[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fl_ZMkItAKOKL1MBk5UiCZC0RlIq4u7GMc1wFxVCnAJI":3,"$f2N9OFXqBomWLcEnaUbxD876hLbNbQu74aiYDKwTFENA":283,"$fUD0vhnPQ5772Dg4VEy2n2Ps_mo5ieJhqwDNutq6Arps":287},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":39,"analysis":140,"fingerprints":242},"tiny-wow-colors","Tiny WoW colors","1.0.3","leaklords","https:\u002F\u002Fprofiles.wordpress.org\u002Fkwark\u002F","\u003Cul>\n\u003Cli>Add some buttons to tiny admin editor (sup, sub, hr, html cleaner, fonts selector). \u003C\u002Fli>\n\u003Cli>Add buttons for colorisation item WoW (poor, normal, commun, rare, epic, legend, artefact)\u003C\u002Fli>\n\u003Cli>add Youtube buttons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Automatic generate some shortcodes for Youtube (version 2 and 3), automatic generates some shortcodes for colorisation items for Blizzard\u002Fwowhead\u002FMagelo items links. Enqueue option for one of this Tooltips (Magelo or wowhead).\u003C\u002Fp>\n\u003Cp>You may changes at any times option wowhead \u003Ccode>\u003C-->\u003C\u002Fcode> magelo and all your tip-bubble effect already published works fine without changes.\u003C\u002Fp>\n\u003Cp>You may use all classes with html tag\u003C\u002Fp>\n\u003Cp>Color items\u003C\u002Fp>\n\u003Cul>\n\u003Cli>poor\u003C\u002Fli>\n\u003Cli>normal\u003C\u002Fli>\n\u003Cli>commun\u003C\u002Fli>\n\u003Cli>rare\u003C\u002Fli>\n\u003Cli>epic\u003C\u002Fli>\n\u003Cli>legend\u003C\u002Fli>\n\u003Cli>artefact\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Some others\u003C\u002Fp>\n\u003Cul>\n\u003Cli>success\u003C\u002Fli>\n\u003Cli>info\u003C\u002Fli>\n\u003Cli>error\u003C\u002Fli>\n\u003Cli>blizzquote\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You may use all classes outside the admin editor buttons (with html tag – text colorization)\u003C\u002Fp>\n\u003Cp>e.g.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cp class=\"epic\">Your text here....\u003C\u002Fp>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You may use this outside the admin editor (on a forum – manual shortcode)\u003C\u002Fp>\n\u003Cp>e.g.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[item name=\"Spiritwalker's Cuirass\" url=\"http:\u002F\u002Fwww.wowhead.com\u002Fitem=78724\" class=\"epic\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Add some buttons to tiny admin editor, buttons for item WoW (epic, poor, rare, ...) and Youtube buttons",10,3780,100,1,"2012-07-29T22:41:00.000Z","3.4.2","",[19,20,21,22,23],"admin","buttons","editor","tiny","warcraft","http:\u002F\u002Fkwark.allwebtuts.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftiny-wow-colors.1.0.3.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":26,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"kwark",8,80,30,84,"2026-05-20T08:03:07.014Z",[40,62,84,106,123],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":17,"tags":55,"homepage":60,"download_link":61,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"addquicktag","AddQuicktag","2.6.1","Frank Bueltge","https:\u002F\u002Fprofiles.wordpress.org\u002Fbueltge\u002F","\u003Cp>This plugin makes it easy to add Quicktags to the html – and visual-editor. It is possible to export your Quicktags as a JSON – file that can be imported in other installations of the plugin.\u003C\u002Fp>\n\u003Cp>WP-AddQuicktag for WordPress is originally created by \u003Ca href=\"http:\u002F\u002Froel.meurders.nl\u002F\" title=\"Roel Meurders\" rel=\"nofollow ugc\">Roel Meurders\u003C\u002Fa>. The versions in the Repo of AddQuicktag are newer versions, this is a complete rewrite of version 2.0.0 with more functionality.\u003C\u002Fp>\n\u003Cp>The plugin can add configurable custom quicktags to the editor of every post type, including custom post types from other sources. You may choose a post type for which a quicktag shall show up in the editor.\u003Cbr \u002F>\nIf this should not work perfectly well for you, you may also use the hooks inside the plugin. See the examples and hint inside the tab “\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Faddquicktag\u002Fother_notes\u002F\" rel=\"ugc\">Other Notes\u003C\u002Fa>“.