[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f73F4z4wM7wPzq3a-r_vB55eJpgJQFKkSGaZ1gFhgunE":3,"$fJTTuJ9nWrErpDTSaSFZaS9jFPVJs0gLyy0sP4mAyfLk":266,"$f1kdVy152-xuje8aEN29A3nwTjj6fhTzEEV7ppJsoP-4":271},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":37,"analysis":139,"fingerprints":210},"insert-math","Insert math","2.0","CMTV","https:\u002F\u002Fprofiles.wordpress.org\u002Fcmtv\u002F","\u003Cp>Add math support for your site. Insert block\u002Finline formulas in your text with useful and fancy modal. Watch and monitor rendered math in process of typing formula. Change formula color.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Math support on both frontend and admin panel\u003C\u002Fli>\n\u003Cli>Useful and fancy modal for inserting and editing math in posts\u003C\u002Fli>\n\u003Cli>Insert both block and inline math\u003C\u002Fli>\n\u003Cli>Changing formula color\u003C\u002Fli>\n\u003Cli>Set ID and classes for formula\u003C\u002Fli>\n\u003Cli>Automatic highlighting math in visual editor\u003C\u002Fli>\n\u003Cli>Adding x-scrollbar to block math if browser viewport is smaller then formula\u003C\u002Fli>\n\u003C\u002Ful>\n","Fast and handy insert any math formulas in your posts.",200,4483,80,1,"2017-08-03T05:34:00.000Z","4.8.28","4.0","",[20,4,21,22,23],"formula","latex","math","tex","https:\u002F\u002Fgithub.com\u002FCMTV\u002Fwordpress-plugin-insert-math","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-math.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"cmtv",30,84,"2026-05-19T21:06:55.690Z",[38,60,80,102,123],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":35,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":59},"wpmathpub","WPMathPub","3.0.3","Ron Fredericks","https:\u002F\u002Fprofiles.wordpress.org\u002Fronf\u002F","\u003Cp>WPMathPub renders mathematical equations in WordPress using the \u003Cstrong>mathpublisher rendering engine\u003C\u002Fstrong>, supporting both \u003Cstrong>pmath native syntax and LaTeX-style input\u003C\u002Fstrong> and generating high-quality PNG images with transparent backgrounds.\u003C\u002Fp>\n\u003Cp>Unlike MathJax-based plugins, WPMathPub performs \u003Cstrong>server-side rendering\u003C\u002Fstrong>, producing static equation images that display consistently across browsers and devices without requiring client-side JavaScript.\u003C\u002Fp>\n\u003Cp>This approach provides reliable rendering for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress posts and pages\u003C\u002Fli>\n\u003Cli>RSS feeds\u003C\u002Fli>\n\u003Cli>Cached pages\u003C\u002Fli>\n\u003Cli>Environments where JavaScript rendering is not desirable\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WPMathPub extends the classic mathpublisher engine with modern WordPress integration including shortcode support, LaTeX translation, image caching, and configurable rendering options.\u003C\u002Fp>\n\u003Ch3>Mathematical Equation Rendering\u003C\u002Fh3>\n\u003Cp>Mathematical expressions can be embedded directly into WordPress content using the pmath shortcode.\u003C\u002Fp>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[pmath]x^2 + y^2 = z^2[\u002Fpmath]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Custom size and color:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[pmath size=18 color=\"blue\"]E = mc^2[\u002Fpmath]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>LaTeX input:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[pmath latex=1]\\frac{a}{b}[\u002Fpmath]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Expressions are rendered as PNG images using the GD and FreeType libraries and cached for efficient reuse.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>pmath expression rendering\u003C\u002Fli>\n\u003Cli>LaTeX command translation (PHPMathPublisher subset)\u003C\u002Fli>\n\u003Cli>Server-side PNG equation generation\u003C\u002Fli>\n\u003Cli>Gutenberg WPMathPub math block with PMath and LaTeX mode switching\u003C\u002Fli>\n\u003Cli>Halo-free color rendering with alpha transparency\u003C\u002Fli>\n\u003Cli>Transparent background support for dark themes\u003C\u002Fli>\n\u003Cli>Minimal WordPress database footprint\u003C\u002Fli>\n\u003Cli>Efficient PNG image caching\u003C\u002Fli>\n\u003Cli>WordPress admin tools panel\n\u003Cul>\n\u003Cli>Configurable default equation size\u003C\u002Fli>\n\u003Cli>Configurable default equation color with color picker\u003C\u002Fli>\n\u003Cli>Installation status display\u003C\u002Fli>\n\u003Cli>PNG image cache