[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fK9mdAjyb3_fngcOL_A-mZdUoZlp2htAoEJ9-Nk04XVE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":127,"fingerprints":201},"parse-shortcodes","Allow Shortcodes in Text Widgets","1.0","CodeAndReload","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodeandreload\u002F","\u003Cp>This plugin provides the option to enable\u002Fdisable the usage of shortcodes in the default text widget provided by WordPress along with smilies if enabled for the blog.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Technical support for this plugin will be provided via the WordPress plugin forum.  Additional support may be\u003Cbr \u002F>\navailable at \u003Ca href=\"http:\u002F\u002Fwww.codeandreload.com\u002Fwp-plugins\u002Fallow-shortcodes-in-text-widgets\u002F\" title=\"Allow Shortcodes in Text Widgets at Code\nand Reload\">plugin’s homepage\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin provides the option to enable\u002Fdisable the shortcodes in the default text widgets along with smilies.",70,5252,0,"2010-11-08T20:19:00.000Z","3.0.5","2.9","",[19,20,21,22,23],"emoticon","shortcode","smilie","smilies","text-widget","http:\u002F\u002Fwww.codeandreload.com\u002Fwp-plugins\u002Fallow-shortcodes-in-text-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fparse-shortcodes.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"codeandreload",4,370,30,84,"2026-04-04T20:28:44.294Z",[38,58,73,92,110],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":17,"requires_php":17,"tags":52,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"keep-emoticons-as-text","Keep Emoticons as Text","1.0.0","Geek Goddess","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeek-goddess\u002F","\u003Cp>As of the release of 4.3, WordPress removed the “Formatting” section from the Writing settings.  Included in there was the option to turn off WordPress’s default action to convert text emoticons to image smilies.  This plugin does the same thing as unchecking the “convert to smilies” box that used to be available via the settings.\u003C\u002Fp>\n","Disables the default WordPress option of converting emoticons to image smilies",800,7799,100,8,"2024-07-03T18:52:00.000Z","6.5.8",[53,54,22],"emoticons","formatting","https:\u002F\u002Fwww.geekgoddess.com\u002Fkeep-emoticons-as-text-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkeep-emoticons-as-text.zip",92,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":46,"downloaded":66,"rating":67,"num_ratings":49,"last_updated":68,"tested_up_to":69,"requires_at_least":17,"requires_php":17,"tags":70,"homepage":17,"download_link":72,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"really-disable-emojis","Really Disable Emojis","1.1","Christian Leuenberg","https:\u002F\u002Fprofiles.wordpress.org\u002Fcleuenberg\u002F","\u003Cp>WordPress comes with a built-in replacement function that turns 🙂 etc. into emojis. If you need to switch this off, simply install and activate this plugin. It’s that simple.\u003C\u002Fp>\n","Disables the automatic emojis (smilies) replacement function. Really! :-)",6374,98,"2023-09-11T08:10:00.000Z","6.3.8",[71,53,22],"emojis","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freally-disable-emojis.1.1.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":48,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":17,"tags":87,"homepage":90,"download_link":91,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tinymce-smiley-button","TinyMCE Smiley Button","1.0.9","Cople","https:\u002F\u002Fprofiles.wordpress.org\u002Fcople\u002F","\u003Cp>Add Smiley Button to TinyMCE.\u003C\u002Fp>\n","Add Smiley Button to TinyMCE.",700,18726,1,"2020-09-07T11:52:00.000Z","5.5.18","4.2",[88,19,53,89,22],"emoji","smiley","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftinymce-smiley-button\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftinymce-smiley-button.1.0.9.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":13,"num_ratings":13,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":17,"tags":105,"homepage":108,"download_link":109,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"custom-smilies-directory","Custom Smilies Directory","1.2","Jose Pardilla","https:\u002F\u002Fprofiles.wordpress.org\u002Fmoskis\u002F","\u003Cp>Custom Smilies Directory is a plugin that tells WordPress to load Smilies from your theme’s directory. This allows you to use custom Smilies without loosing them when you update WordPress.\u003C\u002Fp>\n\u003Cp>Since version 1.1 plugin will check that the smilies folder exists in the active theme. If it doesn’t, it will load the default WordPress smilies and show an error notice in the admin panel letting the user know he has to upload the smilies to the theme directory.\u003C\u002Fp>\n\u003Ch4>Where do i find smiley packs?