[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9zNyVTs2T6v91oaCcrIk8F4Ucp7mDXMXbBGENEK9Fbk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":137,"fingerprints":232},"wp-yomigana","WP-Yomigana","2.1.0","Fumiki Takahashi","https:\u002F\u002Fprofiles.wordpress.org\u002Ftakahashi_fumiki\u002F","\u003Cp>このプラグインはWordPressのエディターにrubyタグを入力する機能を追加します。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For Non-Japanese Speaker\u003C\u002Fstrong> This plugin enable \u003Ccode>ruby\u003C\u002Fcode> tag which is not a programming language but \u003Ca href=\"http:\u002F\u002Fdev.w3.org\u002Fcsswg\u002Fcss-ruby-1\u002F\" rel=\"nofollow ugc\">Japanese bilinear writing system\u003C\u002Fa>. If you are not Japanese speaker, \u003Ccode>ruby\u003C\u002Fcode> won’t matter. But this plugin also enables some utility buttons to your Visual Editor. Do you need \u003Ccode>dl\u003C\u002Fcode>, \u003Ccode>small\u003C\u002Fcode>, \u003Ccode>cite\u003C\u002Fcode> or \u003Ccode>q\u003C\u002Fcode> tags? Try this plugin!\u003C\u002Fp>\n\u003Ch4>このプラグインの機能\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>ブロックエディターにルビ入力機能を追加します。テキストを選択して、プルダウンもしくはショートカット \u003Ccode>⌘(Ctrl) + Alt + R\u003C\u002Fcode> でルビを入力。\u003C\u002Fli>\n\u003Cli>TinyMCE（クラシックエディター）にも対応。\u003C\u002Fli>\n\u003Cli>ついでにインライン引用（qタグ）、注釈（smallタグ）、定義リスト（dlタグ）、引用元（citeタグ）も入力できるようになります。\u003C\u002Fli>\n\u003Cli>テキストを選択するときは慎重に！\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>貢献\u003C\u002Fh4>\n\u003Cp>ソースコードは\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffumikito\u002Fwp-yomigana\" rel=\"nofollow ugc\">Github\u003C\u002Fa>にホストしているので、気軽にプルリク、イシューなどお送りください。\u003C\u002Fp>\n","このプラグインはWordPressのエディターにrubyタグを入力する機能を追加します。",2000,14608,100,3,"2020-03-16T19:08:00.000Z","5.3.21","5.0","5.6",[20,21,22,23,24],"cite","dl","ruby","tinymce","wysiwyg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-yomigana\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-yomigana.2.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"takahashi_fumiki",14,3590,90,513,72,"2026-04-04T13:33:36.550Z",[41,63,85,102,120],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":61,"download_link":62,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"black-studio-tinymce-widget","Black Studio TinyMCE Widget","2.7.3","Black Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fblack-studio\u002F","\u003Cp>This plugin adds a new \u003Ccode>Visual Editor\u003C\u002Fcode> widget type that allows you to insert rich text and media objects in your sidebars with no hassle. With Black Studio TinyMCE Widget you will be able to edit your widgets in a WYSIWYG manner using the native WordPress TinyMCE editor, just like you do in posts and pages. And if you are a developer you may still switch back and forth from Visual to HTML mode.\u003C\u002Fp>\n\u003Cp>For years the default WordPress text widget has been very basic and it required HTML knowledge to add formatting and images\u002Fmedia to the text. This plugin was born in 2011 to overcome these limitations. After a long time, in June 2017, version 4.8 of WordPress finally introduced a new text widget that included the ability to manage text widgets with the visual editor. The new widget available in WordPress core could now be used as a basic replacement of Black Studio TinyMCE Widget, but the plugin still offers some additional features, so it remains a must-have for advanced users.\u003C\u002Fp>\n\u003Ch4>Basic Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add rich text widgets to your sidebars and edit them using the TinyMCE visual editor\u003C\u002Fli>\n\u003Cli>Switch between Visual mode and HTML mode (including Quicktags toolbar)\u003C\u002Fli>\n\u003Cli>Insert images, videos, and other media from WordPress Media Library\u003C\u002Fli>\n\u003Cli>Insert links to existing WordPress pages\u002Fposts or external resources\u003C\u002Fli>\n\u003Cli>Support for shortcodes, smilies and embed in widget text (including preview)\u003C\u002Fli>\n\u003Cli>Support for the Block-based Widgets Editor introduced with WordPress 5.8\u003C\u002Fli>\n\u003Cli>Support for Customizer with live preview and quick edit\u003C\u002Fli>\n\u003Cli>Support for widgets accessibility mode\u003C\u002Fli>\n\u003Cli>Compatible with multi-site (WordPress networks)\u003C\u002Fli>\n\u003Cli>Compatible with the most common multi-language plugins\u003C\u002Fli>\n\u003Cli>Compatible with Page Builder plugin by SiteOrigin\u003C\u002Fli>\n\u003Cli>Translations