[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fT9wz5lRpRqauQrdQ0jmXl7VBrSijjAp7A12gTmxE2wQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":136,"fingerprints":238},"weer-widget-nl","Weer Widget NL","1.1","Web&Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebenmedia\u002F","\u003Cp>Met de \u003Cstrong>Weer Widget NL\u003C\u002Fstrong> kun je eenvoudig en gratis weersinformatie toevoegen aan je WordPress-website. Toon het actuele weer en de weersverwachtingen voor steden in Nederland en daarbuiten.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Belangrijkste kenmerken:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Widgets zijn gratis.\u003Cbr \u002F>\n– Responsieve en lichte code.\u003Cbr \u002F>\n– Geen technische kennis vereist.\u003Cbr \u002F>\n– Kies je taal: Nederlands, Engels en nog veel meer.\u003C\u002Fp>\n\u003Cp>Neem voor maatwerkverzoeken contact op via \u003Ca href=\"mailto:info@webenmedia.nl\" rel=\"nofollow ugc\">info@webenmedia.nl\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Installatie\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload de plugin naar je WordPress-installatie via het menu Plugins > Nieuwe Plugin.\u003C\u002Fli>\n\u003Cli>Activeer de plugin.\u003C\u002Fli>\n\u003Cli>Voeg de widget toe op je website via de shortcode.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Beoordelingen\u003C\u002Fh3>\n\u003Cp>Ben je tevreden? Laat dan een beoordeling achter op de pluginpagina!\u003C\u002Fp>\n","Gratis Nederlandse weer widget voor het huidige weer en de weersverwachting.",0,474,"2025-02-10T15:12:00.000Z","6.7.5","6.2","7.0",[18,19,20,21,22],"nederlands","weer","weer-widget","weersverwachting","weersvoorspelling","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fweer-widget-nl.1.1.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"webenmedia",1,30,88,"2026-04-04T21:11:38.049Z",[36,57,78,99,117],{"slug":19,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":31,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":23,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"Weer","1.0.0","weer1","https:\u002F\u002Fprofiles.wordpress.org\u002Fzurandmorog\u002F","\u003Cp>The only Dutch weather forecast widget plugin!\u003C\u002Fp>\n\u003Cp>Weer1.com offers an accurate weather forecast for all cities around the world.\u003Cbr \u002F>\nJust set the city and country and embed the widget in your website\u002Fblog.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Widgets are free of charge\u003C\u002Fli>\n\u003Cli>Widget style can be customized\u003C\u002Fli>\n\u003Cli>Responsive weather widget\u003C\u002Fli>\n\u003Cli>No development skills are needed\u003C\u002Fli>\n\u003Cli>High performance and lightweight code\u003C\u002Fli>\n\u003Cli>SEO friendly – no iframes\u003C\u002Fli>\n\u003Cli>Select your display language – Dutch\u002FEnglish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>** For customization requests please contact this mail contact@weer1.com\u003C\u002Fp>\n","This is a Dutch weather forecast widget, Just select your location and you are good to go!",500,5972,100,"2024-03-01T10:05:00.000Z","6.4.8","4.0.1",[50,19,51,52,53],"weather-widget","weer-plugin","weerbericht","weervoorspelling","https:\u002F\u002Fwww.weer1.com\u002Fwidgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fweer.zip",85,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":45,"downloaded":65,"rating":11,"num_ratings":11,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":76,"download_link":77,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"nevobo-api","Nevobo API","1.2.2","Daan van Deventer","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanie192\u002F","\u003Cp>Show the results, fixtures and standings of a RSS Feeds from the Dutch Volleyball Federation (Nevobo) on your WordPress website.\u003C\u002Fp>\n\u003Cp>“Based on the orginal Nevobo-feed plugin made by Harold Masselink – https:\u002F\u002Fmasselink.net\u002Fprojects\u002Fnevobo-feed\u002F”\u003C\u002Fp>\n\u003Cp>[nevobo feed=’URL-of-the-feed’]\u003C\u002Fp>\n\u003Cp>This plugin detects which kind of RSS feed you want to read. Use the shortcode somewhere on the WordPress website.