[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8yYbgXFIyOXVo5M3-PThrjH663C5lY7E6uTk0UJpVyQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":134,"fingerprints":187},"average-wysiwyg-helper","Average WYSIWYG Helper","2.2.1","Joe Rhoney","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoerhoney\u002F","\u003Cblockquote>\n\u003Cp>\u003Cstrong>Notice\u003C\u002Fstrong>\u003Cbr \u002F>\n  Average is changing its name to AddFunc (good thing). Therefore, this plugin has been improved and republished as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faddfunc-wysiwyg-helper\" rel=\"ugc\">AddFunc WYSIWYG Helper\u003C\u002Fa>. In the “AddFunc version”, the WYSIWYG Helper settings are a user preference rather than a universal preference that can only be managed by an Administrator. The “AddFunc version” is compatible with the “Average version,” so installation and activation is risk-free. Just deactivate the old one, install\u002Factivate the new one, turn it on in your user profile preferences and you’re done. Switching to the “AddFunc version” is optional. The “Average version” will remain available with minimal support until it becomes a burden for AddFunc (probably for many years to come, as of 2015). Any new features will only be added to the “AddFunc version,” so it is of course the recommended version (at least moving forward). Thanks!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Average WYSIWYG Helper is a lightweight plugin that uses CSS to highlight prominent HTML elements in the default WYSIWYG editor (Tiny MCE), to help Editors see what they’re editing. This in effect creates a sort of combination WYSIWYG\u002F\u003Ca href=\"http:\u002F\u002Fmcs.open.ac.uk\u002Fnlg\u002Fold_projects\u002Fwysiwym\u002F\" rel=\"nofollow ugc\">WYSIWYM\u003C\u002Fa> (What You See Is What You Mean) combination. With the WYSIWYM option turned on, the following elements are highlighted with a colored border and label:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>p\u003C\u002Fli>\n\u003Cli>div\u003C\u002Fli>\n\u003Cli>ol\u003C\u002Fli>\n\u003Cli>ul\u003C\u002Fli>\n\u003Cli>li\u003C\u002Fli>\n\u003Cli>span*\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>*Span are highlighted without a label, but even more prominently, so they are easy to spot. This can help Editors keep the code clean, as they can see where they need to remove unwanted styling using the style eraser button.\u003C\u002Fp>\n\u003Cp>Your theme can still apply an editor-style.css stylesheet. In most cases, the WYSIWYG will still reflect how the content will look on the front end of the live website.\u003C\u002Fp>\n\u003Cp>Average WYSIWYG Helper also provides an option to cancel out certain default styles in the WYSIWYG, such as the caption box\u002Fborder.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>   It is suggested that Editor’s use a browser that supports CSS3 for best results.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom support tickets are available\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faverage-wysiwyg-helper\u002Fother_notes\u002F\" rel=\"ugc\">Other Notes\u003C\u002Fa> tab for details.\u003C\u002Fp>\n\u003Ch3>Custom Support\u003C\u002Fh3>\n\u003Cp>If you have a custom support need, \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=7AF7P3TFKQ2C2\" rel=\"nofollow ugc\">please purchase your support ticket here\u003C\u002Fa>. Support tickets are responded to within 24 hours, but we answer them as soon as possible.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How it works\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=7AF7P3TFKQ2C2\" rel=\"nofollow ugc\">Purchase a support ticket for via PayPal\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>You get a chance to provide the best way to contact you and a description of your need\u003C\u002Fli>\n\u003Cli>I contact you as soon as I can (no less than 24 hours) and help resolve your issue\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This is for custom needs for help, not problems with the plugin, or instructions that should already be explain in the description. If you feel there are important details omitted from the description, installation steps, etc. of the plugin, please report them in the Support forum. Thanks!