[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fQhUZndJ1qrMK6pVU4KkWhMftLywqAAafyc2uVofXUZA":3,"$fK7bXSBY4TAvTnSnieafh4abEWJOk98mKEVwkqRh0HMs":317,"$ffO3Q8QCbDESO5mscHA4jyNRsAnCXANYskHgiptQSFU0":321},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":49,"crawl_stats":36,"alternatives":52,"analysis":149,"fingerprints":283},"kindeditor-for-wordpress","Kindeditor For WordPress","1.4.3","panxianhai","https:\u002F\u002Fprofiles.wordpress.org\u002Fpanxianhai\u002F","\u003Cp>Because most users of this plug-in are Chinese people,following I use Chinese.\u003C\u002Fp>\n\u003Cp>kindeditor是一个简单高效，易于使用的编辑器，自带代码高亮。\u003C\u002Fp>\n","Kindeditor for wordpress",500,55498,100,2,"2015-04-13T07:27:00.000Z","4.1.42","3.0","",[20,21],"editor","syntax-highlighting","https:\u002F\u002Fgithub.com\u002Fpanxianhai\u002Fkindeditor-for-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.4.3.zip",85,1,0,"2014-05-25 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":27,"updated_date":43,"references":44,"days_to_patch":46,"patch_diff_files":47,"patch_trac_url":36,"research_status":36,"research_verified":48,"research_rounds_completed":26,"research_plan":36,"research_summary":36,"research_vulnerable_code":36,"research_fix_diff":36,"research_exploit_outline":36,"research_model_used":36,"research_started_at":36,"research_completed_at":36,"research_error":36,"poc_status":36,"poc_video_id":36,"poc_summary":36,"poc_steps":36,"poc_tested_at":36,"poc_wp_version":36,"poc_php_version":36,"poc_playwright_script":36,"poc_exploit_code":36,"poc_has_trace":48,"poc_model_used":36,"poc_verification_depth":36},"WF-a5205717-af90-4d55-b812-38ded2b0f700-kindeditor-for-wordpress","kindeditor-for-wordpress-reflected-cross-site-scripting","Kindeditor For WordPress \u003C 1.4 - Reflected Cross-Site Scripting","The Kindeditor For WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the swfupload.swf file in versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.3.7","1.4","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa5205717-af90-4d55-b812-38ded2b0f700?source=api-prod",3530,[],false,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":25,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":46,"trust_score":50,"computed_at":51},69,"2026-05-20T03:12:37.708Z",[53,76,96,114,133],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":74,"download_link":75,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":28},"enlighter","Enlighter – Customizable Syntax Highlighter","4.7.0","Andi Dittrich","https:\u002F\u002Fprofiles.wordpress.org\u002Fandi-dittrich\u002F","\u003Cp>Enlighter is a free, easy-to-use, syntax highlighting tool for WordPress. Highlighting is powered by the \u003Ca href=\"https:\u002F\u002Fcodeberg.org\u002FEnlighterJS\" rel=\"nofollow ugc\">EnlighterJS\u003C\u002Fa> javascript library to provide a beautiful code-appearance.\u003C\u002Fp>\n\u003Cp>Using it can be as simple as adding a new Enlighter Sourcecode block (Gutenberg) and insert the code which you want to highlight: Enlighter takes care of the rest!\u003C\u002Fp>\n\u003Cp>An easy to use Theme-Customizer is included to modify the build-in themes \u003Cstrong>without any css knowlegde!\u003C\u002Fstrong>\u003Cbr \u002F>\nIt also supports the automatic creation of tab-panes to display code-groups together (useful for multi-language examples – e.g. html+css+js)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\u002Fblob\u002Fmaster\u002Fwordpress\u002Fupgrade\u002Fv4.md\" rel=\"nofollow ugc\">Upgrade Guide\u003C\u002Fa> for Enlighter v4\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\u002Fblob\u002Fmaster\u002Fwordpress\u002FWPThemeCompatibility.md\" rel=\"nofollow ugc\">Theme Compatibility\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\u002Ftree\u002Fmaster\u002Fwordpress\" rel=\"nofollow ugc\">Enlighter WordPress Plugin Docs\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Full Gutenberg Editor Integration\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full Classic Editor Integration\u003C\u002Fstrong> (TinyMCE)\u003C\u002Fli>\n\u003Cli>Support for all common used languages\u003C\u002Fli>\n\u003Cli>Powerful generic highlighting engine for unknown\u002Funsupported languages\u003C\u002Fli>\n\u003Cli>Theme Customizer\u003C\u002Fli>\n\u003Cli>Inline Syntax Highlighting\u003C\u002Fli>\n\u003Cli>Advanced configuration options are available within the options page.\u003C\u002Fli>\n\u003Cli>Supports code-groups (displays multiple code-blocks within a tab-pane)\u003C\u002Fli>\n\u003Cli>Extensible language and theme engines – add your own one.