status and control\u003C\u002Fli>\n\u003Cli>Policy control for cleanup on plugin delete\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Render mathematical equations in WordPress as PNG images using pmath native syntax or LaTeX input with server-side rendering.",300,25012,5,"2026-04-06T07:40:00.000Z","6.9.4","5.2.3","7.2",[54,20,21,22,55],"equations","mathematics","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpmathpub\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpmathpub.3.0.3.zip",100,"2026-04-06T09:54:40.288Z",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":58,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":76,"download_link":77,"security_score":78,"vuln_count":14,"unpatched_count":14,"last_vuln_date":79,"fetched_at":29},"enable-latex","Enable Latex","1.2.16","KaizenCoders","https:\u002F\u002Fprofiles.wordpress.org\u002Fkaizencoders\u002F","\u003Cp>Insert LaTeX formulas in your posts.\u003C\u002Fp>\n\u003Cp>Just type [latex size=0 color=000000 background=ffffff]\\\\displaystyle f_{rec} = \\\\frac{c+v_{mobile}}{c} f_{em}[\u002Flatex] in your post to show the LaTeX formula.\u003C\u002Fp>\n\u003Cp>You can configure:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>the color of the font,  \u003C\u002Fli>\n\u003Cli>the color of the background, \u003C\u002Fli>\n\u003Cli>the style of the image displayed. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugin developped from the orginal plugin WP-LaTeX.\u003C\u002Fp>\n\u003Cp>This plugin is under GPL licence.\u003C\u002Fp>\n\u003Ch4>Multisite – WordPress MU\u003C\u002Fh4>\n\u003Cp>This plugin is compatible with multisite installation.\u003C\u002Fp>\n\u003Ch4>Localization\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Arabic (Egypt) translation provided by AmrIbrahim\u003C\u002Fli>\n\u003Cli>German (Germany) translation provided by amens\u003C\u002Fli>\n\u003Cli>English (United States), default language\u003C\u002Fli>\n\u003Cli>Farsi (Iran) translation provided by youseftabeolhojjeh\u003C\u002Fli>\n\u003Cli>French (France) translation provided by SedLex\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features of the framework\u003C\u002Fh4>\n\u003Cp>This plugin uses the SL framework. This framework eases the creation of new plugins by providing tools and frames (see dev-toolbox plugin for more info).\u003C\u002Fp>\n\u003Cp>You may easily translate the text of the plugin and submit it to the developer, send a feedback, or choose the location of the plugin in the admin panel.\u003C\u002Fp>\n\u003Cp>Have fun !\u003C\u002Fp>\n","Insert LaTeX formulas in your posts.",70,9376,2,"2016-04-17T09:08:00.000Z","4.5.33","3.0",[20,21,22,75,23],"shortcode","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenable-latex\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenable-latex.zip",63,"2025-09-05 00:00:00",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":73,"requires_php":94,"tags":95,"homepage":18,"download_link":99,"security_score":100,"vuln_count":14,"unpatched_count":27,"last_vuln_date":101,"fetched_at":29},"mathjax-latex","MathJax-LaTeX","1.3.13","knowledgeblog","https:\u002F\u002Fprofiles.wordpress.org\u002Fknowledgeblog\u002F","\u003Cp>MathJax enables enables rendering of embedded LaTeX or MathML in HTML pages. This plugin adds this functionality to WordPress. The MathJax JavaScript is inject on-demand only to those pages which require it. This ensures that MathJax is not loaded for all pages, which will otherwise slow loading down.\u003C\u002Fp>\n\u003Cp>The MathJax JavaScript can be delivered from your own server, or you can use the Cloudflare Content Distribution Network (CDN), which is the preferred mechanism as it offers increased speed and stability over hosting the JavaScript and configuring the library yourself.\u003C\u002Fp>\n\u003Cp>You may embed latex using a variety of different syntaxes. The shortcode (https:\u002F\u002Fcodex.wordpress.org\u002FShortcode_API) syntax is preferred. So \u003Ccode>[latex]E=mc^2[\u002Flatex]\u003C\u002Fcode> will work out of the box. This also forces loading of MathJax.\u003C\u002Fp>\n\u003Cp>Additionally, you can use native MathJax syntax — \u003Ccode>$$E=mc^2$$\u003C\u002Fcode> or \u003Ccode>\\(E=mc^2\\)\u003C\u002Fcode>. However, if this is the only syntax used, the plugin must be explicitly told to load MathJax for the current page. This can be achieved by adding a \u003Ccode>[mathjax]\u003C\u002Fcode> shortcode anywhere in the post. For posts with both \u003Ccode>[latex]\u003C\u002Fcode>x\u003Ccode>[\u002Flatex]\u003C\u002Fcode> and \u003Ccode>$$x$$\u003C\u002Fcode> syntaxes this is unnecessary.