\u003C\u002Fp>\n","Highlights prominent HTML elements in the WYSIWYG editor, to help Editors see what they're editing. Sort of a WYSIWYM (the M is for mean).",20,3823,100,3,"2015-02-18T21:43:00.000Z","4.0.38","3.0.1","",[20,21,22,23],"element-highlighter","tinymce","wysiwyg","wysiwym","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faverage-wysiwyg-helper.2.2.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"joerhoney",4,140,89,30,86,"2026-04-04T03:56:58.653Z",[39,52,70,90,112],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":10,"active_installs":13,"downloaded":46,"rating":13,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":17,"requires_php":18,"tags":50,"homepage":18,"download_link":51,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"addfunc-wysiwyg-helper","AddFunc WYSIWYG Helper","5.0","AddFunc","https:\u002F\u002Fprofiles.wordpress.org\u002Faddfunc\u002F","\u003Cp>AddFunc WYSIWYG Helper is a lightweight plugin that uses CSS to highlight prominent HTML elements in the default WYSIWYG editor (Tiny MCE), to help Editors see what they’re editing. This in effect creates a sort of combination WYSIWYG\u002F\u003Ca href=\"http:\u002F\u002Fmcs.open.ac.uk\u002Fnlg\u002Fold_projects\u002Fwysiwym\u002F\" rel=\"nofollow ugc\">WYSIWYM\u003C\u002Fa> (What You See Is What You Mean) combination. With the WYSIWYM option turned on in your user profile, the following elements are highlighted with a colored border and label:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>p\u003C\u002Fli>\n\u003Cli>div\u003C\u002Fli>\n\u003Cli>pre\u003C\u002Fli>\n\u003Cli>ol\u003C\u002Fli>\n\u003Cli>ul\u003C\u002Fli>\n\u003Cli>li\u003C\u002Fli>\n\u003Cli>figure\u003C\u002Fli>\n\u003Cli>article\u003C\u002Fli>\n\u003Cli>section\u003C\u002Fli>\n\u003Cli>aside\u003C\u002Fli>\n\u003Cli>header\u003C\u002Fli>\n\u003Cli>footer\u003C\u002Fli>\n\u003Cli>span*\u003C\u002Fli>\n\u003Cli>code*\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>*Span and code elements are highlighted without labels. For span elements, this is to help make them more prominent, so they are easy to spot. This can help Editors keep the code clean, as they can see where they need to remove unwanted styling using the style eraser button. For code elements, we do this because WordPress apparently always wraps these within another element, treating it as inline, rather than a block. The labels can only be workable on block elements.\u003C\u002Fp>\n\u003Cp>Your theme can still apply an editor-style.css stylesheet. In most cases, the WYSIWYG will still reflect how the content will look on the front end of the live website.\u003C\u002Fp>\n\u003Cp>AddFunc WYSIWYG Helper also provides an option to cancel out certain default styles in the WYSIWYG, such as the caption box\u002Fborder.\u003C\u002Fp>\n\u003Cp>Unlike it’s predecessor, Average WYSIWYG Helper, these settings are not on a universal options page that applies to all users. Each user can enable\u002Fdisable these options on his\u002Fher user profile settings page under the heading “WYSIWYG Helper”.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>   It is suggested that Editor’s using the WYSIWYM use a browser that supports CSS3 for best results.\u003C\u002Fp>\n",12070,2,"2018-12-11T00:49:00.000Z","5.0.25",[20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faddfunc-wysiwyg-helper.5.0.zip",{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":13,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":18,"tags":66,"homepage":18,"download_link":69,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"tinywym-editor","tinyWYM Editor","1.4.1","arickards","https:\u002F\u002Fprofiles.wordpress.org\u002Farickards\u002F","\u003Cp>tinyWYM Editor was created to help inexperienced WordPress users create cleaner, more semantic markup, and to avoid some of the pitfalls of WordPress’s standard WYSIWYG editor. It does this by labelling and highlighting all HTML elements in the editor, creating a visual representation of the HTML being generated.\u003C\u002Fp>\n\u003Cp>tinyWYM Editor also gives more experience users all the control and flexibility of the text editor without having to leave the visual editor. Create and edit any HTML element, add attributes, and wrap or unwrap elements all from the visual editor.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftinywym-editor\u002Fscreenshots\u002F\" title=\"Screenshots\" rel=\"ugc\">Screenshots\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftinywym-editor\u002Ffaq\u002F\" title=\"Frequently Asked Questions\" rel=\"ugc\">FAQ\u003C\u002Fa> sections for details on how to use tinyWYM Editor.