[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fj0FH6Hb3Bhq90INB2s-yKN03q4ZY65H7mdyjGc8X6TE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":114,"fingerprints":165},"achievement-shortcode-for-badgeos","Achievement Shortcode Add-On for BadgeOS","1.1.0","konnektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fkonnektiv\u002F","\u003Cp>This BadgeOS Add-on adds a shortcode to show or hide content depending on the user having earned a specific achievement.\u003C\u002Fp>\n\u003Cp>Any content in a post or page enclosed in the shortcode [user_earned_achievement id=”achievement_id”][\u002Fuser_earned_achievement] will only be shown if the current user has already earned the achievement with the specified id. This shortcode is fully integrated with the BadgeOS shortcode insert button.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> You will need to install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbadgeos\u002F\" title=\"BadgeOS\" rel=\"ugc\">BadgeOS plugin\u003C\u002Fa>™ (version 1.4 or higher) to use the BadgeOS Community Add-on. This Plugin was tested up to BadgeOS 3.6.7.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbadgeos\u002F\" title=\"BadgeOS\" rel=\"ugc\">Get the BadgeOS plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin was originally developed for the \u003Ca href=\"https:\u002F\u002Fquality4digitallearning.org\u002F\" rel=\"nofollow ugc\">globe – Community of Digital Learning\u003C\u002Fa> on behalf of \u003Ca href=\"https:\u002F\u002Fwww.giz.de\u002F\" rel=\"nofollow ugc\">GIZ\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contact\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fkonnektiv.de\u002F\" rel=\"nofollow ugc\">Konnektiv\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkonnektiv\u002Fbadgeos-achievement-shortcode-add-on\" rel=\"nofollow ugc\">BadgeOS Achievement Shortcode Add-on on GitHub\u003C\u002Fa> – Report issues, contribute code\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This BadgeOS Add-on adds a shortcode to show or hide content depending on the user having earned a specific achievement.",10,2637,0,"2020-11-26T17:47:00.000Z","5.5.18","3.6.0","5.5.9",[19,20,21,22,23],"access","badge","badges","restrict","shortcode","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fachievement-shortcode-for-badgeos\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fachievement-shortcode-for-badgeos.1.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":11,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":26,"computed_at":34},70,87,30,"2026-04-04T15:39:24.910Z",[36,48,58,69,88],{"slug":37,"name":38,"version":39,"author":7,"author_profile":8,"description":40,"short_description":41,"active_installs":11,"downloaded":42,"rating":13,"num_ratings":13,"last_updated":43,"tested_up_to":15,"requires_at_least":44,"requires_php":17,"tags":45,"homepage":46,"download_link":47,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"achievement-shortcode-add-on-for-gamipress","Achievement Shortcode Add-On for GamiPress","1.0.0","\u003Cp>This GamiPress Add-on adds a shortcode to show or hide content depending on the user having earned a specific achievement. Any content in a post or page enclosed in the shortcode [user_earned_achievement id=”achievement_id”][\u002Fuser_earned_achievement] will only be shown if the current user has already earned the achievement with the specified id. This shortcode is fully integrated with the GamiPress shortcode insert button.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> You will need to install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress plugin\u003C\u002Fa>™ (version 1.4 or higher) to use the GamiPress Achievement Shortcode Add-on. This Plugin was tested up to GamiPress 1.9.1\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">Get the GamiPress plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin was originally developed for the \u003Ca href=\"https:\u002F\u002Fwww.giz.de\u002Fakademie\u002Fen\u002Fhtml\u002Findex.html\" rel=\"nofollow ugc\">Academy of International Cooperation\u003C\u002Fa> of \u003Ca href=\"https:\u002F\u002Fwww.giz.de\" rel=\"nofollow ugc\">GIZ\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contact\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fkonnektiv.de\u002F\" rel=\"nofollow ugc\">Konnektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This GamiPress Add-on adds a shortcode to show or hide content depending on the user having