[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPWORNUtSnWCkqdRxMQJpWZ1iRSSeY1HLSfKXydS5z6s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":56,"analysis":160,"fingerprints":292},"easy-custom-code","Easy Custom Code (LESS\u002FCSS\u002FJS) – Live Editing","1.1.2","Yiannis Christodoulou","https:\u002F\u002Fprofiles.wordpress.org\u002Fyiannistaos\u002F","\u003Cp>The \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.web357.com\u002Feasy-custom-code-wordpress-plugin?utm_source=wp_ecc_repo&utm_medium=wp_listing_ecc&utm_campaign=wp_repo_link_ecc&utm_content=wp_repo_link_to_plugin_page_ecc\" rel=\"nofollow ugc\">Easy Custom Code WordPress Plugin\u003C\u002Fa>\u003C\u002Fstrong> easily customize your WordPress website by adding your own \u003Cstrong>LESS\u003C\u002Fstrong>, \u003Cstrong>CSS\u003C\u002Fstrong>, and \u003Cstrong>JavaScript code\u003C\u002Fstrong> directly via the built-in WP Customizer. With this plugin, there’s \u003Cstrong>no need for a child theme\u003C\u002Fstrong> or additional files. Simply insert your custom code, and it will be compiled into a minified CSS file for styles and a JavaScript file for scripts.\u003C\u002Fp>\n\u003Cp>This lightweight plugin is designed for ease of use, providing a seamless and organized way to manage custom styling and scripts without affecting core theme files.\u003C\u002Fp>\n\u003Ch3>VIDEO (How it works?)\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FZ9GE54_e6zE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily add custom LESS, CSS, and JavaScript to your site.\u003C\u002Fli>\n\u003Cli>Manage unlimited external stylesheets and scripts via a modal window.\u003C\u002Fli>\n\u003Cli>Control JavaScript placement (head or footer) for optimized performance.\u003C\u002Fli>\n\u003Cli>Insert custom HTML in key areas:\n\u003Cul>\n\u003Cli>Inside the \u003Ccode>\u003Chead>\u003C\u002Fcode> tag.\u003C\u002Fli>\n\u003Cli>Immediately after the opening \u003Ccode>\u003Cbody>\u003C\u002Fcode> tag.\u003C\u002Fli>\n\u003Cli>Before the closing \u003Ccode>\u003C\u002Fbody>\u003C\u002Fcode> tag.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>PRO FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Minified CSS Output\u003C\u002Fstrong> – Option to enable automatic minification of compiled CSS.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full-Screen Editor\u003C\u002Fstrong> – Maximize the code editor for a distraction-free coding experience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What is LESS?\u003C\u002Fh3>\n\u003Cp>LESS is a CSS preprocessor that allows for variables, nested rules, mixins, and more, making your stylesheets more efficient and maintainable.\u003C\u002Fp>\n\u003Ch4>LESS code:\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>   @global_color: #FF0000;\n   @global_font_size: 14px;\n   @secondary_color: #CCC;\n\n   body {\n      color: @global_color;\n      font-size: @global_font_size;\n   }\n   .container {\n      color: @secondary_color;\n      font-size: @global_font_size * 2;\n   }\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Outputs the following CSS:\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>   body {\n      color: #FF0000;\n      font-size: 14px;\n   }\n   .container {\n      color: #CCC;\n      font-size: 24px;\n   }\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For full LESS documentation, visit \u003Ca href=\"http:\u002F\u002Flesscss.org\u002F\" rel=\"nofollow ugc\">lesscss.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Demo\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdemo.web357.com\u002Fwordpress\u002Feasy-custom-code\u002Fwp-admin\u002F\" rel=\"nofollow ugc\">Try Demo\u003C\u002Fa>\u003Cbr \u002F>\n    \u003Ccode>Username: demo\u003Cbr \u002F>\nPassword: demo\u003C\u002Fcode>\u003C\u002Fp>\n","Easy Custom Code plugin lets you easily add custom LESS, CSS, and JavaScript code, along with external stylesheets and scripts, directly into your Wor &hellip;",100,6200,3,"2025-01-31T00:54:00.000Z","6.7.5","5.3","7.3",[19,20,21,22,23],"css","javascript","js","less","styling","https:\u002F\u002Fwww.web357.com\u002Fproduct\u002Feasy-custom-code-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-custom-code.1.1.2.zip",91,1,0,"2024-07-05 