[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzK9JUr-RzBEY4BYI3X7NZIDswORSb14NuS4wvoyYhbk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":135,"fingerprints":170},"wp-headjs","WP HeadJS","0.1","Brian Zeligson","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeezeee\u002F","\u003Cp>This plugin uses the wp_print_scripts action hook, as opposed to output buffering and regex used by alternative implementations.\u003C\u002Fp>\n\u003Cp>The downside of this method is that only scripts loaded via wp_enqueue_script will be affected by the plugin, the upside is better\u003Cbr \u002F>\nperformance by avoiding output buffering on every page load.\u003C\u002Fp>\n\u003Cp>The plugin will preserve any localizations added via wp_localize_script, and uses the first parameter passed to wp_enqueue_script\u003Cbr \u002F>\nas the label for the script in the head.js call. For example,\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp_enqueue_script('jquery', 'https:\u002F\u002Fajax.googleapis.com\u002Fajax\u002Flibs\u002Fjquery\u002F1.7.1\u002Fjquery.min.js');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>would show up as\u003C\u002Fp>\n\u003Cpre>\u003Ccode>head.js({\"jquery\": \"https:\u002F\u002Fajax.googleapis.com\u002Fajax\u002Flibs\u002Fjquery\u002F1.7.1\u002Fjquery.min.js\"});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This allows you to run callbacks when specific scripts are ready, such as\u003C\u002Fp>\n\u003Cpre>\u003Ccode>head.ready('jquery', function() {\n    \u002F\u002Fdo something when jquery is loaded\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For more on HeadJS usage, see http:\u002F\u002Fheadjs.com\u002F\u003C\u002Fp>\n","Uses HeadJS to load your enqueued scripts asynchronously, in parallel, executing them in order.",10,1625,0,"2012-06-17T17:52:00.000Z","3.2.1","2.9.1","",[19,20,21],"headjs","javascript","wp_enqueue_script","http:\u002F\u002Fgithub.com\u002Fbeezee\u002Fwp_headjs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-headjs.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"beezeee",4,130,89,30,86,"2026-04-05T07:05:10.887Z",[37,58,79,101,115],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":34,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":56,"download_link":57,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"speed-up-javascript-to-footer","Speed Up – JavaScript To Footer","1.0.11","nigro.simone","https:\u002F\u002Fprofiles.wordpress.org\u002Fnigrosimone\u002F","\u003Cp>This small plugin (2 Kb) moves JavaScript to the footer and improve page load times.\u003Cbr \u002F>\nNote: this only works if your other plugins and theme add the JavaScripts correctly.\u003C\u002Fp>\n\u003Cp>Configurations are not required! You just have to install it and after the plugin does it all, none further action it’s required.\u003C\u002Fp>\n","Move all the possible JavaScript files from head to footer and improve page load times.",1000,43852,6,"2023-03-05T07:56:00.000Z","6.0.11","3.5",[52,53,20,54,55],"footer","head","scripts","wp_enqueue_scripts","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fspeed-up-javascript-to-footer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspeed-up-javascript-to-footer.1.0.11.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":17,"tags":73,"homepage":77,"download_link":78,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"async-js-and-css","Async JS and CSS","1.7.13","dmikam","https:\u002F\u002Fprofiles.wordpress.org\u002Fdmikam\u002F","\u003Cp>When your page is loaded by browser – all that stuff placed in HEAD tag is loaded before the page content – in blocking way. So the content is delivered to user in the last moment, after all javascript and css files are loaded.\u003C\u002Fp>\n\u003Cp>If you are a webmaster or just want to make your web to make better your positions on search engines (yes, they preffer faster webs), just take a look on Google PageSpeed Insights – you’ll see that one of the mos important things is fastenes and one of the reason why your page is not so fast – is “Render-blocking JavaScript and CSS”.\u003C\u002Fp>\n\u003Cp>This plugin makes ALL scripts loaded by other plugins to be loaded in asynchronous way just like Google PageSpeed Insights recommends.\u003Cbr \u002F>\nAll CSS files will be inserted inline into the document code or moved from the document beginning to the end, just before closing BODY tag (or just where you placed wp_foot() function). There are various methods to do that – they are all in plugin’s configuration page.\u003C\u002Fp>\n\u003Cp>Plugin makes all scripts to be loaded asynchronously using wp_enqueue_script and also can detect scrips included inside of wp_head and wp_footer hooks.