[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fM4NK9IA0eBlenfNLOvzOIJtrXSK5IDKQiz_tmiQvV-A":3,"$fgUiLyFxJDtDl6FS5XeZknUb-U5dubj4UYymChEeBp6Q":298},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":45,"crawl_stats":35,"alternatives":52,"analysis":159,"fingerprints":279},"wp-nice-loader","WP Nice Loader","0.1.0.4","Alex Volkov","https:\u002F\u002Fprofiles.wordpress.org\u002Fvol4ikman\u002F","\u003Cp>WP Nice Loader allows you control over page preloader, font size, themes and much more.\u003C\u002Fp>\n\u003Ch4>A few notes about the plugin:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>You can easily create nice page loaders with one click\u003C\u002Fli>\n\u003Cli>Control over the title, subtitle and loader logo\u003C\u002Fli>\n\u003Cli>Change text colors\u003C\u002Fli>\n\u003Cli>13 loaders themes (9 of them based on spinkit by \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Ftobiasahlin\" title=\"@tobiasahlin\" rel=\"nofollow ugc\">@tobiasahlin\u003C\u002Fa> – \u003Ca href=\"http:\u002F\u002Ftobiasahlin.com\u002Fspinkit\u002F\" title=\"Spinkit DEMO\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>  )\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Nice Loader allows you control over page preloader, font size, themes and more.",30,4999,60,2,"2024-07-17T07:38:00.000Z","6.6.5","5.1","7.4",[20,21,22],"design","loader","preloader","http:\u002F\u002Fwww.volkov.co.il","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-nice-loader.0.1.0.4.zip",71,1,"2024-12-19 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35,"patch_diff_files":44,"patch_trac_url":35},"CVE-2024-56232","wp-nice-loader-cross-site-request-forgery-to-stored-cross-site-scripting","WP Nice Loader \u003C= 0.1.0.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The WP Nice Loader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.0.4. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=0.1.0.4","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-01-08 15:28:17",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fce3a3802-ea03-4840-8da2-fd292a0c4099?source=api-prod",[],{"slug":46,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},"vol4ikman",10030,84,148,68,"2026-04-07T08:31:23.761Z",[53,79,99,116,138],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":77,"last_vuln_date":35,"fetched_at":78},"loftloader","LoftLoader","2.5.2","loftocean","https:\u002F\u002Fprofiles.wordpress.org\u002Floftocean\u002F","\u003Cp>Small and powerful. LoftLoader helps you to add a beautiful animated preloader to your website, and have full control of its look, without writing any code.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FzxiF5hHU1kc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Features & Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Enhanced settings panel with WordPress Customizer.\u003C\u002Fli>\n\u003Cli>Pure CSS3 animations for better performance. Works in any modern browser. \u003C\u002Fli>\n\u003Cli>Use JavaScript to detect if the page is fully loaded.\u003C\u002Fli>\n\u003Cli>5 ending animation effects.\u003C\u002Fli>\n\u003Cli>7 loading animation effects. 2 of them support custom image.\u003C\u002Fli>\n\u003Cli>Unlimited background color. Also can change the opacity.\u003C\u002Fli>\n\u003Cli>Unlimited loader color.\u003C\u002Fli>\n\u003Cli>Can add different loaders for different pages on one site (New feature since v2.0. Only works for “Pages”.).\u003C\u002Fli>\n\u003Cli>Responsive & retina ready.\u003C\u002Fli>\n\u003Cli>Option to enable\u002Fdisable the preloader.\u003C\u002Fli>\n\u003Cli>Option to enable preloader on site homepage only.\u003C\u002Fli>\n\u003Cli>Close button to quit the loading screen. Users can set when to show the close button (range: 5 to 20 seconds), and customize the close button text.\u003C\u002Fli>\n\u003Cli>Ready for translation (.pot file included).\u003C\u002Fli>\n\u003Cli>Light weight, fast. Coded with SASS. CSS & JS minified.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Online Documentation\u003C\u002Fh4>\n\u003Cp>To know how to use the plugin, please click the link to check \u003Ca href=\"http:\u002F\u002Floftocean.com\u002Fdoc\u002Floftloader\u002F\" rel=\"nofollow ugc\">online documentation\u003C\u002Fa>. It’s the documentation of Pro version. But you can still find Lite version features details in it.