[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRF33fWAKyB7FXI9dfRKF0TRA9gwfLs7IAqpdZwiVzkI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":50,"analysis":157,"fingerprints":203},"add-code-to-head","Add Code To Head","1.17","salubrio","https:\u002F\u002Fprofiles.wordpress.org\u002Fsalubrio\u002F","\u003Cp>Intended users: Template Designers, Developer\u003C\u002Fp>\n\u003Cp>If you wish to add any custom HTML to the bottom of each page’s head, then this plugin is for you. For example, you can add some custom CSS, a link to an external javascript file or something else.\u003C\u002Fp>\n\u003Cp>The problem with editing the template directly is if you ever update the template, your changes will be lost. This plugin works around this issue.\u003C\u002Fp>\n\u003Ch3>Acknowledgements\u003C\u002Fh3>\n\u003Cp>Plugin Icon (CC BY 3.0) by \u003Ca href=\"https:\u002F\u002Fwww.iconfinder.com\u002Fdenir\" rel=\"nofollow ugc\">DeniShop\u003C\u002Fa>\u003C\u002Fp>\n","Add custom Javascript\u002FHTML\u002FCSS codes to the page head without editing the template.",3000,41170,100,2,"2025-03-26T21:56:00.000Z","6.7.5","3.3.2","",[20,21,22,23],"code","css","javascript","template","http:\u002F\u002Fhbjitney.com\u002Fadd-code-to-header.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-code-to-head.1.17.zip",70,1,"2025-08-25 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-48314","add-code-to-head-authenticated-administrator-stored-cross-site-scripting","Add Code To Head \u003C= 1.17 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Add Code To Head plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.17","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-03 20:02:29",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2363b377-b74e-43ad-969f-6bce0bac6000?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":46,"avg_security_score":47,"avg_patch_time_days":48,"trust_score":47,"computed_at":49},3080,81,30,"2026-04-05T09:43:00.955Z",[51,74,96,117,139],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":48,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":69,"download_link":70,"security_score":71,"vuln_count":27,"unpatched_count":72,"last_vuln_date":73,"fetched_at":29},"scripts-n-styles","Scripts n Styles","3.5.8","WraithKenny","https:\u002F\u002Fprofiles.wordpress.org\u002Fwraithkenny\u002F","\u003Cp>This plugin allows Admin users the ability to add custom CSS and JavaScript directly into individual Post, Pages or any other registered custom post types. You can also add classes to the body tag and the post container. There is a Global settings page for which you can write Scripts n Styles for the entire blog.\u003C\u002Fp>\n\u003Cp>Admin’s can also add classes to the TinyMCE “Formats” dropdown which users can use to style posts and pages directly. As of Scripts n Styles 3+ styles are reflected in the post editor.\u003C\u002Fp>\n\u003Cp>Because only well trusted users should ever be allowed to insert JavaScript directly into the pages of your site, this plugin restricts usage to admin type users. Admin’s have access to even more sensitive areas by definition, so that should be relatively safe 😉\u003C\u002Fp>\n\u003Ch4>Notes about the implementation:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Admin users, or more specifically, \u003Cem>any user with the \u003Ccode>manage_options\u003C\u002Fcode> and \u003Ccode>unfiltered_html\u003C\u002Fcode> capabilities\u003C\u002Fem> (which by default is \u003Cem>only\u003C\u002Fem> the admin type user) can use this plugin’s functionality. Some plugins extend user rolls, and so this plugin would naturally extend include rolls that have the appropriate capability.\u003C\u002Fli>\n\u003Cli>CSS Styles are embeded, not linked, at the bottom of the \u003Ccode>head\u003C\u002Fcode> element with \u003Ccode>style\u003C\u002Fcode> tags by using \u003Ccode>wp-head\u003C\u002Fcode>. If your theme doesn’t have this hook, this plugin (as well as most others) won’t work.\u003C\u002Fli>\n\u003Cli>JavaScript is embeded, not linked, at the bottom of the \u003Ccode>body\u003C\u002Fcode> (or \u003Ccode>head\u003C\u002Fcode>) element with \u003Ccode>script\u003C\u002Fcode> tags by using \u003Ccode>wp-footer\u003C\u002Fcode> (or \u003Ccode>wp-head\u003C\u002Fcode>). If your theme doesn’t have this hook, this plugin (as well as most others) won’t work.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>There is no input validation.