[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEoJMISe7yNn1Xc3sGTe26Bcpodk3FPLBZbiJTSq_0dA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":140,"fingerprints":186},"wordquest","WordQuest","1.1","ianfhunter","https:\u002F\u002Fprofiles.wordpress.org\u002Fianfhunter\u002F","\u003Cp>What feature is WordPress severely lacking? Goblins. Dragons. This plugin is here to fix that.\u003C\u002Fp>\n\u003Cp>Earn experience as you blog. Watch your avatar slowly grow in power with every post.\u003C\u002Fp>\n\u003Cp>Complete quests to earn bonus experience by writing about selected categories.\u003C\u002Fp>\n\u003Cp>See the visual changes to your avatar as you level up.\u003C\u002Fp>\n\u003Cp>Your hero changes class according to your posting style!\u003C\u002Fp>\n\u003Cp>OpenSource – Add your own activities for your hero. https:\u002F\u002Fgithub.com\u002Fianfhunter\u002FWordQuest\u003C\u002Fp>\n\u003Ch3>Image Attributions\u003C\u002Fh3>\n\u003Cp>Hero Sprites: http:\u002F\u002Funtamed.wild-refuge.net\u002Frmxpresources.php?characters\u003C\u002Fp>\n","What feature is WordPress severely lacking? Goblins. Dragons. Earn experience as you blog. Watch your avatar slowly grow in power with every post.",10,1963,100,4,"2014-05-07T11:54:00.000Z","3.9.40","3.0.1","",[20,21,22,23,24],"game","incentive","posts","role-playing-game","rpg","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordquest\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordquest.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-04T06:22:14.841Z",[38,58,78,95,115],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":13,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":56,"download_link":57,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-monsters","WP Monsters","1.3.4","gwannon","https:\u002F\u002Fprofiles.wordpress.org\u002Fgwannon\u002F","\u003Cp>WP Monsters allows to the bloggers to publish in a easy way their Pathfinder RPG home-brew monsters, weapons, spells, cities, magic items and feats in their WordPress blogs. You can use shortcodes to insert the monster in any site of your web.\u003C\u002Fp>\n\u003Ch3>Copyrights\u003C\u002Fh3>\n\u003Cp>This plugins uses trademarks and\u002For copyrights owned by Paizo Inc., which are used under Paizo’s Community Use Policy. We are expressly prohibited from charging you to use or access this content. This plugins is not published, endorsed, or specifically approved by Paizo Inc. For more information about Paizo’s Community Use Policy, please visit paizo.com\u002Fcommunityuse. For more information about Paizo Inc. and Paizo products, please visit paizo.com.\u003C\u002Fp>\n\u003Cp>Icons http:\u002F\u002F7soul1.deviantart.com\u002Fart\u002F420-Pixel-Art-Icons-for-RPG-129892453 by http:\u002F\u002F7soul1.deviantart.com\u002F\u003Cbr \u002F>\nCreative Commons http:\u002F\u002Fcreativecommons.org\u002Flicenses\u002Fby\u002F3.0\u002F\u003C\u002Fp>\n\u003Ch3>Translations included\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Français (French) by Thierry Pillot \u003C\u002Fli>\n\u003Cli>Deutsch (German) by http:\u002F\u002Fnerdig-by-nature.de\u002F\u003C\u002Fli>\n\u003Cli>Castellano (Spanish)\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Monsters allows to the bloggers to publish in a easy way their Pathfinder RPG home-brew monsters, weapons, spells, feats, ... in their blogs.",2000,2,"2015-05-06T06:10:00.000Z","4.2.39","4.0.0",[52,53,54,24,55],"monsters","pathfinder","role-playing-games","spells","http:\u002F\u002Fblog.gwannon.com\u002Fwp-monsters\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-monsters.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":11,"downloaded":66,"rating":28,"num_ratings":28,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":18,"download_link":77,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-mega-menu-recent-posts","WP Mega Menu Recent Posts","1.0.4","krishna121","https:\u002F\u002Fprofiles.wordpress.org\u002Fkrishna121\u002F","\u003Cp>WP Mega Menu Recent Posts plugin show recent posts under dropdown of menu in grid system. You can show text rollover effect after hover on image. This is the good solution for showing recent menu in grid using Mega Menu.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>You could recent posts of any category under dropdown menu.\u003C\u002Fli>\n\u003Cli>Show post title and read more link on hover of image.\u003C\u002Fli>\n\u003Cli>Easily set to show no of posts in row and total posts.\u003C\u002Fli>\n\u003Cli>Show posts in grid system.\u003C\u002Fli>\n\u003Cli>Easily configure with Mega Menu plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Mega Menu Recent Posts plugin show recent posts under dropdown of menu in grid system. You can show text rollover effect after hover on image.",2192,"2021-12-08T12:37:00.000Z","5.8.13","5.2","5.6",[72,73,74,75,76],"mega-menu","megamenu","menu","navigation","recent-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mega-menu-recent-posts.1.0.4.