[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$frY_Tb-g3dRqh4MSLP3P44cyWvD7yvBLxUqSUW2wUYs4":3,"$f7JykPs2VbP6Pd_vfJhncL_wgF2-Bk8dm8SjQ1OZziYY":271,"$fKT2pJK5jDktqS-IK8L1atlJGTzRYrRUOdqYWJMiYyDk":276},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":137,"fingerprints":247},"wp-filmweb-widget","WP Filmweb Widget","0.5","mateusz.adamus","https:\u002F\u002Fprofiles.wordpress.org\u002Fmateuszadamus\u002F","\u003Cp>Shows basic user data from Filmweb.pl portal.\u003Cbr \u002F>\nFor performance reasons the data is refreshed and parsed once every 6 hours.\u003C\u002Fp>\n","Shows basic user data from Filmweb.pl portal.",10,1364,0,"2016-10-21T09:39:00.000Z","4.6.30","4.3","",[19,20,21,22,23],"account","filmweb","movies","rated","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-filmweb-widget.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"mateuszadamus",2,20,30,84,"2026-05-20T03:12:57.028Z",[38,63,84,105,122],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":60,"download_link":61,"security_score":62,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"feeds-for-tiktok","Feeds for TikTok (TikTok feed, video, and gallery plugin)","1.5.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Feeds for TikTok is a WordPress plugin that allows you to seamlessly integrate your TikTok account’s videos into your WordPress website. With Feeds for TikTok, you can easily connect your TikTok account to the TikTok API and display your latest videos in a customizable grid on your site.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Display TikTok Videos on Your WordPress Website | FREE TikTok Feed Plugin for WordPress\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F1174863183?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Connect TikTok Account\u003C\u002Fstrong>: Easily connect your TikTok account to the TikTok API for seamless integration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Retrieve Latest Videos\u003C\u002Fstrong>: Retrieve and display the latest videos from your connected TikTok account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display TikTok Account Information\u003C\u002Fstrong>: Display account information such as name and avatar in a customizable header.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customized Grid Display\u003C\u002Fstrong>: Create a customized grid of TikTok video thumbnails to display on your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Popup Lightbox\u003C\u002Fstrong>: TikTok videos play in a pop-up lightbox when clicked for a seamless viewing experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Caching for Quick Loading\u003C\u002Fstrong>: All data is cached for quick page loading and improved performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize Feed Display\u003C\u002Fstrong>: Customize the number of videos shown in the feed and the number of grid columns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Feed Customizer\u003C\u002Fstrong>: Style the feed with size and color settings using our feed customizer.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Benefits of Having a TikTok Feed\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Engage Your Audience\u003C\u002Fstrong>: Keep your website visitors engaged with fresh and dynamic content directly from your TikTok account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Showcase Your Creativity\u003C\u002Fstrong>: Highlight your creative work and talent by showcasing your latest TikTok videos on your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Increase User Interaction\u003C\u002Fstrong>: Encourage user interaction by allowing visitors to view, like, and share your TikTok videos without leaving your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhance Social Proof\u003C\u002Fstrong>: Displaying your TikTok feed on your website can enhance your social proof and credibility, showing that you’re active and influential on social media.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Drive Traffic to Your TikTok Account\u003C\u002Fstrong>: By featuring your TikTok content on your WordPress site, you can drive traffic and followers to your TikTok account, expanding your reach and influence.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Ways to Display Your TikTok Feed\u003C\u002Fh3>\n\u003Cp>There are several ways you can display your TikTok Feed. You can add a TikTok widget by using a plain text or shortcode block and adding the shortcode [sbtt-tiktok feed=1] to the content. You can also use our handy TikTok block to display your feed anywhere the block editor is used.