\u003C\u002Fp>\n\u003Ch4>Bugs, technical hints or contribute\u003C\u002Fh4>\n\u003Cp>Please give me feedback, contribute and file technical bugs on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbueltge\u002Faddquicktag\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>. The Wiki on this page has also several hints for the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Crafted by \u003Ca href=\"https:\u002F\u002Finpsyde.com\" rel=\"nofollow ugc\">Inpsyde\u003C\u002Fa> · Engineering the web since 2006.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Hook for custom post types\u003C\u002Fh4>\n\u003Cp>The plugin adds the quicktag by default to post types\u002FID \u003Ccode>post\u003C\u002Fcode>, \u003Ccode>page\u003C\u002Fcode> and \u003Ccode>comment\u003C\u002Fcode>. To use the plugin for other post types also you may use a filter; see the following example or an example plugin in the \u003Ca href=\"https:\u002F\u002Fgist.github.com\u002F1595155\" rel=\"nofollow ugc\">Gist 1595155\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F\u002F add custom function to filter hook 'addquicktag_post_types'\nadd_filter( 'addquicktag_post_types', 'my_addquicktag_post_types' );\n\u002F**\n * Return array $post_types with custom post types\n *\n * @param   $post_type Array\n * @return  $post_type Array\n *\u002F\nfunction my_addquicktag_post_types( $post_types ) {\n\n    $post_types[] = 'edit-comments';\n    return $post_types;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Hook for custom pages\u003C\u002Fh4>\n\u003Cp>It is possible also to filter the pages inside the backend. By default the scripts include the pages \u003Ccode>post.php\u003C\u002Fcode>, \u003Ccode>comment.php\u003C\u002Fcode>. The following example changes this for an another page.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'addquicktag_pages', 'my_addquicktag_pages' );\n\u002F**\n * Return array $page with custom page strings\n *\n * @param   $page Array\n * @return  $page Array\n *\u002F\nfunction my_addquicktag_pages( $page ) {\n\n    $page[] = 'edit-comments.php';\n    return $page;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>See this Gist as an example for how to add the Quicktags to the editor of comments: \u003Ca href=\"https:\u002F\u002Fgist.github.com\u002F3076698\" rel=\"nofollow ugc\">Gist: 3076698\u003C\u002Fa>.\u003Cbr \u002F>\nIf you want the Quicktags of this plugin to work on the Quickedit of comments as well, remove the \u003Ccode>.example\u003C\u002Fcode>-part of \u003Ccode>addquicktag_quickedit_comment.php.example\u003C\u002Fcode> filename. The file is a stand alone helper plugin for Add Quicktag. You’ll need to activate this file (plugin) separately in ‘Manage Plugins’.\u003C\u002Fp>\n\u003Ch4>Hook for custom buttons\u003C\u002Fh4>\n\u003Cp>It is possible to add custom buttons to the editor, if the plugin is active.\u003C\u002Fp>\n\u003Cp>The following example adds buttons. The params inside the array are the same as in the settings of the plugin.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>if ( class_exists( 'Add_Quicktag' ) ) :\nadd_filter( 'addquicktag_buttons', 'my_addquicktag_buttons' );\n\nfunction my_addquicktag_buttons( $buttons ) {\n\n    $buttons[] = array(\n        'text'          => 'Permalink',\n        'title'         => '',\n        'start'         => '[permalink]',\n        'end'           => '[\u002Fpermalink]',\n        'access'        => '',\n        'order'         => 1,\n        'visual'        => 1,\n        'post'          => 0,\n        'page'          => 1,\n        'comment'       => 0,\n        'edit-comments' => 0\n    );\n    $buttons[] = array(\n        'text'          => 'Button',\n        'title'         => '',\n        'start'         => '\u003Cspan class=\"border blue\">',\n        'end'           => '\u003C\u002Fspan>',\n        'access'        => '',\n        'order'         => 2,\n        'visual'        => 