\u003C\u002Fp>\n\u003Cp>You can use wp-latex syntax, \u003Ccode>$latex E=mc^2$\u003C\u002Fcode>. Parameters can be specified as with wp-latex but will be ignored. This means that MathJax-LaTeX should be a drop-in replacement for wp-latex. Because this conflicts with wp-latex, this behaviour is blocked when wp-latex is present, and must be explicitly enabled in the settings.\u003C\u002Fp>\n\u003Cp>You can also specify \u003Ccode>[nomathjax]\u003C\u002Fcode> — this will block mathjax on the current page, regardless of other tags.\u003C\u002Fp>\n\u003Cp>MathJax-LaTeX is developed on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fphillord\u002Fmathjax-latex\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>This plugin is copyright Phillip Lord, Newcastle University and is licensed under GPLv2.\u003C\u002Fp>\n","This plugin enables MathJax (http:\u002F\u002Fwww.mathjax.org) functionality for WordPress (http:\u002F\u002Fwww.wordpress.org).",10000,171785,88,11,"2025-01-14T16:50:00.000Z","6.7.5","7.0.0",[21,55,96,97,98],"mathjax","mathml","science","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmathjax-latex.1.3.13.zip",91,"2013-03-25 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":18,"tags":117,"homepage":120,"download_link":121,"security_score":100,"vuln_count":70,"unpatched_count":27,"last_vuln_date":122,"fetched_at":29},"wp-quicklatex","WP QuickLaTeX","3.8.8","advanpix","https:\u002F\u002Fprofiles.wordpress.org\u002Fadvanpix\u002F","\u003Cp>Insert formulas & graphics in the posts and comments using native LaTeX shorthands directly in the text. Inline formulas, displayed equations auto-numbering, labeling and referencing, AMS-LaTeX, \u003Ccode>TikZ\u003C\u002Fcode>, custom LaTeX preamble. No LaTeX installation required. Easily customizable using UI page. Actively developed and maintained. Visit \u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fquicklatex\u002F\" rel=\"nofollow ugc\">QuickLaTeX homepage\u003C\u002Fa> for more info.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Standard LaTeX expressions can be cut and pasted directly into WordPress posts, pages, and comments; display environments require no enclosures, other expressions require only a surrounding \u003Ccode>$..$\u003C\u002Fcode> or \u003Ccode>\\[..\\]\u003C\u002Fcode>.  No need for enclosing tags \u003Ccode>[latex] ... [\u002Flatex]\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Correct vertical positioning of inline formulas relative to baseline of surrounding text. Say “NO” to jumpy equations produced by other plugins!\u003C\u002Fli>\n\u003Cli>SVG vector graphics support, so that formulas are crisp regardless of scaling in browser.\u003C\u002Fli>\n\u003Cli>(AMS)LaTeX displayed math environments support: \u003Ccode>equation, align, gather, multiline, flalign, alignat,\u003C\u002Fcode> etc.\u003C\u002Fli>\n\u003Cli>Automatic numbering of displayed equations. Override autonumbering with \u003Ccode>\\tag{}\u003C\u002Fcode> LaTeX command.\u003C\u002Fli>\n\u003Cli>Equation hyper-referencing by standard LaTeX rules with \u003Ccode>\\label{}\u003C\u002Fcode>, \u003Ccode>\\ref{}\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Custom LaTeX document preamble, allowing added \u003Ccode>\\usepackage{}\u003C\u002Fcode> and \u003Ccode>\\newcommand{}\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>TikZ\u003C\u002Fcode> and \u003Ccode>pgfplots\u003C\u002Fcode> graphics package support.\u003C\u002Fli>\n\u003Cli>Preview formulas in comments before publishing. Additionally \u003Ca href=\"http:\u002F\u002Fblogwaffe.com\u002Fajax-comment-preview\u002F\" rel=\"nofollow ugc\">AJAX Comment Preview\u003C\u002Fa> plugin should be installed to enable this feature.\u003C\u002Fli>\n\u003Cli>Meaningful error messages for mistakes in LaTeX code.\u003C\u002Fli>\n\u003Cli>Precise font properties tuning: \u003Ccode>size, text and background color\u003C\u002Fcode>. \u003C\u002Fli>\n\u003Cli>Easy style customization using UI or CSS file.\u003C\u002Fli>\n\u003Cli>No LaTeX installation is required. \u003C\u002Fli>\n\u003Cli>QuickLaTeX.com automatically provides formula images, which are then cached on user’s server.\u003C\u002Fli>\n\u003Cli>Administrative settings page for setting global parameters; AJAX-ified.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just place LaTeX math expressions into your text and enable QuickLaTeX on the page by \u003Ccode>[latexpage]\u003C\u002Fcode> command.