\u003C\u002Fstrong> This plugin puts exactly what you type in the meta box directly into the \u003Ccode>html\u003C\u002Fcode> with no error checking. You are an Admin, and we trust you to be carefull. Try not to break anything.\u003C\u002Fli>\n\u003Cli>Do to the licensing of the libraries used, this plugin is released “GPL 3.0 or later” if you care about those things.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows Admin users to individually add HTML, custom CSS, Classes and JavaScript directly to Post, Pages or any other custom post types.",30000,379153,88,"2023-06-06T19:13:00.000Z","6.2.9","5.0","7.4",[67,20,21,68,22],"admin","custom","https:\u002F\u002Fwww.unfocus.com\u002Fprojects\u002Fscripts-n-styles\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscripts-n-styles.3.5.8.zip",85,0,"2023-05-18 00:00:00",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":61,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":65,"tags":88,"homepage":91,"download_link":92,"security_score":93,"vuln_count":94,"unpatched_count":72,"last_vuln_date":95,"fetched_at":29},"simple-embed-code","Code Embed","2.5.2","David Artiss","https:\u002F\u002Fprofiles.wordpress.org\u002Fdartiss\u002F","\u003Cp>Code Embed allows you to embed code (JavaScript, CSS and HTML – it can’t be used for server-side code, such as PHP) in a post, without the content being changed by the editor. This is incredibly useful for embedding third-party scripts, etc. The plugin is used by many large sites, including Mozilla.\u003C\u002Fp>\n\u003Cp>Key features include…\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add HTML or JavaScript to posts or pages – particularly useful for embedding videos!\u003C\u002Fli>\n\u003Cli>Embed in widgets using the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwidget-logic\u002F\" title=\"Widget Logic\" rel=\"ugc\">Widget Logic\u003C\u002Fa> plugin\u003C\u002Fli>\n\u003Cli>Global embedding allows you set up some code in one post or page and then access it from another\u003C\u002Fli>\n\u003Cli>Modify the keywords or identifiers used for embedding the code to your own choice\u003C\u002Fli>\n\u003Cli>Search for embedding code via a simple search option\u003C\u002Fli>\n\u003Cli>Add a simple suffix to the embed code to convert videos to responsive output\u003C\u002Fli>\n\u003Cli>Embed an external script directly using just the URL\u003C\u002Fli>\n\u003Cli>And much, much more!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Iconography is courtesy of the very talented \u003Ca href=\"https:\u002F\u002Fwww.fiverr.com\u002Fjankirathore\" rel=\"nofollow ugc\">Janki Rathod\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdartiss\u002Fcode-embed\" title=\"Github\" rel=\"nofollow ugc\">Github page\u003C\u002Fa> for the latest code development, planned enhancements and known issues\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Cp>To use this plugin, you need to have custom fields enabled on your site. If you’re using the block editor, you may need to switch this on first – please scroll down to the next section to learn how to do this. If you’re using the classic editor then you’ll find the custom fields at the bottom of the editor screen.\u003C\u002Fp>\n\u003Cp>Although this plugin works for both posts and pages for simplicity I will simply refer to posts – bear in mind that pages work in the same way.\u003C\u002Fp>\n\u003Cp>Once you have custom fields switched on, here’s how easy it is to use…\u003C\u002Fp>\n\u003Col>\n\u003Cli>Once you have the plugin installed start a new post.\u003C\u002Fli>\n\u003Cli>Scroll down to the bottom of the screen and look for the “Custom Fields” section.\u003C\u002Fli>\n\u003Cli>Under “Add New Custom Field” enter a name of \u003Ccode>CODE1\u003C\u002Fcode> and your embed code as the value\u003C\u002Fli>\n\u003Cli>In your post content add \u003Ccode>{{CODE1}}\u003C\u002Fcode> where you wish the embed code to appear.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>And that’s it – when the post viewed or previewed \u003Ccode>{{CODE1}}\u003C\u002Fcode> will be replaced with the code that you asked to be embedded.\u003C\u002Fp>\n\u003Cp>This should get you started – for more information and advanced options please see below.. Alternatively, there’s a fantastic guide at \u003Ca href=\"http:\u002F\u002Fwww.elftronix.com\u002Ffree-easy-plugin-add-javascript-to-wordpress-posts-pages\u002F\" title=\"Free Easy Plugin! Add Javascript to WordPress Posts & Pages\" rel=\"nofollow ugc\">Elftronix\u003C\u002Fa> which I would recommend.