[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fq_1u-d5bzQl3coGmV7i8cp6PHGsRCFRu1wrW7_lzEQk":3,"$fE-H3hMkPscN1GGpFyWWaqnfUse_TcXWW4KnRbYXvHDY":605,"$fXJFdPJuDVELUr6gROIxkkZ-4bYZBwX4WCdDr6RP9wCU":609},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":39,"analysis":137,"fingerprints":586},"wp-w3d","WP W3D plugin","0.1","wp-maverick","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp-maverick\u002F","\u003Cp>This plugin aims to help WordPress users or developers to add – very easily –  several UI elements to their websites, including 3D components and layouts based upon the work of the \u003Ca href=\"http:\u002F\u002Fw3d.mba-multimedia.com\u002F\" rel=\"nofollow ugc\">W3D project\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Thanks to dedicated admin settings screens and a powerful shortcode system, creating, customizing and adding complex elements to a WordPress website is really fast and intuitive. The plugin offers a wide range of components from sliders to HTML layouts.\u003C\u002Fp>\n\u003Cp>The plugin will help people to customize their WordPress site even if they don’t know HTML, CSS or PHP. Developpers who know these languages will be able to customize the plugin by adding their own stylesheets or templates. Various WP filters are also available to help wordpress developers customizing HTML output.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"http:\u002F\u002Fwordpress.mba-multimedia.com\u002Fen\u002Four-plugins\u002Fwp-w3d-plugin\u002F\" rel=\"nofollow ugc\">official plugin page\u003C\u002Fa> for more informations and demos (EN\u002FFR).\u003C\u002Fp>\n\u003Cp>This plugin is based upon the work of the \u003Ca href=\"http:\u002F\u002Fw3d.mba-multimedia.com\u002F\" rel=\"nofollow ugc\">W3D Project\u003C\u002Fa>‘s consortium and created by the french Web agency \u003Ca href=\"http:\u002F\u002Fwww.mba-multimedia.com\u002F\" rel=\"nofollow ugc\">MBA Multimedia\u003C\u002Fa>\u003C\u002Fp>\n","WP W3D aims to help WP users or developers to add easily several UI elements to their website, including 3D components and complex animated layouts.",10,2254,80,1,"2014-04-01T12:08:00.000Z","3.7.41","3.5.1","",[20,21,22,23,24],"3d","depth","parallax","slider","w3d-project","http:\u002F\u002Fwordpress.mba-multimedia.com\u002Fplugins\u002Fwp-w3d\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-w3d.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},2,20,30,84,"2026-05-20T07:21:41.889Z",[40,61,80,101,119],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":34,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":58,"download_link":59,"security_score":60,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cinematic","Cinematic 3D Parallax Touch Slider","1.0.0","Bukza","https:\u002F\u002Fprofiles.wordpress.org\u002Fbukza\u002F","\u003Cp>Cinematic – is a responsive. touch-friendly Slider that displays your content with parallax 3D effect.\u003Cbr \u002F>\nYou can easily prepare layers for your own images in photo editor – a video lesson for Adobe Photoshop is included.\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fw63lzbJ2g7I?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=w63lzbJ2g7I\" title=\"See in action on the video!\" rel=\"nofollow ugc\">Video\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcinematic.bukza.com\u002F\" title=\"Visit our website to see live demo!\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fcinematic-3d-parallax-touch-slider-for-wordpress\u002F23379722\" title=\"Check out our PRO version with more features.\" rel=\"nofollow ugc\">Pro Version\u003C\u002Fa>\u003C\u002Fp>\n","Responsive 3D Parallax Touch Slider. The most realistic mobile 3D layer photo animation in the market.",60,3763,100,"2025-05-16T03:56:00.000Z","6.8.5","4.7","5.4",[20,56,22,23,57],"layers","slideshow","https:\u002F\u002Fcinematic.bukza.