[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNgRdKzM2dEq1jDNuy8lku-eupKLLEz4oKiipwcBhRSk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":141,"fingerprints":606},"bp-moderation","BuddyPress Moderation","0.1.7","francescolaffi","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrancescolaffi\u002F","\u003Ch4>LATEST VERSION REQUIRE PHP 5.3+\u003C\u002Fh4>\n\u003Cp>Site admins can already edit or delete every content in a BP community, but\u003Cbr \u002F>\nanalyzing every content posted could be a crazy\u002Fimpossible work in big communities.\u003Cbr \u002F>\nThis plugin use crowdsourcing to help site admins finding contents to moderate.\u003C\u002Fp>\n\u003Cp>It adds links\u002Fbuttons to flag inappropriate user generated content in the site,\u003Cbr \u002F>\nso members can easily flag contents as inappropriate. Admins can then see all the\u003Cbr \u002F>\nreported contents in an organized table in the wp backend, order\u002Ffilter them and\u003Cbr \u002F>\ntake actions (ignore, delete, mark\u002Funmark the content author as spammer, …).\u003C\u002Fp>\n\u003Cp>Another table show members, how many posts from them have been reported\u002Fmoderated,\u003Cbr \u002F>\nhow many posts have they reported and moderated from admin. Here find bad\u002Fgood\u003Cbr \u002F>\nmembers and take action on them.\u003C\u002Fp>\n\u003Cp>Note on private messages:\u003Cbr \u002F>\n* private message sender: reporting this will flag the sender, not the thread, but the admin is not able to see the messages, effective against bulk spammer\u003Cbr \u002F>\n* private message: in this case a sender is reported in a specific thread, the admin can see the messages, more useful for moderation (eg k-12 communities)\u003Cbr \u002F>\nthe latter is a bit hackish and could be less solid on future bp upgrades, the first one is based on apis that should be more stable\u003C\u002Fp>\n\u003Cp>Use \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbp-moderation\" rel=\"ugc\">support forum on wordpress.org\u003C\u002Fa>\u003Cbr \u002F>\nfor support and discussion.\u003C\u002Fp>\n\u003Cp>The default style uses one icon from http:\u002F\u002Fwww.famfamfam.com\u002Flab\u002Ficons\u002Fsilk\u002F\u003Cbr \u002F>\n(cc-by-2.5) and one from http:\u002F\u002Fdamieng.com\u002Fcreative\u002Ficons\u002Fsilk-companion-1-icons\u003Cbr \u002F>\n(cc-by-3.0), so if you use default style give credit to them somewhere in your site.\u003C\u002Fp>\n\u003Ch3>Moderator panel\u003C\u002Fh3>\n\u003Cp>You can access the backend panel from the “BP Moderation” link in your\u003Cbr \u002F>\nWordpress admin menu.\u003C\u002Fp>\n\u003Cp>There are three tabs on the top: “contents”, “users”, “settings”.\u003C\u002Fp>\n\u003Ch4>Contents view\u003C\u002Fh4>\n\u003Cp>In this view you can see the reported contents.\u003C\u002Fp>\n\u003Cp>Use the custom query filter\u002Forder contents.\u003C\u002Fp>\n\u003Cp>The contents table has three columns:\u003C\u002Fp>\n\u003Col>\n\u003Cli>info on the content author\u003C\u002Fli>\n\u003Cli>info on the content itself ( and link to take actions on it on mouseover )\u003C\u002Fli>\n\u003Cli>info on the flags on this content\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Users view\u003C\u002Fh4>\n\u003Cp>In this view you can see users that reported a content or users whom contents\u003Cbr \u002F>\nhave been reported.\u003C\u002Fp>\n\u003Cp>Use the custom query filter\u002Forder contents.\u003C\u002Fp>\n\u003Cp>The contents table has three columns:\u003C\u002Fp>\n\u003Col>\n\u003Cli>info on the user itself\u003C\u002Fli>\n\u003Cli>info on the contents generated by the user and flagged by others\u003C\u002Fli>\n\u003Cli>info on the contents generated by others and flagged by the user\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Hotkeys\u003C\u002Fh4>\n\u003Cp>You can enable and disable hotkeys with the link displayed under contents and users tables.\u003C\u002Fp>\n\u003Cp>I tried to make hotkeys similar wordpress comments table hotkeys, if you never\u003Cbr \u002F>\nused them, give a look to \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FKeyboard_Shortcuts\" rel=\"nofollow ugc\">this codex page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>When a row is selected with hotkeys the possible keys will be shown next to the actions links.\u003C\u002Fp>\n\u003Cp>Hotkeys in both tables:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>j\u002Fk: moves down\u002Fup\u003C\u002Fli>\n\u003Cli>x: check current row for bulk actions\u003C\u002Fli>\n\u003Cli>shift+x: invert row selection\u003C\u002Fli>\n\u003Cli>c: direct contact selected user (or selected content author)\u003C\u002Fli>\n\u003Cli>s\u002Fu: mark as spammer selected user (or selected content author) \u002F unmark him\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Only in contents table:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>v: view content\u003C\u002Fli>\n\u003Cli>a: approve (ignore)\u003C\u002Fli>\n\u003Cli>e: edit\u003C\u002Fli>\n\u003Cli>m: mark as moderated\u003C\u002Fli>\n\u003Cli>d: delete\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Only in user table:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>b: see the contents generated by the selected user and flagged by others in the content view\u003C\u002Fli>\n\u003Cli>g: see the contents generated by others and flagged by the selected user in the content view\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Bulk hotkeys:\u003C\u002Fp>\n\u003Cp>Some keys can be triggered on all selected rows if pressed with shift.\u003Cbr \u002F>\nThose keys are s,u,a,m,d.\u003C\u002Fp>\n\u003Ch3>Integration guide\u003C\u002Fh3>\n\u003Cp>= Introduction =\u003Cbr \u002F>\nThis guide aims to explain how integrate bp-moderation with custom content types,\u003Cbr \u002F>\nwp\u002Fbp core content types are already covered by the plugin, but you can write your\u003Cbr \u002F>\nown custom content type definitions also for them.\u003C\u002Fp>\n\u003Cp>It’s important to understand how bp-moderation differentiate\u002Frecognize contents:\u003Cbr \u002F>\neach content have to be identified by an internal content type slug (you choose\u003Cbr \u002F>\nit in your custom content type definition) and one or two bigint ids.\u003C\u002Fp>\n\u003Cp>Decide a convention with 2 ids for your content type, is not something you can change\u003Cbr \u002F>\nlater. You have to call bp-moderation methods using always the same convention and\u003Cbr \u002F>\nbp-moderation will use the same one when referring to your contents.