[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqWQ4wjYtV97oLqXxPj37NsXeDi6mzj7oOauhwR39WwE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":151,"fingerprints":263},"theme-companion","Theme Companion","1.0.2","Frumph","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrumph\u002F","\u003Cp>Companion is intended to assist users designing their sites without editing their original style.css files.\u003C\u002Fp>\n\u003Cp>Companion’s features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Editing CSS stylesheets that override the original style.css in the theme.\u003C\u002Fli>\n\u003Cli>Add custom information into the head area of your site\u002Fpage for non-wpmu sites. – Does NOT activate for Multisite\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Please do *not* copy the entire style.css into the editor, the editor is used for placing specific element changes. If you want to change the background of your entire site you do\u003C\u002Fh4>\n\u003Cp>body { background: #333333; }\u003C\u002Fp>\n\u003Cp>333333 being swapped for the color that you want to use.\u003C\u002Fp>\n\u003Cp>Notice that you do \u003Cem>not\u003C\u002Fem> need to replace the entire CSS element but just the portion you want to override \u002F change.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Companion is released under the GNU GPL version 3.0 or later.\u003C\u002Fp>\n","This plugin is used to assist in designing sites without editing the original style.css",100,4336,0,"2014-11-03T19:47:00.000Z","4.0.38","3.0","",[19,20,21,22,23],"companion","css","editor","multisite","theme","http:\u002F\u002Ffrumph.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-companion.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"frumph",2,400,30,84,"2026-04-04T16:35:43.010Z",[38,62,82,106,130],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":60,"download_link":61,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"so-css","SiteOrigin CSS","1.6.5","Greg - SiteOrigin","https:\u002F\u002Fprofiles.wordpress.org\u002Fgpriday\u002F","\u003Cp>SiteOrigin CSS is the intuitive and powerful CSS editor designed to empower your WordPress site customization. Enjoy a seamless editing experience with real-time visual controls, making it easy to tweak your site’s look and feel instantly. Whether you’re a beginner or an advanced developer, SiteOrigin CSS has you covered.\u003C\u002Fp>\n\u003Cp>For beginners, our user-friendly visual controls and live previews eliminate the guesswork from CSS editing. See your changes as you make them, ensuring your site looks exactly as you envision. For advanced users, we offer robust code autocompletion, speeding up your workflow and making CSS writing faster and more efficient than ever before. Take full control of your site’s design with SiteOrigin CSS and bring your creative vision to life.\u003C\u002Fp>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F129660380\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch4>Inspector\u003C\u002Fh4>\n\u003Cp>The hardest part of editing your site’s design using CSS is usually finding the correct selector to use. The powerful inspector that comes with SiteOrigin CSS makes this easy. While viewing a full preview of your site, just click on an element, and it’ll help you identify the best selector to use to target that element.\u003C\u002Fp>\n\u003Cp>The inspector will help you even if you have no idea what a CSS selector is.\u003C\u002Fp>\n\u003Ch4>Visual Editor\u003C\u002Fh4>\n\u003Cp>Don’t like playing around with code? No problem. SiteOrigin CSS has a set of simple controls that make it easy to choose colors, styles, and measurements. Combined with the inspector, you’ll be able to make changes in just a few clicks.\u003C\u002Fp>\n\u003Ch4>CSS Editor\u003C\u002Fh4>\n\u003Cp>SiteOrigin CSS has a powerful CSS editor, the likes of which you’d usually only expect from high-end IDEs. It has autocompletion for both CSS selectors and attributes. It also features very useful CSS linting to help you identify issues in your code before you publish your changes.