[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcujSLoCrVBbNBb080Gb-12hHB5yfYgnos8IS71V_YrM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":55,"analysis":149,"fingerprints":410},"wiki-embed","Wiki Embed","1.4.10","ctltwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fctltwp\u002F","\u003Cp>This plugin will pull content from any Media Wiki website (Such as wikipedia.org).\u003C\u002Fp>\n\u003Cp>It strips and reformats the content, allowing you to supply some arguments to dictate how this works.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How does it work?\u003C\u002Fstrong>\u003Cbr \u002F>\nOn your WordPress page or post. You embed a shortcode, something like\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wiki-embed url='http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FWordPress' tabs no-contents no-infobox ]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Once you save the page you will have the content of the wiki embed into you page. Kind of like a youtube video.\u003Cbr \u002F>\nOnly the page will look like as if it is part of your site. Any changes that are made on the wiki will be reflected on your site, once the cache has expired and a new version of the page is requested from the wiki.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why would you want to do that?\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can build a better navigation structure to your site, while crowd sourcing the content of the pages inside the wiki.\u003Cbr \u002F>\nWin Win.\u003C\u002Fp>\n\u003Cp>** Where can I get more info?**\u003Cbr \u002F>\nCheckout our Support page http:\u002F\u002Fsupport.cms.ubc.ca\u002Fcms-manual\u002Fadding-content\u002Fembedding-content-from-the-ubc-wiki\u002F that is using the wiki-embed plugin to grab content from our [wiki http:\u002F\u002Fwiki.ubc.ca\u002FDocumentation:UBC_Content_Management_System\u002FCLF_Theme\u002FHow_to_embed_content_from_the_UBC_Wiki\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Wiki Embed is implemented using the shortcode [wiki-embed]. It accepts the following arguments:\u003Cbr \u002F>\n* url: (required) the web address of the wiki article that you want to embed on this page.\u003Cbr \u002F>\n* no-edit: Hide the “edit” links from the wiki.\u003Cbr \u002F>\n* no-contents: Hide the page’s contents box.\u003Cbr \u002F>\n* no-infobox: Hide any infobox that appears on the wiki for this page.\u003Cbr \u002F>\n* tabs: Replaces the sections of the wiki article with tabs.\u003Cbr \u002F>\n* accordion: Replaces the sections of the wiki article with an accordian. This option cannot be used as the same time as ‘tabs’.\u003C\u002Fp>\n\u003Cp>Example;\u003Cbr \u002F>\n    [wiki-embed url=”http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FExample” no-edit no-contents no-infobox accordion]\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>Settings for the plugin can be found in ‘Wiki Embed’ -> ‘Settings’.\u003Cbr \u002F>\nHere you can enable\u002Fdisable various features, define shortcode defaults, and configure some global settings for the plugin.\u003C\u002Fp>\n","Wiki Embed lets you embed mediawiki pages in to your site, sites like Wikipedia",100,15847,76,8,"2025-05-02T18:14:00.000Z","3.3.2","3.0","",[20,21,22,23,4],"content-framework","embed","mediawiki","wiki","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwiki-embed\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwiki-embed.zip",99,1,0,"2025-05-07 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-47551","wiki-embed-cross-site-request-forgery","Wiki Embed \u003C= 1.4.6 - Cross-Site Request Forgery","The Wiki Embed plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.6. This is due to missing or incorrect nonce validation on the wikiembed_settings_page() function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.4.6","1.4.7","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-05-13 