[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fd3slcXhzOJl2ERR78q3T0OOfIaPGurjbPQdsGRQveT0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":134,"fingerprints":232},"buddyfence","Buddyfence","1.2.2","JC","https:\u002F\u002Fprofiles.wordpress.org\u002Fjcrr\u002F","\u003Cp>Buddypress pages are public by default. This plugin allows you to restrict not logged-in users from accessing these pages.\u003C\u002Fp>\n\u003Cp>If an anonymous user tries to access these pages, they will be redirected either to the login page, or to the homepage, or even to a custom page.\u003C\u002Fp>\n\u003Cp>The plugin also allows to display on these pages a template with a message to log in instead of directly redirecting them elsewhere.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Very easy to use, you only have to choose which pages want to retrict to anonymous users (not logged-in users).\u003C\u002Fli>\n\u003Cli>Small and lightweight plugin (around 10-15kb).\u003C\u002Fli>\n\u003Cli>No CSS, no scripts. No requests to static files.\u003C\u002Fli>\n\u003Cli>Fully translated into Spanish.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? Any bugs to report? Any suggestions? Please contact me.\u003C\u002Fp>\n\u003Cp>You can help me too either by rating this plugin or by making a donation.\u003C\u002Fp>\n","This plugin allows you to restrict not logged-in users from accessing BuddyPress pages",50,3732,100,2,"2022-05-23T15:33:00.000Z","6.0.11","4.0","",[20,21,22,23,24],"buddypress","members","private","redirect","security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddyfence.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"jcrr",60,30,84,"2026-04-04T14:12:41.428Z",[38,61,79,101,118],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":14,"unpatched_count":27,"last_vuln_date":60,"fetched_at":29},"buddypress-members-only","BuddyPress Members Only","3.6.3","Tomas","https:\u002F\u002Fprofiles.wordpress.org\u002Fzhuyi\u002F","\u003Cp>BuddyPress Members Only is a BuddyPress plugin that restricts your BuddyPress to logged in\u002Fregistered members only.\u003C\u002Fp>\n\u003Cp>opt to just allow logged in users to view your site, non members can only open a few specified page which you setting in our plugin back end. Logged in users have full access on your BuddyPress site.\u003C\u002Fp>\n\u003Cp>opt to open or close a few buddypress components to guest: for example, you can just enable Buddypress Activity Component pages to subscriber user role, then open buddypress groups component pages to support user role, and open users profile component pages to customer user role, and opt to buddypress member component pages open for non member users, and … and so on.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Check Demos\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The plugin is a simple & quick & light BuddyPress Membership solution, it allows you to make your buddypress site only viewable to visitors that are logged in, you can just activate the plugin and finish a little setting work quickly in admin panel and it will begin the work. If you do not setting it in back end, it works well too, it is super easy to use.\u003Cbr \u002F>\nAlso the plugin support custom your wordpress login link, redirect buddypress login users to buddypress profile page or buddypress activity page or buddypress members page, and opt to restrict wordpress post or not, you can opt to restrict custom post type via a few clicks too.\u003C\u002Fp>\n\u003Cp>You can setup which pages on your site will open to guest very quickly:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>The plugin is very easy to use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Once activated our BuddyPress Membership plugin, your buddypress \u002F wordpress site will instantly become a private community.\u003C\u002Fli>\n\u003Cli>In backend, you can decide which parts of your site are open to guest.\u003C\u002Fli>\n\u003Cli>You can restricts Bubbypress standard components to non-member users, for example , you can open buddypress activity pages to guest, but protect members pages to guest…  and so on.\u003C\u002Fli>\n\u003Cli>When guest users try to view any other pages on your site, they will be redirected to the URL which you set up in “Register Page URL” — you can select other pages in this URL too, for example, landing page, or membership payment page… and so on\u003C\u002Fli>\n\u003Cli>By default, Home page of your site is always be opened to non member users.