[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fl8ZgZaRzUN_Tdp21yzIcAxhSI-EOWbFbV8CG5fkVaMM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":165,"fingerprints":734},"insert-html-snippet","Insert Html Snippet","1.4.3","f1logic","https:\u002F\u002Fprofiles.wordpress.org\u002Ff1logic\u002F","\u003Cp>A quicklook into Insert Html Snippet\u003C\u002Fp>\n\u003Cpre>\u003Ccode>★ Convert HTML snippets to shortcodes\n★ Convert Javascript codes to shortcodes\n★ Convert CSS codes to shortcodes\n★ Support for snippet shortcodes in widgets\n★ Dropdown menu in TinyMCE editor to pick snippet shortcodes easily\n★ Insert adsense or any adcode\n★ Insert addthis or any social bookmarking code\n★ Insert flash, videos etc. to your posts,pages and widgets\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Features in Detail\u003C\u002Fh4>\n\u003Cp>Insert Html Snippet allows you to create shortcodes corresponding to html snippets. You can create a shortcode corresponding to any random HTML code such as ad codes (adsense or any adserver), javascript codes (addthis), video embedding codes, css codes etc. and use the same in your posts, pages or widgets.\u003C\u002Fp>\n\u003Cp>The shortcodes generated using the plugin are easily available as a dropdown in the standard wordpress content editor as well as in widget settings, thereby giving you ease of integrating your HTML snippets with your posts and pages.\u003C\u002Fp>\n\u003Ch4>About\u003C\u002Fh4>\n\u003Cp>Insert Html Snippet is developed and maintained by \u003Ca href=\"http:\u002F\u002Fxyzscripts.com\u002F\" title=\"xyzscripts.com\" rel=\"nofollow ugc\">XYZScripts\u003C\u002Fa>. For any support, you may \u003Ca href=\"http:\u002F\u002Fxyzscripts.com\u002Fsupport\u002F\" title=\"XYZScripts Support\" rel=\"nofollow ugc\">contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Fuser-guide\" rel=\"nofollow ugc\">Insert HTML Snippet User Guide\u003C\u002Fa>\u003Cbr \u002F>\n★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Ffaq\u002F\" rel=\"nofollow ugc\">Insert HTML Snippet FAQ\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>More Information\u003C\u002Fh3>\n\u003Cp>★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Fuser-guide\" rel=\"nofollow ugc\">Insert HTML Snippet User Guide\u003C\u002Fa>\u003Cbr \u002F>\n★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Ffaq\u002F\" rel=\"nofollow ugc\">Insert HTML Snippet FAQ\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Troubleshooting\u003C\u002Fh4>\n\u003Cp>Please read the FAQ first if you are having problems.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>WordPress 5.0+\nPHP 7+\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Feedback\u003C\u002Fh4>\n\u003Cp>We would like to receive your feedback and suggestions. You may submit them at our \u003Ca href=\"http:\u002F\u002Fxyzscripts.com\u002Fmembers\u002Fsupport\u002F\" title=\"XYZScripts Support\" rel=\"nofollow ugc\">support desk\u003C\u002Fa>.\u003C\u002Fp>\n","Add HTML, CSS and javascript code to your pages and posts easily using shortcodes.",20000,647890,98,235,"2025-10-23T07:12:00.000Z","6.8.5","5.0","",[20,21,22,23,24],"add-html","insert-addthis-code","insert-ads","insert-adsense","insert-html","http:\u002F\u002Fxyzscripts.com\u002Fwordpress-plugins\u002Finsert-html-snippet\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-html-snippet.1.4.3.zip",100,1,0,"2016-11-29 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"WF-71aeca29-a9bd-42c0-8150-814b79e931fa-insert-html-snippet","insert-html-snippet-cross-site-request-forgery-to-stored-cross-site-scripting","Insert Html Snippet \u003C= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The Cross-Site Scripting plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.  The perform this attack via forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C1.2.1","1.2.1","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F71aeca29-a9bd-42c0-8150-814b79e931fa?source=api-prod",2611,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},15,142440,92,352,73,"2026-04-04T06:22:34.381Z",[57,81,99,118,142],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":77,"download_link":78,"security_score":79,"vuln_count":28,"unpatched_count":29,"last_vuln_date":80,"fetched_at":31},"wordpress-plugin-for-simple-google-adsense-insertion","WP Simple Adsense Insertion","v2.1","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Cp>Use this plugin to quickly and easily insert Google Adsense to your posts, pages and sidebar by using a shortcode or calling the php function from your theme’s template file.\u003C\u002Fp>\n\u003Cp>There are many plugins and services which can add Google Adsense to your WordPress site. However I found that even though something like Adsense Manager or Adsense Deluxe provides a lot of customizable options, it can be overwhelming and isn’t really simple enough for people who are new to WordPress.\u003C\u002Fp>\n\u003Cp>I found that most of the time I only use two or three types of Google Adsense units in various places and posts throughout my sites.\u003C\u002Fp>\n\u003Cp>That’s why I wrote my own Simple Adsense Insertion Plugin for WordPress, to focus on having 1-3 Google Adsense codes saved and use them where ever I want to on my site by inserting a simple shortcode text to my posts, pages and sidebar.