[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJz421iIQjkckR108wDORcsoRoQLFzmCnX2HwIoluTC0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":32,"analysis":91,"fingerprints":311},"wordpen","WordPen","1.0.0","gingersoulrecords","https:\u002F\u002Fprofiles.wordpress.org\u002Fgingersoulrecords\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fcodepen.io\u002F\" rel=\"nofollow ugc\">CodePen\u003C\u002Fa> is a ‘playground for the front end web’ where you can write public-facing HTML\u002FCSS\u002FJS demos, called pens. It’s a fountain of inspiration for web designers and a useful resource for those learning to write, organize, and share front end code.\u003C\u002Fp>\n\u003Cp>WordPen by \u003Ca href=\"https:\u002F\u002Fgingersoulrecords.com\u002F\" rel=\"nofollow ugc\">Ginger Soul Records\u003C\u002Fa> is an effort to bring the best of CodePen to WordPress, with minimal code work. Simply paste a CodePen URL, save your WordPen, and embed a shortcode in your layout.\u003C\u002Fp>\n\u003Cp>HTML, CSS, and JS code will be editable, and all connected resources linked to the pen will be included with the shortcode.\u003C\u002Fp>\n\u003Cp>Not all pens were designed to be featured with WordPen, so you may wish to start with background- and foreground-friendly pens, which are collected \u003Ca href=\"http:\u002F\u002Fcodepen.io\u002Fgingersoulrecords\u002Fcollections\u002Fpublic\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","Embed pens from CodePen without the 'edit' frame",10,2208,0,"2017-03-21T15:05:00.000Z","4.7.32","4.6","",[19],"codepen","https:\u002F\u002Fgingersoulrecords.com\u002Fwordpen","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordpen.0.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},2,110,30,84,"2026-04-05T14:55:48.073Z",[33,56,73],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":27,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":17,"download_link":52,"security_score":53,"vuln_count":54,"unpatched_count":54,"last_vuln_date":55,"fetched_at":24},"codepen-embed-block","CodePen Embed Block","1.2.0","Chris Coyier","https:\u002F\u002Fprofiles.wordpress.org\u002Fchriscoyier\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodepen.io\" rel=\"nofollow ugc\">CodePen\u003C\u002Fa> is an online code editor for front-end development. You build things (we call them Pens) with HTML, CSS, and JavaScript, and the languages and libraries that go along with those. Any Pen can be embedded on another site, making them useful for blog posts, documentation, forums, etc.\u003C\u002Fp>\n\u003Cp>This block makes it easy to embed them. While oEmbed (just paste in a Pen URL!) also works for CodePen embeds in the block editor, this plugin allows for much more control, like setting the the height, theme, and default tabs.\u003C\u002Fp>\n","An (official) block for CodePen Embeds.",700,13136,100,"2025-07-01T15:31:00.000Z","6.7.5","5.1","7.2",[49,19,50,51],"code","embed","gutenberg","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodepen-embed-block.zip",78,1,"2025-06-19 00:00:00",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":43,"num_ratings":54,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":17,"download_link":72,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"codepen-oembed","CodePen oEmbed","1.0","Pippin Williamson","https:\u002F\u002Fprofiles.wordpress.org\u002Fmordauk\u002F","\u003Cp>Add CodePen to the available oEmbed providers\u003C\u002Fp>\n\u003Cp>If you’re blogging in Markdown via the WP-Markdown plugin, oEmbed doesn’t work, but Jetpack now enabled Markdown blogging and it does work through that.\u003C\u002Fp>\n\u003Cp>oEmbed only works through post\u002Fpage content in WordPress, but you can bring it to comments as well:\u003C\u002Fp>\n\u003Cp>You can read more about it \u003Ca href=\"http:\u002F\u002Fblog.codepen.io\u002F2014\u002F04\u002F03\u002Foembed\u002F\" title=\"CodePen announces oEmbed support\" rel=\"nofollow ugc\">here\u003C\u002Fa> for additional information\u003C\u002Fp>\n","Add CodePen to the available oEmbed providers",40,7424,"2014-12-17T05:36:00.000Z","4.1.42","3.7",[19,70,71],"codepen-io","oembed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodepen-oembed.1.0.0.