[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$frMPmsPZ9tvUJGAKIgXf_iAVgtOdq_kso5aMK2IJgiNE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":93,"crawl_stats":38,"alternatives":97,"analysis":204,"fingerprints":631},"css-javascript-toolbox","CSS & JavaScript Toolbox","12.0.6","wipeoutmedia","https:\u002F\u002Fprofiles.wordpress.org\u002Fwipeoutmedia\u002F","\u003Cp>Safely add CSS, JavaScript, PHP or HTML to unique code blocks, then choose where it goes on your site. For even more power, get our free AI-powered snippet plugin here: \u003Ca href=\"https:\u002F\u002Fwpsnippets.ai\u002F?utm_source=cjt_free_on_wordpress&utm_medium=readme_txt_description&utm_campaign=click_for_premium_link\" rel=\"nofollow ugc\">WP Snippets AI\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>IDEAL FOR:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Making CSS front-end changes\u003C\u002Fstrong> – No need to modify theme files or work with tedious built-in theme options. Just create a CSS code block.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Adding site functionality\u003C\u002Fstrong> – Stop adding plugins for simple tasks as they can slow down your site. Create a JavaScript or PHP code block instead.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Adding widgets, code snippets and third-party scripts\u003C\u002Fstrong> – Code blocks are perfect for adding scripts such as Google Analytics and chat widgets to your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>CJT is built on the concept of a code block. Each code block is more than just a code editor. It also contains a location editor so you can click the sections of your website you want your code to run.\u003C\u002Fp>\n\u003Cp>It was designed for super-fast development without any cumbersome page refreshing. Create as many code blocks as you need and see all of your code and locations in the one dashboard. Don’t worry, CJT has been optimised to handle 100’s of code blocks and thousands of locations (i.e. Pages, Posts, Categories, Custom Posts, etc).\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcss-javascript-toolbox.com\u002F?utm_source=cjt_free_on_wordpress&utm_medium=readme_txt_description&utm_campaign=click_for_premium_link\" rel=\"nofollow ugc\">Click for CSS & JavaScript Toolbox PLUS\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>FEATURES:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy to use ‘code blocks’ interface\u003C\u002Fli>\n\u003Cli>Powerful code editor\u003C\u002Fli>\n\u003Cli>Intuitive assignment panel (click where your code goes)\u003C\u002Fli>\n\u003Cli>Code\u002Fscript library management\u003C\u002Fli>\n\u003Cli>Add code to the header or footer hook\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> Add code to entire website, all posts, etc\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> Add code via shortcodes, widgets, Gutenburg blocks, etc\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> Add code via tags, URLs, regular expressions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> 8 additional hooks for more precise assignments\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> Invert feature (run code everywhere but …)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> Editor tools (code auto complete, beautify\u002Fminify, etc)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> Code revisions system\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PREMIUM\u003C\u002Fstrong> Backup and export\u002Fimport system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcss-javascript-toolbox.com\u002F?utm_source=cjt_free_on_wordpress&utm_medium=readme_txt_description&utm_campaign=click_for_premium_link\" rel=\"nofollow ugc\">Click for CSS & JavaScript Toolbox PLUS\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>OVERVIEW VIDEO\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FvYAKePVgJqE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Add CSS, JavaScript, PHP and HTML code snippets to your site. For AI-powered snippets, get our free plugin here: wpsnippets.ai",10000,535817,94,85,"2025-10-28T13:57:00.000Z","6.8.5","5.0","7.4.0",[20,21,22,23,24],"code","javascript","php","scripts","snippets","https:\u002F\u002Fcss-javascript-toolbox.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcss-javascript-toolbox.12.0.6.zip",93,4,0,"2025-10-31 00:00:00","2026-03-15T15:16:48.613Z",[33,48,64,78],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-11928","css-javascript-toolbox-authenticated-admin-stored-cross-site-scripting","CSS & JavaScript Toolbox \u003C= 12.0.5 - Authenticated (Admin+) Stored Cross-Site Scripting","The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 12.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=12.0.5","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-11-01 03:34:37",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa26c71d6-9840-450e-90cd-c20de53f5cb5?source=api-prod",1,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":38,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2025-3703","css-javascript-toolbox-authenticated-subscriber-local-file-inclusion","CSS & JavaScript Toolbox \u003C 12.0.3 - Authenticated (Subscriber+) Local File Inclusion","The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Local File Inclusion in versions up to 12.0.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.","\u003C12.0.3","12.0.3","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2025-07-22 00:00:00","2025-07-28 20:50:23",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb6a99135-c12e-435c-bd81-ddd3414d178a?source=api-prod",7,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":40,"cvss_score":71,"cvss_vector":72,"vuln_type":43,"published_date":73,"updated_date":74,"references":75,"days_to_patch":77},"CVE-2023-50823","css-javascript-toolbox-authenticated-contributor-stored-cross-site-scripting-via-shortcode","CSS & JavaScript Toolbox \u003C= 11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode","The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 11.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=11.8","11.9",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2023-12-19 00:00:00","2024-01-24 01:06:13",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Face85b25-251b-4549-8f6e-1a1494cbabb6?source=api-prod",36,{"id":79,"url_slug":80,"title":81,"description":82,"plugin_slug":4,"theme_slug":38,"affected_versions":83,"patched_in_version":84,"severity":40,"cvss_score":85,"cvss_vector":86,"vuln_type":87,"published_date":88,"updated_date":89,"references":90,"days_to_patch":92},"WF-868b7492-c550-4c06-adb0-3478eb7d9b55-css-javascript-toolbox","css-javascript-toolbox-information-exposure","CSS & JavaScript Toolbox \u003C= 8.4.1 - Information Exposure","The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 8.4.1 by accessing '\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fmodels\u002Funinstall\u002Fdb\u002Fmysql\u002Funinstall.sql' on a vulnerable sites. This can allow unauthenticated attackers to extract sensitive data such as the database backup.","\u003C=8.4.1","8.4.2",5.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2018-12-08 00:00:00","2024-01-22 19:56:02",[91],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F868b7492-c550-4c06-adb0-3478eb7d9b55?source=api-prod",1872,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":94,"trust_score":95,"computed_at":96},479,74,"2026-04-04T21:06:49.000Z",[98,123,145,165,183],{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":119,"download_link":120,"security_score":121,"vuln_count":63,"unpatched_count":29,"last_vuln_date":122,"fetched_at":31},"insert-php","Woody Code Snippets – Insert PHP, CSS, JS, and Header\u002FFooter Scripts","2.7.2","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Woody Code Snippets is a WordPress plugin that helps you insert code into your site without editing theme files.