[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fF97VC65EnNnerSMbtohqrL3sxdaGLP4uxrt_r5wC1IY":3,"$f-WSjpma4bl8YlvEAcAPxf6Ke95z3JpNEMiCp4PacPwg":861,"$fCTKQ-yfWk0qFHxZAVJGsnrORX7iVg0BKD2HgQBRTjgE":864},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":106,"crawl_stats":39,"alternatives":114,"analysis":207,"fingerprints":776},"yellow-pencil-visual-theme-customizer","Visual CSS Style Editor","7.6.7","YellowPencil","https:\u002F\u002Fprofiles.wordpress.org\u002Fwaspthemes\u002F","\u003Cp>\u003Cstrong>Style your WordPress site visually.\u003C\u002Fstrong> Discover the most popular front-end design plugin! \u003Ca href=\"http:\u002F\u002Fyellowpencil.waspthemes.com\u002F?utm_source=wp-repo&utm_medium=link&utm_campaign=readme\" rel=\"nofollow ugc\">Try live demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FTDOgAf6R1Ik?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Visual CSS Editor\u003C\u002Fh3>\n\u003Cp>The plugin allows you to \u003Cstrong>customize any page and theme without coding\u003C\u002Fstrong>. Click on an element and start visual editing. Adjust \u003Cstrong>colors\u003C\u002Fstrong>, \u003Cstrong>fonts\u003C\u002Fstrong>, \u003Cstrong>sizes\u003C\u002Fstrong>, \u003Cstrong>positions\u003C\u002Fstrong> and a lot more. Take full control over your website’s design with more than 60 style properties.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Customize any page, any element\u003C\u002Fli>\n\u003Cli>Customize WordPress login page\u003C\u002Fli>\n\u003Cli>Automatic CSS selectors\u003C\u002Fli>\n\u003Cli>60+ CSS properties\u003C\u002Fli>\n\u003Cli>Visual Drag & Drop\u003C\u002Fli>\n\u003Cli>Visual Margin & Padding editing\u003C\u002Fli>\n\u003Cli>Live CSS editor\u003C\u002Fli>\n\u003Cli>Live preview\u003C\u002Fli>\n\u003Cli>Manage the changes\u003C\u002Fli>\n\u003Cli>Undo \u002F Redo history\u003C\u002Fli>\n\u003Cli>Export stylesheet file\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Design Tools\u003C\u002Fh3>\n\u003Cp>The plugin provides you advanced tools and ready-to-use libraries for styling your website effortlessly.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Flexible element inspector\u003C\u002Fli>\n\u003Cli>Single element inspector\u003C\u002Fli>\n\u003Cli>Responsive tool\u003C\u002Fli>\n\u003Cli>Element search tool\u003C\u002Fli>\n\u003Cli>Measuring tool\u003C\u002Fli>\n\u003Cli>Wireframe view\u003C\u002Fli>\n\u003Cli>Design information tool\u003C\u002Fli>\n\u003Cli>Gradient generator \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Animation manager \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Animation generator \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Design Assets\u003C\u002Fh3>\n\u003Cp>Reach many design assets with one click. Customize your website’s design to fit your needs!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>900+ Google fonts \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>300+ Background patterns \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Unsplash background stock images \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Material and flat color palettes \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>50+ Animations \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CSS Properties: Text\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Font Family \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Font Weight\u003C\u002Fli>\n\u003Cli>Color \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Text Shadow\u003C\u002Fli>\n\u003Cli>Font Size\u003C\u002Fli>\n\u003Cli>Line Height\u003C\u002Fli>\n\u003Cli>Font Style\u003C\u002Fli>\n\u003Cli>Text Align\u003C\u002Fli>\n\u003Cli>Text Transform\u003C\u002Fli>\n\u003Cli>Letter Spacing\u003C\u002Fli>\n\u003Cli>Word Spacing\u003C\u002Fli>\n\u003Cli>Text Decoration\u003C\u002Fli>\n\u003Cli>Text Indent\u003C\u002Fli>\n\u003Cli>Word Wrap\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CSS Properties: Background\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Background Color \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Background Image \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Background Clip\u003C\u002Fli>\n\u003Cli>Background Blend Mode\u003C\u002Fli>\n\u003Cli>Background Position\u003C\u002Fli>\n\u003Cli>Background Size\u003C\u002Fli>\n\u003Cli>Background Repeat\u003C\u002Fli>\n\u003Cli>Background Attachment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Other CSS Properties\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Margin\u003C\u002Fli>\n\u003Cli>Padding\u003C\u002Fli>\n\u003Cli>Border\u003C\u002Fli>\n\u003Cli>Border Radius\u003C\u002Fli>\n\u003Cli>Position\u003C\u002Fli>\n\u003Cli>Width \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Height \u003Cem>(pro version)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Lists\u003C\u002Fli>\n\u003Cli>Flexbox\u003C\u002Fli>\n\u003Cli>Animation\u003C\u002Fli>\n\u003Cli>Box Shadow\u003C\u002Fli>\n\u003Cli>Transition\u003C\u002Fli>\n\u003Cli>Filter\u003C\u002Fli>\n\u003Cli>Transform\u003C\u002Fli>\n\u003Cli>Opacity\u003C\u002Fli>\n\u003Cli>Display\u003C\u002Fli>\n\u003Cli>Cursor\u003C\u002Fli>\n\u003Cli>Float\u003C\u002Fli>\n\u003Cli>Clear\u003C\u002Fli>\n\u003Cli>Visibility\u003C\u002Fli>\n\u003Cli>Pointer Events\u003C\u002Fli>\n\u003Cli>Overflow\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatible with any theme & plugin\u003C\u002Fh3>\n\u003Cp>This works seamlessly with almost any WordPress theme and plugin. You can use it for editing the pages that you created with the page builders.\u003C\u002Fp>\n\u003Ch3>Compatible with All Page Builders\u003C\u002Fh3>\n\u003Cp>The plugin allows you to customize the pages created with Gutenberg block editor, Elementor, or another page builder. Re-design your website today.\u003C\u002Fp>\n\u003Ch3>How does this work?\u003C\u002Fh3>\n\u003Cp>The plugin generates CSS codes like a professional web developer in the background while you are editing the web page visually.\u003C\u002Fp>\n\u003Cp>The plugin doesn’t modify any theme file, instead of it loads the generated CSS codes to the website in a dynamic way so that you can manage the changes anytime.\u003C\u002Fp>\n\u003Ch3>Premium features\u003C\u002Fh3>\n\u003Cp>The following properties are available only in paid version;\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Font Families (Google fonts)\u003C\u002Fli>\n\u003Cli>Font Color\u003C\u002Fli>\n\u003Cli>Background Color\u003C\u002Fli>\n\u003Cli>Background Image\u003C\u002Fli>\n\u003Cli>Width & Height\u003C\u002Fli>\n\u003Cli>Animations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwaspthemes.com\u002Fyellow-pencil\u002Fbuy\u002F\" rel=\"nofollow ugc\">Purchase pro version\u003C\u002Fa> now to unlock all features.\u003C\u002Fp>\n\u003Ch3>Documentation and Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>For documentation and tutorials go to our \u003Ca href=\"https:\u002F\u002Fyellowpencil.waspthemes.com\u002Fdocumentation\u002F?utm_source=wp-repo&utm_medium=link&utm_campaign=readme\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>We provide very limited support on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fyellow-pencil-visual-theme-customizer\u002F\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>. Please feel free to post questions or bug reports, but for timely support, we recommend purchasing a YellowPencil Pro license.\u003C\u002Fli>\n\u003Cli>For more information, check out our website at \u003Ca href=\"https:\u002F\u002Fyellowpencil.waspthemes.com\u002F?utm_source=wp-repo&utm_medium=link&utm_campaign=readme\" rel=\"nofollow ugc\">YellowPencil Visual CSS Style Editor\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Community\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FYellowPencils\u002F\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Rate us on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fyellow-pencil-visual-theme-customizer\u002Freviews\u002F#new-post\" rel=\"ugc\">WordPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Style your WordPress site visually. Discover the most popular front-end design plugin! Try live demo.",40000,1493805,82,90,"2025-12-06T22:09:00.000Z","6.9.4","4.0","",[20,21,22,23,24],"css","css-editor","customize","design","visual-css","https:\u002F\u002Fyellowpencil.waspthemes.