[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjoJs-XkWJR1-p0KkFgLowHG1W_zyNJVvr6cNWSnShRY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":136,"fingerprints":230},"wp-code-prettify","WP Code Prettify","0.2.8","Soli","https:\u002F\u002Fprofiles.wordpress.org\u002Fallnull\u002F","\u003Cp>This plugin enable syntax highlighting of code snippets in your post using Google Code Prettify.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>More styles.\u003C\u002Fli>\n\u003Cli>Colors can be customized.\u003C\u002Fli>\n\u003Cli>The js\u002Fcss files can be pre-loaded or post-loaded.\u003C\u002Fli>\n\u003Cli>No js\u002Fcss files are loaded if there is no code.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin enable syntax highlighting of code snippets in your post using Google Code Prettify.",200,20752,94,3,"2019-04-27T22:24:00.000Z","5.2.24","3.0","",[20,21,22,23,24],"code","google","highlight","highlighter","prettify","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-code-prettify\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-code-prettify.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"allnull",2,1200,74,30,76,"2026-04-05T14:00:57.045Z",[41,61,78,98,114],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":14,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":18,"tags":55,"homepage":59,"download_link":60,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"prettify-gc-syntax-highlighter","Prettify GC Syntax Highlighter","1.6.0","lexn","https:\u002F\u002Fprofiles.wordpress.org\u002Flexn\u002F","\u003Cp>This plugin has prettify.js copied directly from google-code source browser. So your code will look exactly like it does on google-code.\u003Cbr \u002F>\nCSS is slightly modified to embolden keywords and types.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>See prettify.js for license details (Apache License 2.0). Other files are available under GPLv2.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>\u003Cpre class=\"prettyprint\">\u003Cbr \u002F>\n  \u002F\u002F Put your code here.\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Cp>Or with shortcode:\u003C\u002Fp>\n\u003Cp>[code]\u003Cbr \u002F>\n  \u002F\u002F Put your code here.\u003Cbr \u002F>\n[\u002Fcode]\u003C\u002Fp>\n\u003Ch3>Making Code HTML Safe\u003C\u002Fh3>\n\u003Cp>The plugin automatically makes highlighted code html-safe:\u003C\u002Fp>\n\u003Cp>\u003Cpre class=\"prettyprint\">\u003Cbr \u002F>\n  Anything that goes here will be quoted to appear on the page as-is.\u003Cbr \u002F>\n  For example: \u003Chead>\u003C\u002Fhead>\u003Cbody>\u003C\u002Fbody>\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Cp>To avoid quoting your code, add \u003Cstrong>dontquote\u003C\u002Fstrong> as the first class.\u003C\u002Fp>\n\u003Cp>\u003Cpre class=\"dontquote prettyprint\">\u003Cbr \u002F>\n  Remember to quote manually.\u003Cbr \u002F>\n  For example: \u003Chead>\u003C\u002Fhead>\u003Cbody>\u003C\u002Fbody>\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Ch3>Line Numbering\u003C\u002Fh3>\n\u003Cp>Line numbdering can be enabled as follows:\u003C\u002Fp>\n\u003Cp>\u003Cpre class=\"prettyprint linenums\">\u003Cbr \u002F>\n  \u002F\u002F Put your code here.\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Cp>If you want to start with a line number 42, you can do the following:\u003C\u002Fp>\n\u003Cp>\u003Cpre class=\"prettyprint linenums:42\">\u003Cbr \u002F>\n  \u002F\u002F Put your code here.