\u003C\u002Fp>\n","Convert WordPress's WYSIWYG editor into a WYSIWYM editor. Add and edit any HTML tag and attribute from the visual editor.",1000,67512,6,"2018-03-12T04:01:00.000Z","4.9.29","4.2.0",[21,67,68,22,23],"visual-editor","wp-editor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftinywym-editor.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":80,"num_ratings":14,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":18,"tags":84,"homepage":87,"download_link":88,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":89},"rdface","RDFaCE","0.71 beta","Ali Khalili","https:\u002F\u002Fprofiles.wordpress.org\u002Fali1k\u002F","\u003Cp>RDFa Content Editor (RDFaCE) is a plugin for TinyMCE rich text editor.\u003Cbr \u002F>\nRDFaCE is an implementation for WYSIWYM (What You See Is What You Mean) concept.\u003Cbr \u002F>\nIt enables end-users to easily annotate their blog posts using RDFa and Microdata markups.\u003Cbr \u002F>\nThis special edition focuses on Schema.org schemas for improving SEO (Search Engine Optimization).\u003Cbr \u002F>\nFor more info visit RDFaCE project page at http:\u002F\u002Frdface.aksw.org\u002F or watch the WYSIWYM concept video at http:\u002F\u002Fyoutu.be\u002FwxtlAol4HB0\u003C\u002Fp>\n","Enables semantic content authoring based on RDFa and Microdata (Schema.org).",10,4653,80,"2015-10-23T19:45:00.000Z","4.3.34","3.9.1",[85,86,21,22,23],"microdata","rdfa","http:\u002F\u002Faksw.org\u002FProjects\u002FRDFaCE","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frdface.zip","2026-03-15T14:54:45.397Z",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":110,"download_link":111,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"black-studio-tinymce-widget","Black Studio TinyMCE Widget","2.7.3","Black Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fblack-studio\u002F","\u003Cp>This plugin adds a new \u003Ccode>Visual Editor\u003C\u002Fcode> widget type that allows you to insert rich text and media objects in your sidebars with no hassle. With Black Studio TinyMCE Widget you will be able to edit your widgets in a WYSIWYG manner using the native WordPress TinyMCE editor, just like you do in posts and pages. And if you are a developer you may still switch back and forth from Visual to HTML mode.\u003C\u002Fp>\n\u003Cp>For years the default WordPress text widget has been very basic and it required HTML knowledge to add formatting and images\u002Fmedia to the text. This plugin was born in 2011 to overcome these limitations. After a long time, in June 2017, version 4.8 of WordPress finally introduced a new text widget that included the ability to manage text widgets with the visual editor. The new widget available in WordPress core could now be used as a basic replacement of Black Studio TinyMCE Widget, but the plugin still offers some additional features, so it remains a must-have for advanced users.\u003C\u002Fp>\n\u003Ch4>Basic Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add rich text widgets to your sidebars and edit them using the TinyMCE visual editor\u003C\u002Fli>\n\u003Cli>Switch between Visual mode and HTML mode (including Quicktags toolbar)\u003C\u002Fli>\n\u003Cli>Insert images, videos, and other media from WordPress Media Library\u003C\u002Fli>\n\u003Cli>Insert links to existing WordPress pages\u002Fposts or external resources\u003C\u002Fli>\n\u003Cli>Support for shortcodes, smilies and embed in widget text (including preview)\u003C\u002Fli>\n\u003Cli>Support for the Block-based Widgets Editor introduced with WordPress 5.8\u003C\u002Fli>\n\u003Cli>Support for Customizer with live preview and quick edit\u003C\u002Fli>\n\u003Cli>Support for widgets accessibility mode\u003C\u002Fli>\n\u003Cli>Compatible with multi-site (WordPress networks)\u003C\u002Fli>\n\u003Cli>Compatible with the most common multi-language plugins\u003C\u002Fli>\n\u003Cli>Compatible with Page Builder plugin by SiteOrigin\u003C\u002Fli>\n\u003Cli>Translations available in 20+ languages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Features\u003C\u002Fh4>\n\u003Cp>These features are what makes this plugin better than the WordPress (4.8+) native widget:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Full featured TinyMCE Visual Editor (the same you have for pages and posts)\u003C\u002Fli>\n\u003Cli>Wide text area for an enhanced editing experience\u003C\u002Fli>\n\u003Cli>Compatible with 3rd party TinyMCE customization plugins (TinyMCE Advanced, WP Edit, …)\u003C\u002Fli>\n\u003Cli>Support for distraction-free (fullscreen) editing mode \u003C\u002Fli>\n\u003Cli>Option to “Automatically add paragraphs” to widget text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the plugin\u003C\u002Fh4>\n\u003Cp>The story of the plugin was featured in a talk at WordCamp Europe 2018 in Belgrade.