[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fL0HWI6xybE_NIbYTzs3Sgo9MToNWV6xsuOtVjVEcZ_Q":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":131,"fingerprints":212},"commenters-can-add-tags","Commenters can add tags","0.2","Raulanton","https:\u002F\u002Fprofiles.wordpress.org\u002Fraulanton\u002F","\u003Cp>This plugin allow commenters to add a tag to a post, just by using a customized prefix (by default #) before words in comments.\u003C\u002Fp>\n\u003Cp>I18N:\u003C\u002Fp>\n\u003Cp>This plugin is I18N ok.\u003C\u002Fp>\n","Commenters can add tags allows commenters to add tags to a post just by adding a prefixed word in a comment. Prefix is # by default.",10,1734,100,1,"2016-08-25T23:30:00.000Z","4.3.34","4.3.1","",[20,21,22,23,24],"comments","etiquetas","etiquettes","tag","tags","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002FXXXXXXXXX","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcommenters-can-add-tags.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":35,"trust_score":37,"computed_at":38},"raulanton",3,30,95,91,"2026-04-04T16:29:23.851Z",[40,61,79,95,114],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":28,"num_ratings":28,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"xhtheme-ai-toolbox","XHTheme AI Toolbox","1.9.5","xhtheme","https:\u002F\u002Fprofiles.wordpress.org\u002Fxhtheme\u002F","\u003Cp>XHTheme AI Toolbox is a powerful WordPress plugin designed for content creators, integrating advanced AI language models including DeepSeek and Qwen3. This plugin supports content generation, paragraph optimization, smart comment management (including AI Comment Officials, random comments, auto-moderation, and intelligent replies), article topic expansion, AI text-to-image (automatically generating illustrations and covers), tag extraction, summary generation, automatic aliasing and category assignment, significantly improving content creation efficiency and quality.\u003C\u002Fp>\n\u003Cp>The plugin supports various article types including image-only, text-only, and mixed image-text content, but does not support video recognition.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.xhtheme.com\u002Fxhtheme-ai-toolbox\" rel=\"nofollow ugc\">Official Overview\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Ch4>Intelligent Image Recognition\u003C\u002Fh4>\n\u003Cp>When article text content is too short or for image-only articles, content is compensated through image recognition, improving the quality and accuracy of generated content.\u003C\u002Fp>\n\u003Ch4>AI Automatic Image Generation\u003C\u002Fh4>\n\u003Cp>Generate images for articles and set them as covers, insert images into article content (optional) through Tongyi Wanxiang text-to-image interface. Text-to-image generation requires connecting your own Alibaba Cloud Bailian Platform API-KEY. New users can enjoy 1000 free credits (500 images for each of the two models)!\u003C\u002Fp>\n\u003Ch4>Smart Comment Assistant\u003C\u002Fh4>\n\u003Cp>A comprehensive AI-powered comment management system that includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Auto & Batch Comment Generation\u003C\u002Fstrong>: Automatically generates comments when publishing articles, or manually batch generate comments for multiple articles through the backend panel.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Comment Officials\u003C\u002Fstrong>: Allow readers to summon AI assistants (like Doubao or Yuanbao) by mentioning them in comments, enabling interactive AI responses.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Random Comments\u003C\u002Fstrong>: Automatically generates and posts comments on selected articles with configurable frequency and daily limits.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Auto-Moderation\u003C\u002Fstrong>: Automatically reviews and moderates real user comments using AI.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Author Replies\u003C\u002Fstrong>: AI replies on behalf of authors to both real user comments and AI-generated comments.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Intelligent Interaction\u003C\u002Fstrong>: Simulates natural conversations between AI personas and real users to boost engagement.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>AI Topic Expansion\u003C\u002Fh4>\n\u003Cp>Automatically analyzes article content through AI, extracts reading directions that can be extended to generate topics and content, and displays topic tags below the main text. This feature can enrich content matrix and improve creation efficiency.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmeteor.demo.cxory.com\u002Finformation\u002F333.html\" rel=\"nofollow ugc\">View Demo Page\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>AI Tag Extraction\u003C\u002Fh4>\n\u003Cp>Intelligently analyzes article content through AI to automatically extract the most relevant TAG labels and automatically set SEO titles, English aliases, tag descriptions and other fields for new tags.