\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Ch3>Highlighting Lines\u003C\u002Fh3>\n\u003Cp>When line numbering is enabled you can highlight one or several lines of code using the highlight class:\u003C\u002Fp>\n\u003Cp>\u003Cpre class=\"prettyprint lang-YOURLANG linenums highlight:2,4\">\u003Cbr \u002F>\n  \u002F\u002F line 2\u003Cbr \u002F>\n  \u002F\u002F line 3\u003Cbr \u002F>\n  \u002F\u002F line 4\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Cp>Alternatively you can highlight one or several code segments:\u003C\u002Fp>\n\u003Cp>\u003Cpre class=\"prettyprint lang-YOURLANG linenums highlight:1-3,5-6\">\u003Cbr \u002F>\n  \u002F\u002F line 2\u003Cbr \u002F>\n  \u002F\u002F line 3\u003Cbr \u002F>\n  \u002F\u002F line 4\u003Cbr \u002F>\n  \u002F\u002F line 5\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Cp>Note: This feature is not available when line numbering is disabled.\u003C\u002Fp>\n\u003Ch3>Specifying Language\u003C\u002Fh3>\n\u003Cp>Most of the time the highlighter will do a good job guessing how to highlight the code. However, to achieve the best result, you should specify the language:\u003C\u002Fp>\n\u003Cp>\u003Cpre class=\"prettyprint lang-YOURLANG\">\u003Cbr \u002F>\n  \u002F\u002F Put your code here.\u003Cbr \u002F>\n\u003C\u002Fpre>\u003C\u002Fp>\n\u003Cp>Replace YOURLANG with one of the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>aea\u003C\u002Fli>\n\u003Cli>agc\u003C\u002Fli>\n\u003Cli>apollo\u003C\u002Fli>\n\u003Cli>bsh\u003C\u002Fli>\n\u003Cli>c\u003C\u002Fli>\n\u003Cli>cc\u003C\u002Fli>\n\u003Cli>cl\u003C\u002Fli>\n\u003Cli>cpp\u003C\u002Fli>\n\u003Cli>cs\u003C\u002Fli>\n\u003Cli>csh\u003C\u002Fli>\n\u003Cli>css-str\u003C\u002Fli>\n\u003Cli>cv\u003C\u002Fli>\n\u003Cli>cxx\u003C\u002Fli>\n\u003Cli>cyc\u003C\u002Fli>\n\u003Cli>default-markup\u003C\u002Fli>\n\u003Cli>el\u003C\u002Fli>\n\u003Cli>fs\u003C\u002Fli>\n\u003Cli>go\u003C\u002Fli>\n\u003Cli>hs\u003C\u002Fli>\n\u003Cli>htm\u003C\u002Fli>\n\u003Cli>html\u003C\u002Fli>\n\u003Cli>java\u003C\u002Fli>\n\u003Cli>js\u003C\u002Fli>\n\u003Cli>json\u003C\u002Fli>\n\u003Cli>lisp\u003C\u002Fli>\n\u003Cli>lua\u003C\u002Fli>\n\u003Cli>m\u003C\u002Fli>\n\u003Cli>ml\u003C\u002Fli>\n\u003Cli>mxml\u003C\u002Fli>\n\u003Cli>perl\u003C\u002Fli>\n\u003Cli>pl\u003C\u002Fli>\n\u003Cli>pm\u003C\u002Fli>\n\u003Cli>proto\u003C\u002Fli>\n\u003Cli>py\u003C\u002Fli>\n\u003Cli>rb\u003C\u002Fli>\n\u003Cli>scala\u003C\u002Fli>\n\u003Cli>scm\u003C\u002Fli>\n\u003Cli>sh\u003C\u002Fli>\n\u003Cli>sql\u003C\u002Fli>\n\u003Cli>vhd\u003C\u002Fli>\n\u003Cli>vhdl\u003C\u002Fli>\n\u003Cli>wiki\u003C\u002Fli>\n\u003Cli>xhtml\u003C\u002Fli>\n\u003Cli>xml\u003C\u002Fli>\n\u003Cli>xsl\u003C\u002Fli>\n\u003Cli>yaml\u003C\u002Fli>\n\u003Cli>yml\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>Here is a quick example. All the parameters are optional.\u003C\u002Fp>\n\u003Cp>[code lang=”scala” start=”1″ highlight=”1-3,6,10-14″ background=”#C0FFB3″]\u003Cbr \u002F>\n  \u002F\u002F Put your code here.\u003Cbr \u002F>\n[\u002Fcode]\u003C\u002Fp>\n\u003Cp>Html quoting can be disabled as follows:\u003C\u002Fp>\n\u003Cp>[code quote=”false”]\u003Cbr \u002F>\n  \u002F\u002F Put your code here.\u003Cbr \u002F>\n[\u002Fcode]\u003C\u002Fp>\n\u003Cp>The contents of shortcodes is auto-formatted by WP. As a result \u003Cp> and \u003Cbr\u002F> tags along\u003Cbr \u002F>\nwith some formatting will be lost. If you need to preseve the original formatting use\u003Cbr \u002F>\nhtml notation instead of the shortcode.\u003C\u002Fp>\n\u003Ch3>Please Support\u003C\u002Fh3>\n\u003Cp>If you like Prettify GC Syntax Highlighter plugin, please donate a minute of your time and vote for it. Thank you!\u003C\u002Fp>\n","Your code will look exactly like it does on google-code.",20,8548,86,"2012-08-28T17:59:00.000Z","3.4.2","3.0.5",[56,24,57,58],"google-code","prettify-js","syntax-highlighter","http:\u002F\u002Fwww.simplex3d.org\u002Funcategorized\u002Fprettify-gc-syntax-highlighter\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprettify-gc-syntax-highlighter.1.6.0.zip",{"slug":62,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":28,"num_ratings":28,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":76,"download_link":77,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"google-syntax","0.1","princehaku","https:\u002F\u002Fprofiles.wordpress.org\u002Fprincehaku\u002F","\u003Cp>This is a code prettify plugin using google-code-prettify. click the add-code media button to insert your code. the code higlighting effect will be seen directly in the mce editor.