[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwzEAvWCeCH1dPERsr5uWG4PVK8rxsiiaMKbaMF7yq7E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":47,"crawl_stats":38,"alternatives":54,"analysis":155,"fingerprints":258},"wavesurfer-wp","WaveSurfer-WP","2.8.4","X-Raym","https:\u002F\u002Fprofiles.wordpress.org\u002Fx-raym\u002F","\u003Cp>This plugin replaces the default WordPress audio player with a player capable of displaying audio waveforms. It can display a mix of the different audio channels (for podcast, radio replays, e-learning, music), or all channels simultaneously (for sound tutorial, sounds-packs showcases, audio products demo etc…), which is its main purpose.\u003C\u002Fp>\n\u003Cp>By working with the default audio\u002Fplaylist shortcode, you have great advantages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It works with all your previous posts\u003C\u002Fli>\n\u003Cli>You still have the default player in the Visual Editor (not just shortcode)\u003C\u002Fli>\n\u003Cli>It supports every audio format supported by WordPress (wav, ogg, mp3, m4a).\u003C\u002Fli>\n\u003Cli>Safe deactivation: if you deactivate the plugin, your shortcode will fallback to the WordPress default audio player.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Global colors and style settings can be overridden locally by dedicated shortcode attributes.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>progress_color=\"purple\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wave_color=\"#FF0000\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>cursor_color=\"#FF0000\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>height=\"128\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>bar_width=\"0\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Also, there is some attributes accessible at shortcode level:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>mute_button=\"true\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>loop_button=\"true\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>download_button=\"true\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>split_channels=\"true\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>player=\"default\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more advanced customization, with a custom \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fbeginners-guide\u002Fwhat-why-and-how-tos-of-creating-a-site-specific-wordpress-plugin\u002F\" rel=\"nofollow ugc\">site-plugin\u003C\u002Fa>, you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>add shortcode attributes conditionally with the filter \u003Ccode>wavesurfer_wp_shortcode_attributes\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>use the \u003Ccode>wavesurfer_wp_shortcode_data\u003C\u002Fcode> filter if you want to add custom waveform data attributes.\u003C\u002Fli>\n\u003Cli>use the \u003Ccode>wavesurfer-wp-init\u003C\u002Fcode> JavaScript event handler to render the player on custom events, like after click on a button. See examples on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FX-Raym\u002Fwavesurfer-wp-init\" rel=\"nofollow ugc\">WaveSurfer-WP-Init\u003C\u002Fa> GitHub repository.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check this \u003Ca href=\"https:\u002F\u002Fgist.github.com\u002FX-Raym\u002F5c388e6554b30ca6a56646fb8d96d17f\" rel=\"nofollow ugc\">Gist\u003C\u002Fa> for demos of how to use the filters.\u003C\u002Fp>\n\u003Cp>Extra features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Pressing play on a player automatically set all the others on the same page to pause.\u003C\u002Fli>\n\u003Cli>AJAX Page loading compatibility\u003C\u002Fli>\n\u003Cli>MultiSite Friendly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The default style requires some icons of \u003Ca href=\"https:\u002F\u002Ffortawesome.github.io\u002F\" rel=\"nofollow ugc\">Font-Awesome 1.0\u003C\u002Fa>. These are included in the plugin as a small custom font. Because this icon-font is already used in a lot of themes and plugins, you can deactivate this custom font if needed.\u003C\u002Fp>\n\u003Cp>You can deactivate the default WaveSurder-WP theme, and use your own theme style. I strongly encourage you to do that as custom CSS is the only way to make it fit your theme perfectly. There is a lot of dedicated CSS selectors for that. You can take one of the included theme as reference.