[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdNh_Hs4IsdHr3Hkvnxr3U0X1M8z6LtQMBqbifVxf0Ew":3},{"slug":4,"name":4,"version":5,"author":6,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":12,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":59,"crawl_stats":35,"alternatives":65,"analysis":165,"fingerprints":948},"wp-championship","11.0","tuxlog","https:\u002F\u002Fprofiles.wordpress.org\u002Ftuxlog\u002F","\u003Cp>wp-championship is a plugin for wordpress letting you play a guessing game of a tournament e.g. soccer\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>define number of groups, and points given to the winner, looser of each match\u003C\u002Fli>\n\u003Cli>define teams and a team specific icons\u003C\u002Fli>\n\u003Cli>define matches finalround and pre-final round\u003C\u002Fli>\n\u003Cli>for each user you can set a substitute\u003C\u002Fli>\n\u003Cli>sends mails about current game status (optional)\u003C\u002Fli>\n\u003Cli>define game admins to edit match results   \u003C\u002Fli>\n\u003Cli>shows various stats for admin and users\u003C\u002Fli>\n\u003Cli>allows to arrange tippgroups as a kind of team guessing\u003C\u002Fli>\n\u003Cli>access via XMLRPC is possible\u003C\u002Fli>\n\u003Cli>various joker features (e.g. each player may select some matches and gets double points on it) BETA\u003C\u002Fli>\n\u003Cli>a lot of data for various tournaments and leagues (German Bundesliga, WM 2018, EM 2021)\u003C\u002Fli>\n\u003Cli>interface ti OpenLeagueDB to fetch team and match data automatically\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Credits:\u003Cbr \u002F>\nThanks go to all who support this plugin, with  hints and suggestions for improvment and especially to Andy Chapman for doing a lot of tests\u003C\u002Fp>\n","wp-championship is a plugin for wordpress letting you play a guessing game of a tournament e.g. soccer",40,31608,0,"2025-12-06T06:10:00.000Z","6.9.4","6.2","",[18,19,20,21,22],"championship","game","guessing","soccer","sport","http:\u002F\u002Fwww.tuxlog.de\u002Fwp-championship","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-championship.11.0.zip",98,2,"2022-06-07 00:00:00","2026-03-15T15:16:48.613Z",[30,46],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":37,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":27,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2022-1967","wp-championship-multiple-cross-site-request-forgery-vulnerabilities","wp-championship \u003C= 9.2 - Multiple Cross-Site Request Forgery Vulnerabilities","The wp-championship plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 9.2. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to perform a wide range of administrative tasks via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=9.2","9.3","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbd1838c4-00df-4177-84be-1f8c19ceae4e?source=api-prod",595,{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":35,"affected_versions":51,"patched_in_version":52,"severity":38,"cvss_score":39,"cvss_vector":53,"vuln_type":54,"published_date":55,"updated_date":42,"references":56,"days_to_patch":58},"CVE-2015-5308","wp-championship-sql-injection","wp-championship \u003C 5.9 - SQL Injection","Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp-championship plugin 5.8 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user, (2) isadmin, (3) mail service, (4) mailresceipt, (5) stellv, (6) champtipp, (7) tippgroup, or (8) userid parameter.","\u003C5.9","5.9","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2015-10-23 00:00:00",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F28d3388e-0731-46b6-bf66-e7a1d98c321a?source=api-prod",3014,{"slug":6,"display_name":6,"profile_url":7,"plugin_count":60,"total_installs":61,"avg_security_score":25,"avg_patch_time_days":62,"trust_score":63,"computed_at":64},6,6300,660,78,"2026-04-04T15:24:11.733Z",[66,84,107,130,148],{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":25,"num_ratings":76,"last_updated":77,"tested_up_to":14,"requires_at_least":52,"requires_php":78,"tags":79,"homepage":81,"download_link":82,"security_score":25,"vuln_count":26,"unpatched_count":12,"last_vuln_date":83,"fetched_at":28},"football-leagues-by-anwppro","AnWP Football Leagues","0.17.2","anwppro","https:\u002F\u002Fprofiles.wordpress.org\u002Fanwppro\u002F","\u003Cp>A complete solution for any ⚽ football site. Has a variety of unique features, powerful and flexible. Made with football in mind.\u003C\u002Fp>\n\u003Cp>⏩ For other team sports (🏉 rugby, 🏀 basketball, 🏐 volleyball, 🏏 cricket, ⚾ baseball, 🏒 ice hockey, handball) use my another plugin – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsports-leagues\u002F\" rel=\"ugc\">Sports Leagues\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>BASIC FEATURES\u003C\u002Fh4>\n\u003Cp>✅ intuitive admin UI\u003Cbr \u002F>\n✅ knockout, round-robin or even mixed and multistaged Competition supported\u003Cbr \u002F>\n✅ separate Club squad for every season (with player position, number, status)\u003Cbr \u002F>\n✅ Match lineups, substitutes, stats, events (goals, cards, substitute, penalty shootout), video, staff, referees\u003Cbr \u002F>\n✅ automatic Standing calculation (or manual)\u003Cbr \u002F>\n✅ automatic Player statistic calculation based on Match events (playing time, goals, cards, etc.)\u003Cbr \u002F>\n✅ initial data import for Clubs and Players with Excel-like spreadsheet\u003Cbr \u002F>\n✅ custom colors in Standing table (for Clubs or places)\u003Cbr \u002F>\n✅ flipped countdown timer for upcoming Matches\u003Cbr \u002F>\n✅ initial points (+ or -) for Clubs in Standing table\u003Cbr \u002F>\n✅ statistics at Player profile page\u003Cbr \u002F>\n✅ stadiums with photo, gallery, additional information, map, matches\u003Cbr \u002F>\n✅ widgets: Clubs, Matches, Cards, Next match, Player, Players (scorers or assistants), Standing table, Birthdays\u003Cbr \u002F>\n✅ 16 different shortcodes with UI helper in Classic Editor\u003Cbr \u002F>\n✅ template system (ability to override output layouts in your theme)\u003Cbr \u002F>\n✅ RTL support\u003Cbr \u002F>\n✅ works with most themes out of the box\u003Cbr \u002F>\n✅ fully translatable from the Admin part\u003Cbr \u002F>\n✅ tons of hooks for developers\u003Cbr \u002F>\n✅ staff, referees, coaches, stadiums and much more …\u003C\u002Fp>\n\u003Ch4>LINKS AND DOCUMENTATION\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ffl-core.anwp.pro\u002F\" rel=\"nofollow ugc\">Plugin Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Fthe-most-powerfull-football-soccer-wordpress-plugin\u002F\" rel=\"nofollow ugc\">Plugin Overview\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fanwppro.userecho.com\u002Fcommunities\u002F1-football-leagues#module_9\" rel=\"nofollow ugc\">Online Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fanwppro.userecho.com\u002Fknowledge-bases\u002F2\u002Farticles\u002F70-start-guide\" rel=\"nofollow ugc\">Start Guide\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fanwppro.userecho.com\u002Fknowledge-bases\u002F11-fl-changelog\u002Fcategories\u002F28-basic-version\u002Farticles\" rel=\"nofollow ugc\">Extended Changelog\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fanwppro.userecho.com\u002Fknowledge-bases\u002F2-football-leagues\u002Fcategories\u002F25-shortcodes\u002Farticles\" rel=\"nofollow ugc\">Available Shortcodes\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>PREMIUM VERSION AVAILABLE\u003C\u002Fh4>\n\u003Cp>Want more? Football Leagues has also a \u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Ffootball-leagues-premium\u002F\" rel=\"nofollow ugc\">Premium Addon\u003C\u002Fa> with many outstanding and unique features.