[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6coBOi7q3vSTXt_axYpjsteMx7y37tNefbpf3AoLB6k":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":119,"fingerprints":219},"markdown-for-wordpress-and-bbpress","Markdown for WordPress and bbPress","1.0","mitcho (Michael Yoshitaka Erlewine)","https:\u002F\u002Fprofiles.wordpress.org\u002Fmitchoyoshitaka\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fdaringfireball.net\u002Fprojects\u002Fmarkdown\u002Fsyntax\" rel=\"nofollow ugc\">Markdown syntax\u003C\u002Fa> allows you to write using an easy-to-read, easy-to-write plain text format.\u003C\u002Fp>\n\u003Cp>Markdown for WordPress and bbPress (Markdown-WPBB) is based on the famed PHP Markdown Extra by \u003Ca href=\"http:\u002F\u002Fwww.michelf.com\u002Fprojects\u002Fphp-markdown\u002F\" rel=\"nofollow ugc\">Michel Fortin\u003C\u002Fa>, in turn based on the original Perl version by \u003Ca href=\"http:\u002F\u002Fwww.daringfireball.net\u002F\" rel=\"nofollow ugc\">John Gruber\u003C\u002Fa>. All I did was make the same package work with bbPress too. ^^\u003C\u002Fp>\n","A text-to-HTML conversion tool for web writers",60,13477,100,1,"2008-05-21T08:47:00.000Z","2.5.1","1.2","",[20,21,22,23,24],"encoding","format","formatting","post","text","http:\u002F\u002Fmitcho.com\u002Fcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmarkdown-for-wordpress-and-bbpress.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"mitchoyoshitaka",13,5840,88,30,86,"2026-04-04T21:00:02.992Z",[41,60,80,96,106],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":13,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":18,"tags":55,"homepage":58,"download_link":59,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-russian-typograph","WP Typograph Lite","2.3.5","marapper","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarapper\u002F","\u003Cp>Рекомендуется для большинства блогов на русском языке.\u003C\u002Fp>\n\u003Cp>Плагин \u003Ca href=\"http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-light\" rel=\"nofollow ugc\">WP Typograph Lite\u003C\u002Fa> предназначен для автоматического форматирования текста в соответствии с правилами русской типографики. Обрабатывает все основные блоки – заголовки, тексты постов и страниц, комментарии. Форматирование происходит при отображении страницы, без изменения исходного текста постов.\u003C\u002Fp>\n\u003Cp>\u003Cem>Желательно использовать плагин с включенным кешированием WordPress\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Основная функциональность\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Правильные кавычки («елочки и вложенные „лапки“»).\u003C\u002Fli>\n\u003Cli>Длинное тире между словами — не отрывая от предыдущего слова.\u003C\u002Fli>\n\u003Cli>— Черта, — в диалогах.\u003C\u002Fli>\n\u003Cli>Интервальные тире в датах и периодах (13 ноября—25 декабря).\u003C\u002Fli>\n\u003Cli>Минус между цифрами 0–9.\u003C\u002Fli>\n\u003Cli>Многоточие — тремя точками…\u003C\u002Fli>\n\u003Cli>Убирает точку в конце заголовка поста.\u003C\u002Fli>\n\u003Cli>В тегах \u003Ccode>, \u003Cpre> и \u003Cscript> (и некоторых других) текст не изменяет.\u003C\u002Fli>\n\u003Cli>В теге \u003Ccode> автоматически заменяет \u003C на \u003C, исправляет кавычки на машинописные для корректного копирования-вставки.\u003C\u002Fli>\n\u003Cli>Заменяет функцию фильтрации HTML (wpautop), исправляет ошибки визуального редактора со вставкой тегов.\u003C\u002Fli>\n\u003Cli>Форматирует некоторые спецсимволы, такие как ½, ©, ™ и др.\u003C\u002Fli>\n\u003Cli>Делает ссылки в комментариях кликабельными (с http и www), автоматически сокращая якорь в длинных ссылках.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-typograph-full\u002F\" rel=\"ugc\">Полная версия\u003C\u002Fa> позволяет управлять неразрывными конструкциями и автоматическими исправлениями, обладает гибкими настройками.