[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$filATT2KNk0PnW2zEojWidDQpNJb8JB3NBn77IrTJjb0":3,"$fsogO9752rXXm_yz0eOkvyWf12AiTU_snPrNC8NBllcA":163,"$fyzsAceTdvWpOAkwz2gYwSAWZBUkBTDwvNV3p2BTAS88":167},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":20,"security_score":21,"vuln_count":22,"unpatched_count":22,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":33,"analysis":34,"fingerprints":137},"bp-bulk-delete","BP Bulk Delete","1.5","shanebp","https:\u002F\u002Fprofiles.wordpress.org\u002Fshanebp\u002F","\u003Cp>An Admin Tool plugin for bulk deletions. Works with BuddyPress and the BuddyBoss Platform.\u003C\u002Fp>\n\u003Cp>It allows admins to bulk delete Activity, Group Activity, Message and Notification entries & meta based on an ‘older than’ date.\u003C\u002Fp>\n\u003Cp>Adds a link under \u003Cem>Tools\u003C\u002Fem> menu.\u003C\u002Fp>\n\u003Cp>Note: for Messages and Notifications, it will delete \u003Cstrong>BOTH\u003C\u002Fstrong> read and unread entries.\u003C\u002Fp>\n\u003Cp>There are action hooks for pre and post deletion for all four entry types.\u003C\u002Fp>\n\u003Cp>If you are using BuddyBoss and would like to also delete associated media, please see: \u003Ca href=\"https:\u002F\u002Fwww.philopress.com\u002Fproducts\u002Fbp-bulk-delete-pro\u002F\" title=\"BP Bulk Delete Pro\" rel=\"nofollow ugc\">BP Bulk Delete Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For more plugins, please visit \u003Ca href=\"https:\u002F\u002Fwww.philopress.com\u002F\" rel=\"nofollow ugc\">PhiloPress\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>An Admin Tool plugin for bulk deletions. Works with BuddyPress and the BuddyBoss Platform.\u003C\u002Fp>\n\u003Cp>It allows admins to bulk delete Activity, Group Activity, Message and Notification entries & meta based on an ‘older than’ date.\u003C\u002Fp>\n\u003Cp>Adds a link under \u003Cem>Tools\u003C\u002Fem> menu.\u003C\u002Fp>\n\u003Cp>Note: for Messages and Notifications, it will delete \u003Cstrong>BOTH\u003C\u002Fstrong> read and unread entries.\u003C\u002Fp>\n\u003Cp>There are action hooks for pre and post deletion for all four entry types.\u003C\u002Fp>\n\u003Cp>If you are using BuddyBoss and would like to also delete associated media, please see: \u003Ca href=\"https:\u002F\u002Fwww.philopress.com\u002Fproducts\u002Fbp-bulk-delete-pro\u002F\" title=\"BP Bulk Delete Pro\" rel=\"nofollow ugc\">BP Bulk Delete Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For more plugins, please visit \u003Ca href=\"https:\u002F\u002Fwww.philopress.com\u002F\" rel=\"nofollow ugc\">PhiloPress\u003C\u002Fa>\u003C\u002Fp>\n","An Admin Tool plugin for bulk deletions. Works with BuddyPress and the BuddyBoss Platform.",200,8234,94,3,"2025-04-19T17:31:00.000Z","6.8.5","4.0","",[],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-bulk-delete.1.5.zip",92,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":21,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},9,2150,124,73,"2026-05-20T04:11:40.687Z",[],{"attackSurface":35,"codeSignals":56,"taintFlows":100,"riskAssessment":127,"analyzedAt":136},{"hooks":36,"ajaxHandlers":52,"restRoutes":53,"shortcodes":54,"cronEvents":55,"entryPointCount":22,"unprotectedCount":22},[37,43,47],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","admin_menu","bpbd_tool_link","bpbd-admin.php",22,{"type":38,"name":44,"callback":45,"file":41,"line":46},"bp_init","instance",489,{"type":38,"name":48,"callback":49,"file":50,"line":51},"bp_include","bpbd_plugin_init","bpbd.php",20,[],[],[],[],{"dangerousFunctions":57,"sqlUsage":58,"outputEscaping":60,"fileOperations":22,"externalRequests":22,"nonceChecks":61,"capabilityChecks":22,"bundledLibraries":99},[],{"prepared":51,"raw":22,"locations":59},[],{"escaped":61,"rawEcho":62,"locations":63},4,17,[64,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97],{"file":41,"line":65,"context":66},317,"raw output",{"file":41,"line":68,"context":66},319,{"file":41,"line":70,"context":66},324,{"file":41,"line":72,"context":66},329,{"file":41,"line":74,"context":66},362,{"file":41,"line":76,"context":66},364,{"file":41,"line":78,"context":66},369,{"file":41,"line":80,"context":66},374,{"file":41,"line":82,"context":66},378,{"file":41,"line":84,"context":66},411,{"file":41,"line":86,"context":66},413,{"file":41,"line":88,"context":66},419,{"file":41,"line":90,"context":66},424,{"file":41,"line":92,"context":66},458,{"file":41,"line":94,"context":66},460,{"file":41,"line":96,"context":66},466,{"file":41,"line":98,"context":66},471,[],[101,119],{"entryPoint":102,"graph":103,"unsanitizedCount":22,"severity":118},"bpbd_activity_groups_html (bpbd-admin.php:346)",{"nodes":104,"edges":115},[105,110],{"id":106,"type":107,"label":108,"file":41,"line":109},"n0","source","$_POST",356,{"id":111,"type":112,"label":113,"file":41,"line":76,"wp_function":114},"n1","sink","echo() [XSS]","echo",[116],{"from":106,"to":111,"sanitized":117},true,"low",{"entryPoint":120,"graph":121,"unsanitizedCount":22,"severity":118},"\u003Cbpbd-admin> (bpbd-admin.php:0)",{"nodes":122,"edges":125},[123,124],{"id":106,"type":107,"label":108,"file":41,"line":109},{"id":111,"type":112,"label":113,"file":41,"line":76,"wp_function":114},[126],{"from":106,"to":111,"sanitized":117},{"summary":128,"deductions":129},"The \"bp-bulk-delete\" v1.5 plugin exhibits a strong static security posture with no identified dangerous functions, file operations, or external HTTP requests. The use of prepared statements for all SQL queries is a significant positive.  