这是一个代码高亮插件  使用google code prettify 安装后在文章发布处点击插入代码按钮即可插入代码   代码高亮效果会直接在mce中预览可见\u003C\u002Fp>\n\u003Cp>Related Links:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002F3haku.net\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fcode.google.com\u002Fp\u002Fgoogle-code-prettify\u002F\" rel=\"nofollow ugc\">Google Code Prettify\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>*This release is compatible with all WordPress versions since 2.0. *\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free for everyone! You can use it free of charge on your personal or commercial blog.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n","This is a code prettify plugin. the code higlighting effect will be seen directly in the mce editor.",10,3273,"2013-12-13T02:25:00.000Z","3.7.41","2.0",[20,21,24,74,75],"syntax","syntaxhighlighter","http:\u002F\u002F3haku.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoogle-syntax.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":68,"downloaded":86,"rating":87,"num_ratings":14,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":96,"download_link":97,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"smart-syntax","Smart Syntax","1.0.2","Smartpixels","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmartpixels\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.smartpixels.net\u002F?post_type=products&p=190\" rel=\"nofollow ugc\">Smart Syntax\u003C\u002Fa> plugin automatically adds Google prettify syntax highlighting to the fenced code blocks in both content and comments.\u003C\u002Fp>\n\u003Cp>It’s made with \u003Ca href=\"http:\u002F\u002Fjetpack.me\u002F\" rel=\"nofollow ugc\">Jetpack\u003C\u002Fa> markdown in mind, which brings the power of markdown extra to WordPress and gives you an easy to use markdown syntax for fenced code blocks.\u003C\u002Fp>\n\u003Cp>For more information on usage and features, check out \u003Ca href=\"http:\u002F\u002Fwww.smartpixels.net\u002F?post_type=products&p=190\" rel=\"nofollow ugc\">smartpixels\u003C\u002Fa>.\u003C\u002Fp>\n","Automatic google prettify syntax highlighting for jetpack markdown fenced code blocks",4509,100,"2016-09-27T11:44:00.000Z","4.6.30","3.8",[92,93,94,95,58],"code-blocks","google-prettify","jetpack-markdown","markdown","http:\u002F\u002Fwww.smartpixels.net\u002Fproducts\u002Fsmart-syntax\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-syntax.1.0.3.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":111,"homepage":18,"download_link":113,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-markdown","WP-Markdown","1.6.1","Stephen Harris","https:\u002F\u002Fprofiles.wordpress.org\u002Fstephenh1988\u002F","\u003Cp>This plugin allows you to write posts (of any post type) using the Markdown syntax. The plugin converts the Markdown into HTML prior to saving the post. When editing a post, the plugin converts it back into Markdown syntax.\u003C\u002Fp>\n\u003Cp>The plugin also allows you to enable Markdown in \u003Cstrong>comments\u003C\u002Fstrong> and \u003Cstrong>bbPress forums\u003C\u002Fstrong>. In these instances the plugin adds a toolbar, and preview of the processed Markdown with \u003Ca href=\"http:\u002F\u002Fcode.google.com\u002Fp\u002Fgoogle-code-prettify\u002F\" rel=\"nofollow ugc\">Prettify\u003C\u002Fa> syntax highlighter applied (similiar to that used in the Stack Exchange websites such as \u003Ca href=\"http:\u002F\u002Fwordpress.stackexchange.com\u002F\" rel=\"nofollow ugc\">WordPress Stack Exchange\u003C\u002Fa>).