[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjYXQ9waqNVPzoPKy3dqQ5NbtiLWgvzAMTIheZonaL0o":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":46,"crawl_stats":37,"alternatives":50,"analysis":128,"fingerprints":315},"syntax-highlighter-compress","Syntax Highlighter Compress","3.0.83.3","agmorpheus","https:\u002F\u002Fprofiles.wordpress.org\u002Fagmorpheus\u002F","\u003Cp>Syntax Highlighter ComPress is a simple WordPress plugin, that is based on the latest \u003Ca href=\"http:\u002F\u002Falexgorbatchev.com\u002Fwiki\u002FSyntaxHighlighter\" rel=\"nofollow ugc\">Alex Gorbatchev’s SyntaxHighlighter Script\u003C\u002Fa>. Code and source text of different mark-up or programming languages can be highlighted in WordPress.\u003C\u002Fp>\n\u003Cp>There are other WordPress plugin based on the SyntaxHighlighter Script but these cause long page loading times and they are difficult to handle. The advantage of Syntax Highlighter ComPress is that only necessary brush files will be loaded dynamically. Another advantage is that your code can easily pasted into your posts, no need to replace all ‘\u003Ccode>\u003C\u003C\u002Fcode>‘ with ‘\u003Ccode>\u003C\u003C\u002Fcode>‘.\u003C\u002Fp>\n\u003Cp>Supported mark-up or programming are: AppleScript, ActionScript3, Bash\u002Fshell, Coldfusion, C#, C++, CSS, Delphi, Diff, Erlang, Groovy, JavaScript, Java, JavaFX, Perl, PHP, Plain Text, Python, Ruby, Scala, SQL, Visual Basic and XML.\u003C\u002Fp>\n\u003Cp>The plugin is localized in English, German and Romanian.\u003C\u002Fp>\n","Syntax Highlighter ComPress is a plugin for code syntax highlighting. It loads fast on the website and code can pasted easily into Wordpress.",100,23846,96,5,"2011-11-28T14:52:00.000Z","3.2.1","2.6","",[20,21,22,23,24],"code","highlight","highlighter","syntax","syntaxhighlighter","http:\u002F\u002Fwww.phodana.de\u002Fwordpress\u002Fwp-plugin-syntax-highlighter-compress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsyntax-highlighter-compress.zip",63,1,"2026-01-16 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-68859","syntax-highlighter-compress-reflected-cross-site-scripting","Syntax Highlighter Compress \u003C= 3.0.83.3 - Reflected Cross-Site Scripting","The Syntax Highlighter Compress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.0.83.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=3.0.83.3","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-01-19 15:53:11",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9b261abb-0af2-4a06-ae79-7661bab1b727?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":47,"trust_score":48,"computed_at":49},30,68,"2026-04-04T21:01:22.500Z",[51,70,85,98,111],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":11,"num_ratings":28,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":18,"tags":64,"homepage":66,"download_link":67,"security_score":68,"vuln_count":69,"unpatched_count":69,"last_vuln_date":37,"fetched_at":30},"wp-syntaxhighlighter","WP SyntaxHighlighter","1.7.3","redcocker","https:\u002F\u002Fprofiles.wordpress.org\u002Fredcocker\u002F","\u003Cp>This plugin is code syntax highlighter based on Alex Gorbatchev’s SyntaxHighlighter ver. 3.0.83 and 2.1.382.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Based on Alex Gorbatchev’s “\u003Ca href=\"http:\u002F\u002Falexgorbatchev.com\u002FSyntaxHighlighter\u002F\" title=\"SyntaxHighlighter\" rel=\"nofollow ugc\">SyntaxHighlighter\u003C\u002Fa>” JavaScript library.\u003C\u002Fli>\n\u003Cli>Including both SyntaxHighlighter 3.0.83 and 2.1.382.(Can switch between 3.0.83 and 2.1.382.)\u003C\u002Fli>\n\u003Cli>Built-in TinyMCE buttons and Quicktag button are easy to operate.\u003C\u002Fli>\n\u003Cli>Easy to wrap your code in \u003Ccode>\u003Cpre>\u003C\u002Fcode> tag and change options of previously-wrapped code.