\u003Cbr \u002F>\nWP QuickLaTeX will convert them to high-quality images and embed into post. Inline formulas will be properly aligned with the text.\u003Cbr \u002F>\nDisplayed equations will be auto-numbered by LaTeX rules.\u003Cbr \u002F>\nTo see plugin in action please visit math-pages on my blog, e.g. \u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fnumerical-methods\u002Fnumerical-derivative\u002Fcentral-differences\u002F\" rel=\"nofollow ugc\">Central Differences\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fnumerical-methods\u002Fnumerical-integration\u002Fcubature-formulas-for-the-unit-disk\u002F\" rel=\"nofollow ugc\">Cubature formulas for the unit disk\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fnumerical-methods\u002Fnumerical-derivative\u002Fsmooth-low-noise-differentiators\u002F\" rel=\"nofollow ugc\">Smooth noise robust differentiators\u003C\u002Fa>, etc.\u003C\u002Fp>\n","Advanced LaTeX plugin. Native LaTeX syntax. Allows custom preamble, TikZ and other packages. Zoom-independent visual quality (SVG).",5000,98790,92,31,"2024-06-26T03:00:00.000Z","6.5.8","2.8",[54,118,21,22,119],"gnuplot","tikz","http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fquicklatex\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quicklatex.3.8.8.zip","2024-07-01 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":73,"requires_php":18,"tags":137,"homepage":18,"download_link":138,"security_score":58,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"simple-mathjax","Simple Mathjax","2.1.1","Samuel Coskey","https:\u002F\u002Fprofiles.wordpress.org\u002Fsgcoskey\u002F","\u003Cp>This wordpress plugin is yet another simple plugin to load the \u003Ca href=\"http:\u002F\u002Fwww.mathjax.org\" rel=\"nofollow ugc\">MathJax\u003C\u002Fa> scripts at the bottom of all of your pages. It uses a very all-inclusive mathjax configuration by default, with $’s and $$’s the default delimeters for in-line and displayed equations.\u003C\u002Fp>\n\u003Cp>A preference pane is added to the “Settings” group where you can choose whether to use MathJax version 2 or 3, change the MathJax server location (CDN) and the MathJax configuration settings. (See \u003Ca href=\"https:\u002F\u002Fdocs.mathjax.org\u002Fen\u002Flatest\u002Fweb\u002Fstart.html#configuring-mathjax\" rel=\"nofollow ugc\">the mathjax documentation\u003C\u002Fa> for details on the options available.)\u003Cbr \u002F>\nYou can also specify a LaTeX “preamble” of newcommands which will be loaded in a hidden element near the top of each page.\u003C\u002Fp>\n\u003Cp>Fork this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fboolesrings\u002FSimple-Mathjax-wordpress-plugin\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Yet another plugin to add MathJax support to your wordpress blog. Just wrap your equations inside $ signs and MathJax will render them visually.",4000,47934,94,13,"2025-09-10T09:57:00.000Z","6.8.5",[21,96],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-mathjax.2.1.1.zip",{"attackSurface":140,"codeSignals":187,"taintFlows":197,"riskAssessment":198,"analyzedAt":209},{"hooks":141,"ajaxHandlers":183,"restRoutes":184,"shortcodes":185,"cronEvents":186,"entryPointCount":27,"unprotectedCount":27},[142,148,151,155,158,161,163,168,172,176,179],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","wp_enqueue_scripts","insert_math_enqueue_scripts","insert-math.php",43,{"type":143,"name":149,"callback":145,"file":146,"line":150},"admin_enqueue_scripts",44,{"type":143,"name":152,"callback":153,"file":146,"line":154},"wp_footer","insert_math_add_dialog_html",109,{"type":143,"name":156,"callback":153,"file":146,"line":157},"admin_footer",110,{"type":143,"name":144,"callback":159,"file":146,"line":160},"insert_math_constants_for_tinymce",124,{"type":143,"name":149,"callback":159,"file":146,"line":162},125,{"type":164,"name":165,"callback":166,"file":146,"line":167},"filter","mce_external_plugins","insert_math_register_tinymce_plugin",132,{"type":164,"name":169,"callback":170,"file":146,"line":171},"mce_buttons","insert_math_add_tinymce_button",139,{"type":143,"name":173,"callback":174,"file":146,"line":175},"wp_head","insert_math_add_tinymce_stylesheet",156,{"type":143,"name":177,"callback":174,"file":146,"line":178},"admin_init",157,{"type":143,"name":180,"callback":181,"file":146,"line":182},"plugins_loaded","insert_math_load_textdomain",166,[],[],[],[],{"dangerousFunctions":188,"sqlUsage":189,"outputEscaping":191,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":193},[],{"prepared":27,"raw":27,"locations":190},[],{"escaped":27,"rawEcho":27,"locations":192},[],[194],{"name":195,"version":28,"knownCves":196},"TinyMCE",[],[],{"summary":199,"deductions":200},"Based on the provided static analysis, the 'insert-math' v2.0 plugin exhibits a strong security posture.  