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-37536","easy-custom-code-lesscssjs-live-editing-authenticated-administrator-stored-cross-site-scripting","Easy Custom Code (LESS\u002FCSS\u002FJS) – Live editing \u003C= 1.0.8 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Easy Custom Code (LESS\u002FCSS\u002FJS) – Live editing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.0.8","1.0.9","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-07-30 19:59:35",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff16ea30d-0d03-4464-b75d-e77264af2510?source=api-prod",26,{"slug":49,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},"yiannistaos",4,30460,94,19,90,"2026-04-04T18:23:33.902Z",[57,82,101,122,141],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":79,"download_link":80,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"bwp-minify","Better WordPress Minify","1.3.3","Khang Minh","https:\u002F\u002Fprofiles.wordpress.org\u002Foddoneout\u002F","\u003Cp>Allows you to combine and minify your CSS and JS files to improve page load time. This plugin uses the PHP library \u003Ca href=\"http:\u002F\u002Fcode.google.com\u002Fp\u002Fminify\u002F\" rel=\"nofollow ugc\">Minify\u003C\u002Fa> and relies on WordPress’s enqueueing system rather than the output buffer, which respects the order of CSS and JS files as well as their dependencies. BWP Minify is very customizable and easy to use.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Useful resources to help you get started and make the most out of BWP Minify\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fbetterwp.net\u002Fwordpress-plugins\u002Fbwp-minify\u002F#usage\" rel=\"nofollow ugc\">Official Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fbetterwp.net\u002Fwordpress-minify-javascript-css\u002F\" rel=\"nofollow ugc\">WordPress Minify Best Practices\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Some Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Uses enqueueing system of WordPress which improves compatibility with other plugins and themes\u003C\u002Fli>\n\u003Cli>Allows you to move enqueued files to desired locations (header, footer, oblivion, etc.) via a dedicated management page\u003C\u002Fli>\n\u003Cli>Allows you to change various Minify settings (cache directory, cache age, debug mode, etc.) directly in admin\u003C\u002Fli>\n\u003Cli>Allows you to use friendly Minify urls, such as \u003Ccode>http:\u002F\u002Fexample.com\u002Fpath\u002Fto\u002Fcache\u002Fsomestring.js\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Allows you to use CDN for minified contents, one CDN host for JS and one for CSS with SSL support\u003C\u002Fli>\n\u003Cli>Allows you to split long Minify strings into shorter ones\u003C\u002Fli>\n\u003Cli>Offers various way to add a cache buster to your minify string such as WordPress’s version, Theme’s version, Cache folder’s last modified timestap, etc.\u003C\u002Fli>\n\u003Cli>Supports script localization (\u003Ccode>wp_localize_script()\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Supports inline styles\u003C\u002Fli>\n\u003Cli>Supports RTL stylesheets\u003C\u002Fli>\n\u003Cli>Supports media-specific stylesheets (e.g. ‘screen’, ‘print’, etc.)\u003C\u002Fli>\n\u003Cli>Supports conditional stylesheets (e.g. \u003Ccode>\u003C!--[if lt IE 7]>\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Provides hooks for further customization\u003C\u002Fli>\n\u003Cli>WordPress Multi-site compatible\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please don’t forget to rate this plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fbwp-minify?filter=5\" rel=\"ugc\">5 shining stars\u003C\u002Fa> if you like it, thanks!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Get in touch\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Support is provided via \u003Ca href=\"http:\u002F\u002Fbetterwp.net\u002Fcommunity\u002F\" rel=\"nofollow ugc\">BetterWP.net Community\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Follow and contribute to development via \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FOddOneOut\u002FBetter-WordPress-Minify\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>You can also follow me on \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002F0dd0ne0ut\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Check out \u003Ca href=\"http:\u002F\u002Ffeeds.feedburner.com\u002FBetterWPnet\" rel=\"nofollow ugc\">latest WordPress Tips and Ideas\u003C\u002Fa> from BetterWP.net.