[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGRKb6NaQtqPkPpSSgpd261wVvIurjL0PvKZjjTOoK8c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":130,"fingerprints":219},"buddy-registration-widget","BuddyPress Registration Widget","2.1.2","Yogesh Pawar","https:\u002F\u002Fprofiles.wordpress.org\u002Fpawaryogesh1989\u002F","\u003Cp>This plugin provides BuddyPress registration form as a widget with many other configurable option. Using this plugin the website administrator can disable member cover image, group cover image. Administrator can also allow the users to browse the website without the need for uploading a profile picture. Activity tab can also be removed from the user profile. The most important feature added is to allow the administrator use custom templates to display the registration form and it is done in such way that future plugin updates will not affect the customizations done.\u003C\u002Fp>\n\u003Cp>Now, the registration form can also be displayed on any page using just a shortcode. Use shortcode “[buddyRegisterFormCode]” on any page to display the registration form.\u003C\u002Fp>\n\u003Ch3>Details\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display BuddyPress registration form as a widget.\u003C\u002Fli>\n\u003Cli>Use shortcode “[buddyRegisterFormCode]” to display the registration form on any page.\u003C\u002Fli>\n\u003Cli>Option to disable member\u002Fuser cover image.\u003C\u002Fli>\n\u003Cli>Option to disable group cover image.\u003C\u002Fli>\n\u003Cli>Option to disable validation of “Profile Image”.\u003C\u002Fli>\n\u003Cli>Option to remove the “Activity Tab” from the user profile.\u003C\u002Fli>\n\u003Cli>Option to use custom template to modified form fields\u002Flayout to display form in Sidebar.\u003C\u002Fli>\n\u003Cli>Option to use custom template to modified form fields\u002Flayout to display form on any page using shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n","Display BuddyPress Registration form as a Widget using this Plugin.",100,20549,76,6,"2021-01-05T11:06:00.000Z","5.6.17","5.0","",[20,21,22,23],"buddypress-registration","buddypress-registration-form-widget","buddypress-widget","widget","http:\u002F\u002Fclariontechnologies.co.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddy-registration-widget.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"pawaryogesh1989",11,600,30,84,"2026-04-04T11:07:28.983Z",[39,60,74,90,108],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":27,"num_ratings":27,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":58,"download_link":59,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"buddypress-jquery-activity-stream-widget","Buddypress Jquery Activity Stream Widget","0.0.1","Joseph G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdunhakdis\u002F","\u003Cp>Widgetize your BP activity streams! \u003C\u002Fp>\n\u003Cp>\nLet your site viewers\u002Fusers easily read the activity streams by adding a simple yet customizable widget that displays streams in an animated manner.\u003C\u002Fp>\n\u003Cp>Users can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enter desired animation speed\u003C\u002Fli>\n\u003Cli>Enter desired animation timeouts\u003C\u002Fli>\n\u003Cli>User can select from two effects (Slide and Fade). Will be adding more soon!\u003C\u002Fli>\n\u003Cli>Customize widget area height\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\nNote: This plugin works with \u003Ca href=\"https:\u002F\u002Fbuddypress.org\u002F\" rel=\"nofollow ugc\">buddypress\u003C\u002Fa> installed on your website.\u003C\u002Fp>\n","Let your site viewers\u002Fusers easily read the activity streams by adding a simple yet customizable widget that displays streams in an animated manner.",10,7827,"2011-05-21T20:38:00.000Z","3.1.4","2.8",[53,54,55,56,57],"buddypress","buddypress-activity-stream-widget","buddypress-activity-streams","buddypress-animated-activity-streams","buddypress-widgets","http:\u002F\u002Fclubkoncepto.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-jquery-activity-stream-widget.1.1.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":47,"downloaded":68,"rating":27,"num_ratings":27,"last_updated":69,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":70,"homepage":72,"download_link":73,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"buddypress-widget-pack","Buddypress Widget Pack","1.1","Damon Cook","https:\u002F\u002Fprofiles.wordpress.org\u002Fcolorful-tones\u002F","\u003Cp>Buddypress Widget Pack is a series of 4 widgets that you can add to your Buddypress-enabled sidebar.  