[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1omTa4BJtC7YwV2RwBTkt2F0OvZExMuYEWu64I6FxsE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":14,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":33,"analysis":91,"fingerprints":121},"remove-unwanted-p-tags","Remove Unwanted P tags","1.0","Umang Bhanvadia","https:\u002F\u002Fprofiles.wordpress.org\u002Fumang7\u002F","\u003Cp>It will remove auto generated p tags in wordpress content.\u003C\u002Fp>\n","It will remove auto generated p tags in wordpress content.",10,1050,0,"","5.0.25","5.0",[18,19],"basic-plugin","p-tags","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-unwanted-p-tags.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"umang7",3,120,95,30,91,"2026-04-04T15:40:08.175Z",[34,58,74],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":21,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":14,"tags":48,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":57},"safe-paste","Safe Paste","1.1.9","Samuel Aguilera","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamuelaguilera\u002F","\u003Cp>WordPress do a great job by default filtering potentially dangerous code inside your content. So this plugin is NOT about security.\u003C\u002Fp>\n\u003Cp>But people can break your site design without compromising your security… That’s the purpose of this little plugin.\u003C\u002Fp>\n\u003Cp>Do you have users that creates content for you?. Do you own an online Magazine?\u003C\u002Fp>\n\u003Cp>If you answer yes to at least one of the above questions, I’m sure you have minor design troubles in your site because of your users using copy\u002Fpaste (ofcourse without using TinyMCE buttons to remove code) while not being aware of all the HTML tags they are pasting…\u003C\u002Fp>\n\u003Cp>This plugin simply removes a lot of HTML tags (and non breaking space HTML entitie) from post and page content before inserting it to database. Preventing users (including you) to paste undesired HTML tags to the content.\u003C\u002Fp>\n\u003Cp>It only does his work while you’re editing your post\u002Fpage (it can be in any status). So it’ll do the job on the new post\u002Fpages you create after the activation of the plugin and in old content that you edit after the plugin activation.\u003C\u002Fp>\n\u003Cp>These are the HTML tags that stays:\u003C\u002Fp>\n\u003Cp>\u003Cp>\u003Cbr \u002F>\n\u003Ca> (allowed attributes: href, title).\u003Cbr \u002F>\n\u003Cimg> (allowed attributes: src, alt, class).\u003Cbr \u002F>\n\u003Ch1>\u003Cbr \u002F>\n\u003Ch2>\u003Cbr \u002F>\n\u003Ch3>\u003Cbr \u002F>\n\u003Ch4>\u003Cbr \u002F>\n\u003Ch5>\u003Cbr \u002F>\n\u003Ch6>\u003Cbr \u002F>\n\u003Cblockquote>\u003Cbr \u002F>\n\u003Col>\u003Cbr \u002F>\n\u003Cul>\u003Cbr \u002F>\n\u003Cli>\u003Cbr \u002F>\n\u003Cem>\u003Cbr \u002F>\n\u003Cstrong>\u003Cbr \u002F>\n\u003Cdel>\u003Cbr \u002F>\n\u003Ccode>\u003Cbr \u002F>\n\u003Cins>\u003C\u002Fp>\n\u003Cp>Any other HTML tag (or attributes) and   (non breaking space) should be removed.\u003C\u002Fp>\n\u003Cp>Users with ‘unfiltered_html’ WP core capability (by default administrator and editor roles), will be excluded from the filter.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOTE: This program is distributed under \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GPL2\u003C\u002Fa> licence in the hope that it will be useful, but WITHOUT ANY WARRANTY. I’m not responsible of ANY trouble or damage your site may have due to the use of this plugin. YOU and only YOU are responsible of your site and having backups and restoration plans. If you use this plugin you’re accepting this.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FKISS_principle\" rel=\"nofollow ugc\">KISS\u003C\u002Fa> philosofy 🙂\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 4.x or higher.\u003C\u002Fli>\n\u003C\u002Ful>\n","Removes a lot of HTML tags from post and page content before inserting it to database. Preventing users to paste undesired HTML tags to content.",200,5254,5,"2020-04-10T12:46:00.000Z","5.4.19","4.0",[49,50,51,52,53],"editor","html","post-content","strip-tags","tinymce","http:\u002F\u002Fwww.samuelaguilera.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafe-paste.1.1.9.zip",85,"2026-03-15T15:16:48.613Z",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":11,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":14,"tags":70,"homepage":72,"download_link":73,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":57},"aye-aye-frame","Aye Aye Frame","1","utcwebdesign","https:\u002F\u002Fprofiles.wordpress.org\u002Futcwebdesign\u002F","\u003Cp>WordPress is such an awesome tool that it even strips some HTML, such as iframes, as a security measure. Unfortunately sometimes we need to use iframes so Aye Aye Frame gives you back that freedom with the use of a shortcode [ayeframe]. Simply wrap the url you would like to feature in the custom shortcode –\u003C\u002Fp>\n\u003Cp>[ayeframe]YOUR URL HERE[\u002Fayeframe]\u003C\u002Fp>\n\u003Cp>and hey presto! you have an iframe on your WordPress blog.\u003C\u002Fp>\n\u003Cp>The code or url you insert between the shortcode tags is the equivalent of the ‘src’ section of the iframe code.\u003C\u002Fp>\n\u003Cp>Customise your Aye Aye Frame\u003C\u002Fp>\n\u003Cp>As with normal iframes, extra parameters can be added to customise the size, borders and other elements. Any, all or none of these parametres may be used.