\u003C\u002Fp>\n\u003Cp>Many WordPress users still add PHP, JavaScript, CSS, tracking pixels, or ad scripts directly into functions.php, header.php, or footer.php. This approach breaks easily when themes update and becomes hard to manage as your site grows.\u003C\u002Fp>\n\u003Cp>Woody solves this by giving you a centralized code snippet manager where you can safely add header scripts, footer scripts, PHP snippets, custom CSS, JavaScript, and HTML from the WordPress admin.\u003C\u002Fp>\n\u003Cp>You can use Woody as a header and footer code manager, a PHP snippet plugin, or a way to reuse content and scripts across your site using shortcodes or automatic insertion.\u003C\u002Fp>\n\u003Cp>Each snippet can be enabled or disabled instantly, placed in specific locations like before content or after paragraphs, and shown only when certain conditions are met.\u003C\u002Fp>\n\u003Ch3>Quick Links\u003C\u002Fh3>\n\u003Cp>📘 \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Fcollection\u002F2410-woody-code-snippets\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> – Complete setup and configuration guide\u003C\u002Fp>\n\u003Cp>💬 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Finsert-php\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa> – Community help and expert support\u003C\u002Fp>\n\u003Cp>⭐ \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_quicklinks\" rel=\"nofollow ugc\">Go Pro\u003C\u002Fa> – Unlock advanced features and priority support\u003C\u002Fp>\n\u003Ch3>What Problems Does Woody Solve?\u003C\u002Fh3>\n\u003Cp>Woody is built for real WordPress workflows. It helps you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Insert code into headers and footers without editing theme files\u003C\u002Fli>\n\u003Cli>Add analytics scripts, tracking pixels, and ad code safely\u003C\u002Fli>\n\u003Cli>Manage PHP snippets without touching functions.php\u003C\u002Fli>\n\u003Cli>Reuse scripts and content across pages using shortcodes\u003C\u002Fli>\n\u003Cli>Control where code runs using placement rules and conditions\u003C\u002Fli>\n\u003Cli>Enable, disable, or roll back snippets without breaking your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Whether you are building client sites, running marketing experiments, or maintaining your own project, Woody gives you control without unnecessary complexity.\u003C\u002Fp>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>Woody lets you create code snippets and control where and when they run, all from the WordPress admin.\u003C\u002Fp>\n\u003Ch4>Example #1\u003C\u002Fh4>\n\u003Cp>Create a JavaScript snippet and add your analytics or tracking code.\u003Cbr \u002F>\nPlace it in the site header and add a condition to exclude administrators so your own visits are not tracked.\u003C\u002Fp>\n\u003Ch4>Example #2\u003C\u002Fh4>\n\u003Cp>Create a text snippet with reusable content or a shortcode.\u003Cbr \u002F>\nAdd conditions to show it only to logged-in users, then insert it anywhere using the snippet shortcode or automatic placement rules.\u003C\u002Fp>\n\u003Cp>This makes it easy to manage repeated logic and content without editing theme files.\u003C\u002Fp>\n\u003Ch3>Who Should Use Woody Code Snippets\u003C\u002Fh3>\n\u003Cp>Woody is designed for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Developers who want a structured way to manage custom code\u003C\u002Fli>\n\u003Cli>Marketers adding analytics, ads, and tracking scripts\u003C\u002Fli>\n\u003Cli>Solopreneurs who want flexibility without editing theme files\u003C\u002Fli>\n\u003Cli>Agencies managing multiple sites and shared snippets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you regularly need to insert code into WordPress, Woody fits naturally into your workflow.\u003C\u002Fp>\n\u003Ch3>Supported Snippet Types\u003C\u002Fh3>\n\u003Cp>Woody supports multiple snippet types, so you can manage all custom code in one place. You can create:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>PHP snippets\u003C\u002Fstrong> for functions, hooks, classes, and global variables\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript snippets\u003C\u002Fstrong> for analytics, integrations, and interactive features\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CSS snippets\u003C\u002Fstrong> to add custom styles without editing theme files\u003C\u002Fli>\n\u003Cli>\u003Cstrong>HTML snippets\u003C\u002Fstrong> for markup and layout elements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Text snippets\u003C\u002Fstrong> using the WordPress editor for reusable content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ad snippets\u003C\u002Fstrong> for ads and banners\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Universal snippets\u003C\u002Fstrong> that combine PHP, HTML, CSS, and JavaScript\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why do you need this plugin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Insert Google AdSense Ads, Amazon Native Shopping Contextual Ads, Yandex Direct Ads, Media.net on your website.\u003C\u002Fli>\n\u003Cli>Insert Google Analytic Tracking code, Yandex Metrika Tracking Code, Yandex Counter to Header, Footer.\u003C\u002Fli>\n\u003Cli>Insert PHP Code Snippets and execute on your website. Register PHP functions, classes, global variables everywhere.\u003C\u002Fli>\n\u003Cli>Insert Social media widgets, add any external resources widgets.\u003C\u002Fli>\n\u003Cli>Insert Facebook Pixels, Facebook Scripts, Facebook og:image Tag, Google Conversion Pixels, Vk Pixels.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Header and Footer Code Management\u003C\u002Fh3>\n\u003Cp>Woody works as a full header and footer code manager.\u003C\u002Fp>\n\u003Cp>You can insert snippets:\u003Cbr \u002F>\n– Into the site header before the closing  tag\u003Cbr \u002F>\n– Into the site footer before the closing  tag\u003C\u002Fp>\n\u003Cp>Common examples include analytics scripts, tracking pixels, verification tags, and global JavaScript or CSS.\u003C\u002Fp>\n\u003Ch3>Advanced Placement Options\u003C\u002Fh3>\n\u003Cp>Beyond headers and footers, Woody lets you insert snippets into specific locations.\u003C\u002Fp>\n\u003Cp>You can place code:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Before or after post or page content  \u003C\u002Fli>\n\u003Cli>Before or after a specific paragraph  \u003C\u002Fli>\n\u003Cli>Before or after a post  \u003C\u002Fli>\n\u003Cli>Inside archives, categories, and taxonomy pages  \u003C\u002Fli>\n\u003Cli>Between posts on archive pages  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WooCommerce Pages\u003C\u002Fh4>\n\u003Cp>Woody supports automatic snippet placement on WooCommerce pages.\u003C\u002Fp>\n\u003Cp>You can insert snippets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Before or after the product list  \u003C\u002Fli>\n\u003Cli>Before or after a single product  \u003C\u002Fli>\n\u003Cli>Before or after the single product summary  \u003C\u002Fli>\n\u003Cli>After the product title, price, or excerpt  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Common use cases include conversion tracking, promotional banners, custom JavaScript, and trust notices.\u003C\u002Fp>\n\u003Ch3>Shortcodes and Reusable Content\u003C\u002Fh3>\n\u003Cp>Woody supports shortcodes so you can insert snippets exactly where you need them. You can place snippets inside posts, pages, widgets, and page builders.\u003C\u002Fp>\n\u003Cp>With \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_shortcode\" rel=\"nofollow ugc\">Pro\u003C\u002Fa>, you can define custom shortcode names that are readable and portable across sites.