[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fC1FEIyYQhELUI2mbG_nsTSulRksCYcbwZYjl_t9DrPc":3,"$f2sRi1D9JuPgu1l3MTjAyYwq2s1eqr3VYUM4t98bCq-c":224,"$fT48R9L0H9PbRWI7Q6T75ng53Ta6fJerBrR5WtTWqHSI":229},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":34,"analysis":137,"fingerprints":198},"widget-upload","widget upload","1.5.1","jessai","https:\u002F\u002Fprofiles.wordpress.org\u002Fjessai\u002F","\u003Cp>your regiter users can upload the file you choose.\u003C\u002Fp>\n","your regiter users can upload the file you choose.",10,7027,0,"2009-02-28T17:59:00.000Z","",[17,18,19,20],"register","upload","user","widget","http:\u002F\u002Fjessai.fr.nf\u002Farchives\u002F9","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwidget-upload.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},5,50,30,84,"2026-05-20T06:01:33.359Z",[35,61,80,98,117],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":15,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":59,"last_vuln_date":60,"fetched_at":25},"wp-register-profile-with-shortcode","WP Register Profile With Shortcode","3.6.3","aviplugins.com","https:\u002F\u002Fprofiles.wordpress.org\u002Favimegladon\u002F","\u003Cul>\n\u003Cli>This is a simple registration form in the widget. The form is responsive. \u003C\u002Fli>\n\u003Cli>just install the plugin and add the register widget in the sidebar. \u003C\u002Fli>\n\u003Cli>Change some ‘optional’ settings in \u003Ccode>Settings-> WP Register Settings\u003C\u002Fcode> and you are good to go. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Use this \u003Cstrong>[rp_register_widget]\u003C\u002Fstrong> shortcode to display registration form in post or page.\u003C\u002Fli>\n\u003Cli>Use This shortcode to retrieve user data \u003Cstrong>[rp_user_data field=”first_name” user_id=”2″]\u003C\u002Fstrong>. user_id can be blank. if blank then the data is retrieve from currently loged in user.\u003C\u002Fli>\n\u003Cli>Use this \u003Cstrong>[rp_profile_edit]\u003C\u002Fstrong> shortcode for user profile page. Logged in usres can edit profile data from this page.\u003C\u002Fli>\n\u003Cli>Use this \u003Cstrong>[rp_update_password] shortcode to display Update Password form in your page.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Other Optional Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Redirect users to a chosen page after successfull registration. Maybe to a thankyou page.\u003C\u002Fli>\n\u003Cli>Users can be logged in automatically after successful registration. Option can be enabled from admin panel.\u003C\u002Fli>\n\u003Cli>Enable password fields so that users can choose there own passwords. Otherwise password will be auto generated and mailed to user.\u003C\u002Fli>\n\u003Cli>Admin will get a notification email once a new user make registration in the site.\u003C\u002Fli>\n\u003Cli>Enable additional fields in the registration form like First Name, Last Name, Display Name, Website etc.\u003C\u002Fli>\n\u003Cli>Custom Registration\u002F Profile fields can be created in the \u003Ca href=\"https:\u002F\u002Fwww.aviplugins.com\u002Fwp-register-profile-pro\u002F\" rel=\"nofollow ugc\">PRO\u003C\u002Fa> version of the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP Register Profile PRO\u003C\u002Fh4>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwww.aviplugins.com\u002Fwp-register-profile-pro\u002F\" rel=\"nofollow ugc\">PRO\u003C\u002Fa> version of this plugin has additional features like.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Multiple registration forms can be created and each form can be assigned to different user \u003Cstrong>Roles\u003C\u002Fstrong>. So that when user make registration they are assigned to that perticular \u003Cstrong>Role\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Registration with support for adding additional custom fields.\u003C\u002Fli>\n\u003Cli>Custom registration fields can be sorted by \u003Cstrong>Drag & Drop\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>User Profile page with custom fields. Here users can update their profile data.\u003C\u002Fli>\n\u003Cli>Create file type fields in Registration and Profile forms. Users can upload files to their profile. Uploadable file types can be allowed form plugin settings page.\u003C\u002Fli>\n\u003Cli>Reset user password shortcode.\u003C\u002Fli>\n\u003Cli>User profile data can be displayed easily with the help of shortcodes.\u003C\u002Fli>\n\u003Cli>Support for user profile image upload. Profile image can be used as \u003Cstrong>Avatar\u003C\u002Fstrong>. If this is enabled then profile image will be used as user \u003Cstrong>Avatar\u003C\u002Fstrong> throughout the site. When user posts a comment his profile image will be displayed instead of the defalut WordPress \u003Cstrong>Avatar\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Subscription\u003C\u002Fstrong> option is available with the PRO version. Payment for subscription is managed by \u003Cstrong>WooCommerce\u003C\u002Fstrong> for ease of use. Users will be able to select subscription packages at the time of registration. etc\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can get it \u003Ca