[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOjXFyU1ZoxsHsjQkrKOOkimviZZAQ6ml3hNn2BG-CwI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":133,"fingerprints":185},"wp-katex","WP-KaTeX","1.11.0","ascom","https:\u002F\u002Fprofiles.wordpress.org\u002Fascom\u002F","\u003Cp>The KaTeX WordPress plugin integrates the super-fast \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKhan\u002FKaTeX\" rel=\"nofollow ugc\">KaTeX math typesetting engine\u003C\u002Fa> with your WordPress website. The plugin allows you to put LaTeX in a \u003Ccode>[latex]...[\u002Flatex]\u003C\u002Fcode> shortcode, and beautiful math appears on your post or page.\u003C\u002Fp>\n\u003Cp>The plugin also has an option to use the excellent \u003Ca href=\"http:\u002F\u002Fwww.jsdelivr.com\" rel=\"nofollow ugc\">jsDelivr CDN\u003C\u002Fa> to load the KaTeX scripts, further increasing the performance of the plugin.\u003C\u002Fp>\n\u003Cp>Equations in \u003Ccode>[latex display=\"true\"]...[\u002Flatex]\u003C\u002Fcode> will be rendered in display mode (rather than inline mode) and centered on its own line.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fandrewsun.com\u002Fprojects\u002Fwp-katex\u002F\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fp>\n","Integrates the super-fast KaTeX LaTeX equation typesetting engine with WordPress. Create beautiful, yet performant math in your posts and pages.",800,22251,92,11,"2019-08-14T20:59:00.000Z","5.2.24","3.9","5.3",[20,21,22,23,24],"equation","katex","latex","math","mathjax","https:\u002F\u002Fandrewsun.com\u002Fprojects\u002Fwp-katex\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-katex.1.11.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-04T11:07:02.166Z",[38,56,74,97,118],{"slug":21,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":54,"download_link":55,"security_score":47,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"KaTeX","2.2.5","Tom Churchman","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeskhue\u002F","\u003Cp>The KaTeX WordPress plugin enables you to use the fastest \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKhan\u002FKaTeX\" rel=\"nofollow ugc\">TeX math typesetting engine\u003C\u002Fa> on your WordPress website. You can include TeX inside a \u003Ccode>[katex]...[\u002Fkatex]\u003C\u002Fcode> shortcode or in a Gutenberg block. Either way the math will render beautifully on your website. When using Gutenberg blocks, the equations will render immediately inside your editor!\u003C\u002Fp>\n\u003Cp>Equations in blocks or using the \u003Ccode>[katex display=true]...[\u002Fkatex]\u003C\u002Fcode> shortcode will render on page in display mode–with bigger symbols–centered on their own line.\u003C\u002Fp>\n\u003Cp>For compatibility with other LaTeX plugins, this plugin optionally supports \u003Ccode>[latex]...[\u002Flatex]\u003C\u002Fcode> shortcodes.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkatex\" rel=\"ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Assets\u003C\u002Fh3>\n\u003Cp>This plugin includes minified assets provided by the KaTeX project.\u003Cbr \u002F>\nThe source code is available in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKaTeX\u002FKaTeX\u002Ftree\u002Fv0.16.22\" rel=\"nofollow ugc\">the KaTeX git repository on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Use the fastest math typesetting library on your website.",2000,39753,100,16,"2025-07-21T11:07:00.000Z","6.8.5","5.0",[21,22,23,24,53],"tex","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkatex","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkatex.2.2.5.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":47,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":51,"tags":70,"homepage":72,"download_link":73,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"youngwhans-simple-latex","Youngwhan's Simple Latex","2.0.1","breadncup","https:\u002F\u002Fprofiles.wordpress.org\u002Fbreadncup\u002F","\u003Cp>The usage is simple.\u003C\u002Fp>\n\u003Cp>In your post, write LaTeX syntax encapsulated by [math] and [\u002Fmath].\u003C\u002Fp>\n\u003Cp>[math]{Latex Syntax}[\u002Fmath].\u003C\u002Fp>\n\u003Cp>For example, [math]x^2+y^2[\u002Fmath]\u003C\u002Fp>\n\u003Cp>It uses the Mathjax (https:\u002F\u002Fwww.mathjax.org) since the 2.0 version\u003C\u002Fp>\n\u003Ch4>How to use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Usage  : [math]{Latex Syntax}[\u002Fmath]\u003C\u002Fli>\n\u003Cli>Example: [math]x^2+y^2[\u002Fmath]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>YW Latex Settings\u003C\u002Fh4>\n\u003Cp>No Setting is required.