\u003C\u002Fp>\n\u003Ch4>How to contact us\u003C\u002Fh4>\n\u003Cp>If you have any questions or encounter a problem while using LoftLoader, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Floftloader\" rel=\"ugc\">create a topic in the support forum\u003C\u002Fa>. If you contact us via email, please indicate that your question corresponds to LoftLoader Lite.\u003C\u002Fp>\n\u003Ch4>To speed along the support request, please follow the steps below\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Update to the latest versions of your WordPress, themes and plugins.\u003C\u002Fli>\n\u003Cli>Check \u003Ca href=\"http:\u002F\u002Floftocean.com\u002Fdoc\u002Floftloader\u002F\" rel=\"nofollow ugc\">online documentation\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Floftloader\u002F#faq\" rel=\"ugc\">FAQ\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>Test by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fhow-to-check-for-conflicts\u002F\" rel=\"ugc\">following this guide\u003C\u002Fa> to check if it is a conflict with other plugins or themes.\u003C\u002Fli>\n\u003Cli>If you still cannot find a solution, please contact us.\u003C\u002Fli>\n\u003Cli>When submit your support request, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fplease-read-before-posting-63\u002F\" rel=\"ugc\">follow the guide\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Version\u003C\u002Fh4>\n\u003Cp>LoftLoader Pro is available. \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Floftloader-pro-preloader-plugin-for-wordpress\u002F17339671?ref=LoftOcean\" rel=\"nofollow ugc\">Upgrade to pro version\u003C\u002Fa> and get more stunning features!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Handpick – Turn the preloader on for specific pages or posts.\u003C\u002Fli>\n\u003Cli>Hide the preloader for picked post types – products, portfolios, etc.\u003C\u002Fli>\n\u003Cli>Option to display the preloader once per visitor session.\u003C\u002Fli>\n\u003Cli>Support gradient background color, full background image, and repeating background pattern.\u003C\u002Fli>\n\u003Cli>More ending animations.\u003C\u002Fli>\n\u003Cli>Loader – 19 types of animations to choose. 6 of them support custom images.\u003C\u002Fli>\n\u003Cli>Looping – Animation can be set to loop forever, and some animations can be set to run just once (ends after page has loaded).\u003C\u002Fli>\n\u003Cli>Progress – Progress bar, counting percentage, or both. Any color. Position, size & font control.\u003C\u002Fli>\n\u003Cli>Message – Enter your custom welcome or loading message to display. Control color, position & font. And supports Random Message feature.\u003C\u002Fli>\n\u003Cli>Load Time – Set a minimum load time to prevent the pre-loader from disappearing too fast.\u003C\u002Fli>\n\u003Cli>Device Control – Choose to show the loading screen on all devices, or hide on mobile, or show on mobile only.\u003C\u002Fli>\n\u003Cli>Option to enable smooth page transition effect. \u003Ca href=\"http:\u002F\u002Fdemo.loftocean.com\u002Floftloader-transition\u002F\" rel=\"nofollow ugc\">Check the example\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Choose to save customize styles as inline styles in \u003Chead> or as an external .css file.\u003C\u002Fli>\n\u003Cli>Option to disable page scrolling while loading.\u003C\u002Fli>\n\u003Cli>Can add different loaders for different Pages, Posts and custom post types (such as portfolios, products, etc.) on one site.\u003C\u002Fli>\n\u003Cli>Users can choose which elements to detect during the loading process (All elements \u002F Images \u002F Videos \u002F Images & Videos).\u003C\u002Fli>\n\u003Cli>Purchase once, free lifetime update with new features.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check some \u003Ca href=\"http:\u002F\u002Fwww.loftocean.com\u002Floftloader\u002Fexample-13\u002F\" rel=\"nofollow ugc\">examples\u003C\u002Fa> created by pro version.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please note\u003C\u002Fstrong>: Although you may find that LoftLoader Lite (the free version) can run on older versions of WordPress (below v4.7), \u003Cstrong>LoftLoader Pro only supports WordPress v4.7 or higher\u003C\u002Fstrong>. Because the Pro version has more features than the Lite version, including some new features introduced after WordPress 4.7. We always recommend using the latest versions of WordPress to ensure compatibility with your theme and other plugins.