[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-9wx8IWScPT70-rIV4WaBS1pPcWWxzD_bPU7s7Pefx4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":131,"fingerprints":189},"better-code-editor","Better Code Editor","1.0","Nazmul Hossain Nihal","https:\u002F\u002Fprofiles.wordpress.org\u002Fnazmulhossainnihal\u002F","\u003Cp>Make you WordPress code editor with “Better Code Editor”.Using this plugin you can modify your code editor.You can see line numbers,detect error in your codes.You can chose 28 different themes for your editor.\u003C\u002Fp>\n\u003Cp>Using this you edit :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Themes \u003C\u002Fli>\n\u003Cli>Plugins\u003C\u002Fli>\n\u003C\u002Ful>\n","Make your editor better!",10,3689,80,3,"2015-02-24T17:18:00.000Z","4.1.42","3.5","",[20,21,22,23,24],"code","codes","editor","plugin-editor-php","wp-admin","http:\u002F\u002Fwww.SuperbCodes.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-code-editor.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"nazmulhossainnihal",120,30,84,"2026-04-04T21:08:45.903Z",[39,60,79,97,116],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":18,"download_link":59,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"crazy-pills","Crazy Pills","0.4.3","shazdeh","https:\u002F\u002Fprofiles.wordpress.org\u002Fshazdeh\u002F","\u003Cp>Stop the shortcode madness with Crazy Pills. This plugin helps you to build buttons, notification boxes, check & bullet lists, and highlight the text without using shortcodes. It generates clean and pure HTML. Best of all, you can see what it’ll look like as you’re editing your text.\u003C\u002Fp>\n\u003Cp>RTL layout is supported. Also compatible with frontend editor tools that support TinyMCE, like Themify Builder.\u003C\u002Fp>\n\u003Ch4>How to extend the plugin\u003C\u002Fh4>\n\u003Cp>You can modify, and add or remove what buttons with which color styles appear in the editor by copying the includes\u002Fconfig.php file inside the plugin to \u002Fplugins\u002Fcrazy-pills\u002Fconfig.php and modifying that file.\u003C\u002Fp>\n","Build buttons, boxes, beautiful lists, and highlight text right from your editor, with live preview.",100,7795,96,5,"2017-06-25T12:44:00.000Z","4.8.28","3.9",[55,22,56,57,58],"button","shortcodes","styles","tinymce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrazy-pills.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":47,"downloaded":68,"rating":47,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":77,"download_link":78,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"custom-fields-shortcodes","Custom Fields Shortcodes","0.9","Amir Helzer","https:\u002F\u002Fprofiles.wordpress.org\u002Famirhelzer\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwp-types.com\u002Fhome\u002Fcustom-fields-shortcodes\u002F\" rel=\"nofollow ugc\">Custom Fields Shortcodes\u003C\u002Fa> lets you insert custom fields that you created using \u003Cstrong>Advanced Custom Fields\u003C\u002Fstrong>, \u003Cstrong>Custom Field Template\u003C\u002Fstrong> and \u003Cstrong>More Fields\u003C\u002Fstrong> or manually, into the WordPress visual editor. You’ll get a new popup, next to the media buttons. There, you can select which custom fields to insert, anywhere in the content.\u003C\u002Fp>\n\u003Cp>You will see the custom fields that you’ve defined, neatly arranged by meta-boxes. Choose the field to insert and you’ll get its shortcode. You can insert custom fields from either Visual or HTML editing modes.\u003C\u002Fp>\n\u003Cp>When inserting custom fields that were created by other plugins, they display using the plugin’s API. For instance, if you use ‘Advanced Custom Fields’ and you insert a ‘radio’ field, you get the current value. If you insert a WYSIWYG field, you get the full HTML content.\u003C\u002Fp>\n\u003Cp>This allows inserting custom fields to your content without having to read them using PHP.