[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fP8tyZ9uBqM9DtIZ2xSgUuRaFaUOLaj8GD7PScBKfdXk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":15,"tags":18,"homepage":23,"download_link":24,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":124,"fingerprints":232},"buddypress-sliding-login-panel","BuddyPress Sliding Login Panel","1.2","Sarah Gooding","https:\u002F\u002Fprofiles.wordpress.org\u002Fpollyplummer\u002F","\u003Cp>BuddyPress Sliding Login Panel delivers a fancy, smooth AJAX login experience for BuddyPress users. It also includes an account center with a full user menu. I put this plugin together based on the iRedlof Ajax Login by Rohit LalChandani but have completely re-worked it for use with BuddyPress. The plugin adds a tab to the top of the page to pull down a panel where the user can login. I wrote in a BuddyPress profile and account preview center for logged in users where they will be able to check out a teaser of their new messages and friend requests as well as navigate to other areas of the site.\u003C\u002Fp>\n\u003Cp>BuddyPress Sliding Login Panel Plugin Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Logged Out Users: The panel displays a welcome message, link to registration, password retrieval, and an AJAX login form.\u003C\u002Fli>\n\u003Cli>Logged In Users: The panel displays a total of two new messages with links to the inbox, the user’s current avatar and option to change it, a list of links to the most commonly-used BuddyPress components, and a preview of the user’s friend requests.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Many thanks to the team at \u003Ca href=\"http:\u002F\u002Fwww.quantumactivist.com\u002F\" rel=\"nofollow ugc\">quantumactivist.com\u003C\u002Fa> for sponsoring some bug fixes for this plugin.\u003C\u002Fp>\n","Adds a sliding AJAX login panel to BuddyPress with a full account center and menu for logged in users.",10,49941,100,1,"","3.1.4","2.9.2",[19,20,21,22],"ajax","buddypress","sliding-panel","top-panel","http:\u002F\u002Fbuddypress.org\u002Fcommunity\u002Fgroups\u002Fbuddypress-sliding-login-panel","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-sliding-login-panel.1.2.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"pollyplummer",2,20,93,30,89,"2026-04-05T00:21:24.571Z",[38,61,80,97,112],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":15,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":60},"eonet-live-notifications","Eonet Live Notifications","1.0.11","Alkaweb","https:\u002F\u002Fprofiles.wordpress.org\u002Falkaweb\u002F","\u003Cp>\u003Cem>Add to your site live notifications for BuddyPress\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Eonet Live Notifications can be added to any website, community, network built on BuddyPres.\u003C\u002Fp>\n\u003Cp>It’ll fetch \u003Cstrong>your notifications in real time\u003C\u002Fstrong> whenever you’re on your site.\u003Cbr \u002F>\nWhether it’s a new friendship request, a new activity, a private message or a group update.\u003Cbr \u002F>\nA pretty notification will show up on your site for a few seconds to notice you about this new information.\u003Cbr \u002F>\nThen, you can customize it using the available options.\u003C\u002Fp>\n\u003Cp>This plugin require BuddyPress enabled on your WordPress site.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FNBCLUJgwpwQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Featured features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Options panel\u003C\u002Fli>\n\u003Cli>Buddypress Members integration\u003C\u002Fli>\n\u003Cli>Buddypress Groups integration\u003C\u002Fli>\n\u003Cli>Buddypress Activities integration\u003C\u002Fli>\n\u003Cli>Buddypress Friends integration\u003C\u002Fli>\n\u003Cli>AJAX powered, no page reload\u003C\u002Fli>\n\u003Cli>Automatically mark the notifications as read when you close the notification box\u003C\u002Fli>\n\u003Cli>Option to set the position of the notification\u003C\u002Fli>\n\u003Cli>Option to set the refresh delay\u003C\u002Fli>\n\u003Cli>Option to set the fade out notification delay\u003C\u002Fli>\n\u003Cli>Option to play a sound on new notifications\u003C\u002Fli>\n\u003Cli>Option to load the notifications history on page load or not\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>For developers:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Hooks\u002FFilters available in all the plugin code\u003C\u002Fli>\n\u003Cli>Minified files\u003C\u002Fli>\n\u003Cli>Documented code\u003C\u002Fli>\n\u003Cli>GPL license\u003C\u002Fli>\n\u003Cli>Secure development using tokens and WordPress native functions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’re building a top-notch community and looking for better interactions, you should give it a go!