\u003C\u002Fp>\n","The usage is simple.",200,10490,2,"2023-12-04T05:37:00.000Z","6.4.8","2.5",[20,22,23,71,24],"mathematic","https:\u002F\u002Fblog.breadncup.com\u002Fyw-latex-wp-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyoungwhans-simple-latex.2.0.1.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":14,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":93,"download_link":94,"security_score":95,"vuln_count":33,"unpatched_count":28,"last_vuln_date":96,"fetched_at":30},"mathjax-latex","MathJax-LaTeX","1.3.13","knowledgeblog","https:\u002F\u002Fprofiles.wordpress.org\u002Fknowledgeblog\u002F","\u003Cp>MathJax enables enables rendering of embedded LaTeX or MathML in HTML pages. This plugin adds this functionality to WordPress. The MathJax JavaScript is inject on-demand only to those pages which require it. This ensures that MathJax is not loaded for all pages, which will otherwise slow loading down.\u003C\u002Fp>\n\u003Cp>The MathJax JavaScript can be delivered from your own server, or you can use the Cloudflare Content Distribution Network (CDN), which is the preferred mechanism as it offers increased speed and stability over hosting the JavaScript and configuring the library yourself.\u003C\u002Fp>\n\u003Cp>You may embed latex using a variety of different syntaxes. The shortcode (https:\u002F\u002Fcodex.wordpress.org\u002FShortcode_API) syntax is preferred. So \u003Ccode>[latex]E=mc^2[\u002Flatex]\u003C\u002Fcode> will work out of the box. This also forces loading of MathJax.\u003C\u002Fp>\n\u003Cp>Additionally, you can use native MathJax syntax — \u003Ccode>$$E=mc^2$$\u003C\u002Fcode> or \u003Ccode>\\(E=mc^2\\)\u003C\u002Fcode>. However, if this is the only syntax used, the plugin must be explicitly told to load MathJax for the current page. This can be achieved by adding a \u003Ccode>[mathjax]\u003C\u002Fcode> shortcode anywhere in the post. For posts with both \u003Ccode>[latex]\u003C\u002Fcode>x\u003Ccode>[\u002Flatex]\u003C\u002Fcode> and \u003Ccode>$$x$$\u003C\u002Fcode> syntaxes this is unnecessary.\u003C\u002Fp>\n\u003Cp>You can use wp-latex syntax, \u003Ccode>$latex E=mc^2$\u003C\u002Fcode>. Parameters can be specified as with wp-latex but will be ignored. This means that MathJax-LaTeX should be a drop-in replacement for wp-latex. Because this conflicts with wp-latex, this behaviour is blocked when wp-latex is present, and must be explicitly enabled in the settings.\u003C\u002Fp>\n\u003Cp>You can also specify \u003Ccode>[nomathjax]\u003C\u002Fcode> — this will block mathjax on the current page, regardless of other tags.\u003C\u002Fp>\n\u003Cp>MathJax-LaTeX is developed on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fphillord\u002Fmathjax-latex\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>This plugin is copyright Phillip Lord, Newcastle University and is licensed under GPLv2.\u003C\u002Fp>\n","This plugin enables MathJax (http:\u002F\u002Fwww.mathjax.org) functionality for WordPress (http:\u002F\u002Fwww.wordpress.org).",10000,169356,88,"2025-01-14T16:50:00.000Z","6.7.5","3.0","7.0.0",[22,90,24,91,92],"mathematics","mathml","science","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmathjax-latex.1.3.13.zip",91,"2013-03-25 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":13,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":93,"tags":111,"homepage":115,"download_link":116,"security_score":95,"vuln_count":66,"unpatched_count":28,"last_vuln_date":117,"fetched_at":30},"wp-quicklatex","WP QuickLaTeX","3.8.8","advanpix","https:\u002F\u002Fprofiles.wordpress.org\u002Fadvanpix\u002F","\u003Cp>Insert formulas & graphics in the posts and comments using native LaTeX shorthands directly in the text. Inline formulas, displayed equations auto-numbering, labeling and referencing, AMS-LaTeX, \u003Ccode>TikZ\u003C\u002Fcode>, custom LaTeX preamble. No LaTeX installation required. Easily customizable using UI page. Actively developed and maintained. Visit \u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fquicklatex\u002F\" rel=\"nofollow ugc\">QuickLaTeX homepage\u003C\u002Fa> for more info.