[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJiPOFiMvcznZMXMPqVJPjZuEA42PNXS2wW7_g-Uc4eo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":59,"crawl_stats":36,"alternatives":65,"analysis":156,"fingerprints":332},"latex2html","LaTeX2HTML","2.6.2","Van Abel","https:\u002F\u002Fprofiles.wordpress.org\u002Fvan-abel\u002F","\u003Cp>LaTeX2HTML makes you write blog like in LaTeX doc. You can just copy and paste to create a new post in WP from your tex source file, then it will looks like \u003Ccode>amsart\u003C\u002Fcode> document style. It support a lot of raw latex command including theorem like environment and BibTeX style citation.\u003C\u002Fp>\n\u003Ch3>Main Functions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Enable \u003Ca href=\"https:\u002F\u002Fwww.mathjax.org\" rel=\"nofollow ugc\">MathJax\u003C\u002Fa> to render math formula.\u003C\u002Fli>\n\u003Cli>Translate raw LaTeX (almost all the command of amsart) to HTML+CSS markup.\u003C\u002Fli>\n\u003Cli>Almost every thing is customizable, but also works perfect by default. e.g., support \\newcommand\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Good news, this plugin is free for everyone! Since it’s released under the GPL2, you can use it free of charge on your personal or commercial blog.\u003C\u002Fp>\n","LaTeX2HTML makes you write blog like in LaTeX doc.",300,13732,100,8,"2025-02-01T04:48:00.000Z","6.7.5","5.0","",[20,21,22],"html","latex","mathjax","https:\u002F\u002Flatex2html.vanabel.cn","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatex2html.2.6.2.zip",91,2,0,"2024-12-20 20:38:22","2026-03-15T15:16:48.613Z",[31,47],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-11688","latex2html-reflected-cross-site-scripting-2","LaTeX2HTML \u003C= 2.5.5 - Reflected Cross-Site Scripting","The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=2.5.5","2.6.0","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-01-14 15:20:53",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb3d9af8b-1168-462d-a767-d16ee660f646?source=api-prod",25,{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":36,"affected_versions":52,"patched_in_version":53,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":54,"updated_date":55,"references":56,"days_to_patch":58},"CVE-2024-49673","latex2html-reflected-cross-site-scripting","LaTeX2HTML \u003C= 2.5.4 - Reflected Cross-Site Scripting","The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=2.5.4","2.5.5","2024-10-21 00:00:00","2024-10-30 17:00:12",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F44f164fc-d8a6-4e31-9fec-54ae22246c50?source=api-prod",10,{"slug":60,"display_name":7,"profile_url":8,"plugin_count":61,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":62,"trust_score":63,"computed_at":64},"van-abel",1,18,88,"2026-04-04T11:22:35.673Z",[66,86,102,120,139],{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":63,"num_ratings":76,"last_updated":77,"tested_up_to":16,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":18,"download_link":84,"security_score":25,"vuln_count":61,"unpatched_count":27,"last_vuln_date":85,"fetched_at":29},"mathjax-latex","MathJax-LaTeX","1.3.13","knowledgeblog","https:\u002F\u002Fprofiles.wordpress.org\u002Fknowledgeblog\u002F","\u003Cp>MathJax enables enables rendering of embedded LaTeX or MathML in HTML pages. This plugin adds this functionality to WordPress. The MathJax JavaScript is inject on-demand only to those pages which require it. This ensures that MathJax is not loaded for all pages, which will otherwise slow loading down.\u003C\u002Fp>\n\u003Cp>The MathJax JavaScript can be delivered from your own server, or you can use the Cloudflare Content Distribution Network (CDN), which is the preferred mechanism as it offers increased speed and stability over hosting the JavaScript and configuring the library yourself.\u003C\u002Fp>\n\u003Cp>You may embed latex using a variety of different syntaxes. The shortcode (https:\u002F\u002Fcodex.wordpress.org\u002FShortcode_API) syntax is preferred. So \u003Ccode>[latex]E=mc^2[\u002Flatex]\u003C\u002Fcode> will work out of the box. This also forces loading of MathJax.\u003C\u002Fp>\n\u003Cp>Additionally, you can use native MathJax syntax — \u003Ccode>$$E=mc^2$$\u003C\u002Fcode> or \u003Ccode>\\(E=mc^2\\)\u003C\u002Fcode>. However, if this is the only syntax used, the plugin must be explicitly told to load MathJax for the current page. This can be achieved by adding a \u003Ccode>[mathjax]\u003C\u002Fcode> shortcode anywhere in the post. For posts with both \u003Ccode>[latex]\u003C\u002Fcode>x\u003Ccode>[\u002Flatex]\u003C\u002Fcode> and \u003Ccode>$$x$$\u003C\u002Fcode> syntaxes this is unnecessary.