[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fE4JS5d26XP1DNQsXEgHLuKTC_s_Mt8XyVt6RO-qv598":3,"$fcPzKZrDO-SF-mpRwvLrt9XLU9vg98OT9CEY_o0hVY2Y":366,"$fRuDfo7vdZUnuJrF3oV6ibq2D4LSSarXVaShf-6tqY48":370},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":133,"fingerprints":291},"editor-for-timber","Editor for Timber","1.0.2","dweipert","https:\u002F\u002Fprofiles.wordpress.org\u002Fdrogueronin\u002F","\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>adds a metabox to configurable Post-Types to create and edit Twig templates\u003C\u002Fli>\n\u003Cli>adds Twig support to the WP Theme & Plugin editors\n\u003Cul>\n\u003Cli>you can even customize the CodeMirror theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin Dependencies\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftimber-library\u002F\u003C\u002Fli>\n\u003Cli>https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-editor\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to use the MetaBox Feature\u003C\u002Fh3>\n\u003Cp>The plugin uses the path defined in \u003Ccode>Timber::$locations\u003C\u002Fcode> as the templates path or falls back to the uploads folder if none is provided.\u003C\u002Fp>\n\u003Cp>Either adjust your \u003Ccode>Timber::render('page.twig', $context)\u003C\u002Fcode>-functions like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$filenames = [TimberEditor::getTemplateFilename(), 'page.twig'];\nTimber::render($filenames, $context);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>like this\u003C\u002Fp>\n\u003Cpre>\u003Ccode>TimberEditor::render('page.twig', $context);\n# 'page.twig' serves as a fallback if the current posts's template doesn't exist\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or like this\u003C\u002Fp>\n\u003Cpre>\u003Ccode>TimberEditor::renderPost('page.twig', $context);\n# renderPost() automatically adds ['post' => new Timber\\Post()] to the $context\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Page, Theme & Plugin Editor Extension for Timber http:\u002F\u002Fwww.upstatement.com\u002Ftimber\u002F",50,1915,0,"2020-12-16T12:02:00.000Z","5.5.18","5.5","7.4",[19,20,21],"templates","timber","twig","https:\u002F\u002Fgitlab.com\u002FDRogueRonin\u002Fwp-plugin-timber-editor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feditor-for-timber.1.0.2.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"drogueronin",2,30,84,"2026-05-20T02:05:58.742Z",[36,58,74,93,113],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":31,"unpatched_count":13,"last_vuln_date":57,"fetched_at":26},"timber-library","Timber","1.23.4","jarednova","https:\u002F\u002Fprofiles.wordpress.org\u002Fjarednova\u002F","\u003Cp>With the upcoming release of Timber 2.0, we will not release a 2.0 version and beyond as a plugin, but only as a Composer package. We advise everyone to switch to the Composer based install as soon as possible.\u003Cbr \u002F>\nYou will find an extensive list with guides and the reasons why we are not going to release Timber 2.0 as a plugin anymore.\u003C\u002Fp>\n\u003Ch3>Switching to the Composer based version\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Announcement: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftimber\u002Ftimber\u002Fdiscussions\u002F2804\" rel=\"nofollow ugc\">Dropping support for the plugin version of Timber\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Guide: \u003Ca href=\"https:\u002F\u002Ftimber.github.io\u002Fdocs\u002Fv1\u002Fgetting-started\u002Fswitch-to-composer\u002F\" rel=\"nofollow ugc\">How do I switch over from the plugin version to the Composer based version of Timber?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Backstory: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftimber\u002Ftimber\u002Fpull\u002F2005\" rel=\"nofollow ugc\">Why we are dropping support for the plugin in the first place\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>GitHub issue: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftimber\u002Ftimber\u002Fissues\u002F2741\" rel=\"nofollow ugc\">Roadmap for Timber 2.0\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Timber helps you create fully-customized WordPress themes faster with more sustainable code. With Timber, you write your HTML using the \u003Ca href=\"http:\u002F\u002Ftwig.sensiolabs.org\u002F\" rel=\"nofollow ugc\">Twig Template Engine\u003C\u002Fa> separate from your PHP files. This cleans up your theme code so, for example, your PHP file can focus on being the data\u002Flogic, while your Twig file can focus 100% on the HTML and display.\u003C\u002Fp>\n\u003Cp>Once Timber is installed and activated in your plugin directory, it gives any WordPress theme the ability to take advantage of the power of Twig and other Timber features.\u003C\u002Fp>\n\u003Ch3>Want to learn more?