[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fl-T2iCimY5lDY1WJ4EeSxGGEdI-NVHqZj5OgL3I6RhA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":32,"analysis":55,"fingerprints":103},"wolframalpha","Wolfram Alpha","0.1 Beta","pedrobc","https:\u002F\u002Fprofiles.wordpress.org\u002Fpedrobc\u002F","\u003Cp>Adds a search form for the Wolfram|Alpha computational knowledge engine.\u003C\u002Fp>\n","Adds a Wolfram Alpha search form widget",10,1916,100,1,"2009-05-21T20:41:00.000Z","2.7","",[19,20],"mathematica","wolfram-alpha","http:\u002F\u002Fblog.melimato.com\u002Fwolframalpha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwolframalpha.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},30,84,"2026-04-04T09:23:12.461Z",[33],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":17,"tested_up_to":45,"requires_at_least":46,"requires_php":17,"tags":47,"homepage":52,"download_link":53,"security_score":13,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":54},"mathematica-toolbox","Mathematica Toolbox","1.0.4","C. E.","https:\u002F\u002Fprofiles.wordpress.org\u002Fc-e-1\u002F","\u003Cp>Mathematica Toolbox adds a set of shortcodes that can do Mathematica code highlighting, CDF embedding, and more. For detailed information about all the shortcodes please visit the documentation:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fcekdahl.github.io\u002FMathematicaToolbox\" rel=\"nofollow ugc\">http:\u002F\u002Fcekdahl.github.io\u002FMathematicaToolbox\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you would like to control WordPress programmatically from a Mathematica notebook, check out the Wolfram Language WordPress XML-RPC client:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fgithub.com\u002Fcekdahl\u002Fwl-wordpress-xmlrpc-client\" rel=\"nofollow ugc\">http:\u002F\u002Fgithub.com\u002Fcekdahl\u002Fwl-wordpress-xmlrpc-client\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Syntax highlighting and formatting\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Uses the same highlighting script that is used on \u003Ca href=\"http:\u002F\u002Fmathematica.stackexchange.com\" rel=\"nofollow ugc\">Mathematica.StackExchange.com\u003C\u002Fa> and on \u003Ca href=\"http:\u002F\u002Fcommunity.wolfram.com\" rel=\"nofollow ugc\">Wolfram Community\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Preserves code indentation and prevents WordPress from inserting \u003Ccode>\u003Cbr>\u003C\u002Fcode> and \u003Ccode>\u003Cp>\u003C\u002Fcode> into code.\u003C\u002Fli>\n\u003Cli>Replaces Wolfram Language character codes such as \u003Ccode>\\[Alpha]\u003C\u002Fcode>, \u003Ccode>\\[Gamma]\u003C\u002Fcode> etc. with their corresponding characters.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Embed Wolfram technologies\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily embed CDFs in any post or page.\u003C\u002Fli>\n\u003Cli>Retrieve and display an image from a Wolfram Cloud API.\u003C\u002Fli>\n\u003Cli>Retrieve and display raw data from a Wolfram Cloud API.\u003C\u002Fli>\n\u003Cli>Display a link to the documentation of a Wolfram Language function.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Retrieve Mathematica.StackExchange data\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show a box with profile information\u003C\u002Fli>\n\u003Cli>Create links to questions and answers based on their IDs\u003C\u002Fli>\n\u003Cli>Make arbitrary requests to the Mathematica.StackExchange API\u003C\u002Fli>\n\u003C\u002Ful>\n","Improves your website with highlighted Mathematica code, embedded CDFs, and Wolfram Cloud content.",50,2540,70,2,"4.9.29","3.0.1",[48,49,19,50,51],"cdf","computable-document-format","stack-exchange","wolfram-language","https:\u002F\u002Fwordpress.org\u002Fplugins\u002FMathematica-Toolbox\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmathematica-toolbox.zip","2026-03-15T10:48:56.248Z",{"attackSurface":56,"codeSignals":68,"taintFlows":95,"riskAssessment":96,"analyzedAt":102},{"hooks":57,"ajaxHandlers":64,"restRoutes":65,"shortcodes":66,"cronEvents":67,"entryPointCount":24,"unprotectedCount":24},[58],{"type":59,"name":60,"callback":61,"file":62,"line":63},"action","widgets_init","register","widget-wolframalpha.php",27,[],[],[],[],{"dangerousFunctions":69,"sqlUsage":70,"outputEscaping":72,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":94},[],{"prepared":24,"raw":24,"locations":71},[],{"escaped":24,"rawEcho":73,"locations":74},11,[75,78,80,81,83,84,86,87,89,90,92],{"file":62,"line":76,"context":77},61,"raw output",{"file":62,"line":79,"context":77},63,{"file":62,"line":79,"context":77},{"file":62,"line":82,"context":77},64,{"file":62,"line":82,"context":77},{"file":62,"line":85,"context":77},65,{"file":62,"line":85,"context":77},{"file":62,"line":88,"context":77},83,{"file":62,"line":23,"context":77},{"file":62,"line":91,"context":77},87,{"file":62,"line":93,"context":77},88,[],[],{"summary":97,"deductions":98},"The \"wolframalpha\" plugin v0.1 Beta exhibits a strong adherence to several security best practices, notably the absence of any identified dangerous functions, SQL injection vulnerabilities through prepared statements, file operations, or external HTTP requests.  Furthermore, the lack of known CVEs and a clean vulnerability history are positive indicators of a secure past. However, a significant concern arises from the complete lack of output escaping. This means that any data processed or displayed by the plugin is not being sanitized, leaving it highly susceptible to cross-site scripting (XSS) attacks where malicious scripts could be injected and executed in users' browsers. The complete absence of nonce and capability checks, while not directly indicated as a risk due to a zero attack surface in the static analysis, suggests a lack of fundamental WordPress security mechanisms that could become a problem if any entry points were to be introduced in future versions or if the current analysis is incomplete.\n\nWhile the plugin has a seemingly clean slate regarding known vulnerabilities and a limited attack surface reported, the critical flaw in output escaping poses a substantial risk. This oversight can easily lead to XSS vulnerabilities, which are common and can have severe consequences, including session hijacking and defacement. The plugin's strengths lie in its avoidance of common server-side vulnerabilities, but its weakness in output handling is a glaring security gap that needs immediate attention. A balanced conclusion is that the plugin shows promise in avoiding backend vulnerabilities but fails critically in client-side output sanitization, creating a significant security risk.",[99],{"reason":100,"points":101},"0% of outputs properly escaped",15,"2026-03-17T01:05:11.464Z",{"wat":104,"direct":110},{"assetPaths":105,"generatorPatterns":106,"scriptPaths":107,"versionParams":109},[],[],[108],"http:\u002F\u002Fwww.wolframalpha.com\u002Finput\u002Fembed\u002F?type=",[],{"cssClasses":111,"htmlComments":112,"htmlAttributes":113,"restEndpoints":114,"jsGlobals":115,"shortcodeOutput":116},[],[],[],[],[],[117],"\u003Cscript id=\"WolframAlphaScript\" src=\"http:\u002F\u002Fwww.wolframalpha.com\u002Finput\u002Fembed\u002F?type="]