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcinematic.zip",92,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":50,"num_ratings":14,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":78,"download_link":79,"security_score":50,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"hot-blocks","Hot Blocks","1.3.4","Hot Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fhotwptemplates\u002F","\u003Cp>Hot Blocks plugin by \u003Ca href=\"https:\u002F\u002Fwww.hotjoomlatemplates.com\" title=\"Hot Themes\" rel=\"nofollow ugc\">Hot Themes\u003C\u002Fa> is a collection of several blocks for the block editor (Gutenberg). This plugin adds new blocks in the category Hot Blocks. Also, it adds custom styles to the core Latest Posts and Gallery blocks to transform the output into a carousel of posts and images.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpdemo.hotjoomlatemplates.com\u002Findex.php?order=popular&theme=blocks\" title=\"Hot Blocks demo\" rel=\"nofollow ugc\">View Hot Blocks Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Accordion block contains heading and placeholder for other blocks below the heading. User can reveal or hide the content below the heading by clicking on it. It’s useful for FAQ pages and for pages with a lot of content.\u003C\u002Fp>\n\u003Cp>Contact block includes a simple contact form for your website with a configurable anti-spam question and answer.\u003C\u002Fp>\n\u003Cp>Gallery core block customization that adds an option to display the images in the carousel mode.\u003C\u002Fp>\n\u003Cp>Latest Posts core block customization that adds an option to display the posts in the carousel mode.\u003C\u002Fp>\n\u003Cp>Map block allows you to include a Google Map to your post or page simply by entering address or point of interest. It supports align-wide.\u003C\u002Fp>\n\u003Cp>Parallax is a placeholder for other blocks. If you select a background image for the Hot Parallax block, it will use a parallax scrolling effect.\u003C\u002Fp>\n\u003Cp>There are also some simpler blocks like button with custom dimensions and font size and background color block container.\u003C\u002Fp>\n","A collection of several blocks for new WordPress editor (Gutenberg).",500,18185,"2026-03-17T11:59:00.000Z","6.9.4","5.0",[75,76,77,22,23],"accordion","blocks","google-map","https:\u002F\u002Fwww.hotjoomlatemplates.com\u002Fwordpress-plugins\u002Fhot-blocks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhot-blocks.1.3.4.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":28,"num_ratings":28,"last_updated":90,"tested_up_to":72,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":99,"download_link":100,"security_score":50,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"carousel-3d-slider","Carousel 3D Slider","1.0.1","tishonator","https:\u002F\u002Fprofiles.wordpress.org\u002Ftishonator\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Ftishonator.com\u002Fproduct\u002Fcarousel-3d-slider-pro\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Configure a Responsive 3D jQuery Carousel Slider and Insert it in any Page or Post as a Shortcode. Admin slide fields for title, text, image.\u003C\u002Fp>\n\u003Ch3>Pro Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Configure Up to 10 Different Sliders\u003C\u002Fli>\n\u003Cli>Insert Up to 10 Slides per Slider\u003C\u002Fli>\n\u003Cli>Height and Delay Options\u003C\u002Fli>\n\u003C\u002Ful>\n","Configure a Responsive 3D jQuery Carousel Slider and Insert it in any Page or Post as a Shortcode.",200,7736,"2025-12-10T10:49:00.000Z","4.9.6","5.6.0",[94,95,96,97,98],"3d-carousel","3d-carousel-sider","3d-slider","jquery-3d-slider","responsive-3d-slider","https:\u002F\u002Ftishonator.com\u002Fproduct\u002Fcarousel-3d-slider-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcarousel-3d-slider.