003C\u002Fh3>\n\u003Cp>If you like our WordPress TikTok plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Foptinmonster.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">OptinMonster\u003C\u002Fa> – Get more email subscribers with the most popular conversion optimization plugin for WordPress.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPForms\u003C\u002Fa> – #1 drag & drop online form builder for WordPress (trusted by 5 million sites).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Faioseo.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">AIOSEO\u003C\u002Fa> – The original WordPress SEO plugin to help you rank higher in search results (trusted by over 3 million sites).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fmonsterinsights.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">MonsterInsights\u003C\u002Fa> – See the stats that matter and grow your business with confidence. Best Google Analytics plugin for WordPress.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fseedprod.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">SeedProd\u003C\u002Fa> – Create beautiful landing pages with our powerful drag & drop landing page builder.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpmailsmtp.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPCode\u003C\u002Fa> – must have WordPress code snippet management plugin to help you future-proof website customization (trusted by 1.5 million sites).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fduplicator.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">Duplicator\u003C\u002Fa> – popular WordPress backup and migration plugin used by over 1 million websites.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpsimplepay.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WP Simple Pay\u003C\u002Fa> – #1 Stripe payments plugin for WordPress. Start accepting one-time or recurring payments without a shopping cart.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fpushengage.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">PushEngage\u003C\u002Fa> – Connect with visitors after they leave your website with the leading web push notification plugin.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Frafflepress.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">RafflePress\u003C\u002Fa> – Best WordPress giveaway and contest plugin to grow traffic and social followers.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Ftrustpulse.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">TrustPulse\u003C\u002Fa> – Add real-time social proof notifications to boost your store conversions by up to 15%.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fsearchwp.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">SearchWP\u003C\u002Fa> – The most advanced custom WordPress search plugin to improve WordPress search quality.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Faffiliatewp.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">AffiliateWP\u003C\u002Fa> – #1 affiliate management plugin for WordPress. Add a referral program to your online store.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Feasydigitaldownloads.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">Easy Digital Downloads\u003C\u002Fa> – The best WordPress eCommerce plugin to sell digital products (eBooks, software, music, and more).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpcharitable.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPCharitable\u003C\u002Fa> – Top-rated WordPress donation and fundraising plugin for WordPress.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwpbeginner.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPBeginner\u003C\u002Fa> to learn from our \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WordPress Tutorials\u003C\u002Fa> and about the \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, questions, or feature requests, please contact us through the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffeeds-for-tiktok\u002F\" rel=\"ugc\">plugin support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Feeds for TikTok does not collect any personal data from your TikTok account. All data retrieved from the TikTok API is used solely for the purpose of displaying your TikTok feed on your WordPress site.\u003C\u002Fp>\n\u003Cp>There are two external sites this plugin connects to. Smashballoon.com is used to collect new videos to display in your feed. Tiktok.com is used in an iframe so your visitors can view your videos without leaving your site.