[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8niJfC1TlzPffgFgQhAxsCl5eqygu9uy0SKivzBYRhc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":132,"fingerprints":194},"html-regex-replace","HTML Regex Replace","1.1","Nick Lugovskoy","https:\u002F\u002Fprofiles.wordpress.org\u002Flugovskoy\u002F","\u003Cp>\u003Cstrong>HTML Regex Replace\u003C\u002Fstrong> use find&replace mechanism based on regexp\u003Cbr \u002F>\nfor your posts\u002Fpages. Plugin \u003Cem>finds\u003C\u002Fem> html or text \u003Cem>using regular\u003Cbr \u002F>\nexpressions\u003C\u002Fem> and replaces it with predefined \u003Cem>‘New string’\u003C\u002Fem>.\u003Cbr \u002F>\nUnlimited replacement rules. You can specify any amount of short codes, and no buttons!\u003C\u002Fp>\n\u003Cp>For example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>(c) -> Copyright\n[me] -> My Full Name\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Short code ‘(c)’ will be replaced with ‘Copyright’ and ‘[me]’ with ‘My Full Name’.\u003C\u002Fp>\n\u003Cp>More than that you can fix html code or remove unwanted automatically inserted html\u003Cbr \u002F>\n(for example, chrome-auto-translate-plugin-dialog inserted by Auto-Translate\u003Cbr \u002F>\nchrome plugin).\u003C\u002Fp>\n\u003Ch4>Support Forum\u003C\u002Fh4>\n\u003Cp>Please use plugin support blog \u003Ca href=\"http:\u002F\u002Fwp-regrep.blogspot.com\u002F\" title=\"HTML Regex Replace blog\" rel=\"nofollow ugc\">HERE\u003C\u002Fa>\u003Cbr \u002F>\nfor help.\u003C\u002Fp>\n","Replace any html you write in editor (Visual or HTML) with pre-defined string. Use Regexp to define patterns for replacement.",10,4622,0,"2012-01-19T12:43:00.000Z","3.3.2","3.0","",[19,20,21,22,23],"html","regex","regexp","replace","wysiwyg","http:\u002F\u002Fwp-regrep.blogspot.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtml-regex-replace.1.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"lugovskoy",1,30,84,"2026-04-04T21:56:25.874Z",[37,60,76,99,115],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"search-regex","Search Regex","3.4.1","John Godley","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnny5\u002F","\u003Cp>Search Regex adds a powerful set of search and replace functions to WordPress posts, pages, custom post types, and other data sources. These go beyond the standard searching capabilities, and allow you to search and replace almost any data stored on your site. In addition to simple searches you have the full power of PHP’s regular expressions at your disposal.\u003C\u002Fp>\n\u003Cp>You can use this to do things like:\u003Cbr \u002F>\n– Help migrate a site from one domain to another\u003Cbr \u002F>\n– Update URLs in links and images\u003Cbr \u002F>\n– Perform site-wide changes\u003C\u002Fp>\n\u003Cp>Search filters can be created to match any column of any WordPress table. For example:\u003Cbr \u002F>\n– Find all posts in a category\u003Cbr \u002F>\n– Find all post meta data without a post\u003Cbr \u002F>\n– Find all posts in a date range\u003C\u002Fp>\n\u003Cp>Search Regex handles small and large sites.\u003C\u002Fp>\n\u003Cp>Search Regex has been tested with PHP from 7.4 to 8.4.\u003C\u002Fp>\n\u003Ch3>What can I search?\u003C\u002Fh3>\n\u003Cp>You can search:\u003Cbr \u002F>\n– Posts\u003Cbr \u002F>\n– Pages\u003Cbr \u002F>\n– Any custom post type\u003Cbr \u002F>\n– Comments (including spam)\u003Cbr \u002F>\n– Users\u003Cbr \u002F>\n– Meta data\u003Cbr \u002F>\n– WordPress options\u003C\u002Fp>\n\u003Cp>Full regular expression support is provided, and you can capture data and use it in the replacement.\u003C\u002Fp>\n\u003Ch3>Actions\u003C\u002Fh3>\n\u003Cp>A variety of actions can be performed on matching results:\u003Cbr \u002F>\n– Modify and replace the result\u003Cbr \u002F>\n– Delete the result\u003Cbr \u002F>\n– Export to CSV and SQL\u003Cbr \u002F>\n– Perform custom PHP action\u003C\u002Fp>\n\u003Ch3>Modify and Replace Data\u003C\u002Fh3>\n\u003Cp>Results can be individually modified by clicking on the item to change, and using the popup modifier.\u003C\u002Fp>\n\u003Cp>Bulk modifications can be performed against all matching results.