[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPsmRBBu7T2gZ81S75QHYpOGDxYsgAF4-N2XcwNbCisc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":134,"fingerprints":208},"average-head-footer-code","Average Head & Footer Code","1.1","average.technology","https:\u002F\u002Fprofiles.wordpress.org\u002Faveragetechnology\u002F","\u003Cblockquote>\n\u003Cp>\u003Cstrong>Notice\u003C\u002Fstrong>\u003Cbr \u002F>\n  Average is changing its name to AddFunc. Much better, huh?! Therefore, this plugin has been republished as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faddfunc-head-footer-code\u002F\" rel=\"ugc\">AddFunc Head & Footer Code\u003C\u002Fa>. The “AddFunc version” is compatible with the “Average version,” so installation and activation of either or both is risk-free. This also enables you to manually transfer all of your head and footer code to the “AddFunc version” (if you wish). The “Average version” will remain available with minimal support until it becomes a burden for AddFunc (probably for many years to come, as of 2014). Any new features will only be added to the “AddFunc version,” so it is of course the recommended version (at least for future projects). Thanks!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Allows admins to add code to the \u003Ccode>\u003Chead>\u003C\u002Fcode> and\u002For footer of an individual post and\u002For site-wide. Ideal for scripts such as Google Analytics conversion tracking code and any other general or page-specific JavaScript.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom support tickets are available\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faverage-head-footer-code\u002Fother_notes\u002F\" rel=\"ugc\">Other Notes\u003C\u002Fa> tab for details.\u003C\u002Fp>\n\u003Ch3>Custom Support\u003C\u002Fh3>\n\u003Cp>If you have a custom support need, \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=7AF7P3TFKQ2C2\" rel=\"nofollow ugc\">please purchase your support ticket here\u003C\u002Fa>. Support tickets are responded to within 24 hours, but we answer them as soon as possible.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How it works\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=7AF7P3TFKQ2C2\" rel=\"nofollow ugc\">Purchase a support ticket via PayPal\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>You get a chance to provide the best way to contact you and a description of your need\u003C\u002Fli>\n\u003Cli>I contact you as soon as I can (no less than 24 hours) and help resolve your issue\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This is for custom needs for help, not problems with the plugin, or instructions that should already be explain in the description. If you feel there are important details omitted from the description, installation steps, etc. of the plugin, please report them in the Support forum. Thanks!\u003C\u002Fp>\n","Easily add code to your head and\u002For footer, site-wide and\u002For on any individual page\u002Fpost.",100,6476,2,"2014-12-04T23:35:00.000Z","4.0.38","3.0.1","",[19,20,21,22],"footer","footer-code","head","head-code","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faverage-head-footer-code.1.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":13,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"averagetechnology",110,30,84,"2026-04-04T15:08:42.486Z",[36,54,73,97,116],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":11,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":16,"requires_php":17,"tags":49,"homepage":17,"download_link":53,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"addfunc-head-footer-code","AddFunc Head & Footer Code","2.3","AddFunc","https:\u002F\u002Fprofiles.wordpress.org\u002Faddfunc\u002F","\u003Cp>Allows administrators to add code to the \u003Ccode>\u003Chead>\u003C\u002Fcode> and\u002For footer of an individual post (or page or other content) and\u002For site-wide. Ideal for scripts such as Google Analytics conversion tracking code and any other general or page-specific JavaScript. A very simple, reliable and lightweight plugin.\u003C\u002Fp>\n","Easily add code to your head, footer and\u002For immediately after the opening body tag, site-wide and\u002For on any individual page\u002Fpost.",20000,234825,25,"2019-05-29T19:41:00.000Z","5.2.24",[50,20,22,51,52],"add-to-head","per-page","tracking-code","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faddfunc-head-footer-code.2.3.