[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fw8CCgRTej-JS4NwHNsAUE24mXjFu81imWBPwFe29vzI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":102,"crawl_stats":37,"alternatives":110,"analysis":222,"fingerprints":916},"wp-coder","WP Coder – Insert & Manage Code Snippets","4.5","Wow-Company","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpcalc\u002F","\u003Cp>Tired of editing theme files to add custom scripts or styles?\u003Cbr \u002F>\n\u003Cstrong>WP Coder\u003C\u002Fstrong> lets you insert custom HTML, CSS, JavaScript, and PHP snippets directly from your dashboard — no coding in theme files required. Gain full control and flexibility over your site.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpcoder.pro\u002Fcategory\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwpcoder.pro\u002F\" rel=\"nofollow ugc\">Upgrade to Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Why WP Coder?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>All-in-One Code Editor:\u003C\u002Fstrong> Tabbed editor for HTML, CSS, JS & PHP with CodeMirror syntax highlighting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg Block:\u003C\u002Fstrong> Insert snippets directly in the block editor with live preview and custom attribute support.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Integration:\u003C\u002Fstrong> Use \u003Ccode>[wp_code id=\"X\"]\u003C\u002Fcode> to embed snippets anywhere.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Preview:\u003C\u002Fstrong> Instantly preview HTML & CSS without reloads in both the backend and Gutenberg.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance Ready:\u003C\u002Fstrong> Minify CSS\u002FJS, obfuscate JavaScript, and control script loading with \u003Ccode>async\u003C\u002Fcode> \u002F \u003Ccode>defer\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Ideal For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Developers:\u003C\u002Fstrong> Test snippets, hooks, and debug quickly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Marketers:\u003C\u002Fstrong> Insert tracking pixels, analytics, and ad scripts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Designers & Bloggers:\u003C\u002Fstrong> Customize layouts, styles, and enhance engagement.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Insert \u003Cstrong>HTML, CSS, JS, and PHP\u003C\u002Fstrong> via powerful shortcodes.\u003C\u002Fli>\n\u003Cli>Smart PHP handling: run in admin, front-end, everywhere, or only where inserted.\u003C\u002Fli>\n\u003Cli>Include external libraries (Google Fonts, CDN scripts & styles).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Test Mode:\u003C\u002Fstrong> Preview snippets safely before going live.\u003C\u002Fli>\n\u003Cli>Import\u002FExport snippets and settings between sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript Obfuscation:\u003C\u002Fstrong> Protect your scripts with Dean Edwards’ Packer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Interface:\u003C\u002Fstrong> Hide unused editor tabs (HTML, CSS, JS, etc.) for a cleaner workflow.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NAV comments:\u003C\u002Fstrong> Add inline navigation markers for faster code editing.\u003C\u002Fli>\n\u003Cli>Lightweight & secure — built for performance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Included Tools:\u003C\u002Fh3>\n\u003Ch4>Integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Google Tag Manager (GTM) integration with user role controls.\u003C\u002Fli>\n\u003Cli>Google Analytics, Facebook Pixel, and Pinterest Pixel integration.\u003C\u002Fli>\n\u003Cli>Google AdSense integration with the option to disable ads for selected user roles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Content & Templates\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Markdown Editor – Disables Gutenberg and TinyMCE, replacing them with a Markdown editor powered by CodeMirror.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Developer Tools\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Debug Log management (enable\u002Fdisable and clear log).\u003C\u002Fli>\n\u003Cli>Show Page Debug Info – Display technical info for the current request in the Admin Bar (template, query type, object, body classes). Admins only.\u003C\u002Fli>\n\u003Cli>Theme Switcher –  Quickly switch between installed themes directly from the admin bar.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Included Snippets:\u003C\u002Fh3>\n\u003Ch4>Editor & Content\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Gutenberg Editor\u003C\u002Fli>\n\u003Cli>Remove Gutenberg Block CSS\u003C\u002Fli>\n\u003Cli>Disable Widget Blocks\u003C\u002Fli>\n\u003Cli>Enable Shortcode Execution in Widgets\u003C\u002Fli>\n\u003Cli>Enable Excerpt for Pages\u003C\u002Fli>\n\u003Cli>Open External Links in New Tabs\u003C\u002Fli>\n\u003Cli>Change “Read More” Text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Admin Interface Tweaks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Screen Options Tab\u003C\u002Fli>\n\u003Cli>Disable Welcome Panel\u003C\u002Fli>\n\u003Cli>Duplicate Posts\u003C\u002Fli>\n\u003Cli>Disable Admin Bar\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Login & User Access\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Login Page Language Switcher\u003C\u002Fli>\n\u003Cli>Disable Login by Email\u003C\u002Fli>\n\u003Cli>Disable Admin Password Reset Emails\u003C\u002Fli>\n\u003Cli>Custom Login Logo\u003C\u002Fli>\n\u003Cli>Custom Login Redirect URLs\u003C\u002Fli>\n\u003Cli>Change Redirect After Login\u003C\u002Fli>\n\u003Cli>Change Redirect After Logout\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Media & Embeds\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Enable SVG Upload\u003C\u002Fli>\n\u003Cli>Force Lowercase Filenames\u003C\u002Fli>\n\u003Cli>Default ALT Text for Avatars\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable Lazy Load\u003C\u002Fli>\n\u003Cli>Disable Embeds\u003C\u002Fli>\n\u003Cli>Adjust oEmbed Max Dimensions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Core Functionality\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable XML-RPC\u003C\u002Fli>\n\u003Cli>Disable REST API\u003C\u002Fli>\n\u003Cli>Disable Automatic Updates\u003C\u002Fli>\n\u003Cli>Disable Automatic Updates Emails\u003C\u002Fli>\n\u003Cli>Disable Emojis\u003C\u002Fli>\n\u003Cli>Disable Shortlinks\u003C\u002Fli>\n\u003Cli>Limit Post Revisions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Comments & Feedback\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Comments Globally\u003C\u002Fli>\n\u003Cli>Disable Comment URL Field\u003C\u002Fli>\n\u003Cli>Disable Self Pingbacks\u003C\u002Fli>\n\u003Cli>Disable Trackbacks & Pingbacks\u003C\u002Fli>\n\u003Cli>Disable HTML in Comments\u003C\u002Fli>\n\u003Cli>Limit Comment Length\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Cleanup & Optimization\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Remove WP Version\u003C\u002Fli>\n\u003Cli>Disable Attachment Pages\u003C\u002Fli>\n\u003Cli>Disable RSS Feeds\u003C\u002Fli>\n\u003Cli>Disable Built-in Search\u003C\u002Fli>\n\u003Cli>Disable wlwmanifest Link\u003C\u002Fli>\n\u003Cli>Disable Automatic Trash Emptying\u003C\u002Fli>\n\u003Cli>Redirect 404 to Homepage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WP Coder simplifies your WordPress development workflow and makes customization safe, fast, and flexible!\u003C\u002Fp>\n\u003Cp>Get started today and simplify your WordPress development workflow with \u003Cstrong>WP Coder\u003C\u002Fstrong>!\u003C\u002Fp>\n\u003Ch3>Quick Start Video\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FBgY3R8j1uWM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Plugin Demo:\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FYF4X7sU0iFY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Need help? Ask questions and get quick answers in our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-coder\" rel=\"ugc\">support center\u003C\u002Fa>.\u003C\u002Fp>\n","Snippets made simple — easily insert and manage custom PHP, CSS, JS & HTML without coding in theme files.",10000,368560,98,31,"2026-02-14T05:39:00.000Z","6.9.4","5.4","7.4",[20,21,22,23],"code","code-snippets","shortcode","snippets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-coder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-coder.4.5.zip",95,5,0,"2025-01-31 00:00:00","2026-03-15T15:16:48.613Z",[32,48,62,78,91],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-24699","wp-coder-code-snippets-html-css-js-and-php-injection-cross-site-request-forgery-to-stored-cross-site-scripting","WP Coder – Code Snippets + HTML, CSS, JS and PHP Injection \u003C= 3.6.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The WP Coder – Code Snippets + HTML, CSS, JS and PHP Injection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=3.6","3.6.1","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-02-21 14:45:53",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3313f919-5fa8-4e2f-b676-b5654d088e33?source=api-prod",22,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":40,"cvss_score":55,"cvss_vector":56,"vuln_type":57,"published_date":58,"updated_date":59,"references":60,"days_to_patch":27},"CVE-2024-2578","wp-coder-authenticated-editor-stored-cross-site-scripting","WP Coder \u003C= 3.5 - Authenticated (Editor+) Stored Cross-Site Scripting","The WP Coder – Powerful HTML, CSS, JS and PHP Injection plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C=3.5","3.5.1",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-03-18 00:00:00","2024-03-22 15:04:29",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7394f468-b1d6-477e-9213-e01c74e2e504?source=api-prod",{"id":63,"url_slug":64,"title":65,"description":66,"plugin_slug":4,"theme_slug":37,"affected_versions":67,"patched_in_version":68,"severity":69,"cvss_score":70,"cvss_vector":71,"vuln_type":72,"published_date":73,"updated_date":74,"references":75,"days_to_patch":77},"CVE-2023-0895","wp-coder-add-custom-html-css-and-js-code-authenticated-admin-sql-injection","WP Coder – add custom html, css and js code \u003C= 2.5.3 - Authenticated (Admin+) SQL Injection","The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers with administrative privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","\u003C=2.5.3","2.5.4","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2023-02-17 00:00:00","2024-01-22 19:56:02",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe4b6a9cd-4d29-4bd8-afa3-b5d455ad8340?source=api-prod",340,{"id":79,"url_slug":80,"title":81,"description":82,"plugin_slug":4,"theme_slug":37,"affected_versions":83,"patched_in_version":84,"severity":69,"cvss_score":85,"cvss_vector":86,"vuln_type":43,"published_date":87,"updated_date":74,"references":88,"days_to_patch":90},"CVE-2022-2388","wp-coder-cross-site-request-forgery","WP Coder \u003C= 2.5.2 - Cross-Site Request Forgery","The WP Coder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This is due to missing or incorrect nonce validation in the ~\u002Fadmin\u002Fpartials\u002Ftools-data-base.php file. This makes it possible for unauthenticated attackers to delete code created by the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=2.5.2","2.5.3",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","2022-07-26 00:00:00",[89],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffc64c550-0d19-42d4-aa2b-829e74b166bc?source=api-prod",546,{"id":92,"url_slug":93,"title":94,"description":95,"plugin_slug":4,"theme_slug":37,"affected_versions":96,"patched_in_version":97,"severity":69,"cvss_score":85,"cvss_vector":86,"vuln_type":43,"published_date":98,"updated_date":74,"references":99,"days_to_patch":101},"CVE-2021-25053","wp-coder-remote-file-inclusion-leading-to-remote-code-execution-via-cross-site-request-forgery","WP Coder \u003C= 2.5.1 - Remote File Inclusion leading to Remote Code Execution via Cross-Site Request Forgery","The WP Coder WordPress plugin before 2.5.