\u003C\u002Fp>\n","Russian typography for Wordpress. Lite version.",2000,43001,3,"2017-11-28T18:11:00.000Z","2.7.1","2.0.2",[22,23,56,24,57],"posts","typograph","http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-light","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-russian-typograph.2.3.5.zip",{"slug":61,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":78,"download_link":79,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wpuntexturize","2.3","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>By default, WordPress converts single and double quotation marks into their curly alternatives. This plugin prevents that from happening, so you can enjoy your quotation marks in their non-curly glory. If your content happens to already have curly quotation marks in it, then this plugin can optionally also convert them to their non-curly alternatives.\u003C\u002Fp>\n\u003Cp>\u003Cem>Note:\u003C\u002Fem> Despite the unfortunately misleading name, this plugin is NOT the antithesis of WordPress’s \u003Ccode>wptexturize()\u003C\u002Fcode> function. This ONLY prevents WordPress from making HTML entity code substitutions of single and double quotation marks with their curly alternatives and does NOT prevent \u003Ccode>wptexturize()\u003C\u002Fcode> from making any other character and string substitutions. See the FAQ for details on the filters processed by the plugin.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fwpuntexturize\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpuntexturize\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fwpuntexturize\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Developer Documentation\u003C\u002Fh3>\n\u003Cp>Developer documentation can be found in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fwpuntexturize\u002Fblob\u002Fmaster\u002FDEVELOPER-DOCS.md\" rel=\"nofollow ugc\">DEVELOPER-DOCS.md\u003C\u002Fa>. That documentation covers the numerous hooks provided by the plugin. Those hooks are listed below to provide an overview of what’s available.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>c2c_wpuntexturize\u003C\u002Fcode> : An alternative approach to safely invoke \u003Ccode>c2c_wpuntexturize()\u003C\u002Fcode> in such a way that if the plugin were deactivated or deleted, then your calls to the function won’t cause errors in your site. This only applies if you use the function directly, which is not typical usage for most users.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wpuntexturize_filters\u003C\u002Fcode> : customize what filters to hook to be filtered with wpuntexturize. See the Description section for a complete list of all filters that are filtered by default.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_wpuntexturize_replacements\u003C\u002Fcode> : Customize the character replacements handled by the plugin.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_wpuntexturize_convert_curly_quotes\u003C\u002Fcode> : Enable conversion of preexisting curly quotes into their non-curly alternatives.\u003C\u002Fli>\n\u003C\u002Ful>\n","Prevent WordPress from converting single and double quotation marks into their curly alternatives.",900,25406,92,12,"2025-04-08T22:17:00.000Z","6.8.5","5.5",[22,23,75,76,77],"quotes","substitutions","wptexturize","https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fwpuntexturize\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpuntexturize.2.3.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":13,"downloaded":88,"rating":89,"num_ratings":51,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":18,"tags":93,"homepage":94,"download_link":95,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"text-control-2","Text Control","2.3.1","Frank Bueltge","https:\u002F\u002Fprofiles.wordpress.org\u002Fbueltge\u002F","\u003Cp>Text Control will allow you to choose from a variety of formatting syntaxes and encoding options. You can choose between Markdown, Textile 1, Textile 2, nl2br, WPautop, and “No Formatting” for formatting along with the choice of SmartyPants, WPTexturize or “No Encoding” for character encodings.\u003C\u002Fp>\n\u003Ch4>Localizations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Thanks to \u003Ca href=\"http:\u002F\u002Fbueltge.de\u002F\" title=\"Frank B&uuml;ltge\" rel=\"nofollow ugc\">Frank B&uuml;ltge\u003C\u002Fa> for german language file\u003C\u002Fli>\n\u003Cli>Thanks to \u003Ca href=\"http:\u002F\u002Fwww.inmotionhosting.com\u002F\" rel=\"nofollow ugc\">Brian Flores\u003C\u002Fa> for spanish translation\u003C\u002Fli>\n\u003Cli>Lithuanian translation files by \u003Ca href=\"http:\u002F\u002Fwww.host1plus.com\" rel=\"nofollow ugc\">Vincent G\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Not really a bug so much, but an issue: Textile 2 is freaking huge (145k > 4000 lines of code) so it can be quite a burden on your server. If you can get away with \u003Cem>not\u003C\u002Fem> using it, I highly reccomend you do so.