[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flNY2Vo_FtSaiWEjGnJ7L1Gbkdet1QmQI4N3iXz6N6D8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":9,"tested_up_to":14,"requires_at_least":15,"requires_php":9,"tags":16,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":31,"analysis":126,"fingerprints":354},"wp-imdb-api","IMDb API","1.2.0","tuyenlaptrinh","https:\u002F\u002Fprofiles.wordpress.org\u002Ftuyenlaptrinh\u002F","","The IMDb API is a RESTful web service to obtain movie information, all content and images on the site are contributed and maintained by our users.",20,6252,0,"4.7.32","3.0.1",[17,18,19],"imdb","imdb-api","movie","http:\u002F\u002Fimdbapi.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-imdb-api.1.2.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},2,30,94,"2026-04-04T10:03:29.284Z",[32,54,73,90,110],{"slug":33,"name":34,"version":35,"author":36,"author_profile":37,"description":38,"short_description":39,"active_installs":40,"downloaded":41,"rating":22,"num_ratings":42,"last_updated":43,"tested_up_to":44,"requires_at_least":45,"requires_php":46,"tags":47,"homepage":51,"download_link":52,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"lumiere-movies","Lumière Movies","4.7.3","JCV","https:\u002F\u002Fprofiles.wordpress.org\u002Fpsykonevro\u002F","\u003Cp>Visit the \u003Ca href=\"https:\u002F\u002Fwww.jcvignoli.com\u002Fblog\u002Fen\u002Flumiere-movies-wordpress-plugin\" title=\"Official website\" rel=\"nofollow ugc\">Official website\u003C\u002Fa> to see how the plugin can enhance your website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lumiere! Movies\u003C\u002Fstrong> helps you integrate loads of information about movies and stars in your blog. Widgets, links to informative popup, and dedicated taxonomy pages are available. Everything is automatised and no further configuration is required from the user. However, should you want to access advanced features, your can change the themes, add taxonomy to your pages, remove links, display automatically information according to your blog posts’ titles, and use many hidden features. The information is retrieved from the popular \u003Ca href=\"https:\u002F\u002Fwww.imdb.com\" title=\"Internet Movie Database\" rel=\"nofollow ugc\">IMDb\u003C\u002Fa> website. Lumière! ensures that you have the most accurate and reliable information always available on your blog.\u003C\u002Fp>\n\u003Cp>It is \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FHTTP\u002FCSP\" title=\"Content Security Policy on Mozilla\" rel=\"nofollow ugc\">Content Security Policy\u003C\u002Fa> (CSP) compliant, takes advantage of Polylang plugin and is fully compatible with AMP plugin. It is also fully compatible with Classic Editor, Classic Widgets plugins, and Intelly related posts. It supports any WordPress theme and is adapted to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Foceanwp\u002F\" title=\"OceanWP theme\" rel=\"ugc\">OceanWP\u003C\u002Fa> theme.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lumière!\u003C\u002Fstrong> is a great tool to illustrate your articles. You can display movie and people details by several ways, such as in popups, widgets, and straight inside your posts. It can be extensively fine-tuned in the admin options panel.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Flumiere-movies\u002F\" title=\"WordPress Support\" rel=\"ugc\">WordPress Support\u003C\u002Fa> for general issues, or to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjcvignoli\u002Flumiere-movies\" title=\"GIT repository\" rel=\"nofollow ugc\">GIT repository\u003C\u002Fa> for technical requests (developper-oriented).