[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$favATjzHQl3T8203ex_F5x7WNmeUNsR7R5ViN9hLfIoQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":53,"analysis":145,"fingerprints":182},"author-bio-shortcode","Author Bio Shortcode","2.5.3","Philip John","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilipjohn\u002F","\u003Cp>This plugin allows you to enter [author_bio] anywhere within the content of a post or page to display the biography of the author of that post or page.\u003C\u002Fp>\n\u003Cp>The output now contains HTML, which can be customised very easily with extra parameters – see Installation for a how-to – to sit around the bio, as defined in \u002Fwp-admin\u002Fprofile.php.\u003C\u002Fp>\n\u003Cp>By default the shortcode produces the author of that post or page. However, extra parameters enable you to specify a different user whose bio you want to print out – see usage instructions.\u003C\u002Fp>\n\u003Cp>Feature requests welcomed with open arms!\u003C\u002Fp>\n","Provides the [author_bio] shortcode for embedding the bio of an author anywhere in the post\u002Fpage content.",100,9113,2,"2014-09-03T19:59:00.000Z","4.0.38","3.5","",[19,20,21,22,23],"author","author-description","bio","biography","user-description","http:\u002F\u002Fphilipjohn.co.uk\u002Fcategory\u002Fplugins\u002Fauthor-bio-shortcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthor-bio-shortcode.2.5.3.zip",64,1,"2025-04-01 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-31731","author-bio-shortcode-authenticated-contributor-stored-cross-site-scripting","Author Bio Shortcode \u003C= 2.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Author Bio Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.5.3","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-08 18:40:07",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F82e2d184-d922-4ddb-b3aa-0191f7ff7603?source=api-prod",{"slug":46,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":49,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},"philipjohn",7,430,86,30,84,"2026-04-04T11:06:27.336Z",[54,74,92,111,128],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":11,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":68,"homepage":71,"download_link":72,"security_score":11,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"individual-multisite-author","Individual Multisite Author","1.4.0","Thomas Maier","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebzunft\u002F","\u003Cp>When running \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FCreate_A_Network\" rel=\"nofollow ugc\">WordPress Multisites\u003C\u002Fa> to maintain various top level domains or a multilingual version of your site you might probably run into the problem of having the same author description \u002F biography on each of them.\u003C\u002Fp>\n\u003Cp>This is unfortunate not only on multilingual sites.\u003C\u002Fp>\n\u003Cp>Long story short, this plugin enables you to enter the author biography for each user on a per-blog basis.\u003C\u002Fp>\n\u003Cp>You don’t have to do anything, but to install and activate the plugin and to enter the author bio into through the dashboard(s) of your site(s).\u003C\u002Fp>\n\u003Cp>Please visit the github repository on https:\u002F\u002Fgithub.com\u002Fwebzunft\u002Fmultisite-individual-author if you want to contribute, post a specific feature request or bug report.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Some things site admins and developers might want to know:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>the plugin only works when multisite support is enabled\u003C\u002Fli>\n\u003Cli>the biography is saved using a custom profile field for each blog with the pattern ‘ima_description_BLOGID’, e.g. \u003Cem>img_description_3\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>the filter get_the_author_description is used to load the “right” description; this is used by the\u003Ccode>_author_meta()\u003C\u002Fcode> and \u003Ccode>get_the_author_meta()\u003C\u002Fcode> functions\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin enables individual author descriptions for each single blog in a multisite network.",50,17258,13,"2025-12-03T11:37:00.000Z","6.9.4","6.0",[19,69,20,22,70],"author-bio","multisite","http:\u002F\u002Fwebgilde.