\u003Cbr \u002F>\nIf your contents are tied with the activity stream you already have chosen a convention\u003Cbr \u002F>\nfor primary and secondary ids, using the same convention you use with activities\u003Cbr \u002F>\nwill make things easier. If you only have one id use 0 for the secondary id.\u003C\u002Fp>\n\u003Ch4>Register a content type\u003C\u002Fh4>\n\u003Cp>The main entry point in bp-moderation is bpModeration::register_content_type(), it\u003Cbr \u002F>\nallows you to register a content type and has to be called at every page load.\u003C\u002Fp>\n\u003Cp>You’ll need to provide:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>a slug: used to differentiate between content types  (alfanumeric and underscore only)\u003C\u002Fli>\n\u003Cli>a label: human readable name of the content type (used in backend)\u003C\u002Fli>\n\u003Cli>some callbacks: called by bp-moderation to request information\u002Foperations on your contents\u003C\u002Fli>\n\u003Cli>activity types: the activity types that your content are posted on the activity stream with (if any)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Code sample\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>examples\u002FbpMod_ContentType_BlogPostExample.php is a code sample that shows\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>how to integrate content types with bp-moderation taking blog posts as an example,\u003Cbr \u002F>\nyou can also modify and adapt it to your content type.\u003C\u002Fp>\n\u003Cp>Other informations are in the doc of \u003Ccode>bpModeration::register_content_type()\u003C\u002Fcode> and\u003Cbr \u002F>\n    bpModFrontend::get_link(), those are most likely the only two bp-moderation\u003Cbr \u002F>\nmethods you need to use.\u003C\u002Fp>\n\u003Cp>All core content types are in bpModDefaultContentTypes.php, but they are hardcoded\u003Cbr \u002F>\nfor speed reasons, so don’t use them as an example.\u003C\u002Fp>\n\u003Ch4>Advanced integration with activities\u003C\u002Fh4>\n\u003Cp>If you use the same primary and secondary id convention for activities and bp-moderation\u003Cbr \u002F>\nyou only have to tell the activity types of your content when registering,\u003Cbr \u002F>\nbp-moderation is already hooked in the activity loop and will print the links\u003Cbr \u002F>\nfor your contents too.\u003C\u002Fp>\n\u003Cp>Instead if some reason you cat use the same convention or you want to customize\u003Cbr \u002F>\nthe activity loop flag button, you can use the filter\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    bp_moderation_activity_loop_link_args_{the activity type}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>where \u003Ccode>{the activity type}\u003C\u002Fcode> is the activity type you’d like to filter.\u003Cbr \u002F>\nLook in \u003Ccode>bpModFrontend::activity_loop_link()\u003C\u002Fcode> to see what to filter.\u003C\u002Fp>\n\u003Ch4>Contents generated by non members\u003C\u002Fh4>\n\u003Cp>It’s possible to have contents generated by not members (e.g. blog comments).\u003Cbr \u002F>\nIf you have to provide a user id to bp-moderation give 0 for it, but you’ll also\u003Cbr \u002F>\nneed to filter author information for displaying them in backend table. Use the filter\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    bp_moderation_author_details_for_{slug used in content type registration}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>to add missing info, look in \u003Ccode>bpModBackend::author_details()\u003C\u002Fcode> to see info needed.\u003C\u002Fp>\n\u003Ch4>OK I coded my custom content type, and now?\u003C\u002Fh4>\n\u003Cp>If you have coded a custom content type and you think that could be widely useful,\u003Cbr \u002F>\ncontact me and it could easily get included in the bp-moderation plugin.\u003C\u002Fp>\n\u003Cp>If you integrated your plugin and you prefer to keep the custom content type in\u003Cbr \u002F>\nyour plugin it’s fine, I guess is more convenient and you can update it together\u003Cbr \u002F>\nwith your plugin.\u003Cbr \u002F>\nRemember to check if bp-moderation is active before including unnecessary code\u003Cbr \u002F>\nor calling non-existing functions: safest way is to use the action \u003Ccode>bp_moderation_init\u003C\u002Fcode>\u003Cbr \u002F>\nfor including\u002Fregistering it.\u003C\u002Fp>\n\u003Cp>If none of the above this is the easier way to get a custom content type loaded:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>place your custom content type php file in \u003Ccode>wp-content\u002Fplugins\u002Fbp-moderation-content-types\u002F\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>copy this line in wp-config.php \u003Ccode>define('BPMOD_LOAD_CUSTOM_CONTENT_TYPES', true);\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Possible future content type system features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>differentiate between trash, untrash and delete, or maybe custom actions on content\u003C\u002Fli>\n\u003Cli>methods to be called when a content is edited\u002Ftrashed\u002Funtrashed\u002Fdeleted so bp-moderation\u003Cbr \u002F>\ncan display also what happen outside of it\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds links\u002Fbuttons to flag inappropriate content and gives a convenient way to moderators to view reports and take actions.",10,26531,46,9,"2014-11-18T17:57:00.000Z","",[18,19,20],"buddypress","flagging","moderation","http:\u002F\u002Fbuddypress.org\u002Fcommunity\u002Fgroups\u002Fbp-moderation\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-moderation.0.1.7.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},3,90,30,84,"2026-04-04T00:37:27.081Z",[35,56,79,98,117],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":16,"download_link":55,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"bp-registration-options","Registration Options for BuddyPress","4.4.5","Brian Messenlehner","https:\u002F\u002Fprofiles.wordpress.org\u002Fmessenlehner\u002F","\u003Cp>Prevent users and bots from accessing the BuddyPress or bbPress areas of your website(s) until they are approved.\u003C\u002Fp>\n\u003Cp>This BuddyPress extension allows you to enable user moderation for new members, as well as help create a private network for your users. If moderation is enabled, any new members will be denied access to your BuddyPress and bbPress areas on your site, with the exception of their own user profile. They will be allowed to edit and configure that much. They will also not be listed in the members lists on the frontend until approved. Custom messages are available so you can tailor them to the tone of your website and community. When an admin approves or denies a user, email notifications will be sent to let them know of the decision.