\u003Cbr \u002F>\nThe default values are found on the admin page. Read the documentation for more information about how to use the shortcode.\u003C\u002Fp>\n\u003Cp>Example: [nevobo feed=’URL-of-the-feed’ aantal=3 sporthal=1 nevobo_maps=1]\u003C\u002Fp>\n","Show the results, fixtures and standings of a RSS Feeds from the Dutch Volleyball Federation (Nevobo) on your Wordpress website.",1898,"2020-04-26T18:56:00.000Z","5.4.19","5.2","5.6",[71,72,73,74,75],"competitie","feed","nederlandse","nevobo","rss","https:\u002F\u002Fnl.wordpress.org\u002Fplugins\u002Fnevobo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnevobo-api.1.2.2.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":11,"num_ratings":11,"last_updated":88,"tested_up_to":47,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":97,"download_link":98,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"astro-media","Horoscopen (NL) – Astro Media","2.5.5","astromediahoroscopen","https:\u002F\u002Fprofiles.wordpress.org\u002Fastromediahoroscopen\u002F","\u003Cp>Horoscopen en Kaartleggingen is een GRATIS Nederlandstalige plugin van Astro Media welke je heel eenvoudig toevoegt aan je website. Over iedere verkoop welke via jouw website gerealiseerd wordt ontvang jij 25% commissie welke je kunt inzien in je persoonlijke dashboard.\u003C\u002Fp>\n\u003Cp>Door deze Horoscopen en Kaartleggingen plugin toe te voegen ontvang jij:\u003Cbr \u002F>\n–   Daghoroscoop\u003Cbr \u002F>\n–   Maandhoroscoop\u003Cbr \u002F>\n–   Relatiehoroscoop\u003Cbr \u002F>\n–   Persoonlijke uitgebreide geboortehoroscoop\u003Cbr \u002F>\n–   Toegang tot je persoonlijke dashboard\u003Cbr \u002F>\n–   Binnenkort nog meer!\u003C\u002Fp>\n\u003Cp>Door de plugin te installeren ontvang je een account in het Astro Media dashboard. Hier monitor je al je verkopen, en zie je direct het bedrag wat je aan commissie uitgekeerd krijgt.\u003Cbr \u002F>\nAstro Media is al 25 jaar marktleider op het gebied van Horoscopen en Kaartleggingen en partner van vele vakbladen, tijdschriften en websites, zowel online als offline.\u003Cbr \u002F>\nDoor de Horoscopen en Kaartleggingen plugin toe te voegen, ontvang je:\u003Cbr \u002F>\n–   Meer websitebezoekers\u003Cbr \u002F>\n–   Hogere betrokkenheid\u003Cbr \u002F>\n–   Winstdeling over de verkopen\u003Cbr \u002F>\n–   Aantrekkelijkere website voor advertenties\u003Cbr \u002F>\n–   Inkomsten op basis van de rapportages\u003C\u002Fp>\n\u003Cp>Daghoroscoop\u003Cbr \u002F>\nKies je sterrenbeeld en ontdek wat de dag je zal brengen. Misschien wel veel liefde of geluk? Wanneer je iedere dag je horoscoop leest voordat je de dag gaat beginnen weet je wat jou te wachten staat.\u003C\u002Fp>\n\u003Cp>Uitgebreide geboortehoroscoop\u003Cbr \u002F>\nVul je naam, geboortedatum, geboortetijdstip, geboorteland en geboorteplaats in. Op basis hiervan ontvang je een zeer uitgebreide astrologische karakterbeschrijving. Er wordt gekeken naar een groot aantal planeetstanden en de invloed die deze uitoefenen. De horoscoop bevat geen moeilijke astrologische begrippen, maar is geschreven in begrijpelijk Nederlands.\u003C\u002Fp>\n\u003Cp>Relatiehoroscoop\u003Cbr \u002F>\nDe relatiehoroscoop verkent het gebied van wat je samen deelt. Bestaat er een natuurlijke harmonie, of spelen er nog onuitgesproken zaken onder de oppervlakte? Hoor je alles wat tussen jullie gezegd wordt, of is er een boodschap tussen de regels? Meer dan alleen Mannen van Mars en Vrouwen van Venus onderzoekt de relatiehoroscoop ook de wisselwerking tussen jou en je liefdespartner of vriendschap.\u003C\u002Fp>\n\u003Cp>Maandhoroscoop\u003Cbr \u002F>\nHier vind je de maandhoroscopen voor alle sterrenbeelden. Klik op jouw sterrenbeeld en lees wat deze maand je gaat brengen. Misschien wel veel geluk of misschien wel liefde? Als je aan het begin van iedere maand je maandhoroscoop leest weet je een beetje wat jou te wachten staat en kun je je hierop voorbereiden.\u003C\u002Fp>\n","Horoscopen van Astro Media zijn Nederlandstalige horoscopen, geschreven voor iedereen met een brede interesse in astrologie.",10,2644,"2025-02-27T08:05:00.000Z","6.4.2","7.4",[92,93,94,95,96],"daghoroscoop","horoscoop","maandhoroscoop","nederlandstalig","relatiehoroscoop","https:\u002F\u002Fmidone.astromedia.nl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fastro-media.2.5.5.