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Standard LaTeX expressions can be cut and pasted directly into WordPress posts, pages, and comments; display environments require no enclosures, other expressions require only a surrounding \u003Ccode>$..$\u003C\u002Fcode> or \u003Ccode>\\[..\\]\u003C\u002Fcode>.  No need for enclosing tags \u003Ccode>[latex] ... [\u002Flatex]\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Correct vertical positioning of inline formulas relative to baseline of surrounding text. Say “NO” to jumpy equations produced by other plugins!\u003C\u002Fli>\n\u003Cli>SVG vector graphics support, so that formulas are crisp regardless of scaling in browser.\u003C\u002Fli>\n\u003Cli>(AMS)LaTeX displayed math environments support: \u003Ccode>equation, align, gather, multiline, flalign, alignat,\u003C\u002Fcode> etc.\u003C\u002Fli>\n\u003Cli>Automatic numbering of displayed equations. Override autonumbering with \u003Ccode>\\tag{}\u003C\u002Fcode> LaTeX command.\u003C\u002Fli>\n\u003Cli>Equation hyper-referencing by standard LaTeX rules with \u003Ccode>\\label{}\u003C\u002Fcode>, \u003Ccode>\\ref{}\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Custom LaTeX document preamble, allowing added \u003Ccode>\\usepackage{}\u003C\u002Fcode> and \u003Ccode>\\newcommand{}\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>TikZ\u003C\u002Fcode> and \u003Ccode>pgfplots\u003C\u002Fcode> graphics package support.\u003C\u002Fli>\n\u003Cli>Preview formulas in comments before publishing. Additionally \u003Ca href=\"http:\u002F\u002Fblogwaffe.com\u002Fajax-comment-preview\u002F\" rel=\"nofollow ugc\">AJAX Comment Preview\u003C\u002Fa> plugin should be installed to enable this feature.\u003C\u002Fli>\n\u003Cli>Meaningful error messages for mistakes in LaTeX code.\u003C\u002Fli>\n\u003Cli>Precise font properties tuning: \u003Ccode>size, text and background color\u003C\u002Fcode>. \u003C\u002Fli>\n\u003Cli>Easy style customization using UI or CSS file.\u003C\u002Fli>\n\u003Cli>No LaTeX installation is required. \u003C\u002Fli>\n\u003Cli>QuickLaTeX.com automatically provides formula images, which are then cached on user’s server.\u003C\u002Fli>\n\u003Cli>Administrative settings page for setting global parameters; AJAX-ified.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just place LaTeX math expressions into your text and enable QuickLaTeX on the page by \u003Ccode>[latexpage]\u003C\u002Fcode> command.\u003Cbr \u002F>\nWP QuickLaTeX will convert them to high-quality images and embed into post. Inline formulas will be properly aligned with the text.\u003Cbr \u002F>\nDisplayed equations will be auto-numbered by LaTeX rules.\u003Cbr \u002F>\nTo see plugin in action please visit math-pages on my blog, e.g. \u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fnumerical-methods\u002Fnumerical-derivative\u002Fcentral-differences\u002F\" rel=\"nofollow ugc\">Central Differences\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fnumerical-methods\u002Fnumerical-integration\u002Fcubature-formulas-for-the-unit-disk\u002F\" rel=\"nofollow ugc\">Cubature formulas for the unit disk\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fnumerical-methods\u002Fnumerical-derivative\u002Fsmooth-low-noise-differentiators\u002F\" rel=\"nofollow ugc\">Smooth noise robust differentiators\u003C\u002Fa>, etc.\u003C\u002Fp>\n","Advanced LaTeX plugin. Native LaTeX syntax. Allows custom preamble, TikZ and other packages. Zoom-independent visual quality (SVG).",5000,98154,31,"2024-06-26T03:00:00.000Z","6.5.8","2.8",[112,113,22,23,114],"equations","gnuplot","tikz","http:\u002F\u002Fwww.holoborodko.com\u002Fpavel\u002Fquicklatex\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quicklatex.3.8.8.zip","2024-07-01 00:00:00",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":128,"num_ratings":129,"last_updated":130,"tested_up_to":50,"requires_at_least":87,"requires_php":93,"tags":131,"homepage":93,"download_link":132,"security_score":47,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-mathjax","Simple Mathjax","2.1.1","Samuel Coskey","https:\u002F\u002Fprofiles.wordpress.org\u002Fsgcoskey\u002F","\u003Cp>This wordpress plugin is yet another simple plugin to load the \u003Ca href=\"http:\u002F\u002Fwww.mathjax.org\" rel=\"nofollow ugc\">MathJax\u003C\u002Fa> scripts at the bottom of all of your pages. It uses a very all-inclusive mathjax configuration by default, with $’s and $$’s the default delimeters for in-line and displayed equations.