[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fC7IsL3TdfpOOdpT01_tKstdtlMd3zTwN6VfrOQvqRYA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":36,"analysis":127,"fingerprints":190},"wideo","WIDEO视频播放器","2.0.3","upcwayne","https:\u002F\u002Fprofiles.wordpress.org\u002Fupcwayne\u002F","\u003Cp>Wideo视频播放器是是将开源dplayer整合wordpress到开发的一款视频播放器，设置简单、功能强大。\u003Cbr \u002F>\n主要功能：\u003Cbr \u002F>\n1、可根据自己网站风格定制播放器的功能样式；\u003Cbr \u002F>\n2、支持mp4,flv,m3u8等常规视频的播放；\u003Cbr \u002F>\n3、支持优酷、腾讯、爱奇艺等网络视频的在线播放；\u003Cbr \u002F>\n4、开启视频解析的情况下支持优酷、腾讯、爱奇艺等网络视频的解析播放；\u003Cbr \u002F>\n5、支持视频弹幕；\u003Cbr \u002F>\n6、支持多集视频，列表可以选择在视频底部或者右侧；\u003Cbr \u002F>\n7、支持插入广告。\u003Cbr \u002F>\n支持网站\u002F博主：\u003Cbr \u002F>\n支持网站：\u003Ca href=\"https:\u002F\u002Fwww.wibir.cn\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.wibir.cn\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n","WIDEO视频播放器，整合dplayer,支持mp4,flv,hls等协议视频播放",100,10239,96,6,"2023-01-29T01:22:00.000Z","6.1.10","4.7","5.2.4",[20,21,22,23],"dplayer","%e8%a7%86%e9%a2%91","%e8%a7%86%e9%a2%91%e6%92%ad%e6%94%be%e5%99%a8","%e6%92%ad%e6%94%be%e5%99%a8","https:\u002F\u002Fwww.wibir.cn\u002Fwideo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwideo.2.0.3.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,84,"2026-04-05T00:15:08.663Z",[37,59,80,94,113],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":27,"num_ratings":27,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":57,"download_link":58,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"apoyl-video","[凹凸曼]播放视频","2.0.0","apoyl","https:\u002F\u002Fprofiles.wordpress.org\u002Fapoyl\u002F","\u003Cp>实现复制视频超链接解析播放bilibili视频、优酷视频、youtube视频、腾讯视频、西瓜视频，并且可以统一控制视频大小，操作非常简单不需要去复制视频分享代码，直接到游览器复制URL链接即可，添加到编辑器里，非常方便用户使用。\u003C\u002Fp>\n\u003Ch3>插件功能\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>支持复制bilibili视频URL链接，解析视频播放，操作非常简单，无需要复制分享代码（如不明白，可看截图）\u003C\u002Fli>\n\u003Cli>支持bilibili解析格式一：https:\u002F\u002Fwww.bilibili.com\u002Fvideo\u002FBV16K411Z7Kv\u002F?带参数\u003C\u002Fli>\n\u003Cli>支持bilibili解析格式二：https:\u002F\u002Fm.bilibili.com\u002Fvideo\u002FBV16K411Z7Kv?带参数\u003C\u002Fli>\n\u003Cli>支持后台自定义视频宽度\u003C\u002Fli>\n\u003Cli>支持后台自定义视频高度\u003C\u002Fli>\n\u003Cli>支持复制优酷视频URL链接，解析优酷视频播放，操作非常简单，无需要复制分享代码+\u003C\u002Fli>\n\u003Cli>支持优酷解析格式一：https:\u002F\u002Fv.youku.com\u002Fv_show\u002Fid_XNTk5MjA0OTM5Ng==.html?带参数\u003C\u002Fli>\n\u003Cli>支持复制youtube视频URL链接，解析youtube视频播放，操作非常简单，无需要复制分享代码\u003C\u002Fli>\n\u003Cli>支持youtube视频解析格式一：https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=EN_HzPZVfNE\u003C\u002Fli>\n\u003Cli>支持youtube视频解析格式二：https:\u002F\u002Fyoutu.be\u002FHOI6Q1y9goU\u003C\u002Fli>\n\u003Cli>支持复制腾讯视频URL链接，解析腾讯视频播放，操作非常简单，无需要复制分享代码\u003C\u002Fli>\n\u003Cli>支持腾讯视频解析格式一：https:\u002F\u002Fv.qq.com\u002Fx\u002Fpage\u002Fr3559zieqqy.html\u003C\u002Fli>\n\u003Cli>支持腾讯视频解析格式二：https:\u002F\u002Fv.qq.com\u002Fx\u002Fcover\u002Fzowhuqn2hvz7x5l\u002Fk0797bid33m.html\u003C\u002Fli>\n\u003Cli>支持复制西瓜视频URL链接，解析西瓜视频播放，操作非常简单，无需要复制分享代码\u003C\u002Fli>\n\u003Cli>支持西瓜视频解析格式一：https:\u002F\u002Fwww.ixigua.com\u002F7281577821901128227?