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ffl-premium.anwp.pro\u002F\" rel=\"nofollow ugc\">Premium Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Ffootballan.com\u002F\" rel=\"nofollow ugc\">Real Website Example\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>PREMIUM FEATURES\u003C\u002Fh4>\n\u003Cp>🔶 Live Scores and Match Live Commentary with Events\u003Cbr \u002F>\n🔶 Match Timeline\u003Cbr \u002F>\n🔶 LIVE Search\u003Cbr \u002F>\n🔶 Club match formation\u003Cbr \u002F>\n🔶 Layout Builder (with tabs)\u003Cbr \u002F>\n🔶 Match scoreboard with image background\u003Cbr \u002F>\n🔶 Tournament Bracket\u003Cbr \u002F>\n🔶 Commentary Match section with new events\u003Cbr \u002F>\n🔶 Head to Head matches section in Match\u003Cbr \u002F>\n🔶 import data from external APIs (required a valid subscription)\u003Cbr \u002F>\n🔶 Standing – manual data edit\u003Cbr \u002F>\n🔶 Standing – columns order and visibility\u003Cbr \u002F>\n🔶 Standing – Conference support\u003Cbr \u002F>\n🔶 Standing – more ranking rules\u003Cbr \u002F>\n🔶 Matches Horizontal Scoreboard (shortcode)\u003Cbr \u002F>\n🔶 Competition – matchweeks as slides\u003Cbr \u002F>\n🔶 Results Matrix\u003Cbr \u002F>\n🔶 Standing Arrows – Dynamics of Ranking changes\u003Cbr \u002F>\n🔶 Widget – Next match extended (timer or flipped countdown)\u003Cbr \u002F>\n🔶 Widget – Competition Matchweek slides\u003Cbr \u002F>\n🔶 Widget – Calendar\u003Cbr \u002F>\n🔶 Calendar Slider\u003Cbr \u002F>\n🔶 Card Suspension\u003Cbr \u002F>\n🔶 Transfers\u003Cbr \u002F>\n🔶 \u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Fseo-options-in-layout-builder-title-and-description\u002F\" rel=\"nofollow ugc\">Dynamic SEO Options\u003C\u002Fa>\u003Cbr \u002F>\n🔶 Send Game Report by Email\u003Cbr \u002F>\n🔶 \u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Fdocs\u002Ffootball-leagues\u002Fpro-features\u002Fuser-timezone\u002F\" rel=\"nofollow ugc\">Automatic User’s Timezone\u003C\u002Fa>\u003Cbr \u002F>\n🔶 \u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Fdocs\u002Ffootball-leagues\u002Fpro-features\u002Fai-writer\u002F\" rel=\"nofollow ugc\">AI Match Reports\u003C\u002Fa>\u003Cbr \u002F>\n🔶 \u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Fdocs\u002Ffootball-leagues\u002Fpro-features\u002Fclub-history-historical-logos-names\u002F\" rel=\"nofollow ugc\">Club History\u003C\u002Fa> – Historical logos and names\u003Cbr \u002F>\n🔶 \u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Fdocs\u002Ffootball-leagues\u002Fpro-features\u002Fentity-links\u002F\" rel=\"nofollow ugc\">Entity Links\u003C\u002Fa> – Custom links for clubs, players, and more\u003Cbr \u002F>\n🔶 Advanced Statistics\u003Cbr \u002F>\n🔶 Charts: Team Default Statistics & Goals per 15 min. interval\u003Cbr \u002F>\n🔶 Player stats section in Club\u003Cbr \u002F>\n🔶 Player & Referee stats panel\u003Cbr \u002F>\n🔶 24 different shortcodes\u003Cbr \u002F>\n🔶 premium support\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Ffootball-leagues-premium\u002F\" rel=\"nofollow ugc\">Find Out more about Premium Version\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fanwp.pro\u002Fthe-most-powerfull-football-soccer-wordpress-plugin\u002F\" rel=\"nofollow ugc\">Plugin Overview\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Translations included\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English – default, always included\u003C\u002Fli>\n\u003Cli>Russian: Русский\u003C\u002Fli>\n\u003Cli>Polish: Polski (thanks to @forzza)\u003C\u002Fli>\n\u003Cli>Danish: Denmark (thanks to @cbdk)\u003C\u002Fli>\n\u003Cli>French: thanks to @belgofoot\u003C\u002Fli>\n\u003Cli>Italian: thanks to Paolo\u003C\u002Fli>\n\u003Cli>Slovenian: thanks to Nejc\u003C\u002Fli>\n\u003Cli>Romanian: thanks to Gabriel\u003C\u002Fli>\n\u003Cli>German: thanks to Jörg and Sven\u003C\u002Fli>\n\u003Cli>Greek: thanks to spirossm\u003C\u002Fli>\n\u003Cli>Spain: thanks to Màxim\u003C\u002Fli>\n\u003Cli>Brazil (Portuguese): thanks to Marcelo\u003C\u002Fli>\n\u003Cli>Dutch: thanks to Patrick\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>The plugin requires\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>PHP version 5.6 or greater\u003Cbr \u002F>\n  WordPress 4.7 or greater\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcmb2\u002F\" title=\"CMB2\" rel=\"ugc\">CMB2 plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","A complete solution for any football site. Knockout and round-robin competitions, player profiles and statistics, squads, standings and stadiums.",1000,72627,13,"2026-02-06T12:31:00.000Z","7.4",[80,21,22],"football","https:\u002F\u002Fanwppro.userecho.com\u002Fcommunities\u002F1-football-leagues","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffootball-leagues-by-anwppro.0.17.2.zip","2025-08-11 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":25,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":78,"tags":98,"homepage":102,"download_link":103,"security_score":104,"vuln_count":105,"unpatched_count":12,"last_vuln_date":106,"fetched_at":28},"football-pool","Football Pool","2.13.1","AntoineH","https:\u002F\u002Fprofiles.wordpress.org\u002Fantoineh\u002F","\u003Cp>This plugin adds a fantasy sports pool to your blog. Visitors of your website can predict outcomes of matches and earn extra points with bonus questions. Every player can view scores and charts of the other pool contenders.\u003C\u002Fp>\n\u003Cp>The plugin installs some custom tables in the database and includes match information for the UEFA 2024 Championship, but it can be easily updated with match info for other championships or sports. \u003Cem>Note\u003C\u002Fem>: deactivating the plugin may delete all plugin data from your database. To avoid this, make sure the “keep data on uninstall” option is enabled in the settings (it’s on by default since version 2.3.1).\u003C\u002Fp>\n\u003Cp>I originally coded this pool in PHP as a standalone website for the UEFA 2000 championship and rewrote it several times for every European Championship and World Cup since. I kept adding features every year. In 2012, I turned it into a WordPress plugin and uploaded it to the plugin directory. I hope you enjoy it.\u003C\u002Fp>\n\u003Cp>A special thank you to everyone who donated, helped translate, reported bugs, or contributed in any other way to improving the plugin!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Users can predict match outcomes.\u003C\u002Fli>\n\u003Cli>Automatic calculation of the pool ranking, or define a custom ranking for a group of matches.