[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKaAlfAapj_aHWmaAl_T22oLjAnkKCqZMKIdJAwEIDKU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":131,"fingerprints":170},"show-template","Show Template","1.1","Matt Martz","https:\u002F\u002Fprofiles.wordpress.org\u002Fsivel\u002F","\u003Cp>Prints an html comment in the footer of every page letting you know which template file of your theme was used for the display.\u003C\u002Fp>\n\u003Cp>This plugin is aimed towards theme developers and for theme support. It is recommended to only have this plugin activated during development or support as it will expose your file system path structure.\u003C\u002Fp>\n\u003Cp>Props to \u003Ca href=\"http:\u002F\u002Fflushinc.com\u002F\" rel=\"nofollow ugc\">Joel Fisher\u003C\u002Fa> for the idea behind this plugin.\u003C\u002Fp>\n\u003Ch3>Upgrade\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Use the plugin updater in WordPress or…\u003C\u002Fli>\n\u003Cli>Delete the previous \u003Ccode>show-template\u003C\u002Fcode> folder from the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Upload the new \u003Ccode>show-template\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate.\u003C\u002Fli>\n\u003Cli>View source of your blog through your web browser.  You will see a html comment in the form of \u003Ccode>\u003C!-- Active Template: \u002Fhome\u002Fusername\u002Fpublic_html\u002Fwordpress\u002Fwp-content\u002Fthemes\u002Fdefault\u002Findex.php -->\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n","Prints an html comment in the footer of every page letting you know which template file of your theme was used for the display.",80,7825,100,1,"2010-09-12T15:14:00.000Z","3.1.4","3.0","",[20,21,4,22,23],"development","show","template","theme","http:\u002F\u002Fsivel.net\u002Fwordpress\u002Fshow-template\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-template.1.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"sivel",12,5340,30,84,"2026-04-04T04:44:30.733Z",[39,57,76,94,110],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":13,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":17,"requires_php":18,"tags":51,"homepage":55,"download_link":56,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"category-template-hierarchy","Category Template Hierarchy","1.3.2.1","Eddie Moya","https:\u002F\u002Fprofiles.wordpress.org\u002Feddiemoya\u002F","\u003Cp>Adds several new templates to the template hierarchy:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>child-of-category-{slug}.php\u003C\u002Fli>\n\u003Cli>category-{slug}.php\u003C\u002Fli>\n\u003Cli>child-of-category-{id}.php\u003C\u002Fli>\n\u003Cli>category-{term_id}.php\u003C\u002Fli>\n\u003Cli>parent-category.php\u003C\u002Fli>\n\u003Cli>child-category.php\u003C\u002Fli>\n\u003Cli>category.php\u003C\u002Fli>\n\u003Cli>archive.php\u003C\u002Fli>\n\u003Cli>index.php\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This greatly extends the native hierarchy of theme templates with regard to\u003Cbr \u002F>\ncategories. Theme developers can now easily create separate templates for\u003Cbr \u002F>\ncategories with children, with parents, and children of specific parents.\u003C\u002Fp>\n\u003Cp>Additionally makes available four (4) new conditional template tags:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>is_child_category();\u003C\u002Fli>\n\u003Cli>is_parent_category();\u003C\u002Fli>\n\u003Cli>is_child_of_category();\u003C\u002Fli>\n\u003Cli>is_parent_of_category();\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These functions are available for use in any theme or plugin as along as this\u003Cbr \u002F>\nplugin is active. For detailed documentation of these functions see the\u003Cbr \u002F>\n‘Developer Notes: Conditional Tags’ section of this readme file.\u003C\u002Fp>\n\u003Cp>Note: This plugin does not actually create parent-category.php, child-category.php\u003Cbr \u002F>\nor any of their related templates – rather it modifies the native \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTemplate_Hierarchy\" rel=\"nofollow ugc\">template hierarchy\u003C\u002Fa>\u003Cbr \u002F>\nto allow theme developers to create specific templates for parent and child categories.\u003C\u002Fp>\n\u003Ch3>Developer Notes: Template Hierarchy\u003C\u002Fh3>\n\u003Cp>What follows are is the modified list of templates available for category pages.