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:\u002F\u002F or http:\u002F\u002F protocols), thus leading to CSRF RCE.","\u003C=2.5.1","2.5.2","2021-12-05 00:00:00",[100],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F63f53e3c-b038-4722-b5ba-7212e50b5978?source=api-prod",779,{"slug":103,"display_name":7,"profile_url":8,"plugin_count":104,"total_installs":105,"avg_security_score":106,"avg_patch_time_days":107,"trust_score":108,"computed_at":109},"wpcalc",25,97590,96,236,76,"2026-04-05T16:31:09.795Z",[111,134,155,178,202],{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":13,"num_ratings":121,"last_updated":122,"tested_up_to":16,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":129,"download_link":130,"security_score":131,"vuln_count":132,"unpatched_count":28,"last_vuln_date":133,"fetched_at":30},"insert-headers-and-footers","WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager","2.3.4","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Ch4>Insert Headers & Footers + Full WordPress Code Snippets Plugin\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WPCode\u003C\u002Fa> (formerly known as Insert Headers and Footers by WPBeginner) is the most popular code snippets plugin for WordPress used by over 2 million websites.\u003C\u002Fp>\n\u003Cp>We make it easy for you to add code snippets in WordPress without having to edit your theme’s functions.php file.\u003C\u002Fp>\n\u003Cp>Our simple insert headers and footers interface allows you to insert code like Google Analytics, custom CSS, Facebook Pixel, and more to your WordPress site’s header and footer as well other areas of your website. No need to edit your theme files!\u003C\u002Fp>\n\u003Cp>Aside from Header and Footer scripts, you can also use WPCode to insert custom PHP code snippets, JavaScript code snippets, CSS code snippets, HTML code snippets, and text snippets with full conditional logic support.\u003C\u002Fp>\n\u003Cp>We took the pain out of adding custom code snippets in WordPress and made it easy.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I have been using Insert Headers and Footers and it is such a useful tool. Super helpful and the very best of its kind. Highly recommend\u003Cbr \u002F>\n  The_Gibble – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Quick Overview of WPCode from WPBeginner\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFo-7MKRRUec?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Introducing New WPCode Pro\u003C\u002Fstrong>\u003Cbr \u002F>\n  While WPCode Lite offers tons of powerful features for free, we listened to user feedback and created WPCode Pro with even more amazing features to improve your workflow. This includes smart conditional logic, saving code snippets to cloud library, code revisions, page-specific snippets, deeper integration with popular plugins like WooCommerce, Easy Digital Downloads, and so much more. \u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Click here to purchase the best premium WordPress code snippet plugin now!\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Future Proof Code Snippet Management\u003C\u002Fh4>\n\u003Cp>Most \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" rel=\"nofollow ugc\">WordPress tutorial websites\u003C\u002Fa> ask you to add code snippets to your theme’s functions.php file. This makes managing code snippets messy, and it also prevents you from updating your theme.\u003C\u002Fp>\n\u003Cp>If you ever update your theme or switch to another theme, then you will lose all custom code functions that you added in your functions.php file.\u003C\u002Fp>\n\u003Cp>WPCode solves this by providing you an easy way to insert header and footer scripts along with other code snippets directly from your WordPress dashboard. These code snippets actually run as if they were in your theme’s functions.php file.\u003C\u002Fp>\n\u003Cp>Our smart code snippet validation helps you prevent common code errors to ensure you never break your website when adding code snippets or header and footer scripts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New WPCode Cloud Library\u003C\u002Fstrong> even allows you to store all your custom code snippets in a cloud library, so you can easily re-use code snippets across multiple website projects and save time. You can keep your code snippets completely private or \u003Ca href=\"https:\u002F\u002Flibrary.wpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">share it with the community\u003C\u002Fa> to give back while boosting your social profile.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This plugin allows me to not only add things to my site whenever needed, but it takes me only seconds to accomplish it.\u003Cbr \u002F>\n  David Weber – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Full Code Snippets Library and Code Generators\u003C\u002Fh4>\n\u003Cp>Ever wanted a central place to find all the most popular WordPress code snippets that are tested and proven to work?\u003C\u002Fp>\n\u003Cp>When we started Insert Headers and Footers plugin, we did too. So we built a WordPress code snippets library right inside the WPCode plugin.\u003C\u002Fp>\n\u003Cp>You will find verified PHP code snippets for popular feature requests like disable REST API, disable XML-RPC, disable comments, allow SVG file uploads, disable Gutenberg, add Classic Editor, and more without installing separate plugins for each.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I was very hesitant to get into any of the code for my website. Your plugin made it easy for me to do.\u003Cbr \u002F>\n  Conbrio75 – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>We also built the ability to save your code snippets to \u003Ca href=\"https:\u002F\u002Flibrary.wpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WPCode Cloud Library\u003C\u002Fa>, so you can easily re-use it on your other websites, client projects, or even share it with the larger community.\u003C\u002Fp>\n\u003Cp>WPCode Cloud Library helps you better organize your code snippets in one central location, so you can save more time and speed up your workflow when managing websites. No more wasting time looking for custom notes or Github gists.\u003C\u002Fp>\n\u003Cp>Aside from our growing code snippets library, we also have WordPress code generators to help you quickly get ready-to-use custom code using the latest WordPress coding standards and API’s.\u003C\u002Fp>\n\u003Ch4>Conditional Logic for Code Snippets + Code Insertion Priority\u003C\u002Fh4>\n\u003Cp>Our goal with WPCode was to create a WordPress code snippets plugin that’s both EASY and POWERFUL.\u003C\u002Fp>\n\u003Cp>That’s why aside from our global header and footer scripts, we added advanced features like conditional logic for code snippets and made it easy.\u003C\u002Fp>\n\u003Cp>Instead of learning WordPress conditional logic queries, you can use our beginner-friendly conditional logic user interface to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Load code snippets for logged in users only\u003C\u002Fli>\n\u003Cli>Load PHP code snippets for specific user roles\u003C\u002Fli>\n\u003Cli>Load PHP code snippets only on specific page URLs\u003C\u002Fli>\n\u003Cli>Insert header and footer pixel scripts on specific pages\u003C\u002Fli>\n\u003Cli>Show code snippets based on type of page\u003C\u002Fli>\n\u003Cli>Run code snippet only on certain post types\u003C\u002Fli>\n\u003Cli>Load header and footer code snippet based on referrer source\u003C\u002Fli>\n\u003Cli>and more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We also added both automatic code insertion and manual code output using shortcodes.\u003C\u002Fp>\n\u003Cp>Our Auto Insert feature allows you to run the code snippet everywhere or choose from custom options like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Run code snippet only on frontend\u003C\u002Fli>\n\u003Cli>Run code snippet only in WordPress admin area\u003C\u002Fli>\n\u003Cli>Add header and footer scripts sitewide\u003C\u002Fli>\n\u003Cli>Insert PHP code snippet before or after post content\u003C\u002Fli>\n\u003Cli>Insert code snippet before or after specific paragraph\u003C\u002Fli>\n\u003Cli>Insert code snippet on specific archive pages\u003C\u002Fli>\n\u003Cli>Insert code snippets after specific WooCommerce function (\u003Ca href=\"https:\u002F\u002Fwpcode.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Pro Feature\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Aside from that, we also added a visual code snippet priority system, so you can choose the order for your custom functions to avoid code conflict.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This is such a useful plugin! It makes it so much easier to include things on your website!\u003Cbr \u002F>\n  Understoryliving – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>And for even more flexibility and customization, we have added the ability for you to add page-specific code snippets right from the WordPress classic editor as well as the Gutenberg editor. You can even load code snippets based on device type such as mobile only code snippets, desktop only code snippets, etc.\u003C\u002Fp>\n\u003Ch4>Import and Export Code Snippets\u003C\u002Fh4>\n\u003Cp>Managing multiple websites or developing in a staging environment?\u003C\u002Fp>\n\u003Cp>We offer an easy way to import and export your custom code snippets, functions, and header and footer scripts to help you save time.\u003C\u002Fp>\n\u003Cp>You can also save your code snippets to WPCode Cloud (Pro feature), so you can easily re-use the same code snippets across multiple websites. This also allows you to better organize your code snippets instead of wasting time searching for random Github gists.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Simple plugin I use in quite every site. Very useful to insert scripts and tags.