[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fA329h0kkJUoEDVH8wdct75V5gHfewwP8l_tdnS5Wi-Q":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":127,"fingerprints":247},"ar-php","Ar PHP","0.7","holooli","https:\u002F\u002Fprofiles.wordpress.org\u002Fholooli\u002F","\u003Cp>Adds Ar-PHP project functionality in TinyMCE editor. New buttons will be added (you can choose which buttons to show) to the new post visual editor, ‘Date’ button adds the current date, ‘Hijri Date’ adds the current Hijri date, ‘Spell Numbers’ converts number into it’s equivalent spelling in Arabic, ‘Convert Layout’ converts English letters into Arabic and vice versa, and ‘Transliterate’ translates English words into Arabic.\u003C\u002Fp>\n\u003Cp>You can read more about PHP & Arabic language at: \u003Ca href=\"http:\u002F\u002Fwww.ar-php.org\u002F\" title=\"PHP and Arabic Language\" rel=\"nofollow ugc\">PHP and Arabic Language\u003C\u002Fa>\u003C\u002Fp>\n","Adds Ar-PHP project functionality in TinyMCE editor.",10,3995,0,"2011-02-05T12:48:00.000Z","3.1.4","2.7","",[4,19,20,21,22],"arabic","rtl","tinymce","wysiwyg","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Far-php","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Far-php.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},3,30,84,"2026-04-04T04:14:44.263Z",[35,55,68,90,112],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":53,"download_link":54,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-rtl","WP-RTL","1.0","Fahad Alduraibi","https:\u002F\u002Fprofiles.wordpress.org\u002Ffduraibi\u002F","\u003Cp>\u003Cstrong>Do you write posts in different languages that have different directions?\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin enables a feature in the post editor which allow writing texts in Left-to-Right and Right-to-Left directions in the same post (or page) so you can write in English (and any other LTR language) and also RTL languages like Arabic, Persian and Hebrew.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Simply look for the new buttons added to the post editor after installing the plugin.\u003C\u002Fstrong> (See the screenshots for better understanding)\u003C\u002Fp>\n\u003Cp>اضافة زرارين لشريط التحرير لتمكين تحويل النص للقراءة من اليمين لليسار مثل اللغة العربية والفارسية والعبرية\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.fadvisor.net\u002Fblog\u002F2008\u002F10\u002Fwp-rtl\u002F\" rel=\"nofollow ugc\">More details\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Note: This plugin will not change the direction of the post title, since that is controlled by the theme.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds two buttons to the TinyMCE editor to enable writing text in Left to Right (LTR) and Right to Left (RTL) directions.",2000,56994,100,20,"2017-11-28T19:40:00.000Z","4.5.33","2.6",[51,52,20,21,22],"formatting","ltr","http:\u002F\u002Fwww.fadvisor.net\u002Fblog\u002F2008\u002F10\u002Fwp-rtl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rtl.1.0.zip",{"slug":56,"name":57,"version":38,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":13,"downloaded":62,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":63,"requires_at_least":64,"requires_php":17,"tags":65,"homepage":17,"download_link":66,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":67},"wp-sarahspell","WP-SARAHSPELL","Arab Spell Checker Team","https:\u002F\u002Fprofiles.wordpress.org\u002Farabspellchecker\u002F","\u003Cp>Enables Arabic Spell Checking in the TinyMCE editor.\u003Cbr \u002F>\nThe plugin relies on our spell checking API server to check words and generate suggestions. For that a single API request is done, and the response will contain all the presumably misspelled words and their correction suggestions. The plugin also uses an API endpoint to check the validity of the API keys used for spell checking. No other info is sent or exchanged with the API.\u003C\u002Fp>\n\u003Cp>This plugin relies on Classic Editor plugin (https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-editor\u002F) and must be installed before enabling this plugin.