带参数\u003C\u002Fli>\n\u003Cli>支持禁止播放器跳转源视频里，比如禁止跳转到bilibili等\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>以上功能部分免费,点击购买付费版：\u003Ca href=\"http:\u002F\u002Fwww.girltm.com\u002F\" rel=\"nofollow ugc\">凹凸曼插件\u003C\u002Fa>\u003Cbr \u002F>\n也可以加开发者QQ：3201361925 email: 3201361925@qq.com\u003C\u002Fp>\n\u003Ch3>推荐搭配插件\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fapoyl-aliyunvideo\u002F\" rel=\"ugc\">直传阿里云视频点播\u003C\u002Fa>:实现视频上传到阿里云，实现文章能播放视频，大量节约服务器带宽流量。\u003C\u002Fp>\n","实现复制视频超链接解析播放bilibili视频、优酷视频、youtube视频、腾讯视频、西瓜视频，并且可以统一控制视频大小，操作非常简单不需要去复制视频分享代码，直接到游览器复制URL链接即可，添加到编辑器里，非常方便用户使用。",90,5169,"2026-01-21T07:34:00.000Z","6.9.4","6.0","7.4",[52,53,54,55,56],"bilibili","%e8%a7%86%e9%a2%91%e8%a7%a3%e6%9e%90","%e8%a7%a3%e6%9e%90%e8%a7%86%e9%a2%91","video","youtube","http:\u002F\u002Fwww.girltm.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapoyl-video.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":11,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":71,"tags":73,"homepage":78,"download_link":79,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"nines-music","网易云音乐","1.6.2","不问归期_","https:\u002F\u002Fprofiles.wordpress.org\u002Fjiutu\u002F","\u003Cp>网易云音乐播放器（详情看截图）\u003C\u002Fp>\n\u003Cp>侧边模式\u003Ca href=\"https:\u002F\u002Fwww.aliluv.cn\" rel=\"nofollow ugc\">演示\u003C\u002Fa>\u003Cbr \u002F>\n底部模式\u003Ca href=\"https:\u002F\u002Fwpapi.aliluv.cn\" rel=\"nofollow ugc\">演示\u003C\u002Fa>\u003C\u002Fp>\n","网易云音乐播放器（详情看截图）",40,13157,2,"2023-07-13T12:47:00.000Z","","5.1.1",[74,75,76,77,23],"%e7%bd%91%e6%98%93%e4%ba%91%e9%9f%b3%e4%b9%90","%e9%9f%b3%e4%b9%90","%e8%bf%b7%e4%bd%a0%e9%9f%b3%e4%b9%90%e6%92%ad%e6%94%be%e5%99%a8","music","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnines-music\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnines-music.zip",{"slug":81,"name":82,"version":83,"author":41,"author_profile":42,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":27,"num_ratings":27,"last_updated":88,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":89,"homepage":57,"download_link":93,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"apoyl-videoctrl","[凹凸曼]自由控制视频大小","1.6.0","\u003Cp>实现统一自定义控制本地视频video和bilibili宽度和高度，显示合适大小的视频，让页面变得更加美观\u003C\u002Fp>\n\u003Ch3>插件功能\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>支持本地视频video 统一控制视频宽度和高度\u003C\u002Fli>\n\u003Cli>支持嵌入代码bilibili 统一控制视频宽度和高度\u003C\u002Fli>\n\u003Cli>支持后台自定义视频宽度\u003C\u002Fli>\n\u003Cli>支持后台自定义视频宽度\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>更多控制视频不免费功能，如漂亮视频播放，视频广告，隐藏视频下载按钮，控制视频播放，控制qq视频大小，控制youtube视频大小，控制youtube视频大小及优酷、腾讯、爱奇艺、bilibili、dailymotion视频、土豆、西瓜视频等视频大小\u003Cbr \u002F>\n以上功能部分免费,点击购买付费版：\u003Ca href=\"http:\u002F\u002Fwww.girltm.com\u002F\" rel=\"nofollow ugc\">凹凸曼插件\u003C\u002Fa>\u003Cbr \u002F>\n也可以加开发者QQ：3201361925 email: 3201361925@qq.com\u003C\u002Fp>\n","实现统一自定义控制本地视频video和bilibili宽度和高度，显示合适大小的视频，让页面变得更加美观",10,1444,"2026-01-21T07:50:00.000Z",[52,90,91,55,92],"%e8%a7%86%e9%a2%91%e6%a1%86","%e9%ab%98%e5%ba%a6","%e5%ae%bd%e5%ba%a6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapoyl-videoctrl.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":86,"downloaded":102,"rating":27,"num_ratings":27,"last_updated":71,"tested_up_to":103,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":110,"download_link":111,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":112},"record-player-musicbox","record player musicbox 唱片播放器","1.0.0","码铃薯（tudoucode）","https:\u002F\u002Fprofiles.wordpress.org\u002Fqq420218831\u002F","\u003Cp>🎵 \u003Cstrong>唱片播放器 MusicBox\u003C\u002Fstrong> 是一个灵感来源于复古风播放器的 WordPress 插件，为你的网站添加可拖拽、可记忆播放位置的迷你唱片播放器。