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyellow-pencil-visual-theme-customizer.zip",94,5,0,"2024-09-30 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34,52,65,78,90],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":41,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":30,"updated_date":46,"references":47,"days_to_patch":49,"patch_diff_files":50,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-47348","yellowpencil-visual-css-style-editor-reflected-cross-site-scripting","YellowPencil Visual CSS Style Editor \u003C= 7.6.4 - Reflected Cross-Site Scripting","The YellowPencil Visual CSS Style Editor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 7.6.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=7.6.4","7.6.5","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-10-10 13:42:38",[48],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0f325945-8394-4ff5-8868-2b1c464cd91f?source=api-prod",11,[],false,{"id":53,"url_slug":54,"title":55,"description":56,"plugin_slug":4,"theme_slug":39,"affected_versions":57,"patched_in_version":58,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63,"patch_diff_files":64,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-43963","yellowpencil-visual-css-style-editor-reflected-cross-site-scripting-2","YellowPencil Visual CSS Style Editor \u003C= 7.6.1 - Reflected Cross-Site Scripting","The Visual CSS Style Editor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 7.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=7.6.1","7.6.4","2024-08-26 00:00:00","2024-09-04 20:22:05",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6714ccff-ab6f-4222-96eb-7f442e94f225?source=api-prod",10,[],{"id":66,"url_slug":67,"title":68,"description":69,"plugin_slug":4,"theme_slug":39,"affected_versions":70,"patched_in_version":71,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":72,"updated_date":73,"references":74,"days_to_patch":76,"patch_diff_files":77,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2022-33961","yellowpencil-visual-css-style-editor-reflected-cross-site-scripting-livelink","YellowPencil Visual CSS Style Editor \u003C= 7.5.8 - Reflected Cross-Site Scripting liveLink","The YellowPencil Visual CSS Style Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the liveLink parameter in versions up to, and including, 7.5.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=7.5.8","7.5.9","2023-04-18 00:00:00","2024-01-22 19:56:02",[75],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F967ff273-33f3-4580-928a-7764583429aa?source=api-prod",280,[],{"id":79,"url_slug":80,"title":81,"description":82,"plugin_slug":4,"theme_slug":39,"affected_versions":83,"patched_in_version":84,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":85,"updated_date":73,"references":86,"days_to_patch":88,"patch_diff_files":89,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2021-24934","visual-css-style-editor-reflected-cross-site-scripting-via-wyppagetype-parameter","Visual CSS Style Editor \u003C= 7.5.3 - Reflected Cross-Site Scripting via wyp_page_type parameter","The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyp_page_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue","\u003C=7.5.3","7.5.4","2022-01-03 00:00:00",[87],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2608f894-88ed-4f34-a382-8eab7eaab2e7?source=api-prod",750,[],{"id":91,"url_slug":92,"title":93,"description":94,"plugin_slug":4,"theme_slug":39,"affected_versions":95,"patched_in_version":96,"severity":97,"cvss_score":98,"cvss_vector":99,"vuln_type":100,"published_date":101,"updated_date":73,"references":102,"days_to_patch":104,"patch_diff_files":105,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2019-11886","visual-css-style-editor-unauthenticated-arbitrary-options-update","Visual CSS Style Editor \u003C= 7.2.0 - Unauthenticated Arbitrary Options Update","The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update by unauthenticated users and lacks CSRF protection, as demonstrated by use of yp_remote_get to obtain admin access.","\u003C7.2.1","7.2.1","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Missing Authorization","2019-04-11 00:00:00",[103],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb4b3b4a4-9a56-49b8-b3d3-7e50954b4487?source=api-prod",1748,[],{"slug":107,"display_name":7,"profile_url":8,"plugin_count":108,"total_installs":109,"avg_security_score":110,"avg_patch_time_days":111,"trust_score":112,"computed_at":113},"waspthemes",3,48000,95,746,76,"2026-05-20T04:13:13.195Z",[115,137,157,169,187],{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":16,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":134,"download_link":135,"security_score":136,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"so-css","SiteOrigin CSS","1.6.5","Greg - SiteOrigin","https:\u002F\u002Fprofiles.wordpress.org\u002Fgpriday\u002F","\u003Cp>SiteOrigin CSS is the intuitive and powerful CSS editor designed to empower your WordPress site customization. Enjoy a seamless editing experience with real-time visual controls, making it easy to tweak your site’s look and feel instantly. Whether you’re a beginner or an advanced developer, SiteOrigin CSS has you covered.\u003C\u002Fp>\n\u003Cp>For beginners, our user-friendly visual controls and live previews eliminate the guesswork from CSS editing. See your changes as you make them, ensuring your site looks exactly as you envision. For advanced users, we offer robust code autocompletion, speeding up your workflow and making CSS writing faster and more efficient than ever before. Take full control of your site’s design with SiteOrigin CSS and bring your creative vision to life.\u003C\u002Fp>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F129660380\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch4>Inspector\u003C\u002Fh4>\n\u003Cp>The hardest part of editing your site’s design using CSS is usually finding the correct selector to use. The powerful inspector that comes with SiteOrigin CSS makes this easy. While viewing a full preview of your site, just click on an element, and it’ll help you identify the best selector to use to target that element.\u003C\u002Fp>\n\u003Cp>The inspector will help you even if you have no idea what a CSS selector is.\u003C\u002Fp>\n\u003Ch4>Visual Editor\u003C\u002Fh4>\n\u003Cp>Don’t like playing around with code? No problem. SiteOrigin CSS has a set of simple controls that make it easy to choose colors, styles, and measurements. Combined with the inspector, you’ll be able to make changes in just a few clicks.\u003C\u002Fp>\n\u003Ch4>CSS Editor\u003C\u002Fh4>\n\u003Cp>SiteOrigin CSS has a powerful CSS editor, the likes of which you’d usually only expect from high-end IDEs. It has autocompletion for both CSS selectors and attributes. It also features very useful CSS linting to help you identify issues in your code before you publish your changes.\u003C\u002Fp>\n\u003Ch4>It’s Free\u003C\u002Fh4>\n\u003Cp>We’re committed to keeping SiteOrigin CSS free. You can install it on as many sites as you like without ever worrying about licensing. All future updates and upgrades will be free, and we even offer free support over on our friendly support forums.\u003C\u002Fp>\n\u003Ch4>Works With Any Theme\u003C\u002Fh4>\n\u003Cp>There’s an ever-growing collection of awesome WordPress themes, and now with SiteOrigin CSS, you can edit every single one of them to your heart’s content. No matter what theme you’re using, SiteOrigin CSS will work perfectly.