[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1S5yf1PaGFC7a21uU5HcDCuYKNNJQ7lQoDrdsKDaBVA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":120,"fingerprints":242},"pcsh-pastacode-syntaxhighlighter","PCSH (PastaCode and SyntaxHighlighter)","0.4.2","Oleg Soromin","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebaib\u002F","\u003Cp>With PCSH (based on the Pastacode plugin), you can easily add code into your posts with the awesome SyntaxHighlighter js-library.\u003Cbr \u002F>\nYou can insert source code into the post editor, from a file, or from webservices like GitHub, Gist, Pastebin or BitBucket. Webservices responses are cached in order to avoid too many HTTP requests.\u003C\u002Fp>\n\u003Cp>Don’t worry about posts updates while upgrading codes!\u003C\u002Fp>\n\u003Cp>PCSH allows to enhance your snippets using SyntaxHighlighter plugins (highlightning lines, link functions…).\u003C\u002Fp>\n\u003Cp>8 different color schemes are included, and you can build yours.\u003C\u002Fp>\n\u003Cp>Available programming languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>AppleScript\u003C\u002Fli>\n\u003Cli>ActionScript3\u003C\u002Fli>\n\u003Cli>Bash\u003C\u002Fli>\n\u003Cli>CoffeeScript\u003C\u002Fli>\n\u003Cli>C++\u003C\u002Fli>\n\u003Cli>C#\u003C\u002Fli>\n\u003Cli>CSS\u003C\u002Fli>\n\u003Cli>Pascal\u003C\u002Fli>\n\u003Cli>Diff\u003C\u002Fli>\n\u003Cli>Erlang\u003C\u002Fli>\n\u003Cli>Groovy\u003C\u002Fli>\n\u003Cli>Haxe\u003C\u002Fli>\n\u003Cli>Java\u003C\u002Fli>\n\u003Cli>JavaFX\u003C\u002Fli>\n\u003Cli>JavaScript\u003C\u002Fli>\n\u003Cli>Perl\u003C\u002Fli>\n\u003Cli>PHP\u003C\u002Fli>\n\u003Cli>Plain\u003C\u002Fli>\n\u003Cli>Python\u003C\u002Fli>\n\u003Cli>Ruby\u003C\u002Fli>\n\u003Cli>Scala\u003C\u002Fli>\n\u003Cli>SQL\u003C\u002Fli>\n\u003Cli>VisualBasic\u003C\u002Fli>\n\u003Cli>XML\u003C\u002Fli>\n\u003C\u002Ful>\n","Use PCSH to add code into your posts with the awesome SyntaxHighlighter plugin. So, past'a code!",10,2506,60,2,"2015-12-10T13:11:00.000Z","4.4.34","3.1","",[20,21,22,23,24],"bitbucket","code","embed","github","version","https:\u002F\u002Fgithub.com\u002FWebaib\u002FPastacodeAndSyntaxHighlighter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpcsh-pastacode-syntaxhighlighter.0.4.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"webaib",1,30,84,"2026-04-04T18:30:12.186Z",[39,60,77,95,109],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":58,"download_link":59,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"github-readme","Github README","0.2.0","Jason Stallings","https:\u002F\u002Fprofiles.wordpress.org\u002Foctalmage\u002F","\u003Cp>Github README is a plugin that allows you to embed markdown from GitHub in a page or post using a simple shortcode.\u003C\u002Fp>\n\u003Cp>Usage:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>github_readme\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This shortcode embeds the project’s readme.\u003C\u002Fp>\n\u003Cp>[github_readme repo=”octalmage\u002FMarknote”]\u003C\u002Fp>\n\u003Cp>You can also trim lines from the top of the readme using the “trim” option:\u003C\u002Fp>\n\u003Cp>[github_readme repo=”octalmage\u002FMarknote” trim=”3″]\u003C\u002Fp>\n\u003Cp>This is useful for removing titles since your page\u002Fpost will most likely already have one.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>github_markdown\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This shortcode embeds any markdown file found in the repository.\u003C\u002Fp>\n\u003Cp>[github_markdown repo=”octalmage\u002FMarknote” file=”README.md”]\u003C\u002Fp>\n\u003Cp>trim, branch, and cache (seconds to cache) also supported.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>github_wikipage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This shortcode embeds pages from a project’s wiki.\u003C\u002Fp>\n\u003Cp>[github_wikipage repo=”octalmage\u002FMarknote” page=”Syntax”]\u003C\u002Fp>\n\u003Cp>trim and cache also supported.\u003C\u002Fp>\n","Easily embed GitHub READMEs in pages\u002Fposts.",20,3237,100,4,"2016-06-07T15:07:00.000Z","4.5.33","3.0.1",[22,23,55,56,57],"markdown","readme","shortcode","https:\u002F\u002Fgithub.com\u002Foctalmage\u002Fgithub-readme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgithub-readme.