\u003C\u002Fp>\n\u003Cp>This plugin can also be used to automatically insert in-article ad code. If specified, the ad code is inserted after the 2nd paragraph of every posts.\u003C\u002Fp>\n\u003Cp>It also has the ability to automatically insert adsense code at the end of every article.\u003C\u002Fp>\n\u003Cp>You can use this plugin to store any ad code too (it doesn’t have to be just adsense code).\u003C\u002Fp>\n\u003Cp>For information and updates, please visit the \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-plugin-for-simple-google-adsense-insertion-170\" rel=\"nofollow ugc\">simple Google Adsense plugin page\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Usage:\u003C\u002Fh4>\n\u003Cp>There are two ways you can use this plugin:\u003C\u002Fp>\n\u003Cp>Use the shortcodes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>[wp_ad_camp_1]\u003C\u002Fli>\n\u003Cli>[wp_ad_camp_2]\u003C\u002Fli>\n\u003Cli>[wp_ad_camp_3]\u003C\u002Fli>\n\u003Cli>[wp_ad_camp_4]\u003C\u002Fli>\n\u003Cli>[wp_ad_camp_5]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Call the function from template files:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003C?php echo show_ad_camp_1(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo show_ad_camp_2(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo show_ad_camp_3(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo show_ad_camp_4(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo show_ad_camp_5(); ?>\u003C\u002Fli>\n\u003C\u002Ful>\n","Easy to use Wordpress plugin to insert Google Adsense to your posts, pages and sidebar.",3000,218705,90,19,"2024-07-04T02:43:00.000Z","6.6.5","5.5",[73,74,75,76,23],"adsense","adsense-ad","google","google-adsense","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordpress-plugin-for-simple-google-adsense-insertion.zip",91,"2022-05-12 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":27,"num_ratings":28,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":96,"download_link":97,"security_score":98,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"xt-easy-google-adsense-injection","XT-Easy-Google-Adsense-Injection","v1.0","cjbmeb14","https:\u002F\u002Fprofiles.wordpress.org\u002Fcjbmeb14\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fxtthemes.com\u002Fxt-easy-google-adsense-injection\u002F\" title=\"XT Easy Google Adsense Injection WordPress plugin Link at xtthemes.com\" rel=\"nofollow ugc\">XT Easy Google Adsense Injection WordPress Plugin\u003C\u002Fa> XT Easy Google Adsense Injection\u003Cbr \u002F>\nIs an easy to use plugin that makes placing Google Adsense or Affiliate Adverts to your posts, pages and sidebar extremely easy. It works by using short-codes that work efficiently with current themes template files.\u003C\u002Fp>\n\u003Cp>I wrote this plugin with simplicity in mind, nothing is over-complicated with this plugin. It has been created to be easy and quick to use, by WordPress users, of any level of experience.\u003C\u002Fp>\n\u003Cp>With this Google Adsense plugin, you can store up to five Adsense codes and just use these whenever needed. If you need to use a different code, for any reason, just delete your existing Adsense code and paste in a new code, simple.\u003C\u002Fp>\n\u003Cp>This plugin is versatile, in that you do not just have to use Google Adsense codes you can place other ads as well, including affiliate codes.\u003C\u002Fp>\n\u003Cp>For additional information or updates check our website at: http:\u002F\u002Fwww.xtthemes.com\u003C\u002Fp>\n\u003Ch4>XT Easy Google Adsense Injection WordPress Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Very simple and easy to use.\u003C\u002Fli>\n\u003Cli>No complicated menus or settings.\u003C\u002Fli>\n\u003Cli>Simple copy and paste your code.\u003C\u002Fli>\n\u003Cli>Use short-codes to place adverts on your website.\u003C\u002Fli>\n\u003Cli>Option to Store up to five adverts.\u003C\u002Fli>\n\u003Cli>Compatible with most versions of WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How Does It Work?\u003C\u002Fh4>\n\u003Cp>We have created two ways to use XT-Easy-Google-Adsense-Injection plugin:\u003C\u002Fp>\n\u003Cp>Use the following short-codes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>[xt_go_advt_1]\u003C\u002Fli>\n\u003Cli>[xt_go_advt_2]\u003C\u002Fli>\n\u003Cli>[xt_go_advt_3]\u003C\u002Fli>\n\u003Cli>[xt_go_advt_4]\u003C\u002Fli>\n\u003Cli>[xt_go_advt_5]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Or by calling the php function from your template file:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003C?php echo xt_disp_advt_1(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo xt_disp_advt_2(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo xt_disp_advt_3(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo xt_disp_advt_4(); ?>\u003C\u002Fli>\n\u003Cli>\u003C?php echo xt_disp_advt_5(); ?>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>The plugin is available in only the English language. Other languages may be added at a later date.\u003C\u002Fp>\n\u003Ch4>More Information and Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Homepage of \u003Ca href=\"http:\u002F\u002Fxtthemes.com\u002Fxt-easy-google-adsense-injection\u002F\" rel=\"nofollow ugc\">XT Easy Google Adsense Injection Plugin\u003C\u002Fa> WordPress plugin to enable the display of Adsense or Affiliate banner type adverts.