[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fiI8bJctpLzjmhkhDAAbIDZ8pPSfUpdktXVAspJrMpnc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":59,"crawl_stats":37,"alternatives":64,"analysis":163,"fingerprints":358},"wp-custom-body-class","Custom Body Class","0.7.5","Andrei Lupu","https:\u002F\u002Fprofiles.wordpress.org\u002Feuthelup\u002F","\u003Cp>You can use this plugin to add a unique CSS class to your pages or posts.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftastewp.com\u002F\" rel=\"nofollow ugc\">TasteWP\u003C\u002Fa> has prepared a quick WordPress instance with this plugin, so you can give it a try \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fwp-custom-body-class\" rel=\"nofollow ugc\">in this demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Responsiveness\u003C\u002Fh4>\n\u003Cp>There’s a way to add a class to appear only on mobile devices. You can do that by simply adding \u003Ccode>mobile-\u003C\u002Fcode> on the front of\u003Cbr \u002F>\nthe class. For example, if you want to have the class “car” for mobile side, you need to use “mobile-car”.\u003C\u002Fp>\n\u003Ch4>Support me\u003C\u002Fh4>\n\u003Cp>If you find this plugin helpful, or you just want to send me a coffee here are the ways:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use the Github Sponsor button\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fthelup\" rel=\"nofollow ugc\">Ko-fi\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Watch me coding on \u003Ca href=\"https:\u002F\u002Fwww.twitch.tv\u002Fthelup\u002F\" rel=\"nofollow ugc\">twitch.tv\u002Fthelup\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Or simply visit my site \u003Ca href=\"https:\u002F\u002Fa.lup.dev\u002F\" rel=\"nofollow ugc\">lup.dev\u003C\u002Fa> and make those analytics ring the bells.\u003C\u002Fli>\n\u003C\u002Ful>\n","A plain simple plugin which allows you to add a custom CSS class the HTML body tag.",10000,117082,100,21,"2025-07-27T17:23:00.000Z","6.8.5","5.2.0","",[20,21,22,23],"body","class","css","custom","https:\u002F\u002Fa.lup.dev","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-custom-body-class.0.7.5.zip",99,2,0,"2019-12-12 00:00:00","2026-03-15T15:16:48.613Z",[32,48],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2019-6030","custom-body-class-cross-site-request-forgery","Custom Body Class \u003C= 0.6.0 - Cross-Site Request Forgery","Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.",null,"\u003C=0.6.0","0.7.0","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F69a9f449-9f94-4da3-9fd0-4eac72b6d8be?source=api-prod",1503,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":53,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":29,"updated_date":44,"references":57,"days_to_patch":47},"CVE-2019-6029","custom-body-class-cross-site-scripting","Custom Body Class \u003C= 0.6.0 - Cross-Site Scripting","Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",[58],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9e013542-8a8c-440d-9130-61057d97990d?source=api-prod",{"slug":60,"display_name":7,"profile_url":8,"plugin_count":61,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":47,"trust_score":62,"computed_at":63},"euthelup",1,78,"2026-04-04T21:17:12.093Z",[65,83,104,126,146],{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":13,"num_ratings":61,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":78,"tags":79,"homepage":18,"download_link":82,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"body-class-by-url-parameter","Body Class By URL Parameter","0.0.2","Jose Mortellaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiuse\u002F","\u003Cp>It adds CSS classes to the body depending on the parameters included in the URL.\u003C\u002Fp>\n\u003Cp>For each URL query argument, the plugin adds a CSS class to the body that is composed by [bc]-[paramenter name]-[parameter value].\u003C\u002Fp>\n\u003Cp>Where [bc] is the a prefix that is always the same.\u003C\u002Fp>\n\u003Cp>If for example you share your page https:\u002F\u002Fyour-domain.com\u002Fsample-page on Facebook, the user after clicking on the link will land on a page having an URL that looks like https:\u002F\u002Fyour-domain.com\u002Fsample-page\u002F?fbclid=IwAR0o12nq9Em-x1n\u003C\u002Fp>\n\u003Cp>In this case the plugin would add the class bc-fbclid-IwAR0o12nq9Em-x1n to the body.\u003C\u002Fp>\n\u003Cp>Then you can use that class for your custom CSS.