earned a specific achievement.",1339,"2020-10-29T15:34:00.000Z","4.4",[19,20,21,22,23],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fachievement-shortcode-add-on-for-gamipress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fachievement-shortcode-add-on-for-gamipress.1.0.0.zip",{"slug":49,"name":50,"version":39,"author":7,"author_profile":8,"description":51,"short_description":52,"active_installs":11,"downloaded":53,"rating":13,"num_ratings":13,"last_updated":54,"tested_up_to":15,"requires_at_least":44,"requires_php":17,"tags":55,"homepage":56,"download_link":57,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"award-on-click-for-gamipress","Award On Click Add-On for GamiPress","\u003Cp>This GamiPress Add-on adds a shortcode to show a link. The user is then awarded a specified achievement when the link is clicked. This shortcode is fully integrated with the GamiPress shortcode insert button.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> You need to install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress plugin\u003C\u002Fa>™ (version 1.4 or higher) to use the GamiPress Community Add-on. The Plugin was tested up to GamiPress 1.9.1\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">Get the GamiPress plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin was originally developed for the \u003Ca href=\"https:\u002F\u002Fwww.giz.de\u002Fakademie\u002Fen\u002Fhtml\u002Findex.html\" rel=\"nofollow ugc\">Academy of International Cooperation\u003C\u002Fa> of \u003Ca href=\"https:\u002F\u002Fwww.giz.de\" rel=\"nofollow ugc\">GIZ\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contact\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fkonnektiv.de\u002F\" rel=\"nofollow ugc\">Konnektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This GamiPress Add-on adds a shortcode to show a link. The user is awarded a specified achievement when the link is clicked.",1228,"2020-10-24T14:03:00.000Z",[19,20,21,22,23],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faward-on-click-for-gamipress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faward-on-click-for-gamipress.1.0.0.zip",{"slug":59,"name":60,"version":6,"author":7,"author_profile":8,"description":61,"short_description":62,"active_installs":13,"downloaded":63,"rating":13,"num_ratings":13,"last_updated":64,"tested_up_to":15,"requires_at_least":65,"requires_php":17,"tags":66,"homepage":67,"download_link":68,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"award-on-click-add-on-for-badgeos","Award On Click Add-On for BadgeOS","\u003Cp>This BadgeOS Add-on adds a shortcode to show a link. The user is awarded a specified achievement when the link is clicked. This shortcode is fully integrated with the BadgeOS shortcode insert button.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> You will need to install the free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbadgeos\u002F\" title=\"BadgeOS\" rel=\"ugc\">BadgeOS plugin\u003C\u002Fa>™ (version 1.4 or higher) to use the BadgeOS Community Add-on. The Plugin was tested up to BadgeOS 3.6.7\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbadgeos\u002F\" title=\"BadgeOS\" rel=\"ugc\">Get the BadgeOS plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin was originally developed for the \u003Ca href=\"https:\u002F\u002Fwww.giz.de\u002Fakademie\u002Fen\u002Fhtml\u002Findex.html\" rel=\"nofollow ugc\">Academy of International Cooperation\u003C\u002Fa> of \u003Ca href=\"https:\u002F\u002Fwww.giz.de\" rel=\"nofollow ugc\">GIZ\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contact\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fkonnektiv.de\u002F\" rel=\"nofollow ugc\">Konnektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This BadgeOS Add-on adds a shortcode to show a link. The user is awarded a specified achievement when the link is clicked.",1005,"2020-11-26T17:03:00.000Z","4.0",[19,20,21,22,23],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faward-on-click-add-on-for-badgeos\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faward-on-click-add-on-for-badgeos.1.1.0.zip",{"slug":70,"name":71,"version":72,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":11,"downloaded":77,"rating":13,"num_ratings":13,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":81,"tags":82,"homepage":86,"download_link":87,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"code-school-badges","Code School Badges","1.0.2","mcnitt","https:\u002F\u002Fprofiles.wordpress.org\u002Fmcnitt\u002F","\u003Cp>Learn By Doing. Code School teaches web technologies in the comfort of your browser with video lessons, coding challenges, and screencasts. Use this plugin to proudly display completed Code School course badges on your WordPress blog, website or CV.