[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fg8uRDnrBlf0YLT1lLKmnabpHv6xRopFUAyKNBPzx3mA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":141,"fingerprints":214},"widget-subtitles","Widget Subtitles","1.2.1","Jory Hogeveen","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeraweb\u002F","\u003Cp>This plugin adds a subtitle input field to all your widgets. You can also change the location of the subtitle and even use filters to change the subtitle output.\u003C\u002Fp>\n\u003Ch4>Filters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002Fwiki#filter-widget_subtitles_element\" rel=\"nofollow ugc\">\u003Ccode>widget_subtitles_element\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002Fwiki#filter-widget_subtitles_classes\" rel=\"nofollow ugc\">\u003Ccode>widget_subtitles_classes\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002Fwiki#filter-widget_subtitles_default_location\" rel=\"nofollow ugc\">\u003Ccode>widget_subtitles_default_location\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002Fwiki#filter-widget_subtitles_edit_location_capability\" rel=\"nofollow ugc\">\u003Ccode>widget_subtitles_edit_location_capability\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002Fwiki#filter-widget_subtitles_available_locations\" rel=\"nofollow ugc\">\u003Ccode>widget_subtitles_available_locations\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002Fwiki#filter-widget_subtitles_add_subtitle\" rel=\"nofollow ugc\">\u003Ccode>widget_subtitles_add_subtitle\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002Fwiki#filter-widget_subtitle\" rel=\"nofollow ugc\">\u003Ccode>widget_subtitle\u003C\u002Fcode>\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can use these filters inside your theme functions.php file or in a plugin.\u003Cbr \u002F>\nYou can find me here:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.keraweb.nl\u002F\" title=\"Keraweb\" rel=\"nofollow ugc\">Keraweb\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoryHogeveen\u002Fwidget-subtitles\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fnl.linkedin.com\u002Fin\u002Fjoryhogeveen\" title=\"LinkedIn profile\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a customizable subtitle to your widgets",200,7059,100,2,"2024-11-12T00:20:00.000Z","6.7.5","3.0","5.2.4",[20,21,22,23,24],"sub-title","subtitle","subtitles","widget","widget-subtitle","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwidget-subtitles\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-subtitles.1.2.1.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"keraweb",10,112220,93,24,89,"2026-04-04T05:26:27.615Z",[41,60,80,105,121],{"slug":24,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":17,"requires_php":54,"tags":55,"homepage":57,"download_link":58,"security_score":59,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Widget Subtitle","1.0","Eduardo Zulian","https:\u002F\u002Fprofiles.wordpress.org\u002Feduardozulian\u002F","\u003Cp>This plugin simply adds a subtitle input field to all your widgets. Once you fill out this subtitle field, it’ll automatically appear right after the widget title.\u003C\u002Fp>\n\u003Cp>Inspired by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdp-widgets-plus\u002F\" rel=\"ugc\">DP Widgets Plus\u003C\u002Fa>.\u003C\u002Fp>\n","Add a subtitle input field to all widgets.",20,1978,80,1,"2013-11-28T20:09:00.000Z","3.7.41","",[56,21,23,24],"sidebar","http:\u002F\u002Fgithub.com\u002Feduardozulian\u002Fwidget-subtitle","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-subtitle.1.0.zip",85,{"slug":22,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":78,"download_link":79,"security_score":59,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Subtitles","3.0.0","Philip Arthur Moore","https:\u002F\u002Fprofiles.wordpress.org\u002Fphiliparthurmoore\u002F","\u003Cp>Right now WordPress currently presents no easy way for web publishers to add subtitles into their posts, pages, and other custom post types. This leaves users and developers in a bit of a quandary, trying to figure out how best to present subtitles in a beautiful and sensible way. Post \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fthe_excerpt\" rel=\"nofollow ugc\">excerpts\u003C\u002Fa> are a very poor choice for subtitles and the only available option outside of \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FCustom_Fields\" rel=\"nofollow ugc\">custom fields\u003C\u002Fa>, but custom fields aren’t entirely self-explanatory or user-friendly. This simple, straightforward plugin aims to solve this issue.