\u003Cbr \u002F>\nThese expand upon the native \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTemplate_Hierarchy#Visual_Overview\" rel=\"nofollow ugc\">Template Hierarchy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>child-of-category-{slug}.php\u003C\u002Fli>\n\u003Cli>category-{slug}.php\u003C\u002Fli>\n\u003Cli>child-of-category-{id}.php\u003C\u002Fli>\n\u003Cli>category-{term_id}.php\u003C\u002Fli>\n\u003Cli>parent-category.php\u003C\u002Fli>\n\u003Cli>child-category.php\u003C\u002Fli>\n\u003Cli>category.php\u003C\u002Fli>\n\u003Cli>archive.php\u003C\u002Fli>\n\u003Cli>index.php\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The parent and child templates only become available if the current category is\u003Cbr \u002F>\na parent or a child respectively.\u003C\u002Fp>\n\u003Cp>Note: This plugin does not actually create parent-category.php, child-category.php\u003Cbr \u002F>\nor any of their related templates – rather it modifies the native \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTemplate_Hierarchy\" rel=\"nofollow ugc\">template hierarchy\u003C\u002Fa>\u003Cbr \u002F>\nto allow theme developers to create specific templates for parent and child categories.\u003C\u002Fp>\n\u003Ch3>Developer Notes: Conditional Tags\u003C\u002Fh3>\n\u003Cp>With this plugin comes two additional \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FConditional_Tags\" rel=\"nofollow ugc\">conditional tags\u003C\u002Fa>\u003Cbr \u002F>\nwhich behave much like any other in WordPress. In a similar fashion to how one\u003Cbr \u002F>\nmight use \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fis_category\" rel=\"nofollow ugc\">is_category()\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fcat_is_ancestor_of\" rel=\"nofollow ugc\">cat_is_ancestory_of()\u003C\u002Fa>,\u003Cbr \u002F>\ndevelopers may, with this plugin, use the following functions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>is_parent_category()\u003C\u002Fli>\n\u003Cli>is_child_category()\u003C\u002Fli>\n\u003Cli>is_child_of_category()\u003C\u002Fli>\n\u003Cli>is_parent_of_category()\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Description (part 1)\u003C\u002Fh4>\n\u003Cp>The \u003Ccode>is_parent_category()\u003C\u002Fcode> and \u003Ccode>is_child_category()\u003C\u002Fcode> conditional tags check if\u003Cbr \u002F>\nthe page being displayed (or passed as an argument) is of a category that has\u003Cbr \u002F>\nchildren (e.g. is a parent category)  has a parent (is a child), respectively.\u003Cbr \u002F>\nThey are boolean functions, meaning they return either TRUE or FALSE.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php is_parent_category( $category ); ?>\n\u003C?php is_child_category( $category ); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Parameters\u003C\u002Fh4>\n\u003Cp>$category (integer\u002Fstring\u002Fobject) (optional) Category ID, Category Slug, Category Object. Default: Current Category\u003C\u002Fp>\n\u003Cp>Note: Unlike is_category(), these functions will not take arrays of categories or category titles. I’ll work on that. Sorry.\u003C\u002Fp>\n\u003Ch4>Return Values\u003C\u002Fh4>\n\u003Cp>(boolean) True on success, false on failure.\u003C\u002Fp>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>is_parent_category()\nis_child_category()\n\u002F\u002F When any parent\u002Fchild category archive page is being displayed\n\nis_parent_category( '9' );\nis_child_category( '9' );\n\u002F\u002F When the archive page for Category 9 is being displayed AND its a parent\u002Fchild.\n\nis_parent_category( 'blue-cheese' );\nis_child_category( 'blue-cheese' );\n\u002F\u002F When the archive page for the Category with Category Slug \"blue-cheese\" is being displayed AND its a parent\u002Fchild.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Description (part 2)\u003C\u002Fh4>\n\u003Cp>The \u003Ccode>is_parent_of_category()\u003C\u002Fcode> and \u003Ccode>is_child_of_category()\u003C\u002Fcode> conditional tags\u003Cbr \u002F>\ncheck if a given category has a parent or child relationship to the current\u003Cbr \u002F>\ncategory or a category passed as its second parameter. They are\u003Cbr \u002F>\nboolean functions, meaning they return either TRUE or FALSE.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php is_parent_of_category($child_category, $parent_category, $direct_descendant); ?