\u003C\u002Fp>\n\u003Cp>It’s always a good idea to look at the \u003Ca href=\"https:\u002F\u002Fwww.jcvignoli.com\u002Fblog\u002Fen\u002Flumiere-movies-wordpress-plugin\" title=\"Lumière! official website\" rel=\"nofollow ugc\">official website\u003C\u002Fa>\u003C\u002Fp>\n","Lumière! Movies is a WordPress plugin that retrieves data from www.imdb.com and helps you include it in your posts and in your widgets.",40,10279,3,"2025-12-25T17:56:00.000Z","6.9.4","6.1","8.1",[48,49,50,17,19],"actor","cinema","film","https:\u002F\u002Fwww.wordpress.org\u002Fplugins\u002Flumiere-movies\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flumiere-movies.4.7.3.zip","2026-03-15T15:16:48.613Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":13,"num_ratings":13,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":9,"tags":67,"homepage":70,"download_link":71,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"filmgetter","FilmGetter","0.1.4.1","confact","https:\u002F\u002Fprofiles.wordpress.org\u002Fconfact\u002F","\u003Cp>Filmgetter gets the information from TMDb about a movie you have choosen. Adding it to the database and you can now use it’s information with using the tags defined below. It will write out the information about the movie you want.\u003C\u002Fp>\n","FilmGetter uses tags to show information like Poster, plot, rating, release date, TMDb and imdb urls.",10,5505,"2011-09-05T22:04:00.000Z","3.2.1","2.1",[50,17,19,68,69],"poster","tmdb","http:\u002F\u002Fdun.se\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilmgetter.zip",85,{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":62,"downloaded":81,"rating":13,"num_ratings":13,"last_updated":82,"tested_up_to":65,"requires_at_least":83,"requires_php":9,"tags":84,"homepage":88,"download_link":89,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"icheckmovies-widget","iCheckMovies Widget","1.1","madalinoprea","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadalinoprea\u002F","\u003Cp>This is a widget that loads recent movies checked on iCheckMovies (http:\u002F\u002Fwww.icheckmovies.com\u002F) and display their nice\u003Cbr \u002F>\ncovers.\u003C\u002Fp>\n\u003Cp>You’ll need to have a profile on iCheckMovies website, use this site to track your seen movies. If you don’t know\u003Cbr \u002F>\nthe site you should check it because is really nice.\u003C\u002Fp>\n\u003Cp>More info: \u003Ca href=\"http:\u002F\u002Fmoprea.ro\u002F2011\u002F11\u002F28\u002Ficheckmovies-widget-for-wordpress\" title=\"iCheckMovies Widget Details\" rel=\"nofollow ugc\">iCheckMovies Widget\u003C\u002Fa>\u003C\u002Fp>\n","Looks cool to share your latest seen movies on your blog.",1997,"2012-01-14T13:14:00.000Z","3.0",[85,17,86,87],"icheckmovies","movies","widget","http:\u002F\u002Fmoprea.ro\u002F2011\u002F11\u002F28\u002Ficheckmovies-widget-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ficheckmovies-widget.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":62,"downloaded":98,"rating":22,"num_ratings":99,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":108,"download_link":109,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"movie-grabber","Movie Grabber","1.0","MovieGrabber","https:\u002F\u002Fprofiles.wordpress.org\u002Fmoviegrabber\u002F","\u003Cp>A great plugin to you. If you want to open a movie website, you can have a movie website with a quality information pool from two different sources and imdb. Try it now!\u003C\u002Fp>\n","A great plugin to you. If you want to open a movie website, you can have a movie website with a quality information pool from two different sources an …",3712,1,"2018-06-04T14:28:00.000Z","4.9.29","4.x","5.6",[105,106,17,19,107],"bot","grabber","scraper","http:\u002F\u002Fwww.streamov.xyz","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmovie-grabber.zip",{"slug":111,"name":112,"version":93,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":62,"downloaded":117,"rating":13,"num_ratings":13,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":9,"tags":121,"homepage":124,"download_link":125,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":53},"nantuki-yify-torrent-adder","NanTuki YiFy-Torrent Adder","Nazmul Alam","https:\u002F\u002Fprofiles.wordpress.org\u002Fnazmul-alam\u002F","\u003Cp>This plugin helps to add movie information (from YTS) in wordpress post using shortcode [yts id=”ytsmovieid”].\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NanTuki YiFy-Torrent Adder\u003C\u002Fstrong> is using YiFy API which provides information for the movies.