\u003C\u002Fli>\n\u003Cli>More \u003Ca href=\"http:\u002F\u002Fxtthemes.com\u002Fcategory\u002Ffree-plugins\u002F\" rel=\"nofollow ugc\">Free WordPress plugins at xtthemes.com\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fxtthemes.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Plugin support and help\u003C\u002Fa> WordPress Plugin support and help.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Read more and Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Feedback and suggestions are welcome, if you have enjoyed using our Google-Adsense-Injection plugin, please help others by providing feedback and suggestions to help improve the quality of our plugin.\u003Cbr \u002F>\nThe plugin has been tested against different WordPress versions but feel free to test the plugin yourself using different WordPress versions and themes.\u003Cbr \u002F>\nFeel free to rate the plugin, it helps other users.\u003C\u002Fli>\n\u003Cli>Find out about updates to this plugin and other free plugins at the official website at \u003Ca href=\"http:\u002F\u002Fxtthemes.com\u002F\" title=\"WordPress plugins for your website at xtthemes.com\" rel=\"nofollow ugc\">xtthemes.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Please ask questions, report errors, compatibility issues or anything else related to this plugin through our support section, author’s website or plugin website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>License\u003C\u002Fh4>\n\u003Cp>XT-Easy-Google-Adsense-Injection WordPress plugin is released under the GPLv2. You can download, install and use this plugin for free on your personal or commercial website.\u003C\u002Fp>\n","Quickly and efficiently insert Google Adsense or Affiliate adverts to your posts, pages and sidebar with this easy to use Wordpress plugin.",10,2830,"2015-05-23T09:40:00.000Z","4.2.39","3.0.1",[73,75,76,23,95],"xtthemes","http:\u002F\u002Fwww.xtthemes.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxt-easy-google-adsense-injection.zip",85,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":27,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":18,"tags":113,"homepage":116,"download_link":117,"security_score":98,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"html-after-url","html after URL","1.0","Aftab Ali Muni","https:\u002F\u002Fprofiles.wordpress.org\u002Faftabmuni\u002F","\u003Cp>Plugin is used to add .html after every URL of page\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Before:\u003C\u002Fstrong> http:\u002F\u002Fwww.example.com\u002Fabout-us\u003C\u002Fp>\n\u003Cp>\u003Cstrong>After:\u003C\u002Fstrong> http:\u002F\u002Fwww.example.com\u002Fabout-us.html\u003C\u002Fp>\n","Plugin is used to add .html after every URL of page",4000,28863,7,"2023-11-26T07:20:00.000Z","6.4.8","3.2",[100,114,115],"add-html-after-page-url","html-extension-after-page-url","https:\u002F\u002Faftabmuni.wordpress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtml-after-url.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":27,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":138,"download_link":139,"security_score":140,"vuln_count":28,"unpatched_count":29,"last_vuln_date":141,"fetched_at":31},"cm-header-footer-script-loader","CM Header and Footer  – Add custom scripts and styles to your header and footer with ease","1.3.0","CreativeMindsSolutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fcreativemindssolutions\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.cminds.com\u002Fwordpress-plugins-library\u002Fwordpress-header-and-footer-script-loader-plugin\u002F\" rel=\"nofollow ugc\">Premium Plugin Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.videolessonsplugin.com\u002Fvideo-lesson\u002Flesson\u002Fheader-footer-script-loader-plugin\u002F\" rel=\"nofollow ugc\">Videos\u003C\u002Fa>  | \u003Ca href=\"https:\u002F\u002Fcreativeminds.helpscoutdocs.com\u002Fcategory\u002F452-header-and-footer-script-loader\" rel=\"nofollow ugc\">User Guide\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easily manage and control header and footer scripts and styles on your WordPress site using a simple and user-friendly plugin.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>⭐ \u003Cem>We’re excited to introduce the updated 2025 version of the CM Header and Footer plugin! This release brings a fresh, modern design to the script creation and editing interface, making it even more intuitive and user-friendly. Install now and enjoy the improved experience!\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>With the Header and Footer Script Loader plugin, you can easily manage and control additional scripts and styles on your WordPress site.\u003C\u002Fp>\n\u003Cp>This plugin allows you to pre-load all scripts and styles in the plugin settings, as well as inject custom JavaScript and code to suit your needs.\u003C\u002Fp>\n\u003Cp>You have the option to choose whether a script should be automatically or manually uploaded in all posts.\u003C\u002Fp>\n\u003Ch3>Insert Headers and Footers Premium Edition\u003C\u002Fh3>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwww.cminds.com\u002Fwordpress-plugins-library\u002Fwordpress-header-and-footer-script-loader-plugin\u002F\" rel=\"nofollow ugc\">Insert Headers and Footers Plugin Premium editions\u003C\u002Fa> includes even more powerful features, such as: each post has a header and footer metabox that allows you to control the various scripts and styles, device selection for each script and stlye and much more.