\u003C\u002Fp>\n\u003Ch3>Using this plugin with the block editor (aka Gutenberg)\u003C\u002Fh3>\n\u003Cp>By default, custom fields are hidden inside the block editor but can be revealed.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Edit or create a post\u003C\u002Fli>\n\u003Cli>Click the settings button (three dots) in the top, right-hand corner\u003C\u002Fli>\n\u003Cli>Go to Preferences\u003C\u002Fli>\n\u003Cli>Click the Panels tab\u003C\u002Fli>\n\u003Cli>You will find a button to toggle the ‘Custom Fields’ meta box – make sure this is toggled to “on”\u003C\u002Fli>\n\u003Cli>A button should appear titled “Enable & Reload” – you’ll need to click on that and wait for the page to reload before the custom fields will appear\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Check out the screenshots for how the custom fields should look.\u003C\u002Fp>\n\u003Ch3>I can’t find the custom fields\u003C\u002Fh3>\n\u003Cp>For block editor users, I’m assuming you’ve done the above. For classic editor users, the custom fields should be present by default. In all cases they should appear at the bottom of the editor screen.\u003C\u002Fp>\n\u003Cp>From version 2.4, anyone without the “unfiltered HTML” capability won’t be able to see custom fields, for added security. Please see the section “Custom Field Security”, below, for more details.\u003C\u002Fp>\n\u003Cp>If none of the above applies then you may have a theme or plugin that removes this or may have a problem with your WordPress installation – you will need to try the usual diagnostics to try and resolve this, including requesting help on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fforum\u002Fhow-to-and-troubleshooting\u002F\" title=\"Fixing WordPress Forum\" rel=\"ugc\">the WordPress support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Please bear in mind that the custom fields functionality is part of WordPress so it would be greatly appreciated if you don’t give me poor reviews in this situation as, I say, this component is not part of this plugin but, by using it, keeps this plugin simple to use and bloat-free 🙂\u003C\u002Fp>\n\u003Ch3>The Code Embed Options Screen\u003C\u002Fh3>\n\u003Cp>Whilst in WP Admin, if you go to Settings -> Code Embed, you’ll be able to access the options that are available for this plugin.\u003C\u002Fp>\n\u003Cp>Code embedding is performed via a special keyword that you must use to uniquely identify where you wish the code to appear. This consist of an opening identifier (some that that goes at the beginning), a keyword and then a closing identifier. You may also add a suffix to the end of the keyword if you wish to embed multiple pieces of code within the same post.\u003C\u002Fp>\n\u003Cp>From this options screen you can specify the above identifier that you wish to use. By default the opening and closing identifiers are percentage signs and the keyword is \u003Ccode>CODE\u003C\u002Fcode>. During these instructions these will be used in all examples.\u003C\u002Fp>\n\u003Cp>The options screen is only available to those that with a capability of able to manage options or greater. All the other Code Embed menu options are available to users with a capability to edit posts or greater.\u003C\u002Fp>\n\u003Ch3>How to Embed Code\u003C\u002Fh3>\n\u003Cp>To embed in a post you need to find the meta box under the post named “Custom Fields”. If this is missing you may need to add it by clicking on the “Screen Options” tab at the top of the new post screen.\u003C\u002Fp>\n\u003Cp>Now create a new custom field with the name of your keyword – e.g. \u003Ccode>CODE\u003C\u002Fcode>. The value of this field will be the code that you wish to embed. Save this custom field.\u003C\u002Fp>\n\u003Cp>Now, wherever you wish the code to appear in your post, simply put the full identifier (opening, keyword and closing characters). For example, \u003Ccode>{{CODE}}\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>If you wish to embed multiple pieces of code within a post you can add a suffix to the keyword. So we may set up 2 custom fields named \u003Ccode>CODE1\u003C\u002Fcode> and \u003Ccode>CODE2\u003C\u002Fcode>. Then in our post we would specify either \u003Ccode>{{CODE1}}\u003C\u002Fcode> or \u003Ccode>{{CODE2}}\u003C\u002Fcode> depending on which you wish to display.\u003C\u002Fp>\n\u003Cp>Don’t forget – via the options screen you can change any part of this identifier to your own taste.