[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzJgQ71zB7viqv9q3jsOjqm-UdXrpCA2ghS4dfg18ifw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":18,"download_link":19,"security_score":20,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":34,"analysis":35,"fingerprints":70},"wysiwyg","WYSIWYG Editing","1.0","Matt Mullenweg","https:\u002F\u002Fprofiles.wordpress.org\u002Fmatt\u002F","\u003Cp>This plugin activates WYSIWYG (what you see is what you get) editing for different fields in WordPress. It is based on the \u003Ca href=\"http:\u002F\u002Fwww.themaninblue.com\u002Fexperiment\u002FwidgEditor\u002F\" rel=\"nofollow ugc\">widgEditor\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin activates WYSIWYG (what you see is what you get) editing for different fields in WordPress. It is based on the \u003Ca href=\"http:\u002F\u002Fwww.themaninblue.com\u002Fexperiment\u002FwidgEditor\u002F\">widgEditor\u003C\u002Fa>.",80,23127,20,1,"2005-03-24T22:54:00.000Z","",[],"http:\u002F\u002Fwordpress.org\u002F#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwysiwyg.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":27,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"matt","Automattic",393,20842790,91,1192,73,"2026-04-04T15:35:33.669Z",[],{"attackSurface":36,"codeSignals":53,"taintFlows":60,"riskAssessment":61,"analyzedAt":69},{"hooks":37,"ajaxHandlers":49,"restRoutes":50,"shortcodes":51,"cronEvents":52,"entryPointCount":21,"unprotectedCount":21},[38,44],{"type":39,"name":40,"callback":41,"file":42,"line":43},"filter","content_save_pre","wysi_clean","wysiwyg.php",1952,{"type":45,"name":46,"callback":47,"file":42,"line":48},"action","admin_head","wysi_head",1954,[],[],[],[],{"dangerousFunctions":54,"sqlUsage":55,"outputEscaping":57,"fileOperations":21,"externalRequests":21,"nonceChecks":21,"capabilityChecks":21,"bundledLibraries":59},[],{"prepared":21,"raw":21,"locations":56},[],{"escaped":21,"rawEcho":21,"locations":58},[],[],[],{"summary":62,"deductions":63},"The static analysis of the \"wysiwyg\" v1.0 plugin reveals an extremely limited attack surface. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, meaning there are no apparent direct entry points for external interaction. Furthermore, the code signals indicate a strong adherence to secure coding practices, with no dangerous functions, no SQL queries (and therefore no unescaped SQL), and all output is properly escaped. The absence of file operations and external HTTP requests further reduces potential risks.\n\nThe taint analysis also shows no flows, which, in conjunction with the lack of entry points and the absence of vulnerabilities in its history, suggests that this plugin, in its current state, has not exposed any exploitable code paths. The vulnerability history is completely clean, with no recorded CVEs of any severity. This suggests either a lack of historical scrutiny or a genuinely well-developed and secure plugin.\n\nHowever, the lack of any security checks like nonce or capability checks, while not directly exploitable due to the absence of entry points, does represent a potential weakness. If future versions introduce any entry points without implementing these checks, it could lead to vulnerabilities. The overall security posture is excellent in terms of current code and history, but the complete absence of standard security controls for potential future expansion is a minor concern.",[64,67],{"reason":65,"points":66},"Missing nonce checks",5,{"reason":68,"points":66},"Missing capability checks","2026-03-16T21:25:41.492Z",{"wat":71,"direct":90},{"assetPaths":72,"generatorPatterns":83,"scriptPaths":84,"versionParams":86},[73,74,75,76,77,78,79,80,81,82],"\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_shadow.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_bold.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_html.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_image.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_italic.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_link.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_ordered.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_unordered.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_button_empty.gif","\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg-images\u002Fwidgeditor_toolbar_bg.gif",[],[85],"\u002Fwp-content\u002Fplugins\u002Fwysiwyg\u002Fwysiwyg.php?file=widgEditor.js",[87,88,89],"wysiwyg\u002Fwysiwyg.php?file=widgContent.css?ver=","wysiwyg\u002Fwysiwyg.php?file=widgEditor.css?ver=","wysiwyg\u002Fwysiwyg.php?file=widgEditor.js?ver=",{"cssClasses":91,"htmlComments":118,"htmlAttributes":190,"restEndpoints":202,"jsGlobals":203,"shortcodeOutput":207},[92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,96,117],"widgContainer","widgToolbar","widgEditButton","widgEditSelect","widgIframe","widgEditor","widgToolbar a","widgToolbar a:hover","widgToolbar a:active","widgToolbar li.on a","widgToolbar li.on a:hover","widgToolbar li.widgEditButton","widgButtonBold","widgButtonHTML","widgButtonImage","widgButtonItalic","widgButtonLink","widgButtonOrdered","widgButtonUnordered","widgSource