\u003C\u002Fp>\n\u003Cp>Service website (In Arabic only): https:\u002F\u002Farabicspellchecker.com\u002F\u003Cbr \u002F>\nService’s Terms of use link (In Arabic only) : https:\u002F\u002Farabicspellchecker.com\u002Fterms.html\u003C\u002Fp>\n","Enables Arabic Spell Checking in the TinyMCE editor.",996,"5.5.18","3.9",[51,52,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sarahspell.1.0.zip","2026-03-15T10:48:56.248Z",{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":76,"downloaded":77,"rating":78,"num_ratings":79,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":83,"tags":84,"homepage":88,"download_link":89,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"black-studio-tinymce-widget","Black Studio TinyMCE Widget","2.7.3","Black Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fblack-studio\u002F","\u003Cp>This plugin adds a new \u003Ccode>Visual Editor\u003C\u002Fcode> widget type that allows you to insert rich text and media objects in your sidebars with no hassle. With Black Studio TinyMCE Widget you will be able to edit your widgets in a WYSIWYG manner using the native WordPress TinyMCE editor, just like you do in posts and pages. And if you are a developer you may still switch back and forth from Visual to HTML mode.\u003C\u002Fp>\n\u003Cp>For years the default WordPress text widget has been very basic and it required HTML knowledge to add formatting and images\u002Fmedia to the text. This plugin was born in 2011 to overcome these limitations. After a long time, in June 2017, version 4.8 of WordPress finally introduced a new text widget that included the ability to manage text widgets with the visual editor. The new widget available in WordPress core could now be used as a basic replacement of Black Studio TinyMCE Widget, but the plugin still offers some additional features, so it remains a must-have for advanced users.\u003C\u002Fp>\n\u003Ch4>Basic Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add rich text widgets to your sidebars and edit them using the TinyMCE visual editor\u003C\u002Fli>\n\u003Cli>Switch between Visual mode and HTML mode (including Quicktags toolbar)\u003C\u002Fli>\n\u003Cli>Insert images, videos, and other media from WordPress Media Library\u003C\u002Fli>\n\u003Cli>Insert links to existing WordPress pages\u002Fposts or external resources\u003C\u002Fli>\n\u003Cli>Support for shortcodes, smilies and embed in widget text (including preview)\u003C\u002Fli>\n\u003Cli>Support for the Block-based Widgets Editor introduced with WordPress 5.8\u003C\u002Fli>\n\u003Cli>Support for Customizer with live preview and quick edit\u003C\u002Fli>\n\u003Cli>Support for widgets accessibility mode\u003C\u002Fli>\n\u003Cli>Compatible with multi-site (WordPress networks)\u003C\u002Fli>\n\u003Cli>Compatible with the most common multi-language plugins\u003C\u002Fli>\n\u003Cli>Compatible with Page Builder plugin by SiteOrigin\u003C\u002Fli>\n\u003Cli>Translations available in 20+ languages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Features\u003C\u002Fh4>\n\u003Cp>These features are what makes this plugin better than the WordPress (4.8+) native widget:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Full featured TinyMCE Visual Editor (the same you have for pages and posts)\u003C\u002Fli>\n\u003Cli>Wide text area for an enhanced editing experience\u003C\u002Fli>\n\u003Cli>Compatible with 3rd party TinyMCE customization plugins (TinyMCE Advanced, WP Edit, …)\u003C\u002Fli>\n\u003Cli>Support for distraction-free (fullscreen) editing mode \u003C\u002Fli>\n\u003Cli>Option to “Automatically add paragraphs” to widget text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the plugin\u003C\u002Fh4>\n\u003Cp>The story of the plugin was featured in a talk at WordCamp Europe 2018 in Belgrade.\u003Cbr \u002F>\nSee the video \u003Ca href=\"https:\u002F\u002Fwordpress.tv\u002F2018\u002F07\u002F11\u002Ffrancesco-canovi-marco-chiesi-once-upon-a-time-there-was-a-plugin\u002F\" rel=\"nofollow ugc\">Once upon a time, there was a plugin…\u003C\u002Fa> on WordPress.tv.\u003C\u002Fp>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002F\" rel=\"nofollow ugc\">Author’s web site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002Fwordpress-plugins\u002Fblack-studio-tinymce-widget\u002F\" rel=\"nofollow ugc\">Plugin’s page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblack-studio-tinymce-widget\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblack-studio-tinymce-widget\" rel=\"ugc\">Support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fblackstudioita\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fblackstudiocomunicazione\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fblack-studio\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblack-studio\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get involved\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Developers