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":11,"downloaded":81,"rating":43,"num_ratings":54,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":89,"download_link":90,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"wp-gistpen","WP-Gistpen","1.2.1","James DiGioia","https:\u002F\u002Fprofiles.wordpress.org\u002Fjamesdigioia\u002F","\u003Cp>A self-hosted alternative to putting your code snippets on Gist.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftravis-ci.org\u002Fintraxia\u002Fwp-gistpen\" rel=\"nofollow ugc\">\u003C\u002Fa>  \u003Ca href=\"https:\u002F\u002Fcodeclimate.com\u002Fgithub\u002Fintraxia\u002Fwp-gistpen\u002Fmaintainability\" rel=\"nofollow ugc\">\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You use WordPress because you want control over your writing. Why give Gist or Codepen your code snippets? WP-Gistpen is a self-hosted replacement for your WordPress blog.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Revision saving\u003C\u002Fli>\n\u003Cli>Gist import & export\u003C\u002Fli>\n\u003Cli>PrismJS syntax highlighting\u003C\u002Fli>\n\u003Cli>Prism-based text editor\u003C\u002Fli>\n\u003Cli>oEmbed snippet embedding\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Fixed\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fixed rendering output with JSX language\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.2.0\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Note: This bumps the minimum required WordPress version to 4.7. A future release will bump the minimum WordPress version to 5.2 and the minimum PHP version to 5.6. This will be released as 2.0. There is plenty of time, but this is coming.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Added slug to repo API\u003C\u002Fli>\n\u003Cli>Add copy shortcode button to editor\u003C\u002Fli>\n\u003Cli>Add API pagination to Repo resource\u003C\u002Fli>\n\u003Cli>Bump prism-themes and add new themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Updated JS dependencies\u003C\u002Fli>\n\u003Cli>Fix button alignment on editor controls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.6\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Busted deploy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.5\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add PHP version requirement\n\u003Cul>\n\u003Cli>This was previously handled in code only, but will now appear in wp.org\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Render BE error messages in UI\u003C\u002Fli>\n\u003Cli>Remove JSS for smaller bundle\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.4\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Added label to filename input\u003C\u002Fli>\n\u003Cli>Bumped dependencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.3\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Escape filename on FE & BE\u003C\u002Fli>\n\u003Cli>Accessibility improvements\n\u003Cul>\n\u003Cli>Add line numbers to the editor\u003C\u002Fli>\n\u003Cli>Allow alt + tab to escape the editor\u003C\u002Fli>\n\u003Cli>Improve border of focused controls\u003C\u002Fli>\n\u003Cli>Fix toolbar colors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[1.1.2][] – 2019-05-27\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Rewrite & stabilize FE into TypeScript & latest brookjs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[1.1.1][] – 2018-06-28\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed buggy deploy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[1.1.0][] – 2018-06-22\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Upgrade the editor into React\u003C\u002Fli>\n\u003Cli>Remove LightNCandy\n\u003Cul>\n\u003Cli>First step towards supporting php-5.3 