[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fikE3kxQMF6l3vDePhLY7tDD4XV1exUok9BSOB0hdILQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":110,"fingerprints":273},"actify","Actify","1.0","wpsetter","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpsetter\u002F","\u003Cp>Actify is a free plugin for WordPress that gamify your content with readers with the next features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can highlight valuable quotes as a reader similar to Medium.\u003C\u002Fli>\n\u003Cli>Share selected text on social media, twitter and facebook.\u003C\u002Fli>\n\u003Cli>Report a typo in the text and the correct variant.\u003C\u002Fli>\n\u003Cli>Report a similar case, is for investigation journalism, to report similar cases quickly and anonymous.\u003C\u002Fli>\n\u003Cli>Have an widget that show most highlighted quotes by the users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get Involved\u003C\u002Fh4>\n\u003Cp>Looking to contribute code to this plugin? Go ahead and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpsetter\u002Factify\" rel=\"nofollow ugc\">fork the repository over at GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","A plugin that boosts readers’ interaction with the online content, by allowing them to perform a series of actions.",0,1369,"2018-08-22T23:12:00.000Z","4.9.29","4.7","5.3.0",[18,19,20,21,22],"comments","facebook-quote-plugin","gamification","gamify","social-plugins","http:\u002F\u002Fmoldova.org\u002Fgamification","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Factify.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-04T18:23:34.315Z",[35,59,74,88,99],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":46,"unpatched_count":11,"last_vuln_date":58,"fetched_at":27},"gamipress-button","GamiPress – Button","1.0.9","Ruben Garcia","https:\u002F\u002Fprofiles.wordpress.org\u002Frubengc\u002F","\u003Cp>GamiPress – Button let’s you add activity triggers filtered by button clicks adding new activity events on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Note: This add-on is designed to award users for button clicks, if you want to award them for link clicks, then you should check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-link\u002F\" title=\"GamiPress - Link\" rel=\"ugc\">GamiPress – Link\u003C\u002Fa> add-on.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIW9ZcGaWDBM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>New Events\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Click any button: When a user clicks on any button.\u003C\u002Fli>\n\u003Cli>Click a button with a specific ID: When a user clicks on any button with a specific identifier (button id attribute).\u003C\u002Fli>\n\u003Cli>Click a button with a specific Class: When a user clicks on any button with a specific class (button class attribute).\u003C\u002Fli>\n\u003Cli>Get a click on any button: When the post\u002Fcomment author gets clicks on any button.\u003C\u002Fli>\n\u003Cli>Get a click on a button with a specific ID: When the post\u002Fcomment author gets clicks on any button with a specific identifier (button id attribute).\u003C\u002Fli>\n\u003Cli>Get a click on a button with a specific Class: When the post\u002Fcomment author gets clicks on any button with a specific class (button class attribute).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important: The unique buttons that trigger this activities are the buttons generated by [gamipress_button] shortcode.\u003C\u002Fp>\n","Add activity events based on button clicks generated by [gamipress_button]",1000,20300,60,2,"2025-12-01T15:58:00.000Z","6.9.4","4.4","",[52,53,20,21,54],"button","click","gamipress","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-button\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-button.1.0.9.zip",99,"2024-03-19 00:00:00",{"slug":60,"name":61,"version":62,"author":39,"author_profile":40,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":46,"last_updated":68,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":69,"homepage":71,"download_link":72,"security_score":57,"vuln_count":30,"unpatched_count":11,"last_vuln_date":73,"fetched_at":27},"gamipress-link","GamiPress – Link","1.1.5","\u003Cp>GamiPress – Link let’s you add activity triggers filtered by link clicks adding new activity events on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Note: This add-on is designed to award users for link clicks, if you want to award them for button clicks, then you should check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-button\u002F\" title=\"GamiPress - Button\" rel=\"ugc\">GamiPress – Button\u003C\u002Fa> add-on.