\u003C\u002Fp>\n\u003Ch4>Actively Developed\u003C\u002Fh4>\n\u003Cp>We’re actively developing SiteOrigin CSS. Keep track of what’s happening over on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsiteorigin\u002Fso-css\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsiteorigin.com\u002Fcss\u002Fgetting-started\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> is available on SiteOrigin.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Free support is available on the \u003Ca href=\"https:\u002F\u002Fsiteorigin.com\u002Fthread\u002F\" rel=\"nofollow ugc\">SiteOrigin support forums\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>SiteOrigin Premium\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsiteorigin.com\u002Fdownloads\u002Fpremium\u002F\" rel=\"nofollow ugc\">SiteOrigin Premium\u003C\u002Fa> enhances SiteOrigin CSS with a Google Web Font Selector. Choose from hundreds of beautiful web fonts right in the visual editor.\u003C\u002Fp>\n\u003Cp>SiteOrigin Premium includes access to our professional email support service, perfect for those times when you need fast and effective technical support. We’re standing by to assist you in any way we can.\u003C\u002Fp>\n","Powerful, simple CSS editing for WordPress. Visual controls & real-time previews for effortless site customization.",100000,5900208,98,152,"2025-12-06T20:31:00.000Z","3.9","7.0.0",[21,131,132,24,133],"live-editing","theme-editor","website-styling","https:\u002F\u002Fsiteorigin.com\u002Fcss\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fso-css.1.6.5.zip",100,{"slug":138,"name":139,"version":140,"author":141,"author_profile":142,"description":143,"short_description":144,"active_installs":145,"downloaded":146,"rating":136,"num_ratings":147,"last_updated":148,"tested_up_to":149,"requires_at_least":17,"requires_php":18,"tags":150,"homepage":154,"download_link":155,"security_score":156,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"modular-custom-css","Modular Custom CSS","2.1","Nick Halsey","https:\u002F\u002Fprofiles.wordpress.org\u002Fcelloexpressions\u002F","\u003Cp>WordPress core provides custom CSS functionality in the customizer that’s specific to the current theme; you can switch themes freely with each theme’s additional CSS remaining in place. Sometimes, you need some CSS to apply regardless of the current theme persistently. This plugin adds a plugin CSS option for CSS that’s global and persists across theme changes.\u003C\u002Fp>\n\u003Cp>With the Customizer, your CSS is instantly live-previewed, offering the ability to see exactly how your site will look before you publish your changes. The plugin CSS option is stored as an \u003Ccode>option\u003C\u002Fcode>. Prior to WordPress 4.7 (which introduced additional CSS in core), theme-specific CSS was stored as a \u003Ccode>theme_mod\u003C\u002Fcode>, in 4.7 and newer this is migrated to the core CSS functionality (which is theme-specific).\u003C\u002Fp>\n","WordPress core provides custom CSS functionality in the customizer that's specific to the current theme; you can switch themes freely with each t …",400,18269,6,"2024-07-13T01:42:00.000Z","6.6.5",[20,151,152,153],"custom-css","custom-design","customizer","http:\u002F\u002Fcelloexpressions.com\u002Fplugins\u002Fmodular-custom-css","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmodular-custom-css.2.1.zip",92,{"slug":158,"name":159,"version":160,"author":141,"author_profile":142,"description":161,"short_description":144,"active_installs":136,"downloaded":162,"rating":136,"num_ratings":163,"last_updated":164,"tested_up_to":149,"requires_at_least":165,"requires_php":18,"tags":166,"homepage":167,"download_link":168,"security_score":156,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"multisite-custom-css","Multisite Custom CSS","1.0","\u003Cp>WordPress core provides custom CSS functionality in the customizer that’s specific to the current theme; you can switch themes freely with each theme’s additional CSS remaining in place. This is particularly useful on multisite networks, where it’s often impractical to use child themes to save customizations for each site. Unfortunately, custom CSS is not visible to site admins on multisite networks by default because they are not trusted with unfiltered CSS.\u003C\u002Fp>\n\u003Cp>This plugin gives site admins access to the core custom CSS feature by mapping the \u003Ccode>edit_css\u003C\u002Fcode> capability to \u003Ccode>edit_theme_options\u003C\u002Fcode>, thereby trusting site admins with unfiltered CSS.\u003C\u002Fp>\n",13628,8,"2024-07-13T01:45:00.000Z","4.7",[20,151,152,153],"http:\u002F\u002Fcelloexpressions.com\u002Fplugins\u002Fmultisite-custom-css","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-custom-css.zip",{"slug":170,"name":171,"version":172,"author":173,"author_profile":174,"description":175,"short_description":176,"active_installs":63,"downloaded":177,"rating":29,"num_ratings":29,"last_updated":18,"tested_up_to":178,"requires_at_least":179,"requires_php":180,"tags":181,"homepage":184,"download_link":185,"security_score":136,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":186},"glamour","Glamour – Visual CSS Styling Plugin","1.0.0","CantoThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcantothemes\u002F","\u003Cp>The most powerful and advance visual styling plugin. This plugin gives you to customize any page or post design without codding. Click on an element or add a custom selector to start customizing. Change an element color, line height, letter spacing, and more. instantly with live preview. \u003Ca href=\"http:\u002F\u002Fdemo.cantothemes.com\u002Fwp\u002Fglamour-pro\u002F?glamour=edit&glmrmode=single\" rel=\"nofollow ugc\">Try It Now\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Now, you will be able to change the design of your site without changing the theme. Glamour provides full control over the design of your site.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Design every element on Page\u002FPost\u003C\u002Fli>\n\u003Cli>Design header, footer, widgets or any content\u003C\u002Fli>\n\u003Cli>Auto and manual both selector available\u003C\u002Fli>\n\u003Cli>70+ CSS Properties (more coming)\u003C\u002Fli>\n\u003Cli>Visual drag and drop position (Pro)\u003C\u002Fli>\n\u003Cli>Visual resizeable  padding (Pro) and margin\u003C\u002Fli>\n\u003Cli>850+ Google fonts (Pro)\u003C\u002Fli>\n\u003Cli>Gradient Background (Pro)\u003C\u002Fli>\n\u003Cli>Live Preview\u003C\u002Fli>\n\u003Cli>Responsive design for the small laptop, tablet and mobile phone\u003C\u002Fli>\n\u003Cli>Style element state hover, active and focus\u003C\u002Fli>\n\u003Cli>Custom color presets (Pro)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CSS Properties\u003C\u002Fh3>\n\u003Cp>All CSS properties available in this plugin.\u003C\u002Fp>\n\u003Ch4>Typography\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Color\u003C\u002Fli>\n\u003Cli>Font Family (Pro)\u003C\u002Fli>\n\u003Cli>Font Weight (Pro)\u003C\u002Fli>\n\u003Cli>Font Size (Pro)\u003C\u002Fli>\n\u003Cli>Line Height\u003C\u002Fli>\n\u003Cli>Letter Spacing\u003C\u002Fli>\n\u003Cli>Word Spacing\u003C\u002Fli>\n\u003Cli>Font Style\u003C\u002Fli>\n\u003Cli>Text Align (Pro)\u003C\u002Fli>\n\u003Cli>Text Transform\u003C\u002Fli>\n\u003Cli>Text Decoration\u003C\u002Fli>\n\u003Cli>Text Indent\u003C\u002Fli>\n\u003Cli>Text Shadow (Pro)\u003C\u002Fli>\n\u003Cli>Vertical Align\u003C\u002Fli>\n\u003Cli>Text Overflow\u003C\u002Fli>\n\u003Cli>Word Wrap\u003C\u002Fli>\n\u003Cli>White Space\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Background\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Background Color (Pro)\u003C\u002Fli>\n\u003Cli>Background Image (Pro)\u003C\u002Fli>\n\u003Cli>Background Position\u003C\u002Fli>\n\u003Cli>Background Repeat\u003C\u002Fli>\n\u003Cli>Background Size\u003C\u002Fli>\n\u003Cli>Background Attachment\u003C\u002Fli>\n\u003Cli>Background Clip\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Layout\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Width\u003C\u002Fli>\n\u003Cli>Height\u003C\u002Fli>\n\u003Cli>Padding (Pro)\u003C\u002Fli>\n\u003Cli>Margin\u003C\u002Fli>\n\u003Cli>Maximum Width\u003C\u002Fli>\n\u003Cli>Maximum Height\u003C\u002Fli>\n\u003Cli>Minimum Width\u003C\u002Fli>\n\u003Cli>Minimum Height\u003C\u002Fli>\n\u003Cli>Box Sizing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Position\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Position\u003C\u002Fli>\n\u003Cli>Top\u003C\u002Fli>\n\u003Cli>Bottom\u003C\u002Fli>\n\u003Cli>Left\u003C\u002Fli>\n\u003Cli>Right\u003C\u002Fli>\n\u003Cli>zIndex\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Extra\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Opacity\u003C\u002Fli>\n\u003Cli>Display\u003C\u002Fli>\n\u003Cli>Float\u003C\u002Fli>\n\u003Cli>Clear\u003C\u002Fli>\n\u003Cli>Visibility\u003C\u002Fli>\n\u003Cli>Pointer Events\u003C\u002Fli>\n\u003Cli>Overflow\u003C\u002Fli>\n\u003Cli>Overflow X\u003C\u002Fli>\n\u003Cli>Overflow Y\u003C\u002Fli>\n\u003Cli>Cursor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Box Shadow (Pro)\u003C\u002Fh4>\n\u003Cp>Add one or more shadow to an element with our visual box shadow editor.