[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHNvPWk-u2PUS8nUKg7bc3-89L9ViE_67ntwT0_N80Hg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":136,"fingerprints":215},"lightbulb-save-and-close","Save and Close","1.2.1","lightbulbdigital","https:\u002F\u002Fprofiles.wordpress.org\u002Flightbulbdigital\u002F","\u003Cp>Does what it says on the tin!\u003C\u002Fp>\n\u003Cp>So what is the plugin? The name says it all really, this just adds a Save and Close button to all pages, posts and custom post types. We’ve done away with the click so no longer do you need to hit “Update” or “Publish” then click back your post\u002Fpage listing. Save and Close will just take you right back to your list of posts! Simples!\u003C\u002Fp>\n\u003Cp>At Lightbulb we love to give a little back and this is our way of saying thanks to WordPress. Also to all of our comrades populating websites or doing lots of edits this one is for you! Saving those precious seconds and making your lives happy and RSI free.\u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"http:\u002F\u002Flightbulbdigital.com.au\" rel=\"nofollow ugc\">Lightbulb Digital\u003C\u002Fa>.\u003C\u002Fp>\n","Adds a Save and Close button to the admin post edit screen which allows you to return to the post listing page after editing.",500,5742,94,13,"2013-04-18T00:02:00.000Z","3.5.2","3.3","",[20,21,22,23,24],"close","edit","editing","publish","save","http:\u002F\u002Flightbulbdigital.com.au\u002Fwordpress-plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flightbulb-save-and-close.1.2.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-04T15:25:38.689Z",[38,55,75,90,111],{"slug":39,"name":40,"version":6,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":18,"download_link":54,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"improved-save-button","Improved Save Button","Label Blanc","https:\u002F\u002Fprofiles.wordpress.org\u002Flabelblanc\u002F","\u003Cp>This plugin adds a new and improved “Save” button to the Post Edit screen that, in a single click, saves the current post and immediately takes you to your next action.\u003C\u002Fp>\n\u003Cp>(\u003Cstrong>WordPress 5 info:\u003C\u002Fstrong> see below for particularities for WordPress 5.)\u003C\u002Fp>\n\u003Cp>The following actions are available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Save and New\u003C\u002Fstrong>: in a single click, saves the current post and goes to New Post Screen.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save and Duplicate\u003C\u002Fstrong>: saves the post, duplicates it and goes to this new post’s Edit Screen.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save and List\u003C\u002Fstrong> (a.k.a. Save and Close): saves the post and goes to the Posts List.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save and Return\u003C\u002Fstrong>: saves the post and returns you to the page where you were just before (no matter which page).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save and Next\u003C\u002Fstrong>: saves the post and goes to the next post’s Edit Screen.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save and Previous\u003C\u002Fstrong>: saves the post and goes to the previous post’s Edit Screen.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save and View\u003C\u002Fstrong> (same or new window): saves the post and goes to the post’s frontend page. Can show the post in the same window or in a new one.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin saves you a lot of time when you have multiple posts, pages or custom posts to create or modify!\u003C\u002Fp>\n\u003Cp>Works with pages, posts and custom post types!\u003C\u002Fp>\n\u003Cp>Through the plugin’s settings page, you can choose which actions to show and which one to use as the button’s default action.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress 5 info\u003C\u002Fstrong>\u003Cbr \u002F>\nThe plugin technically works with WordPress 5, but it doesn’t work with the new Gutenberg editor, which is the default editor for WordPress 5. You have to disable the Gutenberg editor to use this plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Want to help translate?\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin now uses the WordPress Translation Service for translations. \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fimproved-save-button\" rel=\"nofollow ugc\">Please visit the plugin’s page to submit your translation!