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fram4nUN9bHs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>New Events\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Click any link: When an user clicks on any link.\u003C\u002Fli>\n\u003Cli>Click a link with a specific URL: When an user clicks on any link with a specific URL.\u003C\u002Fli>\n\u003Cli>Click a link with a specific ID: When an user clicks on any link with a specific identifier (link id attribute).\u003C\u002Fli>\n\u003Cli>Click a link with a specific Class: When an user clicks on any link with a specific class (link class attribute).\u003C\u002Fli>\n\u003Cli>Get a click on any link: When the post\u002Fcomment author gets clicks on any link.\u003C\u002Fli>\n\u003Cli>Get a click on a link with a specific URL: When the post\u002Fcomment author gets clicks on any link with a specific URL.\u003C\u002Fli>\n\u003Cli>Get a click on a link with a specific ID: When the post\u002Fcomment author gets clicks on any link with a specific identifier (link id attribute).\u003C\u002Fli>\n\u003Cli>Get a click on a link with a specific Class: When the post\u002Fcomment author gets clicks on any link with a specific class (link class attribute).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important: The unique links that trigger this activities are the links generated by [gamipress_link] shortcode.\u003C\u002Fp>\n","Add activity events based on link clicks generated by [gamipress_link]",900,22584,100,"2025-12-01T16:00:00.000Z",[53,20,21,54,70],"link","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-link\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-link.1.1.5.zip","2024-06-04 20:43:51",{"slug":75,"name":76,"version":38,"author":39,"author_profile":40,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":11,"num_ratings":11,"last_updated":81,"tested_up_to":82,"requires_at_least":49,"requires_php":50,"tags":83,"homepage":86,"download_link":87,"security_score":67,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"gamipress-leaderboards-include-exclude-users","GamiPress – Leaderboards Include\u002FExclude Users","\u003Cp>GamiPress – Leaderboards Include\u002FExclude Users let’s you include and\u002For exclude users that will be ranked on a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa> leaderboard!\u003C\u002Fp>\n\u003Cp>In addition, plugin includes settings to include and\u002For exclude users by role.\u003C\u002Fp>\n\u003Cp>Important: This plugin requires \u003Ca href=\"https:\u002F\u002Fgamipress.com\u002Fadd-ons\u002Fgamipress-leaderboards\u002F\" title=\"GamiPress - Leaderboards\" rel=\"nofollow ugc\">GamiPress – Leaderboards\u003C\u002Fa> add-on.\u003C\u002Fp>\n","Include or exclude specific users or roles on any leaderboard.",500,14838,"2025-12-01T15:59:00.000Z","6.1.10",[84,20,21,54,85],"achievement","point","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-leaderboards-include-exclude-users","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-leaderboards-include-exclude-users.1.0.9.zip",{"slug":89,"name":90,"version":91,"author":39,"author_profile":40,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":67,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":96,"homepage":97,"download_link":98,"security_score":67,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"gamipress-block-users","GamiPress – Block Users","1.0.2","\u003Cp>GamiPress – Block Users let’s you block users and roles from getting awarded through the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa> awards engine!\u003C\u002Fp>\n\u003Cp>In addition, blocked users activity won’t be registered on logs what makes it ideal for stop registering and awarding undesired user roles like site administrators.