[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkI5hZwO6aR2koEX3HAdqghlQZ3MtR6b_FpeKaF_-FcI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":139,"fingerprints":263},"custom-post-template","Custom Post Template","1.5","Simon Wheatley","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimonwheatley\u002F","\u003Cp>Provides a drop-down to select different templates for posts from the post edit screen. The templates are defined similarly to page templates, and will replace single.php for the specified post. This plugin will NOT switch the templates for the different posts in a listing page, e.g. a date or category archive, it will only affect the template used for single posts (i.e. you can choose a template which is not single.php).\u003C\u002Fp>\n\u003Cp>Post templates, as far as this plugin is concerned, are configured similarly to \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPages#Creating_Your_Own_Page_Templates\" rel=\"nofollow ugc\">page templates\u003C\u002Fa> in that they have a particular style of PHP comment at the top of them. Each post template must contain the following, or similar, at the top:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n\u002F*\nTemplate Name Posts: Snarfer\n*\u002F\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>First note: \u003Cem>Page\u003C\u002Fem> templates use “\u003Cem>Template Name:\u003C\u002Fem>“, whereas \u003Cem>post\u003C\u002Fem> templates use “\u003Cem>Template Name Posts:\u003C\u002Fem>“.\u003C\u002Fp>\n\u003Cp>Second note: You \u003Cem>must\u003C\u002Fem> have the custom post template files in your theme in the same directory\u002Ffolder as your index.php template file, \u003Cem>not\u003C\u002Fem> in a sub-directory\u002Fsub-folder.\u003C\u002Fp>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>If you want to implement the custom post \u003Cem>templates\u003C\u002Fem> on a custom post \u003Cem>type\u003C\u002Fem>, you can use the \u003Ccode>cpt_post_types\u003C\u002Fcode> filter, here’s an example below of adding the custom post template selector and metabox to the “Movie” and “Actor” custom post types. This code can be added to a plugin or to the \u003Ccode>functions.php\u003C\u002Fcode> file in your theme.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F**\n * Hooks the WP cpt_post_types filter \n *\n * @param array $post_types An array of post type names that the templates be used by\n * @return array The array of post type names that the templates be used by\n **\u002F\nfunction my_cpt_post_types( $post_types ) {\n    $post_types[] = 'movie';\n    $post_types[] = 'actor';\n    return $post_types;\n}\nadd_filter( 'cpt_post_types', 'my_cpt_post_types' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Provides a drop-down to select different templates for posts from the post edit screen. The templates replace single.php for the specified post.",10000,246449,96,43,"2017-11-28T07:18:00.000Z","3.4.2","3.4","",[20,21,22],"post","template","theme","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcustom-post-template\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-post-template.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"simonwheatley",2,40000,30,84,"2026-04-04T11:22:34.788Z",[38,57,74,92,114],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":26,"num_ratings":26,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":55,"download_link":56,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"templatify","Templatify","1.0.2","Marco Canestrari","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcocanestrari\u002F","\u003Cp>Templatify gives the ability to select \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fthemes\u002Ftemplate-files-section\u002Fpage-template-files\u002Fpage-templates\u002F#creating-custom-page-templates-for-global-use\" rel=\"nofollow ugc\">custom templates\u003C\u002Fa> for each post type, even custom post types, as for Pages.\u003Cbr \u002F>\nOnce you activate Templatify, a “Select Template” box will appear in every post edit screen filled with Pages Templates.