\u003Cbr \u002F>\n  tommasoperego – WordPress user\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Full WPCode Feature List\u003C\u002Fh4>\n\u003Cp>The simple interface of WPCode plugin (formerly known as Insert Headers and Footers) gives you one place where you can insert header and footer scripts as well as custom code snippets rather than dealing with dozens of different plugins.\u003C\u002Fp>\n\u003Cp>Below is a full list of WPCode features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Quick to set up\u003C\u002Fli>\n\u003Cli>Unlimited code snippets\u003C\u002Fli>\n\u003Cli>Simple to insert header and footer scripts globally\u003C\u002Fli>\n\u003Cli>Beginner Friendly Code Editor with Syntax Highlighter for PHP, JavaScript, and HTML\u003C\u002Fli>\n\u003Cli>Smart Code Validation to Prevent PHP Errors\u003C\u002Fli>\n\u003Cli>Insert header code and\u002For footer code using Conditional Logic\u003C\u002Fli>\n\u003Cli>Add \u003Cstrong>Google Analytics\u003C\u002Fstrong> code to header and footer\u003C\u002Fli>\n\u003Cli>Add \u003Cstrong>custom CSS\u003C\u002Fstrong> code to any theme\u003C\u002Fli>\n\u003Cli>Insert \u003Cstrong>Facebook pixel\u003C\u002Fstrong> code in header and footer\u003C\u002Fli>\n\u003Cli>Insert any code or script, including HTML and Javascript\u003C\u002Fli>\n\u003Cli>Insert PHP Code Snippets\u003C\u002Fli>\n\u003Cli>Ready-made Code Snippet Library\u003C\u002Fli>\n\u003Cli>Custom WordPress Code Snippet Generator\u003C\u002Fli>\n\u003Cli>Show or Hide PHP Code Snippets based on conditional logic\u003C\u002Fli>\n\u003Cli>Run PHP code and custom code snippets everywhere or in select areas using smart auto-insert rules.\u003C\u002Fli>\n\u003Cli>Manually insert PHP code snippets using shortcodes anywhere on website\u003C\u002Fli>\n\u003Cli>Add Rich Text Ads and Content Snippets automatically on posts & pages.\u003C\u002Fli>\n\u003Cli>Export \u002F Import Code Snippets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New\u003C\u002Fstrong> Save snippets to Cloud Library – All your snippets stored in your private code snippet cloud.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New\u003C\u002Fstrong> Deep integrations with Gutenberg, WooCommerce, and more.\u003C\u002Fli>\n\u003Cli>Device specific code snippets (such as load code snippets on mobile only, desktop only, etc)\u003C\u002Fli>\n\u003Cli>and more features coming soon.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Insert Headers and Footers plugin was first created by \u003Ca href=\"https:\u002F\u002Fsyedbalkhi.com\u002F\" rel=\"nofollow ugc\">Syed Balkhi\u003C\u002Fa> and the \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" rel=\"nofollow ugc\">WPBeginner\u003C\u002Fa> team in 2011.\u003C\u002Fp>\n\u003Cp>It was later rebranded to WPCode in 2022 by Syed Balkhi to add powerful code snippets features that users were requesting for.\u003C\u002Fp>\n\u003Ch4>Branding Guideline\u003C\u002Fh4>\n\u003Cp>WPCode™ is a trademark of WPCode LLC. When writing about the Insert Headers and Footers – Code Snippets plugin by WPCode, please make sure to uppercase the initial 3 letters.\u003C\u002Fp>\n\u003Cp>WPCode (correct)\u003Cbr \u002F>\nWP Code (incorrect)\u003Cbr \u002F>\nwpcode (incorrect)\u003Cbr \u002F>\nwp code snippets (incorrect)\u003C\u002Fp>\n","Easily add code snippets in WordPress. Insert header & footer scripts, add PHP code snippets with conditional logic, insert ads pixel code, and more.",3000000,82822570,1761,"2026-02-12T15:19:00.000Z","5.0","7.0",[20,21,126,127,128],"css","header","php","https:\u002F\u002Fwww.wpcode.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-headers-and-footers.2.3.4.zip",99,3,"2023-07-17 00:00:00",{"slug":135,"name":136,"version":137,"author":138,"author_profile":139,"description":140,"short_description":141,"active_installs":142,"downloaded":143,"rating":13,"num_ratings":144,"last_updated":145,"tested_up_to":16,"requires_at_least":146,"requires_php":147,"tags":148,"homepage":151,"download_link":152,"security_score":13,"vuln_count":153,"unpatched_count":28,"last_vuln_date":154,"fetched_at":30},"shortcoder","Shortcoder — Create Shortcodes for Anything","6.5.2","vaakash","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaakash\u002F","\u003Cp>Shortcoder plugin allows to create a custom shortcodes for HTML, JavaScript, CSS and other code snippets. Now the shortcodes can be used in posts\u002Fpages and the snippet will be replaced in place.\u003C\u002Fp>\n\u003Ch3>✍ Create shortcodes easily\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Give a name for the shortcode\u003C\u002Fli>\n\u003Cli>Paste the HTML\u002FJavaScript\u002FCSS as shortcode content\u003C\u002Fli>\n\u003Cli>Save !\u003C\u002Fli>\n\u003Cli>Now insert the shortcode \u003Ccode>[sc name=\"my_shortcode\"]\u003C\u002Fcode> in your post\u002Fpage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Voila !\u003C\u002Fstrong> You got the HTML\u002FJavascript\u002FCSS in your post.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>✨ Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create \u003Cstrong>custom shortcodes\u003C\u002Fstrong> easily and use them in any place where shortcode is supported.\u003C\u002Fli>\n\u003Cli>Have any \u003Cstrong>HTML\u003C\u002Fstrong>, \u003Cstrong>Javascript\u003C\u002Fstrong>, \u003Cstrong>CSS\u003C\u002Fstrong> as Shortcode content.\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>Custom parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>WordPress parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Multiple editors: Code, Visual and text modes.\u003C\u002Fli>\n\u003Cli>Globally disable the shortcode when not needed.\u003C\u002Fli>\n\u003Cli>Disable shortcode on desktop, mobile devices.\u003C\u002Fli>\n\u003Cli>A button in post editor to pick the shortcodes to insert.\u003C\u002Fli>\n\u003Cli>Execute blocks HTML in shortcode content.\u003C\u002Fli>\n\u003Cli>Insert shortcodes in Gutenberg\u002Fblock editor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎲 An example usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Create a shortcode named “adsenseAd” in the Shortcoder admin page.\u003C\u002Fli>\n\u003Cli>Paste the adsense code in the box given and save it.\u003C\u002Fli>\n\u003Cli>Use \u003Ccode>[sc name=\"adsenseAd\"]\u003C\u002Fcode> in your posts and pages.\u003C\u002Fli>\n\u003Cli>Tada !!! the ad code is replaced and it appears in the post.\u003C\u002Fli>\n\u003Cli>Now you can edit the ad code at one place and the code is updated in all the locations where the shortcode is used.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Similarly shortcodes can be created for frequently used snippets.\u003C\u002Fp>\n\u003Cp>You can also add \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">custom parameters\u003C\u002Fa> (like \u003Ccode>%%id%%\u003C\u002Fcode>) inside the snippets, and change it’s value like \u003Ccode>[sc name=\"youtube\" id=\"GrlRADfvjII\"]\u003C\u002Fcode> when using them.\u003C\u002Fp>\n\u003Ch3>🧱 Using in block editor\u003C\u002Fh3>\n\u003Cp>Though shortcodes can be used in \u003Cstrong>any\u003C\u002Fstrong> place manually, Shortcoder provides below options to select and insert the shortcodes created easily when working with the block editor.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shortcoder block\u003C\u002Fli>\n\u003Cli>Toolbar button to select and insert shortcodes inline (under “more”)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Upgrade to PRO\u003C\u002Fh3>\n\u003Cp>Shortcoder also provides a \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa> which has additional features to further enhance the experience. Below features are offered in the PRO version.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom editor\u003C\u002Fstrong> – Edit Shortcode content using block editor or page builder plugins like Elementor and WPBakery.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>(New) Translation with WPML\u003C\u002Fstrong> – Translate Shortcode content with WPML.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Revisions\u003C\u002Fstrong> – Revisions support for Shortcode content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Locate shortcode\u003C\u002Fstrong> – Search posts and pages where a shortcode is used.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extra code\u003C\u002Fstrong> – Include extra code to the footer when a shortcode is used in a page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Get started with Shortcoder – PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fforum\u002F\" rel=\"nofollow ugc\">Support forum\u002FReport bugs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F#pro\" rel=\"nofollow ugc\">PRO features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Create custom \"Shortcodes\" easily for HTML, JavaScript, CSS code snippets and use the shortcodes within posts, pages & widgets",100000,1888190,225,"2026-03-01T17:44:00.000Z","4.9.0","5.3",[20,149,150,22,23],"html","javascript","https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcoder.6.5.2.zip",2,"2026-01-09 00:00:00",{"slug":156,"name":157,"version":158,"author":159,"author_profile":160,"description":161,"short_description":162,"active_installs":163,"downloaded":164,"rating":165,"num_ratings":166,"last_updated":167,"tested_up_to":16,"requires_at_least":168,"requires_php":124,"tags":169,"homepage":173,"download_link":174,"security_score":175,"vuln_count":176,"unpatched_count":28,"last_vuln_date":177,"fetched_at":30},"insert-php","Woody Code Snippets – Insert PHP, CSS, JS, and Header\u002FFooter Scripts","2.7.2","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Woody Code Snippets is a WordPress plugin that helps you insert code into your site without editing theme files.\u003C\u002Fp>\n\u003Cp>Many WordPress users still add PHP, JavaScript, CSS, tracking pixels, or ad scripts directly into functions.php, header.php, or footer.php. This approach breaks easily when themes update and becomes hard to manage as your site grows.\u003C\u002Fp>\n\u003Cp>Woody solves this by giving you a centralized code snippet manager where you can safely add header scripts, footer scripts, PHP snippets, custom CSS, JavaScript, and HTML from the WordPress admin.\u003C\u002Fp>\n\u003Cp>You can use Woody as a header and footer code manager, a PHP snippet plugin, or a way to reuse content and scripts across your site using shortcodes or automatic insertion.\u003C\u002Fp>\n\u003Cp>Each snippet can be enabled or disabled instantly, placed in specific locations like before content or after paragraphs, and shown only when certain conditions are met.