[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuGK8T7pawN-4K0AQUK5XGwi6g_cvEpKwoMML_QHxFLM":3,"$f2nFdJXFlp2C50db1a76bf53TFvwihXnbIlhEOQJANgQ":671,"$fe9yfGDwJoRw4DmzPxQUEOcI7QeFMgbc-hOQSw_9ZjTA":675},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":100,"crawl_stats":39,"alternatives":108,"analysis":212,"fingerprints":632},"bug-library","Bug Library","2.1.6","Yannick Lefebvre","https:\u002F\u002Fprofiles.wordpress.org\u002Fjackdewey\u002F","\u003Cp>This plugin provides an easy way to incorporate a bug\u002Fenhancement tracking system to a WordPress site. By adding a shortcode to a page, users will be able to display a bug list and allow visitors to submit new bugs \u002F enhancements. The plugin will also provide search and sorting capabilities. A captcha and approval mechanism will allow the site admin to avoid spam.\u003C\u002Fp>\n\u003Cp>You can try it out in a temporary copy of WordPress \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fbug-library\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbug-library\u002Fother_notes\u002F\" rel=\"ugc\">Changelog\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fbug-library\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin provides an easy way to incorporate a bug\u002Fenhancement tracking system to a WordPress site.",100,14771,94,6,"2025-01-20T15:24:00.000Z","6.5.8","3.0","",[20,21,22,23,24],"bug","feature","issue","request","tracker","https:\u002F\u002Fylefebvre.github.io\u002Fwordpress-plugins\u002Fbug-library\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.1.6.zip",87,4,0,"2025-01-24 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34,52,68,85],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":41,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":30,"updated_date":46,"references":47,"days_to_patch":49,"patch_diff_files":50,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2025-24728","bug-library-authenticated-contributor-sql-injection","Bug Library \u003C= 2.1.4 - Authenticated (Contributor+) SQL Injection","The Bug Library plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 2.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=2.1.4","2.1.5","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-01-28 19:05:53",[48],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb052b334-751e-4d70-9713-0c214cf932c2?source=api-prod",5,[],false,{"id":53,"url_slug":54,"title":55,"description":56,"plugin_slug":4,"theme_slug":39,"affected_versions":57,"patched_in_version":58,"severity":42,"cvss_score":59,"cvss_vector":60,"vuln_type":61,"published_date":62,"updated_date":63,"references":64,"days_to_patch":66,"patch_diff_files":67,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-5604","bug-library-authenticated-admin-stored-cross-site-scripting","Bug Library \u003C= 2.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting","The Bug Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C=2.1.1","2.1.2",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-06-28 00:00:00","2024-07-25 14:04:43",[65],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F78a464e0-f2d9-4916-aa93-d52a98757a91?source=api-prod",28,[],{"id":69,"url_slug":70,"title":71,"description":72,"plugin_slug":4,"theme_slug":39,"affected_versions":73,"patched_in_version":74,"severity":75,"cvss_score":76,"cvss_vector":77,"vuln_type":78,"published_date":79,"updated_date":80,"references":81,"days_to_patch":83,"patch_diff_files":84,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-5450","bug-library-unauthenticated-arbitrary-file-upload","Bug Library \u003C= 2.1 - Unauthenticated Arbitrary File Upload","The Bug Library plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the add_bug_field function in all versions up to, and including, 2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.","\u003C=2.1","2.1.1","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2024-06-22 00:00:00","2024-08-09 19:08:11",[82],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3925311f-d40b-4f54-9b98-a709b53ed179?source=api-prod",49,[],{"id":86,"url_slug":87,"title":88,"description":89,"plugin_slug":4,"theme_slug":39,"affected_versions":90,"patched_in_version":91,"severity":42,"cvss_score":92,"cvss_vector":93,"vuln_type":61,"published_date":94,"updated_date":95,"references":96,"days_to_patch":98,"patch_diff_files":99,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2021-38355","bug-library-reflected-cross-site-scripting","Bug Library \u003C= 2.0.3 - Reflected Cross-Site Scripting","The Bug Library WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the successimportcount parameter found in the ~\u002Fbug-library.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.3.","\u003C=2.0.3","2.0.4",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2021-09-09 00:00:00","2024-01-22 19:56:02",[97],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fffe33097-66fc-45f1-bc08-93a2b2234501?source=api-prod",866,[],{"slug":101,"display_name":7,"profile_url":8,"plugin_count":102,"total_installs":103,"avg_security_score":104,"avg_patch_time_days":105,"trust_score":106,"computed_at":107},"jackdewey",8,10960,91,498,73,"2026-05-20T05:16:47.476Z",[109,127,149,171,187],{"slug":110,"name":111,"version":112,"author":18,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":29,"num_ratings":29,"last_updated":118,"tested_up_to":119,"requires_at_least":119,"requires_php":18,"tags":120,"homepage":124,"download_link":125,"security_score":126,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"wp-mantis-table","WP Mantis Table","0.1.0","https:\u002F\u002Fprofiles.wordpress.org\u002Frtprime\u002F","\u003Cp>This plugin for WordPress 2.8 and above allows you to insert a simple table listing of issues from a Mantis Bug Tracker\u003Cbr \u002F>\ninto a wordpress page or post.  