\u003C\u002Fp>\n\u003Ch3>Pro Version\u003C\u002Fh3>\n\u003Cp>In order to maintain the free version of the plugin on an ongoing basis, and to provide quick and effective support for free, we offer a Pro version of the plugin. The Pro version allows you to:\u003Cbr \u002F>\n* Play .mp4 videos with a clean, distraction free video player instead of an iframe.\u003Cbr \u002F>\n* Connect multiple TikTok accounts\u003Cbr \u002F>\n* Create multiple TikTok feeds with different settings\u003Cbr \u002F>\n* Display videos from multiple TikTok accounts in a single feed\u003Cbr \u002F>\n* Moderate your TikTok feed by including or excluding videos by hashtag or phrase\u003Cbr \u002F>\n* Sort your TikTok videos by popularity, or randomly\u003Cbr \u002F>\n* Choose from several layout types including masonry and carousel layout\u003Cbr \u002F>\n* Display video captions\u003Cbr \u002F>\n* Display your TikTok feed in a sidebar or widget area\u003Cbr \u002F>\n* Use the ‘Load More’ button to view more videos\u003Cbr \u002F>\n* And much more…\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsmashballoon.com\u002Ftiktok-feeds\u002F?utm_campaign=tiktok-free-readme&utm_source=proversion&utm_medium=profindout\" title=\"TikTok Feed Pro\" rel=\"nofollow ugc\">Find out more about the Pro version\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fsmashballoon.com\u002Ftiktok-feeds\u002Fdemo\u002F?utm_campaign=tiktok-free-readme&utm_source=proversion&utm_medium=readmedemo\" title=\"TikTok Feed Pro Demo\" rel=\"nofollow ugc\">try out the Pro demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>What’s Next\u003C\u002Fh3>\n\u003Cp>If you like our WordPress TikTok plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Foptinmonster.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">OptinMonster\u003C\u002Fa> – Get more email subscribers with the most popular conversion optimization plugin for WordPress.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPForms\u003C\u002Fa> – #1 drag & drop online form builder for WordPress (trusted by 5 million sites).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Faioseo.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">AIOSEO\u003C\u002Fa> – The original WordPress SEO plugin to help you rank higher in search results (trusted by over 3 million sites).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fmonsterinsights.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">MonsterInsights\u003C\u002Fa> – See the stats that matter and grow your business with confidence. Best Google Analytics plugin for WordPress.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fseedprod.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">SeedProd\u003C\u002Fa> – Create beautiful landing pages with our powerful drag & drop landing page builder.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpmailsmtp.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPCode\u003C\u002Fa> – must have WordPress code snippet management plugin to help you future-proof website customization (trusted by 1.5 million sites).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fduplicator.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">Duplicator\u003C\u002Fa> – popular WordPress backup and migration plugin used by over 1 million websites.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpsimplepay.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WP Simple Pay\u003C\u002Fa> – #1 Stripe payments plugin for WordPress. Start accepting one-time or recurring payments without a shopping cart.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fpushengage.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">PushEngage\u003C\u002Fa> – Connect with visitors after they leave your website with the leading web push notification plugin.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Frafflepress.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">RafflePress\u003C\u002Fa> – Best WordPress giveaway and contest plugin to grow traffic and social followers.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Ftrustpulse.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">TrustPulse\u003C\u002Fa> – Add real-time social proof notifications to boost your store conversions by up to 15%.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fsearchwp.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">SearchWP\u003C\u002Fa> – The most advanced custom WordPress search plugin to improve WordPress search quality.