\u003C\u002Fp>\n\u003Ch3>Insert Headers and Footers Plugin Introduction Video (Pro Version)\u003C\u002Fh3>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F141020978\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch3>Insert Script Plugin Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Control Site Scripts\u003C\u002Fstrong> – Easily add or replace various scripts and styles to your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Selective Loading Per Post\u003C\u002Fstrong> – Target scripts and styles to specific posts or groups of custom posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce Script Load\u003C\u002Fstrong> – Reduce the amount of scripts loaded throughout the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Target Script to Specific Posts or URL Pattern\u003C\u002Fstrong> (premium plugin) – Target scripts to load on a specific URL or URL pattern.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per Device Script Support\u003C\u002Fstrong> (premium plugin) – Load script on a Mobile or Desktop or both.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Basic Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add unlimited number of JS scripts and CSS styles.\u003C\u002Fli>\n\u003Cli>Load scripts in header or footer.\u003C\u002Fli>\n\u003Cli>Load scripts on all posts and pages.\u003C\u002Fli>\n\u003Cli>Load scripts on selected post types.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pro Version Features\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.cminds.com\u002Fwordpress-plugins-library\u002Fwordpress-header-and-footer-script-loader-plugin\u002F\" rel=\"nofollow ugc\">Pro Version Detailed Features List\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add unlimited number of JS, CSS, PHP and HTML scripts.\u003C\u002Fli>\n\u003Cli>Load scripts in header, footer, after opening body tag, before or after content.\u003C\u002Fli>\n\u003Cli>Support script loading on custom posts.\u003C\u002Fli>\n\u003Cli>Target scripts to selected posts and pages.\u003C\u002Fli>\n\u003Cli>Target scripts to posts of chosen categories.\u003C\u002Fli>\n\u003Cli>Target scripts to posts of chosen tags.\u003C\u002Fli>\n\u003Cli>Target scripts by URL or group of URLs.\u003C\u002Fli>\n\u003Cli>Target by device type: desktop only, mobile only or both for each script you set.\u003C\u002Fli>\n\u003Cli>Control script loading on specific posts using a metabox.\u003C\u002Fli>\n\u003Cli>Control when to launch scripts by adding timeframe.\u003C\u002Fli>\n\u003Cli>Add titles and internal notes to scripts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Follow Us\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.cminds.com\u002Fcategory\u002Fwordpress\u002F\" rel=\"nofollow ugc\">Blog\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fcmplugins\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fcreativeminds\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fuser\u002Fcmindschannel\" rel=\"nofollow ugc\">YouTube\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fwww.pinterest.com\u002Fcmplugins\u002F\" rel=\"nofollow ugc\">Pinterest\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fcmplugins\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Plugin usage instructions\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Click “Add New Script”.\u003C\u002Fli>\n\u003Cli>Fill the “Script Name” field and paste “Script Code”.\u003C\u002Fli>\n\u003Cli>Click “Expand Additional Settings”.\u003C\u002Fli>\n\u003Cli>Optionally, add a note with explanations for a script.\u003C\u002Fli>\n\u003Cli>Select “Script Type”, “Script Location” and “Where to Load”.\u003C\u002Fli>\n\u003Cli>Click “Save Script”.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Suggested Plugins by CreativeMinds\u003C\u002Fh3>\n\u003Cp>List of all \u003Ca href=\"https:\u002F\u002Fwww.cminds.com\" rel=\"nofollow ugc\">WordPress Plugins\u003C\u002Fa> by CreativeMinds\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fglossaryplugin.com\u002F\" rel=\"nofollow ugc\">CM Tooltip Glossary\u003C\u002Fa> – Easily creates a Glossary, Encyclopaedia or Dictionary of your website’s terms and shows them as a tooltip in posts and pages when hovering. With many more powerful features.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.downloadmanagerplugin.com\u002F\" rel=\"nofollow ugc\">CM Download Manager\u003C\u002Fa> – Allows users to upload, manage, track and support documents or files in a download directory listing database for others to contribute, use and comment upon.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.answersplugin.com\u002F\" rel=\"nofollow ugc\">CM Answers Plugin\u003C\u002Fa> – A fully-featured WordPress Questions & Answers Plugin that allows you to build multiple discussion forum systems Just like StackOverflow, Yahoo Answers and Quora, Now with MicroPayments and Anonymous posting support.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Frestrictcontent.com\u002F\" rel=\"nofollow ugc\">CM Restrict Content\u003C\u002Fa> – A full-featured, powerful membership solution and content restriction plugin for WordPress. Support access by role to content on your site.