[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkwF7Zy5I7k7pSGUNcowJnfOM0CvA-zX-J0HMgINXHjk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":122,"fingerprints":236},"wow-server-status-widget","WOW Server Status Widget","1.0.13","Freeman Man","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreegod725\u002F","\u003Cp>This is a simple widget that displays WOW Server Status 4.1 badge, without having to upload the script with ftp and write an img tag to run it.\u003Cbr \u002F>\n— realms with non-english names may also work, but not in ‘full’ mode as the font used doesn’t have those characters\u003C\u002Fp>\n\u003Cp>The original script \u003Ca href=\"http:\u002F\u002F53x11.com\u002Fblog\u002F2005\u002F04\u002F21\u002FWoW-Server-Status-41.10\" rel=\"nofollow ugc\">can be found here\u003C\u002Fa>, which is not my work\u003Cbr \u002F>\n1.0.6: patched to use official JSON feed (finally :p), php 5.2+ recommended (for native json_decode() support), fallback JSON.php for earlier versions is included as well.\u003C\u002Fp>\n\u003Cp>** If you find your widget broken after a wordpress core update, please try to re-save your widget settings.\u003C\u002Fp>\n\u003Cp>If you managed to find bugs or want to correct some of my codes, please don’t hesitate to post on forum:)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwow-server-status-widget\u002F\" rel=\"ugc\">Plugin Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fycfreeman.com\u002Fwssdemo\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fycfreeman.com\u002Fblog\u002F2010\u002F06\u002Fwow-server-status-wordpress-widget-10\u002F\" rel=\"nofollow ugc\">Full Plugin Description\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fycfreeman\u002Fwow-server-status-widget\u002Fissues\" rel=\"nofollow ugc\">Issue Tracker\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fycfreeman\u002Fwow-server-status-widget\" rel=\"nofollow ugc\">Source Code\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily add WOW Server Status 4.1 badge to your wordpress site by just a few clicks.",10,7854,0,"2016-04-04T15:55:00.000Z","4.5.33","2.8","",[19,20,21,22,23],"realm","server","warcraft","world-of-warcraft","wow","http:\u002F\u002Fwww.ycfreeman.com\u002Fcategory\u002Fwow-server-status-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwow-server-status-widget.1.0.13.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"freegod725",3,40,30,84,"2026-04-04T18:28:31.487Z",[38,57,76,90,106],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":17,"tested_up_to":49,"requires_at_least":17,"requires_php":17,"tags":50,"homepage":54,"download_link":55,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":56},"warcraft-bundle","Warcraft Bundle","2.3.2","leaklords","https:\u002F\u002Fprofiles.wordpress.org\u002Fkwark\u002F","\u003Cp>WoW collection for wordpress. 4 widgets: widget guild Perks, widget official server informations, widget guild achievements, widget guild news. 4 pages with shortcodes: guild perks pages, guild roster pages, guild progress page, guild datas page. Also character signatures with shortcode.\u003C\u002Fp>\n\u003Cp>You must update this plugin manualy (130 mo of files is not supported with the automatic upgrade WordPress from most hosters).\u003C\u002Fp>\n\u003Cp>There is the theme was build for the plugin. It’s the first developmement I made but it’s work correctly without any css change with the warcraft-bundle. You may preview @ http:\u002F\u002Fstyle-cataclysm.com and purchase @ http:\u002F\u002Fkwark.allwebtuts.net\u003C\u002Fp>\n\u003Cp>You host must support php5.2.X and allow_url_fopen\u003C\u002Fp>\n\u003Cp>This plugin is non-affiliate with Blizzard entertainment. Images are trademarked and are the propriety of Blizzard Entertainment. Api policy rules http:\u002F\u002Fblizzard.github.com\u002Fapi-wow-docs\u002F#policies-and-support\u002Fapi-policy\u003C\u002Fp>\n\u003Cp>Happy Christmas\u003C\u002Fp>\n\u003Cp>FIRST STEP\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Define some information in Dashboard > Warcraft Bundle (mandatory guild name, server name and mandatory only for progress page, GM character name)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PAGES\u003C\u002Fp>\n\u003Cp>Add a page roster\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create your page “roster” or “members” under wordpress and add in the content before publish\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This page is under cron task to generate a cache of this page in html format\u003C\u002Fp>\n\u003Cp>[warcraft type=”guild members page”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Add a page perks\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Create your page “perks” or “avantages” under wordpress and add in the content before publish\u003C\u002Fp>\n\u003Cp>[warcraft type=”guild perks page”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Add page progression\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Create your page “progression” or “down” under wordpress and add in the content before publish\u003C\u002Fp>\n\u003Cp>[warcraft type=”guild progress page”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Add