[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fXxSTFkHEMa5yHl2AT_K9XOBiXL0f_Ys1sRiW9WEUzyc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":19,"download_link":20,"security_score":13,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":33,"analysis":120,"fingerprints":230},"buddypress-activity-stream-extras","BuddyPress Activity Stream Extras","0.1.2","rich","https:\u002F\u002Fprofiles.wordpress.org\u002Fetivite\u002F","\u003Cp>A collection of small tweaks for the activity stream.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force login to view comments (select which activity types)\u003C\u002Fli>\n\u003Cli>Disable replying on selected activity types (+ admins) – ie blocked activity_comment will disable nested replies\u003C\u002Fli>\n\u003Cli>Disable favoriting on selected activity types\u003C\u002Fli>\n\u003Cli>Add CSS classes to each activity entry depending on friendship, following, self\u003C\u002Fli>\n\u003Cli>Add View buttons to activity entires (ie, View Blog Post, View Activity Status)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-activity-stream-extras\u002F\" rel=\"nofollow ugc\">BuddyPress Activity Stream Extras – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fetivite\" rel=\"nofollow ugc\">@etivite\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fplus.google.com\u002F114440793706284941584?rel=author\" rel=\"nofollow ugc\">etivite+\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n","A collection of small tweaks for the activity stream",10,4831,100,2,"",[17,18],"activity-stream","buddypress","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-activity-stream-extras\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-stream-extras.0.1.2.zip",0,null,"2026-03-15T14:44:11.924Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"etivite",4,40,93,30,89,"2026-04-05T05:10:30.991Z",[34,58,79,96,110],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":13,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":15,"tags":48,"homepage":52,"download_link":53,"security_score":54,"vuln_count":55,"unpatched_count":14,"last_vuln_date":56,"fetched_at":57},"bp-activity-plus-reloaded","Activity Plus Reloaded for BuddyPress","1.1.2","BuddyDev","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuddydev\u002F","\u003Cp>Activity Plus Reloaded for BuddyPress gives your social network all the features and ease of Facebook when it comes to uploading and sharing media!\u003C\u002Fp>\n\u003Cp>It is a fork of now unmaintained \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbuddypress-activity-plus\u002F\" rel=\"ugc\">BuddyPress Activity Plus\u003C\u002Fa>\u003Cbr \u002F>\nThe plugin adds 3 new buttons to your BuddyPress activity stream.  Enabling you to attach photos, videos, and even share web links with everyone on your network!\u003C\u002Fp>\n\u003Cp>Here’s the quick overview of this plugin’s features:\u003Cbr \u002F>\n * Upload a photo (or multiple) directly from your computer to the activity stream\u003Cbr \u002F>\n * Embed a video from popular sites such as youtube and vimeo by copying the link\u003Cbr \u002F>\n * Embed a link to any site – the site title and description will automatically be pulled in\u003Cbr \u002F>\n * Embedding a link also allows you to choose a thumbnail image from a list of images on the site’s homepage\u003Cbr \u002F>\n * Works perfectly with any theme based on the BuddyPress Default theme\u003C\u002Fp>\n\u003Cp>Blog Post :\u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fintroducing-buddypress-activity-plus-reloaded\u002F\" rel=\"nofollow ugc\">Introducing BuddyPress Activity Plus Reloaded\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Credit\u003C\u002Fh4>\n\u003Cp>Activity Plus Reloaded for BuddyPress is a fork of \u003Cem>BuddyPress Activity Plus\u003C\u002Fem>(now abandoned) by @wpmudev. We have refactored it to wok with current BuddyPress\u002FWordPress.\u003Cbr \u002F>\n and we plan to maintain and further develop it.\u003Cbr \u002F>\n We would like to express our sincere gratitude to the @wpmudv team for their cooperation in getting this plugin back.\u003C\u002Fp>\n\u003Cp>If you are looking to optimize media, We recommend \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-smushit\u002F\" rel=\"ugc\">Smush\u003C\u002Fa> to optimize your BuddyPress media.\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>The plugin is available on gihub. You can contribute by sending pull request, reporting errors and helping others.