\u003C\u002Fp>\n\u003Ch4>It’s Free\u003C\u002Fh4>\n\u003Cp>We’re committed to keeping SiteOrigin CSS free. You can install it on as many sites as you like without ever worrying about licensing. All future updates and upgrades will be free, and we even offer free support over on our friendly support forums.\u003C\u002Fp>\n\u003Ch4>Works With Any Theme\u003C\u002Fh4>\n\u003Cp>There’s an ever-growing collection of awesome WordPress themes, and now with SiteOrigin CSS, you can edit every single one of them to your heart’s content. No matter what theme you’re using, SiteOrigin CSS will work perfectly.\u003C\u002Fp>\n\u003Ch4>Actively Developed\u003C\u002Fh4>\n\u003Cp>We’re actively developing SiteOrigin CSS. Keep track of what’s happening over on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsiteorigin\u002Fso-css\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsiteorigin.com\u002Fcss\u002Fgetting-started\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> is available on SiteOrigin.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Free support is available on the \u003Ca href=\"https:\u002F\u002Fsiteorigin.com\u002Fthread\u002F\" rel=\"nofollow ugc\">SiteOrigin support forums\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>SiteOrigin Premium\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsiteorigin.com\u002Fdownloads\u002Fpremium\u002F\" rel=\"nofollow ugc\">SiteOrigin Premium\u003C\u002Fa> enhances SiteOrigin CSS with a Google Web Font Selector. Choose from hundreds of beautiful web fonts right in the visual editor.\u003C\u002Fp>\n\u003Cp>SiteOrigin Premium includes access to our professional email support service, perfect for those times when you need fast and effective technical support. We’re standing by to assist you in any way we can.\u003C\u002Fp>\n","Powerful, simple CSS editing for WordPress. Visual controls & real-time previews for effortless site customization.",100000,5885531,98,152,"2025-12-06T20:31:00.000Z","6.9.4","3.9","7.0.0",[55,56,57,58,59],"css-editor","live-editing","theme-editor","visual-css","website-styling","https:\u002F\u002Fsiteorigin.com\u002Fcss\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fso-css.1.6.5.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":13,"downloaded":70,"rating":13,"num_ratings":13,"last_updated":71,"tested_up_to":51,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":80,"download_link":81,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"additional-css-shortcut","Additional CSS Shortcut","1.0.1","lastsplash (a11n)","https:\u002F\u002Fprofiles.wordpress.org\u002Flastsplash\u002F","\u003Cp>When WordPress introduced Full Site Editing (FSE) with block themes, the familiar “Additional CSS” option was moved from the Customizer to the Site Editor’s Styles panel. This plugin brings back easy access by adding an “Additional CSS” link directly to the Appearance menu.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds “Additional CSS” link under Appearance menu\u003C\u002Fli>\n\u003Cli>One-click access to the Site Editor CSS panel\u003C\u002Fli>\n\u003Cli>Only appears when using a block theme\u003C\u002Fli>\n\u003Cli>Lightweight and simple – no settings needed\u003C\u002Fli>\n\u003Cli>Works with any block theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How It Works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Simply activate the plugin and you’ll see “Additional CSS” appear in your Appearance menu. Clicking it takes you directly to the CSS editing panel in the Site Editor.\u003C\u002Fp>\n","Adds a quick-access link to the Additional CSS panel in the Site Editor for block themes.",121,"2026-02-15T14:18:00.000Z","6.9","8.3",[75,76,77,78,79],"additional-css","block-theme","custom-css","full-site-editing","site-editor","https:\u002F\u002Fgithub.com\u002Fbobmatyas\u002Fadditional-css-shortcut","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadditional-css-shortcut.1.0.1.