a","widgSource li.on a","widgSource li.on a:hover","widgSource .widgButtonHTML","widgSource .widgButtonHTML:hover","widgToolbar li","widgContainer textarea.widgEditor",[119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,135,135,135,136,137,138,135,139,140,141,142,143,144,145,146,147,143,148,149,150,143,143,143,143,151,137,135,152,153,154,135,135,135,135,155,137,135,156,135,157,135,158,159,160,161,162,163,164,165,166,167,168,169,170,135,171,172,173,174,175,176,135,177,135,178,135,179,135,180,135,181,135,182,135,183,184,185,186,187,188,189],"\u002F* HTML TAGS *\u002F","\u002F* OBJECTS *\u002F","\u002F* CLASSES *\u002F","\u002F******************************************************************************\n** STRUCTURE OF DYNAMICALLY CREATED ELEMENTS\n*******************************************************************************\n**\n** \u003Cdiv id=\"ORIGINAL_IDWidgContainer\" class=\"widgContainer\">\n**     \u003Cul id=\"ORIGINAL_IDWidgToolbar\" class=\"widgToolbar\">\n**         \u003Cli id=\"BUTTON_ID\" class=\"widgEditButton\">\n**             \u003Ca>\u003C\u002Fa>\n**         \u003C\u002Fli>\n**         \u003Cli class=\"widgEditSelect\">\n**             \u003Cselect>\n**             \u003C\u002Fselect>\n**         \u003C\u002Fli>\n**     \u003C\u002Ful>\n**     \u003Ciframe id=\"ORIGINAL_IDWidgIframe\" class=\"widgIframe\">\n**     \u003C\u002Fiframe>\n**     \u003Ctextarea id=\"ORIGINAL_IDWidgTextarea\" class=\"widgEditor\">\n**     \u003C\u002Ftextarea>\n** \u003C\u002Fdiv>\n*\u002F","\u002F* TOOLBAR BUTTONS *\u002F","\u002F* TOOLBAR *\u002F","\u002F* EDITING AREA *\u002F","\u002F* EDITOR CONTAINER *\u002F","\u002F******************************************************************************\n**    CONFIGURATION VARIABLES\n******************************************************************************\u002F","\u002F* Location of stylesheet file for editor content *\u002F","\u002F* Items to appear in toolbar. *\u002F","\u002F* Options on block format select element. Consists of string pairs (option value, option label) *\u002F","**    File: widgEdit.js","**    Created by: Cameron Adams (http:\u002F\u002Fwww.themaninblue.com\u002F)","**    Created on: 2005-01-16","**    Last modified: 2005-03-09","**","**    License Information:","**    -------------------------------------------------------------------------","**    Copyright (C) 2005 Cameron Adams","**    This program is free software; you can redistribute it and\u002For modify it","**    under the terms of the GNU General Public License as published by the","**    Free Software Foundation; either version 2 of the License, or (at your","**    option) any later version.","**    ","**    This program is distributed in the hope that it will be useful, but","**    WITHOUT ANY WARRANTY; without even the implied warranty of","**    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU","**    General Public License for more details.","**    You should have received a copy of the GNU General Public License along","**    with this program; if not, write to the Free Software Foundation, Inc.,","**    59 Temple Place, Suite 330, Boston, MA 02111-1307 USA","**    Purpose:","**    Replaces all textareas (class=\"widgEditor\") in a HTML document with","**    enhanced editing windows to allow basic HTML formatting in a WYSIWYG","**    manner.","**    Function list:","**    run()","**    widgInit()","**    widgEditor(replacedTextareaID)","**    widtEditor.cleanPaste()","**    widgEditor.cleanSource()","**    widgEditor.convertSPANs(theSwitch)","**    widgEditor.detectPaste(e)","**    widgEditor.initEdit()","**    widgEditor.insertNewParagraph()","**    widgEditor.modifyFormSubmit()","**    widgEditor.paragraphise()","**    widgEditor.refreshDisplay()","**    widgEditor.switchMode()","**    widgEditor.updateWidgInput()","**    widgEditor.writeDocument()","**    widgToolbar()","**    widgToolbar.addButton(theID, theClass, theLabel, theAction)","**    widgToolbar.addSelect(theID, theClass, theContentArray, theAction)","**    widgToolbar.disable()","**    widgToolbar.enable()","**    widgToolbar.setState(theState, theStatus)","**    widgToolbarAction()","**    widgToolbarCheckState(theWidgEditor, resubmit)","**    widgToolbarMouseover()","**    acceptableChildren(theNode)","**    changeNodeType(theNode, nodeType)","**    replaceNodeWithChildren()","**    String.addClass(theClass)","**    String.classExists(theClass)","**    String.isAcceptedElementName()","**    String.isInlineName()","**    String.removeClass(theClass)","**    String.reverse()","**    String.validTags()",[191,192,193,194,195,196,197,198,199,200,201],"id=\"ORIGINAL_IDWidgContainer\"","class=\"widgContainer\"","id=\"ORIGINAL_IDWidgToolbar\"","class=\"widgToolbar\"","id=\"BUTTON_ID\"","class=\"widgEditButton\"","class=\"widgEditSelect\"","id=\"ORIGINAL_IDWidgIframe\"","class=\"widgIframe\"","id=\"ORIGINAL_IDWidgTextarea\"","class=\"widgEditor\"",[],[204,205,206],"widgStylesheet","widgToolbarItems","widgSelectBlockOptions",[]]