\u003C\u002Fp>\n\u003Cp>The types of modification depend on the data being changed:\u003Cbr \u002F>\n– Numbers can be added or subtracted to existing numbers\u003Cbr \u002F>\n– Hours, days, weeks, and months, can be added to dates\u003Cbr \u002F>\n– Tags and categories can be added, removed, and substitued\u003C\u002Fp>\n\u003Cp>Custom shortcodes are supported that allow dynamic data to be included:\u003Cbr \u002F>\n– Add the current date and time, in any format, to content\u003Cbr \u002F>\n– Insert data from other columns. For example, insert the category into the title\u003Cbr \u002F>\n– Transform existing data. For example, convert case, change underscores to dashes.\u003C\u002Fp>\n\u003Ch3>Example uses\u003C\u002Fh3>\n\u003Cp>Some ideas for potential uses:\u003Cbr \u002F>\n– Delete all comments that match a phrase\u003Cbr \u002F>\n– Add a category to all matching posts\u003Cbr \u002F>\n– Remove orphaned meta data\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Please submit bugs, patches, and feature requests to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fsearch-regex\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fsearch-regex\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please submit translations to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsearch-regex\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsearch-regex\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Translations are provided by WordPress itself. You can update the translations by going to the Dashboard > Updates section of WP admin.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Full documentation can be found on the \u003Ca href=\"http:\u002F\u002Fsearchregex.com\u002F\" rel=\"nofollow ugc\">Search Regex\u003C\u002Fa> site.\u003C\u002Fp>\n","Search Regex adds a powerful set of search and replace functions to WordPress posts, pages, custom post types, and other data.",100000,2391051,94,97,"2026-02-28T15:49:00.000Z","6.9.4","6.5","7.4",[54,20,55,22,56],"database","regular-expression","search","https:\u002F\u002Fsearchregex.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsearch-regex.3.4.1.zip",100,{"slug":61,"name":62,"version":6,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":59,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":16,"requires_php":17,"tags":72,"homepage":74,"download_link":75,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"clean-html","Cleanup HTML","closemarketing","https:\u002F\u002Fprofiles.wordpress.org\u002Fclosemarketing\u002F","\u003Cp>Adds a button to your classic editor visual toolbar that when clicked strips all \u003Ccode>div\u003C\u002Fcode>, ‘table’, \u003Ccode>span\u003C\u002Fcode> tags from your post HTML code — those are usually junk tags. The stripping includes any tag attributes.\u003C\u002Fp>\n","Adds a button to your classic editor visual toolbar that when clicked strips all div, 'table', span tags from your post HTML code -- those a &hellip;",4000,8228,4,"2020-11-30T08:11:00.000Z","5.6.17",[61,19,73,23],"tinymce","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclean-html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclean-html.1.1.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":59,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":97,"download_link":98,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"html-tag-and-class-replace","HTML Tag and Class Replace","1.1.1","Jahid Hasan","https:\u002F\u002Fprofiles.wordpress.org\u002Fjahidcse\u002F","\u003Cp>HTML Tag and Class Replace is a lightweight and user-friendly WordPress plugin designed to let you easily replace HTML tags and classes across your website. Whether you’re optimizing for SEO, improving design consistency, or customizing your theme, this plugin simplifies the process with just a few clicks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Effortlessly replace any HTML tag for better semantic structure and SEO optimization.\u003C\u002Fli>\n\u003Cli>Modify or replace HTML classes to enhance your website’s styling and consistency.\u003C\u002Fli>\n\u003Cli>Perfect for bloggers, developers, and website owners aiming for more control over their site’s HTML output.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Injection Locations:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Header Section\u003C\u002Fli>\n\u003Cli>Body Section\u003C\u002Fli>\n\u003Cli>Footer Section\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Why Choose HTML Tag and Class Replace?