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":86,"downloaded":107,"rating":11,"num_ratings":11,"last_updated":108,"tested_up_to":67,"requires_at_least":109,"requires_php":23,"tags":110,"homepage":115,"download_link":116,"security_score":56,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"incasso-kosten-berekenen","Incasso kosten berekenen","1.0.6","Tammo","https:\u002F\u002Fprofiles.wordpress.org\u002Ftammohaan\u002F","\u003Cp>De plugin om de incassokosten volgens de WIK te berekenen.  Installeer de plugin en plaatst de shortcode [incasso-berekenen] op een pagina. Hier komt dan een formulier te staan die de wettelijke incassokosten (WIK) berekend over de hoofdsom volgens de onderstaande staffel:\u003C\u002Fp>\n\u003Cp>Hoofdsom            Kosten (% van hoofdsom)\u003Cbr \u002F>\n2.500,- of minder       15 % (minimum van 40,-)\u003Cbr \u002F>\n2.500,- t\u002Fm 5.000,-     10 %\u003Cbr \u002F>\n5.000,- t\u002Fm 10.000,-        5 %\u003Cbr \u002F>\n10.000,- t\u002Fm 200.000,-      1%\u003Cbr \u002F>\nmeer dan 200.000,-      0.5% (maximum van 6.775,-)\u003C\u002Fp>\n\u003Cp>De staffel is degressief: hoe hoger de vordering, hoe lager het percentage aan incassokosten.\u003C\u002Fp>\n","Bereken wettelijke incassokosten (WIK). Nederlandse formule om incasso kosten te berekenen. Gebruik [incasso-berekenen] shortcode om te plaatsen.",1013,"2020-04-16T15:01:00.000Z","4.7",[111,112,100,113,114],"incasso","incasso-berekenen","nederlandse-incasso-kosten","wik-berekenen","https:\u002F\u002Fwww.tammohaan.nl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fincasso-kosten-berekenen.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":86,"downloaded":125,"rating":11,"num_ratings":11,"last_updated":23,"tested_up_to":126,"requires_at_least":127,"requires_php":23,"tags":128,"homepage":133,"download_link":134,"security_score":45,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":135},"jajadi-kerktijden","JaJaDi Kerktijden","3.6","DoubelJ","https:\u002F\u002Fprofiles.wordpress.org\u002Fdoubelj\u002F","\u003Cp>Publish gatherings from \u003Ca href=\"http:\u002F\u002Fwww.kerktijden.nl\u002F\" rel=\"nofollow ugc\">kerktijden.nl\u003C\u002Fa>.\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.kerktijden.nl\u002F\" rel=\"nofollow ugc\">kerktijden.nl\u003C\u002Fa> will make their own plugin. Until then this plugin will help you to show the gatherings.\u003C\u002Fp>\n","Publish gatherings from kerktijden.nl",2052,"4.9.29","3.0.1",[129,130,131,132,18],"church","kerk","kerken","kerktijden","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjajadi-kerktijden\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjajadi-kerktijden.3.6.zip","2026-03-15T10:48:56.248Z",{"attackSurface":137,"codeSignals":157,"taintFlows":179,"riskAssessment":231,"analyzedAt":237},{"hooks":138,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":156,"entryPointCount":31,"unprotectedCount":11},[139,145],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_menu","add_locations_page","weer-widget-nl.php",20,{"type":140,"name":146,"callback":147,"file":143,"line":148},"wp_enqueue_scripts","enqueue_scripts",21,[],[],[152],{"tag":153,"callback":154,"file":143,"line":155},"weatherwidgetnl_weather_display","display_weather",22,[],{"dangerousFunctions":158,"sqlUsage":159,"outputEscaping":162,"fileOperations":31,"externalRequests":11,"nonceChecks":31,"capabilityChecks":11,"bundledLibraries":178},[],{"prepared":160,"raw":11,"locations":161},6,[],{"escaped":163,"rawEcho":160,"locations":164},46,[165,168,170,172,174,176],{"file":143,"line":166,"context":167},154,"raw output",{"file":143,"line":169,"context":167},159,{"file":143,"line":171,"context":167},162,{"file":143,"line":173,"context":167},163,{"file":143,"line":175,"context":167},198,{"file":143,"line":177,"context":167},203,[],[180,216],{"entryPoint":181,"graph":182,"unsanitizedCount":11,"severity":215},"render_locations_page (weer-widget-nl.php:37)",{"nodes":183,"edges":210},[184,189,195,198,203,205],{"id":185,"type":186,"label":187,"file":143,"line":188},"n0","source","$_GET",115,{"id":190,"type":191,"label":192,"file":143,"line":193,"wp_function":194},"n1","sink","get_row() [SQLi]",135,"get_row",{"id":196,"type":186,"label":197,"file":143,"line":188},"n2","$_GET (x12)",{"id":199,"type":191,"label":200,"file":143,"line":201,"wp_function":202},"n3","echo() [XSS]",148,"echo",{"id":204,"type":186,"label":187,"file":143,"line":188},"n4",{"id":206,"type":191,"label":207,"file":143,"line":208,"wp_function":209},"n5","get_results() [SQLi]",185,"get_results",[211,213,214],{"from":185,"to":190,"sanitized":212},true,{"from":196,"to":199,"sanitized":212},{"from":204,"to":206,"sanitized":212},"low",{"entryPoint":217,"graph":218,"unsanitizedCount":11,"severity":215},"\u003Cweer-widget-nl> (weer-widget-nl.php:0)",{"nodes":219,"edges":227},[220,222,223,224,225,226],{"id":185,"type":186,"label":221,"file":143,"line":188},"$_GET (x2)",{"id":190,"type":191,"label":192,"file":143,"line":193,"wp_function":194},{"id":196,"type":186,"label":197,"file":143,"line":188},{"id":199,"type":191,"label":200,"file":143,"line":201,"wp_function":202},{"id":204,"type":186,"label":187,"file":143,"line":188},{"id":206,"type":191,"label":207,"file":143,"line":208,"wp_function":209},[228,229,230],{"from":185,"to":190,"sanitized":212},{"from":196,"to":199,"sanitized":212},{"from":204,"to":206,"sanitized":212},{"summary":232,"deductions":233},"The weer-widget-nl plugin version 1.1 demonstrates a generally good security posture based on the provided static analysis. The absence of any known vulnerabilities or CVEs in its history is a strong positive indicator.  The code analysis reveals a small attack surface with only one shortcode as an entry point, and importantly, no unprotected entry points were identified.  Furthermore, all SQL queries are properly prepared, and a high percentage of output is escaped, minimizing the risk of common web vulnerabilities like XSS. The presence of a nonce check is also a good practice for input validation.\n\nHowever, there are areas that warrant attention.  The most significant concern is the complete lack of capability checks across all identified entry points. While there are no AJAX handlers or REST API routes without permission callbacks, and the shortcode doesn't explicitly require authentication, this absence of capability checks means that any user, regardless of their role or permissions, could potentially interact with or trigger the functionality associated with the shortcode. This could lead to unintended consequences or expose sensitive information depending on what the shortcode does.  The presence of file operations, while not inherently a vulnerability, should always be scrutinized to ensure they are handled securely and do not introduce risks like arbitrary file reads or writes.\n\nIn conclusion, the plugin has a solid foundation with good practices in SQL and output escaping, and no historical vulnerabilities. The primary weakness lies in the lack of capability checks, which significantly broadens the potential impact of any logic flaws within the shortcode's implementation. Addressing this by implementing appropriate capability checks for the shortcode would greatly enhance the plugin's security.",[234],{"reason":235,"points":236},"Missing capability checks on entry points",15,"2026-03-17T06:47:59.058Z",{"wat":239,"direct":248},{"assetPaths":240,"generatorPatterns":243,"scriptPaths":244,"versionParams":245},[241,242],"\u002Fwp-content\u002Fplugins\u002Fweer-widget-nl\u002Fassets\u002Fcss\u002Fweather-widget-nl-style.css","\u002Fwp-content\u002Fplugins\u002Fweer-widget-nl\u002Fassets\u002Fjs\u002Fweather-widget-nl-script.js",[],[242],[246,247],"weer-widget-nl\u002Fassets\u002Fcss\u002Fweather-widget-nl-style.css?ver=","weer-widget-nl\u002Fassets\u002Fjs\u002Fweather-widget-nl-script.js?ver=",{"cssClasses":249,"htmlComments":252,"htmlAttributes":255,"restEndpoints":262,"jsGlobals":263,"shortcodeOutput":265},[250,251],"weatherwidgetnl-widget-container","weatherwidgetnl-weather-display",[253,254],"\u003C!-- Start Weather Widget NL -->","\u003C!-- End Weather Widget NL -->",[256,257,258,259,260,261],"data-location-name","data-iso-code","data-language","data-unit","data-forecast-days","data-api-key",[],[264],"weatherWidgetNLSettings",[266],"[weatherwidgetnl_weather_display"]