\u003C\u002Fli>\n\u003Cli>Login page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>Register page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>Lost Password page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>User activation page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>In backend “Buddypress Members Only Setting” menu -> Option Panel, you can set up “Register Page URL”,   “Opened Page URLs”, please check screenshost at https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress-members-only\u002Fscreenshots\u002F\u003C\u002Fli>\n\u003Cli>“Opened Page URLs”  will opened to non member users always.\u003C\u002Fli>\n\u003Cli>“Register Page URL” will opened to non member users always.\u003C\u002Fli>\n\u003Cli>BuddyPress  Login Rrdirect: opt to redirect logged in users to buddypress profile page or buddypress members page or buddypress activity page. If you did not install buddypress, this option will be ignored.\u003C\u002Fli>\n\u003Cli>Open WordPress Posts: options to only protect your buddypress pages, so other section on your wordpress site will be open to the guest users.\u003C\u002Fli>\n\u003Cli>Custom \u002F Hide WordPress \u002F BuddyPress login link: In setting panel, opt to custom your wordpress login link to stop spam bot find your buddypress private site.\u003C\u002Fli>\n\u003Cli>WordPress page Level Protect: in setting panel, options to enable page level protect, if you enable page level protect,  in post editor, you will find “Allow everyone to access the page” checkbox in meta box, you can opt to specific any post open to all guest users\u003C\u002Fli>\n\u003Cli>Restrict custom post types: In setting panel, you can opt to restrict custom post types to guest or not, we have list all wordpress custom post type in the ” BuddyPress Members Only Restrict Custom Post Types Settings” panel, what you need to do is just a few clicks \u003C\u002Fli>\n\u003Cli>Knowledge Base: for help you understand how to use the buddypress membership system easier, also in each setting panel, we added detailed description for each option, just follow our guide, you can build a private buddypress network very quickly   \u003C\u002Fli>\n\u003Cli>BuddyPress Members Only supported HTTPS and HTTP, we will detect HTTPS and HTTP automatically.\u003C\u002Fli>\n\u003Cli>BuddyPress members only plugin support WordPress too, if you disable buddypress on your site, our plugin will detect it and support wordpress members only automatically\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Cp>> * The plugin support translate and launch localized versions, .po files can be found in languages sub-folder.\u003C\u002Fp>\n\u003Cp>Any feature request is super welcome, please contact us via \u003Ca href='https:\u002F\u002Fmembersonly.top\u002Fcontact-us\u002F' rel=\"nofollow ugc\">plugin support page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>More Pro Version Features\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures\" rel=\"nofollow ugc\">Pro Version Detailed Feature List With Screenshot\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All functions in free version\u003C\u002Fli>\n\u003Cli>Fine-grained Access Control for Your Buddypress Site: restrict each buddypress componets, control each menu visibility, control each user role’s profile visibility, restricts each wordpress pages(even home page or site rss), based on approved members \u002F approved user roles, finish all works just via a few clicks in powerful control panels.\u003C\u002Fli>\n\u003Cli>Restricts \u003Cstrong>BP standard Components\u003C\u002Fstrong> Based on User Roles: for example, you can just enable Buddypress Activity Component pages to subscriber user role, then open buddypress groups component pages to support user role, and open users profile component pages to customer user role, and opt to buddypress member component pages open for non member users, and … and so on.\u003C\u002Fli>\n\u003Cli>Restricts \u003Cstrong>BP customized Components\u003C\u002Fstrong> Based on User Roles: opt to restrict customzied components via 3rd buddypress plugins, there are many amazing buddypress developer developed many customized buddypress components, you can opt to these 3rd customized components open to specific user roles\u003C\u002Fli>\n\u003Cli>Menu Visibility Control by User Roles: for example, you can only allow customer user role to see download menu, and opt to subscriber & customer user role can see product menu… and so on, also by this way, you do not need make a long menu lists to all users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Approved Users Only\u003C\u002Fstrong>: after enabled this buddypress membership addon, when users register as members, they need awaiting administrator approve their account manually, at the same time when unapproved users try to login your site, they can not login your site and they will get a message that noticed they have to waiting for admin approve their access first, only approved users can login your site, Admin user can approve or unapprove any users again at anytime, very easy to use. You can enable \u002F disable approve user addon at anytime in addon manage panel. Just one click, you can lock your buddypress social network quickly, just your friend or family or worker can view your buddypress network. \u003C\u002Fli>\n\u003Cli>Powerful Login redirect \u002F Logout Redirect Based on \u003Cstrong>User Roles\u003C\u002Fstrong>: pro version will support more login \u002F logout redirect options,  each user roles have options for redirect to the referer pages before they login, also support 12 buddypress components to redirect login \u002F logout users, and support to redirect to any specific url based on your setup for each user roles… and so on\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customized Opened URLs Restricts\u003C\u002Fstrong> Based on User Roles and Tags: For example, you can set up https:\u002F\u002Fmembersonly.top\u002Fmembers\u002F%username%\u002Fforums\u002F only opened for customer user role, or open %sitename%\u002Ffamily\u002F%username%\u002F for family user types… and so on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customized Closed URLs Restricts\u003C\u002Fstrong> based on user roles and Tags, for example, you can close https:\u002F\u002Fmembersonly.top\u002Fsupport page to guest user role, but open it for customer user role, at the same time, you can open https:\u002F\u002Fmembersonly.top\u002Fshop for guest user role, support use placeholders %username% and %sitename% to protect your customized Closed URLs pages\u003C\u002Fli>\n\u003Cli>Charge Membership fees from Your BuddyPress Site: works well with \u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-woocommerce-payment-gateway-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress Membership WooCmmerce Payment Gateway Plugin\u003C\u002Fa> to charge buddyrpess membership fee based on user roles\u003C\u002Fli>\n\u003Cli>One click to add default 10 membership Levels, One click to remove default 10 membership Levels, Edit  Label of Default Membership Levels, one click to reset membership levels\u003C\u002Fli>\n\u003Cli>Restricts Site RSS Feed: opt to restrict rss content, and opt to specific restricts notification to rss users,  you can add restricts notification in editor, support image, link, font style, videos… and so on, restricts notification will shown in feed content ……\u003C\u002Fli>\n\u003Cli>Opt to Restricts Specific BuddyPress Component Pages from Search Engines: if you are running a buddypress private network, and if you do not hope some private content be searched in search engines, it is very easy to remove your private content from google via a few clicks in buddypress members only backend setting panel\u003C\u002Fli>\n\u003Cli>Support add Announcement on Buddypress Members Only register page, you can add announcement in editor with image, link, font style, videos… and so on, we will show announcement at top of register page.\u003C\u002Fli>\n\u003Cli>Restrict Custom Post Types Based on User Role: enhanced custom posty type module, allow admin  restrict custom post types based on user roles\u003C\u002Fli>\n\u003Cli>Options to \u003Cstrong>only protect your buddypress pages\u003C\u002Fstrong>, so other section on your wordpress site will be open to the guest users, so you can only restrict your buddypress section, but open wordpress section to your guests, for example, blog, faq, ticket, store… and so on. \u003C\u002Fli>\n\u003Cli>Enable \u003Cstrong>page level protect\u003C\u002Fstrong>, when you edit a post, you can choose setting it as a members only page or not. By this way, you do not need enter page URLs to Opened Pages Panel always\u003C\u002Fli>\n\u003Cli>Restricts Your Buddypress and WordPress and bbPpress to logged in\u002Fregistered members\u003C\u002Fli>\n\u003Cli>Easy to use, build a privacy site quickly, via a few clicks in powerful control panel, you can decide which section of your site open \u002F close to specific user roles.    \u003C\u002Fli>\n\u003Cli>One Click Reset all Settings\u003C\u002Fli>\n\u003Cli>Option to ” Use Permanent 301 Redirect Instead of Temporary 302 Redirect”\u003C\u002Fli>\n\u003Cli>More Buddypress Membership Addons included in the buddypress membership pro to enrich your application scenarios\u003C\u002Fli>\n\u003Cli>Detailed tips for each setting options and detailed Knowledge Base for help you understand how to use the buddypress membership system easier\u003C\u002Fli>\n\u003Cli>Support ticket: if you need any help, or if you need any more buddypress membership features,  you can find our support ticket in  “Knowledge Base” menu\u003C\u002Fli>\n\u003Cli>…… and more, any fearure request is welcome\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Cp>Please check \u003Ca href='https:\u002F\u002Fmembersonly.top\u002Fcategory\u002Fbuddypress-members-only-demo\u002F' rel=\"nofollow ugc\">demos\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>More BuddyPress Plugins Maybe You Will Like\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-woocommerce-payment-gateway-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress WooCommerce Payment Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-blacklist-whitelist-security-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress Blacklist Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-google-xml-sitemaps-generator-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress Google XML Sitemaps Generator Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>…… and more \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Cp>I am developing many more amazing features, you are very welcome to \u003Ca href='https:\u002F\u002Fmembersonly.top' rel=\"nofollow ugc\">submit any feature request\u003C\u002Fa>\u003C\u002Fp>\n","BuddyPress Members Only restricts Your Buddypress and Wordpress to logged in\u002Fregistered members.",1000,119465,74,26,"2025-11-08T11:33:00.000Z","6.8.5","3.8",[20,54,22,55,56],"membership","protected","restricts","https:\u002F\u002Fmembersonly.top\u002Ffeatures\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-members-only.zip",99,"2025-04-01 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":34,"downloaded":69,"rating":13,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":77,"download_link":78,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"safe-private","Safe Private","1.3","Sherpah_","https:\u002F\u002Fprofiles.wordpress.org\u002Fsherpah_\u002F","\u003Cp>The Safe Private Plugin set up a members-only area on your WordPress and protect your content, pages and resources from public access.\u003Cbr \u002F>\nOnly registered users will be able to browse your site. The plugin will redirect all others users to the login page of your blog.\u003Cbr \u002F>\nDeny access to unregistered users, perfect for a private website, helpful during a blog maintenance and useful for developers…\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Membrers-only area\u003C\u002Fli>\n\u003Cli>Members only feed\u003C\u002Fli>\n\u003Cli>No template modifications\u003C\u002Fli>\n\u003Cli>Fast, Safe and secure…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Author Plugin link page: \u003Ca href=\"http:\u002F\u002Fwww.sherpah.net\u002Fwordpress\u002Fplugin-safe-private\u002F\" rel=\"nofollow ugc\">Safe Private\u003C\u002Fa>\u003C\u002Fp>\n","A Private Wordpress, a Members-only Website, helpful during a site maintenance and useful for developers...",5819,3,"2013-12-15T19:46:00.000Z","3.7.41","3.7.1",[75,76,21,22,23],"deny","member","http:\u002F\u002Fwww.sherpah.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafe-private.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":70,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":18,"tags":92,"homepage":98,"download_link":99,"security_score":100,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"bp-custom-functionalities","BP Custom Functionalities","1.0.4","Prashant Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fprashantvatsh\u002F","\u003Cp>BP Custom Functionalities provides custom functionalities that regular BuddyPress users requires like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Locking BuddyPress for guest users\u003C\u002Fli>\n\u003Cli>Locking bbPress for guest users\u003C\u002Fli>\n\u003Cli>Restricting BuddyPress Access Based on Paid Membership Pro Membership Levels\u003C\u002Fli>\n\u003Cli>Excluding members based on user roles from members directory\u003C\u002Fli>\n\u003Cli>Private profile – that means one member can not see other members profile\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>I will add more functionalities but will depend on how many requests came for the same functionality.