\u003C\u002Fli>\n\u003Cli>Support \u003Ca href=\"http:\u002F\u002Fen.support.wordpress.com\u002Fcode\u002Fposting-source-code\u002F\" title=\"shortcode\" rel=\"nofollow ugc\">shortcode\u003C\u002Fa> also.\u003C\u002Fli>\n\u003Cli>Easy to highlight code in comments using buttons.(WordPress 3.0 or higher)\u003C\u002Fli>\n\u003Cli>Widget to show highlighted code.\u003C\u002Fli>\n\u003Cli>Support \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbbpress\u002F\" title=\"bbPress\" rel=\"ugc\">bbPress\u003C\u002Fa> plugin 2.0 or higher.\u003C\u002Fli>\n\u003Cli>Support “\u003Ca href=\"http:\u002F\u002Falexgorbatchev.com\u002FSyntaxHighlighter\u002Fmanual\u002Fapi\u002Fautoloader.html\" title=\"A key feature\" rel=\"nofollow ugc\">Dynamic Brush Loading\u003C\u002Fa>” which allows to load only necessary brush files dynamically.\u003C\u002Fli>\n\u003Cli>Loading JavaScripts on only posts, pages, home, archives, search results and comments which have the code to highlight.\u003C\u002Fli>\n\u003Cli>Easy to configure features through the setting panel.\u003C\u002Fli>\n\u003Cli>Localization: English(Default), 日本語(Japanese, UTF-8).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported languages\u003C\u002Fh4>\n\u003Cp>AppleScript, ActionScript3, Bash, ColdFusion, C, C++, C#, CSS, Delphi, Diff, Erlang, Groovy, HTML, Java, Java FX, JavaScript, Pascal, Patch, Perl, PHP, Plain text, PowerShell, Python, Ruby, Ruby on Rails, Sass, SCSS, Shell, SQL, VB, VB NET, XHTML, XML and XSLT\u003C\u002Fp>\n\u003Cp>Note: A part of languages are only for SyntaxHighlighter 3.0.\u003C\u002Fp>\n\u003Cp>You can also use a bundled plugin to add following languages.\u003C\u002Fp>\n\u003Cp>Biferno, Clojure, DOS batch file, F#, LISP, Lua(only for SyntaxHighlighter 3.0), MEL Script, Objective-C, PowerCLI, Processing, R, S, S-PLUS, Tcl, Verilog, Vim Script and YAML\u003C\u002Fp>\n\u003Cp>For details, see “sample” directory.\u003C\u002Fp>\n\u003Cp>There are many other languages for “SyntaxHighlighter”. But I can’t bundle them because they are not compatible with this plugin license. If you want, try to search.\u003C\u002Fp>\n\u003Ch4>Recommended plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>“\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsyntaxhighlighter-tinymce-button\u002F\" title=\"SyntaxHighlighter TinyMCE Button\" rel=\"ugc\">SyntaxHighlighter TinyMCE Button\u003C\u002Fa>” can provide feature-rich tinyMCE buttons for SyntaxHighlighter.\u003C\u002Fli>\n\u003Cli>“\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcodemirror-for-codeeditor\u002F\" title=\"CodeMirror for CodeEditor\" rel=\"ugc\">CodeMirror for CodeEditor\u003C\u002Fa>” can highlight sourcecodes in theme and plugin editor and provide a useful toolbar.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Thanks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>“SyntaxHighlighter” libraries was created by \u003Ca href=\"http:\u002F\u002Falexgorbatchev.com\u002FSyntaxHighlighter\u002F\" title=\"Alex Gorbatchev\" rel=\"nofollow ugc\">Alex Gorbatchev\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushBiferno.js” was created by \u003Ca href=\"http:\u002F\u002Fwww.sandrobilbeisi.org\u002Fwp\u002Fworks\u002Fweb-development\u002Fbiferno-javascript-brush-for-syntaxhighlighter-shbrush-js\u002F\" title=\"Sandro Bilbeisi\" rel=\"nofollow ugc\">Sandro Bilbeisi\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushClojure.js” was created by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsattvik\u002Fsh-clojure\" title=\"Daniel Solano Gómez\" rel=\"nofollow ugc\">Daniel Solano Gómez\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushDosBatch-V2.js” and “shBrushDosBatch-V3.js” were created by \u003Ca href=\"http:\u002F\u002Fwww.ab-tools.com\u002Fen\u002F\" title=\"Andreas Breitschopp\" rel=\"nofollow ugc\">Andreas Breitschopp\u003C\u002Fa>. He