[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fokpGuP8xSlgb4SZfzfH6pdSi5KH4GSOT29jO5DoQs5g":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":120,"fingerprints":162},"local-twemoji","Local Twemoji","1.3.1","Peter Wilson","https:\u002F\u002Fprofiles.wordpress.org\u002Fpeterwilsoncc\u002F","\u003Cp>Local Twemoji is a WordPress plugin to serve fallback emoji images from your own site URL rather than the WordPress.org CDN.\u003C\u002Fp>\n\u003Cp>The purpose of this plugin is to aid sites served over a CDN as browsers now cache requests on a per site basis rather than globally.\u003C\u002Fp>\n\u003Cp>The effect of this is that the WordPress.org CDN’s splat image is treated as two different images if downloaded from site-one.example and site-two.example. You can read more about this in the Chrome post on \u003Ca href=\"https:\u002F\u002Fdeveloper.chrome.com\u002Fblog\u002Fhttp-cache-partitioning\" rel=\"nofollow ugc\">cache partitioning\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For sites served over a CDN, downloading the image from your own URL will be quicker as it reduces the number of servers the visitor’s browser needs to connect to.\u003C\u002Fp>\n\u003Ch4>WordPress version support\u003C\u002Fh4>\n\u003Cp>A new version of Twemoji is released each time the emoji are added to the Unicode specification, each major version bump of Twemoji will contain new images.\u003C\u002Fp>\n\u003Cp>To avoid the risk of serving broken images to your visitors, this plugin should be kept up to date.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress 6.9 requires Local Twemoji 1.3.1 or later\u003C\u002Fli>\n\u003Cli>Earlier versions of WordPress require Local Twemoji 1.1.0 or later\u003C\u002Fli>\n\u003C\u002Ful>\n","Self hosted Twemoji images",20,649,0,"2025-12-27T02:58:00.000Z","6.9.4","6.0","7.4",[19,20,21],"emoji","performance","twemoji","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flocal-twemoji.1.3.1.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"peterwilsoncc",5,180,97,30,92,"2026-04-04T15:35:49.558Z",[37,58,74,92,108],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":24,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"emoji-settings","Emoji Settings","2.0.0","Sybre Waaijer","https:\u002F\u002Fprofiles.wordpress.org\u002Fcybr\u002F","\u003Cp>\u003Cstrong>Quickly enable or disable emojis conversion with an option.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you disable the option, Emoji Settings stops the conversion of ASCII smilies like \u003Ccode>:)\u003C\u002Fcode> and \u003Ccode>:D\u003C\u002Fcode> to images on any WordPress installation. This plugin also prevents changing real emojis to Twemoji (Twitter) images. It achieves this by removing several default WordPress scripts.\u003C\u002Fp>\n\u003Cp>You can find the option at “Settings > Writing” (\u003Ccode>\u002Fwp-admin\u002Foptions-writing.php\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Cp>This plugin does not prevent real emojis (inserted via an emoji keyboard) from being stored and outputted on your website.\u003C\u002Fp>\n\u003Ch4>Emoji conversion enabled by default\u003C\u002Fh4>\n\u003Cp>I wrote this plugin with a WordPress.com-like environment in mind, giving users an option without overriding standard WordPress behavior.\u003C\u002Fp>\n\u003Cp>You can change this behavior via filter \u003Ccode>cw_emoji_overrides\u003C\u002Fcode>. Refer to the code for instructions.\u003C\u002Fp>\n\u003Ch4>Does more than “Disable Emojis”\u003C\u002Fh4>\n\u003Cp>Emoji Settings also fixes Character Encoding issues on sites originally installed with WP 4.2 or lower. And this plugin correctly removes the conversion of emojis in the admin area, for example, from post titles.\u003C\u002Fp>\n\u003Ch4>Translating\u003C\u002Fh4>\n\u003Cp>You can contribute by translating Emoji Settings via the sidebar on this page.\u003C\u002Fp>\n","Emoji Settings adds an option to your Writing Settings page to toggle emoji conversion to images.",2000,29541,12,"2025-05-05T11:01:00.000Z","6.8.5","5.5","7.2.0",[19,53,54,55,21],"emojis","emoticon","script","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femoji-settings\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femoji-settings.2.0.0.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":67,"tested_up_to":15,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":22,"download_link":73,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"manly-no-emojis","Manly No Emojis","1.0.1","DimitriAus","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimitriaus\u002F","\u003Cp>This lightweight plugin removes WordPress emoji functionality to reduce HTTP requests and improve page load times.