\u003C\u002Fp>\n\u003Ch4>Adding Custom Fields to WordPress Templates\u003C\u002Fh4>\n\u003Cp>Custom Fields Shortcodes integrates seamlessly with \u003Ca href=\"http:\u002F\u002Fwp-types.com\u002Fhome\u002Fviews-create-elegant-displays-for-your-content\u002F\" rel=\"nofollow ugc\">Views\u003C\u002Fa>. You will be able to create \u003Ca href=\"http:\u002F\u002Fwp-types.com\u002Fdocumentation\u002Fuser-guides\u002Fview-templates\u002F\" rel=\"nofollow ugc\">dynamic templates\u003C\u002Fa> that include any field you want. Then, apply these templates to different content types, right from within the WordPress GUI.\u003C\u002Fp>\n","Lets you insert custom fields in the visual editor without coding in PHP.",11020,1,"2011-12-28T15:45:00.000Z","3.3.2","3.0",[74,75,22,56,76],"custom-field","custom-fields","visual","http:\u002F\u002Fwp-types.com\u002Fhome\u002Fcustom-fields-shortcodes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-fields-shortcodes.0.9.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":47,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":18,"tags":93,"homepage":95,"download_link":96,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"visual-shortcodes","Visual Shortcodes","0.1","J B","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnpbloch\u002F","\u003Cp>This is a utility plugin that will allow other plugins and themes to swap out shortcodes with custom images, in the same way that WordPress’ native gallery shortcode does this. Replacement images can be clicked to reveal a ‘delete’ button.\u003C\u002Fp>\n\u003Cp>This works extremely well when your shortcode already has a tinymce button, but does work for manual shortcodes too.\u003C\u002Fp>\n\u003Cp>This plugin does not support multi-line shortcodes or non-self-closing shortcodes (e.g. it supports \u003Ccode>[foo bar=\"baz\"]\u003C\u002Fcode> but not \u003Ccode>[foo]bar baz[\u002Ffoo]\u003C\u002Fcode>). Honestly, I don’t even know what would happen if you tried to use one. It may work, but it’s entirely unsupported.\u003C\u002Fp>\n\u003Cp>To add your shortcode, hook onto the filter \u003Ccode>'jpb_visual_shortcodes'\u003C\u002Fcode>. That filter will pass one array as an argument. Each element of that array is an associative array which must contain values for the following keys:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>shortcode\u003C\u002Fcode> The name of the shortcode to replace\u003C\u002Fli>\n\u003Cli>\u003Ccode>image\u003C\u002Fcode> The url of the image to replace the shortcode with.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additionally, the array may contain the optional parameter \u003Ccode>command\u003C\u002Fcode>, which must be a valid tinymce command. If present, this value will trigger a second UI button (‘Edit’) when the user clicks the replacement image which, when clicked, will execute the tinymce command passed as the value.\u003C\u002Fp>\n","This is a utility plugin that will allow other plugins and themes to swap out shortcodes with custom images, in the same way that WordPress' nati …",3480,50,2,"2013-01-12T03:13:00.000Z","3.5.2","3.2.1",[22,56,94],"visual-editor","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fvisual-shortcodes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisual-shortcodes.0.1.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":47,"downloaded":105,"rating":106,"num_ratings":14,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":114,"download_link":115,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-editarea","WP Editarea","0.4","takien","https:\u002F\u002Fprofiles.wordpress.org\u002Ftakien\u002F","\u003Cp>WP Editarea turns your Oldschool textarea code editor in WordPress Dashboard (plugin\u002Ftheme editor) into a fancy realtime highlighted code editor using \u003Ca href=\"http:\u002F\u002Fwww.cdolivet.com\u002Findex.php?page=editArea\" title=\"EditArea, a free javascript editor for source code\" rel=\"nofollow ugc\">Editarea\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically detect syntax language\u003C\u002Fli>\n\u003Cli>Live preview in plugin option page\u003C\u002Fli>\n\u003Cli>Better