\u003C\u002Fli>\n\u003Cli>Simple CSS based themes\u003C\u002Fli>\n\u003Cli>Integrated CSS file caching (suitable for high traffic sites)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full GDPR compliant\u003C\u002Fstrong> – no external resources are required, no data will be aggregated\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Gutenberg Editor Integration\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Full Editor Integration\u003C\u002Fstrong> via “Enlighter Sourcecode” block\u003C\u002Fli>\n\u003Cli>Inline Syntax Highlighting\u003C\u002Fli>\n\u003Cli>Automatic transformations for classic editor posts (codeblocks converted to Enlighter Sourcecode block)\u003C\u002Fli>\n\u003Cli>Transform legacy codeblocks to Enlighter Gutenberg Blocks (manual transformation)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\u002Fblob\u002Fmaster\u002Fediting\u002FGutenberg.md\" rel=\"nofollow ugc\">Docs and Usage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002FPlugin.Gutenberg\" rel=\"nofollow ugc\">Editor plugin repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Classic Editor (TinyMCE) Integration\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Full Editor Integration\u003C\u002Fstrong> via Enlighter buttons in the toolbar\u003C\u002Fli>\n\u003Cli>Inline Syntax Highlighting\u003C\u002Fli>\n\u003Cli>Tab-Indentation mode to align code with the \u003Ccode>tab\u003C\u002Fcode> key (single line and block selection)\u003C\u002Fli>\n\u003Cli>Editor formats to highlight existing code\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\u002Fblob\u002Fmaster\u002Fediting\u002FTinyMCE.md\" rel=\"nofollow ugc\">Docs and Usage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002FPlugin.TinyMCE\" rel=\"nofollow ugc\">Editor plugin repository\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftinymce.enlighterjs.org\u002F\" rel=\"nofollow ugc\">Classic Editor Live-Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Markdown\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Markdown fenced code blocks\u003C\u002Fli>\n\u003Cli>Inline Syntax Highlighting via backtick code (including language specific addon)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\u002Fblob\u002Fmaster\u002Fediting\u002FMarkdown.md\" rel=\"nofollow ugc\">Docs and Usage\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u002FMigration\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Crayon compatibility mode (use EnlighterJS highlighting for legacy Crayon \u003Ccode>pre\u003C\u002Fcode> codeblocks)\u003C\u002Fli>\n\u003Cli>CodeColorer compatibility mode (use EnlighterJS highlighting for legacy CodeColorer shortcodes)\u003C\u002Fli>\n\u003Cli>Jetpack markdown compatibility mode (generic or raw highlighting)\u003C\u002Fli>\n\u003Cli>Gutenberg standard codeblock compatibility mode (no language attributes)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extensions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbbpress.org\u002F\" rel=\"nofollow ugc\">bbPress\u003C\u002Fa> shortcode + markdown code blocks support\u003C\u002Fli>\n\u003Cli>Dynamic Content via \u003Ccode>jQuery Ajax.load\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Dynamic Content via \u003Ccode>Jetpack.InfiniteScroll\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Texteditor\u002FShortcodes (Legacy)\u003C\u002Fh3>\n\u003Cp>Shortcodes are deprecated and should be used in \u003Cstrong>text editor mode only\u003C\u002Fstrong> – never use them within Gutenberg Editor or Classic Editor!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to use Text-Editor mode through the use of Shortcodes and QuickTags\u003C\u002Fli>\n\u003Cli>Shortcodes within content, comments and widgets\u003C\u002Fli>\n\u003Cli>Standalone Shortcode-Processor to avoid wpautop filter issues in Text-Editor Mode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported Languages (build-in)\u003C\u002Fh3>\n\u003Cp>In case your language is not available try the \u003Cstrong>Generic Mode\u003C\u002Fstrong> which covers a lot of programming languages – or request a new language on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002FEnlighterJS\u002Fissues\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Related Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\u002Ftree\u002Fmaster\u002Fwordpress\" rel=\"nofollow ugc\">Enlighter Plugin Docs + Tutorials\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002FPlugin.WordPress\" rel=\"nofollow ugc\">Enlighter Plugin on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEnlighterJS\u002Fdocumentation\" rel=\"nofollow ugc\">EnlighterJS Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>All modern webbrowsers with enabled Javascript and HTML5 capabilities for “data-” attributes are compatible with Enlighter. It’s possible that it may work with earlier\u002Fother browsers.