[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foaDBftzqGJf5lIjeNHlrRzv-5GNJS4ztBQfAmEqZsR4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":55,"analysis":145,"fingerprints":271},"buddypress-extended-friendship-request","BuddyPress Extended Friendship Request","1.2.2","Brajesh Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fsbrajesh\u002F","\u003Cp>BuddyPress Extended Friendship Request plugin allows users to send a personalized message with the friendship request on BuddyPress based Social Networks.\u003C\u002Fp>\n\u003Ch4>How it works:-\u003C\u002Fh4>\n\u003Cp>When a users clicks on Add friend, It shows him\u002Fher a small popup to enter some personalized message.\u003Cbr \u002F>\nThe user can enter a personalized message and click on the Send request to send the request.\u003C\u002Fp>\n\u003Ch4>Credit\u003C\u002Fh4>\n\u003Cp>Version 1.2+ uses \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsandywalker\u002Fwebui-popover\" rel=\"nofollow ugc\">WebUI-Popover\u003C\u002Fa> by Sandy Duan.\u003C\u002Fp>\n\u003Ch4>More Plugins\u003C\u002Fh4>\n\u003Cp>We love BuddyPress and we have created 100+ BuddyPress plugins.\u003Cbr \u002F>\nPlease take a look at our\u003Cbr \u002F>\n 1. \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fplugins\u002F\" title=\"Best BuddyPress Plugins\" rel=\"nofollow ugc\">Free BuddyPress Plugins\u003C\u002Fa>\u003Cbr \u002F>\n 1. \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fcategory\u002Fbuddypress-premium-plugins\u002F\" title=\"Best BuddyPress Premium Plugins\" rel=\"nofollow ugc\">Premium BuddyPress plugins\u003C\u002Fa>\u003Cbr \u002F>\n We hope that it will help you take your BuddyPress network to the next level.\u003C\u002Fp>\n\u003Ch4>BuddyPress Custom development & Maintenance Service\u003C\u002Fh4>\n\u003Cp>If you need any assistance with setting up or adding new features to BuddyPress or this plugin, Our team is available for hire.\u003Cbr \u002F>\nPlease use our \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fbuddypress-custom-plugin-development-service\u002F\" rel=\"nofollow ugc\">BuddyPress Development Services\u003C\u002Fa> for any custom development needs.\u003Cbr \u002F>\nWe appreciate your thoughts and suggestions. Please leave a comment on \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fbuddypress\u002Fintroducing-buddypress-extended-friendship-request-plugin\u002F\" rel=\"nofollow ugc\">BuddyDev\u003C\u002Fa>\u003C\u002Fp>\n","BuddyPress Extended Friendship Request plugin allows users to send a personalized message with the friendship requests.",300,37385,96,10,"2025-08-16T11:24:00.000Z","6.8.5","5.0","",[20,21,22,23],"buddypress","friends","friendship","social","https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fbp-extended-friendship-request\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-extended-friendship-request.1.2.2.zip",100,1,0,"2013-07-03 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2013-4944","buddypress-extended-friendship-request-cross-site-scripting","BuddyPress Extended Friendship Request \u003C 1.0.2 - Cross-Site Scripting","Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin before 1.0.2 for WordPress, when the \"Friend Connections\" component is enabled, allows remote attackers to inject arbitrary web script or HTML via the friendship_request_message parameter to wp-admin\u002Fadmin-ajax.php.  NOTE: some of these details are obtained from third party information.",null,"\u003C1.0.2","1.0.2","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0fa0b67b-edc8-4f91-bf67-167df63cf7bd?source=api-prod",3856,{"slug":49,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":47,"trust_score":53,"computed_at":54},"sbrajesh",12,1820,86,69,"2026-04-04T11:27:36.942Z",[56,75,95,112,128],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":26,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":18,"download_link":73,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"mutual-buddies","Mutual Buddies","2.1.1","Paresh Radadiya","https:\u002F\u002Fprofiles.wordpress.org\u002Fpareshradadiya-1\u002F","\u003Cp>Are you looking for BuddyPress mutual friends? Mutual Buddies display a list of mutual friends on a BuddyPress member’s profile and members list\u003C\u002Fp>\n\u003Cp>You can see which friends you have in common in your friends network. Like when you go to a friends profile you can see which persons your both friends with (common friends). Just like on Facebook. This plugin add a new component inside members’s profile page and list all mutual friends.