\u003C\u002Fli>\n\u003Cli>You can add bonus questions for extra fun (single answer and multiple choice).\u003C\u002Fli>\n\u003Cli>Add your own teams and match data for other competitions.\u003C\u002Fli>\n\u003Cli>Import or export game schedules.\u003C\u002Fli>\n\u003Cli>Automatically calculate championship standings.\u003C\u002Fli>\n\u003Cli>Flexible scoring options.\u003C\u002Fli>\n\u003Cli>Built-in pages and shortcodes to display the pool on your blog.\u003C\u002Fli>\n\u003Cli>Optional user leagues.\u003C\u002Fli>\n\u003Cli>Score charts showing player progress and comparisons (requires separate Highcharts API download).\u003C\u002Fli>\n\u003Cli>Widgets and shortcodes to display match and pool info.\u003C\u002Fli>\n\u003Cli>Extra info pages for venues and teams.\u003C\u002Fli>\n\u003Cli>Add custom functionality with filters and actions.\u003C\u002Fli>\n\u003Cli>WP-CLI support for ranking calculations (faster than admin-side calculations).\u003C\u002Fli>\n\u003Cli>WP-CLI support for importing match results from a CSV file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Documentation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin includes a detailed help file in the admin panel. For a step-by-step tutorial, check out the \u003Ca href=\"https:\u002F\u002Fwpsimplehacks.com\u002Fhow-to-create-a-football-pool-site-with-wordpress\u002F\" rel=\"nofollow ugc\">guide by Janek from WP Simple Hacks\u003C\u002Fa>. He even made a video explaining how to set up the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Other Notes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Requires WordPress 5.3+, PHP 7.4+, and jQuery 1.4.3+.\u003C\u002Fli>\n\u003Cli>For charts, download the \u003Ca href=\"http:\u002F\u002Fwww.highcharts.com\u002Fdownload\" rel=\"nofollow ugc\">Highcharts API\u003C\u002Fa> (see the installation instructions or the help page in the admin).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you find bugs, please report them in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffootball-pool\" rel=\"ugc\">support forum\u003C\u002Fa>. If you like the plugin, a rating on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ffootball-pool\u002F\" rel=\"ugc\">WordPress.org\u003C\u002Fa> would be much appreciated!\u003C\u002Fp>\n\u003Ch3>Localizations\u003C\u002Fh3>\n\u003Cp>If you’d like to help translate the plugin into another language or keep existing translations up to date, head over to the plugin’s page on \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Ffootball-pool\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Be sure to read the \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fpolyglots\u002Fhandbook\u002Ftranslating\u002Fafter-your-contribution\u002F\" rel=\"nofollow ugc\">After your contribution\u003C\u002Fa> guide to understand how translations get reviewed and approved.\u003C\u002Fp>\n\u003Cp>A big shout-out to all the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Ffootball-pool\u002Fcontributors\u002F\" rel=\"nofollow ugc\">translation contributors and editors\u003C\u002Fa> who’ve helped out so far — thank you!\u003C\u002Fp>\n\u003Cp>For using custom translations, check the FAQ section. The plugin also includes a \u003Ccode>.pot\u003C\u002Fcode> file as a starting point for building your own translation files.\u003C\u002Fp>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cp>The plugin provides the following shortcodes. For detailed usage instructions, see the Help page in the WordPress admin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>fp-predictions\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-predictionform\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-matches\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-match-scores\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-question-scores\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-next-matches\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-last-matches\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-user-score\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-user-ranking\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-ranking\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-countdown\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-group\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-link\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-register\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-totopoints\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-fullpoints\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-goalpoints\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-diffpoints\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-jokermultiplier\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-plugin-option\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-league-info\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-chart-settings\u003C\u002Fcode> \u002F \u003Ccode>fp-stats-settings\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-user-list\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-money-in-the-pot\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-last-calc-date\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>fp-next-match-form\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Incompatible Plugins & Themes\u003C\u002Fh3>\n\u003Cp>The following plugins have been reported as incompatible with Football Pool. If you’re the author and have a fix — or if you know a workaround — please get in touch.\u003C\u002Fp>\n\u003Cp>If you encounter issues with another plugin not listed here, let me know so I can investigate.\u003C\u002Fp>\n\u003Cp>\u003Cem>Most caching solutions should be tested carefully.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>DB Cache Reloaded Fix (v2.3)\u003C\u002Fli>\n\u003Cli>Cimy User Extra Fields (v2.6.1) when using the email confirmation feature\u003C\u002Fli>\n\u003Cli>Easy Timer (in Football Pool versions 2.3.8 and below)\u003C\u002Fli>\n\u003Cli>Theme Gadgetry (ThemeFuse framework)\u003C\u002Fli>\n\u003Cli>memcached\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Some themes may also interfere with the plugin’s display. See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Ftheme-compatibility-73\u002F#post-17811227\" rel=\"ugc\">this forum post\u003C\u002Fa> for a potential fix.\u003C\u002Fp>\n","Add some game-day fun to your WordPress site! Let users predict match results, earn points, and go head-to-head in a fantasy sports pool.",700,96466,82,"2025-09-09T18:21:00.000Z","6.8.5","5.3",[80,19,99,100,101],"pool","prediction","sports","http:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffootball-pool","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffootball-pool.2.13.1.zip",96,8,"2025-09-09 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":118,"last_updated":119,"tested_up_to":14,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":128,"download_link":129,"security_score":117,"vuln_count":12,"unpatched_count":12,"last_vuln_date":35,"fetched_at":28},"cyberpress","CyberPress","2.5.7","nK","https:\u002F\u002Fprofiles.wordpress.org\u002Fnko\u002F","\u003Cp>Manage eSport teams, players, matches and tournaments. Included individual players and teams profiles. Pages with information about matches and tournaments.