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Chrome 60+\u003C\u002Fli>\n\u003Cli>Firefox 60+\u003C\u002Fli>\n\u003Cli>Safari 11+\u003C\u002Fli>\n\u003Cli>Edge Browser 10+\u003C\u002Fli>\n\u003C\u002Ful>\n","All-in-one Syntax Highlighting solution. Full Gutenberg and Classic Editor integration. Graphical theme customizer. Based on EnlighterJS.",10000,350034,96,65,"2026-04-13T07:01:00.000Z","6.9.4","6.8","7.4",[70,71,72,73,21],"classic-editor","highlighter","highlighting","syntax-highlighter","https:\u002F\u002Fcodeberg.org\u002FEnlighterJS","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fenlighter.4.7.0.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":13,"num_ratings":14,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":18,"download_link":95,"security_score":24,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":28},"ace-html-block","ACE HTML Block","1.0.1","willdelphia","https:\u002F\u002Fprofiles.wordpress.org\u002Fwilldelphia\u002F","\u003Cp>Registers a raw html block which uses the ACE Editor. Features include syntax highligting, line numbers, indentation, and HTML validation.\u003C\u002Fp>\n\u003Cp>Any HTML markup included in your block will be interpreted and rendered on your user-facing page or post just like the core “Custom HTML” block. This plugin is not for embedding pretty markup on your front-end site, rather it is for those developers that need to include raw HTML in their pages or posts and want to improve the readability of their HTML snippets and have a better in-browser code editing experience.\u003C\u002Fp>\n\u003Ch3>To Use:\u003C\u002Fh3>\n\u003Cp>Create a new block in the editor and look for “ACE HTML Block” in the Formatting section. It has a heart icon.\u003C\u002Fp>\n\u003Ch3>Note on block transforms:\u003C\u002Fh3>\n\u003Cp>There (hopefully) may come a time in the future when WordPress introduces native syntax highlighting on core “Custom HTML” blocks. This block is configured to transform to (and from) the core HTML block so the transition away from this plugin will be easy if you ever want to disable it.  To transform this block click on the heart icon in the upper left corner of the block and select “Custom HTML” from the dropdown menu.\u003C\u002Fp>\n\u003Ch3>Thanks:\u003C\u002Fh3>\n\u003Cp>Under the hood it uses \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsecuringsincity\u002Freact-ace\" rel=\"nofollow ugc\">react-ace\u003C\u002Fa>.\u003C\u002Fp>\n","Registers a raw html block which uses the ACE Editor. Features include syntax highligting, line numbers, indentation, and HTML validation.",50,2916,"2019-02-06T23:26:00.000Z","5.1.22","5.0","5.2.4",[91,92,93,94,21],"ace-editor","block","html-block","raw-html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Face-html-block.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":26,"num_ratings":26,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":109,"tags":110,"homepage":112,"download_link":113,"security_score":24,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":28},"html-block-with-highlighting","HTML Block with Highlighting","1.0.0","cssdaily","https:\u002F\u002Fprofiles.wordpress.org\u002Fcssdaily\u002F","\u003Cp>HTML Block with Highlighting is a WordPress plugin which adds a new HTML Block with syntax highlighting to the Gutenberg editor.\u003C\u002Fp>\n","HTML Block with Highlighting is a WordPress plugin which adds a new HTML Block with syntax highlighting to the Gutenberg editor.",10,1028,"2020-03-30T21:06:00.000Z","5.3.21","5.3","7.2",[20,111,93,21],"html","https:\u002F\u002Fwww.css-daily.com\u002Fhtml-block-with-highlighting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtml-block-with-highlighting.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":104,"downloaded":122,"rating":26,"num_ratings":26,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":131,"download_link":132,"security_score":24,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":28},"melonpan-block-code","Melonpan Block – Code","2.0.3","Alvaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fmelonpan\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgutenberg-showcase.melonpan.io\u002Fmelonpan-block-code\" rel=\"nofollow ugc\">Demo\u003C\u002Fa> – \u003Ca href=\"https:\u002F\u002Fmelonpan.io\u002Fwordpress-plugins\u002Fmelonpan-block-code\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgarciaalvaro\u002Fmelonpan-block-code\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Block to display code, with highlighted syntax, which can be copied to the clipboard.