\u003Cbr \u002F>\nThis will allow you to have more control on icons, responsivity, mouse hover behavior etc…\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.extremraym.com\u002Fen\u002Fwavesurfer-wp\" rel=\"nofollow ugc\">More Infos & Demos\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can contribute by to WaveSurfer-WP development on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fx-raym\u002Fwavesurfer-wp\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Themes and Translations are welcome !\u003C\u002Fp>\n\u003Cp>Optimization trick: if you only use this plugin on a couple of pages, I invite you to use a plugin like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-organizer\u002F\" rel=\"ugc\">Plugin Organizer\u003C\u002Fa> or \u003Ca href=\"http:\u002F\u002Ftomasz-dobrzynski.com\u002Fwordpress-gonzales\" rel=\"nofollow ugc\">Gonzales\u003C\u002Fa> to globally deactivate the plugin or its style, and make it load resources only on pages which need it.\u003Cbr \u002F>\nNo need for that on the back-end, only for front-end.\u003C\u002Fp>\n\u003Cp>This player doesn’t have and will not have Like Button, Sharing Button, Play count and Download count.\u003Cbr \u002F>\nIf you are looking for a WordPress player with such Social Features and advanced statistics like \u003Ca href=\"http:\u002F\u002Fwww.soundcloud.com\" rel=\"nofollow ugc\">SoundCloud\u003C\u002Fa> or \u003Ca href=\"http:\u002F\u002Fwww.hearthis.at\" rel=\"nofollow ugc\">Hearthis.at\u003C\u002Fa>, take a look at \u003Ca href=\"http:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fzoomsounds-neat-html5-audio-player\u002F4525354\" rel=\"nofollow ugc\">ZoomSounds\u003C\u002Fa>.\u003Cbr \u002F>\nFor other advanced WordPress integration of wavesurfer-js, you can check \u003Ca href=\"http:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwaveplayer-a-wordpress-audio-player\u002F14349799\" rel=\"nofollow ugc\">WavePlayer\u003C\u002Fa> by luigipulcini or \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwavesurfer-plus-mp3-player-module-for-gmedia-plugin\u002F19242349\" rel=\"nofollow ugc\">WaveSurfer-Plus\u003C\u002Fa> by GalleryCreator.\u003C\u002Fp>\n\u003Cp>Contrary to the other WordPress plugin based on wavesurfer-js, wavesurfer-js hasn’t been modified in this plugin. This means that you can extend feature of this plugin using the wavesurfer-js \u003Ca href=\"http:\u002F\u002Fwavesurfer-js.org\u002F\" rel=\"nofollow ugc\">methods\u003C\u002Fa>, and that updates from the wavesurfer-js community will be pushed in WaveSurfer-WP regularly.\u003C\u002Fp>\n\u003Cp>WordPress 5 and Guteberg: Inserting \u003Ccode>[audio]\u003C\u002Fcode> with Gutenberg doesn’t bring the \u003Ccode>[audio]\u003C\u002Fcode> shortcode as it use to be. As this plugin is designed to hook the audio shortcode, you can use the generic shortcode block in gutenberg to manually write your shortcode, or use the classic editor.\u003C\u002Fp>\n\u003Ch4>WaveSurfer-WP Premium Add-on\u003C\u002Fh4>\n\u003Cp>A premium add-on is available to add extra features to WaveSurfer-WP.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Cache Peaks File\u003Cbr \u002F>\nThis add-on creates and loads peaks from small files, containing peaks values. No need to wait for the full audio to be decoded to display its waveform.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Markers System\u003Cbr \u002F>\nYou can add custom clickable element on your pages to seek WaveSurfer-WP player to a desired position. Can be useful for adding marks, chapters, and it can even be used for \u003Ca href=\"https:\u002F\u002Fwww.extremraym.com\u002Fen\u002Fwavesurfer-wp-markers\" rel=\"nofollow ugc\">interactive audio transcripts\u003C\u002Fa>!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Plug and Play\u003Cbr \u002F>\nThese extra features are packed as an add-on. No need to delete and replace the original plugin. You will still be able to benefit from translations made by the community. Also, the core is still open source, to allow contribution.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>TimeLine Plugin\u003Cbr \u002F>\nWhen activated thanks to a shortcode attribute, a customizable time ruler will appear below your waveform.