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>It’s a quick and powerful solution that helps you make critical HTML updates without diving deep into your website’s codebase.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>HTML Tag and Class Replace is the easy way to replace your website tag and class in your WordPress header, body and footer.\u003C\u002Fp>\n","Allows you to Replace any HTML Tag and Class of your WordPress WebSite.",200,7671,2,"2025-05-03T11:48:00.000Z","6.8.5","4.7","5.3",[92,93,94,95,96],"css-class","footer-code","h1-replace","html-class","html-code","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhtml-tag-and-class-replace\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtml-tag-and-class-replace.1.1.1.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":84,"downloaded":107,"rating":59,"num_ratings":69,"last_updated":108,"tested_up_to":50,"requires_at_least":89,"requires_php":109,"tags":110,"homepage":113,"download_link":114,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"replace-contents","Replace Contents","1.10","Katsushi Kawamori","https:\u002F\u002Fprofiles.wordpress.org\u002Fkatsushi-kawamori\u002F","\u003Cp>Replaces text and HTML tags in the content.\u003C\u002Fp>\n\u003Ch4>Replace\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Text\u003C\u002Fli>\n\u003Cli>HTML tags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Filter\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Post ID\u003C\u002Fli>\n\u003Cli>Post Author\u003C\u002Fli>\n\u003Cli>Post Type\u003C\u002Fli>\n\u003Cli>Post Status\u003C\u002Fli>\n\u003Cli>Categories\u003C\u002Fli>\n\u003Cli>Taxonomies\u003C\u002Fli>\n\u003Cli>Terms\u003C\u002Fli>\n\u003Cli>Date\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Logs\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Displays the last 100 logs.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FbsLnt0ZA_u8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Replaces text and HTML tags in the content.",4946,"2025-11-25T22:05:00.000Z","8.0",[111,112,19,22],"content","contents","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freplace-contents\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freplace-contents.1.10.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":59,"downloaded":123,"rating":59,"num_ratings":32,"last_updated":124,"tested_up_to":50,"requires_at_least":125,"requires_php":52,"tags":126,"homepage":130,"download_link":131,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"remove-layout-destroying-html-tags","Remove layout destroying HTML-Tags","0.4.2","Stefano Picco","https:\u002F\u002Fprofiles.wordpress.org\u002Fspicone\u002F","\u003Cp>\u003Cstrong>Copy&Paste Cleaner\u003C\u002Fstrong>. If you want to quickly fill a post or a page with content that already exists, \u003Cstrong>copy&paste\u003C\u002Fstrong> is often used and it can destroy the layout of a website!\u003C\u002Fp>\n\u003Cp>The basic problem is that if you copy&paste content from different sources into the visual editor, any formatting is copied over. Specifically, whether from \u003Cstrong>text documents\u003C\u002Fstrong>, other \u003Cstrong>websites\u003C\u002Fstrong>, \u003Cstrong>online-shops\u003C\u002Fstrong> and \u003Cstrong>cms\u003C\u002Fstrong> or even from \u003Cstrong>social media\u003C\u002Fstrong>, something comes along everywhere.\u003C\u002Fp>\n\u003Cp>As there are often \u003Cstrong>DIVs\u003C\u002Fstrong> in addition to harmless HTML elements, these can cause the rendering of your own website to be faulty or interrupted.\u003C\u002Fp>\n\u003Cp>To avoid this, this plugin checks the existing formatting and attributes and removes all those that could lead to a problem and then saves it directly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you copy and paste into the text editor, there is usually no problem.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Tested with these page builders:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Classic editor\u003C\u002Fli>\n\u003Cli>Gutenberg\u003C\u002Fli>\n\u003Cli>Divi 4.27\u003C\u002Fli>\n\u003Cli>Elementor 3.33\u003C\u002Fli>\n\u003Cli>WPBakery 8.7\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Privacy GDPR\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin processes the analyzed and converted HTML only within the respective website. No content is stored or transferred to other servers or services for processing. Data protection in accordance with the GDPR is therefore guaranteed at all times.