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Additionally, in Textile 2 there is a feature that would grab an image via PHP and get it’s height and width for placing in the IMG tags. This has been disabled It literally took a post from 1 second to display straight to 6 seconds — completely unacceptable.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Acknowledgements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Romanian language files, thanks to \u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002F\" rel=\"nofollow ugc\">Alexander Ovsov\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Native Serbo-Croatian language files, thanks to \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Borisa Djuraskovic\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Licence\u003C\u002Fh4>\n\u003Cp>Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog. But if you enjoy this plugin, you can thank me and leave a \u003Ca href=\"http:\u002F\u002Fbueltge.de\u002Fwunschliste\u002F\" title=\"Wishliste and Donate\" rel=\"nofollow ugc\">small donation\u003C\u002Fa> for the time I’ve spent writing and supporting this plugin. And I really don’t want to know how many hours of my life this plugin has already eaten 😉\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>The plugin comes with various translations, please refer to the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FInstalling_WordPress_in_Your_Language\" title=\"Installing WordPress in Your Language\" rel=\"nofollow ugc\">WordPress Codex\u003C\u002Fa> for more information about activating the translation. If you want to help to translate the plugin to your language, please have a look at the .pot file which contains all defintions and may be used with a \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fsoftware\u002Fgettext\u002F\" rel=\"nofollow ugc\">gettext\u003C\u002Fa> editor like \u003Ca href=\"http:\u002F\u002Fwww.poedit.net\u002F\" rel=\"nofollow ugc\">Poedit\u003C\u002Fa> (Windows) or plugin for WordPress \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcodestyling-localization\u002F\" rel=\"ugc\">Localization\u003C\u002Fa>.\u003C\u002Fp>\n","Text Control will allow you to choose from a variety of formatting syntaxes and encoding options. You can choose between Markdown, Textile 1, Textile  &hellip;",14546,94,"2013-10-31T17:56:00.000Z","3.7.41","1.5",[20,21,22,23],"http:\u002F\u002Fdev.wp-plugins.org\u002Fwiki\u002FTextControl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftext-control-2.2.3.1.zip",{"slug":97,"name":98,"version":44,"author":45,"author_profile":46,"description":99,"short_description":100,"active_installs":13,"downloaded":101,"rating":28,"num_ratings":28,"last_updated":102,"tested_up_to":53,"requires_at_least":54,"requires_php":18,"tags":103,"homepage":104,"download_link":105,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-typograph-full","WP Typograph Full","\u003Cp>Плагин \u003Ca href=\"http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-full\" rel=\"nofollow ugc\">WP Typograph Full\u003C\u002Fa> предназначен для автоматического форматирования текста в соответствии с правилами русской типографики. Обрабатывает все основные блоки – заголовки, тексты постов и страниц, комментарии. Форматирование происходит на лету – при отображении страницы, без изменения исходного текста постов.\u003C\u002Fp>\n\u003Cp>Для большинства блогов рекомендуется использовать \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-russian-typograph\u002F\" rel=\"ugc\">облегченную версию плагина\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Основная функциональность\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Правильные кавычки («елочки и вложенные „лапки“»).\u003C\u002Fli>\n\u003Cli>Длинное тире между словами — не отрывая от предыдущего слова.\u003C\u002Fli>\n\u003Cli>— Тире, — в диалогах.