[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1xb1OI2XTzOadNq5FgrjGloyDFs4zU5k48YxWM-z9KQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":120,"fingerprints":210},"buddypress-activity-stream-bump-to-top","BuddyPress Activity Stream Bump to Top","0.5.1","rich! @ etiviti","https:\u002F\u002Fprofiles.wordpress.org\u002Fnuprn1\u002F","\u003Cp>** IMPORTANT **\u003Cbr \u002F>\nThis plugin has been updated for BuddyPress 1.5.1\u003C\u002Fp>\n\u003Cp>This plugin will “bump” an activity record to the top of the stream when an activity comment reply is made.\u003C\u002Fp>\n\u003Cp>The original date_recorded is appended to the time_since filter with an additional class named: time-created. Both timestamps are displayed within the activity stream meta div\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-activity-stream-bump-to-top\u002F\" rel=\"nofollow ugc\">BuddyPress Activity Stream Bump – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n\u003Cp>add a filter to bp_activity_bump_time_since (date_recorded, $bumpdate, $content)\u003C\u002Fp>\n","This plugin will \"bump\" an activity record to the top of the stream when activity comment reply is made.",30,9199,100,2,"2011-10-28T03:25:00.000Z","",[18,19],"activity-stream","buddypress","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-activity-stream-bump-to-top\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-stream-bump-to-top.0.5.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":11,"trust_score":32,"computed_at":33},"nuprn1",10,200,88,86,"2026-04-04T06:11:01.566Z",[35,58,78,97,108],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":13,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":16,"tags":49,"homepage":53,"download_link":54,"security_score":55,"vuln_count":56,"unpatched_count":14,"last_vuln_date":57,"fetched_at":25},"bp-activity-plus-reloaded","Activity Plus Reloaded for BuddyPress","1.1.2","BuddyDev","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuddydev\u002F","\u003Cp>Activity Plus Reloaded for BuddyPress gives your social network all the features and ease of Facebook when it comes to uploading and sharing media!\u003C\u002Fp>\n\u003Cp>It is a fork of now unmaintained \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbuddypress-activity-plus\u002F\" rel=\"ugc\">BuddyPress Activity Plus\u003C\u002Fa>\u003Cbr \u002F>\nThe plugin adds 3 new buttons to your BuddyPress activity stream.  Enabling you to attach photos, videos, and even share web links with everyone on your network!\u003C\u002Fp>\n\u003Cp>Here’s the quick overview of this plugin’s features:\u003Cbr \u002F>\n * Upload a photo (or multiple) directly from your computer to the activity stream\u003Cbr \u002F>\n * Embed a video from popular sites such as youtube and vimeo by copying the link\u003Cbr \u002F>\n * Embed a link to any site – the site title and description will automatically be pulled in\u003Cbr \u002F>\n * Embedding a link also allows you to choose a thumbnail image from a list of images on the site’s homepage\u003Cbr \u002F>\n * Works perfectly with any theme based on the BuddyPress Default theme\u003C\u002Fp>\n\u003Cp>Blog Post :\u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fintroducing-buddypress-activity-plus-reloaded\u002F\" rel=\"nofollow ugc\">Introducing BuddyPress Activity Plus Reloaded\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Credit\u003C\u002Fh4>\n\u003Cp>Activity Plus Reloaded for BuddyPress is a fork of \u003Cem>BuddyPress Activity Plus\u003C\u002Fem>(now abandoned) by @wpmudev. We have refactored it to wok with current BuddyPress\u002FWordPress.\u003Cbr \u002F>\n and we plan to maintain and further develop it.\u003Cbr \u002F>\n We would like to express our sincere gratitude to the @wpmudv team for their cooperation in getting this plugin back.\u003C\u002Fp>\n\u003Cp>If you are looking to optimize media, We recommend \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-smushit\u002F\" rel=\"ugc\">Smush\u003C\u002Fa> to optimize your BuddyPress media.\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>The plugin is available on gihub. You can contribute by sending pull request, reporting errors and helping others.\u003Cbr \u002F>\nGithub repository: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbuddydev\u002Fbp-activity-plus-reloaded\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fbuddydev\u002Fbp-activity-plus-reloaded\u003C\u002Fa>\u003Cbr \u002F>\nSupport & reporting Issues: \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fsupport\u002Fforums\u002F\" rel=\"nofollow ugc\">BuddyDev Forums\u003C\u002Fa>\u003C\u002Fp>\n","Note: This plugin will be discontinued by March 31st, 2025 in favor of BuddyPress Attachment plugin. Please migrate to the new plugin before that date …",1000,38738,9,"2025-01-22T12:55:00.000Z","6.7.5","5.0",[18,19,50,51,52],"buddypress-activity","buddypress-activity-upload","embed-video","https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fbp-activity-plus-reloaded\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-activity-plus-reloaded.1.1.2.zip",46,3,"2025-10-12 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"buddykit","BuddyKit – Additional features for BuddyPress","0.0.4","Joseph G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdunhakdis\u002F","\u003Cp>BuddyKit adds several features like Live Notifications and Media Activities to your BuddyPress sites. More social media related features are coming soon!