1,\n        'post'          => 0,\n        'page'          => 1,\n        'comment'       => 0,\n        'edit-comments' => 0\n    );\n    return $buttons;\n}\nendif;\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>License\u003C\u002Fh4>\n\u003Cp>Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog. But if you enjoy this plugin, you may consider to thank me and leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faddquicktag\u002Freviews\u002F#new-post\" rel=\"ugc\">positive review\u003C\u002Fa> for the time I’ve spent writing and supporting this plugin. And I really don’t want to know how many hours of my life this plugin has already eaten 😉\u003C\u002Fp>\n","This plugin makes it easy to add Quicktags to the html - and visual-editor.",100000,1386557,94,44,"2021-05-20T13:37:00.000Z","5.7.15","4.0",[56,57,21,58,59],"add-buttons","button","quicktag","tinymce","http:\u002F\u002Fbueltge.de\u002Fwp-addquicktags-de-plugin\u002F120\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faddquicktag.2.6.1.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":17,"tags":77,"homepage":82,"download_link":83,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"visual-editor-custom-buttons","Visual Editor Custom Buttons","1.6.0.3","cyberduck","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberduck\u002F","\u003Cp>Looking for a fast and easy way to add custom buttons to the WordPress Visual Editor? Look no further. With this plugin you can easily add your own custom buttons in the Visual Editor, as well as the HTML Editor. You can then add HTML code to the button, either as a wrap (before, after) or as a single block. On top of that you can, from within the plugin, set the CSS so you can view the effect of the button directly in the Visual Editor.\u003C\u002Fp>\n\u003Cp>The plugin comes with a large number of ready to use button icons, but you can also add your own.\u003C\u002Fp>\n\u003Cp>Visual Editor Custom Buttons. The perfect plugin for customizing the Visual Editor, add special features and simplify the content update process for the novice user.\u003C\u002Fp>\n","Visual Editor Custom Buttons lets you add custom buttons to the Wordpress Visual Editor.",4000,154067,92,37,"2023-05-26T08:52:00.000Z","6.2.9","4.9",[20,78,79,80,81],"custom","rich-editor","tiny-mce-editor","visual-editor","http:\u002F\u002Feborninteractive.se","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisual-editor-custom-buttons.1.6.0.3.zip",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":17,"tags":99,"homepage":102,"download_link":103,"security_score":104,"vuln_count":14,"unpatched_count":14,"last_vuln_date":105,"fetched_at":29},"wp-super-edit","WP Super Edit","2.5.4","Ahmad Awais","https:\u002F\u002Fprofiles.wordpress.org\u002Fmrahmadawais\u002F","\u003Ch4>Major Update Due Soon!\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>This plugin is getting a major update soon.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WP Super Edit is designed to get control of the WordPress wysiwyg visual editor and add some functionality with more buttons and customized TinyMCE plugins. WP Super edit acts as framework for TinyMCE visual editor plugins and buttons allowing administrators (or users) to arrange buttons and add TinyMCE plugins to the visual editor.\u003C\u002Fp>\n\u003Cp>Your feedback is always welcome!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag and Drop interface for arranging the WordPress visual editor buttons.\u003C\u002Fli>\n\u003Cli>Access to built-in WordPress visual editor buttons and functions.\u003C\u002Fli>\n\u003Cli>Additional TinyMCE plugins to add buttons and features like tables, layers (div tag), advanced XHTML properties, advanced image and link properties, WordPress emoticons, style attributes, css classes for themes, search \u002F replace, and more.\u003C\u002Fli>\n\u003Cli>Options for allowing users to configure visual editor settings; One editor setting for all users, role based editor settings, and individual user editor settings. \u003Cstrong>Only WordPress administrators can activate or deactivate TinyMCE wysiwyg visual editor plugins. In single or role based modes, only administrators can arrange editor buttons.