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fupstatement.com\u002Ftimber\" rel=\"nofollow ugc\">Project Page\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fgithub.com\u002Ftimber\u002Ftimber\u002F\" rel=\"nofollow ugc\">Timber on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Looking for Documentation?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftimber.github.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">Timber Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftwig.sensiolabs.org\u002Fdoc\u002Ftemplates.html\" rel=\"nofollow ugc\">Twig Reference (from SensioLabs)\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cem>Twig is the template language powering Timber; if you need a little background on what a template language is, \u003Ca href=\"http:\u002F\u002Ftwig.sensiolabs.org\u002F\" rel=\"nofollow ugc\">Twig’s homepage has an overview\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftimber.github.io\u002Fdocs\u002Fgetting-started\u002Fvideo-tutorials\u002F\" rel=\"nofollow ugc\">Video Tutorials\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftimber.github.io\u002Fdocs\u002Fgetting-started\u002F\" rel=\"nofollow ugc\">Overview \u002F Getting Started Guide\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Need support?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002Ftagged\u002Ftimber\" rel=\"nofollow ugc\">StackOverflow\u003C\u002Fa> is for usage questions and troubleshooting\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftimber\u002Ftimber\u002Fissues\" rel=\"nofollow ugc\">GitHub issues\u003C\u002Fa> are for reporting bugs and errors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Please post on \u003Ca href=\"http:\u002F\u002Fstackoverflow.com\u002Fquestions\u002Ftagged\u002Ftimber\" rel=\"nofollow ugc\">StackOverflow under the “Timber” tag\u003C\u002Fa>. Please use GitHub issues only for specific bugs, feature requests and other types of issues.\u003C\u002Fp>\n","Helps you create themes faster with sustainable code. With Timber, you write HTML using Twig Templates http:\u002F\u002Fwww.upstatement.com\u002Ftimber\u002F",20000,1464925,98,71,"2025-05-31T20:07:00.000Z","6.8.5","5.3.0","7.2.5",[53,19,21],"template-engine","https:\u002F\u002Fupstatement.com\u002Ftimber","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftimber-library.1.23.4.zip",97,"2025-07-24 00:00:00",{"slug":59,"name":60,"version":61,"author":40,"author_profile":41,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":72,"download_link":73,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"debug-bar-timber","Timber Debug Bar","1.1.6","\u003Cp>Once installed, the Timber Debug Bar gives you access to the current template name, its absolute location on your server and the full contents of the context (array) sent to the template.\u003C\u002Fp>\n","Adds a Panel to the Debug Bar for Timber information",600,66145,"2021-09-23T21:07:00.000Z","5.8.13","3.5","",[71,20,21],"debug","https:\u002F\u002Fgithub.com\u002Fupstatement\u002Fdebug-bar-timber\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebug-bar-timber.1.1.6.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":13,"num_ratings":13,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":69,"tags":87,"homepage":91,"download_link":92,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"clear-cache-for-timber","Clear cache for Timber","0.2.0","ogrosko","https:\u002F\u002Fprofiles.wordpress.org\u002Fogrosko\u002F","\u003Cp>Small WordPress plugin for flushing cache of Timber (Twig Template Plugin for WordPress)\u003C\u002Fp>\n","Small Wordpress plugin for flushing cache of Timber (Twig Template Plugin for Wordpress)",500,16567,"2024-02-15T07:57:00.000Z","6.4.8","2.0.1",[88,89,90,20,21],"cache","clear","flush","https:\u002F\u002Fgithub.com\u002Fogrosko\u002Ftimber-clear-cache","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclear-cache-for-timber.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":69,"tags":108,"homepage":69,"download_link":112,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"acf-timber-integration","ACF Timber Integration","1.4.0","Dream Production","https:\u002F\u002Fprofiles.wordpress.org\u002Fdream-production\u002F","\u003Cp>This plugin is intended for developers that are using Advanced Custom Fields and Timber to develop their themes.\u003C\u002Fp>\n\u003Cp>By enabling this plugin the user-defined advanced custom fields will be available in the Timber context variable as follows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fields defined for settings pages will be available everywhere under the “options” key\u003C\u002Fli>\n\u003Cli>Fields defined for posts, pages and custom post types will be available on the \\Timber\\Post object under the “fields” key\u003C\u002Fli>\n\u003Cli>Fields defined for terms will be available on the \\Timber\\Term object under the “fields” key\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Fields defined for users will be available on the \\Timber\\User object under the “fields” key\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Defined menus will also be available everywhere under the “menus” key\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Also adds twig functions for images:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>srcset – used to generate srcset attribute tag.