[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKEYbeaC_F7M532TtUtZOqGTzrcdl4Vx7QNAqk_m9yV0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":139,"fingerprints":439},"buddypress-group-wiki","BuddyPress Group Wiki","1.8","D Cartwright","https:\u002F\u002Fprofiles.wordpress.org\u002Faekeron\u002F","\u003Cp>NOTE: THIS PLUGIN REQUIRES WPMU!\u003C\u002Fp>\n\u003Cp>This plugin provides simple group wiki functionality within BuddyPress.\u003C\u002Fp>\n\u003Cp>A group admin can create a group wiki and corresponding group wiki pages.  Each page has settings (which can override the group privacy settings) to control access to the page both in terms of view access and edit access.  The group also has a shared document library for uploading files.  Page revisions are fully supported, as are revision compares and restores.  Activity stream updates for wiki edits are also created, based on an excerpt of the changed text.\u003C\u002Fp>\n\u003Cp>The wiki pages are edited with tinymce for lots of wysiwyg loveliness.  We chose not to implement any kind of edit-lock, but users are warned if other people are editing the page at the same time.  They also receive a more noticable alert should someone else save a page whilst they are editing it.  Finally, after 30 minutes of viewing the wiki edit page, the page is automatically saved and the user is returned to the view screen (given a warning 5 minutes beforehand).\u003C\u002Fp>\n\u003Cp>This plugin is licensed under the GNU AGPL.  Use it however you like.  Modify it however you like.  Provide any improvements to the code to the wordpress community for free.\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwww.fsf.org\u002Flicensing\u002Flicenses\u002Fagpl-3.0.html\u003C\u002Fp>\n\u003Cp>Technical stuff you might want to know:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Each group wiki is actually a wordpress blog in the database.  This was done to take advantage of all the prebuilt WP functions for revisions, file uploads\u002Fmedia libraries\u002Fetc.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Where to get support:\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fnamoo.co.uk\u003C\u002Fp>\n\u003Cp>Possible future updates:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Global Wiki Directory\u003C\u002Fli>\n\u003Cli>Site-wide wiki pages (not tied to a particular group)\u003C\u002Fli>\n\u003Cli>Nested pages to allow for better categorisation\u002Fnamespace type stuff\u003C\u002Fli>\n\u003Cli>Improved navigation.  Substitution of top menu nav in groupwiki pages with breadcrumb nav\u003C\u002Fli>\n\u003Cli>i18n support\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Known bugs:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Slowness of tinymce to load.  Partially due to use of dev code and bloated plugins and partially due to dodgy implementation\u003C\u002Fli>\n\u003Cli>On group deletion, wiki (blog) database tables + files are not deleted\u003C\u002Fli>\n\u003Cli>Page edit save warnings (see above) are sometimes troublesome after multiple warnings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Changelog === 1.8 =* Fixed incorrect domain set during blog creation\u003C\u002Fh3>\n\u003Cp>= 1.7 =* Fixed some missing js files.= 1.6 =* Fixed a bug with frotend page creation.* Fixed a bug with group wikis being shown in the site blog lists.* Fixed a bug with group wiki creation in wordpress 3.0.= 1.5 =* Fixed a bug which was preventing saving of comments and wiki pages.\u003C\u002Fp>\n\u003Ch4>1.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Massive cleanup of code and comments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Some cleanup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixed issue with blog domain\u002Fpath on wikis.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Frontend page creation fixed.\u003C\u002Fli>\n\u003Cli>CSS, JS issues fixed.\u003C\u002Fli>\n\u003Cli>Some other stuff fixed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Initial release.  \u003C\u002Fli>\n\u003Cli>Not recommended for production sites.