\u003C\u002Fp>\n\u003Cp>WP-Markdown stores the processed HTML, so deactivating the plugin will not affect your posts, comments or bbPress forums.\u003C\u002Fp>\n","Allows Markdown to be enabled in posts, comments and bbPress forums.",400,86288,90,28,"2017-12-27T14:00:00.000Z",[20,112,95,24,58],"formatting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-markdown.1.6.1.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":87,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":134,"download_link":135,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cc-syntax-highlight","CC-Syntax-Highlight","1.2.3","Clearcode","https:\u002F\u002Fprofiles.wordpress.org\u002Fclearcodehq\u002F","\u003Cp>The CC-Syntax-Highlight plugin supports syntax highlighting of Posts, Pages, and any public Custom Post Types.\u003Cbr \u002F>\nIt uses \u003Ca href=\"https:\u002F\u002Fhighlightjs.org\u002F\" rel=\"nofollow ugc\">highlight.js\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgoogle\u002Fcode-prettify\" rel=\"nofollow ugc\">google-code-prettify\u003C\u002Fa> libraries.\u003Cbr \u002F>\nAdditionally it can use the \u003Ca href=\"https:\u002F\u002Fclipboardjs.com\u002F\" rel=\"nofollow ugc\">clipboard.js\u003C\u002Fa> library to add a button that copies text to the clipboard and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwcoder\u002Fhighlightjs-line-numbers.js\u002F\" rel=\"nofollow ugc\">highlightjs-line-numbers.js\u003C\u002Fa> plugin to add line numbers.\u003Cbr \u002F>\nIt is delivered with support for shortcode (default [code] – you can change it on the settings page) which automatically converts all special characters to HTML entities.\u003Cbr \u002F>\nThis plugin is compatible with Multisite WordPress installations.\u003C\u002Fp>\n\u003Ch4>How does it work?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to the ‘Settings > Syntax Highlight’ page, select your preferred options and save them.\u003C\u002Fli>\n\u003Cli>Simply add the source code to your post (or other selected public Custom Post Type) wrapped with:\u003Cbr \u002F>\n\u003Cpre>\u003Ccode>Your source code\u003C\u002Fcode>\u003C\u002Fpre>\u003Cbr \u002F>\nor if you would like to automatically convert all special characters to HTML entities, use shortcode wrapper instead (default [code] – you can change it on the settings page):\u003Cbr \u002F>\n\u003Cpre>[code]Your source code[\u002Fcode]\u003C\u002Fpre>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cem>Plugin’s js scripts and css styles files only load if the source code occurs on displaying page.\u003C\u002Fem>\u003C\u002Fp>\n","This plugin allows you very simply syntax highlight source code in your content using highlight.js or google-code-prettify libraries.",80,4659,1,"2022-03-16T14:21:00.000Z","5.9.13","4.6.1","7.0",[20,130,131,132,133],"google-code-prettify","highlight-js","source-code","syntax-highlight","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcc-syntax-highlight","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcc-syntax-highlight.zip",{"attackSurface":137,"codeSignals":169,"taintFlows":205,"riskAssessment":224,"analyzedAt":229},{"hooks":138,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":28,"unprotectedCount":28},[139,145,150,154,158,161],{"type":140,"name":141,"callback":142,"priority":68,"file":143,"line":144},"filter","plugin_row_meta","RegisterPluginLinks","wp-code-prettify.php",240,{"type":146,"name":147,"callback":148,"file":143,"line":149},"action","wp_head","WPCP_Head",243,{"type":146,"name":151,"callback":152,"file":143,"line":153},"get_footer","WPCP_Footer",244,{"type":140,"name":155,"callback":156,"file":143,"line":157},"the_content","WPCP_Content",247,{"type":140,"name":159,"callback":156,"file":143,"line":160},"comment_text",248,{"type":146,"name":162,"callback":163,"priority":124,"file":143,"line":164},"admin_menu","WPCodePrettify_Menu",259,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":173,"fileOperations":34,"externalRequests":28,"nonceChecks":124,"capabilityChecks":124,"bundledLibraries":204},[],{"prepared":28,"raw":28,"locations":172},[],{"escaped":28,"rawEcho":174,"locations":175},14,[176,180,182,184,186,188,189,190,192,194,196,198,200,202],{"file":177,"line":178,"context":179},"wp-code-prettify-page.php",39,"raw