\u003C\u002Fp>\n\u003Ch3>Quick Links\u003C\u002Fh3>\n\u003Cp>📘 \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Fcollection\u002F2410-woody-code-snippets\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> – Complete setup and configuration guide\u003C\u002Fp>\n\u003Cp>💬 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Finsert-php\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa> – Community help and expert support\u003C\u002Fp>\n\u003Cp>⭐ \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_quicklinks\" rel=\"nofollow ugc\">Go Pro\u003C\u002Fa> – Unlock advanced features and priority support\u003C\u002Fp>\n\u003Ch3>What Problems Does Woody Solve?\u003C\u002Fh3>\n\u003Cp>Woody is built for real WordPress workflows. It helps you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Insert code into headers and footers without editing theme files\u003C\u002Fli>\n\u003Cli>Add analytics scripts, tracking pixels, and ad code safely\u003C\u002Fli>\n\u003Cli>Manage PHP snippets without touching functions.php\u003C\u002Fli>\n\u003Cli>Reuse scripts and content across pages using shortcodes\u003C\u002Fli>\n\u003Cli>Control where code runs using placement rules and conditions\u003C\u002Fli>\n\u003Cli>Enable, disable, or roll back snippets without breaking your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Whether you are building client sites, running marketing experiments, or maintaining your own project, Woody gives you control without unnecessary complexity.\u003C\u002Fp>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>Woody lets you create code snippets and control where and when they run, all from the WordPress admin.\u003C\u002Fp>\n\u003Ch4>Example #1\u003C\u002Fh4>\n\u003Cp>Create a JavaScript snippet and add your analytics or tracking code.\u003Cbr \u002F>\nPlace it in the site header and add a condition to exclude administrators so your own visits are not tracked.\u003C\u002Fp>\n\u003Ch4>Example #2\u003C\u002Fh4>\n\u003Cp>Create a text snippet with reusable content or a shortcode.\u003Cbr \u002F>\nAdd conditions to show it only to logged-in users, then insert it anywhere using the snippet shortcode or automatic placement rules.\u003C\u002Fp>\n\u003Cp>This makes it easy to manage repeated logic and content without editing theme files.\u003C\u002Fp>\n\u003Ch3>Who Should Use Woody Code Snippets\u003C\u002Fh3>\n\u003Cp>Woody is designed for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Developers who want a structured way to manage custom code\u003C\u002Fli>\n\u003Cli>Marketers adding analytics, ads, and tracking scripts\u003C\u002Fli>\n\u003Cli>Solopreneurs who want flexibility without editing theme files\u003C\u002Fli>\n\u003Cli>Agencies managing multiple sites and shared snippets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you regularly need to insert code into WordPress, Woody fits naturally into your workflow.\u003C\u002Fp>\n\u003Ch3>Supported Snippet Types\u003C\u002Fh3>\n\u003Cp>Woody supports multiple snippet types, so you can manage all custom code in one place. You can create:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>PHP snippets\u003C\u002Fstrong> for functions, hooks, classes, and global variables\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript snippets\u003C\u002Fstrong> for analytics, integrations, and interactive features\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CSS snippets\u003C\u002Fstrong> to add custom styles without editing theme files\u003C\u002Fli>\n\u003Cli>\u003Cstrong>HTML snippets\u003C\u002Fstrong> for markup and layout elements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Text snippets\u003C\u002Fstrong> using the WordPress editor for reusable content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ad snippets\u003C\u002Fstrong> for ads and banners\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Universal snippets\u003C\u002Fstrong> that combine PHP, HTML, CSS, and JavaScript\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why do you need this plugin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Insert Google AdSense Ads, Amazon Native Shopping Contextual Ads, Yandex Direct Ads, Media.net on your website.\u003C\u002Fli>\n\u003Cli>Insert Google Analytic Tracking code, Yandex Metrika Tracking Code, Yandex Counter to Header, Footer.\u003C\u002Fli>\n\u003Cli>Insert PHP Code Snippets and execute on your website. Register PHP functions, classes, global variables everywhere.\u003C\u002Fli>\n\u003Cli>Insert Social media widgets, add any external resources widgets.\u003C\u002Fli>\n\u003Cli>Insert Facebook Pixels, Facebook Scripts, Facebook og:image Tag, Google Conversion Pixels, Vk Pixels.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Header and Footer Code Management\u003C\u002Fh3>\n\u003Cp>Woody works as a full header and footer code manager.\u003C\u002Fp>\n\u003Cp>You can insert snippets:\u003Cbr \u002F>\n– Into the site header before the closing  tag\u003Cbr \u002F>\n– Into the site footer before the closing  tag\u003C\u002Fp>\n\u003Cp>Common examples include analytics scripts, tracking pixels, verification tags, and global JavaScript or CSS.\u003C\u002Fp>\n\u003Ch3>Advanced Placement Options\u003C\u002Fh3>\n\u003Cp>Beyond headers and footers, Woody lets you insert snippets into specific locations.\u003C\u002Fp>\n\u003Cp>You can place code:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Before or after post or page content  \u003C\u002Fli>\n\u003Cli>Before or after a specific paragraph  \u003C\u002Fli>\n\u003Cli>Before or after a post  \u003C\u002Fli>\n\u003Cli>Inside archives, categories, and taxonomy pages  \u003C\u002Fli>\n\u003Cli>Between posts on archive pages  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WooCommerce Pages\u003C\u002Fh4>\n\u003Cp>Woody supports automatic snippet placement on WooCommerce pages.\u003C\u002Fp>\n\u003Cp>You can insert snippets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Before or after the product list  \u003C\u002Fli>\n\u003Cli>Before or after a single product  \u003C\u002Fli>\n\u003Cli>Before or after the single product summary  \u003C\u002Fli>\n\u003Cli>After the product title, price, or excerpt  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Common use cases include conversion tracking, promotional banners, custom JavaScript, and trust notices.\u003C\u002Fp>\n\u003Ch3>Shortcodes and Reusable Content\u003C\u002Fh3>\n\u003Cp>Woody supports shortcodes so you can insert snippets exactly where you need them. You can place snippets inside posts, pages, widgets, and page builders.\u003C\u002Fp>\n\u003Cp>With \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_shortcode\" rel=\"nofollow ugc\">Pro\u003C\u002Fa>, you can define custom shortcode names that are readable and portable across sites.\u003C\u002Fp>\n\u003Ch3>Conditional Logic for Code Snippets\u003C\u002Fh3>\n\u003Cp>Woody allows you to control when a snippet is displayed.\u003C\u002Fp>\n\u003Cp>[FREE] Available in the free version:\u003Cbr \u002F>\n– User role and registration date\u003Cbr \u002F>\n– Page, post type, or taxonomy\u003Cbr \u002F>\n– Referrer or cookie value\u003C\u002Fp>\n\u003Cp>[PRO] Advanced conditions available in \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_conditions\" rel=\"nofollow ugc\">Pro\u003C\u002Fa>:\u003Cbr \u002F>\n– Device type, browser, and operating system\u003Cbr \u002F>\n– JavaScript availability or ad blocker detection\u003Cbr \u002F>\n– User country, visit depth, time of day, and total visits\u003C\u002Fp>\n\u003Cp>Conditions can be combined using AND and OR logic.\u003C\u002Fp>\n\u003Cp>Unlock advanced conditions with \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_conditions\" rel=\"nofollow ugc\">Woody Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Snippet Management and Organization\u003C\u002Fh3>\n\u003Cp>Woody includes features to keep snippets organized and easy to manage.\u003C\u002Fp>\n\u003Cp>You can:\u003Cbr \u002F>\n– Enable or disable snippets instantly\u003Cbr \u002F>\n– Control execution order using priorities\u003Cbr \u002F>\n– Tag and clone snippets\u003Cbr \u002F>\n– Import and export snippets between sites\u003C\u002Fp>\n\u003Ch3>Code Revisions and Rollback [PRO]\u003C\u002Fh3>\n\u003Cp>With \u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_restore\" rel=\"nofollow ugc\">Pro\u003C\u002Fa>, Woody automatically saves snippet revisions. You can view previous versions, compare changes, and restore earlier revisions if something goes wrong.\u003C\u002Fp>\n\u003Cp>This adds an extra layer of safety when working with custom code.\u003C\u002Fp>\n\u003Ch3>Cloud Templates and Sync [PRO]\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwoodysnippet.com\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody_cloud\" rel=\"nofollow ugc\">Woody Pro\u003C\u002Fa> includes cloud-based snippet templates.\u003C\u002Fp>\n\u003Cp>You can save snippets as templates and reuse them across multiple sites, which is especially useful for agencies and developers managing repeated setups.\u003C\u002Fp>\n\u003Ch3>Settings and Developer Options\u003C\u002Fh3>\n\u003Cp>Woody includes advanced settings for fine-grained control.\u003C\u002Fp>\n\u003Cp>You can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Preserve HTML entities without automatic conversion  \u003C\u002Fli>\n\u003Cli>Execute shortcodes inside snippets  \u003C\u002Fli>\n\u003Cli>Enable error email notifications  \u003C\u002Fli>\n\u003Cli>Automatically activate snippets on save  \u003C\u002Fli>\n\u003Cli>Fully remove plugin data on uninstall  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Code Editor\u003C\u002Fh4>\n\u003Cp>The built-in editor includes:\u003Cbr \u002F>\n– Syntax highlighting and line numbers\u003Cbr \u002F>\n– Configurable indentation and tab size\u003Cbr \u002F>\n– Optional line wrapping\u003Cbr \u002F>\n– Automatic bracket and quote closing\u003Cbr \u002F>\n– Highlighting of matching variables and functions\u003C\u002Fp>\n\u003Ch3>Use This Plugin Responsibly\u003C\u002Fh3>\n\u003Cp>Woody allows you to run custom PHP, JavaScript, and CSS on your site. Always make sure you understand the code you add. Using unverified or outdated scripts may affect site security or stability. On multisite installations, only trusted administrators should have access to snippet creation.\u003C\u002Fp>\n\u003Cp>Woody includes safeguards such as snippet disabling, revisions, and error notifications, but it cannot validate third-party code you choose to run.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? Open a new thread in the WordPress \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Finsert-php\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>, and we will be happy to assist.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Learn how to make the most of Woody with our detailed and user-friendly \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Fcollection\u002F2410-woody-code-snippets\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Woody is backed by \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002F?utm_source=wordpressorg&utm_medium=readme&utm_campaign=woody\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>, trusted by over 1 million WordPress users worldwide.