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":50,"downloaded":109,"rating":13,"num_ratings":110,"last_updated":111,"tested_up_to":72,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":18,"download_link":118,"security_score":50,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cube-3d-slider","Cube 3D Slider","1.14","manu225","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanu225\u002F","\u003Cp>Display beautiful 3D cube sliders. \u003Ca href=\"http:\u002F\u002Fwww.info-d-74.com\u002Fcube-3d-slider-plugin-wordpress-demos\u002F\" rel=\"nofollow ugc\">Here some demonstrations\u003C\u002Fa>\u003C\u002Fp>\n","Display cube 3D slider in your website.",16448,4,"2025-11-28T14:23:00.000Z","3.5","5.6",[20,115,116,117,23],"animation","cube","rotation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcube-3d-slider.1.14.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":50,"downloaded":127,"rating":128,"num_ratings":110,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":18,"tags":132,"homepage":135,"download_link":136,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"image-parallax","Image Parallax","2.1","WebMaestro.Fr","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebmaestrofr\u002F","\u003Cp>Upload the layers of your image, and create a parallax effect !\u003C\u002Fp>\n\u003Cp>It works great on smart devices too !\u003C\u002Fp>\n\u003Cp>The first step is to create with your favorite picture editing software (\u003Cem>Photoshop\u003C\u002Fem>, \u003Cem>GIMP\u003C\u002Fem>…) an independent image for each ground composing your image. All these layers shall be the \u003Cstrong>same size\u003C\u002Fstrong>, and should be in \u003Cstrong>.png\u003C\u002Fstrong> format as they are meant to include transparency areas.\u003Cbr \u002F>\nThen, on your post editing page in WordPress, click the \u003Cem>Insert Media\u003C\u002Fem> button, and (the same way you would create a gallery) upload your layers under the \u003Cem>Create Parallax\u003C\u002Fem> item. Reorganise the layers if needed, from the background to the front.\u003Cbr \u002F>\nYou can finally configure the animation (calibrate, invert, limit, scalar, friction), and publish !\u003C\u002Fp>\n\u003Cp>There is \u003Ca href=\"http:\u002F\u002Fwebmaestro.fr\u002Fimage-parallax-plugin-wordpress\u002F\" rel=\"nofollow ugc\">some examples\u003C\u002Fa> on the plugin page.\u003C\u002Fp>\n\u003Cp>It uses \u003Ca href=\"http:\u002F\u002Fwagerfield.github.io\u002Fparallax\u002F\" rel=\"nofollow ugc\">parallax.js\u003C\u002Fa> by Matthew Wagerfield.\u003C\u002Fp>\n","Create images with a parallax effect. Upload some layers, configure the animation, and publish !",16221,96,"2014-06-16T13:58:00.000Z","3.9.40","3.9.1",[20,133,22,134],"image","picture","http:\u002F\u002Fwebmaestro.fr\u002Fimage-parallax-plugin-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-parallax.zip",{"attackSurface":138,"codeSignals":278,"taintFlows":557,"riskAssessment":575,"analyzedAt":585},{"hooks":139,"ajaxHandlers":258,"restRoutes":267,"shortcodes":268,"cronEvents":277,"entryPointCount":110,"unprotectedCount":34},[140,146,149,153,156,160,165,169,174,179,183,188,192,195,199,202,204,207,210,214,217,221,224,226,230,233,237,240,242,245,248,252,257],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_enqueue_scripts","enqueue_admin_styles","admin\u002Fclass-wp-w3d-admin.php",66,{"type":141,"name":142,"callback":147,"file":144,"line":148},"enqueue_admin_scripts",67,{"type":141,"name":150,"callback":151,"file":144,"line":152},"admin_menu","add_plugin_admin_menus",70,{"type":141,"name":150,"callback":154,"file":144,"line":155},"remove_slug_box",73,{"type":141,"name