output",{"file":177,"line":181,"context":179},92,{"file":177,"line":183,"context":179},139,{"file":177,"line":185,"context":179},149,{"file":177,"line":187,"context":179},153,{"file":143,"line":108,"context":179},{"file":143,"line":181,"context":179},{"file":143,"line":191,"context":179},95,{"file":143,"line":193,"context":179},118,{"file":143,"line":195,"context":179},147,{"file":143,"line":197,"context":179},151,{"file":143,"line":199,"context":179},159,{"file":143,"line":201,"context":179},163,{"file":143,"line":203,"context":179},171,[],[206],{"entryPoint":207,"graph":208,"unsanitizedCount":28,"severity":223},"\u003Cwp-code-prettify-page> (wp-code-prettify-page.php:0)",{"nodes":209,"edges":220},[210,215],{"id":211,"type":212,"label":213,"file":177,"line":214},"n0","source","$_POST",15,{"id":216,"type":217,"label":218,"file":177,"line":214,"wp_function":219},"n1","sink","update_option() [Settings Manipulation]","update_option",[221],{"from":211,"to":216,"sanitized":222},true,"low",{"summary":225,"deductions":226},"The \"wp-code-prettify\" v0.2.8 plugin exhibits a generally good security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the plugin demonstrates strong practices by exclusively using prepared statements for all SQL queries and having no recorded vulnerabilities or CVEs, indicating a stable and well-maintained codebase over time.  The plugin also includes nonce and capability checks, which are essential for securing WordPress functionalities.\n\nHowever, a significant concern arises from the output escaping analysis. With 14 total outputs and 0% properly escaped, this suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed to users without proper sanitization or escaping could be manipulated by attackers to inject malicious scripts. While taint analysis shows no unsanitized paths, this might not fully capture all potential XSS vectors if the analysis scope was limited or if the untrusted input doesn't directly lead to a path flow detected by the tool. The presence of file operations, while not inherently insecure, warrants careful review to ensure they are not being used in a way that could be exploited by an attacker.\n\nIn conclusion, the plugin's strengths lie in its limited attack surface and secure database interactions. The primary weakness is the lack of output escaping, which presents a critical XSS risk. Addressing this issue should be the highest priority to improve the plugin's overall security. The absence of historical vulnerabilities is positive, but the current code analysis points to a specific, actionable security flaw.",[227],{"reason":228,"points":214},"0% output escaping","2026-03-16T20:22:49.684Z",{"wat":231,"direct":240},{"assetPaths":232,"generatorPatterns":235,"scriptPaths":236,"versionParams":237},[233,234],"\u002Fwp-content\u002Fplugins\u002Fwp-code-prettify\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-code-prettify\u002Fjs\u002Fprettify.js",[],[234],[238,239],"wp-code-prettify\u002Fcss\u002Fstyle.css?ver=","wp-code-prettify\u002Fjs\u002Fprettify.js?ver=",{"cssClasses":241,"htmlComments":243,"htmlAttributes":246,"restEndpoints":249,"jsGlobals":250,"shortcodeOutput":254},[242],"prettyprint",[244,245],"\u003C!--wp code prettify-->","\u003C!--\u002F\u002Fwp code prettify-->",[247,248],"prettify_css","prettify_custom",[],[251,252,253],"wpCodePrettifyOnLoad","prettyPrint","$",[]]