\u003C\u002Fp>\n","BuddyKit adds several features like Live Notifications and Media Activities to your BuddyPress powered websites.",12833,1,"2019-09-08T10:15:00.000Z","4.9.29","4.5","5.4",[73,19,74,75],"activity-streams","community","social-networking","https:\u002F\u002Fbuddykit.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddykit.0.0.4.zip",{"slug":79,"name":80,"version":38,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":16,"tags":92,"homepage":95,"download_link":96,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"bp-activity-plus-styling","Buddypress Activity Plus Styling","Maksym Marko","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkomaksym\u002F","\u003Cp>Add to the Buddypress Activity Plus plugin. This plugin adds CSS styles to images, videos and links. Also styling a THICKBOX.\u003C\u002Fp>\n","Additional CSS styles for the Buddypress Activity Plus plugin.",40,5543,50,4,"2019-05-01T15:35:00.000Z","5.1.22","4.3",[93,18,19,50,94],"activity","wall","https:\u002F\u002Fgithub.com\u002FMaxim-us\u002Fbuddypress-activity-plus-styling","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-activity-plus-styling.1.1.2.zip",{"slug":98,"name":99,"version":6,"author":7,"author_profile":8,"description":100,"short_description":101,"active_installs":85,"downloaded":102,"rating":103,"num_ratings":56,"last_updated":104,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":105,"homepage":106,"download_link":107,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"buddypress-edit-activity-stream","BuddyPress Edit Activity Stream","\u003Cp>** IMPORTANT **\u003Cbr \u002F>\nThis plugin has been updated for BuddyPress 1.5.1\u003C\u002Fp>\n\u003Cp>Allows site admins and users to edit any activity update (except forum topics and replies) within a specified time period.\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-edit-activity-stream\u002F\" rel=\"nofollow ugc\">BuddyPress Edit Activity Stream – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n","This plugin allows an user to edit their activity stream status update within a specified time period.",9835,74,"2011-10-28T03:29:00.000Z",[18,19],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-edit-activity-stream\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-edit-activity-stream.0.5.1.zip",{"slug":109,"name":110,"version":111,"author":7,"author_profile":8,"description":112,"short_description":113,"active_installs":11,"downloaded":114,"rating":23,"num_ratings":23,"last_updated":115,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":116,"homepage":118,"download_link":119,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25},"buddypress-block-activity-stream-types","BuddyPress Block Activity Stream Types","0.5.2","\u003Cp>** IMPORTANT **\u003Cbr \u002F>\nThis plugin has been updated for BuddyPress 1.5.1\u003C\u002Fp>\n\u003Cp>This plugin will “block” an activity record from being saved to the stream\u002Fdatabase. Such as new member registration, joining groups, friendships created.\u003C\u002Fp>\n\u003Cp>Please note, this will not allow an activity record to be saved into the database at all. You will need to know the “type” of activity record. It is advised NOT to block activity_comment and activity_update activities (will cause errors in buddypress)\u003C\u002Fp>\n\u003Cp>What are activity types? BP Core includes several and plugins may register their own when hooking into the activity_record functions. This plugin will scan the activity table for distinct types already logged but will be ever changing due to new plugins.