\u003C\u002Fp>\n\u003Ch4>Transform  (Pro)\u003C\u002Fh4>\n\u003Cp>Scale, rotate and move an element with CSS transform visual editor.\u003C\u002Fp>\n\u003Ch4>Transition (Pro)\u003C\u002Fh4>\n\u003Cp>Add transition to an element for making a nice animation at state changes.\u003C\u002Fp>\n\u003Ch4>Filter (Pro)\u003C\u002Fh4>\n\u003Cp>Change visual effect to an element especially an image.\u003C\u002Fp>\n\u003Ch3>Free vs Pro\u003C\u002Fh3>\n\u003Cp>The free version has some limited features like the background, gradient background, google fonts, box shadow, transform, etc. To unlock these features you can \u003Ca href=\"https:\u002F\u002Fwww.cantothemes.com\u002Fitem\u002Fglamour-pro-visual-styling-wordpress-plugin\u002F\" rel=\"nofollow ugc\">purchase pro version\u003C\u002Fa>.\u003C\u002Fp>\n","The most powerful and advance visual styling plugin. This plugin gives you to customize any page or post design without codding.",1688,"4.9.29","4.5","5.6",[20,22,182,183,24],"editor","style","https:\u002F\u002Fwww.cantothemes.com\u002Fitem\u002Fglamour-pro-visual-styling-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fglamour.1.0.0.zip","2026-03-15T10:48:56.248Z",{"slug":188,"name":189,"version":190,"author":191,"author_profile":192,"description":193,"short_description":194,"active_installs":29,"downloaded":195,"rating":29,"num_ratings":29,"last_updated":196,"tested_up_to":16,"requires_at_least":197,"requires_php":198,"tags":199,"homepage":204,"download_link":205,"security_score":136,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":206},"appscreo-visual-css-customizer","Simple Custom Code – Custom CSS, JS, and HTML, Visual CSS Customizer","1.3","AppsCreo","https:\u002F\u002Fprofiles.wordpress.org\u002Fappscreo\u002F","\u003Cp>\u003Cstrong>Simple Custom Code – CSS, JS, and HTML\u003C\u002Fstrong> is a powerful yet easy-to-use plugin that lets you create, edit, and manage custom CSS, JavaScript, and HTML snippets — visually or through code. Instantly apply styles to any element using an intuitive Visual CSS Customizer, or write your own custom code snippets with full control. All code is stored as optimized, file-based snippets for better performance, caching, and portability — no database clutter, no complicated setup.\u003C\u002Fp>\n\u003Cp>Whether you prefer point-and-click design or hands-on coding, the plugin adapts to your workflow. Use the live visual editor to experiment with fonts, colors, and layouts in real time, or add precise styling and scripting through the built-in code editor with syntax highlighting and autocomplete. Both methods integrate seamlessly, so your visual changes are automatically translated into clean, optimized code.\u003C\u002Fp>\n\u003Cp>Designed for speed and flexibility, this plugin supports unlimited CSS, JS, and HTML snippets, advanced file-based management, AI-powered code generation, and a Gravity Forms visual CSS customizer. It’s perfect for customizing your WordPress site’s appearance, extending functionality, and keeping your changes safely organized — without touching theme files.\u003C\u002Fp>\n\u003Ch3>🎨 Live Visual CSS Customizer\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FwaO2WUFMMLk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Create beautiful, responsive designs directly from your site’s frontend using the built-in Visual CSS Editor. Perfect for both beginners and professionals, it combines visual controls with real CSS generation for complete flexibility.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>One-Click Activation:\u003C\u002Fstrong> Launch the CSS Customizer instantly from your site’s admin bar.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Point, Click, Style:\u003C\u002Fstrong> Select any element visually — no need to inspect HTML or write selectors manually.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Visual Controls:\u003C\u002Fstrong> Adjust fonts, colors, spacing, borders, transitions, and hover effects with instant live preview.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic CSS Code Generation:\u003C\u002Fstrong> Every visual change automatically produces clean, performance-optimized CSS.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe Testing Environment:\u003C\u002Fstrong> Preview your changes without affecting your live site until you hit “Save.”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 Gravity Forms Visual CSS Customizer\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FAOhsZmQdy48?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Style your Gravity Forms effortlessly with the dedicated Gravity Forms CSS live customizer. Accessible directly from the admin bar under \u003Cstrong>CSS Customize \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Gravity Forms\u003C\u002Fstrong>, it allows you to visually fine-tune form fields, labels, buttons, and layouts — all in real time, with zero code required. Perfect for matching your forms to your brand without writing a single line of CSS manually.\u003C\u002Fp>\n\u003Ch3>⚡ Unlimited CSS, JavaScript & HTML Snippets\u003C\u002Fh3>\n\u003Cp>Go beyond CSS. With version 1.3, you can now create and manage unlimited snippets for CSS, JavaScript, and HTML — all from a single, unified interface. Each snippet type is purpose-built for its use case, giving you the flexibility to style, script, and structure your site exactly the way you want.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Highlights:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unlimited Snippets:\u003C\u002Fstrong> Create as many snippets as you need for CSS, JS, or HTML — dedicated to different themes, layouts, components, or site sections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File-Based Storage:\u003C\u002Fstrong> All snippets are saved as external files in \u003Ccode>\u002Fwp-content\u002Fuploads\u002Fsimple-custom-code\u002F\u003C\u002Fcode> for better caching, performance, and portability — no database clutter.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular Control Per Snippet:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Activate or deactivate snippets anytime.\u003C\u002Fli>\n\u003Cli>Load externally or inline for speed optimization.\u003C\u002Fli>\n\u003Cli>Choose code position (\u003Ccode>\u003Chead>\u003C\u002Fcode>, before \u003Ccode>\u003C\u002Fbody>\u003C\u002Fcode>, or right after \u003Ccode>\u003Cbody>\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>Set priority levels to control load order.\u003C\u002Fli>\n\u003Cli>Rename snippet files for better organization.