\u003C\u002Fp>\n","The best way to display TikTok videos on your WordPress website. Display clean, customizable, and responsive TikTok feeds from your TikTok account.",70000,328585,86,6,"2026-04-01T15:26:00.000Z","6.9.4","5.2","7.4",[98,99,100,101,102],"tiktok","tiktok-account","tiktok-feed","tiktok-videos","tiktok-widget","https:\u002F\u002Fsmashballoon.com\u002Ftiktok-feeds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeeds-for-tiktok.1.5.0.zip",100,{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":128,"download_link":129,"security_score":91,"vuln_count":130,"unpatched_count":13,"last_vuln_date":131,"fetched_at":26},"yotuwp-easy-youtube-embed","Video Gallery – YouTube Playlist, Channel Gallery by YotuWP","1.3.14","yotuwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fyotuwp\u002F","\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdocument\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" rel=\"nofollow ugc\">Document\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fcontact\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" title=\"Contact & Support\" rel=\"nofollow ugc\">Contact & Support\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002F?utm_source=wp-plugin-repo&utm_medium=top-link\" title=\"YotuWP Landingpage\" rel=\"nofollow ugc\">Home Page\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The longer you keep vistors on website, the better. Video was a game-changer for us personally in regards to keeping people on the site longer.\u003C\u002Fp>\n\u003Cp>YotuWP is your solution for embeding videos YouTube on your website. YotuWP is modern and mobile responsive video gallery. Easy embed videos from YouTube video playlist, channel and videos IDs to your WordPress website.\u003C\u002Fp>\n\u003Ch3>Support resource from:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Videos from playlist\u003C\u002Fli>\n\u003Cli>Videos from channel\u003C\u002Fli>\n\u003Cli>Videos from username\u003C\u002Fli>\n\u003Cli>Videos from list of video ids\u003C\u002Fli>\n\u003Cli>Embed single video with video url only.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=resource-section\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View More\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Layouts\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Grid : with multi columns videos and vertical video info. You can change number of columns via setting.\u003C\u002Fli>\n\u003Cli>List : with one column and horizontal video info \u003C\u002Fli>\n\u003Cli>Mix : that is combie layout between grid and list layout. You can change number of columns via setting.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=layout-section\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View More\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Player Mode\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Large : A big player at head of gallery. Item video played when click on item thumbnail or title of gallery.\u003C\u002Fli>\n\u003Cli>Modal\u002FPopup\u002FLightbox : The new youtbe popup\u002Flightbox displayed when click on item thumbnail or title of gallery.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.yotuwp.com\u002Fdemo\u002F?utm_source=wp-plugin-repo&utm_medium=player-section\" title=\"Demo YotuWP\" rel=\"nofollow ugc\">View More\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcode Generator\u003C\u002Fh3>\n\u003Cp>Allow you generate shortcode YotuWP to use on page builders, widgets, product description…\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy to embed playlist\u002F channel videos to WordPress post\u002Fpage\u003C\u002Fli>\n\u003Cli>Custom layout for display videos\u003C\u002Fli>\n\u003Cli>Video gallery responsive\u003C\u002Fli>\n\u003Cli>Player with a large frame on top\u003C\u002Fli>\n\u003Cli>Player with popup\u002Flightbox\u002Fmodal with thumbnails\u003C\u002Fli>\n\u003Cli>Player responsive\u003C\u002Fli>\n\u003Cli>Pager and load more buttons\u003C\u002Fli>\n\u003Cli>Compatibility with page builders via Shortcode Generator\u003C\u002Fli>\n\u003Cli>Styling settings: buttons color, buttons style\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>BECOME A PREMIUM USER\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>YotuWP has Pro version which comes with several additional benefits. Only $21 for start!