\u003C\u002Fp>\n\u003Cp>We’re open to any feature suggestion.\u003C\u002Fp>\n\u003Cp>This plugin has been developed as a side project by the Alkaweb developers team.\u003C\u002Fp>\n","Enables live notifications for all your users to get better interactions within your BuddyPress site.",400,45459,70,4,"2019-02-01T22:13:00.000Z","5.0.25","3.0.1",[19,20,54,55,56],"live","members","notifications","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feonet-live-notifications\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feonet-live-notifications.zip",85,"2026-03-15T15:16:48.613Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":13,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":15,"tags":75,"homepage":78,"download_link":79,"security_score":59,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":60},"bp-group-chatroom","BuddyPress Group Chatroom","1.7.7","Venutius","https:\u002F\u002Fprofiles.wordpress.org\u002Fvenutius\u002F","\u003Cp>This plugin provides neat chatrooms into BuddyPress groups. Each Group admin can enable a group Chat room, available for all group members to view and post.\u003C\u002Fp>\n\u003Cp>The Chat area provides an ajax chat room which displays the most recent messages along with timestamps and usernames.  It also has a “who’s online” area which shows other group members viewing the Chat page.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Who’s Online list of members in the chatroom.\u003C\u002Fli>\n\u003Cli>Text Chat: Supports text and links added via the text input box.\u003C\u002Fli>\n\u003Cli>Video and other embeds – Videos such as You-tube can be added as an embedded video using the Video button. The same link can be used for other WordPress embedable urls.\u003C\u002Fli>\n\u003Cli>Emojis supported: over 1,000 emojis easily inserted into the chat stream with options to load them all or just a subset.\u003C\u002Fli>\n\u003Cli>Images: Users with upload_files capability can add images from the media directory\u002Fupload into the chat stream.\u003C\u002Fli>\n\u003Cli>Images Lightbox: Supports WP Featherlight lightbox, if you install this plugin then images loaded into chat will open in a lightbox.\u003C\u002Fli>\n\u003Cli>Activity threading: chat conversations can be collected and posted to the activity stream.\u003C\u002Fli>\n\u003Cli>Moderation: Group admin and moderators can delete chat messages.\u003C\u002Fli>\n\u003Cli>Theming: Chat message box colours can be set by Group Admin\u003C\u002Fli>\n\u003Cli>Auto-hide of chat messages after up to 30 days.\u003C\u002Fli>\n\u003Cli>Auto-deletion of chat messages after up to 30 days.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Chat messages support links, embeded video is supported an it’s possible to call in another site member to the chat using @mentions.\u003C\u002Fp>\n\u003Cp>I’ve introduced rudimentary threads support. The behavior is that a new message, posted more then 15 minutes after the last message will be marked as a new thread. All messages posted after that initial message will be regarded as part of that thread. After 15 minutes the thread will be deemed closed and if posting of threads to group activity is enabled then all messages in the thread will be posted in a single activity update. I’m expecting this functionality to change as the plugin develops.\u003C\u002Fp>\n\u003Cp>Currently the chat supports text chat and the sharing of links. I’m interested in adding further features but would like to see some user requests for the same.\u003C\u002Fp>\n\u003Cp>This plugin was originally created by David Cartwright and has been forked by Venutius. It includes an emoji set which was sourced from WP Emoji One by Monchito.net.\u003C\u002Fp>\n\u003Cp>This plugin runs from your own server, no chat data leaves your site. This has has the benefit of minimizing your exposure regarding user privacy and GDPR, however chat will be as responsive as your server and can be laggy because of this. User conversations are stored for one month then deleted.\u003C\u002Fp>\n","This plugin provides neat chatrooms into BuddyPress groups. Each Group admin can enable a group Chat room, available for all group members to view and …",13444,74,3,"2021-02-10T12:30:00.000Z","5.6.17","4.6.0",[19,20,76,77],"chat","groups","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbp-group-chatroom","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-group-chatroom.1.7.7.zip",{"slug":81,"name":82,"version":83,"author":42,"author_profile":43,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":52,"requires_php":15,"tags":92,"homepage":95,"download_link":96,"security_score":59,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":60},"eonet-live-search","Eonet Live Search","1.1.6","\u003Cp>\u003Cem>Add to your site a top-notch live search field\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Eonet Live Search can be added to any search field.