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>.bc-fbclid-IwAR0o12nq9Em-x1n .disable-for-facebook{\n  display:none !important\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>In the example above you hide all the elements that have the class .disable-for-facebook if the users come from the link shared on Facebook.\u003C\u002Fp>\n\u003Cp>This is just an example. You can use it to create different styles depending on whatever query arguments are included in the URL.\u003C\u002Fp>\n\u003Cp>The use of this plugin requires that you have at least basic CSS skills and you know where to put your custom CSS. All other users will not be able to take advantage of this plugin.\u003C\u002Fp>\n\u003Ch4>0.0.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Checked WordPress 6.4\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>0.0.1\u003C\u002Fh4>\n\u003Cp>*Initial release\u003C\u002Fp>\n","It adds a CSS class to the body depending on the parameters included in the URL",50,1820,"2025-12-10T09:07:00.000Z","6.9.4","4.6","5.6",[80,81],"body-class","custom-css-by-url","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbody-class-by-url-parameter.0.0.2.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":13,"downloaded":91,"rating":28,"num_ratings":28,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":101,"download_link":102,"security_score":103,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"insert-body-class","Insert Body Class Plugin for WordPress","2.0.0","Chitraa","https:\u002F\u002Fprofiles.wordpress.org\u002Fchitracreation\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FhZ42XveUDqs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>This plugin makes it easy to add custom body classes to any page or post on your WordPress site, perfect for those who want simple styling options without custom coding.\u003C\u002Fp>\n\u003Ch3>🌟 How to Use the Insert Body Class Plugin by \u003Ca href=\"https:\u002F\u002Fchitraa.tech\u002F\" rel=\"nofollow ugc\">Chitraa\u003C\u002Fa>:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Create a Page or Post\u003C\u002Fstrong>\u003Cbr \u002F>\nStart by creating a page (like “About Us”) or a new blog post—whatever content you want to add a custom body class to.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Add a Custom Class\u003C\u002Fstrong>\u003Cbr \u002F>\nIn the editing options on the right side of the editor, you’ll find a field for adding a custom class. Enter the class name you want to use (e.g., about-page).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Save Your Changes\u003C\u002Fstrong>\u003Cbr \u002F>\nClick Save or Update to apply the class to your page or post. That’s it!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Style with Custom CSS\u003C\u002Fstrong>\u003Cbr \u002F>\nWith your new body class in place, you can add custom CSS to your theme to apply unique styles based on the class. Great for designers and developers who want to tailor each page!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enjoy Easy Page-Specific Customization\u003C\u002Fstrong>\u003Cbr \u002F>\nNow your page has a unique class in the body tag, letting you control the design for each page individually. Simple and powerful!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is perfect for anyone looking to style pages individually or create unique looks for different sections of their website without hassle.\u003C\u002Fp>\n\u003Cp>Just install Plugin and enjoy feature of Insert Body Class.\u003C\u002Fp>\n\u003Ch3>🌟 This plugin used for add body class.\u003C\u002Fh3>\n\u003Cp>1). Create a page like About or any other.\u003C\u002Fp>\n\u003Cp>2). Add class in the right side of optioins list.\u003C\u002Fp>\n\u003Cp>3). Save And it’s Done. Simple Right!!\u003C\u002Fp>\n","Allow you to add Body Class in any page or post, just easily",2539,"2024-11-08T07:31:00.000Z","6.7.5","6.3","7.4",[97,98,99,84,100],"add-body-class","custom-body-class","dynamic-classes","page-class","https:\u002F\u002Fchitraa.tech\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-body-class.1.0.0.zip",92,{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":13,"num_ratings":61,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":18,"download_link":124,"security_score":125,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"add-device-type-to-body-class","Add Device Type to Body Class","1.0","Aftab Ali Muni","https:\u002F\u002Fprofiles.wordpress.org\u002Faftabmuni\u002F","\u003Cp>This plugin is used to add type of device (mobile, tablet, desktop) in body class of wordpress website. This class is used to add device specific CSS.