[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqCgXBR6tixfaRz_SvPqkJt6BETizfcDHkD0ILMmd6-4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":113,"fingerprints":249},"wp-typograph-full","WP Typograph Full","2.3.5","marapper","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarapper\u002F","\u003Cp>Плагин \u003Ca href=\"http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-full\" rel=\"nofollow ugc\">WP Typograph Full\u003C\u002Fa> предназначен для автоматического форматирования текста в соответствии с правилами русской типографики. Обрабатывает все основные блоки – заголовки, тексты постов и страниц, комментарии. Форматирование происходит на лету – при отображении страницы, без изменения исходного текста постов.\u003C\u002Fp>\n\u003Cp>Для большинства блогов рекомендуется использовать \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-russian-typograph\u002F\" rel=\"ugc\">облегченную версию плагина\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Основная функциональность\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Правильные кавычки («елочки и вложенные „лапки“»).\u003C\u002Fli>\n\u003Cli>Длинное тире между словами — не отрывая от предыдущего слова.\u003C\u002Fli>\n\u003Cli>— Тире, — в диалогах.\u003C\u002Fli>\n\u003Cli>Интервальные тире в датах и периодах (13 ноября—25 декабря).\u003C\u002Fli>\n\u003Cli>Минус между цифрами 0–9.\u003C\u002Fli>\n\u003Cli>Многоточие — тремя точками…\u003C\u002Fli>\n\u003Cli>Убирает точку в конце заголовка поста.\u003C\u002Fli>\n\u003Cli>В тегах \u003Ccode>, \u003Cpre> и \u003Cscript> (и некоторых других) текст не изменяет.\u003C\u002Fli>\n\u003Cli>В теге \u003Ccode> автоматически заменяет \u003C на \u003C, исправляет кавычки на машинописные для корректного копирования-вставки.\u003C\u002Fli>\n\u003Cli>Заменяет функцию фильтрации HTML (wpautop), исправляет ошибки визуального редактора со вставкой тегов.\u003C\u002Fli>\n\u003Cli>Делает ссылки в комментариях кликабельными (с http и www), автоматически сокращая якорь в длинных ссылках.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Остальные функции раздельно обрабатываются в \u003Cstrong>трех блоках\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Заголовки\u003C\u002Fli>\n\u003Cli>Основной текст\u003C\u002Fli>\n\u003Cli>Комментарии\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Три основных \u003Cstrong>типа обработки\u003C\u002Fstrong>, раздельные для каждого типа блока:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Спецсимволы (\u003Cem>по умолчанию — в тексте, комментариях\u003C\u002Fem>). ©, ®, ™, ½, ±, 10×10.\u003C\u002Fli>\n\u003Cli>Неразрывные конструкции (\u003Cem>по умолчанию — в заголовках, текстах\u003C\u002Fem>). Склеивает пробелы в названиях организаций, обращениях, в годах, в «до н.э.» («и т.д.»,«и т.п.»), мерах измерений, денежные суммы, инициалах, номере версии программы. Не разрывает со следующим (предыдущим словом) предлоги, союзы, короткие слова, частицы с дефисом и без. Также склеивает последнее слово в абзаце с предыдущим, чтобы предотвратить появление т.н. “вдов”.\u003C\u002Fli>\n\u003Cli>Исправления (\u003Cem>по умолчанию — в тексте, комментариях\u003C\u002Fem>). Ошибочная пунктуация, повторяющиеся слова, и т.п.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>В целях снижения нагрузок на сервер желательно использовать с любым плагином кеширования.\u003C\u002Fem>\u003C\u002Fp>\n","Russian typography for Wordpress. Full version with settings.",100,4644,0,"2009-04-09T14:55:00.000Z","2.7.1","2.0.2","",[19,20,21,22,23],"formatting","post","posts","text","typograph","http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-full","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-typograph-full.2.3.5.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},6,8160,88,30,86,"2026-04-05T02:26:13.575Z",[38,50,64,80,97],{"slug":39,"name":40,"version":6,"author":7,"author_profile":8,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":11,"num_ratings":45,"last_updated":46,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":47,"homepage":48,"download_link":49,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-russian-typograph","WP Typograph Lite","\u003Cp>Рекомендуется для большинства блогов на русском языке.\u003C\u002Fp>\n\u003Cp>Плагин \u003Ca href=\"http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-light\" rel=\"nofollow ugc\">WP Typograph Lite\u003C\u002Fa> предназначен для автоматического форматирования текста в соответствии с правилами русской типографики. Обрабатывает все основные блоки – заголовки, тексты постов и страниц, комментарии. Форматирование происходит при отображении страницы, без изменения исходного текста постов.