\u003Cbr \u002F>\nGithub repository: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbuddydev\u002Fbp-activity-plus-reloaded\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fbuddydev\u002Fbp-activity-plus-reloaded\u003C\u002Fa>\u003Cbr \u002F>\nSupport & reporting Issues: \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fsupport\u002Fforums\u002F\" rel=\"nofollow ugc\">BuddyDev Forums\u003C\u002Fa>\u003C\u002Fp>\n","Note: This plugin will be discontinued by March 31st, 2025 in favor of BuddyPress Attachment plugin. Please migrate to the new plugin before that date &hellip;",1000,38738,9,"2025-01-22T12:55:00.000Z","6.7.5","5.0",[17,18,49,50,51],"buddypress-activity","buddypress-activity-upload","embed-video","https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fbp-activity-plus-reloaded\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-activity-plus-reloaded.1.1.2.zip",46,3,"2025-10-12 00:00:00","2026-03-15T15:16:48.613Z",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":57},"buddykit","BuddyKit – Additional features for BuddyPress","0.0.4","Joseph G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdunhakdis\u002F","\u003Cp>BuddyKit adds several features like Live Notifications and Media Activities to your BuddyPress sites. More social media related features are coming soon!\u003C\u002Fp>\n","BuddyKit adds several features like Live Notifications and Media Activities to your BuddyPress powered websites.",12833,1,"2019-09-08T10:15:00.000Z","4.9.29","4.5","5.4",[73,18,74,75],"activity-streams","community","social-networking","https:\u002F\u002Fbuddykit.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddykit.0.0.4.zip",85,{"slug":80,"name":81,"version":37,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":28,"downloaded":86,"rating":87,"num_ratings":27,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":15,"tags":91,"homepage":94,"download_link":95,"security_score":78,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":57},"bp-activity-plus-styling","Buddypress Activity Plus Styling","Maksym Marko","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkomaksym\u002F","\u003Cp>Add to the Buddypress Activity Plus plugin. This plugin adds CSS styles to images, videos and links. Also styling a THICKBOX.\u003C\u002Fp>\n","Additional CSS styles for the Buddypress Activity Plus plugin.",5543,50,"2019-05-01T15:35:00.000Z","5.1.22","4.3",[92,17,18,49,93],"activity","wall","https:\u002F\u002Fgithub.com\u002FMaxim-us\u002Fbuddypress-activity-plus-styling","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-activity-plus-styling.1.1.2.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":28,"downloaded":104,"rating":105,"num_ratings":55,"last_updated":106,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":107,"homepage":108,"download_link":109,"security_score":78,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":57},"buddypress-edit-activity-stream","BuddyPress Edit Activity Stream","0.5.1","rich! @ etiviti","https:\u002F\u002Fprofiles.wordpress.org\u002Fnuprn1\u002F","\u003Cp>** IMPORTANT **\u003Cbr \u002F>\nThis plugin has been updated for BuddyPress 1.5.1\u003C\u002Fp>\n\u003Cp>Allows site admins and users to edit any activity update (except forum topics and replies) within a specified time period.\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-edit-activity-stream\u002F\" rel=\"nofollow ugc\">BuddyPress Edit Activity Stream – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n","This plugin allows an user to edit their activity stream status update within a specified time period.",9835,74,"2011-10-28T03:29:00.000Z",[17,18],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-edit-activity-stream\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-edit-activity-stream.0.5.1.zip",{"slug":111,"name":112,"version":99,"author":100,"author_profile":101,"description":113,"short_description":114,"active_installs":30,"downloaded":115,"rating":13,"num_ratings":14,"last_updated":116,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":117,"homepage":118,"download_link":119,"security_score":78,"vuln_count":21,"unpatched_count":21,"last_vuln_date":22,"fetched_at":57},"buddypress-activity-stream-bump-to-top","BuddyPress Activity Stream Bump to Top","\u003Cp>** IMPORTANT **\u003Cbr \u002F>\nThis plugin has been updated for BuddyPress 1.5.1\u003C\u002Fp>\n\u003Cp>This plugin will “bump” an activity record to the top of the stream when an activity comment reply is made.\u003C\u002Fp>\n\u003Cp>The original date_recorded is appended to the time_since filter with an additional class named: time-created. Both timestamps are displayed within the activity stream meta div\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">Author’s Site\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fwordpress-plugins\u002Fbuddypress-activity-stream-bump-to-top\u002F\" rel=\"nofollow ugc\">BuddyPress Activity Stream Bump – About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002Fapi-hooks\u002F\" rel=\"nofollow ugc\">BuddyPress and bbPress Developer Hook and Filter API Reference\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n\u003Cp>add a filter to bp_activity_bump_time_since (date_recorded, $bumpdate, $content)\u003C\u002Fp>\n","This plugin will \"bump\" an activity record to the top of the stream when activity comment reply is