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Carousel Layout\u003C\u002Fli>\n\u003Cli>Masonry Layout\u003C\u002Fli>\n\u003Cli>Big Player Left Layout\u003C\u002Fli>\n\u003Cli>Big Player Right Layout\u003C\u002Fli>\n\u003Cli>Flip Layout with 40+ effects\u003C\u002Fli>\n\u003Cli>Replacement: Replace title, description and video thumbnail by your custom info, image\u003C\u002Fli>\n\u003Cli>Multiple video thumbnails styling\u003C\u002Fli>\n\u003Cli>Meta video data: View, Like, Comments, Published Date\u003C\u002Fli>\n\u003Cli>12+ Hover icons\u003C\u002Fli>\n\u003Cli>Custom text for buttons Next, Prev, Load more\u003C\u002Fli>\n\u003Cli>Color styling for title, description, meta data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyotuwp.com\u002Fadvanced-demos\u002F?utm_source=wp-plugin-repo&utm_medium=after-features-link\" rel=\"nofollow ugc\">Free Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Modern responsive YouTube video gallery helps your website getting noticed from visitors, increase the reach and stand out from the competitors.",20000,372016,94,320,"2024-06-25T03:20:00.000Z","6.2.9","4.5","",[123,124,125,126,127],"youtube-channel","youtube-embed","youtube-gallery","youtube-playlist","youtube-videos","https:\u002F\u002Fwww.yotuwp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyotuwp-easy-youtube-embed.zip",5,"2024-06-14 20:13:53",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":142,"num_ratings":143,"last_updated":144,"tested_up_to":145,"requires_at_least":146,"requires_php":121,"tags":147,"homepage":152,"download_link":153,"security_score":154,"vuln_count":13,"unpatched_count":13,"last_vuln_date":33,"fetched_at":26},"featured-video-plus","Featured Video Plus","2.3.3","Alex","https:\u002F\u002Fprofiles.wordpress.org\u002Fahoereth\u002F","\u003Cblockquote>\n\u003Cp>A picture is worth a thousand words. How many words is a video worth?\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Featured Videos work like Featured Images, just smoother: Paste a video URL into the designated new box on the post edit screen and the video will be displayed in place of a post image.\u003C\u002Fp>\n\u003Cp>There are three ways to get the videos onto your page:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Automagically!\u003C\u002Fstrong> If your theme makes use of WordPress’ native \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPost_Thumbnails\" rel=\"nofollow ugc\">featured image functionality\u003C\u002Fa> you are set: Automatic insertion, lazy loading or lightbox overlays, its your choice. If this does not work you can either\u003C\u002Fli>\n\u003Cli>insert the \u003Ccode>[featured-video-plus]\u003C\u002Fcode>–\u003Cstrong>Shortcode\u003C\u002Fstrong> in your posts or\u003C\u002Fli>\n\u003Cli>manually make use of the \u003Cstrong>PHP-functions\u003C\u002Fstrong> in your theme’s source files.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>For more details, check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffeatured-video-plus\u002Finstallation\u002F\" rel=\"ugc\">installation\u003C\u002Fa> page.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Theme compatibility\u003C\u002Fstrong>\u003Cbr \u002F>\n  Sadly many themes do not follow the WordPress standards and implement their own fancy functions for displaying featured images – those very likely break this plugin. Check out the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffeatured-video-plus\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>. Another common problem are sliders: Videos, in general, do not like sliders at all.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>See the plugin in action on \u003Ca href=\"http:\u002F\u002Fyrnxt.com\u002Fwordpress\u002Ffeatured-video-plus\u002F\" rel=\"nofollow ugc\">yrnxt.com\u003C\u002Fa>. There is a button in the sidebar to switch between the different featured video display modes: \u003Ca href=\"http:\u002F\u002Fyrnxt.com\u002Fwordpress\u002Ffeatured-video-plus\u002F?setfvpmode=replace\" rel=\"nofollow ugc\">Automatic\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fyrnxt.com\u002Fwordpress\u002Ffeatured-video-plus\u002F?setfvpmode=dynamic\" rel=\"nofollow ugc\">lazy\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Fyrnxt.com\u002Fwordpress\u002Ffeatured-video-plus\u002F?setfvpmode=overlay\" rel=\"nofollow ugc\">overlay\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Besides \u003Cstrong>Local Videos\u003C\u002Fstrong> you can use videos from a whole lot of external providers like \u003Cstrong>YouTube\u003C\u002Fstrong>, \u003Cstrong>Vimeo\u003C\u002Fstrong> and \u003Cstrong>Dailymotion\u003C\u002Fstrong>. \u003Cstrong>SoundCloud\u003C\u002Fstrong> and \u003Cstrong>Spotify\u003C\u002Fstrong> (including playlists) are supported as well. Check the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FEmbeds#Okay.2C_So_What_Sites_Can_I_Embed_From.3F\" rel=\"nofollow ugc\">WordPress Codex\u003C\u002Fa> for a complete list. If some provider is not listed you can always just use an embed code or whatever HTML you like.