[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFoOreU6-lcSMX68skrad5ojbHM8qLfv5LqpUlFq_B_U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":120,"fingerprints":244},"buddypress-forums-move-topic-planned-split-and-merge-topic","BuddyPress Forums – Move Topic (Planned: Split and Merge Topic)","0.0.6","3sixty","https:\u002F\u002Fprofiles.wordpress.org\u002F3sixty\u002F","\u003Cp>Provides a drop-down on Forum Topic page for Group Admins \u002F Moderators to move topic thread to another public, private, or hidden forum. To avoid user confusion, topic author gets email alert with helpful link to the relocated topic. Currently OK for mods\u002Fadmins to move topic to a forum where they are NOT a mod\u002Fadmin – may address finer-grained permissions if there is interest. Future considerations include ‘split topic’ and ‘merge topic’ functions.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>Because sometimes you need to be arbitrary.\u003C\u002Fp>\n","Provides a drop-down on Forum Topic page so Group Admins \u002F Moderators can move topic thread to another forum. Generates email alert to topic author.",10,8123,0,"2010-04-20T22:31:00.000Z","2.9.2","",[18,19,20,21],"buddypress","forums","group-forums","move-topic","http:\u002F\u002Fbuddypress.org\u002Fforums\u002Ftopic\u002Fnew-plugin-buddypress-group-forums-move-topic","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-forums-move-topic-planned-split-and-merge-topic.0.0.6.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},1,30,84,"2026-04-04T19:19:23.016Z",[34,55,71,89,104],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":16,"tags":49,"homepage":53,"download_link":54,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"bbp-messages","bbPress Messages","2.0.9.1","DevriX","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevrix\u002F","\u003Cp>bbPress Messages – Simple yet powerful private messaging system tailored for bbPress.\u003C\u002Fp>\n\u003Ch3>What’s New in 2.0?\u003C\u002Fh3>\n\u003Ch4>Fully Optimized\u003C\u002Fh4>\n\u003Cp>Now bbPress Messages loads faster due to optimization and messages caching.\u003C\u002Fp>\n\u003Ch4>Background Schedules\u003C\u002Fh4>\n\u003Cp>For better experience and load time, now the tasks are processed in the background. Tasks that would take some time to finish such as email notifications, after send events, cleanup schedules and others.\u003C\u002Fp>\n\u003Ch4>Translation ready\u003C\u002Fh4>\n\u003Cp>Now you can use the languages files to \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FI18n_for_WordPress_Developers\" rel=\"nofollow ugc\">translate\u003C\u002Fa> bbPress Messages to your language. You can also contribute your translations and \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fbbp-messages\" rel=\"nofollow ugc\">help translate this plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cp>We’ve added couple shortcodes and rewrote older shortcodes, you can find out about shortcodes in the shortcodes tab in the settings page.\u003C\u002Fp>\n\u003Ch4>Widgets\u003C\u002Fh4>\n\u003Cp>We’ve redesigned the widgets for 2.0! Navigate to your dashboard and search for bbPM widgets now.\u003C\u002Fp>\n\u003Cp>Other than that, bbPress Messages 2.0 is easy to extend, supports multisite installations, and we will be working on some free addons to extend its features and improve more. Please consult the project Github page \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Felhardoum\u002Fbbp-messages\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Felhardoum\u002Fbbp-messages\u003C\u002Fa> to report a bug, contribute to the project or make suggestions.\u003C\u002Fp>\n\u003Cp>If this is the first time you update, you should be migrating your older messages from the legacy database table to the new one. This could be done using the import tab in settings.\u003C\u002Fp>\n\u003Cp>We will cover some free and premium addons to power group chats and other features, sign up for the newsletter to get notified.\u003C\u002Fp>\n\u003Cp>\u003Cem>More documentation coming soon..\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>For more WordPress\u002FbbPress\u002FBuddyPress free and premium plugins, sign up for the newsletter: http:\u002F\u002Fgo.samelh.com\u002Fnewsletter\u003C\u002Fp>\n","bbPress Messages - Simple yet powerful private messaging system tailored for bbPress.",100,23686,90,11,"2017-11-15T18:12:00.000Z","4.8.28","3.0.1",[50,18,19,51,52],"bbpress","messages","private-messages","https:\u002F\u002Fgithub.com\u002Felhardoum\u002Fbbp-messages","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbp-messages.2.0.9.1.