[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fb-GKgetvGZysVG0tYJaPGNfjkgGrRMl4TRx2TyTWqSU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":20,"download_link":21,"security_score":13,"vuln_count":22,"unpatched_count":22,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":33,"analysis":120,"fingerprints":198},"buddypress-activity-as-blog-comments","BuddyPress Activity Stream as Blog Comments","0.1.1","rich! @ etiviti","https:\u002F\u002Fprofiles.wordpress.org\u002Fnuprn1\u002F","\u003Cp>This plugin will replace the main BuddyPress blog (for what BP is activated on) comments section with the activity stream reply system (threaded) and the (reply | favorite) links\u003C\u002Fp>\n\u003Cp>This will remove the WP Comments reply section – only the site admin will have access to make traditional comment replies (you may adjust this in the theme file)\u003C\u002Fp>\n\u003Cp>I consider this an experimental plugin showing how the activity stream can be more a main component across WordPress.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Activity stream enabled\u003C\u002Fli>\n\u003Cli>blog and forum activity stream enabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Important Notes\u003C\u002Fh4>\n\u003Cp>Please see the FAQ – if you have an existing BP install with blog postings and comments you MUST run an additional plugin to import blog postings and comments into the activity stream (this is untested)\u003C\u002Fp>\n\u003Cp>Currently no WPMU subblog support – looking for any brave souls to configure it properly. 🙂\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.etiviti.com\u002F2010\u002F04\u002Fbuddypress-activity-stream-as-blog-comments\u002F\" title=\"BuddyPress Activity Stream as Blog Comments - Blog About Page\" rel=\"nofollow ugc\">About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002F2010\u002F04\u002Fwhat-does-it-mean\u002F\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">See it in action\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please report any bugs, ideas, concerns, etc – detailed.\u003C\u002Fp>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n\u003Ch4>Allow other members to use traditional blog comment reply\u003C\u002Fh4>\n\u003Cp>Edit the theme file theme\u002Factivitycomments\u002Fblogactivity-commments.php (you may want to copy this activitycomments\u002Ffile to your default theme to prevent future updates from overwriting)\u003C\u002Fp>\n\u003Cp>change the line\n    \u003C\u002Fp>\n\u003Cp>Where is_site_admin can be \u003Ccode>current_user_can()\u003C\u002Fcode> with the wp_cap level (lets say you want editors or authors to reply to comments in the traditional sense). Then additional blog_comments will show activity replies underneath as well. (a neat nested effect)\u003C\u002Fp>\n","This plugin will replace the blog comments section with the activity stream reply system",10,7332,100,1,"",[17,18,19],"activity-stream","blog-comments","buddypress","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-activity-as-blog-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-as-blog-comments.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":11,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"nuprn1",200,88,30,86,"2026-04-04T07:37:12.514Z",[34,59,79,98,110],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":13,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":15,"tags":48,"homepage":52,"download_link":53,"security_score":54,"vuln_count":55,"unpatched_count":56,"last_vuln_date":57,"fetched_at":58},"bp-activity-plus-reloaded","Activity Plus Reloaded for BuddyPress","1.1.2","BuddyDev","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuddydev\u002F","\u003Cp>Activity Plus Reloaded for BuddyPress gives your social network all the features and ease of Facebook when it comes to uploading and sharing media!\u003C\u002Fp>\n\u003Cp>It is a fork of now unmaintained \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbuddypress-activity-plus\u002F\" rel=\"ugc\">BuddyPress Activity Plus\u003C\u002Fa>\u003Cbr \u002F>\nThe plugin adds 3 new buttons to your BuddyPress activity stream.  Enabling you to attach photos, videos, and even share web links with everyone on your network!\u003C\u002Fp>\n\u003Cp>Here’s the quick overview of this plugin’s features:\u003Cbr \u002F>\n * Upload a photo (or multiple) directly from your computer to the activity stream\u003Cbr \u002F>\n * Embed a video from popular sites such as youtube and vimeo by copying the link\u003Cbr \u002F>\n * Embed a link to any site – the site title and description will automatically be pulled in\u003Cbr \u002F>\n * Embedding a link also allows you to choose a thumbnail image from a list of images on the site’s homepage\u003Cbr \u002F>\n * Works perfectly with any theme based on the BuddyPress Default theme\u003C\u002Fp>\n\u003Cp>Blog Post :\u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fintroducing-buddypress-activity-plus-reloaded\u002F\" rel=\"nofollow ugc\">Introducing BuddyPress Activity Plus Reloaded\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Credit\u003C\u002Fh4>\n\u003Cp>Activity Plus Reloaded for BuddyPress is a fork of \u003Cem>BuddyPress Activity Plus\u003C\u002Fem>(now abandoned) by @wpmudev. We have refactored it to wok with current BuddyPress\u002FWordPress.