\u003C\u002Fp>\n\u003Cp>Simply download \u003Cem>Subtitles\u003C\u002Fem>, activate it, and begin adding subtitles into your posts and pages today. For more advanced usage of the plugin, please see the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsubtitles\u002Ffaq\u002F\" rel=\"ugc\">Frequently Asked Questions\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you like \u003Cem>Subtitles\u003C\u002Fem>, \u003Ca href=\"https:\u002F\u002Fwww.paypal.me\u002Fwecobble\" rel=\"nofollow ugc\">thank me with coffee\u003C\u002Fa>. If you find it buggy, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwecobble\u002FSubtitles\u002Fissues\" rel=\"nofollow ugc\">tell me on GitHub\u003C\u002Fa>. And if you have a cool example of how you’re using \u003Cem>Subtitles\u003C\u002Fem> on your website, let me know on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fphilip_arthur\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>.\u003C\u002Fp>\n","Add subtitles into your WordPress posts, pages, custom post types, and themes. No coding required. Simply activate Subtitles and you're ready.",3000,125348,96,53,"2017-08-29T03:15:00.000Z","4.8.28","3.9","5.6",[21,22,76,77],"title","titles","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsubtitles\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubtitles.3.0.0.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":54,"tags":95,"homepage":101,"download_link":102,"security_score":103,"vuln_count":51,"unpatched_count":28,"last_vuln_date":104,"fetched_at":30},"jw-player-7-for-wp","JW Player for WordPress","2.3.6","ilGhera","https:\u002F\u002Fprofiles.wordpress.org\u002Fghera74\u002F","\u003Cp>\u003Cstrong>JW Player for WordPress\u003C\u002Fstrong> enables you to publish videos on your WordPress posts and pages using the most popular video player on the web. Take complete control of your player, from branding to size and dimensions. Allow users share and embed your videos from your WordPress pages & posts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Free Features (NEW!):\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Connect to the JW Player Dashboard using your API v2 credentials\u003C\u002Fli>\n\u003Cli>Select and publish videos hosted on JW Player\u003C\u002Fli>\n\u003Cli>Select and publish playlist hosted on JW Player\u003C\u002Fli>\n\u003Cli>Support shortcodes like [jwplayer fPHnET5D]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Cloud\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Register a JW Player account at https:\u002F\u002Fwww.jwplayer.com\u002Fpricing\u002F\u003C\u002Fli>\n\u003Cli>Once you’re logged in, copy your \u003Cstrong>Cloud Hosted Player Libraries\u003C\u002Fstrong> from https:\u002F\u002Fdashboard.jwplayer.com\u002F#\u002Fplayers\u002Fdownloads\u003C\u002Fli>\n\u003Cli>Paste your library url to the plugin options page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Self hosted\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fwww.jwplayer.com\u002Fpricing\u002F\u003C\u002Fli>\n\u003Cli>Once you’re logged in, download the player and copy your License key from https:\u002F\u002Fdashboard.jwplayer.com\u002F#\u002Fplayers\u002Fdownloads\u003C\u002Fli>\n\u003Cli>Upload the folder to your site\u003C\u002Fli>\n\u003Cli>Add the full url of \u003Cstrong>jwplayer.js\u003C\u002Fstrong> in the plugin options page (ex. https:\u002F\u002Fexample.com\u002FFOLDER-UPLOADED\u002Fjwplayer.js)\u003C\u002Fli>\n\u003Cli>Paste your License Key to the admin page of the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>After that, set your general preferences, choose the post types where you want to add videos and start to add content using the JW Player for WordPress box that you’ll find there. Just add the url of your self-hosted video or select cloud-hosted content from n your JW Player Dashboard.