[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnCXlFlojkfjMv7x4hoJBlum30sGuhsFsRFRpI5IMeXY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":136,"fingerprints":239},"nuno-sarmento-custom-css-js","Nuno Sarmento Custom CSS – JS","1.0.3","Nuno Sarmento","https:\u002F\u002Fprofiles.wordpress.org\u002Fnunosarmento\u002F","\u003Cp>Custom CSS & JS plugin allows us to add custom CSS and Javascript functions on your WordPress website without editing any theme’s style and script files, the plugin also allows us to add external URLs with your style or script\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom CSS, JS and external URLs(scripts, CSS) on individual posts.\u003C\u002Fli>\n\u003Cli>Custom CSS, JS and external URLs(scripts, CSS) on pages.\u003C\u002Fli>\n\u003Cli>Custom CSS, JS and external URLs(scripts, CSS) across the whole website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FHRJLXe2eCSA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>If you have suggestions for a new add-on, feel free to email me at hello@nuno-sarmento.com\u003C\u002Fp>\n","Custom CSS & JavaScripts functions.",10,2076,100,1,"2020-11-27T10:05:00.000Z","5.6.17","3.0.1","",[20,21,22,23,24],"admin","css","custom","javascript","style","https:\u002F\u002Fen-gb.wordpress.org\u002Fplugins\u002Fnuno-sarmento-custom-css-js\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnuno-sarmento-custom-css-js.1.0.3.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"nunosarmento",3,7030,90,30,87,"2026-04-04T05:40:23.497Z",[41,61,83,102,119],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":37,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":58,"download_link":59,"security_score":27,"vuln_count":14,"unpatched_count":28,"last_vuln_date":60,"fetched_at":30},"scripts-n-styles","Scripts n Styles","3.5.8","WraithKenny","https:\u002F\u002Fprofiles.wordpress.org\u002Fwraithkenny\u002F","\u003Cp>This plugin allows Admin users the ability to add custom CSS and JavaScript directly into individual Post, Pages or any other registered custom post types. You can also add classes to the body tag and the post container. There is a Global settings page for which you can write Scripts n Styles for the entire blog.\u003C\u002Fp>\n\u003Cp>Admin’s can also add classes to the TinyMCE “Formats” dropdown which users can use to style posts and pages directly. As of Scripts n Styles 3+ styles are reflected in the post editor.\u003C\u002Fp>\n\u003Cp>Because only well trusted users should ever be allowed to insert JavaScript directly into the pages of your site, this plugin restricts usage to admin type users. Admin’s have access to even more sensitive areas by definition, so that should be relatively safe 😉\u003C\u002Fp>\n\u003Ch4>Notes about the implementation:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Admin users, or more specifically, \u003Cem>any user with the \u003Ccode>manage_options\u003C\u002Fcode> and \u003Ccode>unfiltered_html\u003C\u002Fcode> capabilities\u003C\u002Fem> (which by default is \u003Cem>only\u003C\u002Fem> the admin type user) can use this plugin’s functionality. Some plugins extend user rolls, and so this plugin would naturally extend include rolls that have the appropriate capability.\u003C\u002Fli>\n\u003Cli>CSS Styles are embeded, not linked, at the bottom of the \u003Ccode>head\u003C\u002Fcode> element with \u003Ccode>style\u003C\u002Fcode> tags by using \u003Ccode>wp-head\u003C\u002Fcode>. If your theme doesn’t have this hook, this plugin (as well as most others) won’t work.\u003C\u002Fli>\n\u003Cli>JavaScript is embeded, not linked, at the bottom of the \u003Ccode>body\u003C\u002Fcode> (or \u003Ccode>head\u003C\u002Fcode>) element with \u003Ccode>script\u003C\u002Fcode> tags by using \u003Ccode>wp-footer\u003C\u002Fcode> (or \u003Ccode>wp-head\u003C\u002Fcode>). If your theme doesn’t have this hook, this plugin (as well as most others) won’t work.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>There is no input validation.\u003C\u002Fstrong> This plugin puts exactly what you type in the meta box directly into the \u003Ccode>html\u003C\u002Fcode> with no error checking. You are an Admin, and we trust you to be carefull. Try not to break anything.\u003C\u002Fli>\n\u003Cli>Do to the licensing of the libraries used, this plugin is released “GPL 3.0 or later” if you care about those things.