\u003C\u002Fp>\n\u003Cp>You can also add post type specific templates: just add “Template Post Type” header (similar to “Template Name” header for \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fthemes\u002Ftemplate-files-section\u002Fpage-template-files\u002Fpage-templates\u002F#creating-custom-page-templates-for-global-use\" rel=\"nofollow ugc\">custom templates\u003C\u002Fa>) on your custom template to see it in the dropdown selector (see Screenshots).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"http:\u002F\u002Fwww.marcocanestrari.it\u002F\" rel=\"nofollow ugc\">Marco Canestrari\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin adds Page Templates feature to Posts and Custom Post Types. No settings needed.",200,3374,"2016-08-11T20:03:00.000Z","4.6.30","3.0",[52,53,54,39,22],"custom-post-type-template","templates","templates-for-custom-post-types","http:\u002F\u002Fwww.marcocanestrari.it\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftemplatify.1.0.2.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":26,"num_ratings":26,"last_updated":67,"tested_up_to":68,"requires_at_least":50,"requires_php":18,"tags":69,"homepage":72,"download_link":73,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"custom-post-type-template-redirect","Custom Post Type Template Redirect","1.0","Sam Hotchkiss","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamhotchkiss\u002F","\u003Cp>One of the shortcomings of Custom Post Types in WordPress is that there’s no way to easily set a different custom template from the standard single.php.  If it’s a custom post type, it’s got custom information, and I want to put it in a custom template!\u003C\u002Fp>\n\u003Cp>So I threw together a plugin to handle this.  With this plugin installed and activated, it checks your template directory for posttype.php then t_posttype.php.  If neither exists, then the standard WP template rules take effect.\u003C\u002Fp>\n\u003Cp>For example, if your custom post type is ‘books’, it’s going to check your template directory for ‘books.php’.  If it finds it, it will use that as the template for your ‘books’ posts.  If not, it will check for ‘t_books.php’, and use that as the template for your ‘books’ posts.  If it finds neither, the standard WP logic kicks into place, looking to see if you’ve defined a template for the post, and, if not, using single.php.\u003C\u002Fp>\n","For custom post types, allows you to have default templates specific to each custom post type.",20,3924,"2010-08-11T14:34:00.000Z","3.0.5",[70,71,21,22],"custom-post-types","redirect","http:\u002F\u002Fwww.hotchkissconsulting.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-post-type-template-redirect.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":26,"num_ratings":26,"last_updated":18,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":84,"homepage":18,"download_link":89,"security_score":90,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":91},"theme-blvd-post-template-options","Theme Blvd Post Template Options","1.0.0","Jason","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeblvd\u002F","\u003Cp>\u003Cstrong>NOTE: This plugin requires Theme Blvd framework v2.3+\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugins adds meta box to reveal available custom fields you can use with Post List and Post Grid page templates of a \u003Ca href=\"http:\u002F\u002Fwww.themeblvd.com\" rel=\"nofollow ugc\">Theme Blvd\u003C\u002Fa> theme.\u003C\u002Fp>\n","This plugins adds a meta box to reveal available custom fields you can use with Post List\u002FGrid page templates of a Theme Blvd theme.",10,1933,[85,86,87,21,88],"post-grid","post-list","query","theme-blvd","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-blvd-post-template-options.1.0.0.zip",100,"2026-03-15T10:48:56.248Z",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":13,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":18,"tags":106,"homepage":112,"download_link":113,"security_score":90,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"styler-for-wpforms","Utimate Kit ( Styler ) for WPForms","3.8","wpmonks","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmonks\u002F","\u003Cp>\u003Cstrong>Ultimate Kit for WPForms has built in free styler addon that lets you create beautiful designs for WPForms.