\u003C\u002Fp>\n","An easy to use plugin to add an animated preloader to your website with fully customisations.",70000,789968,90,33,"2025-12-14T23:36:00.000Z","6.9.4","6.0","5.6",[70,71,72,73,22],"animated-preloader","css3-preloader","customizable-loader","page-preloader","http:\u002F\u002Fwww.loftocean.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floftloader.2.5.2.zip",100,0,"2026-04-06T09:54:40.288Z",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":76,"num_ratings":89,"last_updated":90,"tested_up_to":66,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":97,"download_link":98,"security_score":76,"vuln_count":77,"unpatched_count":77,"last_vuln_date":35,"fetched_at":78},"safelayout-cute-preloader","Safelayout Cute Preloader – CSS3 WordPress Preloader","2.2.2","safelayout","https:\u002F\u002Fprofiles.wordpress.org\u002Fsafelayout\u002F","\u003Cp>An \u003Cstrong>easy-to-use\u003C\u002Fstrong>, \u003Cstrong>lightweight\u003C\u002Fstrong> and \u003Cstrong>powerful\u003C\u002Fstrong> preloader plugin. Safelayout Cute Preloader helps you to add a beautiful, pure CSS animated preloader to your website.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FKrLU4_xY6i0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsafelayout.com\u002Fsafelayout-cute-preloader-pro-documentation#how-to-add-different-preloaders\" rel=\"nofollow ugc\">How to add different preloaders to different page\u002Fpost of your site.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsafelayout.com\u002Fsafelayout-cute-preloader-pro-documentation#how-to-set-preloaders-for-type\" rel=\"nofollow ugc\">How to set preloaders for different data types, for example a different preloader for products.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsafelayout.com\u002Fsafelayout-cute-preloader-pro-documentation#how-to-set-different-preloader-for-mobile\" rel=\"nofollow ugc\">How to set a different preloader for mobile visitors.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Pure CSS animation (No GIF images).\u003C\u002Fli>\n\u003Cli>35 Loading animation icons.\u003C\u002Fli>\n\u003Cli>18 Background exit effects.\u003C\u002Fli>\n\u003Cli>background animation.\u003C\u002Fli>\n\u003Cli>background pattern.\u003C\u002Fli>\n\u003Cli>14 Brand Image animation effects.\u003C\u002Fli>\n\u003Cli>11 Text animation effects.\u003C\u002Fli>\n\u003Cli>progress bar and counter.\u003C\u002Fli>\n\u003Cli>Cross browser compatible.\u003C\u002Fli>\n\u003Cli>Fully customizable.\u003C\u002Fli>\n\u003Cli>Work with Any Theme.\u003C\u002Fli>\n\u003Cli>Add your own loader image.\u003C\u002Fli>\n\u003Cli>Beautiful Gradient colors for icon, progress bar and background.\u003C\u002Fli>\n\u003Cli>Beautiful filter effects for icons.\u003C\u002Fli>\n\u003Cli>Device control (Choose to show on all devices, mobile, or desktop only.)\u003C\u002Fli>\n\u003Cli>Preloader minimum runtime.\u003C\u002Fli>\n\u003Cli>Preloader maximum runtime.\u003C\u002Fli>\n\u003Cli>Preloader close button.\u003C\u002Fli>\n\u003Cli>Special preloader: You can have more than one preloader on your site. A different preloader for a specific data type (product) or a different preloader for a specific page\u002Fpost.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Live Demo\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsafelayout.com\u002Fsafelayout-cute-preloader-pro-demo\u002F\" rel=\"nofollow ugc\">Safelayout Cute Preloader Demo.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Pro Version\u003C\u002Fh4>\n\u003Cp>Safelayout Cute Preloader \u003Cstrong>Pro\u003C\u002Fstrong> is available. \u003Ca href=\"https:\u002F\u002Fsafelayout.com\" rel=\"nofollow ugc\">Upgrade to pro version\u003C\u002Fa> and get full features!\u003C\u002Fp>\n\u003Ch4>Safelayout other plugins\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsafelayout-elegant-icons\u002F\" rel=\"ugc\">Safelayout Elegant Icons – WordPress icon block\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsafelayout-brilliant-buttons\" rel=\"ugc\">Safelayout Brilliant Buttons – WordPress Button block\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsafelayout-animated-header-footer\" rel=\"ugc\">Safelayout Animated Header Footer\u003C\u002Fa>\u003C\u002Fp>\n","Easily add a pure CSS animated preloader to your WordPress website.",10000,114629,77,"2026-02-23T00:59:00.000Z","4.7","7.0",[21,94,95,22,96],"loading","preload","wordpress-preloader","https:\u002F\u002Fsafelayout.