":157,"callback":158,"file":144,"line":159},"admin_head","hide_slug_box",74,{"type":161,"name":162,"callback":163,"file":144,"line":164},"filter","cmb_meta_boxes","add_w3dslider_metaboxes",88,{"type":161,"name":162,"callback":166,"file":167,"line":168},"cmb_sample_metaboxes","includes\u002Fmetabox\u002Fexample-functions.php",11,{"type":141,"name":170,"callback":171,"priority":172,"file":167,"line":173},"init","cmb_initialize_cmb_meta_boxes",9999,350,{"type":161,"name":175,"callback":176,"priority":11,"file":177,"line":178},"get_post_metadata","hijack_oembed_cache_get","includes\u002Fmetabox\u002Fhelpers\u002Fcmb_Meta_Box_ajax.php",112,{"type":161,"name":180,"callback":181,"priority":11,"file":177,"line":182},"update_post_metadata","hijack_oembed_cache_set",114,{"type":161,"name":184,"callback":185,"priority":11,"file":186,"line":187},"cmb_show_on","anonymous","includes\u002Fmetabox\u002Finit.php",157,{"type":141,"name":142,"callback":189,"priority":190,"file":186,"line":191},"register_scripts",8,161,{"type":141,"name":150,"callback":193,"file":186,"line":194},"add_metaboxes",164,{"type":141,"name":196,"callback":197,"file":186,"line":198},"add_attachment","save_post",165,{"type":141,"name":200,"callback":197,"file":186,"line":201},"edit_attachment",166,{"type":141,"name":197,"callback":197,"priority":11,"file":186,"line":203},167,{"type":141,"name":142,"callback":205,"file":186,"line":206},"do_scripts",168,{"type":141,"name":157,"callback":208,"file":186,"line":209},"add_post_enctype",171,{"type":141,"name":211,"callback":212,"file":186,"line":213},"show_user_profile","user_metabox",186,{"type":141,"name":215,"callback":212,"file":186,"line":216},"edit_user_profile",187,{"type":141,"name":218,"callback":219,"file":186,"line":220},"personal_options_update","save_user",189,{"type":141,"name":222,"callback":219,"file":186,"line":223},"edit_user_profile_update",190,{"type":141,"name":157,"callback":208,"file":186,"line":225},193,{"type":141,"name":170,"callback":227,"file":228,"line":229},"load_plugin_textdomain","public\u002Fclass-wp-w3d.php",71,{"type":141,"name":231,"callback":232,"file":228,"line":159},"wpmu_new_blog","activate_new_site",{"type":141,"name":234,"callback":235,"file":228,"line":236},"wp_enqueue_scripts","enqueue_styles",77,{"type":141,"name":170,"callback":238,"file":228,"line":239},"register_w3d_scripts",79,{"type":141,"name":170,"callback":241,"priority":172,"file":228,"line":27},"initialize_cmb_meta_boxes",{"type":141,"name":170,"callback":243,"file":228,"line":244},"register_w3dslider_custom_post_type",86,{"type":161,"name":246,"callback":247,"file":228,"line":164},"manage_edit-w3dslider_columns","admin_w3dslider_columns",{"type":141,"name":249,"callback":250,"file":228,"line":251},"manage_posts_custom_column","populate_w3dslider_columns",89,{"type":141,"name":253,"callback":254,"file":255,"line":256},"plugins_loaded","get_instance","wp-w3d.php",53,{"type":141,"name":253,"callback":254,"file":255,"line":155},[259,264],{"action":260,"nopriv":261,"callback":262,"hasNonce":261,"hasCapCheck":261,"file":186,"line":263},"cmb_oembed_handler",false,"oembed_handler",1125,{"action":260,"nopriv":265,"callback":262,"hasNonce":261,"hasCapCheck":261,"file":186,"line":266},true,1126,[],[269,273],{"tag":270,"callback":271,"file":228,"line":272},"w3dslider","w3dslider_shortcode_call",97,{"tag":274,"callback":275,"file":228,"line":276},"responsive3dgrid","responsive3dgrid_shortcode_call",98,[],{"dangerousFunctions":279,"sqlUsage":285,"outputEscaping":288,"fileOperations":28,"externalRequests":28,"nonceChecks":110,"capabilityChecks":34,"bundledLibraries":556},[280],{"fn":281,"file":282,"line":283,"context":284},"unserialize","includes\u002Fmetabox\u002Fhelpers\u002Fcmb_Meta_Box_types.php",305,"$datetime = unserialize( $meta );",{"prepared":286,"raw":28,"locations":287},3,[],{"escaped":289,"rawEcho":290,"locations":291},22,192,[292,295,297,298,299,301,302,304,305,307,308,309,310,312,313,314,315,317,318,319,320,322,323,324,325,327,328,329,330,332,333,334,335,337,338,339,341,342,344,345,346,348,349,351,352,354,355,357,359,361,362,363,364,366,367,369,371,372,373,374,376,377,378,379,381,382,383,384,386,387,388,389,391,392,393,395,396,398,399,401,403,404,405,406,407,408,409,410,412,414,415,416,417,418,420,421,422,423,424,425,426,427,429,431,432,433,434,436,438,439,441,443,444,446,448,449,450,451,452,453,454,455,457,459,460,461,462,464,465,466,468,470,471,472,474,475,477,479,480,481,482,483,484,486,487,488,489,490,491,492,493,495,496,497,498,500,502,503,504,505,506,508,510,511,513,514,515,516,517,518,520,521,522,523,524,525,527,529,531,533,535,536,537,538,540,541,543,545,547,549,552,554],{"file":177,"line":293,"context":294},199,"raw output",{"file":282,"line":296,"context":294},142,{"file":282,"line":296,"context":294},{"file":282,"line":296,"context":294},{"file":282,"line":300,"context":294},150,{"file":282,"line":300,"context":294},{"file":282,"line":303,"context":294},159,{"file":282,"line":206,"context":294},{"file":282,"line":306,"context":294},249,{"file":282,"line":306,"context":294},{"file":282,"line":306,"context":294},{"file":282,"line":306,"context":294},{"file":282,"line":311,"context":294},257,{"file":282,"line":311,"context":294},{"file":282,"line":311,"context":294},{"file":282,"line":311,"context":294},{"file":282,"line":316,"context":294},264,{"file":282,"line":316,"context":294},{"file":282,"line":316,"context":294},{"file":282,"line":316,"context":294},{"file":282,"line":321,"context":294},272,{"file":282,"line":321,"context":294},{"file":282,"line":321,"context":294},{"file":282,"line":321,"context":294},{"file":282,"line":326,"context":294},280,{"file":282,"line":326,"context":294},{"file":282,"line":326,"context":294},{"file":282,"line":326,"context":294},{"file":282,"line":331,"context":294},284,{"file":282,"line":331,"context":294},{"file":282,"line":331,"context":294},{"file":282,"line":331,"context":294},{"file":282,"line":336,"context":294},288,{"file":282,"line":336,"context":294},{"file":282,"line":336,"context":294},{"file":282,"line":340,"context":294},299,{"file":282,"line":340,"context":294},{"file":282,"line":343,"context":294},300,{"file":282,"line":343,"context":294},{"file":282,"line":343,"context":294},{"file":282,"line":347,"context":294},315,{"file":282,"line":347,"context":294},{"file":282,"line":350,"context":294},316,{"file":282,"line":350,"context":294},{"file":282,"line":353,"context":294},318,{"file":282,"line":353,"context":294},{"file":282,"line":356,"context":294},319,{"file":282,"line":358,"context":294},320,{"file":282,"line":360,"context":294},324,{"file":282,"line":360,"context":294},{"file":282,"line":360,"context":294},{"file":282,"line":360,"context":294},{"file":282,"line":365,"context":294},332,{"file":282,"line":365,"context":294},{"file":282,"line":368,"context":294},333,{"file":282,"line":370,"context":294},342,{"file":282,"line":370,"context":294},{"file":282,"line":370,"context":294},{"file":282,"line":370,"context":294},{"file":282,"line":375,"context":294},352,{"file":282,"line":375,"context":294},{"file":282,"line":375,"context":294},{"file":282,"line":375,"context":294},{"file":282,"line":380,"context":294},356,{"file":282,"line":380,"context":294},{"file":282,"line":380,"context":294},{"file":282,"line":380,"context":294},{"file":282,"line":385,"context":294},360,{"file":282,"line":385,"context":294},{"file":282,"line":385,"context":294},{"file":282,"line":385,"context":294},{"file":282,"line":390,"context":294},364,{"file":282,"line":390,"context":294},{"file":282,"line