[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4PRObAACXjxVmb_IYqAs-AGpYDqGj_2mjL3fgPqR47Q":3,"$fYugNTm-HNAe_Ugqj9vcVkOIwlNpqA-iSGOybjL2cSRQ":196,"$f2R8K7dyOmO-jWMS-3amZ13kMxkacdPeMjNFXo4elzLU":201},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":36,"analysis":136,"fingerprints":172},"css","CSS","0.2","koopersmith","https:\u002F\u002Fprofiles.wordpress.org\u002Fkoopersmith\u002F","\u003Cp>A simple custom CSS plugin for themes that integrates with the new theme customizer.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Warning: Do not use this plugin in an untrusted environment.\u003C\u002Fstrong> This plugin currently does \u003Cstrong>not\u003C\u002Fstrong> sanitize the CSS.\u003C\u002Fp>\n\u003Cp>At the moment, it’s really more a proof-of-concept and example than anything else.\u003C\u002Fp>\n","A simple custom CSS plugin for themes that integrates with the new theme customizer.",500,36165,60,2,"2017-11-28T22:01:00.000Z","3.4.2","3.4","",[4,20,21,22],"custom","customize","theme","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcss\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcss.0.2.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,84,"2026-05-20T08:00:33.301Z",[37,63,82,101,120],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":59,"download_link":60,"security_score":61,"vuln_count":32,"unpatched_count":26,"last_vuln_date":62,"fetched_at":28},"custom-css-js","Simple Custom CSS and JS","3.52","SilkyPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fdiana_burduja\u002F","\u003Cp>Customize your WordPress site’s appearance by easily adding custom CSS and JS code without even having to modify your theme or plugin files. This is perfect for adding custom CSS tweaks to your site.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Text editor\u003C\u002Fstrong> with syntax highlighting \u003C\u002Fli>\n\u003Cli>Print the code \u003Cstrong>inline\u003C\u002Fstrong> or included into an \u003Cstrong>external file\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Print the code in the \u003Cstrong>header\u003C\u002Fstrong> or the \u003Cstrong>footer\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add CSS or JS to the \u003Cstrong>frontend\u003C\u002Fstrong> or the \u003Cstrong>admin side\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add as many codes as you want\u003C\u002Fli>\n\u003Cli>Keep your changes also when you change the theme\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily add Custom CSS or JS to your website with an awesome editor.",700000,10174999,88,102,"2026-03-06T19:56:00.000Z","6.9.4","3.0.1","5.2.4",[54,55,56,57,58],"add-style","custom-css","custom-js","customize-theme","site-css","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-css-js\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-css-js.3.52.zip",100,"2017-07-24 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":61,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":18,"tags":77,"homepage":80,"download_link":81,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"theme-junkie-custom-css","TJ Custom CSS","0.1.6","Theme Junkie","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemejunkie\u002F","\u003Cp>This plugin will enable a \u003Ca href=\"https:\u002F\u002Fwww.theme-junkie.com\u002Fplugins\u002Ftheme-junkie-custom-css\u002F\" rel=\"nofollow ugc\">custom css manager\u003C\u002Fa> on administration page to add Custom CSS code to your WordPress website. It will automatically override any theme or plugin default styles. It also very useful if you want to add customization to your website but do not want to edit your theme or plugin css files.\u003C\u002Fp>\n\u003Cp>It comes with two ways to add the custom css code:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>1. Setting\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can go to Appearance → Custom CSS, then you will see a big box\u002Ftextarea. Put your css code there.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Customizer – Live Preview\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you want to see the live preview while you adding the custom css code, then you can go to Appearance → Customize, after that open the Custom CSS section tab.\u003C\u002Fp>\n\u003Ch4>Features Include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>No configuration needed\u003C\u002Fli>\n\u003Cli>Live preview\u003C\u002Fli>\n\u003Cli>Easy-to-use\u003C\u002Fli>\n\u003Cli>Child theme alternative to add customization\u003C\u002Fli>\n\u003Cli>Uninstall procedure\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Info\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Developed by \u003Ca href=\"https:\u002F\u002Fwww.theme-junkie.com\u002F?utm_source=wporg&utm_medium=text_link&utm_campaign=Site%20Promotion\" rel=\"nofollow ugc\">Theme Junkie\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Check out the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthemejunkie\u002Ftheme-junkie-custom-css\" rel=\"nofollow ugc\">Github\u003C\u002Fa> repo to contribute.