again\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Tighten up Flowtypes\u003C\u002Fli>\n\u003Cli>Display spinner when saving\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[1.0.3][] – 2018-06-09\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>More editor CSS fixes\u003C\u002Fli>\n\u003Cli>Generate languages.json instead of maintaining manually\u003C\u002Fli>\n\u003Cli>Validate blobs in API endpoint\n\u003Cul>\n\u003Cli>Requires filename now\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Order Runs in descending order\u003C\u002Fli>\n\u003Cli>Fix demo code indentation\u003C\u002Fli>\n\u003Cli>Simplify Blob component implementation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[1.0.2][] – 2018-04-03\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix CSS display in editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[1.0.1][] – 2018-04-03\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix deployment scripts\n\u003Cul>\n\u003Cli>The old scripts resulted in a botched deployment with missing files. This readds them.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[1.0.0][] – 2018-03-26\u003C\u002Fh4>\n\u003Cp>Almost three years in the making!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Removed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Database migration from old versions\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>If you’re on the latest version of WP-Gistpen, you should have no problems. Given that the plugin hasn’t been updated on .org in 2+ years, and .org reports the only versions are 0.5.x+, anyone who is still using an old version of WP-Gistpen is unlikely to upgrade to 1.0.0+ anyway. We are going to remove the Migration code because it’ll allow us to remove a lot of old code that is currently only being used by it.\u003C\u002Fp>\n\u003Cp>If you’re using an old version of WP-Gistpen, you’ll need to upgrade to 0.5.2+ before upgrading to 1.0.0 or the database migration will not be performed correctly. Fresh installs should have no problems either.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Completely rewritten from the ground up\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>New internal architecture\n\u003Cul>\n\u003Cli>Built on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fintraxia\u002Fjaxion\" rel=\"nofollow ugc\">Jaxion\u003C\u002Fa>, WordPress framework\u003C\u002Fli>\n\u003Cli>Improved Database layer & use of Models\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>WP-API integration\n\u003Cul>\n\u003Cli>This requires an upgrade to WordPress 4.6+.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>New code snippet editor\n\u003Cul>\n\u003Cli>Custom snippet editor\u003C\u002Fli>\n\u003Cli>Built on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fvaltech-nyc\u002Fbrookjs\" rel=\"nofollow ugc\">brookjs\u003C\u002Fa>, Prism, & React.js\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>New Prism plugins:\n\u003Cul>\n\u003Cli>Show invisibles: Display tabs and line returns as characters\u003C\u002Fli>\n\u003Cli>Show language: Display the language in the embed\u003C\u002Fli>\n\u003Cli>Copy-to-clipboard: Display button to copy code to clipboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Supports all Prism languages & built-in Prism themes + bonus from prism-themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixed code sample display on mobile\u003C\u002Fli>\n\u003Cli>Fixed display on custom post type pages\u003C\u002Fli>\n\u003Cli>Fixed bug where adding two files would only save one at a time\u003C\u002Fli>\n\u003Cli>Tighten up revision saving logic\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.5.8] – 2015-07-26\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixed a bug introduced in WordPress 4.2.3 where cap checks fail for \u003Ccode>edit_post\u003C\u002Fcode> on a post_id of 0.\u003C\u002Fli>\n\u003Cli>Also loosened a couple checks because null values were being cast to 0.