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":51,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":101,"download_link":102,"security_score":103,"vuln_count":104,"unpatched_count":13,"last_vuln_date":105,"fetched_at":28},"code-snippets","Code Snippets","3.9.5","Code Snippets Pro","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodesnippetspro\u002F","\u003Cp>\u003Cstrong>✂ Code Snippets\u003C\u002Fstrong> provides an effortless way to enhance your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 Upgrade to Code Snippets Pro\u003C\u002Fstrong> for complete CSS, JavaScript, Gutenberg, Elementor and cloud synchronisation integrations. \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fcodesnippets.pro\u002Fpricing\" rel=\"nofollow ugc\">Elevate your snippets experience now!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Say goodbye to the hassle of tweaking your theme’s \u003Ccode>functions.php\u003C\u002Fcode> file and downloading endless plugins – Code Snippets simplifies the process!\u003C\u002Fp>\n\u003Cp>A snippet is like a mini-plugin for your WordPress site, providing added functionality without the clutter.\u003C\u002Fp>\n\u003Cp>Unlike other solutions that involve dumping code into your \u003Ccode>functions.php\u003C\u002Fcode> file, Code Snippets offers an intuitive graphical interface for seamless integration and real-time execution. Managing snippets is as easy as activating and deactivating plugins, only without the bloat and overhead.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎥 Watch a quick overview by Imran Siddiq:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FuzND-wdSCMQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>☁️ Each copy of Code Snippets includes full integration with the community-powered \u003Ca href=\"https:\u002F\u002Fcodesnippets.cloud\u002F\" rel=\"nofollow ugc\">Code Snippets Cloud\u003C\u002Fa> platform, providing easy access to hundreds of tweaks and enhancements ready to power-up any WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🌐 Connect with us:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcode-snippets\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffacebook.com\u002Fgroups\u002Fcodesnippetsplugin\" rel=\"nofollow ugc\">Facebook Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsnipco.de\u002Fdiscord\" rel=\"nofollow ugc\">Discord Community\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodesnippetspro\u002Fcode-snippets\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🌟 Like our plugin? Find it useful? Please consider sharing your experience by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fcode-snippets\" rel=\"ugc\">leaving a review on WordPress.org\u003C\u002Fa>. Your feedback is instrumental to shaping our future growth!\u003C\u002Fp>\n\u003Cp>🌍 We’d like to thank the wonderful people who have helped contribute translations to allow Code Snippets to be used in different languages. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcodesnippetspro\u002Fcode-snippets\u002Fblob\u002Fcore\u002FCREDITS.md#translators\" rel=\"nofollow ugc\">You can find a full list here\u003C\u002Fa>.\u003C\u002Fp>\n","An easy, clean and simple way to enhance your site with code snippets.",1000000,19655832,94,494,"2026-02-05T11:03:00.000Z","5.0","7.4",[98,20,22,99,100],"code","php","snippets","https:\u002F\u002Fcodesnippets.pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcode-snippets.3.9.5.zip",89,7,"2026-02-05 19:33:02",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":51,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":126,"download_link":127,"security_score":11,"vuln_count":128,"unpatched_count":13,"last_vuln_date":129,"fetched_at":28},"custom-css-js","Simple Custom CSS and JS","3.52","SilkyPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fdiana_burduja\u002F","\u003Cp>Customize your WordPress site’s appearance by easily adding custom CSS and JS code without even having to modify your theme or plugin files. This is perfect for adding custom CSS tweaks to your site.