\u003C\u002Fp>\n\u003Cp>After installing the plugin check your site’s \u003Cem>Media Settings\u003C\u002Fem> (\u003Ccode>Settings -> Media\u003C\u002Fcode> in the administration interface): The plugin adds quite some little helper options there. Change to lazy or overlay mode, tweak video sizing, individualize the look of the most prominent providers’ video players and turn on autoplay or video looping. By default videos try to dynamically fit their parent containers width and adjust their size responsively.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Support\u003C\u002Fstrong>\u003Cbr \u002F>\n  I do read all support questions in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffeatured-video-plus\" rel=\"ugc\">forums\u003C\u002Fa> but cannot reply to all of them. The plugin is an unpaid side project and full support would require more time than I can invest for free for over 20k active installs. If you really need help, consider \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=AD8UKMQW2DMM6\" rel=\"nofollow ugc\">buying me a cookie\u003C\u002Fa> – best way to attract my attention and to support future enhancements.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Add Featured Videos to your posts and pages. Works like magic with most themes which use Featured Images. Local Media, YouTube, Vimeo and many more.",10000,315395,96,80,"2017-11-28T09:08:00.000Z","4.7.33","3.7",[148,149,150,151,20],"featured","image","post","video","http:\u002F\u002Fyrnxt.com\u002Fwordpress\u002Ffeatured-video-plus\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeatured-video-plus.2.3.3.zip",85,{"slug":156,"name":157,"version":158,"author":159,"author_profile":160,"description":161,"short_description":162,"active_installs":140,"downloaded":163,"rating":105,"num_ratings":76,"last_updated":164,"tested_up_to":165,"requires_at_least":166,"requires_php":167,"tags":168,"homepage":173,"download_link":174,"security_score":105,"vuln_count":13,"unpatched_count":13,"last_vuln_date":33,"fetched_at":26},"socialfeeds","SocialFeeds","1.0.6","Softaculous","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftaculous\u002F","\u003Cp>SocialFeeds is a lightweight and easy-to-use WordPress plugin designed to showcase Instagram and YouTube content directly on your website. With quick setup and shortcode support, you can display social media feeds anywhere on your site and keep your content fresh and engaging.\u003C\u002Fp>\n\u003Cp>You can find our official documentation at \u003Ca href=\"https:\u002F\u002Fsocialfeeds.org\u002Fdocs\" rel=\"nofollow ugc\">https:\u002F\u002Fsocialfeeds.org\u002Fdocs\u003C\u002Fa>. We are also active in our community support forums on wordpress.org if you are one of our free users. Our Premium Support Ticket System is at \u003Ca href=\"https:\u002F\u002Fsoftaculous.deskuss.com\" rel=\"nofollow ugc\">https:\u002F\u002Fsoftaculous.deskuss.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsocialfeeds.org\" title=\"SocialFeeds Homepage\" rel=\"nofollow ugc\">Home Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsoftaculous.deskuss.com\" title=\"SocialFeeds Support\" rel=\"nofollow ugc\">Support\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fsocialfeeds.org\u002Fdocs\" title=\"Documents\" rel=\"nofollow ugc\">Documents\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>SocialFeeds YouTube Free Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Display YouTube Channel Videos\u003C\u002Fstrong> – Show videos directly from your YouTube channel on your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick and Easy Feed Setup\u003C\u002Fstrong> – Easily create and manage your YouTube feed from the WordPress dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Video Information Display\u003C\u002Fstrong> – Display video title, description, play icon, lazy loading, and click-to-play functionality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hover Effects\u003C\u002Fstrong> – Apply hover animation and visual effects to video items for better user interaction.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Feed Header\u003C\u002Fstrong> – Display a header with channel name, logo, description, custom logo, and banner image.