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Findividual-multisite-author.1.4.0.zip",0,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":11,"num_ratings":13,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":17,"tags":87,"homepage":89,"download_link":90,"security_score":91,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"simple-author-bio","Simple Author Bio","1.0.7","jmarreros","https:\u002F\u002Fprofiles.wordpress.org\u002Fjmarreros\u002F","\u003Cp>This Plugin shows author’s biography in the foot of the posts, also adds\u003Cbr \u002F>\nsocial networks and a link to see all the entries written by the author.\u003C\u002Fp>\n","Plugin that shows the author's biography in the foot of the posts.",200,7532,"2020-09-27T13:59:00.000Z","5.5.18","4.0",[19,69,88,21,22],"author-biography","https:\u002F\u002Fdecodecms.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-author-bio.zip",85,{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":11,"downloaded":100,"rating":73,"num_ratings":73,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":17,"tags":104,"homepage":108,"download_link":109,"security_score":110,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"author-box-by-nocksoft","Author Box by Nocksoft","1.1.1","Rafael @ Nocksoft","https:\u002F\u002Fprofiles.wordpress.org\u002Fnocksoft\u002F","\u003Cp>Adds a modern customizable author info box at the end of your posts and pages with a short description about the author. You can display a simple author bio box in your posts and pages to show your readers and followers who you are.\u003Cbr \u002F>\nYour blog will become even more personal and authentic. This plugin is available in German and English language and is fully compatible with the plugin “Local Avatars by Nocksoft”.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adds a simple lightweight Author Box at the end of your posts and\u002For pages with a short description about the author\u003C\u002Fli>\n\u003Cli>Option for displaying a link to an own “About Me Page” in Author Box for post authors\u003C\u002Fli>\n\u003Cli>Adds shortcode for Author Box so that you can insert a Author Box anywhere you want\u003C\u002Fli>\n\u003Cli>Allows to hide the author box of default WordPress theme\u003C\u002Fli>\n\u003Cli>Fully compatible with the plugin “Local Avatars by Nocksoft”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Setup\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Install plugin.\u003C\u002Fli>\n\u003Cli>(optional) Go to “Settings” -> “Author Box” to setup global settings like font sizes or other settings like look of avatars.\u003C\u002Fli>\n\u003Cli>Go to user profiles to enter biographical info.\u003C\u002Fli>\n\u003Cli>(optional) Go to user profiles to enter some informations about the author.\u003C\u002Fli>\n\u003Cli>(optional) Go to Plugins and install the recommended plugin “Local Avatars by Nocksoft” to use local avatars.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>\u003Ccode>[authorbox]\u003C\u002Fcode>\u003C\u002Fp>\n","Adds a modern author info box at the end of your posts and implements local avatars as an alternative to Gravatar.",3160,"2024-11-16T11:24:00.000Z","6.7.5","5.3",[105,106,69,107,20],"about-author","about-me","author-box","https:\u002F\u002Fgithub.com\u002FNocksoft\u002FAuthor-Box-by-Nocksoft","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthor-box-by-nocksoft.1.1.1.zip",92,{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":11,"downloaded":119,"rating":11,"num_ratings":27,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":17,"tags":123,"homepage":126,"download_link":127,"security_score":110,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"wp-author-profile-widget","WP Author Profile Widget","1.0","B.M. Rafiul Alam","https:\u002F\u002Fprofiles.wordpress.org\u002Frafiul17\u002F","\u003Cul>\n\u003Cli>Shows author gravatar, name, website, description and social icons\u003C\u002Fli>\n\u003Cli>Fully customizable to match your theme design (style, color, size and text options)\u003C\u002Fli>\n\u003Cli>Nice looking on desktop, laptop, tablet or mobile phones\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Settings\u002FCustomize\u003C\u002Fh3>\n\u003Cp>You can find Profile Setting  and Customize option below plugin list after installation.