The four widgets are: 1)Popular Members widget 2)Newest Members Widget 3)Random Members Widget, and 4)Total Friends and Friend Connections Widget\u003C\u002Fp>\n\u003Cp>Credit needs to be given to WPMU.org and Sarah Gooding for a majority of the code, as I just widget-ized it 😉\u003Cbr \u002F>\nPlease see the original tutorials by Sarah, here:\u003Cbr \u002F>\nhttp:\u002F\u002Fwpmu.org\u002Fdisplay-friend-count-and-recent-connections-in-the-buddypress-sidebar\u002F\u003Cbr \u002F>\nhttp:\u002F\u002Fwpmu.org\u002Fhow-to-create-a-gallery-of-members-avatars-in-buddypress\u002F\u003C\u002Fp>\n\u003Cp>Features include:\u003Cbr \u002F>\n1. Popular Members widget\u003Cbr \u002F>\n2. Newest Members widget\u003Cbr \u002F>\n3. Random Members widget\u003Cbr \u002F>\n4. Total Friends and Friend Connections Widget\u003C\u002Fp>\n\u003Ch3>Other\u003C\u002Fh3>\n\u003Cp>For more info visit \u003Ca href=\"http:\u002F\u002Fcommons.esc.edu\u002Fdamon-cook\" title=\"Making the web purposeful.\" rel=\"nofollow ugc\">Commons.esc.edu\u002Fdamon-cook\u003C\u002Fa>\u003C\u002Fp>\n","Buddypress Widget Pack is a series of 4 widgets that you can add to your Buddypress-enabled sidebar.  The four widgets are: 1)Popular Members widget 2 &hellip;",9746,"2010-02-05T15:29:00.000Z",[53,22,71],"widget-pack","http:\u002F\u002Fcommons.esc.edu\u002Fdamon-cook\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-widget-pack.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":47,"downloaded":82,"rating":83,"num_ratings":84,"last_updated":85,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":86,"homepage":88,"download_link":89,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"my-friends-widgets-for-buddypress","BuddyPress My Friends Widgets","1.0","Sarah Gooding","https:\u002F\u002Fprofiles.wordpress.org\u002Fpollyplummer\u002F","\u003Cp>BuddyPress My Friends Widgets includes two widgets to display a logged in user’s friends. The small size shows 40px x 40px avatars and the big size shows 82px x 82px avatars.\u003C\u002Fp>\n\u003Ch3>Other\u003C\u002Fh3>\n\u003Cp>For more info visit \u003Ca href=\"http:\u002F\u002Funtame.net\" title=\"Let Your Business Off the Leash\" rel=\"nofollow ugc\">untame.net\u003C\u002Fa>\u003C\u002Fp>\n","BuddyPress My Friends Widgets includes two widgets to display a logged in user's friends. The small size shows 40px x 40px avatars and the big si &hellip;",5998,20,1,"2010-02-11T20:42:00.000Z",[53,22,87],"my-friends","http:\u002F\u002Funtame.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-friends-widgets-for-buddypress.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":27,"downloaded":98,"rating":27,"num_ratings":27,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":18,"download_link":107,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"bp-last-comments-widget","BuddyPress Last Comments Widget","2.0","udarmo","https:\u002F\u002Fprofiles.wordpress.org\u002Fudarmo\u002F","\u003Cp>Shows a list of most recently added BP activity comments.\u003C\u002Fp>\n","Shows a list of most recently added BP activity comments.",1713,"2017-10-17T20:45:00.000Z","4.8.28","4.6","5.6",[104,105,53,22,106],"activity-comments","activity-widget","recent-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-last-comments-widget.2.0.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":118,"num_ratings":119,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":102,"tags":123,"homepage":128,"download_link":129,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"classic-widgets","Classic Widgets","0.3","Tonya Mork","https:\u002F\u002Fprofiles.wordpress.org\u002Fhellofromtonya\u002F","\u003Cp>Classic Widgets is an official plugin maintained by the WordPress team that restores the previous (“classic”) WordPress widgets settings screens. It will be supported and maintained to 2024, or as long as is necessary.\u003C\u002Fp>\n\u003Cp>Once activated and when using a classic (non-block) theme, this plugin restores the previous widgets settings screens and disables the block editor from managing widgets. There is no other configuration, the classic widgets settings screens are enabled or disabled by either enabling or disabling this plugin.