\u003C\u002Fp>\n\u003Ch3>How to Embed Code from an External URL\u003C\u002Fh3>\n\u003Cp>If you specify a URL within your post, surrounded by your choice of identifiers, then the contents of the URL will be embedded within your post.\u003C\u002Fp>\n\u003Cp>Obviously, be careful when embedding a URL that you have no control over, as this may be used to hijack your post by injecting, for example, dangerous JavaScript.\u003C\u002Fp>\n\u003Cp>For example, using the default options you could embed the contents of a URL using the following method…\u003C\u002Fp>\n\u003Cpre>\u003Ccode>{{http:\u002F\u002Fwww.example.com\u002Fcode.php}}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or\u003C\u002Fp>\n\u003Cpre>\u003Ccode>{{https:\u002F\u002Fwww.example.com\u002Fcode.html}}\u003Ch3>How to Use Global Embedding\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also create global embeds – that is creating one piece of embed code and using it in multiple posts or pages.\u003C\u002Fp>\n\u003Cp>To do this simply make reference to an already defined (but unique) piece of embed code from another post or page.\u003C\u002Fp>\n\u003Cp>So, let’s say in one post you define a custom field named \u003Ccode>CODE1\u003C\u002Fcode>. You can, if you wish, place \u003Ccode>{{CODE1}}\u003C\u002Fcode> not just in that post but also in another and it will work.\u003C\u002Fp>\n\u003Cp>However, bear in mind that the embed code name must be unique – you can’t have defined it in multiple posts otherwise the plugin won’t know which one you’re referring to (although it will report this and list the posts that it has been used in).\u003C\u002Fp>\n\u003Cp>In the administration menu there is a sidebar menu named “Tools”. Under this is a sub-menu named “Code Search”. Use this to search for specific embed names and it will list all the posts\u002Fpages that they’re used on, along with the code for each.\u003C\u002Fp>\n\u003Ch3>Embedding in Widgets\u003C\u002Fh3>\n\u003Cp>Natively you cannot use the embed facilities within sidebar widgets. However, if you install the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwidget-logic\u002F\" title=\"Widget Logic\" rel=\"ugc\">Widget Logic\u003C\u002Fa> then Code Embed has been set up to make use of this and add the ability.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwidget-logic\u002F\" title=\"Widget Logic\" rel=\"ugc\">Widget Logic\u003C\u002Fa> and activate.\u003C\u002Fli>\n\u003Cli>In Administration, select the Widgets page from the Appearance menu. At the bottom there will be a set of Widget Logic options.\u003C\u002Fli>\n\u003Cli>Ensure Use ‘widget_content’ filter is ticked and press Save.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Although you cannot set up embed code within a widget you can make reference to it, for example by writing \u003Ccode>{{CODE1}}\u003C\u002Fcode> in the widget.\u003C\u002Fp>\n\u003Ch3>Responsive Output Conversion\u003C\u002Fh3>\n\u003Cp>Responsive output is where an element on a web page dynamically resizes depending upon the current available size. Most video embeds, for instance, will be a fixed size. This is fine if your website is also of a fixed size, however if you have a responsive site then this is not suitable.\u003C\u002Fp>\n\u003Cp>Code Embed provides a simple suffix that can be added to an embed code and will convert the output to being responsive. This works best with videos.\u003C\u002Fp>\n\u003Cp>To use, when adding the embed code onto the page, simply add \u003Ccode>_RES\u003C\u002Fcode> to the end, before the final identifier. For example, \u003Ccode>{{CODE1_RES}}\u003C\u002Fcode>. The \u003Ccode>_RES\u003C\u002Fcode> should not be added to the custom fields definition.\u003C\u002Fp>\n\u003Cp>This will now output the embedded code full width, but a width that is dynamic and will resize when required.\u003C\u002Fp>\n\u003Cp>If you don’t wish the output to be full width you can specify a maximum width by adding an additional \u003Ccode>_x\u003C\u002Fcode> on the end, where \u003Ccode>x\u003C\u002Fcode> is the required width in pixels. For example, \u003Ccode>{{CODE1_RES_500}}\u003C\u002Fcode> this will output \u003Ccode>CODE1\u003C\u002Fcode> as responsive but with a maximum width of 500 pixels.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>It should be noted that this is an experimental addition and will not work in all circumstances.