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fonboardingplugin.com\u002F\" rel=\"nofollow ugc\">CM OnBoarding\u003C\u002Fa> – Superb Guidance tool which improves the online experience and the user satisfaction.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add custom CSS and JavaScript to headers and footers on your site with the header and footer plugin for enhanced control and design.",1000,44152,2,"2026-01-29T11:00:00.000Z","6.9.4","5.4.0","5.2.4",[134,135,136,24,137],"custom-css","footer","header","insert-javascript","https:\u002F\u002Fwww.cminds.com\u002Fwordpress-plugins-library\u002Fwordpress-header-and-footer-script-loader-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcm-header-footer-script-loader.zip",99,"2025-04-03 00:00:00",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":150,"downloaded":151,"rating":27,"num_ratings":109,"last_updated":152,"tested_up_to":153,"requires_at_least":154,"requires_php":18,"tags":155,"homepage":161,"download_link":162,"security_score":163,"vuln_count":28,"unpatched_count":28,"last_vuln_date":164,"fetched_at":31},"append-extensions-on-pages","Append extensions on Pages","1.1.2","Suresh Kumar Mukhiya","https:\u002F\u002Fprofiles.wordpress.org\u002Fsureshhardiya\u002F","\u003Cp>This plugin helps to appends .html on the wordpress pages when used with permalink. If you are a developer then you can modify this plugin to use any extension you want.\u003C\u002Fp>\n\u003Cp>You can choose the extension you want to have on your pages when used with permalik. Availble choices are .jsp, .htm, .html, .asp, .ror. Every time new extension is used, please make sure to refresh permalink.\u003C\u002Fp>\n","This plugin helps to appends .html or .asp or .htm etc on the wordpress pages when used with permalink.",900,11890,"2017-09-09T10:53:00.000Z","4.8.28","3.1",[156,157,158,159,160],"html-on-permalink","add-aspx-on-pages","add-html-on-pages","add-php-on-pages","append-html-on-pages","http:\u002F\u002Fwww.skmukhiya.com.np","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fappend-extensions-on-pages.zip",63,"2025-09-22 00:00:00",{"attackSurface":166,"codeSignals":268,"taintFlows":556,"riskAssessment":722,"analyzedAt":733},{"hooks":167,"ajaxHandlers":249,"restRoutes":260,"shortcodes":261,"cronEvents":266,"entryPointCount":267,"unprotectedCount":28},[168,174,179,183,188,192,196,201,205,210,213,215,218,222,225,228,230,233,235,239,244],{"type":169,"name":170,"callback":171,"file":172,"line":173},"action","admin_init","xyz_ihs_tinymce_button","add_shortcode_tynimce.php",5,{"type":175,"name":176,"callback":177,"file":172,"line":178},"filter","mce_buttons","xyz_ihs_register_tinymce_button",12,{"type":175,"name":180,"callback":181,"file":172,"line":182},"mce_external_plugins","xyz_ihs_add_tinymce_button",13,{"type":169,"name":184,"callback":185,"file":186,"line":187},"admin_notices","xyz_ihs_admin_notice","admin\\admin-notices.php",75,{"type":169,"name":189,"callback":190,"file":191,"line":89},"admin_menu","xyz_ihs_menu","admin\\menu.php",{"type":169,"name":193,"callback":194,"file":191,"line":195},"admin_enqueue_scripts","xyz_ihs_add_style_script",89,{"type":175,"name":197,"callback":198,"file":199,"line":200},"query_vars","xyz_ihs_plugin_query_vars","direct_call.php",9,{"type":169,"name":202,"callback":203,"file":199,"line":204},"parse_request","xyz_ihs_plugin_parse_request",20,{"type":169,"name":206,"callback":207,"file":208,"line":209},"wp_footer","xyz_ihs_credit","insert-html-snippet.php",59,{"type":169,"name":170,"callback":211,"file":208,"line":212},"xyz_ihs_check_and_upgrade_plugin_version",66,{"type":169,"name":193,"callback":214,"file":208,"line":195},"xyz_ihs_enqueue_modal_assets",{"type":169,"name":216,"callback":217,"file":208,"line":52},"admin_footer","xyz_ihs_modal_html",{"type":169,"name":219,"callback":220,"priority":89,"file":208,"line":221},"save_post","closure",112,{"type":169,"name":223,"callback":220,"file":208,"line":224},"before_delete_post",127,{"type":169,"name":226,"callback":220,"priority":89,"file":227,"line":204},"admin_head","shortcode-handler.php",{"type":169,"name":216,"callback":220,"priority":89,"file":227,"line":229},30,{"type":169,"name":231,"callback":220,"priority":89,"file":227,"line":232},"wp_head",41,{"type":169,"name":206,"callback":220,"priority":89,"file":227,"line":234},52,{"type":175,"name":236,"callback":237,"file":227,"line":238},"widget_text","do_shortcode",137,{"type":169,"name":240,"callback":241,"file":242,"line":243},"widgets_init","xyz_ihs_add_snippet_widget","widget.php",96,{"type":175,"name":245,"callback":246,"priority":89,"file":247,"line":248},"plugin_row_meta","xyz_ihs_links","xyz-functions.php",67,[250,257],{"action":251,"nopriv":252,"callback":253,"hasNonce":254,"hasCapCheck":254,"file":255,"line":256},"ihs_backlink",false,"xyz_ihs_ajax_backlink",true,"ajax-handler.php",6,{"action":258,"nopriv":252,"callback":220,"hasNonce":252,"hasCapCheck":252,"file":255,"line":259},"xyz_ihs_sync_usage",23,[],[262],{"tag":263,"callback":264,"file":227,"line":265},"xyz-ihs","xyz_ihs_display_content",8,[],3,{"dangerousFunctions":269,"sqlUsage":270,"outputEscaping":301,"fileOperations":29,"externalRequests":29,"nonceChecks":178,"capabilityChecks":267,"bundledLibraries":555},[],{"prepared":271,"raw":182,"locations":272},31,[273,276,278,281,282,283,285,289,292,294,296,298,299],{"file":274,"line":178,"context":275},"admin\\install.php","$wpdb->get_col() with