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafelayout-cute-preloader.2.2.2.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":87,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":66,"requires_at_least":111,"requires_php":18,"tags":112,"homepage":114,"download_link":115,"security_score":76,"vuln_count":77,"unpatched_count":77,"last_vuln_date":35,"fetched_at":78},"the-preloader","Preloader","2.0.2","Alobaidi","https:\u002F\u002Fprofiles.wordpress.org\u002Falobaidi\u002F","\u003Ch3>Preloader\u003C\u002Fh3>\n\u003Cp>The ultimate Preloader plugin for WordPress. Smart, flexible, and made for easy control.\u003C\u002Fp>\n\u003Cp>Add a preloader to your website easily in only 3 steps. Simple, fast, and compatible with all major browsers.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>On June 19, 2025, we released version “2.0.0”. Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Easy to use – set up your preloader in just 3 steps.\u003C\u002Fli>\n\u003Cli>Upload your own GIF image or choose from 2 free templates.\u003C\u002Fli>\n\u003Cli>Customize preloader size and background color.\u003C\u002Fli>\n\u003Cli>Select where to show the preloader (entire site, blog page, posts, etc).\u003C\u002Fli>\n\u003Cli>Choose who sees the preloader: everyone, visitors only, or logged in users only.\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme – no need to re-integrate after theme updates or changes.\u003C\u002Fli>\n\u003Cli>Compatible with all major browsers.\u003C\u002Fli>\n\u003Cli>Lightweight and optimized for performance.\u003C\u002Fli>\n\u003Cli>Clear documentation and helpful FAQ section.\u003C\u002Fli>\n\u003Cli>Upgrade to Premium version to get flexible display options, 30+ professional templates, and other features.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Live Demo & Usage Guide\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-plugins.in\u002FPreloaderPlugin\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>You May Also Like – From Our Plugins\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvideo-popup\u002F\" rel=\"ugc\">Video Popup Plugin\u003C\u002Fa> – Create unlimited, elegant, and responsive popups for YouTube, Vimeo, MP4 & WebM videos on click or On-Page Load:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvideo-popup\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvideo-popup\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fextend-link\u002F\" rel=\"ugc\">Extend Link Plugin\u003C\u002Fa> – Link Options for WordPress Editor:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fextend-link\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fextend-link\u002F\u003C\u002Fa>\u003C\u002Fp>\n","The ultimate Preloader plugin for WordPress. Smart, flexible, and made for easy control. Add a preloader to your website easily in only 3 steps.",285262,82,41,"2025-12-05T01:40:00.000Z","5.8",[113,21,94,95,22],"load","https:\u002F\u002Fwp-plugins.in\u002FPreloaderPlugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-preloader.2.0.2.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":127,"last_updated":128,"tested_up_to":16,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":134,"download_link":135,"security_score":136,"vuln_count":26,"unpatched_count":77,"last_vuln_date":137,"fetched_at":78},"wp-smart-preloader","WP Smart Preloader","1.15.3","catchsquare","https:\u002F\u002Fprofiles.wordpress.org\u002Fcatchsquare\u002F","\u003Cp>WP Smart Preloader is a Simple CSS spinners and throbbers made with CSS and minimal HTML markup. It offers visual feedback in the event of content being loaded, thereby managing expectations and reducing the chance of a user abandoning your wordpress website.\u003C\u002Fp>\n\u003Cp>You will find following features with this plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Full Responsive with Cross Broser compatible\u003C\u002Fli>\n\u003Cli>CSS only Preloader no Gif no Image\u003C\u002Fli>\n\u003Cli>Full Customize.