The plugin is perfect for projects which utilize WordPress for their news\u002Fcontent\u003Cbr \u002F>\nmanagement, but also utilize Mantis for their bug tracking\u002Fissue tracking\u003C\u002Fp>\n\u003Cp>Usage currently is simple:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set the URL to the Mantis API (usually \u003Ccode>http:\u002F\u002Fexample.com\u002Fmantisbt\u002Fapi\u002Fsoap\u002Fmantisconnect.php?wsdl\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Set your base URL for links back to your tracker (e.g. \u003Ccode>http:\u002F\u002Fexample.com\u002Fmantisbt\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>Set up a user in Mantis for wordpress connectivity – provide WP Mantis Tables with the username\u002Fpassword\u003C\u002Fli>\n\u003Cli>Provide the project ID # for the project you want to view\u003C\u002Fli>\n\u003Cli>Place \u003Ccode>[MantisTable]\u003C\u002Fcode> in the page\u002Fpost where you want the table to appear.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Optionally you can set the table background color for statuses, and change the names applied to each status level.\u003C\u002Fp>\n\u003Cp>Plans are under way to extend this functionality into a full Mantis plugin – to allow for many features including –\u003Cbr \u002F>\n(All coming in the future… eventually):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Limiting the number of issues posted \u002F paging through issues\u003C\u002Fli>\n\u003Cli>View an issue details and notes through WordPress popup\u003C\u002Fli>\n\u003Cli>Allow anonymous issue reports through a WordPress form\u003C\u002Fli>\n\u003Cli>Ability to filter results by version, status, category, etc. within the \u003Ccode>[MantisTable]\u003C\u002Fcode> tag.\u003C\u002Fli>\n\u003Cli>Change logs \u002F roadmaps\u003C\u002Fli>\n\u003Cli>Consolidated WordPress\u002FMantis plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To report issues with this plugin, or make a feature request, visit \u003Ca href=\"http:\u002F\u002Fissues.rtprime.net\" rel=\"nofollow ugc\">the WP Mantis Table issue tracker\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin for Wordpress 2.8 and above allows you to insert a simple table listing of issues from a Mantis Bug Tracker into a wordpress page or post.",10,3078,"2009-08-21T13:14:00.000Z","2.8",[121,122,123],"bug-tracker","issues","mantis","http:\u002F\u002Fwww.rtprime.net\u002Fwpplugins\u002Fwpmantistables","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mantis-table.0.1.zip",85,{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":29,"downloaded":135,"rating":11,"num_ratings":136,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":140,"tags":141,"homepage":146,"download_link":147,"security_score":11,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":148},"annotatr","Annotatr – Bug Reporting, Bug Tracking, Kanban Board and Project Management","1.0.4","rebelliousdigital","https:\u002F\u002Fprofiles.wordpress.org\u002Frebelliousdigital\u002F","\u003Cp>\u003Cstrong>Tired of juggling emails, spreadsheets, and multiple apps for bug tracking?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Annotatr is a WordPress plugin designed for developers, agencies, and teams to capture, assign, and resolve issues directly on your website. It keeps all feedback in one place, inside your WordPress dashboard, with context captured automatically.\u003C\u002Fp>\n\u003Cp>Watch Annotatr in action: \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FQCmLlisaoAc\" rel=\"nofollow ugc\">YouTube Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Benefits:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Native to WordPress\u003C\u002Fstrong> — No third-party apps or accounts needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data belongs to you\u003C\u002Fstrong> — All feedback stored in your own WordPress database\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Visual Kanban board\u003C\u002Fstrong> — Track issues from Open \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> In Progress \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Done\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Context captured automatically\u003C\u002Fstrong> — Device, browser, screen resolution, and page URL\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Collaborative\u003C\u002Fstrong> — Comments, assignments, @mentions, and notifications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Core Features (Free)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Point & Capture: Highlight elements and submit bugs instantly\u003C\u002Fli>\n\u003Cli>Automatic screenshots: Capture without manual uploads\u003C\u002Fli>\n\u003Cli>Assign bugs to developers or testers\u003C\u002Fli>\n\u003Cli>Real-time notifications and activity log\u003C\u002Fli>\n\u003Cli>Page-specific tracking for easy context\u003C\u002Fli>\n\u003Cli>Modern, fast interface using the WordPress REST API\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Unlimited team members\u003C\u002Fli>\n\u003Cli>Due dates & automatic reminders\u003C\u002Fli>\n\u003Cli>Multiple board views (Kanban, List, Timeline)\u003C\u002Fli>\n\u003Cli>Bulk actions & filters\u003C\u002Fli>\n\u003Cli>Subtasks for notes\u003C\u002Fli>\n\u003Cli>Console & network error logging\u003C\u002Fli>\n\u003Cli>Whitelabel branding\u003C\u002Fli>\n\u003Cli>Statistics dashboard\u003C\u002Fli>\n\u003Cli>Priority support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fannotatr.co.uk\u002F#pricing\" rel=\"nofollow ugc\">Upgrade to Premium \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Add team members — assign developers and test users\u003C\u002Fli>\n\u003Cli>Create your first note — click the Annotatr icon on any page\u003C\u002Fli>\n\u003Cli>Point and capture — highlight elements and submit feedback\u003C\u002Fli>\n\u003Cli>Manage notes on the Kanban board\u003C\u002Fli>\n\u003Cli>Collaborate via comments and assignments\u003C\u002Fli>\n\u003C\u002Fol>\n","Visual feedback and bug tracking for WordPress. Capture, assign, and fix issues without leaving your site — no more chasing reports.",433,2,"2026-02-27T22:43:00.000Z","6.8.5","5.8","7.4",[121,142,143,144,145],"client-feedback","issue-tracker","kanban-board","project-management","https:\u002F\u002Fannotatr.