\u003C\u002Fp>\n\u003Ch3>Conditional Logic for Code Snippets\u003C\u002Fh3>\n\u003Cp>Woody allows you to control when a snippet is displayed.\u003C\u002Fp>\n\u003Cp>[FREE] Available in the free version:\u003Cbr \u002F>\n– User role and registration date\u003Cbr \u002F>\n– Page, post type, or taxonomy\u003Cbr \u002F>\n– Referrer or cookie value\u003C\u002Fp>\n\u003Cp>[PRO] Advanced conditions available in \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_conditions\" rel=\"nofollow ugc\">Pro\u003C\u002Fa>:\u003Cbr \u002F>\n– Device type, browser, and operating system\u003Cbr \u002F>\n– JavaScript availability or ad blocker detection\u003Cbr \u002F>\n– User country, visit depth, time of day, and total visits\u003C\u002Fp>\n\u003Cp>Conditions can be combined using AND and OR logic.\u003C\u002Fp>\n\u003Cp>Unlock advanced conditions with \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_conditions\" rel=\"nofollow ugc\">Woody Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Snippet Management and Organization\u003C\u002Fh3>\n\u003Cp>Woody includes features to keep snippets organized and easy to manage.\u003C\u002Fp>\n\u003Cp>You can:\u003Cbr \u002F>\n– Enable or disable snippets instantly\u003Cbr \u002F>\n– Control execution order using priorities\u003Cbr \u002F>\n– Tag and clone snippets\u003Cbr \u002F>\n– Import and export snippets between sites\u003C\u002Fp>\n\u003Ch3>Code Revisions and Rollback [PRO]\u003C\u002Fh3>\n\u003Cp>With \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_restore\" rel=\"nofollow ugc\">Pro\u003C\u002Fa>, Woody automatically saves snippet revisions. You can view previous versions, compare changes, and restore earlier revisions if something goes wrong.\u003C\u002Fp>\n\u003Cp>This adds an extra layer of safety when working with custom code.\u003C\u002Fp>\n\u003Ch3>Cloud Templates and Sync [PRO]\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_cloud\" rel=\"nofollow ugc\">Woody Pro\u003C\u002Fa> includes cloud-based snippet templates.\u003C\u002Fp>\n\u003Cp>You can save snippets as templates and reuse them across multiple sites, which is especially useful for agencies and developers managing repeated setups.\u003C\u002Fp>\n\u003Ch3>Settings and Developer Options\u003C\u002Fh3>\n\u003Cp>Woody includes advanced settings for fine-grained control.\u003C\u002Fp>\n\u003Cp>You can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Preserve HTML entities without automatic conversion  \u003C\u002Fli>\n\u003Cli>Execute shortcodes inside snippets  \u003C\u002Fli>\n\u003Cli>Enable error email notifications  \u003C\u002Fli>\n\u003Cli>Automatically activate snippets on save  \u003C\u002Fli>\n\u003Cli>Fully remove plugin data on uninstall  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Code Editor\u003C\u002Fh4>\n\u003Cp>The built-in editor includes:\u003Cbr \u002F>\n– Syntax highlighting and line numbers\u003Cbr \u002F>\n– Configurable indentation and tab size\u003Cbr \u002F>\n– Optional line wrapping\u003Cbr \u002F>\n– Automatic bracket and quote closing\u003Cbr \u002F>\n– Highlighting of matching variables and functions\u003C\u002Fp>\n\u003Ch3>Use This Plugin Responsibly\u003C\u002Fh3>\n\u003Cp>Woody allows you to run custom PHP, JavaScript, and CSS on your site. Always make sure you understand the code you add. Using unverified or outdated scripts may affect site security or stability. On multisite installations, only trusted administrators should have access to snippet creation.\u003C\u002Fp>\n\u003Cp>Woody includes safeguards such as snippet disabling, revisions, and error notifications, but it cannot validate third-party code you choose to run.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? Open a new thread in the WordPress \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Finsert-php\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>, and we will be happy to assist.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Learn how to make the most of Woody with our detailed and user-friendly \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Fcollection\u002F2410-woody-code-snippets\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Woody is backed by \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>, trusted by over 1 million WordPress users worldwide.\u003C\u002Fp>\n","Insert PHP, JavaScript, CSS, HTML, ads, and tracking code into WordPress headers, footers, pages, and content using conditional logic, without editing &hellip;",60000,1711938,90,220,"2026-01-27T15:40:00.000Z","6.9.4","5.6","7.0",[115,116,117,99,118],"code-snippets","custom-code","header-footer-scripts","snippet","https:\u002F\u002Fwoodysnippet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-php.2.7.2.zip",91,"2024-06-14 20:26:37",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":111,"requires_at_least":136,"requires_php":113,"tags":137,"homepage":142,"download_link":143,"security_score":144,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"code-manager","Code Manager","1.0.45","Passionate Programmer Peter","https:\u002F\u002Fprofiles.wordpress.org\u002Fpeterschulznl\u002F","\u003Cp>The Code Manager allows WordPress users to write, test and deploy PHP, JavaScript, CSS and HTML code blocks from the WordPress dashboard.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>Code Management\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>List, edit, delete, copy, import and export code\u003C\u002Fli>\n\u003Cli>Open multiple code editors simultaneously in tab mode\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable code\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable preview mode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode (FREE)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP code blocks from a shortcode\u003C\u002Fli>\n\u003Cli>JavaScript code blocks from a shortcode\u003C\u002Fli>\n\u003Cli>CSS from a shortcode\u003C\u002Fli>\n\u003Cli>HTML blocks from a shortcode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced code (PREMIUM)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP server code – no more need to edit functions.php\u003C\u002Fli>\n\u003Cli>Add CCS and JS resource files to back-end and front-end\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit the plugin website for downloadable demos and example code.\u003C\u002Fp>\n\u003Ch3>Plugin Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcode-manager.com\u002F\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcode-manager\u002F\" rel=\"ugc\">Download Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcode-manager.com\u002Fblog\u002Fdocs\u002Findex\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcode-manager.com\u002Fcode\u002F\" rel=\"nofollow ugc\">Code Examples\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Write, test and deploy PHP, JavaScript, CSS and HTML code blocks from the WordPress dashboard.",500,84963,98,8,"2025-12-02T11:45:00.000Z","",[138,115,139,140,141],"code-blocks","css-editor","javascript-editor","php-editor","https:\u002F\u002Fcode-manager.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcode-manager.1.0.45.zip",100,{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":133,"num_ratings":155,"last_updated":156,"tested_up_to":111,"requires_at_least":17,"requires_php":113,"tags":157,"homepage":160,"download_link":161,"security_score":162,"vuln_count":163,"unpatched_count":29,"last_vuln_date":164,"fetched_at":31},"insert-headers-and-footers","WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager","2.3.4","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Ch4>Insert Headers & Footers + Full WordPress Code Snippets Plugin\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WPCode\u003C\u002Fa> (formerly known as Insert Headers and Footers by WPBeginner) is the most popular code snippets plugin for WordPress used by over 2 million websites.