[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fhjwxWXQdnLmX164qjnTOg_kUJaaUu8ONGl6Vsa31XnE":3,"$fGcBpSIlRk2I_pafaSZk7bpaZrshhVW-McLaxe_Jl7k0":96,"$ffeitdIBEQEq4GBem1Zr-P3kxk3axb-hAVvgkZEPMW8o":101},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":17,"download_link":18,"security_score":19,"vuln_count":13,"unpatched_count":13,"last_vuln_date":20,"fetched_at":21,"discovery_status":22,"vulnerabilities":23,"developer":24,"crawl_stats":20,"alternatives":32,"analysis":33,"fingerprints":69},"hide-or-cut-post-text","Hide\u002FCut Post Text","1.1","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>Hide (so no one, or only users above a certain userlevel, can see) or cut (so only viewable on post’s permalink page) portion(s) of post text.  Link text for cuts can be defined per-cut or omitted, and if used, cut links are uniquely anchored.  Quicktag buttons for the new tags facilitate use (but can be disabled).\u003C\u002Fp>\n","Hide (so no one, or only users above a certain userlevel, can see) or cut (so only viewable on post's permalink page) portion(s) of post text.  Link text for cuts can be defined per-cut or omitted, and if used, cut links are uniquely anchored.  Quicktag buttons for the new tags facilitate use (but can be disabled).",10,8592,0,"2005-04-08T06:15:00.000Z","",[],"http:\u002F\u002Fwww.coffee2code.com\u002Fwp-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-or-cut-post-text.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":25,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"coffee2code",63,91830,88,374,71,"2026-05-20T01:13:04.839Z",[],{"attackSurface":34,"codeSignals":51,"taintFlows":61,"riskAssessment":62,"analyzedAt":68},{"hooks":35,"ajaxHandlers":47,"restRoutes":48,"shortcodes":49,"cronEvents":50,"entryPointCount":13,"unprotectedCount":13},[36,43],{"type":37,"name":38,"callback":39,"priority":40,"file":41,"line":42},"filter","the_content","c2c_hide_or_cut_text",1,"hide-or-cut-text.php",176,{"type":37,"name":44,"callback":45,"file":41,"line":46},"admin_footer","c2c_add_cuthideshow_buttons",180,[],[],[],[],{"dangerousFunctions":52,"sqlUsage":53,"outputEscaping":55,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":60},[],{"prepared":13,"raw":13,"locations":54},[],{"escaped":13,"rawEcho":40,"locations":56},[57],{"file":41,"line":58,"context":59},234,"raw output",[],[],{"summary":63,"deductions":64},"The \"hide-or-cut-post-text\" v1.1 plugin exhibits a seemingly strong security posture based on the provided static analysis and vulnerability history.  The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface, which is a positive indicator.  Furthermore, the fact that all SQL queries utilize prepared statements and there are no recorded vulnerabilities or CVEs suggests a development process that prioritizes security best practices.  The lack of file operations and external HTTP requests also reduces potential exposure vectors. However, a critical concern arises from the output escaping analysis, indicating that 100% of the identified outputs are not properly escaped. This represents a significant risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website's content, potentially leading to session hijacking, defacement, or other malicious activities.  Despite the limited attack surface and lack of historical vulnerabilities, the complete lack of output escaping is a serious oversight that dramatically elevates the risk associated with this plugin.",[65],{"reason":66,"points":67},"100% of outputs unescaped",8,"2026-04-16T12:24:41.646Z",{"wat":70,"direct":75},{"assetPaths":71,"generatorPatterns":72,"scriptPaths":73,"versionParams":74},[],[],[],[],{"cssClasses":76,"htmlComments":77,"htmlAttributes":89,"restEndpoints":93,"jsGlobals":94,"shortcodeOutput":95},[],[78,79,80,81,82,83,84,85,86,85,87,88],"\u003C!--hide-->","\u003C!--\u002Fhide-->","\u003C!-- hide = \"I, as admin, only want to see this\" userlevel=10 -->","\u003C!--cut-->","\u003C!--\u002Fcut-->","\u003C!--cut=Read the lengthy explanation...-->","\u003C!--show=single-->","\u003C!--\u002Fshow-->","\u003C!--show=nonsingle-->","\u003C!-- cut=none -->","\u003C!-- cut=",[90,91,92],"userlevel=","hide=","show=",[],[],[],{"error":97,"url":98,"statusCode":99,"statusMessage":100,"message":100},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fhide-or-cut-post-text\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":40,"versions":102},[103],{"version":104,"download_url":105,"svn_tag_url":106,"released_at":20,"has_diff":107,"diff_files_changed":108,"diff_lines":20,"trac_diff_url":20,"vulnerabilities":109,"is_current":107},"v1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-or-cut-post-text.v1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fhide-or-cut-post-text\u002Ftags\u002Fv1.0\u002F",false,[],[]]