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>The block comes with the following settings:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Code language\u003C\u002Fstrong>: JavaScript, CSS, PHP, etc. \u003Ca href=\"https:\u002F\u002Fprismjs.com\u002F#languages-list\" rel=\"nofollow ugc\">Full list of languages\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Color theme\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Label\u003C\u002Fstrong>: Top left label that can be customized. By default the code language.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Copy button\u003C\u002Fstrong>: Top right button to copy the block content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Padding\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Border width\u003C\u002Fstrong> and \u003Cstrong>Border radius\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>The block can be found inside the blocks inserter menu under the \u003Cem>Melonpan Blocks\u003C\u002Fem> category.\u003Cbr \u002F>\nOnce added in the post you can edit its settings on the Editor sidebar under the Block settings panel.\u003Cbr \u002F>\nSwitch between the previewer and editor views to edit the code and see its styled output.\u003C\u002Fp>\n","Block to display code, with highlighted syntax, which can be copied to the clipboard.",2213,"2021-03-02T21:48:00.000Z","5.6.17","5.5","7.1",[92,128,129,130,21],"block-editor","code","prism","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmelonpan-block-code\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmelonpan-block-code.2.0.3.zip",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":26,"downloaded":141,"rating":26,"num_ratings":26,"last_updated":142,"tested_up_to":66,"requires_at_least":143,"requires_php":18,"tags":144,"homepage":147,"download_link":148,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":28},"light-code-block","Light Code Block","1.0.2","Pavel","https:\u002F\u002Fprofiles.wordpress.org\u002Fplance\u002F","\u003Cp>The “Light Code Block” plugin is a simple and lightweight solution for inserting and displaying code snippets in posts and pages.\u003Cbr \u002F>\nIt works by adding a custom “LC” button to the TinyMCE (Classic) editor or a code block in the Gutenberg editor.\u003C\u002Fp>\n\u003Cp>The inserted code will be shown on the front end in a clean, readable format.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Go to the post or page edit screen.\u003C\u002Fli>\n\u003Cli>In the TinyMCE (Classic) editor, click the \u003Cstrong>“LC”\u003C\u002Fstrong> button in the toolbar.\u003C\u002Fli>\n\u003Cli>In the popup window that opens, paste or write your code, and click \u003Cstrong>OK\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Save or update your post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The code will be saved inside a special block and displayed on the front end within a \u003Ccode>\u003Cpre>\u003C\u002Fcode> tag with the class \u003Ccode>mce-simple-code-block\u003C\u002Fcode> (i.e., \u003Ccode>\u003Cpre class=\"mce-simple-code-block\">...\u003C\u002Fpre>\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Cp>To insert code using the Gutenberg editor, you first need to add a Classic (TinyMCE) block, and then use it to insert your code.\u003C\u002Fp>\n","The \"Light Code Block\" plugin is the simplest and lightest plugin for inserting and displaying code.",401,"2025-12-27T11:48:00.000Z","6.0",[129,20,145,146,21],"source","sourcecode","https:\u002F\u002Fplance.top\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flight-code-block.1.0.2.zip",{"attackSurface":150,"codeSignals":195,"taintFlows":235,"riskAssessment":271,"analyzedAt":282},{"hooks":151,"ajaxHandlers":191,"restRoutes":192,"shortcodes":193,"cronEvents":194,"entryPointCount":26,"unprotectedCount":26},[152,158,162,166,169,172,176,180,184,187],{"type":153,"name":154,"callback":155,"file":156,"line":157},"action","personal_options_update","user_personalopts_update","kindeditor.php",12,{"type":153,"name":159,"callback":160,"file":156,"line":161},"admin_head","add_admin_head",13,{"type":153,"name":163,"callback":164,"file":156,"line":165},"edit_form_advanced","load_kindeditor",14,{"type":153,"name":167,"callback":164,"file":156,"line":168},"edit_page_form",15,{"type":153,"name":170,"callback":164,"file":156,"line":171},"simple_edit_form",16,{"type":153,"name":173,"callback":174,"file":156,"line":175},"admin_print_styles","add_admin_style",17,{"type":153,"name":177,"callback":178,"file":156,"line":179},"admin_print_scripts","add_admin_js",18,{"type":153,"name":181,"callback":182,"file":156,"line":183},"wp_enqueue_scripts","add_head_script",21,{"type":153,"name":181,"callback":185,"file":156,"line":186},"add_head_style",22,{"type":153,"name":188,"callback":189,"file":156,"line":190},"admin_menu","kindeditor_plugin_menu",75,[],[],[],[],{"dangerousFunctions":196,"sqlUsage":197,"outputEscaping":199,"fileOperations":233,"externalRequests":26,"nonceChecks":25,"capabilityChecks":26,"bundledLibraries":234},[],{"prepared":26,"raw":26,"locations":198},[],{"escaped":26,"rawEcho":168,"locations":200},[201,203,205,207,209,211,214,215,217,219,221,223,226,228,231],{"file":156,"line":84,"context":202},"raw