\u003C\u002Fp>\n","This plugin is used to add type of device (mobile, tablet, desktop) in body class of wordpress website. This class is used to add device specific CSS.",70,2048,"2023-11-26T07:22:00.000Z","6.4.8","3.2","5.0",[119,120,121,122,123],"add-device-type-to-wordpress","add-mobile-to-body-class","desktop","device-specific-css","tablet","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-device-type-to-body-class.zip",85,{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":28,"num_ratings":28,"last_updated":136,"tested_up_to":16,"requires_at_least":117,"requires_php":137,"tags":138,"homepage":144,"download_link":145,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"menu-item-custom-attributes","Menu Item Custom Attributes","1.2","Ponsiva . Pandian","https:\u002F\u002Fprofiles.wordpress.org\u002Fponsiva\u002F","\u003Cp>\u003Cstrong>Menu Item Custom Attributes\u003C\u002Fstrong> allows you to add HTML attributes such as \u003Ccode>id\u003C\u002Fcode>, \u003Ccode>class\u003C\u002Fcode>, and \u003Ccode>data-*\u003C\u002Fcode> directly to WordPress menu items from the admin interface.\u003C\u002Fp>\n\u003Cp>This plugin is perfect for developers and designers who want fine-grained control over menu elements for \u003Cstrong>styling, tracking, or custom scripting\u003C\u002Fstrong> — all without editing theme code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003Cbr \u002F>\n– Add unique HTML \u003Ccode>ID\u003C\u002Fcode>, CSS \u003Ccode>Class\u003C\u002Fcode>, or custom \u003Ccode>Data\u003C\u002Fcode> attributes to individual menu items\u003Cbr \u002F>\n– Works directly within the native \u003Cstrong>Appearance \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Menus\u003C\u002Fstrong> screen\u003Cbr \u002F>\n– Compatible with \u003Cstrong>all themes and page builders\u003C\u002Fstrong> (Elementor, Astra, Divi, etc.)\u003Cbr \u002F>\n– Lightweight and performance-optimized\u003Cbr \u002F>\n– Safe and secure with sanitization and nonce checks\u003C\u002Fp>\n\u003Cp>Use it to apply special styles, attach JavaScript actions, or integrate with analytics tools like Google Tag Manager.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For feature requests, issues, or feedback, please visit the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmenu-item-custom-attributes\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free software; you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed and maintained by \u003Cstrong>Ponsiva Pandian\u003C\u002Fstrong>\u003Cbr \u002F>\nWebsite: \u003Ca href=\"www.iamponsiva.rf.gd\" rel=\"nofollow ugc\">www.iamponsiva.rf.gd\u003C\u002Fa>\u003C\u002Fp>\n","Easily add custom ID, Class, and Data attributes to WordPress menu items directly from the admin panel — no coding required.",30,202,"2025-11-08T17:36:00.000Z","7.2",[139,140,141,142,143],"css-class","custom-attributes","id","menu","navigation","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmenu-item-custom-attributes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmenu-item-custom-attributes.1.2.zip",{"slug":147,"name":148,"version":149,"author":150,"author_profile":151,"description":152,"short_description":153,"active_installs":154,"downloaded":155,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":156,"requires_at_least":77,"requires_php":18,"tags":157,"homepage":160,"download_link":161,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":162},"current-theme-body-class","Current Theme Body Class","1.0.1","Sparanoid","https:\u002F\u002Fprofiles.wordpress.org\u002Fsparanoid\u002F","\u003Cp>Add you current theme slug to your HTML \u003Ccode>body\u003C\u002Fcode> class via \u003Ccode>body_class\u003C\u002Fcode> for easy customization\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No database writes, no configurations, install, activate and go.\u003C\u002Fli>\n\u003Cli>Easy styles customization via Jetpack Custom CSS or built-in Custom CSS (WordPress version 4.7 or higher required).