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>YouTube Subscribe Button\u003C\u002Fstrong> – Add a YouTube subscribe button in the feed header to increase channel subscribers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Load More Videos\u003C\u002Fstrong> – Allow users to load additional videos using a convenient Load More button.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Basic Layout and Style Customization\u003C\u002Fstrong> – Customize basic layout and styling options to match your website design.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully Responsive Design\u003C\u002Fstrong> – Feeds automatically adjust to desktop, tablet, and mobile devices and work with most WordPress themes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Upgrade to SocialFeeds PRO for More Power\u003C\u002Fh3>\n\u003Cp>Unlock advanced capabilities with \u003Cstrong>SocialFeeds PRO\u003C\u002Fstrong>, such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multiple Account Support\u003C\u002Fstrong> – Connect and manage multiple YouTube channels and Instagram accounts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Video Details\u003C\u002Fstrong> – Display video duration, publish date, view count, like count, and comment count.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple YouTube Feed Types\u003C\u002Fstrong> – Show Channel Feeds, Playlist Feeds, Search Feeds, Single Videos, and Live Stream Videos.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Feed Design Customization\u003C\u002Fstrong> – Customize colors, fonts, spacing, layouts, and styling for YouTube feeds.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instagram Feed Layouts\u003C\u002Fstrong> – Display Instagram feeds using Grid, Carousel, and Masonry layouts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Instagram Columns\u003C\u002Fstrong> – Control the number of columns for desktop, tablet, and mobile devices.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Limits and Loading Control\u003C\u002Fstrong> – Set limits on the number of Instagram posts displayed and configure loading behavior.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Instagram Header\u003C\u002Fstrong> – Customize header position, profile avatar, bio, follower count, and media count.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Instagram Post Display\u003C\u002Fstrong> – Show captions, likes, comments, reels, icons, and play modes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instagram Hover Effects\u003C\u002Fstrong> – Enable hover states and interaction effects for Instagram posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instagram Follow Button\u003C\u002Fstrong> – Add and customize a follow button to grow your Instagram audience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Load More Button Customization\u003C\u002Fstrong> – Control the behavior and design of the Instagram Load More button.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Sorting Options\u003C\u002Fstrong> – Sort Instagram posts by newest, most liked, or random order.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Layout Spacing and Aspect Ratio Control\u003C\u002Fstrong> – Adjust spacing between posts and control the media aspect ratio.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Shortcode Preview\u003C\u002Fstrong> – Display a live preview of the feed using the Preview Block inside the editor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Use SocialFeeds?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Increase visitor engagement with live social media content\u003C\u002Fli>\n\u003Cli>Promote your YouTube and Instagram profiles directly on your website\u003C\u002Fli>\n\u003Cli>Improve website appearance with modern and responsive feed layouts\u003C\u002Fli>\n\u003Cli>Easy integration with shortcodes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Third Party API usage\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>YouTube Search API: This plugin uses the YouTube Data API to retrieve publicly available YouTube videos based on search queries configured by the user. When enabled, the plugin sends the search term and the YouTube API key provided by the user to Google servers. The API returns public video data such as titles, descriptions, thumbnails, and video IDs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>YouTube Channels API: This plugin uses the YouTube Data API to retrieve publicly available information about a YouTube channel. When enabled, the plugin sends the channel ID and the YouTube API key provided by the user to Google servers. The API returns public channel data such as channel name, description, thumbnails, statistics, and other public metadata.