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":11,"downloaded":63,"rating":64,"num_ratings":29,"last_updated":65,"tested_up_to":66,"requires_at_least":48,"requires_php":16,"tags":67,"homepage":16,"download_link":69,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":70},"bp-multiple-forum-post","BP Multiple Forum Post","1.0.0","dan-jones","https:\u002F\u002Fprofiles.wordpress.org\u002Fdan-jones-1\u002F","\u003Cp>This plugin adds the ability for users to create new bbpress forum topics in multiple BuddyPress group forums at the same time.\u003C\u002Fp>\n\u003Cp>Users will only get one email notification about the new topic, even if it’s created in multiple groups that they’re a part of: a notice added to the email lets users know what other group forums also had the new topic posted to them.\u003C\u002Fp>\n\u003Cp>Users will also only see one entry in their activity feed. Similar to email notifications, information is added about the other groups where the topic was posted, if the user is a member of or has access to more more than one of those groups.\u003C\u002Fp>\n\u003Cp>Initial attachments and topic tags are copied to all of the created topics in each group forum. The topics aren’t linked beyond that though: new replies and attachments, changes to topic status, etc., will only affect individual topics, not all of them.\u003C\u002Fp>\n","Lets users cross-post a new bbpress forum topic in multiple BuddyPress group forums.",3794,20,"2016-10-11T14:20:00.000Z","4.6.30",[50,18,68,19],"cross-post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-multiple-forum-post.1.0.0.zip","2026-03-15T14:54:45.397Z",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":11,"downloaded":79,"rating":13,"num_ratings":13,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":16,"tags":83,"homepage":87,"download_link":88,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"bpckeditor","bpCKEditor","1.1","willcast","https:\u002F\u002Fprofiles.wordpress.org\u002Fwillcast\u002F","\u003Cp>This plugin replaces the plain multiline text field on BP forums by a CKEditor.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>After you have correctly installed this plugin and visited its Settings page, you will need to specify where are located (path and URL) your copies of CKEditor and, optionally, CKFinder. The plugin has a build-in copy of CKEditor just in case you do not provide one.\u003C\u002Fp>\n\u003Cp>If after you save those paths the plugin tells you that the files \u003Cstrong>ckeditor.php\u003C\u002Fstrong> or \u003Cstrong>ckfinder.php\u003C\u002Fstrong> can’t be readed from the specified locations, please verify that the path is correct, that the folder is readable and that the copy of CKEditor has all its files.\u003C\u002Fp>\n\u003Cp>Below the General Settings is the Editor Settings. Once the plugin has recognized the copies of CKEditor\u002FCKFinder you can define almost every parameters exposed by CKEditor. Please refer to its documentation for support about those parameters.\u003C\u002Fp>\n","This plugin replaces the plain multiline text field on BP forums by a CKEditor.",4859,"2010-12-02T02:01:00.000Z","3.0.5","2.9.1",[18,84,85,19,86],"ckeditor","editor","wysiwyg","http:\u002F\u002Fwww.williamscastillo.com\u002Fcode\u002Fplugins\u002Fbpckeditor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbpckeditor.zip",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":11,"downloaded":97,"rating":13,"num_ratings":13,"last_updated":98,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":99,"homepage":102,"download_link":103,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"group-forum-subscription-for-buddypress","Group Forum Subscripton for BuddyPress","1.4.1","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>** Use of this plugin is not recommended in versions of BuddyPress 1.2 and higher. Please consider using BuddyPress Group Activity Notifications instead: https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-group-activity-stream-subscription\u002F. A conversion script for converting subscription data from this plugin to that one is coming soon **\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\nUsers can subscribe to individual discussion topics from within BuddyPress;\u003Cbr \u002F>\nUsers can subscribe to discussions on a group-by-group basis;\u003Cbr \u002F>\nUsers are automatically unsubscribed from a group’s discussions when they leave the group;\u003Cbr \u002F>\nAdministrators can subscribe all users to the appropriate forums with a single click (potentially handy for first-time setup);\u003Cbr \u002F>\nAdministrators can toggle whether email notification is turned on by default;\u003Cbr \u002F>\nAdministrators can toggle whether posters receive notification of their own posts.