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows Admin users to individually add HTML, custom CSS, Classes and JavaScript directly to Post, Pages or any other custom post types.",30000,379153,88,"2023-06-06T19:13:00.000Z","6.2.9","5.0","7.4",[20,57,21,22,23],"code","https:\u002F\u002Fwww.unfocus.com\u002Fprojects\u002Fscripts-n-styles\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscripts-n-styles.3.5.8.zip","2023-05-18 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":18,"tags":76,"homepage":18,"download_link":81,"security_score":82,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"custom-css-and-javascript","Custom CSS and JavaScript","2.0.16","WP Zone","https:\u002F\u002Fprofiles.wordpress.org\u002Faspengrovestudios\u002F","\u003Cp>This plugin allows you to add custom site-wide CSS styles and JavaScript code to your WordPress site. Useful for overriding your theme’s styles and adding client-side functionality.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Code editor with syntax highlighting and AJAX saving to avoid reloading the editor at each save.\u003C\u002Fli>\n\u003Cli>Save and preview your CSS and JavaScript as a draft that is only applied to logged-in users with the necessary permissions until you are ready to publish your changes to the public.\u003C\u002Fli>\n\u003Cli>View and restore past revisions of your CSS and JavaScript.\u003C\u002Fli>\n\u003Cli>Automatically minify your custom CSS and JavaScript code to reduce file size.\u003C\u002Fli>\n\u003Cli>For the public, custom CSS and JavaScript code is served from the filesystem instead of the database for optimal performance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Now available! \u003Ca href=\"https:\u002F\u002Fwpzone.co\u002Fproduct\u002Fcustom-css-and-javascript-developer-edition\u002F?utm_source=custom-css-and-javascript&utm_medium=link&utm_campaign=wp-repo-upgrade-link\" rel=\"nofollow ugc\">Custom CSS and JavaScript Developer Edition\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Divide your CSS and JavaScript into multiple virtual files to keep your code organized (the code is still served as one CSS and one JS file on the front-end for efficiency).\u003C\u002Fli>\n\u003Cli>Supports Sassy CSS (SCSS)!\u003C\u002Fli>\n\u003Cli>Live preview for CSS!\u003C\u002Fli>\n\u003Cli>Upload and download CSS and JavaScript files, individually or in ZIP files.\u003C\u002Fli>\n\u003Cli>The developer logo and review\u002Fdonation links are removed from the editor page in the WordPress admin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpzone.co\u002Fproduct\u002Fcustom-css-and-javascript-developer-edition\u002F?utm_source=custom-css-and-javascript&utm_medium=link&utm_campaign=wp-repo-upgrade-link\" rel=\"nofollow ugc\">Click here\u003C\u002Fa> to purchase!\u003C\u002Fp>\n\u003Cp>Alternatively, you can manually upload the plugin to your wp-content\u002Fplugins directory.\u003C\u002Fp>\n\u003Cp>If you like this plugin, please consider leaving a comment or review.\u003C\u002Fp>\n\u003Ch3>User Access Control\u003C\u002Fh3>\n\u003Cp>In the Custom CSS and JavaScript WordPress plugin, access to plugin features is determined by user capabilities. Users with the \u003Ccode>edit_theme_options\u003C\u002Fcode> capability will enjoy full access to all the plugin’s features.\u003C\u002Fp>\n\u003Cp>By default, the “Administrator” and “Editor” roles come equipped with the \u003Ccode>edit_theme_options\u003C\u002Fcode> capability. However, site administrators have the flexibility to customize these capabilities and assign them to other roles or individual users through plugins or custom code.\u003C\u002Fp>\n\u003Cp>Furthermore, to provide users with enhanced control, we’ve introduced a custom capability known as \u003Ccode>wpz_custom_css_js\u003C\u002Fcode>. Users possessing both the \u003Ccode>wpz_custom_css_js\u003C\u002Fcode> and \u003Ccode>edit_posts\u003C\u002Fcode> capabilities can be granted access to the plugin’s features.\u003C\u002Fp>\n\u003Ch3>You may also like these plugins\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpzone.co\u002F\" rel=\"nofollow ugc\">WP Zone\u003C\u002Fa> has built a bunch of plugins, add-ons, and themes. Check out other favorites here on the repository and don’t forget to leave a 5-star review to help others in the community decide.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fproduct-sales-report-for-woocommerce\u002F\" rel=\"ugc\">Product Sales Report for WooCommerce\u003C\u002Fa> – set up a custom sales report for the products in your WooCommerce store with toggle sorting options. Including or excluding items based on date range, sale status, product category and id, define display order, choose what fields to include, and generate your report with a click.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexport-order-items-for-woocommerce\u002F\" rel=\"ugc\">Export Order Items for WooCommerce\u003C\u002Fa> – export the order details for each sale in your WooCommerce store. Simplify order fulfillment, generate accounting reports in a few clicks, and download into CSV format for readability and universal compatibility with Export Order Items.