\u003Cbr \u002F>\n and we plan to maintain and further develop it.\u003Cbr \u002F>\n We would like to express our sincere gratitude to the @wpmudv team for their cooperation in getting this plugin back.\u003C\u002Fp>\n\u003Cp>If you are looking to optimize media, We recommend \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-smushit\u002F\" rel=\"ugc\">Smush\u003C\u002Fa> to optimize your BuddyPress media.\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>The plugin is available on gihub. You can contribute by sending pull request, reporting errors and helping others.\u003Cbr \u002F>\nGithub repository: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbuddydev\u002Fbp-activity-plus-reloaded\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fbuddydev\u002Fbp-activity-plus-reloaded\u003C\u002Fa>\u003Cbr \u002F>\nSupport & reporting Issues: \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fsupport\u002Fforums\u002F\" rel=\"nofollow ugc\">BuddyDev Forums\u003C\u002Fa>\u003C\u002Fp>\n","Note: This plugin will be discontinued by March 31st, 2025 in favor of BuddyPress Attachment plugin. Please migrate to the new plugin before that date &hellip;",1000,38738,9,"2025-01-22T12:55:00.000Z","6.7.5","5.0",[17,19,49,50,51],"buddypress-activity","buddypress-activity-upload","embed-video","https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fbp-activity-plus-reloaded\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-activity-plus-reloaded.1.1.2.zip",46,3,2,"2025-10-12 00:00:00","2026-03-15T15:16:48.613Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":13,"downloaded":67,"rating":13,"num_ratings":14,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":22,"unpatched_count":22,"last_vuln_date":23,"fetched_at":58},"buddykit","BuddyKit – Additional features for BuddyPress","0.0.4","Joseph G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdunhakdis\u002F","\u003Cp>BuddyKit adds several features like Live Notifications and Media Activities to your BuddyPress sites. More social media related features are coming soon!\u003C\u002Fp>\n","BuddyKit adds several features like Live Notifications and Media Activities to your BuddyPress powered websites.",12833,"2019-09-08T10:15:00.000Z","4.9.29","4.5","5.4",[73,19,74,75],"activity-streams","community","social-networking","https:\u002F\u002Fbuddykit.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddykit.0.0.4.zip",85,{"slug":80,"name":81,"version":37,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":15,"tags":93,"homepage":96,"download_link":97,"security_score":78,"vuln_count":22,"unpatched_count":22,"last_vuln_date":23,"fetched_at":58},"bp-activity-plus-styling","Buddypress Activity Plus Styling","Maksym Marko","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkomaksym\u002F","\u003Cp>Add to the Buddypress Activity Plus plugin. This plugin adds CSS styles to images, videos and links. Also styling a THICKBOX.\u003C\u002Fp>\n","Additional CSS styles for the Buddypress Activity Plus plugin.",40,5543,50,4,"2019-05-01T15:35:00.000Z","5.1.22","4.3",[94,17,19,49,95],"activity","wall","https:\u002F\u002Fgithub.com\u002FMaxim-us\u002Fbuddypress-activity-plus-styling","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-activity-plus-styling.1.1.2.zip",{"slug":99,"name":100,"version":101,"author":7,"author_profile":8,"description":102,"short_description":103,"active_installs":86,"downloaded":104,"rating":105,"num_ratings":55,"last_updated":106,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":107,"homepage":108,"download_link":109,"security_score":78,"vuln_count":22,"unpatched_count":22,"last_vuln_date":23,"fetched_at":58},"buddypress-edit-activity-stream","BuddyPress Edit Activity Stream","0.5.1","\u003Cp>** IMPORTANT **\u003Cbr \u002F>\nThis plugin has been updated for BuddyPress 1.5.1\u003C\u002Fp>\n\u003Cp>Allows site admins and users to edit any activity update (except forum topics and replies) within a specified time period.\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-edit-activity-stream\u002F\" rel=\"nofollow ugc\">BuddyPress Edit Activity Stream – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n","This plugin allows an user to edit their activity stream status update within a specified time period.",9835,74,"2011-10-28T03:29:00.000Z",[17,19],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-edit-activity-stream\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-edit-activity-stream.0.5.1.zip",{"slug":111,"name":112,"version":101,"author":7,"author_profile":8,"description":113,"short_description":114,"active_installs":30,"downloaded":115,"rating":13,"num_ratings":56,"last_updated":116,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":117,"homepage":118,"download_link":119,"security_score":78,"vuln_count":22,"unpatched_count":22,"last_vuln_date":23,"fetched_at":58},"buddypress-activity-stream-bump-to-top","BuddyPress Activity Stream Bump to Top","\u003Cp>** IMPORTANT **\u003Cbr \u002F>\nThis plugin has been updated for BuddyPress 1.5.1\u003C\u002Fp>\n\u003Cp>This plugin will “bump” an activity record to the top of the stream when an activity comment reply is made.