\u003C\u002Fh4>\n\u003Cp>You can find many pack in the Internet, by googling for them or searching on sites like deviantArt.com. You can also check out two packs i made a some time ago: \u003Ca href=\"http:\u002F\u002Fjosepardilla.com\u002Ffreebies\u002Fmoskis-smilies-pack-1\u002F\" rel=\"nofollow ugc\">Pack #1\u003C\u002Fa> – \u003Ca href=\"http:\u002F\u002Fjosepardilla.com\u002Ffreebies\u002Fmoskis-smilies-pack-2\u002F\" rel=\"nofollow ugc\">Pack #2\u003C\u002Fa>.\u003C\u002Fp>\n","Light plugin that tells WordPress to load Smilies from your theme's directory. This allows you to use custom Smilies without loosing them when yo …",10,3229,"2012-02-05T19:26:00.000Z","3.3.2","2.8",[53,106,89,22,107],"pack","smilies-pack","http:\u002F\u002Fplugins.josepardilla.com\u002Fcustom-smilies-directory\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-smilies-directory.1.2.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":100,"downloaded":118,"rating":48,"num_ratings":83,"last_updated":119,"tested_up_to":120,"requires_at_least":104,"requires_php":17,"tags":121,"homepage":125,"download_link":126,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tango-smilies","Tango\u002FGNOME Smilies","3.3","Jeff Waugh","https:\u002F\u002Fprofiles.wordpress.org\u002Fjdub\u002F","\u003Cp>Replace the blocky default (GIF) smilies with beautiful Tango\u002FGNOME (PNG) smilies.\u003C\u002Fp>\n\u003Cp>If you want to use this plugin with a version of WordPress prior to 2.8, please use version 2.0.\u003C\u002Fp>\n","Replace the blocky default (GIF) smilies with beautiful Tango\u002FGNOME (PNG) smilies.",6226,"2009-06-29T15:47:00.000Z","2.8.1",[122,53,123,22,124],"emotes","filter","tango","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftango-smilies\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftango-smilies.3.3.zip",{"attackSurface":128,"codeSignals":156,"taintFlows":194,"riskAssessment":195,"analyzedAt":200},{"hooks":129,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":13,"unprotectedCount":13},[130,136,140,145,149],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","admin_menu","parseshortcode_create_menu","admin_page.php",27,{"type":131,"name":137,"callback":138,"file":134,"line":139},"admin_init","parseshortcode_api_init",28,{"type":131,"name":141,"callback":142,"file":143,"line":144},"init","parseshortcode_globals_init","parse-shortcodes.php",13,{"type":123,"name":146,"callback":147,"file":143,"line":148},"widget_text","do_shortcode",18,{"type":123,"name":146,"callback":150,"file":143,"line":151},"convert_smilies",21,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":193},[],{"prepared":13,"raw":13,"locations":159},[],{"escaped":13,"rawEcho":161,"locations":162},15,[163,166,168,170,172,174,176,178,180,182,184,185,187,189,191],{"file":134,"line":164,"context":165},36,"raw output",{"file":134,"line":167,"context":165},37,{"file":134,"line":169,"context":165},40,{"file":134,"line":171,"context":165},45,{"file":134,"line":173,"context":165},102,{"file":134,"line":175,"context":165},124,{"file":134,"line":177,"context":165},151,{"file":134,"line":179,"context":165},155,{"file":134,"line":181,"context":165},159,{"file":134,"line":183,"context":165},160,{"file":134,"line":183,"context":165},{"file":134,"line":186,"context":165},165,{"file":134,"line":188,"context":165},184,{"file":134,"line":190,"context":165},185,{"file":134,"line":192,"context":165},187,[],[],{"summary":196,"deductions":197},"The 'parse-shortcodes' v1.0 plugin exhibits a strong overall security posture based on the provided static analysis and vulnerability history. The absence of any recorded vulnerabilities, CVEs, or critical taint flows is a significant positive indicator. The code analysis reveals no dangerous functions, file operations, external HTTP requests, or SQL queries that do not utilize prepared statements, all of which are excellent security practices.\n\nHowever, a notable concern arises from the output escaping analysis. With 15 total outputs and 0% properly escaped, this represents a significant risk. This lack of proper output sanitization can lead to cross-site scripting (XSS) vulnerabilities if any dynamic content is displayed without sufficient escaping. While the plugin currently has no identified attack surface points (AJAX, REST API, shortcodes, cron events), the potential for XSS through unescaped output remains a critical weakness.\n\nIn conclusion, 'parse-shortcodes' v1.0 demonstrates commendable security hygiene in many areas, particularly in its handling of SQL and its lack of external dependencies or dangerous functions. The complete absence of a vulnerability history further strengthens this perception. The paramount weakness, however, is the pervasive lack of output escaping, which introduces a high risk of XSS vulnerabilities and requires immediate attention.",[198],{"reason":199,"points":161},"0% output escaping","2026-03-16T21:32:27.533Z",{"wat":202,"direct":209},{"assetPaths":203,"generatorPatterns":204,"scriptPaths":205,"versionParams":206},[],[],[],[207,208],"parse-shortcodes\u002Fstyle.css?ver=","parse-shortcodes\u002Fscript.js?ver=",{"cssClasses":210,"htmlComments":211,"htmlAttributes":212,"restEndpoints":213,"jsGlobals":214,"shortcodeOutput":215},[],[],[],[],[],[]]