13:49:11",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5cb00caf-6ca2-4970-8d09-14188806ba06?source=api-prod",7,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},15,5800,84,34,77,"2026-04-04T14:38:21.919Z",[56,74,93,114,133],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":11,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":17,"requires_php":18,"tags":69,"homepage":70,"download_link":71,"security_score":72,"vuln_count":27,"unpatched_count":27,"last_vuln_date":73,"fetched_at":30},"rdp-wiki-embed","RDP Wiki Embed","1.2.20","Robert D Payne","https:\u002F\u002Fprofiles.wordpress.org\u002Frpayne7264\u002F","\u003Cp>RDP Wiki Embed will pull content from any MediaWiki website (such as wikipedia.org) and embed it in pages and posts. It strips and reformats the content, allowing you to supply some arguments to dictate how this works.\u003C\u002Fp>\n\u003Cp>RDP Wiki Embed can also look for all links to wiki sites listed in the Security section and force the content on the current page to be replaced with the content found at the wiki site when the link is clicked. Visitors will be able to read wiki content without leaving your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>RDP Wiki Embed is not coded to work with the block editor.  Therefore, the shortcode button will not work.\u003C\u002Fstrong> A plugin that restores the classic editor will need to be installed for the shortcode button to work. Get the Classic Editor Plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-editor\u002F\" rel=\"ugc\">here.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Posting to the WordPress.org Support Forum does not send me notifications of new issues. Therefore, please send support requests using the \u003Ca href=\"http:\u002F\u002Fwww.rdptechsolutions.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">contact form on my web site.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Sponsor\u003C\u002Fh4>\n\u003Cp>This plug-in brought to you through the generous funding of \u003Ca href=\"http:\u002F\u002Fwww.limsinstitute.org\u002F\" rel=\"nofollow ugc\">Laboratory Informatics Institute, Inc.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Use the shortcode [rdp-wiki-embed] for embedding MediaWiki content. The following arguments are accepted:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>url: (required) the web address of the wiki article that you want to embed on this page\u003C\u002Fli>\n\u003Cli>title_show: 0 (zero) to hide title or 1 to show\u003C\u002Fli>\n\u003Cli>toc_show: 0 (zero) to hide table of contents (TOC) or 1 to show\u003C\u002Fli>\n\u003Cli>edit_show: 0 (zero) to hide edit links or 1 to show \u003C\u002Fli>\n\u003Cli>infobox_show: 0 (zero) to hide info boxes or 1 to show \u003C\u002Fli>\n\u003Cli>unreferenced_show: 0 (zero) to hide “unreferenced” warning boxes  or 1 to show \u003C\u002Fli>\n\u003Cli>wiki_update: number of minutes content of the wiki page will be stored on your site, before it is refreshed \u003C\u002Fli>\n\u003Cli>wiki_links: behavior after clicking a link to wiki content – \u003Cstrong>default\u003C\u002Fstrong> or \u003Cstrong>overwrite\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>wiki_links_open_new: 0 (zero) to open wiki links in same window or 1 to open in new window \u003C\u002Fli>\n\u003Cli>global_content_replace: 1 to apply embed overwrite behavior to all wiki links on the site or 0 (zero)  \u003C\u002Fli>\n\u003Cli>global_content_replace_template: page template to use for replaced content\u003C\u002Fli>\n\u003Cli>source_show: 0 (zero) to hide attribution or 1 to show \u003C\u002Fli>\n\u003Cli>pre_source: text for source label\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Cp>Basic uasge:\u003C\u002Fp>\n\u003Cp>[rdp-wiki-embed url=’http:\u002F\u002Fen.wikipedia.org’]\u003C\u002Fp>\n\u003Cp>Display table-of-contents and info boxes, but hide title, edit links and ‘unreferenced’ warning boxes:\u003C\u002Fp>\n\u003Cp>[rdp-wiki-embed url=’http:\u002F\u002Fen.wikipedia.org’ title_show=’0′ toc_show=’1′ edit_show=’0′ infobox_show=’1′ unreferenced_show=’0′]\u003C\u002Fp>\n\u003Ch4>About Overwrite and Global Content Replace\u003C\u002Fh4>\n\u003Cp>Global content replace requires Overwrite mode to be enabled. When content is being replaced in Overwrite mode, the Default Shortcode Settings on the plug-in’s settings page will be applied to content that is fetched from wiki sites.