[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fliug4ZGw9uG5aH0OBn4MaEGS51F_Jed8i6AS2fdn8Eg":3,"$fq9w1qAfCAFJh01RHhsAmXV2NOxA2kc4FtuBARAYq6ZM":333,"$fD27R-XLsNUKs5Htn5EM9AmQlAv2JuNLEC9kWxq-ilgM":338},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":120,"fingerprints":160},"yahoo-currency","Yahoo Currency","1.10","moklet","https:\u002F\u002Fprofiles.wordpress.org\u002Fmoklet\u002F","\u003Cp>With the yahoo currency plugin you can display and embed Yahoo Currency Feeds in your WordPress posts and pages using the following shortcode:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[ycurrency base=\"Currency Code\" currencies=\"Currency Code,Currency Code,Currency Code etc\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>FILTER USAGE\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just put a \u003Ccode>[ycurrency base=\"Currency Code\" xcur=\"Currency Code,Currency Code,Currency Code etc\"]\u003C\u002Fcode> in your post, and the rates will show up.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>NAMED PARAMETERS\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For some customisation there are some options you can use.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>base : The Base Currency in international format (USD)\u003C\u002Fli>\n\u003Cli>xcur : The other currencies you want to display the rate compared to the base currency seperated by a comma (GBP,EUR)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[ycurrency base=\"USD\" xcur=\"GBP,EUR,ZAR\"] (display the buy and sell rate of the US Dollar against the British Pound,Euro,South African Rand)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Finally note the whole thing must be on ONE line.  No line breaks or else it won’t work.\u003C\u002Fp>\n\u003Cp>1.00 Initial release.\u003C\u002Fp>\n","With the yahoo currency plugin you can display a feed of Yahoo Currency Exchange rates.",10,3724,0,"2010-03-13T06:23:00.000Z","2.9.2","2.5","",[19,20,21,22,23],"atom","embed","feed","inline","rss","http:\u002F\u002Fwww.smesolutions.co.za\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyahoo-currency.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,20,30,84,"2026-05-20T10:13:47.139Z",[38,47,60,81,100],{"slug":39,"name":40,"version":6,"author":7,"author_profile":8,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":13,"num_ratings":13,"last_updated":44,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":45,"homepage":24,"download_link":46,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"gweather","Gweather","\u003Cp>With the gweather plugin you can display and embed Google Weather Feeds in your WordPress posts and pages using the following shortcode:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[gweather city=\"City\" country=\"Country Shortcode\" temp=\"C\" credit=\"1\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>FILTER USAGE\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just put a \u003Ccode>[gweather city=\"city\" country=\"country shortcode\" temp=\"C\" credit=\"1\"]\u003C\u002Fcode> in your post, and the weather will show up.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>NAMED PARAMETERS\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For some customisation there are some options you can use.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>city : Which city would you like the weather for\u003C\u002Fli>\n\u003Cli>country : Your Country Shortcode (e.g. US for the United States, ZA for South Africa, NL for the Netherlands)\u003C\u002Fli>\n\u003Cli>temp: C for celcius or F for Fahrenheit\u003C\u002Fli>\n\u003Cli>credit: 1 if you want to show a credit link, 0 if you don’t want to show a credit link (I hope you would like to show it)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[gweather city=\"Pretoria\" country=\"ZA\" temp=\"C\" credit=0] (weather in pretoria in Celcius with no credit link)\n\n[gweather city=\"London\" country=\"UK\" temp=\"F\" credit=\"1\"] (weather in london in Fahrenheit with credit link)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Finally note the whole thing must be on ONE line.  No line breaks or else it won’t work.\u003C\u002Fp>\n\u003Cp>There is no styling in the table, but the table is generated with a class of gweather. So you can style the look of the output by adding a class for that in your stylesheet\u003C\u002Fp>\n\u003Cp>1.00 Initial release.