\u003C\u002Fp>\n\u003Cp>Developed for the CUNY Academic Commons. Visit http:\u002F\u002Fcommons.gc.cuny.edu to learn more about this neat project.\u003C\u002Fp>\n\u003Ch3>Running BP \u003C 1.1?\u003C\u002Fh3>\n\u003Cp>If you plan on having your members use the bbPress interface in addition to\u002Finstead of the BuddyPress forums interface (something you can only do if you are running bbPress in a separate installation, which means you’re almost certainly running BP \u003C 1.1) do the following steps as well:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Upload \u003Ccode>bb-group-forum-subscription\u003C\u002Fcode> to \u003Ccode>[bbpress-directory]\u002Fmy-plugins\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Activate the plugin on the bbPress admin page\u003Cbr \u002F>\nIn \u003Ccode>[bbpress-template-directory]\u002Ftopic.php\u003C\u002Fcode>, replace the code\u003Cbr \u002F>\nuser_favorites_link();\u003Cbr \u002F>\nwith\u003Cbr \u002F>\nuser_favorites_link( array(‘mid’ => __(‘Subscribe to this discussion’)),array(‘mid’ => __(‘Unsubscribe from this discussion’)));\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fh3>\n\u003Ch3>Translation credits\u003C\u002Fh3>\n\u003Cp>Many thanks to the following translators:\u003Cbr \u002F>\n* German: Markus Schubert\u003Cbr \u002F>\n* French: Daniel H\u003Cbr \u002F>\n* Italian: Luca Camellini\u003Cbr \u002F>\n* Russian: slaFFik\u003Cbr \u002F>\n* Spanish: Admin at dominicana.net.do\u003Cbr \u002F>\n* Traditional Chinese: Levin\u003C\u002Fp>\n","** Use of this plugin is not recommended in versions of BuddyPress 1.2 and higher. Please consider using BuddyPress Group Activity Notifications inste &hellip;",15714,"2010-08-27T20:04:00.000Z",[50,18,19,100,101],"groups","subscribe","http:\u002F\u002Fdev.commons.gc.cuny.edu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgroup-forum-subscription-for-buddypress.1.4.1.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":13,"downloaded":112,"rating":13,"num_ratings":13,"last_updated":16,"tested_up_to":113,"requires_at_least":48,"requires_php":16,"tags":114,"homepage":117,"download_link":118,"security_score":42,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":119},"forum-redirect","Forum Redirect","1.0.1","DigitalME","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalmeactivecampaign\u002F","\u003Cp>Allows you to override the default behavior of bbPress forums, linking them to an external site. Forum Redirect requires no real configuration… it simply adds a metabox to the forum edit screen allowing you to specify an override URL.\u003C\u002Fp>\n","Allows you to override the default behavior of bbPress forums, linking them to an external site.",2683,"6.9.4",[50,18,115,19,116],"forum","redirect","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fforum-redirect\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforum-redirect.1.0.1.zip","2026-03-15T10:48:56.248Z",{"attackSurface":121,"codeSignals":142,"taintFlows":171,"riskAssessment":231,"analyzedAt":243},{"hooks":122,"ajaxHandlers":138,"restRoutes":139,"shortcodes":140,"cronEvents":141,"entryPointCount":13,"unprotectedCount":13},[123,129,133],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","bp_before_group_forum_content","bp_forum_move_topic","buddypress-forums-move-topic.php",195,{"type":124,"name":130,"callback":131,"file":127,"line":132},"groups_new_group_forum","bp_fmt_setup_forum_list",197,{"type":124,"name":134,"callback":135,"file":136,"line":137},"bp_init","my_plugin_init","loader.php",15,[],[],[],[],{"dangerousFunctions":143,"sqlUsage":144,"outputEscaping":147,"fileOperations":169,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":170},[],{"prepared":145,"raw":13,"locations":146},16,[],{"escaped":13,"rawEcho":11,"locations":148},[149,151,153,155,157,159,161,163,165,167],{"file":127,"line":45,"context":150},"raw