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":28,"downloaded":86,"rating":28,"num_ratings":28,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":70,"tags":90,"homepage":18,"download_link":94,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"blogon-quest","BLOGON QUEST","1.0.0","PRESSMAN","https:\u002F\u002Fprofiles.wordpress.org\u002Fpressmaninc\u002F","\u003Cp>This plugin changes your boring writing days to exciting RPG life.\u003C\u002Fp>\n\u003Cp>This plugin sets a ‘status’ for all users who have permission to publish articles.\u003C\u002Fp>\n\u003Cp>Your status scores will increase according to the achievements of the articles you posted.\u003C\u002Fp>\n\u003Cp>The achievements include the total number of PVs, the number of times an article was read for the first time on your blog, and etc.\u003C\u002Fp>\n","This plugin changes your boring writing days to exciting RPG life.",7031,"2021-05-11T02:14:00.000Z","5.7.15","4.9",[91,92,20,93,24],"beginner","fun","games","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblogon-quest.1.0.1.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":28,"downloaded":103,"rating":28,"num_ratings":28,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":107,"tags":108,"homepage":113,"download_link":114,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"orbem-studio","Orbem Studio","1.2.6","Orbem Order®","https:\u002F\u002Fprofiles.wordpress.org\u002Forbemorder\u002F","\u003Cp>\u003Cstrong>Orbem Studio\u003C\u002Fstrong> turns WordPress into a fully featured, browser-based game engine.\u003C\u002Fp>\n\u003Cp>Design immersive, map-driven experiences with characters, missions, cutscenes, items, abilities, and progression systems all managed through WordPress’ familiar admin interface.\u003C\u002Fp>\n\u003Cp>Orbem Studio is built for developers and creators who want real gameplay, not just gamified UI. It provides structured systems, performance-focused architecture, and developer tooling that allows complete games to be authored, played, and extended entirely within WordPress.\u003C\u002Fp>\n\u003Cp>Whether you’re building a narrative RPG, an educational experience, or an experimental interactive world, Orbem Studio gives you the tools to ship.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Ch4>🎮 Full Front-End Game Engine\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Real-time player movement\u003C\u002Fli>\n\u003Cli>Interactive maps and collision-aware elements\u003C\u002Fli>\n\u003Cli>Directional character asset and animations assignments\u003C\u002Fli>\n\u003Cli>Trigger-based interactions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🧩 Modular Game Objects\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Areas, missions, cutscenes, enemies, items, explainer popups, focus view items, weapons, and characters\u003C\u002Fli>\n\u003Cli>All content managed as WordPress custom post types using proprietary custom fields\u003C\u002Fli>\n\u003Cli>Fully extensible metadata-driven design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🧠 Mission & Progression System\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Branching mission chains\u003C\u002Fli>\n\u003Cli>Conditional triggers and unlocks\u003C\u002Fli>\n\u003Cli>Persistent player state\u003C\u002Fli>\n\u003Cli>Health, mana, power, experience, currency, and leveling\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🛠 Developer Mode (Admin-Only)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Live in-game object\u002Fcharacter placement\u003C\u002Fli>\n\u003Cli>Visual trigger overlays\u003C\u002Fli>\n\u003Cli>Admin-only editing tools\u003C\u002Fli>\n\u003Cli>Level selector for easy level building\u003C\u002Fli>\n\u003Cli>Rapid iteration without page reloads\u003C\u002Fli>\n\u003Cli>Front end wall-builder\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>📦 Inventory & Equipment System\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Storage limits\u003C\u002Fli>\n\u003Cli>Weapons, gear, and consumables\u003C\u002Fli>\n\u003Cli>Equip \u002F unequip logic\u003C\u002Fli>\n\u003Cli>Character-bound equipment support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔊 Media-Rich Storytelling\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Cutscenes and scripted events\u003C\u002Fli>\n\u003Cli>Per-area & per-cutscene music\u003C\u002Fli>\n\u003Cli>Sound effects and audio triggers\u003C\u002Fli>\n\u003Cli>Intro videos and cinematic playback\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔐 Secure & Performant\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>REST API–based architecture\u003C\u002Fli>\n\u003Cli>Permission-aware custom endpoints\u003C\u002Fli>\n\u003Cli>Subscriber-safe gameplay routes\u003C\u002Fli>\n\u003Cli>Optimized meta access and caching strategies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🧑‍💻 Built for Developers\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Clean, modern PHP architecture\u003C\u002Fli>\n\u003Cli>Environment-aware behavior (local vs production)\u003C\u002Fli>\n\u003Cli>Extensible via hooks and filters\u003C\u002Fli>\n\u003Cli>No hard dependency on third-party services\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Narrative RPGs\u003C\u002Fli>\n\u003Cli>Interactive fiction\u003C\u002Fli>\n\u003Cli>Educational games\u003C\u002Fli>\n\u003Cli>Gamified onboarding\u003C\u002Fli>\n\u003Cli>Experimental storytelling\u003C\u002Fli>\n\u003Cli>Browser-based adventure games\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If it can be represented spatially and interactively, Orbem Studio can power it.