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freplace-image\u002F\" rel=\"ugc\">Replace Image\u003C\u002Fa> – keep the same URL when uploading to the WordPress media library\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fforce-update-check-for-plugins-and-themes\u002F\" rel=\"ugc\">Force Update Check for Plugins and Themes\u003C\u002Fa> -force Update Check for Plugins and Themes forces WordPress to run a theme and plugin update check whenever you visit the WordPress updates page\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fconnect-sendgrid-for-emails\u002F\" rel=\"ugc\">Connect SendGrid for Emails\u003C\u002Fa> –  connect SendGrid for Emails is a third-party fork of (and a drop-in replacement for) the official SendGrid plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-css-and-javascript\u002F\" rel=\"ugc\">Custom CSS and JavaScript\u003C\u002Fa> – allows you to add custom site-wide CSS styles and JavaScript code to your WordPress site. Useful for overriding your theme’s styles and adding client-side functionality.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-user-registration-notification-emails\u002F\" rel=\"ugc\">Disable User Registration Notification Emails\u003C\u002Fa> – when this plugin is activated, it disables the notification sent to the admin email when a new user account is registered.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fimage-upload-for-bbpress\u002F\" rel=\"ugc\">Inline Image Upload for BBPress\u003C\u002Fa> – enables the TinyMCE WYSIWYG editor for BBPress forum topics and replies and adds a button to the editor’s “Insert\u002Fedit image” dialog that allows forum users to upload images from their computer and insert them inline into their posts.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpassword-strength-for-woocommerce\u002F\" rel=\"ugc\">Password Strength for WooCommerce\u003C\u002Fa> – disables password strength enforcement in WooCommerce.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdonations-for-woocommerce\u002F\" rel=\"ugc\">Potent Donations for WooCommerce\u003C\u002Fa> – acceptance donations through your WooCommerce store\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortcodes-for-divi\u002F\" rel=\"ugc\">Shortcodes for Divi\u003C\u002Fa> – allows to use Divi Library layouts as shortcodes everywhere where text comes.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fstock-export-and-import-for-woocommerce\u002F\" rel=\"ugc\">Stock Export and Import for WooCommerce\u003C\u002Fa> – generates reports on the stock status (in stock \u002F out of stock) and quantity of individual WooCommerce products.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frandom-quiz-addon-for-lifterlms\u002F\" rel=\"ugc\">Random Quiz Generator for LifterLMS\u003C\u002Fa> – pull a random set of questions from your quiz so users never get the same question twice when retaking or setting up a practice quiz.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-and-divi-icons\u002F\" rel=\"ugc\">WP and Divi Icons\u003C\u002Fa> – adds over 660 custom outline SVG icons to your website. SVG icons are vector icons, so they are sharp and look good on any screen at any size.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-layouts\u002F\" rel=\"ugc\">WP Layouts\u003C\u002Fa> – the best way to organize, import, and export your layouts, especially if you have multiple websites.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-squish\u002F\" rel=\"ugc\">WP Squish\u003C\u002Fa> – reduce the amount of storage space consumed by your WordPress installation through the application of user-definable JPEG compression levels and image resolution limits to uploaded images.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To view WP Zone’s premium WordPress plugins and themes, visit our \u003Ca href=\"https:\u002F\u002Fwpzone.co\u002Fproduct\u002F\" rel=\"nofollow ugc\">WordPress products catalog page\u003C\u002Fa>.\u003C\u002Fp>\n","Easily add custom CSS and JavaScript code to your WordPress site, with draft previewing, revisions, and minification!",10000,176501,94,60,"2024-08-12T18:03:00.000Z","6.6.5","3.5",[77,78,23,79,80],"custom-css","custom-javascript","styles","stylesheet","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-css-and-javascript.2.0.16.zip",92,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":51,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":18,"tags":97,"homepage":100,"download_link":101,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"custom-css-manager-plugin","Custom CSS Manager","1.5.2","ChrisHurst","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrishurst\u002F","\u003Cp>Simple plugin to manage Custom CSS Code to change the appearance of your WordPress website.