made.",9199,"2011-10-28T03:25:00.000Z",[17,18],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-activity-stream-bump-to-top\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-stream-bump-to-top.0.5.1.zip",{"attackSurface":121,"codeSignals":177,"taintFlows":220,"riskAssessment":221,"analyzedAt":229},{"hooks":122,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":21,"unprotectedCount":21},[123,130,135,140,144,148,153,157,161,165,169],{"type":124,"name":125,"callback":126,"priority":127,"file":128,"line":129},"action","bp_include","etivite_bp_activity_extras_init",88,"bp-activity-extras-loader.php",24,{"type":131,"name":132,"callback":133,"priority":11,"file":128,"line":134},"filter","plugin_action_links","etivite_bp_activity_extras_admin_add_action_link",57,{"type":124,"name":136,"callback":137,"file":138,"line":139},"bp_activity_entry_meta","etivite_bp_activity_extras_entry_meta","bp-activity-extras.php",56,{"type":131,"name":141,"callback":142,"file":138,"line":143},"bp_get_activity_css_class","etivite_bp_activity_extras_css_class",59,{"type":124,"name":145,"callback":146,"file":138,"line":147},"bp_before_activity_loop","etivite_bp_activity_extras_before_activity_loop",62,{"type":131,"name":149,"callback":150,"priority":151,"file":138,"line":152},"bp_activity_get_comment_count","etivite_bp_activity_extras_remove_comment_count",9999,75,{"type":124,"name":154,"callback":155,"file":138,"line":156},"bp_before_activity_entry_comments","etivite_bp_activity_extras_get_comments",86,{"type":131,"name":158,"callback":159,"priority":151,"file":138,"line":160},"bp_get_activity_feed_item_description","etivite_bp_activity_extras_feed_item_description",109,{"type":131,"name":162,"callback":163,"priority":151,"file":138,"line":164},"bp_activity_can_comment","etivite_bp_activity_extras_can_comment",130,{"type":131,"name":166,"callback":167,"priority":151,"file":138,"line":168},"bp_activity_can_comment_reply","etivite_bp_activity_extras_can_comment_reply",139,{"type":131,"name":170,"callback":171,"priority":151,"file":138,"line":172},"bp_activity_can_favorite","etivite_bp_activity_extras_can_favorite",168,[],[],[],[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":181,"fileOperations":21,"externalRequests":21,"nonceChecks":67,"capabilityChecks":21,"bundledLibraries":219},[],{"prepared":14,"raw":21,"locations":180},[],{"escaped":21,"rawEcho":182,"locations":183},20,[184,188,190,191,192,194,195,197,198,200,201,203,204,206,207,209,211,213,215,217],{"file":185,"line":186,"context":187},"admin\\bp-activity-extras-admin.php",90,"raw output",{"file":185,"line":189,"context":187},91,{"file":185,"line":160,"context":187},{"file":185,"line":160,"context":187},{"file":185,"line":193,"context":187},110,{"file":185,"line":193,"context":187},{"file":185,"line":196,"context":187},131,{"file":185,"line":196,"context":187},{"file":185,"line":199,"context":187},132,{"file":185,"line":199,"context":187},{"file":185,"line":202,"context":187},157,{"file":185,"line":202,"context":187},{"file":185,"line":205,"context":187},158,{"file":185,"line":205,"context":187},{"file":138,"line":208,"context":187},36,{"file":138,"line":210,"context":187},39,{"file":138,"line":212,"context":187},42,{"file":138,"line":214,"context":187},48,{"file":138,"line":216,"context":187},79,{"file":138,"line":218,"context":187},81,[],[],{"summary":222,"deductions":223},"The WordPress plugin \"buddypress-activity-stream-extras\" v0.1.2 presents a mixed security posture.  While the static analysis indicates a very small attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events, and all SQL queries utilize prepared statements, there are significant concerns regarding output escaping.  The fact that 0% of output is properly escaped is a critical weakness, potentially exposing the application to Cross-Site Scripting (XSS) vulnerabilities.  The presence of a nonce check is a positive sign, but its effectiveness is undermined by the lack of capability checks, leaving entry points (if any were present) potentially vulnerable to unauthorized access if they were to be discovered or introduced in future versions.  The plugin's vulnerability history is clean, with no recorded CVEs, which could indicate good development practices or simply a lack of rigorous security auditing or discovery of existing issues.  However, the combination of a clean history and a small attack surface should not lead to complacency, especially given the critical output escaping issue. The current version demonstrates some security awareness with prepared statements and nonce checks but fails critically in output sanitization, representing a notable risk.",[224,227],{"reason":225,"points":226},"0% output properly escaped",8,{"reason":228,"points":27},"0 capability checks on entry points","2026-03-16T23:32:42.167Z",{"wat":231,"direct":239},{"assetPaths":232,"generatorPatterns":236,"scriptPaths":237,"versionParams":238},[233,234,235],"\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-stream-extras\u002Fbp-activity-extras.php","\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-stream-extras\u002Fadmin\u002Fbp-activity-extras-admin.php","\u002Fwp-content\u002Fplugins\u002Fbuddypress-activity-stream-extras\u002Fbp-activity-extras-loader.php",[],[],[],{"cssClasses":240,"htmlComments":242,"htmlAttributes":243,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[241],"activity-extras-settings-form",[],[244,245],"name=\"bp-activity-extras-settings-form\"","id=\"bp-activity-extras-settings-form\"",[],[],[]]