[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3CzGImi3-XKQhzbAkB6ohxJG4qRfmKUqxV2QcVhClKg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":138,"fingerprints":188},"weekly-archive-widget","Weekly Archive Widget","1.0","ericjuden","https:\u002F\u002Fprofiles.wordpress.org\u002Fericjuden\u002F","\u003Cp>Create a widget that displays the archives by week\u003C\u002Fp>\n","Requires at least 2.8 Tested up to: 4.3 Stable tag: trunk",20,2768,0,"2015-08-31T04:04:00.000Z","",[17,18,19,20,21],"archive","archives","week","weekly","weekly-archive","http:\u002F\u002Fjudenware.com\u002Fprojects\u002Fwordpress\u002Fweekly-archive-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fweekly-archive-widget.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},7,210,89,30,86,"2026-04-04T09:19:29.271Z",[36,57,78,99,115],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":55,"download_link":56,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"archivist","Archivist","1.1","Ben Huson","https:\u002F\u002Fprofiles.wordpress.org\u002Fhusobj\u002F","\u003Cp>Gives you a few extra function for the archives widget including limiting the amount of archives to show and wether you want to display yearly, monthly, weekly or daily archive links.\u003C\u002Fp>\n\u003Cp>Just add the Archivist widget to your sidebar and configure.\u003C\u002Fp>\n","Gives you a few extra function for the archives widget including limiting the amount of archives to show and wether you want to display yearly, monthl …",3580,100,1,"2020-12-13T15:43:00.000Z","5.6.17","4.3","5.6",[18,52,20,53,54],"monthly","wp_get_archives","yearly","https:\u002F\u002Fgithub.com\u002Fbenhuson\u002Farchivist","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farchivist.1.1.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":29,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":15,"tags":71,"homepage":76,"download_link":77,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"disable-author-archives","Disable Author Archives","1.3.5","freemp","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreemp\u002F","\u003Cp>A simple, lightweight WordPress plugin to completely disable author archives\u002Fpages (regardless of whether the corresponding author really exists) and make the web server return status code 404 (‘Not Found’) instead. Related links will also be either disabled or completely removed.\u003C\u002Fp>\n\u003Cp>The plugin does not require any configuration. Once activated, it will start doing its job.\u003C\u002Fp>\n","Disable Author Archives completely removes author archives and makes the web server return status code 404 ('Not Found') instead.",10000,72271,88,"2025-12-03T07:54:00.000Z","6.9.4","2.9",[18,72,73,74,75],"author","disable","links","pages","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-author-archives","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-author-archives.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":32,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":15,"tags":92,"homepage":96,"download_link":97,"security_score":45,"vuln_count":46,"unpatched_count":13,"last_vuln_date":98,"fetched_at":26},"simple-yearly-archive","Simple Yearly Archive","2.2.4","wpseek","https:\u002F\u002Fprofiles.wordpress.org\u002Falphawolf\u002F","\u003Cp>Simple Yearly Archive is a rather neat and simple WordPress plugin that allows you to \u003Cstrong>display your archives in a year-based list\u003C\u002Fstrong>. It works mostly like the usual WP archive, but displays all published posts seperated by their year of publication. That said, it’s also possible to restrict the output to certain categories, and much more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>See \u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Fwordpress\u002Fsimple-yearly-archive-plugin\u002F#tabwidget-27592\" title=\"Usage\" rel=\"nofollow ugc\">Usage\u003C\u002Fa> for examples, available parameters and more.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Included languages:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German (de_DE) (Thanks to me ;-))\u003C\u002Fli>\n\u003Cli>German (de_DE_formal) (Thanks for contributing formal german language goes to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpavog\" rel=\"nofollow ugc\">Paul Vogel\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Italian (it_IT) (Thanks for contributing italian language goes to \u003Ca href=\"https:\u002F\u002Fgidibao.net\" rel=\"nofollow ugc\">Gianni Diurno\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) (Thanks for contributing russian language goes to \u003Ca href=\"https:\u002F\u002Fgrugl.me\" rel=\"nofollow ugc\">Dimitry German\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Belorussian (by_BY) (Thanks for contributing belorussian language goes to \u003Ca href=\"https:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">Marcis Gasuns\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Uzbek (uz_UZ) (Thanks for contributing uzbek language goes to \u003Ca href=\"https:\u002F\u002Fwww.comfi.com\" rel=\"nofollow ugc\">Alexandra Bolshova\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>French (fr_FR) (Thanks for contributing french language goes to \u003Ca href=\"https:\u002F\u002Fwww.li-an.fr\u002Fblog\" rel=\"nofollow ugc\">Jean-Michel Meyer\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Chinese (zh_CN) (Thanks for contributing chinese language goes to \u003Ca href=\"https:\u002F\u002Fmarianama.net\" rel=\"nofollow ugc\">Mariana Ma\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Japanese (ja) (Thanks for contributing japanese language goes to \u003Ca href=\"https:\u002F\u002Fstaff.blog.bng.net\" rel=\"nofollow ugc\">Chestnut\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Portuguese Brazil (pt_BR) (Thanks for contributing portuguese brazil language goes to LucasTolle)\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) (Thanks for contributing dutch language goes to Bart Verkerk)\u003C\u002Fli>\n\u003Cli>Spanish (es) (Spanish translation by \u003Ca href=\"https:\u002F\u002Fwww.ibidemgroup.com\" rel=\"nofollow ugc\">Ibidem Group\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Farchiv\u002F\" title=\"Click here for a demo\" rel=\"nofollow ugc\">Click here for a demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fx.com\u002Fwpseek\" title=\"Developer on X\" rel=\"nofollow