\u003Cbr \u002F>\nIt’ll create a nice popup box with the search’s result in real time. It plays very well with \u003Cstrong>Buddypress\u003C\u002Fstrong>, \u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003Cbr \u002F>\nand any other \u003Cstrong>custom post type\u003C\u002Fstrong>. Specific integration can be added by us.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Falka-web.com\u002Feonet\u002Flive-search\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Featured features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Options panel\u003C\u002Fli>\n\u003Cli>Buddypress Members integration\u003C\u002Fli>\n\u003Cli>Buddypress Groups integration\u003C\u002Fli>\n\u003Cli>Buddypress Activities integration\u003C\u002Fli>\n\u003Cli>Works with any custom post types\u003C\u002Fli>\n\u003Cli>Pages \u002F Posts integration\u003C\u002Fli>\n\u003Cli>AJAX powered, no page reload\u003C\u002Fli>\n\u003Cli>User search history\u003C\u002Fli>\n\u003Cli>Options to restrain the search sections\u003C\u002Fli>\n\u003Cli>Results listed within organized tabs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>For developers:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Hooks\u002FFilters available in all the plugin code\u003C\u002Fli>\n\u003Cli>Minified files\u003C\u002Fli>\n\u003Cli>Documented code\u003C\u002Fli>\n\u003Cli>GPL license\u003C\u002Fli>\n\u003Cli>Secure development using tokens and WordPress native functions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’re looking for a next generation live search plugin, you should give it a go!\u003C\u002Fp>\n\u003Cp>We’re open to any feature suggestion.\u003C\u002Fp>\n\u003Cp>This plugin has been developed as a side project by the Alkaweb developers team.\u003C\u002Fp>\n","Search dynamically in real time through all your site, including pages, posts, members, products & so on.",40,12559,96,5,"2018-10-04T21:56:00.000Z","4.7.32",[19,20,93,55,94],"live-search","search","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feonet-live-search\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feonet-live-search.1.1.6.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":11,"downloaded":105,"rating":13,"num_ratings":14,"last_updated":106,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":107,"homepage":110,"download_link":111,"security_score":59,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":60},"bp-better-directories","BP Better Directories","0.9.2","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>Turn your member directories into sophisticated directory filters. Admins can select which profile fields are filterable, and visitors can filter in a slick AJAX interface.\u003C\u002Fp>\n\u003Cp>WARNING! This plugin may not scale well! Don’t use without decent object caching.\u003Cbr \u002F>\nWARNING! This plugin is not ready to be used on a production site!\u003C\u002Fp>\n","Fancy schmancy BuddyPress member directories.",4977,"2011-11-09T15:36:00.000Z",[19,20,108,109,55],"directory","filter","http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Fbp-better-directories","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-better-directories.0.9.2.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":11,"downloaded":120,"rating":88,"num_ratings":89,"last_updated":15,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":121,"homepage":122,"download_link":123,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"bp-group-livechat","BuddyPress Group Livechat","1.1","D Cartwright","https:\u002F\u002Fprofiles.wordpress.org\u002Faekeron\u002F","\u003Cp>Basic live chat within groups.\u003C\u002Fp>\n\u003Cp>Once installed, activate Live Chat in the group admin area (or during group creation).\u003C\u002Fp>\n\u003Cp>The Live Chat area provides an ajax chat room which displays the most recent messages along with timestamps and usernames.  It also has a “who’s online” area which shows other group members viewing the Live Chat page.  “Super Admins” can spy on the chats of all groups.\u003C\u002Fp>\n\u003Cp>This plugin is extremely basic and has no promises of support.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>History.txt – contains all the changes since version 1.0\u003Cbr \u002F>\nLicense.txt – contains the licensing details for this component\u003C\u002Fp>\n","Basic live chat within groups.",12665,[19,20,76,77],"http:\u002F\u002Flinktart.