[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f99di-I66r3mp990wK-4BIu2RdtIO1F1ATGl6k9TB10Q":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":142,"fingerprints":192},"xmas-decoration","Xmas Decoration","1.3","Mr. Meo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeohen1989\u002F","\u003Cp>Marry Christmas! If you want to refesh your website with new look at Christmas, you’ll love it.\u003C\u002Fp>\n\u003Cp>Like my work?\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fmrmeo89\" rel=\"nofollow ugc\">By me a coffee\u003C\u002Fa>\u003C\u002Fp>\n","Decoration for your website at Christmas.",200,36098,100,9,"2020-11-30T15:42:00.000Z","5.3.21","3.4","",[20,21,22,23,24],"christmas","decoration","new-year","noel","xmas","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fxmas-decoration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxmas-decoration.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"meohen1989",3,230,90,30,87,"2026-04-05T03:01:43.679Z",[41,65,83,101,122],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":18,"tags":56,"homepage":60,"download_link":61,"security_score":62,"vuln_count":63,"unpatched_count":28,"last_vuln_date":64,"fetched_at":30},"christmas-panda","Christmas Panda","1.1.0","pixolette","https:\u002F\u002Fprofiles.wordpress.org\u002Fpixolette\u002F","\u003Cp>Christmas decorations plugin for WordPress. Decorate your WordPress website with Christmas trees, Santa, snowfall or just display a pop-up to remember your visitors that it’s Christmas.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FAXo0mqt1ZNg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Christmas Pop-ups\u003C\u002Fli>\n\u003Cli>Snowfall animations\u003C\u002Fli>\n\u003Cli>Christmas decorations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Admin Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Manage decorations\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable snowfall\u003C\u002Fli>\n\u003Cli>Manage popups\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For further information and instructions please see the \u003Ca href=\"https:\u002F\u002Fpixolette.com\u002Fwordpress-plugins\u002Fchristmas-panda\u002F\" rel=\"nofollow ugc\">plugin page\u003C\u002Fa>\u003C\u002Fp>\n","Christmas decorations plugin for WordPress. Decorate your WordPress website with Christmas trees, Santa, snowfall or just display a pop-up to remember …",500,32576,98,15,"2025-03-19T19:26:00.000Z","6.7.5","4.0",[20,57,58,59,24],"christmas-decorations","decorations","panda","https:\u002F\u002Fpixollete.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchristmas-panda.1.1.0.zip",91,1,"2025-03-27 00:00:00",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":11,"downloaded":73,"rating":36,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":18,"tags":78,"homepage":81,"download_link":82,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"snow","Snow","2.0.2","Mitch","https:\u002F\u002Fprofiles.wordpress.org\u002Flowest\u002F","\u003Cp>Let it snow on your WordPress website using Snow. With awesome customizable options, Snow provides you and your visitors the best pixelated snow experience without slowing down your website. You don’t need any coding knowledge to use this plugin.\u003C\u002Fp>\n\u003Ch4>Fully customizable\u003C\u002Fh4>\n\u003Cp>Snow is fully customizable. Change the flake size, color, shadow and a lot more. Dislike the default snowflakes? We got your back. Just upload and use your own snowflake image!\u003C\u002Fp>\n\u003Ch4>Schedule and watch it happen\u003C\u002Fh4>\n\u003Cp>Snow features a special option which allows you to easily schedule the snowfall!\u003C\u002Fp>\n\u003Ch4>Realistic and professional\u003C\u002Fh4>\n\u003Cp>You don’t want unprofessional scripted snow on your site. No, you want the real deal and you’re looking at it right now.\u003C\u002Fp>\n\u003Ch4>Lightweight!\u003C\u002Fh4>\n\u003Cp>Choose from all kinds of options to speed up your website. Who needs a slow website when you have smart technology?\u003C\u002Fp>\n","Professional snow plugin with highly customizable options, no coding knowledge required.",20877,13,"2016-12-21T19:51:00.000Z","4.7.32","3.0",[20,66,79,80,24],"snowing","winter","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsnow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsnow.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":13,"downloaded":91,"rating":13,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":99,"download_link":100,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"rocket-fireworks","Rocket Fireworks","1.4","Shahaji Deshmukh","https:\u002F\u002Fprofiles.wordpress.org\u002Fshahaji9\u002F","\u003Cp>Rocket Fireworks Celebration Plugin for your blog or website.\u003C\u002Fp>\n\u003Cp>Celebrate with cool Rocket Firework show for your website or blog visitors. This Plugin is very easy to install & works as great tool when you want celebrate important days with your website visitors by giving them pleasant user experience. Firework rockets blows in multicolor which looks cool, attractive & attentive. This Plugin is perfect match made when you are in mood of celebration with your customers.\u003C\u002Fp>\n\u003Cp>This Plugin is very useful for Diwali, Christmas and New year celebrations.