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Embedding in excerpts\u003C\u002Fh3>\n\u003Cp>By default embed code will not appear in excerpts. However, you can switch this ability on via the Code Embed options screen. If you do this then the standard rules of excerpts will still apply, but now once the code embed has applied – for example, excerpts are just text, a specific length, etc.\u003C\u002Fp>\n\u003Ch3>Filtering of code\u003C\u002Fh3>\n\u003Cp>By default, WordPress allows unfiltered HTML to be used by users in post custom fields, even if their role it set up otherwise. This opens up the possibility of leaving a site vulnerable, if any plugins that uses this data doesn’t check it appropriately.\u003C\u002Fp>\n\u003Cp>“Out of the box”, neither the contributor and author roles have unfiltered HTML capabilities but can access custom post fields.\u003C\u002Fp>\n\u003Cp>As this plugin requires the use unfiltered HTML, we need to ensure that the only users who use it, should be using it. From version 2.5, any users without this permission that update a post containing embeds from this plugin will cause the code to be filtered.\u003C\u002Fp>\n\u003Ch3>Reviews & Mentions\u003C\u002Fh3>\n\u003Cp>“Works like a dream. Fantastic!” – Anita.\u003C\u002Fp>\n\u003Cp>“Thank you for this plugin. I tried numerous other iframe plugins and none of them would work for me! This plugin worked like a charm the FIRST time.” – KerryAnn May.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwsdblog.westbrook.k12.me.us\u002Fblog\u002F2009\u002F12\u002F24\u002Fembedding-content\u002F\" title=\"Embedding content\" rel=\"nofollow ugc\">Embedding content\u003C\u002Fa> – WSD Blogging Server.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcomohago.conectandonos.gov.ar\u002F2009\u002F08\u002F05\u002Fanimando-imagenes-con-photopeach\u002F\" title=\"Animando imágenes con PhotoPeach\" rel=\"nofollow ugc\">Animating images with PhotoPeach\u003C\u002Fa> – Cómo hago.\u003C\u002Fp>\n","Code Embed provides a very easy and efficient way to embed code (JavaScript, CSS and HTML) in your posts and pages.",10000,503820,45,"2026-03-15T10:00:00.000Z","6.9.4","4.6",[20,21,89,90,22],"embed","html","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-embed-code\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-embed-code.2.5.2.zip",95,4,"2026-03-17 00:00:00",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":65,"tags":111,"homepage":113,"download_link":114,"security_score":115,"vuln_count":27,"unpatched_count":72,"last_vuln_date":116,"fetched_at":29},"add-to-all","WebberZone Snippetz – Header, Body and Footer manager","2.3.0","Ajay","https:\u002F\u002Fprofiles.wordpress.org\u002Fajay\u002F","\u003Cp>Do you want to customize your site with code but don’t want to edit your theme files or worry about losing your changes when you switch themes? Do you want to add analytics, site verification, custom CSS, or any other code to your site without using multiple plugins? Do you want complete control over where and when you display your code snippets on your site?\u003C\u002Fp>\n\u003Cp>If you answered yes to any of the above questions, WebberZone Snippetz is the perfect plugin!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwebberzone.com\u002Fplugins\u002Fadd-to-all\u002F\" rel=\"nofollow ugc\">WebberZone Snippetz\u003C\u002Fa> (formerly Add to All) is a simple yet powerful plugin that allows you to create and manage custom snippets of HTML, CSS, or JS code and add them to your header, footer, content, or feed. You can also choose where and when to display your snippets based on criteria such as post IDs, post types, categories, tags, and more.\u003C\u002Fp>\n\u003Cp>WebberZone Snippetz comes with out-of-the-box support for Google Analytics and Statcounter. It lets you easily add meta tags to verify your site with Google, Bing, and Pinterest.\u003C\u002Fp>\n\u003Cp>WebberZone Snippetz also enhances your site’s feed with a copyright notice and a link to the post. It also comes with many actions and filters to extend its functionality.