The absence of identified dangerous functions, all SQL queries utilizing prepared statements, and proper output escaping suggest robust coding practices for these common vulnerability areas.  The zero count for file operations and external HTTP requests further minimizes potential attack vectors.  The lack of known CVEs and historical vulnerabilities further reinforces this positive assessment, indicating a history of secure development or diligent patching by the maintainers.\n\nHowever, the analysis also reveals significant areas with no security checks whatsoever.  The complete absence of nonce checks and capability checks across all identified entry points is a major concern.  While the attack surface is currently reported as zero, this means that any future introduction of entry points (AJAX, REST API, shortcodes, cron events) would inherently be unprotected.  This lack of proactive security measures in these areas, combined with the bundled TinyMCE library (which could itself have vulnerabilities if outdated), presents potential risks should new vulnerabilities emerge or the plugin's functionality expand.\n\nIn conclusion, 'insert-math' v2.0 demonstrates good security practices in its current implementation regarding core code execution and data handling.  However, the complete absence of authorization and integrity checks on its entry points is a critical oversight that leaves it vulnerable to exploitation if any such points are added or become accessible.  The plugin's history of security is a positive indicator, but the static analysis reveals a concerning gap in its defensive mechanisms.",[201,204,206],{"reason":202,"points":203},"Missing nonce checks on entry points",10,{"reason":205,"points":203},"Missing capability checks on entry points",{"reason":207,"points":208},"Bundled library (TinyMCE) may have unpatched vulns",3,"2026-03-16T20:22:54.665Z",{"wat":211,"direct":225},{"assetPaths":212,"generatorPatterns":221,"scriptPaths":222,"versionParams":224},[213,214,215,216,217,218,219,220],"\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Fmathjax\u002Fconfig.js","\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Fmathjax\u002Fscrollmath.css","\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Fjquery-ui-css\u002Fjquery-ui.css","\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Fdialog\u002Fdialog.js","\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Fdialog\u002Fdialog.css","\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Ftinymce\u002Fbutton-icon.svg","\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Ftinymce\u002Fplugin.js","\u002Fwp-content\u002Fplugins\u002Finsert-math\u002Ftinymce\u002Feditor.css",[],[223],"https:\u002F\u002Fcdnjs.cloudflare.com\u002Fajax\u002Flibs\u002Fmathjax\u002F2.7.1\u002FMathJax.js",[],{"cssClasses":226,"htmlComments":255,"htmlAttributes":256,"restEndpoints":262,"jsGlobals":263,"shortcodeOutput":265},[227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254],"insert_math-dialog","insert_math-display-mode-container","insert_math-container","insert_math-label","insert_math-display-block","insert_math-button","insert_math-checked","insert_math-display-inline","insert_math-additional-settings-container","insert_math-additional-settings-header","insert_math-additional-settings","insert_math-color-container","insert_math-color-default","insert_math-color-custom","insert_math-id-container","insert_math-formula-id","insert_math-classes-container","insert_math-formula-classes","insert_math-expression-container","insert_math-expression-tip","insert_math-expression","insert_math-preview-container","insert_math-preview-header","insert_math-preview-icon","insert_math-preview","insert_math-preview-math","insert_math-preview-empty","insert_math-insert",[],[257,258,259,260,261],"data-title","data-title-edit","data-value","data-value-edit","contenteditable=\"true\"",[],[264],"Insert_Math_Dialog",[],{"error":267,"url":268,"statusCode":269,"statusMessage":270,"message":270},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Finsert-math\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":27,"versions":272},[]]