\u003C\u002Fp>\n\u003Cp>Thanks to YTS team, for the api and all the hard work You guys do. You guys are amazing 🙂 .\u003C\u002Fp>\n","Display movie information from YTS in wordpress post, it includes all the fields that are in IMDB, including screenshots of the movie and direct torre …",2721,"2014-11-14T02:57:00.000Z","4.0.38","2.8",[17,19,122,123],"shortcode","yts","http:\u002F\u002Fwordpress.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnantuki-yify-torrent-adder.zip",{"attackSurface":127,"codeSignals":168,"taintFlows":320,"riskAssessment":347,"analyzedAt":353},{"hooks":128,"ajaxHandlers":164,"restRoutes":165,"shortcodes":166,"cronEvents":167,"entryPointCount":13,"unprotectedCount":13},[129,135,139,144,147,149,152,155,158,161,163],{"type":130,"name":131,"callback":132,"file":133,"line":134},"action","add_meta_boxes","wp_imdb_api_add_post_metabox","includes\\wp-imdb-api-admin.php",139,{"type":130,"name":136,"callback":137,"priority":62,"file":133,"line":138},"save_post","wp_imdb_api_save_post_metabox",142,{"type":130,"name":140,"callback":141,"file":142,"line":143},"plugins_loaded","anonymous","includes\\wp-imdb-api.php",56,{"type":130,"name":145,"callback":141,"file":142,"line":146},"admin_enqueue_scripts",65,{"type":130,"name":145,"callback":141,"file":142,"line":148},66,{"type":130,"name":150,"callback":141,"file":142,"line":151},"admin_menu",69,{"type":130,"name":153,"callback":141,"file":142,"line":154},"admin_init",71,{"type":130,"name":156,"callback":141,"file":142,"line":157},"load-post.php",77,{"type":130,"name":159,"callback":141,"file":142,"line":160},"load-post-new.php",78,{"type":130,"name":153,"callback":141,"file":142,"line":162},81,{"type":130,"name":153,"callback":141,"file":142,"line":72},[],[],[],[],{"dangerousFunctions":169,"sqlUsage":170,"outputEscaping":172,"fileOperations":27,"externalRequests":42,"nonceChecks":99,"capabilityChecks":27,"bundledLibraries":319},[],{"prepared":42,"raw":13,"locations":171},[],{"escaped":173,"rawEcho":174,"locations":175},58,70,[176,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,307,309,311,313,315,317],{"file":177,"line":178,"context":179},"admin\\wp-imdb-api-crawler-view.php",23,"raw output",{"file":177,"line":181,"context":179},75,{"file":177,"line":183,"context":179},95,{"file":177,"line":185,"context":179},97,{"file":177,"line":187,"context":179},103,{"file":177,"line":189,"context":179},108,{"file":177,"line":191,"context":179},113,{"file":177,"line":193,"context":179},117,{"file":177,"line":195,"context":179},122,{"file":177,"line":197,"context":179},129,{"file":177,"line":199,"context":179},137,{"file":177,"line":201,"context":179},160,{"file":177,"line":203,"context":179},161,{"file":177,"line":205,"context":179},162,{"file":177,"line":207,"context":179},163,{"file":177,"line":209,"context":179},164,{"file":177,"line":211,"context":179},165,{"file":177,"line":213,"context":179},166,{"file":177,"line":215,"context":179},167,{"file":177,"line":217,"context":179},168,{"file":177,"line":219,"context":179},169,{"file":177,"line":221,"context":179},170,{"file":177,"line":223,"context":179},171,{"file":177,"line":225,"context":179},172,{"file":177,"line":227,"context":179},173,{"file":177,"line":229,"context":179},174,{"file":177,"line":231,"context":179},175,{"file":177,"line":233,"context":179},176,{"file":177,"line":235,"context":179},177,{"file":177,"line":237,"context":179},178,{"file":177,"line":239,"context":179},179,{"file":177,"line":241,"context":179},180,{"file":177,"line":243,"context":179},229,{"file":177,"line":245,"context":179},249,{"file":177,"line":247,"context":179},251,{"file":177,"line":249,"context":179},257,{"file":177,"line":251,"context":179},262,{"file":177,"line":253,"context":179},267,{"file":177,"line":255,"context":179},271,{"file":177,"line":257,"context":179},276,{"file":177,"line":259,"context":179},283,{"file":177,"line":261,"context":179},291,{"file":177,"line":263,"context":179},314,{"file":177,"line":265,"context":179},315,{"file":177,"line":267,"context":179},316,{"file":177,"line":269,"context":179},317,{"file":177,"line":271,"context":179},318,{"file":177,"line":273,"context":179},319,{"file":177,"line