\u003Cbr \u002F>\nSee the video \u003Ca href=\"https:\u002F\u002Fwordpress.tv\u002F2018\u002F07\u002F11\u002Ffrancesco-canovi-marco-chiesi-once-upon-a-time-there-was-a-plugin\u002F\" rel=\"nofollow ugc\">Once upon a time, there was a plugin…\u003C\u002Fa> on WordPress.tv.\u003C\u002Fp>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002F\" rel=\"nofollow ugc\">Author’s web site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002Fwordpress-plugins\u002Fblack-studio-tinymce-widget\u002F\" rel=\"nofollow ugc\">Plugin’s page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblack-studio-tinymce-widget\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblack-studio-tinymce-widget\" rel=\"ugc\">Support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fblackstudioita\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fblackstudiocomunicazione\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fblack-studio\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblack-studio\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get involved\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Developers can contribute to the source code on our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblack-studio\u002Fblack-studio-tinymce-widget\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Translators can contribute through the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fblack-studio-tinymce-widget\" rel=\"nofollow ugc\">Official WordPress Translation platform\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Users can contribute by leaving a 5 stars \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fblack-studio-tinymce-widget#postform\" rel=\"ugc\">review\u003C\u002Fa> or making a \u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002Fwordpress-plugins\u002Fblack-studio-tinymce-widget\u002F\" rel=\"nofollow ugc\">donation\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","The visual editor widget for WordPress.",200000,11110927,96,192,"2026-03-08T20:09:00.000Z","6.9.4","3.1","5.2",[107,21,108,109,22],"editor","visual","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblack-studio-tinymce-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblack-studio-tinymce-widget.2.7.3.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":13,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":131,"download_link":132,"security_score":133,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"visual-term-description-editor","Visual Term Description Editor","1.8.1","Shea Bunge","https:\u002F\u002Fprofiles.wordpress.org\u002Fbungeshea\u002F","\u003Cp>-Replaces the term description editor with the WordPress TinyMCE visual editor, allowing you to use HTML in term descriptions and write them in rich text. Works on all taxonomies, including tags, categories and link categories, as well as custom taxonomies.\u003C\u002Fp>\n\u003Cp>This plugin is multisite-compatible; if you would like to use it on every blog, network activate the plugin from the network dashboard. Otherwise, activate the plugin for individual sites.\u003C\u002Fp>\n\u003Cp>This plugin’s code is \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsheabunge\u002Fvisual-term-description-editor\" rel=\"nofollow ugc\">available on GitHub\u003C\u002Fa>. Please feel free to fork the repository and send a pull request. If you find a bug in the plugin, open an issue.