\u003C\u002Fp>\n\u003Cp>Mutual friends are the people who are friends with both you and the person whose profile you’re viewing. For instance, if you’re friends with Mike, and James is friends with Mike, then Mike will be shown as a mutual friend when you’re viewing James’s profile.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Mutual Buddies has been translated into the following languages:\u003C\u002Fp>\n\u003Col>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>French by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ffxbenard\u002F\" rel=\"nofollow ugc\">fxbenard\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Deutsch by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fper4mance\" rel=\"nofollow ugc\">per4mance\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Russian by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fairathalitov\" rel=\"nofollow ugc\">Airat Halitov\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian by Sebastiano Pistore\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>More Information\u003C\u002Fh4>\n\u003Cp>Visit the \u003Ca href=\"http:\u002F\u002Fpareshradadiya.github.io\u002FMutual-Buddies\u002F\" rel=\"nofollow ugc\">Mutual Buddies website\u003C\u002Fa> for documentation, and information on project.\u003C\u002Fp>\n","Mutual buddies displays BuddyPress mutual friends of the logged in user & the user whose profile the user is looking at on the Profile page.",70,15281,7,"2017-07-22T05:41:00.000Z","4.8.28","4.0",[20,71,21,72,23],"facebook","mutual-friends","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmutual-buddies.2.1.1.zip",85,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":93,"download_link":94,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"buddypress-foaf","Buddypress Friend of a Friend (FOAF)","2.7","quan_flo","https:\u002F\u002Fprofiles.wordpress.org\u002Fquan_flo\u002F","\u003Cp>\u003Cstrong>Increase communication and networking at your buddypress based social network.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin includes a new block inside each user profile page and includes a “Friend of a Friend (FOAF)” display.\u003Cbr \u002F>\nIf you have buddypress friends enabled your users will have friends. Their friends also have friends and these friends again have friends.\u003Cbr \u002F>\nSo there are “social paths” inside your members friends lists. This Plugin visualizes the nearest path to the user whose profile is visited by another user.\u003Cbr \u002F>\nThe world is small and you’ll see that most users know each other – because their friends are friends…\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>New block inside buddypress profile page (automatically integrated) that tells you whose friend the visited user is\u003C\u002Fli>\n\u003Cli>Shortcode: Create a page using the shortcode [buddypressfoaf_show_potential_friends] that shows excerps of friends of your friends that are not yet your friends\u003C\u002Fli>\n\u003Cli>Widget: Show a random user (friend’s friend or random user if you do not have friends)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please take a look at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress-foaf\u002Fscreenshots\u002F\" title=\"Screenshots\" rel=\"ugc\">screenshot section\u003C\u002Fa> for some examples!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>More about me and my plugins\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Since the year 1999 I do administration, customizing and programming for several forums, communities and social networks. In the year 2013 I switched from another PHP framework to WordPress.\u003Cbr \u002F>\nBecause not all plugins I’d like to have exist already I wrote some own plugins and I think I’ll continue to do so.\u003C\u002Fp>\n\u003Cp>If you have the scope at forums or social networks my other modules might also be interesting for you. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch.php?q=quan_flo\" title=\"ifs-net \u002F quan_flo WordPress Plugins\" rel=\"ugc\">Just take a look at my WordPress Profile to see all my Plugins.\u003C\u002Fa> Use them and if my work helps you to save time, earn money or just makes you happy feel free to donate – Thanks. The donation link can be found at the right sidebar next to this text.\u003C\u002Fp>\n","This plugin includes a new block inside each user profile page and includes a \"Friend of a Friend (FOAF)\" display.",20,17250,94,9,"2016-11-07T17:30:00.000Z","4.7.32","3.0",[91,20,92,21,23],"buddy","foaf","http:\u002F\u002Fifs-net.