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Faffiliatewp.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">AffiliateWP\u003C\u002Fa> – #1 affiliate management plugin for WordPress. Add a referral program to your online store.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Feasydigitaldownloads.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">Easy Digital Downloads\u003C\u002Fa> – The best WordPress eCommerce plugin to sell digital products (eBooks, software, music, and more).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpcharitable.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPCharitable\u003C\u002Fa> – Top-rated WordPress donation and fundraising plugin for WordPress.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwpbeginner.com\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WPBeginner\u003C\u002Fa> to learn from our \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">WordPress Tutorials\u003C\u002Fa> and about the \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F?utm_campaign=tiktok-free&utm_source=readme&utm_medium=whats-next-links\" rel=\"nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, questions, or feature requests, please contact us through the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffeeds-for-tiktok\u002F\" rel=\"ugc\">plugin support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Feeds for TikTok does not collect any personal data from your TikTok account. All data retrieved from the TikTok API is used solely for the purpose of displaying your TikTok feed on your WordPress site.\u003C\u002Fp>\n\u003Cp>There are two external sites this plugin connects to. Smashballoon.com is used to collect new videos to display in your feed. Tiktok.com is used in an iframe so your visitors can view your videos without leaving your site.\u003C\u002Fp>\n","The best way to display TikTok videos on your WordPress website. Display clean, customizable, and responsive TikTok feeds from your TikTok account.",70000,328585,86,6,"2026-04-01T15:26:00.000Z","6.9.4","5.2","7.4",[55,56,57,58,59],"tiktok","tiktok-account","tiktok-feed","tiktok-videos","tiktok-widget","https:\u002F\u002Fsmashballoon.com\u002Ftiktok-feeds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeeds-for-tiktok.1.5.0.zip",100,{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":62,"num_ratings":73,"last_updated":74,"tested_up_to":51,"requires_at_least":75,"requires_php":17,"tags":76,"homepage":82,"download_link":83,"security_score":62,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"melu-live-chat","Melu Managed Live Chat","2.2","melulivechat","https:\u002F\u002Fprofiles.wordpress.org\u002Fmelulivechat\u002F","\u003Cp>Melu is a managed live chat service that provides live chat software via this plugin, and highly trained professional operators that look after it for you.\u003C\u002Fp>\n\u003Cp>Melu is perfect for businesses that don’t have the internal human resources to look after their own live chat, but want the reliability of real people rather than using chatbots.\u003C\u002Fp>\n\u003Cp>Melu’s operators are always online and ready to engage with your website visitors 24\u002F7.\u003C\u002Fp>\n\u003Cp>Melu is free to try for 14 days – no payment card required!\u003C\u002Fp>\n","Melu is a managed live chat service that provides live chat software via this plugin, and highly trained professional operators that look after it for &hellip;",90,4248,1,"2025-12-17T10:55:00.000Z","4.8",[77,78,79,80,81],"chat-widget","human-operated-live-chat","live-chat","livechat","managed-live-chat","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmelu-live-chat\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmelu-live-chat.2.2.zip",{"slug":85,"name":86,"version":41,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":34,"downloaded":91,"rating":92,"num_ratings":32,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":17,"tags":96,"homepage":102,"download_link":103,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":104},"multi-twitter-widget","Multi Twitter Stream","Clay McIlrath","https:\u002F\u002Fprofiles.wordpress.org\u002Fclaymcilrath\u002F","\u003Cp>Have a team or group of tweeters that you’d like to show on a site?