variable interpolation",{"file":274,"line":277,"context":275},86,{"file":274,"line":279,"context":280},88,"$wpdb->query() with variable interpolation",{"file":274,"line":67,"context":280},{"file":274,"line":52,"context":280},{"file":274,"line":284,"context":280},94,{"file":286,"line":287,"context":288},"admin\\snippets.php",218,"$wpdb->get_results() with variable interpolation",{"file":286,"line":290,"context":291},412,"$wpdb->get_var() with variable interpolation",{"file":293,"line":182,"context":275},"admin\\uninstall.php",{"file":293,"line":295,"context":280},38,{"file":293,"line":297,"context":280},39,{"file":227,"line":89,"context":288},{"file":247,"line":300,"context":275},21,{"escaped":277,"rawEcho":302,"locations":303},144,[304,307,309,311,313,315,317,318,320,321,323,324,326,327,329,331,333,335,337,338,339,341,343,344,346,348,350,352,353,355,357,359,360,362,364,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,397,399,401,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,433,436,437,439,441,442,444,446,448,450,452,455,457,459,461,463,465,467,468,470,473,474,475,476,478,480,482,484,486,488,490,492,494,496,498,500,502,504,506,507,508,509,510,511,512,514,516,518,520,521,523,524,525,526,527,528,529,530,531,533,535,537,538,540,542,543,544,545,546,548,549,550,551,552,554],{"file":305,"line":173,"context":306},"admin\\about.php","raw output",{"file":305,"line":308,"context":306},35,{"file":305,"line":310,"context":306},37,{"file":305,"line":312,"context":306},43,{"file":305,"line":314,"context":306},45,{"file":305,"line":316,"context":306},50,{"file":305,"line":234,"context":306},{"file":305,"line":319,"context":306},57,{"file":305,"line":209,"context":306},{"file":305,"line":322,"context":306},64,{"file":305,"line":212,"context":306},{"file":305,"line":325,"context":306},72,{"file":305,"line":54,"context":306},{"file":305,"line":328,"context":306},77,{"file":305,"line":330,"context":306},78,{"file":305,"line":332,"context":306},82,{"file":305,"line":334,"context":306},83,{"file":305,"line":336,"context":306},87,{"file":305,"line":279,"context":306},{"file":305,"line":52,"context":306},{"file":305,"line":340,"context":306},93,{"file":305,"line":342,"context":306},97,{"file":305,"line":13,"context":306},{"file":305,"line":345,"context":306},102,{"file":305,"line":347,"context":306},103,{"file":305,"line":349,"context":306},107,{"file":305,"line":351,"context":306},108,{"file":305,"line":221,"context":306},{"file":305,"line":354,"context":306},113,{"file":305,"line":356,"context":306},119,{"file":305,"line":358,"context":306},121,{"file":305,"line":224,"context":306},{"file":305,"line":361,"context":306},129,{"file":305,"line":363,"context":306},135,{"file":305,"line":238,"context":306},{"file":305,"line":366,"context":306},146,{"file":305,"line":368,"context":306},148,{"file":305,"line":370,"context":306},155,{"file":305,"line":372,"context":306},157,{"file":305,"line":374,"context":306},163,{"file":305,"line":376,"context":306},165,{"file":305,"line":378,"context":306},170,{"file":305,"line":380,"context":306},172,{"file":305,"line":382,"context":306},180,{"file":305,"line":384,"context":306},182,{"file":305,"line":386,"context":306},188,{"file":305,"line":388,"context":306},190,{"file":305,"line":390,"context":306},195,{"file":305,"line":392,"context":306},197,{"file":305,"line":394,"context":306},204,{"file":305,"line":396,"context":306},206,{"file":305,"line":398,"context":306},211,{"file":305,"line":400,"context":306},213,{"file":305,"line":287,"context":306},{"file":305,"line":403,"context":306},220,{"file":305,"line":405,"context":306},225,{"file":305,"line":407,"context":306},227,{"file":305,"line":409,"context":306},232,{"file":305,"line":411,"context":306},234,{"file":305,"line":413,"context":306},243,{"file":305,"line":415,"context":306},245,{"file":305,"line":417,"context":306},251,{"file":305,"line":419,"context":306},253,{"file":305,"line":421,"context":306},259,{"file":305,"line":423,"context":306},261,{"file":186,"line":425,"context":306},47,{"file":186,"line":427,"context":306},49,{"file":429,"line":300,"context":306},"admin\\footer.php",{"file":431,"line":432,"context":306},"admin\\header.php",95,{"file":434,"line":435,"context":306},"admin\\settings.php",120,{"file":434,"line":435,"context":306},{"file":438,"line":277,"context":306},"admin\\snippet-add.php",{"file":438,"line":440,"context":306},110,{"file":438,"line":354,"context":306},{"file":438,"line":443,"context":306},143,{"file":438,"line":445,"context":306},147,{"file":438,"line":447,"context":306},152,{"file":438,"line":449,"context":306},156,{"file":438,"line":451,"context":306},221,{"file":453,"line":454,"context":306},"admin\\snippet-edit.php",130,{"file":453,"line":456,"context":306},164,{"file":453,"line":458,"context":306},167,{"file":453,"line":460,"context":306},192,{"file":453,"line":462,"context":306},198,{"file":453,"line":464,"context":306},202,{"file":453,"line":466,"context":306},209,{"file":453,"line":400,"context":306},{"file":453,"line":469,"context":306},240,{"file":471,"line":472,"context":306},"admin\\snippet-js.php",4,{"file":471,"line":173,"context":306},{"file":471,"line":256,"context":306},{"file":286,"line":109,"context":306},{"file":286,"line