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📍 Flexible Loading Locations\u003C\u002Fh3>\n\u003Cp>One of the most powerful aspects of the plugin is where your code gets loaded. Unlike basic custom CSS plugins, Simple Custom Code – CSS, JS, and HTML gives you granular control over the context and location of each snippet:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Frontend:\u003C\u002Fstrong> Load CSS, JS, or HTML on the public-facing side of your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backend (wp-admin):\u003C\u002Fstrong> Inject code into the WordPress admin dashboard — useful for custom admin styles or admin-only scripts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Page:\u003C\u002Fstrong> Target the WordPress login screen specifically — great for branded login pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Editor:\u003C\u002Fstrong> Load code inside the Gutenberg block editor environment for editor-specific tweaks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This level of contextual control means you’re never loading unnecessary code where it doesn’t belong, keeping your site lean and fast.\u003C\u002Fp>\n\u003Ch3>✍️ Advanced Code Editor with Autocomplete & Syntax Highlighting\u003C\u002Fh3>\n\u003Cp>The built-in code editor is designed for professional developers and beginners alike. It’s not just a plain text area — it’s a smart, IDE-like editing experience inside your WordPress admin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Syntax Highlighting:\u003C\u002Fstrong> CSS, JavaScript, and HTML are visually color-coded for easy reading and editing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Autocomplete:\u003C\u002Fstrong> As you type, the editor suggests CSS properties, JavaScript functions, and WordPress hooks — dramatically speeding up your workflow and reducing typos.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Code Beautifier:\u003C\u002Fstrong> Automatically format and indent messy code with one click, turning unreadable code into clean, maintainable snippets.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Error Detection & Validation:\u003C\u002Fstrong> The editor flags syntax errors and potential issues in real time, before you save — so you can fix mistakes before they ever reach your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🤖 AI-Powered Code Generation\u003C\u002Fh3>\n\u003Cp>Not sure how to write the code you need? Simply describe what you want in plain English, and the AI assistant will generate ready-to-use CSS, JavaScript, or HTML for you. Whether it’s a sticky header, a custom button style, a scroll animation, or an admin tweak — just tell the AI what you need and it does the heavy lifting.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works with CSS, JavaScript, and HTML snippets.\u003C\u002Fli>\n\u003Cli>Uses your own OpenAI API key — you stay in control of your API usage and costs.\u003C\u002Fli>\n\u003Cli>Generated code is inserted directly into the editor, where you can review, adjust, and save it as a snippet.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This feature is especially powerful for site owners and designers who want to extend their site’s functionality without being full-time developers.\u003C\u002Fp>\n\u003Ch3>🔐 Smart Plugin Settings & Configuration\u003C\u002Fh3>\n\u003Cp>The Simple Custom Code – CSS, JS, and HTML plugin is built for flexibility and speed. Whether you manage a single website or multiple client projects, its settings give you total control over how and where your code snippets are loaded.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core Settings & Controls:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Role-Based Access Control:\u003C\u002Fstrong> Limit access to the code editor for specific WordPress roles (Administrator, Editor, etc.) — perfect for maintaining control in multi-user or agency environments.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cache-Busting File Versions:\u003C\u002Fstrong> Automatically append version numbers to ensure browsers always load the most recent changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance-Optimized Output:\u003C\u002Fstrong> Choose between inline or external file loading to balance speed and caching efficiency.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean, Intuitive Interface:\u003C\u002Fstrong> A lightweight admin panel that keeps configuration simple — no unnecessary options or clutter.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Control Options:\u003C\u002Fstrong> Adjust snippet loading priority, file naming, and execution location directly from your settings page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Upgrade to Pro – Developer-Grade Power\u003C\u002Fh3>\n\u003Cp>The free version is powerful, but the \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fsimplecustomcode.com\u002F\" rel=\"nofollow ugc\">Pro upgrade\u003C\u002Fa>\u003C\u002Fstrong> unlocks a suite of advanced performance, automation, and precision features built for developers, agencies, and power users who need complete control over their site’s code delivery.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pro Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Fine-Tuned Conditional Loading:\u003C\u002Fstrong> Target your snippets to load only on specific URLs, post types, pages, or user conditions — not site-wide. This means faster pages and cleaner code delivery exactly where it’s needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Defer JavaScript Loading:\u003C\u002Fstrong> Mark external JavaScript snippets to load with the \u003Ccode>defer\u003C\u002Fcode> attribute, preventing render-blocking scripts from slowing down your page load speed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Asynchronous CSS Loading:\u003C\u002Fstrong> Load CSS files asynchronously to prevent stylesheet render-blocking — a key technique for improving Core Web Vitals and Lighthouse scores.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SCSS & Less Compiler:\u003C\u002Fstrong> Write your styles using SCSS or Less syntax and let the plugin compile them automatically into valid CSS. No build tools or command-line setup required.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Code Minification:\u003C\u002Fstrong> Automatically minify your CSS and JavaScript snippets on save. Minified versions are stored separately so you always have access to the readable original.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cache Mode:\u003C\u002Fstrong> Combine all active snippets for a given page into a single cached file, dramatically reducing the number of HTTP requests and improving Time to First Byte (TTFB).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Source Code Output:\u003C\u002Fstrong> Remove snippet loading comments from your site’s HTML source code for a cleaner, more professional output.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fewer HTTP Requests:\u003C\u002Fstrong> Pro’s optimized snippet handling intelligently consolidates code delivery to minimize round-trips and maximize site speed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority Technical Support:\u003C\u002Fstrong> Get faster responses, dedicated assistance, and early access to new features and updates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pro is the ideal choice for performance-focused developers and agencies who need production-grade code management on WordPress. \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fsimplecustomcode.com\u002F\" rel=\"nofollow ugc\">Learn more and upgrade at simplecustomcode.com \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🎯 Perfect For:\u003C\u002Fh3>\n\u003Cp>This plugin is designed for anyone who wants to customize WordPress design and functionality quickly, safely, and without touching core files.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>💻 \u003Cstrong>Web Developers\u003C\u002Fstrong> — Maintain full control of your site’s styling and scripting without modifying theme files.\u003C\u002Fli>\n\u003Cli>🎨 \u003Cstrong>Designers\u003C\u002Fstrong> — Use the Visual CSS Customizer to fine-tune typography, colors, and layouts without touching code.