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Languages\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English (default)\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO) – Thanks to \u003Ca href=\"www.enjoyprepaid.com\" rel=\"nofollow ugc\">Luke Tyler, International Calling Cards\u003C\u002Fa>!\u003C\u002Fli>\n\u003Cli>Turkish (tr_TR) – Thanks to Hakan E\u003C\u002Fli>\n\u003Cli>French (fr_FR) – Thanks to Sebastien\u003C\u002Fli>\n\u003Cli>Italian (it_IT) – Thanks to Gabriele – http:\u002F\u002Fcookspot.it\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) –  Thanks to Ruben Hernandez – http:\u002F\u002Fusitility.com\u002F\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) – Thanks to Martijn van Egmond\u003C\u002Fli>\n\u003Cli>German (de_DE) – Thanks to Matthias\u003C\u002Fli>\n\u003Cli>Serbo-Croatian (sr_RS) – Thanks to Borisa Djuraskovic – \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Web Hosting Hub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Indonesian (id_ID) – Thanks to Nasrulhaq Muiz – http:\u002F\u002Fal-badar.net\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) – Thanks to Эдуард Валеев\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please \u003Ca href=\"http:\u002F\u002Fbetterwp.net\u002Fwordpress-tips\u002Fcreate-pot-file-using-poedit\u002F\" rel=\"nofollow ugc\">help translate\u003C\u002Fa> this plugin!\u003C\u002Fp>\n","Allows you to combine and minify your CSS and JS files to improve page load time.",8000,692951,84,137,"2017-11-28T05:12:00.000Z","4.0.38","3.1","",[74,75,76,77,78],"minify","minify-css","minify-javascript","minify-js","minify-stylesheet","http:\u002F\u002Fbetterwp.net\u002Fwordpress-plugins\u002Fbwp-minify\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbwp-minify.1.3.3.zip",85,{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":72,"tags":97,"homepage":99,"download_link":100,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wp-minify-fix","WP Minify Fix","1.4.1","NodeCode","https:\u002F\u002Fprofiles.wordpress.org\u002Fnodecode\u002F","\u003Cp>This plugin is a fork of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-minify\u002F\" rel=\"ugc\">WP Minify\u003C\u002Fa> to fix bugs and add features, because it has not been updated since 2012-6-4.\u003C\u002Fp>\n\u003Cp>This plugin integrates the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmrclay\u002Fminify\" rel=\"nofollow ugc\">Minify engine\u003C\u002Fa>\u003Cbr \u002F>\ninto your WordPress blog.  Once enabled, this plugin will combine and compress\u003Cbr \u002F>\nJS and CSS files to improve page load time.\u003C\u002Fp>\n\u003Ch4>What has been fixed?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Minify engine updated to version 2.1.7\u003C\u002Fli>\n\u003Cli>Cache interval option has been fixed\u003C\u002Fli>\n\u003Cli>Move CSS-@imports to the top of the output\u003C\u002Fli>\n\u003Cli>Bottom CSS- and JavaScript output fixed\u003C\u002Fli>\n\u003Cli>Support for script tags without \u003Ccode>type=\"text\u002Fjavascript\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Detection of protocol-relative URLs as external file (e.g. Google AdSense)\u003C\u002Fli>\n\u003Cli>New option for the HTML5 async attribute\u003C\u002Fli>\n\u003Cli>A separate JavaScript file in the footer is now possible\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How Does it Work?\u003C\u002Fh4>\n\u003Cp>WP Minify Fix grabs JS\u002FCSS files in your generated WordPress page and passes that\u003Cbr \u002F>\nlist to the Minify engine. The Minify engine then returns a consolidated,\u003Cbr \u002F>\nminified, and compressed script or style for WP Minify to reference in the\u003Cbr \u002F>\nWordPress header.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easily integrate Minify into your WordPress blog.\u003C\u002Fli>\n\u003Cli>Minifies JavaScript, CSS, and HTML.\u003C\u002Fli>\n\u003Cli>Debug tools to help you debug your issues.