\u003Cbr \u002F>\nThe problem with most WordPress Twitter Plugins is that the few that support multiple twitter accounts\u003Cbr \u002F>\nusually show the tweets of the users in chronological order. This means if USER_A tweets more than USER_B\u003Cbr \u002F>\nyour whole feed might be all about USER_A. I found in many cases that I’d rather pull in the most recent tweet\u003Cbr \u002F>\nfrom each user. So that’s what this plugin does. It will also pull in search results and hashtags\u003C\u002Fp>\n\u003Cp>Another fork exists here: https:\u002F\u002Fgithub.com\u002Fmsenateatplos\u002Fmulti-twitter-widget\u002Fblob\u002Fmaster\u002Fwidget.php\u003C\u002Fp>\n","A simple widget that displays only the most recent tweet from multiple accounts.",9580,60,"2013-04-12T01:56:00.000Z","3.5.2","2.8",[97,98,99,100,101],"multi-twitter","multiple-twitter","twitter","twitter-account","widgets","http:\u002F\u002Fthinkclay.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmulti-twitter-widget.zip","2026-04-06T09:54:40.288Z",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":11,"downloaded":113,"rating":13,"num_ratings":13,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":17,"tags":117,"homepage":120,"download_link":121,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"icheckmovies-widget","iCheckMovies Widget","1.1","madalinoprea","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadalinoprea\u002F","\u003Cp>This is a widget that loads recent movies checked on iCheckMovies (http:\u002F\u002Fwww.icheckmovies.com\u002F) and display their nice\u003Cbr \u002F>\ncovers.\u003C\u002Fp>\n\u003Cp>You’ll need to have a profile on iCheckMovies website, use this site to track your seen movies. If you don’t know\u003Cbr \u002F>\nthe site you should check it because is really nice.\u003C\u002Fp>\n\u003Cp>More info: \u003Ca href=\"http:\u002F\u002Fmoprea.ro\u002F2011\u002F11\u002F28\u002Ficheckmovies-widget-for-wordpress\" title=\"iCheckMovies Widget Details\" rel=\"nofollow ugc\">iCheckMovies Widget\u003C\u002Fa>\u003C\u002Fp>\n","Looks cool to share your latest seen movies on your blog.",2052,"2012-01-14T13:14:00.000Z","3.2.1","3.0",[118,119,21,23],"icheckmovies","imdb","http:\u002F\u002Fmoprea.ro\u002F2011\u002F11\u002F28\u002Ficheckmovies-widget-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ficheckmovies-widget.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":11,"downloaded":130,"rating":13,"num_ratings":13,"last_updated":131,"tested_up_to":15,"requires_at_least":132,"requires_php":17,"tags":133,"homepage":135,"download_link":136,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"im-woocommerce-my-account-widget","IM WooCommerce My Account Widget","0.4.0","fabione80","https:\u002F\u002Fprofiles.wordpress.org\u002Ffabione80\u002F","\u003Cp>The \u003Cem>IM WooCommerce My Account Widget\u003C\u002Fem> allows shop managers to display customer information in a widget.\u003C\u002Fp>\n\u003Cp>This plugin is compatible with WordPress 4.6 and WooCommerce 2.6\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Display link to shopping cart\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display link to orders page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display link to address page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display link to account detail page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display number of items in shopping cart\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display number of unpaid orders\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display number of uncompleted orders\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display a log-in form when logged out\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Localization: English, Italian\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin adds a widget with customer account information to your WooCommerce shop.",1959,"2016-10-26T09:05:00.000Z","3.5",[19,23,134],"woocommerce","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fim-woocommerce-my-account-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fim-woocommerce-my-account-widget.0.4.0.zip",{"attackSurface":138,"codeSignals":158,"taintFlows":235,"riskAssessment":236,"analyzedAt":246},{"hooks":139,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":13,"unprotectedCount":13},[140,146,150],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","widgets_init","wp_filmweb_widget_load","wp-filmweb-widget.php",221,{"type":141,"name":147,"callback":148,"file":144,"line":149},"wp_enqueue_scripts","wp_filmweb_widget_stylesheet",229,{"type":141,"name":151,"callback":152,"file":144,"line":153},"plugins_loaded","wp_filmweb_widget_textdomain",241,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":160,"outputEscaping":163,"fileOperations":233,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":234},[],{"prepared":161,"raw":13,"locations":162},11,[],{"escaped":32,"rawEcho":164,"locations":165},34,[166,169,171,173,175,177,179,181,183,185,187,189,191,192,193,195,197,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231],{"file":144,"line":167,"context":168},25,"raw