\u003C\u002Fp>\n\u003Cp>We make it easy for you to add code snippets in WordPress without having to edit your theme’s functions.php file.\u003C\u002Fp>\n\u003Cp>Our simple insert headers and footers interface allows you to insert code like Google Analytics, custom CSS, Facebook Pixel, and more to your WordPress site’s header and footer as well other areas of your website. No need to edit your theme files!\u003C\u002Fp>\n\u003Cp>Aside from Header and Footer scripts, you can also use WPCode to insert custom PHP code snippets, JavaScript code snippets, CSS code snippets, HTML code snippets, and text snippets with full conditional logic support.\u003C\u002Fp>\n\u003Cp>We took the pain out of adding custom code snippets in WordPress and made it easy.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I have been using Insert Headers and Footers and it is such a useful tool. Super helpful and the very best of its kind. Highly recommend\u003Cbr \u002F>\n  The_Gibble – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Quick Overview of WPCode from WPBeginner\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFo-7MKRRUec?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Introducing New WPCode Pro\u003C\u002Fstrong>\u003Cbr \u002F>\n  While WPCode Lite offers tons of powerful features for free, we listened to user feedback and created WPCode Pro with even more amazing features to improve your workflow. This includes smart conditional logic, saving code snippets to cloud library, code revisions, page-specific snippets, deeper integration with popular plugins like WooCommerce, Easy Digital Downloads, and so much more. \u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Click here to purchase the best premium WordPress code snippet plugin now!\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Future Proof Code Snippet Management\u003C\u002Fh4>\n\u003Cp>Most \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" rel=\"nofollow ugc\">WordPress tutorial websites\u003C\u002Fa> ask you to add code snippets to your theme’s functions.php file. This makes managing code snippets messy, and it also prevents you from updating your theme.\u003C\u002Fp>\n\u003Cp>If you ever update your theme or switch to another theme, then you will lose all custom code functions that you added in your functions.php file.\u003C\u002Fp>\n\u003Cp>WPCode solves this by providing you an easy way to insert header and footer scripts along with other code snippets directly from your WordPress dashboard. These code snippets actually run as if they were in your theme’s functions.php file.\u003C\u002Fp>\n\u003Cp>Our smart code snippet validation helps you prevent common code errors to ensure you never break your website when adding code snippets or header and footer scripts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New WPCode Cloud Library\u003C\u002Fstrong> even allows you to store all your custom code snippets in a cloud library, so you can easily re-use code snippets across multiple website projects and save time. You can keep your code snippets completely private or \u003Ca href=\"https:\u002F\u002Flibrary.wpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">share it with the community\u003C\u002Fa> to give back while boosting your social profile.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This plugin allows me to not only add things to my site whenever needed, but it takes me only seconds to accomplish it.\u003Cbr \u002F>\n  David Weber – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Full Code Snippets Library and Code Generators\u003C\u002Fh4>\n\u003Cp>Ever wanted a central place to find all the most popular WordPress code snippets that are tested and proven to work?\u003C\u002Fp>\n\u003Cp>When we started Insert Headers and Footers plugin, we did too. So we built a WordPress code snippets library right inside the WPCode plugin.\u003C\u002Fp>\n\u003Cp>You will find verified PHP code snippets for popular feature requests like disable REST API, disable XML-RPC, disable comments, allow SVG file uploads, disable Gutenberg, add Classic Editor, and more without installing separate plugins for each.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I was very hesitant to get into any of the code for my website. Your plugin made it easy for me to do.\u003Cbr \u002F>\n  Conbrio75 – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>We also built the ability to save your code snippets to \u003Ca href=\"https:\u002F\u002Flibrary.wpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WPCode Cloud Library\u003C\u002Fa>, so you can easily re-use it on your other websites, client projects, or even share it with the larger community.\u003C\u002Fp>\n\u003Cp>WPCode Cloud Library helps you better organize your code snippets in one central location, so you can save more time and speed up your workflow when managing websites. No more wasting time looking for custom notes or Github gists.\u003C\u002Fp>\n\u003Cp>Aside from our growing code snippets library, we also have WordPress code generators to help you quickly get ready-to-use custom code using the latest WordPress coding standards and API’s.\u003C\u002Fp>\n\u003Ch4>Conditional Logic for Code Snippets + Code Insertion Priority\u003C\u002Fh4>\n\u003Cp>Our goal with WPCode was to create a WordPress code snippets plugin that’s both EASY and POWERFUL.\u003C\u002Fp>\n\u003Cp>That’s why aside from our global header and footer scripts, we added advanced features like conditional logic for code snippets and made it easy.\u003C\u002Fp>\n\u003Cp>Instead of learning WordPress conditional logic queries, you can use our beginner-friendly conditional logic user interface to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Load code snippets for logged in users only\u003C\u002Fli>\n\u003Cli>Load PHP code snippets for specific user roles\u003C\u002Fli>\n\u003Cli>Load PHP code snippets only on specific page URLs\u003C\u002Fli>\n\u003Cli>Insert header and footer pixel scripts on specific pages\u003C\u002Fli>\n\u003Cli>Show code snippets based on type of page\u003C\u002Fli>\n\u003Cli>Run code snippet only on certain post types\u003C\u002Fli>\n\u003Cli>Load header and footer code snippet based on referrer source\u003C\u002Fli>\n\u003Cli>and more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We also added both automatic code insertion and manual code output using shortcodes.\u003C\u002Fp>\n\u003Cp>Our Auto Insert feature allows you to run the code snippet everywhere or choose from custom options like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Run code snippet only on frontend\u003C\u002Fli>\n\u003Cli>Run code snippet only in WordPress admin area\u003C\u002Fli>\n\u003Cli>Add header and footer scripts sitewide\u003C\u002Fli>\n\u003Cli>Insert PHP code snippet before or after post content\u003C\u002Fli>\n\u003Cli>Insert code snippet before or after specific paragraph\u003C\u002Fli>\n\u003Cli>Insert code snippet on specific archive pages\u003C\u002Fli>\n\u003Cli>Insert code snippets after specific WooCommerce function (\u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Pro Feature\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Aside from that, we also added a visual code snippet priority system, so you can choose the order for your custom functions to avoid code conflict.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This is such a useful plugin! It makes it so much easier to include things on your website!