\u003C\u002Fli>\n\u003Cli>Ability to include extra JS and CSS files for Minifying.\u003C\u002Fli>\n\u003Cli>Ability to exclude certain JS and CSS files for Minifying.\u003C\u002Fli>\n\u003Cli>Minified JS and CSS files can be placed wherever you want.\u003C\u002Fli>\n\u003Cli>Support for to minifying external files via caching.\u003C\u002Fli>\n\u003Cli>Ability to pass extra arguments to Minify engine.\u003C\u002Fli>\n\u003Cli>Expire headers for minified JS and CSS files.\u003C\u002Fli>\n\u003Cli>Detection and elimination of duplicate sources.\u003C\u002Fli>\n\u003Cli>Plugin hooks!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also commit changes on our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnodecode\u002Fwp-minify-fix\" rel=\"nofollow ugc\">Github repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>All contents under the wp-minify-fix\u002Fmin\u002F directory is licensed under\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.opensource.org\u002Flicenses\u002Fbsd-license.php\" rel=\"nofollow ugc\">New BSD License\u003C\u002Fa> (which is\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fcopyleft\u002Fgpl.html\" rel=\"nofollow ugc\">GPL\u003C\u002Fa> compatible).  All other\u003Cbr \u002F>\ncontents within this package is licensed under GPLv3.\u003C\u002Fp>\n","[Fixed] This plugin uses the Minify engine to combine and compress JS and CSS files to improve page load time.",1000,73691,80,40,"2017-11-28T20:47:00.000Z","4.3.34","2.8",[19,98,20,21,74],"html","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-minify-fixed\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-minify-fix.1.4.1.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":11,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":72,"tags":115,"homepage":120,"download_link":121,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wpc-insert-code","Insert Code by Angie Makes","1.2","Chris Baldelomar","https:\u002F\u002Fprofiles.wordpress.org\u002Fcbaldelomar\u002F","\u003Cp>This plugin makes it easy for you to add custom scripts to the head and footer sections of your site. A theme can also add theme support to enable the insert of custom code (HTML, Javascript, and CSS) at the top of a page, above header, below header, above content, and below content.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fhallie.angiemakes.com\u002Fad-spots\u002F\" rel=\"nofollow ugc\">Live Demo & Documentation\u003C\u002Fa>\u003C\u002Fp>\n","Easily insert HTML, Javascript, CSS, into the head and footer areas of your site.",900,26197,2,"2017-05-10T16:44:00.000Z","4.7.32","3.9.1",[98,116,117,118,119],"insert-css","insert-html","insert-javascript","insert-js","http:\u002F\u002Fangiemakes.com\u002Ffeminine-wordpress-blog-themes-women\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpc-insert-code.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":11,"num_ratings":27,"last_updated":132,"tested_up_to":15,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":138,"download_link":139,"security_score":140,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wp-custom-cssjs","Custom CSS\u002FJS","1.4.2","johnibom","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnibom\u002F","\u003Cp>Welcome to WP Custom CSS JS by PieSolutions.\u003Cbr \u002F>\nSo you want to add HTML, CSS, Javascript, Jquery or Tracking Pixel on your Website without messing up with your theme’s files? This small and light weight plugin gives you ability to do that right from the wordpress dashboard.\u003C\u002Fp>\n\u003Cp>=Features=\u003C\u002Fp>\n\u003Cp>\u003Cstrong>HTML (All tags are supported) in the header Block\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Inline CSS in Header\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Inline JS\u002FjQuery in Header\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>HTML (All tags are supported) in the footer Block\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Inline CSS in Footer\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Inline JS\u002FjQuery in Footer\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>LOCALIZATION\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>We are looking for translators. Please reach out to us