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>主要功能：\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>支持自动播放和禁播时间设置\u003C\u002Fli>\n\u003Cli>播放器位置自定义（left\u002Fbottom）\u003C\u002Fli>\n\u003Cli>播放进度记忆，可手动开启\u002F关闭\u003C\u002Fli>\n\u003Cli>手机端禁播控制\u003C\u002Fli>\n\u003Cli>首页专属显示选项\u003C\u002Fli>\n\u003Cli>随机播放音乐列表\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>特色亮点：\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>真实的唱片旋转动画\u003C\u002Fli>\n\u003Cli>双击播放器可切换“禁止自动播放”状态\u003C\u002Fli>\n\u003Cli>本地缓存播放状态，避免多标签页重复播放\u003C\u002Fli>\n\u003Cli>高度可配置，适配多种主题风格\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>本插件遵循 \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GNU GPL v2 或更高版本\u003C\u002Fa> 开源协议。\u003C\u002Fp>\n","一个仿古风的唱片背景音乐播放器，支持自动播放、禁播设置、自定义位置、进度记忆及移动端控制等功能。",431,"6.8.5","5.0","7.0",[107,77,108,109,23],"%e8%83%8c%e6%99%af%e9%9f%b3%e4%b9%90","player","%e5%94%b1%e7%89%87%e6%92%ad%e6%94%be%e5%99%a8","https:\u002F\u002Fgithub.com\u002F2547729123\u002Frecord-player-musicbox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecord-player-musicbox.1.0.0.zip","2026-03-15T10:48:56.248Z",{"slug":114,"name":115,"version":116,"author":41,"author_profile":42,"description":117,"short_description":118,"active_installs":27,"downloaded":119,"rating":27,"num_ratings":27,"last_updated":120,"tested_up_to":103,"requires_at_least":49,"requires_php":50,"tags":121,"homepage":57,"download_link":126,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"apoyl-aliyunvideo","[凹凸曼]直传阿里云视频点播","1.3.0","\u003Cp>实现视频上传到阿里云，实现文章能播放视频，大量节约服务器带宽流量，视频点播是集视频采集、编辑、上传、媒体资源管理、自动化转码处理（窄带高清™）、视频审核分析、分发加速于一体的一站式音视频点播解决方案\u003C\u002Fp>\n\u003Ch3>功能概述\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>支持后台媒体库上传视频到阿里云视频点播，实现流量走云端，不消耗本身服务器的流量，在云端播放视频\u003C\u002Fli>\n\u003Cli>支持选择所属地域\u003C\u002Fli>\n\u003Cli>支持文章插入视频及播放视频+\u003C\u002Fli>\n\u003Cli>支持加密播放视频，防止视频被盗用\u003C\u002Fli>\n\u003Cli>支持自定义视频宽度\u003C\u002Fli>\n\u003Cli>支持自定义视频高度\u003C\u002Fli>\n\u003Cli>支持阿里云播放器播放视频\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>以上功能部分免费,点击购买付费版：\u003Ca href=\"http:\u002F\u002Fwww.girltm.com\u002F\" rel=\"nofollow ugc\">凹凸曼插件\u003C\u002Fa>\u003Cbr \u002F>\n也可以加开发者QQ：3201361925 email: 3201361925@qq.com\u003C\u002Fp>\n","实现视频上传到阿里云，实现文章能播放视频，大量节约服务器带宽流量，视频点播是集视频采集、编辑、上传、媒体资源管理、自动化转码处理（窄带高清™）、视频审核分析、分发加速于一体的一站式音视频点播解决方案",586,"2025-06-24T03:33:00.000Z",[122,123,55,124,125],"%e7%9b%b4%e4%bc%a0%e8%a7%86%e9%a2%91","%e9%98%bf%e9%87%8c%e4%ba%91","%e5%8a%a0%e5%af%86","%e6%92%ad%e6%94%be%e8%a7%86%e9%a2%91","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapoyl-aliyunvideo.zip",{"attackSurface":128,"codeSignals":172,"taintFlows":180,"riskAssessment":181,"analyzedAt":189},{"hooks":129,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":171,"entryPointCount":32,"unprotectedCount":27},[130,135,139,143,148,152,156,161],{"type":131,"name":132,"callback":133,"file":134,"line":33},"action","admin_menu","wideo_admin_menu","class.wideo.php",{"type":131,"name":136,"callback":137,"file":134,"line":138},"admin_init","wideo_setting_init",31,{"type":131,"name