\u003C\u002Fp>\n","Insert PHP, JavaScript, CSS, HTML, ads, and tracking code into WordPress headers, footers, pages, and content using conditional logic, without editing …",60000,1711938,90,220,"2026-01-27T15:40:00.000Z","5.6",[21,170,171,156,172],"custom-code","header-footer-scripts","snippet","https:\u002F\u002Fwoodysnippet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-php.2.7.2.zip",91,7,"2024-06-14 20:26:37",{"slug":179,"name":180,"version":181,"author":182,"author_profile":183,"description":184,"short_description":185,"active_installs":186,"downloaded":187,"rating":188,"num_ratings":189,"last_updated":190,"tested_up_to":16,"requires_at_least":191,"requires_php":192,"tags":193,"homepage":198,"download_link":199,"security_score":131,"vuln_count":200,"unpatched_count":28,"last_vuln_date":201,"fetched_at":30},"easy-code-manager","FluentSnippets – The High-Performance file based Custom Code Snippets Plugin","10.53","Shahjahan Jewel","https:\u002F\u002Fprofiles.wordpress.org\u002Ftechjewel\u002F","\u003Cp>Experience unmatched speed and security with a unique file-based code snippet plugin, designed for security & speed\u003C\u002Fp>\n\u003Cp>FluentSnippets is the \u003Cstrong>Most Secure and Performance-Focused\u003C\u002Fstrong> Code Snippet Plugin for WordPress. FluentSnippets store your snippets in flat files, so it does not run SQL queries for your snippets. It is the \u003Cstrong>Fastest Code Snippet Plugin\u003C\u002Fstrong> for WordPress.\u003Cbr \u002F>\nOur mission is to streamline the process of integrating custom code snippets in WordPress, making it safe, secure, fast, and hassle-free.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FkUuW4sY8m7o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Why FluentSnippets?\u003C\u002Fh3>\n\u003Cp>FluentSnippets stores the code snippets in the flat file and uses code blocks in each snippet file to add metadata like a description, title, conditional logic, snippet type, and other things. We also parse these data once and cache these into index.php so we don’t have to parse these code blocks in every request. Then on runtime, it just includes those files to your selected action hook. In the whole process, FluentSnippets runs 0 database queries. In fact, we don’t have any Database query in the whole plugin runtime.\u003Cbr \u002F>\nWith this native design, FluentSnippets is native, secure by design, and the most performant code snippets in this category.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>File-based Snippets:\u003C\u002Fstrong> Your snippets are safely saved in your file system and load natively with zero database queries, so it’s safe, secure, and ultra-fast.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Code Snippets:\u003C\u002Fstrong> Write your custom code snippets including PHP, JS, CSS, HTML, and more. Categorize your snippets with groups, tags, etc\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Conditional Logic:\u003C\u002Fstrong> Execute code snippets solely under specified conditions like post type, date, URL, user type, and many more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Error Handling:\u003C\u002Fstrong> The automatic error hander prevents common errors when adding custom snippets to ensure they never break your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Shortcode:\u003C\u002Fstrong> With custom shortcode of your snippets, you can create custom dynamic content blocks and use them across your site and manage them.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stand-alone Mode:\u003C\u002Fstrong> The most interesting feature is the Stand-alone Mode. With this feature, you can add your snippets, activate the standalone mode, and then you can uninstall and delete the plugin and your snippets will still run via mu-plugins architecture and when you reactivate the plugin you can manage your snippets as before.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F-bQPZ23LSdQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Powerful Smart Conditional Logics\u003C\u002Fh3>\n\u003Cp>We have added smart conditional logic to let you choose precisely where you want to execute your code. These conditional logics include\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User’s Login State or Role\u003C\u002Fli>\n\u003Cli>Type of Pages\u003C\u002Fli>\n\u003Cli>Post Types\u003C\u002Fli>\n\u003Cli>Taxonomy or Term-Based Rule\u003C\u002Fli>\n\u003Cli>By Page \u002F Post URL\u003C\u002Fli>\n\u003Cli>Target Specific Page \u002F Post \u002F CPT\u003C\u002Fli>\n\u003Cli>Date Based Conditions\u003C\u002Fli>\n\u003Cli>FluentCRM Tag \u002F Lists based rule of the current contact\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These conditions are grouped-based, which means you can add multiple groups with a set of conditions and if any of the group match the condions it will execute the snippet.\u003C\u002Fp>\n\u003Ch3>Snippet Types\u003C\u002Fh3>\n\u003Cp>FluentSnippets has four types of snippets. You can choose the snippet type from the snippet type selection.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Functions – PHP Snippet:\u003C\u002Fstrong> This snippet is for all the PHP code that you need to execute in specific areas like you would write in your theme’s functions.php file.\u003Cbr \u002F>\nYou can use this snippet type to create functions\u002Fclasses, hook into other actions and filters, and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Content – PHP + HTML Snippet Type:\u003C\u002Fstrong> This snippet type is used to insert content to different places like header, footer, after-post content, before-post content, etc. You can write php \u002F html \u002F js \u002F css code in this snippet type.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CSS Snippet Type:\u003C\u002Fstrong> You can use this snippet type to add custom CSS to your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>JS Snippet Type:\u003C\u002Fstrong> You can use this snippet type to add custom JS to your site.\u003C\u002Fp>\n\u003Ch3>Internal Design of FluentSnippets Plugin\u003C\u002Fh3>\n\u003Cp>The design is super simple and this is what it should be! FluentSnippets stores the code snippets in the flat file and uses code blocks in each snippet file to add metadata like a description, title, conditional logic, snippet type, and other things. We also parse these data once and cache these into index.php so we don’t have to parse these code blocks in every request. Then on runtime, it just includes those files to your selected action hook. In the whole process, FluentSnippets runs 0 database queries. In fact, we don’t have any Database query in the whole plugin runtime.\u003Cbr \u002F>\nWith this native design, FluentSnippets is native, secure by design, and the most performant code snippets in this category.\u003C\u002Fp>\n\u003Ch3>Popular use cases of this Code Snippet plugin\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adding custom PHP Code to extend functionalities\u003C\u002Fli>\n\u003Cli>Adding Header and footer codes (Google Analytics \u002F Pixel \u002F Ads codes)\u003C\u002Fli>\n\u003Cli>Custom CSS for specific post\u002Fpage types\u003C\u002Fli>\n\u003Cli>Custom Javascript codes\u003C\u002Fli>\n\u003Cli>Dynamic Content to different types of places like before\u002Fafter post content or footer\u003C\u002Fli>\n\u003Cli>Dynamic Shortcode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F5E1w4mGe3xw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Other Plugins By The Same Team\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffluent-crm\u002F\" rel=\"ugc\">FluentCRM – Email Marketing, Newsletter, Email Automation and CRM Plugin for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffluentform\u002F\" rel=\"ugc\">Fluent Forms – Fastest WordPress Form Builder Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninja-tables\u002F\" rel=\"ugc\">Ninja Tables – Best WP DataTables Plugin for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninja-charts\u002F\" rel=\"ugc\">Ninja Charts – Best WP Charts Plugin for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-payment-form\u002F\" rel=\"ugc\">WPPayForm – Stripe Payments Plugin for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmautic-for-fluent-forms\u002F\" rel=\"ugc\">Mautic Integration For Fluent Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffluentforms-pdf\u002F\" rel=\"ugc\">Fluent Forms PDF – PDF Entries for Fluent Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffluent-smtp\u002F\" rel=\"ugc\">FluentSMTP – WordPress Mail SMTP, SES, SendGrid, MailGun Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CONTRIBUTE\u003C\u002Fh3>\n\u003Cp>If you want to contribute to this project or just report a bug, you are more than welcome. Please check repository from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWPManageNinja\u002Feasy-code-manager\" rel=\"nofollow ugc\">Github\u003C\u002Fa>. FluentSnippets was known as Easy Code Manager before. We have rebuild & rebranded it to FluentSnippets.\u003C\u002Fp>\n","Add header and footer scripts, PHP Snippets, Custom CSS \u002FJS snippets with advanced conditional logic, and more...",40000,152574,92,51,"2026-01-22T04:17:00.000Z","6.0","7.3",[21,194,195,196,197],"custom-codes","functions","php-codes","wp-codes","https:\u002F\u002Ffluentsnippets.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-code-manager.10.53.zip",1,"2025-07-16 00:00:00",{"slug":203,"name":204,"version":205,"author":206,"author_profile":207,"description":208,"short_description":209,"active_installs":210,"downloaded":211,"rating":188,"num_ratings":212,"last_updated":213,"tested_up_to":16,"requires_at_least":147,"requires_php":214,"tags":215,"homepage":218,"download_link":219,"security_score":220,"vuln_count":27,"unpatched_count":28,"last_vuln_date":221,"fetched_at":30},"post-snippets","Post Snippets – Custom WordPress Code Snippets Customizer","4.0.18","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cblockquote>\n\u003Cp>Create custom shortcodes and reusable content and insert them in into your posts and pages.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpostsnippets.com\u002F\" rel=\"nofollow ugc\">Post Snippets\u003C\u002Fa> lets you build a library with snippets of HTML, PHP code or reoccurring text that you often use in your posts and pages. You can use predefined variables to replace parts of the snippet on insert. All snippets are available in the post editor via a button in the Visual mode. The snippet can be inserted as defined, or as a shortcode to keep flexibility for updating the snippet. PHP code is supported for snippets inserted as shortcodes.\u003C\u002Fp>\n\u003Ch4>Basic Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Insert\u003C\u002Fstrong> All defined snippets is inserted from a button directly in the post editor.