than codepress (cPanel also use this)\u003C\u002Fli>\n\u003Cli>Easy integration, no file to edit\u003C\u002Fli>\n\u003Cli>Easy to use configuration page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Editarea Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multi language interface\u003C\u002Fli>\n\u003Cli>Bracket matching highlight\u003C\u002Fli>\n\u003Cli>Support many syntax\u003C\u002Fli>\n\u003Cli>Line numbers\u003C\u002Fli>\n\u003Cli>Toggle word wrap\u003C\u002Fli>\n\u003Cli>Interactive toolbar\u003C\u002Fli>\n\u003Cli>Search\u002Freplace with regex\u003C\u002Fli>\n\u003Cli>More at \u003Ca href=\"http:\u002F\u002Fwww.cdolivet.com\u002Findex.php?page=editArea\" title=\"EditArea, a free javascript editor for source code\" rel=\"nofollow ugc\">Editarea homepage\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Browser Compatibility\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>IE 6 & 7 & 8, Firefox 1.5 & 2 & 3, Safari 3.x & 4, Opera 9, 9.5, 9.6 and Chrome 1 & 2[2] and mostly all modern browsers.\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Editarea turns your Oldschool textarea code editor in Wordpress Dashboard (plugin\u002Ftheme editor) into a fancy realtime highlighted code editor using …",13449,60,"2013-08-14T15:44:00.000Z","3.6.1","2.9",[111,112,22,113,24],"code-highlight","dashboard","source-code","http:\u002F\u002Ftakien.com\u002F606\u002Fwp-editarea-wordpress-plugin.php","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-editarea.0.4.zip",{"slug":117,"name":118,"version":6,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":28,"num_ratings":28,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":18,"download_link":130,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"lineate","Lineate","Johnathon Williams","https:\u002F\u002Fprofiles.wordpress.org\u002Foddjar\u002F","\u003Cp>Lineate provides two simple shortcodes for easily formatting poetry in the WordPress editor.\u003C\u002Fp>\n\u003Cp>The first is the stanza shortcode. To indicate a stanza, wrap the appropriate text the [stanza]…[\u002Fstanza] shortcode as follows:\u003C\u002Fp>\n\u003Cp>[stanza]\u003Cbr \u002F>\nIn Xanadu did Kubla Khan\u003Cbr \u002F>\nA stately pleasure-dome decree :\u003Cbr \u002F>\nWhere Alph, the sacred river, ran\u003Cbr \u002F>\nThrough caverns measureless to man\u003Cbr \u002F>\nDown to a sunless sea.\u003Cbr \u002F>\n[\u002Fstanza]\u003C\u002Fp>\n\u003Cp>The amount of vertical distance between stanzas can be set on the Lineate settings page.\u003C\u002Fp>\n\u003Cp>The second shortcode is for indicating individual lines within a stanza. To ensure that each line in the above example was rendered correctly, you would use the [lineate] shortcode as follows:\u003C\u002Fp>\n\u003Cp>[stanza]\u003Cbr \u002F>\n[lineate]In Xanadu did Kubla Khan[\u002Flineate]\u003Cbr \u002F>\n[lineate]A stately pleasure-dome decree :[\u002Flineate]\u003Cbr \u002F>\n[lineate]Where Alph, the sacred river, ran[\u002Flineate]\u003Cbr \u002F>\n[lineate]Through caverns measureless to man[\u002Flineate]\u003Cbr \u002F>\n[lineate]Down to a sunless sea.[\u002Flineate]\u003Cbr \u002F>\n[\u002Fstanza]\u003C\u002Fp>\n\u003Cp>A new button is included in the visual editor for automatically wrapping individual lines in the lineate shortcode. To use the button, hightlight a single line, and click the button with the line break symbol (a red slash).\u003C\u002Fp>\n\u003Cp>The lineate shortcode also supports indented or “dropped” lines, with three levels of indentation.\u003C\u002Fp>\n\u003Cp>The horizontal width of each indent is set through the base indent value on the Lineate settings page. The default value is 30 pixels.