\u003C\u002Fli>\n\u003Cli>Please test and provide feedback.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin provides simple group wiki functionality within BuddyPress.  REQUIRES WPMU!",10,10646,0,"2010-08-06T14:50:00.000Z","3","",[18,19,20,21,22],"activities","buddypress","groups","groupwiki","wiki","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-group-wiki\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-group-wiki.1.8.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"aekeron",5,50,88,30,86,"2026-04-04T01:11:48.429Z",[38,60,81,100,118],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"buddypress-group-email-subscription","BuddyPress Group Email Subscription","4.2.4","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>This powerful plugin allows users to receive email notifications of group activity. Weekly or daily digests are available. Each user can choose how they want to subscribe to their groups.\u003C\u002Fp>\n\u003Cp>Please note that this plugin requires BuddyPress, as well as the BuddyPress Groups and Activity components.\u003C\u002Fp>\n\u003Cp>EMAIL SUBSCRIPTION LEVELS\u003Cbr \u002F>\nThere are 5 levels of email subscription options:\u003C\u002Fp>\n\u003Col>\n\u003Cli>No Email – Read this group on the web\u003C\u002Fli>\n\u003Cli>Weekly Summary Email – A summary of new topics each week\u003C\u002Fli>\n\u003Cli>Daily Digest Email – All the day’s activity bundled into a single email\u003C\u002Fli>\n\u003Cli>New Topics Email – Send new topics as they arrive (but don’t send replies)\u003C\u002Fli>\n\u003Cli>All Email – Send all group activity as it arrives\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>DEFAULT SUBSCRIPTION STATUS\u003Cbr \u002F>\nGroup admins can choose one of the 5 subscription levels as a default that gets applied when new members join.\u003C\u002Fp>\n\u003Cp>DIGEST AND SUMMARY EMAILS\u003Cbr \u002F>\nThe daily digest email is sent every morning and contains all the emails from all the groups a user is subscribed to. The digest begins with a helpful topic summary. The weekly summary email contains the topic titles from the past week by default. Summary and digest timing can be configured in the back end. (The admin can view a sample of the digests and summaries in the queue by going adding this to your url: mydomain.com\u002Fsum=1. This won’t send emails just show what will be sent)\u003C\u002Fp>\n\u003Cp>HTML EMAILS\u003Cbr \u002F>\nThe digest and summary emails are sent out in multipart HTML and plain text email format. This makes the digest much more readable with better links. The email is multipart so users who need only plain text will get plain text.\u003C\u002Fp>\n\u003Cp>EMAILS FOR TOPICS I’VE STARTED OR COMMENTED ON (only available with BuddyPress legacy discussion forums)\u003Cbr \u002F>\nUsers receive email notifications when someone replies to a topic they create or comment on (similar to Facebook). This happens whether they are subscribed or not. Users can control this behaviour in their notifications page.\u003C\u002Fp>\n\u003Cp>TOPIC FOLLOW AND MUTE (only available with BuddyPress legacy discussion forums)\u003Cbr \u002F>\nUsers who are not fully subscribed to a group (ie. maybe they are on digest) can choose to get immediate email updates for specific topic threads. Any subsequent replies to that thread will be emailed to them. In an opposite way, users who are fully subscribed to a group but want to stop getting emails from a specific (perhaps annoying) thread can choose to mute that topic.  bbPress plugin users can utilize the “Subscribe” \u002F “Notify me of follow-up replies via email” option.\u003C\u002Fp>\n\u003Cp>ADMIN NOTIFICATION\u003Cbr \u002F>\nGroup admins can send out an email to all group members from the group’s admin section. This feature is helpful to quickly communicate to the whole group, but it should be used with caution.\u003C\u002Fp>\n\u003Cp>GROUP ADMINS CAN SET SUBSCRIPTION LEVEL\u003Cbr \u002F>\nGroup admins can set the subscription level for existing users on the group’s “Admin > Manage Members” page – either one by one or all at once.