page datas\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Create your page “datas” or “loot” or “news” under wordpress and add in the content before publish\u003C\u002Fp>\n\u003Cp>[warcraft type=”guild datas page”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>More option for datas page\u003C\u002Fp>\n\u003Cp>[warcraft type=”guild datas page” column=”4″ sort=”1″ stuff=”seperate” limit=”30″]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Col>\n\u003Cli>Column, start @ 1\u003C\u002Fli>\n\u003Cli>sort, 0 or 1 for asc\u002Fdesc\u003C\u002Fli>\n\u003Cli>Limit, the limit of entries to display\u003C\u002Fli>\n\u003Cli>stuff, may take parameters full or seperate (and if defined, add one or two zone under the main list)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>WIDGETS\u003C\u002Fp>\n\u003Cp>Widget Perks\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag – drop the widget and define the inputs (title, limit and the type of displaying icon or full)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Widget Server\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag – drop the widget and define the input (server) with the exact InGame server name (majuscule, minuscule, apostrophe needed)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Widget News\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag – drop the widget and define the input (title, limit)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Widget Achievements\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag – drop the widget and define the input (title, limit)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>SIGNATURES\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>work only if this character is in the guild defined in Dashboard > warcraft bundle\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Work in some forums plugin in a signature spaces\u003C\u002Fp>\n\u003Cp>[warcraft type=”signature” character=”…”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Where \u003Ccode>...\u003C\u002Fcode> is the exact name from your character in this guild\u003C\u002Fp>\n","Warcraft Bundle for WordPress. World of Warcraft collection pages and widgets for WordPress.",5169,100,1,"3.4.2",[51,52,53,22,23],"widget-guild-news","widget-guild-perks","widget-server-news","http:\u002F\u002Fkwark.allwebtuts.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwarcraft-bundle.zip","2026-03-15T10:48:56.248Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":34,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":17,"download_link":75,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wow-progress","WoW Progress","1.23.0","martinek","https:\u002F\u002Fprofiles.wordpress.org\u002Fmartinek\u002F","\u003Cp>A widget that helps to display guild raid progress.\u003Cbr \u002F>\nEach boss have separate option to toggle kill, heroic kill and mythic kill. Each raid can be toggled to be displayed or not and if it should be shown or collapsed by default.\u003C\u002Fp>\n\u003Cp>There is theme support with sample Light and Dark theme. Also my own theme is attached if you are interested. You should create your own theme and customise it to match your needs.\u003C\u002Fp>\n\u003Cp>Progress can be configured in widget menu.\u003Cbr \u002F>\nTheme and backgrounds toggle is in Settings > WoW Progress menu.\u003C\u002Fp>\n\u003Cp>If you managed to find bugs or want to correct some of my code, please don’t hesitate to leave a comment or contact me on martinek@freevision.sk.\u003C\u002Fp>\n\u003Cp>For list of raids, check latest change log. I usually add raids as people report new patch coming up on the support forums.\u003C\u002Fp>\n","A widget that helps to display guild raid progress.",21627,88,5,"2025-08-17T12:56:00.000Z","6.8.5","3.0","5.6",[73,74,21,22,23],"guild","progress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwow-progress.1.23.0.zip",{"slug":77,"name":78,"version":79,"author":7,"author_profile":8,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":47,"num_ratings":48,"last_updated":84,"tested_up_to":85,"requires_at_least":16,"requires_php":17,"tags":86,"homepage":88,"download_link":89,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wow-recruit-widget","WOW Recruitment Widget","1.4.12","\u003Cp>A widget that helps to display recruitment message of a World of Warcraft guild.\u003Cbr \u002F>\nIt works just fine out of the box, but it is very customizable with some CSS techniques.\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.ycfreeman.com\u002F2010\u002F08\u002Fwow-recruitment-wordpress-widget.html\" rel=\"nofollow ugc\">Customization tutorial can be found here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>please save the widget once after upgrade from 1.0.x to make it work with new codes, \u003C\u002Fli>\n\u003Cli>make sure you backup those color codes before upgrade if you have changed them before 1.