\u003C\u002Fp>\n\u003Ch3>Action Hook Reference:\u003C\u002Fh3>\n\u003Ch4>rdp_we_scripts_enqueued\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Param: none\u003C\u002Fli>\n\u003Cli>Fires after enqueuing plug-in-specific frontend scripts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>rdp_we_styles_enqueued\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Param: none\u003C\u002Fli>\n\u003Cli>Fires after enqueuing plug-in-specific frontend styles\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Filter Reference\u003C\u002Fh3>\n\u003Ch4>rdp_we_scrub_remove_elements_filter\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Param: Array of HTML elements to remove from the raw wiki content, before being cached\u003C\u002Fli>\n\u003Cli>Return: Array of HTML elements to remove from the raw wiki content, before being cached\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>rdp_we_prerender_remove_elements_filter\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Param: Array of HTML elements to remove from the wiki content, before rendering to browser\u003C\u002Fli>\n\u003Cli>Return: Array of HTML elements to remove from the wiki content, before rendering to browser\u003C\u002Fli>\n\u003C\u002Ful>\n","RDP Wiki Embed lets you embed content from MediaWiki sites.",400,18200,12,"2024-01-08T07:24:00.000Z","6.4.8",[22,23,4],"http:\u002F\u002Fwww.rdptechsolutions.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frdp-wiki-embed.1.2.20.zip",63,"2025-04-04 00:00:00",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":90,"download_link":91,"security_score":92,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wikiembedder","Wikiembedder","0.1","datagutten","https:\u002F\u002Fprofiles.wordpress.org\u002Fdatagutten\u002F","\u003Cp>The project is inspired by RDP Wiki-Press Embed by Robert D Payne. Some code is also copied (noted in source).\u003C\u002Fp>\n\u003Cp>The difference is that this is simpler. It contains as little CSS as possible to be able to customize it for each theme.\u003C\u002Fp>\n\u003Cp>Links are rewritten to make the users able to navigate in the wiki without leaving your wordpress page.\u003C\u002Fp>\n\u003Cp>The text on the wiki image page will be added as a title=”” tag to the image in wordpress, so by using the plugin \u003Ca href=\"http:\u002F\u002Farchetyped.com\u002Ftools\u002Fsimple-lightbox\" rel=\"nofollow ugc\">simple-lightbox\u003C\u002Fa>, the text will be shown below the image in the lightbox.\u003C\u002Fp>\n\u003Cp>It is developed for use with a private MediaWiki install, but it might work with wikipedia as well.\u003C\u002Fp>\n\u003Ch3>Tested themes\u003C\u002Fh3>\n\u003Cp>Virtue: Works well\u003Cbr \u002F>\nWP-Forge: Works well\u003Cbr \u002F>\nTwenty Ten: Trouble with image alignment\u003Cbr \u002F>\nTwenty Thirteen: Works well\u003Cbr \u002F>\nTwenty Fourtenn: Trouble with image alignment, pages get very narrow\u003Cbr \u002F>\nTwenty Fifteen: Trouble with image alignment\u003C\u002Fp>\n","Embed MediaWiki in a wordpress site and allow users to navigate the wiki without leaving your wordpress page.",10,1947,40,2,"2017-12-23T12:20:00.000Z","5.0.25","3.5",[21,22,23],"https:\u002F\u002Fgithub.com\u002Fdatagutten\u002Fwikiembedder","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwikiembedder.zip",85,{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":17,"requires_php":18,"tags":107,"homepage":111,"download_link":112,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":113,"fetched_at":30},"wp-wiki-tooltip","WP Wiki Tooltip","2.1.1","Nico Danneberg","https:\u002F\u002Fprofiles.wordpress.org\u002Fnida78\u002F","\u003Cp>Adds explaining tooltips querying their content