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can buy it from the official \u003Ca href=\"https:\u002F\u002Fwww.extremraym.com\u002Fen\u002Fdownloads\u002Fwavesurfer-wp-premium\" rel=\"nofollow ugc\">product page\u003C\u002Fa>.\u003Cbr \u002F>\nThanks for considering this way to support WaveSurfer-WP !\u003C\u002Fp>\n\u003Ch3>Additional Infos\u003C\u002Fh3>\n\u003Cp>It is a port for WordPress of \u003Ca href=\"http:\u002F\u002Fwavesurfer-js.org\u002F\" rel=\"nofollow ugc\">WaveSurfer-js\u003C\u002Fa> by katspaugh.\u003C\u002Fp>\n\u003Cp>It also contains \u003Ca href=\"http:\u002F\u002Fdanml.com\u002Fdownload.html\" rel=\"nofollow ugc\">Download-js\u003C\u002Fa> by dandavis.\u003C\u002Fp>\n\u003Ch3>Donators\u003C\u002Fh3>\n\u003Cp>Thanks to our generous donators for supporting this plugin development !\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsignaltonoize.com\u002F\" rel=\"nofollow ugc\">SignalToNoize.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftheopod.com\" rel=\"nofollow ugc\">hawthonn\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsoundpacks.com\" rel=\"nofollow ugc\">Rob\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Frobertgetzner.com\u002F\" rel=\"nofollow ugc\">Robert Getzener\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Do you want to contribute or sponsor one particular feature ? See you on the \u003Ca href=\"https:\u002F\u002Fwww.extremraym.com\u002Fen\u002Fdonation\u002F\" rel=\"nofollow ugc\">donation page\u003C\u002Fa>. Thanks !\u003C\u002Fp>\n","Customizable HTML5 Audio controller with waveform preview (mixed or split channels), using WordPress native audio and playlist shortcode.",400,21844,100,11,"2026-02-04T18:02:00.000Z","5.4.19","4.0","",[20,21,22,23,24],"audio","media","player","visualization","waveform","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwavesurfer-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwavesurfer-wp.zip",99,1,0,"2026-02-05 18:34:33","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":28},"CVE-2026-1909","wavesurfer-wp-authenticated-contributor-stored-cross-site-scripting-via-src-shortcode-attribute","WaveSurfer-WP \u003C= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'src' Shortcode Attribute","The WaveSurfer-WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's audio shortcode in all versions up to, and including, 2.8.3 due to insufficient input sanitization and output escaping on the 'src' attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.8.3","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-02-06 06:46:32",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb507462d-1ce2-4463-93bf-635ee78274f6?source=api-prod",{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":28,"trust_score":52,"computed_at":53},"x-raym",2,410,92,94,"2026-04-05T04:20:02.544Z",[55,79,98,119,137],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":29,"last_vuln_date":78,"fetched_at":31},"compact-wp-audio-player","Compact WP Audio Player","1.9.15","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Cp>Compact WordPress Audio Player plugin is an HTML5 + Flash hybrid based wordpress plugin which can be used to embed an mp3 audio file on your WordPress post or page using a shortcode. The audio player is cute and compact and will play on all major browsers.\u003C\u002Fp>\n\u003Cp>This audio player plugin Supports .mp3 and .ogg file formats.\u003C\u002Fp>\n\u003Cp>The audio files that you embed using this plugin will work on all devices.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The audio player is compact so it does not take a lot of real estate on your webpage\u003C\u002Fli>\n\u003Cli>HTML5 compatible so the audio files embedded with this plugin will play on iOS devices\u003C\u002Fli>\n\u003Cli>Works on all major browsers – IE7, IE8, IE9, Safari, Firefox, Chrome\u003C\u002Fli>\n\u003Cli>The audio player is responsive.\u003C\u002Fli>\n\u003Cli>If you do podcasting then this audio player can be used to embed the audio files on your WordPress posts or pages\u003C\u002Fli>\n\u003Cli>If you are selling audio files from your site then you can use this plugin to offer a preview\u003C\u002Fli>\n\u003Cli>Add the audio player to any post\u002Fpage using shortcode\u003C\u002Fli>\n\u003Cli>Use autoplay option to play an audio\u002Fmp3 file as soon as the page loads\u003C\u002Fli>\n\u003Cli>Ability to specify both the mp3 and ogg version of your audio files. The plugin will play the appropriate one based on the device. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F4eBIPqfZiss?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>More details can be found on the \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-audio-music-player-plugin-4556\" rel=\"nofollow ugc\">Compact Audio Player Plugin Page\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Use the following shortcode to embed an audio file anywhere on your site\u003C\u002Fp>\n\u003Cp>[sc_embed_player fileurl=”URL OF THE MP3 FILE”]\u003C\u002Fp>\n\u003Cp>Example shortcode:\u003C\u002Fp>\n\u003Cp>[sc_embed_player fileurl=”http:\u002F\u002Fwww.example.com\u002Fwp-content\u002Fuploads\u002Fmy-music\u002Fmysong.mp3″]\u003C\u002Fp>\n","A Compact WP Audio Player Plugin that is compatible with all major browsers and devices (Android, iPhone, iPad)",20000,661941,82,68,"2025-12-02T03:11:00.000Z","6.9.4","5.0",[20,71,72,21,73],"audio-player","embed","media-player","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-audio-music-player-plugin-4556","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcompact-wp-audio-player.1.9.15.zip",97,6,"2025-01-03 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":68,"requires_at_least":17,"requires_php":92,"tags":93,"homepage":96,"download_link":97,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"az-video-and-audio-player-addon-for-elementor","Lean Player – Video and Audio Player for WordPress, Elementor, Block Editor and Classic Editor","3.0.8","Lean Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fazplugins\u002F","\u003Cp>“Lean Player – Video and Audio Player for WordPress, Elementor, Block Editor and Classic Editor” – is a simple, lightweight and customizable HTML5, YouTube, Vimeo & mp3 media player that supports all devices. It supports all the major file formats for audio & video. Included audio & video player widget \u002F addon and shortcode support that has lots of customization options, using those options you can change the player settings how you want.\u003C\u002Fp>\n\u003Cp>Version 3.0.0 marks a major milestone: our rebranding checkpoint and major update. We’ve rebranded our plugin under the LeanPlugins brand and made significant improvements to make it more performance-focused and aligned with our brand philosophy.\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fdemo.leanplugins.com\u002Fvideo-and-audio-player\u002F?utm_source=wordpress.org&utm_medium=desc\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003Cbr \u002F>\n👉 \u003Ca href=\"https:\u002F\u002Fleanplugins.com\u002Fwordpress-plugins\u002Fvideo-and-audio-player\u002F?utm_source=wordpress.org&utm_medium=desc&utm_campaign=upgrade#pricing\" rel=\"nofollow ugc\">Purchase Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Player Management:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Global Player Settings\u003C\u002Fstrong> – Set default behavior once for all players\u003Cbr \u002F>\n* \u003Cstrong>Player Manager\u003C\u002Fstrong> – Create and manage players through admin interface\u003Cbr \u002F>\n* \u003Cstrong>Per-Player Configuration\u003C\u002Fstrong> – Override global settings for individual players\u003Cbr \u002F>\n* \u003Cstrong>Admin Columns\u003C\u002Fstrong> – View all players at a glance with Player Type, Source Type, Source, Autoplay status, and copy-ready Shortcode\u003Cbr \u002F>\n* \u003Cstrong>Preview Player\u003C\u002Fstrong> – Preview your player before publishing directly from the players list or from the player edit page\u003Cbr \u002F>\n* \u003Cstrong>Simple Shortcode\u003C\u002Fstrong> – [lean_player id=”123″] to embed anywhere\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Video Sources:\u003C\u002Fstrong>\u003Cbr \u002F>\n* YouTube video support\u003Cbr \u002F>\n* Vimeo video support\u003Cbr \u002F>\n* HTML5 video (upload or URL\u002FCDN)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Audio Sources:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Supported formats: MP3, OGG, WAV, M4A, AAC\u003Cbr \u002F>\n* Audio streaming support (MP3, AAC streams)\u003Cbr \u002F>\n* Media library upload or direct URL\u002Fstreaming URL\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Playback Options:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Autoplay\u003Cbr \u002F>\n* Start Muted\u003Cbr \u002F>\n* Initial Volume control (0-100%)\u003Cbr \u002F>\n* Loop playback\u003Cbr \u002F>\n* Default Playback Speed (0.5x to 4x)\u003Cbr \u002F>\n* Time Display Format – Countdown or elapsed time [PRO]\u003Cbr \u002F>\n* Skip Amount – Set forward\u002Fback jump time (1-60 seconds) [PRO]\u003Cbr \u002F>\n* Reset to start when finished\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Player Controls:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Fullscreen button\u003Cbr \u002F>\n* Click to play\u002Fpause\u003Cbr \u002F>\n* Picture-in-picture (PIP) mode\u003Cbr \u002F>\n* Keyboard shortcuts\u003Cbr \u002F>\n* Custom Player Controls – Show\u002Fhide and reorder controls (play-large, play, progress, current-time, mute, volume, captions, settings, pip, airplay, fullscreen, download) [PRO]\u003Cbr \u002F>\n* Auto-Hide Controls – Hide controls during playback [PRO]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Design & Styling:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Display your own preview thumbnail\u003Cbr \u002F>\n* Primary Color customization – Match player with your brand colors [PRO]\u003Cbr \u002F>\n* Compatible on all mobile & desktop devices\u003Cbr \u002F>\n* Very lightweight – no major impact on website speed\u003Cbr \u002F>\n* Works with all themes\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Integration:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Elementor widgets (video & audio)\u003Cbr \u002F>\n* Block Editor (Gutenberg) support\u003Cbr \u002F>\n* Classic Editor support\u003Cbr \u002F>\n* Shortcode support everywhere\u003C\u002Fp>\n\u003Ch3>Video Player Elementor Widget\u002FAddon Options (All FREE)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Video Type (YouTube\u002FVimeo\u002FHTML5)\u003C\u002Fli>\n\u003Cli>YouTube Video URL\u003C\u002Fli>\n\u003Cli>Vimeo Video URL\u003C\u002Fli>\n\u003Cli>HTML5 Video (Upload or URL)\u003C\u002Fli>\n\u003Cli>Display Preview Thumbnail\u003C\u002Fli>\n\u003Cli>Autoplay\u003C\u002Fli>\n\u003Cli>Start Muted\u003C\u002Fli>\n\u003Cli>Initial Volume\u003C\u002Fli>\n\u003Cli>Loop\u003C\u002Fli>\n\u003Cli>Click To Play\u002FPause\u003C\u002Fli>\n\u003Cli>Fullscreen Toggle\u003C\u002Fli>\n\u003Cli>Default Playback Speed\u003C\u002Fli>\n\u003Cli>Picture-in-picture (PIP)\u003C\u002Fli>\n\u003Cli>Keyboard Shortcuts\u003C\u002Fli>\n\u003Cli>Reset To Start After End\u003C\u002Fli>\n\u003Cli>20+ Design & Styling options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Audio Player Elementor Widget\u002FAddon Options (All FREE)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Audio Source (Upload, URL, or Streaming URL) – Supported formats: MP3, OGG, WAV, M4A, AAC, and audio streams (MP3, AAC streams)\u003C\u002Fli>\n\u003Cli>Autoplay\u003C\u002Fli>\n\u003Cli>Start Muted\u003C\u002Fli>\n\u003Cli>Initial Volume\u003C\u002Fli>\n\u003Cli>Loop\u003C\u002Fli>\n\u003Cli>Default Playback Speed\u003C\u002Fli>\n\u003Cli>20+ Styling options\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress Video Player & Audio Player plugin - simple, lightweight and customizable HTML5, YouTube, Vimeo & mp3 media player that supports all devices",3000,39502,90,4,"2026-02-13T15:43:00.000Z","7.4",[71,94,73,22,95],"elementor","video-player","https:\u002F\u002Fleanplugins.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faz-video-and-audio-player-addon-for-elementor.3.0.8.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":13,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":18,"tags":112,"homepage":116,"download_link":117,"security_score":118,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"zbplayer","zbPlayer","2.4.2","zubaka","https:\u002F\u002Fprofiles.wordpress.org\u002Fzubaka\u002F","\u003Cp>zbPlayer is a very easy audio plugin – you can select some options like: include Download link or no, enable autoplay or no and setup width of player. Other things will be done by zbPlayer plugun automatically. One nice feature – player support cyrillic filenames without problem.\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Ch4>Sometime my .m4a fields doesn’t play. Why is it?\u003C\u002Fh4>\n\u003Cp>Unfortunately, some of .m4a files has nuances and cannot play by player. We can’t fix that. Use .mp3 files – they works always.