available in 20+ languages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Features\u003C\u002Fh4>\n\u003Cp>These features are what makes this plugin better than the WordPress (4.8+) native widget:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Full featured TinyMCE Visual Editor (the same you have for pages and posts)\u003C\u002Fli>\n\u003Cli>Wide text area for an enhanced editing experience\u003C\u002Fli>\n\u003Cli>Compatible with 3rd party TinyMCE customization plugins (TinyMCE Advanced, WP Edit, …)\u003C\u002Fli>\n\u003Cli>Support for distraction-free (fullscreen) editing mode \u003C\u002Fli>\n\u003Cli>Option to “Automatically add paragraphs” to widget text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the plugin\u003C\u002Fh4>\n\u003Cp>The story of the plugin was featured in a talk at WordCamp Europe 2018 in Belgrade.\u003Cbr \u002F>\nSee the video \u003Ca href=\"https:\u002F\u002Fwordpress.tv\u002F2018\u002F07\u002F11\u002Ffrancesco-canovi-marco-chiesi-once-upon-a-time-there-was-a-plugin\u002F\" rel=\"nofollow ugc\">Once upon a time, there was a plugin…\u003C\u002Fa> on WordPress.tv.\u003C\u002Fp>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002F\" rel=\"nofollow ugc\">Author’s web site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002Fwordpress-plugins\u002Fblack-studio-tinymce-widget\u002F\" rel=\"nofollow ugc\">Plugin’s page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblack-studio-tinymce-widget\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fblack-studio-tinymce-widget\" rel=\"ugc\">Support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fblackstudioita\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fblackstudiocomunicazione\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fblack-studio\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblack-studio\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get involved\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Developers can contribute to the source code on our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblack-studio\u002Fblack-studio-tinymce-widget\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Translators can contribute through the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fblack-studio-tinymce-widget\" rel=\"nofollow ugc\">Official WordPress Translation platform\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Users can contribute by leaving a 5 stars \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fblack-studio-tinymce-widget#postform\" rel=\"ugc\">review\u003C\u002Fa> or making a \u003Ca href=\"https:\u002F\u002Fwww.blackstudio.it\u002Fen\u002Fwordpress-plugins\u002Fblack-studio-tinymce-widget\u002F\" rel=\"nofollow ugc\">donation\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","The visual editor widget for WordPress.",200000,11110927,96,192,"2026-03-08T20:09:00.000Z","6.9.4","3.1","5.2",[58,23,59,60,24],"editor","visual","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblack-studio-tinymce-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblack-studio-tinymce-widget.2.7.3.zip",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":13,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":82,"download_link":83,"security_score":84,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"visual-term-description-editor","Visual Term Description Editor","1.8.1","Shea Bunge","https:\u002F\u002Fprofiles.wordpress.org\u002Fbungeshea\u002F","\u003Cp>-Replaces the term description editor with the WordPress TinyMCE visual editor, allowing you to use HTML in term descriptions and write them in rich text. Works on all taxonomies, including tags, categories and link categories, as well as custom taxonomies.\u003C\u002Fp>\n\u003Cp>This plugin is multisite-compatible; if you would like to use it on every blog, network activate the plugin from the network dashboard. Otherwise, activate the plugin for individual sites.\u003C\u002Fp>\n\u003Cp>This plugin’s code is \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsheabunge\u002Fvisual-term-description-editor\" rel=\"nofollow ugc\">available on GitHub\u003C\u002Fa>. Please feel free to fork the repository and send a pull request. If you find a bug in the plugin, open an issue.