from a \u003Ca href=\"https:\u002F\u002Fwww.mediawiki.org\" title=\"see MediaWiki docs\" rel=\"nofollow ugc\">MediaWiki\u003C\u002Fa> installation, e.g. \u003Ca href=\"https:\u002F\u002Fwww.wikipedia.org\" title=\"see the well-known Wikipedia\" rel=\"nofollow ugc\">Wikipedia.org\u003C\u002Fa>. Therefore shortcodes can be used in Posts and Pages to mark keywords and link them to public Wiki pages. The well-known package of \u003Ca href=\"https:\u002F\u002Fcalebjacob.github.io\u002Ftooltipster\u002F\" title=\"Tooltipster rocks :)\" rel=\"nofollow ugc\">Tooltipster\u003C\u002Fa> is used to create the nice and themable tooltips.\u003C\u002Fp>\n\u003Cp>Main features of the current version are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Setup at least one wanted Wiki base and several other options at a backend page\u003C\u002Fli>\n\u003Cli>Integrate the Wiki tooltip in Posts and Pages using a handy popup in Gutenberg editor or simple shortcodes\u003C\u002Fli>\n\u003Cli>Shortcodes can be created by a \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTinyMCE\" rel=\"nofollow ugc\">TinyMCE\u003C\u002Fa> plugin, too\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds explaining tooltips querying their content from a MediaWiki installation, e.g. Wikipedia.org.",200,14875,96,18,"2025-08-10T20:03:00.000Z","6.8.5",[22,108,109,23,110],"tooltip","tooltipster","wikipedia","https:\u002F\u002Fn1da.net\u002Fspecials\u002Fwp-wiki-tooltip\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-wiki-tooltip.2.1.1.zip","2025-02-18 19:21:58",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":11,"num_ratings":27,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":18,"download_link":132,"security_score":92,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"embed-wikimedia","Embed Wikimedia","0.3.1","samwilson","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamwilson\u002F","\u003Cp>The \u003Cstrong>Embed Wikimedia\u003C\u002Fstrong> plugin adds support for embedding photos from Wikimedia projects such as Wikipedia, Wikimedia Commons, and Wikidata.\u003C\u002Fp>\n\u003Cp>It requires no configuration, and to use you just add a URL of any of the above sites on its own line in a WordPress post or page.\u003C\u002Fp>\n\u003Cp>Development is on Github at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsamwilson\u002Fembed-wikimedia\" rel=\"nofollow ugc\">samwilson\u002Fembed-wikimedia\u003C\u002Fa>;\u003Cbr \u002F>\nplease report all issues there.\u003C\u002Fp>\n","The Embed Wikimedia plugin adds support for embedding photos from Wikimedia projects such as Wikipedia.",50,3363,"2019-10-19T09:19:00.000Z","5.2.24","5.0","5.6",[129,21,130,131,110],"commons","photos","wikimedia","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-wikimedia.zip",{"slug":134,"name":135,"version":136,"author":7,"author_profile":8,"description":137,"short_description":138,"active_installs":82,"downloaded":139,"rating":140,"num_ratings":27,"last_updated":141,"tested_up_to":142,"requires_at_least":143,"requires_php":18,"tags":144,"homepage":18,"download_link":148,"security_score":92,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wiki-append","Wiki Append","1","\u003Cp>This plugin enables page or post authors to scrape content from mediawiki pages and appending it to their pages.\u003Cbr \u002F>\nIt works by scraping content from mediawiki pages by going to a special mediawiki page url.\u003C\u002Fp>\n\u003Cp>For example http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FWordpress?action=render\u003C\u002Fp>\n\u003Cp>The content rendered on the final page or post will always be the newest content, however it is not searchable via regular WordPress search form.\u003C\u002Fp>\n\u003Cp>Use case:\u003Cbr \u002F>\nThis plugin is great for adding documentation to your site.\u003Cbr \u002F>\nSince wordpress.org is using mediawiki for the codex you could potentially display wordpress codex pages on your site without much effort, just enter the full url of the specific wordpress codex page.