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.5.7] – 2015-05-23\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use \u003Ccode>wpdb\u003C\u002Fcode> to get the posts table for alternate prefix and Multisite compatibility (thanks @janizde!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.5.6] – 2015-02-17\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Logic bugs raised by Travis\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.5.5] – 2015-02-15\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixed syncing bug, renabled everything\n\u003Cul>\n\u003Cli>So sorry about the multiple releases. Ran into the problem after deploying, and didn’t want anyone’s DB to get out-of-sync. Everything looks good now, but let me know if you experience issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.5.4] – 2015-02-14\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable importing\u002Fexporting en masse until we fix export\u002Fsync bug\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.5.2] – 2015-02-14\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add new database migration to fix Gist exports of pre-0.5.0 Gistpens\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.5.0] – 2015-02-14\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MAJOR FEATURE: Gist interoperability\n\u003Cul>\n\u003Cli>Gistpens can be exported to Gist on a case-by-case basis\u003C\u002Fli>\n\u003Cli>Most Gists can be imported into Gistpen\n\u003Cul>\n\u003Cli>Unsupported languages get changed to “Plaintext” – sorry!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>New Feature: Revisions and history\u003C\u002Fli>\n\u003Cli>Bad tests for everything :\u002F\u003C\u002Fli>\n\u003Cli>New languages:\n\u003Cul>\n\u003Cli>Actionscript\u003C\u002Fli>\n\u003Cli>Applescript\u003C\u002Fli>\n\u003Cli>Dart\u003C\u002Fli>\n\u003Cli>Eiffel\u003C\u002Fli>\n\u003Cli>Erlang\u003C\u002Fli>\n\u003Cli>Gherkin\u003C\u002Fli>\n\u003Cli>Git\u003C\u002Fli>\n\u003Cli>Haml\u003C\u002Fli>\n\u003Cli>Handlebars\u003C\u002Fli>\n\u003Cli>Jade\u003C\u002Fli>\n\u003Cli>LaTeX\u003C\u002Fli>\n\u003Cli>LESS\u003C\u002Fli>\n\u003Cli>Markdown\u003C\u002Fli>\n\u003Cli>Matlab\u003C\u002Fli>\n\u003Cli>NASM\u003C\u002Fli>\n\u003Cli>Perl\u003C\u002Fli>\n\u003Cli>Powershell\u003C\u002Fli>\n\u003Cli>R\u003C\u002Fli>\n\u003Cli>Rust\u003C\u002Fli>\n\u003Cli>Scheme\u003C\u002Fli>\n\u003Cli>Smarty\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Changed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>CMB -> CMB2\u003C\u002Fli>\n\u003Cli>Massive reorganization wit namespacing + autoloading\u003C\u002Fli>\n\u003Cli>Unminified scripts enqueued when \u003Ccode>WP_SCRIPT_DEBUG\u003C\u002Fcode> is true\u003C\u002Fli>\n\u003Cli>ACE editor rewritten in Backbone.js\n\u003Cul>\n\u003Cli>Saving and updating all done with AJAX\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Menu icon pen -> code\u003C\u002Fli>\n\u003Cli>Improved .org deployment process (No more dumbass “forgot to minify js” commits\u002Freleases)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Deleting bug\n\u003Cul>\n\u003Cli>Files were being left behind when Zips were deleted\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Strings are now translatable\u003C\u002Fli>\n\u003Cli>All languages cleaned up and verified working\n\u003Cul>\n\u003Cli>HTML & XML are split again\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.4.0] – 2014-10-03\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MAJOR FEATURE: Multiple files can be created in a single Gistpen\n\u003Cul>\n\u003Cli>First step towards Gist compatibility\u003C\u002Fli>\n\u003Cli>The database gets upgraded to account for this, so PLEASE make a backup before you upgrade\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>ACE editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Properly escaping content display\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.3.1] – 2014-08-03\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Forgot