\u003C\u002Fstrong> It gives you an intutive interface with design controls and form preview. It has been tested to work with Divi, Elmentor, Visual composer, Thrive Architect Beaver Builder, Astra, GeneratePress, Oxygen Builder, Avada theme, OceanWP theme, Genesis Framework, The7, Salient and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Here is step by step guide to style your forms\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FY-mcQ3Ilsbg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>It comes with 150+ options\u003C\u002Fstrong> to customize various parts of WPForms like form wrapper,form header, submit button, radio inputs, checkbox inputs, paragraph textarea, labels, section breaks, descriptions, text inputs, confirmation message, error message and more. You can easily design a multipage form with this.\u003C\u002Fp>\n\u003Cp>You get to set the options like background color, font-size, font family, borders, width, text alignment, margin, padding and more for all the sections. You are no longer required to add custom CSS codes in your theme files to design forms. The designs created with this plugin will work even if you change your theme.\u003C\u002Fp>\n\u003Cp>There are also responsive design controls for width, height, font size etc so, that you can set different values for different devices like mobiles, tablets and desktops.\u003C\u002Fp>\n\u003Cp>PREMIUM ADDONS TO EXTEND THE FUNCTIONALITY\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fbootstrap-for-wpforms\u002F?utm_source=repo&utm_medium=plugin-page&utm_campaign=wordpress-org\" rel=\"nofollow ugc\">\u003Cstrong>Bootstrap for WPForms\u003C\u002Fstrong>\u003C\u002Fa>:\u003Cbr \u002F>\n\u003Cstrong>Bootstrap for WPForms Forms is an easy to use addon to add bootstrap design in one click\u003C\u002Fstrong> . This plugin the latest major release of Bootstrap ( i.e Bootstrap 4 ). The bootsrap design will be applied to all fields and you can also change its theme to compliment your theme color. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F16v_NGjcNg4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Ftooltips-for-wpforms\u002F?utm_source=repo&utm_medium=plugin-page&utm_campaign=wordpress-org\" rel=\"nofollow ugc\"> \u003Cstrong>Tooltips for WPForms\u003C\u002Fstrong> \u003C\u002Fa>:\u003Cbr \u002F>\n\u003Cstrong>Tooltips for WPForms addon give you the options to add tooltips in field labels with ease\u003C\u002Fstrong>. There are multiple colors, icons, animation effects, position options so, that they look the way you want them. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FzhHS2Nxu2UM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Ftooltips-for-wpforms\u002F?utm_source=repo&utm_medium=plugin-page&utm_campaign=wordpress-org\" rel=\"nofollow ugc\"> \u003Cstrong>Field Icons for WPForms\u003C\u002Fstrong> \u003C\u002Fa>:\u003Cbr \u002F>\n\u003Cstrong>Field Icons for WPForms lets you add Fontawesome Icons ( 500+ ) inside inputs and textarea fields\u003C\u002Fstrong>. There are plenty of design options to change position, color, alignmnet and size of icons.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F6BJokN2f524?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fbulk-actions-for-wpforms\u002F?utm_source=repo&utm_medium=plugin-page&utm_campaign=wordpress-org\" rel=\"nofollow ugc\"> \u003Cstrong>Bulk Actions for WPForms\u003C\u002Fstrong> \u003C\u002Fa>:\u003Cbr \u002F>\n\u003Cstrong>It lets you perform bulk actions like duplicating multiple fields, deleting multiple fields, moving fields from one form to another and editing multiple fields\u003C\u002Fstrong>. This is your are all in one solution to quickly and efficently manage\u002Fupdate your complex forms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F-GeZHCbEUdY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Ffile-renamer-for-wpforms\u002F?utm_source=repo&utm_medium=plugin-page&utm_campaign=wordpress-org\" rel=\"nofollow ugc\"> \u003Cstrong>File Renamer for WPForms\u003C\u002Fstrong> \u003C\u002Fa>:\u003Cbr \u002F>\n\u003Cstrong>It lets you rename the uploaded files with ease\u003C\u002Fstrong>. There are options to create folders as well to better organize the uploaded fields.