\u003Cbr \u002F>\nThis Plugin stores the CSS Code in the WordPress Options Database, very useful if you do not want to edit your theme css files.\u003C\u002Fp>\n\u003Cp>Developer Website: http:\u002F\u002FMyWebsiteAdvisor.com\u002F\u003C\u002Fp>\n\u003Cp>Plugin Support: http:\u002F\u002FMyWebsiteAdvisor.com\u002Fsupport\u002F\u003C\u002Fp>\n\u003Cp>Plugin Page: http:\u002F\u002Fmywebsiteadvisor.com\u002Ftools\u002Fwordpress-plugins\u002Fcustom-css-manager-plugin\u002F\u003C\u002Fp>\n\u003Cp>Video Tutorial: http:\u002F\u002Fmywebsiteadvisor.com\u002Flearning\u002Fvideo-tutorials\u002Fcustom-css-manager-tutorial\u002F\u003C\u002Fp>\n\u003Cp>Requirements:\u003Cbr \u002F>\nPHP v5.0+\u003Cbr \u002F>\nWordPress v3.3+\u003C\u002Fp>\n\u003Cp>To-do:\u003C\u002Fp>\n","Simple plugin to manage Custom CSS Code!",1000,72847,16,"2017-11-28T15:18:00.000Z","3.5.2","2.9",[20,98,21,22,99],"cascading-style-sheet","theme","http:\u002F\u002Fmywebsiteadvisor.com\u002Ftools\u002Fwordpress-plugins\u002Fcustom-css-manager-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-css-manager-plugin.1.5.2.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":13,"num_ratings":14,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":18,"tags":115,"homepage":117,"download_link":118,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"custom-cssjs","Custom CSS\u002FJS","1.0","becauseinterwebs","https:\u002F\u002Fprofiles.wordpress.org\u002Fbecauseinterwebs\u002F","\u003Cp>Tired of having to edit page templates or override theme options just to change one little thing?  Tired of having to “!important” your styles?\u003C\u002Fp>\n\u003Cp>Well, we can’t guarantee you won’t have to do that anymore 🙂 BUT, we can offer you a way to hopefully have to do LESS of it.  Simply install our Custom CSS\u002FJS plugin and you can add custom styles and scripts not only to your entire site but to individual pages and posts!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Specify javascripts and styles to use on specific pages\u002Fposts OR on a global (site wide) basis.\u003C\u002Fli>\n\u003Cli>Will load external javascript references first so that you can reference them in your in-page javascripts.\u003C\u002Fli>\n\u003Cli>Simple and easy to use!\u003C\u002Fli>\n\u003C\u002Ful>\n","Add custom javascripts and styles to pages and posts as well as your entire site.",80,2782,"2015-09-14T15:12:00.000Z","4.3.34","3.0",[21,22,23,116,24],"js","http:\u002F\u002Fwww.becauseinterwebs.com\u002Fwordpress-custom-css-js\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-cssjs.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":13,"num_ratings":14,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":18,"tags":132,"homepage":134,"download_link":135,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"css-injector","Custom CSS Injector","1.0.1","77 Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002F77solutions\u002F","\u003Cp>Add custom CSS into selected place of Your website in the simplest possible way.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Works faster than most popular custom CSS plugin available in WordPress.org repository\u003C\u002Fli>\n\u003Cli>Post code optimization with CSS Tidy\u003C\u002Fli>\n\u003Cli>5 supported sections (admin panel, login page, password recovery page, registration page, website).\u003C\u002Fli>\n\u003Cli>Possibility to place custom CSS code at top (head CSS) or bottom of page (footer CSS).\u003C\u002Fli>\n\u003Cli>Simple but useful solution that just works.\u003C\u002Fli>\n\u003Cli>Mobile optimized interface – add Your custom CSS from mobile device.\u003C\u002Fli>\n\u003Cli>Custom CSS Injector works on old and new WordPress versions.\u003C\u002Fli>\n\u003Cli>No technical skills required.\u003C\u002Fli>\n\u003Cli>Extremely easy to manage Your custom CSS code.\u003C\u002Fli>\n\u003Cli>No advertisings, donate buttons or other ugly looking “extras”, just custom CSS control.