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Service Provider: Google LLC (YouTube Data API v3)\u003C\u002Fp>\n\u003Cp>Terms of Service: https:\u002F\u002Fdevelopers.google.com\u002Fyoutube\u002Fterms\u002Fapi-services-terms-of-service\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Ch3>Start Using SocialFeeds\u003C\u002Fh3>\n\u003Cp>Install SocialFeeds today to display your Instagram photos and YouTube videos on your WordPress website and keep your content always up to date.\u003C\u002Fp>\n","YouTube feeds for WordPress with simple Setup and Settings options.",12290,"2026-04-02T14:16:00.000Z","7.0","5.0","7.2",[169,170,171,172,127],"instagram-feed","social-feeds","social-media","youtube-feed","https:\u002F\u002Fsocialfeeds.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocialfeeds.1.0.6.zip",{"slug":176,"name":177,"version":178,"author":179,"author_profile":180,"description":181,"short_description":182,"active_installs":183,"downloaded":184,"rating":143,"num_ratings":185,"last_updated":186,"tested_up_to":187,"requires_at_least":188,"requires_php":189,"tags":190,"homepage":194,"download_link":195,"security_score":196,"vuln_count":76,"unpatched_count":76,"last_vuln_date":197,"fetched_at":26},"porn-videos-embed","Porn Videos Embed","0.9.1","perteus","https:\u002F\u002Fprofiles.wordpress.org\u002Fperteus\u002F","\u003Cp>A very simple wordpress plugin for add shortcode embed videos from porn sites\u003Cbr \u002F>\nlike xvideos, xhmaster, pornhub.\u003C\u002Fp>\n\u003Ch3>Donations\u003C\u002Fh3>\n","A very simple wordpress plugin for add shortcode embed videos from porn sites",2000,19631,4,"2019-03-17T18:47:00.000Z","5.1.22","4.0","7.0.0",[191,192,193,20],"adult","embed","sex","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fporn-videos-embed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fporn-videos-embed.zip",63,"2025-08-06 00:00:00",{"attackSurface":199,"codeSignals":254,"taintFlows":283,"riskAssessment":327,"analyzedAt":338},{"hooks":200,"ajaxHandlers":248,"restRoutes":249,"shortcodes":250,"cronEvents":253,"entryPointCount":76,"unprotectedCount":13},[201,207,211,215,220,224,228,232,236,240,244],{"type":202,"name":203,"callback":204,"file":205,"line":206},"filter","tiny_mce_before_init","add_viewmedica_clientid","swarm.php",216,{"type":202,"name":208,"callback":209,"file":205,"line":210},"mce_external_plugins","add_viewmedica_tinymce_plugin",217,{"type":202,"name":212,"callback":213,"file":205,"line":214},"mce_buttons","register_viewmedica_button",218,{"type":216,"name":217,"callback":218,"file":205,"line":219},"action","admin_notices","swarm_admin_notice",287,{"type":216,"name":221,"callback":222,"file":205,"line":223},"admin_init","swarm_nag_ignore",288,{"type":202,"name":225,"callback":226,"file":205,"line":227},"tiny_mce_version","vm_refresh_mce",291,{"type":216,"name":229,"callback":230,"file":205,"line":231},"init","add_viewmedica_button",292,{"type":216,"name":233,"callback":234,"file":205,"line":235},"wp_enqueue_scripts","swarm_header",298,{"type":216,"name":237,"callback":238,"file":205,"line":239},"admin_menu","swarm_admin_actions",301,{"type":216,"name":241,"callback":242,"file":205,"line":243},"plugins_loaded","swarm_install",302,{"type":216,"name":245,"callback":246,"file":205,"line":247},"admin_enqueue_scripts","thickbox",309,[],[],[251],{"tag":4,"callback":252,"file":205,"line":43},"swarm_viewmedica_display",[],{"dangerousFunctions":255,"sqlUsage":256,"outputEscaping":259,"fileOperations":13,"externalRequests":76,"nonceChecks":24,"capabilityChecks":281,"bundledLibraries":282},[],{"prepared":257,"raw":13,"locations":258},12,[],{"escaped":24,"rawEcho":260,"locations":261},9,[262,266,268,270,272,274,275,277,279],{"file":263,"line":264,"context":265},"swarm-admin.php",265,"raw output",{"file":263,"line":267,"context":265},267,{"file":263,"line":269,"context":265},271,{"file":263,"line":271,"context":265},297,{"file":263,"line":273,"context":265},299,{"file":263,"line":60,"context":265},{"file":263,"line":276,"context":265},367,{"file":263,"line":278,"context":265},369,{"file":263,"line":280,"context":265},370,2,[],[284],{"entryPoint":285,"graph":286,"unsanitizedCount":13,"severity":326},"\u003Cswarm-admin> (swarm-admin.php:0)",{"nodes":287,"edges":320},[288,293,299,302,307,310,314,318],{"id":289,"type":290,"label":291,"file":263,"line":292},"n0","source","$_POST (x2)",18,{"id":294,"type":295,"label":296,"file":263,"line":297,"wp_function":298},"n1","sink","query() [SQLi]",26,"query",{"id":300,"type":290,"label":301,"file":263,"line":292},"n2","$_POST (x4)",{"id":303,"type":295,"label":304,"file":263,"line":305,"wp_function":306},"n3","get_results() [SQLi]",32,"get_results",{"id":308,"type":290,"label":309,"file":263,"line":264},"n4","$_SERVER['REQUEST_URI'] (x3)",{"id":311,"type":295,"label":312,"file":263,"line":264,"wp_function":313},"n5","echo() [XSS]","echo",{"id":315,"type":290,"label":316,"file":263,"line":317},"n6","$_POST (x3)",51,{"id":319,"type":295,"label":312,"file":263,"line":269,"wp_function":313},"n7",[321,323,324,325],{"from":289,"to":294,"sanitized":322},true,{"from":300,"to":303,"sanitized":322},{"from":308,"to":311,"sanitized":322},{"from":315,"to":319,"sanitized":322},"low",{"summary":328,"deductions":329},"The viewmedica plugin v1.4.21 presents a mixed security posture. On the positive side, the static analysis reveals good practices in several areas. All SQL queries are properly prepared, indicating a reduced risk of SQL injection. There are no identified dangerous functions or file operations, which are common vectors for attacks. Furthermore, the plugin demonstrates a commitment to input validation with a reasonable number of nonce and capability checks. The absence of critical or high-severity taint analysis findings is also a reassuring sign. However, concerns arise from the output escaping. With only 25% of outputs properly escaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. This lack of robust output sanitization could allow attackers to inject malicious scripts through various plugin functionalities. The plugin's vulnerability history, despite having no currently unpatched CVEs, shows a past pattern of 3 medium-severity vulnerabilities, primarily related to XSS and CSRF. This suggests that while the developers have addressed past issues, the underlying code may still have weaknesses that can lead to similar vulnerabilities. The presence of external HTTP requests without further context also warrants caution, as compromised external resources could potentially impact the plugin's security. Overall, the plugin exhibits strengths in data handling and authentication mechanisms but requires immediate attention to its output escaping practices to mitigate significant XSS risks.",[330,333,336],{"reason":331,"points":332},"Low output escaping percentage (25%)",15,{"reason":334,"points":335},"Previous medium severity vulnerabilities (3)",10,{"reason":337,"points":24},"External HTTP requests without context","2026-03-16T20:20:57.675Z",{"wat":340,"direct":349},{"assetPaths":341,"generatorPatterns":343,"scriptPaths":344,"versionParams":346},[342],"\u002Fwp-content\u002Fplugins\u002Fviewmedica\u002Fvm_event_listener.js",[],[345],"https:\u002F\u002Fondemand.viewmedica.com\u002Flib\u002Fvm.js",[347,348],"viewmedica\u002Fvm_event_listener.js?ver=","viewmedica\u002Fvm_event_listener.js?ver=1.1.0",{"cssClasses":350,"htmlComments":351,"htmlAttributes":353,"restEndpoints":354,"jsGlobals":355,"shortcodeOutput":357},[],[352],"\u003C!-- ViewMedica Embed End -->",[],[],[356],"vm_open",[358,359,360],"\u003Cdiv id='vm'>\u003C\u002Fdiv>","\u003Cdiv id='","'>\u003C\u002Fdiv>",{"slug":4,"current_version":6,"total_versions":335,"versions":362},[363,368,375,381,388,398,408,418,428,438],{"version":6,"download_url":22,"svn_tag_url":364,"released_at":33,"has_diff":45,"diff_files_changed":365,"diff_lines":33,"trac_diff_url":366,"vulnerabilities":367,"is_current":322},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.21\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.20&new_path=%2Fviewmedica%2Ftags%2F1.4.21",[],{"version":369,"download_url":370,"svn_tag_url":371,"released_at":33,"has_diff":45,"diff_files_changed":372,"diff_lines":33,"trac_diff_url":373,"vulnerabilities":374,"is_current":45},"1.4.20","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.20.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.20\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.19&new_path=%2Fviewmedica%2Ftags%2F1.4.20",[],{"version":35,"download_url":376,"svn_tag_url":377,"released_at":33,"has_diff":45,"diff_files_changed":378,"diff_lines":33,"trac_diff_url":379,"vulnerabilities":380,"is_current":45},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.19.