\u003C\u002Fa>\u003C\u002Fp>\n","Improve your productivity with this \"2-in-1\" save button! It saves the post and immediately takes you to your next action.",4000,19620,100,26,"2020-05-10T22:02:00.000Z","4.9.29","3.5.1",[20,21,53,23,24],"list","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimproved-save-button.1.2.1.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":28,"num_ratings":28,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":18,"tags":68,"homepage":18,"download_link":74,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"eangel","eAngel.me Proofread your content. Grammar, Spelling, Punctuation And Proper Use Of Words.","1.2.0","eangel.me","https:\u002F\u002Fprofiles.wordpress.org\u002Feangelme\u002F","\u003Cp>eAngel – Add professional proofreading to your WordPress publishing process.\u003C\u002Fp>\n\u003Cp>We all know that a professional level of writing cannot simply be achieved with an automated spelling or grammar checker. No matter how advanced automated software has become it still cannot replace the human brain. At eAngel.me each text is corrected personally by one of our language experts.\u003C\u002Fp>\n\u003Cp>Our vision is moving beyond language skills and creating clear channels of communication. We believe that different abilities, languages and countries should not be a barrier for accurate correspondence. We want to make it easier and faster, for business professionals, students and individuals living with disabilities interfering with language skills like dyslexia, to efficiently communicate. eAngel.me offers every person just that, and at a low, affordable cost.\u003C\u002Fp>\n\u003Cp>With one simple click your text is sent to one of our angels, who personally corrects it and makes sure you sound professional. We correct (not translate) spelling, grammar, punctuation and proper use of words. We correct texts in English, Spanish, French, German and Hebrew.\u003C\u002Fp>\n\u003Cp>Our pricing model adapts to your needs. If your writing skills are at a high level and you only require minor corrections you will pay less than a user whose writing requires a high number of corrections.\u003C\u002Fp>\n","eAngel provides a 24\u002F7 professional proofreading services to WordPress users.",10,2660,"2016-05-08T13:41:00.000Z","4.0.38","3.0",[69,70,71,72,73],"copy-editing","copy-editors","copyediting","proofreading","publishing","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feangel.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":63,"downloaded":83,"rating":28,"num_ratings":28,"last_updated":84,"tested_up_to":66,"requires_at_least":85,"requires_php":18,"tags":86,"homepage":88,"download_link":89,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"editnpublishcom-easy-english-editing","editnpublish.com Easy English Editing","1.0","editnpublish","https:\u002F\u002Fprofiles.wordpress.org\u002Feditnpublish\u002F","\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwww.editnpublish.com\u002F\" rel=\"nofollow ugc\">Editnpublish.com\u003C\u002Fa>\u003C\u002Fstrong>: Add professional Easy English Editing to your WordPress blog publishing process.\u003C\u002Fp>\n\u003Cp>This is a plugin which can help all non-native writers write clear and grammatically correct English. Get easy quote for editing your post by installing the plugin.\u003C\u002Fp>\n","Editnpublish can help all non-native writers write clear and grammatically correct English.",2118,"2015-01-23T04:57:00.000Z","3.6",[69,22,79,87,72],"english-editing","http:\u002F\u002Fwww.editnpublish.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feditnpublishcom-easy-english-editing.zip",{"slug":91,"name":92,"version":78,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":63,"downloaded":97,"rating":47,"num_ratings":33,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":18,"tags":101,"homepage":108,"download_link":109,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":110},"post-lock","Post Lock","ggwicz","https:\u002F\u002Fprofiles.wordpress.org\u002Fggwicz\u002F","\u003Cp>\u003Cem>It’s way too easy to accidentally publish or update a post on WordPress.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fvimeo.com\u002F178698875\u003C\u002Fp>\n\u003Cp>Post Lock prevents accidental updating or publishing of content by requiring a password to do either.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds a layer of protection without adding a headache: unlocking a post is a seamless experience and takes a few seconds.\u003C\u002Fli>\n\u003Cli>Works on all post types (you can easily exclude or include post types with a plugin filter).