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-group-livechat.zip",{"attackSurface":125,"codeSignals":145,"taintFlows":198,"riskAssessment":225,"analyzedAt":231},{"hooks":126,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":144,"entryPointCount":25,"unprotectedCount":25},[127,133,137],{"type":128,"name":129,"callback":130,"file":131,"line":132},"action","bp_init","bp_sliding_login_panel_init","bp-sliding-login-panel-loader.php",17,{"type":128,"name":134,"callback":135,"file":136,"line":32},"wp_head","scriptInstall","bp-sliding-login-panel.php",{"type":128,"name":138,"callback":139,"file":136,"line":140},"bp_before_header","bp_slide_login_panel",28,[],[],[],[],{"dangerousFunctions":146,"sqlUsage":147,"outputEscaping":149,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":197},[],{"prepared":25,"raw":25,"locations":148},[],{"escaped":25,"rawEcho":150,"locations":151},23,[152,155,157,158,161,163,165,167,169,171,173,174,176,178,179,181,183,185,187,189,191,193,195],{"file":136,"line":153,"context":154},11,"raw output",{"file":136,"line":156,"context":154},12,{"file":136,"line":132,"context":154},{"file":159,"line":160,"context":154},"update-content.php",18,{"file":159,"line":162,"context":154},52,{"file":159,"line":164,"context":154},58,{"file":159,"line":166,"context":154},66,{"file":159,"line":168,"context":154},67,{"file":159,"line":170,"context":154},68,{"file":159,"line":172,"context":154},69,{"file":159,"line":70,"context":154},{"file":159,"line":175,"context":154},87,{"file":159,"line":177,"context":154},91,{"file":159,"line":33,"context":154},{"file":159,"line":180,"context":154},106,{"file":159,"line":182,"context":154},130,{"file":159,"line":184,"context":154},166,{"file":159,"line":186,"context":154},194,{"file":159,"line":188,"context":154},209,{"file":159,"line":190,"context":154},212,{"file":159,"line":192,"context":154},216,{"file":159,"line":194,"context":154},225,{"file":159,"line":196,"context":154},231,[],[199,216],{"entryPoint":200,"graph":201,"unsanitizedCount":31,"severity":215},"updateHeader (update-content.php:2)",{"nodes":202,"edges":212},[203,207],{"id":204,"type":205,"label":206,"file":159,"line":192},"n0","source","$_SERVER['REQUEST_URI'] (x2)",{"id":208,"type":209,"label":210,"file":159,"line":192,"wp_function":211},"n1","sink","echo() [XSS]","echo",[213],{"from":204,"to":208,"sanitized":214},false,"medium",{"entryPoint":217,"graph":218,"unsanitizedCount":31,"severity":224},"\u003Cupdate-content> (update-content.php:0)",{"nodes":219,"edges":222},[220,221],{"id":204,"type":205,"label":206,"file":159,"line":192},{"id":208,"type":209,"label":210,"file":159,"line":192,"wp_function":211},[223],{"from":204,"to":208,"sanitized":214},"low",{"summary":226,"deductions":227},"The \"buddypress-sliding-login-panel\" plugin v1.2 exhibits a strong security posture in terms of its attack surface and historical vulnerability record. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits potential entry points for attackers. Furthermore, the plugin's clean vulnerability history, with zero recorded CVEs, suggests a history of secure development or diligent patching.\n\nHowever, the static analysis reveals a significant concern regarding output escaping. With 23 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data that is displayed on the frontend without proper sanitization could be exploited to inject malicious scripts. While the taint analysis showed no critical or high-severity unsanitized paths, the lack of output escaping is a pervasive and serious weakness that could be leveraged in conjunction with other, albeit currently undiscovered, weaknesses.\n\nIn conclusion, while the plugin benefits from a small attack surface and a clean vulnerability history, the widespread lack of output escaping presents a substantial security risk that needs immediate attention. This oversight significantly undermines the otherwise positive security indicators.",[228],{"reason":229,"points":230},"Outputs are not properly escaped",15,"2026-03-16T23:14:16.404Z",{"wat":233,"direct":240},{"assetPaths":234,"generatorPatterns":237,"scriptPaths":238,"versionParams":239},[235,236],"\u002Fwp-content\u002Fplugins\u002Fbuddypress-sliding-login-panel\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fbuddypress-sliding-login-panel\u002Fjs\u002Fslide.js",[],[236],[],{"cssClasses":241,"htmlComments":248,"htmlAttributes":249,"restEndpoints":272,"jsGlobals":273,"shortcodeOutput":275},[242,243,244,245,246,247],"iRToppanel","iRPanel","msg","avtext","whitetext","login",[],[250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271],"id=\"iRToppanel\"","id=\"iRPanel\"","class=\"content clearfix\"","id=\"message-threads\"","class=\"unread\"","class=\"read\"","class=\"message-subject\"","class=\"message-meta\"","class=\"button view\"","class=\"msg\"","class=\"left border\"","class=\"left narrow\"","id=\"avtext\"","id=\"toggle\"","class=\"tab\"","class=\"login\"","class=\"left\"","class=\"sep\"","id=\"open\"","class=\"open\"","id=\"close\"","class=\"close\"",[],[274],"PLUGINDIR",[]]