\u003C\u002Fli>\n\u003Cli>Интервальные тире в датах и периодах (13 ноября—25 декабря).\u003C\u002Fli>\n\u003Cli>Минус между цифрами 0–9.\u003C\u002Fli>\n\u003Cli>Многоточие — тремя точками…\u003C\u002Fli>\n\u003Cli>Убирает точку в конце заголовка поста.\u003C\u002Fli>\n\u003Cli>В тегах \u003Ccode>, \u003Cpre> и \u003Cscript> (и некоторых других) текст не изменяет.\u003C\u002Fli>\n\u003Cli>В теге \u003Ccode> автоматически заменяет \u003C на \u003C, исправляет кавычки на машинописные для корректного копирования-вставки.\u003C\u002Fli>\n\u003Cli>Заменяет функцию фильтрации HTML (wpautop), исправляет ошибки визуального редактора со вставкой тегов.\u003C\u002Fli>\n\u003Cli>Делает ссылки в комментариях кликабельными (с http и www), автоматически сокращая якорь в длинных ссылках.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Остальные функции раздельно обрабатываются в \u003Cstrong>трех блоках\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Заголовки\u003C\u002Fli>\n\u003Cli>Основной текст\u003C\u002Fli>\n\u003Cli>Комментарии\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Три основных \u003Cstrong>типа обработки\u003C\u002Fstrong>, раздельные для каждого типа блока:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Спецсимволы (\u003Cem>по умолчанию — в тексте, комментариях\u003C\u002Fem>). ©, ®, ™, ½, ±, 10×10.\u003C\u002Fli>\n\u003Cli>Неразрывные конструкции (\u003Cem>по умолчанию — в заголовках, текстах\u003C\u002Fem>). Склеивает пробелы в названиях организаций, обращениях, в годах, в «до н.э.» («и т.д.»,«и т.п.»), мерах измерений, денежные суммы, инициалах, номере версии программы. Не разрывает со следующим (предыдущим словом) предлоги, союзы, короткие слова, частицы с дефисом и без. Также склеивает последнее слово в абзаце с предыдущим, чтобы предотвратить появление т.н. “вдов”.\u003C\u002Fli>\n\u003Cli>Исправления (\u003Cem>по умолчанию — в тексте, комментариях\u003C\u002Fem>). Ошибочная пунктуация, повторяющиеся слова, и т.п.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>В целях снижения нагрузок на сервер желательно использовать с любым плагином кеширования.\u003C\u002Fem>\u003C\u002Fp>\n","Russian typography for Wordpress. Full version with settings.",4644,"2009-04-09T14:55:00.000Z",[22,23,56,24,57],"http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-full","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-typograph-full.2.3.5.zip",{"slug":107,"name":108,"version":109,"author":45,"author_profile":46,"description":18,"short_description":110,"active_installs":111,"downloaded":112,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":113,"requires_at_least":62,"requires_php":18,"tags":114,"homepage":116,"download_link":117,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":118},"allowcomments","Allow Comments to Old Posts","1.6","Allow comments to posts with custom field \"allow_comments\" even if option 'close comments to old posts' is on.",10,2982,"2.7",[22,115,23,56,24,57],"page","http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Fremix\u002F#allow","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallowcomments.1.6.zip","2026-03-15T10:48:56.248Z",{"attackSurface":120,"codeSignals":195,"taintFlows":206,"riskAssessment":207,"analyzedAt":218},{"hooks":121,"ajaxHandlers":191,"restRoutes":192,"shortcodes":193,"cronEvents":194,"entryPointCount":28,"unprotectedCount":28},[122,129,132,135,139,143,147,151,154,157,161,164,167,170,172,175,178,181,184,187],{"type":123,"name":124,"callback":125,"priority":126,"file":127,"line":128},"filter","the_content","Markdown",6,"markdown.php",123,{"type":123,"name":130,"callback":125,"priority":126,"file":127,"line":131},"the_content_rss",124,{"type":123,"name":133,"callback":125,"priority":126,"file":127,"line":134},"get_the_excerpt",125,{"type":123,"name":133,"callback":136,"priority":137,"file":127,"line":138},"trim",7,126,{"type":123,"name":140,"callback":141,"file":127,"line":142},"the_excerpt","mdwp_add_p",127,{"type":123,"name":144,"callback":145,"file":127,"line":146},"the_excerpt_rss","mdwp_strip_p",128,{"type":123,"name":124,"callback":148,"priority":149,"file":127,"line":150},"balanceTags",50,132,{"type":123,"name":133,"callback":148,"priority":152,"file":127,"line":153},9,133,{"type":123,"name":155,"callback":125,"priority