\u003C\u002Fp>\n\u003Cp>Enjoy\u003C\u002Fp>\n","Append a mediawiki page at the end of the regular wordpress page.",2467,60,"2009-06-05T18:47:00.000Z","2.7.1","2.5",[145,146,22,23,147],"append","include","wikiinc","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwiki-append.zip",{"attackSurface":150,"codeSignals":255,"taintFlows":274,"riskAssessment":400,"analyzedAt":409},{"hooks":151,"ajaxHandlers":226,"restRoutes":249,"shortcodes":250,"cronEvents":254,"entryPointCount":47,"unprotectedCount":85},[152,158,162,166,169,172,175,179,185,188,192,195,199,203,207,211,215,219,222],{"type":153,"name":154,"callback":155,"file":156,"line":157},"action","admin_footer","wikiembed_overlay_popup_form","admin\\admin-overlay.php",4,{"type":153,"name":159,"callback":160,"file":156,"line":161},"media_buttons_context","wikiembed_overlay_buttons",5,{"type":153,"name":163,"callback":164,"file":165,"line":157},"admin_init","wikiembed_options_init","admin\\admin.php",{"type":153,"name":167,"callback":168,"file":165,"line":161},"admin_menu","wikiembed_options_add_page",{"type":153,"name":170,"callback":171,"file":165,"line":47},"wpmu_options","wikiembed_network_site_admin_options",{"type":153,"name":173,"callback":174,"file":165,"line":82},"update_wpmu_options","wikiembed_network_site_admin_options_process",{"type":153,"name":176,"callback":177,"file":178,"line":66},"plugins_loaded","wiki_embed_update_db_check","past\\wiki-embed-update.php",{"type":180,"name":181,"callback":182,"file":183,"line":184},"filter","wiki-embed-tab_list","tab_list","support\\twitter-bootstrap\\action.php",9,{"type":180,"name":186,"callback":187,"priority":82,"file":183,"line":82},"wiki-embed-articles","articles",{"type":180,"name":189,"callback":190,"priority":82,"file":183,"line":191},"wiki-embed-article-content","article_content",11,{"type":180,"name":193,"callback":194,"priority":82,"file":183,"line":66},"wiki-embed-article-content-class","article_content_class",{"type":180,"name":196,"callback":197,"file":183,"line":198},"wiki-embed-tabs-shell-class","tab_list_class",13,{"type":153,"name":200,"callback":200,"file":201,"line":202},"init","WikiEmbed.php",82,{"type":153,"name":204,"callback":205,"file":201,"line":206},"template_redirect","load_page",91,{"type":180,"name":208,"callback":209,"file":201,"line":210},"posts_join","search_metadata_join",92,{"type":180,"name":212,"callback":213,"file":201,"line":214},"posts_where","search_metadata_where",93,{"type":180,"name":216,"callback":217,"file":201,"line":218},"sf_posts_query","search_metadata_ajaxy",94,{"type":180,"name":220,"callback":220,"file":201,"line":221},"page_link",198,{"type":153,"name":223,"callback":224,"file":201,"line":225},"wp_footer","print_scripts",207,[227,232,235,239,242,246],{"action":228,"nopriv":229,"callback":230,"hasNonce":229,"hasCapCheck":229,"file":201,"line":231},"wiki_embed",false,"overlay_ajax",212,{"action":228,"nopriv":233,"callback":230,"hasNonce":229,"hasCapCheck":229,"file":201,"line":234},true,214,{"action":236,"nopriv":229,"callback":237,"hasNonce":233,"hasCapCheck":229,"file":201,"line":238},"wiki_embed_add_link","wikiembed_list_page_add_link",1495,{"action":240,"nopriv":229,"callback":237,"hasNonce":233,"hasCapCheck":229,"file":201,"line":241},"_nopriv_wiki_embed_add_link",1496,{"action":243,"nopriv":229,"callback":244,"hasNonce":233,"hasCapCheck":229,"file":201,"line":245},"wiki_embed_remove_link","wikiembed_list_page_remove_link",1499,{"action":247,"nopriv":229,"callback":244,"hasNonce":233,"hasCapCheck":229,"file":201,"line":248},"_nopriv_wiki_embed_remove_link",1500,[],[251],{"tag":4,"callback":252,"file":201,"line":253},"shortcode",205,[],{"dangerousFunctions":256,"sqlUsage":257,"outputEscaping":262,"fileOperations":28,"externalRequests":85,"nonceChecks":47,"capabilityChecks":184,"bundledLibraries":273},[],{"prepared":85,"raw":27,"locations":258},[259],{"file":260,"line":140,"context":261},"inc\\css_selector.php","$wpdb->query() with variable