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FsSHaT3yh1Pw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmonks.com\u002Fdownloads\u002Fpower-ups-for-wpforms\u002F?utm_source=repo&utm_medium=plugin-page&utm_campaign=wordpress-org\" rel=\"nofollow ugc\"> \u003Cstrong>Powerups for WPForms\u003C\u002Fstrong> \u003C\u002Fa>:\u003Cbr \u002F>\n\u003Cstrong>Powerups for WPForms is collection small yet useful features for WPForms\u003C\u002Fstrong>. There are options to make fields as readonly, disable empty fields in submission preview, set password strength and more.\u003C\u002Fli>\n\u003C\u002Ful>\n","Ultimate Kit for WPForms makes the task of designing WPForms an easy one.",30000,403208,113,"2025-09-16T09:34:00.000Z","6.8.5","4.0",[107,108,109,110,111],"wpforms-css","wpforms-designer","wpforms-styler","wpforms-templates","wpforms-themes","http:\u002F\u002Fwpmonks.com\u002Fstyler-wpforms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstyler-for-wpforms.3.8.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":100,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":134,"download_link":135,"security_score":136,"vuln_count":137,"unpatched_count":26,"last_vuln_date":138,"fetched_at":28},"wp-editor","WP Editor","1.2.9.3","benjaminprojas","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenjaminprojas\u002F","\u003Cp>WP Editor is a plugin for WordPress that replaces the default plugin and theme editors as well as the page\u002Fpost editor. Using integrations with CodeMirror and FancyBox to create a feature rich environment, WP Editor completely reworks the default WordPress file editing capabilities. Using Asynchronous Javascript and XML (AJAX) to retrieve files and folders, WP Editor sets a new standard for speed and reliability in a web-based editing atmosphere.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>CodeMirror\u003C\u002Fli>\n\u003Cli>Active Line Highlighting\u003C\u002Fli>\n\u003Cli>Line Numbers\u003C\u002Fli>\n\u003Cli>Line Wrapping\u003C\u002Fli>\n\u003Cli>Eight Editor Themes with Syntax Highlighting\u003C\u002Fli>\n\u003Cli>Fullscreen Editing (ESC, F11)\u003C\u002Fli>\n\u003Cli>Text Search (CMD + F, CTRL + F)\u003C\u002Fli>\n\u003Cli>Individual Settings for Each Editor\u003C\u002Fli>\n\u003Cli>FancyBox for image viewing\u003C\u002Fli>\n\u003Cli>AJAX File Browser\u003C\u002Fli>\n\u003Cli>Allowed Extensions List\u003C\u002Fli>\n\u003Cli>Easy to use Settings Section\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Editor is a plugin for WordPress that replaces the default plugin and theme editors as well as the page\u002Fpost editor.",1075617,90,95,"2026-03-11T18:50:00.000Z","6.9.4","3.9",[129,130,131,132,133],"code-editor","page-editor","plugin-editor","post-editor","theme-editor","http:\u002F\u002Fwpeditor.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-editor.1.2.9.3.zip",86,9,"2025-04-16 17:11:50",{"attackSurface":140,"codeSignals":179,"taintFlows":221,"riskAssessment":249,"analyzedAt":262},{"hooks":141,"ajaxHandlers":175,"restRoutes":176,"shortcodes":177,"cronEvents":178,"entryPointCount":26,"unprotectedCount":26},[142,148,151,156,159,164,167,171],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_init","anonymous","custom-post-templates.php",51,{"type":143,"name":149,"callback":145,"file":146,"line":150},"save_post",52,{"type":152,"name":153,"callback":154,"file":146,"line":155},"filter","single_template","filter_single_template",53,{"type":152,"name":157,"callback":145,"file":146,"line":158},"body_class",54,{"type":143,"name":160,"callback":161,"file":162,"line":163},"init","load_locale","plugin.php",124,{"type":143,"name":160,"callback":165,"file":162,"line":166},"initialize",527,{"type":143,"name":168,"callback":169,"file":162,"line":170},"sidebar_admin_setup","setup_save",553,{"type":143,"name":172,"callback":173,"file":162,"line":174},"sidebar_admin_page","setup_display",554,[],[],[],[],{"dangerousFunctions":180,"sqlUsage":181,"outputEscaping":183,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":220},[],{"prepared":26,"raw":26,"locations":182},[],{"escaped":184,"rawEcho":185,"locations":186},1,17,[187,190,192,194,196,198,200,202,204,206,208,209,211,212,214,215,218],{"file":162,"line":188,"context":189},234,"raw