\u003Cbr \u002F>\nUsage: \u003Ccode>\u003Cimg src=\"{{ post.thumbnail.src('large') }}\" {{ srcset(post.thumbnail,'large') }} \u002F>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>image_attr – used to generate srcset, width, height and alt.\u003Cbr \u002F>\nUsage: \u003Ccode>\u003Cimg src=\"{{ post.thumbnail.src('large') }}\" {{ image_attr(post.thumbnail,'large') }} \u002F>\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically enables in the Timber twig context variable all user-defined advanced custom fields.",200,7496,100,1,"2021-02-10T10:42:00.000Z","5.6.17","3.7",[109,110,111,20,21],"acf","advanced-custom-fields","integration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-timber-integration.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":13,"num_ratings":13,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":131,"download_link":132,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"query-monitor-twig-profile","Query monitor Twig profile","1.3.6","Niels de Blaauw","https:\u002F\u002Fprofiles.wordpress.org\u002Fnielsdeblaauw\u002F","\u003Cp>Find out which pages are slow, and why! Immediately see profiling information from twig in your \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquery-monitor\u002F\" rel=\"ugc\">Query Monitor\u003C\u002Fa> toolbar.\u003C\u002Fp>\n\u003Cp>The Twig profile extension for Query Monitor helps you notice which templates are used on a page and where the time rendering the page is spent.\u003C\u002Fp>\n\u003Cp>Kind of like the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwhat-the-file\u002F\" rel=\"ugc\">‘What the file’ plugin\u003C\u002Fa>, but for Twig and with timing information.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Support for dark mode.\u003C\u002Fli>\n\u003Cli>Clickable links to profiled templates in your preferred editor.\u003C\u002Fli>\n\u003Cli>Downloadable blackfire.io profiles.\u003C\u002Fli>\n\u003Cli>History mode. Save profiles so you can see the impact of your changes.\u003C\u002Fli>\n\u003Cli>Color scheme for dark and light modes meet WCAG AA accessibility standards, and all controls are keyboard accessible. \u003C\u002Fli>\n\u003Cli>Automatically integrates with Timber.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>This open source tool is developed in a public \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FNielsdeBlaauw\u002Fquery-monitor-twig-profile\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>. If you have any feature requests, found an issue or want to contribute check out the repository.\u003C\u002Fp>\n","Displays Twig profiler output in Query Monitor.",80,23011,"2022-06-03T13:34:00.000Z","6.0.0","4.9.0","7.0.0",[128,129,130,20,21],"performance","profile","query-monitor","https:\u002F\u002Fgithub.com\u002FNielsdeBlaauw\u002Fquery-monitor-twig-profile","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquery-monitor-twig-profile.1.3.6.zip",{"attackSurface":134,"codeSignals":197,"taintFlows":229,"riskAssessment":282,"analyzedAt":290},{"hooks":135,"ajaxHandlers":193,"restRoutes":194,"shortcodes":195,"cronEvents":196,"entryPointCount":13,"unprotectedCount":13},[136,142,147,151,154,159,161,166,170,175,178,180,182,184,185,187,188,189,190,192],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","plugins_loaded","timberEditor","editor-for-timber.php",13,{"type":137,"name":143,"callback":144,"file":145,"line":146},"add_meta_boxes","addMetaBoxes","src\\MetaBox.php",12,{"type":137,"name":148,"callback":149,"file":150,"line":146},"admin_menu","adminMenu","src\\Settings.php",{"type":137,"name":152,"callback":153,"file":150,"line":141},"admin_init","adminInit",{"type":155,"name":156,"callback":157,"file":158,"line":146},"filter","wp_theme_editor_filetypes","editableExtensions","src\\ThemeEditor.php",{"type":155,"name":160,"callback":157,"file":158,"line":141},"editable_extensions",{"type":155,"name":162,"callback":163,"priority":164,"file":158,"line":165},"wp_code_editor_settings","codeEditorSettings",10,14,{"type":137,"name":167,"callback":168,"file":158,"line":169},"wp_enqueue_code_editor","enqueueCodeEditor",15,{"type":137,"name":171,"callback":172,"file":173,"line":174},"admin_notices","adminNoticeTimberLibraryMissing","src\\TimberEditor.php",17,{"type":137,"name":171,"callback":176,"file":173,"line":177},"adminNoticeClassicEditor",21,{"type":137,"name":138,"callback":139,"file":179,"line":141},"trunk\\editor-for-timber.php",{"type":137,"name":143,"callback":144,"file":181,"line":146},"trunk\\src\