\u003C\u002Fli>\n\u003C\u002Ful>\n","Add you current theme slug to your HTML body class for easy customization",10,1750,"5.8.13",[20,158,22,159],"body_class","theme","https:\u002F\u002Fsparanoid.com\u002Fwork\u002Fcurrent-theme-body-class\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcurrent-theme-body-class.1.0.1.zip","2026-03-15T14:44:11.924Z",{"attackSurface":164,"codeSignals":200,"taintFlows":259,"riskAssessment":345,"analyzedAt":357},{"hooks":165,"ajaxHandlers":196,"restRoutes":197,"shortcodes":198,"cronEvents":199,"entryPointCount":28,"unprotectedCount":28},[166,172,176,180,184,188,192],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","init","load_plugin_textdomain","class-custom_body_class.php",73,{"type":167,"name":173,"callback":174,"file":170,"line":175},"admin_menu","add_plugin_admin_menu",75,{"type":177,"name":158,"callback":178,"file":170,"line":179},"filter","add_post_type_custom_body_class_in_front",82,{"type":167,"name":181,"callback":182,"file":170,"line":183},"admin_enqueue_scripts","enqueue_admin_assets",98,{"type":167,"name":185,"callback":186,"file":170,"line":187},"add_meta_boxes","add_custom_body_class_meta_box",101,{"type":167,"name":189,"callback":190,"file":170,"line":191},"save_post","custom_body_class_save_meta_data",102,{"type":167,"name":168,"callback":193,"file":194,"line":195},"init_custom_body_class_plugin","custom_body_class.php",60,[],[],[],[],{"dangerousFunctions":201,"sqlUsage":202,"outputEscaping":204,"fileOperations":28,"externalRequests":28,"nonceChecks":27,"capabilityChecks":257,"bundledLibraries":258},[],{"prepared":27,"raw":28,"locations":203},[],{"escaped":205,"rawEcho":14,"locations":206},67,[207,211,213,216,219,222,224,227,229,231,232,234,236,237,238,241,244,246,248,251,254],{"file":208,"line":209,"context":210},"core\\views\\form-partials\\fields\\counter.php",36,"raw output",{"file":208,"line":212,"context":210},39,{"file":214,"line":215,"context":210},"core\\views\\form-partials\\fields\\group.php",28,{"file":217,"line":218,"context":210},"core\\views\\form-partials\\fields\\hidden.php",22,{"file":220,"line":221,"context":210},"core\\views\\form-partials\\fields\\postbox.php",12,{"file":220,"line":223,"context":210},32,{"file":225,"line":226,"context":210},"core\\views\\form-partials\\fields\\select.php",24,{"file":228,"line":73,"context":210},"core\\views\\form-partials\\fields\\switch.php",{"file":228,"line":230,"context":210},54,{"file":228,"line":195,"context":210},{"file":233,"line":226,"context":210},"core\\views\\form-partials\\fields\\tabular-group.php",{"file":235,"line":218,"context":210},"core\\views\\form-partials\\fields\\text.php",{"file":235,"line":215,"context":210},{"file":235,"line":209,"context":210},{"file":239,"line":240,"context":210},"core\\views\\form-partials\\linear.php",11,{"file":242,"line":243,"context":210},"views\\admin.php",46,{"file":242,"line":245,"context":210},47,{"file":242,"line":247,"context":210},53,{"file":249,"line":250,"context":210},"views\\form-partials\\fields\\checkbox.php",27,{"file":252,"line":253,"context":210},"views\\form-partials\\fields\\post_types_checkbox.php",33,{"file":255,"line":256,"context":210},"views\\form-partials\\fields\\taxonomies_checkbox.php",35,4,[],[260,316],{"entryPoint":261,"graph":262,"unsanitizedCount":315,"severity":40},"run (core\\classes\\Processor.php:86)",{"nodes":263,"edges":305},[264,270,276,278,282,287,290,293,296,299,302],{"id":265,"type":266,"label":267,"file":268,"line":269},"n0","source","$_POST","core\\classes\\Processor.php",112,{"id":271,"type":272,"label":273,"file":268,"line":274,"wp_function":275},"n1","sink","update_option() [Settings Manipulation]",120,"update_option",{"id":277,"type":266,"label":267,"file":268,"line":269},"n2",{"id":279,"type":280,"label":281,"file":268,"line":269},"n3","transform","→ cleanup_input()",{"id":283,"type":272,"label":284,"file":268,"line":285,"wp_function":286},"n4","call_user_func() [RCE]",194,"call_user_func",{"id":288,"type":266,"label":267,"file":268,"line":289},"n5",116,{"id":291,"type":280,"label":292,"file":268,"line":289},"n6","→ preupdate()",{"id":294,"type":272,"label":284,"file":268,"line":295,"wp_function":286},"n7",306,{"id":297,"type":266,"label":267,"file":268,"line":298},"n8",122,{"id":300,"type":280,"label":301,"file":268,"line":298},"n9","→ postupdate()",{"id":303,"type":272,"label":284,"file":268,"line":304,"wp_function":286},"n10",335,[306,308,310,311,312,313,314],{"from":265,"to":271,"sanitized":307},true,{"from":277,"to":279,"sanitized":309},false,{"from":279,"to":283,"sanitized":309},{"from":288,"to":291,"sanitized":309},{"from":291,"to":294,"sanitized":309},{"from":297,"to":300,"sanitized":309},{"from":300,"to":303,"sanitized":309},3,{"entryPoint":317,"graph":318,"unsanitizedCount":315,"severity":40},"\u003CProcessor> (core\\classes\\Processor.php:0)",{"nodes":319,"edges":336},[320,321,322,324,325,326,327,328,329,330,331,332,334],{"id":265,"type":266,"label":267,"file":268,"line":269},{"id":271,"type":272,"label":273,"file":268,"line":274,"wp_function":275},{"id":277,"type":266,"label":323,"file":268,"line":269},"$_POST (x3)",{"id":279,"type":272,"label":284,"file":268,"line":285,"wp_function":286},{"id":283,"type":266,"label":267,"file":268,"line":269},{"id":288,"type":280,"label":281,"file":268,"line":269},{"id":291,"type":272,"label":284,"file":268,"line":285,"wp_function":286},{"id":294,"type":266,"label":267,"file":268,"line":289},{"id":297,"type":280,"label":292,"file":268,"line":289},{"id":300,"type":272,"label":284,"file":268,"line":295,"wp_function":286},{"id":303,"type":266,"label":267,"file":268,"line":298},{"id":333,"type":280,"label":301,"file":268,"line":298},"n11",{"id":335,"type":272,"label":284,"file":268,"line":304,"wp_function":286},"n12",[337,338,339,340,341,342,343,344],{"from":265,"to":271,"sanitized":307},{"from":277,"to":279,"sanitized":307},{"from":283,"to":288,"sanitized":309},{"from":288,"to":291,"sanitized":309},{"from":294,"to":297,"sanitized":309},{"from":297,"to":300,"sanitized":309},{"from":303,"to":333,"sanitized":309},{"from":333,"to":335,"sanitized":309},{"summary":346,"deductions":347},"The \"wp-custom-body-class\" v0.7.5 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries, implementing nonce checks, and including capability checks. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the direct attack surface. However, the taint analysis reveals two flows with unsanitized paths, both classified as high severity. This suggests a potential for vulnerabilities where user-supplied input might be processed without adequate sanitization, despite the overall low number of flows analyzed.\n\nThe plugin's vulnerability history is a significant concern. It has a total of two known CVEs, one of which was a high severity vulnerability and another a medium severity. While there are currently no unpatched vulnerabilities, the past occurrence of Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) vulnerabilities, and the recent nature of the last vulnerability (2019), indicate that the plugin has had issues with input sanitization and security in the past. This historical context, combined with the high-severity taint flows, warrants careful consideration.\n\nIn conclusion, while the plugin has made efforts to implement secure coding practices like prepared statements and checks, the presence of high-severity taint flows and a history of significant vulnerabilities are considerable weaknesses. The low number of analyzed flows might be misleading, and the identified taint issues require immediate attention and remediation to ensure user data and site integrity.",[348,351,353,355],{"reason":349,"points":350},"High severity taint flows found",15,{"reason":352,"points":350},"Past High severity vulnerability",{"reason":354,"points":154},"Past Medium severity vulnerability",{"reason":356,"points":257},"76% of output properly escaped","2026-03-16T17:43:44.605Z",{"wat":359,"direct":368},{"assetPaths":360,"generatorPatterns":363,"scriptPaths":364,"versionParams":365},[361,362],"\u002Fwp-content\u002Fplugins\u002Fwp-custom-body-class\u002Fcss\u002Fadmin-custom-body-class.css","\u002Fwp-content\u002Fplugins\u002Fwp-custom-body-class\u002Fjs\u002Fadmin-custom-body-class.js",[],[362],[366,367],"wp-custom-body-class\u002Fcss\u002Fadmin-custom-body-class.css?ver=","wp-custom-body-class\u002Fjs\u002Fadmin-custom-body-class.js?ver=",{"cssClasses":369,"htmlComments":371,"htmlAttributes":378,"restEndpoints":381,"jsGlobals":382,"shortcodeOutput":384},[370],"custom-body-class-admin-container",[372,373,374,375,376,377],"\u003C!-- wp:paragraph -->","\u003C!-- \u002Fwp:paragraph -->","\u003C!-- wp:group -->","\u003C!-- \u002Fwp:group -->","\u003C!-- wp:custom-body-class\u002Fcustom-body-class -->","\u003C!-- \u002Fwp:custom-body-class\u002Fcustom-body-class -->",[379,380],"data-custom-body-class-id","data-custom-body-class-post-id",[],[383],"custom_body_class_post_values",[]]