also developed \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fprofile\u002Fab-tools\" title=\"nice plugins\" rel=\"ugc\">nice plugins\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>F# brush was written by \u003Ca href=\"http:\u002F\u002Fstevegilham.blogspot.com\u002F2009\u002F10\u002Fsyntaxhighlighter-20-brushes-for-f-and.html\" title=\"Steve Gilham\" rel=\"nofollow ugc\">Steve Gilham\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushLisp.js” was created by \u003Ca href=\"http:\u002F\u002Fblog.knuthaugen.no\u002F2009\u002F10\u002Fa-syntaxhighlighter-brush-for-lisp.html\" title=\"Knut Haugen\" rel=\"nofollow ugc\">Knut Haugen\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushLua.js” was created by \u003Ca href=\"http:\u002F\u002Fikpil.com\u002F1191\" title=\"최익필\" rel=\"nofollow ugc\">최익필\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushMel.js” was created by \u003Ca href=\"http:\u002F\u002Fwww.skyebook.net\u002Fblog\u002F2011\u002F02\u002Fsyntaxhighlighter-brush-for-mel-script\u002F\" title=\"Skye Book\" rel=\"nofollow ugc\">Skye Book\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushObjC.js” was created by \u003Ca href=\"http:\u002F\u002Fwww.bukovinski.com\" title=\"Matej Bukovinski\" rel=\"nofollow ugc\">Matej Bukovinski\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushPowerCLI.js” was created by \u003Ca href=\"http:\u002F\u002Fvm-pro.com\u002Fvmware-powercli-syntax-highlighter-brush\u002F\" title=\"Dan J\" rel=\"nofollow ugc\">Dan J\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushProcessing.js” was created by \u003Ca href=\"http:\u002F\u002Fen.myinventions.pl\u002Findex.php?page=ProcessingSyntaxHighlighting\" title=\"Sebastian Korczak\" rel=\"nofollow ugc\">Sebastian Korczak\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>The css for “shBrushProcessing.js” was written by \u003Ca href=\"http:\u002F\u002Fen.myinventions.pl\u002Findex.php?page=ProcessingSyntaxHighlighting\" title=\"Sebastian Korczak\" rel=\"nofollow ugc\">Sebastian Korczak\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushR.js” was created by \u003Ca href=\"http:\u002F\u002Fyihui.name\u002Fen\u002F2010\u002F09\u002Fsyntaxhighlighter-brush-for-the-r-language\" title=\"Yihui Xie\" rel=\"nofollow ugc\">Yihui Xie\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushTcl.js” was created by \u003Ca href=\"http:\u002F\u002Fwww.henix-blog.co.cc\u002Fblog\u002Ftcl-syntaxhighlighter-brush.html\" title=\"henix\" rel=\"nofollow ugc\">henix\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushVerilog.js” was created by \u003Ca href=\"http:\u002F\u002Fwww.hdelossantos.com\u002F2010\u002F05\u002F20\u002Fverilog-syntaxhighlighter-brush\u002F\" title=\"Hanly De Los Santos\" rel=\"nofollow ugc\">Hanly De Los Santos\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushVimscript.js” was created by \u003Ca href=\"http:\u002F\u002Fvimcasts.org\u002Fblog\u002F2010\u002F04\u002Fsyntaxhighlighter-vimscript-brush-and-blackboard-theme\u002F\" title=\"nelstrom(Drew Neil)\" rel=\"nofollow ugc\">nelstrom(Drew Neil)\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>“shBrushYaml.js” was created by \u003Ca href=\"http:\u002F\u002Fprendreuncafe.com\u002Fblog\u002Fpost\u002F2009\u002F07\u002F26\u002FYAML-Brush-for-the-SyntaxHighlighter-Javascript-Library\" title=\"Nicolas Perriault\" rel=\"nofollow ugc\">Nicolas Perriault\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.judahfrangipane.com\u002Fblog\u002F\" title=\"Judah\" rel=\"nofollow ugc\">Judah\u003C\u002Fa> revised the awkward descriptive text that was shown before comment form.