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>New in 1.4.6:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>added demon hunter class\u003C\u002Fli>\n\u003Cli>this plugin now uses npm to build SCSS stylesheets, see source code for details, mixins will be useful if you’re building your own wordpress theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>** I will not be actively updating this plugin, but I’ll still do occasional update like this one when I’m bored,\u003Cbr \u002F>\nplease feel free to fork this project from github.\u003C\u002Fp>\n\u003Cp>To use this widget, simply go to Appearance => Widget and drag it to a sidebar as similar to other widgets.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwow-recruit-widget\u002F\" rel=\"ugc\">Plugin site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwrdemo.ycfreeman.com\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.ycfreeman.com\u002Fwow-recruitment-widget\" rel=\"nofollow ugc\">Full description on the web page of this plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fycfreeman\u002Fwow-guild-recruitment-widget\u002Fissues\" rel=\"nofollow ugc\">Issue Tracker on github\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fycfreeman\u002Fwow-guild-recruitment-widget\" rel=\"nofollow ugc\">Source Code\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you found bugs or want to correct some of my codes, please file issues in github 🙂\u003C\u002Fp>\n\u003Ch3>Development Note\u003C\u002Fh3>\n\u003Cp>require \u003Ca href=\"https:\u002F\u002Fwww.npmjs.com\u002F\" rel=\"nofollow ugc\">npm\u003C\u002Fa> to build stylesheets\u003C\u002Fp>\n\u003Cpre>\u003Ccode>npm run build to build stylesheets continuously to .\u002Fcss\u002F until Ctrl+C to terminate, test page can be viewed at http:\u002F\u002Flocalhost:8001\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>only tested on Mac, should work in *nix platforms, should work in Windows too\u003C\u002Fp>\n","A widget that helps to display recruitment message of a World of Warcraft guild, also can be used for other games that have different classes.",20,18998,"2016-01-25T15:08:00.000Z","4.4.34",[73,87,21,22,23],"recruitment","http:\u002F\u002Fwww.ycfreeman.com\u002Fwow-recruitment-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwow-recruit-widget.1.4.12.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":82,"downloaded":98,"rating":47,"num_ratings":99,"last_updated":17,"tested_up_to":100,"requires_at_least":101,"requires_php":17,"tags":102,"homepage":104,"download_link":105,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":56},"wowpi","WoWpi","2.5.2","avenirer","https:\u002F\u002Fprofiles.wordpress.org\u002Favenirer\u002F","\u003Cp>\u003Cstrong>ATTENTION: AFTER AN UPDATE IT IS IMPORTANT TO GO TO THE SETTINGS OF THE PLUGIN AND DO A SAVE, IN ORDER TO CLEAR THE OLD DATA\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Highlights\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Guild Roster\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Guild Progression (as I see it…)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Guild Achievements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Guild Tabard\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Character Datasheets\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Realm status\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin allows you to get your character data from Battle.net API service. The plugin uses caching of 12 hours, so you don’t have to worry about reaching the quota established by the Battle.net. Also, for general data, like classes, factions, races and so on, the cache is set for 14 days. If you however find yourself in the position to show data that appeared between the refresh of caches you can go to the admin section and save your data again, which will simply destroy all cache.\u003C\u002Fp>\n\u003Cp>For example, a new expansion appeared in World of Warcraft with and you created a new character of a race that didn’t exist before the expansion. In order to show that race you need to refresh the cache. Just go to WoWpi settings and push the save button. That’s it.\u003C\u002Fp>\n\u003Cp>The plugin allows you to choose if you want to include the Tooltip script from Wowhead (the one that shows a tooltip on mouseover). More info on the Tooltip can be found here (http:\u002F\u002Fwww.wowhead.com\u002Ftooltips).\u003C\u002Fp>\n\u003Cp>Also, when retrieving the Guild Tabard, the plugin uses a personal script located at http:\u002F\u002Fwow-hunter.ro\u002Ftabard-creator (by the way, my wow blog is http:\u002F\u002Fwow-hunter.ro)\u003C\u002Fp>\n","The WoWpi plugin allows you to retrieve data from Battle.net API regarding your World of Warcraft character and\u002For guild.",8854,12,"4.9.29","3.0.1",[103,22,23],"armory","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwowpi\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwowpi.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":11,"downloaded":114,"rating":13,"num_ratings":13,"last_updated":115,"tested_up_to":116,"requires_at_least":16,"requires_php":17,"tags":117,"homepage":120,"download_link":121,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wow-armory","WoW Armory","8.4.3","SeiferTim","https:\u002F\u002Fprofiles.wordpress.org\u002Fseifertim\u002F","\u003Cp>Grabs your character from the Armory and displays their basic info.   