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fannotatr.1.0.4.zip","2026-03-15T15:16:48.613Z",{"slug":150,"name":151,"version":152,"author":153,"author_profile":154,"description":155,"short_description":156,"active_installs":29,"downloaded":157,"rating":11,"num_ratings":158,"last_updated":159,"tested_up_to":160,"requires_at_least":161,"requires_php":140,"tags":162,"homepage":168,"download_link":169,"security_score":11,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":170},"feedhub-feedback-widget","FeedHub – Feedback Widget","1.0.2","cyrgim","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyrgim\u002F","\u003Cp>FeedHub is a feedback collection tool that helps you gather feature requests, bug reports, and general feedback from your users. This plugin makes it easy to add the FeedHub widget to your WordPress site without writing any code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Popup Widget\u003C\u002Fstrong> – A floating feedback button that opens a modal form\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Inline Widget\u003C\u002Fstrong> – Embed the feedback form anywhere using a shortcode\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Colors\u003C\u002Fstrong> – Match your brand with custom primary, text, and background colors\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Labels\u003C\u002Fstrong> – Personalize all form labels and messages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress User Integration\u003C\u002Fstrong> – Automatically fill in logged-in user’s name and email\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Support\u003C\u002Fstrong> – Place inline widgets anywhere with \u003Ccode>[feedhub]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Position Control\u003C\u002Fstrong> – Choose where the popup button appears (corners)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How It Works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Sign up for a free account at \u003Ca href=\"https:\u002F\u002Ffeedhub.app\" rel=\"nofollow ugc\">feedhub.app\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Create your feedback board\u003C\u002Fli>\n\u003Cli>Get your App Slug and Widget Key from the dashboard\u003C\u002Fli>\n\u003Cli>Install and configure this plugin\u003C\u002Fli>\n\u003Cli>Start collecting feedback!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Requirements:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A FeedHub account (free tier available)\u003C\u002Fli>\n\u003Cli>Your App Slug and Widget Key from the FeedHub dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to FeedHub (https:\u002F\u002Ffeedhub.app), a feedback collection service that enables website visitors to submit feature requests, bug reports, and general feedback.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The widget script is loaded from https:\u002F\u002Ffeedhub.app\u002Fwidget.js on every page where the widget is displayed\u003C\u002Fli>\n\u003Cli>When a user submits feedback, the following data is sent to FeedHub: feedback text, category (feature request\u002Fbug report\u002Fother), and optionally the user’s name and email address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Service provider:\u003C\u002Fstrong> FeedHub (https:\u002F\u002Ffeedhub.app)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffeedhub.app\u002Fterms\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffeedhub.app\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily collect user feedback on your WordPress site with FeedHub's beautiful feedback widget.",126,1,"2026-01-23T22:38:00.000Z","6.9.4","5.0",[163,164,165,166,167],"bug-reports","customer-feedback","feature-requests","feedback","widget","https:\u002F\u002Ffeedhub.app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeedhub-feedback-widget.1.0.2.zip","2026-04-06T09:54:40.288Z",{"slug":172,"name":173,"version":174,"author":175,"author_profile":176,"description":177,"short_description":178,"active_installs":29,"downloaded":179,"rating":29,"num_ratings":29,"last_updated":180,"tested_up_to":160,"requires_at_least":161,"requires_php":140,"tags":181,"homepage":185,"download_link":186,"security_score":11,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"seggwat-feedback","SeggWat Feedback","1.6.1","haukejung","https:\u002F\u002Fprofiles.wordpress.org\u002Fhaukejung\u002F","\u003Cp>SeggWat Feedback adds a lightweight feedback widget to your WordPress site, allowing visitors to submit bug reports, feature requests, praise, and questions directly from any page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This plugin connects to the SeggWat service\u003C\u002Fstrong> (\u003Ca href=\"https:\u002F\u002Fseggwat.com\" rel=\"nofollow ugc\">seggwat.com\u003C\u002Fa>) to collect and manage feedback. A free SeggWat account and Project Key are required. By using this plugin, you agree to the \u003Ca href=\"https:\u002F\u002Fseggwat.com\u002Flegal\u002Fterms\" rel=\"nofollow ugc\">SeggWat Terms of Service\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fseggwat.com\u002Flegal\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customizable button color and position\u003C\u002Fli>\n\u003Cli>Multi-language support (English, German, Swedish) with auto-detection\u003C\u002Fli>\n\u003Cli>Per-page control to enable\u002Fdisable the widget on specific posts and pages\u003C\u002Fli>\n\u003Cli>White-label option to hide “Powered by SeggWat” branding\u003C\u002Fli>\n\u003Cli>Three button positions: right side, bottom right, or compact icon-only\u003C\u002Fli>\n\u003Cli>Developer-friendly with filters for advanced customization\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How It Works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create a free account at \u003Ca href=\"https:\u002F\u002Fseggwat.com\" rel=\"nofollow ugc\">seggwat.