\u003C\u002Fp>\n","Block users and roles from getting awarded through the GamiPress awards engine",400,10544,[84,20,21,54,85],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-block-users\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-block-users.1.0.2.zip",{"slug":100,"name":101,"version":102,"author":39,"author_profile":40,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":11,"num_ratings":11,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":107,"homepage":108,"download_link":109,"security_score":67,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"gamipress-buddypress-group-leaderboard","GamiPress – BuddyPress Group Leaderboard","1.1.4","\u003Cp>GamiPress – BuddyPress Group Leaderboard let’s you add new tab on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" title=\"BuddyPress\" rel=\"ugc\">BuddyPress\u003C\u002Fa> groups with a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa> leaderboard of group members!\u003C\u002Fp>\n\u003Cp>Through the GamiPress settings you will be able to configure the metrics by which group members should be ranked and the columns to show.\u003C\u002Fp>\n\u003Cp>Important: This plugin requires \u003Ca href=\"https:\u002F\u002Fgamipress.com\u002Fadd-ons\u002Fgamipress-leaderboards\u002F\" title=\"GamiPress - Leaderboards\" rel=\"nofollow ugc\">GamiPress – Leaderboards\u003C\u002Fa> add-on.\u003C\u002Fp>\n","Add a completely configurable tab on BuddyPress groups with a GamiPress leaderboard of group members",300,16413,[84,20,21,54,85],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-buddypress-group-leaderboard\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-buddypress-group-leaderboard.1.1.4.zip",{"attackSurface":111,"codeSignals":189,"taintFlows":230,"riskAssessment":257,"analyzedAt":272},{"hooks":112,"ajaxHandlers":155,"restRoutes":185,"shortcodes":186,"cronEvents":187,"entryPointCount":188,"unprotectedCount":30},[113,119,122,126,131,135,139,144,148,152],{"type":114,"name":115,"callback":116,"file":117,"line":118},"action","init","actify_load_textdomain","actify.php",37,{"type":114,"name":115,"callback":120,"file":117,"line":121},"init_actify",49,{"type":114,"name":123,"callback":124,"file":117,"line":125},"widgets_init","register_actify_highlights_widget",59,{"type":114,"name":127,"callback":128,"file":129,"line":130},"add_meta_boxes_actify_highlights","add_highlight_meta_box","classes\\class.actify.php",31,{"type":114,"name":132,"callback":133,"file":129,"line":134},"admin_menu","add_options_page",33,{"type":114,"name":136,"callback":137,"file":129,"line":138},"wp_enqueue_scripts","enqueue_front_scripts",35,{"type":140,"name":141,"callback":142,"file":129,"line":143},"filter","the_content","wrap_content_in_component",40,{"type":114,"name":145,"callback":146,"file":129,"line":147},"admin_enqueue_scripts","enqueue_admin_scripts",370,{"type":114,"name":149,"callback":150,"file":129,"line":151},"wp_footer","append_tooltip",870,{"type":114,"name":149,"callback":153,"file":129,"line":154},"append_modal_template",871,[156,161,165,169,173,177,179,181,183],{"action":157,"nopriv":158,"callback":159,"hasNonce":158,"hasCapCheck":160,"file":129,"line":121},"actify_report_mistake",true,"report_mistake",false,{"action":162,"nopriv":158,"callback":163,"hasNonce":158,"hasCapCheck":160,"file":129,"line":164},"actify_report_case","report_case",50,{"action":166,"nopriv":158,"callback":167,"hasNonce":158,"hasCapCheck":160,"file":129,"line":168},"actify_save_highlight","save_highlight",51,{"action":170,"nopriv":158,"callback":171,"hasNonce":158,"hasCapCheck":160,"file":129,"line":172},"actify_get_highlights","get_highlights",52,{"action":174,"nopriv":160,"callback":175,"hasNonce":160,"hasCapCheck":160,"file":129,"line":176},"actify_save_options","save_options",61,{"action":157,"nopriv":160,"callback":159,"hasNonce":158,"hasCapCheck":160,"file":129,"line":178},62,{"action":162,"nopriv":160,"callback":163,"hasNonce":158,"hasCapCheck":160,"file":129,"line":180},63,{"action":166,"nopriv":160,"callback":167,"hasNonce":158,"hasCapCheck":160,"file":129,"line":182},64,{"action":170,"nopriv":160,"callback":171,"hasNonce":158,"hasCapCheck":160,"file":129,"line":184},65,[],[],[],9,{"dangerousFunctions":190,"sqlUsage":191,"outputEscaping":193,"fileOperations":11,"externalRequests":227,"nonceChecks":228,"capabilityChecks":11,"bundledLibraries":229},[],{"prepared":11,"raw":11,"locations":192},[],{"escaped":194,"rawEcho":195,"locations":196},18,14,[197,201,203,205,207,209,211,213,215,217,219,221,223,225],{"file":198,"line":199,"context":200},"classes\\class.actify.widget.highlights.php",80,"raw