[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fB72og-2GJAIXDpJ_H__4OKjqEQzVGhd9OTDjqV7H_mQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":129,"fingerprints":195},"bp-last-comments-widget","BuddyPress Last Comments Widget","2.0","udarmo","https:\u002F\u002Fprofiles.wordpress.org\u002Fudarmo\u002F","\u003Cp>Shows a list of most recently added BP activity comments.\u003C\u002Fp>\n","Shows a list of most recently added BP activity comments.",0,1713,"2017-10-17T20:45:00.000Z","4.8.28","4.6","5.6",[18,19,20,21,22],"activity-comments","activity-widget","buddypress","buddypress-widget","recent-comments","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-last-comments-widget.2.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-04T11:06:02.070Z",[35,56,77,95,110],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":23,"tags":50,"homepage":54,"download_link":55,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"buddypress-sitewide-activity-widget","BuddyPress Sitewide Activity Widget","1.3.5","Brajesh Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fsbrajesh\u002F","\u003Cp>BuddyPress Sitewide Activity Widget brings back the BuddyPress Sitewide activity as a widget for you. Now you can show the BuddyPress activity in a widget area.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Filter Activities By components in UI\u003C\u002Fli>\n\u003Cli>Limit per page and max\u003C\u002Fli>\n\u003Cli>Support for posting activity from swa widget\u003C\u002Fli>\n\u003Cli>Support for blog admins activity only\u003C\u002Fli>\n\u003Cli>Support for logged in users activity only\u003C\u002Fli>\n\u003Cli>Show hide avatars\u003C\u002Fli>\n\u003Cli>Show hide filters\u003C\u002Fli>\n\u003Cli>Include only a few components activities\u003C\u002Fli>\n\u003Cli>exclude some components activity from the swa\u003C\u002Fli>\n\u003Cli>Multi instance\u003C\u002Fli>\n\u003Cli>easily themable, should not conflict\u003C\u002Fli>\n\u003Cli>localizable\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For support, please use \u003Ca href=\"http:\u002F\u002Fbuddydev.com\u002Fsupport\u002Fforums\u002F\" title=\"BuddyDev support forums\" rel=\"nofollow ugc\">BuddyDev Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Other\u003C\u002Fh3>\n\u003Cp>For support, please use \u003Ca href=\"http:\u002F\u002Fbuddydev.com\u002Fsupport\u002Fforums\u002F\" title=\"BuddyDev support forums\" rel=\"nofollow ugc\">BuddyDev Support Forum\u003C\u002Fa>\u003C\u002Fp>\n","BuddyPress Sitewide Activity Widget allows you to use BuddyPress Sitewide activity stream as a widget.",200,42809,86,7,"2018-12-09T00:36:00.000Z","5.0.25","4.5",[20,51,36,52,53],"buddypress-activity","sitewide-activity","sitewide-activity-widget","https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fbuddypress-sitewide-activity-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-sitewide-activity-widget.1.3.5.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":23,"tags":71,"homepage":75,"download_link":76,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"buddy-registration-widget","BuddyPress Registration Widget","2.1.2","Yogesh Pawar","https:\u002F\u002Fprofiles.wordpress.org\u002Fpawaryogesh1989\u002F","\u003Cp>This plugin provides BuddyPress registration form as a widget with many other configurable option. Using this plugin the website administrator can disable member cover image, group cover image. Administrator can also allow the users to browse the website without the need for uploading a profile picture. Activity tab can also be removed from the user profile. The most important feature added is to allow the administrator use custom templates to display the registration form and it is done in such way that future plugin updates will not affect the customizations done.\u003C\u002Fp>\n\u003Cp>Now, the registration form can also be displayed on any page using just a shortcode. Use shortcode “[buddyRegisterFormCode]” on any page to display the registration form.\u003C\u002Fp>\n\u003Ch3>Details\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display BuddyPress registration form as a widget.\u003C\u002Fli>\n\u003Cli>Use shortcode “[buddyRegisterFormCode]” to display the registration form on any page.\u003C\u002Fli>\n\u003Cli>Option to disable member\u002Fuser cover image.\u003C\u002Fli>\n\u003Cli>Option to disable group cover image.\u003C\u002Fli>\n\u003Cli>Option to disable validation of “Profile Image”.\u003C\u002Fli>\n\u003Cli>Option to remove the “Activity Tab” from the user profile.\u003C\u002Fli>\n\u003Cli>Option to use custom template to modified form fields\u002Flayout to display form in Sidebar.