\u003C\u002Fp>\n\u003Cp>Requires BuddyPress version 1.7 or higher and bbPress 2.0 or higher.\u003C\u002Fp>\n\u003Ch3>General Data Protection Regulation\u003C\u002Fh3>\n\u003Cp>BuddyPress Registration Options temporarily stores user IP addresses as user meta to help validate and vet pending users. Saved IP values are deleted upon both approval and denial of pending user. No other personal data is recorded.\u003C\u002Fp>\n","Moderate new BuddyPress members and fight BuddyPress spam.",1000,175480,88,33,"2023-03-05T15:26:00.000Z","6.0.11","5.2","5.6",[52,18,53,20,54],"admin","groups","registration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-registration-options.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"bp-toolkit","Block, Suspend, Report for BuddyPress","3.6.4","Ben Roberts","https:\u002F\u002Fprofiles.wordpress.org\u002Fbouncingsprout\u002F","\u003Cp>Block, Suspend, Report for BuddyPress is a must-have plugin for EVERY BuddyPress installation.\u003C\u002Fp>\n\u003Cp>For a full list of features, documentation, screenshots and videos, head to the \u003Ca href=\"https:\u002F\u002Fwww.bouncingsprout.com\u002Fplugins\u002Fblock-suspend-report-for-buddypress\u002F\" rel=\"nofollow ugc\">plugin page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Each tool is explained further below.\u003C\u002Fp>\n\u003Ch3>Block\u003C\u002Fh3>\n\u003Cp>The Block tool allows your members to block another member. They simply click on a ‘block’ button, either on another member’s profile, or on the member list. Once blocked, neither member can send a message to the other. Each member’s profile pages become inaccessible, and display a simple message. Neither can view each other’s activity updates, or replies, and neither can send a friend request to one another.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A simple solution to deal with disputes between members.\u003C\u002Fli>\n\u003Cli>Prevents escalation of abusive or unacceptable conduct between your members.\u003C\u002Fli>\n\u003Cli>Lets your members deal with disputes by themselves, saving you time.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Suspend\u003C\u002Fh3>\n\u003Cp>The Suspend tool allows you, as an administrator, to suspend a member. Available only to administrators is a ‘suspend’ button on your member’s profiles, the member directory, and the admin users screen. Once clicked by you, all of that member’s sessions are terminated, and they will be unable to log back in, instead seeing a custom message explaining the situation.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Quickly deals with members who have breached your acceptable standards policies.\u003C\u002Fli>\n\u003Cli>Allows you to disable an account – until now, you would have to delete the account, or mark them as a spammer.\u003C\u002Fli>\n\u003Cli>Keeps their profile, uploads, messages and other assets ready, should you decide they can return to the site.\u003C\u002Fli>\n\u003Cli>See all your suspended members from the back end.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Report\u003C\u002Fh3>\n\u003Cp>Flag inappropriate, abusive, or otherwise unacceptable behaviour to the site administrator. Each member’s profile now incorporates a ‘report’ button. This creates a new report, which administrators can see in the backend. You can specify a report type, similar to social media networks such as Facebook, to designate that report as ‘spam’ or ‘abusive’ and so on. You can set Block, Suspend, Report to email you when a new report is received.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Gives your members peace of mind that the site is open to moderation.\u003C\u002Fli>\n\u003Cli>Allows you to deal with any report in your own time, without having to respond to internal messages or other notifications.\u003C\u002Fli>\n\u003Cli>Set a threshold to automatically suspend a user when a number of reports are received.\u003C\u002Fli>\n\u003Cli>Mark new reports as read\u002Funread\u003C\u002Fli>\n\u003Cli>Mark reports as unsubstantiated\u003C\u002Fli>\n\u003Cli>See number of unread reports from the menu or the dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Block, Suspend, Report for BuddyPress Premium Editions\u003C\u002Fh3>\n\u003Ch4>The Premium editions adds the following features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Pre-approval system for new activities and group posts\u003C\u002Fli>\n\u003Cli>A ‘Latest Reports’ box in the dashboard\u003C\u002Fli>\n\u003Cli>A ‘Most Blocked’ box, showing your site’s worst offenders\u003C\u002Fli>\n\u003Cli>Integration with Paid Memberships Pro – enable blocking and reporting for certain levels only.\u003C\u002Fli>\n\u003Cli>Assign a role to a suspended user\u003C\u002Fli>\n\u003Cli>Automatically receive new features as they are built\u003C\u002Fli>\n\u003Cli>Ability to add custom CSS to match your theme’s styling perfectly\u003C\u002Fli>\n\u003Cli>Premium email support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plus, a super-charged report system:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>You can allow a huge range of content to be reported and moderated, not just members themselves:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WordPress Comments\u003Cbr \u002F>\nActivity Updates\u003Cbr \u002F>\nActivity Comments\u003Cbr \u002F>\nGroups\u003Cbr \u002F>\nPrivate Messages\u003Cbr \u002F>\nForum Topics\u003Cbr \u002F>\nForum Replies\u003Cbr \u002F>\nrtMedia Uploads\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create your own report types, or edit the default ones.\u003C\u002Fli>\n\u003Cli>Add your own reports from the backend, ideal for when your members flag content directly to you via a private message or similar.\u003C\u002Fli>\n\u003Cli>Whitelist any user roles that cannot be reported\u003C\u002Fli>\n\u003Cli>Blacklist members so they can’t send reports (ideal for malicious complaints)\u003C\u002Fli>\n\u003Cli>Quickly moderate (hide) any activity from the dashboard\u003C\u002Fli>\n\u003Cli>Add your own moderators who have front-end access to the reporting system\u003C\u002Fli>\n\u003Cli>Let your moderators deal with reports, suspensions, activity moderation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Fully Tested With\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Beehive Theme\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fdownloads\u002Fbp-better-messages\u002F\" rel=\"nofollow ugc\">BP Better Messages\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Not compatible with\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Vikinger Theme\u003C\u002Fli>\n\u003C\u002Ful>\n","Block, Suspend, Report for BuddyPress provides enhanced moderation for your BuddyPress or BuddyBoss site.",600,49633,92,18,"2025-12-02T09:01:00.000Z","6.9.4","4.6","7.0",[73,18,20,74,75],"block","report","suspend","https:\u002F\u002Fwww.bouncingsprout.com\u002Fplugins\u002Fblock-suspend-report-for-buddypress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-toolkit.3.6.4.zip",100,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":87,"last_updated":90,"tested_up_to":91,"requires_at_least":16,"requires_php":16,"tags":92,"homepage":96,"download_link":97,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"buddypress-verified","BuddyVerified","2.4.1","modemlooper","https:\u002F\u002Fprofiles.wordpress.org\u002Fmodemlooper\u002F","\u003Cp>Allows admins to specify verified accounts. Adds a badge to verified usernames.