output",{"file":144,"line":170,"context":168},27,{"file":144,"line":172,"context":168},44,{"file":144,"line":174,"context":168},46,{"file":144,"line":176,"context":168},50,{"file":144,"line":178,"context":168},53,{"file":144,"line":180,"context":168},65,{"file":144,"line":182,"context":168},66,{"file":144,"line":184,"context":168},71,{"file":144,"line":186,"context":168},72,{"file":144,"line":188,"context":168},77,{"file":144,"line":190,"context":168},78,{"file":144,"line":35,"context":168},{"file":144,"line":71,"context":168},{"file":144,"line":194,"context":168},96,{"file":144,"line":196,"context":168},103,{"file":144,"line":198,"context":168},104,{"file":144,"line":200,"context":168},110,{"file":144,"line":202,"context":168},116,{"file":144,"line":204,"context":168},122,{"file":144,"line":206,"context":168},129,{"file":144,"line":208,"context":168},130,{"file":144,"line":210,"context":168},137,{"file":144,"line":212,"context":168},144,{"file":144,"line":214,"context":168},145,{"file":144,"line":216,"context":168},151,{"file":144,"line":218,"context":168},157,{"file":144,"line":220,"context":168},164,{"file":144,"line":222,"context":168},165,{"file":144,"line":224,"context":168},172,{"file":144,"line":226,"context":168},179,{"file":144,"line":228,"context":168},180,{"file":144,"line":230,"context":168},186,{"file":144,"line":232,"context":168},192,8,[],[],{"summary":237,"deductions":238},"The wp-filmweb-widget plugin version 0.5 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL queries, with 100% of them utilizing prepared statements, significantly reducing the risk of SQL injection vulnerabilities.  Furthermore, there are no recorded CVEs, suggesting a history of responsible development or a lack of targeted attacks. The absence of external HTTP requests and bundled libraries also simplifies the security landscape and reduces potential attack vectors.\n\nHowever, several areas raise concerns. The most significant is the lack of output escaping, with only 6% of outputs being properly handled. This creates a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website through user-generated content or plugin outputs. Additionally, the complete absence of nonce checks and capability checks on any entry points (AJAX, REST API, shortcodes, cron) is a critical oversight. This means that any functionality exposed by the plugin, even if not directly apparent in the static analysis as having an attack surface, could be triggered by unauthenticated or unauthorized users, leading to unintended actions or data manipulation.\n\nIn conclusion, while the plugin avoids common pitfalls like raw SQL and unpatched vulnerabilities, the severe lack of output escaping and authorization checks presents a significant risk.  The plugin would benefit greatly from implementing robust input validation, output sanitization, and proper authentication\u002Fauthorization mechanisms for all its functionalities to achieve a more secure state.",[239,242,244],{"reason":240,"points":241},"Low output escaping percentage",15,{"reason":243,"points":11},"Missing nonce checks on entry points",{"reason":245,"points":11},"Missing capability checks on entry points","2026-04-16T12:30:24.264Z",{"wat":248,"direct":257},{"assetPaths":249,"generatorPatterns":251,"scriptPaths":252,"versionParams":254},[250],"\u002Fwp-content\u002Fplugins\u002Fwp-filmweb-widget\u002Fbackend\u002Fcss\u002Fstyle.css",[],[253],"\u002Fwp-content\u002Fplugins\u002Fwp-filmweb-widget\u002Fbackend\u002Fjs\u002Fscript.js",[255,256],"wp-filmweb-widget\u002Fbackend\u002Fcss\u002Fstyle.css?ver=","wp-filmweb-widget\u002Fbackend\u002Fjs\u002Fscript.js?ver=",{"cssClasses":258,"htmlComments":260,"htmlAttributes":261,"restEndpoints":268,"jsGlobals":269,"shortcodeOutput":270},[259],"filmweb-widget-user",[],[262,263,264,265,266,267],"data-username-position","data-avatar-size","data-top-count","data-top-label","data-last-count","data-last-label",[],[],[],{"error":272,"url":273,"statusCode":274,"statusMessage":275,"message":275},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-filmweb-widget\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":277},[]]