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-foaf.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":14,"downloaded":103,"rating":28,"num_ratings":28,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":110,"download_link":111,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"bp-mutual-friends","BP Mutual Friends","1.0.0","SuitePlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fsuiteplugins\u002F","\u003Cp>List users’ mutual friends in BuddyPress easily. One click install and setup.\u003C\u002Fp>\n","List users' mutual friends in BuddyPress easily. One click install and setup.",2664,"2015-08-25T22:46:00.000Z","4.3.34","3.2",[20,108,21,72,109],"buddypress-friends","socialnetwork","http:\u002F\u002Fsuiteplugins.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-mutual-friends.zip",{"slug":108,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":14,"downloaded":119,"rating":28,"num_ratings":28,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":126,"download_link":127,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"Buddypress Friends","1.2","Adam Nowak","https:\u002F\u002Fprofiles.wordpress.org\u002Fadam320\u002F","\u003Cp>This plugin adds a widget to Buddypress that displays the friends for the current user that is logged in.  They are displayed as Avatar images or as a list of your friends.  You can easily resize the avatar images and control how many of your friends display in the widget.  This plugin will be expanding to include a lot more features including sorting friends in different manners.\u003C\u002Fp>\n","This plugin adds a widget to Buddypress that displays the friends for the current user that is logged in.",16303,"2011-12-10T21:25:00.000Z","3.2.1","2.9",[124,20,108,21,125],"avatars","social-networking","http:\u002F\u002Fhyperspatial.com\u002Fwordpress-development\u002Fplugins\u002Fbuddypress-friends","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-friends.1.2.zip",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":18,"short_description":134,"active_installs":28,"downloaded":135,"rating":28,"num_ratings":28,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":18,"tags":139,"homepage":18,"download_link":144,"security_score":74,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"personalized-activity-for-buddypress-frfwa","Personalized Activity for Buddypress – Friends, Following, Admin","1.0.3","crossbow6","https:\u002F\u002Fprofiles.wordpress.org\u002Fcrossbow6\u002F","Makes Buddypress Activity Personalized For Users, by Including Activity Feeds Only From Users They Are Friends With, Users They Are Following And Administrator of Your Community.",906,"2021-11-13T04:43:00.000Z","5.8.13","5.5",[20,140,141,142,143],"community","friends-only-activity","personalized-activity","social-network","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpersonalized-activity-for-buddypress-frfwa.zip",{"attackSurface":146,"codeSignals":212,"taintFlows":235,"riskAssessment":261,"analyzedAt":270},{"hooks":147,"ajaxHandlers":198,"restRoutes":209,"shortcodes":210,"cronEvents":211,"entryPointCount":157,"unprotectedCount":28},[148,154,159,164,168,172,176,178,182,187,191,195],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","bp_loaded","load","bp-extended-friendship-request.php",74,{"type":149,"name":155,"callback":156,"priority":157,"file":152,"line":158},"bp_init","load_text_domain",2,76,{"type":160,"name":161,"callback":162,"file":152,"line":163},"filter","bp_get_add_friend_button","filter_button",78,{"type":149,"name":165,"callback":166,"file":152,"line":167},"bp_friend_requests_item","show_message_legacy",80,{"type":149,"name":169,"callback":170,"file":152,"line":171},"bp_directory_members_item","show_message_nouveau",81,{"type":149,"name":173,"callback":174,"file":152,"line":175},"bp_enqueue_scripts","load_css",84,{"type":149,"name":173,"callback":177,"file":152,"line":52},"load_js",{"type":149,"name":179,"callback":180,"file":152,"line":181},"wp_footer","load_template",89,{"type":149,"name":183,"callback":184,"priority":14,"file":185,"line":186},"friends_friendship_requested","save_friendship_request_message","core\\class-bp-extended-friendship-request-action-handler.php",29,{"type":149,"name":188,"callback":189,"priority":14,"file":185,"line":190},"friends_friendship_accepted","clean_message",31,{"type":149,"name":192,"callback":193,"priority":14,"file":185,"line":194},"friends_friendship_rejected","delete_message_on_withdraw",33,{"type":149,"name":196,"callback":193,"priority":14,"file":185,"line":197},"friends_friendship_withdrawn",35,[199,205],{"action":200,"nopriv":201,"callback":202,"hasNonce":203,"hasCapCheck":201,"file":185,"line":204},"ext_friend_add_friend",false,"add_friend",true,25,{"action":206,"nopriv":201,"callback":207,"hasNonce":203,"hasCapCheck":201,"file":185,"line":208},"ext_friend_remove_friend","remove_friend",27,[],[],[],{"dangerousFunctions":213,"sqlUsage":214,"outputEscaping":216,"fileOperations":28,"externalRequests":28,"nonceChecks":217,"capabilityChecks":28,"bundledLibraries":234},[],{"prepared":28,"raw":28,"locations":215},[],{"escaped":217,"rawEcho":66,"locations":218},3,[219,222,224,226,228,230,232],{"file":185,"line":220,"context":221},113,"raw