[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCIFLrJO5WOnQFns7vrDJllWRzJ-GSxnOpxL9jqJko7I":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":139,"fingerprints":233},"buddypress-friends","Buddypress Friends","1.2","Adam Nowak","https:\u002F\u002Fprofiles.wordpress.org\u002Fadam320\u002F","\u003Cp>This plugin adds a widget to Buddypress that displays the friends for the current user that is logged in.  They are displayed as Avatar images or as a list of your friends.  You can easily resize the avatar images and control how many of your friends display in the widget.  This plugin will be expanding to include a lot more features including sorting friends in different manners.\u003C\u002Fp>\n","This plugin adds a widget to Buddypress that displays the friends for the current user that is logged in.",10,16303,0,"2011-12-10T21:25:00.000Z","3.2.1","2.9","",[19,20,4,21,22],"avatars","buddypress","friends","social-networking","http:\u002F\u002Fhyperspatial.com\u002Fwordpress-development\u002Fplugins\u002Fbuddypress-friends","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-friends.1.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"adam320",5,70,30,84,"2026-04-04T04:24:02.565Z",[37,54,77,98,120],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":52,"download_link":53,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"bp-mutual-friends","BP Mutual Friends","1.0.0","SuitePlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fsuiteplugins\u002F","\u003Cp>List users’ mutual friends in BuddyPress easily. One click install and setup.\u003C\u002Fp>\n","List users' mutual friends in BuddyPress easily. One click install and setup.",2664,"2015-08-25T22:46:00.000Z","4.3.34","3.2",[20,4,21,50,51],"mutual-friends","socialnetwork","http:\u002F\u002Fsuiteplugins.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-mutual-friends.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":48,"requires_php":17,"tags":68,"homepage":72,"download_link":73,"security_score":74,"vuln_count":75,"unpatched_count":13,"last_vuln_date":76,"fetched_at":27},"invite-anyone","Invite Anyone","1.4.10","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>Invite Anyone has two components:\u003C\u002Fp>\n\u003Cp>1) The ability to invite members to the site by email. The plugin creates a tab on each member’s Profile page called “Send Invites”, which contains a form where users can invite outsiders to join the site. There is a field for a custom message. Also, inviters can optionally select any number of their groups, and when the invitee accepts the invitation he or she automatically receive invitations to join those groups.\u003C\u002Fp>\n\u003Cp>The email invitation part of the plugin is customizable by the BP administrator, via Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Cp>2) By default, BuddyPress only allows group admins to invite their friends to groups. In some communities, you might want members to be able to invite non-friends to groups as well. This plugin allows you to do so, by populating the invitation checklist with the entire membership of the site, rather than just a friend list.\u003C\u002Fp>\n\u003Cp>Because member lists can get very long and hard to navigate, this plugin adds a autosuggest search box to the Send Invites screen – the same one that appears on the Compose Message screen – which allows inviters to navigate directly to the members they want to invite.\u003C\u002Fp>\n\u003Cp>Invite Anyone features optional integration with CloudSponge http:\u002F\u002Fcloudsponge.com, a premium address book service, that allows your users to invite their friends to the site in a way that’s easy and fun. Enable it at Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Ch3>Translation credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Belarussian: Alexander Ovsov (\u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002Fscience\" rel=\"nofollow ugc\">Web Geek Science\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese: Celso Bessa\u003C\u002Fli>\n\u003Cli>Catalan: Mònica Grau and Toni Ginard\u003C\u002Fli>\n\u003Cli>Danish: Mort3n\u003C\u002Fli>\n\u003Cli>Dutch: Jesper Popma, Tim de Hoog\u003C\u002Fli>\n\u003Cli>French: Guillaume Coulon, Nicolas Mollet\u003C\u002Fli>\n\u003Cli>German: Lars Berning, Thorsten Wollenhöfer, Matthias Lunz\u003C\u002Fli>\n\u003Cli>Greek: Lena Stergatou\u003C\u002Fli>\n\u003Cli>Italian: Luca Camellini\u003C\u002Fli>\n\u003Cli>Norwegian: Stig Ulfsby\u003C\u002Fli>\n\u003Cli>Russian: Jettochkin, Roman Leonov\u003C\u002Fli>\n\u003Cli>Serbo-Croatian: Anja Skrba\u003C\u002Fli>\n\u003Cli>Spanish: Mauricio Camayo, Gregor Gimmy\u003C\u002Fli>\n\u003Cli>Swedish: Alexander Berthelsen, Jan Anderson\u003C\u002Fli>\n\u003Cli>Ukrainian: \u003Ca href=\"http:\u002F\u002Fwww.coupofy.com\u002F\" rel=\"nofollow ugc\">Ivanka\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additional details about the plugin can be found in the following languages:\u003Cbr \u002F>\n* Serbo-Croatian: \u003Ca href=\"http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\" rel=\"nofollow ugc\">http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\u003C\u002Fa>\u003C\u002Fp>\n","Makes BuddyPress's invitation features more powerful.",1000,262018,86,26,"2024-08-19T17:09:00.000Z","6.6.5",[20,21,69,70,71],"group","invitations","invite","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Finvite-anyone\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvite-anyone.1.4.10.zip",83,6,"2024-08-16 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":17,"tags":92,"homepage":96,"download_link":97,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"buddypress-edit-activity","BuddyPress Edit Activity","1.1.1","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Let your BuddyPress members edit their activity posts and replies on the front-end of the site. You can even set a time limit for how long activity posts should remain editable.\u003C\u002Fp>\n\u003Cp>Just activate the plugin, and every activity post and reply will become editable, styled automatically by BuddyPress to fit with your theme.\u003C\u002Fp>\n","BuddyPress Edit Activity allows your members to edit their activity posts on the front-end of your BuddyPress-powered site.",900,75058,92,17,"2020-04-23T13:56:00.000Z","5.4.19","3.8",[93,20,94,95,22],"activity","messaging","profiles","https:\u002F\u002Fwww.buddyboss.com\u002Fproduct\u002Fbuddypress-edit-activity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-edit-activity.1.1.1.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":11,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":17,"tags":112,"homepage":115,"download_link":116,"security_score":117,"vuln_count":118,"unpatched_count":13,"last_vuln_date":119,"fetched_at":27},"buddypress-extended-friendship-request","BuddyPress Extended Friendship Request","1.2.2","Brajesh Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fsbrajesh\u002F","\u003Cp>BuddyPress Extended Friendship Request plugin allows users to send a personalized message with the friendship request on BuddyPress based Social Networks.\u003C\u002Fp>\n\u003Ch4>How it works:-\u003C\u002Fh4>\n\u003Cp>When a users clicks on Add friend, It shows him\u002Fher a small popup to enter some personalized message.\u003Cbr \u002F>\nThe user can enter a personalized message and click on the Send request to send the request.\u003C\u002Fp>\n\u003Ch4>Credit\u003C\u002Fh4>\n\u003Cp>Version 1.2+ uses \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsandywalker\u002Fwebui-popover\" rel=\"nofollow ugc\">WebUI-Popover\u003C\u002Fa> by Sandy Duan.\u003C\u002Fp>\n\u003Ch4>More Plugins\u003C\u002Fh4>\n\u003Cp>We love BuddyPress and we have created 100+ BuddyPress plugins.\u003Cbr \u002F>\nPlease take a look at our\u003Cbr \u002F>\n 1. \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fplugins\u002F\" title=\"Best BuddyPress Plugins\" rel=\"nofollow ugc\">Free BuddyPress Plugins\u003C\u002Fa>\u003Cbr \u002F>\n 1. \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fcategory\u002Fbuddypress-premium-plugins\u002F\" title=\"Best BuddyPress Premium Plugins\" rel=\"nofollow ugc\">Premium BuddyPress plugins\u003C\u002Fa>\u003Cbr \u002F>\n We hope that it will help you take your BuddyPress network to the next level.\u003C\u002Fp>\n\u003Ch4>BuddyPress Custom development & Maintenance Service\u003C\u002Fh4>\n\u003Cp>If you need any assistance with setting up or adding new features to BuddyPress or this plugin, Our team is available for hire.\u003Cbr \u002F>\nPlease use our \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fbuddypress-custom-plugin-development-service\u002F\" rel=\"nofollow ugc\">BuddyPress Development Services\u003C\u002Fa> for any custom development needs.\u003Cbr \u002F>\nWe appreciate your thoughts and suggestions. Please leave a comment on \u003Ca href=\"https:\u002F\u002Fbuddydev.com\u002Fbuddypress\u002Fintroducing-buddypress-extended-friendship-request-plugin\u002F\" rel=\"nofollow ugc\">BuddyDev\u003C\u002Fa>\u003C\u002Fp>\n","BuddyPress Extended Friendship Request plugin allows users to send a personalized message with the friendship requests.",300,37385,96,"2025-08-16T11:24:00.000Z","6.8.5","5.0",[20,21,113,114],"friendship","social","https:\u002F\u002Fbuddydev.com\u002Fplugins\u002Fbp-extended-friendship-request\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-extended-friendship-request.1.2.2.zip",100,1,"2013-07-03 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":34,"num_ratings":31,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":17,"tags":133,"homepage":137,"download_link":138,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"bp-automatic-friends","BuddyPress Automatic Friends","2.0.8","Steven Word","https:\u002F\u002Fprofiles.wordpress.org\u002Fstevenkword\u002F","\u003Cp>Automatically create and accept friendships for specified users upon new user registration. * Requires