\u003C\u002Fli>\n\u003Cli>Option to use custom template to modified form fields\u002Flayout to display form on any page using shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n","Display BuddyPress Registration form as a Widget using this Plugin.",100,20549,76,6,"2021-01-05T11:06:00.000Z","5.6.17","5.0",[72,73,21,74],"buddypress-registration","buddypress-registration-form-widget","widget","http:\u002F\u002Fclariontechnologies.co.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddy-registration-widget.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":11,"num_ratings":11,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":23,"tags":90,"homepage":93,"download_link":94,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"bp-user-activity","BuddyPress User Activity","1.0.1","jomol","https:\u002F\u002Fprofiles.wordpress.org\u002Fjomol\u002F","\u003Cp>BuddyPress User Activity plugin allows you to get five latest activity stream of logged-in user throughout the site, and which can display with any post\u002Fpage using shortcode.\u003Cbr \u002F>\nAdditionally, this plugin gives you a Widget of activity stream to provide a simple and easy-to-use way of giving design and structure control of your BuddyPress site.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>List recent five activities of a logged-in user\u003C\u002Fli>\n\u003Cli>Shortcode available to list the activity stream\u003C\u002Fli>\n\u003Cli>Widget available to list the activity stream\u003C\u002Fli>\n\u003C\u002Ful>\n","BuddyPress User Activity plugin allows you to get five latest activity stream of logged-in user throughout the site, and which can display with any po &hellip;",10,2006,"2018-05-31T05:00:00.000Z","4.9.29","4.0",[19,20,51,91,92],"buddypress-activity-user","user-activity","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbp-user-activity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-user-activity.1.0.1.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":85,"downloaded":103,"rating":104,"num_ratings":30,"last_updated":23,"tested_up_to":23,"requires_at_least":23,"requires_php":23,"tags":105,"homepage":107,"download_link":108,"security_score":64,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":109},"buddypress-activity-sidebar-widget-resubmission","Buddypress Activity Widget","1.0","rameshwor.maharjan","https:\u002F\u002Fprofiles.wordpress.org\u002Frameshwormaharjan\u002F","\u003Cp>Buddypress Activity Widget is a sidbar widget to show list of sitewide, members and member’s friends activity on a sidebar. You can filter activities by scope, object and actions easily using this plugin.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show only activity for the scope you pass. Accepted arguments: just-me, friends, groups, favorites, mentions \u003C\u002Fli>\n\u003Cli>Filtering Options by object. Example arguments: groups, friends, profile, status, blogs\u003C\u002Fli>\n\u003Cli>Filtering Options by action. Example arguments: new_forum_post, new_blog_comment new_blog_post, friendship_created, joined_group, created_group, new_forum_topic, activity_update\u003C\u002Fli>\n\u003Cli>Limit the number of activities to show\u003C\u002Fli>\n\u003Cli>Supports custom activity actions.\u003C\u002Fli>\n\u003Cli>Option to hide activity list for non-logged in users.\u003C\u002Fli>\n\u003C\u002Ful>\n","Buddypress Activity Widget is a sidbar widget to show list of sitewide, members and member's friends activity.",3613,60,[20,106],"buddypress-activity-widget","http:\u002F\u002Fwebavenue.com.au","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-sidebar-widget-resubmission.zip","2026-03-15T10:48:56.248Z",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":85,"downloaded":118,"rating":11,"num_ratings":11,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":23,"tags":122,"homepage":127,"download_link":128,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"buddypress-jquery-activity-stream-widget","Buddypress Jquery Activity Stream Widget","0.0.1","Joseph G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdunhakdis\u002F","\u003Cp>Widgetize your BP activity streams! \u003C\u002Fp>\n\u003Cp>\nLet your site viewers\u002Fusers easily read the activity streams by adding a simple yet customizable widget that displays streams in an animated manner.\u003C\u002Fp>\n\u003Cp>Users can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enter desired animation speed\u003C\u002Fli>\n\u003Cli>Enter desired animation timeouts\u003C\u002Fli>\n\u003Cli>User can select from two effects (Slide and Fade). Will be adding more soon!\u003C\u002Fli>\n\u003Cli>Customize widget area height\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\nNote: This plugin works with \u003Ca href=\"https:\u002F\u002Fbuddypress.org\u002F\" rel=\"nofollow ugc\">buddypress\u003C\u002Fa> installed on your website.