\u003C\u002Fli>\n\u003Cli>Simple, solid code.\u003C\u002Fli>\n\u003Cli>If a post is unlocked, and two beats of the WordPress Heartbeat API happen without action (which is usally 30 seconds, 15 per beat), then the post is re-locked.\u003C\u002Fli>\n\u003Cli>Numerous plugin filters make it easy to customize the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n","Post Lock prevents accidental updating or publishing of content by requiring a password to do either.",1602,"2016-08-13T05:33:00.000Z","4.5.33","4.2",[102,22,103,91,104,73,105,106,107],"content-management","editorial","publish-lock","tools","update","utility","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-lock\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-lock.zip","2026-03-15T14:54:45.397Z",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":121,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":18,"tags":126,"homepage":131,"download_link":132,"security_score":133,"vuln_count":134,"unpatched_count":28,"last_vuln_date":135,"fetched_at":30},"custom-fonts","Custom Fonts – Host Your Fonts Locally","2.1.17","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Cp>\u003Cstrong>HOST FONTS, IMPROVE WEBSITE SPEED, AND ELIMINATE PRIVACY CONCERNS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Ch3>IMPROVED SPEED AND PERFORMANCE 🚀\u003C\u002Fh3>\n\u003Cp>Custom Fonts enables you to upload your own custom fonts or choose from a vast collection of Google Fonts, all hosted directly on your own web server.\u003C\u002Fp>\n\u003Cp>By hosting fonts locally, you can significantly improve your website’s performance. As the fonts load directly from your server, it reduces external requests, significantly reducing page load times.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbsf.io\u002Fcustom-fonts-demo\" rel=\"nofollow ugc\">Try it out on a free dummy site\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>UPLOAD YOUR CUSTOM FONTS OR CHOOSE FROM GOOGLE FONTS 🎨\u003C\u002Fh3>\n\u003Cp>With Custom Fonts, you have the freedom to customize your website typography to match your unique brand identity!\u003C\u002Fp>\n\u003Cp>You can easily upload your own custom font files, such as .ttf or .otf, and use them throughout your website. Or, you can choose from a rich library of Google Fonts and host them locally on your server, ensuring full control over their use.\u003C\u002Fp>\n\u003Ch3>UPLOAD MULTIPLE FONT VARIANTS 🆒\u003C\u002Fh3>\n\u003Cp>You have the flexibility to upload any number of font variants to suit your design needs. Whether it’s different weights, styles, or character sets, easily manage and customize the necessary font variants. Personalize your typography to perfection and create a unique visual identity for your website.\u003C\u002Fp>\n\u003Ch3>ENHANCED PRIVACY AND GDPR COMPLIANCE 🛡️\u003C\u002Fh3>\n\u003Cp>Privacy is a top priority, especially in light of data protection regulations like GDPR. By using Custom Fonts, you can self-host your fonts, eliminating any privacy concerns associated with external font services. Take full control over the fonts you use on your website and ensure compliance with privacy regulations.\u003C\u002Fp>\n\u003Ch3>FULL SITE EDITING THEME SUPPORT AND EASY INTEGRATION 🎉\u003C\u002Fh3>\n\u003Cp>Custom Fonts seamlessly integrates with WordPress full site editing themes, allowing you to effortlessly choose and customize fonts across your entire website. Say goodbye to limitations and enjoy the freedom to create a consistent and visually appealing typography experience for visitors.\u003C\u002Fp>\n\u003Ch3>BEAUTIFUL AND USER-FRIENDLY INTERFACE MADE WITH REACT JS 💻\u003C\u002Fh3>\n\u003Cp>We take pride in providing an elegant and intuitive user interface for Custom Fonts. Built with React JS, our interface offers a seamless experience, making it easy to upload and manage custom fonts, select from Google Fonts, and customize typography settings to suit your needs.\u003C\u002Fp>\n\u003Ch3>COMPLETELY FREE, NO UPSELLS OR HIDDEN COSTS 🆓\u003C\u002Fh3>\n\u003Cp>Custom Fonts is completely free, with no upsells or hidden costs. We believe in empowering website owners with essential tools without nickel-and-diming. Enjoy full access to all the features and functionality of Custom Fonts.\u003C\u002Fp>\n\u003Ch3>WHO CAN BENEFIT FROM CUSTOM FONTS?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Web designers and developers:\u003C\u002Fstrong> You can easily enhance the typography and overall design of your projects, making them stand out from the crowd.