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    Extra parameters\n    'width' = Takes a number to customise the width of the iframe. Default = 250\n    'height' = Takes a number to customise the height of the iframe. Default = 250\n    'frameborder' = Specifies whether to add a border to the iframe (0 = no, 1 = yes). Default = 0\n    'marginheight' = Specifies the top and bottom margins of an iframe. Default = 0\n    'marginwidth' = Specifies the left and right margins of an iframe. Default = 0\n    'name' = Specifies the name of the iframe. Default = No default\u003Cbr \u002F>\n    'scrolling' = Specifies whether or not to display scrollbars in an iframe (yes, no, auto). Default = auto\n    'id'= Specifies the id of your iframe. No default\n    'class' = Specifies the class name of your iframe. Default = No default\n    'title' = Specifies the title of your iframe. No default\n\n    Example usage of extra parameters\n\n   [ayeframe width=500 height=500 frameborder=1 marginheight=5 marginwidth=5 name=myFrameName scrolling=0 id=myFrameID class=myFrameClass title=myFrameTitle]http:\u002F\u002Fwww.my_ayeframe_url[\u002Fayeframe]\n\n   Any questions?\n    Aye Aye Frame was created just for fun (thats right, FUN!) by Christian Senior at www.utcwebdesign.co.uk but if you have any questions or suggestions you are welcome to get in touch using the contact information on the website.\n    Keep up to date with this plugin at http:\u002F\u002Fwww.utcwebdesign.co.uk\u002Fblog\u002Fdevelopment\u002Faye-aye-frame-wordpress-plugin\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Allows the use of iframes in your blog using a custom shortcode",1970,"2011-09-20T07:01:00.000Z","3.2.1","3.0",[50,71,52],"iframe","http:\u002F\u002Fwww.utcwebdesign.co.uk\u002Fblog\u002Fdevelopment\u002Faye-aye-frame-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faye-aye-frame.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":11,"downloaded":82,"rating":13,"num_ratings":13,"last_updated":83,"tested_up_to":84,"requires_at_least":14,"requires_php":14,"tags":85,"homepage":89,"download_link":90,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":57},"photoblog-image-fixer","PhotoBlog Image Fixer","1.4","MartyThornley","https:\u002F\u002Fprofiles.wordpress.org\u002Fmartythornley\u002F","\u003Cp>PhotoBlog Image Fixer allows better image sizing and removes those ugly squished images when you accidently upload a larger image.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Removes the inline height dimension added by the WordPress content filter.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Adds class names to the automatically generated p tags that wrap each image as well as the image itself.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Adds a quick line of CSS to the page making images in a p tag have a max-width of 100% of the containing element\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","PhotoBlog Image Fixer allows better image sizing ensuring that the largest possible image is 100% of the post area, without extending past the edges.",3002,"2014-10-17T23:39:00.000Z","4.0.38",[86,87,88],"image-p-tags-autop","images","photoblog","http:\u002F\u002Fphotographyblogsites.com\u002Fresources\u002Fwordpress-plugins\u002Fphotoblog-image-fixer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphotoblog-image-fixer.zip",{"attackSurface":92,"codeSignals":105,"taintFlows":112,"riskAssessment":113,"analyzedAt":120},{"hooks":93,"ajaxHandlers":101,"restRoutes":102,"shortcodes":103,"cronEvents":104,"entryPointCount":13,"unprotectedCount":13},[94],{"type":95,"name":96,"callback":97,"priority":98,"file":99,"line":100},"filter","the_content","ub_remove_empty_paragraphs",11,"remove-unwanted-ptags.php",13,[],[],[],[],{"dangerousFunctions":106,"sqlUsage":107,"outputEscaping":109,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":111},[],{"prepared":13,"raw":13,"locations":108},[],{"escaped":13,"rawEcho":13,"locations":110},[],[],[],{"summary":114,"deductions":115},"The \"remove-unwanted-p-tags\" plugin v1.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, SQL queries without prepared statements, unsanitized taint flows, or unescaped output indicates a well-written codebase that adheres to secure coding practices. Furthermore, the plugin has no known vulnerabilities, CVEs, or historical security issues, which suggests a history of responsible development and maintenance. The lack of any attack surface points, such as AJAX handlers, REST API routes, or shortcodes, further minimizes the potential for external exploitation.\n\nDespite the overwhelmingly positive findings, a notable concern is the complete lack of capability checks and nonce checks across any potential entry points. While the current version has no apparent entry points, if future updates introduce any such mechanisms (like AJAX or REST API endpoints), the absence of these security measures could create significant vulnerabilities. The plugin relies heavily on its minimal attack surface for security, which is a fragile approach. A more robust approach would incorporate capability and nonce checks even for minimal entry points.\n\nIn conclusion, the \"remove-unwanted-p-tags\" plugin v1.0 is currently secure due to its simple functionality and lack of exposed entry points and vulnerabilities. However, developers should be aware that the absence of built-in checks like nonces and capability checks represents a latent risk that could be exploited if the plugin's functionality expands in the future without addressing these fundamental security practices. The plugin's strengths lie in its clean code and zero vulnerability history, while its primary weakness is its reliance on an unproven security model for future expansions.",[116,118],{"reason":117,"points":11},"No capability checks detected",{"reason":119,"points":11},"No nonce checks detected","2026-03-16T23:16:28.874Z",{"wat":122,"direct":128},{"assetPaths":123,"generatorPatterns":125,"scriptPaths":126,"versionParams":127},[124],"\u002Fwp-content\u002Fplugins\u002Fremove-unwanted-p-tags\u002Fremove-unwanted-ptags.php",[],[],[],{"cssClasses":129,"htmlComments":130,"htmlAttributes":131,"restEndpoints":132,"jsGlobals":133,"shortcodeOutput":134},[],[],[],[],[],[]]