":390,"context":294},{"file":282,"line":394,"context":294},369,{"file":282,"line":394,"context":294},{"file":282,"line":397,"context":294},371,{"file":282,"line":397,"context":294},{"file":282,"line":400,"context":294},373,{"file":282,"line":402,"context":294},381,{"file":282,"line":402,"context":294},{"file":282,"line":402,"context":294},{"file":282,"line":402,"context":294},{"file":282,"line":402,"context":294},{"file":282,"line":402,"context":294},{"file":282,"line":402,"context":294},{"file":282,"line":402,"context":294},{"file":282,"line":411,"context":294},384,{"file":282,"line":413,"context":294},392,{"file":282,"line":413,"context":294},{"file":282,"line":413,"context":294},{"file":282,"line":413,"context":294},{"file":282,"line":413,"context":294},{"file":282,"line":419,"context":294},399,{"file":282,"line":419,"context":294},{"file":282,"line":419,"context":294},{"file":282,"line":419,"context":294},{"file":282,"line":419,"context":294},{"file":282,"line":419,"context":294},{"file":282,"line":419,"context":294},{"file":282,"line":419,"context":294},{"file":282,"line":428,"context":294},402,{"file":282,"line":430,"context":294},411,{"file":282,"line":430,"context":294},{"file":282,"line":430,"context":294},{"file":282,"line":430,"context":294},{"file":282,"line":435,"context":294},416,{"file":282,"line":437,"context":294},421,{"file":282,"line":437,"context":294},{"file":282,"line":440,"context":294},426,{"file":282,"line":442,"context":294},428,{"file":282,"line":442,"context":294},{"file":282,"line":445,"context":294},431,{"file":282,"line":447,"context":294},443,{"file":282,"line":447,"context":294},{"file":282,"line":447,"context":294},{"file":282,"line":447,"context":294},{"file":282,"line":447,"context":294},{"file":282,"line":447,"context":294},{"file":282,"line":447,"context":294},{"file":282,"line":447,"context":294},{"file":282,"line":456,"context":294},446,{"file":282,"line":458,"context":294},459,{"file":282,"line":458,"context":294},{"file":282,"line":458,"context":294},{"file":282,"line":458,"context":294},{"file":282,"line":463,"context":294},464,{"file":282,"line":463,"context":294},{"file":282,"line":463,"context":294},{"file":282,"line":467,"context":294},467,{"file":282,"line":469,"context":294},476,{"file":282,"line":469,"context":294},{"file":282,"line":469,"context":294},{"file":282,"line":473,"context":294},477,{"file":282,"line":473,"context":294},{"file":282,"line":476,"context":294},479,{"file":282,"line":478,"context":294},485,{"file":282,"line":478,"context":294},{"file":282,"line":478,"context":294},{"file":282,"line":478,"context":294},{"file":282,"line":478,"context":294},{"file":282,"line":478,"context":294},{"file":282,"line":485,"context":294},497,{"file":282,"line":485,"context":294},{"file":282,"line":485,"context":294},{"file":282,"line":485,"context":294},{"file":282,"line":485,"context":294},{"file":282,"line":485,"context":294},{"file":282,"line":485,"context":294},{"file":282,"line":485,"context":294},{"file":282,"line":494,"context":294},514,{"file":282,"line":494,"context":294},{"file":282,"line":494,"context":294},{"file":282,"line":494,"context":294},{"file":282,"line":499,"context":294},515,{"file":282,"line":501,"context":294},526,{"file":282,"line":501,"context":294},{"file":282,"line":501,"context":294},{"file":282,"line":501,"context":294},{"file":282,"line":501,"context":294},{"file":282,"line":507,"context":294},533,{"file":282,"line":509,"context":294},534,{"file":282,"line":509,"context":294},{"file":282,"line":512,"context":294},542,{"file":282,"line":512,"context":294},{"file":282,"line":512,"context":294},{"file":282,"line":512,"context":294},{"file":282,"line":512,"context":294},{"file":282,"line":512,"context":294},{"file":282,"line":519,"context":