\u003C\u002Fp>\n","Replaces the plain-text category and tag description editor with a visual editor.",20000,96883,21,"2024-08-17T01:44:00.000Z","6.6.5","3.3","5.4",[79,80,81,23,24],"categories","rich-text","tags","https:\u002F\u002Fgithub.com\u002Fsheabunge\u002Fvisual-term-description-editor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisual-term-description-editor.1.8.1.zip",92,{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":51,"num_ratings":95,"last_updated":96,"tested_up_to":75,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":100,"download_link":101,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"advanced-tinymce-configuration","Advanced TinyMCE Configuration","1.6","Andrew Ozz","https:\u002F\u002Fprofiles.wordpress.org\u002Fazaozz\u002F","\u003Cp>This plugin is intended for more advanced users that would like to change the default TinyMCE configuration in WordPress.\u003Cbr \u002F>\nIt makes it very easy to add, remove or change all TinyMCE settings for the classic editor and for the classic block in the block editor.\u003C\u002Fp>\n","Set advanced TinyMCE options for the classic block and classic editor.",10000,210369,12,"2023-04-10T23:51:00.000Z","3.9","",[58,23,24],"http:\u002F\u002Fwww.laptoptips.ca\u002Fprojects\u002Fadvanced-tinymce-configuration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-tinymce-configuration.1.6.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":13,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":98,"tags":116,"homepage":118,"download_link":119,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"clean-html","Cleanup HTML","1.1","closemarketing","https:\u002F\u002Fprofiles.wordpress.org\u002Fclosemarketing\u002F","\u003Cp>Adds a button to your classic editor visual toolbar that when clicked strips all \u003Ccode>div\u003C\u002Fcode>, ‘table’, \u003Ccode>span\u003C\u002Fcode> tags from your post HTML code — those are usually junk tags. The stripping includes any tag attributes.\u003C\u002Fp>\n","Adds a button to your classic editor visual toolbar that when clicked strips all div, 'table', span tags from your post HTML code -- those a &hellip;",4000,8228,4,"2020-11-30T08:11:00.000Z","5.6.17","3.0",[103,117,23,24],"html","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclean-html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclean-html.1.1.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":11,"downloaded":128,"rating":13,"num_ratings":112,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":135,"download_link":136,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"advanced-post-excerpt","Advanced Post Excerpt","1.0.0","Steve Grunwell","https:\u002F\u002Fprofiles.wordpress.org\u002Fstevegrunwell\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FExcerpt\" rel=\"nofollow ugc\">WordPress post excerpts\u003C\u002Fa> can be a great way to hand-craft the summary of your content. Unfortunately, writing post excerpts isn’t as nice of an experience as what you find elsewhere in WordPress. Want to include links in your excerpts, or bold some text? Hopefully you know some HTML!\u003C\u002Fp>\n\u003Cp>Advanced Post Excerpts is designed to change that, by giving your editors an easy, intuitive interface for writing great post excerpts.\u003C\u002Fp>\n\u003Cp>For complete details and\u002For to contribute to ongoing development, please \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fstevegrunwell\u002Fadvanced-post-excerpt\" rel=\"nofollow ugc\">visit this project on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Replace the default Post Excerpt meta box with a superior editing experience.",22870,"2023-12-18T23:47:00.000Z","6.4.8","4.5","7.0",[134,23,24],"excerpts","https:\u002F\u002Fgithub.com\u002Fstevegrunwell\u002Fadvanced-post-excerpt","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-post-excerpt.1.0.0.zip",{"attackSurface":138,"codeSignals":202,"taintFlows":222,"riskAssessment":223,"analyzedAt":231},{"hooks":139,"ajaxHandlers":198,"restRoutes":199,"shortcodes":200,"cronEvents":201,"entryPointCount":28,"unprotectedCount":28},[140,145,148,150,156,159,163,168,173,177,181,185,188,191,194],{"type":141,"name":142,"callback":142,"file":143,"line":144},"action","admin_menu","src\\Hametuha\\Yomigana\\Admin.php",19,{"type":141,"name":146,"callback":146,"file":143,"line":147},"admin_init",20,{"type":141,"name":149,"callback":149,"file":143,"line":73},"admin_enqueue_scripts",{"type":151,"name":152,"callback":153,"priority":154,"file":143,"line":155},"filter","plugin_action_links","plugin_page_link",10,23,{"type":151,"name":157,"callback":157,"priority":154