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Online Demo \u003Ca href=\"https:\u002F\u002Fgetcyberpress.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fgetcyberpress.com\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Tournaments\u003C\u002Fli>\n\u003Cli>Matches\u003C\u002Fli>\n\u003Cli>Teams\u003C\u002Fli>\n\u003Cli>Players\u003C\u002Fli>\n\u003Cli>Games\u003C\u002Fli>\n\u003C\u002Ful>\n","Manage eSport Tournaments, Matches, Teams and Players.",200,16892,100,4,"2026-01-11T12:26:00.000Z","6.3","7.2",[123,124,125,126,127],"esports","games","matches","teams","tournaments","https:\u002F\u002Fgetcyberpress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcyberpress.2.5.7.zip",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":115,"downloaded":138,"rating":117,"num_ratings":60,"last_updated":139,"tested_up_to":96,"requires_at_least":140,"requires_php":78,"tags":141,"homepage":146,"download_link":147,"security_score":117,"vuln_count":12,"unpatched_count":12,"last_vuln_date":35,"fetched_at":28},"joomsport-achievements","Achievements sports league","1.7","beardev","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeardev\u002F","\u003Cp>JoomSport Achievements is a flexible solution to build your sports league site for sports where many players compete with each other simultaneously in each attempt. Ideal plugin to organise a site dedicated to Olympic games, as it is suitable for most of the Olympic sports.\u003C\u002Fp>\n\u003Ch4>Main features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Robust but simple structure\u003C\u002Fstrong> with three main items: league, season and stage\u003C\u002Fli>\n\u003Cli>Hierarchical \u003Cstrong>Season\u003C\u002Fstrong> with season table filters and ranking based on stage categories\u003C\u002Fli>\n\u003Cli>Ranking by Points or selected Result field\u003C\u002Fli>\n\u003Cli>Categorized \u003Cstrong>stages\u003C\u002Fstrong> with ability to add results for each player \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Player profiles\u003C\u002Fstrong> with stage results, description and photo\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive and professionally\u003C\u002Fstrong> designed pages based on bootstrap framework \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extra fields\u003C\u002Fstrong> allows you to add more information on selected level\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro version available\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fjoomsport.com\u002Fweb-shop\u002Fachievements-pro-plugin.html\" title=\"Achievements pro version\" rel=\"nofollow ugc\">Professional edition\u003C\u002Fa> includes 4 shortcodes:\u003Cbr \u002F>\n* Stages shortcode\u003Cbr \u002F>\n* Stages list shortcode\u003Cbr \u002F>\n* Standings shortcode\u003Cbr \u002F>\n* Player shortcode\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwp-demo.joomsport.com\u002Fjsprt_achv_season\u002F2016-2017\u002F\" title=\"JoomSport Achievements demo\" rel=\"nofollow ugc\">Product demo available\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Sports potentially supported\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Motor sport racing\u003C\u002Fli>\n\u003Cli>Athletics (Running, Jumping)\u003C\u002Fli>\n\u003Cli>Aquatics (Swimming, Diving)\u003C\u002Fli>\n\u003Cli>Skiing (ski jumping, all types of snow skiing, snowboarding)\u003C\u002Fli>\n\u003Cli>Horse races\u003C\u002Fli>\n\u003Cli>Fishing\u003C\u002Fli>\n\u003Cli>Skating\u003C\u002Fli>\n\u003Cli>Biathlon\u003C\u002Fli>\n\u003Cli>Cycling \u003C\u002Fli>\n\u003Cli>Canoeing \u003C\u002Fli>\n\u003Cli>Bobsleigh \u003C\u002Fli>\n\u003Cli>Skateboarding\u003C\u002Fli>\n\u003Cli>Triathlon\u003C\u002Fli>\n\u003Cli>Pentathlon\u003C\u002Fli>\n\u003Cli>Weightlifting\u003C\u002Fli>\n\u003Cli>Surfing\u003C\u002Fli>\n\u003Cli>Shooting\u003C\u002Fli>\n\u003Cli>Archery\u003C\u002Fli>\n\u003Cli>Figure skating\u003C\u002Fli>\n\u003Cli>Golf (for single players)\u003C\u002Fli>\n\u003Cli>Bowling\u003C\u002Fli>\n\u003Cli>Air sports \u003C\u002Fli>\n\u003Cli>Dancing\u003C\u002Fli>\n\u003Cli>Poker \u003C\u002Fli>\n\u003Cli>any other sport where there is a match\u002Fgame between MANY participants in each attempt…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other products\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The full product list by \u003Ca href=\"https:\u002F\u002Fbeardev.com\u002F\" title=\"Sports software development company\" rel=\"nofollow ugc\">BearDev sports software development company\u003C\u002Fa>=\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjoomsport-sports-league-results-management\u002F\" title=\"WordPress Sports Plugin\" rel=\"ugc\">JoomSport\u003C\u002Fa> – solution for such sports as football, soccer, hockey, basketball, volleball etc. It is based on structure where TWO participants compete with each other in single match.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjoomsport-prediction\" title=\"Sports prediction game plugin\" rel=\"ugc\">Sports prediction game plugin\u003C\u002Fa> – organise prediction game for your site fans.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>Check translations available on \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fjoomsport-achievements\" rel=\"nofollow ugc\">translation page\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Video Tutorials\u003C\u002Fh4>\n\u003Cp>By place and points ranking \u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FCMx9V-Q2UEk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Our Slogan and Global Goal\u003C\u002Fh4>\n\u003Cp>We push our client’s projects to a new level. Our global goal is to develop top-quality software for complete sports league management.\u003C\u002Fp>\n","Sports plugin for motor racing, athletics, aquatics, gymnastics, golf, running, cycling, skiing, poker and similar sports. Manage your league with us!",11134,"2026-01-28T15:15:00.000Z","4.0",[142,143,144,145,101],"athletics","motosport","olympic-games","racing","http:\u002F\u002Fjoomsport.