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>eCommerce store owners:\u003C\u002Fstrong> Custom fonts can enhance your brand identity and provide a distinctive visual style for product descriptions, banners, and more. Hosting fonts locally with Custom Fonts improves website performance, benefiting you and your consumers.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bloggers and content creators:\u003C\u002Fstrong> Make your content truly pop. Stand out from the crowd and captivate your audience with Custom Fonts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SEO experts:\u003C\u002Fstrong> You can now boost page speed by hosting fonts locally with Custom Fonts. Fewer external requests means faster loading times! Plus, you ensure compliance with privacy regulations.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Custom Fonts caters to anyone who values the customization of typography, performance optimization, privacy control, and compliance with regulations.\u003C\u002Fp>\n\u003Cp>If you want to take control of your website’s typography and enhance its overall appearance, Custom Fonts is the plugin for you!\u003C\u002Fp>\n\u003Ch3>SOME OF THE SUPPORTED WORDPRESS THEMES:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwpastra.com\u002F\" rel=\"nofollow ugc\">Astra WordPress Theme\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fspectra-one\u002F\" rel=\"ugc\">Spectra One Theme\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>All FSE themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>SOME OF THE SUPPORTED WORDPRESS PLUGINS:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Spectra Page Builder\u003C\u002Fli>\n\u003Cli>Elementor Page Builder\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Branding Guidelines\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When mentioning Custom Fonts, please use the following format:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom Fonts [correct]\u003C\u002Fli>\n\u003Cli>CustomFonts [incorrect]\u003C\u002Fli>\n\u003Cli>Custom fonts [incorrect]\u003C\u002Fli>\n\u003Cli>CustomFont [incorrect]\u003C\u002Fli>\n\u003Cli>Customfont [incorrect]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Our Other Products:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpastra.com\u002F\" rel=\"nofollow ugc\">Astra\u003C\u002Fa> – The most popular WordPress theme that perfectly integrates with Custom Fonts.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpspectra.com\u002F\" rel=\"nofollow ugc\">Spectra\u003C\u002Fa> – A visual website builder built with WordPress’ native block editor.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimateelementor.com\u002F\" rel=\"nofollow ugc\">Ultimate Addons for Elementor\u003C\u002Fa> – The best addons to extend Elementor’s capabilities.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpschema.com\u002F\" rel=\"nofollow ugc\">Schema Pro\u003C\u002Fa> – All-in-one schema markup plugin that offers complete functionality and easy configuration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprojecthuddle.com\u002F\" rel=\"nofollow ugc\">ProjectHuddle\u003C\u002Fa> – Lets you collect sticky note-style feedback on page designs and web projects.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Other partnered products:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcartflows.com\u002F\" rel=\"nofollow ugc\">CartFlows\u003C\u002Fa> – One-click sales funnel builder for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprestoplayer.com\u002F\" rel=\"nofollow ugc\">Presto Player\u003C\u002Fa> – Best video player plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsurecart.com\u002F\" rel=\"nofollow ugc\">SureCart\u003C\u002Fa> – A powerful eCommerce platform designed to grow your business by effortlessly selling online.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsuremembers.com\u002F\" rel=\"nofollow ugc\">SureMembers\u003C\u002Fa> – Fastest and easiest way to protect content on your website and build memberships.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fottokit.com\u002F\" rel=\"nofollow ugc\">OttoKit\u003C\u002Fa> – Connects your favorite tools so you can automate workflows and streamline your business processes.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.surewriter.com\u002F\" rel=\"nofollow ugc\">SureWriter\u003C\u002Fa> – AI writing tool to make your web design journey faster.