\u003C\u002Fp>\n\u003Cp>\u003Cem>Желательно использовать плагин с включенным кешированием WordPress\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Основная функциональность\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Правильные кавычки («елочки и вложенные „лапки“»).\u003C\u002Fli>\n\u003Cli>Длинное тире между словами — не отрывая от предыдущего слова.\u003C\u002Fli>\n\u003Cli>— Черта, — в диалогах.\u003C\u002Fli>\n\u003Cli>Интервальные тире в датах и периодах (13 ноября—25 декабря).\u003C\u002Fli>\n\u003Cli>Минус между цифрами 0–9.\u003C\u002Fli>\n\u003Cli>Многоточие — тремя точками…\u003C\u002Fli>\n\u003Cli>Убирает точку в конце заголовка поста.\u003C\u002Fli>\n\u003Cli>В тегах \u003Ccode>, \u003Cpre> и \u003Cscript> (и некоторых других) текст не изменяет.\u003C\u002Fli>\n\u003Cli>В теге \u003Ccode> автоматически заменяет \u003C на \u003C, исправляет кавычки на машинописные для корректного копирования-вставки.\u003C\u002Fli>\n\u003Cli>Заменяет функцию фильтрации HTML (wpautop), исправляет ошибки визуального редактора со вставкой тегов.\u003C\u002Fli>\n\u003Cli>Форматирует некоторые спецсимволы, такие как ½, ©, ™ и др.\u003C\u002Fli>\n\u003Cli>Делает ссылки в комментариях кликабельными (с http и www), автоматически сокращая якорь в длинных ссылках.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-typograph-full\u002F\" rel=\"ugc\">Полная версия\u003C\u002Fa> позволяет управлять неразрывными конструкциями и автоматическими исправлениями, обладает гибкими настройками.\u003C\u002Fp>\n","Russian typography for Wordpress. Lite version.",2000,43001,3,"2017-11-28T18:11:00.000Z",[19,20,21,22,23],"http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Ftypo\u002F#typo-light","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-russian-typograph.2.3.5.zip",{"slug":51,"name":52,"version":53,"author":7,"author_profile":8,"description":17,"short_description":54,"active_installs":55,"downloaded":56,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":57,"requires_at_least":58,"requires_php":17,"tags":59,"homepage":61,"download_link":62,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":63},"allowcomments","Allow Comments to Old Posts","1.6","Allow comments to posts with custom field \"allow_comments\" even if option 'close comments to old posts' is on.",10,2982,"2.7","2.3",[19,60,20,21,22,23],"page","http:\u002F\u002Fiskariot.ru\u002Fwordpress\u002Fremix\u002F#allow","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fallowcomments.1.6.zip","2026-03-15T10:48:56.248Z",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":11,"downloaded":72,"rating":11,"num_ratings":45,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":17,"tags":76,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"remove-double-space","Remove Double Space","0.3","Josh Eaton","https:\u002F\u002Fprofiles.wordpress.org\u002Fjjeaton\u002F","\u003Cp>On display, duplicate whitespace (including unicode whitespace characters) in between sentences or elsewhere within posts will be replaced with a single space. Useful if multiple contributors use different styles for sentence spacing or as a catch-all for any unintended extra whitespace.\u003C\u002Fp>\n\u003Cp>This enables consistency in a blog with multiple contributors where one writer uses double spaces between sentences and another uses single spaces.\u003C\u002Fp>\n\u003Cp>No modifications are made to the post content itself, the replacement happens when the content is displayed to the user.\u003C\u002Fp>\n","Remove duplicate whitespace in between sentences or elsewhere within posts. Useful if multiple contributors use different styles for sentence spacing.",6131,"2012-08-28T01:39:00.000Z","3.4.2","2.9.2",[19,20,21,77],"typography","http:\u002F\u002Fwww.josheaton.org\u002Fblog\u002Fremove-double-space-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-double-space.0.3.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":34,"downloaded":88,"rating":13,"num_ratings":13,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":17,"tags":92,"homepage":95,"download_link":96,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"bgstyle","По български","0.9","Nikolay Bachiyski","https:\u002F\u002Fprofiles.wordpress.org\u002Fnbachiyski\u002F","\u003Cp>Разширението „По български“ помага за по-доброто оформление за публикации на български език.\u003C\u002Fp>\n\u003Cp>Засега по следните начини:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>заменя английските кавички с български: „ и “\u003C\u002Fli>\n\u003Cli>слага автоматично български кавички на текст в \u003Cq> таг\u003C\u002Fli>\n\u003Cli>заменя самотна малка буква \u003Cem>й\u003C\u002Fem> с ѝ (ударена малка буква \u003Cem>и\u003C\u002Fem>, и кратко)\u003C\u002Fli>\n\u003Cli>заменя много дългото тире, използвано в английския език (mdash) с дългото тире, използвано в българския (ndash)\u003C\u002Fli>\n\u003C\u002Ful>\n","Помага за по-доброто оформление за публикации на български език",2733,"2013-12-22T23:18:00.000Z","3.9.40","3.0",[93,19,21,94,77],"bulgarian","style","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbgstyle\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbgstyle.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":55,"downloaded":105,"rating":13,"num_ratings":13,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":17,"tags":109,"homepage":110,"download_link":111,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":112},"post-typographer","Post Typographer","12","enivid","https:\u002F\u002Fprofiles.wordpress.org\u002Fenivid\u002F","\u003Cp>When you publish a post or update an already published post, this plugin will format the post’s content to certain typographic rules:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>All hyphens between two words (surrounded by spaces) will be transformed to m-dashes with the non-breaking spaces ahead of them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>All hyphens between digits (without spaces) will be transformed to n-dashes. But it tries to preserve phone numbers.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>All spaces following these words will be replaced with the non-breaking spaces:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>at\u003C\u002Fli>\n\u003Cli>or \u003C\u002Fli>\n\u003Cli>and\u003C\u002Fli>\n\u003Cli>the\u003C\u002Fli>\n\u003Cli>a\u003C\u002Fli>\n\u003Cli>an\u003C\u002Fli>\n\u003Cli>in\u003C\u002Fli>\n\u003Cli>on\u003C\u002Fli>\n\u003Cli>of\u003C\u002Fli>\n\u003Cli>for\u003C\u002Fli>\n\u003Cli>to\u003C\u002Fli>\n\u003Cli>as\u003C\u002Fli>\n\u003Cli>i\u003C\u002Fli>\n\u003Cli>or\u003C\u002Fli>\n\u003Cli>my\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Double and more spaces are replaced with the single ones.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>All misplaced spaces near dots, colons, semicolons, exclamation marks and question marks are fixed, where possible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Composed words with hyphens in them (e.g. \u003Cem>easy-to-use\u003C\u002Fem>) will be wrapped in \u003Ccode>\u003Cnobr>\u003C\u002Fnobr>\u003C\u002Fcode> tags.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>\u003Cpre>\u003C\u002Fpre>\u003C\u002Fcode> tag and its contents are preserved.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Problems:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>The plugin \u003Cstrong>will not\u003C\u002Fstrong> mess with the HTML tags or other mark-up tags delimited with \u003C and >. It \u003Cstrong>will\u003C\u002Fstrong> mess with the Javascript code and such constructions as:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    [code]\n    bla bla bla\n    [\u002Fcode]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Though, since version 6, the mess is minimized for [code] and [video] tags.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The n-dash thing will mess up with the phone numbers that have only one hyphen in them. They will be confused with the value ranges.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Thanks to\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.artlebedev.ru\u002Ftypograf\u002F\" rel=\"nofollow ugc\">Typograf by Artemy Lebedev\u003C\u002Fa>\u003C\u002Fp>\n","Adds non-breaking spaces, `` tags, common spaces, tags and dashes where needed. Works with English texts only.",4276,"2017-12-05T11:52:00.000Z","4.9.29","2.5",[19,20,21,77],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-typographer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-typographer.zip","2026-03-15T14:54:45.397Z",{"attackSurface":114,"codeSignals":172,"taintFlows":191,"riskAssessment":232,"analyzedAt":248},{"hooks":115,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":13,"unprotectedCount":13},[116,122,128,131,134,137,140,143,145,149,152,155,159,162,164],{"type":117,"name":118,"callback":119,"file":120,"line":121},"action","admin_menu","typoFullАdmin","wp-typograph-full.php",46,{"type":123,"name":124,"callback":125,"priority":126,"file":120,"line":127},"filter","single_post_title","typoFullFilterHeader",9,161,{"type":123,"name":129,"callback":125,"priority":126,"file":120,"line":130},"the_title",162,{"type":123,"name":132,"callback":125,"priority":126,"file":120,"line":133},"link_title",163,{"type":123,"name":135,"callback":125,"priority":126,"file":120,"line":136},"list_cats",164,{"type":123,"name":138,"callback":125,"priority":126,"file":120,"line":139},"single_cat_title",165,{"type":123,"name":141,"callback":125,"priority":126,"file":120,"line":142},"single_tag_title",166,{"type":123,"name":124,"callback":125,"priority":126,"file":120,"line":144},167,{"type":123,"name":146,"callback":147,"priority":