\u003C\u002Fp>\n\u003Cp>A preference pane is added to the “Settings” group where you can choose whether to use MathJax version 2 or 3, change the MathJax server location (CDN) and the MathJax configuration settings. (See \u003Ca href=\"https:\u002F\u002Fdocs.mathjax.org\u002Fen\u002Flatest\u002Fweb\u002Fstart.html#configuring-mathjax\" rel=\"nofollow ugc\">the mathjax documentation\u003C\u002Fa> for details on the options available.)\u003Cbr \u002F>\nYou can also specify a LaTeX “preamble” of newcommands which will be loaded in a hidden element near the top of each page.\u003C\u002Fp>\n\u003Cp>Fork this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fboolesrings\u002FSimple-Mathjax-wordpress-plugin\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Yet another plugin to add MathJax support to your wordpress blog. Just wrap your equations inside $ signs and MathJax will render them visually.",4000,47452,94,13,"2025-09-10T09:57:00.000Z",[22,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-mathjax.2.1.1.zip",{"attackSurface":134,"codeSignals":167,"taintFlows":177,"riskAssessment":178,"analyzedAt":184},{"hooks":135,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":166,"entryPointCount":33,"unprotectedCount":28},[136,142,146,151,155],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_menu","katex_add_admin_menu","scripts\\admin.php",4,{"type":137,"name":143,"callback":144,"file":140,"line":145},"admin_init","katex_settings_init",5,{"type":137,"name":147,"callback":148,"file":149,"line":150},"init","katex_init","scripts\\frontend.php",21,{"type":137,"name":152,"callback":153,"priority":47,"file":149,"line":154},"wp_footer","katex_rubber",52,{"type":156,"name":157,"callback":158,"file":149,"line":159},"filter","no_texturize_shortcodes","katex_exempt_wptexturize",60,[],[],[163],{"tag":22,"callback":164,"file":149,"line":165},"katex_handler",41,[],{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":171,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":176},[],{"prepared":28,"raw":28,"locations":170},[],{"escaped":28,"rawEcho":33,"locations":172},[173],{"file":140,"line":174,"context":175},65,"raw output",[],[],{"summary":179,"deductions":180},"The wp-katex plugin version 1.11.0 exhibits a generally good security posture based on the provided static analysis.  There are no detected dangerous functions, SQL queries are all prepared, and no file operations or external HTTP requests are made, which significantly reduces the attack surface. The absence of any recorded vulnerabilities in its history is also a positive indicator. \n\nHowever, a critical concern arises from the output escaping results, where 100% of the outputs are not properly escaped. This means that any data processed or displayed by the plugin could potentially be vulnerable to cross-site scripting (XSS) attacks if user-supplied input is not adequately sanitized before being rendered.  While the plugin has a limited attack surface with only one shortcode and no unprotected entry points identified, the lack of output escaping on its sole output presents a significant risk that needs immediate attention. \n\nIn conclusion, while the plugin avoids common pitfalls like raw SQL or insecure AJAX\u002FREST API endpoints, the complete lack of output escaping is a major weakness. This oversight could allow for serious security vulnerabilities, outweighing the plugin's otherwise clean code signals and vulnerability history. It is strongly recommended that the developer prioritize implementing proper output sanitization for all data handled by the plugin.",[181],{"reason":182,"points":183},"Output escaping is not properly implemented",8,"2026-03-16T19:17:28.630Z",{"wat":186,"direct":195},{"assetPaths":187,"generatorPatterns":190,"scriptPaths":191,"versionParams":192},[188,189],"\u002Fwp-content\u002Fplugins\u002Fwp-katex\u002Fassets\u002Fkatex.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-katex\u002Fassets\u002Fkatex.min.js",[],[],[193,194],"wp-katex\u002Fassets\u002Fkatex.min.css?ver=","wp-katex\u002Fassets\u002Fkatex.min.js?ver=",{"cssClasses":196,"htmlComments":199,"htmlAttributes":200,"restEndpoints":202,"jsGlobals":203,"shortcodeOutput":204},[197,198],"wp-katex-eq","katex-display",[],[201],"data-display",[],[],[205,206],"\u003Cspan class=\"wp-katex-eq\" data-display=\"false\">","\u003Cspan class=\"wp-katex-eq katex-display\" data-display=\"true\">"]