\u003C\u002Fli>\n\u003C\u002Ful>\n","Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host &hellip;",300000,6292269,86,62,"2026-01-19T06:43:00.000Z","6.9.4","5.0",[112,127,128,129,130],"fonts","full-site-editing","google-fonts","performance","http:\u002F\u002Fwww.wpastra.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-fonts.2.1.17.zip",98,2,"2026-01-19 15:16:44",{"attackSurface":137,"codeSignals":162,"taintFlows":174,"riskAssessment":201,"analyzedAt":214},{"hooks":138,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":28,"unprotectedCount":28},[139,145,149,154],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_init","init","lightbulb-save-and-close.php",14,{"type":140,"name":146,"callback":147,"file":143,"line":148},"post_submitbox_misc_actions","add_button",22,{"type":150,"name":151,"callback":152,"file":143,"line":153},"filter","redirect_post_location","redirect",23,{"type":140,"name":155,"callback":156,"file":143,"line":157},"admin_notices","saved_notice",24,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":173},[],{"prepared":28,"raw":28,"locations":165},[],{"escaped":28,"rawEcho":134,"locations":167},[168,171],{"file":143,"line":169,"context":170},41,"raw output",{"file":143,"line":172,"context":170},42,[],[175,192],{"entryPoint":176,"graph":177,"unsanitizedCount":33,"severity":191},"add_button (lightbulb-save-and-close.php:30)",{"nodes":178,"edges":188},[179,183],{"id":180,"type":181,"label":182,"file":143,"line":169},"n0","source","$_SERVER['HTTP_REFERER']",{"id":184,"type":185,"label":186,"file":143,"line":169,"wp_function":187},"n1","sink","echo() [XSS]","echo",[189],{"from":180,"to":184,"sanitized":190},false,"medium",{"entryPoint":193,"graph":194,"unsanitizedCount":33,"severity":200},"\u003Clightbulb-save-and-close> (lightbulb-save-and-close.php:0)",{"nodes":195,"edges":198},[196,197],{"id":180,"type":181,"label":182,"file":143,"line":169},{"id":184,"type":185,"label":186,"file":143,"line":169,"wp_function":187},[199],{"from":180,"to":184,"sanitized":190},"low",{"summary":202,"deductions":203},"The \"lightbulb-save-and-close\" plugin v1.2.1 exhibits a seemingly low risk profile based on the provided static analysis and vulnerability history. The absence of any recorded CVEs and the lack of identified entry points like AJAX handlers, REST API routes, shortcodes, or cron events suggest a minimal attack surface. Furthermore, the code signals indicate no dangerous functions, file operations, or external HTTP requests, and all SQL queries utilize prepared statements.\n\nHowever, a significant concern arises from the output escaping. With two total outputs analyzed and 0% properly escaped, there is a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis also reveals two flows with unsanitized paths, although they are not classified as critical or high severity. This, combined with the complete lack of nonce and capability checks, means that even if an attacker can trigger these unsanitized flows, there's no built-in protection mechanism within the plugin to prevent unauthorized actions or data manipulation. The vulnerability history being clean is positive, but it doesn't mitigate the risks identified in the current code analysis.\n\nIn conclusion, while the plugin's small attack surface and the absence of known historical vulnerabilities are strengths, the critical deficiency in output escaping and the lack of authorization checks (capability\u002Fnonce) present clear and exploitable security weaknesses. These issues, if triggered, could lead to XSS attacks and potentially other vulnerabilities depending on the nature of the unsanitized data.",[204,207,210,212],{"reason":205,"points":206},"Output escaping: 0% properly escaped",8,{"reason":208,"points":209},"Taint analysis: Flows with unsanitized paths",5,{"reason":211,"points":209},"Nonce checks: 0",{"reason":213,"points":209},"Capability checks: 0","2026-03-16T19:39:30.053Z",{"wat":216,"direct":221},{"assetPaths":217,"generatorPatterns":218,"scriptPaths":219,"versionParams":220},[],[],[],[],{"cssClasses":222,"htmlComments":223,"htmlAttributes":224,"restEndpoints":227,"jsGlobals":228,"shortcodeOutput":229},[],[],[225,226],"name=\"save-close\"","name=\"saveclose_referer\"",[],[],[230,231,232,233],"\u003Cinput type=\"hidden\" name=\"saveclose_referer\" value=\"","\u003Cinput type=\"submit\" tabindex=\"5\" value=\"","\" class=\"button-primary\" id=\"custom\" name=\"save-close\">","\u003Cdiv class=\"updated\">\n\t\t\t\t\u003Cp>Post saved\u003C\u002Fp>\n\t\t\t\u003C\u002Fdiv>"]