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin is code syntax highlighter based on SyntaxHighlighter ver. 3.0.83 and 2.1.382.",300,49974,"2012-02-29T02:02:00.000Z","3.3.2","2.8",[20,21,65,23,24],"sourcecode","http:\u002F\u002Fwww.near-mint.com\u002Fblog\u002Fsoftware\u002Fwp-syntaxhighlighter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-syntaxhighlighter.1.7.3.zip",85,0,{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":11,"downloaded":78,"rating":79,"num_ratings":80,"last_updated":81,"tested_up_to":62,"requires_at_least":17,"requires_php":18,"tags":82,"homepage":83,"download_link":84,"security_score":68,"vuln_count":69,"unpatched_count":69,"last_vuln_date":37,"fetched_at":30},"auto-syntaxhighlighter","Auto SyntaxHighlighter","2.3.3","digihero","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigihero\u002F","\u003Cp>Auto SyntaxHighlighter is a WordPress Code highlight plugin.\u003C\u002Fp>\n\u003Cp>It’s used alexgorbatchev SyntaxHighlighter JavaScript package.\u003C\u002Fp>\n\u003Cp>Autoload SyntaxHighlighter only requisite js files and display you code.\u003C\u002Fp>\n\u003Cp>Github address: https:\u002F\u002Fgithub.com\u002Fwkii\u002FAuto-SyntaxHighlighter\u003C\u002Fp>\n\u003Cp>Support languages see: SyntaxHighlighter Brushes.\u003C\u002Fp>\n\u003Cp>Full Support for : AppleScript, ActionScript3, Bash\u002Fshell, C#, C++, CSS, Delphi, Diff, Groovy, JavaScript, Java, Perl, PHP, Plain Text, Python, Ruby, Sass, Scala, SQL, Visual Basic and XML\u002FHTML…\u003C\u002Fp>\n\u003Cp>It’s advantages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Don’t write database;\u003C\u002Fli>\n\u003Cli>Don’t need settings;\u003C\u002Fli>\n\u003Cli>Deactivate plugin code can also display properly;\u003C\u002Fli>\n\u003Cli>Code can switch visual editing mode or HTML mode;\u003C\u002Fli>\n\u003Cli>With the w3c standards;\u003C\u002Fli>\n\u003Cli>Insert code small tools;\u003C\u002Fli>\n\u003Cli>Automatic and only loading requisite files;\u003C\u002Fli>\n\u003Cli>Write code to support non-administrator\u003C\u002Fli>\n\u003C\u002Ful>\n","Auto SyntaxHighlighter is a WordPress Code highlight plugin. Use editor botton, in the pop-up window, paste or write your code, oh, very simple.",27733,86,6,"2012-05-07T16:00:00.000Z",[20,22,65,23,24],"http:\u002F\u002Fwww.akii.org\u002Fauto-syntaxhighlighter.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-syntaxhighlighter.zip",{"slug":86,"name":87,"version":88,"author":55,"author_profile":56,"description":89,"short_description":90,"active_installs":11,"downloaded":91,"rating":69,"num_ratings":69,"last_updated":92,"tested_up_to":62,"requires_at_least":63,"requires_php":18,"tags":93,"homepage":96,"download_link":97,"security_score":68,"vuln_count":69,"unpatched_count":69,"last_vuln_date":37,"fetched_at":30},"syntaxhighlighter-tinymce-button","SyntaxHighlighter TinyMCE Button","0.7.8.4","\u003Cp>“SyntaxHighlighter TinyMCE Button” provides additional buttons for “Visual Editor(TinyMCE)” and these buttons will help to type or edit \u003Ccode>\u003Cpre>\u003C\u002Fcode> tag for Alex Gorbatchev’s SyntaxHighlighter.\u003C\u002Fp>\n\u003Cp>This plugin is based on “\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcodecolorer-tinymce-button\u002F\" title=\"homolibere developed\" rel=\"ugc\">CodeColorer TinyMCE Button\u003C\u002Fa>” and becomes more feature-rich.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>You can operate in Visual Editor, No need to use HTML Editor.\u003C\u002Fli>\n\u003Cli>Using two buttons, easy to wrap your code in \u003Ccode>\u003Cpre>\u003C\u002Fcode> tag and change options of previously-wrapped code.\u003C\u002Fli>\n\u003Cli>Once your code is wrapped in \u003Ccode>\u003Cpre>\u003C\u002Fcode> tag, You can type ‘tabs’ for indent.\u003C\u002Fli>\n\u003Cli>Localization: English(Default), 日本語(Japanese, UTF-8).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compliant plugins\u003C\u002Fh4>\n\u003Cp>You can use this plugin with following code syntax highlighter.