\u003C\u002Fp>\n\u003Cp>Here are some of the key features of WebberZone Snippetz:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create custom snippets with HTML, CSS or JS code\u003C\u002Fli>\n\u003Cli>Add snippets to your header, footer, content or feed\u003C\u002Fli>\n\u003Cli>Choose where and when to display your snippets based on post IDs, post types, categories, tags, and more\u003C\u002Fli>\n\u003Cli>Support for Google Analytics and Statcounter\u003C\u002Fli>\n\u003Cli>Site verification for Google, Bing and Pinterest\u003C\u002Fli>\n\u003Cli>No need to edit theme files or lose changes when switching themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WebberZone Snippetz is the ultimate snippet manager for WordPress users who want to customize their site with code. Download it today and see the difference!\u003Cbr \u002F>\nWebberZone Snippetz is one of the many plugins developed by WebberZone. Check out our other plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontextual-related-posts\u002F\" rel=\"ugc\">Contextual Related Posts\u003C\u002Fa> – Display related posts on your WordPress blog and feed\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftop-10\u002F\" rel=\"ugc\">Top 10\u003C\u002Fa> – Track daily and total visits on your blog posts and display the popular and trending posts\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fknowledgebase\u002F\" rel=\"ugc\">Knowledge Base\u003C\u002Fa> – Create a knowledge base or FAQ section on your WordPress site\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetter-search\u002F\" rel=\"ugc\">Better Search\u003C\u002Fa> – Enhance the default WordPress search with contextual results sorted by relevance\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fautoclose\u002F\" rel=\"ugc\">Auto-Close\u003C\u002Fa> – Automatically close comments, pingbacks and trackbacks and manage revisions\u003C\u002Fli>\n\u003C\u002Ful>\n","The ultimate snippet manager for WordPress. Create and manage custom HTML, CSS, or JS code snippets and control where and when they are displayed.",2000,84945,96,10,"2026-03-11T11:30:00.000Z","6.8.5","6.3",[20,21,90,22,112],"snippets","https:\u002F\u002Fwebberzone.com\u002Fplugins\u002Fadd-to-all\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-to-all.2.3.0.zip",99,"2025-04-01 00:00:00",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":86,"requires_at_least":18,"requires_php":130,"tags":131,"homepage":137,"download_link":138,"security_score":13,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"code-manager","Code Manager","1.0.45","Passionate Programmer Peter","https:\u002F\u002Fprofiles.wordpress.org\u002Fpeterschulznl\u002F","\u003Cp>The Code Manager allows WordPress users to write, test and deploy PHP, JavaScript, CSS and HTML code blocks from the WordPress dashboard.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>Code Management\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>List, edit, delete, copy, import and export code\u003C\u002Fli>\n\u003Cli>Open multiple code editors simultaneously in tab mode\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable code\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable preview mode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode (FREE)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP code blocks from a shortcode\u003C\u002Fli>\n\u003Cli>JavaScript code blocks from a shortcode\u003C\u002Fli>\n\u003Cli>CSS from a shortcode\u003C\u002Fli>\n\u003Cli>HTML blocks from a shortcode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced code (PREMIUM)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP server code – no more need to edit functions.php\u003C\u002Fli>\n\u003Cli>Add CCS and JS resource files to back-end and front-end\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit the plugin website for downloadable demos and example code.\u003C\u002Fp>\n\u003Ch3>Plugin Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcode-manager.com\u002F\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcode-manager\u002F\" rel=\"ugc\">Download Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcode-manager.com\u002Fblog\u002Fdocs\u002Findex\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcode-manager.com\u002Fcode\u002F\" rel=\"nofollow ugc\">Code Examples\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Write, test and deploy PHP, JavaScript, CSS and HTML code blocks from the WordPress dashboard.",500,84963,98,8,"2025-12-02T11:45:00.000Z","7.0",[132,133,134,135,136],"code-blocks","code-snippets","css-editor","javascript-editor","php-editor","https:\u002F\u002Fcode-manager.