>\n\u003C?php is_child_of_category($parent_category, $child_category, $direct_descendant);?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Parameters\u003C\u002Fh4>\n\u003Cp>(object\u002Fstring\u002Finteger) (required) Category of the would-be parent\u002Fchild respectively.\u003Cbr \u002F>\n(object\u002Fstring\u002Finteger) (optional) Category of the would-be child\u002Fparent respectfully. Default: Current Category\u003Cbr \u002F>\n(boolean) (optional) Whether or not the child should be a direct child of the parent. Default: True\u003Cbr \u002F>\n *\u003C\u002Fp>\n\u003Ch4>Return Values\u003C\u002Fh4>\n\u003Cp>(boolean) If the $direct_descendant flag set to true, function returns true if the child is a direct descendant of the parent, if child is no direct it will return false. If $direct_descendant is set to false it will return the same results as cat_is_ancestor_of().\u003C\u002Fp>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Cp>The following function will return True…\u003C\u002Fp>\n\u003Cpre>\u003Ccode>is_child_of_category(0);\n\u002F\u002F When a top level category is being displayed, zero being the parent id value for top level categories (e.g. categories with no parents).\n\nis_child_of_category(12);\n\u002F\u002F When the current category is a direct child of the category whose ID is '12'.\n\nis_child_of_category('tv-shows')\n\u002F\u002F When the current category is a direct child of the category with the slug 'tv-shows' (can also be category ID's).\n\nis_child_of_category('tv-shows', 'dexter');\n\u002F\u002F When the category with slug 'dexter' is a direct child of the category with the slug 'tv-shows' (can also be category ID's). This may come in handy when manipulating categories while not in a category template.\n\nis_child_of_category('tv-shows', 'dexter', false);\n\u002F\u002F When the category with the slug 'dexter' is a descendant of the category 'tv-shows' at any level. (uses cat_is_ancestor_of())\n\nis_child_of_category('tv-shows', null, false);\n\u002F\u002F When the current category is a descendant of the 'tv-shows' category at any level. (uses cat_is_ancestor_of())\n\nis_parent_of_category(13);\n\u002F\u002F When the current category is the direct parent of a category with the ID '13'.\n\nis_parent_of_category('dexter');\n\u002F\u002F When the current category is the direct parent of the category with the slug 'dexter'.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Backward Compatibility\u003C\u002Fh3>\n\u003Cp>The changes this plugin makes to the template hierarchy are significantly different\u003Cbr \u002F>\nfrom that in 1.0.5 and before. If you prefer to use that version please find it\u003Cbr \u002F>\nin the Older Versions in the WordPress plugins directory, it is tagged as 1.0.5.\u003C\u002Fp>\n\u003Cp>While I do not actively support to QA the older version, I would gladly take a\u003Cbr \u002F>\nlook at any future bugs that crop up and are reported.\u003C\u002Fp>\n","Adds parent-category.php, child-category.php, and child-category-{slug|id} templates to the hierarchy and conditional tags to match.",18999,3,"2012-03-24T03:12:00.000Z","3.3.2",[52,53,22,23,54],"category","hierarchy","theme-development","http:\u002F\u002Feddiemoya.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-template-hierarchy.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":13,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"what-template-am-i-using","What Template Am I Using","0.2.0","webdeveric","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebdeveric\u002F","\u003Cp>This plugin is intended for theme developers to use. It shows the current template being used to render the page, current post type, and much more.\u003C\u002Fp>\n\u003Cp>The info is only displayed for users that have the edit_theme_options capability.\u003C\u002Fp>\n\u003Cp>Information displayed:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Current template\u003C\u002Fli>\n\u003Cli>General Information (post type, are you on the front page, etc.)\u003C\u002Fli>\n\u003Cli>Additional files used. For example, header.php or footer.php\u003C\u002Fli>\n\u003Cli>What sidebars are being used and what widgets are in them.\u003C\u002Fli>\n\u003Cli>List of enqueued scripts and styles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>This plugin is intended for use by theme developers and it requires a standards compliant browser. This plugin will not work in IE8 or below.