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-syntaxhighlighter\u002F\" title=\"WP SyntaxHighlighter\" rel=\"ugc\">WP SyntaxHighlighter\u003C\u002Fa> (recommend)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsyntax-highlighter-compress\u002F\" title=\"Syntax Highlighter Compress\" rel=\"ugc\">Syntax Highlighter Compress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fauto-syntaxhighlighter\u002F\" title=\"Auto SyntaxHighlighter\" rel=\"ugc\">Auto SyntaxHighlighter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsyntax-highlighter-and-code-prettifier\u002F\" title=\"Syntax Highlighter and Code Colorizer for WordPress\" rel=\"ugc\">Syntax Highlighter and Code Colorizer for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsyntax-highlighter-mt\u002F\" title=\"Syntax Highlighter MT\" rel=\"ugc\">Syntax Highlighter MT\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsyntaxhighlighterpro\u002F\" title=\"SyntaxHighlighterPro\" rel=\"ugc\">SyntaxHighlighterPro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Feasy-google-syntax-highlighter\u002F\" title=\"Easy Google Syntax Highlighter\" rel=\"ugc\">Easy Google Syntax Highlighter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsyntaxhighlighter\u002F\" title=\"SyntaxHighlighter Evolved\" rel=\"ugc\">SyntaxHighlighter Evolved\u003C\u002Fa> etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When using with “SyntaxHighlighter Evolved”, “Load All Brushes” option must be enabled on the “SyntaxHighlighter” setting panel.\u003C\u002Fp>\n\u003Cp>This plugin has operating modes optimized for “WP SyntaxHighlighter”, “Syntax Highlighter Compress” or “SyntaxHighlighter Evolved”.\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>This plugin can work only with the default visual editor(TinyMCE). Other visual editors are not supported.\u003C\u002Fp>\n\u003Cp>This plugin is designed to work with a plugin based on Alex Gorbatchev’s SyntaxHighlighter Ver, 2.0 or higher.\u003C\u002Fp>\n\u003Cp>You can not use this plugin with some ‘SyntaxHighlighter’-based plugins which do not support \u003Ccode>\u003Cpre>\u003C\u002Fcode> tag.\u003C\u002Fp>\n","\"SyntaxHighlighter TinyMCE Button\" provides buttons for Visual Editor and will help to type \u003Cpre> tag for SyntaxHighlighter.",21412,"2011-12-24T02:18:00.000Z",[94,20,65,24,95],"button","tinymce","http:\u002F\u002Fwww.near-mint.com\u002Fblog\u002Fsoftware\u002Fsyntaxhighlighter-tinymce-button","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsyntaxhighlighter-tinymce-button.0.7.8.4.zip",{"slug":99,"name":100,"version":101,"author":55,"author_profile":56,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":69,"num_ratings":69,"last_updated":106,"tested_up_to":62,"requires_at_least":63,"requires_php":18,"tags":107,"homepage":109,"download_link":110,"security_score":68,"vuln_count":69,"unpatched_count":69,"last_vuln_date":37,"fetched_at":30},"codemirror-for-codeeditor","CodeMirror for CodeEditor","0.5.6.1","\u003Cp>Just another code syntaxhighligher for the theme and plugin editor with CodeMirror. This plugin can highlight sourcecodes in the theme\u002Fplugin editor and provide a useful toolbar.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Highlight sourcecodes in theme and plugin editor on the dashboard.\u003C\u002Fli>\n\u003Cli>Based on Marijn Haverbeke’s “\u003Ca href=\"http:\u002F\u002Fcodemirror.net\u002F\" title=\"CodeMirrorr\" rel=\"nofollow ugc\">CodeMirror\u003C\u002Fa>” JavaScript library.\u003C\u002Fli>\n\u003Cli>Built-in 10 themes.\u003C\u002Fli>\n\u003Cli>Useful toolbar which includes search\u002Freplace features.\u003C\u002Fli>\n\u003Cli>Full-screen editing.\u003C\u002Fli>\n\u003Cli>Auto-complete.\u003C\u002Fli>\n\u003Cli>Easy to configure features through the setting panel.\u003C\u002Fli>\n\u003Cli>Localization: English(Default), 日本語(Japanese, UTF-8).