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Get your Project Key from the SeggWat dashboard\u003C\u002Fli>\n\u003Cli>Configure the plugin in WordPress under Settings > SeggWat Feedback\u003C\u002Fli>\n\u003Cli>The feedback widget appears on your site, collecting submissions to your SeggWat dashboard\u003C\u002Fli>\n\u003C\u002Fol>\n","Collect user feedback directly from your WordPress site with a beautiful, customizable widget.",118,"2026-01-05T16:50:00.000Z",[182,183,166,184,167],"bug-report","feature-request","user-feedback","https:\u002F\u002Fgithub.com\u002FSeggWat\u002Fwp-plugin-seggwat","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fseggwat-feedback.1.6.1.zip",{"slug":188,"name":189,"version":190,"author":191,"author_profile":192,"description":193,"short_description":194,"active_installs":195,"downloaded":196,"rating":197,"num_ratings":198,"last_updated":199,"tested_up_to":200,"requires_at_least":201,"requires_php":202,"tags":203,"homepage":208,"download_link":209,"security_score":210,"vuln_count":102,"unpatched_count":29,"last_vuln_date":211,"fetched_at":31},"ideapush","IdeaPush","8.73","Northern Beaches Websites","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorthernbeacheswebsites\u002F","\u003Cp>With IdeaPush you can add an awesome feature\u002Fidea request system to WordPress. Use IdeaPush to generate new ideas or get feedback from actual users and customers or use it as a support triage system or use it for something else!\u003C\u002Fp>\n\u003Cp>Watch the plugin walkthrough:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FyFaGNbYUiIw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Check out the \u003Ca href=\"https:\u002F\u002Fnorthernbeacheswebsites.com.au\u002Fideapush-feature-requests\u002F\" rel=\"nofollow ugc\">demo page here\u003C\u002Fa> and submit an idea for the plugin.\u003C\u002Fp>\n\u003Ch4>Rich and extensive notifications\u003C\u002Fh4>\n\u003Cp>Easily activate automatic notifications for the administrator, idea authors or voters for a range of actions. Use our simple but powerful shortcode generator to make your email subject and content dynamic, relevant and personalised.\u003C\u002Fp>\n\u003Ch4>Intelligent voting\u003C\u002Fh4>\n\u003Cp>Enable users or guests to vote on ideas with an up vote only or an up and down vote so poor ideas can be buried and good ideas can rise. Place a daily maximum voting limit on voting to prevent misuse. Set a vote threshold for your board so ideas automatically change status when the vote goal is reached.\u003C\u002Fp>\n\u003Ch4>Fast idea creation\u003C\u002Fh4>\n\u003Cp>With an accessible form users or guests can create new ideas and assign ideas tags and an attachment. Like votes, new ideas can have a daily limit so things don’t get out of control. Eliminate bot ideas with built-in honeypot and math problem protection. When new ideas are submitted, ideas can either be automatically published or get assigned a pending status for administrator approval. Upgrade to pro to show suggested ideas to users whilst they write a new idea to prevent duplication.\u003C\u002Fp>\n\u003Ch4>Easy to use and fast setup\u003C\u002Fh4>\n\u003Cp>The admin interface is well organised and provides extensive options for customising the plugin. Create a new board in seconds and add the board shortcode provided to any post or page.\u003C\u002Fp>\n\u003Ch4>Statuses to keep things organised\u003C\u002Fh4>\n\u003Cp>Statuses keep your ideas organised and logical within a typical development workflow. Ideas when created are set to open and are set to reviewed when the vote goal has been reached and can then be changed to approved or declined and then to in progress and completed. Ideas can be edited in the backend like any other WordPress post. Optionally, tags can be used as a secondary categorisation method to better manage ideas.\u003C\u002Fp>\n\u003Ch4>Beautiful, dynamic and intuitive user interface\u003C\u002Fh4>\n\u003Cp>Great attention to detail has been made to bring the frontend design to a professional level. IdeaPush is a dynamic Ajax powered interface so ideas move up and down as a vote gets cast. When ideas are sorted to show ideas by the most popular, recent, trending, your own ideas or ideas you have voted on, new ideas are fetched. Ideas can also be filtered by status or tags to create specific lookups of ideas.\u003C\u002Fp>\n\u003Cp>Or better yet, use our super powerful live search filter to search idea titles, content, authors and tags with search phrase highlighting.\u003C\u002Fp>\n\u003Cp>Each idea has its own page for sharing and SEO purposes and for administrators there are quick action buttons on the single idea page to bring idea triage to the frontend. Upgrade to pro to remove the single idea page.\u003C\u002Fp>\n\u003Ch4>Other things\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The plugin tightly integrates with existing WordPress functions\u003C\u002Fli>\n\u003Cli>Translate certain things in the plugin settings and translate the rest using Poedit – German has already been done!\u003C\u002Fli>\n\u003Cli>Extension board and global options\u003C\u002Fli>\n\u003Cli>Enable or disable comments for ideas\u003C\u002Fli>\n\u003Cli>An array of action hooks for other developers to sink their teeth into\u003C\u002Fli>\n\u003Cli>You can choose to make a board available only to a certain user role or hide a board from WordPress search\u003C\u002Fli>\n\u003Cli>It’s mobile responsive\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upgrade to pro\u003C\u002Fh4>\n\u003Cp>Upgrade to pro to unlock multiple boards and our powerful idea suggestion system to minimise duplicate ideas and so much more!