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcode-manager.1.0.45.zip",{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":13,"downloaded":147,"rating":13,"num_ratings":94,"last_updated":148,"tested_up_to":149,"requires_at_least":150,"requires_php":18,"tags":151,"homepage":155,"download_link":156,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"same-height","Same Height","1.4.1","damiarita","https:\u002F\u002Fprofiles.wordpress.org\u002Fdamiarita\u002F","\u003Cp>Sometimes we want to display to boxes side by side and they have to look the same. CSS doesn’t always help.\u003C\u002Fp>\n\u003Cp>This plugin will use jQuery to detect the boxes you want and force them all to have the same size. The size is uses is the size of the tallest box.\u003C\u002Fp>\n\u003Cp>If you have a some parts of your content that need to have the same height, simply wrap them with the \u003Ccode>[sameheight\u002F]\u003C\u002Fcode> shortcode like this:\u003Cbr \u002F>\n    [sameheight]\u003Cbr \u002F>\n      This is a short text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003Cbr \u002F>\n    [sameheight]\u003Cbr \u002F>\n      This is a very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very long text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003C\u002Fp>\n\u003Cp>When the html renders on your screen, both parts content parts will look equally height. This is very useful if they are floating next to each other and they have a background.\u003C\u002Fp>\n\u003Ch4>What if I have different sizes in the same page?\u003C\u002Fh4>\n\u003Cp>You can group shortcodes like this:\u003Cbr \u002F>\n    [sameheight group=”1″]\u003Cbr \u002F>\n      This is a very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very long text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003Cbr \u002F>\n    [sameheight group=”1″]\u003Cbr \u002F>\n      This is a short text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003Cbr \u002F>\n    [sameheight group=”2″]\u003Cbr \u002F>\n      This is another short text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003Cbr \u002F>\n    [sameheight group=”2″]\u003Cbr \u002F>\n      This text is long, but not quite as long as the previous one. So, I don’t want these to parts to look as long. But they should still look the same.\u003Cbr \u002F>\n    [\u002Fsameheight]\u003C\u002Fp>\n\u003Ch4>What if I have a responsive site and I only want the same height to apply in wide-screen, side-by-side configurations?\u003C\u002Fh4>\n\u003Cp>You can add a breakpoint like this.\u003Cbr \u002F>\n    [sameheight breakpoint=”xs” ] (You could even use no breakpoint at all)\u003Cbr \u002F>\n      This is a very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very long text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003Cbr \u002F>\n    [sameheight breakpoint=”xs” ] (You could even use no breakpoint at all)\u003Cbr \u002F>\n      This text always has to use the same height than the previous one.\u003Cbr \u002F>\n    [\u002Fsameheight]\u003Cbr \u002F>\n    [sameheight breakpoint=”md”]\u003Cbr \u002F>\n        This is a very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very, very long text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003Cbr \u002F>\n    [sameheight breakpoint=”md”]\u003Cbr \u002F>\n      This text only has to use the same height when it is next to the previous, but not when it is underneath on smarphones.\u003Cbr \u002F>\n    [\u002Fsameheight]\u003C\u002Fp>\n\u003Cp>You have these breakpoints (those familiar with bootstrap know them):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>“xs” forces same height for all window widths (extra small window – smartphone). Alternatively, you can use no breakpoint\u003C\u002Fli>\n\u003Cli>“sm” forces same height for window widths > 768px (small window – small tablet)\u003C\u002Fli>\n\u003Cli>“md” forces same height for window widths > 992px (medium window – table or small desktop)\u003C\u002Fli>\n\u003Cli>“lg” forces same height for window widths > 1200px (large window – desktop)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Names and widths are based on bootstrap.\u003C\u002Fp>\n\u003Cp>Please, note that shortcodes with different “breakpoint” will be in different groups regardless of the “group” setting. You can still use “group” to separate to groups with the same “breakpoint”.\u003C\u002Fp>\n\u003Ch4>I have some styles in CSS for my classes. How can I apply classes to the content?