\u003Cbr \u002F>\n1.10 Bug Fix Cities with spaces where not renedered properly\u003C\u002Fp>\n","With the gweather plugin you can display and embed Google Weather Feeds in your Wordpress posts and pages.",4518,"2010-01-17T16:13:00.000Z",[19,20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgweather.zip",{"slug":48,"name":49,"version":50,"author":17,"author_profile":51,"description":52,"short_description":53,"active_installs":11,"downloaded":54,"rating":13,"num_ratings":13,"last_updated":55,"tested_up_to":15,"requires_at_least":56,"requires_php":17,"tags":57,"homepage":17,"download_link":59,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"omnifeed","Omnifeed","1.1","https:\u002F\u002Fprofiles.wordpress.org\u002Fomnisourcetech\u002F","\u003Cp>OmniFeed was inspired by InlineFeed made by Dennis Kruyt\u003Cbr \u002F>\nWe loved that plugin but when it broke and it didn’t look like it was being supported anymore, we built our own.\u003Cbr \u002F>\nInstead of holding it just for our company, we thought it would be great to share it – please feel free to use, modify, abuse, disassemble, and generally make this your own according to open source etiquette ofcourse 😉 We think we’ve added everything you need but if not, please feel free to contact us!\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.OmnisourceTech.com\u002Fomnifeed\u003C\u002Fp>\n\u003Cp>Use the following shortcode inside your post:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[omnifeed rss_feed_url=\"http:\u002F\u002Ffeed.xml\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>VERSION 1.1 UPDATE:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>removed caching\u003C\u002Fli>\n\u003Cli>gave the option to add target=”_blank” to the Channel URL (thanks to Olivier for reporting this bug)\u003C\u002Fli>\n\u003Cli>added spacing between feeds\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>FILTER USAGE\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just put a \u003Ccode>[omnifeed rss_feed_url=\"http:\u002F\u002Fyourfeed.rdf\"]\u003C\u002Fcode> in your post, and the feed will show up.\u003C\u002Fp>\n\u003Cp>Left as rss for backwards compatibility but will work with ATOM feeds as well.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>NAMED PARAMETERS\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For some customisation there are some options you can use.\u003C\u002Fp>\n\u003Cp>display(1-100) -> Show the number of lines from the feed.\u003Cbr \u002F>\nrss_feed_url -> The RSS\u002FATOM URL.\u003Cbr \u002F>\ndisplaydescriptions(true\u002Ffalse) -> Show the discription \u002F content of the feed, default true.\u003Cbr \u002F>\ntruncatetitle(false\u002F1-100) -> Truncate long title headers after x caracters. Or false if no truncate (default).\u003Cbr \u002F>\nnewwindow (true\u002Ffalse)-> Open links in new window?\u003Cbr \u002F>\ndisplayfeedname (true\u002Ffalse)-> Display the name of the feed, default true.\u003Cbr \u002F>\nboxwidth (integer) -> width of the div containing the feed\u003Cbr \u002F>\ntitlefontsize(integer) -> font size for feed title. Not required. If not given, then the template’s value will be used\u003Cbr \u002F>\nfonttype(integer) -> font type of the entire field. Not required. If not given, then the template’s value will be used\u003Cbr \u002F>\nchannelfontcolor -> color for channel (feed); Example: #aa231b or simply “red”.  Not required. If not given, then the template’s value will be used\u003Cbr \u002F>\ntitlefontcolor ->  color for title; Example: #aa231b or simply “red”.Not required. If not given, then the template’s value will be used\u003Cbr \u002F>\ndescriptionfontsize(integer) -> font size of the description.Not required. If not given, then the template’s value will be used\u003Cbr \u002F>\ndescriptionfontcolor->  color for feed’s description\u002Fcontent; Example: #aa231b or simply “red”.Not required. If not given, then the template’s value will be used\u003C\u002Fp>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[omnifeed display=5 rss_feed_url=\"http:\u002F\u002Frss.news.yahoo.com\u002Frss\u002Fmostemailed\" displaydescriptions=true truncatetitle=false displayfeedname=true boxwidth=500 titlefontsize=18 fonttype=helvetica channelfontcolor=red titlefontcolor=green descriptionfontcolor=#000 descriptionfontsize=16 newwindow=false]\n\n[omnifeed rss_feed_url=\"http:\u002F\u002Frss.cnn.com\u002Frss\u002Fcnn_topstories.rss\" displaydescriptions=true truncatetitle=false newwindow=true display=5]\n\n[omnifeed rss_feed_url=\"http:\u002F\u002Frss.cnn.com\u002Frss\u002Fcnn_topstories.rss\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Finally note the whole thing must be on ONE line.  