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjoomsport-achievements.1.7.zip",{"slug":149,"name":150,"version":151,"author":152,"author_profile":153,"description":16,"short_description":154,"active_installs":117,"downloaded":155,"rating":117,"num_ratings":118,"last_updated":156,"tested_up_to":157,"requires_at_least":97,"requires_php":16,"tags":158,"homepage":162,"download_link":163,"security_score":164,"vuln_count":12,"unpatched_count":12,"last_vuln_date":35,"fetched_at":28},"mstw-schedules-scoreboards","MSTW Schedules & Scoreboards","1.5.1","Mark O'Donnell","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkodonnell\u002F","Manages multiple sports team schedules and scoreboards. Displays schedule tables, schedule sliders, scoreboards, and countdown timers.",13735,"2024-11-19T01:59:00.000Z","6.6.5",[124,159,160,101,161],"schedule","scoreboards","team-schedule","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmstw-schedules-scoreboards.1.5.1.zip",92,{"attackSurface":166,"codeSignals":325,"taintFlows":456,"riskAssessment":934,"analyzedAt":947},{"hooks":167,"ajaxHandlers":233,"restRoutes":274,"shortcodes":275,"cronEvents":320,"entryPointCount":324,"unprotectedCount":60},[168,174,179,181,183,185,187,189,191,193,199,203,207,209,210,212,216,220,223,229],{"type":169,"name":170,"callback":171,"file":172,"line":173},"filter","wp_xmlrpc_server_class","wpc_getName","class-wpc-xmlrpc.php",971,{"type":169,"name":175,"callback":176,"file":177,"line":178},"wp_mail_content_type","closure","functions.php",955,{"type":169,"name":175,"callback":176,"file":177,"line":180},963,{"type":169,"name":175,"callback":176,"file":177,"line":182},1052,{"type":169,"name":175,"callback":176,"file":177,"line":184},1060,{"type":169,"name":175,"callback":176,"file":177,"line":186},1173,{"type":169,"name":175,"callback":176,"file":177,"line":188},1185,{"type":169,"name":175,"callback":176,"file":177,"line":190},1291,{"type":169,"name":175,"callback":176,"file":177,"line":192},1299,{"type":194,"name":195,"callback":196,"file":197,"line":198},"action","cs_mailreminder","cs_mailservice2","wp-championship.php",81,{"type":194,"name":200,"callback":201,"file":197,"line":202},"admin_menu","add_menus",87,{"type":194,"name":204,"callback":205,"file":197,"line":206},"init","wp_championship_init",90,{"type":194,"name":208,"callback":176,"file":197,"line":164},"widgets_init",{"type":194,"name":208,"callback":176,"file":197,"line":25},{"type":194,"name":208,"callback":176,"file":197,"line":211},104,{"type":194,"name":213,"callback":214,"file":197,"line":215},"user_register","cs_add_user",112,{"type":194,"name":217,"callback":218,"file":197,"line":219},"wp_enqueue_scripts","wpcs_css",167,{"type":194,"name":221,"callback":218,"file":197,"line":222},"admin_print_styles",168,{"type":169,"name":224,"callback":225,"priority":226,"file":227,"line":228},"upgrader_pre_install","hm_backup_wpc",10,"wpc-autoupdate.php",73,{"type":169,"name":230,"callback":231,"priority":226,"file":227,"line":232},"upgrader_post_install","hm_recover_wpc",74,[234,239,242,247,250,253,256,259,263,266,270],{"action":235,"nopriv":236,"callback":235,"hasNonce":236,"hasCapCheck":236,"file":237,"line":238},"tooltip_groupstats",false,"cs-groupstats.php",190,{"action":240,"nopriv":236,"callback":240,"hasNonce":236,"hasCapCheck":236,"file":241,"line":202},"tooltip_matchstats","cs-matchstats.php",{"action":243,"nopriv":236,"callback":243,"hasNonce":244,"hasCapCheck":236,"file":245,"line":246},"update_stats1",true,"cs-stats.php",1035,{"action":248,"nopriv":236,"callback":248,"hasNonce":244,"hasCapCheck":236,"file":245,"line":249},"update_stats4",1226,{"action":251,"nopriv":236,"callback":251,"hasNonce":244,"hasCapCheck":236,"file":245,"line":252},"update_stats5",1391,{"action":254,"nopriv":236,"callback":254,"hasNonce":244,"hasCapCheck":236,"file":245,"line":255},"update_stats6",1437,{"action":257,"nopriv":236,"callback":257,"hasNonce":244,"hasCapCheck":236,"file":245,"line":258},"update_stats7",1504,{"action":260,"nopriv":236,"callback":261,"hasNonce":236,"hasCapCheck":236,"file":197,"line":262},"wpc_openligadbimport","wpc_openligadbimport_cb",117,{"action":264,"nopriv":236,"callback":264,"hasNonce":236,"hasCapCheck":236,"file":197,"line":265},"wpc_openligadb_getleagues",118,{"action":267,"nopriv":236,"callback":268,"hasNonce":236,"hasCapCheck":236,"file":197,"line":269},"wpc_export","wpc_export_cb",119,{"action":271,"nopriv":236,"callback":272,"hasNonce":236,"hasCapCheck":236,"file":197,"line":273},"wpc_import","wpc_import_cb",120,[],[276,280,284,288,292,296,300,304,308,312,316],{"tag":277,"callback":278,"file":197,"line":279},"cs-usertipp","show_usertippform",153,{"tag":281,"callback":282,"file":197,"line":283},"cs-userstats","show_user_stats",154,{"tag":285,"callback":286,"file":197,"line":287},"cs-stats1","show_stats1",155,{"tag":289,"callback":290,"file":197,"line":291},"cs-stats2","show_stats2",156,{"tag":293,"callback":294,"file":197,"line":295},"cs-stats3","show_stats3",157,{"tag":297,"callback":298,"file":197,"line":299},"cs-stats4","show_stats4",158,{"tag":301,"callback":302,"file":197,"line":303},"cs-stats5","show_stats5",159,{"tag":305,"callback":306,"file":197,"line":307},"cs-stats6","show_stats6",160,{"tag":309,"callback":310,"file":197,"line":311},"cs-stats7","show_stats7",161,{"tag":313,"callback":314,"file":197,"line":315},"cs-stats8","show_stats8",162,{"tag":317,"callback":318,"file":197,"line":319},"cs-stats9","show_stats9",163,[321],{"hook":195,"callback":195,"file":322,"line":323},"setup.php",276,22,{"dangerousFunctions":326,"sqlUsage":327,"outputEscaping":330,"fileOperations":105,"externalRequests":453,"nonceChecks":454,"capabilityChecks":12,"bundledLibraries":455},[],{"prepared":328,"raw":12,"locations":329},462,[],{"escaped":331,"rawEcho":332,"locations":333},424,61,[334,338,340,342,344,346,348,350,352,354,356,358,360,362,364,366,369,371,372,374,376,377,379,381,382,384,386,388,390,392,394,396,398,400,402,404,406,408,410,412,414,415,417,419,421,422,424,426,428,430,432,434,436,438,440,442,444,446,447,449,451],{"file":335,"line":336,"context":337},"class-cs-widget-tippgroup.php",76,"raw output",{"file":335,"line":339,"context":337},126,{"file":335,"line":341,"context":337},187,{"file":335,"line":343,"context":337},193,{"file":335,"line":345,"context":337},202,{"file":335,"line":347,"context":337},211,{"file":335,"line":349,"context":337},214,{"file":335,"line":351,"context":337},223,{"file":335,"line":353,"context":337},232,{"file":335,"line":355,"context":337},235,{"file":335,"line":357,"context":337},242,{"file":335,"line":359,"context":337},251,{"file":335,"line":361,"context":337},260,{"file":335,"line":363,"context":337},263,{"file":335,"line":365,"context":337},270,{"file":367,"line":368,"context":337},"class-cs-widget-user.php",72,{"file":367,"line":370,"context":337},83,{"file":367,"line":349,"context":337},{"file":367,"line":373,"context":337},221,{"file":367,"line":375,"context":337},228,{"file":367,"line":355,"context":337},{"file":367,"line":378,"context":337},238,{"file":367,"line":380,"context":337},244,{"file":367,"line":359,"context":337},{"file":367,"line":383,"context":337},254,{"file":367,"line":385,"context":337},261,{"file":367,"line":387,"context":337},268,{"file":367,"line":389,"context":337},271,{"file":367,"line":391,"context":337},278,{"file":367,"line":393,"context":337},285,{"file":367,"line":395,"context":337},288,{"file":367,"line":397,"context":337},295,{"file":399,"line":63,"context":337},"class-cs-widget.php",{"file":399,"line":401,"context":337},152,{"file":399,"line":403,"context":337},216,{"file":399,"line":405,"context":337},222,{"file":399,"line":407,"context":337},231,{"file":399,"line":409,"context":337},240,{"file":399,"line":411,"context":337},243,{"file":399,"line":413,"context":337},252,{"file":399,"line":385,"context":337},{"file":399,"line":416,"context":337},264,{"file":399,"line":418,"context":337},273,{"file":399,"line":420,"context":337},282,{"file":399,"line":393,"context":337},{"file":399,"line":423,"context":337},292,{"file":399,"line":425,"context":337},301,{"file":399,"line":427,"context":337},310,{"file":399,"line":429,"context":337},313,{"file":399,"line":431,"context":337},320,{"file":433,"line":232,"context":337},"cs-admin-import.php",{"file":433,"line":435,"context":337},111,{"file":433,"line":437,"context":337},141,{"file":433,"line":439,"context":337},146,{"file":433,"line":441,"context":337},148,{"file":443,"line":94,"context":337},"cs-admin-openligadbimport.php",{"file":443,"line":445,"context":337},102,{"file":443,"line":211,"context":337},{"file":443,"line":448,"context":337},122,{"file":443,"line":450,"context":337},124,{"file":443,"line":452,"context":337},218,1,23,[],[457,514,536,567,587,605,616,629,637,660,677,700,717,739,756,776,790,806,817,827,837,850,860,873,883,896,906,917],{"entryPoint":458,"graph":459,"unsanitizedCount":453,"severity":513},"show_usertippform (cs-usertipp.php:52)",{"nodes":460,"edges":506},[461,466,472,475,479,482,485,488,493,497,501],{"id":462,"type":463,"label":464,"file":465,"line":445},"n0","source","$_GET['cs_stellv']","cs-usertipp.php",{"id":467,"type":468,"label":469,"file":465,"line":470,"wp_function":471},"n1","sink","get_row() [SQLi]",94,"get_row",{"id":473,"type":463,"label":474,"file":465,"line":445},"n2","$_GET (x4)",{"id":476,"type":468,"label":477,"file":465,"line":265,"wp_function":478},"n3","get_results() [SQLi]","get_results",{"id":480,"type":463,"label":481,"file":465,"line":445},"n4","$_GET (x2)",{"id":483,"type":468,"label":469,"file":465,"line":484,"wp_function":471},"n5",199,{"id":486,"type":463,"label":487,"file":465,"line":445},"n6","$_GET (x7)",{"id":489,"type":468,"label":490,"file":465,"line":491,"wp_function":492},"n7","query() [SQLi]",227,"query",{"id":494,"type":463,"label":495,"file":465,"line":496},"n8","$_GET",555,{"id":498,"type":499,"label":500,"file":465,"line":496},"n9","transform","→ cs_mailservice3()",{"id":502,"type":468,"label":503,"file":177,"line":504,"wp_function":505},"n10","echo() [XSS]",1312,"echo",[507,508,509,510,511,512],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"from":494,"to":498,"sanitized":236},{"from":498,"to":502,"sanitized":236},"medium",{"entryPoint":515,"graph":516,"unsanitizedCount":453,"severity":513},"\u003Ccs-usertipp> (cs-usertipp.php:0)",{"nodes":517,"edges":529},[518,519,520,521,522,523,524,525,526,527,528],{"id":462,"type":463,"label":464,"file":465,"line":445},{"id":467,"type":468,"label":469,"file":465,"line":470,"wp_function":471},{"id":473,"type":463,"label":474,"file":465,"line":445},{"id":476,"type":468,"label":477,"file":465,"line":265,"wp_function":478},{"id":480,"type":463,"label":481,"file":465,"line":445},{"id":483,"type":468,"label":469,"file":465,"line":484,"wp_function":471},{"id":486,"type":463,"label":487,"file":465,"line":445},{"id":489,"type":468,"label":490,"file":465,"line":491,"wp_function":492},{"id":494,"type":463,"label":495,"file":465,"line":496},{"id":498,"type":499,"label":500,"file":465,"line":496},{"id":502,"type":468,"label":503,"file":177,"line":504,"wp_function":505},[530,531,532,533,534,535],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"from":494,"to":498,"sanitized":236},{"from":498,"to":502,"sanitized":236},{"entryPoint":537,"graph":538,"unsanitizedCount":12,"severity":566},"cs_admin_finals (cs-admin-finals.php:34)",{"nodes":539,"edges":560},[540,544,545,547,549,551,552,555,557,558],{"id":462,"type":463,"label":541,"file":542,"line":543},"$_POST (x6)","cs-admin-finals.php",97,{"id":467,"type":468,"label":469,"file":542,"line":262,"wp_function":471},{"id":473,"type":463,"label":546,"file":542,"line":543},"$_POST (x4)",{"id":476,"type":468,"label":490,"file":542,"line":548,"wp_function":492},121,{"id":480,"type":463,"label":495,"file":542,"line":550},224,{"id":483,"type":468,"label":490,"file":542,"line":491,"wp_function":492},{"id":486,"type":463,"label":553,"file":542,"line":554},"$_GET (x3)",246,{"id":489,"type":468,"label":469,"file":542,"line":556,"wp_function":471},249,{"id":494,"type":463,"label":481,"file":542,"line":554},{"id":498,"type":468,"label":503,"file":542,"line":559,"wp_function":505},354,[561,562,563,564,565],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"from":494,"to":498,"sanitized":244},"low",{"entryPoint":568,"graph":569,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin-finals> (cs-admin-finals.php:0)",{"nodes":570,"edges":581},[571,572,573,574,575,576,577,578,579,580],{"id":462,"type":463,"label":541,"file":542,"line":543},{"id":467,"type":468,"label":469,"file":542,"line":262,"wp_function":471},{"id":473,"type":463,"label":546,"file":542,"line":543},{"id":476,"type":468,"label":490,"file":542,"line":548,"wp_function":492},{"id":480,"type":463,"label":495,"file":542,"line":550},{"id":483,"type":468,"label":490,"file":542,"line":491,"wp_function":492},{"id":486,"type":463,"label":553,"file":542,"line":554},{"id":489,"type":468,"label":469,"file":542,"line":556,"wp_function":471},{"id":494,"type":463,"label":481,"file":542,"line":554},{"id":498,"type":468,"label":503,"file":542,"line":559,"wp_function":505},[582,583,584,585,586],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"from":494,"to":498,"sanitized":244},{"entryPoint":588,"graph":589,"unsanitizedCount":12,"severity":566},"wpc_import_cb (cs-admin-import.php:26)",{"nodes":590,"edges":602},[591,594,598,600],{"id":462,"type":463,"label":592,"file":433,"line":593},"$_POST",53,{"id":467,"type":468,"label":595,"file":433,"line":596,"wp_function":597},"fopen() [File Access]",79,"fopen",{"id":473,"type":463,"label":599,"file":433,"line":593},"$_POST (x2)",{"id":476,"type":468,"label":490,"file":433,"line":601,"wp_function":492},93,[603,604],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"entryPoint":606,"graph":607,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin-import> (cs-admin-import.php:0)",{"nodes":608,"edges":613},[609,610,611,612],{"id":462,"type":463,"label":592,"file":433,"line":593},{"id":467,"type":468,"label":595,"file":433,"line":596,"wp_function":597},{"id":473,"type":463,"label":599,"file":433,"line":593},{"id":476,"type":468,"label":490,"file":433,"line":601,"wp_function":492},[614,615],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"entryPoint":617,"graph":618,"unsanitizedCount":12,"severity":566},"cs_admin_labels (cs-admin-labels.php:34)",{"nodes":619,"edges":627},[620,624],{"id":462,"type":463,"label":621,"file":622,"line":623},"$_POST[?] (x2)","cs-admin-labels.php",169,{"id":467,"type":468,"label":625,"file":622,"line":623,"wp_function":626},"update_option() [Settings Manipulation]","update_option",[628],{"from":462,"to":467,"sanitized":244},{"entryPoint":630,"graph":631,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin-labels> (cs-admin-labels.php:0)",{"nodes":632,"edges":635},[633,634],{"id":462,"type":463,"label":621,"file":622,"line":623},{"id":467,"type":468,"label":625,"file":622,"line":623,"wp_function":626},[636],{"from":462,"to":467,"sanitized":244},{"entryPoint":638,"graph":639,"unsanitizedCount":12,"severity":566},"cs_admin_match (cs-admin-match.php:35)",{"nodes":640,"edges":655},[641,644,645,647,648,650,652,653],{"id":462,"type":463,"label":599,"file":642,"line":643},"cs-admin-match.php",99,{"id":467,"type":468,"label":490,"file":642,"line":262,"wp_function":492},{"id":473,"type":463,"label":495,"file":642,"line":646},165,{"id":476,"type":468,"label":490,"file":642,"line":222,"wp_function":492},{"id":480,"type":463,"label":495,"file":642,"line":649},180,{"id":483,"type":468,"label":469,"file":642,"line":651,"wp_function":471},183,{"id":486,"type":463,"label":481,"file":642,"line":649},{"id":489,"type":468,"label":503,"file":642,"line":654,"wp_function":505},250,[656,657,658,659],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"entryPoint":661,"graph":662,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin-match> (cs-admin-match.php:0)",{"nodes":663,"edges":672},[664,665,666,667,668,669,670,671],{"id":462,"type":463,"label":599,"file":642,"line":643},{"id":467,"type":468,"label":490,"file":642,"line":262,"wp_function":492},{"id":473,"type":463,"label":495,"file":642,"line":646},{"id":476,"type":468,"label":490,"file":642,"line":222,"wp_function":492},{"id":480,"type":463,"label":495,"file":642,"line":649},{"id":483,"type":468,"label":469,"file":642,"line":651,"wp_function":471},{"id":486,"type":463,"label":481,"file":642,"line":649},{"id":489,"type":468,"label":503,"file":642,"line":654,"wp_function":505},[673,674,675,676],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"entryPoint":678,"graph":679,"unsanitizedCount":12,"severity":566},"cs_admin_team (cs-admin-team.php:35)",{"nodes":680,"edges":695},[681,683,685,687,688,690,692,693],{"id":462,"type":463,"label":599,"file":682,"line":232},"cs-admin-team.php",{"id":467,"type":468,"label":490,"file":682,"line":684,"wp_function":492},116,{"id":473,"type":463,"label":495,"file":682,"line":686},166,{"id":476,"type":468,"label":490,"file":682,"line":623,"wp_function":492},{"id":480,"type":463,"label":481,"file":682,"line":689},189,{"id":483,"type":468,"label":469,"file":682,"line":691,"wp_function":471},192,{"id":486,"type":463,"label":481,"file":682,"line":689},{"id":489,"type":468,"label":503,"file":682,"line":694,"wp_function":505},262,[696,697,698,699],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"entryPoint":701,"graph":702,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin-team> (cs-admin-team.php:0)",{"nodes":703,"edges":712},[704,705,706,707,708,709,710,711],{"id":462,"type":463,"label":599,"file":682,"line":232},{"id":467,"type":468,"label":490,"file":682,"line":684,"wp_function":492},{"id":473,"type":463,"label":495,"file":682,"line":686},{"id":476,"type":468,"label":490,"file":682,"line":623,"wp_function":492},{"id":480,"type":463,"label":481,"file":682,"line":689},{"id":483,"type":468,"label":469,"file":682,"line":691,"wp_function":471},{"id":486,"type":463,"label":481,"file":682,"line":689},{"id":489,"type":468,"label":503,"file":682,"line":694,"wp_function":505},[713,714,715,716],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"entryPoint":718,"graph":719,"unsanitizedCount":12,"severity":566},"cs_admin_tippgroup (cs-admin-tippgroup.php:35)",{"nodes":720,"edges":734},[721,723,725,726,727,729,731,732],{"id":462,"type":463,"label":599,"file":722,"line":596},"cs-admin-tippgroup.php",{"id":467,"type":468,"label":490,"file":722,"line":724,"wp_function":492},108,{"id":473,"type":463,"label":495,"file":722,"line":279},{"id":476,"type":468,"label":490,"file":722,"line":291,"wp_function":492},{"id":480,"type":463,"label":495,"file":722,"line":728},174,{"id":483,"type":468,"label":469,"file":722,"line":730,"wp_function":471},177,{"id":486,"type":463,"label":481,"file":722,"line":728},{"id":489,"type":468,"label":503,"file":722,"line":733,"wp_function":505},215,[735,736,737,738],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"entryPoint":740,"graph":741,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin-tippgroup> (cs-admin-tippgroup.php:0)",{"nodes":742,"edges":751},[743,744,745,746,747,748,749,750],{"id":462,"type":463,"label":599,"file":722,"line":596},{"id":467,"type":468,"label":490,"file":722,"line":724,"wp_function":492},{"id":473,"type":463,"label":495,"file":722,"line":279},{"id":476,"type":468,"label":490,"file":722,"line":291,"wp_function":492},{"id":480,"type":463,"label":495,"file":722,"line":728},{"id":483,"type":468,"label":469,"file":722,"line":730,"wp_function":471},{"id":486,"type":463,"label":481,"file":722,"line":728},{"id":489,"type":468,"label":503,"file":722,"line":733,"wp_function":505},[752,753,754,755],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"from":486,"to":489,"sanitized":244},{"entryPoint":757,"graph":758,"unsanitizedCount":12,"severity":566},"cs_admin_users (cs-admin-users.php:35)",{"nodes":759,"edges":772},[760,762,765,766,768,770],{"id":462,"type":463,"label":592,"file":761,"line":596},"cs-admin-users.php",{"id":467,"type":468,"label":763,"file":761,"line":164,"wp_function":764},"get_var() [SQLi]","get_var",{"id":473,"type":463,"label":599,"file":761,"line":596},{"id":476,"type":468,"label":490,"file":761,"line":767,"wp_function":492},103,{"id":480,"type":463,"label":481,"file":761,"line":769},178,{"id":483,"type":468,"label":503,"file":761,"line":771,"wp_function":505},287,[773,774,775],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"entryPoint":777,"graph":778,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin-users> (cs-admin-users.php:0)",{"nodes":779,"edges":786},[780,781,782,783,784,785],{"id":462,"type":463,"label":592,"file":761,"line":596},{"id":467,"type":468,"label":763,"file":761,"line":164,"wp_function":764},{"id":473,"type":463,"label":599,"file":761,"line":596},{"id":476,"type":468,"label":490,"file":761,"line":767,"wp_function":492},{"id":480,"type":463,"label":481,"file":761,"line":769},{"id":483,"type":468,"label":503,"file":761,"line":771,"wp_function":505},[787,788,789],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":244},{"entryPoint":791,"graph":792,"unsanitizedCount":12,"severity":566},"cs_admin (cs-admin.php:33)",{"nodes":793,"edges":803},[794,797,799,802],{"id":462,"type":463,"label":599,"file":795,"line":796},"cs-admin.php",128,{"id":467,"type":468,"label":625,"file":795,"line":798,"wp_function":626},129,{"id":473,"type":463,"label":800,"file":795,"line":801},"$_POST[$pname]",137,{"id":476,"type":468,"label":625,"file":795,"line":801,"wp_function":626},[804,805],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"entryPoint":807,"graph":808,"unsanitizedCount":12,"severity":566},"\u003Ccs-admin> (cs-admin.php:0)",{"nodes":809,"edges":814},[810,811,812,813],{"id":462,"type":463,"label":599,"file":795,"line":796},{"id":467,"type":468,"label":625,"file":795,"line":798,"wp_function":626},{"id":473,"type":463,"label":800,"file":795,"line":801},{"id":476,"type":468,"label":625,"file":795,"line":801,"wp_function":626},[815,816],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"entryPoint":818,"graph":819,"unsanitizedCount":12,"severity":566},"update_stats1 (cs-stats.php:960)",{"nodes":820,"edges":825},[821,823],{"id":462,"type":463,"label":599,"file":245,"line":822},968,{"id":467,"type":468,"label":477,"file":245,"line":824,"wp_function":478},976,[826],{"from":462,"to":467,"sanitized":244},{"entryPoint":828,"graph":829,"unsanitizedCount":12,"severity":566},"update_stats4 (cs-stats.php:1040)",{"nodes":830,"edges":835},[831,833],{"id":462,"type":463,"label":541,"file":245,"line":832},1050,{"id":467,"type":468,"label":477,"file":245,"line":834,"wp_function":478},1068,[836],{"from":462,"to":467,"sanitized":244},{"entryPoint":838,"graph":839,"unsanitizedCount":12,"severity":566},"update_stats5 (cs-stats.php:1231)",{"nodes":840,"edges":847},[841,843,845,846],{"id":462,"type":463,"label":546,"file":245,"line":842},1239,{"id":467,"type":468,"label":477,"file":245,"line":844,"wp_function":478},1244,{"id":473,"type":463,"label":495,"file":245,"line":190},{"id":476,"type":468,"label":477,"file":245,"line":192,"wp_function":478},[848,849],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"entryPoint":851,"graph":852,"unsanitizedCount":12,"severity":566},"update_stats7 (cs-stats.php:1442)",{"nodes":853,"edges":858},[854,856],{"id":462,"type":463,"label":592,"file":245,"line":855},1449,{"id":467,"type":468,"label":477,"file":245,"line":857,"wp_function":478},1457,[859],{"from":462,"to":467,"sanitized":244},{"entryPoint":861,"graph":862,"unsanitizedCount":453,"severity":38},"tooltip_groupstats (cs-groupstats.php:32)",{"nodes":863,"edges":870},[864,866,868],{"id":462,"type":463,"label":495,"file":237,"line":865},107,{"id":467,"type":499,"label":867,"file":237,"line":865},"→ cs_get_team_clification()",{"id":473,"type":468,"label":477,"file":177,"line":869,"wp_function":478},556,[871,872],{"from":462,"to":467,"sanitized":236},{"from":467,"to":473,"sanitized":236},{"entryPoint":874,"graph":875,"unsanitizedCount":453,"severity":38},"\u003Ccs-groupstats> (cs-groupstats.php:0)",{"nodes":876,"edges":880},[877,878,879],{"id":462,"type":463,"label":495,"file":237,"line":865},{"id":467,"type":499,"label":867,"file":237,"line":865},{"id":473,"type":468,"label":477,"file":177,"line":869,"wp_function":478},[881,882],{"from":462,"to":467,"sanitized":236},{"from":467,"to":473,"sanitized":236},{"entryPoint":884,"graph":885,"unsanitizedCount":453,"severity":38},"tooltip_matchstats (cs-matchstats.php:33)",{"nodes":886,"edges":893},[887,889,891],{"id":462,"type":463,"label":495,"file":241,"line":888},60,{"id":467,"type":499,"label":890,"file":241,"line":888},"→ cs_get_team_matches()",{"id":473,"type":468,"label":477,"file":177,"line":892,"wp_function":478},1560,[894,895],{"from":462,"to":467,"sanitized":236},{"from":467,"to":473,"sanitized":236},{"entryPoint":897,"graph":898,"unsanitizedCount":453,"severity":38},"\u003Ccs-matchstats> (cs-matchstats.php:0)",{"nodes":899,"edges":903},[900,901,902],{"id":462,"type":463,"label":495,"file":241,"line":888},{"id":467,"type":499,"label":890,"file":241,"line":888},{"id":473,"type":468,"label":477,"file":177,"line":892,"wp_function":478},[904,905],{"from":462,"to":467,"sanitized":236},{"from":467,"to":473,"sanitized":236},{"entryPoint":907,"graph":908,"unsanitizedCount":453,"severity":38},"update_stats6 (cs-stats.php:1396)",{"nodes":909,"edges":914},[910,912,913],{"id":462,"type":463,"label":592,"file":245,"line":911},1410,{"id":467,"type":499,"label":890,"file":245,"line":911},{"id":473,"type":468,"label":477,"file":177,"line":892,"wp_function":478},[915,916],{"from":462,"to":467,"sanitized":236},{"from":467,"to":473,"sanitized":236},{"entryPoint":918,"graph":919,"unsanitizedCount":453,"severity":38},"\u003Ccs-stats> (cs-stats.php:0)",{"nodes":920,"edges":929},[921,923,924,925,926,927,928],{"id":462,"type":463,"label":922,"file":245,"line":822},"$_POST (x13)",{"id":467,"type":468,"label":477,"file":245,"line":824,"wp_function":478},{"id":473,"type":463,"label":495,"file":245,"line":190},{"id":476,"type":468,"label":477,"file":245,"line":192,"wp_function":478},{"id":480,"type":463,"label":592,"file":245,"line":911},{"id":483,"type":499,"label":890,"file":245,"line":911},{"id":486,"type":468,"label":477,"file":177,"line":892,"wp_function":478},[930,931,932,933],{"from":462,"to":467,"sanitized":244},{"from":473,"to":476,"sanitized":244},{"from":480,"to":483,"sanitized":236},{"from":483,"to":486,"sanitized":236},{"summary":935,"deductions":936},"The 'wp-championship' plugin v11.0 exhibits a mixed security posture.  While it demonstrates good practices in using prepared statements for all SQL queries and a high percentage of output escaping, several significant concerns remain. The presence of 6 unprotected AJAX handlers, which represent a substantial portion of the total entry points, creates a direct attack surface that could be exploited for unauthorized actions. Furthermore, the taint analysis revealed 6 high-severity flows with unsanitized paths, indicating potential for injection vulnerabilities despite the use of prepared statements. The plugin's vulnerability history shows a pattern of high-severity issues, specifically CSRF and SQL Injection, although it currently has no unpatched CVEs. The past vulnerabilities suggest recurring weaknesses that attackers might try to exploit, especially in conjunction with the identified unprotected AJAX endpoints. Overall, while some security fundamentals are strong, the unprotected entry points and high-severity taint flows demand immediate attention to mitigate potential risks.",[937,939,942,944],{"reason":938,"points":226},"Unprotected AJAX handlers",{"reason":940,"points":941},"High severity unsanitized taint flows",12,{"reason":943,"points":226},"Past High severity SQL Injection vulnerabilities",{"reason":945,"points":946},"Past Cross-Site Request Forgery vulnerabilities",5,"2026-03-16T22:10:09.611Z",{"wat":949,"direct":964},{"assetPaths":950,"generatorPatterns":953,"scriptPaths":954,"versionParams":957},[951,952],"\u002Fwp-content\u002Fplugins\u002Fwp-championship\u002Fjquery.tooltip.js","\u002Fwp-content\u002Fplugins\u002Fwp-championship\u002Fjquery.tablesorter.min.js",[],[952,955,951,956],"\u002Fwp-content\u002Fplugins\u002Fwp-championship\u002Fcs-stats.js","\u002Fwp-content\u002Fplugins\u002Fwp-championship\u002Fcs-admin.js",[958,959,960,961,962,963],"wp-championship\u002Fwp-championship-default.css?ver=","wp-championship\u002Fwp-championship.css?ver=","wp-championship\u002Fjquery.tablesorter.min.js?ver=2.0.3","wp-championship\u002Fcs-stats.js?ver=9999","wp-championship\u002Fjquery.tooltip.js?ver=9999","wp-championship\u002Fcs-admin.js?ver=9999",{"cssClasses":965,"htmlComments":969,"htmlAttributes":977,"restEndpoints":979,"jsGlobals":980,"shortcodeOutput":982},[966,967,968],"wpc-tippform-tr","wpc-tippform-th","wpc-tippform-td",[970,971,972,973,974,975,976],"\u003C!-- just return the css link -->","\u003C!-- INIT -->","\u003C!-- end of wp championship -->","\u003C!-- wp championship version number -->","\u003C!-- THIS IS A PLUGIN FOR THE WORLD CUP 2006 -->","\u003C!-- IMPORTANT! DO NOT MODIFY THIS FILE! -->","\u003C!-- END OF TEXT DOMAIN: wp-championship -->",[978],"data-wpc-ajaxurl",[],[981],"wpcobj",[983,984,985,986,987,988,989,990,991,992,993],"[cs-usertipp]","[cs-userstats]","[cs-stats1]","[cs-stats2]","[cs-stats3]","[cs-stats4]","[cs-stats5]","[cs-stats6]","[cs-stats7]","[cs-stats8]","[cs-stats9]"]