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":11,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":17,"download_link":72,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"embed-code","Embed Code – Headers & Footers by DesignBombs","2.0.4","designbombs","https:\u002F\u002Fprofiles.wordpress.org\u002Fdesignbombs\u002F","\u003Cp>Easily insert or embed header and footer code in WordPress. Embed Code makes embedding global or page\u002Fpost-specific header and footer code super easy. It can be used to add almost anything, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Analytics tracking code\u003C\u002Fli>\n\u003Cli>Site verification snippets\u003C\u002Fli>\n\u003Cli>Typekit font scripts\u003C\u002Fli>\n\u003Cli>Custom CSS\u003C\u002Fli>\n\u003Cli>Custom JavaScript\u003C\u002Fli>\n\u003Cli>Optimizely embed code\u003C\u002Fli>\n\u003Cli>Facebook tracking pixel\u003C\u002Fli>\n\u003Cli>Live chat integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It even supports embedding code on custom post types!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s Next?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is maintained by folks over at \u003Ca href=\"http:\u002F\u002Fdesignbombs.com\" rel=\"nofollow ugc\">DesignBombs.com\u003C\u002Fa>. If you are looking to start a new website, checkout their guide on \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fhow-to-make-a-website\u002F\" rel=\"nofollow ugc\">how to create a website\u003C\u002Fa>. They also have in-depth guides on other topics like how to \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fbest-wordpress-hosting\" rel=\"nofollow ugc\">choose the best WordPress hosting\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fhow-to-start-a-blog\u002F\" rel=\"nofollow ugc\">how to start a blog\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fwww.designbombs.com\u002Fwordpress-security\u002F\" rel=\"nofollow ugc\">WordPress security\u003C\u002Fa>.\u003C\u002Fp>\n","The easiest way to embed code in the head or footer of your site, globally or on a per-page\u002Fpost basis.",5000,59115,6,"2021-08-04T08:03:00.000Z","5.8.13","4.7.0","5.4",[55,70,20,71,52],"embed-javascript","header-code","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-code.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":11,"num_ratings":64,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":17,"download_link":93,"security_score":94,"vuln_count":95,"unpatched_count":25,"last_vuln_date":96,"fetched_at":27},"add-custom-codes","Add Custom Codes – Insert Header, Footer, Custom PHP Snippets, CSS, Javascript","4.80","SaifuMak","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaifumak\u002F","\u003Cp>Add custom codes to your wordpress website. You can add custom PHP Functions, HTML, custom CSS, Javascript, Google Analytics, Search Console verification tags or other code snippets to your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>100% free wordpress plugin, no paid upgrades needed!\u003C\u002Fli>\n\u003Cli>Add PHP Snippets, Custom CSS, Javascript, Google Analytics, Facebook Scripts, Meta Verification Codes, Search console verification and other codes to your wordpress website easily.\u003C\u002Fli>\n\u003Cli>Generate Shortcodes for HTML Snippets and use it anywhere on the site!\u003C\u002Fli>\n\u003Cli>Syntax highlighter enabled with Light and Dark Mode Editors\u003C\u002Fli>\n\u003Cli>Classify snippets using tags\u003C\u002Fli>\n\u003Cli>Add Notes to Snippets\u003C\u002Fli>\n\u003Cli>Activate\u002FInactivate snippets with a single click\u003C\u002Fli>\n\u003Cli>Auto-deactivate feature for PHP snippets that causes errors.\u003C\u002Fli>\n\u003Cli>Add Custome Codes globally or on individual posts, pages, products and even on custom post types.\u003C\u002Fli>\n\u003Cli>Option to select where to put snippets: before \u003Cem>\u003C\u002Fhead>\u003C\u002Fem> or before \u003Cem>\u003C\u002Fbody>\u003C\u002Fem> etc.\u003C\u002Fli>\n\u003Cli>Import\u002FExport Snippets to use on other sites.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add custom codes to your wordpress site. A completely free plugin to add Custom PHP functions, HTML, CSS, Javascript, any other codes to your website.",1000,16630,"2025-04-29T06:08:00.000Z","6.8.5","6.6.2","7.4",[88,89,90,91,92],"custom-codes","custom-css","footer-codes","header-codes","php-snippets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-custom-codes.4.80.zip",93,4,"2025-12-31 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":11,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":17,"tags":111,"homepage":113,"download_link":114,"security_score":115,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"vanilla-bean-meta-maid","Vanilla Bean – Meta Maid","2.1.0","vsmash","https:\u002F\u002Fprofiles.wordpress.org\u002Fvsmash\u002F","\u003Cp>Meta Maid is the simplest of plugins, allowing you to add meta tags, script tags and tracking code to\u003Cbr \u002F>\nthe top and bottom of your page.