\u003C\u002Fp>\n\u003Cp>That’s it, you’re ready to go!\u003C\u002Fp>\n","JW Player for WordPress enables you to publish videos on your WordPress posts and pages using the most popular video player on the web.",1000,183643,76,29,"2025-11-24T15:18:00.000Z","6.8.5","5.0",[96,97,98,99,100],"embed-video","jw-player","video-player","video-preroll","video-subtitles","https:\u002F\u002Fwww.ilghera.com\u002Fproduct\u002Fjw-player-7-for-wordpress-premium\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjw-player-7-for-wp.2.3.6.zip",99,"2024-04-29 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":13,"downloaded":113,"rating":13,"num_ratings":51,"last_updated":114,"tested_up_to":115,"requires_at_least":17,"requires_php":54,"tags":116,"homepage":119,"download_link":120,"security_score":59,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"subtitle-360","Subtitle 360","2.0","HasanulBanna","https:\u002F\u002Fprofiles.wordpress.org\u002Fhasanulbanna\u002F","\u003Cp>This plugin creates an option to enter sub heading for pages and posts. You can display the sub title in your theme by using the\n    \u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"http:\u002F\u002Fcoregenie.com\u002F\" rel=\"nofollow ugc\">Coregenie Technologies\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Coded By \u003Ca href=\"http:\u002F\u002Fhasanulbanna.com\u002F\" rel=\"nofollow ugc\">BANNA360\u003C\u002Fa>\u003C\u002Fp>\n","This plugin creates an option to enter sub heading for pages and posts. You can display the sub title in your theme by using the",7554,"2015-01-27T13:06:00.000Z","4.1.42",[117,118,21],"page-sub-title","page-title","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsubtitle-360\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubtitle-360.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":13,"num_ratings":51,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":139,"download_link":140,"security_score":59,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wubtitle","Wubtitle","1.2.4","giuseppectmobi","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiuseppectmobi\u002F","\u003Ch3>The ultimate video-to-text solution. Boost your SEO using videos\u003C\u002Fh3>\n\u003Cp>Wubtitle is the all-in-one plugin for dealing with video-to-text tasks in WordPress. Save tons of time automatically subtitling and transcribing your videos or instantly converting Youtube and Vimeo subtitles to plain text. Get started for free!\u003C\u002Fp>\n\u003Cp>Wubtitle is a plugin that generates:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Subtitles and transcript of uploaded videos in media library\u003C\u002Fli>\n\u003Cli>Transcripts of Youtube videos\u003C\u002Fli>\n\u003Cli>Transcripts of Vimeo videos\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Functionality\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatic subtitle generation\u003C\u002Fli>\n\u003Cli>Ability to enable or disable generated subtitles\u003C\u002Fli>\n\u003Cli>Generates video transcriptions from WordPress Media library and from YouTube\u003C\u002Fli>\n\u003Cli>Support both Gutenberg and classic editor\u003C\u002Fli>\n\u003Cli>Editing and management of all transcriptions\u003C\u002Fli>\n\u003C\u002Ful>\n","Wubtitle is a plugin that generates subtitles and transcript of uploaded videos in media library, Youtube and Vimeo videos.",40,3556,"2022-10-17T13:44:00.000Z","6.0.11","5.3","7.4",[136,21,22,137,138],"seo","transcription","video","https:\u002F\u002Fwww.wubtitle.