[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkL2lCgLHuUt3t3--4kr7ef76eIWDAeM6gNwWZB72c88":3,"$fbBqdAkn_vI0j6xYI24-RQV_J7NmX7GkiM5LNzW7qFxE":253,"$fQRzfOg6nutPxLaazvtKWyutjGyt5xtz1RgFfVQPEBvw":257},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":38,"analysis":136,"fingerprints":235},"wp-direction-detector","WP Direction Detector","1.2.1 beta",".fay","https:\u002F\u002Fprofiles.wordpress.org\u002Ffay-1\u002F","\u003Cp>This plugin auto detects and apply the right direction (RTL or LTR) on post’s titles, bodies and comments.\u003C\u002Fp>\n\u003Cp>According to WordPress, adding support for language written in a Right To Left (RTL) direction is just a matter of overwriting all the horizontal positioning attributes of your CSS stylesheet in a separate stylesheet file named rtl.css.\u003Cbr \u002F>\nBut this solution is working only when you have just an RTL blog (or just an LTR blog using the classical style.css).\u003Cbr \u002F>\nOne of solutions: We will let WordPress applying the same style.css to both of RTL\u002FLTR posts and this plugin will automatically detect the post language to correct its direction.\u003C\u002Fp>\n\u003Cp>It’s just a beta version that I tested with the WordPress default theme, please let me know your feedback with your own complexed css.\u003C\u002Fp>\n","This plugin auto dectects and apply the right direction (RTL or LTR) on post's titles, bodies and comments.",10,3266,0,"2016-05-24T19:30:00.000Z","4.5.33","2.0","",[19,20,21,22,23],"direction","language","ltr","right-to-left-support","rtl","http:\u002F\u002Ffaycaltirich.blogspot.com\u002F1979\u002F01\u002Fwp-direction-detector.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-direction-detector.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"fay-1",6,390,30,84,"2026-05-19T21:17:08.687Z",[39,61,80,98,116],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":47,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":60,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"atr-inline-rtl-ltr","Atr Inline Rtl Ltr","1.0.1","yehudaT","https:\u002F\u002Fprofiles.wordpress.org\u002Fyehudat\u002F","\u003Cp>Block editor toolbar addition for mixed Rtl Ltr writing directions. It wrap words (or sentences) in paragraph block with span element and change their direction from rtl->ltr or ltr->rtl as you need.\u003C\u002Fp>\n\u003Cp>Uses dir=”rtl” or dir=”ltr”. See also \u003Ca href=\"https:\u002F\u002Fwww.w3.org\u002FInternational\u002Farticles\u002Finline-bidi-markup\u002F\" rel=\"nofollow ugc\">Inline bidi markup at www.w3.org\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Note that the wrapping element is \u003C span dir=”rtl” || dir=”ltr” class=”atr-inline-direction-rtl” || class=”atr-inline-direction-ltr” > so you can control it through your site CSS as well. i.e. .atr-inline-direction-rtl{direction: rtl;display:inline-block}\u003C\u002Fp>\n","Block editor toolbar addition for mixed Rtl Ltr writing directions. Wrap string with span element and change direction from rtl to ltr and vice versa",100,3519,1,"2025-01-18T07:44:00.000Z","6.7.5","5.8","7.0",[55,56,21,23,57],"block","gutenberg","text-direction","https:\u002F\u002Fatarimtr.co.il","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fatr-inline-rtl-ltr.1.0.1.zip",92,{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":47,"num_ratings":71,"last_updated":72,"tested_up_to":15,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-rtl","WP-RTL","1.0","Fahad Alduraibi","https:\u002F\u002Fprofiles.wordpress.org\u002Ffduraibi\u002F","\u003Cp>\u003Cstrong>Do you write posts in different languages that have different directions?\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin enables a feature in the post editor which allow writing texts in Left-to-Right and Right-to-Left directions in the same post (or page) so you can write in English (and any other LTR language) and also RTL languages like Arabic, Persian and Hebrew.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Simply look for the new buttons added to the post editor after installing the plugin.\u003C\u002Fstrong> (See the screenshots for better understanding)\u003C\u002Fp>\n\u003Cp>اضافة زرارين لشريط التحرير لتمكين تحويل النص للقراءة من اليمين لليسار مثل اللغة العربية والفارسية والعبرية\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.fadvisor.net\u002Fblog\u002F2008\u002F10\u002Fwp-rtl\u002F\" rel=\"nofollow ugc\">More details\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Note: This plugin will not change the direction of the post title, since that is controlled by the theme.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds two buttons to the TinyMCE editor to enable writing text in Left to Right (LTR) and Right to Left (RTL) directions.",2000,57228,20,"2017-11-28T19:40:00.000Z","2.6",[75,21,23,76,77],"formatting","tinymce","wysiwyg","http:\u002F\u002Fwww.fadvisor.net\u002Fblog\u002F2008\u002F10\u002Fwp-rtl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rtl.1.0.