Allows multiple widgets with different character information.  Works for US and EU realms.  You can choose to hide or display equipment, professions, and achievements.\u003C\u002Fp>\n\u003Cp>You can optionally show a 3D model of your character using Wowhead’s model viewer.\u003C\u002Fp>\n\u003Cp>Caches data for 15 minutes to reduce the number of requests.\u003C\u002Fp>\n\u003Cp>NOTE: Currently this plugin requires cURL and PHP5 to work.\u003C\u002Fp>\n","Easily displays your character's stats from the Armory.",15654,"2009-11-06T13:54:00.000Z","2.8.4",[103,118,119,22,23],"character","widget","http:\u002F\u002Ftimsworld.nfshost.com\u002Fwordpress-plugins\u002Fwow-armory-wp-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwow-armory.8.4.3.zip",{"attackSurface":123,"codeSignals":148,"taintFlows":222,"riskAssessment":223,"analyzedAt":235},{"hooks":124,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":13,"unprotectedCount":13},[125,130,134,139],{"type":126,"name":127,"callback":128,"file":129,"line":67},"action","admin_init","wow_ss_options_init","inc\\admin.php",{"type":126,"name":131,"callback":132,"file":129,"line":133},"admin_menu","wow_ss_options_add_page",6,{"type":126,"name":135,"callback":136,"file":137,"line":138},"widgets_init","wow_ss_load_widgets","wow-server-status-widget.php",21,{"type":140,"name":141,"callback":142,"priority":11,"file":137,"line":143},"filter","plugin_action_links","wow_ss_add_action_links",52,[],[],[],[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":220,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":221},[],{"prepared":13,"raw":13,"locations":151},[],{"escaped":13,"rawEcho":153,"locations":154},32,[155,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,211,213,215,217,219],{"file":129,"line":156,"context":157},35,"raw output",{"file":129,"line":159,"context":157},46,{"file":137,"line":161,"context":157},109,{"file":137,"line":163,"context":157},113,{"file":137,"line":165,"context":157},124,{"file":137,"line":167,"context":157},125,{"file":137,"line":169,"context":157},127,{"file":137,"line":171,"context":157},143,{"file":137,"line":173,"context":157},180,{"file":137,"line":175,"context":157},199,{"file":137,"line":177,"context":157},205,{"file":137,"line":179,"context":157},207,{"file":137,"line":181,"context":157},208,{"file":137,"line":183,"context":157},209,{"file":137,"line":185,"context":157},215,{"file":137,"line":187,"context":157},219,{"file":137,"line":189,"context":157},220,{"file":137,"line":191,"context":157},221,{"file":137,"line":193,"context":157},224,{"file":137,"line":195,"context":157},225,{"file":137,"line":197,"context":157},250,{"file":137,"line":199,"context":157},251,{"file":137,"line":201,"context":157},280,{"file":137,"line":203,"context":157},281,{"file":137,"line":205,"context":157},303,{"file":137,"line":207,"context":157},304,{"file":209,"line":210,"context":157},"wow_ss.php",217,{"file":209,"line":212,"context":157},235,{"file":209,"line":214,"context":157},244,{"file":209,"line":216,"context":157},246,{"file":209,"line":218,"context":157},249,{"file":209,"line":199,"context":157},4,[],[],{"summary":224,"deductions":225},"The \"wow-server-status-widget\" plugin v1.0.13 exhibits a mixed security posture. On the positive side, it shows no known vulnerabilities (CVEs) and no critical or high severity taint flows. The absence of dangerous functions and the consistent use of prepared statements for its SQL queries are also good indicators of secure coding practices.\n\nHowever, significant concerns arise from the static analysis. The plugin has a complete lack of proper output escaping, meaning that any data processed and displayed by the plugin is vulnerable to Cross-Site Scripting (XSS) attacks. Furthermore, the absence of nonce checks and capability checks, especially considering it handles file operations, leaves it open to various security weaknesses that could be exploited if an attacker can inject malicious data or trigger these operations without proper authorization. The zero-day attack surface is concerning, but it might be misleading given the other identified weaknesses that can be exploited through other means.\n\nIn conclusion, while the plugin has a clean vulnerability history and uses prepared statements, the critical issue of universally unescaped output presents a high risk. Coupled with the lack of authorization checks on file operations and no nonce checks, this plugin requires immediate attention to address potential XSS and other injection vulnerabilities. The lack of a broader attack surface reported might be due to the plugin's specific functionality, but the identified code-level weaknesses are substantial.",[226,228,231,233],{"reason":227,"points":82},"0% of outputs properly escaped",{"reason":229,"points":230},"No nonce checks",8,{"reason":232,"points":230},"No capability checks",{"reason":234,"points":11},"File operations present without auth checks","2026-03-17T01:12:40.100Z",{"wat":237,"direct":242},{"assetPaths":238,"generatorPatterns":239,"scriptPaths":240,"versionParams":241},[],[],[],[],{"cssClasses":243,"htmlComments":244,"htmlAttributes":245,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[],[],[],[],[],[]]