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Minimal Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.1 or later\u003C\u002Fli>\n\u003Cli>PHP 5.3 or later\u003C\u002Fli>\n\u003C\u002Ful>\n","Fast & simple solution to control custom CSS code in selected areas of Your website. Works to 8 times faster than most popular CSS plugin.",40,2786,"2017-09-03T23:32:00.000Z","4.8.28","3.1",[133,21,22,77,24],"admin-css","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcss-injector\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcss-injector.1.0.1.zip",{"attackSurface":137,"codeSignals":167,"taintFlows":196,"riskAssessment":232,"analyzedAt":238},{"hooks":138,"ajaxHandlers":163,"restRoutes":164,"shortcodes":165,"cronEvents":166,"entryPointCount":28,"unprotectedCount":28},[139,145,148,152,156,160],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","add_meta_boxes","nuno_sarmento_ccj_add_meta_boxes","admin\\nuno-sarmento-custom-css-js-services.php",15,{"type":140,"name":146,"callback":147,"file":143,"line":93},"save_post","save_meta_box_data",{"type":140,"name":149,"callback":150,"file":143,"line":151},"admin_menu","nuno_sarmento_ccj_admin_menu",17,{"type":140,"name":153,"callback":154,"file":143,"line":155},"admin_enqueue_scripts","nuno_sarmento_ccj_enqueue_scripts",19,{"type":140,"name":157,"callback":158,"file":143,"line":159},"wp_print_footer_scripts","nuno_sarmento_ccj_add_css",22,{"type":140,"name":157,"callback":161,"file":143,"line":162},"nuno_sarmento_ccj_add_js",23,[],[],[],[],{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":171,"fileOperations":28,"externalRequests":28,"nonceChecks":14,"capabilityChecks":194,"bundledLibraries":195},[],{"prepared":28,"raw":28,"locations":170},[],{"escaped":14,"rawEcho":11,"locations":172},[173,176,178,180,182,184,186,188,190,192],{"file":143,"line":174,"context":175},47,"raw output",{"file":143,"line":177,"context":175},49,{"file":143,"line":179,"context":175},50,{"file":143,"line":181,"context":175},55,{"file":143,"line":183,"context":175},93,{"file":143,"line":185,"context":175},95,{"file":143,"line":187,"context":175},155,{"file":143,"line":189,"context":175},157,{"file":143,"line":191,"context":175},185,{"file":143,"line":193,"context":175},190,2,[],[197,216],{"entryPoint":198,"graph":199,"unsanitizedCount":28,"severity":215},"save_meta_box_data (admin\\nuno-sarmento-custom-css-js-services.php:110)",{"nodes":200,"edges":212},[201,206],{"id":202,"type":203,"label":204,"file":143,"line":205},"n0","source","$_POST",133,{"id":207,"type":208,"label":209,"file":143,"line":210,"wp_function":211},"n1","sink","update_option() [Settings Manipulation]",140,"update_option",[213],{"from":202,"to":207,"sanitized":214},true,"low",{"entryPoint":217,"graph":218,"unsanitizedCount":28,"severity":215},"\u003Cnuno-sarmento-custom-css-js-services> (admin\\nuno-sarmento-custom-css-js-services.php:0)",{"nodes":219,"edges":229},[220,221,222,225],{"id":202,"type":203,"label":204,"file":143,"line":205},{"id":207,"type":208,"label":209,"file":143,"line":210,"wp_function":211},{"id":223,"type":203,"label":224,"file":143,"line":205},"n2","$_POST (x2)",{"id":226,"type":208,"label":227,"file":143,"line":191,"wp_function":228},"n3","echo() [XSS]","echo",[230,231],{"from":202,"to":207,"sanitized":214},{"from":223,"to":226,"sanitized":214},{"summary":233,"deductions":234},"The \"nuno-sarmento-custom-css-js\" plugin version 1.0.3 exhibits a generally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with exposed attack surfaces is a significant positive. Furthermore, the code demonstrates good practices with 100% of SQL queries using prepared statements and the presence of nonces and capability checks. The taint analysis reveals no critical or high-severity flows, indicating no obvious vulnerabilities related to unsanitized data processing.\n\nHowever, a notable concern arises from the output escaping. With 11 total outputs and only 9% properly escaped, this represents a significant risk of Cross-Site Scripting (XSS) vulnerabilities. Attackers could potentially inject malicious scripts through user-controllable data that is not adequately sanitized before being displayed to other users or administrators. The plugin also has no recorded vulnerability history, which is positive, but it doesn't negate the risks identified in the static analysis.  A balanced view would highlight the robust handling of database operations and input points, but strongly caution against the prevalent lack of output sanitization.",[235],{"reason":236,"points":237},"Insufficient output escaping",8,"2026-03-16T23:49:23.871Z",{"wat":240,"direct":247},{"assetPaths":241,"generatorPatterns":243,"scriptPaths":244,"versionParams":245},[242],"\u002Fwp-content\u002Fplugins\u002Fnuno-sarmento-custom-css-js\u002Fassets\u002Fcss\u002Fstyle.css",[],[],[246],"nuno-sarmento-custom-css-js\u002Fassets\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":248,"htmlComments":250,"htmlAttributes":251,"restEndpoints":258,"jsGlobals":259,"shortcodeOutput":260},[249],"biw_textarea",[],[252,253,254,255,256,257],"name=\"tend_ccj_custom_css\"","id=\"tend_ccj_custom_css\"","name=\"tend_ccj_custom_js_external\"","id=\"tend_ccj_custom_js_external\"","name=\"tend_ccj_custom_js\"","id=\"tend_ccj_custom_js\"",[],[],[]]