\u003Cbr \u002F>\n  Understoryliving – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>And for even more flexibility and customization, we have added the ability for you to add page-specific code snippets right from the WordPress classic editor as well as the Gutenberg editor. You can even load code snippets based on device type such as mobile only code snippets, desktop only code snippets, etc.\u003C\u002Fp>\n\u003Ch4>Import and Export Code Snippets\u003C\u002Fh4>\n\u003Cp>Managing multiple websites or developing in a staging environment?\u003C\u002Fp>\n\u003Cp>We offer an easy way to import and export your custom code snippets, functions, and header and footer scripts to help you save time.\u003C\u002Fp>\n\u003Cp>You can also save your code snippets to WPCode Cloud (Pro feature), so you can easily re-use the same code snippets across multiple websites. This also allows you to better organize your code snippets instead of wasting time searching for random Github gists.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Simple plugin I use in quite every site. Very useful to insert scripts and tags.\u003Cbr \u002F>\n  tommasoperego – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Full WPCode Feature List\u003C\u002Fh4>\n\u003Cp>The simple interface of WPCode plugin (formerly known as Insert Headers and Footers) gives you one place where you can insert header and footer scripts as well as custom code snippets rather than dealing with dozens of different plugins.\u003C\u002Fp>\n\u003Cp>Below is a full list of WPCode features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Quick to set up\u003C\u002Fli>\n\u003Cli>Unlimited code snippets\u003C\u002Fli>\n\u003Cli>Simple to insert header and footer scripts globally\u003C\u002Fli>\n\u003Cli>Beginner Friendly Code Editor with Syntax Highlighter for PHP, JavaScript, and HTML\u003C\u002Fli>\n\u003Cli>Smart Code Validation to Prevent PHP Errors\u003C\u002Fli>\n\u003Cli>Insert header code and\u002For footer code using Conditional Logic\u003C\u002Fli>\n\u003Cli>Add \u003Cstrong>Google Analytics\u003C\u002Fstrong> code to header and footer\u003C\u002Fli>\n\u003Cli>Add \u003Cstrong>custom CSS\u003C\u002Fstrong> code to any theme\u003C\u002Fli>\n\u003Cli>Insert \u003Cstrong>Facebook pixel\u003C\u002Fstrong> code in header and footer\u003C\u002Fli>\n\u003Cli>Insert any code or script, including HTML and Javascript\u003C\u002Fli>\n\u003Cli>Insert PHP Code Snippets\u003C\u002Fli>\n\u003Cli>Ready-made Code Snippet Library\u003C\u002Fli>\n\u003Cli>Custom WordPress Code Snippet Generator\u003C\u002Fli>\n\u003Cli>Show or Hide PHP Code Snippets based on conditional logic\u003C\u002Fli>\n\u003Cli>Run PHP code and custom code snippets everywhere or in select areas using smart auto-insert rules.\u003C\u002Fli>\n\u003Cli>Manually insert PHP code snippets using shortcodes anywhere on website\u003C\u002Fli>\n\u003Cli>Add Rich Text Ads and Content Snippets automatically on posts & pages.\u003C\u002Fli>\n\u003Cli>Export \u002F Import Code Snippets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New\u003C\u002Fstrong> Save snippets to Cloud Library – All your snippets stored in your private code snippet cloud.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New\u003C\u002Fstrong> Deep integrations with Gutenberg, WooCommerce, and more.\u003C\u002Fli>\n\u003Cli>Device specific code snippets (such as load code snippets on mobile only, desktop only, etc)\u003C\u002Fli>\n\u003Cli>and more features coming soon.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Insert Headers and Footers plugin was first created by \u003Ca href=\"https:\u002F\u002Fsyedbalkhi.com\u002F\" rel=\"nofollow ugc\">Syed Balkhi\u003C\u002Fa> and the \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" rel=\"nofollow ugc\">WPBeginner\u003C\u002Fa> team in 2011.\u003C\u002Fp>\n\u003Cp>It was later rebranded to WPCode in 2022 by Syed Balkhi to add powerful code snippets features that users were requesting for.\u003C\u002Fp>\n\u003Ch4>Branding Guideline\u003C\u002Fh4>\n\u003Cp>WPCode™ is a trademark of WPCode LLC. When writing about the Insert Headers and Footers – Code Snippets plugin by WPCode, please make sure to uppercase the initial 3 letters.\u003C\u002Fp>\n\u003Cp>WPCode (correct)\u003Cbr \u002F>\nWP Code (incorrect)\u003Cbr \u002F>\nwpcode (incorrect)\u003Cbr \u002F>\nwp code snippets (incorrect)\u003C\u002Fp>\n","Easily add code snippets in WordPress. Insert header & footer scripts, add PHP code snippets with conditional logic, insert ads pixel code, and more.",3000000,82822570,1761,"2026-02-12T15:19:00.000Z",[20,115,158,159,22],"css","header","https:\u002F\u002Fwww.wpcode.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-headers-and-footers.2.3.4.zip",99,3,"2023-07-17 00:00:00",{"slug":115,"name":166,"version":167,"author":168,"author_profile":169,"description":170,"short_description":171,"active_installs":172,"downloaded":173,"rating":13,"num_ratings":174,"last_updated":175,"tested_up_to":111,"requires_at_least":17,"requires_php":176,"tags":177,"homepage":179,"download_link":180,"security_score":181,"vuln_count":63,"unpatched_count":29,"last_vuln_date":182,"fetched_at":31},"Code Snippets","3.9.5","Code Snippets Pro","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodesnippetspro\u002F","\u003Cp>\u003Cstrong>✂ Code Snippets\u003C\u002Fstrong> provides an effortless way to enhance your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 Upgrade to Code Snippets Pro\u003C\u002Fstrong> for complete CSS, JavaScript, Gutenberg, Elementor and cloud synchronisation integrations. \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fcodesnippets.pro\u002Fpricing\" rel=\"nofollow ugc\">Elevate your snippets experience now!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Say goodbye to the hassle of tweaking your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file and downloading endless plugins – Code Snippets simplifies the process!\u003C\u002Fp>\n\u003Cp>A snippet is like a mini-plugin for your WordPress site, providing added functionality without the clutter.\u003C\u002Fp>\n\u003Cp>Unlike other solutions that involve dumping code into your \u003Ccode>functions.php\u003C\u002Fcode> file, Code Snippets offers an intuitive graphical interface for seamless integration and real-time execution. Managing snippets is as easy as activating and deactivating plugins, only without the bloat and overhead.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎥 Watch a quick overview by Imran Siddiq:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FuzND-wdSCMQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>☁️ Each copy of Code Snippets includes full integration with the community-powered \u003Ca href=\"https:\u002F\u002Fcodesnippets.cloud\u002F\" rel=\"nofollow ugc\">Code Snippets Cloud\u003C\u002Fa> platform, providing easy access to hundreds of tweaks and enhancements ready to power-up any WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🌐 Connect with us:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcode-snippets\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffacebook.com\u002Fgroups\u002Fcodesnippetsplugin\" rel=\"nofollow ugc\">Facebook Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsnipco.de\u002Fdiscord\" rel=\"nofollow ugc\">Discord Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodesnippetspro\u002Fcode-snippets\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🌟 Like our plugin? Find it useful? Please consider sharing your experience by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fcode-snippets\" rel=\"ugc\">leaving a review on WordPress.org\u003C\u002Fa>. Your feedback is instrumental to shaping our future growth!\u003C\u002Fp>\n\u003Cp>🌍 We’d like to thank the wonderful people who have helped contribute translations to allow Code Snippets to be used in different languages. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodesnippetspro\u002Fcode-snippets\u002Fblob\u002Fcore\u002FCREDITS.md#translators\" rel=\"nofollow ugc\">You can find a full list here\u003C\u002Fa>.\u003C\u002Fp>\n","An easy, clean and simple way to enhance your site with code snippets.",1000000,19655832,494,"2026-02-05T11:03:00.000Z","7.4",[20,158,178,22,24],"multisite","https:\u002F\u002Fcodesnippets.pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcode-snippets.3.9.5.zip",89,"2026-02-05 19:33:02",{"slug":184,"name":185,"version":186,"author":187,"author_profile":188,"description":189,"short_description":190,"active_installs":191,"downloaded":192,"rating":133,"num_ratings":193,"last_updated":194,"tested_up_to":111,"requires_at_least":195,"requires_php":196,"tags":197,"homepage":200,"download_link":201,"security_score":133,"vuln_count":202,"unpatched_count":29,"last_vuln_date":203,"fetched_at":31},"shortcoder","Shortcoder — Create Shortcodes for Anything","6.5.2","vaakash","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaakash\u002F","\u003Cp>Shortcoder plugin allows to create a custom shortcodes for HTML, JavaScript, CSS and other code snippets. Now the shortcodes can be used in posts\u002Fpages and the snippet will be replaced in place.\u003C\u002Fp>\n\u003Ch3>✍ Create shortcodes easily\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Give a name for the shortcode\u003C\u002Fli>\n\u003Cli>Paste the HTML\u002FJavaScript\u002FCSS as shortcode content\u003C\u002Fli>\n\u003Cli>Save !\u003C\u002Fli>\n\u003Cli>Now insert the shortcode \u003Ccode>[sc name=\"my_shortcode\"]\u003C\u002Fcode> in your post\u002Fpage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Voila !\u003C\u002Fstrong> You got the HTML\u002FJavascript\u002FCSS in your post.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>✨ Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create \u003Cstrong>custom shortcodes\u003C\u002Fstrong> easily and use them in any place where shortcode is supported.\u003C\u002Fli>\n\u003Cli>Have any \u003Cstrong>HTML\u003C\u002Fstrong>, \u003Cstrong>Javascript\u003C\u002Fstrong>, \u003Cstrong>CSS\u003C\u002Fstrong> as Shortcode content.\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>Custom parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>WordPress parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Multiple editors: Code, Visual and text modes.\u003C\u002Fli>\n\u003Cli>Globally disable the shortcode when not needed.\u003C\u002Fli>\n\u003Cli>Disable shortcode on desktop, mobile devices.\u003C\u002Fli>\n\u003Cli>A button in post editor to pick the shortcodes to insert.\u003C\u002Fli>\n\u003Cli>Execute blocks HTML in shortcode content.\u003C\u002Fli>\n\u003Cli>Insert shortcodes in Gutenberg\u002Fblock editor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎲 An example usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Create a shortcode named “adsenseAd” in the Shortcoder admin page.\u003C\u002Fli>\n\u003Cli>Paste the adsense code in the box given and save it.\u003C\u002Fli>\n\u003Cli>Use \u003Ccode>[sc name=\"adsenseAd\"]\u003C\u002Fcode> in your posts and pages.\u003C\u002Fli>\n\u003Cli>Tada !!! the ad code is replaced and it appears in the post.\u003C\u002Fli>\n\u003Cli>Now you can edit the ad code at one place and the code is updated in all the locations where the shortcode is used.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Similarly shortcodes can be created for frequently used snippets.\u003C\u002Fp>\n\u003Cp>You can also add \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">custom parameters\u003C\u002Fa> (like \u003Ccode>%%id%%\u003C\u002Fcode>) inside the snippets, and change it’s value like \u003Ccode>[sc name=\"youtube\" id=\"GrlRADfvjII\"]\u003C\u002Fcode> when using them.\u003C\u002Fp>\n\u003Ch3>🧱 Using in block editor\u003C\u002Fh3>\n\u003Cp>Though shortcodes can be used in \u003Cstrong>any\u003C\u002Fstrong> place manually, Shortcoder provides below options to select and insert the shortcodes created easily when working with the block editor.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shortcoder block\u003C\u002Fli>\n\u003Cli>Toolbar button to select and insert shortcodes inline (under “more”)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Upgrade to PRO\u003C\u002Fh3>\n\u003Cp>Shortcoder also provides a \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa> which has additional features to further enhance the experience. Below features are offered in the PRO version.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom editor\u003C\u002Fstrong> – Edit Shortcode content using block editor or page builder plugins like Elementor and WPBakery.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>(New) Translation with WPML\u003C\u002Fstrong> – Translate Shortcode content with WPML.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Revisions\u003C\u002Fstrong> – Revisions support for Shortcode content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Locate shortcode\u003C\u002Fstrong> – Search posts and pages where a shortcode is used.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extra code\u003C\u002Fstrong> – Include extra code to the footer when a shortcode is used in a page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Get started with Shortcoder – PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fforum\u002F\" rel=\"nofollow ugc\">Support forum\u002FReport bugs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F#pro\" rel=\"nofollow ugc\">PRO features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Create custom \"Shortcodes\" easily for HTML, JavaScript, CSS code snippets and use the shortcodes within posts, pages & widgets",100000,1888190,225,"2026-03-01T17:44:00.000Z","4.9.0","5.3",[20,198,21,199,24],"html","shortcode","https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcoder.6.5.2.zip",2,"2026-01-09 00:00:00",{"attackSurface":205,"codeSignals":381,"taintFlows":504,"riskAssessment":608,"analyzedAt":630},{"hooks":206,"ajaxHandlers":348,"restRoutes":374,"shortcodes":375,"cronEvents":379,"entryPointCount":380,"unprotectedCount":134},[207,214,219,223,228,233,237,240,244,247,250,254,258,263,267,271,276,280,285,289,293,297,300,303,305,308,310,314,317,321,324,326,329,331,335,338,342,345,346],{"type":208,"name":209,"callback":210,"priority":211,"file":212,"line":213},"action","admin_init","route",10,"access.points\\autoupgrade.accesspoint.php",38,{"type":208,"name":215,"callback":216,"priority":211,"file":217,"line":218},"wp_dashboard_setup","createMetabox","access.points\\dashboardmetabox.accesspoint.php",40,{"type":208,"name":220,"callback":221,"file":222,"line":213},"admin_notices","notInstalledAdminNotice","access.points\\installer.accesspoint.php",{"type":208,"name":224,"callback":225,"file":226,"line":227},"plugins_loaded","main","access.points\\main.accesspoint.php",50,{"type":208,"name":229,"callback":230,"file":231,"line":232},"admin_menu","menu","access.points\\manage.accesspoint.php",33,{"type":208,"name":234,"callback":235,"priority":211,"file":236,"line":232},"add_meta_boxes","postsMetabox","access.points\\metabox.accesspoint.php",{"type":208,"name":229,"callback":230,"priority":238,"file":239,"line":232},11,"access.points\\packages.accesspoint.php",{"type":208,"name":209,"callback":241,"file":242,"line":243},"anonymous","controllers\\blocks-coupling.php",274,{"type":208,"name":220,"callback":241,"file":245,"line":246},"css-js-toolbox.php",248,{"type":208,"name":220,"callback":248,"file":245,"line":249},"deprecatedPHPCheck",386,{"type":208,"name":251,"callback":252,"priority":211,"file":245,"line":253},"upgrader_process_