can contribute to the source code on our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblack-studio\u002Fblack-studio-tinymce-widget\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Translators can contribute through the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fblack-studio-tinymce-widget\" rel=\"nofollow ugc\">Official WordPress Translation platform\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Users can contribute by leaving a 5 stars \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fblack-studio-tinymce-widget#postform\" rel=\"ugc\">review\u003C\u002Fa> or making a \u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002Fwordpress-plugins\u002Fblack-studio-tinymce-widget\u002F\" rel=\"nofollow ugc\">donation\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","The visual editor widget for WordPress.",200000,11110927,96,192,"2026-03-08T20:09:00.000Z","6.9.4","3.1","5.2",[85,21,86,87,22],"editor","visual","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblack-studio-tinymce-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblack-studio-tinymce-widget.2.7.3.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":45,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":104,"tags":105,"homepage":109,"download_link":110,"security_score":111,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"visual-term-description-editor","Visual Term Description Editor","1.8.1","Shea Bunge","https:\u002F\u002Fprofiles.wordpress.org\u002Fbungeshea\u002F","\u003Cp>-Replaces the term description editor with the WordPress TinyMCE visual editor, allowing you to use HTML in term descriptions and write them in rich text. Works on all taxonomies, including tags, categories and link categories, as well as custom taxonomies.\u003C\u002Fp>\n\u003Cp>This plugin is multisite-compatible; if you would like to use it on every blog, network activate the plugin from the network dashboard. Otherwise, activate the plugin for individual sites.\u003C\u002Fp>\n\u003Cp>This plugin’s code is \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsheabunge\u002Fvisual-term-description-editor\" rel=\"nofollow ugc\">available on GitHub\u003C\u002Fa>. Please feel free to fork the repository and send a pull request. If you find a bug in the plugin, open an issue.\u003C\u002Fp>\n","Replaces the plain-text category and tag description editor with a visual editor.",20000,96883,21,"2024-08-17T01:44:00.000Z","6.6.5","3.3","5.4",[106,107,108,21,22],"categories","rich-text","tags","https:\u002F\u002Fgithub.com\u002Fsheabunge\u002Fvisual-term-description-editor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisual-term-description-editor.1.8.1.zip",92,{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":78,"num_ratings":122,"last_updated":123,"tested_up_to":102,"requires_at_least":64,"requires_php":17,"tags":124,"homepage":125,"download_link":126,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"advanced-tinymce-configuration","Advanced TinyMCE Configuration","1.6","Andrew Ozz","https:\u002F\u002Fprofiles.wordpress.org\u002Fazaozz\u002F","\u003Cp>This plugin is intended for more advanced users that would like to change the default TinyMCE configuration in WordPress.\u003Cbr \u002F>\nIt makes it very easy to add, remove or change all TinyMCE settings for the classic editor and for the classic block in the block editor.\u003C\u002Fp>\n","Set advanced TinyMCE options for the classic block and classic editor.",10000,210369,12,"2023-04-10T23:51:00.000Z",[85,21,22],"http:\u002F\u002Fwww.laptoptips.ca\u002Fprojects\u002Fadvanced-tinymce-configuration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-tinymce-configuration.1.6.zip",{"attackSurface":128,"codeSignals":159,"taintFlows":192,"riskAssessment":232,"analyzedAt":246},{"hooks":129,"ajaxHandlers":155,"restRoutes":156,"shortcodes":157,"cronEvents":158,"entryPointCount":13,"unprotectedCount":13},[130,136,139,142,146,151],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","admin_menu","addPanel","ar-php.php",18,{"type":131,"name":137,"callback":138,"file":134,"line":100},"init","saveSettings",{"type":131,"name":137,"callback":140,"file":134,"line":141},"defaultSettings",25,{"type":131,"name":143,"callback":144,"file":134,"line":145},"admin_notices","versionWarning",29,{"type":147,"name":148,"callback":149,"file":134,"line":150},"filter","mce_external_plugins","tinymce_arphp_plugin",86,{"type":147,"name":152,"callback":153,"file":134,"line":154},"mce_buttons","tinymce_arphp_buttons",87,[],[],[],[],{"dangerousFunctions":160,"sqlUsage":166,"outputEscaping":168,"fileOperations":30,"externalRequests":13,"nonceChecks":13,"capabilityChecks":169,"bundledLibraries":191},[161],{"fn":162,"file":163,"line":164,"context":165},"preg_replace(\u002Fe)","sub\\ArGlyphs.class.php",508,"preg_replace('\u002F&(#x?)