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP\u003C\u002Fli>\n\u003Cli>CSS\u003C\u002Fli>\n\u003Cli>Javascript\u003C\u002Fli>\n\u003Cli>(X)HTML\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Recommended plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>“\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-syntaxhighlighter\u002F\" title=\"WP SyntaxHighlighter\" rel=\"ugc\">WP SyntaxHighlighter\u003C\u002Fa>” can highlight sourcecodes on your front-end(posts, pages, comments).\u003C\u002Fli>\n\u003C\u002Ful>\n","Just another code syntaxhighligher for the theme and plugin editor with CodeMirror.",40,7429,"2012-03-28T00:57:00.000Z",[20,108,65,23,24],"codemirror","http:\u002F\u002Fwww.near-mint.com\u002Fblog\u002Fsoftware\u002Fcodemirror-for-codeeditor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodemirror-for-codeeditor.0.5.6.1.zip",{"slug":112,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":69,"num_ratings":69,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":126,"download_link":127,"security_score":68,"vuln_count":69,"unpatched_count":69,"last_vuln_date":37,"fetched_at":30},"google-syntax","0.1","princehaku","https:\u002F\u002Fprofiles.wordpress.org\u002Fprincehaku\u002F","\u003Cp>This is a code prettify plugin using google-code-prettify. click the add-code media button to insert your code. the code higlighting effect will be seen directly in the mce editor.这是一个代码高亮插件  使用google code prettify 安装后在文章发布处点击插入代码按钮即可插入代码   代码高亮效果会直接在mce中预览可见\u003C\u002Fp>\n\u003Cp>Related Links:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002F3haku.net\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fcode.google.com\u002Fp\u002Fgoogle-code-prettify\u002F\" rel=\"nofollow ugc\">Google Code Prettify\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>*This release is compatible with all WordPress versions since 2.0. *\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free for everyone! You can use it free of charge on your personal or commercial blog.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n","This is a code prettify plugin. the code higlighting effect will be seen directly in the mce editor.",10,3273,"2013-12-13T02:25:00.000Z","3.7.41","2.0",[20,124,125,23,24],"google","prettify","http:\u002F\u002F3haku.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoogle-syntax.zip",{"attackSurface":129,"codeSignals":178,"taintFlows":275,"riskAssessment":302,"analyzedAt":314},{"hooks":130,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":69,"unprotectedCount":69},[131,137,142,145,149,153,157,162,166,170],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","admin_notices","anonymous","syntax-highlighter-compress.php",33,{"type":138,"name":139,"callback":140,"priority":118,"file":135,"line":141},"filter","plugin_action_links","shc_filter_plugin_actions",76,{"type":132,"name":143,"callback":134,"file":135,"line":144},"plugins_loaded",418,{"type":132,"name":146,"callback":147,"file":135,"line":148},"admin_menu","shc_add_settings_page",420,{"type":132,"name":150,"callback":151,"file":135,"line":152},"wp_head","wp_shc_head",423,{"type":132,"name":154,"callback":155,"file":135,"line":156},"wp_footer","wp_shc_footer",424,{"type":138,"name":158,"callback":159,"file":160,"line":161},"tiny_mce_version","change_tinymce_version","tinymce\\tinymce.php",9,{"type":132,"name":163,"callback":164,"file":160,"line":165},"init","addbuttons",12,{"type":138,"name":167,"callback":168,"priority":14,"file":160,"line":169},"mce_external_plugins","add_tinymce_plugin",24,{"type":138,"name":171,"callback":172,"priority":14,"file":160,"line":173},"mce_buttons","register_button",25,[],[],[],[],{"dangerousFunctions":179,"sqlUsage":185,"outputEscaping":187,"fileOperations":69,"externalRequests":69,"nonceChecks":270,"capabilityChecks":80,"bundledLibraries":271},[180,183],{"fn":181,"file":135,"line":136,"context":182},"create_function","add_action('admin_notices', create_function('', 