\u003C\u002Fp>\n","zbPlayer is a small and very easy plugin. It does one thing: capture mp3 links and insert a small flash player instead.",300,36699,7,"2020-09-30T20:37:00.000Z","5.5.18","3.5",[71,113,73,114,115],"flash-player","mp3","small-mp3-player","http:\u002F\u002Fgilevich.com\u002Fportfolio\u002Fzbplayer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzbplayer.2.4.2.zip",85,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":13,"downloaded":127,"rating":29,"num_ratings":29,"last_updated":128,"tested_up_to":129,"requires_at_least":69,"requires_php":130,"tags":131,"homepage":133,"download_link":134,"security_score":135,"vuln_count":28,"unpatched_count":29,"last_vuln_date":136,"fetched_at":31},"easy-waveform-player","Easy Waveform Player","1.2.2","tymotey","https:\u002F\u002Fprofiles.wordpress.org\u002Ftymotey\u002F","\u003Cp>SSL certificate is REQUIRED for the plugin to work!\u003Cbr \u002F>\nEasy Waveform Player allows you to add visual waveform, generated on the fly, for an audio file.\u003Cbr \u002F>\nLoads audio on request only. If multiple players are showed they will not over load all the audio at once.\u003Cbr \u002F>\nAutostop other Easy Waveform Players if they are playing.\u003C\u002Fp>\n\u003Cp>How to use:\u003C\u002Fp>\n\u003Cp>1) Use the block from the editor you have installed(intergrated in: Gutenberb, Elementor, WPBakery Visual Builder, DIVI)\u003Cbr \u002F>\n2) Run code programatically. Code example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode> global $easywaveformplayer;\necho $easywaveformplayer->easywaveformplayer(\n    array(\n        'audio' => 'https:\u002F\u002Flink.to\u002Faudio.mp3',\n    )\n);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>3) Write manual shortcode using examples below\u003C\u002Fp>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Load audio by libray id: \u003Ccode>[easywaveformplayer audio=\"6\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Load audio by URL: \u003Ccode>[easywaveformplayer audio=\"https:\u002F\u002Ffile-examples-com.github.io\u002Fuploads\u002F2017\u002F11\u002Ffile_example_MP3_700KB.mp3\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Autoplay(this requires that user allow permission to autoplay for your page): \u003Ccode>[easywaveformplayer audio=\"6\" autoplay=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Add title: \u003Ccode>[easywaveformplayer audio=\"https:\u002F\u002Ffile-examples-com.github.io\u002Fuploads\u002F2017\u002F11\u002Ffile_example_MP3_700KB.mp3\" title=\"This is a title\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Animated appearence of timeline: \u003Ccode>[easywaveformplayer audio=\"https:\u002F\u002Ffile-examples-com.github.io\u002Fuploads\u002F2017\u002F11\u002Ffile_example_MP3_700KB.mp3\" animated=\"true\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Wave design changes: \u003Ccode>[easywaveformplayer audio=\"https:\u002F\u002Ffile-examples-com.github.io\u002Fuploads\u002F2017\u002F11\u002Ffile_example_MP3_700KB.mp3\" timeline_wave_color=\"#FF0000\" timeline_progress_color=\"#000000\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Colored timelime background(including gradient): \u003Ccode>[easywaveformplayer audio=\"https:\u002F\u002Ffile-examples-com.github.io\u002Fuploads\u002F2017\u002F11\u002Ffile_example_MP3_700KB.mp3\" timeline_background_color=\"linear-gradient(90deg, rgba(2,0,36,1) 0%, rgba(9,9,121,1) 35%, rgba(0,212,255,1) 100%)\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Minimum size and adding different size then default: \u003Ccode>[easywaveformplayer audio=\"https:\u002F\u002Ffile-examples-com.github.io\u002Fuploads\u002F2017\u002F11\u002Ffile_example_MP3_700KB.mp3\" min=\"true\" mini_size=\"100\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Minimum size with progress indicator: \u003Ccode>[easywaveformplayer audio=\"https:\u002F\u002Ffile-examples-com.github.io\u002Fuploads\u002F2017\u002F11\u002Ffile_example_MP3_700KB.mp3\" min=\"true\" show_progress=\"true\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Parameters and default values:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>id -> ” can be any value containing letters, numbers, _ OR –  Value Added will be concatenated with: “ewfplayer_”. Eg:  ewfplayer_mainplayer\u003C\u002Fli>\n\u003Cli>always_play -> 0 (0 – it will stop when other player