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily to add any Custom CSS code to your WordPress website.",8000,222055,6,"2022-10-26T15:45:00.000Z","6.1.10","4.0",[4,55,78,79,22],"customizer","style","https:\u002F\u002Fwww.theme-junkie.com\u002Fplugins\u002Ftheme-junkie-custom-css\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-junkie-custom-css.0.1.6.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":73,"last_updated":93,"tested_up_to":94,"requires_at_least":17,"requires_php":18,"tags":95,"homepage":99,"download_link":100,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"color-scheme-every-theme","Color Scheme every Theme","2.1","danielauener","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielauener\u002F","\u003Cp>This plugin lets you change the entire color scheme of the current theme via the\u003Cbr \u002F>\ntheme customizer.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>4 steps to your customized color scheme\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>The plugin extracts all the color settings from the css of your current\u003Cbr \u002F>\ntheme. You trigger this process from the plugin settings page. All css files in\u003Cbr \u002F>\nyour theme folder will be scanned.\u003C\u002Fli>\n\u003Cli>After scanning the css, a template file gets created which will overwrite all\u003Cbr \u002F>\nthe color settings of the current theme with your custom colors.\u003C\u002Fli>\n\u003Cli>You create a custom color scheme by following the instructions on the plugin\u003Cbr \u002F>\nsettings page.\u003C\u002Fli>\n\u003Cli>You go to the theme customizer and choose your custom color scheme in the\u003Cbr \u002F>\n‘Color schemes’ section.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>A more detailed description is available on my blog \u003Ca href=\"http:\u002F\u002Fwww.danielauener.com\u002Fcolor-scheme-every-theme\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.danielauener.com\u002Fcolor-scheme-every-theme\u002F\u003C\u002Fa>. You are wellcome to give feedback\u002Fask questions directly on my blog as well.\u003C\u002Fp>\n\u003Cp>Read about the new features in version 2.0 here: \u003Ca href=\"http:\u002F\u002Fwww.danielauener.com\u002Fplugin-update-color-scheme-every-theme\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.danielauener.com\u002Fplugin-update-color-scheme-every-theme\u002F\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>There is even a github-repository on: \u003Ca href=\"http:\u002F\u002Fgithub.com\u002Fdanielauener\u002Fcolor-scheme-every-theme\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fdanielauener\u002Fcolor-scheme-every-theme\u002F\u003C\u002Fa>\u003C\u002Fp>\n","This plugin lets you change the entire color scheme of the current theme via the",50,15371,64,"2013-03-24T11:37:00.000Z","3.5.2",[96,4,97,78,98],"color-scheme","customization","themes","http:\u002F\u002Fwww.danielauener.com\u002Fcolor-scheme-every-theme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcolor-scheme-every-theme.2.1.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":26,"downloaded":109,"rating":26,"num_ratings":26,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":117,"download_link":118,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":119},"spm-show-colors-for-elementor","SPM Show Colors for Elementor","1.0.2","simonpetermedia","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimonpetermedia\u002F","\u003Cp>The SPM Show Colors for Elementor plugin provides an easy way to display all global colors used in your Elementor website on the Elementor editor pages including the customizer. By clicking a floating button, a banner will appear showing the global colors defined in your active Elementor Kit. Each color displayed on the banner can be clicked to copy its hex code directly to the clipboard.\u003C\u002Fp>\n\u003Cp>This plugin is especially useful for web designers and developers who work with Elementor and need to quickly reference the colors used in their website. With the SPM Show Colors for Elementor plugin, you can save time and ensure consistency by easily accessing and copying your global colors. This is especially useful if you frequently use custom css.