\u003C\u002Fp>\n","Enables the previous \"classic\" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.",2000000,7214667,98,262,"2025-12-08T10:52:00.000Z","6.9.4","4.9",[109,124,125,126,127],"disable","disable-gutenberg","editor","gutenberg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclassic-widgets.0.3.zip",{"attackSurface":131,"codeSignals":193,"taintFlows":211,"riskAssessment":212,"analyzedAt":218},{"hooks":132,"ajaxHandlers":186,"restRoutes":187,"shortcodes":188,"cronEvents":192,"entryPointCount":84,"unprotectedCount":27},[133,138,142,146,150,154,159,163,168,171,176,179,183],{"type":134,"name":135,"callback":136,"file":137,"line":83},"action","admin_init","wpCustomBuddyOptions","classes\\class.buddy.profile.php",{"type":134,"name":139,"callback":140,"file":137,"line":141},"xprofile_avatar_uploaded","avatarLogUploaded",23,{"type":134,"name":143,"callback":144,"file":137,"line":145},"bp_core_delete_existing_avatar","avatarLogDeleted",26,{"type":134,"name":147,"callback":148,"priority":84,"file":137,"line":149},"bp_template_redirect","checkOrRedirect",28,{"type":134,"name":151,"callback":152,"file":137,"line":153},"bp_init","loadTextDomain",31,{"type":134,"name":155,"callback":156,"priority":157,"file":137,"line":158},"bp_setup_nav","removeBPActivityTab",201,34,{"type":134,"name":160,"callback":161,"file":137,"line":162},"admin_menu","customBPMenu",36,{"type":164,"name":165,"callback":166,"file":137,"line":167},"filter","bp_is_profile_cover_image_active","__return_false",40,{"type":164,"name":169,"callback":166,"file":137,"line":170},"bp_is_groups_cover_image_active",45,{"type":134,"name":172,"callback":173,"file":174,"line":175},"bp_core_screen_signup","buddyRedirectSignup","classes\\class.buddy.registration.php",24,{"type":134,"name":151,"callback":177,"file":174,"line":178},"buddySignupErrors",25,{"type":134,"name":180,"callback":181,"file":174,"line":182},"wp_enqueue_scripts","addCustomBuddyScripts",27,{"type":134,"name":184,"callback":185,"file":174,"line":35},"widgets_init","closure",[],[],[189],{"tag":190,"callback":191,"file":174,"line":145},"buddyRegisterFormCode","shortCodeRegistrationForm",[],{"dangerousFunctions":194,"sqlUsage":195,"outputEscaping":198,"fileOperations":27,"externalRequests":27,"nonceChecks":196,"capabilityChecks":200,"bundledLibraries":210},[],{"prepared":196,"raw":27,"locations":197},2,[],{"escaped":199,"rawEcho":200,"locations":201},14,3,[202,205,208],{"file":174,"line":203,"context":204},199,"raw output",{"file":206,"line":207,"context":204},"templates\\form-template.php",17,{"file":209,"line":207,"context":204},"templates\\shortcode-form-template.php",[],[],{"summary":213,"deductions":214},"The \"buddy-registration-widget\" plugin v2.1.2 demonstrates a generally strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, cron events, and file operations significantly limits the potential attack surface.  The code also shows good practices with 100% of SQL queries using prepared statements, a respectable 82% output escaping, and the presence of nonce and capability checks.\n\nConcerns, though minor, stem from the fact that not all output is properly escaped (18% unescaped) which could theoretically lead to cross-site scripting (XSS) vulnerabilities if the unescaped data is user-controlled and rendered in a sensitive context. The absence of any taint analysis results is also noteworthy, as it implies either no complex data flows were analyzed or no vulnerabilities were detected within those flows. However, without taint analysis, there's a blind spot for potential issues originating from complex data manipulation.\n\nThe plugin's vulnerability history is completely clean, with zero known CVEs. This is a significant positive indicator, suggesting a history of stable and secure development. While the lack of critical or high-severity findings in code analysis and the absence of historical vulnerabilities are reassuring, the 18% of unescaped output warrants a cautious approach. Overall, the plugin appears to be developed with security in mind, but the minor unescaped output remains a potential, albeit low-probability, risk.",[215],{"reason":216,"points":217},"Output not properly escaped",5,"2026-03-16T20:54:13.590Z",{"wat":220,"direct":229},{"assetPaths":221,"generatorPatterns":224,"scriptPaths":225,"versionParams":226},[222,223],"\u002Fwp-content\u002Fplugins\u002Fbuddy-registration-widget\u002Fassets\u002Fcss\u002Fbuddypress-override.css","\u002Fwp-content\u002Fplugins\u002Fbuddy-registration-widget\u002Fassets\u002Fjs\u002Fbuddypress-override.js",[],[223],[227,228],"buddy-registration-widget\u002Fassets\u002Fcss\u002Fbuddypress-override.css?ver=","buddy-registration-widget\u002Fassets\u002Fjs\u002Fbuddypress-override.js?ver=",{"cssClasses":230,"htmlComments":232,"htmlAttributes":233,"restEndpoints":235,"jsGlobals":236,"shortcodeOutput":239},[231],"wp_widget_plugin_box",[],[234],"data-buddy-registration-widget",[],[237,238],"window.buddydev_signup","window.buddydev_signup_fields",[240],"[buddyRegisterFormCode]"]