output",{"file":162,"line":191,"context":189},257,{"file":162,"line":193,"context":189},309,{"file":162,"line":195,"context":189},329,{"file":162,"line":197,"context":189},483,{"file":162,"line":199,"context":189},485,{"file":162,"line":201,"context":189},489,{"file":162,"line":203,"context":189},624,{"file":162,"line":205,"context":189},659,{"file":162,"line":207,"context":189},661,{"file":162,"line":207,"context":189},{"file":162,"line":210,"context":189},663,{"file":162,"line":210,"context":189},{"file":162,"line":213,"context":189},667,{"file":162,"line":213,"context":189},{"file":216,"line":217,"context":189},"view\\admin\\select_post_template.php",16,{"file":216,"line":219,"context":189},21,[],[222,241],{"entryPoint":223,"graph":224,"unsanitizedCount":184,"severity":240},"show_config (plugin.php:603)",{"nodes":225,"edges":237},[226,231],{"id":227,"type":228,"label":229,"file":162,"line":230},"n0","source","$_POST",607,{"id":232,"type":233,"label":234,"file":162,"line":235,"wp_function":236},"n1","sink","update_option() [Settings Manipulation]",616,"update_option",[238],{"from":227,"to":232,"sanitized":239},false,"low",{"entryPoint":242,"graph":243,"unsanitizedCount":184,"severity":240},"\u003Cplugin> (plugin.php:0)",{"nodes":244,"edges":247},[245,246],{"id":227,"type":228,"label":229,"file":162,"line":230},{"id":232,"type":233,"label":234,"file":162,"line":235,"wp_function":236},[248],{"from":227,"to":232,"sanitized":239},{"summary":250,"deductions":251},"The \"custom-post-template\" plugin v1.5 exhibits a concerning security posture due to significant weaknesses in output sanitization and a lack of fundamental security checks.  While the absence of known CVEs and the use of prepared statements for SQL are positive indicators, they are overshadowed by critical vulnerabilities identified in the static analysis. Specifically, the plugin has a very low percentage of properly escaped output (6%), suggesting a high risk of cross-site scripting (XSS) vulnerabilities. Furthermore, taint analysis revealed two flows with unsanitized paths, indicating potential for insecure handling of user-supplied data that could lead to unintended code execution or data compromise. The complete absence of nonce checks and capability checks across all entry points, coupled with zero AJAX handlers or REST API routes that *do* have auth checks, exposes the plugin to potential privilege escalation and unauthorized access if any attack vectors were discovered.\n\nDespite the lack of recorded historical vulnerabilities, this does not negate the immediate risks identified in the current version's code. The plugin's zero entry points without authentication is misleading, as the lack of *any* explicit authentication checks on the limited entry points suggests a false sense of security. The plugin demonstrates poor security practices in output handling and data sanitization, leaving it vulnerable to common web attacks. While the intention might be a limited attack surface, the method of achieving this through neglecting security best practices is a significant weakness. The plugin's strengths lie in its use of prepared statements for SQL and no known historical issues, but these are severely undermined by the identified code-level risks.",[252,255,257,260],{"reason":253,"points":254},"Low output escaping percentage",15,{"reason":256,"points":254},"Unsanitized paths in taint flows",{"reason":258,"points":259},"Missing nonce checks",5,{"reason":261,"points":259},"Missing capability checks","2026-03-16T17:47:19.313Z",{"wat":264,"direct":273},{"assetPaths":265,"generatorPatterns":268,"scriptPaths":269,"versionParams":270},[266,267],"\u002Fwp-content\u002Fplugins\u002Fcustom-post-template\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fcustom-post-template\u002Fjs\u002Fadmin.js",[],[267],[271,272],"custom-post-template\u002Fcss\u002Fadmin.css?ver=","custom-post-template\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":274,"htmlComments":277,"htmlAttributes":278,"restEndpoints":281,"jsGlobals":282,"shortcodeOutput":283},[275,276],"post-template","post-template-{$template_file}-php",[],[279,280],"custom_post_template","custom_post_template_present",[],[],[]]