and\u002For translate this plugin to your own language here: https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-custom-cssjs\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Custom CSS JS plugin allows you to add any HTML, CSS, Javascript, jQuery or Tracking Pixel easily on your wordpress site right from your dashboard.",800,15316,"2025-03-16T01:09:00.000Z","4.5","5.6",[19,20,136,21,137],"jquery","tracking-pixel","http:\u002F\u002Fpie-solutions.com\u002Fwp-custom-cssjs\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-custom-cssjs.1.4.2.zip",92,{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":149,"downloaded":150,"rating":11,"num_ratings":13,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":72,"tags":154,"homepage":156,"download_link":157,"security_score":158,"vuln_count":111,"unpatched_count":28,"last_vuln_date":159,"fetched_at":30},"custom-css","Custom CSS, JS & PHP","2.4.3","WPFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpcodefactory\u002F","\u003Cp>\u003Cstrong>Custom CSS, JS & PHP\u003C\u002Fstrong> is a lightweight plugin that lets you add:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>custom \u003Cstrong>CSS\u003C\u002Fstrong> (front-end and\u002For back-end),\u003C\u002Fli>\n\u003Cli>custom \u003Cstrong>JavaScript\u003C\u002Fstrong> (front-end and\u002For back-end), and\u003C\u002Fli>\n\u003Cli>custom \u003Cstrong>PHP\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🗘 Feedback\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>We are open to your suggestions and feedback. Thank you for using or trying out one of our plugins!\u003C\u002Fli>\n\u003C\u002Ful>\n","Just another custom CSS, JavaScript & PHP tool for WordPress.",400,9860,"2025-09-08T16:08:00.000Z","6.8.5","4.4",[19,20,21,155],"php","https:\u002F\u002Fwpfactory.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-css.2.4.3.zip",97,"2025-04-16 00:00:00",{"attackSurface":161,"codeSignals":230,"taintFlows":277,"riskAssessment":278,"analyzedAt":291},{"hooks":162,"ajaxHandlers":226,"restRoutes":227,"shortcodes":228,"cronEvents":229,"entryPointCount":28,"unprotectedCount":28},[163,169,172,174,177,180,183,185,189,193,197,200,203,206,210,214,218,221,224],{"type":164,"name":165,"callback":166,"file":167,"line":168},"action","plugins_loaded","anonymous","includes\\class-main.php",138,{"type":164,"name":170,"callback":166,"file":167,"line":171},"admin_enqueue_scripts",152,{"type":164,"name":170,"callback":166,"file":167,"line":173},153,{"type":164,"name":175,"callback":166,"file":167,"line":176},"admin_menu",157,{"type":164,"name":178,"callback":166,"file":167,"line":179},"admin_init",158,{"type":164,"name":181,"callback":166,"file":167,"line":182},"wp_enqueue_scripts",172,{"type":164,"name":181,"callback":166,"file":167,"line":184},173,{"type":164,"name":181,"callback":186,"file":187,"line":188},"enqueue_styles","includes\\class-w357-easy-custom-code.php",20,{"type":164,"name":190,"callback":191,"file":187,"line":192},"customize_register","web357_customizer_customize_register",21,{"type":164,"name":194,"callback":195,"file":187,"line":196},"customize_save_after","web357_customizer_createCSS",22,{"type":164,"name":194,"callback":198,"file":187,"line":199},"web357_customizer_createJS",23,{"type":164,"name":181,"callback":201,"file":187,"line":202},"web357_customizer_load_libraries_to_head",30,{"type":164,"name":181,"callback":204,"file":187,"line":205},"web357_customizer_load_libraries_to_footer",32,{"type":164,"name":207,"callback":208,"file":187,"line":209},"wp_head","web357_custom_code_in_head_tag",36,{"type":164,"name":211,"callback":212,"file":187,"line":213},"wp_body_open","web357_custom_code_after_body",37,{"type":164,"name":215,"callback":216,"file":187,"line":217},"wp_footer","web357_custom_code_before_body",38,{"type":164,"name":175,"callback":219,"file":187,"line":220},"web357_customizer_section_admin_menu_settings_link",41,{"type":164,"name":215,"callback":222,"file":187,"line":223},"closure",130,{"type":164,"name":207,"callback":222,"file":187,"line":225},165,[],[],[],[],{"dangerousFunctions":231,"sqlUsage":232,"outputEscaping":234,"fileOperations":111,"externalRequests":13,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":276},[],{"prepared":28,"raw":28,"locations":233},[],{"escaped":235,"rawEcho":53,"locations":236},168,[237,240,242,244,246,248,250,251,253,255,257,259,261,263,265,267,269,271,273],{"file":238,"line":188,"context":239},"admin\\settings-view.php","raw