\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FHD18EijWSHo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>All pro features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The ability to create multiple boards\u003C\u002Fli>\n\u003Cli>Idea and tag suggestion system when users are creating a new idea to minimise duplicate ideas and tags\u003C\u002Fli>\n\u003Cli>Shows related ideas on the single idea page\u003C\u002Fli>\n\u003Cli>A beautiful idea history timeline on the editing interface so you can see and track the status of and idea and how it has changed over time and the ability to add an internal note to an idea\u003C\u002Fli>\n\u003Cli>The ability to send an email to voters or the author of an idea with a custom and dynamic text\u003C\u002Fli>\n\u003Cli>Track the activity of your ideas and votes over time and by user via the reports menu item\u003C\u002Fli>\n\u003Cli>The ability to disable the single ideas page\u003C\u002Fli>\n\u003Cli>An awesome integration with Zendesk\u003C\u002Fli>\n\u003Cli>A simple but powerful integration with MailChimp\u003C\u002Fli>\n\u003Cli>Ability to create challenges\u003C\u002Fli>\n\u003Cli>Custom fields and multiple form settings including video field\u003C\u002Fli>\n\u003Cli>User idea editing and deleting\u003C\u002Fli>\n\u003Cli>Leaderboards\u003C\u002Fli>\n\u003Cli>An awesome integration with Jira\u003C\u002Fli>\n\u003Cli>Merge duplicate ideas\u003C\u002Fli>\n\u003Cli>Have multiple users on the same IP address\u003C\u002Fli>\n\u003Cli>Show images inline on the all ideas page\u003C\u002Fli>\n\u003Cli>Widgets! Including a widget to show the leaderboard, a widget to display tags and a widget to display the idea form for a particular board\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pro customers will also enjoy priority support and theming assistance so IdeaPush looks just right.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fnorthernbeacheswebsites.com.au\u002Fideapush-pro\u002F\" rel=\"nofollow ugc\">Learn more about IdeaPush Pro here\u003C\u002Fa>\u003C\u002Fp>\n","IdeaPush is a feature request management system for WordPress",800,37993,90,31,"2024-12-01T22:00:00.000Z","6.7.5","4.0","5.2.4",[183,204,205,206,207],"idea","idea-collector","idea-board","push","https:\u002F\u002Fwww.northernbeacheswebsites.com.au","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fideapush.8.73.zip",88,"2024-12-27 00:00:00",{"attackSurface":213,"codeSignals":341,"taintFlows":463,"riskAssessment":616,"analyzedAt":631},{"hooks":214,"ajaxHandlers":334,"restRoutes":335,"shortcodes":336,"cronEvents":340,"entryPointCount":158,"unprotectedCount":29},[215,221,226,229,233,237,241,245,249,252,256,260,264,268,271,275,278,282,285,289,292,296,300,303,307,310,314,318,322,326,330],{"type":216,"name":217,"callback":218,"priority":116,"file":219,"line":220},"filter","screen_layout_columns","on_screen_layout_columns","bug-library.php",59,{"type":222,"name":223,"callback":224,"file":219,"line":225},"action","admin_menu","on_admin_menu",61,{"type":222,"name":227,"callback":227,"file":219,"line":228},"admin_init",63,{"type":222,"name":230,"callback":231,"file":219,"line":232},"admin_post_save_bug_library_general","on_save_changes_general",65,{"type":222,"name":234,"callback":235,"file":219,"line":236},"admin_post_save_bug_library_stylesheet","on_save_changes_stylesheet",66,{"type":222,"name":238,"callback":239,"file":219,"line":240},"wp_head","bl_page_header",72,{"type":222,"name":242,"callback":243,"file":219,"line":244},"admin_enqueue_scripts","bl_admin_header",74,{"type":222,"name":246,"callback":247,"priority":29,"file":219,"line":248},"init","my_custom_taxonomies",76,{"type":222,"name":246,"callback":250,"file":219,"line":251},"create_bug_post_type",77,{"type":222,"name":253,"callback":254,"file":219,"line":255},"manage_posts_custom_column","bugs_populate_columns",79,{"type":216,"name":257,"callback":258,"file":219,"line":259},"manage_edit-bug-library-bugs_columns","bugs_columns_list",80,{"type":216,"name":261,"callback":262,"priority":116,"file":219,"line":263},"manage_edit-bug-library-types_columns","bugs_types_custom_column_header",82,{"type":216,"name":265,"callback":266,"priority":116,"file":219,"line":267},"manage_bug-library-types_custom_column","bugs_add_types_id",83,{"type":216,"name":269,"callback":270,"priority":116,"file":219,"line":126},"manage_edit-bug-library-products_columns","bugs_products_custom_column_header",{"type":216,"name":272,"callback":273,"priority":116,"file":219,"line":274},"manage_bug-library-products_custom_column","bugs_add_products_id",86,{"type":216,"name":276,"callback":277,"priority":116,"file":219,"line":210},"manage_edit-bug-library-status_columns","bugs_status_custom_column_header",{"type":216,"name":279,"callback":280,"priority":116,"file":219,"line":281},"manage_bug-library-status_custom_column","bugs_add_status_id",89,{"type":216,"name":283,"callback":284,"priority":116,"file":219,"line":104},"manage_edit-bug-library-priority_columns","bugs_priority_custom_column_header",{"type":216,"name":286,"callback":287,"priority":116,"file":219,"line":288},"manage_bug-library-priority_custom_column","bugs_add_priority_id",92,{"type":222,"name":290,"callback":291,"file":219,"line":13},"restrict_manage_posts","restrict_listings",{"type":216,"name":293,"callback":294,"file":219,"line":295},"parse_query","convert_ids_to_taxonomy_term_in_query",95,{"type":222,"name":297,"callback":298,"priority":116,"file":219,"line":299},"save_post","add_bug_field",97,{"type":222,"name":297,"callback":301,"priority":116,"file":219,"line":302},"save_quick_edit_data",98,{"type":222,"name":304,"callback":305,"file":219,"line":306},"delete_post","delete_bug_field",99,{"type":216,"name":308,"callback":309,"file":219,"line":