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":47,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":17,"tags":94,"homepage":17,"download_link":97,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"rtler","RTLer","1.6","Louy Alakkad","https:\u002F\u002Fprofiles.wordpress.org\u002Flouyx\u002F","\u003Cp>RTLer, is just a simple plugin that generates the RTL stylesheet \u003Ccode>rtl.css\u003C\u002Fcode> for you from your theme’s \u003Ccode>style.css\u003C\u002Fcode> file.\u003Cbr \u002F>\nIt automatically scans your file, reads values and adds its own if needed, you’ll never need to rtl anymore.\u003C\u002Fp>\n\u003Ch4>Thanks!\u003C\u002Fh4>\n\u003Cp>I would like to thank these people for supporting me 🙂\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002FnightS\" rel=\"nofollow ugc\">@nightS\u003C\u002Fa> (Special Thanks!)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002FDrSallory\" rel=\"nofollow ugc\">@DrSallory\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Faqmme\" rel=\"nofollow ugc\">@aqmme\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fcaspereeko\" rel=\"nofollow ugc\">@caspereeko\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin, RTLer, generates the RTL stylesheet for you from your theme's 'style.css' or any other CSS file.",70,13505,2,"2010-07-30T20:06:00.000Z","3.0.5","2.9",[20,95,23,81,96],"layout","style","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frtler.1.6.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":71,"downloaded":106,"rating":13,"num_ratings":13,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":53,"tags":110,"homepage":114,"download_link":115,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"rtl-tester-mirror","RTL Tester Mirror by WebMan","1.0.5","WebMan Design | Oliver Juhas","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebmandesign\u002F","\u003Cp>This plugin simply mirrors the Right To Left (RTL) website layout using a CSS transform making it look like Left To Right (LTR) website.\u003C\u002Fp>\n\u003Cp>This is a great tool for LTR language speakers for testing RTL layouts of WordPress themes and plugins, making the testing process much easier for you eyes and brain 😉\u003C\u002Fp>\n\u003Cp>Works great with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frtl-tester\u002F\" rel=\"ugc\">RTL Tester\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Mirrors RTL website layout to make it look like LTR layout\u003C\u002Fli>\n\u003Cli>Plugin adds a blue notification with “Mirrored RTL” text at the top when the RTL website is mirrored\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Localization\u003C\u002Fh4>\n\u003Cp>Translate the plugin by clicking the \u003Cstrong>“Translate RTL Tester Mirror”\u003C\u002Fstrong> button under the “Translations” section in the sidebar.\u003C\u002Fp>\n\u003Ch4>Additional Resources\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Frtl-tester-mirror\u002F#postform\" rel=\"ugc\">Write a review\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Frtl-tester-mirror\u002F\" rel=\"ugc\">Have a question?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwebmandesign\u002F#content-themes\" rel=\"nofollow ugc\">Grab a free theme\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fwebmandesigneu\u002F\" rel=\"nofollow ugc\">Follow @webmandesigneu\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.webmandesign.eu\" rel=\"nofollow ugc\">Visit WebMan Design\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Makes it easy for LTR language speaker to test the RTL website layout by mirroring it so it looks like LTR.",6360,"2025-12-13T09:28:00.000Z","6.9.4","6.0",[21,111,23,112,113],"mirror","testing","transform","https:\u002F\u002Fwww.webmandesign.eu\u002Fportfolio\u002Frtl-tester-mirror-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frtl-tester-mirror.1.0.5.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":71,"downloaded":124,"rating":47,"num_ratings":90,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":17,"tags":128,"homepage":133,"download_link":134,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":135},"smart-rtl-post","Smart RTL Post","1.0.0","Luqman Safay","https:\u002F\u002Fprofiles.wordpress.org\u002Fluqmansafay\u002F","\u003Cp>Smart RTL Post changes your post layout direction to right-to-left for languages like Pashto, Arabic, and Urdu with just one click.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify it under the terms of the GNU General Public License version 2 or later.\u003Cbr \u002F>\nFor more details, visit: https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html.