\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-block-activity-stream-types\u002F\" rel=\"nofollow ugc\">BuddyPress Block Activity Stream Types – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fetivite\" rel=\"nofollow ugc\">@etivite\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fplus.google.com\u002F114440793706284941584?rel=author\" rel=\"nofollow ugc\">etivite+\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n\u003Cp>See this forum thread for details on hooking the type check: http:\u002F\u002Fetivite.com\u002Fgroups\u002Fbuddypress\u002Fforum\u002Ftopic\u002Fquick-tip-hooking-block-activity-stream-types-plugin-on-a-granular-level\u002F\u003C\u002Fp>\n","This plugin will \"block\" an activity record from being saved to the stream\u002Fdatabase. Such as new member registration, joining groups, friend …",9983,"2011-11-11T03:14:00.000Z",[93,18,117,19],"block-activity","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-block-activity-stream-types\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-block-activity-stream-types.0.5.2.zip",{"attackSurface":121,"codeSignals":146,"taintFlows":177,"riskAssessment":204,"analyzedAt":209},{"hooks":122,"ajaxHandlers":142,"restRoutes":143,"shortcodes":144,"cronEvents":145,"entryPointCount":23,"unprotectedCount":23},[123,129,134,139],{"type":124,"name":125,"callback":126,"priority":31,"file":127,"line":128},"action","bp_include","etivite_bp_activity_bump_init","bp-activity-bump-loader.php",27,{"type":130,"name":131,"callback":132,"priority":29,"file":127,"line":133},"filter","plugin_action_links","etivite_bp_activity_bump_admin_add_action_link",60,{"type":124,"name":135,"callback":136,"priority":67,"file":137,"line":138},"bp_activity_comment_posted","etivite_bp_activity_bump_comment_posted","bp-activity-bump.php",32,{"type":130,"name":140,"callback":141,"priority":67,"file":137,"line":55},"bp_activity_time_since","etivite_bp_activity_bump_time_since",[],[],[],[],{"dangerousFunctions":147,"sqlUsage":148,"outputEscaping":151,"fileOperations":23,"externalRequests":23,"nonceChecks":14,"capabilityChecks":67,"bundledLibraries":176},[],{"prepared":149,"raw":23,"locations":150},8,[],{"escaped":23,"rawEcho":152,"locations":153},11,[154,158,160,162,164,166,167,169,170,172,174],{"file":155,"line":156,"context":157},"admin\\bp-activity-bump-admin.php",145,"raw output",{"file":155,"line":159,"context":157},148,{"file":155,"line":161,"context":157},151,{"file":155,"line":163,"context":157},152,{"file":155,"line":165,"context":157},164,{"file":155,"line":165,"context":157},{"file":155,"line":168,"context":157},165,{"file":155,"line":168,"context":157},{"file":155,"line":171,"context":157},183,{"file":155,"line":173,"context":157},201,{"file":155,"line":175,"context":157},204,[],[178,196],{"entryPoint":179,"graph":180,"unsanitizedCount":23,"severity":195},"etivite_bp_activity_bump_admin (admin\\bp-activity-bump-admin.php:76)",{"nodes":181,"edges":192},[182,187],{"id":183,"type":184,"label":185,"file":155,"line":186},"n0","source","$_POST['ab_activity_types']",83,{"id":188,"type":189,"label":190,"file":155,"line":186,"wp_function":191},"n1","sink","update_option() [Settings Manipulation]","update_option",[193],{"from":183,"to":188,"sanitized":194},true,"low",{"entryPoint":197,"graph":198,"unsanitizedCount":23,"severity":195},"\u003Cbp-activity-bump-admin> (admin\\bp-activity-bump-admin.php:0)",{"nodes":199,"edges":202},[200,201],{"id":183,"type":184,"label":185,"file":155,"line":186},{"id":188,"type":189,"label":190,"file":155,"line":186,"wp_function":191},[203],{"from":183,"to":188,"sanitized":194},{"summary":205,"deductions":206},"The \"buddypress-activity-stream-bump-to-top\" plugin v0.5.1 exhibits a strong security posture in several key areas, notably the complete absence of known vulnerabilities and a commitment to using prepared statements for all SQL queries.  Furthermore, the lack of exposed entry points like AJAX handlers, REST API routes, and shortcodes significantly limits the plugin's attack surface, which is an excellent practice. The taint analysis also reveals no critical or high severity unsanitized flows, further indicating careful development.\n\nHowever, a significant concern arises from the static analysis of output escaping. With 11 total outputs and 0% properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. This means user-supplied data or data manipulated by users could be injected into the output without proper sanitization, potentially leading to malicious code execution in the browser of other users. While there are nonce and capability checks present, their effectiveness is undermined by the lack of output escaping.\n\nIn conclusion, while the plugin's foundation with secure SQL and a limited attack surface is commendable, the prevalent lack of output escaping presents a serious security risk that overshadows these strengths. The absence of past vulnerabilities is positive but does not mitigate the immediate risk posed by the unescaped output.",[207],{"reason":208,"points":149},"Outputs not properly escaped","2026-03-16T22:35:43.934Z",{"wat":211,"direct":218},{"assetPaths":212,"generatorPatterns":215,"scriptPaths":216,"versionParams":217},[213,214],"\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-stream-bump-to-top\u002Fbp-activity-bump-loader.php","\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-stream-bump-to-top\u002Fadmin\u002Fbp-activity-bump-admin.php",[],[],[],{"cssClasses":219,"htmlComments":220,"htmlAttributes":221,"restEndpoints":222,"jsGlobals":223,"shortcodeOutput":224},[],[],[],[],[],[]]