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":11,"downloaded":68,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":49,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":76},"getgit","GetGit","0.3","claycarpenter","https:\u002F\u002Fprofiles.wordpress.org\u002Fclaycarpenter\u002F","\u003Cp>This plugin embeds the content of a public GitHub repository into your WordPress posts. It’s capable of retrieving either the full content or a snippet of a file. The code will be displayed with syntax highlighting and line numbers.\u003C\u002Fp>\n\u003Cp>Now supports content caching for improved page responsiveness and load times.\u003C\u002Fp>\n\u003Cp>Syntax highlighting is provided by the \u003Ca href=\"http:\u002F\u002Fsunlightjs.com\u002F\" title=\"Sunlight JS\" rel=\"nofollow ugc\">Sunlight JS\u003C\u002Fa> syntax highlighter. Many thanks to those involved in that project!\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>This plugin registers a shortcode that allows for embedding GitHub repo content into blog posts. To embed content into your post, use the \u003Ccode>github\u003C\u002Fcode> shortcode like so:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[github userid=\"[target user id]\" repoid=\"[target repo id]\" path=\"[path to content]\" language=\"[language of target content]\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Attributes used by the \u003Ccode>github\u003C\u002Fcode> shortcode:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>userid – The user ID of the repository owner.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>repoid – The ID of the repository that contains the target content.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>path – The full path to the content. This path should start at the repository root, not inclusive of the leading \u003Ccode>\u002F\u003C\u002Fcode>, and terminate with the name of the target content’s filename.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>language – The programming language of the code contained in the content. This information will be passed to the syntax highlighter. The value must match one of the recognized values for the Sunlight JS engine. For a list of values, see the \u003Ca href=\"http:\u002F\u002Fsunlightjs.com\u002Fdocs.html\" rel=\"nofollow ugc\">Sunlight documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>startloc – Optional. The starting line of code to display in the code snippet. If this attribute is ommitted, the first line of retrieved file will be the first line of code displayed in the snippet.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>stoploc – Optional. The final line of code (inclusive) to display in the code snippet. If this attribute is ommitted, the final line of content shown in the snippet will be the last line of the retrieved file.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Cp>Retrieve \u003Ccode>src\u002Fsupport.js\u003C\u002Fcode> from the jQuery project repo:\u003Cbr \u002F>\n    [getgit repoid=”jquery” userid=”jquery” path=”src\u002Fsupport.js” language=”javascript”]\u003C\u002Fp>\n\u003Cp>Retrieve lines 39 through 64 of this plugin’s content retrieval class:\u003Cbr \u002F>\n    [getgit repoid=github-wordpress-plugin userid=claycarpenter path=”src\u002Fphp\u002Fgithub_repo_content_retriever.php” language=”php” startloc=39 stoploc=64]\u003C\u002Fp>\n","Embeds syntax-highlighted GitHub repo content into your blog posts.",1949,"3.5.2","3.5.1",[21,22,23,72,73],"repositories","snippet","http:\u002F\u002Fflightlessflyer.pinguinotech.com\u002Fgithub-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgetgit.0.3.zip","2026-03-15T10:48:56.248Z",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":11,"downloaded":85,"rating":49,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":93,"download_link":94,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"gist-for-robots-wordpress","Gist for Robots WordPress Plugin","1.3","Pedro Elsner","https:\u002F\u002Fprofiles.wordpress.org\u002Fpedro-elsner\u002F","\u003Cp>Drop in the embed code from github between the gist shortcode.