[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVF4Pf9c4Ea3cdYBI6onl7kgevBrosF_c0Si6e7KYuyU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":7,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":131,"fingerprints":183},"wp-validator","WP-Validate","1.0","","https:\u002F\u002Fprofiles.wordpress.org\u002Fjamierumbelow\u002F","\u003Cp>WP-Validate indexes your site, collecting all the blog posts, pages and other published content, and submits it to the W3C’s HTML Validator, which then returns the response.\u003C\u002Fp>\n\u003Cp>WP-Validate then lists the valid pages, and the invalid pages, with a link to the specific validator URL.\u003C\u002Fp>\n","WP-Validate collects all the pages on your site and runs them through the W3C's HTML Validator.",10,3187,0,"2009-01-30T23:33:00.000Z","2.7","2.5",[18,19,20,21,22],"automatic","css","validation","w3c","xhtml","http:\u002F\u002Fwww.jamierumbelow.net\u002Fphp\u002Fwp-validator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-validator.1.03.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":30,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"jamierumbelow",1,30,84,"2026-04-04T12:37:01.230Z",[36,57,74,92,110],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":7,"tags":51,"homepage":54,"download_link":55,"security_score":25,"vuln_count":31,"unpatched_count":13,"last_vuln_date":56,"fetched_at":27},"validated","Validated","2.1.2","Allan Collins","https:\u002F\u002Fprofiles.wordpress.org\u002Fcollinsinternet\u002F","\u003Cp>Is your website up to W3C HTML coding standards?  This plugin will allow you to test each page or post on your site against the W3C Validator.\u003C\u002Fp>\n\u003Cp>Want to contribute? Fork it: https:\u002F\u002Fgithub.com\u002Fallan23\u002Fvalidated\u003C\u002Fp>\n","This plugin will allow you to check your pages\u002Fposts HTML against the W3C Validator.",700,25451,80,5,"2019-12-04T00:15:00.000Z","5.3.21","3.7",[52,53,20,21,22],"code","html","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvalidated\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvalidated.zip","2014-05-28 00:00:00",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":46,"num_ratings":31,"last_updated":7,"tested_up_to":67,"requires_at_least":7,"requires_php":7,"tags":68,"homepage":7,"download_link":71,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":73},"xhtml-easy-validator","(x)html easy validator","0.4","Nikoya","https:\u002F\u002Fprofiles.wordpress.org\u002Fnicolas-andre\u002F","\u003Cp>Check the doctype validity using W3c validator (html , xhtml , … ) when creating or updating  page \u002F post \u002F custom post type and show the result in backend\u003Cbr \u002F>\nIt show the result in back-end in sortable column, a link is add to the w3c for all file to help you to correct html error.\u003C\u002Fp>\n\u003Cp>Very easy to see if a post \u002F page is valid or not.\u003C\u002Fp>\n\u003Cp>This plugin can check the W3C validity of your page \u002F post or custom post type even if the site is not accessible from the Internet (if you work on local system for example)\u003C\u002Fp>\n","Check the doctype validity using W3c validator (html , xhtml , ... ) when creating or updating  page \u002F post \u002F custom post type and show the result in  …",20,5538,"3.2.1",[53,69,21,70,22],"html5","w3c-validation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxhtml-easy-validator.0.4.zip",100,"2026-03-15T10:48:56.248Z",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":11,"downloaded":82,"rating":13,"num_ratings":13,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":7,"tags":86,"homepage":89,"download_link":90,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":91},"batch-validator","Batch Validator","1.2","Roland Rust","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdprx\u002F","\u003Cp>It functions as a frontend for the Markup Validator Web Service API on http:\u002F\u002Fvalidator.w3.org. Stylesheets are checked as well.\u003C\u002Fp>\n\u003Cp>Languages available:\u003Cbr \u002F>\n+ english\u003Cbr \u002F>\n+ deutsch(german)\u003C\u002Fp>\n","This plugin performs a batch markup validation check over your entire WordPress website.",3311,"2007-09-02T23:46:00.000Z","2.2.2","2.1",[53,87,88,21,22],"markup-validation","validator","http:\u002F\u002Fwordpress.designpraxis.at","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbatch-validator.zip","2026-03-15T14:54:45.397Z",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":72,"downloaded":100,"rating":72,"num_ratings":31,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":7,"tags":104,"homepage":108,"download_link":109,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"gallery-shortcode-style-to-head","Gallery Shortcode Style to Head","2.4","Matt Martz","https:\u002F\u002Fprofiles.wordpress.org\u002Fsivel\u002F","\u003Cp>Moves the gallery shortcode styles to the head so it doesn’t break XHTML\u003Cbr \u002F>\nvalidation; allows disabling or modifying the default gallery styles.\u003C\u002Fp>\n\u003Cp>By default when using the WordPress gallery, the styles are placed into the\u003Cbr \u002F>\npost content which breaks XHTML validation. This plugin moves the style into\u003Cbr \u002F>\nthe head of the page using a look-ahead to determine if the [gallery]\u003Cbr \u002F>\nshortcode is used in any posts.\u003C\u002Fp>\n\u003Cp>This plugin also gives you the option to modify the default gallery style\u003Cbr \u002F>\nCSS or disable the gallery styles entirely (so you can control it from your\u003Cbr \u002F>\ntemplate CSS files).