\u003C\u002Fp>\n","BP Custom Functionalities provides custom functionalities that regular BuddyPress users requires.",10,2596,"2024-04-07T16:07:00.000Z","6.5.8","4.9.0",[93,94,95,96,97],"exclude-member-roles","guest-user-restriction","lock-bbpress","pmpro-membership-level-buddypress-restriction","private-profile","https:\u002F\u002Fprashantdev.wordpress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-custom-functionalities.1.0.4.zip",92,{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":87,"downloaded":109,"rating":27,"num_ratings":27,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":18,"tags":113,"homepage":116,"download_link":117,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"login-customiser","Login Customiser","0.1","Poetic Coding","https:\u002F\u002Fprofiles.wordpress.org\u002Fmikegrant\u002F","\u003Cp>A Simple plugin to customise WP-Login, allowing you to change where users are redirected to upon successful login.\u003C\u002Fp>\n","A Simple plugin to customise WP-Login, allowing you to change where users are redirected to upon successful login.",2229,"2013-08-21T08:03:00.000Z","3.6.1","2.9",[114,115,21,22],"login","login-redirect","http:\u002F\u002Fwww.poeticcoding.co.uk\u002Fplugins\u002Flogin-customiser","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-customiser.0.1.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":87,"downloaded":126,"rating":27,"num_ratings":27,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":132,"download_link":133,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"members-blog","MembersBlog","1.4.48f","DCoda","https:\u002F\u002Fprofiles.wordpress.org\u002Fdcoda\u002F","\u003Cp>This plugin is only supported on PHP 5.2 or greater.\u003C\u002Fp>\n\u003Cp>\u003C!--description-->\u003Cbr \u002F>\nMembersBlog easily allows you to lock down your blog to members only.\u003Cbr \u002F>\nUnauthenticated visitors who try to view the blog content will be forced to the login page , or presented with an browser login prompt if they try to view the feed.\u003C\u002Fp>\n\u003Cp>When the blog and feed are locked down to subscribe to a feed using a feed reader a username and password must be supplied in the url:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002F{username}:{password}@{feed url}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003C!--description-->\u003C\u002Fp>\n\u003Cp>If you are having trouble and cannot find the answers in the \u003Ca href=\"http:\u002F\u002Fmembersblog.dcoda.co.uk\u002Fhelp\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa> you can post your support questions to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fmembers-blog\" rel=\"ugc\">WordPress Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you find MembersBlog useful please rate it at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmembers-blog\u002F\" rel=\"ugc\">wordpress.org\u003C\u002Fa> and please consider making a \u003Ca href=\"http:\u002F\u002Fmembersblog.dcoda.co.uk\u002Fdonate\u002F\" rel=\"nofollow ugc\">donation\u003C\u002Fa> to help us set aside more hours to maintain MembersBlog\u003C\u002Fp>\n\u003Cp>MembersBlog is written by \u003Ca href='http:\u002F\u002Fdcoda.co.uk' rel=\"nofollow ugc\">dcoda\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can check out our other plugins \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fusers\u002Fdcoda\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you require a custom plugin you can contact us \u003Ca href=\"http:\u002F\u002Fdcoda.co.uk\u002Fcontact\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> and maybe we could write it for you.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>(c) Copyright DCoda Limited, 2007 -, All Rights Reserved.\u003C\u002Fp>\n\u003Cp>This code is released under the GPL license version 2, available here:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl.txt\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl.txt\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>There are so many possibly configurations of installation the plugin can be installed on we limit testing to a PHP 5.2+ Linux platform running the latest version of WordPress at the time of release but it is released WITHOUT ANY WARRANTY;\u003Cbr \u002F>\n without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n","Lock down all your posts and pages so only members can access them",5749,"2012-06-04T14:25:00.000Z","3.3.2","3.0.0",[131,21,22,24],"blog","http:\u002F\u002Fmembersblog.dcoda.