\MetaBox.php",{"type":137,"name":148,"callback":149,"file":183,"line":146},"trunk\\src\\Settings.php",{"type":137,"name":152,"callback":153,"file":183,"line":141},{"type":155,"name":156,"callback":157,"file":186,"line":146},"trunk\\src\\ThemeEditor.php",{"type":155,"name":160,"callback":157,"file":186,"line":141},{"type":155,"name":162,"callback":163,"priority":164,"file":186,"line":165},{"type":137,"name":167,"callback":168,"file":186,"line":169},{"type":137,"name":171,"callback":172,"file":191,"line":174},"trunk\\src\\TimberEditor.php",{"type":137,"name":171,"callback":176,"file":191,"line":177},[],[],[],[],{"dangerousFunctions":198,"sqlUsage":199,"outputEscaping":201,"fileOperations":227,"externalRequests":13,"nonceChecks":31,"capabilityChecks":13,"bundledLibraries":228},[],{"prepared":13,"raw":13,"locations":200},[],{"escaped":164,"rawEcho":202,"locations":203},16,[204,207,208,210,211,213,215,217,219,220,221,222,223,224,225,226],{"file":150,"line":205,"context":206},56,"raw output",{"file":150,"line":205,"context":206},{"file":150,"line":209,"context":206},70,{"file":150,"line":209,"context":206},{"file":150,"line":212,"context":206},74,{"file":150,"line":214,"context":206},75,{"file":173,"line":216,"context":206},36,{"file":173,"line":218,"context":206},52,{"file":183,"line":205,"context":206},{"file":183,"line":205,"context":206},{"file":183,"line":209,"context":206},{"file":183,"line":209,"context":206},{"file":183,"line":212,"context":206},{"file":183,"line":214,"context":206},{"file":191,"line":216,"context":206},{"file":191,"line":218,"context":206},6,[],[230,247,263,271],{"entryPoint":231,"graph":232,"unsanitizedCount":13,"severity":246},"savePost (src\\MetaBox.php:39)",{"nodes":233,"edges":243},[234,238],{"id":235,"type":236,"label":237,"file":145,"line":11},"n0","source","$_POST",{"id":239,"type":240,"label":241,"file":145,"line":218,"wp_function":242},"n1","sink","file_put_contents() [File Write]","file_put_contents",[244],{"from":235,"to":239,"sanitized":245},true,"low",{"entryPoint":248,"graph":249,"unsanitizedCount":13,"severity":246},"\u003CMetaBox> (src\\MetaBox.php:0)",{"nodes":250,"edges":260},[251,252,253,255],{"id":235,"type":236,"label":237,"file":145,"line":11},{"id":239,"type":240,"label":241,"file":145,"line":218,"wp_function":242},{"id":254,"type":236,"label":237,"file":145,"line":11},"n2",{"id":256,"type":240,"label":257,"file":145,"line":258,"wp_function":259},"n3","echo() [XSS]",72,"echo",[261,262],{"from":235,"to":239,"sanitized":245},{"from":254,"to":256,"sanitized":245},{"entryPoint":264,"graph":265,"unsanitizedCount":13,"severity":246},"savePost (trunk\\src\\MetaBox.php:39)",{"nodes":266,"edges":269},[267,268],{"id":235,"type":236,"label":237,"file":181,"line":11},{"id":239,"type":240,"label":241,"file":181,"line":218,"wp_function":242},[270],{"from":235,"to":239,"sanitized":245},{"entryPoint":272,"graph":273,"unsanitizedCount":13,"severity":246},"\u003CMetaBox> (trunk\\src\\MetaBox.php:0)",{"nodes":274,"edges":279},[275,276,277,278],{"id":235,"type":236,"label":237,"file":181,"line":11},{"id":239,"type":240,"label":241,"file":181,"line":218,"wp_function":242},{"id":254,"type":236,"label":237,"file":181,"line":11},{"id":256,"type":240,"label":257,"file":181,"line":258,"wp_function":259},[280,281],{"from":235,"to":239,"sanitized":245},{"from":254,"to":256,"sanitized":245},{"summary":283,"deductions":284},"The \"editor-for-timber\" plugin, v1.0.2, presents a generally positive security posture based on the static analysis.  The absence of any recorded CVEs and the clean taint analysis are strong indicators of good development practices and a lack of known exploitable flaws.  The plugin also demonstrates positive security measures such as utilizing prepared statements for all SQL queries and having some nonce checks in place.\n\nHowever, a significant concern arises from the low percentage of properly escaped output (38%). This indicates a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, where unescaped data could be injected and executed in a user's browser.  While the attack surface appears minimal with no direct entry points detected without authentication, the output escaping deficiency creates an indirect but potent risk.  The lack of capability checks is also a weakness that could be exploited if any entry points were ever discovered or introduced.\n\nOverall, the plugin benefits from a clean vulnerability history and secure SQL handling. The primary weakness lies in its output sanitization, which needs immediate attention.  