to minify JavaScripts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.3.0] – 2014-08-03\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Changed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use \u003Ca href=\"http:\u002F\u002Fprismjs.com\u002F\" rel=\"nofollow ugc\">PrismJS\u003C\u002Fa> over SyntaxHighlighter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Options page\u003C\u002Fli>\n\u003Cli>Theme switching\u003C\u002Fli>\n\u003Cli>Line numbers plugin\u003C\u002Fli>\n\u003Cli>Line-highlighting\u003C\u002Fli>\n\u003Cli>Link to lines\u003C\u002Fli>\n\u003Cli>Languages:\n\u003Cul>\n\u003Cli>C\u003C\u002Fli>\n\u003Cli>Coffeescript\u003C\u002Fli>\n\u003Cli>C#\u003C\u002Fli>\n\u003Cli>Go\u003C\u002Fli>\n\u003Cli>HTTP\u003C\u002Fli>\n\u003Cli>ini\u003C\u002Fli>\n\u003Cli>HTML\u002FMarkup (XML has been migrated here)\u003C\u002Fli>\n\u003Cli>Objective-C\u003C\u002Fli>\n\u003Cli>Swift\u003C\u002Fli>\n\u003Cli>Twig\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Removed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Languages (*If you need any of these languages readded, please open an issue on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fintraxia\u002FWP-Gistpen\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> to discuss.)\n\u003Cul>\n\u003Cli>AppleScript\u003C\u002Fli>\n\u003Cli>ActionScript3\u003C\u002Fli>\n\u003Cli>ColdFusion\u003C\u002Fli>\n\u003Cli>CPP\u003C\u002Fli>\n\u003Cli>Delphi\u003C\u002Fli>\n\u003Cli>Diff\u003C\u002Fli>\n\u003Cli>Erlang\u003C\u002Fli>\n\u003Cli>JavaFX\u003C\u002Fli>\n\u003Cli>Perl\u003C\u002Fli>\n\u003Cli>Vb\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.2.3] – 2014-07-28\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Uninstall\u002Freinstall language deleting bug\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.2.2] – 2014-07-28\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fix mis-enqueued scripts (again!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.2.1] – 2014-07-27\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fix mis-enqueued scripts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.2.0] – 2014-07-26\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>“Insert Gistpen” button in TinyMCE\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Updated\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Gistpen icon\u003C\u002Fli>\n\u003Cli>Code organization\u003C\u002Fli>\n\u003Cli>README\u003C\u002Fli>\n\u003Cli>Build script\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.1.2] – 2014-07-17\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>More bugfixes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.1.1] – 2014-07-17\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Fixed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Autoloader\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Changed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use defined constant for dir_path\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>[0.1.0] – 2014-07-17\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Added\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Gistpen post type\u003C\u002Fli>\n\u003Cli>Embeddable in posts via shortcode\u003C\u002Fli>\n\u003Cli>Use SyntaxHighlighter to display\u003C\u002Fli>\n\u003C\u002Ful>\n","A self-hosted alternative to putting your code snippets on