126,"file":120,"line":148},"the_content","typoFullFilterText",168,{"type":123,"name":150,"callback":147,"priority":126,"file":120,"line":151},"the_excerpt",169,{"type":123,"name":153,"callback":147,"priority":126,"file":120,"line":154},"category_description",170,{"type":123,"name":156,"callback":157,"priority":126,"file":120,"line":158},"comment_text","typoFullFilterComment",171,{"type":123,"name":146,"callback":160,"priority":34,"file":120,"line":161},"typoFullFilterWPautop",710,{"type":123,"name":150,"callback":160,"priority":34,"file":120,"line":163},711,{"type":123,"name":146,"callback":165,"priority":166,"file":120,"line":167},"do_shortcode",43,717,[],[],[],[],{"dangerousFunctions":173,"sqlUsage":182,"outputEscaping":184,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":190},[174,178],{"fn":175,"file":120,"line":176,"context":177},"preg_replace(\u002Fe)",649,"preg_replace('|\\s*\u003C\u002Fe",{"fn":179,"file":120,"line":180,"context":181},"create_function",668,"$pee = preg_replace_callback('\u002F\u003C(script|style).*?\u003C\\\u002F\\\\1>\u002Fs', create_function('$matches', 'return str",{"prepared":13,"raw":13,"locations":183},[],{"escaped":126,"rawEcho":185,"locations":186},1,[187],{"file":120,"line":188,"context":189},93,"raw output",[],[192,220],{"entryPoint":193,"graph":194,"unsanitizedCount":218,"severity":219},"typoFullOptionsPage (wp-typograph-full.php:68)",{"nodes":195,"edges":214},[196,201,207,210],{"id":197,"type":198,"label":199,"file":120,"line":200},"n0","source","$_POST",76,{"id":202,"type":203,"label":204,"file":120,"line":205,"wp_function":206},"n1","sink","update_option() [Settings Manipulation]",80,"update_option",{"id":208,"type":198,"label":209,"file":120,"line":188},"n2","$_SERVER['REQUEST_URI']",{"id":211,"type":203,"label":212,"file":120,"line":188,"wp_function":213},"n3","echo() [XSS]","echo",[215,217],{"from":197,"to":202,"sanitized":216},false,{"from":208,"to":211,"sanitized":216},2,"medium",{"entryPoint":221,"graph":222,"unsanitizedCount":218,"severity":231},"\u003Cwp-typograph-full> (wp-typograph-full.php:0)",{"nodes":223,"edges":228},[224,225,226,227],{"id":197,"type":198,"label":199,"file":120,"line":200},{"id":202,"type":203,"label":204,"file":120,"line":205,"wp_function":206},{"id":208,"type":198,"label":209,"file":120,"line":188},{"id":211,"type":203,"label":212,"file":120,"line":188,"wp_function":213},[229,230],{"from":197,"to":202,"sanitized":216},{"from":208,"to":211,"sanitized":216},"low",{"summary":233,"deductions":234},"The \"wp-typograph-full\" v2.3.5 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by not initiating external HTTP requests, performing file operations, or using bundled libraries. The absence of known CVEs and a clean vulnerability history are strong indicators of past security diligence.\n\nHowever, the static analysis reveals significant concerns. The presence of dangerous functions like `preg_replace(\u002Fe)` and `create_function` is a red flag, as these can be exploited for code execution if user input is not meticulously sanitized. While the taint analysis shows no critical or high-severity issues in the flows analyzed, the existence of two flows with unsanitized paths is still worrying and could lead to vulnerabilities if they interact with dangerous functions or sensitive data.\n\nFurthermore, the lack of any nonce checks or capability checks, coupled with zero unprotected entry points in the attack surface, is peculiar. While this might suggest that all interactions are indirectly protected, it also means there's no explicit defense-in-depth at the plugin's direct entry points. The overall conclusion is that while the plugin has a clean vulnerability history, the static analysis highlights potential weaknesses related to dangerous function usage and unsanitized data flows that require careful attention and potential remediation.",[235,237,239,241,244,246],{"reason":236,"points":55},"Dangerous function: preg_replace(\u002Fe)",{"reason":238,"points":55},"Dangerous function: create_function",{"reason":240,"points":55},"Taint flows with unsanitized paths (2)",{"reason":242,"points":243},"No nonce checks",5,{"reason":245,"points":243},"No capability checks",{"reason":247,"points":45},"Unescaped output (1 of 10)","2026-03-16T20:33:31.001Z",{"wat":250,"direct":259},{"assetPaths":251,"generatorPatterns":253,"scriptPaths":254,"versionParams":256},[252],"\u002Fwp-content\u002Fplugins\u002Fwp-typograph-full\u002Ftypograph.css",[],[255],"\u002Fwp-content\u002Fplugins\u002Fwp-typograph-full\u002Ftypograph.js",[257,258],"wp-typograph-full\u002Ftypograph.css?ver=","wp-typograph-full\u002Ftypograph.js?ver=",{"cssClasses":260,"htmlComments":261,"htmlAttributes":262,"restEndpoints":263,"jsGlobals":264,"shortcodeOutput":265},[],[],[],[],[],[]]