interpolation",{"escaped":103,"rawEcho":157,"locations":263},[264,268,270,272],{"file":265,"line":266,"context":267},"admin\\list-page.php",181,"raw output",{"file":265,"line":269,"context":267},184,{"file":265,"line":271,"context":267},195,{"file":265,"line":221,"context":267},[],[275,342,354,362,378,389],{"entryPoint":276,"graph":277,"unsanitizedCount":14,"severity":40},"\u003CWikiEmbed> (WikiEmbed.php:0)",{"nodes":278,"edges":333},[279,284,290,294,299,303,305,309,314,317,321,324,328,331],{"id":280,"type":281,"label":282,"file":201,"line":283},"n0","source","$_GET (x2)",448,{"id":285,"type":286,"label":287,"file":201,"line":288,"wp_function":289},"n1","sink","wp_remote_request() [SSRF]",805,"wp_remote_request",{"id":291,"type":281,"label":292,"file":201,"line":293},"n2","$_GET (x3)",1201,{"id":295,"type":286,"label":296,"file":201,"line":297,"wp_function":298},"n3","echo() [XSS]",1233,"echo",{"id":300,"type":281,"label":301,"file":201,"line":302},"n4","$_GET['title']",1244,{"id":304,"type":286,"label":296,"file":201,"line":302,"wp_function":298},"n5",{"id":306,"type":281,"label":307,"file":201,"line":308},"n6","$_GET",1210,{"id":310,"type":286,"label":311,"file":201,"line":312,"wp_function":313},"n7","update_option() [Settings Manipulation]",1351,"update_option",{"id":315,"type":281,"label":282,"file":201,"line":316},"n8",746,{"id":318,"type":319,"label":320,"file":201,"line":316},"n9","transform","→ remote_request_wikipage()",{"id":322,"type":286,"label":287,"file":201,"line":323,"wp_function":289},"n10",815,{"id":325,"type":281,"label":326,"file":201,"line":327},"n11","$_GET (x6)",751,{"id":329,"type":319,"label":330,"file":201,"line":327},"n12","→ update_cache()",{"id":332,"type":286,"label":311,"file":201,"line":312,"wp_function":313},"n13",[334,335,336,337,338,339,340,341],{"from":280,"to":285,"sanitized":233},{"from":291,"to":295,"sanitized":233},{"from":300,"to":304,"sanitized":233},{"from":306,"to":310,"sanitized":233},{"from":315,"to":318,"sanitized":229},{"from":318,"to":322,"sanitized":229},{"from":325,"to":329,"sanitized":229},{"from":329,"to":332,"sanitized":229},{"entryPoint":343,"graph":344,"unsanitizedCount":28,"severity":353},"wikiembed_list_page (admin\\list-page.php:9)",{"nodes":345,"edges":351},[346,349],{"id":280,"type":281,"label":347,"file":265,"line":348},"$_GET (x5)",149,{"id":285,"type":286,"label":296,"file":265,"line":350,"wp_function":298},240,[352],{"from":280,"to":285,"sanitized":233},"low",{"entryPoint":355,"graph":356,"unsanitizedCount":28,"severity":353},"\u003Clist-page> (admin\\list-page.php:0)",{"nodes":357,"edges":360},[358,359],{"id":280,"type":281,"label":347,"file":265,"line":348},{"id":285,"type":286,"label":296,"file":265,"line":350,"wp_function":298},[361],{"from":280,"to":285,"sanitized":233},{"entryPoint":363,"graph":364,"unsanitizedCount":28,"severity":353},"wikiembed_settings_page (admin\\settings-page.php:9)",{"nodes":365,"edges":375},[366,370,372,373],{"id":280,"type":281,"label":367,"file":368,"line":369},"$_POST","admin\\settings-page.php",20,{"id":285,"type":286,"label":311,"file":368,"line":371,"wp_function":313},27,{"id":291,"type":281,"label":367,"file":368,"line":369},{"id":295,"type":286,"label":296,"file":368,"line":374,"wp_function":298},144,[376,377],{"from":280,"to":285,"sanitized":233},{"from":291,"to":295,"sanitized":233},{"entryPoint":379,"graph":380,"unsanitizedCount":28,"severity":353},"\u003Csettings-page> (admin\\settings-page.php:0)",{"nodes":381,"edges":386},[382,383,384,385],{"id":280,"type":281,"label":367,"file":368,"line":369},{"id":285,"type":286,"label":311,"file":368,"line":371,"wp_function":313},{"id":291,"type":281,"label":367,"file":368,"line":369},{"id":295,"type":286,"label":296,"file":368,"line":374,"wp_function":298},[387,388],{"from":280,"to":285,"sanitized":233},{"from":291,"to":295,"sanitized":233},{"entryPoint":390,"graph":391,"unsanitizedCount":28,"severity":353},"overlay_ajax (WikiEmbed.php:1200)",{"nodes":392,"edges":397},[393,394,395,396],{"id":280,"type":281,"label":292,"file":201,"line":293},{"id":285,"type":286,"label":296,"file":201,"line":297,"wp_function":298},{"id":291,"type":281,"label":301,"file":201,"line":302},{"id":295,"type":286,"label":296,"file":201,"line":302,"wp_function":298},[398,399],{"from":280,"to":285,"sanitized":233},{"from":291,"to":295,"sanitized":233},{"summary":401,"deductions":402},"The wiki-embed plugin v1.4.10 exhibits a generally good security posture with several strong points, including 100% output escaping and a complete absence of dangerous functions or file operations. The plugin also demonstrates a solid use of nonces and capability checks throughout its code. However, there are significant concerns, particularly regarding its attack surface. Two AJAX handlers lack authentication checks, presenting a direct entry point for potentially unauthorized actions. The taint analysis reveals one flow with an unsanitized path, which, while not currently classified as critical or high severity, indicates a potential for issues if malicious input is not handled rigorously. The vulnerability history shows one medium severity CVE in the past, a CSRF vulnerability, which suggests that while significant vulnerabilities have been addressed, the possibility of similar issues in the future or related security weaknesses cannot be entirely dismissed.",[403,405,407],{"reason":404,"points":82},"AJAX handlers without authentication",{"reason":406,"points":14},"Flow with unsanitized paths",{"reason":408,"points":47},"Past medium severity CVE","2026-03-16T20:38:11.080Z",{"wat":411,"direct":441},{"assetPaths":412,"generatorPatterns":424,"scriptPaths":425,"versionParams":433},[413,414,415,416,417,418,419,420,421,422,423],"\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fjs\u002Ftabs.js","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fjs\u002Faccordion.js","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fjs\u002Fanchor-links.js","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fsupport\u002Ftwitter-bootstrap\u002Ftwitter.bootstrap.tabs.js","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fcss\u002Ftabs.css","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fcss\u002Faccordion.css","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fcss\u002Fwiki-embed.css","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fjs\u002Fjquery.colorbox.min.js","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fjs\u002Foverlay.js","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fcss\u002Fcolorbox.css","\u002Fwp-content\u002Fplugins\u002Fwiki-embed\u002Fresources\u002Fjs\u002Fnew-page.js",[],[426,427,428,429,430,431,432],"\u002Fwiki-embed\u002Fresources\u002Fjs\u002Ftabs.js","\u002Fwiki-embed\u002Fresources\u002Fjs\u002Faccordion.js","\u002Fwiki-embed\u002Fresources\u002Fjs\u002Fanchor-links.js","\u002Fwiki-embed\u002Fsupport\u002Ftwitter-bootstrap\u002Ftwitter.bootstrap.tabs.js","\u002Fwiki-embed\u002Fresources\u002Fjs\u002Fjquery.colorbox.min.js","\u002Fwiki-embed\u002Fresources\u002Fjs\u002Foverlay.js","\u002Fwiki-embed\u002Fresources\u002Fjs\u002Fnew-page.js",[434,435,436,437,438,439,440],"wiki-embed\u002Fresources\u002Fjs\u002Ftabs.js?ver=","wiki-embed\u002Fresources\u002Fjs\u002Faccordion.js?ver=","wiki-embed\u002Fresources\u002Fjs\u002Fanchor-links.js?ver=","wiki-embed\u002Fsupport\u002Ftwitter-bootstrap\u002Ftwitter.bootstrap.tabs.js?ver=","wiki-embed\u002Fresources\u002Fjs\u002Fjquery.colorbox.min.js?ver=","wiki-embed\u002Fresources\u002Fjs\u002Foverlay.js?ver=","wiki-embed\u002Fresources\u002Fjs\u002Fnew-page.js?ver=",{"cssClasses":442,"htmlComments":444,"htmlAttributes":448,"restEndpoints":452,"jsGlobals":453,"shortcodeOutput":455},[4,443],"wiki-embed-content",[445,446,447],"WikiEmbed - embed multiple mediawiki page into your post or page","Copyright (C) 2008, OLT, www.olt.ubc.com","All rights reserved.",[449,450,451],"data-wiki-embed-url","data-wiki-embed-title","data-wiki-embed-language",[],[454],"WikiEmbedSettings",[456,457],"[wikiembed]","[\u002Fwikiembed]"]