\u003C\u002Fp>\n\u003Ch4>AI Summary Generation\u003C\u002Fh4>\n\u003Cp>Intelligently generates AI summaries and displays them above the article body, enhancing the user’s reading experience. The plugin offers multiple preset styles and supports using AI capabilities to generate custom styles. It can produce traditional article summaries and engaging guidance-type summaries as needed, making readers more interested in the article content.\u003C\u002Fp>\n\u003Ch4>AI Content Generation\u002FOptimization\u003C\u002Fh4>\n\u003Cp>Uses AI models to generate or optimize paragraph content, improving article editing efficiency. If you’re not satisfied with the content, you can undo and switch models to generate new content.\u003C\u002Fp>\n\u003Ch4>AI Intelligent Categorization\u003C\u002Fh4>\n\u003Cp>Intelligently analyzes article content through AI and selects the most appropriate category from existing categories.\u003C\u002Fp>\n\u003Ch4>Automatic English Alias Generation\u003C\u002Fh4>\n\u003Cp>Extracts content-related English aliases through AI for URLs, intelligently matching keywords to give URLs more depth.\u003C\u002Fp>\n\u003Ch4>Usage Limitations\u003C\u002Fh4>\n\u003Cp>All users get 100 free AI model requests per month. Beyond that, you need to purchase resource packages from the official website!\u003C\u002Fp>\n\u003Ch3>How to Use?\u003C\u002Fh3>\n\u003Ch4>1. Trigger AI capabilities through the AI panel:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Supports specifying which AI capabilities and custom models to use\u003C\u002Fli>\n\u003Cli>Supports use in the block editor (Gutenberg)\u003C\u002Fli>\n\u003Cli>Supports all features and allows applying data after secondary modifications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2. Use AI capabilities through the automated queue:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>When publishing articles, you can control whether to join the queue, with backend default settings available\u003C\u002Fli>\n\u003Cli>After joining the queue, tasks run in the background, improving efficiency without requiring additional operations\u003C\u002Fli>\n\u003Cli>Supports all AI capabilities\u003C\u002Fli>\n\u003Cli>Supports use in both classic editor and block editor (Gutenberg)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3. Apply AI capabilities through list shortcut buttons:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>We’ve integrated AI running status display and operable AI shortcut buttons in the backend article list\u003C\u002Fli>\n\u003Cli>Quickly apply individual AI capabilities through shortcut buttons\u003C\u002Fli>\n\u003Cli>Supports use in both classic editor and block editor (Gutenberg)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4. Apply AI capabilities through parameters:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>This feature is suitable for article publishing programs or collection publishing programs\u003C\u002Fli>\n\u003Cli>When publishing articles, carrying PostMeta queue parameters automatically adds AI tasks to the pending execution queue\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.xhtheme.com\u002Fdocs\u002Faitoolbox\" rel=\"nofollow ugc\">View Documentation\u003C\u002Fa>\u003C\u002Fp>\n","AI tag extraction, AI image, AI summary, comment generation, AI topic expansion, auto-classification, slug generation and AI content enhancement.",200,5573,"2026-03-07T09:19:00.000Z","6.9.4","6.6","7.0",[55,56,57,58,41],"ai","ai-summary","auto-comments","auto-tags","https:\u002F\u002Fwww.xhtheme.com\u002Fxhtheme-ai-toolbox.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxhtheme-ai-toolbox.1.9.5.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":13,"downloaded":69,"rating":13,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":77,"download_link":78,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"marctv-quicktags","Simple Comment Quicktags","3.0.5","Marc Tönsing","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcdk\u002F","\u003Cp>This plugin displays the most basic of quicktag buttons on your comment forms, using the Quicktag API built into WordPress (as of 3.3). No jQuery needed.\u003C\u002Fp>\n\u003Cp>Contribute on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmtoensing\u002Fmarctv-quicktags\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Make commenting easier with bold, italic, add link and quote buttons on top of the form.",8939,2,"2023-12-22T21:14:00.000Z","6.4.8","4.6",[20,75,76],"quicktags","wysiwyg","https:\u002F\u002Fmarc.tv\u002Fmarctv-wordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmarctv-quicktags.3.0.5.