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n","Allows admins to specify verified accounts. Adds a badge to verified usernames.",20,32300,74,"2017-03-01T20:58:00.000Z","4.7.32",[18,93,20,94,95],"members","profile","spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress-verified\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-verified.2.4.1.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":87,"downloaded":106,"rating":78,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":16,"tags":111,"homepage":115,"download_link":116,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"crowd-control","Crowd Control by Postmatic – Comment moderation decentralized","1.1","Postmatic","https:\u002F\u002Fprofiles.wordpress.org\u002Fvernal\u002F","\u003Cp>Crowd Control gives your users the ability to report comments as inappropriate with a single click. If a comment gets flagged multiple times it’ll be removed from the post and marked as pending moderation. We’ll even send you an email to let you know. Now you can still go away on vacation and rest assured the trolls won’t overrun your site.\u003C\u002Fp>\n","Comment moderation is a drag. Have your users lend a hand by flagging offensive comments and scrubbing your site clean.",7788,2,"2019-05-17T21:23:00.000Z","5.2.24","4.0",[112,19,113,20,114],"comment-moderation","inappropriate","reporting","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcrowd-control\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrowd-control.1.1.1.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":69,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":137,"download_link":138,"security_score":45,"vuln_count":139,"unpatched_count":24,"last_vuln_date":140,"fetched_at":26},"bp-better-messages","Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages","2.13.0","wordplus","https:\u002F\u002Fprofiles.wordpress.org\u002Fwordplus\u002F","\u003Cp>\u003Cstrong>Better Messages\u003C\u002Fstrong> – is the most feature-rich \u003Cstrong>realtime private messaging system for WordPress\u003C\u002Fstrong>, with native integrations for \u003Cstrong>BuddyPress, BuddyBoss Platform, Ultimate Member, PeepSo\u003C\u002Fstrong> and any other WordPress powered websites.\u003C\u002Fp>\n\u003Cp>Transform your WordPress site into a powerful communication platform with \u003Cstrong>private messaging\u003C\u002Fstrong>, \u003Cstrong>chat rooms\u003C\u002Fstrong>, \u003Cstrong>video and audio calls\u003C\u002Fstrong>, \u003Cstrong>group video chats\u003C\u002Fstrong>, \u003Cstrong>AI chat bots\u003C\u002Fstrong>, and \u003Cstrong>native mobile apps\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Whether you’re building a social network, online community, marketplace, or membership site – Better Messages provides enterprise-level messaging features with an easy-to-use interface.\u003C\u002Fp>\n\u003Cp>“\u003Cstrong>Better Messages\u003C\u002Fstrong>” plugin is formerly called “\u003Cstrong>BP Better Messages\u003C\u002Fstrong>“.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002F\" rel=\"nofollow ugc\">More Info & Demo & Knowledge Base\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fbm-translate\u002F\" rel=\"nofollow ugc\">Translate Better Messages to your language\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FjMHx97QsXj8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core Messaging Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>AJAX or WebSocket powered realtime conversations\u003C\u002Fli>\n\u003Cli>Private one-to-one conversations\u003C\u002Fli>\n\u003Cli>Group conversations with unlimited participants\u003C\u002Fli>\n\u003Cli>Chat Rooms with guest access support\u003C\u002Fli>\n\u003Cli>Messages for BuddyPress Groups, PeepSo Groups, Ultimate Member Groups, FluentCommunity Groups\u003C\u002Fli>\n\u003Cli>Subjects for conversations\u003C\u002Fli>\n\u003Cli>Search across all messages\u003C\u002Fli>\n\u003Cli>Mark messages as favorite\u003C\u002Fli>\n\u003Cli>Pin important messages to conversation top\u003C\u002Fli>\n\u003Cli>Pin favorite conversations to list top\u003C\u002Fli>\n\u003Cli>Filter conversations list to show only unread conversations\u003C\u002Fli>\n\u003Cli>Reply to specific messages\u003C\u002Fli>\n\u003Cli>Edit sent messages (with edit indicator)\u003C\u002Fli>\n\u003Cli>Delete messages\u003C\u002Fli>\n\u003Cli>Forward messages to other conversations\u003C\u002Fli>\n\u003Cli>Mute conversation notifications\u003C\u002Fli>\n\u003Cli>Message draft autosave with recovery\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>AI & Automation:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>AI Chat Bots powered by OpenAI ChatGPT API\u003C\u002Fli>\n\u003Cli>Voice message transcription powered by OpenAI\u003C\u002Fli>\n\u003Cli>Web Search capability for AI bots\u003C\u002Fli>\n\u003Cli>File Search tool for AI bots\u003C\u002Fli>\n\u003Cli>Image generation with AI\u003C\u002Fli>\n\u003Cli>PDF file support for AI conversations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Media & Content:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>File sharing with resumable uploads and ability to protect files from direct access (images, videos, documents)\u003C\u002Fli>\n\u003Cli>Client-side image and video optimization for cross-browser compatibility and saving storage space (format conversion, quality control, metadata stripping)\u003C\u002Fli>\n\u003Cli>Voice Messages (available as addon)\u003C\u002Fli>\n\u003Cli>Embedded links with thumbnails and descriptions\u003C\u002Fli>\n\u003Cli>oEmbed support for YouTube, Vimeo, Spotify, SoundCloud, Flickr and 20+ services\u003C\u002Fli>\n\u003Cli>Emoji selector\u003C\u002Fli>\n\u003Cli>Stickers\u003C\u002Fli>\n\u003Cli>GIPHY integration\u003C\u002Fli>\n\u003Cli>Markdown text formatting support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Notifications:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email