\u003C\u002Fli>\n\u003Cli>Faster Loading\u003C\u002Fli>\n\u003Cli>Icon to circle\u003C\u002Fli>\n\u003Cli>No coding necessary. Activate it and play with its settings and you’re Good to go\u003C\u002Fli>\n\u003C\u002Ful>\n","A Plugin to add awesome collection of Loaders and Spinners. Delightful and performance-focused Pure CSS animations.",6000,205805,88,25,"2024-10-27T07:59:00.000Z","2.8","",[132,95,133,96,117],"posts","site-preloader","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-smart-preloader","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-smart-preloader.1.15.3.zip",92,"2023-01-20 00:00:00",{"slug":139,"name":140,"version":141,"author":142,"author_profile":143,"description":144,"short_description":145,"active_installs":146,"downloaded":147,"rating":136,"num_ratings":148,"last_updated":149,"tested_up_to":150,"requires_at_least":151,"requires_php":130,"tags":152,"homepage":156,"download_link":157,"security_score":48,"vuln_count":14,"unpatched_count":77,"last_vuln_date":158,"fetched_at":78},"flat-preloader","Flat Preloader","1.16.0","Thien Nguyen","https:\u002F\u002Fprofiles.wordpress.org\u002Ftatthiennguyen\u002F","\u003Cp>Flat Preloader helps you create the loading page with many excited gif icons.\u003C\u002Fp>\n\u003Cp>You can select where the loading page will be shown, such as home page or all pages.\u003C\u002Fp>\n\u003Cp>Feature Requests 👉 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftatthien\u002Fflat-preloader\u002Fissues\u002Fnew\" rel=\"friend nofollow ugc\">Click here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>More than 110 icons\u003C\u002Fli>\n\u003Cli>Show preloader immediately when a link is clicked\u003C\u002Fli>\n\u003Cli>Allow showing preloader on a specific post (any post-type)\u003C\u002Fli>\n\u003Cli>Add custom icon url if you don’t like the available icons.\u003C\u002Fli>\n\u003Cli>Add text under loading icon.\u003C\u002Fli>\n\u003Cli>Add delay time. The loading icon will fade out after the delay time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“Unlimited”\u003C\u002Fstrong> CSS loading animations \u003Ca href=\"https:\u002F\u002Fthisisthien.gumroad.com\u002Fl\u002Fflat-preloader-pro\" rel=\"friend nofollow ugc\">[Pro]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Change the background image, color, or gradient \u003Ca href=\"https:\u002F\u002Fthisisthien.gumroad.com\u002Fl\u002Fflat-preloader-pro\" rel=\"friend nofollow ugc\">[Pro]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Change the size, and color of the text under preloader \u003Ca href=\"https:\u002F\u002Fthisisthien.gumroad.com\u002Fl\u002Fflat-preloader-pro\" rel=\"friend nofollow ugc\">[Pro]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Flat Preloader helps you create the loading page with many excited gif icons.",3000,84380,18,"2023-05-02T16:07:00.000Z","6.2.9","4.6",[153,154,155,94,22],"flat","gif","icon","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflat-preloader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflat-preloader.1.16.0.zip","2021-09-28 00:00:00",{"attackSurface":160,"codeSignals":197,"taintFlows":230,"riskAssessment":264,"analyzedAt":278},{"hooks":161,"ajaxHandlers":193,"restRoutes":194,"shortcodes":195,"cronEvents":196,"entryPointCount":77,"unprotectedCount":77},[162,168,172,176,181,185,189],{"type":163,"name":164,"callback":165,"file":166,"line":167},"action","admin_menu","vol4ikman_nice_loader_menu","wp-nice-loader.php",23,{"type":163,"name":169,"callback":170,"file":166,"line":171},"admin_enqueue_scripts","vol4ikman_load_wp_nice_loader_admin_style",38,{"type":163,"name":173,"callback":174,"file":166,"line":175},"wp_enqueue_scripts","vol4ikman_nice_loader_scripts",52,{"type":177,"name":178,"callback":179,"file":166,"line":180},"filter","admin_footer_text","vol4ikman_nice_loader_remove_footer_admin",72,{"type":177,"name":182,"callback":183,"file":166,"line":184},"body_class","vol4ikman_nice_loader_body_class",96,{"type":163,"name":186,"callback":187,"file":166,"line":188},"init","vol4ikman_nice_loader_load_plugin_textdomain",118,{"type":163,"name":190,"callback":191,"file":166,"line":192},"wp_footer","vol4ikman_print_wp_nice_loader",127,[],[],[],[],{"dangerousFunctions":198,"sqlUsage":199,"outputEscaping":201,"fileOperations":77,"externalRequests":77,"nonceChecks":77,"capabilityChecks":26,"bundledLibraries":229},[],{"prepared":77,"raw":77,"locations":200},[],{"escaped":202,"rawEcho":203,"locations":204},6,12,[205,209,211,213,215,217,219,221,223,225,226,228],{"file":206,"line":207,"context":208},"nice_loader_admin.php",50,"raw