\u003C\u002Fp>\n\u003Cp>You can use a widget to display your badges in a header, sidebar or footer or use a shortcode to display badges in the main content area of a post or page. The plugin offers two customization options:\u003C\u002Fp>\n\u003Col>\n\u003Cli>How many of your most recent completed course badges to display\u003C\u002Fli>\n\u003Cli>How large should each badge be (in pixels, ems, or other valid units)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Project code is hosted at GitHub. Contributors welcome.\u003C\u002Fp>\n","Provides both widgets and shortcodes to help display Code School profile badges on your website.",1875,"2014-09-23T00:37:00.000Z","4.0.38","3.0.1","",[21,83,84,85,23],"code-school","codeschool","profile","https:\u002F\u002Fgithub.com\u002Fmcnitt\u002Fcode-school-badges-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcode-school-badges.1.0.2.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":99,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":81,"download_link":110,"security_score":111,"vuln_count":112,"unpatched_count":13,"last_vuln_date":113,"fetched_at":28},"advanced-access-manager","Advanced Access Manager – Access Governance for WordPress","7.1.0","AAM Plugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fvasyltech\u002F","\u003Cp>\u003Cstrong>Advanced Access Manager (AAM)\u003C\u002Fstrong> introduces \u003Cstrong>Access Governance for WordPress\u003C\u002Fstrong> – a systematic approach to securing your site by controlling who can access what, when, and why.\u003C\u002Fp>\n\u003Cp>Most WordPress security plugins focus on external threats like malware, firewalls, and brute-force attacks. AAM addresses the \u003Cstrong>root cause of the #1 WordPress security risk: broken access controls, excessive privileges, and misconfigured roles\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Instead of reacting to attacks, AAM helps you \u003Cstrong>design security into your WordPress site\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>What Access Governance means in practice\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Mitigate Broken Access Controls\u003C\u002Fstrong>. Ensure roles, users, and permissions are correctly configured to prevent unauthorized actions and privilege escalation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Eliminate Excessive Privileges\u003C\u002Fstrong>. Identify overpowered users and reduce access to critical functionality, admin areas, and APIs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Content by Design\u003C\u002Fstrong>. Control who can view, edit, publish, or delete posts, pages, media, taxonomies, and custom content types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Govern Access with Policy\u003C\u002Fstrong>. Define access rules using JSON Access Policies — portable, auditable, and automation-friendly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Build Custom Security Logic\u003C\u002Fstrong>. Use the AAM PHP Framework to create advanced, programmatic access controls tailored to your application.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security Audit\u003C\u002Fstrong>. Detect risky role assignments, misconfigurations, and compromised accounts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular Access Control\u003C\u002Fstrong>. Manage permissions for any user, role, or visitor with precision.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role & Capability Management\u003C\u002Fstrong>. Customize WordPress roles and capabilities beyond defaults.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin & Menu Control\u003C\u002Fstrong>. Restrict dashboard areas and tailor the admin experience per user or role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API & Endpoint Protection\u003C\u002Fstrong>. Secure REST and XML-RPC access with fine-grained controls.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern Authentication Options\u003C\u002Fstrong>. Support passwordless and secure login flows.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer-Ready Framework\u003C\u002Fstrong>. Extend WordPress security using AAM’s powerful SDK.