\u003C\u002Fp>\n","Meta Maid is the simplest of plugins, allowing you to add meta tags, script tags and tracking code to",20,3390,1,"2024-06-22T03:42:00.000Z","6.5.8","4.0",[20,71,112,52],"meta-tags","http:\u002F\u002Fwww.velvary.com.au\u002Fvanilla-beans\u002Fwordpress\u002Fmeta-maid\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvanilla-bean-meta-maid.2.1.0.zip",92,{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":25,"downloaded":124,"rating":25,"num_ratings":25,"last_updated":125,"tested_up_to":126,"requires_at_least":110,"requires_php":17,"tags":127,"homepage":17,"download_link":133,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"per-page-headers-and-footers-code","Per Page Headers and Footers Code","1.0.0","jabermarketing","https:\u002F\u002Fprofiles.wordpress.org\u002Fjabermarketing\u002F","\u003Cp>This plugin allows you to add header and footer code to your wordpress website on a per page basis. You can also add global code which you can then deactivate from specfic pages\u002Fpsots.\u003C\u002Fp>\n","This plugin allows you to add header and footer code to your wordpress website on a per page basis.",977,"2018-04-03T16:57:00.000Z","4.9.29",[128,129,130,131,132],"per-page-code","per-page-footer-code","per-page-header-code","wordpress-footers","wordpress-headers","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fper-page-headers-and-footers-code.zip",{"attackSurface":135,"codeSignals":172,"taintFlows":201,"riskAssessment":202,"analyzedAt":207},{"hooks":136,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":25,"unprotectedCount":25},[137,143,147,151,155,158,162,165],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","admin_init","register","average-head-footer-code.php",69,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_menu","menu",70,{"type":138,"name":148,"callback":149,"file":141,"line":150},"wp_head","output_head_code",72,{"type":138,"name":152,"callback":153,"file":141,"line":154},"wp_footer","output_footer_code",73,{"type":138,"name":156,"callback":157,"file":141,"line":33},"add_meta_boxes","avrghdftrcd_add",{"type":138,"name":159,"callback":160,"file":141,"line":161},"save_post","avrghdftrcd_save",108,{"type":138,"name":148,"callback":163,"file":141,"line":164},"avrghdftrcd_head_output",132,{"type":138,"name":152,"callback":166,"file":141,"line":167},"avrghdftrcd_footer_output",138,[],[],[],[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":25,"externalRequests":25,"nonceChecks":107,"capabilityChecks":199,"bundledLibraries":200},[],{"prepared":25,"raw":25,"locations":175},[],{"escaped":13,"rawEcho":177,"locations":178},10,[179,182,184,185,187,189,191,194,195,197],{"file":141,"line":180,"context":181},59,"raw output",{"file":141,"line":183,"context":181},64,{"file":141,"line":11,"context":181},{"file":141,"line":186,"context":181},104,{"file":141,"line":188,"context":181},130,{"file":141,"line":190,"context":181},136,{"file":192,"line":193,"context":181},"options.php",8,{"file":192,"line":193,"context":181},{"file":192,"line":196,"context":181},12,{"file":192,"line":198,"context":181},16,3,[],[],{"summary":203,"deductions":204},"The \"average-head-footer-code\" plugin v1.1 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, unpatched vulnerabilities, or recorded common vulnerability types is a significant strength.  Furthermore, the code analysis reveals no dangerous functions, no direct SQL queries without prepared statements, no file operations, and no external HTTP requests. The presence of nonce and capability checks, while limited in number, indicates an awareness of secure coding practices.\n\nHowever, a notable concern lies in the output escaping. With 12 total outputs and only 17% properly escaped, there is a significant risk of cross-site scripting (XSS) vulnerabilities. This means that data displayed to users might not be sufficiently sanitized, allowing attackers to inject malicious scripts. The taint analysis showing zero flows with unsanitized paths is a positive indicator, but it doesn't fully negate the risk posed by insufficient output escaping. The plugin also has a minimal attack surface with no apparent unprotected entry points, which is commendable.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and a lack of common risky code patterns, the low percentage of properly escaped output presents a tangible security risk that needs immediate attention. Addressing this output escaping issue would significantly bolster the plugin's security.",[205],{"reason":206,"points":193},"Insufficient output escaping","2026-03-16T21:07:47.989Z",{"wat":209,"direct":214},{"assetPaths":210,"generatorPatterns":211,"scriptPaths":212,"versionParams":213},[],[],[],[],{"cssClasses":215,"htmlComments":218,"htmlAttributes":219,"restEndpoints":231,"jsGlobals":232,"shortcodeOutput":234},[216,217],"large-text","code",[],[220,221,222,223,224,225,226,227,228,229,230],"name=\"avrghdftrcd_head_code\"","id=\"avrghdftrcd_head_code\"","name=\"avrghdftrcd_footer_code\"","id=\"avrghdftrcd_footer_code\"","name=\"meta_box_nonce\"","id=\"avrghdftrcd_options_form\"","name=\"avrghdftrcd_options_form\"","name=\"site_wide_head_code\"","id=\"site_wide_head_code\"","name=\"site_wide_footer_code\"","id=\"site_wide_footer_code\"",[],[233],"avrghdftrcd_nonce",[]]