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Easy to install and remove. WP Super Edit uses separate database tables for settings and to support multi-site configurations. Currently only the \u003Cstrong>Super Emoticon \u002F Icon Plugin\u003C\u002Fstrong> will leave short tags in your posts or pages.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Version Notice\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This version has been tested for use with the versions of WordPress indicated. I attempt to keep WP Super Edit up to date with changes to WordPress and the visual editor, but the complex changes can make it unproductive to maintain compatiblity with some older versions of WordPress. This is a list of recent versions available for older WordPress sites.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use WP Super Edit 2.1 for WordPress 2.6 to 2.7.1\u003C\u002Fli>\n\u003Cli>Use WP Super Edit 2.3.x for WordPress 2.8 to 3.1.x\u003C\u002Fli>\n\u003Cli>Use WP Super Edit 2.4.x for WordPress 3.1 to 3.8.x\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-super-edit\u002Fdownload\u002F\" rel=\"ugc\">Download Older Versions of WP Super Edit\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Get control of the WordPress wysiwyg visual editor and add some functionality with more buttons and custom TinyMCE plugins.",2000,366583,74,18,"2020-03-07T21:39:00.000Z","5.4.0","4.2",[19,21,100,59,101],"formatting","wysiwyg","http:\u002F\u002Ffunroe.net\u002Fprojects\u002Fsuper-edit\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-super-edit.2.5.4.zip",63,"2025-07-09 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":13,"num_ratings":14,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":17,"tags":119,"homepage":17,"download_link":122,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"manage-tinymce-editor","Manage TinyMCE Editor","1.0.0","Daniele De Santis","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanieledesantis\u002F","\u003Cp>WordPress Manage TinyMCE Editor allows you to \u003Cstrong>add buttons to WordPress TinyMCE editor\u003C\u002Fstrong>.\u003Cbr \u002F>\nUsing the plugin you will be able to add the following buttons to the default WordPress visual editor:\u003C\u002Fp>\n\u003Cp>Cut\u003Cbr \u002F>\nCopy\u003Cbr \u002F>\nPaste\u003Cbr \u002F>\nSource code\u003Cbr \u002F>\nFont family selector\u003Cbr \u002F>\nFont size selector\u003Cbr \u002F>\nStyle selector\u003Cbr \u002F>\nBackground color\u003Cbr \u002F>\nEmpty document\u003Cbr \u002F>\nSuperscript\u003Cbr \u002F>\nSubscript\u003C\u002Fp>\n\u003Cp>Select the desired buttons in the plugin’s settings page and they will be available in TinyMCE.\u003C\u002Fp>\n","Add buttons to TinyMCE, WordPress' default visual editor.",200,4546,"2017-07-13T11:19:00.000Z","4.8.28","4.8",[21,120,121,59,81],"editor-buttons","text-editor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanage-tinymce-editor.1.0.0.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":13,"num_ratings":14,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":17,"tags":136,"homepage":138,"download_link":139,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"moods-addon-for-ultimate-tinymce","Moods Addon for Ultimate TinyMCE","1.2","Josh","https:\u002F\u002Fprofiles.wordpress.org\u002Fjosh401\u002F","\u003Cp>Add over 50 animated smilies to your visual tinymce editor.\u003C\u002Fp>\n\u003Cp>This plugin is designed to be used as an add-on to my Ultimate TinyMCE plugin.  However, it can also be used as a stand-alone plugin as well.\u003C\u002Fp>\n\u003Cp>For best results; You can download Ultimate TinyMCE here:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fultimate-tinymce\u002F\u003C\u002Fp>\n\u003Cp>This addon will add a button to your visual tinymce editor for posts\u002Fpages.  Clicking the button will open a popup window with over 50 professionally animated .gif smiley’s.