No line breaks or else it won’t work.\u003C\u002Fp>\n\u003Cp>If you want to use a gziped rssfeed try you must add gzip support to wordpress, take a look here: https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fclass-snoopyphp-gzip-support\u002F\u003C\u002Fp>\n\u003Cp>Live examples:\u003C\u002Fp>\n\u003Cp>soon to come\u003C\u002Fp>\n\u003Cp>Major updates from Inlinefeed:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The code can be added in both Visual and HTML mode\u003C\u002Fli>\n\u003Cli>Based on Simplepie\u003C\u002Fli>\n\u003Cli>Pictures inside description now have a 5 pixels right margin\u003C\u002Fli>\n\u003Cli>Control over font type, font size and font color of the feed\u003C\u002Fli>\n\u003C\u002Ful>\n","With Omnifeed plugin you can display and embed RSS\u002FATOM feeds in your Wordpress posts and pages.",3005,"2010-05-31T14:29:00.000Z","2.2",[19,20,21,58,23],"omni","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fomnifeed.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":17,"tags":75,"homepage":79,"download_link":80,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"disable-feeds","Disable Feeds","1.4.4","WPDeveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevteam\u002F","\u003Cp>This plugin disables all RSS\u002FAtom\u002FRDF feeds on your site. It is useful if you use WordPress purely as a content management system (and not for blogging). All requests for feeds will be redirected to the corresponding HTML content.\u003C\u002Fp>\n\u003Cp>There are a couple of options to tweak the plugin’s behaviour – go to \u003Ccode>Settings -> Reading\u003C\u002Fcode> to see them.\u003C\u002Fp>\n\u003Cp>If you come across any bugs or have suggestions, please use the plugin support forum. I can’t fix it if I don’t know it’s broken! Please check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fdisable-feeds\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for common issues.\u003C\u002Fp>\n\u003Cp>Want to contribute? Here’s the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsolarissmoke\u002Fdisable-feeds\" rel=\"nofollow ugc\">GitHub development repository\u003C\u002Fa>.\u003C\u002Fp>\n","Disables all RSS\u002FAtom\u002FRDF feeds on your WordPress site.",20000,217034,94,31,"2018-03-30T04:50:00.000Z","4.9.29","4.0",[19,76,77,78,23],"disable","feeds","rdf","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-feeds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-feeds.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":67,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":98,"download_link":99,"security_score":90,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"disable-feeds-wp","Disable Feeds WP","1.7","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>Disable Feeds WP is a WordPress plugin to disable all RSS\u002FAtom\u002FRDF WordPress feeds on your website\u002Fblog. It is very useful if you use WordPress purely as a content management system (and not for blogging). All requests for feeds will be redirected to the corresponding HTML content.\u003C\u002Fp>\n\u003Cp>There are a couple of options to tweak the plugin’s behavior – go to \u003Ccode>Settings -> Reading\u003C\u002Fcode> to see them.\u003C\u002Fp>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Fdisable-feeds-wp\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n",10000,27227,100,5,"2025-07-17T11:10:00.000Z","6.8.5","4.9","7.4",[19,76,77,23,97],"wordpress-feeds","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-feeds-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-feeds-wp.1.7.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":88,"downloaded":108,"rating":35,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":17,"tags":113,"homepage":116,"download_link":117,"security_score":118,"vuln_count":91,"unpatched_count":13,"last_vuln_date":119,"fetched_at":28},"feedwordpress","FeedWordPress","2025.1211","C. Johnson","https:\u002F\u002Fprofiles.wordpress.org\u002Fradgeek\u002F","\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Ffwpplugin.