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Text editor\u003C\u002Fstrong> with syntax highlighting \u003C\u002Fli>\n\u003Cli>Print the code \u003Cstrong>inline\u003C\u002Fstrong> or included into an \u003Cstrong>external file\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Print the code in the \u003Cstrong>header\u003C\u002Fstrong> or the \u003Cstrong>footer\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add CSS or JS to the \u003Cstrong>frontend\u003C\u002Fstrong> or the \u003Cstrong>admin side\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Add as many codes as you want\u003C\u002Fli>\n\u003Cli>Keep your changes also when you change the theme\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily add Custom CSS or JS to your website with an awesome editor.",700000,10074700,88,101,"2026-03-06T19:56:00.000Z","3.0.1","5.2.4",[122,77,123,124,125],"add-style","custom-js","customize-theme","site-css","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-css-js\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-css-js.3.52.zip",1,"2017-07-24 00:00:00",{"slug":57,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":137,"downloaded":138,"rating":139,"num_ratings":140,"last_updated":141,"tested_up_to":142,"requires_at_least":143,"requires_php":120,"tags":144,"homepage":147,"download_link":148,"security_score":139,"vuln_count":149,"unpatched_count":13,"last_vuln_date":150,"fetched_at":28},"Theme Editor","3.1","mndpsingh287","https:\u002F\u002Fprofiles.wordpress.org\u002Fmndpsingh287\u002F","\u003Ch4>Theme Editor allows you to edit theme files, create folder, upload files and remove any file and folder in themes and plugins. You can easily customize you themes and plugins directly.\u003C\u002Fh4>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fthemeeditor.pro\u002Fproduct\u002Ftheme-editor\u002F\" rel=\"nofollow ugc\">Upgrade to Pro Version\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>Key Features in Theme Editor Plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Edit Theme and Plugin Files\u003C\u002Fli>\n\u003Cli>Code Editors – Supports PHP, HTML, CSS and JavaScript\u003C\u002Fli>\n\u003Cli>Fancy Box\u003C\u002Fli>\n\u003Cli>Code Mirror\u003C\u002Fli>\n\u003Cli>Create and remove folder in themes and plugins\u003C\u002Fli>\n\u003Cli>Create and remove files in themes and plugins\u003C\u002Fli>\n\u003Cli>upload and download files in themes and plugins\u003C\u002Fli>\n\u003Cli>Download whole theme and plugin.\u003C\u002Fli>\n\u003Cli>Create New Child Theme\u003C\u002Fli>\n\u003Cli>Duplicate Existing Child Theme\u003C\u002Fli>\n\u003Cli>Query \u002F Selector\u003C\u002Fli>\n\u003Cli>Move File from Parent Theme To Child Theme\u003C\u002Fli>\n\u003Cli>Upload New Images and Download Images\u003C\u002Fli>\n\u003Cli>Change and Upload New Screenshot of Selected Theme\u003C\u002Fli>\n\u003Cli>View All Images of Selected Theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Extended Features in Theme Editor Plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Users Permissions\u003C\u002Fli>\n\u003Cli>User Role Permissions\u003C\u002Fli>\n\u003Cli>Email Notifications to Admin\u003C\u002Fli>\n\u003Cli>Edit Theme Files\u003C\u002Fli>\n\u003Cli>Code Editors Supports PHP, HTML, CSS and JavaScript\u003C\u002Fli>\n\u003Cli>Fancy Box\u003C\u002Fli>\n\u003Cli>Code Mirror\u003C\u002Fli>\n\u003Cli>Create and remove folder in themes\u003C\u002Fli>\n\u003Cli>Create and remove files in themes\u003C\u002Fli>\n\u003Cli>Upload and download files in themes\u003C\u002Fli>\n\u003Cli>Download whole theme.