\u003C\u002Fp>\n\u003Cp>You can insert these smiley’s into your post\u002Fpage content areas.  Simply click a smiley, and it is automatically inserted into your content area.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Includes over 50 professionally created animated smiley’s.\u003C\u002Fli>\n\u003Cli>Easily insert them into your posts\u002Fpages with a single click.\u003C\u002Fli>\n\u003Cli>I may consider making new smilies upon request.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add over 50 animated smilies to your visual tinymce editor.",90,11382,"2012-02-09T07:45:00.000Z","3.3.2","3.2.1",[57,20,21,137,59],"smiley","http:\u002F\u002Fwww.joshlobe.com\u002F2011\u002F10\u002Fultimate-tinymce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmoods-addon-for-ultimate-tinymce.1.2.zip",{"attackSurface":141,"codeSignals":183,"taintFlows":201,"riskAssessment":231,"analyzedAt":241},{"hooks":142,"ajaxHandlers":166,"restRoutes":167,"shortcodes":168,"cronEvents":181,"entryPointCount":182,"unprotectedCount":27},[143,149,154,158,162],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","init","kw_button_action_admin_init","tinywowcolor.php",48,{"type":150,"name":151,"callback":152,"file":147,"line":153},"filter","mce_buttons","kw_filter_mce_button",54,{"type":150,"name":155,"callback":156,"file":147,"line":157},"mce_external_plugins","kw_filter_mce_plugin",55,{"type":150,"name":159,"callback":160,"file":147,"line":161},"mce_buttons_2","kw_add_more_buttons",88,{"type":144,"name":163,"callback":164,"file":147,"line":165},"admin_menu","kw_tinywow_menu",160,[],[],[169,173,177],{"tag":170,"callback":171,"file":147,"line":172},"youtubeblack","YouTube",129,{"tag":174,"callback":175,"file":147,"line":176},"youtubeborder","KwYouTube",143,{"tag":178,"callback":179,"file":147,"line":180},"item","KwWowHead",156,[],3,{"dangerousFunctions":184,"sqlUsage":185,"outputEscaping":187,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":199,"bundledLibraries":200},[],{"prepared":27,"raw":27,"locations":186},[],{"escaped":27,"rawEcho":188,"locations":189},4,[190,193,195,197],{"file":147,"line":191,"context":192},243,"raw output",{"file":147,"line":194,"context":192},250,{"file":147,"line":196,"context":192},256,{"file":147,"line":198,"context":192},262,2,[],[202,222],{"entryPoint":203,"graph":204,"unsanitizedCount":220,"severity":221},"kwtinywow (tinywowcolor.php:200)",{"nodes":205,"edges":217},[206,211],{"id":207,"type":208,"label":209,"file":147,"line":210},"n0","source","$_POST (x6)",206,{"id":212,"type":213,"label":214,"file":147,"line":215,"wp_function":216},"n1","sink","update_option() [Settings Manipulation]",207,"update_option",[218],{"from":207,"to":212,"sanitized":219},false,6,"low",{"entryPoint":223,"graph":224,"unsanitizedCount":27,"severity":221},"\u003Ctinywowcolor> (tinywowcolor.php:0)",{"nodes":225,"edges":228},[226,227],{"id":207,"type":208,"label":209,"file":147,"line":210},{"id":212,"type":213,"label":214,"file":147,"line":215,"wp_function":216},[229],{"from":207,"to":212,"sanitized":230},true,{"summary":232,"deductions":233},"The \"tiny-wow-colors\" v1.0.3 plugin demonstrates several positive security practices, including the absence of known vulnerabilities and the use of prepared statements for all SQL queries. There are also capability checks present, indicating some level of authorization awareness. However, the static analysis reveals a significant concern regarding output escaping, with 100% of outputs not being properly escaped. This could potentially lead to cross-site scripting (XSS) vulnerabilities if any user-controlled input is reflected in the output.\n\nThe taint analysis identified one flow with an unsanitized path, which, although not classified as critical or high, still represents a potential risk if the path is user-controllable and leads to sensitive operations. The lack of any nonce checks on the identified entry points (shortcodes) is also a notable weakness, as it doesn't protect against cross-site request forgery (CSRF) attacks.