start playing, 1 – it will continue playing when other start playing)\u003C\u002Fli>\n\u003Cli>autoplay -> 0  (accepted 0 or 1 values)\u003C\u002Fli>\n\u003Cli>animated -> false  (accepted true or false values)\u003C\u002Fli>\n\u003Cli>min -> false (accepted true or false values)\u003C\u002Fli>\n\u003Cli>show_progress -> false (accepted true or false values)\u003C\u002Fli>\n\u003Cli>player_width -> 100% (any css width values)\u003C\u002Fli>\n\u003Cli>player_position -> left (left, center, right)\u003C\u002Fli>\n\u003Cli>player_background_color -> transparent (or other CSS color)\u003C\u002Fli>\n\u003Cli>mini_size -> 60 (in px)\u003C\u002Fli>\n\u003Cli>mini_border_size -> 2 (in px)\u003C\u002Fli>\n\u003Cli>mini_border_color -> #000000 (transparent or other CSS color)\u003C\u002Fli>\n\u003Cli>progress_circle_thickness -> 4 (in px)\u003C\u002Fli>\n\u003Cli>progress_circle_color -> #FF0000 (transparent or other CSS color)\u003C\u002Fli>\n\u003Cli>controller_size -> 40 (in px)\u003C\u002Fli>\n\u003Cli>controller_color -> #000000 (transparent or other CSS color)\u003C\u002Fli>\n\u003Cli>timeline_background_color -> transparent (in px)\u003C\u002Fli>\n\u003Cli>timeline_wave_color -> #999999 (transparent or other CSS color)\u003C\u002Fli>\n\u003Cli>timeline_progress_color -> #555555 (transparent or other CSS color)\u003C\u002Fli>\n\u003Cli>timeline_cursor_width -> 1 (in px)\u003C\u002Fli>\n\u003Cli>timeline_cursor_color -> #333333 (transparent or other CSS color)\u003C\u002Fli>\n\u003Cli>timeline_height -> 128 (in px)\u003C\u002Fli>\n\u003Cli>timeline_bar_gap -> 0 (any number, starting from 0)\u003C\u002Fli>\n\u003Cli>timeline_bar_width -> 0 (any number, starting from 0)\u003C\u002Fli>\n\u003Cli>timeline_bar_radius -> 0 (any number, starting from 0)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Built using library: \u003Ca href=\"https:\u002F\u002Fwavesurfer-js.org\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwavesurfer-js.org\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>SSL certificate is REQUIRED for the plugin to work!\u003C\u002Fp>\n","Add Waveform players easy and fast to your WordPress.",5259,"2024-12-15T09:29:00.000Z","6.7.5","7.0",[20,94,22,24,132],"wpbakery","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwaveform-player\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-waveform-player.1.2.1.zip",91,"2024-12-17 14:17:45",{"slug":138,"name":139,"version":140,"author":141,"author_profile":142,"description":143,"short_description":144,"active_installs":13,"downloaded":145,"rating":146,"num_ratings":90,"last_updated":147,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":148,"homepage":150,"download_link":151,"security_score":152,"vuln_count":153,"unpatched_count":29,"last_vuln_date":154,"fetched_at":31},"media-downloader","Media Downloader","0.4.7.8","Ederson Peka","https:\u002F\u002Fprofiles.wordpress.org\u002Federsonpeka\u002F","\u003Cp>\u003Cstrong>Note: Updating from versions prior to 0.3 requires reactivating!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Media Downloader plugin lists MP3 files from a folder through the [mediadownloader] shortcode. It reads MP3 information directly from the files. It also can try to get rid of stupid content blockers (mainly corporatives), changing all links to .MP3 files into some download URL without the string “MP3”.\u003C\u002Fp>\n","Lists MP3 files from a folder.",22011,86,"2025-12-03T13:49:00.000Z",[20,21,114,22,149],"podcast","https:\u002F\u002Federson.ferreira.tec.br","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-downloader.0.4.7.8.zip",98,3,"2025-01-27 00:00:00",{"attackSurface":156,"codeSignals":213,"taintFlows":248,"riskAssessment":249,"analyzedAt":257},{"hooks":157,"ajaxHandlers":209,"restRoutes":210,"shortcodes":211,"cronEvents":212,"entryPointCount":29,"unprotectedCount":29},[158,164,169,173,178,182,186,190,194,198,202,206],{"type":159,"name":160,"callback":161,"file":162,"line":163},"action","init","includes","wavesurfer-wp.php",67,{"type":159,"name":165,"callback":166,"priority":167,"file":162,"line":168},"admin_menu","add_admin_pages",999,109,{"type":159,"name":170,"callback":171,"file":162,"line":172},"network_admin_menu","admin_admin_pages_network",113,{"type":159,"name":174,"callback":175,"priority":176,"file":162,"line":177},"network_admin_edit_update_network_options