\u003C\u002Fp>\n","Add WP Author Profile Widget with easy way.",7333,"2024-10-19T16:32:00.000Z","6.6.5","5.0",[19,21,22,124,125],"profile","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-author-profile-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-author-profile-widget.zip",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":136,"downloaded":137,"rating":11,"num_ratings":27,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":17,"tags":141,"homepage":143,"download_link":144,"security_score":91,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"short-bio-widget","Short Bio Widget","1.2","Nasir Ahmed","https:\u002F\u002Fprofiles.wordpress.org\u002Fnasirahmed\u002F","\u003Cp>Its a widget that collects your short biography and show into wordpress sidebar area. User can add gravatar, name, short personal details, all common social links with icons.\u003C\u002Fp>\n","Its a widget that collects your short biography and show into wordpress sidebar area. User can add gravatar, name, short personal details, all common  …",40,3411,"2016-03-27T04:13:00.000Z","4.4.34","3.0.1",[19,21,22,142,125],"contact","http:\u002F\u002Fnasirahmed.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshort-bio-widget.zip",{"attackSurface":146,"codeSignals":162,"taintFlows":169,"riskAssessment":170,"analyzedAt":181},{"hooks":147,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":161,"entryPointCount":27,"unprotectedCount":73},[148],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","init","pj_abs_load_textdomain","author-bio-shortcode.php",19,[],[],[157],{"tag":158,"callback":159,"file":152,"line":160},"author_bio","pj_abs_shortcode",127,[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":73,"externalRequests":73,"nonceChecks":73,"capabilityChecks":73,"bundledLibraries":168},[],{"prepared":73,"raw":73,"locations":165},[],{"escaped":27,"rawEcho":73,"locations":167},[],[],[],{"summary":171,"deductions":172},"The \"author-bio-shortcode\" plugin version 2.5.3 exhibits a mixed security posture. On the positive side, the static analysis reveals strong adherence to secure coding practices, with no dangerous functions identified, all SQL queries using prepared statements, and 100% of outputs properly escaped. There are no file operations or external HTTP requests, contributing to a reduced attack surface. However, the plugin completely lacks nonce checks and capability checks, which is a significant concern as these are fundamental security mechanisms for protecting against unauthorized actions and cross-site request forgery (CSRF).\n\nThe vulnerability history is a major red flag. The plugin has a known CVE associated with it, and critically, this vulnerability is currently unpatched. The common vulnerability type being Cross-site Scripting (XSS) further emphasizes the risk. While the static analysis didn't directly uncover XSS vulnerabilities in this specific version's code review, the historical data strongly suggests that past versions were susceptible, and the lack of any indication of how this was addressed in 2.5.3, combined with the unpatched status, points to a lingering or unresolved security flaw.\n\nIn conclusion, while the codebase itself shows good general practices in areas like SQL and output escaping, the absence of fundamental security checks like nonces and capability checks, coupled with a known, unpatched medium-severity vulnerability (XSS), creates a significant risk. Users should be extremely cautious when deploying this plugin.",[173,176,179],{"reason":174,"points":175},"Unpatched CVE",15,{"reason":177,"points":178},"Missing nonce checks",5,{"reason":180,"points":178},"Missing capability checks","2026-03-17T05:37:46.958Z",{"wat":183,"direct":192},{"assetPaths":184,"generatorPatterns":187,"scriptPaths":188,"versionParams":189},[185,186],"\u002Fwp-content\u002Fplugins\u002Fauthor-bio-shortcode\u002Fcss\u002Fauthor-bio-shortcode.css","\u002Fwp-content\u002Fplugins\u002Fauthor-bio-shortcode\u002Fjs\u002Fauthor-bio-shortcode.js",[],[186],[190,191],"author-bio-shortcode\u002Fcss\u002Fauthor-bio-shortcode.css?ver=","author-bio-shortcode\u002Fjs\u002Fauthor-bio-shortcode.js?ver=",{"cssClasses":193,"htmlComments":197,"htmlAttributes":198,"restEndpoints":217,"jsGlobals":218,"shortcodeOutput":219},[194,194,195,196,21],"author_bio_shortcode","name","avatar",[],[199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216],"data-id","data-username","data-email","data-avatar","data-avatar-size","data-name","data-name-container","data-name-class","data-name-pre","data-name-post","data-name-link","data-container-element","data-container-class","data-avatar-container-element","data-avatar-container-class","data-bio-container-element","data-bio-container-class","data-bio-paragraph",[],[],[220,221,222,223],"\u003Cdiv class=\"author_bio_shortcode\">","\u003Ch3 class=\"name\">","\u003Cdiv class=\"avatar\">","\u003Cdiv class=\"bio\">"]