The limited detected entry points and the presence of some nonce checks are good, but the unescaped output is a critical area that significantly lowers its security rating.",[285,287],{"reason":286,"points":169},"Low percentage of properly escaped output",{"reason":288,"points":289},"No capability checks on potential entry points",5,"2026-03-16T21:56:29.096Z",{"wat":292,"direct":355},{"assetPaths":293,"generatorPatterns":323,"scriptPaths":324,"versionParams":325},[294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312,313,314,315,316,317,318,307,319,320,321,322],"\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Fmode\u002Ftwig\u002Ftwig.js","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fdefault.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fmonokai.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fambiance.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Feclipse.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fduotone-dark.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fmaterial.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fcobalt.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Flesser-dark.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fxq-dark.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fyonce.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fmdn-like.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fdracula.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fttcn.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Foceanicnext.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fneat.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fisotope.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Frubyblue.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fthe-matrix.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fhopscotch.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fparaiso-dark.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fzenburn.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Flucario.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fbase16-dark.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fparaiso-light.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fbase16-light.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fdarcula.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Felegant.css","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fduotone-light.css",[],[294],[326,327,328,329,330,331,332,333,334,335,336,337,338,339,340,341,342,343,344,345,346,347,348,349,350,351,352,353,354],"\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Fmode\u002Ftwig\u002Ftwig.js?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fdefault.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fmonokai.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fambiance.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Feclipse.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fduotone-dark.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fmaterial.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fcobalt.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Flesser-dark.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fxq-dark.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fyonce.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fmdn-like.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fdracula.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fttcn.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Foceanicnext.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fneat.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fisotope.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Frubyblue.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fthe-matrix.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fhopscotch.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fparaiso-dark.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fzenburn.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Flucario.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fbase16-dark.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fparaiso-light.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fbase16-light.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fdarcula.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Felegant.css?ver=","\u002Fwp-content\u002Fplugins\u002Feditor-for-timber\u002Fassets\u002Fcodemirror\u002Ftheme\u002Fduotone-light.css?ver=",{"cssClasses":356,"htmlComments":358,"htmlAttributes":359,"restEndpoints":361,"jsGlobals":362,"shortcodeOutput":365},[357],"CodeMirror",[],[360],"data-codemirror-theme",[],[363,364],"wp.CodeMirror","window.CodeMirror",[],{"error":245,"url":367,"statusCode":368,"statusMessage":369,"message":369},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Feditor-for-timber\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":104,"versions":371},[372],{"version":6,"download_url":23,"svn_tag_url":373,"released_at":25,"has_diff":374,"diff_files_changed":375,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":376,"is_current":245},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Feditor-for-timber\u002Ftags\u002F1.0.2\u002F",false,[],[]]