\n\nOverall, while the plugin avoids common pitfalls like SQL injection and has no historical vulnerabilities, the unescaped output and potential path traversal issue present clear risks. The absence of nonce checks further contributes to a less secure posture than would be ideal. The plugin has strengths in its SQL handling and lack of known exploits, but weaknesses in output sanitization and CSRF protection need addressing.",[234,236,239],{"reason":235,"points":34},"Unescaped output detected",{"reason":237,"points":238},"Flow with unsanitized path",5,{"reason":240,"points":238},"Missing nonce checks on entry points","2026-04-16T12:28:00.706Z",{"wat":243,"direct":259},{"assetPaths":244,"generatorPatterns":256,"scriptPaths":257,"versionParams":258},[245,246,247,248,249,250,251,252,253,254,255],"\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Fartefact.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Flegend.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Fepic.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Frare.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Fcommun.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Fnormal.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Fpoor.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Fyoutube.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fjs\u002Fkwyoutube.js","\u002Fwp-content\u002Fplugins\u002Ftiny-wow-colors\u002Fcss\u002Fadmin.css",[],[],[],{"cssClasses":260,"htmlComments":261,"htmlAttributes":262,"restEndpoints":263,"jsGlobals":264,"shortcodeOutput":266},[],[],[],[],[265],"TINYWOW_DIR",[267,268,269,270,271,268,272,273,274,275,276,268,277,273,274,275,278,279,280,281,282],"\u003Cdiv id=\"video\">\u003Ciframe width=\"","\" height=\"","\" src=\"http:\u002F\u002Fwww.youtube.com\u002Fembed\u002F","\" frameborder=\"0\" allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>","\u003Cdiv id=\"video\" style=\"paddind:5px;\">\u003Cobject width=\"","\">\u003Cparam name=\"movie\" value=\"http:\u002F\u002Fwww.youtube.com\u002Fv\u002F","?version=2&color1=0x","&color2=0x","&border=1&fs=1&hl=","&rel=0&hd=1\" \u002F>\u003Cparam name=\"allowFullScreen\" value=\"true\" \u002F>\u003Cparam name=\"allowscriptaccess\" value=\"always\" \u002F>\u003Cparam name=\"bgcolor\" value=\"#000000\">\u003Cembed type=\"application\u002Fx-shockwave-flash\" width=\"","\" src=\"http:\u002F\u002Fwww.youtube.com\u002Fv\u002F","&rel=0&hd=1\" bgcolor=\"#000000\" allowscriptaccess=\"always\" allowfullscreen=\"true\">\u003C\u002Fembed>\u003C\u002Fobject>\u003C\u002Fdiv>","\u003Ca class=\"","\" href=\"","\">","\u003C\u002Fa>",{"error":230,"url":284,"statusCode":285,"statusMessage":286,"message":286},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ftiny-wow-colors\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":182,"versions":288},[289,294,301],{"version":6,"download_url":25,"svn_tag_url":290,"released_at":28,"has_diff":219,"diff_files_changed":291,"diff_lines":28,"trac_diff_url":292,"vulnerabilities":293,"is_current":230},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftiny-wow-colors\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftiny-wow-colors%2Ftags%2F1.0.2&new_path=%2Ftiny-wow-colors%2Ftags%2F1.0.3",[],{"version":295,"download_url":296,"svn_tag_url":297,"released_at":28,"has_diff":219,"diff_files_changed":298,"diff_lines":28,"trac_diff_url":299,"vulnerabilities":300,"is_current":219},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftiny-wow-colors.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftiny-wow-colors\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftiny-wow-colors%2Ftags%2F1.0.1&new_path=%2Ftiny-wow-colors%2Ftags%2F1.0.2",[],{"version":302,"download_url":303,"svn_tag_url":304,"released_at":28,"has_diff":219,"diff_files_changed":305,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":306,"is_current":219},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftiny-wow-colors.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftiny-wow-colors\u002Ftags\u002F1.0.1\u002F",[],[]]