'echo \\'\u003Cdiv id=\"message\" class=\"error fade\">\u003Cp>\u003Cstr",{"fn":181,"file":135,"line":144,"context":184},"add_action('plugins_loaded', create_function( '', 'global $wp_shc; $wp_shc = new wp_shc();' ) );",{"prepared":69,"raw":69,"locations":186},[],{"escaped":69,"rawEcho":104,"locations":188},[189,192,194,196,198,200,202,204,206,208,210,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,266,268],{"file":135,"line":190,"context":191},115,"raw output",{"file":135,"line":193,"context":191},122,{"file":135,"line":195,"context":191},162,{"file":135,"line":197,"context":191},186,{"file":135,"line":199,"context":191},188,{"file":135,"line":201,"context":191},204,{"file":135,"line":203,"context":191},205,{"file":135,"line":205,"context":191},358,{"file":135,"line":207,"context":191},359,{"file":135,"line":209,"context":191},360,{"file":135,"line":209,"context":191},{"file":135,"line":212,"context":191},376,{"file":135,"line":214,"context":191},377,{"file":135,"line":216,"context":191},378,{"file":135,"line":218,"context":191},379,{"file":135,"line":220,"context":191},380,{"file":135,"line":222,"context":191},381,{"file":135,"line":224,"context":191},382,{"file":135,"line":226,"context":191},383,{"file":135,"line":228,"context":191},384,{"file":135,"line":230,"context":191},385,{"file":135,"line":232,"context":191},386,{"file":135,"line":234,"context":191},387,{"file":135,"line":236,"context":191},388,{"file":135,"line":238,"context":191},389,{"file":135,"line":240,"context":191},390,{"file":135,"line":242,"context":191},391,{"file":135,"line":244,"context":191},392,{"file":135,"line":246,"context":191},393,{"file":135,"line":248,"context":191},394,{"file":135,"line":250,"context":191},395,{"file":135,"line":252,"context":191},396,{"file":135,"line":254,"context":191},397,{"file":135,"line":256,"context":191},398,{"file":135,"line":258,"context":191},399,{"file":135,"line":260,"context":191},400,{"file":135,"line":262,"context":191},407,{"file":264,"line":265,"context":191},"tinymce\\window.php",19,{"file":264,"line":267,"context":191},20,{"file":264,"line":269,"context":191},21,2,[272],{"name":273,"version":37,"knownCves":274},"TinyMCE",[],[276,292],{"entryPoint":277,"graph":278,"unsanitizedCount":270,"severity":39},"shc_options_subpanel (syntax-highlighter-compress.php:83)",{"nodes":279,"edges":289},[280,284],{"id":281,"type":282,"label":283,"file":135,"line":193},"n0","source","$_SERVER['PHP_SELF'] (x2)",{"id":285,"type":286,"label":287,"file":135,"line":193,"wp_function":288},"n1","sink","echo() [XSS]","echo",[290],{"from":281,"to":285,"sanitized":291},false,{"entryPoint":293,"graph":294,"unsanitizedCount":69,"severity":301},"\u003Csyntax-highlighter-compress> (syntax-highlighter-compress.php:0)",{"nodes":295,"edges":298},[296,297],{"id":281,"type":282,"label":283,"file":135,"line":193},{"id":285,"type":286,"label":287,"file":135,"line":193,"wp_function":288},[299],{"from":281,"to":285,"sanitized":300},true,"low",{"summary":303,"deductions":304},"The \"syntax-highlighter-compress\" plugin, version 3.0.83.3, exhibits a mixed security posture. While it boasts zero direct attack surface entry points (AJAX, REST API, shortcodes, cron events) that are unprotected, and all SQL queries appear to use prepared statements, several critical code signals raise significant concerns. The presence of the `create_function` function is a red flag, as it can be a source of code injection vulnerabilities if not handled with extreme care. Furthermore, the fact that 100% of its output is not properly escaped is a severe security flaw, paving the way for Cross-Site Scripting (XSS) attacks. The taint analysis also indicates a flow with unsanitized paths, which, despite not being classified as critical or high severity, still represents a potential risk of data manipulation or leakage.