\u003C\u002Fp>\n\u003Cp>This plugin uses ideas recommended in a patch located at\u003Cbr \u002F>\nhttps:\u002F\u002Ftrac.wordpress.org\u002Fattachment\u002Fticket\u002F6380\u002F6380-style.diff\u003C\u002Fp>\n\u003Cp>Special thanks to\u003Cbr \u002F>\n* The original author: Matt Martz, http:\u002F\u002Fsivel.net\u003Cbr \u002F>\n* Serbo-Croatian (sr_RS) translation: Borisa Djuraskovic, http:\u002F\u002Fwww.webhostinghub.com\u003Cbr \u002F>\n* Spanish (es_ES) translation: Ogi Djuraskovic, http:\u002F\u002Fwww.webhostinghub.com\u002F\u003C\u002Fp>\n","Moves the gallery shortcode styles to the head so it doesn't break XHTML validation; allows disabling or modifying the default gallery styles.",11493,"2015-04-02T16:12:00.000Z","4.1.42","3.3",[19,105,106,107,22],"gallery","shortcode","style","http:\u002F\u002Fwww.intersanity.com\u002Fsoftware\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgallery-shortcode-style-to-head.2.4.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":46,"downloaded":118,"rating":72,"num_ratings":31,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":122,"tags":123,"homepage":128,"download_link":129,"security_score":130,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"acss-purger","ACSS Purger","1.0.16","Rosua","https:\u002F\u002Fprofiles.wordpress.org\u002Frosua\u002F","\u003Cp>ACSS Purger helps you reduce the size of your Automatic.css CSS file by purging unused CSS classes (selectors) based on your design on the Bricks builder.\u003C\u002Fp>\n\u003Cp>Up to 90% smaller CSS file size!\u003C\u002Fp>\n\u003Ch4>Liked ACSS Purger?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002F1142662969627943\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Or rate us on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Facss-purger\u002Freviews\u002F?filter=5\u002F#new-post\u002F\" rel=\"ugc\">WordPress\u003C\u002Fa> 🙂\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Image by \u003Ca href=\"https:\u002F\u002Fwww.freepik.com\u002Ffree-vector\u002Fblue-funnel-sticker-white-background_18935987.htm#query=funnel&position=1&from_view=search&track=sph\" rel=\"nofollow ugc\">brgfx\u003C\u002Fa> on Freepik\u003C\u002Fli>\n\u003C\u002Ful>\n","Purge Automatic.css CSS file (up to 90% smaller)",4571,"2025-02-04T09:07:00.000Z","6.7.5","6.0","7.4",[124,125,126,127],"acss","acsspurger","automatic-css","automaticcss","https:\u002F\u002Facss-purger.yabe.land","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facss-purger.1.0.16.zip",92,{"attackSurface":132,"codeSignals":148,"taintFlows":166,"riskAssessment":167,"analyzedAt":182},{"hooks":133,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":13,"unprotectedCount":13},[134,140],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","admin_menu","validate_admin_actions","validator.php",134,{"type":135,"name":141,"callback":142,"file":138,"line":143},"init","validate_check_trigger",135,[],[],[],[],{"dangerousFunctions":149,"sqlUsage":154,"outputEscaping":159,"fileOperations":164,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":165},[150],{"fn":151,"file":138,"line":152,"context":153},"unserialize",41,"$posts = unserialize($file);",{"prepared":13,"raw":31,"locations":155},[156],{"file":138,"line":157,"context":158},28,"$wpdb->get_results() with variable interpolation",{"escaped":13,"rawEcho":31,"locations":160},[161],{"file":138,"line":162,"context":163},108,"raw output",4,[],[],{"summary":168,"deductions":169},"The static analysis of wp-validator v1.0 reveals a mixed security posture. On the positive side, the plugin exhibits a very small attack surface with no detectable AJAX handlers, REST API routes, shortcodes, or cron events. This significantly limits the number of potential entry points for attackers.  However, the code analysis raises significant concerns. The presence of the `unserialize` function is a major red flag, as it can be exploited for object injection vulnerabilities if the input is not strictly controlled and sanitized. Furthermore, all SQL queries are executed without prepared statements, making the plugin vulnerable to SQL injection attacks. The lack of output escaping means that any data displayed to users could potentially be manipulated to execute malicious code. The absence of nonce and capability checks across any potential entry points (though the attack surface is currently zero) is a worrying oversight that would be problematic if the attack surface were to grow.\n\nDespite these critical code-level weaknesses, the vulnerability history is remarkably clean, with no known CVEs. This might indicate that the plugin is either very new, has not been extensively scrutinized, or that the identified code issues have not yet been exploited in the wild. The current lack of vulnerabilities doesn't negate the inherent risks presented by the static analysis. The plugin's strengths lie in its limited attack surface, but its weaknesses in secure coding practices (unserialize, raw SQL, unescaped output) present substantial risks that require immediate attention to mitigate potential exploits.",[170,173,175,178,180],{"reason":171,"points":172},"Presence of unserialize function",15,{"reason":174,"points":11},"SQL queries without prepared statements",{"reason":176,"points":177},"Output not properly escaped",8,{"reason":179,"points":47},"Missing nonce checks",{"reason":181,"points":47},"Missing capability checks","2026-03-17T01:45:01.281Z",{"wat":184,"direct":189},{"assetPaths":185,"generatorPatterns":186,"scriptPaths":187,"versionParams":188},[],[],[],[],{"cssClasses":190,"htmlComments":193,"htmlAttributes":194,"restEndpoints":195,"jsGlobals":196,"shortcodeOutput":197},[191,192],"valid_pages","invalid_pages",[],[],[],[],[]]