BuddyPress\u003C\u002Fp>\n","Automatically create and accept friendships for specified users upon new user registration. * Requires BuddyPress",200,26771,"2022-01-23T16:32:00.000Z","5.9.13","3.5",[134,135,20,21,136],"admin","automatic","instant-friends","http:\u002F\u002Fwww.stevenword.com\u002Fbp-automatic-friends\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-automatic-friends.2.0.8.zip",{"attackSurface":140,"codeSignals":152,"taintFlows":218,"riskAssessment":219,"analyzedAt":232},{"hooks":141,"ajaxHandlers":148,"restRoutes":149,"shortcodes":150,"cronEvents":151,"entryPointCount":13,"unprotectedCount":13},[142],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","widgets_init","anonymous","buddypress-friends.php",160,[],[],[],[],{"dangerousFunctions":153,"sqlUsage":157,"outputEscaping":159,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":217},[154],{"fn":155,"file":146,"line":147,"context":156},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"BuddypressFriends\");'));",{"prepared":13,"raw":13,"locations":158},[],{"escaped":160,"rawEcho":161,"locations":162},7,27,[163,166,168,170,172,174,175,177,179,181,183,185,187,189,191,193,195,197,199,201,203,205,207,209,211,213,215],{"file":146,"line":164,"context":165},87,"raw output",{"file":146,"line":167,"context":165},89,{"file":146,"line":169,"context":165},90,{"file":146,"line":171,"context":165},91,{"file":146,"line":173,"context":165},98,{"file":146,"line":117,"context":165},{"file":146,"line":176,"context":165},101,{"file":146,"line":178,"context":165},102,{"file":146,"line":180,"context":165},109,{"file":146,"line":182,"context":165},111,{"file":146,"line":184,"context":165},112,{"file":146,"line":186,"context":165},113,{"file":146,"line":188,"context":165},117,{"file":146,"line":190,"context":165},119,{"file":146,"line":192,"context":165},120,{"file":146,"line":194,"context":165},121,{"file":146,"line":196,"context":165},127,{"file":146,"line":198,"context":165},129,{"file":146,"line":200,"context":165},130,{"file":146,"line":202,"context":165},131,{"file":146,"line":204,"context":165},138,{"file":146,"line":206,"context":165},139,{"file":146,"line":208,"context":165},149,{"file":146,"line":210,"context":165},150,{"file":212,"line":118,"context":165},"includes\\widget.php",{"file":212,"line":214,"context":165},2,{"file":212,"line":216,"context":165},23,[],[],{"summary":220,"deductions":221},"The \"buddypress-friends\" v1.2 plugin exhibits a mixed security posture.  On the positive side, the plugin demonstrates good practices in handling SQL queries, utilizing prepared statements exclusively, and has no recorded vulnerabilities or CVEs. The absence of external HTTP requests, file operations, and bundled libraries also reduces potential attack vectors. However, significant concerns arise from the static analysis. The presence of the `create_function` is a clear indicator of potential for arbitrary code execution. Furthermore, the low percentage of properly escaped output (21%) suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into user interfaces.\n\nWhile the attack surface appears minimal with no exposed AJAX handlers, REST API routes, shortcodes, or cron events without authentication checks, the identified code signals present direct risks. The `create_function` usage is particularly worrying as it can be exploited to bypass security checks and execute arbitrary PHP code. The poor output escaping means that data displayed to users is not properly sanitized, making XSS attacks a probable outcome. The lack of any recorded vulnerabilities in its history might suggest a history of responsible development or simply a lack of prior security scrutiny, but the current code quality raises immediate alarms that outweigh the absence of past issues.",[222,225,228,230],{"reason":223,"points":224},"Presence of dangerous function create_function",15,{"reason":226,"points":227},"Low percentage of properly escaped output",8,{"reason":229,"points":31},"No nonce checks on entry points (though none exist)",{"reason":231,"points":31},"No capability checks on entry points (though none exist)","2026-03-17T01:33:16.422Z",{"wat":234,"direct":241},{"assetPaths":235,"generatorPatterns":238,"scriptPaths":239,"versionParams":240},[236,237],"\u002Fwp-content\u002Fplugins\u002Fbuddypress-friends\u002Fincludes\u002Fcss\u002Fbuddypress-friends.css","\u002Fwp-content\u002Fplugins\u002Fbuddypress-friends\u002Fincludes\u002Fjs\u002Fbuddypress-friends.js",[],[],[],{"cssClasses":242,"htmlComments":244,"htmlAttributes":252,"restEndpoints":255,"jsGlobals":256,"shortcodeOutput":257},[243],"widget_buddypress_friends",[245,246,247,248,249,250,251],"\u003C!-- Title Input Field -->","\u003C!-- Default Friends -->","\u003C!-- Width -->","\u003C!-- Height -->","\u003C!-- Max Friends -->","\u003C!-- Displayed Member Friends -->","\u003C!-- List Type -->",[253,254],"id=\"buddypress_friends\"","class=\"widget buddypress_friends\"",[],[],[]]