\u003C\u002Fp>\n","Let your site viewers\u002Fusers easily read the activity streams by adding a simple yet customizable widget that displays streams in an animated manner.",7827,"2011-05-21T20:38:00.000Z","3.1.4","2.8",[20,123,124,125,126],"buddypress-activity-stream-widget","buddypress-activity-streams","buddypress-animated-activity-streams","buddypress-widgets","http:\u002F\u002Fclubkoncepto.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-jquery-activity-stream-widget.1.1.zip",{"attackSurface":130,"codeSignals":142,"taintFlows":181,"riskAssessment":182,"analyzedAt":194},{"hooks":131,"ajaxHandlers":138,"restRoutes":139,"shortcodes":140,"cronEvents":141,"entryPointCount":11,"unprotectedCount":11},[132],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","widgets_init","bp_last_comments_load_widget","last_comments.php",19,[],[],[],[],{"dangerousFunctions":143,"sqlUsage":144,"outputEscaping":149,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":180},[],{"prepared":11,"raw":30,"locations":145},[146],{"file":136,"line":147,"context":148},29,"$wpdb->get_results() with variable interpolation",{"escaped":150,"rawEcho":151,"locations":152},8,15,[153,156,157,159,161,163,165,167,169,170,172,174,175,177,178],{"file":136,"line":154,"context":155},47,"raw output",{"file":136,"line":154,"context":155},{"file":136,"line":158,"context":155},49,{"file":136,"line":160,"context":155},80,{"file":136,"line":162,"context":155},82,{"file":136,"line":164,"context":155},89,{"file":136,"line":166,"context":155},104,{"file":136,"line":168,"context":155},105,{"file":136,"line":168,"context":155},{"file":136,"line":171,"context":155},108,{"file":136,"line":173,"context":155},109,{"file":136,"line":173,"context":155},{"file":136,"line":176,"context":155},112,{"file":136,"line":176,"context":155},{"file":136,"line":179,"context":155},113,[],[],{"summary":183,"deductions":184},"The \"bp-last-comments-widget\" plugin version 2.0 exhibits a generally good security posture based on the provided static analysis. The absence of any identified entry points like AJAX handlers, REST API routes, or shortcodes significantly limits the attack surface. Furthermore, the lack of recorded vulnerabilities or CVEs in its history is a positive indicator of its development and maintenance practices. The code analysis also shows no critical or high severity taint flows and no dangerous functions used. This suggests a low risk of immediate, exploitable security flaws within the plugin's current state.\n\nHowever, there are some areas of concern that temper the otherwise positive assessment. The sole SQL query identified is not using prepared statements, which presents a potential risk for SQL injection if user-supplied data is ever incorporated into that query. Additionally, a significant portion of output (65%) is not properly escaped, increasing the risk of Cross-Site Scripting (XSS) vulnerabilities if dynamic data is displayed to users without adequate sanitization. The complete absence of nonce and capability checks, while currently not directly exploitable due to the lack of entry points, means that if new entry points are added in future versions without proper security controls, existing vulnerabilities could become exploitable.\n\nIn conclusion, while \"bp-last-comments-widget\" v2.0 appears secure due to its limited attack surface and clean vulnerability history, the identified raw SQL query and unescaped output represent potential weaknesses. These are common issues that, if left unaddressed, could lead to security incidents. Developers should prioritize addressing these specific code concerns to further harden the plugin's security.",[185,187,189,192],{"reason":186,"points":150},"Raw SQL query without prepared statements",{"reason":188,"points":67},"Significant amount of unescaped output",{"reason":190,"points":191},"No nonce checks",5,{"reason":193,"points":191},"No capability checks","2026-03-17T07:04:43.282Z",{"wat":196,"direct":201},{"assetPaths":197,"generatorPatterns":198,"scriptPaths":199,"versionParams":200},[],[],[],[],{"cssClasses":202,"htmlComments":204,"htmlAttributes":205,"restEndpoints":215,"jsGlobals":216,"shortcodeOutput":217},[203],"post-date",[],[206,207,208,209,210,211,212,213,214],"for=\"bp_last_comments_widget_plugin\"","id=\"bp_last_comments_widget_plugin\"","name=\"bp_last_comments_widget_plugin\"","id=\"bp_last_comments_widget_plugin-title\"","name=\"bp_last_comments_widget_plugin-title\"","id=\"bp_last_comments_widget_plugin-count\"","name=\"bp_last_comments_widget_plugin-count\"","id=\"bp_last_comments_widget_plugin-show_date\"","name=\"bp_last_comments_widget_plugin-show_date\"",[],[],[218,219],"\u003Cul","\u003Cli>\u003Ca href=\""]