\u003C\u002Fp>\n\u003Cp>All CSS files loaded using wp_enqueue_style can be loaded just before closing BODY tag by four methods:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* inserting \u003Clink rel=\"stylesheet\" ...> tag\n\n* inserting \u003Cstyle>@import url(...);\u003C\u002Fstyle>\n\n* generating \u003Clink rel=\"stylesheet\" ...> tag with javascript after all have loaded\n\n* inserting ALL CSS CODE INLINE into the document (the fastest way)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>I was inspired to create this small plugin by Asynchronous Javascript but it works in completely different way.\u003C\u002Fp>\n\u003Ch3>Known incompatibilities\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>* Internet Explorer 7 - Some scripts could be loaded impropertly (trying to fix it)\n\n* Plugin - WP JetPack - Share - everithing works but \"More\" dropdown menú\n\n* Plugin - Google Analyticator\u003Ch3>Special thanks\u003C\u002Fh3>\n* NicMic\u003Ch3>TODO\u003C\u002Fh3>\n* Inline JS\n* Minify JS\n* Cache\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Converts render-blocking CSS and JS files into NON-render-blocking, improving performance of web page.",800,113934,84,51,"2017-11-28T15:34:00.000Z","3.7.41","2.6",[74,75,19,20,76],"async","asynchronous","js","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002FasyncJSandCSS\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fasync-js-and-css.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":98,"download_link":99,"security_score":100,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"javascript-autoloader","Smart JavaScript Auto Loader","5.0.3","Peter Raschendorfer","https:\u002F\u002Fprofiles.wordpress.org\u002Fpetersplugins\u002F","\u003Cp>The Smart JavaScript Auto Loader Plugin allows you to load additional JavaScript files without the need to change files in the theme directory\u003C\u002Fp>\n\u003Ch3>Retired Plugin\u003C\u002Fh3>\n\u003Cp>Development, maintenance and support of this plugin has been retired in october 2023. You can use this plugin as long as is works for you.\u003C\u002Fp>\n\u003Cp>There will be no more updates and I won’t answer any support questions. Thanks for your understanding.\u003C\u002Fp>\n\u003Cp>Feel free to fork this plugin.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>To load additional JavaScript files just put them into a directory named \u003Cstrong>jsautoload\u003C\u002Fstrong>. This directory can be placed in three different locations that are loaded in the following order:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Child Theme dependent (if using a Child Theme) : in the Child Theme’s directory\u003C\u002Fli>\n\u003Cli>Theme dependent : in the Theme’s directory\u003C\u002Fli>\n\u003Cli>Theme independent : in the wp-content directory\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Only files with extension .js are added, all other files are ignored. Subdirectories can be used and will also be scanned. To ignore a complete directory (including all subdirectories) name the directory beginning with an underscore (_). The files are added in alphabetical order. Directories always are added \u003Cstrong>after\u003C\u002Fstrong> files.\u003C\u002Fp>\n\u003Cp>To load one ore more JavaScript files at the end of your HTML file just place them into a directory named \u003Cstrong>footer\u003C\u002Fstrong>. To add the files to the footer of your theme it is required to call wp_footer() in your footer.php.\u003C\u002Fp>\n\u003Ch3>Plugin Privacy Information\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin does not set cookies\u003C\u002Fli>\n\u003Cli>This plugin does not collect or store any data\u003C\u002Fli>\n\u003Cli>This plugin does not send any data to external servers\u003C\u002Fli>\n\u003C\u002Ful>\n","Load JavaScript files without coding",400,24546,100,8,"2024-04-17T20:13:00.000Z","6.3.8","4.0","5.4",[52,96,20,97,21],"header","jquery","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjavascript-autoloader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjavascript-autoloader.5.0.3.zip",92,{"slug":102,"name":103,"version":104,"author":41,"author_profile":42,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":30,"last_updated":110,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":111,"homepage":113,"download_link":114,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"speed-up-clean-wp","Speed Up – Clean WP","1.0.8","\u003Cp>This small plugin (5 Kb) clean WordPress by remove comment-reply.min.js and jquery-migrate.js scripts, disable “embeds” and “emoji” features and clean the head from unnecessary metadata.