Gist.",5858,"2020-04-26T18:22:00.000Z","5.2.24","4.7","5.4",[87,19,88],"code-snippets","gist","http:\u002F\u002Fwww.jamesdigioia.com\u002Fwp-gistpen\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-gistpen.1.2.1.zip",{"attackSurface":92,"codeSignals":148,"taintFlows":204,"riskAssessment":299,"analyzedAt":310},{"hooks":93,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":147,"entryPointCount":54,"unprotectedCount":13},[94,100,104,106,111,114,119,123,126,130,134,137],{"type":95,"name":96,"callback":97,"priority":11,"file":98,"line":99},"action","add_meta_boxes","boxes","tiny\\postmeta.php",15,{"type":95,"name":101,"callback":102,"file":98,"line":103},"save_post","save",17,{"type":95,"name":101,"callback":102,"file":98,"line":105},238,{"type":95,"name":107,"callback":108,"file":109,"line":110},"plugins_loaded","init","wordpen.php",11,{"type":95,"name":108,"callback":112,"file":109,"line":113},"cpt_init",22,{"type":115,"name":116,"callback":117,"priority":43,"file":109,"line":118},"filter","wp_insert_post_data","maybe_import",23,{"type":95,"name":120,"callback":121,"file":109,"line":122},"wp_enqueue_scripts","pre_process_shortcode",25,{"type":95,"name":108,"callback":124,"file":109,"line":125},"postmeta_init",27,{"type":95,"name":127,"callback":128,"file":109,"line":129},"admin_enqueue_scripts","style",28,{"type":115,"name":131,"callback":132,"file":109,"line":133},"manage_edit-wordpen_columns","columns",29,{"type":95,"name":135,"callback":136,"priority":11,"file":109,"line":29},"manage_wordpen_posts_custom_column","columns_content",{"type":115,"name":138,"callback":139,"file":109,"line":140},"views_edit-wordpen","before_list",32,[],[],[144],{"tag":4,"callback":145,"file":109,"line":146},"shortcode",24,[],{"dangerousFunctions":149,"sqlUsage":155,"outputEscaping":157,"fileOperations":202,"externalRequests":54,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":203},[150],{"fn":151,"file":152,"line":153,"context":154},"unserialize","includes\\scss.php",4430,"$imports = unserialize(file_get_contents($icache));",{"prepared":13,"raw":13,"locations":156},[],{"escaped":158,"rawEcho":159,"locations":160},5,20,[161,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200],{"file":152,"line":162,"context":163},4199,"raw output",{"file":152,"line":165,"context":163},4208,{"file":152,"line":167,"context":163},4210,{"file":152,"line":169,"context":163},4220,{"file":152,"line":171,"context":163},4221,{"file":152,"line":173,"context":163},4286,{"file":152,"line":175,"context":163},4295,{"file":152,"line":177,"context":163},4296,{"file":152,"line":179,"context":163},4303,{"file":152,"line":181,"context":163},4308,{"file":152,"line":183,"context":163},4316,{"file":152,"line":185,"context":163},4320,{"file":152,"line":187,"context":163},4503,{"file":152,"line":189,"context":163},4510,{"file":152,"line":191,"context":163},4529,{"file":152,"line":193,"context":163},4538,{"file":98,"line":195,"context":163},49,{"file":109,"line":197,"context":163},36,{"file":109,"line":199,"context":163},58,{"file":109,"line":201,"context":163},62,8,[],[205,225,233,250,277,291],{"entryPoint":206,"graph":207,"unsanitizedCount":223,"severity":224},"serve (includes\\scss.php:4486)",{"nodes":208,"edges":220},[209,214],{"id":210,"type":211,"label":212,"file":152,"line":213},"n0","source","$_SERVER (x3)",4488,{"id":215,"type":216,"label":217,"file":152,"line":218,"wp_function":219},"n1","sink","header() [Header Injection]",4507,"header",[221],{"from":210,"to":215,"sanitized":222},false,3,"medium",{"entryPoint":226,"graph":227,"unsanitizedCount":223,"severity":224},"\u003Cscss> (includes\\scss.php:0)",{"nodes":228,"edges":231},[229,230],{"id":210,"type":211,"label":212,"file":152,"line":213},{"id":215,"type":216,"label":217,"file":152,"line":218,"wp_function":219},[232],{"from":210,"to":215,"sanitized":222},{"entryPoint":234,"graph":235,"unsanitizedCount":27,"severity":224},"render_resources (wordpen.php:55)",{"nodes":236,"edges":247},[237,239,242,245],{"id":210,"type":211,"label":238,"file":109,"line":199},"$_REQUEST['wordpen_style']",{"id":215,"type":216,"label":240,"file":109,"line":199,"wp_function":241},"echo() [XSS]","echo",{"id":243,"type":211,"label":244,"file":109,"line":201},"n2","$_REQUEST['wordpen_script']",{"id":246,"type":216,"label":240,"file":109,"line":201,"wp_function":241},"n3",[248,249],{"from":210,"to":215,"sanitized":222},{"from":243,"to":246,"sanitized":222},{"entryPoint":251,"graph":252,"unsanitizedCount":54,"severity":224},"\u003Cwordpen> (wordpen.php:0)",{"nodes":253,"edges":271},[254,255,256,257,258,262,266],{"id":210,"type":211,"label":238,"file":109,"line":199},{"id":215,"type":216,"label":240,"file":109,"line":199,"wp_function":241},{"id":243,"type":211,"label":244,"file":109,"line":201},{"id":246,"type":216,"label":240,"file":109,"line":201,"wp_function":241},{"id":259,"type":211,"label":260,"file":109,"line":261},"n4","$_REQUEST",168,{"id":263,"type":264,"label":265,"file":109,"line":261},"n5","transform","→ compile()",{"id":267,"type":216,"label":268,"file":152,"line":269,"wp_function":270},"n6","file_put_contents() [File Write]",4475,"file_put_contents",[272,274,275,276],{"from":210,"to":215,"sanitized":273},true,{"from":243,"to":246,"sanitized":273},{"from":259,"to":263,"sanitized":222},{"from":263,"to":267,"sanitized":222},{"entryPoint":278,"graph":279,"unsanitizedCount":13,"severity":290},"save (tiny\\postmeta.php:256)",{"nodes":280,"edges":288},[281,284],{"id":210,"type":211,"label":282,"file":98,"line":283},"$_POST",273,{"id":215,"type":216,"label":285,"file":98,"line":286,"wp_function":287},"call_user_func() [RCE]",275,"call_user_func",[289],{"from":210,"to":215,"sanitized":273},"low",{"entryPoint":292,"graph":293,"unsanitizedCount":13,"severity":290},"\u003Cpostmeta> (tiny\\postmeta.php:0)",{"nodes":294,"edges":297},[295,296],{"id":210,"type":211,"label":282,"file":98,"line":283},{"id":215,"type":216,"label":285,"file":98,"line":286,"wp_function":287},[298],{"from":210,"to":215,"sanitized":273},{"summary":300,"deductions":301},"The \"wordpen\" plugin version 1.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and incorporates nonce and capability checks in key areas. The limited attack surface, with only one shortcode and no unprotected AJAX handlers or REST API routes, is also a positive indicator. However, the presence of the `unserialize` function is a significant concern, as it can lead to object injection vulnerabilities if not handled with extreme care, especially when dealing with untrusted input.\n\nThe taint analysis reveals flows with unsanitized paths, although no critical or high severity issues were identified. This suggests a potential for vulnerabilities if user-supplied data is not adequately sanitized before being processed. The fact that 20% of output is not properly escaped is also a weakness, potentially opening the door for cross-site scripting (XSS) attacks.\n\nThe plugin's vulnerability history is currently clean, with no recorded CVEs. This, coupled with the apparent attention to SQL sanitization and some authorization checks, might suggest a developer who is generally security-conscious. Nevertheless, the identified code signals, particularly `unserialize` and unsanitized output, represent tangible risks that need to be addressed. The overall risk is moderate, leaning towards higher due to the inherent danger of unserialization without strict controls.",[302,304,307],{"reason":303,"points":99},"Use of unserialize function",{"reason":305,"points":306},"80% of output not properly escaped",6,{"reason":308,"points":309},"4 flows with unsanitized paths",4,"2026-03-17T00:56:00.139Z",{"wat":312,"direct":323},{"assetPaths":313,"generatorPatterns":320,"scriptPaths":321,"versionParams":322},[314,315,316,317,318,319],"\u002Fwp-content\u002Fplugins\u002Fwordpen\u002Fwordpen-admin.js","\u002Fwp-content\u002Fplugins\u002Fwordpen\u002Fwordpen-admin.css","\u002Fwp-content\u002Fplugins\u002Fwordpen\u002Fjs\u002Fcodemirror\u002Flib\u002Fcodemirror.js","\u002Fwp-content\u002Fplugins\u002Fwordpen\u002Fjs\u002Fcodemirror\u002Flib\u002Fcodemirror.css","\u002Fwp-content\u002Fplugins\u002Fwordpen\u002Fjs\u002Fcodemirror\u002Fmode\u002Fcss\u002Fcss.js","\u002Fwp-content\u002Fplugins\u002Fwordpen\u002Fjs\u002Fcodemirror\u002Ftheme\u002Fcobalt.css",[],[314],[],{"cssClasses":324,"htmlComments":327,"htmlAttributes":328,"restEndpoints":330,"jsGlobals":331,"shortcodeOutput":332},[325,326],"wordpen-container","wordpen-shortcode",[],[329],"data-codepen-id",[],[],[333],"\u003Cdiv class='wordpen-container'>"]