\u003C\u002Fstrong>\u003C\u002Fp>\n","This plugin is intended for theme developers to use. It shows the current template being used to render the page, current post type, and much more.",9190,96,13,"2015-12-08T05:17:00.000Z","4.4.0","3.1.0",[72,73,22,54],"debug","server-information","http:\u002F\u002Fphplug.in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-template-am-i-using.0.2.0.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":91,"download_link":92,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":93},"current-page-template-viewer","Current Page Template Viewer","1.1.0","Nagaoka Design","https:\u002F\u002Fprofiles.wordpress.org\u002Fnagaokadesign\u002F","\u003Cp>This plugin helps WordPress developers by showing which template files are being used on the current page. It displays the current template file name and directory path in a convenient overlay, making it easy to identify which template is rendering the current page during development.\u003C\u002Fp>\n\u003Cp>The plugin shows a small, unobtrusive display that can be clicked to reveal detailed information about all template files loaded for the current page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Shows current template file name\u003Cbr \u002F>\n* Displays template directory path\u003Cbr \u002F>\n* Click to view all included template files\u003Cbr \u002F>\n* Configurable display position (top-left, top-right, bottom-left, bottom-right)\u003Cbr \u002F>\n* Customizable background and text colors\u003Cbr \u002F>\n* Admin-only display option for security\u003Cbr \u002F>\n* Debug mode option (only shows when WP_DEBUG is enabled)\u003Cbr \u002F>\n* Lightweight and performance-optimized\u003Cbr \u002F>\n* Clean, modern interface\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect for:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Theme developers\u003Cbr \u002F>\n* WordPress developers\u003Cbr \u002F>\n* Site debugging\u003Cbr \u002F>\n* Template hierarchy understanding\u003Cbr \u002F>\n* Development and staging environments\u003C\u002Fp>\n\u003Cp>The plugin is designed to be completely safe and non-intrusive, with options to restrict visibility to administrators only.\u003C\u002Fp>\n","Display current template file and directory name on screen for WordPress development.",10,319,"6.8.5","5.0","7.4",[72,90,20,22,23],"developer","https:\u002F\u002Fgithub.com\u002Fnagaoka-design\u002Fcurrent-page-template-viewer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcurrent-page-template-viewer.1.1.0.zip","2026-03-15T10:48:56.248Z",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":27,"downloaded":102,"rating":27,"num_ratings":27,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":88,"tags":106,"homepage":108,"download_link":109,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"current-template-insights","Current Template Insights","1.0.3","macurious","https:\u002F\u002Fprofiles.wordpress.org\u002Fmacurious\u002F","\u003Cp>\u003Cstrong>Displays the current template file and key page details in the WordPress admin bar for logged-in administrators.\u003C\u002Fstrong>\u003Cbr \u002F>\nNo setup required: just install, activate, and see the info bar on any front-end page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Shows “📄 Template: ” in the front-end admin bar\u003Cbr \u002F>\n– Details on hover\u002Fclick: full template path, post ID, post type, slug, theme name & version, locale, body classes, query vars, conditionals, DB query count, memory usage, and more\u003Cbr \u002F>\n– No settings page, no configuration\u003Cbr \u002F>\n– Works with classic and block\u002FFSE themes (special info for block themes)\u003Cbr \u002F>\n– Developer-friendly, lightweight, no bloat\u003C\u002Fp>\n","Quickly view the active template file and important page information directly in your WordPress admin bar.",347,"2025-12-17T16:14:00.000Z","6.9.4","5.5",[107,72,20,22,23],"admin-bar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcurrent-template-insights\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcurrent-template-insights.1.0.3.