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcodes\u003C\u002Fstrong> You can use this plugin to create your own custom shortcodes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP\u003C\u002Fstrong> A shortcode snippet can optionally be processed as PHP code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Buttons\u003C\u002Fstrong> The snippets can be found in the (visual) WordPress editor with a button and in the HTML editor with a quicktag.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-friendly\u003C\u002Fstrong> Easy to use ‘Manage Snippets’ page where you can add, edit and remove snippets.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Variables\u003C\u002Fstrong> Each snippet can have as many custom variables as you like, which can be used on insert.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Import\u002FExport\u003C\u002Fstrong> Snippets can be imported and exported between sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Documentation\u003C\u002Fstrong> Full documentation is available directly from the help panel in the plugin (top right in WordPress).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uninstall\u003C\u002Fstrong> If you delete the plugin from your plugins panel it cleans up all data it has created in the WordPress database.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Snippet duplication\u003C\u002Fstrong> Easily duplicate shortcode snippets and insert them into posts and pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rich Text Editor\u003C\u002Fstrong> Use Post Snippets’ built-in Rich Text editor to customize your snippets however you want.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Snippets Order\u003C\u002Fstrong> Change the order of your snippets simply by using the drag and drop functionality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rest API\u003C\u002Fstrong> Allow anyone the right to add, edit, update and delete any snippet without providing them admin access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tags\u003C\u002Fstrong> Use the tags feature to add multiple tags and filter different snippets by using tags.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloud snippet\u003C\u002Fstrong> Save, edit, download, and delete snippets directly on the cloud by using the cloud snippets feature.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg Block Editor Support\u003C\u002Fstrong> Gutenberg block types can support any number of built-in core features such as name, icon, description, category and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Snippet type\u003C\u002Fstrong> Display the snippet types (PHP, JS, CSS) by adding a column in the snippet listing page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>The Gutenberg editor\u003C\u002Fstrong> integrates source code snippets block to insert and preview selected snippet’s code on the front-end without execution.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor editor\u003C\u002Fstrong> adds a post-snippet block for inserting snippets with PHP execution, formatting, shortcode support, and a Post Snippet source block to showcase snippet source code. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Technical Documentation\u003C\u002Fh4>\n\u003Cp>To obtain more information, including instructions for plugin installation, we recommend referring to our technical \u003Ca href=\"https:\u002F\u002Fpostsnippets.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">documentation\u003C\u002Fa> page on Post Snippets. Additionally, to stay informed about the latest plugin updates, enhancements, and relevant news, you can always visit our \u003Ca href=\"https:\u002F\u002Fpostsnippets.com\u002Fblog\u002F\" rel=\"nofollow ugc\">Post Snippets blog.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>To get your queries resolved related to Post Snippets, you can always take help from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fpost-snippets\u002F\" rel=\"ugc\">WordPress Support.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Pricing Plans\u003C\u002Fh4>\n\u003Cp>Post Snippets offers budget-friendly pricing options that complement your business needs. See the pricing plan details \u003Ca href=\"https:\u002F\u002Fpostsnippets.com\u002F#pricing\" rel=\"nofollow ugc\">here.\u003C\u002Fa>\u003C\u002Fp>\n","Create WordPress custom snippets shortcodes and reusable content and insert them in into your posts and pages.",20000,818857,93,"2026-03-12T04:57:00.000Z","8.0",[216,217,22,172,23],"custom-shortcode","custom-snippet","https:\u002F\u002Fwww.postsnippets.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-snippets.4.0.18.zip",86,"2026-03-16 00:00:00",{"attackSurface":223,"codeSignals":603,"taintFlows":660,"riskAssessment":902,"analyzedAt":915},{"hooks":224,"ajaxHandlers":585,"restRoutes":586,"shortcodes":599,"cronEvents":602,"entryPointCount":132,"unprotectedCount":153},[225,231,238,242,246,250,255,257,261,264,268,271,274,278,281,283,287,292,296,300,303,306,309,311,314,318,321,324,326,329,333,337,341,345,348,351,353,355,359,362,366,369,372,374,377,380,383,387,391,394,397,400,404,407,410,411,413,416,418,422,425,428,431,434,437,440,443,447,449,451,454,458,462,466,469,472,476,479,482,484,486,489,493,495,498,501,504,507,509,512,515,518,522,525,528,532,534,537,539,541,543,545,548,550,552,554,555,557,561,565,569,571,573,576,579,581],{"type":226,"name":227,"callback":228,"file":229,"line":230},"action","admin_init","actions","classes\\Admin\\AdminActions.php",15,{"type":232,"name":233,"callback":234,"priority":235,"file":236,"line":237},"filter","plugin_action_links","settings_link",10,"classes\\Admin\\AdminInitializer.php",14,{"type":232,"name":239,"callback":240,"priority":241,"file":236,"line":230},"admin_footer_text","footer_text",20,{"type":226,"name":243,"callback":244,"file":236,"line":245},"admin_menu","add_admin_page",16,{"type":226,"name":247,"callback":248,"file":236,"line":249},"admin_enqueue_scripts","admin_scripts",17,{"type":226,"name":251,"callback":252,"file":253,"line":254},"admin_notices","admin_notice","classes\\Admin\\AdminNotices.php",12,{"type":226,"name":247,"callback":248,"file":256,"line":235},"classes\\Block\\WPCoder_Block.php",{"type":226,"name":258,"callback":259,"file":256,"line":260},"init","register_block",11,{"type":226,"name":262,"callback":263,"file":256,"line":254},"rest_api_init","rest_api",{"type":232,"name":265,"callback":266,"priority":241,"file":267,"line":104},"script_loader_tag","add_attribute","classes\\Publisher\\EnqueueScript.php",{"type":226,"name":258,"callback":269,"file":270,"line":254},"include_php","classes\\Publisher\\PHPIncludes.php",{"type":226,"name":251,"callback":272,"file":270,"line":273},"display_admin_error_notice",13,{"type":226,"name":243,"callback":275,"file":276,"line":277},"add_menu","includes\\class-wow-company.php",27,{"type":226,"name":247,"callback":279,"file":276,"line":280},"admin_style",28,{"type":232,"name":239,"callback":240,"file":276,"line":282},29,{"type":226,"name":227,"callback":284,"file":285,"line":286},"export_items","includes\\class-wowp-dashboard.php",21,{"type":226,"name":288,"callback":289,"priority":290,"file":291,"line":47},"wp_footer","print_footer",50,"includes\\class-wowp-public.php",{"type":226,"name":293,"callback":294,"file":295,"line":235},"plugins_loaded","wpcoder_maybe_enable_safe_mode","includes\\safe-mode.php",{"type":232,"name":297,"callback":298,"file":295,"line":299},"home_url","wpcoder_keep_safe_mode",23,{"type":232,"name":301,"callback":298,"file":295,"line":302},"admin_url",24,{"type":232,"name":304,"callback":305,"priority":235,"file":295,"line":104},"site_url","wpcoder_keep_safe_mode_login",{"type":226,"name":307,"callback":308,"file":295,"line":277},"admin_footer","wpcoder_keep_safe_mode_admin_menu",{"type":226,"name":251,"callback":310,"file":295,"line":282},"wpcoder_safe_mode_notice",{"type":226,"name":312,"callback":310,"file":295,"line":313},"wpcoder_admin_notices",30,{"type":232,"name":315,"callback":316,"file":317,"line":245},"wp_revisions_to_keep","change_revisions_control","includes\\snippets\\class-snippet-changed.php",{"type":226,"name":319,"callback":320,"file":317,"line":241},"login_head","change_logo_on_site_icon",{"type":232,"name":322,"callback":323,"file":317,"line":302},"login_headerurl","logo_link",{"type":232,"name":325,"callback":325,"priority":235,"file":317,"line":280},"login_redirect",{"type":232,"name":327,"callback":327,"priority":235,"file":317,"line":328},"logout_redirect",32,{"type":232,"name":330,"callback":331,"file":317,"line":332},"embed_defaults","oembed_defaults",36,{"type":232,"name":334,"callback":335,"priority":230,"file":317,"line":336},"the_content_more_link","change_read_more",40,{"type":232,"name":338,"callback":339,"file":317,"line":340},"auth_cookie_expiration","change_expiration_remember_me",44,{"type":232,"name":342,"callback":343,"priority":27,"file":344,"line":249},"gutenberg_can_edit_post","__return_false","includes\\snippets\\class-snippet-disabled.php",{"type":232,"name":346,"callback":343,"priority":27,"file":344,"line":347},"use_block_editor_for_post",18,{"type":226,"name":349,"callback":350,"file":344,"line":47},"wp_enqueue_scripts","remove_wp_block_library_css",{"type":232,"name":352,"callback":343,"file":344,"line":280},"gutenberg_use_widgets_block_editor",{"type":232,"name":354,"callback":343,"file":344,"line":313},"use_widgets_block_editor",{"type":232,"name":356,"callback":357,"file":344,"line":358},"the_generator","__return_empty_string",34,{"type":232,"name":360,"callback":343,"file":344,"line":361},"xmlrpc_enabled",38,{"type":232,"name":363,"callback":364,"file":344,"line":365},"show_admin_bar","disable_admin_bar",42,{"type":232,"name":367,"callback":343,"file":344,"line":368},"auto_update_core",47,{"type":232,"name":370,"callback":343,"file":344,"line":371},"auto_update_plugin",49,{"type":232,"name":373,"callback":343,"file":344,"line":189},"auto_update_theme",{"type":232,"name":375,"callback":343,"file":344,"line":376},"auto_core_update_send_email",56,{"type":232,"name":378,"callback":343,"file":344,"line":379},"auto_plugin_update_send_email",58,{"type":232,"name":381,"callback":343,"file":344,"line":382},"auto_theme_update_send_email",60,{"type":226,"name":384,"callback":385,"priority":200,"file":344,"line":386},"template_redirect","redirect_attachment_pages",64,{"type":232,"name":388,"callback":389,"file":344,"line":390},"rest_authentication_errors","disable_rest_api",68,{"type":226,"name":227,"callback":392,"file":344,"line":393},"disable_comments",72,{"type":232,"name":395,"callback":343,"priority":241,"file":344,"line":396},"comments_open",74,{"type":232,"name":398,"callback":343,"priority":241,"file":344,"line":399},"pings_open",75,{"type":232,"name":401,"callback":402,"priority":235,"file":344,"line":403},"comments_array","__return_empty_array",78,{"type":226,"name":243,"callback":405,"file":344,"line":406},"closure",80,{"type":226,"name":408,"callback":405,"priority":28,"file":344,"line":409},"admin_bar_menu",84,{"type":226,"name":258