,"file":143,"line":158},"plugin_row_meta",24,{"type":141,"name":160,"callback":161,"file":143,"line":162},"admin_notices","closure",49,{"type":151,"name":164,"callback":165,"file":166,"line":167},"mce_external_plugins","register_plugins","src\\Hametuha\\Yomigana\\Bootstrap.php",22,{"type":151,"name":169,"callback":170,"priority":171,"file":166,"line":172},"tiny_mce_before_init","mce_init",1000,28,{"type":141,"name":174,"callback":175,"file":166,"line":176},"wp_enqueue_editor","mce_helper",30,{"type":151,"name":178,"callback":179,"priority":154,"file":166,"line":180},"wp_kses_allowed_html","kses_allowed_html",32,{"type":141,"name":182,"callback":183,"priority":154,"file":184,"line":167},"init","register_script","src\\Hametuha\\Yomigana\\Gutenberg.php",{"type":141,"name":182,"callback":186,"priority":187,"file":184,"line":155},"register_block",11,{"type":141,"name":189,"callback":190,"file":184,"line":158},"enqueue_block_editor_assets","block_editor_assets",{"type":141,"name":160,"callback":192,"file":193,"line":180},"yomigana_notice","wp-yomigana.php",{"type":141,"name":195,"callback":196,"file":193,"line":197},"plugins_loaded","yomigana_init",38,[],[],[],[],{"dangerousFunctions":203,"sqlUsage":204,"outputEscaping":206,"fileOperations":28,"externalRequests":28,"nonceChecks":220,"capabilityChecks":28,"bundledLibraries":221},[],{"prepared":28,"raw":28,"locations":205},[],{"escaped":154,"rawEcho":207,"locations":208},5,[209,212,214,216,218],{"file":210,"line":144,"context":211},"templates\\setting.php","raw output",{"file":210,"line":213,"context":211},26,{"file":210,"line":215,"context":211},35,{"file":210,"line":217,"context":211},36,{"file":210,"line":219,"context":211},66,1,[],[],{"summary":224,"deductions":225},"The \"wp-yomigana\" v2.1.0 plugin exhibits a generally strong security posture based on the provided static analysis. The complete absence of dangerous functions, file operations, and external HTTP requests is commendable.  Furthermore, the strict adherence to prepared statements for all SQL queries and the presence of at least one nonce check indicate good development practices for handling user input and preventing common web vulnerabilities.  The zero-known CVEs and lack of recorded vulnerabilities further bolster this positive assessment, suggesting a well-maintained and secure codebase over its history.\n\nHowever, a significant concern arises from the 33% of output escaping that is not properly handled. While the overall attack surface appears minimal with no identified AJAX handlers, REST API routes, shortcodes, or cron events exposed without authentication, the unescaped output presents a potential risk. If any of these limited entry points do exist (even if not detected by this analysis) or if there are other ways data can be outputted without proper sanitization, it could lead to Cross-Site Scripting (XSS) vulnerabilities. The absence of capability checks is also a minor concern, as it implies that if any functionality were to be exposed, it might not have proper authorization checks in place.\n\nIn conclusion, \"wp-yomigana\" v2.1.0 is likely a secure plugin, with its core functionality protected by good coding practices like prepared statements and nonce checks. The lack of historical vulnerabilities is a strong indicator of its safety. The primary area for improvement lies in ensuring all output is consistently and properly escaped to mitigate potential XSS risks, which, while not explicitly demonstrated as a flow in the taint analysis, remains a theoretical weakness.",[226,229],{"reason":227,"points":228},"Unescaped output detected",6,{"reason":230,"points":14},"Missing capability checks","2026-03-16T18:29:26.342Z",{"wat":233,"direct":244},{"assetPaths":234,"generatorPatterns":239,"scriptPaths":240,"versionParams":241},[235,236,237,238],"\u002Fwp-content\u002Fplugins\u002Fwp-yomigana\u002Fassets\u002Fcss\u002Fruby-admin.css","\u002Fwp-content\u002Fplugins\u002Fwp-yomigana\u002Fassets\u002Fcss\u002Fjquery-ui.css","\u002Fwp-content\u002Fplugins\u002Fwp-yomigana\u002Fassets\u002Fjs\u002Fdist\u002Feditor_plugin.js","\u002Fwp-content\u002Fplugins\u002Fwp-yomigana\u002Fassets\u002Fjs\u002Fdist\u002Feditor-helper.js",[],[237,238],[242,243],"wp-yomigana-admin","wp-yomigana-editor-helper",{"cssClasses":245,"htmlComments":246,"htmlAttributes":247,"restEndpoints":249,"jsGlobals":250,"shortcodeOutput":252},[],[],[248],"data-wp-yomigana-id",[],[251],"WpYomigana",[]]