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":104,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":129,"download_link":130,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"what-the-file","What The File","1.6.1","Barry Kooij","https:\u002F\u002Fprofiles.wordpress.org\u002Fbarrykooij\u002F","\u003Cp>What The File adds an option to your toolbar showing what file and template parts are used to display the page you’re currently viewing.\u003C\u002Fp>\n\u003Cp>You can click the file name to directly edit it through the theme editor, though I don’t recommend this for bigger changes.\u003C\u002Fp>\n\u003Cp>What The File supports BuddyPress and Roots Theme based themes.\u003C\u002Fp>\n\u003Cp>More information can be found \u003Ca href=\"http:\u002F\u002Fwww.barrykooij.com\u002Fwhat-the-file\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Looking for a great related posts plugin for WordPress?\u003C\u002Fh4>\n\u003Cp>Another plugin I’ve built, that I’m very proud of is Related Posts for WordPress. Related Posts for WordPress offers you the ability to link related posts to each other with just 1 click! And it’s 100% free! \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frelated-posts-for-wp\u002F\" rel=\"ugc\">Check it out on the WordPress repository.\u003C\u002Fa>\u003C\u002Fp>\n","What The File is the best tool to find out what template parts are used to display the page you're currently viewing!",40000,585647,98,882,"2026-02-19T17:21:00.000Z","3.1","5.3",[20,126,22,127,128],"file","template-editing","toolbar","http:\u002F\u002Fwww.barrykooij.com\u002Fwhat-the-file\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-the-file.1.6.1.zip",{"attackSurface":132,"codeSignals":148,"taintFlows":162,"riskAssessment":163,"analyzedAt":169},{"hooks":133,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":27,"unprotectedCount":27},[134,140],{"type":135,"name":136,"callback":137,"priority":27,"file":138,"line":139},"action","template_redirect","check_template","show-template.php",22,{"type":135,"name":141,"callback":142,"priority":13,"file":138,"line":143},"wp_footer","show_template",46,[],[],[],[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":161},[],{"prepared":27,"raw":27,"locations":151},[],{"escaped":27,"rawEcho":48,"locations":153},[154,157,159],{"file":138,"line":155,"context":156},65,"raw output",{"file":138,"line":158,"context":156},69,{"file":138,"line":160,"context":156},70,[],[],{"summary":164,"deductions":165},"The \"show-template\" v1.1 plugin exhibits a seemingly robust security posture based on the static analysis provided. It boasts a zero-attack surface in terms of common entry points like AJAX handlers, REST API routes, shortcodes, and cron events, with no unprotected handlers or routes identified. The code also demonstrates good practices by using prepared statements for all SQL queries and refraining from dangerous functions, file operations, or external HTTP requests.  The absence of any recorded vulnerabilities, CVEs, or taint analysis findings further strengthens this positive impression.\n\nHowever, a significant concern arises from the output escaping analysis, which indicates that 100% of the detected outputs are not properly escaped. This represents a considerable risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or dynamic content could be injected into the output without proper sanitization, potentially leading to malicious code execution in the user's browser.  The lack of any capability checks or nonce checks, while not directly linked to the attack surface, also indicates a potential for insecure handling of operations if they were to be introduced in future versions. Despite the strengths in preventing direct code execution vulnerabilities, the unescaped output is a critical weakness that must be addressed.",[166],{"reason":167,"points":168},"100% of outputs unescaped",8,"2026-03-16T21:28:20.801Z",{"wat":171,"direct":176},{"assetPaths":172,"generatorPatterns":173,"scriptPaths":174,"versionParams":175},[],[],[],[],{"cssClasses":177,"htmlComments":178,"htmlAttributes":181,"restEndpoints":182,"jsGlobals":183,"shortcodeOutput":184},[],[179,180],"\u003C!-- Active Template: {$this->template} -->","\u003C!--\n\nThe template loader logic has chosen a different template than what was used.\n\nChosen Template: {$this->template}\nActual Template: $fudge\n\nThis will usually occur if the template file was overriden using an action on template_redirect.\nThis is a best effort guess to catch such scenarios as mentioned above but can be incorrect.\n-->",[],[],[],[]]