\u003C\u002Fp>\n\u003Cp>You can use wp-latex syntax, \u003Ccode>$latex E=mc^2$\u003C\u002Fcode>. Parameters can be specified as with wp-latex but will be ignored. This means that MathJax-LaTeX should be a drop-in replacement for wp-latex. Because this conflicts with wp-latex, this behaviour is blocked when wp-latex is present, and must be explicitly enabled in the settings.\u003C\u002Fp>\n\u003Cp>You can also specify \u003Ccode>[nomathjax]\u003C\u002Fcode> — this will block mathjax on the current page, regardless of other tags.\u003C\u002Fp>\n\u003Cp>MathJax-LaTeX is developed on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fphillord\u002Fmathjax-latex\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>This plugin is copyright Phillip Lord, Newcastle University and is licensed under GPLv2.\u003C\u002Fp>\n","This plugin enables MathJax (http:\u002F\u002Fwww.mathjax.org) functionality for WordPress (http:\u002F\u002Fwww.wordpress.org).",10000,169356,11,"2025-01-14T16:50:00.000Z","3.0","7.0.0",[21,81,22,82,83],"mathematics","mathml","science","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmathjax-latex.1.3.13.zip","2013-03-25 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":99,"requires_at_least":78,"requires_php":18,"tags":100,"homepage":18,"download_link":101,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"simple-mathjax","Simple Mathjax","2.1.1","Samuel Coskey","https:\u002F\u002Fprofiles.wordpress.org\u002Fsgcoskey\u002F","\u003Cp>This wordpress plugin is yet another simple plugin to load the \u003Ca href=\"http:\u002F\u002Fwww.mathjax.org\" rel=\"nofollow ugc\">MathJax\u003C\u002Fa> scripts at the bottom of all of your pages. It uses a very all-inclusive mathjax configuration by default, with $’s and $$’s the default delimeters for in-line and displayed equations.\u003C\u002Fp>\n\u003Cp>A preference pane is added to the “Settings” group where you can choose whether to use MathJax version 2 or 3, change the MathJax server location (CDN) and the MathJax configuration settings. (See \u003Ca href=\"https:\u002F\u002Fdocs.mathjax.org\u002Fen\u002Flatest\u002Fweb\u002Fstart.html#configuring-mathjax\" rel=\"nofollow ugc\">the mathjax documentation\u003C\u002Fa> for details on the options available.)\u003Cbr \u002F>\nYou can also specify a LaTeX “preamble” of newcommands which will be loaded in a hidden element near the top of each page.\u003C\u002Fp>\n\u003Cp>Fork this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fboolesrings\u002FSimple-Mathjax-wordpress-plugin\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Yet another plugin to add MathJax support to your wordpress blog. Just wrap your equations inside $ signs and MathJax will render them visually.",4000,47452,94,13,"2025-09-10T09:57:00.000Z","6.8.5",[21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-mathjax.2.1.1.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":13,"num_ratings":112,"last_updated":113,"tested_up_to":99,"requires_at_least":17,"requires_php":114,"tags":115,"homepage":118,"download_link":119,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"katex","KaTeX","2.2.5","Tom Churchman","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeskhue\u002F","\u003Cp>The KaTeX WordPress plugin enables you to use the fastest \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKhan\u002FKaTeX\" rel=\"nofollow ugc\">TeX math typesetting engine\u003C\u002Fa> on your WordPress website. You can include TeX inside a \u003Ccode>[katex]...[\u002Fkatex]\u003C\u002Fcode> shortcode or in a Gutenberg block. Either way the math will render beautifully on your website. When using Gutenberg blocks, the equations will render immediately inside your editor!\u003C\u002Fp>\n\u003Cp>Equations in blocks or using the \u003Ccode>[katex display=true]...[\u002Fkatex]\u003C\u002Fcode> shortcode will render on page in display mode–with bigger symbols–centered on their own line.\u003C\u002Fp>\n\u003Cp>For compatibility with other LaTeX plugins, this plugin optionally supports \u003Ccode>[latex]...[\u002Flatex]\u003C\u002Fcode> shortcodes.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkatex\" rel=\"ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Assets\u003C\u002Fh3>\n\u003Cp>This plugin includes minified assets provided by the KaTeX project.