output",{"file":156,"line":204,"context":202},55,{"file":156,"line":206,"context":202},56,{"file":156,"line":208,"context":202},57,{"file":156,"line":210,"context":202},58,{"file":212,"line":213,"context":202},"kindeditor_class.php",33,{"file":212,"line":213,"context":202},{"file":212,"line":216,"context":202},34,{"file":212,"line":218,"context":202},35,{"file":212,"line":220,"context":202},107,{"file":212,"line":222,"context":202},113,{"file":224,"line":225,"context":202},"php\\file_manager_json.php",37,{"file":224,"line":227,"context":202},126,{"file":229,"line":230,"context":202},"php\\upload_json.php",116,{"file":229,"line":232,"context":202},123,6,[],[236,260],{"entryPoint":237,"graph":238,"unsanitizedCount":26,"severity":259},"kindeditor_option_page (kindeditor.php:28)",{"nodes":239,"edges":255},[240,244,249,253],{"id":241,"type":145,"label":242,"file":156,"line":243},"n0","$_POST['ke_highlight']",31,{"id":245,"type":246,"label":247,"file":156,"line":243,"wp_function":248},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":250,"type":145,"label":251,"file":156,"line":252},"n2","$_POST['ke_highlight_type']",32,{"id":254,"type":246,"label":247,"file":156,"line":252,"wp_function":248},"n3",[256,258],{"from":241,"to":245,"sanitized":257},true,{"from":250,"to":254,"sanitized":257},"low",{"entryPoint":261,"graph":262,"unsanitizedCount":26,"severity":259},"\u003Ckindeditor> (kindeditor.php:0)",{"nodes":263,"edges":268},[264,265,266,267],{"id":241,"type":145,"label":242,"file":156,"line":243},{"id":245,"type":246,"label":247,"file":156,"line":243,"wp_function":248},{"id":250,"type":145,"label":251,"file":156,"line":252},{"id":254,"type":246,"label":247,"file":156,"line":252,"wp_function":248},[269,270],{"from":241,"to":245,"sanitized":257},{"from":250,"to":254,"sanitized":257},{"summary":272,"deductions":273},"The 'kindeditor-for-wordpress' plugin version 1.4.3 presents a mixed security profile. On the positive side, the static analysis shows a very limited attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication or proper authorization checks. Furthermore, all SQL queries are confirmed to use prepared statements, and there are no critical or high-severity taint flows detected. The plugin also demonstrates a recent focus on security, with no currently unpatched CVEs and a single medium vulnerability from 2014 indicating historical but not persistent issues.\n\nHowever, significant concerns arise from the output escaping. The analysis reveals that 100% of the 15 identified output points are not properly escaped. This is a critical weakness that could lead to Cross-Site Scripting (XSS) vulnerabilities, especially given that the plugin's historical vulnerability type is XSS. While the attack surface is small and the code is generally free of obvious dangerous functions and raw SQL, the lack of proper output escaping creates a substantial risk of data injection and malicious script execution. The single nonce check also suggests that not all potentially sensitive operations are adequately protected against replay attacks.\n\nIn conclusion, while 'kindeditor-for-wordpress' v1.4.3 benefits from a small attack surface and secure database practices, the pervasive issue of unescaped output poses a significant XSS risk. This, combined with the historical prevalence of XSS vulnerabilities in the plugin, necessitates careful attention. The plugin's strengths lie in its limited entry points and prepared SQL statements, but its weakness in output sanitation is a major security concern that could be exploited.",[274,277,279],{"reason":275,"points":276},"Unescaped output detected",20,{"reason":278,"points":104},"Medium severity vulnerability in history",{"reason":280,"points":281},"Limited nonce