\u003C\u002Fp>\n","Copy&Paste Cleaner. Cleanup the code in post and page editor after using copy&paste content from different sources and automatic saving.",1824,"2025-12-03T11:51:00.000Z","6.7",[127,19,128,129,23],"cleanup","safe","secure","https:\u002F\u002Fspic.wordpress.com\u002F2025\u002F02\u002F27\u002Fsimples-plugin-um-das-copypaste-risiko-in-wordpress-zu-minimieren\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-layout-destroying-html-tags.0.4.2.zip",{"attackSurface":133,"codeSignals":157,"taintFlows":177,"riskAssessment":178,"analyzedAt":193},{"hooks":134,"ajaxHandlers":153,"restRoutes":154,"shortcodes":155,"cronEvents":156,"entryPointCount":13,"unprotectedCount":13},[135,142,147,151],{"type":136,"name":137,"callback":138,"priority":139,"file":140,"line":141},"filter","mce_external_plugins","tm_regex_load_plugin",999,"html-regrep.php",24,{"type":143,"name":144,"callback":145,"file":140,"line":146},"action","admin_init","tm_regex_load_vars",80,{"type":143,"name":148,"callback":149,"file":140,"line":150},"admin_menu","tm_regex_plugin_menu",90,{"type":136,"name":137,"callback":138,"priority":139,"file":140,"line":152},114,[],[],[],[],{"dangerousFunctions":158,"sqlUsage":162,"outputEscaping":164,"fileOperations":175,"externalRequests":13,"nonceChecks":13,"capabilityChecks":32,"bundledLibraries":176},[159],{"fn":160,"file":140,"line":59,"context":161},"create_function","array_walk_recursive($_POST, create_function('&$val', '$val = stripslashes($val);'));",{"prepared":13,"raw":13,"locations":163},[],{"escaped":13,"rawEcho":69,"locations":165},[166,169,171,173],{"file":140,"line":167,"context":168},126,"raw output",{"file":140,"line":170,"context":168},132,{"file":140,"line":172,"context":168},184,{"file":140,"line":174,"context":168},198,7,[],[],{"summary":179,"deductions":180},"The 'html-regex-replace' plugin v1.1 presents a mixed security posture. On the positive side, the plugin has no known historical vulnerabilities and demonstrates a commitment to secure database interactions with 100% prepared statements. Furthermore, the static analysis reveals no obvious direct entry points like AJAX handlers, REST API routes, or shortcodes exposed without authentication, which significantly limits the potential attack surface.\n\nHowever, several critical concerns emerge from the code signals. The presence of the `create_function` is a major red flag, as it can be a source of severe code injection vulnerabilities if user-supplied data is incorporated into its arguments without proper sanitization. Additionally, the complete lack of output escaping for all identified output points is highly problematic, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce checks on any potential entry points (though none were explicitly identified, this absence is noted) and only one capability check also suggest a potential for privilege escalation or unauthorized actions if any hidden entry points exist.\n\nWhile the lack of vulnerability history is a positive indicator of past security, it does not negate the present risks identified in the code analysis. The plugin has strengths in its database handling and limited exposed entry points, but the use of `create_function` and the complete failure to escape output are serious weaknesses that require immediate attention to mitigate significant security risks.",[181,184,187,190],{"reason":182,"points":183},"Usage of create_function",15,{"reason":185,"points":186},"All outputs unescaped",12,{"reason":188,"points":189},"No nonce checks",5,{"reason":191,"points":192},"Only one capability check",3,"2026-03-16T23:56:59.637Z",{"wat":195,"direct":202},{"assetPaths":196,"generatorPatterns":198,"scriptPaths":199,"versionParams":200},[197],"\u002Fwp-content\u002Fplugins\u002Fhtml-regex-replace\u002Fmce_plugin_regex.js",[],[197],[201],"html-regex-replace\u002Fmce_plugin_regex.js?rr=",{"cssClasses":203,"htmlComments":204,"htmlAttributes":205,"restEndpoints":209,"jsGlobals":210,"shortcodeOutput":216},[],[],[206,207,208,206,207],"name=\"opt_([0-9]+)_ptrn\"","name=\"opt_([0-9]+)_repl\"","id=\"rec-\"",[],[211,212,213,214,215],"tinymce.plugins.TMRegex","tinymce.PluginManager.add('tm_regex', tinymce.plugins.TMRegex)","N","add_field","del_field",[]]