11},"wp_insert_post_data","filter_post_data",{"type":222,"name":311,"callback":312,"file":219,"line":313},"template_redirect","bl_template_redirect",102,{"type":216,"name":315,"callback":316,"file":219,"line":317},"the_posts","conditionally_add_scripts_and_styles",105,{"type":222,"name":319,"callback":320,"priority":116,"file":219,"line":321},"quick_edit_custom_box","quick_edit_add",108,{"type":222,"name":323,"callback":324,"file":219,"line":325},"admin_footer","quick_edit_js",111,{"type":216,"name":327,"callback":328,"priority":116,"file":219,"line":329},"post_row_actions","quick_edit_link",112,{"type":216,"name":331,"callback":332,"file":219,"line":333},"template_include","bl_template_include",117,[],[],[337],{"tag":4,"callback":338,"file":219,"line":339},"bug_library_func",69,[],{"dangerousFunctions":342,"sqlUsage":343,"outputEscaping":369,"fileOperations":461,"externalRequests":29,"nonceChecks":344,"capabilityChecks":28,"bundledLibraries":462},[],{"prepared":344,"raw":116,"locations":345},3,[346,349,351,353,355,357,359,361,363,366],{"file":219,"line":347,"context":348},125,"$wpdb->get_var() with variable interpolation",{"file":219,"line":350,"context":348},133,{"file":219,"line":352,"context":348},143,{"file":219,"line":354,"context":348},151,{"file":219,"line":356,"context":348},161,{"file":219,"line":358,"context":348},169,{"file":219,"line":360,"context":348},179,{"file":219,"line":362,"context":348},187,{"file":219,"line":364,"context":365},197,"$wpdb->get_results() with variable interpolation",{"file":367,"line":368,"context":348},"single-bug-library-bugs.php",52,{"escaped":370,"rawEcho":371,"locations":372},319,45,[373,376,378,380,382,384,386,388,390,392,394,396,398,400,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,442,443,445,446,448,450,452,454,456,458],{"file":219,"line":374,"context":375},640,"raw output",{"file":219,"line":377,"context":375},724,{"file":219,"line":379,"context":375},748,{"file":219,"line":381,"context":375},753,{"file":219,"line":383,"context":375},769,{"file":219,"line":385,"context":375},776,{"file":219,"line":387,"context":375},785,{"file":219,"line":389,"context":375},804,{"file":219,"line":391,"context":375},813,{"file":219,"line":393,"context":375},820,{"file":219,"line":395,"context":375},829,{"file":219,"line":397,"context":375},847,{"file":219,"line":399,"context":375},856,{"file":219,"line":98,"context":375},{"file":219,"line":402,"context":375},876,{"file":219,"line":404,"context":375},886,{"file":219,"line":406,"context":375},896,{"file":219,"line":408,"context":375},906,{"file":219,"line":410,"context":375},909,{"file":219,"line":412,"context":375},911,{"file":219,"line":414,"context":375},914,{"file":219,"line":416,"context":375},923,{"file":219,"line":418,"context":375},1346,{"file":219,"line":420,"context":375},1348,{"file":219,"line":422,"context":375},1350,{"file":219,"line":424,"context":375},1352,{"file":219,"line":426,"context":375},1354,{"file":219,"line":428,"context":375},1356,{"file":219,"line":430,"context":375},1367,{"file":219,"line":432,"context":375},1369,{"file":219,"line":434,"context":375},1384,{"file":219,"line":436,"context":375},2081,{"file":219,"line":438,"context":375},2105,{"file":219,"line":440,"context":375},2131,{"file":367,"line":228,"context":375},{"file":367,"line":228,"context":375},{"file":367,"line":444,"context":375},70,{"file":367,"line":106,"context":375},{"file":447,"line":136,"context":375},"submitnewissue.php",{"file":447,"line":449,"context":375},270,{"file":447,"line":451,"context":375},275,{"file":447,"line":453,"context":375},285,{"file":447,"line":455,"context":375},297,{"file":447,"line":457,"context":375},298,{"file":459,"line":460,"context":375},"tools\\class.csstidy.php",504,14,[],[464,479,493,504,513,526,586],{"entryPoint":465,"graph":466,"unsanitizedCount":158,"severity":42},"on_show_page (bug-library.php:1330)",{"nodes":467,"edges":477},[468,472],{"id":469,"type":470,"label":471,"file":219,"line":426},"n0","source","$_GET['importrowscount']",{"id":473,"type":474,"label":475,"file":219,"line":426,"wp_function":476},"n1","sink","echo() [XSS]","echo",[478],{"from":469,"to":473,"sanitized":51},{"entryPoint":480,"graph":481,"unsanitizedCount":29,"severity":492},"on_save_changes_general (bug-library.php:1442)",{"nodes":482,"edges":489},[483,486],{"id":469,"type":470,"label":484,"file":219,"line":485},"$_POST['_wp_http_referer']",1771,{"id":473,"type":474,"label":487,"file":219,"line":485,"wp_function":488},"wp_redirect() [Open Redirect]","wp_redirect",[490],{"from":469,"to":473,"sanitized":491},true,"low",{"entryPoint":494,"graph":495,"unsanitizedCount":29,"severity":492},"on_save_changes_stylesheet (bug-library.php:1775)",{"nodes":496,"edges":502},[497,500],{"id":469,"type":470,"label":498,"file":219,"line":499},"$_POST",1814,{"id":473,"type":474,"label":487,"file":219,"line":501,"wp_function":488},1820,[503],{"from":469,"to":473,"sanitized":491},{"entryPoint":505,"graph":506,"unsanitizedCount":29,"severity":492},"on_save_changes_instructions (bug-library.php:1824)",{"nodes":507,"edges":511},[508,510],{"id":469,"type":470,"label":484,"file":219,"line":509},1832,{"id":473,"type":474,"label":487,"file":219,"line":509,"wp_function":488},[512],{"from":469,"to":473,"sanitized":491},{"entryPoint":514,"graph":515,"unsanitizedCount":29,"severity":492},"BugLibrary (bug-library.php:2152)",{"nodes":516,"edges":524},[517,520],{"id":469,"type":470,"label":518,"file":219,"line":519},"$_GET",2167,{"id":473,"type":474,"label":521,"file":219,"line":522,"wp_function":523},"get_results() [SQLi]",2269,"get_results",[525],{"from":469,"to":473,"sanitized":491},{"entryPoint":527,"graph":528,"unsanitizedCount":29,"severity":492},"\u003Cbug-library> (bug-library.php:0)",{"nodes":529,"edges":576},[530,531,532,535,537,539,541,545,548,552,555,558,563,565,567,570,574],{"id":469,"type":470,"label":471,"file":219,"line":426},{"id":473,"type":474,"label":475,"file":219,"line":426,"wp_function":476},{"id":533,"type":470,"label":534,"file":219,"line":485},"n2","$_POST['_wp_http_referer'] (x2)",{"id":536,"type":474,"label":487,"file":219,"line":485,"wp_function":488},"n3",{"id":538,"type":470,"label":498,"file":219,"line":499},"n4",{"id":540,"type":474,"label":487,"file":219,"line":501,"wp_function":488},"n5",{"id":542,"type":470,"label":543,"file":219,"line":544},"n6","$_FILES (x4)",1460,{"id":546,"type":474,"label":475,"file":219,"line":547,"wp_function":476},"n7",1845,{"id":549,"type":470,"label":550,"file":219,"line":551},"n8","$_POST (x8)",1686,{"id":553,"type":474,"label":475,"file":219,"line":554,"wp_function":476},"n9",1997,{"id":556,"type":470,"label":518,"file":219,"line":557},"n10",2195,{"id":559,"type":474,"label":560,"file":219,"line":561,"wp_function":562},"n11","get_var() [SQLi]",2259,"get_var",{"id":564,"type":470,"label":518,"file":219,"line":519},"n12",{"id":566,"type":474,"label":521,"file":219,"line":522,"wp_function":523},"n13",{"id":568,"type":470,"label":518,"file":219,"line":569},"n14",2699,{"id":571,"type":572,"label":573,"file":219,"line":569},"n15","transform","→ BugLibrary()",{"id":575,"type":474,"label":560,"file":219,"line":561,"wp_function":562},"n16",[577,578,579,580,581,582,583,584,585],{"from":469,"to":473,"sanitized":491},{"from":533,"to":536,"sanitized":491},{"from":538,"to":540,"sanitized":491},{"from":542,"to":546,"sanitized":491},{"from":549,"to":553,"sanitized":491},{"from":556,"to":559,"sanitized":491},{"from":564,"to":566,"sanitized":491},{"from":568,"to":571,"sanitized":51},{"from":571,"to":575,"sanitized":491},{"entryPoint":587,"graph":588,"unsanitizedCount":28,"severity":492},"\u003Csubmitnewissue> (submitnewissue.php:0)",{"nodes":589,"edges":610},[590,593,594,597,598,601,602,605,606,609],{"id":469,"type":470,"label":591,"file":447,"line":592},"$_POST['new-bug-title']",219,{"id":473,"type":474,"label":475,"file":447,"line":592,"wp_function":476},{"id":533,"type":470,"label":595,"file":447,"line":596},"$_POST['new-bug-version']",242,{"id":536,"type":474,"label":475,"file":447,"line":596,"wp_function":476},{"id":538,"type":470,"label":599,"file":447,"line":600},"$_POST['new-bug-desc']",266,{"id":540,"type":474,"label":475,"file":447,"line":600,"wp_function":476},{"id":542,"type":470,"label":603,"file":447,"line":604},"$_POST['new-bug-reporter-name']",271,{"id":546,"type":474,"label":475,"file":447,"line":604,"wp_function":476},{"id":549,"type":470,"label":607,"file":447,"line":608},"$_POST['new-bug-reporter-email']",276,{"id":553,"type":474,"label":475,"file":447,"line":608,"wp_function":476},[611,612,613,614,615],{"from":469,"to":473,"sanitized":51},{"from":533,"to":536,"sanitized":51},{"from":538,"to":540,"sanitized":491},{"from":542,"to":546,"sanitized":51},{"from":549,"to":553,"sanitized":51},{"summary":617,"deductions":618},"The \"bug-library\" plugin v2.1.6 exhibits a mixed security posture. While the static analysis reveals a low attack surface with no identified unprotected entry points and generally good practices regarding output escaping and capability checks, there are areas of concern. The presence of unsanitized paths in taint analysis, even without critical or high severity, suggests potential vulnerabilities if these paths are exposed to user input. Furthermore, the vulnerability history is a significant red flag, with four known CVEs including one critical and three medium severity issues. The types of past vulnerabilities, particularly SQL Injection and Cross-site Scripting, combined with the current taint analysis findings, indicate a recurring pattern of input sanitization weaknesses. Although there are no currently unpatched CVEs, the historical prevalence of severe vulnerabilities suggests that the plugin's codebase may be prone to such issues. The plugin's strengths lie in its limited attack surface and diligent output escaping, but the historical vulnerability record and specific taint analysis findings necessitate caution.",[619,621,624,627,629],{"reason":620,"points":116},"Unsanitized paths in taint analysis",{"reason":622,"points":623},"History of critical severity CVEs",15,{"reason":625,"points":626},"History of medium severity CVEs (3)",9,{"reason":628,"points":102},"SQL queries with low prepared statement usage (23%)",{"reason":630,"points":344},"Limited nonce checks (3)","2026-03-16T21:11:54.384Z",{"wat":633,"direct":646},{"assetPaths":634,"generatorPatterns":639,"scriptPaths":640,"versionParams":641},[635,636,637,638],"\u002Fwp-content\u002Fplugins\u002Fbug-library\u002Fcss\u002Fbug-library.css","\u002Fwp-content\u002Fplugins\u002Fbug-library\u002Fcss\u002Fbug-library-admin.css","\u002Fwp-content\u002Fplugins\u002Fbug-library\u002Fjs\u002Fbug-library-admin.js","\u002Fwp-content\u002Fplugins\u002Fbug-library\u002Fjs\u002Fbug-library-frontend.js",[],[637,638],[642,643,644,645],"bug-library\u002Fcss\u002Fbug-library.css?ver=","bug-library\u002Fcss\u002Fbug-library-admin.css?ver=","bug-library\u002Fjs\u002Fbug-library-admin.js?ver=","bug-library\u002Fjs\u002Fbug-library-frontend.js?ver=",{"cssClasses":647,"htmlComments":655,"htmlAttributes":659,"restEndpoints":663,"jsGlobals":664,"shortcodeOutput":667},[648,649,650,651,652,653,654],"bug-library-wrap","bug-library-section","bug-library-bugs-table","bug-library-type-selector","bug-library-status-selector","bug-library-product-selector","bug-library-priority-selector",[656,657,658],"\u003C!-- Bug Library -->","\u003C!-- Bug Library Admin Settings -->","\u003C!