294},549,{"file":282,"line":519,"context":294},{"file":282,"line":519,"context":294},{"file":282,"line":519,"context":294},{"file":282,"line":519,"context":294},{"file":282,"line":519,"context":294},{"file":282,"line":526,"context":294},550,{"file":282,"line":528,"context":294},551,{"file":282,"line":530,"context":294},554,{"file":186,"line":532,"context":294},298,{"file":186,"line":534,"context":294},414,{"file":186,"line":437,"context":294},{"file":186,"line":437,"context":294},{"file":186,"line":437,"context":294},{"file":186,"line":539,"context":294},423,{"file":186,"line":539,"context":294},{"file":186,"line":542,"context":294},1230,{"file":228,"line":544,"context":294},432,{"file":228,"line":546,"context":294},436,{"file":228,"line":548,"context":294},440,{"file":550,"line":551,"context":294},"public\u002Fviews\u002Fsliders\u002Fmouseparallaxslider-markup-html.php",34,{"file":550,"line":553,"context":294},45,{"file":550,"line":555,"context":294},55,[],[558],{"entryPoint":559,"graph":560,"unsanitizedCount":28,"severity":574},"\u003Cinit> (includes\u002Fmetabox\u002Finit.php:0)",{"nodes":561,"edges":572},[562,567],{"id":563,"type":564,"label":565,"file":186,"line":566},"n0","source","$_REQUEST",712,{"id":568,"type":569,"label":570,"file":186,"line":542,"wp_function":571},"n1","sink","echo() [XSS]","echo",[573],{"from":563,"to":568,"sanitized":265},"low",{"summary":576,"deductions":577},"The wp-w3d plugin v0.1 presents a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and avoids external HTTP requests and file operations. The absence of known vulnerabilities and a clean taint analysis history are also encouraging signs. However, there are significant concerns regarding its attack surface and the handling of potentially dangerous functions.\n\nThe plugin exposes two AJAX handlers without authentication checks, creating a direct path for unauthenticated attackers to interact with the plugin's functionality. Furthermore, the presence of the `unserialize` function is a critical risk, especially when not paired with robust input validation and sanitization. While the taint analysis did not reveal any explicit unsanitized paths, the `unserialize` function itself is inherently dangerous and can lead to Remote Code Execution if used with user-supplied, untrusted data. The low percentage of properly escaped output (10%) also suggests a risk of Cross-Site Scripting (XSS) vulnerabilities.\n\nOverall, while the plugin has a clean vulnerability history, the identified code signals and attack surface necessitate caution. The lack of authentication on AJAX endpoints and the use of `unserialize` are high-priority areas that require immediate attention to mitigate potential security risks.",[578,580,583],{"reason":579,"points":11},"Unprotected AJAX handlers",{"reason":581,"points":582},"Use of unserialize function",15,{"reason":584,"points":190},"Low percentage of properly escaped output","2026-04-16T12:28:53.234Z",{"wat":587,"direct":598},{"assetPaths":588,"generatorPatterns":592,"scriptPaths":593,"versionParams":594},[589,590,591],"\u002Fwp-content\u002Fplugins\u002Fwp-w3d\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fwp-w3d\u002Fassets\u002Fcss\u002Fedit-slider.css","\u002Fwp-content\u002Fplugins\u002Fwp-w3d\u002Fassets\u002Fjs\u002Fedit-slider.js",[],[591],[595,596,597],"wp-w3d-admin-styles?ver=","wp-w3d-admin-edit-slider-styles?ver=","wp-w3d-admin-edit-slider-script?ver=",{"cssClasses":599,"htmlComments":600,"htmlAttributes":601,"restEndpoints":602,"jsGlobals":603,"shortcodeOutput":604},[270],[],[],[],[],[],{"error":265,"url":606,"statusCode":607,"statusMessage":608,"message":608},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-w3d\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":28,"versions":610},[]]