href=\"https:\u002F\u002Fwww.aviplugins.com\u002Fwp-register-profile-pro\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> in \u003Cstrong>USD 2.00\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Post your plugin related queries at \u003Ca href=\"https:\u002F\u002Fwww.aviplugins.com\u002Fsupport.php\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.aviplugins.com\u002Fsupport.php\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","This is a simple registration form in the widget. just install the plugin and add the register widget in the sidebar. Thats it. :)",400,66598,70,13,"2025-07-08T12:05:00.000Z","6.8.5","2.0.2",[51,17,52,53,54],"profile","register-widget","responsive-user-registration","wp-register","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-register-profile-with-shortcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-register-profile-with-shortcode.3.6.3.zip",71,4,1,"2025-07-10 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":31,"downloaded":69,"rating":70,"num_ratings":29,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":15,"tags":74,"homepage":78,"download_link":79,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"new-user-dashboard","New User Dashboard Widget","2.0","swadeshswain","https:\u002F\u002Fprofiles.wordpress.org\u002Fswadeshswain\u002F","\u003Cp>A dashboard widget for Displaying New Rigistered member in your webiste site Dashboard panel.\u003C\u002Fp>\n","A dashboard widget for Displaying New Rigistered member in your site",4426,100,"2017-06-23T08:00:00.000Z","4.8.28","3.0",[75,76,62,77,20],"dashboard-widget","new-user","recent-registerd-user","http:\u002F\u002Fswadeshswain.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnew-user-dashboard.2.0.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":11,"downloaded":88,"rating":70,"num_ratings":59,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":15,"tags":92,"homepage":96,"download_link":97,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"ciusan-simple-statistics","Ciusan Simple Statistics","1.0","Dannie Herdyawan","https:\u002F\u002Fprofiles.wordpress.org\u002Fk0z3y\u002F","\u003Cp>\u003Cstrong>Show simple statistics\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show all registered users on sidebar using widget or on post & page using shortcode.\u003C\u002Fli>\n\u003Cli>Show all approved comments on sidebar using widget or on post & page using shortcode.\u003C\u002Fli>\n\u003Cli>Show all publish posts on sidebar using widget or on post & page using shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Shortcode:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use [ciusan_total_registered] for showing all registered users.\u003C\u002Fli>\n\u003Cli>Use [ciusan_total_posts] for showing all publish posts.\u003C\u002Fli>\n\u003Cli>Use [ciusan_total_comments] for showing approved comments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fplugin.ciusan.com\u002F66\u002Fciusan-simple-statistics\u002F\" rel=\"nofollow ugc\">Ciusan Simple Statistics\u003C\u002Fa>\u003C\u002Fp>\n","Show simple statistics.",1632,"2015-02-21T00:40:00.000Z","4.1.42","3.2",[93,94,19,20,95],"ciusan","registered","wp","http:\u002F\u002Fplugin.ciusan.com\u002F66\u002Fciusan-simple-statistics\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fciusan-simple-statistics.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":11,"downloaded":106,"rating":70,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":15,"tags":111,"homepage":114,"download_link":115,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":116},"display-recently-registered-users","Display Recently Registered Users","0.0.5","jp2112","https:\u002F\u002Fprofiles.wordpress.org\u002Fjp2112\u002F","\u003Cp>Display Recently Registered Users is a widget that lets you display the N most recently registered users on your WordPress site.\u003C\u002Fp>\n\u003Cp>You can customize:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Date format\u003C\u002Fli>\n\u003Cli>Gravatar size and display\u003C\u002Fli>\n\u003Cli>Number of users to show\u003C\u002Fli>\n\u003Cli>CSS class wrapper\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>If you need help with this plugin\u003C\u002Fh3>\n\u003Cp>If this plugin breaks your site or just flat out does not work, please go to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisplay-recently-registered-users\u002F#compatibility\" rel=\"ugc\">Compatibility\u003C\u002Fa> and click “Broken” after verifying your WordPress version and the version of the plugin you are using.\u003C\u002Fp>\n\u003Cp>Then, create a thread in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisplay-recently-registered-users\" rel=\"ugc\">Support\u003C\u002Fa> forum with a description of the issue. Make sure you are using the latest version of WordPress and the plugin before reporting issues, to be sure that the issue is with the current version and not with an older version where the issue may have already been fixed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please do not use the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fdisplay-recently-registered-users\" rel=\"ugc\">Reviews\u003C\u002Fa> section to report issues or request new features.