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwubtitle.zip",{"attackSurface":142,"codeSignals":174,"taintFlows":206,"riskAssessment":207,"analyzedAt":213},{"hooks":143,"ajaxHandlers":170,"restRoutes":171,"shortcodes":172,"cronEvents":173,"entryPointCount":28,"unprotectedCount":28},[144,149,152,157,162,166],{"type":145,"name":146,"callback":146,"file":147,"line":148},"action","init","widget-subtitles.php",115,{"type":145,"name":146,"callback":150,"file":147,"line":151},"load_plugin_textdomain",191,{"type":145,"name":153,"callback":154,"priority":155,"file":147,"line":156},"in_widget_form","action_in_widget_form",9,192,{"type":158,"name":159,"callback":160,"priority":34,"file":147,"line":161},"filter","widget_update_callback","filter_widget_update_callback",193,{"type":158,"name":163,"callback":164,"file":147,"line":165},"dynamic_sidebar_params","filter_dynamic_sidebar_params",194,{"type":145,"name":167,"callback":168,"priority":34,"file":147,"line":169},"plugin_row_meta","action_plugin_row_meta",197,[],[],[],[],{"dangerousFunctions":175,"sqlUsage":176,"outputEscaping":178,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":51,"bundledLibraries":205},[],{"prepared":28,"raw":28,"locations":177},[],{"escaped":155,"rawEcho":179,"locations":180},13,[181,184,186,187,189,191,192,194,196,198,199,201,203],{"file":147,"line":182,"context":183},235,"raw output",{"file":147,"line":185,"context":183},236,{"file":147,"line":185,"context":183},{"file":147,"line":188,"context":183},241,{"file":147,"line":190,"context":183},242,{"file":147,"line":190,"context":183},{"file":147,"line":193,"context":183},247,{"file":147,"line":195,"context":183},248,{"file":147,"line":197,"context":183},256,{"file":147,"line":197,"context":183},{"file":147,"line":200,"context":183},261,{"file":147,"line":202,"context":183},262,{"file":147,"line":204,"context":183},266,[],[],{"summary":208,"deductions":209},"The widget-subtitles plugin v1.2.1 exhibits a generally strong security posture, with no recorded vulnerabilities and a promising lack of critical code signals. The static analysis reveals a minimal attack surface, with no AJAX handlers, REST API routes, shortcodes, or cron events exposed without authentication. Furthermore, the absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable.  The plugin also demonstrates good practices in its SQL query handling, with 100% prepared statements, and a single capability check, indicating some consideration for access control.\n\nHowever, the analysis does highlight a significant concern: only 41% of output is properly escaped. This suggests a considerable risk of Cross-Site Scripting (XSS) vulnerabilities, particularly in scenarios where user-supplied data might be directly rendered without adequate sanitization. The lack of taint analysis results (0 flows analyzed) is also noteworthy, as it prevents a deeper dive into potential data handling vulnerabilities.  Despite the clean vulnerability history, the insufficient output escaping presents a tangible risk that needs to be addressed.\n\nIn conclusion, while widget-subtitles v1.2.1 has a clean slate regarding known vulnerabilities and has implemented several good security practices like prepared statements and limited attack surface, the high percentage of unescaped output is a critical weakness. This points to a potential for XSS vulnerabilities that could be exploited by attackers. Therefore, while the plugin shows promise in some areas, the output escaping deficiency necessitates immediate attention to mitigate these risks.",[210],{"reason":211,"points":212},"Insufficient output escaping",12,"2026-03-16T20:25:19.916Z",{"wat":215,"direct":224},{"assetPaths":216,"generatorPatterns":219,"scriptPaths":220,"versionParams":221},[217,218],"\u002Fwp-content\u002Fplugins\u002Fwidget-subtitles\u002Fcss\u002Fwidget-subtitles.css","\u002Fwp-content\u002Fplugins\u002Fwidget-subtitles\u002Fjs\u002Fwidget-subtitles.js",[],[218],[222,223],"widget-subtitles\u002Fcss\u002Fwidget-subtitles.css?ver=","widget-subtitles\u002Fjs\u002Fwidget-subtitles.js?ver=",{"cssClasses":225,"htmlComments":226,"htmlAttributes":227,"restEndpoints":232,"jsGlobals":233,"shortcodeOutput":235},[],[],[228,229,230,231],"id=\"widget-subtitles-subtitle\"","name=\"widget-subtitles-subtitle\"","id=\"widget-subtitles-subtitle-location\"","name=\"widget-subtitles-subtitle-location\"",[],[234],"widget_subtitles_js_obj",[]]