notifications for unread messages (customizable templates)\u003C\u002Fli>\n\u003Cli>Unsubscribe link support in emails\u003C\u002Fli>\n\u003Cli>Sound notifications for new messages\u003C\u002Fli>\n\u003Cli>On-site toast notifications anywhere on your website\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Moderation & Security:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>AI Content Moderation powered by OpenAI – automatically detect harmful content\u003C\u002Fli>\n\u003Cli>Pre-Moderated Messages – review messages before delivery\u003C\u002Fli>\n\u003Cli>Report messages feature\u003C\u002Fli>\n\u003Cli>Bad words filter with customizable blacklist\u003C\u002Fli>\n\u003Cli>Block user feature\u003C\u002Fli>\n\u003Cli>Role-based access control\u003C\u002Fli>\n\u003Cli>User whitelist\u002Fblacklist for moderation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Engagement Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reactions to messages\u003C\u002Fli>\n\u003Cli>Mentions (@username)\u003C\u002Fli>\n\u003Cli>Mass messaging from WP Admin with scheduling, file attachments, and background processing\u003C\u002Fli>\n\u003Cli>Suggested conversations for new users\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Customization:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Modern, fully customizable design\u003C\u002Fli>\n\u003Cli>Easy color customization via WP Customizer\u003C\u002Fli>\n\u003Cli>Custom notification sounds\u003C\u002Fli>\n\u003Cli>RTL layout support\u003C\u002Fli>\n\u003Cli>White label solution\u003C\u002Fli>\n\u003Cli>Fully translatable\u003C\u002Fli>\n\u003Cli>Auto-delete old messages option\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>This is not a complete list of features\u003C\u002Fstrong> – Better Messages has many more small features and options that are not listed here. We are constantly adding new features and improvements based on user feedback.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Compatible plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\" rel=\"ugc\">BuddyPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\" rel=\"ugc\">Ultimate Member\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fpeepso\" rel=\"nofollow ugc\">PeepSo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fsuredash\u002F\" rel=\"nofollow ugc\">SureDash\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fwpjobmanager\" rel=\"nofollow ugc\">WP Job Manager\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fprofilegrid\" rel=\"nofollow ugc\">ProfileGrid\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fuserswp\u002F\" rel=\"nofollow ugc\">UsersWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fprogressify\u002F\" rel=\"nofollow ugc\">Progressify PWA\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fonesignal\u002F\" rel=\"nofollow ugc\">OneSignal\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fjet-engine\u002F\" rel=\"nofollow ugc\">Crocoblock JetEngine Profile Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fwp-user-manager\u002F\" rel=\"nofollow ugc\">WP User Manager\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fwpforo\u002F\" rel=\"nofollow ugc\">wpForo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fhivepress\u002F\" rel=\"nofollow ugc\">HivePress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fmultivendorx\u002F\" rel=\"nofollow ugc\">MultiVendorX\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fintegrations\u002Fdokan\u002F\" rel=\"nofollow ugc\">Dokan Marketplace\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fknowledge-base\u002Fwc-vendors\u002F\" rel=\"nofollow ugc\">WC Vendors\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fknowledge-base\u002Fwcfm\u002F\" rel=\"nofollow ugc\">WCFM\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fknowledge-base\u002Fwoocommerce-my-account\u002F\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fbpvm\" rel=\"nofollow ugc\">Verified Member for BuddyPress\u003C\u002Fa> – verified badges for users\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fautomatorwp\" rel=\"nofollow ugc\">AutomatorWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Funcanny\" rel=\"nofollow ugc\">Uncanny Automator\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fgamipress\" rel=\"nofollow ugc\">GamiPress\u003C\u002Fa> – charge for messages & calls\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fmc\" rel=\"nofollow ugc\">MyCRED\u003C\u002Fa> – charge for messages & calls\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002FBSRB\" rel=\"nofollow ugc\">Block, Suspend, Report for BuddyPress\u003C\u002Fa> – allow users block each other\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fyouzer\" rel=\"nofollow ugc\">Youzer\u003C\u002Fa> (Youzify)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fpmpro\" rel=\"nofollow ugc\">Paid Memberships Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.better-messages.com\u002Fdocs\u002Fcategory\u002Fintegrations\u002F\" rel=\"nofollow ugc\">Full list of integrations\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Feel free to report any incompatibility or request more integrations, that is very important to help to improve Better Messages plugin!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WebSocket version:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WebSocket version is a paid option, you can get license key on our website.\u003C\u002Fp>\n\u003Cp>We use our dedicated servers to implement WebSocket communications between your site and users. Our servers are completely private and do not store or track any private data – all messages remain in your database.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance & Reliability:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Significantly\u003C\u002Fstrong> reduces the load on your server (up to 200x less requests)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instant\u003C\u002Fstrong> message delivery in realtime\u003C\u002Fli>\n\u003Cli>Works with any hosting including shared hosting\u003C\u002Fli>\n\u003Cli>No limits on concurrent connections or monthly active users\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Video & Audio Calls:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>HD Video Calls (1-to-1)\u003C\u002Fli>\n\u003Cli>HD Audio Calls (1-to-1)\u003C\u002Fli>\n\u003Cli>Group Video Chats (up to 32 participants)\u003C\u002Fli>\n\u003Cli>Group Audio Chats (up to 50 participants)\u003C\u002Fli>\n\u003Cli>Screen Sharing in calls and group chats\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Mobile Apps (Alpha):\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>iOS Mobile App (build your own branded app) – Alpha\u003C\u002Fli>\n\u003Cli>Android Mobile App (build your own branded app) – Alpha\u003C\u002Fli>\n\u003Cli>Push notifications for calls and messages\u003C\u002Fli>\n\u003Cli>VoIP notifications for incoming calls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: Mobile apps are currently in alpha stage. Core functionality works, but some features may be limited or under development.