,"callback":405,"file":344,"line":165},{"type":226,"name":258,"callback":412,"file":344,"line":106},"disable_emojis",{"type":232,"name":414,"callback":343,"file":344,"line":415},"screen_options_show_screen",100,{"type":226,"name":227,"callback":405,"file":344,"line":417},104,{"type":226,"name":419,"callback":420,"priority":200,"file":344,"line":421},"do_feed_rdf","disable_feed",111,{"type":226,"name":423,"callback":420,"priority":200,"file":344,"line":424},"do_feed_rss",112,{"type":226,"name":426,"callback":420,"priority":200,"file":344,"line":427},"do_feed_rss2",113,{"type":226,"name":429,"callback":420,"priority":200,"file":344,"line":430},"do_feed_atom",114,{"type":226,"name":432,"callback":420,"priority":200,"file":344,"line":433},"do_feed_rss2_comments",115,{"type":226,"name":435,"callback":420,"priority":200,"file":344,"line":436},"do_feed_atom_comments",116,{"type":226,"name":438,"callback":405,"priority":230,"file":344,"line":439},"parse_query",122,{"type":226,"name":441,"callback":405,"file":344,"line":442},"widgets_init",133,{"type":232,"name":444,"callback":357,"priority":445,"file":344,"line":446},"get_search_form",999,138,{"type":226,"name":258,"callback":405,"file":344,"line":448},140,{"type":226,"name":408,"callback":405,"priority":260,"file":344,"line":450},150,{"type":232,"name":452,"callback":343,"file":344,"line":453},"login_display_language_dropdown",156,{"type":232,"name":455,"callback":456,"priority":450,"file":344,"line":457},"comment_form_default_fields","comment_from_website",164,{"type":226,"name":459,"callback":460,"file":344,"line":461},"pre_ping","self_pingbacks",168,{"type":226,"name":258,"callback":463,"priority":464,"file":344,"line":465},"disable_embeds",9999,176,{"type":232,"name":467,"callback":343,"file":344,"line":468},"wp_lazy_loading_enabled",180,{"type":232,"name":470,"callback":405,"file":344,"line":471},"xmlrpc_methods",192,{"type":232,"name":473,"callback":474,"file":344,"line":475},"pre_comment_content","wp_strip_all_tags",200,{"type":232,"name":477,"callback":343,"file":344,"line":478},"embed_oembed_discover",209,{"type":232,"name":480,"callback":405,"file":344,"line":481},"tiny_mce_plugins",216,{"type":232,"name":483,"callback":405,"file":344,"line":166},"rewrite_rules_array",{"type":232,"name":480,"callback":405,"file":344,"line":485},271,{"type":232,"name":487,"callback":405,"priority":235,"file":344,"line":488},"wp_resource_hints",280,{"type":232,"name":490,"callback":491,"priority":235,"file":492,"line":245},"post_row_actions","add_duplicate_link","includes\\snippets\\class-snippet-enabled.php",{"type":232,"name":494,"callback":491,"priority":235,"file":492,"line":249},"page_row_actions",{"type":226,"name":496,"callback":497,"file":492,"line":347},"admin_action_wpcoder_duplicate_post","duplicate_post",{"type":226,"name":251,"callback":499,"file":492,"line":500},"duplication_admin_notice",19,{"type":232,"name":502,"callback":503,"file":492,"line":299},"upload_mimes","add_svg_mime",{"type":232,"name":505,"callback":506,"priority":235,"file":492,"line":302},"wp_check_filetype_and_ext","confirm_file_type_is_svg",{"type":226,"name":508,"callback":405,"file":492,"line":280},"after_setup_theme",{"type":232,"name":510,"callback":511,"file":492,"line":358},"widget_text","do_shortcode",{"type":232,"name":513,"callback":514,"file":492,"line":361},"the_excerpt_rss","rss_post_thumbnail",{"type":232,"name":516,"callback":514,"file":492,"line":517},"the_content_feed",39,{"type":232,"name":519,"callback":520,"file":492,"line":521},"body_class","add_slug_body_class",43,{"type":232,"name":523,"callback":524,"file":492,"line":368},"sanitize_file_name","mb_strtolower",{"type":232,"name":526,"callback":527,"file":492,"line":189},"pre_get_avatar_data","default_alt_to_avatar",{"type":232,"name":529,"callback":530,"file":492,"line":531},"the_content","force_external_links_new_tab",55,{"type":226,"name":384,"callback":405,"file":492,"line":533},59,{"type":232,"name":535,"callback":536,"file":492,"line":390},"preprocess_comment","limit_comment_length",{"type":232,"name":538,"callback":405,"priority":235,"file":492,"line":393},"wp_content_img_tag",{"type":232,"name":473,"callback":474,"file":492,"line":540},102,{"type":232,"name":346,"callback":405,"priority":235,"file":542,"line":500},"includes\\snippets\\class-tool-markdown-editor.php",{"type":232,"name":544,"callback":405,"priority":290,"file":542,"line":302},"user_can_richedit",{"type":232,"name":529,"callback":546,"priority":547,"file":542,"line":313},"content",9,{"type":226,"name":247,"callback":549,"file":542,"line":328},"enqueue_scripts",{"type":226,"name":349,"callback":551,"priority":131,"file":542,"line":358},"maybe_strip_block_css",{"type":226,"name":384,"callback":405,"file":553,"line":254},"includes\\snippets\\class-tool-page-info.php",{"type":226,"name":258,"callback":405,"file":553,"line":249},{"type":226,"name":408,"callback":556,"priority":165,"file":553,"line":302},"add_admin_bar_template_info",{"type":226,"name":408,"callback":558,"priority":559,"file":560,"line":176},"admin_bar_item",500,"includes\\snippets\\class-tool-theme-switcher.php",{"type":232,"name":562,"callback":563,"file":560,"line":564},"wp_redirect","handle_theme_switch_redirect",8,{"type":226,"name":566,"callback":567,"file":568,"line":286},"wp_head","add_tracking","includes\\snippets\\class-tools.php",{"type":226,"name":566,"callback":570,"file":568,"line":104},"add_adsense_code",{"type":226,"name":566,"callback":572,"priority":200,"file":568,"line":282},"add_gtm_head",{"type":226,"name":574,"callback":575,"priority":200,"file":568,"line":313},"wp_body_open","add_gtm_body",{"type":226,"name":293,"callback":577,"file":568,"line":578},"debug_log",35,{"type":226,"name":408,"callback":580,"priority":165,"file":568,"line":332},"admin_menu_debug",{"type":226,"name":293,"callback":582,"file":583,"line":584},"loaded","wp-coder.php",65,[],[587,594],{"namespace":588,"route":589,"methods":590,"callback":592,"permissionCallback":593,"file":256,"line":386},"wpcoder\u002Fv1","\u002Fpreview",[591],"POST","preview_callback","__return_true",{"namespace":588,"route":595,"methods":596,"callback":597,"permissionCallback":593,"file":256,"line":598},"\u002Fattributes",[591],"attributes_callback",70,[600],{"tag":601,"callback":22,"file":291,"line":500},"WP-Coder",[],{"dangerousFunctions":604,"sqlUsage":605,"outputEscaping":622,"fileOperations":254,"externalRequests":28,"nonceChecks":235,"capabilityChecks":286,"bundledLibraries":659},[],{"prepared":280,"raw":606,"locations":607},6,[608,612,614,616,617,620],{"file":609,"line":610,"context":611},"classes\\Dashboard\\DBManager.php",79,"$wpdb->get_results() with variable interpolation",{"file":609,"line":613,"context":611},191,{"file":609,"line":615,"context":611},197,{"file":609,"line":481,"context":611},{"file":618,"line":619,"context":611},"classes\\Dashboard\\ListTable.php",224,{"file":618,"line":621,"context":611},229,{"escaped":623,"rawEcho":500,"locations":624},363,[625,628,629,631,633,634,635,637,639,641,643,645,646,648,650,652,654,655,657],{"file":626,"line":358,"context":627},"classes\\Dashboard\\Field.php","raw output",{"file":626,"line":290,"context":627},{"file":626,"line":630,"context":627},83,{"file":632,"line":302,"context":627},"classes\\Dashboard\\ImporterExporter.php",{"file":632,"line":277,"context":627},{"file":632,"line":578,"context":627},{"file":632,"line":636,"context":627},226,{"file":618,"line":638,"context":627},309,{"file":618,"line":640,"context":627},312,{"file":618,"line":642,"context":627},320,{"file":644,"line":286,"context":627},"classes\\Dashboard\\Settings.php",{"file":644,"line":212,"context":627},{"file":267,"line":647,"context":627},69,{"file":649,"line":578,"context":627},"classes\\Snippets\\SnippetManager.php",{"file":649,"line":651,"context":627},46,{"file":653,"line":578,"context":627},"classes\\Tools\\ToolsManager.php",{"file":653,"line":651,"context":627},{"file":568,"line":656,"context":627},207,{"file":568,"line":658,"context":627},231,[],[661,680,689,700,715,724,743,752,765,774,782,805,826,837,846,854,863,871,882,893],{"entryPoint":662,"graph":663,"unsanitizedCount":200,"severity":40},"menu (classes\\Dashboard\\DashboardInitializer.php:60)",{"nodes":664,"edges":677},[665,671],{"id":666,"type":667,"label":668,"file":669,"line":670},"n0","source","$_REQUEST","classes\\Dashboard\\DashboardInitializer.php",67,{"id":672,"type":673,"label":674,"file":669,"line":675,"wp_function":676},"n1","sink","echo() [XSS]",81,"echo",[678],{"from":666,"to":672,"sanitized":679},false,{"entryPoint":681,"graph":682,"unsanitizedCount":153,"severity":40},"form_export (classes\\Dashboard\\ImporterExporter.php:14)",{"nodes":683,"edges":687},[684,686],{"id":666,"type":667,"label":685,"file":632,"line":286},"$_REQUEST (x2)",{"id":672,"type":673,"label":674,"file":632,"line":277,"wp_function":676},[688],{"from":666,"to":672,"sanitized":679},{"entryPoint":690,"graph":691,"unsanitizedCount":200,"severity":40},"import_data (classes\\Dashboard\\ImporterExporter.php:76)",{"nodes":692,"edges":698},[693,695],{"id":666,"type":667,"label":694,"file":632,"line":630},"$_FILES",{"id":672,"type":673,"label":696,"file":632,"line":409,"wp_function":697},"file_get_contents() [SSRF\u002FLFI]","file_get_contents",[699],{"from":666,"to":672,"sanitized":679},{"entryPoint":701,"graph":702,"unsanitizedCount":153,"severity":40},"search_box (classes\\Dashboard\\ListTable.php:26)",{"nodes":703,"edges":712},[704,706,707,710],{"id":666,"type":667,"label":705,"file":618,"line":282},"$_REQUEST['orderby']",{"id":672,"type":673,"label":674,"file":618,"line":282,"wp_function":676},{"id":708,"type":667,"label":709,"file":618,"line":328},"n2","$_REQUEST['order']",{"id":711,"type":673,"label":674,"file":618,"line":328,"wp_function":676},"n3",[713,714],{"from":666,"to":672,"sanitized":679},{"from":708,"to":711,"sanitized":679},{"entryPoint":716,"graph":717,"unsanitizedCount":153,"severity":40},"extra_tablenav (classes\\Dashboard\\ListTable.php:302)",{"nodes":718,"edges":722},[719,721],{"id":666,"type":667,"label":685,"file":618,"line":720},306,{"id":672,"type":673,"label":674,"file":618,"line":640,"wp_function":676},[723],{"from":666,"to":672,"sanitized":679},{"entryPoint":725,"graph":726,"unsanitizedCount":153,"severity":40},"send (classes\\Dashboard\\SaveGlobal.php:75)",{"nodes":727,"edges":740},[728,731,734,736],{"id":666,"type":667,"label":729,"file":730,"line":610},"$_POST","classes\\Dashboard\\SaveGlobal.php",{"id":672,"type":673,"label":732,"file":730,"line":406,"wp_function":733},"update_option() [Settings Manipulation]","update_option",{"id":708,"type":667,"label":735,"file":730,"line":220},"$_POST['wp_coder_global_php']",{"id":711,"type":673,"label":737,"file":730,"line":738,"wp_function":739},"file_put_contents() [File