checks",5,"2026-03-16T19:32:32.191Z",{"wat":284,"direct":301},{"assetPaths":285,"generatorPatterns":293,"scriptPaths":294,"versionParams":295},[286,287,288,289,290,291,292],"\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fmedia-upload.js","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fkindeditor.js","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Flang\u002Fzh_CN.js","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fplugins.js","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fthemes\u002Fdefault\u002Fdefault.css","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fplugins\u002Fcode\u002Fprettify.js","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fplugins\u002Fcode\u002Fprettify.css",[],[286,287,288,289,291],[296,297,298,299,300],"\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fmedia-upload.js?ver=","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fkindeditor.js?ver=","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Flang\u002Fzh_CN.js?ver=","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fplugins.js?ver=","\u002Fwp-content\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fplugins\u002Fcode\u002Fprettify.js?ver=",{"cssClasses":302,"htmlComments":306,"htmlAttributes":309,"restEndpoints":311,"jsGlobals":312,"shortcodeOutput":316},[303,304,305],"ke-container","ke-icon-wpmore","ke-icon-blockquote",[307,308],"\u003C![CDATA[","\u002F\u002F]]>",[310],"data-editor-id",[],[20,313,314,315],"options","KindEditor","prettyPrint",[],{"error":257,"url":318,"statusCode":319,"statusMessage":320,"message":320},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fkindeditor-for-wordpress\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":322,"versions":323},9,[324,329,336,344,352,360,368,376,384],{"version":6,"download_url":23,"svn_tag_url":325,"released_at":36,"has_diff":48,"diff_files_changed":326,"diff_lines":36,"trac_diff_url":327,"vulnerabilities":328,"is_current":257},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.4.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.4.2&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.4.3",[],{"version":330,"download_url":331,"svn_tag_url":332,"released_at":36,"has_diff":48,"diff_files_changed":333,"diff_lines":36,"trac_diff_url":334,"vulnerabilities":335,"is_current":48},"1.4.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.4.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.4.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.2.1&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.4.2",[],{"version":337,"download_url":338,"svn_tag_url":339,"released_at":36,"has_diff":48,"diff_files_changed":340,"diff_lines":36,"trac_diff_url":341,"vulnerabilities":342,"is_current":48},"1.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.2&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.2.1",[343],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"version":345,"download_url":346,"svn_tag_url":347,"released_at":36,"has_diff":48,"diff_files_changed":348,"diff_lines":36,"trac_diff_url":349,"vulnerabilities":350,"is_current":48},"1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.4&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.2",[351],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"version":353,"download_url":354,"svn_tag_url":355,"released_at":36,"has_diff":48,"diff_files_changed":356,"diff_lines":36,"trac_diff_url":357,"vulnerabilities":358,"is_current":48},"1.1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.1.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.3&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.4",[359],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"version":361,"download_url":362,"svn_tag_url":363,"released_at":36,"has_diff":48,"diff_files_changed":364,"diff_lines":36,"trac_diff_url":365,"vulnerabilities":366,"is_current":48},"1.1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.2&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.3",[367],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"version":369,"download_url":370,"svn_tag_url":371,"released_at":36,"has_diff":48,"diff_files_changed":372,"diff_lines":36,"trac_diff_url":373,"vulnerabilities":374,"is_current":48},"1.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.1&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.2",[375],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"version":377,"download_url":378,"svn_tag_url":379,"released_at":36,"has_diff":48,"diff_files_changed":380,"diff_lines":36,"trac_diff_url":381,"vulnerabilities":382,"is_current":48},"1.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.0.0&new_path=%2Fkindeditor-for-wordpress%2Ftags%2F1.1.1",[383],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38},{"version":99,"download_url":385,"svn_tag_url":386,"released_at":36,"has_diff":48,"diff_files_changed":387,"diff_lines":36,"trac_diff_url":36,"vulnerabilities":388,"is_current":48},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkindeditor-for-wordpress.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fkindeditor-for-wordpress\u002Ftags\u002F1.0.0\u002F",[],[389],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38}]