\u003C\u002Fp>\n","Replaces the plain-text category and tag description editor with a visual editor.",20000,96883,21,"2024-08-17T01:44:00.000Z","6.6.5","3.3","5.4",[128,129,130,21,22],"categories","rich-text","tags","https:\u002F\u002Fgithub.com\u002Fsheabunge\u002Fvisual-term-description-editor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisual-term-description-editor.1.8.1.zip",92,{"attackSurface":135,"codeSignals":162,"taintFlows":176,"riskAssessment":177,"analyzedAt":186},{"hooks":136,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":26,"unprotectedCount":26},[137,143,146,150,154],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","admin_init","register","average-wysiwyg-helper.php",88,{"type":138,"name":144,"callback":145,"file":141,"line":34},"admin_menu","menu",{"type":138,"name":147,"callback":148,"file":141,"line":149},"admin_notices","post_upgrade_nag",90,{"type":151,"name":152,"callback":153,"file":141,"line":133},"filter","mce_css","css",{"type":138,"name":155,"callback":156,"file":141,"line":157},"load-post.php","avrgwysiwyg_help_tab",130,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":47,"bundledLibraries":175},[],{"prepared":26,"raw":26,"locations":165},[],{"escaped":26,"rawEcho":14,"locations":167},[168,171,174],{"file":141,"line":169,"context":170},82,"raw output",{"file":172,"line":173,"context":170},"options.php",9,{"file":172,"line":173,"context":170},[],[],{"summary":178,"deductions":179},"The \"average-wysiwyg-helper\" plugin v2.2.1 demonstrates a strong security posture in several key areas. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. Furthermore, the code does not exhibit any dangerous functions or file operations, and there are no external HTTP requests, which are positive indicators of secure coding practices. The presence of capability checks, albeit only two, is also a good sign, suggesting some level of authorization awareness in the code.\n\nHowever, a significant concern arises from the complete lack of output escaping. With three total outputs and zero percent properly escaped, there is a high likelihood of cross-site scripting (XSS) vulnerabilities. This is a critical oversight that could allow attackers to inject malicious scripts into the WordPress site. The fact that taint analysis shows zero flows is likely due to the limited entry points and lack of data processing that would trigger such analysis, rather than an indication of inherent security in data handling.\n\nThe plugin's vulnerability history is spotless, with no recorded CVEs. This, combined with the positive static analysis signals, suggests that the developers have likely focused on keeping the codebase clean and free of known vulnerabilities. However, the lack of output escaping is a serious deficiency that overshadows these strengths and represents a tangible risk to users.",[180,183],{"reason":181,"points":182},"Outputs are not properly escaped",8,{"reason":184,"points":185},"No capability checks on some entry points",5,"2026-03-16T22:54:01.781Z",{"wat":188,"direct":195},{"assetPaths":189,"generatorPatterns":192,"scriptPaths":193,"versionParams":194},[190,191],"\u002Fwp-content\u002Fplugins\u002Faverage-wysiwyg-helper\u002Fwysiwym.css","\u002Fwp-content\u002Fplugins\u002Faverage-wysiwyg-helper\u002Foverrides.css",[],[],[],{"cssClasses":196,"htmlComments":202,"htmlAttributes":206,"restEndpoints":209,"jsGlobals":210,"shortcodeOutput":211},[197,198,199,200,201],"noyesswitch","noyesswitch-checkbox","noyesswitch-label","noyesswitch-inner","noyesswitch-switch",[203,204,205],"\u003C!--\n    Plugin Name: Average WYSIWYG Helper\n    Plugin URI:\n    Description: Reveals the prominent HTML elements in the default WYSIWYG editor (TinyMCE) comprehensively, while maintaining edibility as well as any theme styles (in most cases). In effect, you have a WYSIWYG and a WYSIWYM (What You See Is What You Mean) combined. Can also cancel out certain default WordPress styling in the WYSIWYG such as the captions box\u002Fborder.\n    Version: 2.2.1\n    Author: Average\n    Author URI: http:\u002F\u002Fprofiles.wordpress.org\u002Faveragetechnology\u002F\n    @since 3.8\n        ___\n       \u002F   |_   _____  _________ _____ ____\n      \u002F \u002F| | | \u002F \u002F _ \u002F ___\u002F __ `\u002F __ `\u002F _ \\\n     \u002F ___ | |\u002F \u002F  __\u002F \u002F  \u002F \u002F_\u002F \u002F \u002F_\u002F \u002F  __\u002F\n    \u002F_\u002F  |_|___\u002F\\___\u002F_\u002F   \\__,_\u002F\\__, \u002F\\___\u002F\n                               \u002F____\u002F     ™\n                               by Joe Rhoney\n-->","\u003C!--\n    W Y S I W Y G   H E L P E R   C L A S S\n    =======================================\n-->","\u003C!--\n    H E L P   T A B\n    ===============\n-->",[207,208],"id=\"avrgwysiwyg_options_form\"","name=\"avrgwysiwyg_options_form\"",[],[],[]]