\n\nThe plugin's vulnerability history is particularly alarming. It has a known CVE with a medium severity, and critically, this vulnerability remains unpatched. The common vulnerability type being XSS reinforces the concerns identified in the static analysis regarding improper output escaping. The fact that the last vulnerability was recorded in the future (2026-01-16) is an anomaly that might indicate a data entry error, but it doesn't negate the presence of an existing, unpatched medium vulnerability. The plugin has a documented history of XSS, and its current code indicates a persistent weakness in output sanitization, making it susceptible to similar attacks.\n\nIn conclusion, while the plugin does not present a large direct attack surface and employs prepared statements for database operations, the substantial lack of output escaping, the use of `create_function`, and the existing unpatched XSS vulnerability paint a concerning picture. The potential for XSS attacks is high due to the unescaped output, and the unpatched CVE signifies an immediate risk to users. The plugin has demonstrable weaknesses in input sanitization and output encoding that have led to past vulnerabilities and continue to be a significant concern in its current state.",[305,308,310,312],{"reason":306,"points":307},"Unpatched Medium CVE",15,{"reason":309,"points":267},"100% of outputs not properly escaped",{"reason":311,"points":118},"Taint flow with unsanitized paths",{"reason":313,"points":118},"Dangerous function: create_function","2026-03-16T21:14:06.095Z",{"wat":316,"direct":346},{"assetPaths":317,"generatorPatterns":341,"scriptPaths":342,"versionParams":343},[318,319,320,321,322,323,324,325,326,327,328,329,330,331,332,333,334,335,336,337,338,339,340],"\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshCore.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushXml.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushSql.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushPlain.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushPerl.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushPhp.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushPython.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushRuby.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushJScript.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushJava.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushCss.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushDelphi.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushCSharp.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fscripts\u002FshBrushAS3.js","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshCore.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshThemeDjango.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshThemeEclipse.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshThemeEmacs.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshThemeFadeToGrey.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshThemeMDUltra.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshThemeMidnight.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Fstyles\u002FshThemeRDark.css","\u002Fwp-content\u002Fplugins\u002Fsyntax-highlighter-compress\u002Ftinymce\u002Ftinymce.min.js",[],[318,319,320,321,322,323,324,325,326,327,328,329,330,331,340],[344,345],"syntax-highlighter-compress\u002Fscripts\u002FshCore.js?ver=","syntax-highlighter-compress\u002Fstyles\u002FshCore.css?ver=",{"cssClasses":347,"htmlComments":349,"htmlAttributes":350,"restEndpoints":351,"jsGlobals":352,"shortcodeOutput":355},[348],"syntaxhighlighter-compress",[],[],[],[353,354],"sh_main","SyntaxHighlighter",[]]