\u003C\u002Fp>\n\u003Cp>SPAM PROTECTION\u003Cbr \u002F>\nTo protect against spam, you can set a minimum number of days users need to be registered before their group activity will be emailed to other users. This feature is off by default, but can be enabled in the admin.\u003C\u002Fp>\n\u003Cp>TRANSLATORS\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Brazilian Portuguese – www.about.me\u002Fdennisaltermann (or www.congregacao.net)\u003C\u002Fli>\n\u003Cli>Catalan – Sara Arjona Téllez\u003C\u002Fli>\n\u003Cli>Danish – Morten Nalholm\u003C\u002Fli>\n\u003Cli>Dutch – Anja werkgroepen.net\u002Fwordpress, Tim de Hoog\u003C\u002Fli>\n\u003Cli>Farsi – Vahid Masoomi http:\u002F\u002Fwww.AzUni.ir\u003C\u002Fli>\n\u003Cli>French – http:\u002F\u002Fwww.claudegagne-photo.com, Sylvain Ghysens\u003C\u002Fli>\n\u003Cli>German – Peter Peterson, Thorsten Wollenhöfer, Jörg Lohrer\u003C\u002Fli>\n\u003Cli>Hebrew – Iggy Pritzker\u003C\u002Fli>\n\u003Cli>Italian – Stefano Russo\u003C\u002Fli>\n\u003Cli>Japanese – https:\u002F\u002Fbuddypress.org\u002Fcommunity\u002Fmembers\u002Fchestnut_jp\u002F\u003C\u002Fli>\n\u003Cli>Lithuanian – Vincent G http:\u002F\u002Fwww.Host1Free.com\u003C\u002Fli>\n\u003Cli>Russian – http:\u002F\u002Fwww.viaestvita.net\u002Fgroups\u002F\u003C\u002Fli>\n\u003Cli>Spanish – Williams Castillo, Gregor Gimmy\u003C\u002Fli>\n\u003Cli>Swedish – Thomas Schneider, Joakim Hising\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>NOTE TO PLUGIN AUTHORS\u003Cbr \u002F>\nIf your plugin posts updates to the standard BuddyPress activity stream, then group members who are subscribed via 3. Daily Digest and 5. All Email will get your updates automatically. However people subscribed as 2. Weekly Summary and 4. New Topic will not. If you feel some of your plugin’s updates are very important and want to make sure all subscribed members receive them, you can filter ‘ass_this_activity_is_important’ and return TRUE when $type matches your activity. See the ass_this_activity_is_important() function in bp-activity-subscription-functions.phpfor more info.\u003C\u002Fp>\n\u003Cp>PLUGIN SUPPORTERS:\u003Cbr \u002F>\nMajor supporters: shambhalanetwork.org & commons.gc.cuny.edu\u003Cbr \u002F>\nOther supporters: bluedotproductions.com\u003C\u002Fp>\n\u003Cp>PLUGIN DEVELOPMENT\u003Cbr \u002F>\nFor bug reports or to add patches or translation files, please visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Fbuddypress-group-email-subscription\u002F\" rel=\"nofollow ugc\">GES Github page\u003C\u002Fa>.  Contributions are definitely welcome!\u003C\u002Fp>\n","This powerful plugin allows users to receive email notifications of group activity. Weekly or daily digests are available.",1000,230356,80,32,"2024-10-04T14:35:00.000Z","6.6.5","3.2","5.3",[18,55,56,19,20],"activity","bp","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-group-email-subscription\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-group-email-subscription.4.2.4.zip",92,{"slug":61,"name":62,"version":63,"author":42,"author_profile":43,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":33,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":16,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":13,"last_vuln_date":80,"fetched_at":27},"buddypress-docs","BuddyPress Docs","2.2.6","\u003Cp>BuddyPress Docs adds collaborative work spaces to your BuddyPress community. Part wiki, part document editing, part shared dropbox, think of these Docs as a BuddyPress version of the Docs service offered by the Big G \u003Cem>ifyouknowwhatimean\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Docs that can be linked to groups or users, with a variety of privacy levels\u003C\u002Fli>\n\u003Cli>Support for fully-private document uploads\u003C\u002Fli>\n\u003Cli>Doc taxonomy, using tags\u003C\u002Fli>\n\u003Cli>Fully sortable and filterable doc lists\u003C\u002Fli>\n\u003Cli>TinyMCE front-end doc editing\u003C\u002Fli>\n\u003Cli>One-editor-at-a-time prevention against overwrites, plus idle detection\u002Fautosave\u003C\u002Fli>\n\u003Cli>Full access to revision history\u003C\u002Fli>\n\u003Cli>Dashboard access and management of Docs for the site admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is in active development. For feature requests and bug reports, visit http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Fbuddypress-docs. If you have translated the plugin and would like to provide your translation for distribution with BuddyPress Docs, please contact the plugin author.