\u003C\u002Fp>\n\u003Cp>To indicate dropped lines, include the indent attribute as follows:\u003C\u002Fp>\n\u003Cp>[stanza]\u003Cbr \u002F>\n[lineate]In Xanadu did Kubla Khan[\u002Flineate]\u003Cbr \u002F>\n[lineate indent=1]A stately pleasure-dome decree :[\u002Flineate]\u003Cbr \u002F>\n[lineate indent=2]Where Alph, the sacred river, ran[\u002Flineate]\u003Cbr \u002F>\n[lineate indent=3]Through caverns measureless to man[\u002Flineate]\u003Cbr \u002F>\n[\u002Fstanza]\u003C\u002Fp>\n\u003Cp>In this example, assuming the base indent was set at 20 pixels, the second line in the stanza would be 20 pixels from the left margin, the third line would be 40 pixels from the left margin, and the fourth line would be 60 pixels from the left margin.\u003C\u002Fp>\n","Lineate provides simple shortcodes for formatting poetry in the WordPress editor.",20,1689,"2012-08-19T16:30:00.000Z","3.4.2","3.3",[22,129,56],"poetry","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flineate.zip",{"attackSurface":132,"codeSignals":160,"taintFlows":182,"riskAssessment":183,"analyzedAt":188},{"hooks":133,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":28,"unprotectedCount":28},[134,140,143,147,151],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","admin_menu","nhnbe_add_options_link","better-code-editor.php",79,{"type":135,"name":141,"callback":142,"file":138,"line":36},"admin_init","nhnbe_register_settings",{"type":135,"name":144,"callback":145,"file":138,"line":146},"init","nhnbe_scripts_method",97,{"type":135,"name":148,"callback":149,"file":138,"line":150},"admin_head","nhnbe_admin",119,{"type":152,"name":153,"callback":154,"file":138,"line":155},"filter","admin_footer_text","nhnbe_footer",158,[],[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":164,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":181},[],{"prepared":28,"raw":28,"locations":163},[],{"escaped":28,"rawEcho":165,"locations":166},8,[167,169,170,172,174,176,178,179],{"file":138,"line":106,"context":168},"raw output",{"file":138,"line":106,"context":168},{"file":138,"line":171,"context":168},67,{"file":138,"line":173,"context":168},73,{"file":138,"line":175,"context":168},117,{"file":138,"line":177,"context":168},152,{"file":138,"line":177,"context":168},{"file":138,"line":180,"context":168},155,[],[],{"summary":184,"deductions":185},"The static analysis of the 'better-code-editor' plugin v1.0 reveals a seemingly clean codebase with no identified dangerous functions, SQL injection vulnerabilities, or file operations. The absence of external HTTP requests and bundled libraries further contributes to a reduced attack surface. However, a significant concern arises from the 0% output escaping. This indicates that all 8 outputs within the plugin are not properly sanitized, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is directly reflected in the output without encoding.\n\nThe plugin's vulnerability history is clear, with no recorded CVEs. This, combined with the clean static analysis, suggests that the plugin might be relatively secure or has not yet been targeted by attackers for known vulnerabilities. However, the lack of output escaping is a critical oversight that significantly increases the risk of XSS attacks. While the attack surface appears minimal, the vulnerability in output handling is a primary weakness that needs immediate attention to ensure a more robust security posture.",[186],{"reason":187,"points":165},"0% output escaping","2026-03-17T00:14:53.341Z",{"wat":190,"direct":201},{"assetPaths":191,"generatorPatterns":198,"scriptPaths":199,"versionParams":200},[192,193,194,195,196,197],"\u002Fwp-content\u002Fplugins\u002Fbetter-code-editor\u002Fjs\u002Fjquery.js","\u002Fwp-content\u002Fplugins\u002Fbetter-code-editor\u002Fjs\u002Face.js","\u002Fwp-content\u002Fplugins\u002Fbetter-code-editor\u002Fjs\u002Fjquery-ace.min.js","\u002Fwp-content\u002Fplugins\u002Fbetter-code-editor\u002Fjs\u002Fmode-css.js","\u002Fwp-content\u002Fplugins\u002Fbetter-code-editor\u002Fjs\u002Fmode-php.js","\u002Fwp-content\u002Fplugins\u002Fbetter-code-editor\u002Fjs\u002Fmode-javascript.js",[],[192,193,194,195,196,197],[],{"cssClasses":202,"htmlComments":206,"htmlAttributes":207,"restEndpoints":208,"jsGlobals":209,"shortcodeOutput":211},[203,204,205],"ace_gutter","ace_scrollbar","ace_scrollbar-inner",[],[],[],[210],"ace",[]]