\u003C\u002Fp>\n","Smartly switch your post layout to right-to-left for languages like Pashto, Arabic, and Urdu.",481,"2025-09-11T13:12:00.000Z","6.8.5","5.0",[129,130,131,23,132],"arabic","content-direction","right-to-left","urdu","https:\u002F\u002Fpoetrypashto.com\u002Fsmart-rtl-post\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-rtl-post.1.0.0.zip","2026-04-06T09:54:40.288Z",{"attackSurface":137,"codeSignals":161,"taintFlows":173,"riskAssessment":222,"analyzedAt":234},{"hooks":138,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":13,"unprotectedCount":13},[139,146,149,152],{"type":140,"name":141,"callback":142,"priority":143,"file":144,"line":145},"filter","the_title","anonymous",99,"wp_direction_detector.php",121,{"type":140,"name":147,"callback":142,"priority":143,"file":144,"line":148},"the_content",124,{"type":140,"name":150,"callback":142,"priority":143,"file":144,"line":151},"comment_text",127,{"type":153,"name":154,"callback":155,"file":144,"line":156},"action","admin_menu","wp_direction_detector_menu",139,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":90,"bundledLibraries":172},[],{"prepared":13,"raw":13,"locations":164},[],{"escaped":13,"rawEcho":90,"locations":166},[167,170],{"file":144,"line":168,"context":169},65,"raw output",{"file":144,"line":171,"context":169},149,[],[174,207],{"entryPoint":175,"graph":176,"unsanitizedCount":205,"severity":206},"options_page (wp_direction_detector.php:57)",{"nodes":177,"edges":200},[178,183,188,192,194,198],{"id":179,"type":180,"label":181,"file":144,"line":182},"n0","source","$_POST['wp-direction-detector_titles']",60,{"id":184,"type":185,"label":186,"file":144,"line":182,"wp_function":187},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":189,"type":180,"label":190,"file":144,"line":191},"n2","$_POST['wp-direction-detector_bodies']",61,{"id":193,"type":185,"label":186,"file":144,"line":191,"wp_function":187},"n3",{"id":195,"type":180,"label":196,"file":144,"line":197},"n4","$_POST['wp-direction-detector_comments']",62,{"id":199,"type":185,"label":186,"file":144,"line":197,"wp_function":187},"n5",[201,203,204],{"from":179,"to":184,"sanitized":202},false,{"from":189,"to":193,"sanitized":202},{"from":195,"to":199,"sanitized":202},3,"low",{"entryPoint":208,"graph":209,"unsanitizedCount":13,"severity":206},"\u003Cwp_direction_detector> (wp_direction_detector.php:0)",{"nodes":210,"edges":217},[211,212,213,214,215,216],{"id":179,"type":180,"label":181,"file":144,"line":182},{"id":184,"type":185,"label":186,"file":144,"line":182,"wp_function":187},{"id":189,"type":180,"label":190,"file":144,"line":191},{"id":193,"type":185,"label":186,"file":144,"line":191,"wp_function":187},{"id":195,"type":180,"label":196,"file":144,"line":197},{"id":199,"type":185,"label":186,"file":144,"line":197,"wp_function":187},[218,220,221],{"from":179,"to":184,"sanitized":219},true,{"from":189,"to":193,"sanitized":219},{"from":195,"to":199,"sanitized":219},{"summary":223,"deductions":224},"The 'wp-direction-detector' plugin version 1.2.1 beta presents a mixed security posture.  On the positive side, it exhibits a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events.  Furthermore, all SQL queries are handled with prepared statements, and there are no external HTTP requests or file operations, which are good security practices. The vulnerability history is also clean, with no recorded CVEs, suggesting a generally secure development approach regarding known past issues.\n\nHowever, significant concerns arise from the static analysis. The most prominent is the complete lack of output escaping on the identified outputs, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. Additionally, while the plugin has capability checks, it lacks nonce checks. The taint analysis reveals one flow with an unsanitized path, which, although not categorized as critical or high, still points to a potential area of weakness where user-supplied data might not be properly validated before use.\n\nOverall, the plugin's minimal attack surface and lack of traditional vulnerabilities are strengths. Nonetheless, the complete absence of output escaping and the presence of an unsanitized path flow create critical security weaknesses that could be easily exploited. The beta status also warrants caution, as it implies the code may not be fully vetted for all potential issues. Addressing the output escaping is paramount to mitigating the risk of XSS.",[225,228,231],{"reason":226,"points":227},"Unescaped output",8,{"reason":229,"points":230},"Flow with unsanitized paths",7,{"reason":232,"points":233},"Missing nonce checks",5,"2026-04-16T12:49:45.331Z",{"wat":236,"direct":243},{"assetPaths":237,"generatorPatterns":238,"scriptPaths":239,"versionParams":241},[],[],[240],"\u002Fwp-content\u002Fplugins\u002Fwp-direction-detector\u002Fjs\u002Fdirection-detector.js",[242],"wp-direction-detector\u002Fjs\u002Fdirection-detector.js?ver=",{"cssClasses":244,"htmlComments":245,"htmlAttributes":247,"restEndpoints":250,"jsGlobals":251,"shortcodeOutput":252},[],[246],"\u003C!-- Last Action -->",[248,249],"dir=\"ltr\"","dir=\"rtl\"",[],[],[],{"error":219,"url":254,"statusCode":255,"statusMessage":256,"message":256},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-direction-detector\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":258},[]]