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[gist]\u003Cscript src=\"http:\u002F\u002Fgist.github.com\u002F447298.js?file=github_gist_wordpress_plugin_test.txt\">\u003C\u002Fscript>[\u002Fgist]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or pass the ID and file (optional)\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[gist id=447298 file=github_gist_wordpress_plugin_test.txt]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Makes embedding Github.com gists SEO friendly and super awesomely easy.",2601,3,"2013-12-19T11:10:00.000Z","3.7.41","2.1",[22,91,92,23,57],"gist","git","https:\u002F\u002Fgithub.com\u002Fpedroelsner\u002Fgist-for-robots-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgist-for-robots-wordpress.zip",{"slug":96,"name":97,"version":98,"author":18,"author_profile":99,"description":100,"short_description":101,"active_installs":11,"downloaded":102,"rating":28,"num_ratings":28,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":18,"tags":106,"homepage":107,"download_link":108,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"github-gist","GitHub Gist WordPress Plugin","1.1","https:\u002F\u002Fprofiles.wordpress.org\u002Fjingweno\u002F","\u003Cp>GitHub Gist WordPress Plugin allows you to embed \u003Ca href=\"http:\u002F\u002Fgist.github.com\" rel=\"nofollow ugc\">GitHub Gist\u003C\u002Fa> snippets with a [gist] tag, instead of copying and pasting HTML. For example, to embed the \u003Ca href=\"http:\u002F\u002Fgist.github.com\u002F447298.js?file=github_gist_wordpress_plugin_test.txt\" rel=\"nofollow ugc\">github_gist_wordpress_plugin_test.txt\u003C\u002Fa> file from \u003Ca href=\"http:\u002F\u002Fgist.github.com\u002F447298.js\" rel=\"nofollow ugc\">gist: 447298\u003C\u002Fa>, fill in the id and file attributes in the [gist] tag:\u003C\u002Fp>\n\u003Cp>[gist id=447298 file=github_gist_wordpress_plugin_test.txt]\u003C\u002Fp>\n\u003Cp>or\u003C\u002Fp>\n\u003Cp>copy the embedding JavaScript code from GitHub and directly paste it in the body of the [gist] tag:\u003C\u002Fp>\n\u003Cp>[gist]\u003Ccode>\u003Cscript src=\"http:\u002F\u002Fgist.github.com\u002F447298.js?file=github_gist_wordpress_plugin_test.txt\">\u003C\u002Fscript>\u003C\u002Fcode>[\u002Fgist].\u003C\u002Fp>\n\u003Cp>The [gist] tag also expands the content of the embedded Gist and wraps it with “\u003Ccode>\u003Cnoscript>\u003Ccode>\u003Cpre>\u003C\u002Fcode>” so that search engine spiders, users with javascript disabled and users reading your blog through RSS will still see your code in a blog entry.\u003C\u002Fp>\n","GitHub Gist Wordpress Plugin allows you to embed GitHub Gist snippets with a [gist] tag, instead of copying and pasting HTML.",3431,"2010-09-22T07:14:00.000Z","3.0.5","2.5.1",[22,91,92,23,57],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fgithub-gist","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgithub-gist.zip",{"slug":110,"name":111,"version":112,"author":43,"author_profile":44,"description":113,"short_description":114,"active_installs":11,"downloaded":115,"rating":28,"num_ratings":28,"last_updated":116,"tested_up_to":88,"requires_at_least":53,"requires_php":18,"tags":117,"homepage":118,"download_link":119,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"github-shortcode","Github Shortcode","0.1","\u003Cp>Github Shortcode is a plugin that allows you to embed a GitHub repository in a page or post using a simple shortcode.\u003C\u002Fp>\n\u003Cp>Usage:\u003C\u002Fp>\n\u003Cp>[github repo=”octalmage\u002FGithub-Shortcode”]\u003C\u002Fp>\n","Easily display GitHub Repositories in Pages\u002FPosts.",3757,"2013-11-25T07:36:00.000Z",[22,23,57],"http:\u002F\u002Fjson.sx\u002Fprojects\u002Fgithub-shortcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgithub-shortcode.zip",{"attackSurface":121,"codeSignals":201,"taintFlows":231,"riskAssessment":232,"analyzedAt":241},{"hooks":122,"ajaxHandlers":193,"restRoutes":194,"shortcodes":195,"cronEvents":200,"entryPointCount":34,"unprotectedCount":28},[123,129,133,138,142,146,150,154,158,162,166,170,174,178,182,186,189],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","plugins_loaded","pcsh_load_languages","pastacodeSH.php",21,{"type":124,"name":130,"callback":131,"file":127,"line":132},"wp_enqueue_scripts","pcsh_enqueue_SyntaxHighlighterCSS",36,{"type":134,"name":135,"callback":136,"priority":11,"file":127,"line":137},"filter","pcsh_github","_pcsh_github",218,{"type":134,"name":139,"callback":140,"priority":11,"file":127,"line":141},"pcsh_gist","_pcsh_gist",277,{"type":134,"name":143,"callback":144,"priority":11,"file":127,"line":145},"pcsh_bitbucket","_pcsh_bitbucket",308,{"type":134,"name":147,"callback":148,"priority":11,"file":127,"line":149},"pcsh_file","_pcsh_file",346,{"type":134,"name":151,"callback":152,"priority":11,"file":127,"line":153},"pcsh_pastebin","_pcsh_pastebin",375,{"type":134,"name":155,"callback":156,"priority":11,"file":127,"line":157},"pcsh_manual","_pcsh_manual",404,{"type":134,"name":159,"callback":160,"priority":11,"file":127,"line":161},"plugin_row_meta","pcsh_plugin_row_meta",460,{"type":134,"name":163,"callback":164,"priority":11,"file":127,"line":165},"admin_post_pcsh_drop_transients","pcsh_drop_transients",493,{"type":124,"name":167,"callback":168,"file":127,"line":169},"admin_menu","pcsh_create_menu",520,{"type":124,"name":171,"callback":172,"file":127,"line":173},"admin_init","pcsh_button_editor",695,{"type":134,"name":175,"callback":176,"file":127,"line":177},"mce_external_plugins","pcsh_script_tiny",709,{"type":134,"name":179,"callback":180,"file":127,"line":181},"mce_buttons","pcsh_register_button",710,{"type":124,"name":183,"callback":184,"file":127,"line":185},"admin_enqueue_scripts","pcsh_shortcodes_mce_css",740,{"type":124,"name":171,"callback":187,"file":127,"line":188},"add_pcsh_styles_to_editor",753,{"type":124,"name":190,"callback":191,"file":127,"line":192},"before_wp_tiny_mce","pcsh_text",765,[],[],[196],{"tag":197,"callback":198,"file":127,"line":199},"pcsh","sc_pcsh",54,[],{"dangerousFunctions":202,"sqlUsage":203,"outputEscaping":211,"fileOperations":28,"externalRequests":226,"nonceChecks":34,"capabilityChecks":86,"bundledLibraries":227},[],{"prepared":28,"raw":14,"locations":204},[205,208],{"file":127,"line":206,"context":207},507,"$wpdb->query() with variable interpolation",{"file":127,"line":209,"context":210},649,"$wpdb->get_var() with variable interpolation",{"escaped":212,"rawEcho":213,"locations":214},15,5,[215,218,220,222,224],{"file":127,"line":216,"context":217},552,"raw output",{"file":127,"line":219,"context":217},554,{"file":127,"line":221,"context":217},574,{"file":127,"line":223,"context":217},656,{"file":127,"line":225,"context":217},939,6,[228],{"name":229,"version":29,"knownCves":230},"TinyMCE",[],[],{"summary":233,"deductions":234},"The plugin 'pcsh-pastacode-syntaxhighlighter' v0.4.2 demonstrates a generally positive security posture, with no known vulnerabilities in its history and a significant portion of its code outputs being properly escaped. The static analysis reveals a limited attack surface with only one shortcode and no unprotected AJAX handlers or REST API routes. Furthermore, the plugin implements nonce and capability checks, indicating an effort to secure its entry points.\n\nHowever, there are areas for improvement. The most significant concern is the presence of SQL queries that are not prepared statements. With two SQL queries identified and 0% using prepared statements, this presents a risk of SQL injection vulnerabilities if user-supplied data is directly incorporated into these queries. The plugin also makes several external HTTP requests, which, without further analysis of their destinations and handling, could potentially be a vector for various attacks. The bundled TinyMCE library, while common, warrants a check for known vulnerabilities in its specific version.\n\nGiven the absence of historical vulnerabilities and the presence of some security controls, the plugin is not in immediate critical danger. However, the lack of prepared statements for all SQL queries is a notable weakness that should be addressed to prevent potential exploits. The plugin's strengths lie in its limited attack surface and existing authentication checks, but its reliance on potentially unsafe SQL practices requires attention.",[235,237,239],{"reason":236,"points":11},"SQL queries without prepared statements",{"reason":238,"points":86},"External HTTP requests identified",{"reason":240,"points":86},"Bundled library (TinyMCE) may have vulnerabilities","2026-03-17T00:46:44.197Z",{"wat":243,"direct":250},{"assetPaths":244,"generatorPatterns":246,"scriptPaths":247,"versionParams":248},[245],"\u002Fwp-content\u002Fplugins\u002Fpcsh-pastacode-syntaxhighlighter\u002Fcss\u002FSyntaxHighlighter.css",[],[],[249],"\u002Fwp-content\u002Fplugins\u002Fpcsh-pastacode-syntaxhighlighter\u002Fcss\u002FSyntaxHighlighter.css?ver=",{"cssClasses":251,"htmlComments":257,"htmlAttributes":258,"restEndpoints":262,"jsGlobals":264,"shortcodeOutput":265},[252,253,254,255,256],"code-embed-wrapper","code-embed-infos","code-embed-name","code-embed-raw","pcsh_message",[],[259,260,261],"brush","tab-size","highlight",[263],"\u002Fwp-json\u002Fwp\u002Fv2\u002Fposts",[],[266,267,268,269,270,271,272,273,274,271,275,276,277,278,279,279],"\u003Cdiv class=\"code-embed-wrapper\">","\u003Cpre class=\"brush:","\">","\u003C\u002Fpre>","\u003Cdiv align=\"right\" class=\"code-embed-infos\">","\u003Ca href=\"","\" title=\"See ","\" target=\"_blank\" class=\"code-embed-name\">","\u003C\u002Fa>","\" title=\"Back to ","\" class=\"code-embed-raw\" target=\"_blank\">view raw\u003C\u002Fa>","\u003Cspan class=\"code-embed-name\">","\u003C\u002Fspan>","\u003C\u002Fdiv>"]