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Realtime Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Messages Delivery Status (sent, delivered, seen)\u003C\u002Fli>\n\u003Cli>Typing indicator\u003C\u002Fli>\n\u003Cli>Online\u002FOffline presence indicator\u003C\u002Fli>\n\u003Cli>User statuses (Online, Away, Do Not Disturb)\u003C\u002Fli>\n\u003Cli>Mini Chats – chat windows anywhere on your site\u003C\u002Fli>\n\u003Cli>Mini Conversations widget\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Security & Encryption:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optional End-to-End Encryption (E2EE) — can be enabled at the website level and per conversation; messages and files encrypted in users’ browsers with AES-256-GCM, server never sees plaintext\u003C\u002Fli>\n\u003Cli>Local browser encryption (AES256) for offline message storage\u003C\u002Fli>\n\u003Cli>Web Push Notifications (works even when the browser is closed)\u003C\u002Fli>\n\u003Cli>All data encrypted in transit, so we can’t read it on our servers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Support:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Priority email support\u003C\u002Fli>\n\u003Cli>Regular updates and new features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmedium.com\u002F@monica.lucarini28\u002Fis-websocket-a-game-changer-aeaef68d1fba\" rel=\"nofollow ugc\">Why WebSockets are a game-changer?\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fdownloads\u002Fbp-better-messages\u002F\" rel=\"nofollow ugc\">Get WebSocket version license key\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.wordplus.org\u002Fend-user-license-agreement\u002F\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>Portuguese (Brazil)\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>Italiano\u003C\u002Fli>\n\u003Cli>Turkish\u003C\u002Fli>\n\u003Cli>Japanese\u003C\u002Fli>\n\u003Cli>Danish\u003C\u002Fli>\n\u003Cli>Korean \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmodelaid\u002F\" rel=\"nofollow ugc\">@modelaid\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>RTL Layout built in to plugin.\u003C\u002Fp>\n\u003Cp>You can translate plugin to your language with LocoTranslate or \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fbp-better-messages\u002F\" rel=\"nofollow ugc\">participate in plugin translation\u003C\u002Fa>.\u003C\u002Fp>\n","Real-time messaging and chat rooms for WordPress ecosystem: private conversations, public and private chat rooms, video & audio calls, and more.",10000,1617996,96,135,"2026-03-05T15:21:00.000Z","5.9.0","7.4",[18,133,134,135,136],"chat","messaging","private-message","ultimate-member","https:\u002F\u002Fwww.wordplus.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-better-messages.2.13.0.zip",13,"2025-12-16 17:20:44",{"attackSurface":142,"codeSignals":254,"taintFlows":417,"riskAssessment":592,"analyzedAt":605},{"hooks":143,"ajaxHandlers":250,"restRoutes":251,"shortcodes":252,"cronEvents":253,"entryPointCount":24,"unprotectedCount":24},[144,149,153,158,162,166,169,172,178,181,185,189,192,195,197,201,205,209,213,217,221,225,229,232,236,240,244,248],{"type":145,"name":146,"callback":147,"file":148,"line":13},"action","bp_init","init","bpModLoader.php",{"type":145,"name":150,"callback":151,"file":152,"line":139},"bp_moderation_init","route_action","classes\\bpModActions.php",{"type":145,"name":154,"callback":155,"file":156,"line":157},"admin_head","print_page_icon_style","classes\\bpModBackend.php",27,{"type":145,"name":159,"callback":160,"file":156,"line":161},"rightnow_end","rightnow_widget_section",28,{"type":145,"name":163,"callback":164,"file":156,"line":165},"admin_init","register_settings",29,{"type":145,"name":163,"callback":167,"file":156,"line":168},"test_data",34,{"type":145,"name":163,"callback":151,"file":170,"line":171},"classes\\bpModBackendActions.php",14,{"type":173,"name":174,"callback":175,"file":176,"line":177},"filter","bp_moderation_activity_loop_link_args_activity_update","activity_correct_ids","classes\\bpModDefaultContentTypes.php",38,{"type":173,"name":179,"callback":175,"file":176,"line":180},"bp_moderation_activity_loop_link_args_activity_comment",52,{"type":145,"name":182,"callback":183,"file":176,"line":184},"bp_activity_comment_options","activity_comments_print_link",53,{"type":173,"name":186,"callback":187,"file":176,"line":188},"the_content","blog_post_append_link",67,{"type":173,"name":190,"callback":187,"file":176,"line":191},"the_excerpt",68,{"type":173,"name":186,"callback":193,"file":176,"line":194},"blog_page_append_link",81,{"type":173,"name":190,"callback":193,"file":176,"line":196},82,{"type":173,"name":198,"callback":199,"priority":11,"file":176,"line":200},"bp_moderation_author_details_for_blog_comment","blog_comment_author_details",93,{"type":173,"name":202,"callback":203,"file":176,"line":204},"get_comment_text","blog_comment_append_link",97,{"type":145,"name":206,"callback":207,"file":176,"line":208},"bp_after_member_home_content","member_print_link",110,{"type":145,"name":210,"callback":211,"file":176,"line":212},"bp_after_group_home_content","group_print_link",123,{"type":145,"name":214,"callback":215,"file":176,"line":216},"bp_group_forum_topic_meta","forum_topic_print_link",136,{"type":173,"name":218,"callback":219,"file":176,"line":220},"bp_moderation_activity_loop_link_args_new_forum_topic","forum_post_convert_activity_args",151,{"type":145,"name":222,"callback":223,"file":176,"line":224},"bp_group_forum_post_meta","forum_post_print_link",152,{"type":145,"name":226,"callback":227,"file":176,"line":228},"bp_after_message_thread_list","private_message_sender_print_links",165,{"type":145,"name":226,"callback":230,"file":176,"line":231},"private_message_print_links",176,{"type":173,"name":233,"callback":234,"file":176,"line":235},"bp_moderation_filter_content_backend_for_private_message","private_message_view_link_override",178,{"type":145,"name":237,"callback":238,"file":176,"line":239},"messages_action_view_message","private_message_super_admin_override",179,{"type":145,"name":241,"callback":242,"priority":87,"file":243,"line":67},"bp_activity_entry_meta","activity_loop_link","classes\\bpModFrontend.php",{"type":173,"name":186,"callback":245,"file":246,"line":247},"append_link","examples\\bpMod_ContentType_BlogPostExample.php",70,{"type":173,"name":190,"callback":245,"file":246,"line":249},72,[],[],[],[],{"dangerousFunctions":255,"sqlUsage":256,"outputEscaping":272,"fileOperations":24,"externalRequests":24,"nonceChecks":415,"capabilityChecks":24,"bundledLibraries":416},[],{"prepared":157,"raw":257,"locations":258},6,[259,262,264,266,267,270],{"file":148,"line":260,"context":261},162,"$wpdb->get_col() with