However, the low percentage of properly escaped output (19%) is a considerable concern, suggesting a high likelihood of cross-site scripting (XSS) vulnerabilities. While the plugin has no recorded vulnerability history, this should not be interpreted as a guarantee of future security, especially given the identified output escaping issues. The absence of capability checks for its entry points is another area of concern, as it implies that any authenticated user could potentially trigger plugin functionality without proper authorization.\n\nThe plugin has a clean vulnerability history, which is a positive indicator. However, the static analysis reveals weaknesses that could be exploited. The most significant concern is the low rate of output escaping, which directly points to a risk of XSS. Additionally, the lack of capability checks on entry points is a potential authorization bypass risk. While the plugin doesn't have a large attack surface and all SQL is prepared, these strengths are overshadowed by the identified risks related to output sanitation and authorization.",[130,133],{"reason":131,"points":132},"Low percentage of output escaping",8,{"reason":134,"points":135},"No capability checks on entry points",5,"2026-03-16T20:16:36.862Z",{"wat":138,"direct":145},{"assetPaths":139,"generatorPatterns":142,"scriptPaths":143,"versionParams":144},[140,141],"\u002Fwp-content\u002Fplugins\u002Fbp-bulk-delete\u002Fbpbd-admin.css","\u002Fwp-content\u002Fplugins\u002Fbp-bulk-delete\u002Fbpbd-admin.js",[],[141],[],{"cssClasses":146,"htmlComments":150,"htmlAttributes":151,"restEndpoints":160,"jsGlobals":161,"shortcodeOutput":162},[147,148,149],"bpbd-groups-options","bpbd-groups-wrap","bpbd-groups-dropdown-wrap",[],[152,153,154,155,156,157,158,159],"id=\"bpbd-groups\"","name=\"bpbd-groups\"","id=\"month_select\"","name=\"date_month\"","id=\"day_select\"","name=\"date_day\"","id=\"year_select\"","name=\"date_year\"",[],[],[],{"error":117,"url":164,"statusCode":165,"statusMessage":166,"message":166},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fbp-bulk-delete\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":168,"versions":169},7,[170,176,183,190,197,204,211],{"version":6,"download_url":20,"svn_tag_url":171,"released_at":23,"has_diff":172,"diff_files_changed":173,"diff_lines":23,"trac_diff_url":174,"vulnerabilities":175,"is_current":117},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbp-bulk-delete\u002Ftags\u002F1.5\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbp-bulk-delete%2Ftags%2F1.4&new_path=%2Fbp-bulk-delete%2Ftags%2F1.5",[],{"version":177,"download_url":178,"svn_tag_url":179,"released_at":23,"has_diff":172,"diff_files_changed":180,"diff_lines":23,"trac_diff_url":181,"vulnerabilities":182,"is_current":172},"1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-bulk-delete.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbp-bulk-delete\u002Ftags\u002F1.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbp-bulk-delete%2Ftags%2F1.3&new_path=%2Fbp-bulk-delete%2Ftags%2F1.4",[],{"version":184,"download_url":185,"svn_tag_url":186,"released_at":23,"has_diff":172,"diff_files_changed":187,"diff_lines":23,"trac_diff_url":188,"vulnerabilities":189,"is_current":172},"1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-bulk-delete.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbp-bulk-delete\u002Ftags\u002F1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbp-bulk-delete%2Ftags%2F1.2&new_path=%2Fbp-bulk-delete%2Ftags%2F1.3",[],{"version":191,"download_url":192,"svn_tag_url":193,"released_at":23,"has_diff":172,"diff_files_changed":194,"diff_lines":23,"trac_diff_url":195,"vulnerabilities":196,"is_current":172},"1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-bulk-delete.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbp-bulk-delete\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbp-bulk-delete%2Ftags%2F1.1.1&new_path=%2Fbp-bulk-delete%2Ftags%2F1.2",[],{"version":198,"download_url":199,"svn_tag_url":200,"released_at":23,"has_diff":172,"diff_files_changed":201,"diff_lines":23,"trac_diff_url":202,"vulnerabilities":203,"is_current":172},"1.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-bulk-delete.1.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbp-bulk-delete\u002Ftags\u002F1.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbp-bulk-delete%2Ftags%2F1.1&new_path=%2Fbp-bulk-delete%2Ftags%2F1.1.1",[],{"version":205,"download_url":206,"svn_tag_url":207,"released_at":23,"has_diff":172,"diff_files_changed":208,"diff_lines":23,"trac_diff_url":209,"vulnerabilities":210,"is_current":172},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-bulk-delete.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbp-bulk-delete\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbp-bulk-delete%2Ftags%2F1.0.0&new_path=%2Fbp-bulk-delete%2Ftags%2F1.1",[],{"version":212,"download_url":213,"svn_tag_url":214,"released_at":23,"has_diff":172,"diff_files_changed":215,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":216,"is_current":172},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-bulk-delete.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbp-bulk-delete\u002Ftags\u002F1.0.0\u002F",[],[]]