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it removes:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Emoji detection script from page head\u003C\u002Fli>\n\u003Cli>Emoji styles from frontend and admin\u003C\u002Fli>\n\u003Cli>TinyMCE wpemoji plugin\u003C\u002Fli>\n\u003Cli>Emoji conversion in RSS feeds\u003C\u002Fli>\n\u003Cli>Emoji handling in emails\u003C\u002Fli>\n\u003Cli>DNS prefetch for emoji CDN\u003C\u002Fli>\n\u003C\u002Ful>\n","Disables the emoji functionality in WordPress to improve performance.",91,"2026-01-20T12:07:00.000Z","5.0",[70,19,71,20,72],"disable","optimization","speed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanly-no-emojis.1.0.1.zip",{"slug":75,"name":76,"version":6,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":13,"downloaded":81,"rating":13,"num_ratings":13,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":22,"tags":85,"homepage":89,"download_link":90,"security_score":91,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"remove-emoji-styles-scripts","Remove Emoji Styles & Scripts","inthiscode","https:\u002F\u002Fprofiles.wordpress.org\u002Finthiscode\u002F","\u003Cp>Improve your website’s performance and speed by removing emoji scripts and styles if you don’t need them.\u003C\u002Fp>\n\u003Cp>If you don’t need or want Emoji, then it is better to remove\u002Fdequeue Emoji scripts and styles for better performance. Less JS and CSS = a good thing!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Before enabling the plugin, first check your page source for “Emoji”. You’ll find scripts and styles inside  section.\u003C\u002Fli>\n\u003Cli>After enabling the plugin, check for “Emoji”, you won’t find anything.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information, Please visit \u003Ca href=\"https:\u002F\u002Fwww.inthiscode.com\u002Fremove-emoji-styles-scripts\" rel=\"nofollow ugc\">Remove Emoji Styles & Scripts\u003C\u002Fa>.\u003C\u002Fp>\n","Improve your website's performance and speed by removing emoji scripts and styles if you don't need them.",1448,"2020-07-07T13:28:00.000Z","5.4.19","3.1",[19,20,86,87,88],"remove-emoji-scripts","remove-emoji-styles","website-speed","https:\u002F\u002Fwww.inthiscode.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-emoji-styles-scripts.1.3.1.zip",85,{"slug":93,"name":94,"version":61,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":13,"downloaded":99,"rating":13,"num_ratings":13,"last_updated":100,"tested_up_to":49,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":106,"download_link":107,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"scalpel-source-code-cleaner","Scalpel Source Code Cleaner","Laurent","https:\u002F\u002Fprofiles.wordpress.org\u002Fl0pld579\u002F","\u003Cp>Scalpel Source Code Cleaner simplifies your WordPress site by disabling several default features that may not be necessary for all users. By deactivating Gutenberg, the plugin reverts the editor to the classic TinyMCE, providing a more streamlined and traditional editing experience. Additionally, it removes inline styles, emojis, and media element libraries to clean up the source code, which can lead to improved performance and page speed.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Upon activation, Scalpel Source Code Cleaner will automatically disable the following functionalities:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Gutenberg editor (falls back to the TinyMCE editor)\u003C\u002Fli>\n\u003Cli>WordPress emoji library\u003C\u002Fli>\n\u003Cli>Theme styles\u003C\u002Fli>\n\u003Cli>Media element library\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It also provides additional CSS to style video elements appropriately. Ensure that your content does not depend on Gutenberg before deactivating it.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Scalpel Source Code Cleaner is released under the GNU General Public License v2 (GPL2). For more details, see the LICENSE file included with the plugin or visit the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GNU General Public License v2\u003C\u002Fa> page.\u003C\u002Fp>\n\u003Ch3>Additional Notes\u003C\u002Fh3>\n\u003Cp>If you would like to contribute to the development of this plugin, please contact the repository owner through the GitHub project page.\u003C\u002Fp>\n","Scalpel Source Code Cleaner is a WordPress plugin designed to deactivate most default libraries from your WordPress website.",257,"2025-07-15T09:00:00.000Z","4.0","7.0",[70,53,104,105,20],"gutenberg","media-elements","https:\u002F\u002Fgithub.com\u002FLauPld\u002Fscalpel-source-code-cleaner","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscalpel-source-code-cleaner.1.0.1.