output",{"file":206,"line":210,"context":208},59,{"file":206,"line":212,"context":208},67,{"file":206,"line":214,"context":208},78,{"file":206,"line":216,"context":208},86,{"file":206,"line":218,"context":208},99,{"file":206,"line":220,"context":208},167,{"file":222,"line":127,"context":208},"nice_loader_front.php",{"file":222,"line":224,"context":208},29,{"file":222,"line":224,"context":208},{"file":222,"line":227,"context":208},32,{"file":222,"line":227,"context":208},[],[231],{"entryPoint":232,"graph":233,"unsanitizedCount":77,"severity":263},"\u003Cnice_loader_admin> (nice_loader_admin.php:0)",{"nodes":234,"edges":258},[235,240,246,249,253,256],{"id":236,"type":237,"label":238,"file":206,"line":239},"n0","source","$_POST (x7)",8,{"id":241,"type":242,"label":243,"file":206,"line":244,"wp_function":245},"n1","sink","update_option() [Settings Manipulation]",9,"update_option",{"id":247,"type":237,"label":248,"file":206,"line":207},"n2","$_SERVER['REQUEST_URI']",{"id":250,"type":242,"label":251,"file":206,"line":207,"wp_function":252},"n3","echo() [XSS]","echo",{"id":254,"type":237,"label":255,"file":206,"line":239},"n4","$_POST (x6)",{"id":257,"type":242,"label":251,"file":206,"line":210,"wp_function":252},"n5",[259,261,262],{"from":236,"to":241,"sanitized":260},true,{"from":247,"to":250,"sanitized":260},{"from":254,"to":257,"sanitized":260},"low",{"summary":265,"deductions":266},"The \"wp-nice-loader\" plugin v0.1.0.4 presents a mixed security posture.  While the static analysis reveals a commendable lack of direct attack surface (no AJAX handlers, REST API routes, shortcodes, or cron events), indicating a potentially secure by obscurity approach, there are significant concerns. A considerable portion (67%) of output is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if any of the output is user-controlled. Furthermore, the plugin has a known medium severity vulnerability (CSRF) that remains unpatched, and this is the second known vulnerability of this type, suggesting a recurring pattern of security oversight.\n\nThe taint analysis did not uncover any issues, and the code uses prepared statements for SQL queries, which are positive security indicators. However, the lack of nonce checks and the fact that only one capability check is present for the entire plugin raises questions about the robustness of its internal access controls. The history of CSRF vulnerabilities, especially with a medium severity rating, is a notable red flag that cannot be ignored, even if the current static analysis doesn't highlight it directly. This indicates a potential blind spot in the development process for handling sensitive operations.\n\nIn conclusion, while \"wp-nice-loader\" exhibits some good practices like avoiding a large attack surface and using prepared statements, the unpatched CSRF vulnerability, combined with a high rate of unescaped output, points to significant risks. The developer should prioritize addressing the known vulnerability and improving output sanitization to enhance the plugin's overall security.",[267,270,272,275],{"reason":268,"points":269},"Unpatched medium severity CVE",15,{"reason":271,"points":239},"High percentage of unescaped output",{"reason":273,"points":274},"Lack of nonce checks",7,{"reason":276,"points":277},"Limited capability checks",5,"2026-03-16T22:24:58.401Z",{"wat":280,"direct":290},{"assetPaths":281,"generatorPatterns":287,"scriptPaths":288,"versionParams":289},[282,283,284,285,286],"\u002Fwp-content\u002Fplugins\u002Fwp-nice-loader\u002Fassets\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fwp-nice-loader\u002Fassets\u002Fplugins\u002FjqColorPicker.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-nice-loader\u002Fassets\u002Fadmin-scripts.js","\u002Fwp-content\u002Fplugins\u002Fwp-nice-loader\u002Fassets\u002Ffront-styles.css","\u002Fwp-content\u002Fplugins\u002Fwp-nice-loader\u002Fassets\u002Ffront-scripts.js",[],[283,284,286],[],{"cssClasses":291,"htmlComments":293,"htmlAttributes":294,"restEndpoints":295,"jsGlobals":296,"shortcodeOutput":297},[292],"wp_nice_loader_body",[],[],[],[],[],{"slug":4,"current_version":6,"total_versions":77,"versions":299},[]]