output",{"file":238,"line":241,"context":239},99,{"file":238,"line":243,"context":239},101,{"file":238,"line":245,"context":239},111,{"file":238,"line":247,"context":239},120,{"file":238,"line":249,"context":239},125,{"file":238,"line":223,"context":239},{"file":187,"line":252,"context":239},237,{"file":187,"line":254,"context":239},264,{"file":187,"line":256,"context":239},554,{"file":187,"line":258,"context":239},558,{"file":187,"line":260,"context":239},560,{"file":187,"line":262,"context":239},566,{"file":187,"line":264,"context":239},576,{"file":187,"line":266,"context":239},577,{"file":187,"line":268,"context":239},581,{"file":187,"line":270,"context":239},582,{"file":187,"line":272,"context":239},588,{"file":274,"line":275,"context":239},"public\\class-public.php",74,[],[],{"summary":279,"deductions":280},"The 'easy-custom-code' v1.1.2 plugin exhibits a generally positive security posture based on the static analysis, with no identified critical or high severity taint flows and a strong adherence to prepared statements for SQL queries. The high percentage of properly escaped output is also a good indicator of defensive coding practices. However, the complete absence of nonce checks and capability checks across all entry points, coupled with a recorded medium severity vulnerability in its history, presents notable concerns. The plugin's attack surface is currently minimal, which is beneficial, but the lack of fundamental security checks like nonces leaves it susceptible to potential attacks if new entry points are introduced or existing ones are exploited without proper authentication and authorization mechanisms in place. The historical vulnerability, categorized as Cross-site Scripting, and its recent occurrence highlight a recurring area that requires vigilant attention and robust preventative measures.\n\nWhile the current static analysis shows a clean bill of health regarding specific code vulnerabilities, the lack of authentication and authorization checks on any potential entry points is a significant weakness. This means that any future addition of features, even seemingly innocuous ones, could inadvertently introduce severe security flaws. The plugin's history of a medium severity XSS vulnerability, even if patched, suggests that developers should maintain a heightened awareness of input sanitization and output escaping, particularly when dealing with user-supplied data. The plugin's strengths lie in its clean SQL handling and good output escaping, but these are overshadowed by the fundamental gaps in security controls.",[281,284,286,289],{"reason":282,"points":283},"No nonce checks present",15,{"reason":285,"points":283},"No capability checks present",{"reason":287,"points":288},"1 medium severity vulnerability in history",10,{"reason":290,"points":50},"10% of outputs not properly escaped","2026-03-16T20:55:59.256Z",{"wat":293,"direct":302},{"assetPaths":294,"generatorPatterns":297,"scriptPaths":298,"versionParams":299},[295,296],"\u002Fwp-content\u002Fplugins\u002Feasy-custom-code\u002Fadmin\u002Fcss\u002Fadmin.min.css","\u002Fwp-content\u002Fplugins\u002Feasy-custom-code\u002Fadmin\u002Fjs\u002Fadmin.min.js",[],[],[300,301],"easy-custom-code\u002Fadmin\u002Fcss\u002Fadmin.min.css?ver=","easy-custom-code\u002Fadmin\u002Fjs\u002Fadmin.min.js?ver=",{"cssClasses":303,"htmlComments":304,"htmlAttributes":313,"restEndpoints":314,"jsGlobals":315,"shortcodeOutput":316},[],[305,306,307,308,309,310,311,312]," Easy Custom Code (LESS\u002FCSS\u002FJS) - Live editing for WordPress - v1.1.2 (free version) "," Author: Web357 "," Copyright © 2014-2025 Web357. All rights reserved. "," License: GNU\u002FGPLv3, http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html "," Website: https:\u002F\u002Fwww.web357.com\u002Feasy-custom-code-wordpress-plugin "," Demo: https:\u002F\u002Fdemo-wordpress.web357.com\u002F "," Support: https:\u002F\u002Fwww.web357.com\u002Fsupport "," Last modified: Friday 31 January 2025, 12:48:01 AM ",[],[],[],[]]