":140,"callback":141,"file":134,"line":142},"wp_enqueue_scripts","wideo_scripts",32,{"type":144,"name":145,"callback":146,"priority":86,"file":134,"line":147},"filter","plugin_action_links","wideo_plugin_action_link",34,{"type":131,"name":149,"callback":150,"file":134,"line":151},"admin_print_scripts","wideo_quicktags",35,{"type":131,"name":153,"callback":154,"file":134,"line":155},"init","wideo_add_buttons",36,{"type":144,"name":157,"callback":158,"priority":159,"file":134,"line":160},"mce_external_plugins","add_wideo_tinymce_plugin",5,218,{"type":144,"name":162,"callback":163,"priority":159,"file":134,"line":164},"mce_buttons","register_wideo_button",219,[],[],[168],{"tag":4,"callback":169,"file":134,"line":170},"wideo_shortcode",33,[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":69,"bundledLibraries":179},[],{"prepared":27,"raw":27,"locations":175},[],{"escaped":177,"rawEcho":27,"locations":178},24,[],[],[],{"summary":182,"deductions":183},"Based on the provided static analysis and vulnerability history, the 'wideo' v2.0.3 plugin exhibits a generally strong security posture. The code analysis reveals no dangerous functions, all SQL queries use prepared statements, and all output is properly escaped, which are excellent security practices. Furthermore, the absence of file operations and external HTTP requests minimizes potential attack vectors.  The vulnerability history is also clean, with no known CVEs, indicating a stable and well-maintained plugin over time.\n\nHowever, there are a few areas that warrant attention. The most significant concern is the complete lack of nonce checks and the presence of two capability checks, suggesting that authenticated actions may not be adequately protected against CSRF attacks. While the attack surface is small, consisting of only one shortcode, any unprotected entry points could be a risk.  The taint analysis showing zero flows is positive, but this could also be due to the limited scope of the analysis or the plugin's simple functionality. Overall, the plugin is well-coded with good sanitization and escaping, but the lack of robust authentication checks on potential action-triggering shortcodes is a notable weakness that could be exploited if combined with other vulnerabilities or if the shortcode's functionality allows for sensitive operations.",[184,187],{"reason":185,"points":186},"Missing nonce checks",15,{"reason":188,"points":159},"Presence of unprotected shortcode","2026-03-16T20:57:53.326Z",{"wat":191,"direct":201},{"assetPaths":192,"generatorPatterns":197,"scriptPaths":198,"versionParams":199},[193,194,195,196],"\u002Fwp-content\u002Fplugins\u002Fwideo\u002FDPlayer\u002Fflv.min.js","\u002Fwp-content\u002Fplugins\u002Fwideo\u002FDPlayer\u002Fhls.min.js","\u002Fwp-content\u002Fplugins\u002Fwideo\u002FDPlayer\u002FDPlayer.min.js","\u002Fwp-content\u002Fplugins\u002Fwideo\u002Fjs\u002Fwideo_quicktags.js",[],[],[200],"WIDEO_VERSION",{"cssClasses":202,"htmlComments":203,"htmlAttributes":204,"restEndpoints":205,"jsGlobals":206,"shortcodeOutput":208},[4],[],[],[],[207],"DPlayer",[209,210,211,212,213],"\u003Cdiv class=\"wideo\" style=\"position:relative;\">","\u003Cdiv id=\"wideo","const dp","new DPlayer({","container: document.getElementById(\"wideo"]