ugc\">Developer on X\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fbsky.app\u002Fprofile\u002Fcyberblitzbirne.bsky.social\" title=\"Developer on Bluesky\" rel=\"nofollow ugc\">Developer on Bluesky\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Looking for more WordPress plugins? Visit \u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Fportfolio\u002F\" rel=\"nofollow ugc\">www.schloebe.de\u002Fportfolio\u002F\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Simple Yearly Archive is a rather neat and simple Wordpress plugin that allows you to display your archives in a year-based list.",6000,188503,94,"2026-02-15T14:05:00.000Z","6.9.99","3.7",[17,18,93,94,95],"gettext","wpml","wp_query","https:\u002F\u002Fwww.schloebe.de\u002Fwordpress\u002Fsimple-yearly-archive-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-yearly-archive.zip","2023-02-13 00:00:00",{"slug":100,"name":101,"version":6,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":13,"num_ratings":13,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":15,"tags":111,"homepage":113,"download_link":114,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"advanced-posts-per-page","Advanced Posts\u002FPage","chrisguitarguy","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrisguitarguy\u002F","\u003Cp>Advanced Posts per Page gives you fined grained control over how many of your posts appear on each of your various WordPress archive pages.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Blog pages show at most x posts is not the only per page setting anymore.\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Fine grained control of how many of your posts appear on each of the various WordPress archive pages.",4000,4715,"2012-07-18T01:35:00.000Z","3.5.2","3.4",[17,18,112],"posts-per-page","https:\u002F\u002Fgithub.com\u002Fchrisguitarguy\u002FAdvanced-Posts-Page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-posts-per-page.1.0.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":69,"requires_at_least":128,"requires_php":15,"tags":129,"homepage":134,"download_link":135,"security_score":136,"vuln_count":46,"unpatched_count":13,"last_vuln_date":137,"fetched_at":26},"collapsing-archives","Collapsing Archives","3.0.8","robfelty","https:\u002F\u002Fprofiles.wordpress.org\u002Frobfelty\u002F","\u003Cp>Create collapsible archives by year or month. Features include: link to archive pages, display of individual posts and support for custom post-types.\u003C\u002Fp>\n\u003Ch3>Demo\u003C\u002Fh3>\n\u003Cp>I use this plugin in my blog at http:\u002F\u002Fblog.robfelty.com\u003C\u002Fp>\n","This plugin uses Javascript to dynamically expand or collapse the set of months for each year and posts for each month in the archive listing of your  …",3000,146200,82,21,"2026-02-12T03:41:00.000Z","2.8",[130,18,131,132,133],"accordion","collapse","sidebar","widget","http:\u002F\u002Frobfelty.com\u002Fplugins\u002Fcollapsing-archives","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcollapsing-archives.3.0.8.zip",99,"2024-08-26 00:00:00",{"attackSurface":139,"codeSignals":151,"taintFlows":173,"riskAssessment":174,"analyzedAt":187},{"hooks":140,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":13,"unprotectedCount":13},[141],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","widgets_init","anonymous","weekly-archive-widget.php",52,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":156,"outputEscaping":158,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":172},[153],{"fn":154,"file":145,"line":146,"context":155},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"Weekly_Archive_Widget\");'));",{"prepared":13,"raw":13,"locations":157},[],{"escaped":159,"rawEcho":160,"locations":161},2,6,[162,164,165,166,168,170],{"file":145,"line":126,"context":163},"raw output",{"file":145,"line":126,"context":163},{"file":145,"line":126,"context":163},{"file":145,"line":167,"context":163},34,{"file":145,"line":169,"context":163},38,{"file":145,"line":171,"context":163},48,[],[],{"summary":175,"deductions":176},"The \"weekly-archive-widget\" plugin version 1.0 presents a mixed security profile.  On the positive side, the plugin has a remarkably small attack surface with no detectable AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all SQL queries are properly prepared, and there are no file operations or external HTTP requests, indicating good practices in these common risk areas. The lack of recorded vulnerabilities and CVEs suggests a history of stable and likely secure development.\n\nHowever, several significant concerns warrant attention. The presence of the `create_function` function is a serious security risk, as it is deprecated and can lead to arbitrary code execution if misused or if data passed to it is not rigorously sanitized. Additionally, only 25% of output is properly escaped, leaving a substantial portion vulnerable to Cross-Site Scripting (XSS) attacks. The complete absence of nonce checks and capability checks across all entry points, while currently not a problem due to the lack of entry points, represents a critical weakness that would become a major vulnerability if any new entry points were introduced without proper security.\n\nIn conclusion, while the plugin's current minimal attack surface and absence of past vulnerabilities are strengths, the identified use of `create_function` and insufficient output escaping represent clear and present dangers. The lack of any authentication or authorization checks, though not exploitable with the current structure, is a fundamental security deficit. Addressing the `create_function` and improving output escaping are immediate priorities.",[177,180,182,185],{"reason":178,"points":179},"Use of deprecated and dangerous create_function",15,{"reason":181,"points":160},"Only 25% of output properly escaped (XSS risk)",{"reason":183,"points":184},"No nonce checks implemented",5,{"reason":186,"points":184},"No capability checks implemented","2026-03-16T23:10:34.633Z",{"wat":189,"direct":194},{"assetPaths":190,"generatorPatterns":191,"scriptPaths":192,"versionParams":193},[],[],[],[],{"cssClasses":195,"htmlComments":196,"htmlAttributes":197,"restEndpoints":200,"jsGlobals":201,"shortcodeOutput":202},[4],[],[198,199],"name=\"weekly-archive-dropdown\"","onChange='document.location.href=this.options[this.selectedIndex].value;'",[],[],[]]