\u003C\u002Fp>\n","Adds collaborative Docs to BuddyPress.",7000,321667,35,"2025-08-20T17:41:00.000Z","6.8.5","3.3",[19,73,74,75,22],"collaboration","docs","documents","http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Fbuddypress-docs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-docs.2.2.6.zip",97,3,"2025-06-06 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":46,"downloaded":89,"rating":33,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":16,"download_link":99,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"bp-registration-options","Registration Options for BuddyPress","4.4.5","Brian Messenlehner","https:\u002F\u002Fprofiles.wordpress.org\u002Fmessenlehner\u002F","\u003Cp>Prevent users and bots from accessing the BuddyPress or bbPress areas of your website(s) until they are approved.\u003C\u002Fp>\n\u003Cp>This BuddyPress extension allows you to enable user moderation for new members, as well as help create a private network for your users. If moderation is enabled, any new members will be denied access to your BuddyPress and bbPress areas on your site, with the exception of their own user profile. They will be allowed to edit and configure that much. They will also not be listed in the members lists on the frontend until approved. Custom messages are available so you can tailor them to the tone of your website and community. When an admin approves or denies a user, email notifications will be sent to let them know of the decision.\u003C\u002Fp>\n\u003Cp>Requires BuddyPress version 1.7 or higher and bbPress 2.0 or higher.\u003C\u002Fp>\n\u003Ch3>General Data Protection Regulation\u003C\u002Fh3>\n\u003Cp>BuddyPress Registration Options temporarily stores user IP addresses as user meta to help validate and vet pending users. Saved IP values are deleted upon both approval and denial of pending user. No other personal data is recorded.\u003C\u002Fp>\n","Moderate new BuddyPress members and fight BuddyPress spam.",175480,33,"2023-03-05T15:26:00.000Z","6.0.11","5.2","5.6",[96,19,20,97,98],"admin","moderation","registration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-registration-options.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":59,"num_ratings":11,"last_updated":110,"tested_up_to":70,"requires_at_least":111,"requires_php":16,"tags":112,"homepage":115,"download_link":116,"security_score":117,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"shortcodes-for-buddypress","Wbcom Designs – Shortcodes & Elementor Widgets For BuddyPress","2.9.1","wbcomdesigns","https:\u002F\u002Fprofiles.wordpress.org\u002Fwbcomdesigns\u002F","\u003Cp>This plugin will add an extended feature to BuddyPress. It will use Shortcode for Listing Activity Streams, Members directory, and Groups directory on any post or page within the website.\u003C\u002Fp>\n\u003Cp>With our current update, we have added three widgets to display the activity stream, member directory, and group directory using Elementor.\u003C\u002Fp>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F554193567\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch3>THEME – WORDPRESS THEME WITH OUTSTANDING BUDDYPRESS SUPPORT\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fbuddyx\u002F\" rel=\"ugc\">FREE BuddyPress Theme: BuddyX\u003C\u002Fa> – Offers unique layouts with clean code and easy-to-customise options, giving you a whole new way to visualize BuddyPress.