":275,"context":179},320,{"file":177,"line":277,"context":179},321,{"file":177,"line":279,"context":179},322,{"file":177,"line":281,"context":179},323,{"file":177,"line":283,"context":179},324,{"file":177,"line":285,"context":179},325,{"file":177,"line":287,"context":179},326,{"file":177,"line":289,"context":179},327,{"file":177,"line":291,"context":179},328,{"file":177,"line":293,"context":179},329,{"file":177,"line":295,"context":179},330,{"file":177,"line":297,"context":179},331,{"file":177,"line":299,"context":179},332,{"file":177,"line":301,"context":179},333,{"file":177,"line":303,"context":179},334,{"file":305,"line":306,"context":179},"admin\\wp-imdb-api-metabox-view.php",91,{"file":305,"line":308,"context":179},391,{"file":133,"line":310,"context":179},102,{"file":133,"line":312,"context":179},115,{"file":133,"line":314,"context":179},130,{"file":133,"line":316,"context":179},347,{"file":133,"line":318,"context":179},354,[],[321],{"entryPoint":322,"graph":323,"unsanitizedCount":13,"severity":346},"\u003Cwp-imdb-api-admin> (includes\\wp-imdb-api-admin.php:0)",{"nodes":324,"edges":342},[325,329,335,338],{"id":326,"type":327,"label":328,"file":133,"line":251},"n0","source","$_REQUEST (x2)",{"id":330,"type":331,"label":332,"file":133,"line":333,"wp_function":334},"n1","sink","get_var() [SQLi]",305,"get_var",{"id":336,"type":327,"label":337,"file":133,"line":251},"n2","$_REQUEST",{"id":339,"type":331,"label":340,"file":133,"line":318,"wp_function":341},"n3","echo() [XSS]","echo",[343,345],{"from":326,"to":330,"sanitized":344},true,{"from":336,"to":339,"sanitized":344},"low",{"summary":348,"deductions":349},"The \"wp-imdb-api\" plugin v1.2.0 exhibits a generally strong security posture based on the provided static analysis.  The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly limits the plugin's attack surface.  Furthermore, the code demonstrates good practices in database interaction, with all SQL queries utilizing prepared statements.  The plugin also includes nonce and capability checks, indicating an awareness of WordPress security mechanisms.\n\nHowever, a notable concern is the output escaping. With only 45% of the 128 total outputs properly escaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. Attackers could potentially inject malicious scripts through user-controlled input that is not adequately sanitized before being displayed back to users. While the taint analysis shows no critical or high severity flows, this is based on a limited analysis (1 flow). The file operations and external HTTP requests, while not inherently insecure, are potential avenues that require careful oversight, especially if they interact with user-provided data.\n\nThe plugin's vulnerability history is remarkably clean, with zero recorded CVEs. This suggests a history of diligent security practices or perhaps a limited history of security scrutiny. While positive, it's important to remember that past security performance is not a guarantee of future security. The overall assessment is that the plugin has a solid foundation with good defensive coding, but the unescaped output presents a clear and present risk that needs immediate attention.",[350],{"reason":351,"points":352},"Insufficient output escaping detected.",8,"2026-03-16T22:43:21.005Z",{"wat":355,"direct":366},{"assetPaths":356,"generatorPatterns":360,"scriptPaths":361,"versionParams":362},[357,358,359],"\u002Fwp-content\u002Fplugins\u002Fwp-imdb-api\u002Fadmin\u002Fcss\u002Fstyle-rtl.css","\u002Fwp-content\u002Fplugins\u002Fwp-imdb-api\u002Fadmin\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-imdb-api\u002Fadmin\u002Fjs\u002Fwp-imdb-api.js",[],[359],[363,364,365],"wp-imdb-api\u002Fadmin\u002Fcss\u002Fstyle-rtl.css?ver=","wp-imdb-api\u002Fadmin\u002Fcss\u002Fstyle.css?ver=","wp-imdb-api\u002Fadmin\u002Fjs\u002Fwp-imdb-api.js?ver=",{"cssClasses":367,"htmlComments":368,"htmlAttributes":370,"restEndpoints":372,"jsGlobals":373,"shortcodeOutput":374},[],[369],"\u003C!-- Created by PhpStorm.\n * User: Tuyen Pham\n * Date: 5\u002F31\u002F2017\n * Time: 6:56 PM\n -->",[371],"data-custom",[],[],[]]