\u003C\u002Fli>\n\u003Cli>⚙️ \u003Cstrong>Site Owners\u003C\u002Fstrong> — Make small design adjustments or add scripts instantly without hiring a developer.\u003C\u002Fli>\n\u003Cli>🧠 \u003Cstrong>Agencies & Freelancers\u003C\u002Fstrong> — Manage multiple client sites and store custom code snippets efficiently.\u003C\u002Fli>\n\u003Cli>🌱 \u003Cstrong>WordPress Beginners\u003C\u002Fstrong> — Learn CSS and JavaScript interactively using visual controls, AI assistance, and instant preview feedback.\u003C\u002Fli>\n\u003C\u002Ful>\n","Simple Custom Code lets you add unlimited CSS, JavaScript, and HTML snippets to WordPress with a live visual customizer, AI-powered generation, and ad …",283,"2026-02-26T21:45:00.000Z","5.0","7.0",[200,201,151,202,203],"ai-code-generator","custom-code-snippets","javascript-snippets","visual-css-customizer","https:\u002F\u002Fsimplecustomcode.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fappscreo-visual-css-customizer.1.3.zip","2026-04-06T09:54:40.288Z",{"attackSurface":208,"codeSignals":396,"taintFlows":550,"riskAssessment":758,"analyzedAt":775},{"hooks":209,"ajaxHandlers":363,"restRoutes":392,"shortcodes":393,"cronEvents":394,"entryPointCount":395,"unprotectedCount":29},[210,216,220,224,229,232,235,240,243,246,250,254,257,260,264,267,270,275,279,282,285,287,290,294,297,301,304,308,311,316,319,323,327,330,333,336,340,343,346,349,353,357,360],{"type":211,"name":212,"callback":213,"file":214,"line":215},"action","admin_notices","wyp_plugin_active_notice","admin\\settings.php",35,{"type":211,"name":217,"callback":218,"file":214,"line":219},"admin_init","welcome_screen_do_activation_redirect",69,{"type":211,"name":221,"callback":222,"file":214,"line":223},"admin_menu","wyp_add_setting_menu",216,{"type":225,"name":226,"callback":227,"file":214,"line":228},"filter","admin_footer_text","wyp_admin_footer",312,{"type":211,"name":217,"callback":230,"file":214,"line":231},"wyp_option_update",380,{"type":211,"name":217,"callback":233,"file":214,"line":234},"wyp_options_controller",442,{"type":211,"name":236,"callback":237,"file":238,"line":239},"init","wyp_check_demo_mode","yellow-pencil.php",168,{"type":211,"name":236,"callback":241,"file":238,"line":242},"wyp_new_custom_css_directory",584,{"type":211,"name":236,"callback":244,"file":238,"line":245},"wyp_database_update",683,{"type":211,"name":247,"callback":248,"file":238,"line":249},"admin_footer","wyp_adminj_javascript",856,{"type":211,"name":251,"callback":252,"file":238,"line":253},"admin_enqueue_scripts","wyp_enqueue_admin_pages",1002,{"type":211,"name":221,"callback":255,"file":238,"line":256},"wyp_menu",1022,{"type":211,"name":217,"callback":258,"file":238,"line":259},"wyp_admin_headr",1082,{"type":211,"name":261,"callback":262,"priority":63,"file":238,"line":263},"update_option_page_on_front","wyp_update_custom_css_callback",1109,{"type":211,"name":265,"callback":262,"priority":63,"file":238,"line":266},"update_option_page_for_posts",1110,{"type":211,"name":268,"callback":262,"priority":63,"file":238,"line":269},"update_option_show_on_front",1111,{"type":211,"name":271,"callback":272,"priority":273,"file":238,"line":274},"login_head","wyp_login_styles",999999999,1202,{"type":211,"name":276,"callback":277,"priority":273,"file":238,"line":278},"wp_head","wyp_get_css",1381,{"type":211,"name":276,"callback":280,"priority":273,"file":238,"line":281},"show_page_details",1434,{"type":211,"name":276,"callback":283,"priority":273,"file":238,"line":284},"wyp_get_live_preview",1517,{"type":211,"name":271,"callback":283,"priority":273,"file":238,"line":286},1518,{"type":211,"name":236,"callback":288,"priority":273,"file":238,"line":289},"wyp_out_mode",1519,{"type":211,"name":276,"callback":291,"priority":292,"file":238,"line":293},"wyp_head_meta",9997,1889,{"type":211,"name":236,"callback":288,"priority":295,"file":238,"line":296},9996,1890,{"type":225,"name":298,"callback":299,"file":238,"line":300},"body_class","wyp_public_body_classes",2702,{"type":211,"name":221,"callback":302,"file":238,"line":303},"wyp_customize_type_frame",2733,{"type":211,"name":305,"callback":306,"file":238,"line":307},"load-admin_page_yellow-pencil-customize-type","wyp_customize_type_content",2744,{"type":225,"name":298,"callback":309,"file":238,"line":310},"wyp_body_class",2779,{"type":211,"name":312,"callback":313,"priority":314,"file":238,"line":315},"admin_bar_menu","wyp_yellow_pencil_edit_admin_bar",999,2790,{"type":211,"name":276,"callback":317,"file":238,"line":318},"wyp_yellow_pencil_style",2793,{"type":211,"name":320,"callback":321,"file":238,"line":322},"wp_enqueue_scripts","wyp_load_fonts",2801,{"type":211,"name":324,"callback":325,"file":238,"line":326},"login_enqueue_scripts","wyp_load_fonts_for_admin",2802,{"type":211,"name":320,"callback":328,"file":238,"line":329},"wyp_load_fonts_for_live",2806,{"type":211,"name":324,"callback":331,"file":238,"line":332},"wyp_load_fonts_for_admin_live",2811,{"type":211,"name":236,"callback":334,"file":238,"line":335},"wyp_init",2816,{"type":211,"name":337,"callback":338,"file":238,"line":339},"admin_head","wyp_uploader_style",2848,{"type":211,"name":320,"callback":341,"priority":273,"file":238,"line":342},"wyp_register_styles",2941,{"type":211,"name":320,"callback":344,"file":238,"line":345},"wyp_register_scripts",2990,{"type":211,"name":221,"callback":347,"file":238,"line":348},"wyp_yellow_pencil_editor",3003,{"type":211,"name":350,"callback":351,"file":238,"line":352},"load-admin_page_yellow-pencil-editor","wyp_frame_output",3014,{"type":225,"name":354,"callback":355,"priority":63,"file":238,"line":356},"plugin_row_meta","wyp_plugin_links",3091,{"type":211,"name":236,"callback":358,"file":238,"line":359},"wyp_define_wtfv",3275,{"type":211,"name":217,"callback":361,"priority":273,"file":238,"line":362},"wyp_exportCSS_admin_header",3737,[364,368,371,374,377,380,383,386,389],{"action":365,"nopriv":51,"callback":365,"hasNonce":366,"hasCapCheck":366,"file":238,"line":367},"wyp_add_animation",true,192,{"action":369,"nopriv":51,"callback":369,"hasNonce":366,"hasCapCheck":366,"file":238,"line":370},"wyp_unsplash_api",253,{"action":372,"nopriv":51,"callback":373,"hasNonce":366,"hasCapCheck":366,"file":238,"line":76},"wyp_live_save_option","wyp_save_live_option",{"action":375,"nopriv":51,"callback":375,"hasNonce":366,"hasCapCheck":366,"file":238,"line":376},"wyp_save_comments_option",371,{"action":378,"nopriv":51,"callback":378,"hasNonce":366,"hasCapCheck":366,"file":238,"line":379},"wyp_check_license",391,{"action":381,"nopriv":51,"callback":381,"hasNonce":366,"hasCapCheck":366,"file":238,"line":382},"wyp_delete_stylesheet_live",499,{"action":384,"nopriv":51,"callback":384,"hasNonce":366,"hasCapCheck":366,"file":238,"line":385},"wyp_preview_data_save",2060,{"action":387,"nopriv":51,"callback":387,"hasNonce":366,"hasCapCheck":366,"file":238,"line":388},"wyp_ajax_save",2235,{"action":390,"nopriv":51,"callback":390,"hasNonce":366,"hasCapCheck":366,"file":238,"line":391},"wyp_ajax_update_css",2257,[],[],[],9,{"dangerousFunctions":397,"sqlUsage":398,"outputEscaping":408,"fileOperations":546,"externalRequests":29,"nonceChecks":547,"capabilityChecks":548,"bundledLibraries":549},[],{"prepared":399,"raw":108,"locations":400},7,[401,404,406],{"file":238,"line":402,"context":403},205,"$wpdb->get_results() with variable interpolation",{"file":238,"line":405,"context":403},639,{"file":238,"line":407,"context":403},658,{"escaped":409,"rawEcho":410,"locations":411},38,73,[412,415,417,419,421,422,424,425,427,429,430,432,433,434,435,437,438,440,442,444,446,448,450,452,454,456,457,459,460,462,464,466,467,468,470,471,473,475,477,479,481,482,484,486,488,490,492,494,496,498,500,502,504,506,508,510,512,514,516,518,520,522,524,526,528,530,532,534,536,538,540,542,544],{"file":214,"line":413,"context":414},85,"raw