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">C. Johnson\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Project URI: \u003Ca href=\"http:\u002F\u002Ffwpplugin.com\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Ffwpplugin.com\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>License: GPL 2. See License below for copyright jots and tittles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>FeedWordPress is an Atom\u002FRSS aggregator for WordPress. It syndicates content from feeds that you choose into your WordPress weblog, and then the content it syndicates appears as a series of special posts in your WordPress posts database. If you syndicate several feeds then you can use WordPress’s posts database and templating engine as the back-end of an aggregation (“planet”) website. It was developed, originally, as a utility\u002Fhobby project, because I needed a more flexible replacement for \u003Ca href=\"https:\u002F\u002Fweb.archive.org\u002Fweb\u002F20051029095046\u002Fhttp:\u002F\u002Fwww.planetplanet.org\u002F\" rel=\"nofollow ugc\">Planet\u003C\u002Fa> for aggregator sites that I administered.\u003C\u002Fp>\n\u003Cp>FeedWordPress is designed with flexibility, ease of use, and ease of configuration in mind. You’ll need a working installation of WordPress (version \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FVersion_4.5\" rel=\"nofollow ugc\">4.5\u003C\u002Fa> or later), and it helps to have SFTP or FTP access to your web host. The ability to create cron jobs on your web host is helpful but not required.\u003C\u002Fp>\n\u003Ch3>Using and Customizing FeedWordPress\u003C\u002Fh3>\n\u003Cp>FeedWordPress has many options which can be accessed through the WordPress Dashboard, and a lot of functionality accessible programmatically through WordPress templates or plugins. For further documentation of the ins and outs, see the documentation at the \u003Ca href=\"http:\u002F\u002Ffeedwordpress.radgeek.com\u002F\" rel=\"nofollow ugc\">FeedWordPress project homepage\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>The FeedWordPress plugin is copyright © 2005-2021 by Charles Johnson. It uses code derived or translated from:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Flaughingmeme.org\u002Farchives\u002F002203.html\" rel=\"nofollow ugc\">wp-rss-aggregate.php\u003C\u002Fa> by \u003Ca href=\"kellan@protest.net\" rel=\"nofollow ugc\">Kellan Elliot-McCrea\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.simplepie.org\u002F\" rel=\"nofollow ugc\">SimplePie\u003C\u002Fa> feed parser by Ryan Parman, Geoffrey Sneddon, Ryan McCue, et al.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fmagpierss.sourceforge.net\u002F\" rel=\"nofollow ugc\">MagpieRSS\u003C\u002Fa> feed parser by \u003Ca href=\"kellan@protest.net\" rel=\"nofollow ugc\">Kellan Elliot-McCrea\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdiveintomark.org\u002Fprojects\u002Ffeed_finder\u002F\" rel=\"nofollow ugc\">Ultra-Liberal Feed Finder\u003C\u002Fa> by \u003Ca href=\"mark@diveintomark.org\" rel=\"nofollow ugc\">Mark Pilgrim\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002F\" rel=\"ugc\">WordPress Blog Tool and Publishing Platform\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>according to the terms of the \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fcopyleft\u002Fgpl.html\" rel=\"nofollow ugc\">GNU General Public License\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify it under the terms of the \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fcopyleft\u002Fgpl.html\" rel=\"nofollow ugc\">GNU General Public License\u003C\u002Fa> as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n","FeedWordPress syndicates content from feeds you choose into your WordPress weblog.",1322049,61,"2025-12-11T14:32:00.000Z","6.9.4","4.5",[114,19,21,23,115],"aggregation","syndication","https:\u002F\u002Ffwpplugin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeedwordpress.2025.1211.zip",97,"2024-03-04 00:00:00",{"attackSurface":121,"codeSignals":138,"taintFlows":148,"riskAssessment":149,"analyzedAt":159},{"hooks":122,"ajaxHandlers":129,"restRoutes":130,"shortcodes":131,"cronEvents":136,"entryPointCount":137,"unprotectedCount":13},[123],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","wp_head","mycss_header","ycurrency.php",199,[],[],[132],{"tag":133,"callback":134,"file":127,"line":135},"ycurrency","ycurrency_func",14,[],1,{"dangerousFunctions":139,"sqlUsage":140,"outputEscaping":142,"fileOperations":137,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":147},[],{"prepared":13,"raw":13,"locations":141},[],{"escaped":13,"rawEcho":137,"locations":143},[144],{"file":127,"line":145,"context":146},195,"raw output",[],[],{"summary":150,"deductions":151},"The \"yahoo-currency\" plugin v1.10 exhibits a mixed security posture.  