Write]",85,"file_put_contents",[741,742],{"from":666,"to":672,"sanitized":679},{"from":708,"to":711,"sanitized":679},{"entryPoint":744,"graph":745,"unsanitizedCount":200,"severity":751},"\u003CDashboardInitializer> (classes\\Dashboard\\DashboardInitializer.php:0)",{"nodes":746,"edges":749},[747,748],{"id":666,"type":667,"label":668,"file":669,"line":670},{"id":672,"type":673,"label":674,"file":669,"line":675,"wp_function":676},[750],{"from":666,"to":672,"sanitized":679},"low",{"entryPoint":753,"graph":754,"unsanitizedCount":28,"severity":751},"\u003CDBManager> (classes\\Dashboard\\DBManager.php:0)",{"nodes":755,"edges":762},[756,758],{"id":666,"type":667,"label":757,"file":609,"line":358},"$_GET (x2)",{"id":672,"type":673,"label":759,"file":609,"line":760,"wp_function":761},"get_row() [SQLi]",105,"get_row",[763],{"from":666,"to":672,"sanitized":764},true,{"entryPoint":766,"graph":767,"unsanitizedCount":200,"severity":751},"send (classes\\Dashboard\\DebugLog.php:75)",{"nodes":768,"edges":772},[769,771],{"id":666,"type":667,"label":729,"file":770,"line":610},"classes\\Dashboard\\DebugLog.php",{"id":672,"type":673,"label":732,"file":770,"line":630,"wp_function":733},[773],{"from":666,"to":672,"sanitized":679},{"entryPoint":775,"graph":776,"unsanitizedCount":28,"severity":751},"\u003CDebugLog> (classes\\Dashboard\\DebugLog.php:0)",{"nodes":777,"edges":780},[778,779],{"id":666,"type":667,"label":729,"file":770,"line":610},{"id":672,"type":673,"label":732,"file":770,"line":630,"wp_function":733},[781],{"from":666,"to":672,"sanitized":764},{"entryPoint":783,"graph":784,"unsanitizedCount":28,"severity":751},"\u003CImporterExporter> (classes\\Dashboard\\ImporterExporter.php:0)",{"nodes":785,"edges":800},[786,787,788,789,790,792,796,798],{"id":666,"type":667,"label":685,"file":632,"line":286},{"id":672,"type":673,"label":674,"file":632,"line":277,"wp_function":676},{"id":708,"type":667,"label":694,"file":632,"line":630},{"id":711,"type":673,"label":696,"file":632,"line":409,"wp_function":697},{"id":791,"type":667,"label":729,"file":632,"line":475},"n4",{"id":793,"type":673,"label":794,"file":632,"line":795,"wp_function":127},"n5","header() [Header Injection]",223,{"id":797,"type":667,"label":729,"file":632,"line":475},"n6",{"id":799,"type":673,"label":674,"file":632,"line":636,"wp_function":676},"n7",[801,802,803,804],{"from":666,"to":672,"sanitized":764},{"from":708,"to":711,"sanitized":764},{"from":791,"to":793,"sanitized":764},{"from":797,"to":799,"sanitized":764},{"entryPoint":806,"graph":807,"unsanitizedCount":28,"severity":751},"\u003CListTable> (classes\\Dashboard\\ListTable.php:0)",{"nodes":808,"edges":821},[809,810,811,812,813,816,819,820],{"id":666,"type":667,"label":705,"file":618,"line":282},{"id":672,"type":673,"label":674,"file":618,"line":282,"wp_function":676},{"id":708,"type":667,"label":709,"file":618,"line":328},{"id":711,"type":673,"label":674,"file":618,"line":328,"wp_function":676},{"id":791,"type":667,"label":814,"file":618,"line":815},"$_REQUEST (x4)",215,{"id":793,"type":673,"label":817,"file":618,"line":636,"wp_function":818},"get_results() [SQLi]","get_results",{"id":797,"type":667,"label":685,"file":618,"line":720},{"id":799,"type":673,"label":674,"file":618,"line":640,"wp_function":676},[822,823,824,825],{"from":666,"to":672,"sanitized":764},{"from":708,"to":711,"sanitized":764},{"from":791,"to":793,"sanitized":764},{"from":797,"to":799,"sanitized":764},{"entryPoint":827,"graph":828,"unsanitizedCount":28,"severity":751},"\u003CSaveGlobal> (classes\\Dashboard\\SaveGlobal.php:0)",{"nodes":829,"edges":834},[830,831,832,833],{"id":666,"type":667,"label":729,"file":730,"line":610},{"id":672,"type":673,"label":732,"file":730,"line":406,"wp_function":733},{"id":708,"type":667,"label":735,"file":730,"line":220},{"id":711,"type":673,"label":737,"file":730,"line":738,"wp_function":739},[835,836],{"from":666,"to":672,"sanitized":764},{"from":708,"to":711,"sanitized":764},{"entryPoint":838,"graph":839,"unsanitizedCount":200,"severity":751},"send (classes\\Snippets\\SnippetManager.php:107)",{"nodes":840,"edges":844},[841,842],{"id":666,"type":667,"label":729,"file":649,"line":433},{"id":672,"type":673,"label":732,"file":649,"line":843,"wp_function":733},118,[845],{"from":666,"to":672,"sanitized":679},{"entryPoint":847,"graph":848,"unsanitizedCount":28,"severity":751},"\u003CSnippetManager> (classes\\Snippets\\SnippetManager.php:0)",{"nodes":849,"edges":852},[850,851],{"id":666,"type":667,"label":729,"file":649,"line":433},{"id":672,"type":673,"label":732,"file":649,"line":843,"wp_function":733},[853],{"from":666,"to":672,"sanitized":764},{"entryPoint":855,"graph":856,"unsanitizedCount":200,"severity":751},"send (classes\\Tools\\ToolsManager.php:96)",{"nodes":857,"edges":861},[858,859],{"id":666,"type":667,"label":729,"file":653,"line":417},{"id":672,"type":673,"label":732,"file":653,"line":860,"wp_function":733},108,[862],{"from":666,"to":672,"sanitized":679},{"entryPoint":864,"graph":865,"unsanitizedCount":28,"severity":751},"\u003CToolsManager> (classes\\Tools\\ToolsManager.php:0)",{"nodes":866,"edges":869},[867,868],{"id":666,"type":667,"label":729,"file":653,"line":417},{"id":672,"type":673,"label":732,"file":653,"line":860,"wp_function":733},[870],{"from":666,"to":672,"sanitized":764},{"entryPoint":872,"graph":873,"unsanitizedCount":28,"severity":751},"\u003C1.list> (includes\\pages\\1.list.php:0)",{"nodes":874,"edges":880},[875,879],{"id":666,"type":667,"label":876,"file":877,"line":878},"$_REQUEST['page']","includes\\pages\\1.list.php",37,{"id":672,"type":673,"label":674,"file":877,"line":878,"wp_function":676},[881],{"from":666,"to":672,"sanitized":764},{"entryPoint":883,"graph":884,"unsanitizedCount":28,"severity":751},"\u003C2.settings> (includes\\pages\\2.settings.php:0)",{"nodes":885,"edges":891},[886,889],{"id":666,"type":667,"label":887,"file":888,"line":347},"$_GET","includes\\pages\\2.settings.php",{"id":672,"type":673,"label":674,"file":888,"line":890,"wp_function":676},45,[892],{"from":666,"to":672,"sanitized":764},{"entryPoint":894,"graph":895,"unsanitizedCount":901,"severity":69},"get_results (classes\\Dashboard\\ListTable.php:210)",{"nodes":896,"edges":899},[897,898],{"id":666,"type":667,"label":814,"file":618,"line":815},{"id":672,"type":673,"label":817,"file":618,"line":636,"wp_function":818},[900],{"from":666,"to":672,"sanitized":679},4,{"summary":903,"deductions":904},"The wp-coder plugin v4.5 exhibits a mixed security posture. On the positive side, it demonstrates good practices in SQL query handling with 82% prepared statements and a high rate of output escaping (95%). The absence of dangerous functions, external HTTP requests, and bundled libraries are also strengths. However, significant concerns arise from its attack surface and taint analysis. The plugin exposes two REST API routes without permission callbacks, making them vulnerable to unauthorized access and manipulation. Additionally, the taint analysis reveals one high-severity flow with unsanitized paths, indicating a potential vulnerability that could lead to code execution or data compromise if exploited.\n\nThe plugin's vulnerability history is a major red flag, with five known CVEs, including three high-severity and two medium-severity vulnerabilities. The common types of past vulnerabilities (CSRF, XSS, SQL Injection) suggest a pattern of input validation and authorization flaws. While there are currently no unpatched CVEs, the history of numerous, often high-severity, vulnerabilities points to systemic issues in the development or review process. The recent vulnerability in early 2025, although now patched, reinforces the ongoing need for vigilance.\n\nIn conclusion, while wp-coder v4.5 has strengths in its handling of SQL and output, the presence of unprotected entry points and a concerning history of vulnerabilities, particularly the high-severity taint flow, warrant a cautious approach. The plugin's attack surface needs to be carefully managed, and the development team should prioritize addressing the root causes of past vulnerabilities to improve its overall security.",[905,907,909,911,913],{"reason":906,"points":235},"REST API routes without permission callbacks",{"reason":908,"points":254},"High severity taint flow found",{"reason":910,"points":230},"History of 3 high severity CVEs",{"reason":912,"points":564},"History of 2 medium severity CVEs",{"reason":914,"points":176},"Unsanitized paths in taint flows","2026-03-16T17:38:50.053Z",{"wat":917,"direct":949},{"assetPaths":918,"generatorPatterns":932,"scriptPaths":934,"versionParams":935},[919,920,921,922,923,924,925,926,927,928,929,930,931],"\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fdashboard.css","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Flayout.css","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fstyles.css","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fwowp.css","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fwowp-dashboard.css","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fdashboard.js","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Feditor.js","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fsettings.js","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp.js","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-dashboard.js","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-editor.js","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-settings.js","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-tools.js",[933],"WP Coder",[],[936,937,938,939,940,941,942,943,944,945,946,947,948],"\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fdashboard.css?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Flayout.css?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fstyles.css?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fwowp.css?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fcss\u002Fadmin\u002Fwowp-dashboard.css?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fdashboard.js?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Feditor.js?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fsettings.js?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp.js?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-dashboard.js?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-editor.js?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-settings.js?ver=","\u002Fwp-content\u002Fplugins\u002Fwp-coder\u002Fassets\u002Fjs\u002Fadmin\u002Fwowp-tools.js?ver=",{"cssClasses":950,"htmlComments":955,"htmlAttributes":958,"restEndpoints":963,"jsGlobals":964,"shortcodeOutput":970},[951,952,953,954],"wp-coder-admin","wp-coder-dashboard","wp-coder-settings","wp-coder-editor",[956,957],"\u003C!-- WP Coder Pro plugin by WPCoder.pro -->","\u003C!-- WP Coder Pro plugin -->",[959,960,961,962],"data-wp-coder-id","data-wp-coder-type","data-wp-coder-code-id","data-wp-coder-editor-id",[],[965,966,967,968,969],"WPCoderAdmin","wpCoderDashboard","wpCoderSettings","wpCoderEditor","WOWP",[971,972,973,974],"[wp_code id=\"","[wp_code]","\u003Cdiv class=\"wp-code\" data-wp-coder-id=\"","\u003Cdiv class=\"wp-code\">"]