\u003C\u002Fstrong>\u003C\u002Fp>\n","Display recently registered users in a widget.",2907,2,"2014-08-15T22:54:00.000Z","3.9.40","3.5",[112,17,113,20],"recent","users","http:\u002F\u002Fwww.jimmyscode.com\u002Fwordpress\u002Fdisplay-recently-registered-users\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-recently-registered-users.zip","2026-04-06T09:54:40.288Z",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":13,"downloaded":125,"rating":13,"num_ratings":13,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":134,"download_link":135,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":136},"registered-user-dashboard-widget","Registered User Dashboard Widget","1.0.0","OutsourcingVN","https:\u002F\u002Fprofiles.wordpress.org\u002Foutsourcingvn\u002F","\u003Cp>\u003Cstrong>Major features of this plugin include\u003C\u002Fstrong>\u003Cbr \u002F>\n* Show bar chart user registered monthly\u003Cbr \u002F>\n* Show list number user registered monthly\u003C\u002Fp>\n","Major features of this plugin include * Show bar chart user registered monthly * Show list number user registered monthly",762,"2021-07-09T02:42:00.000Z","5.7.15","5.2","7.2",[75,131,132,133,118],"outsourcing","outsourcingvn","registed-user","https:\u002F\u002Foutsourcingvn.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fregistered-user-dashboard-widget.zip","2026-03-15T14:54:45.397Z",{"attackSurface":138,"codeSignals":150,"taintFlows":186,"riskAssessment":187,"analyzedAt":197},{"hooks":139,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":13,"unprotectedCount":13},[140],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","widgets_init","widget_upload_init","widget_upload.php",158,[],[],[],[],{"dangerousFunctions":151,"sqlUsage":152,"outputEscaping":154,"fileOperations":107,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":185},[],{"prepared":13,"raw":13,"locations":153},[],{"escaped":13,"rawEcho":155,"locations":156},14,[157,160,162,164,166,168,170,171,173,175,177,179,181,183],{"file":144,"line":158,"context":159},28,"raw output",{"file":144,"line":161,"context":159},29,{"file":144,"line":163,"context":159},34,{"file":144,"line":165,"context":159},41,{"file":144,"line":167,"context":159},76,{"file":144,"line":169,"context":159},81,{"file":144,"line":23,"context":159},{"file":144,"line":172,"context":159},107,{"file":144,"line":174,"context":159},123,{"file":144,"line":176,"context":159},126,{"file":144,"line":178,"context":159},134,{"file":144,"line":180,"context":159},136,{"file":144,"line":182,"context":159},137,{"file":144,"line":184,"context":159},155,[],[],{"summary":188,"deductions":189},"The \"widget-upload\" plugin version 1.5.1 presents a mixed security picture. On the positive side, the static analysis reveals no identified CVEs, no critical or high severity taint flows, and no direct SQL injection risks due to the exclusive use of prepared statements.  Furthermore, there are no external HTTP requests, meaning no opportunities for SSRF vulnerabilities originating from this plugin.  The absence of cron events and shortcodes also limits the potential attack surface.\n\nHowever, significant concerns arise from the code signals. The most prominent issue is that 100% of the 14 identified output points are not properly escaped. This is a critical vulnerability that could lead to Cross-Site Scripting (XSS) attacks, allowing attackers to inject malicious scripts into the user's browser. Additionally, the complete lack of nonce checks and capability checks on any potential entry points, though the static analysis shows zero entry points, suggests a potential blind spot. If any entry points were to be introduced in future versions or by other means, they would likely be unprotected.\n\nIn conclusion, while the plugin has a clean vulnerability history and avoids common pitfalls like raw SQL or external requests, the pervasive issue of unescaped output represents a high-risk area. The lack of security checks on potential entry points, even if currently zero, is also a weakness that warrants attention. The plugin's strengths lie in its avoidance of direct database compromise and external dependencies, but the severe risk of XSS due to unescaped output cannot be overstated.",[190,193,195],{"reason":191,"points":192},"Unescaped output on all identified points",15,{"reason":194,"points":29},"Missing nonce checks",{"reason":196,"points":29},"Missing capability checks","2026-04-16T12:49:04.187Z",{"wat":199,"direct":204},{"assetPaths":200,"generatorPatterns":201,"scriptPaths":202,"versionParams":203},[],[],[],[],{"cssClasses":205,"htmlComments":206,"htmlAttributes":207,"restEndpoints":221,"jsGlobals":222,"shortcodeOutput":223},[],[],[208,209,210,211,212,213,214,215,216,217,218,219,220],"name=\"fileupload\"","id=\"upfile_0\"","name=\"envoyer\"","name=\"upload_title\"","id=\"upload_title\"","name=\"upload_autorise\"","id=\"upload_autorise\"","name=\"upload_chemin\"","id=\"upload_chemin\"","name=\"upload_ext\"","id=\"upload_ext\"","id=\"submit_essai\"","name=\"submit_essai\"",[],[],[],{"error":225,"url":226,"statusCode":227,"statusMessage":228,"message":228},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwidget-upload\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":230},[]]