\u003C\u002Fli>\n\u003Cli>Edit Plugin Files\u003C\u002Fli>\n\u003Cli>Create and remove folder in plugins\u003C\u002Fli>\n\u003Cli>Create and remove files in plugins\u003C\u002Fli>\n\u003Cli>Upload and download files in plugins\u003C\u002Fli>\n\u003Cli>Download whole plugin.\u003C\u002Fli>\n\u003Cli>Create New Child Theme\u003C\u002Fli>\n\u003Cli>Duplicate Existing Child Theme\u003C\u002Fli>\n\u003Cli>Query \u002F Selector\u003C\u002Fli>\n\u003Cli>Move File from Parent Theme To Child Theme\u003C\u002Fli>\n\u003Cli>Upload New Images and Download Images\u003C\u002Fli>\n\u003Cli>Change and Upload New Screenshot of Selected Themes\u003C\u002Fli>\n\u003Cli>View All Images of Selected Theme\u003C\u002Fli>\n\u003Cli>Preview Theme\u003C\u002Fli>\n\u003Cli>Child Theme Permission\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fthemeeditor.pro\u002Fproduct\u002Ftheme-editor\u002F\" rel=\"nofollow ugc\">Upgrade to Pro Version\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If any problem occurs, please contact us at http:\u002F\u002Fthemeeditor.pro\u002Fcontact\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Minimum requirements for Theme Editor\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 3.3+\u003C\u002Fli>\n\u003Cli>PHP 5.x\u003C\u002Fli>\n\u003Cli>MySQL 5.x\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If any problem occurs, please contact us at http:\u002F\u002Fthemeeditor.pro\u002Fcontact.\u003C\u002Fp>\n","Theme Editor allows you to edit theme files, create folder, upload files and remove any file and folder in themes and plugins.",50000,865494,92,126,"2025-10-16T11:21:00.000Z","6.8.5","3.4",[21,145,23,57,146],"file","wp","https:\u002F\u002Fthemeeditor.pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-editor.zip",5,"2025-10-17 19:39:27",{"attackSurface":152,"codeSignals":173,"taintFlows":226,"riskAssessment":253,"analyzedAt":262},{"hooks":153,"ajaxHandlers":169,"restRoutes":170,"shortcodes":171,"cronEvents":172,"entryPointCount":13,"unprotectedCount":13},[154,160,165],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","wp_head","companion_html_header_load","companion.php",31,{"type":155,"name":161,"callback":162,"file":163,"line":164},"admin_menu","companion_init_hooks","companion_core.php",3,{"type":155,"name":166,"callback":167,"file":163,"line":168},"admin_foot","companion_css_footer",4,[],[],[],[],{"dangerousFunctions":174,"sqlUsage":183,"outputEscaping":185,"fileOperations":224,"externalRequests":13,"nonceChecks":128,"capabilityChecks":13,"bundledLibraries":225},[175,180],{"fn":176,"file":177,"line":178,"context":179},"preg_replace(\u002Fe)","edit_area\\edit_area_compressor.php",146,"preg_replace(\"\u002F(t\\.scripts_to_load=\\s*)\\[([^\\]]*)\\];\u002Fe\"",{"fn":176,"file":177,"line":181,"context":182},150,"preg_replace(\"\u002F(t\\.sub_scripts_to_load=\\s*)\\[([^\\]]*)\\];\u002Fe\"",{"prepared":13,"raw":13,"locations":184},[],{"escaped":13,"rawEcho":186,"locations":187},19,[188,191,193,195,197,199,201,202,204,206,207,209,211,213,216,218,219,221,223],{"file":158,"line":189,"context":190},39,"raw output",{"file":158,"line":192,"context":190},44,{"file":163,"line":194,"context":190},168,{"file":163,"line":196,"context":190},180,{"file":163,"line":198,"context":190},187,{"file":163,"line":200,"context":190},195,{"file":163,"line":200,"context":190},{"file":163,"line":203,"context":190},197,{"file":163,"line":205,"context":190},199,{"file":163,"line":205,"context":190},{"file":177,"line":208,"context":190},133,{"file":177,"line":210,"context":190},289,{"file":177,"line":212,"context":190},291,{"file":214,"line":215,"context":190},"includes\\cceditor.php",12,{"file":214,"line":217,"context":190},38,{"file":214,"line":217,"context":190},{"file":214,"line":220,"context":190},40,{"file":214,"line":222,"context":190},42,{"file":214,"line":222,"context":190},15,[],[227,245],{"entryPoint":228,"graph":229,"unsanitizedCount":13,"severity":244},"companion_admin_page (companion_core.php:73)",{"nodes":230,"edges":241},[231,236],{"id":232,"type":233,"label":234,"file":163,"line":235},"n0","source","$_REQUEST",114,{"id":237,"type":238,"label":239,"file":163,"line":205,"wp_function":240},"n1","sink","echo() [XSS]","echo",[242],{"from":232,"to":237,"sanitized":243},true,"low",{"entryPoint":246,"graph":247,"unsanitizedCount":13,"severity":244},"\u003Ccompanion_core> (companion_core.php:0)",{"nodes":248,"edges":251},[249,250],{"id":232,"type":233,"label":234,"file":163,"line":235},{"id":237,"type":238,"label":239,"file":163,"line":205,"wp_function":240},[252],{"from":232,"to":237,"sanitized":243},{"summary":254,"deductions":255},"The \"theme-companion\" v1.0.2 plugin exhibits a generally good security posture in terms of its attack surface and lack of known vulnerabilities.  The plugin does not expose any direct AJAX handlers, REST API routes, shortcodes, or cron events, significantly limiting potential entry points for attackers.  Furthermore, the absence of known CVEs and a clean vulnerability history are positive indicators.  All SQL queries are also properly prepared, mitigating risks associated with SQL injection.\n\nHowever, the static analysis reveals critical weaknesses. The plugin uses dangerous functions, specifically `preg_replace(\u002Fe)`, which can lead to arbitrary code execution if not handled with extreme care and sanitization, especially when dealing with user-supplied input.  More concerning is the finding that 0% of outputs are properly escaped. This widespread lack of output escaping creates a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website. While taint analysis shows no unsanitized paths in the limited flows analyzed, the presence of dangerous functions and unescaped output presents significant risks.\n\nIn conclusion, while the plugin boasts a low attack surface and a clean vulnerability history, the identified code signals, particularly the use of `preg_replace(\u002Fe)` and the complete lack of output escaping, represent substantial security concerns. These issues could be exploited to achieve arbitrary code execution and XSS. The plugin needs immediate attention to address these critical code-level weaknesses.",[256,258,260],{"reason":257,"points":224},"Dangerous functions: preg_replace(\u002Fe)",{"reason":259,"points":224},"Unescaped output: 0% properly escaped",{"reason":261,"points":149},"Capability checks: 0","2026-03-16T21:13:03.067Z",{"wat":264,"direct":273},{"assetPaths":265,"generatorPatterns":268,"scriptPaths":269,"versionParams":272},[266,267],"\u002Fwp-content\u002Fplugins\u002Ftheme-companion\u002Ftabbed\u002Ftabbed_pages_ie.css","\u002Fwp-content\u002Fplugins\u002Ftheme-companion\u002Ftabbed\u002Ftabbed_pages.css",[],[270,271],"\u002Fwp-content\u002Fplugins\u002Ftheme-companion\u002Fedit_area\u002Fedit_area_full.js","\u002Fwp-content\u002Fplugins\u002Ftheme-companion\u002Ftabbed\u002Ftabbed_pages.js",[],{"cssClasses":274,"htmlComments":280,"htmlAttributes":289,"restEndpoints":302,"jsGlobals":303,"shortcodeOutput":313},[275,276,277,278,279],"ccadmin","on","off","show","inside",[281,282,283,284,285,286,287,288],"\u003C!-- Companion Custom CSS over-rides for [ "," ]: "," - "," -->","\u003C!-- Companion Custom HTML Insert for [ "," WIN: File exists and is writable.\u003Cbr \u002F>","\u003Ci>WIN: File "," does *not* exist or is not writable, try to save the file.  If you still get this error che",[290,291,292,293,294,295,296,297,298,299,300,301],"id=\"newcontent\"","id=\"ccadmin\"","class=\"on\"","title=\"cceditor\"","class=\"off\"","title=\"ccexamples\"","title=\"cchelp\"","id=\"cceditor\"","class=\"show\"","class=\"inside\"","id=\"template\"","name=\"template\"",[],[304,305,306,162,167,307,308,309,310,311,312],"editAreaLoader","companion_pluginfo","companion_is_multisite","companion_load_scripts","companion_load_styles","companion_config_page_head","companion_admin_page","is_iis7","win_is_writable",[]]