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":13,"downloaded":116,"rating":13,"num_ratings":13,"last_updated":22,"tested_up_to":49,"requires_at_least":68,"requires_php":102,"tags":117,"homepage":22,"download_link":118,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":119},"temly-disable-emoji","Temly Disable Emoji","1.2.0","Temly","https:\u002F\u002Fprofiles.wordpress.org\u002Ftemly\u002F","\u003Cp>Temly Disable Emoji completely disables WordPress emoji functionality to improve your website performance by removing:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Emoji detection scripts from frontend and admin\u003C\u002Fli>\n\u003Cli>Emoji stylesheets from frontend and admin  \u003C\u002Fli>\n\u003Cli>DNS prefetch requests to emoji CDN servers\u003C\u002Fli>\n\u003Cli>TinyMCE emoji plugin from the editor\u003C\u002Fli>\n\u003Cli>Email emoji conversion\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This lightweight plugin requires no configuration – simply activate and enjoy faster page load times.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Removes all emoji-related JavaScript and CSS\u003Cbr \u002F>\n* Eliminates DNS prefetch requests to external emoji servers\u003Cbr \u002F>\n* Works on both frontend and admin areas\u003Cbr \u002F>\n* No settings required – works immediately after activation\u003Cbr \u002F>\n* Compatible with all themes and plugins\u003C\u002Fp>\n","Completely removes WordPress emoji scripts, styles, and DNS prefetch requests to improve site performance.",165,[70,19,71,20,72],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftemly-disable-emoji.1.2.0.zip","2026-03-15T10:48:56.248Z",{"attackSurface":121,"codeSignals":149,"taintFlows":157,"riskAssessment":158,"analyzedAt":161},{"hooks":122,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":13,"unprotectedCount":13},[123,128,131,134,137,141],{"type":124,"name":125,"callback":126,"file":127,"line":11},"filter","emoji_url","anonymous","inc\\namespace.php",{"type":124,"name":129,"callback":126,"file":127,"line":130},"emoji_svg_url",21,{"type":124,"name":132,"callback":126,"file":127,"line":133},"emoji_ext",23,{"type":124,"name":135,"callback":126,"file":127,"line":136},"emoji_svg_ext",24,{"type":124,"name":138,"callback":126,"priority":139,"file":127,"line":140},"plugin_row_meta",10,26,{"type":142,"name":143,"callback":126,"file":127,"line":144},"action","admin_menu",27,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":156},[],{"prepared":13,"raw":13,"locations":152},[],{"escaped":154,"rawEcho":13,"locations":155},3,[],[],[],{"summary":159,"deductions":160},"The \"local-twemoji\" plugin version 1.3.1 exhibits an exceptionally strong security posture based on the provided static analysis and vulnerability history. The plugin has no identified attack surface, meaning there are no discoverable entry points like AJAX handlers, REST API routes, shortcodes, or cron events that could be exploited. Furthermore, the code signals demonstrate robust security practices, with no dangerous functions, all SQL queries using prepared statements, and all output being properly escaped. The absence of file operations, external HTTP requests, nonce checks, capability checks, and bundled libraries further solidifies its security.\n\nThe taint analysis reveals zero flows with unsanitized paths, indicating that no user-supplied data is being processed in a way that could lead to vulnerabilities. The vulnerability history is also clear, with no recorded CVEs, indicating a consistent track record of security. This lack of historical vulnerabilities suggests a mature and well-maintained codebase, or a plugin that is less likely to be a target for attackers due to its limited functionality or integration.\n\nIn conclusion, \"local-twemoji\" v1.3.1 appears to be a very secure plugin. Its design minimizes the attack surface to zero and employs strong coding practices across the board, including secure handling of data and output. The clean vulnerability history reinforces this assessment. There are no apparent security concerns derived from the provided data that would warrant a deduction in points.",[],"2026-03-16T23:03:04.002Z",{"wat":163,"direct":171},{"assetPaths":164,"generatorPatterns":167,"scriptPaths":168,"versionParams":169},[165,166],"\u002Fwp-content\u002Fplugins\u002Flocal-twemoji\u002Fimages\u002Femoji\u002F72x72\u002F","\u002Fwp-content\u002Fplugins\u002Flocal-twemoji\u002Fimages\u002Femoji\u002Fsvg\u002F",[],[],[170],"ver=17.0.2.2",{"cssClasses":172,"htmlComments":174,"htmlAttributes":175,"restEndpoints":176,"jsGlobals":177,"shortcodeOutput":178},[173],"local-twemoji-credits",[],[],[],[],[]]