output",{"file":214,"line":416,"context":414},88,{"file":214,"line":418,"context":414},89,{"file":214,"line":420,"context":414},142,{"file":214,"line":126,"context":414},{"file":214,"line":423,"context":414},273,{"file":214,"line":423,"context":414},{"file":214,"line":426,"context":414},275,{"file":214,"line":428,"context":414},277,{"file":214,"line":428,"context":414},{"file":214,"line":431,"context":414},282,{"file":214,"line":431,"context":414},{"file":214,"line":431,"context":414},{"file":214,"line":431,"context":414},{"file":214,"line":436,"context":414},288,{"file":214,"line":436,"context":414},{"file":214,"line":439,"context":414},523,{"file":214,"line":441,"context":414},548,{"file":214,"line":443,"context":414},587,{"file":214,"line":445,"context":414},598,{"file":214,"line":447,"context":414},622,{"file":214,"line":449,"context":414},953,{"file":214,"line":451,"context":414},954,{"file":214,"line":453,"context":414},957,{"file":214,"line":455,"context":414},976,{"file":214,"line":455,"context":414},{"file":214,"line":458,"context":414},988,{"file":214,"line":458,"context":414},{"file":214,"line":461,"context":414},1071,{"file":214,"line":463,"context":414},1073,{"file":214,"line":465,"context":414},1075,{"file":214,"line":259,"context":414},{"file":214,"line":259,"context":414},{"file":214,"line":469,"context":414},1186,{"file":214,"line":469,"context":414},{"file":214,"line":472,"context":414},1200,{"file":214,"line":474,"context":414},1220,{"file":476,"line":136,"context":414},"editor\\editor.php",{"file":476,"line":478,"context":414},158,{"file":476,"line":480,"context":414},160,{"file":476,"line":426,"context":414},{"file":476,"line":483,"context":414},381,{"file":476,"line":485,"context":414},404,{"file":476,"line":487,"context":414},426,{"file":476,"line":489,"context":414},427,{"file":476,"line":491,"context":414},428,{"file":476,"line":493,"context":414},429,{"file":476,"line":495,"context":414},433,{"file":476,"line":497,"context":414},434,{"file":476,"line":499,"context":414},435,{"file":476,"line":501,"context":414},436,{"file":476,"line":503,"context":414},437,{"file":476,"line":505,"context":414},438,{"file":476,"line":507,"context":414},439,{"file":476,"line":509,"context":414},455,{"file":476,"line":511,"context":414},480,{"file":476,"line":513,"context":414},655,{"file":476,"line":515,"context":414},660,{"file":476,"line":517,"context":414},661,{"file":476,"line":519,"context":414},669,{"file":476,"line":521,"context":414},670,{"file":476,"line":523,"context":414},671,{"file":476,"line":525,"context":414},672,{"file":476,"line":527,"context":414},673,{"file":476,"line":529,"context":414},674,{"file":238,"line":531,"context":414},115,{"file":238,"line":533,"context":414},134,{"file":238,"line":535,"context":414},1184,{"file":238,"line":537,"context":414},1362,{"file":238,"line":539,"context":414},1426,{"file":238,"line":541,"context":414},1503,{"file":238,"line":543,"context":414},2016,{"file":238,"line":545,"context":414},3729,1,20,25,[],[551,597,611,621,638,664,672,683,694,704,713,723,734],{"entryPoint":552,"graph":553,"unsanitizedCount":546,"severity":42},"\u003Ceditor> (editor\\editor.php:0)",{"nodes":554,"edges":590},[555,560,565,568,570,573,575,578,580,584,588],{"id":556,"type":557,"label":558,"file":476,"line":559},"n0","source","$_SERVER",31,{"id":561,"type":562,"label":563,"file":476,"line":478,"wp_function":564},"n1","sink","echo() [XSS]","echo",{"id":566,"type":557,"label":567,"file":476,"line":480},"n2","$_GET['href']",{"id":569,"type":562,"label":563,"file":476,"line":480,"wp_function":564},"n3",{"id":571,"type":557,"label":572,"file":476,"line":480},"n4","$_GET['wyp_page_id']",{"id":574,"type":562,"label":563,"file":476,"line":480,"wp_function":564},"n5",{"id":576,"type":557,"label":577,"file":476,"line":480},"n6","$_GET['wyp_page_type']",{"id":579,"type":562,"label":563,"file":476,"line":480,"wp_function":564},"n7",{"id":581,"type":557,"label":582,"file":476,"line":583},"n8","$_GET",740,{"id":585,"type":586,"label":587,"file":476,"line":583},"n9","transform","→ wyp_editor_styles()",{"id":589,"type":562,"label":563,"file":238,"line":543,"wp_function":564},"n10",[591,592,593,594,595,596],{"from":556,"to":561,"sanitized":366},{"from":566,"to":569,"sanitized":366},{"from":571,"to":574,"sanitized":366},{"from":576,"to":579,"sanitized":366},{"from":581,"to":585,"sanitized":51},{"from":585,"to":589,"sanitized":51},{"entryPoint":598,"graph":599,"unsanitizedCount":29,"severity":610},"wyp_option_update (admin\\settings.php:319)",{"nodes":600,"edges":608},[601,604],{"id":556,"type":557,"label":602,"file":214,"line":603},"$_POST (x3)",346,{"id":561,"type":562,"label":605,"file":214,"line":606,"wp_function":607},"update_option() [Settings Manipulation]",348,"update_option",[609],{"from":556,"to":561,"sanitized":366},"low",{"entryPoint":612,"graph":613,"unsanitizedCount":29,"severity":610},"wyp_options_controller (admin\\settings.php:384)",{"nodes":614,"edges":619},[615,617],{"id":556,"type":557,"label":582,"file":214,"line":616},405,{"id":561,"type":562,"label":605,"file":214,"line":618,"wp_function":607},410,[620],{"from":556,"to":561,"sanitized":366},{"entryPoint":622,"graph":623,"unsanitizedCount":29,"severity":610},"wyp_option_func (admin\\settings.php:448)",{"nodes":624,"edges":634},[625,627,628,630,631,633],{"id":556,"type":557,"label":626,"file":214,"line":439},"$_POST['wyp-customizations']",{"id":561,"type":562,"label":563,"file":214,"line":439,"wp_function":564},{"id":566,"type":557,"label":629,"file":214,"line":441},"$_POST['wyp-animations']",{"id":569,"type":562,"label":563,"file":214,"line":441,"wp_function":564},{"id":571,"type":557,"label":582,"file":214,"line":632},1129,{"id":574,"type":562,"label":563,"file":214,"line":469,"wp_function":564},[635,636,637],{"from":556,"to":561,"sanitized":366},{"from":566,"to":569,"sanitized":366},{"from":571,"to":574,"sanitized":366},{"entryPoint":639,"graph":640,"unsanitizedCount":29,"severity":610},"\u003Csettings> (admin\\settings.php:0)",{"nodes":641,"edges":657},[642,643,644,645,646,647,648,649,650,653,654,655],{"id":556,"type":557,"label":602,"file":214,"line":603},{"id":561,"type":562,"label":605,"file":214,"line":606,"wp_function":607},{"id":566,"type":557,"label":582,"file":214,"line":616},{"id":569,"type":562,"label":605,"file":214,"line":618,"wp_function":607},{"id":571,"type":557,"label":626,"file":214,"line":439},{"id":574,"type":562,"label":563,"file":214,"line":439,"wp_function":564},{"id":576,"type":557,"label":629,"file":214,"line":441},{"id":579,"type":562,"label":563,"file":214,"line":441,"wp_function":564},{"id":581,"type":557,"label":651,"file":214,"line":652},"$_POST",369,{"id":585,"type":562,"label":563,"file":214,"line":259,"wp_function":564},{"id":589,"type":557,"label":582,"file":214,"line":632},{"id":656,"type":562,"label":563,"file":214,"line":469,"wp_function":564},"n11",[658,659,660,661,662,663],{"from":556,"to":561,"sanitized":366},{"from":566,"to":569,"sanitized":366},{"from":571,"to":574,"sanitized":366},{"from":576,"to":579,"sanitized":366},{"from":581,"to":585,"sanitized":366},{"from":589,"to":656,"sanitized":366},{"entryPoint":665,"graph":666,"unsanitizedCount":29,"severity":610},"wyp_yellow_penci_bar (yellow-pencil.php:80)",{"nodes":667,"edges":670},[668,669],{"id":556,"type":557,"label":582,"file":238,"line":416},{"id":561,"type":562,"label":563,"file":238,"line":531,"wp_function":564},[671],{"from":556,"to":561,"sanitized":366},{"entryPoint":673,"graph":674,"unsanitizedCount":29,"severity":610},"wyp_add_animation (yellow-pencil.php:175)",{"nodes":675,"edges":681},[676,679],{"id":556,"type":557,"label":677,"file":238,"line":678},"$_POST (x2)",180,{"id":561,"type":562,"label":605,"file":238,"line":680,"wp_function":607},182,[682],{"from":556,"to":561,"sanitized":366},{"entryPoint":684,"graph":685,"unsanitizedCount":29,"severity":610},"wyp_unsplash_api (yellow-pencil.php:199)",{"nodes":686,"edges":692},[687,689],{"id":556,"type":557,"label":688,"file":238,"line":402},"$_POST['wyp_id']",{"id":561,"type":562,"label":690,"file":238,"line":402,"wp_function":691},"get_results() [SQLi]","get_results",[693],{"from":556,"to":561,"sanitized":366},{"entryPoint":695,"graph":696,"unsanitizedCount":29,"severity":610},"wyp_save_live_option (yellow-pencil.php:259)",{"nodes":697,"edges":702},[698,700],{"id":556,"type":557,"label":677,"file":238,"line":699},265,{"id":561,"type":562,"label":605,"file":238,"line":701,"wp_function":607},269,[703],{"from":556,"to":561,"sanitized":366},{"entryPoint":705,"graph":706,"unsanitizedCount":29,"severity":610},"wyp_save_comments_option (yellow-pencil.php:329)",{"nodes":707,"edges":711},[708,710],{"id":556,"type":557,"label":651,"file":238,"line":709},338,{"id":561,"type":562,"label":605,"file":238,"line":603,"wp_function":607},[712],{"from":556,"to":561,"sanitized":366},{"entryPoint":714,"graph":715,"unsanitizedCount":29,"severity":610},"wyp_preview_data_save (yellow-pencil.php:2034)",{"nodes":716,"edges":721},[717,719],{"id":556,"type":557,"label":651,"file":238,"line":718},2040,{"id":561,"type":562,"label":605,"file":238,"line":720,"wp_function":607},2042,[722],{"from":556,"to":561,"sanitized":366},{"entryPoint":724,"graph":725,"unsanitizedCount":29,"severity":610},"wyp_ajax_save (yellow-pencil.php:2117)",{"nodes":726,"edges":732},[727,730],{"id":556,"type":557,"label":728,"file":238,"line":729},"$_POST (x6)",2134,{"id":561,"type":562,"label":605,"file":238,"line":731,"wp_function":607},2161,[733],{"from":556,"to":561,"sanitized":366},{"entryPoint":735,"graph":736,"unsanitizedCount":29,"severity":610},"\u003Cyellow-pencil> (yellow-pencil.php:0)",{"nodes":737,"edges":752},[738,739,740,742,743,744,745,746,747,748],{"id":556,"type":557,"label":582,"file":238,"line":416},{"id":561,"type":562,"label":563,"file":238,"line":531,"wp_function":564},{"id":566,"type":557,"label":741,"file":238,"line":678},"$_POST (x15)",{"id":569,"type":562,"label":605,"file":238,"line":680,"wp_function":607},{"id":571,"type":557,"label":688,"file":238,"line":402},{"id":574,"type":562,"label":690,"file":238,"line":402,"wp_function":691},{"id":576,"type":557,"label":728,"file":238,"line":709},{"id":579,"type":562,"label":563,"file":238,"line":535,"wp_function":564},{"id":581,"type":557,"label":651,"file":238,"line":699},{"id":585,"type":562,"label":749,"file":238,"line":750,"wp_function":751},"header() [Header Injection]",3726,"header",[753,754,755,756,757],{"from":556,"to":561,"sanitized":366},{"from":566,"to":569,"sanitized":366},{"from":571,"to":574,"sanitized":366},{"from":576,"to":579,"sanitized":366},{"from":581,"to":585,"sanitized":366},{"summary":759,"deductions":760},"The Yellow Pencil Visual Theme Customizer plugin (v7.6.7) presents a mixed security profile. While it demonstrates good practices like a significant number of nonce and capability checks and a complete absence of unprotected REST API routes and shortcodes, the static analysis reveals some concerning areas. Notably, 34% of output is not properly escaped, posing a Cross-Site Scripting (XSS) risk, and one unsanitized path flow was detected in the taint analysis, which could lead to path traversal vulnerabilities. The plugin's vulnerability history is a significant concern, with 5 known CVEs, including one critical and four medium severity issues. The prevalence of XSS and missing authorization vulnerabilities in its history, combined with the unescaped output and unsanitized path flow found in the current analysis, suggests a recurring pattern of input sanitization and authorization weaknesses. While the lack of unprotected entry points and the use of prepared statements for most SQL queries are strengths, the historical vulnerability data and the identified code signals warrant caution.",[761,763,765,768,771,773],{"reason":762,"points":163},"Output escaping is not properly handled for 66% of outputs",{"reason":764,"points":399},"Taint analysis found one flow with unsanitized paths",{"reason":766,"points":767},"Plugin has a history of 1 critical CVE",15,{"reason":769,"points":770},"Plugin has a history of 4 medium CVEs",12,{"reason":772,"points":399},"Common vulnerability type: Improper Neutralization of Input During Web Page Gene",{"reason":774,"points":399},"Common vulnerability type: Missing Authorization","2026-03-16T17:21:14.385Z",{"wat":777,"direct":812},{"assetPaths":778,"generatorPatterns":794,"scriptPaths":795,"versionParams":796},[779,780,781,782,783,784,785,786,787,788,789,790,791,792,793],"\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fmain.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Ffont-awesome.min.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fanimate.min.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fresponsive.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fbootstrap-select.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fbootstrap-slider.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fbootstrap.min.js","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fjquery-ui.min.js","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fbootstrap-select.js","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fbootstrap-slider.js","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fmain.js","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Ftinymce\u002Ftinymce.min.js","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fjquery.js",[],[791,792],[797,798,799,800,801,802,803,804,805,806,807,808,809,810,811],"\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fmain.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fbootstrap.min.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Ffont-awesome.min.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fanimate.min.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fresponsive.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fbootstrap-select.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fbootstrap-slider.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fcss\u002Fstyle.css?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fbootstrap.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fjquery-ui.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fbootstrap-select.js?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fbootstrap-slider.js?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fmain.js?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Ftinymce\u002Ftinymce.min.js?ver=","\u002Fwp-content\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Feditor\u002Fjs\u002Fjquery.js?ver=",{"cssClasses":813,"htmlComments":836,"htmlAttributes":846,"restEndpoints":854,"jsGlobals":857,"shortcodeOutput":860},[814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832,833,834,835],"wyp-disable-cancel","ed-pnl","ed-pnl-top","wf-close-btn-link","wyp-close-btn","wyp-button","wyp-save-btn","wyp-disabled","wyp-button-manage","wyp-button-live","wyp-clear","property-responsive-menu","ed-pnl-inner","wyp-csng-sec","wyp-customizing-inner","wyp-crnt-el","wyp-panel-no-selection","starter-notice","wyp-hand","wyp-hand-after","ed-pnl-footer","wyp-panel-hide",[837,838,839,840,841,842,843,844,845],"\u003C!-- Basic -->","\u003C!-- Check if lite version or not. -->","\u003C!-- Generate Base Editor URL. -->","\u003C!-- Define -->","\u003C!-- Admin Settings Page -->","\u003C!-- Register YellowPencil Panel -->","\u003C!-- Check if it is demo mode -->","\u003C!-- Add animation ajax callback -->","\u003C!-- Download from unsplash and upload to wp -->",[847,848,849,850,851,852,853],"data-toggle","data-placement","title","data-href","data-animation-name","data-animation-css","data-wyp-editor-nonce",[855,856],"\u002Fwp-json\u002Fyellow-pencil\u002Fv1\u002Fsettings","\u002Fwp-json\u002Fyellow-pencil\u002Fv1\u002Fsave-settings",[858,859,237],"YellowPencilEditor","yp_animation",[],{"error":366,"url":862,"statusCode":485,"statusMessage":863,"message":863},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fyellow-pencil-visual-theme-customizer\u002Fbundle","no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":29,"versions":865},[]]