output",{"file":198,"line":202,"context":200},82,{"file":198,"line":204,"context":200},94,{"file":198,"line":206,"context":200},124,{"file":198,"line":208,"context":200},125,{"file":198,"line":210,"context":200},126,{"file":198,"line":212,"context":200},127,{"file":198,"line":214,"context":200},130,{"file":198,"line":216,"context":200},131,{"file":198,"line":218,"context":200},132,{"file":198,"line":220,"context":200},133,{"file":198,"line":222,"context":200},136,{"file":198,"line":224,"context":200},137,{"file":198,"line":226,"context":200},139,3,4,[],[231,249],{"entryPoint":232,"graph":233,"unsanitizedCount":30,"severity":248},"save_options (classes\\class.actify.php:334)",{"nodes":234,"edges":246},[235,240],{"id":236,"type":237,"label":238,"file":129,"line":239},"n0","source","$_POST",338,{"id":241,"type":242,"label":243,"file":129,"line":244,"wp_function":245},"n1","sink","update_option() [Settings Manipulation]",341,"update_option",[247],{"from":236,"to":241,"sanitized":160},"low",{"entryPoint":250,"graph":251,"unsanitizedCount":11,"severity":248},"\u003Cclass.actify> (classes\\class.actify.php:0)",{"nodes":252,"edges":255},[253,254],{"id":236,"type":237,"label":238,"file":129,"line":239},{"id":241,"type":242,"label":243,"file":129,"line":244,"wp_function":245},[256],{"from":236,"to":241,"sanitized":158},{"summary":258,"deductions":259},"The \"actify\" v1.0 plugin exhibits a mixed security posture. On the positive side, it shows no known vulnerabilities (CVEs) and avoids dangerous functions and raw SQL queries. The presence of nonce checks on some entry points and the use of prepared statements for SQL are good security practices. However, significant concerns arise from the static analysis. A notable risk is the existence of one AJAX handler that lacks authentication checks, presenting a direct entry point for unauthorized actions. Furthermore, the output escaping is only 56% proper, indicating a potential for cross-site scripting (XSS) vulnerabilities if untrusted data is displayed without adequate sanitization.\n\nThe taint analysis reveals one flow with unsanitized paths, which, while not reaching critical or high severity in this analysis, highlights a potential for data manipulation or execution if exploited. The plugin's lack of capability checks on AJAX handlers is a critical oversight, as it means any user, regardless of their role, could potentially trigger these actions. The vulnerability history being clean is a positive indicator of past development practices, but it does not mitigate the immediate risks identified in the current code analysis. The plugin has strengths in database interaction security but weaknesses in input validation and authorization for its AJAX endpoints.",[260,263,266,269],{"reason":261,"points":262},"AJAX handler without authentication",8,{"reason":264,"points":265},"Low percentage of properly escaped output",7,{"reason":267,"points":268},"Taint flow with unsanitized path",5,{"reason":270,"points":271},"AJAX handlers without capability checks",6,"2026-03-17T07:11:54.212Z",{"wat":274,"direct":283},{"assetPaths":275,"generatorPatterns":278,"scriptPaths":279,"versionParams":280},[276,277],"\u002Fwp-content\u002Fplugins\u002Factify\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Factify\u002Fassets\u002Fjs\u002Ffrontend.js",[],[277],[281,282],"actify\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","actify\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":284,"htmlComments":285,"htmlAttributes":286,"restEndpoints":288,"jsGlobals":294,"shortcodeOutput":295},[],[],[287],"data-actify-highlight",[289,290,291,292,293],"\u002Fwp-json\u002Factify\u002Fv1\u002Fhighlights","\u002Fwp-json\u002Factify\u002Fv1\u002Freport-mistake","\u002Fwp-json\u002Factify\u002Fv1\u002Freport-case","\u002Fwp-json\u002Factify\u002Fv1\u002Fsave-highlight","\u002Fwp-json\u002Factify\u002Fv1\u002Fget-highlights",[5],[]]