\u003C\u002Fp>\n","Copies Elementor global or custom HEX color value to clipboard.",609,"2023-08-22T13:06:00.000Z","6.2.9","6.0","7.4",[55,78,115,116,22],"elementor","global-colors","https:\u002F\u002Fwww.simonpetermedia.com\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspm-show-colors-for-elementor.zip","2026-04-06T09:54:40.288Z",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":26,"downloaded":128,"rating":26,"num_ratings":26,"last_updated":129,"tested_up_to":50,"requires_at_least":130,"requires_php":113,"tags":131,"homepage":18,"download_link":134,"security_score":61,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":135},"tish-theme-ai-customizer-lite","Tish WordPress Theme AI Customizer","1.0.0","tishonator","https:\u002F\u002Fprofiles.wordpress.org\u002Ftishonator\u002F","\u003Cp>Customize any WordPress theme with GPT-5 — describe it, preview it, approve it.\u003C\u002Fp>\n","Customize any WordPress theme with GPT-5 — describe it, preview it, approve it.",209,"2025-12-10T10:55:00.000Z","6.2",[132,4,78,133,22],"ai","gpt-5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftish-theme-ai-customizer-lite.zip","2026-03-15T15:16:48.613Z",{"attackSurface":137,"codeSignals":154,"taintFlows":164,"riskAssessment":165,"analyzedAt":171},{"hooks":138,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":26,"unprotectedCount":26},[139,144,147],{"type":140,"name":141,"callback":141,"file":142,"line":143},"action","wp_head","motif.php",13,{"type":140,"name":145,"callback":145,"file":142,"line":146},"customize_register",14,{"type":140,"name":148,"callback":148,"file":142,"line":149},"customize_preview_init",15,[],[],[],[],{"dangerousFunctions":155,"sqlUsage":156,"outputEscaping":158,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":163},[],{"prepared":26,"raw":26,"locations":157},[],{"escaped":26,"rawEcho":32,"locations":159},[160],{"file":142,"line":161,"context":162},27,"raw output",[],[],{"summary":166,"deductions":167},"The \"css\" plugin v0.2 exhibits a seemingly strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events indicates a very small attack surface, and critically, all identified entry points are reported as protected. The code also demonstrates good practices by using prepared statements for all SQL queries and avoiding file operations or external HTTP requests.\n\nHowever, a significant concern arises from the output escaping. With 100% of outputs not being properly escaped, this presents a clear risk of Cross-Site Scripting (XSS) vulnerabilities. Although no taint flows were identified with unsanitized paths, the lack of output escaping means that any data passed to the output functions, even if it originates from trusted sources within the plugin, could be maliciously crafted and executed by an attacker. The plugin's vulnerability history is clean, which is positive, but this should not overshadow the immediate risk posed by the unescaped output.\n\nIn conclusion, while the \"css\" plugin v0.2 benefits from a minimal attack surface and sound practices in areas like SQL handling, the complete lack of output escaping creates a substantial XSS vulnerability. This weakness is directly observable in the static analysis and requires immediate attention. The absence of past vulnerabilities is a good sign, but the current code has a critical flaw that negates some of its strengths.",[168],{"reason":169,"points":170},"All outputs are unescaped (XSS risk)",8,"2026-03-16T19:33:22.733Z",{"wat":173,"direct":186},{"assetPaths":174,"generatorPatterns":180,"scriptPaths":181,"versionParams":182},[175,176,177,178,179],"\u002Fwp-content\u002Fplugins\u002Fcss\u002Fmotif.preview.js","\u002Fwp-content\u002Fplugins\u002Fcss\u002Flibs\u002Fcodemirror\u002Fmotif-codemirror.js","\u002Fwp-content\u002Fplugins\u002Fcss\u002Flibs\u002Fcodemirror\u002Flib\u002Fcodemirror.css","\u002Fwp-content\u002Fplugins\u002Fcss\u002Fmotif.js","\u002Fwp-content\u002Fplugins\u002Fcss\u002Fmotif.css",[],[],[183,184,185],"motif-preview?ver=","motif-codemirror?ver=","motif?ver=",{"cssClasses":187,"htmlComments":189,"htmlAttributes":190,"restEndpoints":192,"jsGlobals":193,"shortcodeOutput":195},[188],"CodeMirror",[],[191],"id=\"motif-css\"",[],[194],"window.motif",[],{"error":197,"url":198,"statusCode":199,"statusMessage":200,"message":200},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcss\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":202},[203,209],{"version":6,"download_url":24,"svn_tag_url":204,"released_at":27,"has_diff":205,"diff_files_changed":206,"diff_lines":27,"trac_diff_url":207,"vulnerabilities":208,"is_current":197},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcss\u002Ftags\u002F0.2\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcss%2Ftags%2F0.1&new_path=%2Fcss%2Ftags%2F0.2",[],{"version":210,"download_url":211,"svn_tag_url":212,"released_at":27,"has_diff":205,"diff_files_changed":213,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":214,"is_current":205},"0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcss.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcss\u002Ftags\u002F0.1\u002F",[],[]]