\u003C\u002Fp>\n\u003Cp>Configurations are not required! You just have to install it and after the plugin does it all, none further action it’s required.\u003C\u002Fp>\n","Clean WP remove comment-reply.min.js and jquery-migrate.js scripts, disable \"embeds\" and \"emoji\" features and clean the head from  …",300,19316,80,"2022-11-24T06:52:00.000Z",[112,52,20,54,55],"emoji","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fspeed-up-clean-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspeed-up-clean-wp.1.0.8.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":50,"requires_php":17,"tags":129,"homepage":130,"download_link":131,"security_score":132,"vuln_count":133,"unpatched_count":133,"last_vuln_date":134,"fetched_at":26},"asynchronous-javascript","Asynchronous Javascript","1.3.5","Paris Holley","https:\u002F\u002Fprofiles.wordpress.org\u002Fparisholley\u002F","\u003Cp>This plugin is meant to be a drop-in to your wordpress installation with no additional configuration. The goals\u002Ffeatures of this plugin are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Load javascript files in an asynchronous manner to improve time to DomReady\u002FOnLoad\u003C\u002Fli>\n\u003Cli>Use existing wordpress APIs for backwards compatability and prevent coupling to this plugin\u003C\u002Fli>\n\u003Cli>Leverage dependency model wordpress provides for assets to improve loading performance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please submit bugs or contributions to the github location and not here on wordpress’ system:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fparisholley\u002Fwordpress-asynchronous-javascript\u002F\u003C\u002Fp>\n\u003Cp>SEO: async js, asynchronous js, async javascript\u003C\u002Fp>\n\u003Ch3>Incompatibility\u003C\u002Fh3>\n\u003Cp>This plugin will not work out the box with the following plugins (unless they are modified to support asynchronous loading).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Jetpack by WordPress.com (social plugin)\u003C\u002Fli>\n\u003Cli>WP Most Popular\u003C\u002Fli>\n\u003C\u002Ful>\n","Improve page load performance by asynchronously loading javascript using head.js",200,35705,74,9,"2013-11-02T21:58:00.000Z","3.5.2",[74,75,19,20,76],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fasynchronous-javascript\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fasynchronous-javascript.zip",63,1,"2026-01-27 00:00:00",{"attackSurface":136,"codeSignals":148,"taintFlows":163,"riskAssessment":164,"analyzedAt":169},{"hooks":137,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":13,"unprotectedCount":13},[138],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","wp_print_scripts","headjs_enqueue","wp_headjs.php",22,[],[],[],[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":162},[],{"prepared":13,"raw":13,"locations":151},[],{"escaped":13,"rawEcho":153,"locations":154},3,[155,158,160],{"file":142,"line":156,"context":157},35,"raw output",{"file":142,"line":159,"context":157},42,{"file":142,"line":161,"context":157},45,[],[],{"summary":165,"deductions":166},"The wp-headjs v0.1 plugin exhibits a generally strong security posture based on the provided static analysis.  The absence of identified AJAX handlers, REST API routes, shortcodes, cron events, and dangerous functions is a positive indicator of a limited attack surface and adherence to secure coding principles. Furthermore, the fact that all SQL queries utilize prepared statements is excellent practice and mitigates a significant class of vulnerabilities.  However, the critical finding of 0% properly escaped output for all identified output points presents a substantial risk. This means that any data displayed by the plugin, if it originates from an untrusted source, could be vulnerable to Cross-Site Scripting (XSS) attacks.  The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a history of secure development or at least no publicly disclosed vulnerabilities.  In conclusion, while the plugin has a solid foundation by minimizing its attack surface and using prepared statements for database interactions, the lack of output escaping is a serious concern that requires immediate attention.",[167],{"reason":168,"points":90},"Unescaped output detected","2026-03-17T00:38:10.126Z",{"wat":171,"direct":177},{"assetPaths":172,"generatorPatterns":174,"scriptPaths":175,"versionParams":176},[173],"\u002Fwp-content\u002Fplugins\u002Fwp-headjs\u002Fhead.min.js",[],[173],[],{"cssClasses":178,"htmlComments":179,"htmlAttributes":180,"restEndpoints":181,"jsGlobals":182,"shortcodeOutput":183},[],[],[],[],[],[]]