":126,"file":127,"line":156},"pre_comment_content",144,{"type":123,"name":155,"callback":158,"priority":159,"file":127,"line":160},"mdwp_hide_tags",8,145,{"type":123,"name":155,"callback":162,"priority":70,"file":127,"line":163},"mdwp_show_tags",146,{"type":123,"name":165,"callback":125,"priority":126,"file":127,"line":166},"get_comment_text",147,{"type":123,"name":168,"callback":125,"priority":126,"file":127,"line":169},"get_comment_excerpt",148,{"type":123,"name":168,"callback":145,"priority":137,"file":127,"line":171},149,{"type":123,"name":173,"callback":125,"priority":126,"file":127,"line":174},"post_text",180,{"type":123,"name":173,"callback":176,"priority":152,"file":127,"line":177},"force_balance_tags",181,{"type":123,"name":173,"callback":158,"priority":179,"file":127,"line":180},49,182,{"type":123,"name":173,"callback":182,"priority":149,"file":127,"line":183},"bb_filter_kses",183,{"type":123,"name":173,"callback":162,"priority":185,"file":127,"line":186},51,184,{"type":123,"name":188,"callback":189,"file":127,"line":190},"bb_allowed_tags","allow_extra_markdown_tags",185,[],[],[],[],{"dangerousFunctions":196,"sqlUsage":201,"outputEscaping":203,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":205},[197],{"fn":198,"file":127,"line":199,"context":200},"create_function",1545,"$this->utf8_strlen = create_function('$text', 'return preg_match_all(",{"prepared":28,"raw":28,"locations":202},[],{"escaped":28,"rawEcho":28,"locations":204},[],[],[],{"summary":208,"deductions":209},"The \"markdown-for-wordpress-and-bbpress\" plugin v1.0 demonstrates a seemingly strong security posture based on the static analysis provided. The plugin has no apparent attack surface in terms of AJAX handlers, REST API routes, shortcodes, or cron events, and crucially, none of these entry points are unprotected. The code also shows good practices with 100% of SQL queries using prepared statements and 100% of outputs being properly escaped. Furthermore, there are no recorded vulnerabilities or CVEs associated with this plugin, which is a positive indicator of its historical security and development quality. \n\nHowever, a significant concern arises from the presence of the `create_function` PHP construct. This function is deprecated and considered a security risk due to its potential to be exploited for arbitrary code execution if user-supplied input is used within its creation without proper sanitization. While the taint analysis reported no issues, the mere presence of this dangerous function warrants caution. The lack of any observed nonce or capability checks, while aligned with the zero attack surface, also means there's no explicit defense mechanism in place should any entry points be accidentally exposed in future updates or through unforeseen interactions. \n\nIn conclusion, the plugin benefits from a clean vulnerability history and good coding practices in areas like SQL and output escaping. The absence of an attack surface is also a strength. The primary weakness lies in the use of the `create_function` construct, which represents a latent security risk. The lack of explicit capability checks on what would be considered entry points (if they existed) is a missed opportunity for robust security. Overall, while currently appearing safe, the use of `create_function` prevents a perfect security score and requires careful monitoring and potential refactoring.",[210,213,216],{"reason":211,"points":212},"Use of dangerous function (create_function)",15,{"reason":214,"points":215},"Missing nonce checks",5,{"reason":217,"points":215},"Missing capability checks","2026-03-16T21:42:50.621Z",{"wat":220,"direct":225},{"assetPaths":221,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[],[],[],[],{"cssClasses":226,"htmlComments":227,"htmlAttributes":230,"restEndpoints":231,"jsGlobals":232,"shortcodeOutput":235},[],[228,229],"More details about how it works here:\n# \u003Chttp:\u002F\u002Fwww.michelf.com\u002Fweblog\u002F2005\u002Fwordpress-text-flow-vs-markdown\u002F>","Based on the WordPress text flow, as analyzed by Michel Fortin:\n# \u003Chttp:\u002F\u002Fwww.michelf.com\u002Fweblog\u002F2005\u002Fwordpress-text-flow-vs-markdown\u002F>",[],[],[233,234],"mdwp_hidden_tags","mdwp_placeholders",[]]