variable interpolation",{"file":148,"line":228,"context":263},"$wpdb->query() with variable interpolation",{"file":156,"line":194,"context":265},"$wpdb->get_var() with variable interpolation",{"file":156,"line":30,"context":265},{"file":268,"line":269,"context":263},"classes\\bpModInstaller.php",132,{"file":268,"line":271,"context":263},133,{"escaped":273,"rawEcho":274,"locations":275},11,73,[276,278,280,282,284,286,288,290,291,293,295,297,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,348,349,351,353,354,356,357,359,361,363,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,397,399,401,403,405,407,409,410,412,413],{"file":156,"line":180,"context":277},"raw output",{"file":156,"line":279,"context":277},113,{"file":156,"line":281,"context":277},174,{"file":156,"line":283,"context":277},200,{"file":156,"line":285,"context":277},240,{"file":156,"line":287,"context":277},242,{"file":156,"line":289,"context":277},245,{"file":156,"line":289,"context":277},{"file":156,"line":292,"context":277},263,{"file":156,"line":294,"context":277},265,{"file":156,"line":296,"context":277},268,{"file":156,"line":296,"context":277},{"file":156,"line":299,"context":277},286,{"file":156,"line":301,"context":277},335,{"file":156,"line":303,"context":277},349,{"file":156,"line":305,"context":277},367,{"file":156,"line":307,"context":277},417,{"file":156,"line":309,"context":277},464,{"file":156,"line":311,"context":277},468,{"file":156,"line":313,"context":277},471,{"file":156,"line":315,"context":277},472,{"file":156,"line":317,"context":277},477,{"file":156,"line":319,"context":277},481,{"file":156,"line":321,"context":277},493,{"file":156,"line":323,"context":277},499,{"file":156,"line":325,"context":277},503,{"file":156,"line":327,"context":277},507,{"file":156,"line":329,"context":277},512,{"file":156,"line":331,"context":277},518,{"file":156,"line":333,"context":277},524,{"file":156,"line":335,"context":277},530,{"file":156,"line":337,"context":277},536,{"file":156,"line":339,"context":277},538,{"file":156,"line":341,"context":277},540,{"file":156,"line":343,"context":277},542,{"file":156,"line":345,"context":277},642,{"file":156,"line":347,"context":277},828,{"file":156,"line":347,"context":277},{"file":156,"line":350,"context":277},829,{"file":156,"line":352,"context":277},832,{"file":156,"line":352,"context":277},{"file":156,"line":355,"context":277},836,{"file":156,"line":355,"context":277},{"file":156,"line":358,"context":277},855,{"file":156,"line":360,"context":277},877,{"file":156,"line":362,"context":277},895,{"file":156,"line":364,"context":277},938,{"file":156,"line":366,"context":277},984,{"file":156,"line":368,"context":277},987,{"file":156,"line":370,"context":277},988,{"file":156,"line":372,"context":277},995,{"file":156,"line":374,"context":277},999,{"file":156,"line":376,"context":277},1005,{"file":156,"line":378,"context":277},1009,{"file":156,"line":380,"context":277},1011,{"file":156,"line":382,"context":277},1013,{"file":156,"line":384,"context":277},1015,{"file":156,"line":386,"context":277},1019,{"file":156,"line":388,"context":277},1025,{"file":156,"line":390,"context":277},1029,{"file":156,"line":392,"context":277},1031,{"file":156,"line":394,"context":277},1033,{"file":156,"line":396,"context":277},1037,{"file":156,"line":398,"context":277},1333,{"file":156,"line":400,"context":277},1413,{"file":156,"line":402,"context":277},1479,{"file":176,"line":404,"context":277},236,{"file":176,"line":406,"context":277},451,{"file":176,"line":408,"context":277},498,{"file":176,"line":343,"context":277},{"file":176,"line":411,"context":277},622,{"file":243,"line":274,"context":277},{"file":243,"line":414,"context":277},188,5,[],[418,437,447,456,467,485,511,531,543,554,564],{"entryPoint":419,"graph":420,"unsanitizedCount":435,"severity":436},"admin_page (classes\\bpModBackend.php:149)",{"nodes":421,"edges":432},[422,427],{"id":423,"type":424,"label":425,"file":156,"line":426},"n0","source","$_GET",194,{"id":428,"type":429,"label":430,"file":156,"line":283,"wp_function":431},"n1","sink","echo() [XSS]","echo",[433],{"from":423,"to":428,"sanitized":434},false,1,"medium",{"entryPoint":438,"graph":439,"unsanitizedCount":107,"severity":436},"view_contents (classes\\bpModBackend.php:212)",{"nodes":440,"edges":445},[441,444],{"id":423,"type":424,"label":442,"file":156,"line":443},"$_GET (x2)",285,{"id":428,"type":429,"label":430,"file":156,"line":299,"wp_function":431},[446],{"from":423,"to":428,"sanitized":434},{"entryPoint":448,"graph":449,"unsanitizedCount":435,"severity":436},"view_users (classes\\bpModBackend.php:754)",{"nodes":450,"edges":454},[451,453],{"id":423,"type":424,"label":425,"file":156,"line":452},894,{"id":428,"type":429,"label":430,"file":156,"line":362,"wp_function":431},[455],{"from":423,"to":428,"sanitized":434},{"entryPoint":457,"graph":458,"unsanitizedCount":24,"severity":466},"\u003CbpModBackend> (classes\\bpModBackend.php:0)",{"nodes":459,"edges":463},[460,462],{"id":423,"type":424,"label":461,"file":156,"line":426},"$_GET (x6)",{"id":428,"type":429,"label":430,"file":156,"line":283,"wp_function":431},[464],{"from":423,"to":428,"sanitized":465},true,"low",{"entryPoint":468,"graph":469,"unsanitizedCount":107,"severity":484},"request_flag (classes\\bpModActions.php:74)",{"nodes":470,"edges":481},[471,473,476],{"id":423,"type":424,"label":472,"file":152,"line":30},"$_REQUEST (x2)",{"id":428,"type":474,"label":475,"file":152,"line":30},"transform","→ flag()",{"id":477,"type":429,"label":478,"file":152,"line":479,"wp_function":480},"n2","call_user_func() [RCE]",108,"call_user_func",[482,483],{"from":423,"to":428,"sanitized":434},{"from":428,"to":477,"sanitized":434},"high",{"entryPoint":486,"graph":487,"unsanitizedCount":510,"severity":484},"\u003CbpModActions> (classes\\bpModActions.php:0)",{"nodes":488,"edges":505},[489,491,492,494,499,501,503],{"id":423,"type":424,"label":472,"file":152,"line":490},77,{"id":428,"type":429,"label":478,"file":152,"line":479,"wp_function":480},{"id":477,"type":424,"label":472,"file":152,"line":493},243,{"id":495,"type":429,"label":496,"file":152,"line":497,"wp_function":498},"n3","get_var() [SQLi]",303,"get_var",{"id":500,"type":424,"label":472,"file":152,"line":30},"n4",{"id":502,"type":474,"label":475,"file":152,"line":30},"n5",{"id":504,"type":429,"label":478,"file":152,"line":479,"wp_function":480},"n6",[506,507,508,509],{"from":423,"to":428,"sanitized":434},{"from":477,"to":495,"sanitized":465},{"from":500,"to":502,"sanitized":434},{"from":502,"to":504,"sanitized":434},4,{"entryPoint":512,"graph":513,"unsanitizedCount":107,"severity":484},"handle_mark_unmark_spammer (classes\\bpModBackendActions.php:55)",{"nodes":514,"edges":526},[515,518,520,522,524,525],{"id":423,"type":424,"label":516,"file":170,"line":517},"$_REQUEST['user_id']",61,{"id":428,"type":474,"label":519,"file":170,"line":517},"→ set_spammer_status()",{"id":477,"type":429,"label":478,"file":170,"line":521,"wp_function":480},189,{"id":495,"type":424,"label":523,"file":170,"line":517},"$_REQUEST['set_spam']",{"id":500,"type":474,"label":519,"file":170,"line":517},{"id":502,"type":429,"label":478,"file":170,"line":521,"wp_function":480},[527,528,529,530],{"from":423,"to":428,"sanitized":434},{"from":428,"to":477,"sanitized":434},{"from":495,"to":500,"sanitized":434},{"from":500,"to":502,"sanitized":434},{"entryPoint":532,"graph":533,"unsanitizedCount":435,"severity":484},"handle_bulk_contents_mark_unmark_spammer (classes\\bpModBackendActions.php:74)",{"nodes":534,"edges":540},[535,538,539],{"id":423,"type":424,"label":536,"file":170,"line":537},"$_REQUEST",78,{"id":428,"type":474,"label":519,"file":170,"line":537},{"id":477,"type":429,"label":478,"file":170,"line":521,"wp_function":480},[541,542],{"from":423,"to":428,"sanitized":434},{"from":428,"to":477,"sanitized":434},{"entryPoint":544,"graph":545,"unsanitizedCount":435,"severity":484},"handle_bulk_users_mark_unmark_spammer (classes\\bpModBackendActions.php:91)",{"nodes":546,"edges":551},[547,549,550],{"id":423,"type":424,"label":536,"file":170,"line":548},95,{"id":428,"type":474,"label":519,"file":170,"line":548},{"id":477,"type":429,"label":478,"file":170,"line":521,"wp_function":480},[552,553],{"from":423,"to":428,"sanitized":434},{"from":428,"to":477,"sanitized":434},{"entryPoint":555,"graph":556,"unsanitizedCount":107,"severity":484},"handle_edit (classes\\bpModBackendActions.php:227)",{"nodes":557,"edges":562},[558,560],{"id":423,"type":424,"label":472,"file":170,"line":559},234,{"id":428,"type":429,"label":478,"file":170,"line":561,"wp_function":480},241,[563],{"from":423,"to":428,"sanitized":434},{"entryPoint":565,"graph":566,"unsanitizedCount":510,"severity":484},"\u003CbpModBackendActions> (classes\\bpModBackendActions.php:0)",{"nodes":567,"edges":584},[568,570,571,572,573,574,575,576,578,580,582],{"id":423,"type":424,"label":569,"file":170,"line":200},"$_REQUEST (x5)",{"id":428,"type":429,"label":478,"file":170,"line":521,"wp_function":480},{"id":477,"type":424,"label":516,"file":170,"line":517},{"id":495,"type":474,"label":519,"file":170,"line":517},{"id":500,"type":429,"label":478,"file":170,"line":521,"wp_function":480},{"id":502,"type":424,"label":523,"file":170,"line":517},{"id":504,"type":474,"label":519,"file":170,"line":517},{"id":577,"type":429,"label":478,"file":170,"line":521,"wp_function":480},"n7",{"id":579,"type":424,"label":472,"file":170,"line":537},"n8",{"id":581,"type":474,"label":519,"file":170,"line":537},"n9",{"id":583,"type":429,"label":478,"file":170,"line":521,"wp_function":480},"n10",[585,586,587,588,589,590,591],{"from":423,"to":428,"sanitized":465},{"from":477,"to":495,"sanitized":434},{"from":495,"to":500,"sanitized":434},{"from":502,"to":504,"sanitized":434},{"from":504,"to":577,"sanitized":434},{"from":579,"to":581,"sanitized":434},{"from":581,"to":583,"sanitized":434},{"summary":593,"deductions":594},"The \"bp-moderation\" plugin, in version 0.1.7, presents a concerning security posture despite having no recorded CVEs. The static analysis reveals a significant number of taint flows with unsanitized paths, with 7 classified as high severity. This indicates that user-supplied data is not being adequately validated or neutralized before being used in sensitive operations within the plugin, creating potential avenues for code injection or data manipulation. Furthermore, only 13% of output is properly escaped, which raises concerns about Cross-Site Scripting (XSS) vulnerabilities. While the plugin doesn't expose a large direct attack surface through AJAX, REST API, or shortcodes, the identified taint issues suggest underlying vulnerabilities within its codebase that could be exploited through other means.\n\nThe absence of known vulnerabilities and unpatched CVEs is a positive indicator, suggesting that past issues have been addressed or that the plugin hasn't been a target of widespread exploitation. However, this should not be seen as a guarantee of current security. The high number of unsanitized taint flows and low output escaping rate strongly suggest the presence of exploitable vulnerabilities that may not have been publicly documented or discovered yet. The plugin's strengths lie in its limited direct attack surface and a majority of SQL queries using prepared statements, which mitigates some common SQL injection risks. Nevertheless, the critical areas of taint handling and output sanitization require immediate attention.",[595,598,600,603],{"reason":596,"points":597},"High severity taint flows found",15,{"reason":599,"points":11},"Low percentage of properly escaped output",{"reason":601,"points":602},"Taint flows with unsanitized paths",8,{"reason":604,"points":415},"No capability checks on entry points","2026-03-16T23:44:39.874Z",{"wat":607,"direct":620},{"assetPaths":608,"generatorPatterns":613,"scriptPaths":614,"versionParams":615},[609,610,611,612],"\u002Fwp-content\u002Fplugins\u002Fbp-moderation\u002Fcss\u002Fbp-moderation-admin.css","\u002Fwp-content\u002Fplugins\u002Fbp-moderation\u002Fcss\u002Fbp-moderation-frontend.css","\u002Fwp-content\u002Fplugins\u002Fbp-moderation\u002Fjs\u002Fbp-moderation-admin.js","\u002Fwp-content\u002Fplugins\u002Fbp-moderation\u002Fjs\u002Fbp-moderation-frontend.js",[],[611,612],[616,617,618,619],"bp-moderation\u002Fcss\u002Fbp-moderation-admin.css?ver=","bp-moderation\u002Fcss\u002Fbp-moderation-frontend.css?ver=","bp-moderation\u002Fjs\u002Fbp-moderation-admin.js?ver=","bp-moderation\u002Fjs\u002Fbp-moderation-frontend.js?ver=",{"cssClasses":621,"htmlComments":624,"htmlAttributes":625,"restEndpoints":626,"jsGlobals":627,"shortcodeOutput":630},[622,623],"bp-moderation-report-form","bp-moderation-report-button",[],[],[],[628,629],"bpModAdmin","bpModFrontend",[]]