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to third-party services to provide optional functionality related to authentication and text-to-speech features.\u003C\u002Fp>\n\u003Ch4>Google Text-to-Speech API\u003C\u002Fh4>\n\u003Cp>Orbem Studio can optionally use the Google Text-to-Speech API to generate spoken audio for in-game dialogue and narration.\u003C\u002Fp>\n\u003Cp>What the service is used for:\u003Cbr \u002F>\nThe service is used to convert in-game cutscene and explainer popup text content into synthesized speech audio.\u003C\u002Fp>\n\u003Cp>What data is sent and when:\u003Cbr \u002F>\nWhen text-to-speech is enabled by the site administrator and triggered by player interaction, the plugin sends the following data to Google:\u003Cbr \u002F>\n– The text content to be synthesized\u003Cbr \u002F>\n– The configured language and voice parameters\u003Cbr \u002F>\n– The API key provided by the site administrator\u003C\u002Fp>\n\u003Cp>No personal user data is sent by default. The text content is only sent at the moment audio generation is requested.\u003C\u002Fp>\n\u003Cp>Service provider:\u003Cbr \u002F>\nGoogle LLC\u003C\u002Fp>\n\u003Cp>Terms of Service:\u003Cbr \u002F>\nhttps:\u002F\u002Fcloud.google.com\u002Fterms\u003C\u002Fp>\n\u003Cp>Privacy Policy:\u003Cbr \u002F>\nhttps:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Ch4>Google OAuth \u002F Token Verification\u003C\u002Fh4>\n\u003Cp>Orbem Studio supports optional Google Sign-In functionality to allow users to authenticate using their Google account.\u003C\u002Fp>\n\u003Cp>What the service is used for:\u003Cbr \u002F>\nThe service is used to verify the authenticity of a Google ID token during login.\u003C\u002Fp>\n\u003Cp>What data is sent and when:\u003Cbr \u002F>\nWhen a user logs in using Google Sign-In, the plugin sends:\u003Cbr \u002F>\n– The Google ID token provided by the user’s browser\u003C\u002Fp>\n\u003Cp>This request is made once per login attempt to verify the token’s validity. The plugin does not store Google credentials.\u003C\u002Fp>\n\u003Cp>Service provider:\u003Cbr \u002F>\nGoogle LLC\u003C\u002Fp>\n\u003Cp>Terms of Service:\u003Cbr \u002F>\nhttps:\u002F\u002Fdevelopers.google.com\u002Fidentity\u002Fterms\u003C\u002Fp>\n\u003Cp>Privacy Policy:\u003Cbr \u002F>\nhttps:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n","Build fully interactive, story-driven games directly inside WordPress. No external engines required!",702,"2026-03-15T01:50:00.000Z","6.9.4","6.1","8.1",[109,110,111,24,112],"game-engine","gamification","narrative-game","storytelling","https:\u002F\u002Forbem.studio\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Forbem-studio.1.2.6.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":135,"download_link":136,"security_score":137,"vuln_count":138,"unpatched_count":28,"last_vuln_date":139,"fetched_at":30},"duplicate-page","Duplicate Page","4.5.6","mndpsingh287","https:\u002F\u002Fprofiles.wordpress.org\u002Fmndpsingh287\u002F","\u003Cp>Duplicate Posts, Pages and Custom Posts easily using single click. You can duplicate your pages, posts and custom post by just one click and it will save as your selected options (draft, private, public, pending).\u003C\u002Fp>\n\u003Ch4>Key Features in Duplicate Page Pro Editions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>User Roles:\u003C\u002Fstrong> Allow User Roles To access Duplicate Page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Types:\u003C\u002Fstrong> Filter to show Duplicate Page link in post types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clone Link Location:\u003C\u002Fstrong> Option where to show clone link.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Status:\u003C\u002Fstrong> Option to select Duplicate Posts Status.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirection:\u003C\u002Fstrong> Option to Redirect after click on clone link..\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clone Link Title:\u003C\u002Fstrong> Option to change Duplicate Post Link Title.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Prefix:\u003C\u002Fstrong> Option to add Post Prefix.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Suffix:\u003C\u002Fstrong> Option to add Post Suffix.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Editor\u003C\u002Fstrong>: And Many More Filters and Features.