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ad-Free & Transparent\u003C\u002Fstrong>. – No ads, no tracking, no bloat.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Built for Security-Conscious WordPress Users\u003C\u002Fh4>\n\u003Cp>AAM is trusted by \u003Cstrong>150,000+ websites\u003C\u002Fstrong> to deliver enterprise-grade access control without unnecessary complexity. Whether you’re a site owner, agency, developer, or security professional, AAM gives you \u003Cstrong>full control over WordPress access — by design\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Most core features are free. Advanced capabilities are available via premium add-ons.\u003C\u002Fp>\n\u003Cp>No hidden tracking. No data collection. No unwanted changes.\u003Cbr \u002F>\nJust \u003Cstrong>security you can reason about, audit, and trust\u003C\u002Fstrong>.\u003C\u002Fp>\n","Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.",100000,7384389,84,420,"2026-03-08T15:53:00.000Z","6.9.4","5.8.0","5.6.0",[105,106,107,108,109],"access-governance","api-security","restricted-content","security","user-roles","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-access-manager.7.1.0.zip",95,11,"2024-03-20 00:00:00",{"attackSurface":115,"codeSignals":140,"taintFlows":152,"riskAssessment":153,"analyzedAt":164},{"hooks":116,"ajaxHandlers":136,"restRoutes":137,"shortcodes":138,"cronEvents":139,"entryPointCount":13,"unprotectedCount":13},[117,123,127,131],{"type":118,"name":119,"callback":120,"file":121,"line":122},"action","admin_notices","maybe_disable_plugin","badgeos-achievement-shortcode.php",44,{"type":118,"name":124,"callback":125,"file":121,"line":126},"plugins_loaded","actions",45,{"type":118,"name":128,"callback":129,"file":121,"line":130},"init","register_badgeos_shortcodes",51,{"type":118,"name":132,"callback":133,"priority":134,"file":121,"line":135},"admin_enqueue_scripts","admin_scripts",99,52,[],[],[],[],{"dangerousFunctions":141,"sqlUsage":142,"outputEscaping":144,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":151},[],{"prepared":13,"raw":13,"locations":143},[],{"escaped":145,"rawEcho":146,"locations":147},3,1,[148],{"file":121,"line":149,"context":150},167,"raw output",[],[],{"summary":154,"deductions":155},"The \"achievement-shortcode-for-badgeos\" plugin version 1.1.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code analysis reveals no dangerous functions, no direct SQL queries (all are prepared statements), no file operations, and no external HTTP requests. The lack of identified taint flows also suggests that user-supplied data is not being handled in a way that would lead to common vulnerabilities like path traversal or command injection.\n\nWhile the plugin demonstrates good practices in its code, there are a few areas for potential concern. The static analysis shows a limited number of output escaping instances (4 total) with 75% being properly escaped. This means there is a small chance of a cross-site scripting (XSS) vulnerability if the unescaped output is user-controlled. Additionally, the complete absence of nonce checks and capability checks across all entry points (which are zero in this case) is notable. Although there are no direct entry points in this version, if future versions introduce any, the lack of these fundamental WordPress security mechanisms could become a significant risk. The plugin also has no recorded vulnerability history, which is a positive indicator, suggesting a track record of secure development.",[156,159,162],{"reason":157,"points":158},"Unescaped output found",4,{"reason":160,"points":161},"No nonce checks",5,{"reason":163,"points":161},"No capability checks","2026-03-17T01:44:21.259Z",{"wat":166,"direct":175},{"assetPaths":167,"generatorPatterns":170,"scriptPaths":171,"versionParams":172},[168,169],"\u002Fwp-content\u002Fplugins\u002Fachievement-shortcode-for-badgeos\u002Fjs\u002Frangyinputs-jquery-src.js","\u002Fwp-content\u002Fplugins\u002Fachievement-shortcode-for-badgeos\u002Fjs\u002Fachievement-shortcode-embed.js",[],[168,169],[173,174],"achievement-shortcode-for-badgeos\u002Fjs\u002Frangyinputs-jquery-src.js?ver=","achievement-shortcode-for-badgeos\u002Fjs\u002Fachievement-shortcode-embed.js?ver=",{"cssClasses":176,"htmlComments":177,"htmlAttributes":178,"restEndpoints":179,"jsGlobals":180,"shortcodeOutput":181},[],[],[],[],[],[182],"\u003Cdiv class=\"error\">You have to specify a valid achievement id in the \"id\" parameter!\u003C\u002Fdiv>"]