?([A-Za-z0-9]+);\u002Fe'",{"prepared":13,"raw":13,"locations":167},[],{"escaped":169,"rawEcho":170,"locations":171},2,9,[172,175,177,180,182,184,186,188,190],{"file":134,"line":173,"context":174},37,"raw output",{"file":134,"line":176,"context":174},98,{"file":178,"line":179,"context":174},"rpc.php",38,{"file":178,"line":181,"context":174},48,{"file":178,"line":183,"context":174},58,{"file":178,"line":185,"context":174},72,{"file":178,"line":187,"context":174},74,{"file":178,"line":189,"context":174},82,{"file":178,"line":25,"context":174},[],[193,211,221],{"entryPoint":194,"graph":195,"unsanitizedCount":209,"severity":210},"arphpSettings (ar-php.php:92)",{"nodes":196,"edges":206},[197,201],{"id":198,"type":199,"label":200,"file":134,"line":176},"n0","source","$_POST['notice']",{"id":202,"type":203,"label":204,"file":134,"line":176,"wp_function":205},"n1","sink","echo() [XSS]","echo",[207],{"from":198,"to":202,"sanitized":208},false,1,"medium",{"entryPoint":212,"graph":213,"unsanitizedCount":13,"severity":220},"\u003Car-php> (ar-php.php:0)",{"nodes":214,"edges":217},[215,216],{"id":198,"type":199,"label":200,"file":134,"line":176},{"id":202,"type":203,"label":204,"file":134,"line":176,"wp_function":205},[218],{"from":198,"to":202,"sanitized":219},true,"low",{"entryPoint":222,"graph":223,"unsanitizedCount":231,"severity":220},"\u003Crpc> (rpc.php:0)",{"nodes":224,"edges":229},[225,228],{"id":198,"type":199,"label":226,"file":178,"line":227},"$_GET (x5)",28,{"id":202,"type":203,"label":204,"file":178,"line":179,"wp_function":205},[230],{"from":198,"to":202,"sanitized":208},5,{"summary":233,"deductions":234},"The 'ar-php' plugin v0.7 exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs), and its static analysis shows a remarkably small attack surface with no AJAX handlers, REST API routes, shortcodes, or cron events. All SQL queries utilize prepared statements, which is a strong security practice. However, several concerns emerge from the code analysis. The presence of a dangerous function, `preg_replace(\u002Fe)`, is a significant red flag, as this can lead to remote code execution if not handled with extreme care and proper sanitization. Furthermore, only 18% of output is properly escaped, indicating a high risk of cross-site scripting (XSS) vulnerabilities. Taint analysis reveals two flows with unsanitized paths, which, while not reaching critical or high severity, still represent potential avenues for attackers to introduce malicious data into the application. The lack of nonce checks on any entry points, though the attack surface is zero, means that if any were introduced in future versions, they would be unprotected. The presence of capability checks is positive, but their limited number and the absence of nonce checks suggest an incomplete approach to securing potential entry points.",[235,238,241,244],{"reason":236,"points":237},"Dangerous function preg_replace(\u002Fe) used",15,{"reason":239,"points":240},"Low percentage of output properly escaped",8,{"reason":242,"points":243},"Unsanitized paths in taint analysis",7,{"reason":245,"points":11},"No nonce checks on entry points","2026-03-17T00:32:37.371Z",{"wat":248,"direct":260},{"assetPaths":249,"generatorPatterns":256,"scriptPaths":257,"versionParams":259},[250,251,252,253,254,255],"\u002Fwp-content\u002Fplugins\u002Far-php\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Far-php\u002Fimg\u002Fa_calendar.gif","\u002Fwp-content\u002Fplugins\u002Far-php\u002Fimg\u002Fh_calendar.gif","\u002Fwp-content\u002Fplugins\u002Far-php\u002Fimg\u002Fnumbers.gif","\u002Fwp-content\u002Fplugins\u002Far-php\u002Fimg\u002Fkeyboard.gif","\u002Fwp-content\u002Fplugins\u002Far-php\u002Fimg\u002Fterms.gif",[],[258],"\u002Far-php\u002Feditor_plugin.js",[],{"cssClasses":261,"htmlComments":263,"htmlAttributes":264,"restEndpoints":272,"jsGlobals":273,"shortcodeOutput":274},[262],"arphp-warning",[],[265,266,267,268,269,270,271],"name=\"arphp_date\"","name=\"arphp_hijri_date\"","name=\"arphp_spell_numbers\"","name=\"arphp_convert_layout\"","name=\"arphp_transliterate\"","name=\"action\"","value=\"arphp_update\"",[],[],[]]