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":28,"num_ratings":28,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":18,"tags":92,"homepage":93,"download_link":94,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"comment-form-quicktags","Comment Form Quicktags","1.3.2","regen","https:\u002F\u002Fprofiles.wordpress.org\u002Fregen\u002F","\u003Cp>This plugin inserts quicktags of the admin page to the upper part of textarea of the comment form.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>You can edit tags in the admin page.\u003C\u002Fli>\n\u003Cli>You can limit quicktags by user roles.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin inserts a quicktag toolbar on the comment form.",80,27245,"2011-07-12T07:57:00.000Z","3.2.1","2.9",[20,75],"http:\u002F\u002Frp.exadge.com\u002F2009\u002F01\u002F08\u002Fcomment-form-quicktags\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-form-quicktags.1.3.2.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":87,"downloaded":103,"rating":104,"num_ratings":34,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":18,"tags":108,"homepage":112,"download_link":113,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ff-tab-widget","FF Tab Widget","1.1","Kharis Sulistiyono","https:\u002F\u002Fprofiles.wordpress.org\u002Fkharisblank\u002F","\u003Cp>FF Tab Widget is a great solution for you to display different contents in a single widget. You can display popular posts, recent posts, recent commets, and tags in an animated tabs.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to install, just drag the widget into your widgetized sidebar.\u003C\u002Fli>\n\u003Cli>Has widget options: Label name, limit tab content and show\u002Fhide tab item.\u003C\u002Fli>\n\u003Cli>Uses jQuery Tabs \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FamazingSurge\u002Fjquery-tabs\" rel=\"nofollow ugc\">script\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’d like to contribute to the plugin you can find it on \u003Ca href=\"http:\u002F\u002Fgithub.com\u002Fkharissulistiyo\u002FFF-Tab-Widget\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>FF doesn’t stand for anything.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.kharissulistiyono.com\u002Fff-tab-widget-pro\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Simply go to Appearance > Widgets and drag “FF Tab Widget” instance to the sidebar of your choice. Within the widget are several options where you can show\u002Fhide tab item and specifify the content limit. See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fff-tab-widget\u002Fscreenshots\" rel=\"ugc\">screenshots\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Tabs Widget Style\u003C\u002Fh4>\n\u003Cp>The tab widget style tested on “Twenty Twelve” theme (see the plugin screenshot). It may look different on other themes. You can adjust its style by modifying CSS file (fftw.css) inside the plugin folder. To make developers easy to make modification I also profide the LESS file (fftw.less).\u003C\u002Fp>\n\u003Cp>If you do not have time to make your tabs widget looks beautiful on your theme, you can \u003Ca href=\"mailto:kharisblank@gmail.com\" rel=\"nofollow ugc\">contact me\u003C\u002Fa> for plugin customization service.\u003C\u002Fp>\n\u003Cp>Contact this \u003Ca href=\"http:\u002F\u002Fkharissulistiyo.com\" rel=\"nofollow ugc\">plugin author\u003C\u002Fa>.\u003C\u002Fp>\n","Display popular posts, recent posts, recent commets, and tags in an animated tabs in a single widget.",7765,46,"2014-01-09T17:16:00.000Z","3.7.41","3.0",[20,109,110,24,111],"posts","sidebar","widget","https:\u002F\u002Fgithub.com\u002Fkharissulistiyo\u002FFF-Tab-Widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fff-tab-widget.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":13,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":129,"download_link":130,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-russian-quicktags","WP Russian Quicktags","1.04","Flector","https:\u002F\u002Fprofiles.wordpress.org\u002Fflector\u002F","\u003Cp>Плагин выводит панель с кнопками форматирования текста в комментариях (Жирный, Курсив, Код, Цитата, Ссылка и Закрыть Теги). В современных шаблонах плагин умеет встраивать панель автоматически сразу после своей активации. Для более старых шаблонов предусмотрен вызов специальной функции, которая и будет выводить панель.\u003C\u002Fp>\n\u003Cp>Помимо этого плагин позволяет вывести в комментариях ссылку “\u003Cstrong>Цитировать\u003C\u002Fstrong>“, при клике на которую выделенный пользователем текст будет автоматически взят в теги цитаты. Данная возможность плагина очень помогает в случае, если ваш шаблон не позволяет вам выводить комментарии в древовидном стиле.