\u003C\u002Fh4>\n\u003Cp>Easy:\u003Cbr \u002F>\n    [sameheight additional_classes=”my-class1 my-classA”]\u003Cbr \u002F>\n      This is a short text\u003Cbr \u002F>\n    [\u002Fsameheight additional_classes=”my-class2 my-classB”]\u003Cbr \u002F>\n    [sameheight]\u003Cbr \u002F>\n      This is a very, very, very, very, very, very long text\u003Cbr \u002F>\n    [\u002Fsameheight]\u003C\u002Fp>\n\u003Ch4>Can I use all the possibilities together?\u003C\u002Fh4>\n\u003Cp>Sure:\u003Cbr \u002F>\n    [sameheight group=”1″ breakpoint=”md” additional_classes=”my-class1 my-classA” \u002F] will work.\u003C\u002Fp>\n\u003Ch4>Do I need to use the shortcode?\u003C\u002Fh4>\n\u003Cp>No! If you are editing your html, you can put the right properties in it. That’s all tha shortcode does. Make sure you add the class ‘same-height’. If you use a break point, add it with a hyphen (-) like this: ‘same-height-xs’, ‘same-height-sm’, ‘same-height-md’, or ‘same-height-lg’. The Javascript is looking for those classes to identify the html elements it has to work on.\u003Cbr \u002F>\nIf you are grouping boxes, use the ‘same-height-group’ property. Like \u003Ccode>\u003Cdiv class=\"same-height\" same-height-group=\"1\" >\u003C\u002Fcode>\u003C\u002Fp>\n","Force different parts of your content to the same height. Very useful if you want to present to boxes side by side. Responsive and bootstrap-friendly.",3084,"2017-01-24T15:31:00.000Z","4.7.32","1.3.0",[21,22,152,153,154],"jquery","sameheight","shortcode","https:\u002F\u002Fwww.facebook.com\u002Fdamiarita","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsame-height.zip",{"attackSurface":158,"codeSignals":177,"taintFlows":188,"riskAssessment":189,"analyzedAt":202},{"hooks":159,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":72,"unprotectedCount":72},[160,166,169],{"type":161,"name":162,"callback":163,"file":164,"line":165},"action","admin_menu","add_admin","add-code-to-head.php",35,{"type":161,"name":167,"callback":167,"file":164,"line":168},"admin_init",36,{"type":161,"name":170,"callback":171,"file":164,"line":172},"wp_head","display",37,[],[],[],[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":185,"fileOperations":72,"externalRequests":72,"nonceChecks":72,"capabilityChecks":72,"bundledLibraries":187},[],{"prepared":72,"raw":27,"locations":180},[181],{"file":182,"line":183,"context":184},"uninstall.php",19,"$wpdb->get_results() with variable interpolation",{"escaped":72,"rawEcho":72,"locations":186},[],[],[],{"summary":190,"deductions":191},"The \"add-code-to-head\" plugin v1.17 exhibits a mixed security posture. While the static analysis reveals no immediate critical vulnerabilities in terms of attack surface, dangerous functions, or taint flows, the vulnerability history is a significant concern. The presence of one unpatched medium severity CVE, specifically a Cross-Site Scripting (XSS) vulnerability, indicates a past failure in code sanitization or input validation that has not yet been addressed.  This historical pattern, coupled with the lack of demonstrated nonce and capability checks in the static analysis, raises questions about the plugin's overall robustness and its ability to prevent future similar issues.  Although the plugin claims 100% output escaping, the unpatched XSS vulnerability suggests this might not be consistently applied or that the vulnerability exploited a different vector.\n\nDespite the lack of an immediately apparent exploitable attack surface in the provided static analysis, the unpatched vulnerability is a critical red flag. The absence of explicit capability checks and nonce verifications in the analyzed code, while not directly leading to detected vulnerabilities in this specific scan, could be contributing factors to past or potential future security weaknesses. Users should be aware that the plugin has a known security flaw that remains unpatched. While other aspects of the static analysis appear clean, this single, unaddressed CVE significantly elevates the risk profile of using this version of the plugin.",[192,195,198,200],{"reason":193,"points":194},"Unpatched medium severity CVE (XSS)",15,{"reason":196,"points":197},"Lack of demonstrated capability checks",5,{"reason":199,"points":197},"Lack of demonstrated nonce checks",{"reason":201,"points":197},"SQL query not using prepared statements","2026-03-16T18:23:56.389Z",{"wat":204,"direct":209},{"assetPaths":205,"generatorPatterns":206,"scriptPaths":207,"versionParams":208},[],[],[],[],{"cssClasses":210,"htmlComments":212,"htmlAttributes":213,"restEndpoints":214,"jsGlobals":215,"shortcodeOutput":216},[211],"plugin-options",[],[],[],[],[]]