\u003C\u002Fp>\n\u003Cp>The original date_recorded is appended to the time_since filter with an additional class named: time-created. Both timestamps are displayed within the activity stream meta div\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-activity-stream-bump-to-top\u002F\" rel=\"nofollow ugc\">BuddyPress Activity Stream Bump – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n\u003Cp>add a filter to bp_activity_bump_time_since (date_recorded, $bumpdate, $content)\u003C\u002Fp>\n","This plugin will \"bump\" an activity record to the top of the stream when activity comment reply is made.",9199,"2011-10-28T03:25:00.000Z",[17,19],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-activity-stream-bump-to-top\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-stream-bump-to-top.0.5.1.zip",{"attackSurface":121,"codeSignals":146,"taintFlows":185,"riskAssessment":186,"analyzedAt":197},{"hooks":122,"ajaxHandlers":142,"restRoutes":143,"shortcodes":144,"cronEvents":145,"entryPointCount":22,"unprotectedCount":22},[123,129,134,137],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","bp_head","bp_activity_blog_comments_insert_head","bp-activity-blog-comments-loader.php",21,{"type":130,"name":131,"callback":132,"file":127,"line":133},"filter","comments_template","anonymous",25,{"type":124,"name":135,"callback":136,"file":127,"line":30},"bp_init","bp_activity_blog_comments_init",{"type":124,"name":138,"callback":139,"priority":14,"file":140,"line":141},"bp_activity_action_delete_activity","bp_activity_blog_comments_catch_action_delete_activity","bp-activity-blog-comments.php",136,[],[],[],[],{"dangerousFunctions":147,"sqlUsage":148,"outputEscaping":150,"fileOperations":22,"externalRequests":22,"nonceChecks":22,"capabilityChecks":22,"bundledLibraries":184},[],{"prepared":22,"raw":22,"locations":149},[],{"escaped":22,"rawEcho":151,"locations":152},16,[153,156,158,160,162,163,165,167,169,171,173,176,177,179,181,182],{"file":154,"line":151,"context":155},"theme\\activitycomments\\blogactivity-comments.php","raw output",{"file":154,"line":157,"context":155},17,{"file":154,"line":159,"context":155},81,{"file":154,"line":161,"context":155},82,{"file":154,"line":78,"context":155},{"file":154,"line":164,"context":155},110,{"file":154,"line":166,"context":155},115,{"file":154,"line":168,"context":155},124,{"file":154,"line":170,"context":155},129,{"file":154,"line":172,"context":155},134,{"file":174,"line":175,"context":155},"theme\\activitycomments\\blogactivity-functions.php",14,{"file":174,"line":151,"context":155},{"file":174,"line":178,"context":155},18,{"file":174,"line":180,"context":155},27,{"file":174,"line":180,"context":155},{"file":174,"line":183,"context":155},38,[],[],{"summary":187,"deductions":188},"The plugin 'buddypress-activity-as-blog-comments' v0.1.1 exhibits a concerning security posture primarily due to a complete lack of output escaping, despite a seemingly clean static analysis report in other areas. While there are no identified dangerous functions, SQL injection vulnerabilities, file operations, external HTTP requests, or taint flows, the absence of any output escaping on 16 identified outputs is a significant weakness. This means that any data being displayed to users could potentially be manipulated by an attacker, leading to cross-site scripting (XSS) vulnerabilities. The plugin also lacks capability checks and nonce checks, which, combined with the unescaped output, further increases the risk of unauthorized actions or data exposure if user input is involved in these outputs. The absence of any known vulnerability history is a positive sign, suggesting the plugin has not been a target or has not had past exploitable issues. However, this does not negate the immediate risks identified in the code analysis.  Overall, while the plugin avoids common pitfalls like raw SQL or exposed entry points, the critical oversight in output escaping makes it vulnerable to XSS attacks and warrants immediate attention.",[189,192,195],{"reason":190,"points":191},"No output escaping",20,{"reason":193,"points":194},"No nonce checks",5,{"reason":196,"points":194},"No capability checks","2026-03-16T23:17:28.537Z",{"wat":199,"direct":208},{"assetPaths":200,"generatorPatterns":205,"scriptPaths":206,"versionParams":207},[201,202,203,204],"\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-as-blog-comments\u002Fbp-activity-blog-comments.php","\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-as-blog-comments\u002Ftheme\u002Factivitycomments\u002Fblogactivity-functions.php","\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-as-blog-comments\u002Ftheme\u002Factivitycomments\u002Fblogactivity-loop.php","\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-as-blog-comments\u002Ftheme\u002Factivitycomments\u002Fblogactivity-entry.php",[],[],[],{"cssClasses":209,"htmlComments":212,"htmlAttributes":213,"restEndpoints":216,"jsGlobals":217,"shortcodeOutput":218},[210,211],"activity-blog-comments","acomment-reply",[],[214,215],"item_id","email",[],[],[]]