[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRN6edZYaxKBdlcuwrl6VnATuNeVDDS2v1QLg3do3IYY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":5,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":13,"tags":16,"homepage":19,"download_link":20,"security_score":21,"vuln_count":12,"unpatched_count":12,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":50,"fingerprints":91},"custom-template-post","Custom Template Post","1.0","Agung Nugroho","https:\u002F\u002Fprofiles.wordpress.org\u002Fabuazzam\u002F","\u003Cp>Custom Template Post\u003C\u002Fp>\n",10,1950,0,"","3.2.1","3.0",[4,17,18],"template-editor","template-post","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcustom-template-post\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-template-post.1.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":21,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"abuazzam",2,20,30,94,"2026-04-05T14:20:28.389Z",[33],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":12,"downloaded":41,"rating":12,"num_ratings":12,"last_updated":42,"tested_up_to":43,"requires_at_least":44,"requires_php":45,"tags":46,"homepage":13,"download_link":47,"security_score":48,"vuln_count":12,"unpatched_count":12,"last_vuln_date":22,"fetched_at":49},"enable-template-editor","Enable Template Editor","1.0.0","Carolina Nymark","https:\u002F\u002Fprofiles.wordpress.org\u002Fpoena\u002F","\u003Cp>This plugin does one thing, it enables the template editor for themes that does not have built in support. This plugin is intended for testing template editing and custom templates.\u003Cbr \u002F>\n-Enabling this plugin on websites using themes that are not designed to support template editing may lead to unexpected results.\u003C\u002Fp>\n","This plugin does one thing, it enables the template editor for themes that does not have built in support. This plugin is intended for testing.",1272,"2021-07-30T16:43:00.000Z","5.8.13","5.8","7.2",[17],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenable-template-editor.zip",85,"2026-03-15T15:16:48.613Z",{"attackSurface":51,"codeSignals":72,"taintFlows":83,"riskAssessment":84,"analyzedAt":90},{"hooks":52,"ajaxHandlers":68,"restRoutes":69,"shortcodes":70,"cronEvents":71,"entryPointCount":12,"unprotectedCount":12},[53,59,64],{"type":54,"name":55,"callback":56,"file":57,"line":58},"action","admin_menu","addAdminOption","custom-template-post.php",67,{"type":60,"name":61,"callback":62,"file":57,"line":63},"filter","default_content","customEditor",68,{"type":54,"name":65,"callback":66,"file":57,"line":67},"admin_head","customEditorStyle",69,[],[],[],[],{"dangerousFunctions":73,"sqlUsage":74,"outputEscaping":76,"fileOperations":12,"externalRequests":12,"nonceChecks":12,"capabilityChecks":12,"bundledLibraries":82},[],{"prepared":12,"raw":12,"locations":75},[],{"escaped":12,"rawEcho":77,"locations":78},1,[79],{"file":57,"line":80,"context":81},43,"raw output",[],[],{"summary":85,"deductions":86},"The \"custom-template-post\" v1.0 plugin exhibits an excellent security posture based on the provided static analysis. The plugin demonstrates a strong commitment to secure coding practices by having no detected attack surface points, no dangerous function calls, and all SQL queries utilizing prepared statements. Furthermore, the absence of any recorded vulnerabilities in its history suggests a well-maintained and secure codebase.  The lack of identified taint flows further reinforces this positive assessment.  However, a single output is present and is not properly escaped, which represents a minor but notable concern. This could potentially lead to cross-site scripting (XSS) vulnerabilities if the output is user-controlled or contains dynamic data that is not sanitized. Despite this, the overall security profile of the plugin is very strong, indicating a low-risk addition to a WordPress site.",[87],{"reason":88,"points":89},"Unescaped output found",5,"2026-03-16T23:30:28.870Z",{"wat":92,"direct":97},{"assetPaths":93,"generatorPatterns":94,"scriptPaths":95,"versionParams":96},[],[],[],[],{"cssClasses":98,"htmlComments":102,"htmlAttributes":103,"restEndpoints":106,"jsGlobals":107,"shortcodeOutput":108},[99,100,101],"wrap","icon32","form-table",[],[104,105],"name=\"post-template\"","name=\"post-template-style\"",[],[],[]]