-- Bug Library Frontend Display -->",[660,661,662],"data-bug-library-id","data-bug-library-type","data-bug-library-status",[],[665,666],"bugLibraryAdmin","bugLibraryFrontend",[668,669,670],"[bug-library]","[bug-library type='bug-report']","[bug-library status='open']",{"error":491,"url":672,"statusCode":673,"statusMessage":674,"message":674},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fbug-library\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":676,"versions":677},13,[678,683,689,697,705,712,720,730,740,750,760,770,779],{"version":6,"download_url":26,"svn_tag_url":679,"released_at":39,"has_diff":51,"diff_files_changed":680,"diff_lines":39,"trac_diff_url":681,"vulnerabilities":682,"is_current":491},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.1.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.1.5&new_path=%2Fbug-library%2Ftags%2F2.1.6",[],{"version":41,"download_url":684,"svn_tag_url":685,"released_at":39,"has_diff":51,"diff_files_changed":686,"diff_lines":39,"trac_diff_url":687,"vulnerabilities":688,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.1.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.1.4&new_path=%2Fbug-library%2Ftags%2F2.1.5",[],{"version":690,"download_url":691,"svn_tag_url":692,"released_at":39,"has_diff":51,"diff_files_changed":693,"diff_lines":39,"trac_diff_url":694,"vulnerabilities":695,"is_current":51},"2.1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.1.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.1.3&new_path=%2Fbug-library%2Ftags%2F2.1.4",[696],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":698,"download_url":699,"svn_tag_url":700,"released_at":39,"has_diff":51,"diff_files_changed":701,"diff_lines":39,"trac_diff_url":702,"vulnerabilities":703,"is_current":51},"2.1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.1.2&new_path=%2Fbug-library%2Ftags%2F2.1.3",[704],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":58,"download_url":706,"svn_tag_url":707,"released_at":39,"has_diff":51,"diff_files_changed":708,"diff_lines":39,"trac_diff_url":709,"vulnerabilities":710,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.1.1&new_path=%2Fbug-library%2Ftags%2F2.1.2",[711],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":74,"download_url":713,"svn_tag_url":714,"released_at":39,"has_diff":51,"diff_files_changed":715,"diff_lines":39,"trac_diff_url":716,"vulnerabilities":717,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.1&new_path=%2Fbug-library%2Ftags%2F2.1.1",[718,719],{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":721,"download_url":722,"svn_tag_url":723,"released_at":39,"has_diff":51,"diff_files_changed":724,"diff_lines":39,"trac_diff_url":725,"vulnerabilities":726,"is_current":51},"2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.0.8&new_path=%2Fbug-library%2Ftags%2F2.1",[727,728,729],{"id":69,"url_slug":70,"title":71,"severity":75,"cvss_score":76,"vuln_type":78,"patched_in_version":74},{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":731,"download_url":732,"svn_tag_url":733,"released_at":39,"has_diff":51,"diff_files_changed":734,"diff_lines":39,"trac_diff_url":735,"vulnerabilities":736,"is_current":51},"2.0.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.0.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.0.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.0.7&new_path=%2Fbug-library%2Ftags%2F2.0.8",[737,738,739],{"id":69,"url_slug":70,"title":71,"severity":75,"cvss_score":76,"vuln_type":78,"patched_in_version":74},{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":741,"download_url":742,"svn_tag_url":743,"released_at":39,"has_diff":51,"diff_files_changed":744,"diff_lines":39,"trac_diff_url":745,"vulnerabilities":746,"is_current":51},"2.0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.0.6&new_path=%2Fbug-library%2Ftags%2F2.0.7",[747,748,749],{"id":69,"url_slug":70,"title":71,"severity":75,"cvss_score":76,"vuln_type":78,"patched_in_version":74},{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":751,"download_url":752,"svn_tag_url":753,"released_at":39,"has_diff":51,"diff_files_changed":754,"diff_lines":39,"trac_diff_url":755,"vulnerabilities":756,"is_current":51},"2.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.0.5&new_path=%2Fbug-library%2Ftags%2F2.0.6",[757,758,759],{"id":69,"url_slug":70,"title":71,"severity":75,"cvss_score":76,"vuln_type":78,"patched_in_version":74},{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":761,"download_url":762,"svn_tag_url":763,"released_at":39,"has_diff":51,"diff_files_changed":764,"diff_lines":39,"trac_diff_url":765,"vulnerabilities":766,"is_current":51},"2.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F2.0.4&new_path=%2Fbug-library%2Ftags%2F2.0.5",[767,768,769],{"id":69,"url_slug":70,"title":71,"severity":75,"cvss_score":76,"vuln_type":78,"patched_in_version":74},{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":91,"download_url":771,"svn_tag_url":772,"released_at":39,"has_diff":51,"diff_files_changed":773,"diff_lines":39,"trac_diff_url":774,"vulnerabilities":775,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.2.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F2.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbug-library%2Ftags%2F1.2.7&new_path=%2Fbug-library%2Ftags%2F2.0.4",[776,777,778],{"id":69,"url_slug":70,"title":71,"severity":75,"cvss_score":76,"vuln_type":78,"patched_in_version":74},{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":780,"download_url":781,"svn_tag_url":782,"released_at":39,"has_diff":51,"diff_files_changed":783,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":784,"is_current":51},"1.2.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbug-library.1.2.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbug-library\u002Ftags\u002F1.2.7\u002F",[],[785,786,787,788],{"id":69,"url_slug":70,"title":71,"severity":75,"cvss_score":76,"vuln_type":78,"patched_in_version":74},{"id":53,"url_slug":54,"title":55,"severity":42,"cvss_score":59,"vuln_type":61,"patched_in_version":58},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"id":86,"url_slug":87,"title":88,"severity":42,"cvss_score":92,"vuln_type":61,"patched_in_version":91}]