\u003C\u002Fp>\n\u003Cp>Just activate the Plugin it will start rocket fireworks. Enjoy your best days.\u003C\u002Fp>\n","Rocket Fireworks Celebration Plugin for your blog or website.",17608,7,"2023-10-28T11:05:00.000Z","6.3.8","3.0.1",[97,20,98,22,84],"admin","fireworks","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frocket-fireworks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frocket-fireworks.1.4.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":120,"download_link":121,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"christmas-countdown-clock","Christmas Countdown Clock","1.1","enclick","https:\u002F\u002Fprofiles.wordpress.org\u002Fenclick\u002F","\u003Cp>Christmas countdown clock showing days and hours until Christmas day. Select from several designs, sizes, animations and backgrounds\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select from a range of designs\u003C\u002Fli>\n\u003Cli>Select size, background colours, pictures or animations\u003C\u002Fli>\n\u003Cli>Full range of designs can be seen at \u003Ca href=\"http:\u002F\u002Fmycountdown.org\u002FHoliday\u002FChristmas\u002Fgetwidget\u002F\" title=\"Generate your own Christmas Countdown Clocks\" rel=\"nofollow ugc\">mycountdown.org\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Christmas countdown clock showing days and hours until Christmas day. Select from several designs, sizes, animations and backgrounds",50,15388,60,4,"2021-02-18T10:53:00.000Z","5.6.17","1.5",[20,117,118,119,24],"christmas-countdown","christmas-day","flash-christmas-count-down","https:\u002F\u002Fmycountdown.org\u002Fwordpress-countdown-clock-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchristmas-countdown-clock.1.1.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":18,"tags":137,"homepage":140,"download_link":141,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"xmas-lights","Xmas Lights","1.0.3","GraphicEdit","https:\u002F\u002Fprofiles.wordpress.org\u002Fgraphicedit\u002F","\u003Cp>Add nice looking animated Xmas(Christmas) Lights to the top of site.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"http:\u002F\u002Fgraphicedit.com\u002F\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n","Add nice looking animated Xmas(Christmas) Lights to the top of site.",40,44779,96,8,"2018-03-24T15:33:00.000Z","4.9.29","4.9.4",[20,138,80,139,24],"christmas-lights","xhristmas-lights","http:\u002F\u002Fgraphicedit.com\u002Fblog\u002Fplugin\u002Fxmas-lights\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxmas-lights.zip",{"attackSurface":143,"codeSignals":165,"taintFlows":185,"riskAssessment":186,"analyzedAt":191},{"hooks":144,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":28,"unprotectedCount":28},[145,151,153,157],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","wp_footer","xmas_decoration","xmas-decoration.php",59,{"type":146,"name":147,"callback":152,"file":149,"line":111},"xmas_decoration_load_script_style",{"type":146,"name":154,"callback":155,"file":149,"line":156},"admin_init","xmas_decoration_register_settings",74,{"type":146,"name":158,"callback":159,"file":149,"line":160},"admin_menu","xmas_decoration_register_options_page",80,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":184},[],{"prepared":28,"raw":28,"locations":168},[],{"escaped":28,"rawEcho":170,"locations":171},5,[172,175,177,179,182],{"file":173,"line":34,"context":174},"admin\\tmpl\\default.php","raw output",{"file":173,"line":176,"context":174},28,{"file":173,"line":178,"context":174},39,{"file":180,"line":181,"context":174},"site\\tmpl\\default.php",449,{"file":180,"line":183,"context":174},454,[],[],{"summary":187,"deductions":188},"The \"xmas-decoration\" v1.3 plugin exhibits a seemingly robust security posture based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero-sized attack surface with no unprotected entry points. The code also reports no dangerous functions, file operations, external HTTP requests, or bundled libraries. Crucially, all SQL queries are performed using prepared statements, which is a significant strength.  However, a critical concern arises from the complete lack of output escaping. This means that any data rendered by the plugin to the user interface is not sanitized, leaving it highly vulnerable to cross-site scripting (XSS) attacks.  The vulnerability history is clean, with no recorded CVEs, which is a positive indicator.  Despite the absence of exploitable vulnerabilities in the historical data and the strong SQL practices, the complete lack of output escaping represents a significant and readily exploitable weakness that cannot be overlooked.",[189],{"reason":190,"points":52},"0% output escaping found","2026-03-16T20:14:48.896Z",{"wat":193,"direct":201},{"assetPaths":194,"generatorPatterns":198,"scriptPaths":199,"versionParams":200},[195,196,197],"\u002Fwp-content\u002Fplugins\u002Fxmas-decoration\u002Fsite\u002Fassets\u002Fjs\u002Fyuiloader-dom-event.js","\u002Fwp-content\u002Fplugins\u002Fxmas-decoration\u002Fsite\u002Fassets\u002Fjs\u002Fholiday_bells.js","\u002Fwp-content\u002Fplugins\u002Fxmas-decoration\u002Fsite\u002Fassets\u002Fcss\u002Fadditional.css",[],[],[],{"cssClasses":202,"htmlComments":203,"htmlAttributes":204,"restEndpoints":205,"jsGlobals":206,"shortcodeOutput":207},[],[],[],[],[],[]]