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmembers-blog.1.4.48f.zip",{"attackSurface":135,"codeSignals":173,"taintFlows":191,"riskAssessment":219,"analyzedAt":231},{"hooks":136,"ajaxHandlers":169,"restRoutes":170,"shortcodes":171,"cronEvents":172,"entryPointCount":27,"unprotectedCount":27},[137,143,147,152,156,160,165],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","bp_include","buddyfence_init","buddyfence.php",28,{"type":138,"name":144,"callback":145,"file":146,"line":87},"admin_menu","buddyfence_add_menu","inc\\admin.php",{"type":148,"name":149,"callback":150,"file":151,"line":34},"filter","the_content","buddyfence_template","inc\\functions.php",{"type":138,"name":153,"callback":154,"file":151,"line":155},"wp_head","buddyfence_display_template",33,{"type":138,"name":157,"callback":158,"file":151,"line":159},"template_redirect","buddyfence_template_redirect",114,{"type":138,"name":161,"callback":162,"file":163,"line":164},"admin_init","buddyfence_register_options","inc\\plugin.php",8,{"type":138,"name":166,"callback":167,"file":163,"line":168},"plugins_loaded","buddyfence_load_plugin_textdomain",13,[],[],[],[],{"dangerousFunctions":174,"sqlUsage":175,"outputEscaping":177,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":190},[],{"prepared":27,"raw":27,"locations":176},[],{"escaped":178,"rawEcho":179,"locations":180},7,4,[181,185,186,188],{"file":182,"line":183,"context":184},"inc\\admin-page.php",62,"raw output",{"file":182,"line":183,"context":184},{"file":182,"line":187,"context":184},68,{"file":151,"line":189,"context":184},11,[],[192,210],{"entryPoint":193,"graph":194,"unsanitizedCount":208,"severity":209},"buddyfence_template (inc\\functions.php:5)",{"nodes":195,"edges":205},[196,200],{"id":197,"type":198,"label":199,"file":151,"line":189},"n0","source","$_SERVER['REQUEST_URI']",{"id":201,"type":202,"label":203,"file":151,"line":189,"wp_function":204},"n1","sink","echo() [XSS]","echo",[206],{"from":197,"to":201,"sanitized":207},false,1,"medium",{"entryPoint":211,"graph":212,"unsanitizedCount":208,"severity":218},"\u003Cfunctions> (inc\\functions.php:0)",{"nodes":213,"edges":216},[214,215],{"id":197,"type":198,"label":199,"file":151,"line":189},{"id":201,"type":202,"label":203,"file":151,"line":189,"wp_function":204},[217],{"from":197,"to":201,"sanitized":207},"low",{"summary":220,"deductions":221},"The Buddyfence v1.2.2 plugin exhibits a generally strong security posture based on the static analysis.  The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface.  Furthermore, the code's adherence to using prepared statements for all SQL queries is a positive indicator of secure database interactions.  The lack of dangerous functions, file operations, and external HTTP requests further contributes to a reduced risk profile.\n\nHowever, there are notable areas for improvement. The taint analysis reveals two flows with unsanitized paths, indicating a potential for input validation issues that could lead to unexpected behavior or vulnerabilities if not properly handled.  Additionally, the output escaping is only 64% proper, suggesting that some data displayed to users may not be adequately sanitized, potentially leading to cross-site scripting (XSS) vulnerabilities.  The complete absence of nonce checks and capability checks across all identified entry points (though limited) is a significant concern, as these are fundamental security mechanisms for verifying user authorization and preventing CSRF attacks. The vulnerability history shows no known CVEs, which is excellent, but it doesn't negate the risks identified in the code itself.\n\nIn conclusion, while Buddyfence v1.2.2 has a commendable lack of exploitable attack vectors and secure SQL practices, the identified unsanitized paths in taint analysis and insufficient output escaping, coupled with a complete lack of nonce and capability checks on its limited entry points, present tangible security risks.  These areas require immediate attention to fortify the plugin's security.",[222,224,227,229],{"reason":223,"points":87},"Taint flows with unsanitized paths",{"reason":225,"points":226},"Output escaping only 64% proper",5,{"reason":228,"points":87},"No nonce checks on entry points",{"reason":230,"points":87},"No capability checks on entry points","2026-03-16T21:58:30.481Z",{"wat":233,"direct":238},{"assetPaths":234,"generatorPatterns":235,"scriptPaths":236,"versionParams":237},[],[],[],[],{"cssClasses":239,"htmlComments":243,"htmlAttributes":244,"restEndpoints":245,"jsGlobals":246,"shortcodeOutput":247},[240,241,242],"buddyfence-message","buddyfence-message-header","buddyfence-message-text",[],[],[],[],[]]