[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYJ4ZRzUzcucqPwauXgNMWSHyfqx_3e2ZQ3aZdpws5EM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":18,"download_link":19,"security_score":20,"vuln_count":11,"unpatched_count":11,"last_vuln_date":21,"fetched_at":22,"vulnerabilities":23,"developer":24,"crawl_stats":21,"alternatives":32,"analysis":33,"fingerprints":68},"playground-embedder","Playground Embedder","1.1","Joost de Valk","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoostdevalk\u002F","\u003Cp>Add the WordPress playground by adding a \u003Ccode>[wp_playground]\u003C\u002Fcode> shortcode to your pages. This plugin supports all the attributes the playground supports, which \u003Ca href=\"https:\u002F\u002Fwordpress.github.io\u002Fwordpress-playground\u002Fdocs\u002Fquery-api#available-options\" rel=\"nofollow ugc\">you can find here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>By default, the plugin lazy loads the playground, so it’s only loaded after a button click. An additional feature is that you\u003Cbr \u002F>\ncan decide not to lazy load the playground by adding \u003Ccode>lazy=0\u003C\u002Fcode> to the shortcode, like so:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wp_playground lazy=0]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>At this point the plugin renders the playground immediately.\u003C\u002Fp>\n\u003Ch3>Blueprints\u003C\u002Fh3>\n\u003Cp>You can load entire blueprints into the shortcode by putting them in the content between the shortcode, like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wp_playground]\n{\n    \"landingPage\": \"\u002Fwp-admin\u002F\",\n    \"preferredVersions\": {\n        \"php\": \"8.0\",\n        \"wp\": \"latest\"\n    },\n    \"steps\": [\n        {\n            \"step\": \"login\",\n            \"username\": \"admin\",\n            \"password\": \"password\"\n        }\n    ]\n}\n[\u002Fwp_playground]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>These blueprints allow you to install themes, plugins and more. To learn about them, read the \u003Ca href=\"https:\u002F\u002Fwordpress.github.io\u002Fwordpress-playground\u002Fblueprints-api\u002Findex\" rel=\"nofollow ugc\">Playground documentation\u003C\u002Fa>.\u003C\u002Fp>\n","Embeds the WordPress playground through a shortcode.",0,749,"","6.2.9","6.0","7.4",[],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplayground-embedder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplayground-embedder.1.1.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":25,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"joostdevalk",8,9150,96,2736,76,"2026-04-04T19:03:30.357Z",[],{"attackSurface":34,"codeSignals":51,"taintFlows":58,"riskAssessment":59,"analyzedAt":67},{"hooks":35,"ajaxHandlers":42,"restRoutes":43,"shortcodes":44,"cronEvents":49,"entryPointCount":50,"unprotectedCount":11},[36],{"type":37,"name":38,"callback":39,"file":40,"line":41},"action","plugins_loaded","init","playground-embedder.php",28,[],[],[45],{"tag":46,"callback":47,"file":40,"line":48},"wp_playground","shortcode_output",37,[],1,{"dangerousFunctions":52,"sqlUsage":53,"outputEscaping":55,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":57},[],{"prepared":11,"raw":11,"locations":54},[],{"escaped":11,"rawEcho":11,"locations":56},[],[],[],{"summary":60,"deductions":61},"The \"playground-embedder\" plugin version 1.1 exhibits a strong security posture based on the provided static analysis.  The code demonstrates excellent security practices by not utilizing dangerous functions, avoiding raw SQL queries in favor of prepared statements, and ensuring all output is properly escaped. The absence of file operations and external HTTP requests further reduces the potential attack surface. Importantly, the analysis indicates no critical or high severity taint flows, suggesting that user-supplied data is handled securely. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator of its security development and maintenance.",[62,65],{"reason":63,"points":64},"No nonce checks found",5,{"reason":66,"points":64},"No capability checks found","2026-03-17T05:50:03.121Z",{"wat":69,"direct":76},{"assetPaths":70,"generatorPatterns":71,"scriptPaths":72,"versionParams":74},[],[],[73],"\u002Fwp-content\u002Fplugins\u002Fplayground-embedder\u002Fscript.js",[75],"playground-embedder\u002Fscript.js?ver=",{"cssClasses":77,"htmlComments":79,"htmlAttributes":80,"restEndpoints":84,"jsGlobals":85,"shortcodeOutput":87},[78],"wp-playground",[],[81,82,83],"id=\"wp-","style=\"width:","height:",[],[86],"startPlaygroundWeb",[88,89,90,91,92,93,86,94],"\u003Cbutton class=\"wp-element-button\" id=\"wp-","Click to load playground.","\u003Ciframe class=\"wp-playground\" id=\"wp-","console.log('Loading WP playground');","s = document.createElement(\"script\");","import {","} from \"https:\u002F\u002Funpkg.com\u002F@wp-playground\u002Fclient\u002Findex.js\";"]