On the positive side, there are no known CVEs, the plugin does not appear to make external HTTP requests, and all SQL queries utilize prepared statements, which is a strong defense against SQL injection.  The static analysis also indicates a small attack surface with only one shortcode and no identified dangerous functions or taint flows.  \n\nHowever, significant concerns arise from the lack of output escaping and the absence of nonce and capability checks.  While the attack surface is small, the single shortcode presents a potential entry point for cross-site scripting (XSS) if its output is not properly sanitized. The complete lack of nonce and capability checks on any entry points is a critical oversight. This means that any action performed by the shortcode can be triggered by any user, authenticated or not, without proper verification.  \n\nOverall, the plugin demonstrates good practices in database interaction and avoids external dependencies, but the lack of output escaping and crucial authorization checks leaves it vulnerable to XSS and unauthorized actions, despite the absence of historical vulnerabilities. The limited attack surface is a mitigating factor, but the identified weaknesses require attention.",[152,154,157],{"reason":153,"points":91},"Output not properly escaped",{"reason":155,"points":156},"No nonce checks on entry points",7,{"reason":158,"points":156},"No capability checks on entry points","2026-04-16T12:24:58.961Z",{"wat":161,"direct":167},{"assetPaths":162,"generatorPatterns":164,"scriptPaths":165,"versionParams":166},[163],"\u002Fwp-content\u002Fplugins\u002Fyahoo-currency\u002Fycurrency1.css",[],[],[],{"cssClasses":168,"htmlComments":314,"htmlAttributes":315,"restEndpoints":317,"jsGlobals":318,"shortcodeOutput":319},[133,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312,313],"flags","sp-usd","sp-eur","sp-gbp","sp-cad","sp-aud","sp-jpy","sp-aed","sp-all","sp-ars","sp-dzd","sp-awg","sp-bhd","sp-bbd","sp-bzd","sp-btn","sp-bwp","sp-bnd","sp-bif","sp-bsd","sp-bdt","sp-byr","sp-bmd","sp-bob","sp-brl","sp-bgn","sp-khr","sp-kyd","sp-xaf","sp-cop","sp-hrk","sp-cny","sp-cve","sp-xof","sp-clp","sp-kmf","sp-crc","sp-cup","sp-djf","sp-xcd","sp-dkk","sp-dop","sp-ecs","sp-svc","sp-eek","sp-fkp","sp-egp","sp-ern","sp-etb","sp-fjd","sp-hkd","sp-inr","sp-ghc","sp-gnf","sp-htg","sp-huf","sp-irr","sp-idr","sp-gmd","sp-gip","sp-gtq","sp-gyd","sp-hnl","sp-isk","sp-iqd","sp-jod","sp-kes","sp-kwd","sp-lvl","sp-lsl","sp-lyd","sp-jmd","sp-kzt","sp-krw","sp-lak","sp-lrd","sp-ltl","sp-mop","sp-mwk","sp-mvr","sp-mro","sp-mxn","sp-mnt","sp-mmk","sp-mkd","sp-myr","sp-mtl","sp-mur","sp-mdl","sp-mad","sp-nad","sp-nio","sp-kpw","sp-omr","sp-npr","sp-nzd","sp-ngn","sp-ang","sp-nok","sp-xpf","sp-pgk","sp-pen","sp-qar","sp-rub","sp-pkr","sp-pab","sp-pyg","sp-php","sp-pln","sp-ron","sp-rwf","sp-chf","sp-std","sp-scr","sp-skk","sp-sbd","sp-shp","sp-szl","sp-syp","sp-wst","sp-sar","sp-ssl","sp-zar","sp-sgd","sp-sit","sp-sos","sp-lkr","sp-sdg","sp-sek","sp-try","sp-tzs","sp-ttd","sp-uah","sp-thb","sp-twd","sp-top","sp-tnd","sp-ugx","sp-uyu","sp-vuv","sp-vnd","sp-zmk","sp-veb","sp-yer","sp-zwd",[],[316],"data-currency",[],[],[320,321,322,323,324,325,326,327,328,329,326,330,331,332],"\u003Ctable class='ycurrency'>","\u003Ctr>\u003Ctd width='220px'>\u003Cb>One "," equals\u003C\u002Fb>\u003C\u002Ftd>\u003Ctd class='flags sp-","'> \u003C\u002Ftd>\u003Ctd>Last Update @ \u003Cb>","\u003C\u002Fb>\u003C\u002Ftd>\u003C\u002Ftr>","\u003Ctr>\u003Ctd width='220px'>"," ","\u003C\u002Ftd>\u003Ctd class='flags sp-","'>\u003C\u002Ftd>\u003Ctd>One "," equals ","\u003C\u002Ftd>\u003C\u002Ftr>","\u003Ctr>\u003Ctd colspan='3'>Brought to you by \u003Ca href=\"http:\u002F\u002Fwww.exchange-rates.co.za\">Exchange Rates South Africa\u003C\u002Fa>\u003C\u002Ftd>\u003C\u002Ftr>","\u003C\u002Ftable>",{"error":334,"url":335,"statusCode":336,"statusMessage":337,"message":337},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fyahoo-currency\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":339},[]]