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.19\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.18&new_path=%2Fviewmedica%2Ftags%2F1.4.19",[],{"version":52,"download_url":382,"svn_tag_url":383,"released_at":33,"has_diff":45,"diff_files_changed":384,"diff_lines":33,"trac_diff_url":385,"vulnerabilities":386,"is_current":45},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.18.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.18\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.17&new_path=%2Fviewmedica%2Ftags%2F1.4.18",[387],{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35},{"version":389,"download_url":390,"svn_tag_url":391,"released_at":33,"has_diff":45,"diff_files_changed":392,"diff_lines":33,"trac_diff_url":393,"vulnerabilities":394,"is_current":45},"1.4.17","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.17.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.17\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.16&new_path=%2Fviewmedica%2Ftags%2F1.4.17",[395,396,397],{"id":47,"url_slug":48,"title":49,"severity":36,"cvss_score":53,"vuln_type":55,"patched_in_version":52},{"id":63,"url_slug":64,"title":65,"severity":36,"cvss_score":67,"vuln_type":55,"patched_in_version":52},{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35},{"version":399,"download_url":400,"svn_tag_url":401,"released_at":33,"has_diff":45,"diff_files_changed":402,"diff_lines":33,"trac_diff_url":403,"vulnerabilities":404,"is_current":45},"1.4.16","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.16.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.16\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.15&new_path=%2Fviewmedica%2Ftags%2F1.4.16",[405,406,407],{"id":47,"url_slug":48,"title":49,"severity":36,"cvss_score":53,"vuln_type":55,"patched_in_version":52},{"id":63,"url_slug":64,"title":65,"severity":36,"cvss_score":67,"vuln_type":55,"patched_in_version":52},{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35},{"version":409,"download_url":410,"svn_tag_url":411,"released_at":33,"has_diff":45,"diff_files_changed":412,"diff_lines":33,"trac_diff_url":413,"vulnerabilities":414,"is_current":45},"1.4.15","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.15.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.15\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.14&new_path=%2Fviewmedica%2Ftags%2F1.4.15",[415,416,417],{"id":47,"url_slug":48,"title":49,"severity":36,"cvss_score":53,"vuln_type":55,"patched_in_version":52},{"id":63,"url_slug":64,"title":65,"severity":36,"cvss_score":67,"vuln_type":55,"patched_in_version":52},{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35},{"version":419,"download_url":420,"svn_tag_url":421,"released_at":33,"has_diff":45,"diff_files_changed":422,"diff_lines":33,"trac_diff_url":423,"vulnerabilities":424,"is_current":45},"1.4.14","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.14.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.14\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.13&new_path=%2Fviewmedica%2Ftags%2F1.4.14",[425,426,427],{"id":47,"url_slug":48,"title":49,"severity":36,"cvss_score":53,"vuln_type":55,"patched_in_version":52},{"id":63,"url_slug":64,"title":65,"severity":36,"cvss_score":67,"vuln_type":55,"patched_in_version":52},{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35},{"version":429,"download_url":430,"svn_tag_url":431,"released_at":33,"has_diff":45,"diff_files_changed":432,"diff_lines":33,"trac_diff_url":433,"vulnerabilities":434,"is_current":45},"1.4.13","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.13.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.13\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fviewmedica%2Ftags%2F1.4.12&new_path=%2Fviewmedica%2Ftags%2F1.4.13",[435,436,437],{"id":47,"url_slug":48,"title":49,"severity":36,"cvss_score":53,"vuln_type":55,"patched_in_version":52},{"id":63,"url_slug":64,"title":65,"severity":36,"cvss_score":67,"vuln_type":55,"patched_in_version":52},{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35},{"version":439,"download_url":440,"svn_tag_url":441,"released_at":33,"has_diff":45,"diff_files_changed":442,"diff_lines":33,"trac_diff_url":33,"vulnerabilities":443,"is_current":45},"1.4.12","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fviewmedica.1.4.12.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fviewmedica\u002Ftags\u002F1.4.12\u002F",[],[444,445,446],{"id":47,"url_slug":48,"title":49,"severity":36,"cvss_score":53,"vuln_type":55,"patched_in_version":52},{"id":63,"url_slug":64,"title":65,"severity":36,"cvss_score":67,"vuln_type":55,"patched_in_version":52},{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35}]