":477,"context":306},224,{"file":286,"line":479,"context":306},289,{"file":286,"line":481,"context":306},291,{"file":286,"line":483,"context":306},323,{"file":286,"line":485,"context":306},363,{"file":286,"line":487,"context":306},365,{"file":286,"line":489,"context":306},373,{"file":286,"line":491,"context":306},375,{"file":286,"line":493,"context":306},384,{"file":286,"line":495,"context":306},386,{"file":286,"line":497,"context":306},392,{"file":286,"line":499,"context":306},395,{"file":286,"line":501,"context":306},409,{"file":286,"line":503,"context":306},425,{"file":505,"line":229,"context":306},"editor_plugin.js.php",{"file":505,"line":295,"context":306},{"file":505,"line":297,"context":306},{"file":505,"line":243,"context":306},{"file":505,"line":243,"context":306},{"file":505,"line":345,"context":306},{"file":505,"line":354,"context":306},{"file":505,"line":513,"context":306},115,{"file":505,"line":515,"context":306},132,{"file":505,"line":517,"context":306},133,{"file":505,"line":519,"context":306},134,{"file":505,"line":363,"context":306},{"file":505,"line":522,"context":306},136,{"file":505,"line":443,"context":306},{"file":505,"line":366,"context":306},{"file":505,"line":445,"context":306},{"file":505,"line":456,"context":306},{"file":505,"line":456,"context":306},{"file":208,"line":322,"context":306},{"file":227,"line":300,"context":306},{"file":227,"line":271,"context":306},{"file":227,"line":532,"context":306},42,{"file":227,"line":534,"context":306},54,{"file":242,"line":536,"context":306},29,{"file":242,"line":271,"context":306},{"file":242,"line":539,"context":306},32,{"file":242,"line":541,"context":306},34,{"file":242,"line":212,"context":306},{"file":242,"line":248,"context":306},{"file":242,"line":248,"context":306},{"file":242,"line":248,"context":306},{"file":242,"line":547,"context":306},70,{"file":242,"line":325,"context":306},{"file":242,"line":325,"context":306},{"file":242,"line":325,"context":306},{"file":242,"line":54,"context":306},{"file":242,"line":553,"context":306},80,{"file":242,"line":553,"context":306},[],[557,573,591,628,638,683,692,709],{"entryPoint":558,"graph":559,"unsanitizedCount":29,"severity":572},"\u003Cheader> (admin\\header.php:0)",{"nodes":560,"edges":570},[561,565],{"id":562,"type":563,"label":564,"file":431,"line":178},"n0","source","$_POST (x2)",{"id":566,"type":567,"label":568,"file":431,"line":182,"wp_function":569},"n1","sink","update_option() [Settings Manipulation]","update_option",[571],{"from":562,"to":566,"sanitized":254},"low",{"entryPoint":574,"graph":575,"unsanitizedCount":29,"severity":572},"\u003Csettings> (admin\\settings.php:0)",{"nodes":576,"edges":588},[577,579,581,584],{"id":562,"type":563,"label":578,"file":434,"line":232},"$_POST (x5)",{"id":566,"type":567,"label":568,"file":434,"line":580,"wp_function":569},44,{"id":582,"type":563,"label":583,"file":434,"line":435},"n2","$_POST['xyz_ihs_limit']",{"id":585,"type":567,"label":586,"file":434,"line":435,"wp_function":587},"n3","echo() [XSS]","echo",[589,590],{"from":562,"to":566,"sanitized":254},{"from":582,"to":585,"sanitized":254},{"entryPoint":592,"graph":593,"unsanitizedCount":29,"severity":572},"\u003Csnippet-add> (admin\\snippet-add.php:0)",{"nodes":594,"edges":622},[595,598,601,604,605,608,610,614,616,620],{"id":562,"type":563,"label":596,"file":438,"line":597},"$_POST",18,{"id":566,"type":567,"label":599,"file":438,"line":310,"wp_function":600},"query() [SQLi]","query",{"id":582,"type":563,"label":602,"file":438,"line":603},"$_POST (x3)",14,{"id":585,"type":567,"label":586,"file":438,"line":277,"wp_function":587},{"id":606,"type":563,"label":607,"file":438,"line":384},"n4","$_POST['snippetTitle']",{"id":609,"type":567,"label":586,"file":438,"line":384,"wp_function":587},"n5",{"id":611,"type":563,"label":612,"file":438,"line":613},"n6","$_POST['xyz_ihs_snippetDescription']",194,{"id":615,"type":567,"label":586,"file":438,"line":613,"wp_function":587},"n7",{"id":617,"type":563,"label":618,"file":438,"line":619},"n8","$_POST['snippetContent']",210,{"id":621,"type":567,"label":586,"file":438,"line":619,"wp_function":587},"n9",[623,624,625,626,627],{"from":562,"to":566,"sanitized":254},{"from":582,"to":585,"sanitized":254},{"from":606,"to":609,"sanitized":254},{"from":611,"to":615,"sanitized":254},{"from":617,"to":621,"sanitized":254},{"entryPoint":629,"graph":630,"unsanitizedCount":29,"severity":572},"\u003Csnippet-delete> (admin\\snippet-delete.php:0)",{"nodes":631,"edges":636},[632,635],{"id":562,"type":563,"label":633,"file":634,"line":109},"$_GET (x2)","admin\\snippet-delete.php",{"id":566,"type":567,"label":599,"file":634,"line":597,"wp_function":600},[637],{"from":562,"to":566,"sanitized":254},{"entryPoint":639,"graph":640,"unsanitizedCount":29,"severity":572},"\u003Csnippet-edit> (admin\\snippet-edit.php:0)",{"nodes":641,"edges":674},[642,644,645,646,650,653,654,656,657,659,660,663,665,667,669,672],{"id":562,"type":563,"label":643,"file":453,"line":229},"$_GET",{"id":566,"type":567,"label":599,"file":453,"line":248,"wp_function":600},{"id":582,"type":563,"label":643,"file":453,"line":229},{"id":585,"type":567,"label":647,"file":453,"line":648,"wp_function":649},"get_results() [SQLi]",111,"get_results",{"id":606,"type":563,"label":651,"file":453,"line":652},"$_POST['snippetId']",128,{"id":609,"type":567,"label":586,"file":453,"line":652,"wp_function":587},{"id":611,"type":563,"label":655,"file":453,"line":229},"$_GET (x5)",{"id":615,"type":567,"label":586,"file":453,"line":652,"wp_function":587},{"id":617,"type":563,"label":564,"file":453,"line":658},36,{"id":621,"type":567,"label":586,"file":453,"line":454,"wp_function":587},{"id":661,"type":563,"label":607,"file":453,"line":662},"n10",141,{"id":664,"type":567,"label":586,"file":453,"line":662,"wp_function":587},"n11",{"id":666,"type":563,"label":612,"file":453,"line":368},"n12",{"id":668,"type":567,"label":586,"file":453,"line":368,"wp_function":587},"n13",{"id":670,"type":563,"label":618,"file":453,"line":671},"n14",230,{"id":673,"type":567,"label":586,"file":453,"line":671,"wp_function":587},"n15",[675,676,677,678,679,680,681,682],{"from":562,"to":566,"sanitized":254},{"from":582,"to":585,"sanitized":254},{"from":606,"to":609,"sanitized":254},{"from":611,"to":615,"sanitized":254},{"from":617,"to":621,"sanitized":254},{"from":661,"to":664,"sanitized":254},{"from":666,"to":668,"sanitized":254},{"from":670,"to":673,"sanitized":254},{"entryPoint":684,"graph":685,"unsanitizedCount":29,"severity":572},"\u003Csnippet-status> (admin\\snippet-status.php:0)",{"nodes":686,"edges":690},[687,689],{"id":562,"type":563,"label":643,"file":688,"line":109},"admin\\snippet-status.php",{"id":566,"type":567,"label":599,"file":688,"line":300,"wp_function":600},[691],{"from":562,"to":566,"sanitized":254},{"entryPoint":693,"graph":694,"unsanitizedCount":29,"severity":572},"\u003Csnippets> (admin\\snippets.php:0)",{"nodes":695,"edges":705},[696,698,699,700,702,704],{"id":562,"type":563,"label":596,"file":286,"line":697},199,{"id":566,"type":567,"label":647,"file":286,"line":287,"wp_function":649},{"id":582,"type":563,"label":596,"file":286,"line":697},{"id":585,"type":567,"label":586,"file":286,"line":701,"wp_function":587},257,{"id":606,"type":563,"label":703,"file":286,"line":460},"$_GET (x4)",{"id":609,"type":567,"label":586,"file":286,"line":485,"wp_function":587},[706,707,708],{"from":562,"to":566,"sanitized":254},{"from":582,"to":585,"sanitized":254},{"from":606,"to":609,"sanitized":254},{"entryPoint":710,"graph":711,"unsanitizedCount":29,"severity":572},"\u003Cajax-handler> (ajax-handler.php:0)",{"nodes":712,"edges":719},[713,715,716,717],{"id":562,"type":563,"label":596,"file":255,"line":714},26,{"id":566,"type":567,"label":647,"file":255,"line":229,"wp_function":649},{"id":582,"type":563,"label":596,"file":255,"line":714},{"id":585,"type":567,"label":568,"file":255,"line":718,"wp_function":569},48,[720,721],{"from":562,"to":566,"sanitized":254},{"from":582,"to":585,"sanitized":254},{"summary":723,"deductions":724},"The \"insert-html-snippet\" plugin version 1.4.4 exhibits a mixed security posture. On the positive side, there are no reported critical or high severity vulnerabilities in its history, and the static analysis did not reveal any critical or high severity taint flows or dangerous functions. The plugin also demonstrates good practices with a significant number of nonce checks and capability checks, and the majority of its SQL queries utilize prepared statements, reducing the risk of SQL injection.\n\nHowever, there are notable areas of concern. The presence of an unprotected AJAX handler significantly increases the attack surface. Furthermore, the code analysis indicates that only 37% of output is properly escaped, leaving room for potential Cross-Site Scripting (XSS) vulnerabilities, which is corroborated by its past vulnerability history including a medium severity XSS issue. The plugin's single known CVE, although patched, was for XSS, suggesting a historical susceptibility to this type of vulnerability. The limited number of capability checks in conjunction with an unprotected AJAX endpoint is a significant weakness.\n\nIn conclusion, while the plugin has made efforts to secure its codebase through prepared statements and nonce checks, the unprotected AJAX handler and poor output escaping practices present real risks. The historical XSS vulnerability further emphasizes the need for vigilance in sanitizing user inputs and ensuring all entry points are properly authenticated and authorized.",[725,727,729,731],{"reason":726,"points":89},"Unprotected AJAX handler present",{"reason":728,"points":109},"Low percentage of output properly escaped",{"reason":730,"points":173},"One medium severity vulnerability in history (XSS)",{"reason":732,"points":267},"Limited capability checks (3)","2026-03-16T17:28:02.377Z",{"wat":735,"direct":744},{"assetPaths":736,"generatorPatterns":738,"scriptPaths":739,"versionParams":741},[737],"\u002Fwp-content\u002Fplugins\u002Finsert-html-snippet\u002Fimages\u002Flogo.png",[],[740],"\u002Fwp-content\u002Fplugins\u002Finsert-html-snippet\u002Fjs\u002Fadmin.js",[742,743],"insert-html-snippet\u002Fcss\u002Fadmin.css?ver=","insert-html-snippet\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":745,"htmlComments":751,"htmlAttributes":753,"restEndpoints":755,"jsGlobals":756,"shortcodeOutput":758},[746,747,748,749,750],"xyz-ihs-modal-overlay","xyz-ihs-modal-box","xyz-ihs-modal-buttons","xyz-ihs-proceed-deactivate","xyz-ihs-cancel-deactivate",[752],"\u003C!-- update manual shortcode counts -->",[754],"data-xyz-ihs-shortcode-id",[],[757],"xyz_ihs_shortcode_id",[759,760],"[xyz-ihs-snippet id=\"","[xyz-ihs-snippet]"]