\u003Cbr \u002F>\nThe source code is available in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKaTeX\u002FKaTeX\u002Ftree\u002Fv0.16.22\" rel=\"nofollow ugc\">the KaTeX git repository on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Use the fastest math typesetting library on your website.",2000,39753,16,"2025-07-21T11:07:00.000Z","5.3",[103,21,116,22,117],"math","tex","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkatex","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkatex.2.2.5.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":76,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":114,"tags":134,"homepage":136,"download_link":137,"security_score":138,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"wp-katex","WP-KaTeX","1.11.0","ascom","https:\u002F\u002Fprofiles.wordpress.org\u002Fascom\u002F","\u003Cp>The KaTeX WordPress plugin integrates the super-fast \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKhan\u002FKaTeX\" rel=\"nofollow ugc\">KaTeX math typesetting engine\u003C\u002Fa> with your WordPress website. The plugin allows you to put LaTeX in a \u003Ccode>[latex]...[\u002Flatex]\u003C\u002Fcode> shortcode, and beautiful math appears on your post or page.\u003C\u002Fp>\n\u003Cp>The plugin also has an option to use the excellent \u003Ca href=\"http:\u002F\u002Fwww.jsdelivr.com\" rel=\"nofollow ugc\">jsDelivr CDN\u003C\u002Fa> to load the KaTeX scripts, further increasing the performance of the plugin.\u003C\u002Fp>\n\u003Cp>Equations in \u003Ccode>[latex display=\"true\"]...[\u002Flatex]\u003C\u002Fcode> will be rendered in display mode (rather than inline mode) and centered on its own line.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fandrewsun.com\u002Fprojects\u002Fwp-katex\u002F\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fp>\n","Integrates the super-fast KaTeX LaTeX equation typesetting engine with WordPress. Create beautiful, yet performant math in your posts and pages.",800,22251,92,"2019-08-14T20:59:00.000Z","5.2.24","3.9",[135,103,21,116,22],"equation","https:\u002F\u002Fandrewsun.com\u002Fprojects\u002Fwp-katex\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-katex.1.11.0.zip",85,{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":147,"downloaded":148,"rating":13,"num_ratings":26,"last_updated":149,"tested_up_to":150,"requires_at_least":151,"requires_php":17,"tags":152,"homepage":154,"download_link":155,"security_score":138,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"youngwhans-simple-latex","Youngwhan's Simple Latex","2.0.1","breadncup","https:\u002F\u002Fprofiles.wordpress.org\u002Fbreadncup\u002F","\u003Cp>The usage is simple.\u003C\u002Fp>\n\u003Cp>In your post, write LaTeX syntax encapsulated by [math] and [\u002Fmath].\u003C\u002Fp>\n\u003Cp>[math]{Latex Syntax}[\u002Fmath].\u003C\u002Fp>\n\u003Cp>For example, [math]x^2+y^2[\u002Fmath]\u003C\u002Fp>\n\u003Cp>It uses the Mathjax (https:\u002F\u002Fwww.mathjax.org) since the 2.0 version\u003C\u002Fp>\n\u003Ch4>How to use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Usage  : [math]{Latex Syntax}[\u002Fmath]\u003C\u002Fli>\n\u003Cli>Example: [math]x^2+y^2[\u002Fmath]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>YW Latex Settings\u003C\u002Fh4>\n\u003Cp>No Setting is required.\u003C\u002Fp>\n","The usage is simple.",200,10490,"2023-12-04T05:37:00.000Z","6.4.8","2.5",[135,21,116,153,22],"mathematic","https:\u002F\u002Fblog.breadncup.com\u002Fyw-latex-wp-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyoungwhans-simple-latex.2.0.1.zip",{"attackSurface":157,"codeSignals":214,"taintFlows":283,"riskAssessment":323,"analyzedAt":331},{"hooks":158,"ajaxHandlers":210,"restRoutes":211,"shortcodes":212,"cronEvents":213,"entryPointCount":27,"unprotectedCount":27},[159,165,170,174,178,182,186,189,194,198,202,206],{"type":160,"name":161,"callback":162,"file":163,"line":164},"action","wp_head","l2h_latex_custom_style_adder","inc\\core.php",101,{"type":166,"name":167,"callback":168,"file":163,"line":169},"filter","the_content","l2h_latex_mathjax_adder",102,{"type":160,"name":171,"callback":172,"file":163,"line":173},"wp_enqueue_scripts","l2h_enqueue_style",103,{"type":160,"name":175,"callback":176,"file":163,"line":177},"admin_enqueue_scripts","l2h_admin_enqueue_style",104,{"type":166,"name":167,"callback":179,"priority":180,"file":163,"line":181},"anonymous",99,108,{"type":160,"name":183,"callback":184,"file":163,"line":185},"wp_footer","l2h_latex_preamble_adder",121,{"type":160,"name":183,"callback":187,"file":163,"line":188},"l2h_latex_mathjax_single_adder",122,{"type":160,"name":190,"callback":191,"file":192,"line":193},"admin_menu","l2h_admin_menu","inc\\settings.php",70,{"type":160,"name":195,"callback":196,"file":192,"line":197},"admin_init","l2h_admin_init",71,{"type":160,"name":199,"callback":200,"file":192,"line":201},"admin_post_bibtex","l2h_admin_post",73,{"type":160,"name":203,"callback":204,"file":205,"line":58},"plugins_loaded","l2h_load_textdomain","inc\\trans.php",{"type":160,"name":203,"callback":207,"file":208,"line":209},"init","latex2html.php",35,[],[],[],[],{"dangerousFunctions":215,"sqlUsage":216,"outputEscaping":218,"fileOperations":280,"externalRequests":27,"nonceChecks":280,"capabilityChecks":281,"bundledLibraries":282},[],{"prepared":58,"raw":27,"locations":217},[],{"escaped":219,"rawEcho":220,"locations":221},105,29,[222,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,263,264,266,268,269,271,272,274,276,278],{"file":223,"line":224,"context":225},"inc\\db.inc.php",163,"raw output",{"file":223,"line":227,"context":225},165,{"file":192,"line":229,"context":225},28,{"file":192,"line":231,"context":225},377,{"file":192,"line":233,"context":225},389,{"file":192,"line":235,"context":225},392,{"file":192,"line":237,"context":225},470,{"file":192,"line":239,"context":225},480,{"file":192,"line":241,"context":225},495,{"file":192,"line":243,"context":225},516,{"file":192,"line":245,"context":225},518,{"file":192,"line":247,"context":225},520,{"file":192,"line":249,"context":225},521,{"file":192,"line":251,"context":225},587,{"file":192,"line":253,"context":225},592,{"file":192,"line":255,"context":225},597,{"file":192,"line":257,"context":225},661,{"file":192,"line":259,"context":225},669,{"file":261,"line":262,"context":225},"inc\\settings_page.php",24,{"file":261,"line":46,"context":225},{"file":261,"line":265,"context":225},26,{"file":261,"line":267,"context":225},27,{"file":261,"line":229,"context":225},{"file":261,"line":270,"context":225},50,{"file":261,"line":13,"context":225},{"file":261,"line":273,"context":225},107,{"file":261,"line":275,"context":225},109,{"file":261,"line":277,"context":225},112,{"file":261,"line":279,"context":225},116,3,4,[],[284,303,314],{"entryPoint":285,"graph":286,"unsanitizedCount":27,"severity":302},"\u003Cmanual> (inc\\html\\manual.php:0)",{"nodes":287,"edges":299},[288,294],{"id":289,"type":290,"label":291,"file":292,"line":293},"n0","source","$_GET (x2)","inc\\html\\manual.php",6,{"id":295,"type":296,"label":297,"file":292,"line":46,"wp_function":298},"n1","sink","echo() [XSS]","echo",[300],{"from":289,"to":295,"sanitized":301},true,"low",{"entryPoint":304,"graph":305,"unsanitizedCount":27,"severity":302},"\u003Csettings> (inc\\settings.php:0)",{"nodes":306,"edges":312},[307,310],{"id":289,"type":290,"label":308,"file":192,"line":309},"$_POST",111,{"id":295,"type":296,"label":297,"file":192,"line":311,"wp_function":298},617,[313],{"from":289,"to":295,"sanitized":301},{"entryPoint":315,"graph":316,"unsanitizedCount":27,"severity":302},"\u003Csettings_page> (inc\\settings_page.php:0)",{"nodes":317,"edges":321},[318,320],{"id":289,"type":290,"label":319,"file":261,"line":279},"$_GET['message']",{"id":295,"type":296,"label":297,"file":261,"line":279,"wp_function":298},[322],{"from":289,"to":295,"sanitized":301},{"summary":324,"deductions":325},"The latex2html plugin v2.6.2 exhibits a generally good security posture based on the provided static analysis. The complete absence of unprotected entry points, dangerous functions, external HTTP requests, and a lack of critical or high-severity taint flows are all positive indicators. The plugin also demonstrates a strong adherence to secure coding practices with 100% of SQL queries using prepared statements and a decent 78% of output escaping, along with the presence of nonce and capability checks.  However, there are two known medium-severity vulnerabilities in its history, both related to Cross-site Scripting (XSS), which are a significant concern despite being currently patched. The fact that these XSS vulnerabilities exist suggests that input sanitization for output rendering could be a weakness, even if the current static analysis doesn't highlight any immediate, critical flaws in this area. The plugin's strengths lie in its limited attack surface and use of prepared statements, but the historical XSS vulnerabilities warrant a cautious approach.",[326,329],{"reason":327,"points":328},"History of XSS vulnerabilities",15,{"reason":330,"points":280},"Moderate output escaping rate (78%)","2026-03-16T20:06:26.767Z",{"wat":333,"direct":338},{"assetPaths":334,"generatorPatterns":335,"scriptPaths":336,"versionParams":337},[],[],[],[],{"cssClasses":339,"htmlComments":340,"htmlAttributes":341,"restEndpoints":342,"jsGlobals":343,"shortcodeOutput":344},[],[],[],[],[],[]]