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin generates shortcodes for Listing Activity Streams, Members, and Groups on any website post or page.",700,51623,"2025-09-22T06:44:00.000Z","5.0.0",[55,19,113,20,114],"buddypress-shortcodes","members","https:\u002F\u002Fgithub.com\u002Fwbcomdesigns\u002Fshortcodes-for-buddypress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcodes-for-buddypress.2.9.1.zip",100,{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":128,"num_ratings":129,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":53,"tags":133,"homepage":137,"download_link":138,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"bp-default-data","BuddyPress Default Data","1.4.0","Slava Abakumov","https:\u002F\u002Fprofiles.wordpress.org\u002Fslaffik\u002F","\u003Cp>Plugin will create lots of users, messages, friends connections, groups, topics, activity items, profile data – useful for testing purpose.\u003C\u002Fp>\n\u003Cp>All imported users will have avatars, generated by 8biticon.com and displayed by Gravatar.\u003C\u002Fp>\n\u003Cp>Please use this plugin with caution and not on a live site! Again, USE FOR TESTING THEMES AND PLUGINGS, NOT ON A STAGING SITE WITH LIVE DATA. Plugin should not mess with your live data, but not guaranteed.\u003C\u002Fp>\n\u003Cp>Clear BuddyPress button will delete all data, that was generated by this plugin: messages, groups, notifications, friends, forum posts, xprofile. Plugin won’t reimport data if clicked twice.\u003C\u002Fp>\n\u003Cp>And turn off email notifications in profile (friendship accepted and messages received) – or you will spam yourself 🙂 Imported users have these settings already turned off.\u003C\u002Fp>\n","Plugin will create lots of users, messages, friends connections, groups, topics, activity items, profile data - useful for testing purpose.",400,72981,78,22,"2024-11-30T22:53:00.000Z","6.7.5","4.4",[19,20,134,135,136],"import","messages","users","https:\u002F\u002Fovirium.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-default-data.1.4.0.zip",{"attackSurface":140,"codeSignals":213,"taintFlows":353,"riskAssessment":427,"analyzedAt":438},{"hooks":141,"ajaxHandlers":205,"restRoutes":210,"shortcodes":211,"cronEvents":212,"entryPointCount":196,"unprotectedCount":196},[142,148,153,157,160,164,168,171,174,179,183,186,191,193,199],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_init","bpgw_wp_admin_overrides","bp-groupwiki-functions.inc.php",1414,{"type":149,"name":150,"callback":151,"file":146,"line":152},"filter","query_vars","bpgw_form_vars",1450,{"type":143,"name":154,"callback":155,"file":146,"line":156},"template_redirect","bpgw_editing_now",1506,{"type":143,"name":154,"callback":158,"file":146,"line":159},"bpgw_frontend_page_create",1585,{"type":143,"name":161,"callback":162,"file":146,"line":163},"admin_menu","bpgw_admin_menu",1784,{"type":143,"name":165,"callback":166,"priority":11,"file":146,"line":167},"bp_activity_filter_options","activityStreamWikiFilterAdd",1788,{"type":143,"name":169,"callback":166,"priority":11,"file":146,"line":170},"bp_group_activity_filter_options",1789,{"type":143,"name":172,"callback":166,"priority":11,"file":146,"line":173},"bp_member_activity_filter_options",1790,{"type":143,"name":175,"callback":176,"file":177,"line":178},"wp_print_styles","add_wiki_stylesheet","bp-groupwiki-main.php",53,{"type":143,"name":180,"callback":181,"file":177,"line":182},"wp_print_scripts","add_wiki_script",55,{"type":143,"name":180,"callback":184,"file":177,"line":185},"add_wiki_tinymce",57,{"type":143,"name":187,"callback":188,"priority":189,"file":177,"line":190},"wp","bpgw_setup_wikinav",2,63,{"type":143,"name":161,"callback":188,"priority":189,"file":177,"line":192},65,{"type":143,"name":194,"callback":195,"priority":196,"file":197,"line":198},"plugins_loaded","wiki_load_buddypress",1,"bp-groupwiki.php",41,{"type":149,"name":200,"callback":201,"priority":202,"file":203,"line":204},"the_content","bpgw_table_of_contents",9,"content-pages\\wiki-index.php",43,[206],{"action":207,"nopriv":208,"callback":207,"hasNonce":208,"hasCapCheck":208,"file":146,"line":209},"bpgw_clean_blog_lists",false,1494,[],[],[],{"dangerousFunctions":214,"sqlUsage":222,"outputEscaping":227,"fileOperations":350,"externalRequests":196,"nonceChecks":351,"capabilityChecks":196,"bundledLibraries":352},[215,220],{"fn":216,"file":217,"line":218,"context":219},"shell_exec","js\\tiny_mce\\plugins\\spellchecker\\classes\\PSpellShell.php",61,"$cmd = $this->_getCMD($lang);",{"fn":216,"file":217,"line":221,"context":16},149,{"prepared":223,"raw":196,"locations":224},44,[225],{"file":146,"line":209,"context":226},"$wpdb->get_results() with variable interpolation",{"escaped":228,"rawEcho":229,"locations":230},8,68,[231,234,236,238,241,243,244,245,247,248,249,251,252,253,255,256,258,259,261,262,264,265,267,268,270,271,273,274,277,279,281,283,285,287,288,289,291,293,294,295,296,297,298,300,301,303,304,306,308,310,313,315,316,318,320,323,325,327,329,331,333,335,337,339,341,343,346,348],{"file":146,"line":232,"context":233},574,"raw output",{"file":146,"line":235,"context":233},1274,{"file":146,"line":237,"context":233},1553,{"file":239,"line":240,"context":233},"content-pages\\wiki-admin.php",151,{"file":239,"line":242,"context":233},157,{"file":239,"line":242,"context":233},{"file":239,"line":242,"context":233},{"file":239,"line":246,"context":233},163,{"file":239,"line":246,"context":233},{"file":239,"line":246,"context":233},{"file":239,"line":250,"context":233},172,{"file":239,"line":250,"context":233},{"file":239,"line":250,"context":233},{"file":239,"line":254,"context":233},181,{"file":239,"line":254,"context":233},{"file":239,"line":257,"context":233},184,{"file":239,"line":257,"context":233},{"file":239,"line":260,"context":233},193,{"file":239,"line":260,"context":233},{"file":239,"line":263,"context":233},196,{"file":239,"line":263,"context":233},{"file":239,"line":266,"context":233},199,{"file":239,"line":266,"context":233},{"file":239,"line":269,"context":233},208,{"file":239,"line":269,"context":233},{"file":239,"line":272,"context":233},217,{"file":239,"line":272,"context":233},{"file":275,"line":276,"context":233},"content-pages\\wiki-display.php",37,{"file":275,"line":278,"context":233},52,{"file":275,"line":280,"context":233},73,{"file":275,"line":282,"context":233},109,{"file":275,"line":284,"context":233},133,{"file":275,"line":286,"context":233},145,{"file":275,"line":263,"context":233},{"file":275,"line":266,"context":233},{"file":275,"line":290,"context":233},232,{"file":292,"line":198,"context":233},"content-pages\\wiki-edit.php",{"file":292,"line":198,"context":233},{"file":292,"line":198,"context":233},{"file":292,"line":182,"context":233},{"file":292,"line":182,"context":233},{"file":292,"line":182,"context":233},{"file":292,"line":299,"context":233},183,{"file":292,"line":266,"context":233},{"file":292,"line":302,"context":233},213,{"file":292,"line":302,"context":233},{"file":292,"line":305,"context":233},227,{"file":292,"line":307,"context":233},229,{"file":292,"line":309,"context":233},243,{"file":311,"line":312,"context":233},"content-pages\\wiki-home.php",77,{"file":311,"line":314,"context":233},95,{"file":311,"line":314,"context":233},{"file":203,"line":317,"context":233},334,{"file":203,"line":319,"context":233},370,{"file":321,"line":322,"context":233},"content-pages\\wiki-revision.php",337,{"file":321,"line":324,"context":233},403,{"file":321,"line":326,"context":233},412,{"file":321,"line":328,"context":233},415,{"file":321,"line":330,"context":233},769,{"file":321,"line":332,"context":233},781,{"file":321,"line":334,"context":233},796,{"file":321,"line":336,"context":233},802,{"file":321,"line":338,"context":233},826,{"file":321,"line":340,"context":233},1015,{"file":321,"line":342,"context":233},1018,{"file":344,"line":345,"context":233},"js\\tiny_mce\\plugins\\spellchecker\\rpc.php",169,{"file":344,"line":347,"context":233},219,{"file":349,"line":204,"context":233},"wikioverride\\header.php",16,7,[],[354,394,410],{"entryPoint":355,"graph":356,"unsanitizedCount":13,"severity":393},"\u003Cwiki-comment-options> (content-pages\\wiki-comment-options.php:0)",{"nodes":357,"edges":387},[358,364,369,371,376,380,384],{"id":359,"type":360,"label":361,"file":362,"line":363},"n0","source","$_POST","content-pages\\wiki-comment-options.php",112,{"id":365,"type":366,"label":367,"file":362,"line":263,"wp_function":368},"n1","sink","get_row() [SQLi]","get_row",{"id":370,"type":360,"label":361,"file":362,"line":363},"n2",{"id":372,"type":366,"label":373,"file":362,"line":374,"wp_function":375},"n3","query() [SQLi]",256,"query",{"id":377,"type":360,"label":378,"file":362,"line":379},"n4","$_POST (x3)",283,{"id":381,"type":382,"label":383,"file":362,"line":379},"n5","transform","→ bpgw_add_comment_meta()",{"id":385,"type":366,"label":373,"file":146,"line":386,"wp_function":375},"n6",1209,[388,390,391,392],{"from":359,"to":365,"sanitized":389},true,{"from":370,"to":372,"sanitized":389},{"from":377,"to":381,"sanitized":208},{"from":381,"to":385,"sanitized":389},"low",{"entryPoint":395,"graph":396,"unsanitizedCount":13,"severity":393},"\u003Cwiki-edit-save> (content-pages\\wiki-edit-save.php:0)",{"nodes":397,"edges":407},[398,402,403,404],{"id":359,"type":360,"label":399,"file":400,"line":401},"$_POST (x5)","content-pages\\wiki-edit-save.php",76,{"id":365,"type":366,"label":373,"file":400,"line":345,"wp_function":375},{"id":370,"type":360,"label":361,"file":400,"line":401},{"id":372,"type":366,"label":405,"file":400,"line":269,"wp_function":406},"get_results() [SQLi]","get_results",[408,409],{"from":359,"to":365,"sanitized":389},{"from":370,"to":372,"sanitized":389},{"entryPoint":411,"graph":412,"unsanitizedCount":13,"severity":393},"\u003Cwiki-revision-restore> (content-pages\\wiki-revision-restore.php:0)",{"nodes":413,"edges":424},[414,418,420,422],{"id":359,"type":360,"label":415,"file":416,"line":417},"$_GET (x2)","content-pages\\wiki-revision-restore.php",115,{"id":365,"type":366,"label":373,"file":416,"line":419,"wp_function":375},289,{"id":370,"type":360,"label":421,"file":416,"line":417},"$_GET",{"id":372,"type":366,"label":405,"file":416,"line":423,"wp_function":406},343,[425,426],{"from":359,"to":365,"sanitized":389},{"from":370,"to":372,"sanitized":389},{"summary":428,"deductions":429},"The \"buddypress-group-wiki\" v1.8 plugin exhibits a mixed security posture. On the positive side, it demonstrates a strong adherence to secure coding practices by predominantly using prepared statements for SQL queries and having no recorded vulnerabilities or CVEs.  The absence of critical or high-severity taint flows is also a significant strength, indicating that data is generally handled with care.  However, there are notable concerns. The presence of the `shell_exec` function, a powerful tool that can be misused for remote code execution if user input is not meticulously sanitized, is a significant red flag. Furthermore, the single unprotected AJAX handler presents a direct entry point for unauthenticated attackers.  The low percentage of properly escaped output further exacerbates this risk, as it increases the likelihood of cross-site scripting (XSS) vulnerabilities through the unprotected AJAX endpoint or other potential input vectors.",[430,432,435],{"reason":431,"points":351},"Unprotected AJAX handler",{"reason":433,"points":434},"Use of dangerous function: shell_exec",15,{"reason":436,"points":437},"Low output escaping percentage",6,"2026-03-17T01:34:32.554Z",{"wat":440,"direct":453},{"assetPaths":441,"generatorPatterns":445,"scriptPaths":446,"versionParams":449},[442,443,444],"\u002Fwp-content\u002Fplugins\u002Fbuddypress-group-wiki\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fbuddypress-group-wiki\u002Fjs\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fbuddypress-group-wiki\u002Fjs\u002Ftiny_mce\u002Ftiny_mce.js",[],[447,448],"wp-content\u002Fplugins\u002Fbuddypress-group-wiki\u002Fjs\u002Fscript.js","wp-content\u002Fplugins\u002Fbuddypress-group-wiki\u002Fjs\u002Ftiny_mce\u002Ftiny_mce.js",[450,451,452],"buddypress-group-wiki\u002Fcss\u002Fstyle.css?ver=","buddypress-group-wiki\u002Fjs\u002Fscript.js?ver=","buddypress-group-wiki\u002Fjs\u002Ftiny_mce\u002Ftiny_mce.js?ver=",{"cssClasses":454,"htmlComments":458,"htmlAttributes":462,"restEndpoints":465,"jsGlobals":466,"shortcodeOutput":468},[455,456,457],"wiki-page-list","wiki-page-content","bp-group-wiki",[459,460,461],"\u003C!-- Wiki Controls -->","\u003C!-- Wiki Page Content -->","\u003C!-- Edit Wiki Page -->",[463,464],"data-wiki-page-id","data-wiki-group-id",[],[467],"tinyMCE",[]]