","update_network_options",10,114,{"type":159,"name":179,"callback":180,"file":162,"line":181},"admin_init","wavesurfer_settings_init",117,{"type":159,"name":183,"callback":184,"file":162,"line":185},"admin_enqueue_scripts","load_color_picker",120,{"type":159,"name":187,"callback":188,"file":162,"line":189},"wavesurfer_wp_display_premium_page","render_premium_page_free",123,{"type":159,"name":191,"callback":192,"file":162,"line":193},"wavesurfer_wp_display_donation_tagline","render_donation_tagline",126,{"type":195,"name":196,"callback":196,"priority":176,"file":162,"line":197},"filter","wp_audio_shortcode_override",130,{"type":195,"name":199,"callback":200,"priority":176,"file":162,"line":201},"post_playlist","wp_playlist_shortcode_override",131,{"type":159,"name":203,"callback":204,"file":162,"line":205},"wp_enqueue_scripts","wavesurfer_register_ressources",134,{"type":159,"name":203,"callback":207,"file":162,"line":208},"wavesurfer_load_front_ressources",135,[],[],[],[],{"dangerousFunctions":214,"sqlUsage":215,"outputEscaping":217,"fileOperations":29,"externalRequests":29,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":247},[],{"prepared":29,"raw":29,"locations":216},[],{"escaped":176,"rawEcho":218,"locations":219},13,[220,223,225,227,229,231,233,235,237,239,241,243,245],{"file":162,"line":221,"context":222},422,"raw output",{"file":162,"line":224,"context":222},435,{"file":162,"line":226,"context":222},436,{"file":162,"line":228,"context":222},446,{"file":162,"line":230,"context":222},447,{"file":162,"line":232,"context":222},456,{"file":162,"line":234,"context":222},457,{"file":162,"line":236,"context":222},496,{"file":162,"line":238,"context":222},497,{"file":162,"line":240,"context":222},506,{"file":162,"line":242,"context":222},507,{"file":162,"line":244,"context":222},622,{"file":162,"line":246,"context":222},646,[],[],{"summary":250,"deductions":251},"The wavesurfer-wp plugin exhibits a generally good security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the attack surface. Furthermore, the fact that all SQL queries are prepared statements and there are no dangerous functions or file operations suggests robust coding practices in these areas. The presence of nonce and capability checks is also a positive indicator of security awareness.\n\nHowever, a significant concern is the 43% of output escaping, which indicates that a substantial portion of user- or data-driven output is not being properly sanitized. This leaves the plugin vulnerable to Cross-Site Scripting (XSS) attacks, as evidenced by its vulnerability history. While there are no currently unpatched vulnerabilities, the past CVE was an XSS type, and the fact that a medium severity vulnerability existed in the past, combined with the current unescaped output, suggests a recurring risk.\n\nIn conclusion, while the plugin has strong foundational security measures and a clean slate in terms of unpatched CVEs, the significant amount of unescaped output represents a clear and present danger for XSS vulnerabilities. This weakness, coupled with a history of similar vulnerabilities, necessitates careful monitoring and remediation.",[252,254],{"reason":253,"points":218},"Unescaped output",{"reason":255,"points":256},"Medium severity vulnerability history",5,"2026-03-16T19:42:30.186Z",{"wat":259,"direct":270},{"assetPaths":260,"generatorPatterns":267,"scriptPaths":268,"versionParams":269},[261,262,263,264,265,266],"\u002Fwp-content\u002Fplugins\u002Fwavesurfer-wp\u002Fjs\u002Fwavesurfer.js","\u002Fwp-content\u002Fplugins\u002Fwavesurfer-wp\u002Fjs\u002Fwavesurfer-wp.js","\u002Fwp-content\u002Fplugins\u002Fwavesurfer-wp\u002Fjs\u002Fdownload.min.js","\u002Fwp-content\u002Fplugins\u002Fwavesurfer-wp\u002Fcss\u002Fwavesurfer-wp_default.css","\u002Fwp-content\u002Fplugins\u002Fwavesurfer-wp\u002Fcss\u002Fwavesurfer-wp_flat-icons.css","\u002Fwp-content\u002Fplugins\u002Fwavesurfer-wp\u002Fcss\u002Fwavesurfer-wp_font.css",[],[261,262,263],[],{"cssClasses":271,"htmlComments":272,"htmlAttributes":275,"restEndpoints":279,"jsGlobals":280,"shortcodeOutput":283},[4],[273,274],"\u003C!-- WaveSurfer-WP -->","\u003C!-- WaveSurfer-WP Premium -->",[276,277,278],"data-wavesurfer-url","data-wavesurfer-waveform","data-wavesurfer-base-url",[],[281,282],"wavesurfer_localize","my_ajax_obj",[284],"[wavesurfer_wp_player]"]