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fduplicatepro.com\u002Fpro\u002F?utm_source=Wordpress.org&utm_medium=Website&utm_campaign=Duplicate%20Page%20Pro\" rel=\"nofollow ugc\">Buy Pro Version\u003C\u002Fa>\u003C\u002Fstrong> with various features & support.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fduplicatepro.com\u002Fcontact\u002F?utm_source=Wordpress.org&utm_medium=Website&utm_campaign=Duplicate%20Page%20Pro\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>\u003C\u002Fstrong> for Support Only Pro Version Users.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fduplicatepro.com\u002Fpro\u002F?utm_source=Wordpress.org&utm_medium=Website&utm_campaign=Duplicate%20Page%20Pro\" rel=\"nofollow ugc\">Upgrade to Pro Version\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFj8BHxvebXs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>How to use\u003C\u002Fh3>\n\u003Col>\n\u003Cli>First Activate Plugin.\u003C\u002Fli>\n\u003Cli>Go Select to Duplicate Page settings Menu from Settings Tab and savings settings. \u003C\u002Fli>\n\u003Cli>Then Create New Post\u002FPage or Use old.\u003C\u002Fli>\n\u003Cli>After click on duplicate this link, then duplicate post\u002F page will be created and saved as draft,publish,pending,private depending upon settings.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Minimum requirements for Duplicate Page\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 3.3+\u003C\u002Fli>\n\u003Cli>PHP 5.x\u003C\u002Fli>\n\u003Cli>MySQL 5.x\u003C\u002Fli>\n\u003C\u002Ful>\n","Duplicate Posts, Pages and Custom Posts easily using single click",3000000,35845792,96,442,"2025-10-16T11:26:00.000Z","6.8.5","3.4",[131,116,132,133,134],"duplicate-custom-posts","duplicate-post","page-duplicate","post-duplicate","https:\u002F\u002Fduplicatepro.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduplicate-page.zip",98,3,"2021-08-28 00:00:00",{"attackSurface":141,"codeSignals":161,"taintFlows":173,"riskAssessment":174,"analyzedAt":185},{"hooks":142,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":28,"unprotectedCount":28},[143,149,153],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","admin_bar_menu","admin_info_header","wordpress-rpg.php",289,{"type":144,"name":150,"callback":151,"file":147,"line":152},"publish_post","add_experience",291,{"type":144,"name":154,"callback":155,"file":147,"line":156},"add_meta_boxes","quest_metabox",292,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":11,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":172},[],{"prepared":28,"raw":28,"locations":164},[],{"escaped":28,"rawEcho":47,"locations":166},[167,170],{"file":147,"line":168,"context":169},63,"raw output",{"file":147,"line":171,"context":169},279,[],[],{"summary":175,"deductions":176},"The 'wordquest' plugin v1.1 exhibits a generally good security posture based on the static analysis, with no identified attack surface points, dangerous functions, or direct SQL queries. The complete absence of external HTTP requests and bundled libraries is also a positive sign. However, the analysis reveals significant concerns regarding output escaping, with 100% of outputs being unescaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities if any user-supplied data or dynamic content is rendered directly to the browser without proper sanitization.\n\nThe vulnerability history is clean, showing no recorded CVEs, which is a strong indicator of past security diligence. However, the lack of identified taint flows or even a basic attack surface, combined with the unescaped outputs, suggests the static analysis might not have been comprehensive enough to uncover potential vulnerabilities. The complete absence of nonce and capability checks is also a significant weakness, especially if the plugin were to introduce any form of user interaction or administrative functionality in future versions, leaving it susceptible to CSRF and unauthorized access.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and a seemingly small attack surface, the critical issue of unescaped output presents a serious risk. The lack of robust authorization checks (nonces, capabilities) further compounds this by creating a foundation susceptible to future security flaws. The plugin needs immediate attention to address output sanitization and implement proper authorization mechanisms.",[177,180,183],{"reason":178,"points":179},"100% of outputs are unescaped",8,{"reason":181,"points":182},"No nonce checks found",5,{"reason":184,"points":182},"No capability checks found","2026-03-17T01:35:56.718Z",{"wat":187,"direct":196},{"assetPaths":188,"generatorPatterns":191,"scriptPaths":192,"versionParams":193},[189,190],"\u002Fwp-content\u002Fplugins\u002Fwordquest\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwordquest\u002Fjs\u002Fwordquest.js",[],[190],[194,195],"wordquest\u002Fcss\u002Fstyle.css?ver=","wordquest\u002Fjs\u002Fwordquest.js?ver=",{"cssClasses":197,"htmlComments":198,"htmlAttributes":199,"restEndpoints":200,"jsGlobals":201,"shortcodeOutput":202},[],[],[],[],[],[203,204],"\u003Cdiv style=\"float:right\">⚔ Level "," "]