output",{"file":185,"line":223,"context":221},130,{"file":185,"line":225,"context":221},151,{"file":185,"line":227,"context":221},153,{"file":185,"line":229,"context":221},159,{"file":185,"line":231,"context":221},161,{"file":185,"line":233,"context":221},164,[],[236,253],{"entryPoint":237,"graph":238,"unsanitizedCount":28,"severity":252},"remove_friend (core\\class-bp-extended-friendship-request-action-handler.php:139)",{"nodes":239,"edges":250},[240,245],{"id":241,"type":242,"label":243,"file":185,"line":244},"n0","source","$_POST (x2)",145,{"id":246,"type":247,"label":248,"file":185,"line":227,"wp_function":249},"n1","sink","echo() [XSS]","echo",[251],{"from":241,"to":246,"sanitized":203},"low",{"entryPoint":254,"graph":255,"unsanitizedCount":28,"severity":252},"\u003Cclass-bp-extended-friendship-request-action-handler> (core\\class-bp-extended-friendship-request-action-handler.php:0)",{"nodes":256,"edges":259},[257,258],{"id":241,"type":242,"label":243,"file":185,"line":244},{"id":246,"type":247,"label":248,"file":185,"line":227,"wp_function":249},[260],{"from":241,"to":246,"sanitized":203},{"summary":262,"deductions":263},"The plugin 'buddypress-extended-friendship-request' v1.2.2 presents a mixed security posture. On the positive side, the static analysis reveals a small attack surface with no exposed REST API routes or shortcodes, and importantly, zero unprotected AJAX entry points. All SQL queries are properly prepared, and there are no file operations or external HTTP requests, which are excellent security practices. The presence of nonce checks is also a good sign. However, a significant concern arises from the output escaping, where only 30% of the total outputs are properly escaped. This leaves a considerable portion of dynamic content vulnerable to being rendered without proper sanitization, potentially leading to cross-site scripting (XSS) vulnerabilities.",[264,267],{"reason":265,"points":266},"Low output escaping coverage",8,{"reason":268,"points":269},"Older vulnerability history, but XSS common",5,"2026-03-16T20:00:47.645Z",{"wat":272,"direct":289},{"assetPaths":273,"generatorPatterns":279,"scriptPaths":280,"versionParams":284},[274,275,276,277,278],"\u002Fwp-content\u002Fplugins\u002Fbuddypress-extended-friendship-request\u002Fassets\u002Fjs\u002Fbp-extended-friendship-request-nouveau.js","\u002Fwp-content\u002Fplugins\u002Fbuddypress-extended-friendship-request\u002Fassets\u002Fjs\u002Fbp-extended-friendship-request.js","\u002Fwp-content\u002Fplugins\u002Fbuddypress-extended-friendship-request\u002Fassets\u002Fvendors\u002Fwebui\u002Fjquery.webui-popover.js","\u002Fwp-content\u002Fplugins\u002Fbuddypress-extended-friendship-request\u002Fassets\u002Fvendors\u002Fwebui\u002Fjquery.webui-popover.css","\u002Fwp-content\u002Fplugins\u002Fbuddypress-extended-friendship-request\u002Fassets\u002Fcss\u002Fbp-extended-friendship-request.css",[],[281,282,283],"assets\u002Fjs\u002Fbp-extended-friendship-request-nouveau.js","assets\u002Fjs\u002Fbp-extended-friendship-request.js","assets\u002Fvendors\u002Fwebui\u002Fjquery.webui-popover.js",[285,286,287,288],"buddypress-extended-friendship-request\u002Fassets\u002Fjs\u002Fbp-extended-friendship-request-nouveau.js?ver=","buddypress-extended-friendship-request\u002Fassets\u002Fjs\u002Fbp-extended-friendship-request.js?ver=","buddypress-extended-friendship-request\u002Fassets\u002Fvendors\u002Fwebui\u002Fjquery.webui-popover.js?ver=","buddypress-extended-friendship-request\u002Fassets\u002Fvendors\u002Fwebui\u002Fjquery.webui-popover.css?ver=",{"cssClasses":290,"htmlComments":292,"htmlAttributes":295,"restEndpoints":297,"jsGlobals":298,"shortcodeOutput":300},[291],"bp-ext-friendship-message",[293,294],"\u003C!-- Start: BuddyPress Extended Friendship Request Form Template -->","\u003C!-- End: BuddyPress Extended Friendship Request Form Template -->",[296],"data-plugin-path",[],[299],"BPExtendedFriendshipRequest",[]]