output",{"file":127,"line":152,"context":150},78,{"file":127,"line":154,"context":150},80,{"file":127,"line":156,"context":150},81,{"file":127,"line":158,"context":150},127,{"file":127,"line":160,"context":150},129,{"file":127,"line":162,"context":150},131,{"file":127,"line":164,"context":150},134,{"file":127,"line":166,"context":150},138,{"file":127,"line":168,"context":150},141,14,[],[172,190,216],{"entryPoint":173,"graph":174,"unsanitizedCount":29,"severity":189},"bp_fmt_setup_forum_list_COPY (buddypress-forums-move-topic.php:120)",{"nodes":175,"edges":186},[176,181],{"id":177,"type":178,"label":179,"file":127,"line":180},"n0","source","$_SERVER",140,{"id":182,"type":183,"label":184,"file":127,"line":168,"wp_function":185},"n1","sink","echo() [XSS]","echo",[187],{"from":177,"to":182,"sanitized":188},false,"medium",{"entryPoint":191,"graph":192,"unsanitizedCount":214,"severity":215},"bp_fmt_update_database (buddypress-forums-move-topic.php:3)",{"nodes":193,"edges":210},[194,197,201,203,205,208],{"id":177,"type":178,"label":195,"file":127,"line":196},"$_POST (x2)",6,{"id":182,"type":183,"label":198,"file":127,"line":199,"wp_function":200},"get_row() [SQLi]",7,"get_row",{"id":202,"type":178,"label":195,"file":127,"line":196},"n2",{"id":204,"type":183,"label":184,"file":127,"line":45,"wp_function":185},"n3",{"id":206,"type":178,"label":179,"file":127,"line":207},"n4",12,{"id":209,"type":183,"label":184,"file":127,"line":156,"wp_function":185},"n5",[211,212,213],{"from":177,"to":182,"sanitized":188},{"from":202,"to":204,"sanitized":188},{"from":206,"to":209,"sanitized":188},5,"high",{"entryPoint":217,"graph":218,"unsanitizedCount":196,"severity":215},"\u003Cbuddypress-forums-move-topic> (buddypress-forums-move-topic.php:0)",{"nodes":219,"edges":227},[220,221,222,223,224,226],{"id":177,"type":178,"label":195,"file":127,"line":196},{"id":182,"type":183,"label":198,"file":127,"line":199,"wp_function":200},{"id":202,"type":178,"label":195,"file":127,"line":196},{"id":204,"type":183,"label":184,"file":127,"line":45,"wp_function":185},{"id":206,"type":178,"label":225,"file":127,"line":207},"$_SERVER (x2)",{"id":209,"type":183,"label":184,"file":127,"line":156,"wp_function":185},[228,229,230],{"from":177,"to":182,"sanitized":188},{"from":202,"to":204,"sanitized":188},{"from":206,"to":209,"sanitized":188},{"summary":232,"deductions":233},"The plugin \"buddypress-forums-move-topic-planned-split-and-merge-topic\" v0.0.6 presents a mixed security posture. On the positive side, all SQL queries utilize prepared statements, and there are no known CVEs or external HTTP requests, suggesting some attention to common vulnerabilities. However, significant concerns arise from the static analysis. The complete absence of output escaping across all identified output points is a critical flaw, leaving the plugin highly susceptible to Cross-Site Scripting (XSS) attacks.\n\nFurthermore, the taint analysis reveals two high-severity flows with unsanitized paths. While the exact nature of these flows isn't detailed, unsanitized paths in conjunction with potentially dangerous function usage (even if currently zero) and the lack of capability checks or nonce verification on potential entry points (which are noted as zero, but this could be an oversight in analysis or indicative of a very limited feature set) present a substantial risk. The vulnerability history, while currently clean, cannot mitigate the risks identified in the static analysis, especially the lack of output escaping.\n\nIn conclusion, while the plugin avoids some common pitfalls like raw SQL and known exploits, the critical lack of output escaping and the high-severity taint flows are major security weaknesses that require immediate attention. The plugin's current feature set seems limited, which might explain the zero entry points, but the identified coding practices are concerning. A thorough review and remediation of the output escaping and taint flow issues are essential.",[234,236,238,241],{"reason":235,"points":137},"No output escaping on any output points",{"reason":237,"points":207},"High severity taint flows with unsanitized paths (x2)",{"reason":239,"points":240},"No capability checks",8,{"reason":242,"points":214},"No nonce checks","2026-03-17T00:26:54.808Z",{"wat":245,"direct":250},{"assetPaths":246,"generatorPatterns":247,"scriptPaths":248,"versionParams":249},[],[],[],[],{"cssClasses":251,"htmlComments":252,"htmlAttributes":253,"restEndpoints":254,"jsGlobals":255,"shortcodeOutput":256},[],[],[],[],[],[]]