complete","upgradeCheck",389,{"type":208,"name":220,"callback":255,"file":256,"line":257},"_connectErrorAdminNotice","framework\\CJTStoreUpdate.class.php",130,{"type":259,"name":260,"callback":261,"file":256,"line":262},"filter","pre_set_site_transient_update_plugins","_transientPluginUpdate",164,{"type":259,"name":264,"callback":265,"priority":211,"file":256,"line":266},"plugins_api","_overridePluginInformation",166,{"type":208,"name":220,"callback":268,"file":269,"line":270},"processIncompatibles","framework\\extensions\\extensions.class.php",384,{"type":208,"name":272,"callback":273,"file":274,"line":275},"init","_checkInstallationState","framework\\extensions\\package\\extension.php",146,{"type":208,"name":209,"callback":277,"file":278,"line":279},"_definePoints","framework\\ServicesFW\\Ajax.Service.class.php",139,{"type":208,"name":281,"callback":282,"file":283,"line":284},"admin_print_styles","_enqueueStyles","framework\\ServicesFW\\View.class.php",64,{"type":208,"name":286,"callback":287,"file":283,"line":288},"admin_print_scripts","_enqueueScripts",65,{"type":208,"name":290,"callback":291,"file":292,"line":134},"admin_footer","script","includes\\html\\incompatible_cjtplus_version.html.php",{"type":208,"name":281,"callback":294,"file":295,"line":296},"enqueueStyles","views\\blocks\\block\\view.php",66,{"type":208,"name":286,"callback":298,"file":295,"line":299},"enqueueScripts",67,{"type":208,"name":286,"callback":298,"file":301,"line":302},"views\\blocks\\cjt-block\\view.php",56,{"type":208,"name":281,"callback":294,"file":301,"line":304},57,{"type":208,"name":286,"callback":298,"file":306,"line":307},"views\\blocks\\create-metabox\\view.php",43,{"type":208,"name":281,"callback":294,"file":306,"line":309},44,{"type":208,"name":281,"callback":311,"file":312,"line":313},"enququeStyles","views\\blocks\\manager\\view.php",78,{"type":208,"name":286,"callback":315,"file":312,"line":316},"enququeScripts",80,{"type":259,"name":318,"callback":319,"file":312,"line":320},"get_user_option_meta-box-order_cjtoolbox","getBlocksOrder",83,{"type":208,"name":286,"callback":298,"file":322,"line":323},"views\\blocks\\metabox\\view.php",53,{"type":208,"name":281,"callback":294,"file":322,"line":325},54,{"type":208,"name":281,"callback":294,"file":327,"line":328},"views\\extensions\\plugins-list\\view.php",45,{"type":208,"name":286,"callback":298,"file":327,"line":330},46,{"type":259,"name":332,"callback":333,"file":327,"line":334},"parent_file","activateExtensionsMenuItem",109,{"type":208,"name":290,"callback":336,"file":327,"line":337},"outputCommonMarkups",112,{"type":259,"name":339,"callback":340,"priority":211,"file":327,"line":341},"plugin_action_links","addExtensionActions",114,{"type":208,"name":281,"callback":294,"file":343,"line":344},"views\\packages\\manager\\view.php",52,{"type":208,"name":286,"callback":298,"file":343,"line":325},{"type":208,"name":286,"callback":298,"file":347,"line":213},"views\\setup\\setup\\view.php",[349,355,358,361,363,366,369,371],{"action":350,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":353,"line":354},"cjtoolbox_get_info_view",false,"_doAction","controllers\\block-ajax.php",30,{"action":356,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":353,"line":357},"cjtoolbox_set_property",31,{"action":359,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":353,"line":360},"cjtoolbox_get_revision",32,{"action":362,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":353,"line":232},"cjtoolbox_get_revisions",{"action":364,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":365,"line":77},"cjtoolbox_create","controllers\\blocks-backups.php",{"action":367,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":365,"line":368},"cjtoolbox_delete",37,{"action":370,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":365,"line":213},"cjtoolbox_list",{"action":372,"nopriv":351,"callback":352,"hasNonce":351,"hasCapCheck":351,"file":365,"line":373},"cjtoolbox_restore",39,[],[376],{"tag":377,"callback":199,"file":242,"line":378},"cjtoolbox",278,[],9,{"dangerousFunctions":382,"sqlUsage":386,"outputEscaping":389,"fileOperations":499,"externalRequests":28,"nonceChecks":47,"capabilityChecks":47,"bundledLibraries":500},[383],{"fn":384,"file":245,"line":246,"context":385},"create_function","add_action( 'admin_notices', create_function( '', $importHTMLFileCode ) );",{"prepared":387,"raw":29,"locations":388},12,[],{"escaped":390,"rawEcho":344,"locations":391},25,[392,395,398,399,400,402,404,406,408,409,412,414,416,419,421,423,425,428,430,431,434,435,436,438,440,443,444,446,447,449,451,452,454,457,460,462,465,468,470,472,473,475,477,479,480,483,485,488,490,492,494,497],{"file":242,"line":393,"context":394},652,"raw output",{"file":396,"line":397,"context":394},"controllers\\blocks.php",68,{"file":396,"line":320,"context":394},{"file":396,"line":13,"context":394},{"file":396,"line":401,"context":394},103,{"file":403,"line":238,"context":394},"controllers\\coupling\\html\\load-footer-style.html.php",{"file":405,"line":360,"context":394},"controllers\\default.php",{"file":245,"line":407,"context":394},378,{"file":256,"line":309,"context":394},{"file":410,"line":411,"context":394},"framework\\db\\mysql\\queue-driver.inc.php",165,{"file":413,"line":307,"context":394},"framework\\developer\\interface\\block\\parameters\\types\\list.php",{"file":415,"line":373,"context":394},"framework\\developer\\interface\\block\\parameters\\types\\structure.php",{"file":417,"line":418,"context":394},"framework\\developer\\interface\\block\\shortcode\\parameters\\parameters.php",23,{"file":417,"line":420,"context":394},62,{"file":417,"line":422,"context":394},71,{"file":269,"line":424,"context":394},456,{"file":426,"line":427,"context":394},"framework\\mvc\\controller-ajax.inc.php",151,{"file":426,"line":429,"context":394},155,{"file":278,"line":14,"context":394},{"file":432,"line":433,"context":394},"framework\\ServicesFW\\Dashboard.Service.class.php",84,{"file":292,"line":238,"context":394},{"file":292,"line":387,"context":394},{"file":292,"line":437,"context":394},14,{"file":439,"line":134,"context":394},"includes\\html\\incompatible_environment_message.html.php",{"file":441,"line":442,"context":394},"views\\backups\\manager\\view.php",47,{"file":295,"line":316,"context":394},{"file":301,"line":445,"context":394},75,{"file":306,"line":344,"context":394},{"file":448,"line":213,"context":394},"views\\blocks\\info\\view.php",{"file":312,"line":450,"context":394},105,{"file":322,"line":288,"context":394},{"file":453,"line":218,"context":394},"views\\blocks\\new\\view.php",{"file":455,"line":456,"context":394},"views\\blocks\\revisions\\view.php",61,{"file":458,"line":459,"context":394},"views\\dashboard\\metabox\\statistics\\view.php",55,{"file":327,"line":461,"context":394},153,{"file":463,"line":464,"context":394},"views\\installer\\install\\view.php",88,{"file":466,"line":467,"context":394},"views\\installer\\notice\\view.php",34,{"file":469,"line":325,"context":394},"views\\packages\\install\\view.php",{"file":471,"line":77,"context":394},"views\\packages\\manager\\helpers\\wp-list-table.inc.php",{"file":343,"line":422,"context":394},{"file":474,"line":360,"context":394},"views\\packages\\raw-file\\view.php",{"file":476,"line":213,"context":394},"views\\plus-promo\\view.php",{"file":478,"line":284,"context":394},"views\\setup\\activation-form\\view.php",{"file":347,"line":227,"context":394},{"file":481,"line":482,"context":394},"views\\templates\\info\\view.php",42,{"file":484,"line":323,"context":394},"views\\templates\\lookup\\view.php",{"file":486,"line":487,"context":394},"views\\templates\\manager\\helpers\\wp-list-table.inc.php",95,{"file":486,"line":489,"context":394},127,{"file":486,"line":491,"context":394},144,{"file":493,"line":232,"context":394},"views\\templates\\manager\\view.php",{"file":495,"line":496,"context":394},"views\\templates\\template\\view.php",63,{"file":498,"line":368,"context":394},"views\\uploader\\single\\view.php",17,[501],{"name":502,"version":38,"knownCves":503},"TinyMCE",[],[505,523,531,550,560,578,588,600],{"entryPoint":506,"graph":507,"unsanitizedCount":47,"severity":40},"loadUrlAction (controllers\\block.php:193)",{"nodes":508,"edges":521},[509,515],{"id":510,"type":511,"label":512,"file":513,"line":514},"n0","source","$_GET","controllers\\block.php",195,{"id":516,"type":517,"label":518,"file":513,"line":519,"wp_function":520},"n1","sink","wp_remote_get() [SSRF]",197,"wp_remote_get",[522],{"from":510,"to":516,"sanitized":351},{"entryPoint":524,"graph":525,"unsanitizedCount":47,"severity":40},"\u003Cblock> (controllers\\block.php:0)",{"nodes":526,"edges":529},[527,528],{"id":510,"type":511,"label":512,"file":513,"line":514},{"id":516,"type":517,"label":518,"file":513,"line":519,"wp_function":520},[530],{"from":510,"to":516,"sanitized":351},{"entryPoint":532,"graph":533,"unsanitizedCount":47,"severity":40},"getStateAction (controllers\\setup.php:60)",{"nodes":534,"edges":547},[535,538,541],{"id":510,"type":511,"label":536,"file":537,"line":420},"$_REQUEST['component']","controllers\\setup.php",{"id":516,"type":539,"label":540,"file":537,"line":420},"transform","→ getExtensionProductTypes()",{"id":542,"type":517,"label":543,"file":544,"line":545,"wp_function":546},"n2","file_get_contents() [SSRF\u002FLFI]","models\\setup.php",123,"file_get_contents",[548,549],{"from":510,"to":516,"sanitized":351},{"from":516,"to":542,"sanitized":351},{"entryPoint":551,"graph":552,"unsanitizedCount":47,"severity":40},"\u003Csetup> (controllers\\setup.php:0)",{"nodes":553,"edges":557},[554,555,556],{"id":510,"type":511,"label":536,"file":537,"line":420},{"id":516,"type":539,"label":540,"file":537,"line":420},{"id":542,"type":517,"label":543,"file":544,"line":545,"wp_function":546},[558,559],{"from":510,"to":516,"sanitized":351},{"from":516,"to":542,"sanitized":351},{"entryPoint":561,"graph":562,"unsanitizedCount":47,"severity":577},"saveOrderAction (controllers\\blocks-ajax.php:249)",{"nodes":563,"edges":574},[564,567,569],{"id":510,"type":511,"label":512,"file":565,"line":566},"controllers\\blocks-ajax.php",253,{"id":516,"type":539,"label":568,"file":565,"line":566},"→ setOrder()",{"id":542,"type":517,"label":570,"file":571,"line":572,"wp_function":573},"update_option() [Settings Manipulation]","models\\blocks.php",440,"update_option",[575,576],{"from":510,"to":516,"sanitized":351},{"from":516,"to":542,"sanitized":351},"low",{"entryPoint":579,"graph":580,"unsanitizedCount":47,"severity":577},"\u003Cblocks-ajax> (controllers\\blocks-ajax.php:0)",{"nodes":581,"edges":585},[582,583,584],{"id":510,"type":511,"label":512,"file":565,"line":566},{"id":516,"type":539,"label":568,"file":565,"line":566},{"id":542,"type":517,"label":570,"file":571,"line":572,"wp_function":573},[586,587],{"from":510,"to":516,"sanitized":351},{"from":516,"to":542,"sanitized":351},{"entryPoint":589,"graph":590,"unsanitizedCount":47,"severity":55},"_doAction (framework\\mvc\\controller.inc.php:149)",{"nodes":591,"edges":598},[592,594],{"id":510,"type":511,"label":512,"file":593,"line":461},"framework\\mvc\\controller.inc.php",{"id":516,"type":517,"label":595,"file":593,"line":596,"wp_function":597},"call_user_func() [RCE]",161,"call_user_func",[599],{"from":510,"to":516,"sanitized":351},{"entryPoint":601,"graph":602,"unsanitizedCount":47,"severity":55},"\u003Ccontroller.inc> (framework\\mvc\\controller.inc.php:0)",{"nodes":603,"edges":606},[604,605],{"id":510,"type":511,"label":512,"file":593,"line":461},{"id":516,"type":517,"label":595,"file":593,"line":596,"wp_function":597},[607],{"from":510,"to":516,"sanitized":351},{"summary":609,"deductions":610},"The 'css-javascript-toolbox' plugin v12.0.6 exhibits a concerning security posture, primarily due to a significant number of unprotected AJAX handlers. While the plugin demonstrates good practices in its SQL query handling by exclusively using prepared statements, the 8 AJAX handlers without authentication checks represent a substantial attack surface. This could allow unauthenticated users to trigger potentially dangerous actions within the plugin.\n\nTaint analysis reveals two high-severity flows with unsanitized paths, indicating a risk of malicious input being used to navigate file systems or execute code. The high percentage of unsanitized paths in the analyzed flows (100%) further exacerbates this concern. Additionally, the plugin only properly escapes 32% of its outputs, suggesting a risk of Cross-Site Scripting (XSS) vulnerabilities.\n\nThe plugin's vulnerability history, with 4 known CVEs including high and medium severity issues like XSS and PHP Remote File Inclusion, reinforces these concerns. Although there are currently no unpatched vulnerabilities, the recurring pattern of critical and high-severity flaws suggests a history of security weaknesses that have required remediation. The presence of a critical function like `create_function` also raises a red flag. Overall, while the plugin has some security strengths, the numerous unprotected entry points and past vulnerability patterns warrant significant caution.",[611,613,615,617,620,622,624,626,628],{"reason":612,"points":211},"8 unprotected AJAX handlers",{"reason":614,"points":387},"2 high severity taint flows with unsanitized paths",{"reason":616,"points":134},"32% proper output escaping",{"reason":618,"points":619},"1 high severity known CVE",15,{"reason":621,"points":380},"3 medium severity known CVEs",{"reason":623,"points":63},"Dangerous function: create_function",{"reason":625,"points":134},"Only 1 nonce check",{"reason":627,"points":134},"Only 1 capability check",{"reason":629,"points":211},"100% of flows with unsanitized paths","2026-03-16T17:47:24.010Z",{"wat":632,"direct":651},{"assetPaths":633,"generatorPatterns":648,"scriptPaths":649,"versionParams":650},[634,635,636,637,638,639,640,641,642,643,644,645,646,647],"\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fevents\u002Fdefinition.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fevents\u002Fevents.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fevents\u002Fhookable.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fevents\u002Fhookable.interface.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fevents\u002Fwordpress.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fphp\u002Fincludes.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fautoload.inc.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Faccess.points\u002Fmain.accesspoint.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Faccess-points\u002Fpage.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Faccess-points\u002Fdirectory-spider.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Faccess-points\u002Faccess-point.class.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fmvc\u002Fmodel.inc.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fmvc\u002Fcontroller.inc.php","\u002Fwp-content\u002Fplugins\u002Fcss-javascript-toolbox\u002Fframework\u002Fextensions\u002Fextensions.class.php",[],[],[],{"cssClasses":652,"htmlComments":653,"htmlAttributes":654,"restEndpoints":655,"jsGlobals":656,"shortcodeOutput":670},[],[],[],[],[657,658,659,660,661,662,663,664,665,666,667,668,669],"CJTOOLBOX_PLUGIN_BASE","CJTOOLBOX_PLUGIN_FILE","CJTOOLBOX_NAME","CJTOOLBOX_TEXT_DOMAIN","CJTOOLBOX_LANGUAGES","CJTOOLBOX_PATH","CJTOOLBOX_INCLUDE_PATH","CJTOOLBOX_ACCESS_POINTS","CJTOOLBOX_FRAMEWORK","CJTWordpressEvents","CJTPlugin","CJTHookableClass","CJTAccessPointsDirectorySpider",[]]