\u003C\u002Fp>\n\u003Cp>PS Этот плагин был написан на основе плагина \u003Ca href=\"http:\u002F\u002Flmbbox.com\u002Fprojects\u002Flmbbox-comment-quicktags\u002Fwp-comment-quicktags-plus\u002F\" rel=\"nofollow ugc\">WP Comment Quicktags Plus\u003C\u002Fa> от \u003Ca href=\"http:\u002F\u002Flmbbox.com\u002F\" rel=\"nofollow ugc\">Thomas Montague \u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Если вам понравился мой плагин, то \u003Cstrong>пожалуйста\u003C\u002Fstrong> поставьте ему 5 звезд.\u003C\u002Fp>\n","Плагин выводит панель с русскими кнопками форматирования текста в комментариях.",60,4469,4,"2025-05-19T09:41:00.000Z","6.8.5","2.3",[20,75],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-russian-quicktags\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-russian-quicktags.zip",{"attackSurface":132,"codeSignals":151,"taintFlows":164,"riskAssessment":202,"analyzedAt":211},{"hooks":133,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":28,"unprotectedCount":28},[134,139,143],{"type":135,"name":136,"callback":137,"file":138,"line":104},"action","plugins_loaded","antonat_load_plugin_textdomain","commenters-can-add-tags.php",{"type":135,"name":140,"callback":141,"file":138,"line":142},"comment_post","antonat_add_tags",108,{"type":135,"name":144,"callback":145,"file":138,"line":146},"admin_menu","antonat_admin",132,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":155,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":14,"bundledLibraries":163},[],{"prepared":28,"raw":28,"locations":154},[],{"escaped":28,"rawEcho":34,"locations":156},[157,160,162],{"file":138,"line":158,"context":159},178,"raw output",{"file":138,"line":161,"context":159},181,{"file":138,"line":161,"context":159},[],[165,191],{"entryPoint":166,"graph":167,"unsanitizedCount":28,"severity":190},"antonat_admin_options (commenters-can-add-tags.php:143)",{"nodes":168,"edges":186},[169,174,180,182],{"id":170,"type":171,"label":172,"file":138,"line":173},"n0","source","$_POST",161,{"id":175,"type":176,"label":177,"file":138,"line":178,"wp_function":179},"n1","sink","update_option() [Settings Manipulation]",162,"update_option",{"id":181,"type":171,"label":172,"file":138,"line":173},"n2",{"id":183,"type":176,"label":184,"file":138,"line":161,"wp_function":185},"n3","echo() [XSS]","echo",[187,189],{"from":170,"to":175,"sanitized":188},true,{"from":181,"to":183,"sanitized":188},"low",{"entryPoint":192,"graph":193,"unsanitizedCount":28,"severity":190},"\u003Ccommenters-can-add-tags> (commenters-can-add-tags.php:0)",{"nodes":194,"edges":199},[195,196,197,198],{"id":170,"type":171,"label":172,"file":138,"line":173},{"id":175,"type":176,"label":177,"file":138,"line":178,"wp_function":179},{"id":181,"type":171,"label":172,"file":138,"line":173},{"id":183,"type":176,"label":184,"file":138,"line":161,"wp_function":185},[200,201],{"from":170,"to":175,"sanitized":188},{"from":181,"to":183,"sanitized":188},{"summary":203,"deductions":204},"The 'commenters-can-add-tags' plugin, version 0.2, presents a generally strong security posture with no reported vulnerabilities and a limited attack surface. The static analysis indicates no AJAX handlers, REST API routes, shortcodes, or cron events, which significantly reduces the potential entry points for attackers. Furthermore, all SQL queries are confirmed to be using prepared statements, a critical practice for preventing SQL injection. The absence of dangerous functions and file operations also contributes to a positive security outlook.\n\nHowever, a significant concern arises from the output escaping analysis. With 0% of the identified outputs properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any dynamic data displayed to users without proper sanitization could be exploited by attackers to inject malicious scripts. The presence of a single capability check without any nonce checks for the identified flows is also a weakness, though the overall lack of entry points mitigates this risk to some extent. The plugin's history of zero known CVEs is a strong positive indicator, suggesting consistent security development or a low profile that has not attracted widespread vulnerability discovery.\n\nIn conclusion, while the plugin benefits from a minimal attack surface and secure database practices, the lack of output escaping is a critical flaw that needs immediate attention. This oversight could lead to severe security issues, outweighing the benefits of its otherwise robust design. Addressing the XSS risk is paramount to improving its overall security. The vulnerability history is reassuring but does not negate the immediate risks identified in the code analysis.",[205,208],{"reason":206,"points":207},"Unescaped output identified",8,{"reason":209,"points":210},"Missing nonce checks on identified flows",5,"2026-03-17T01:29:48.646Z",{"wat":213,"direct":218},{"assetPaths":214,"generatorPatterns":215,"scriptPaths":216,"versionParams":217},[],[],[],[],{"cssClasses":219,"htmlComments":220,"htmlAttributes":221,"restEndpoints":222,"jsGlobals":223,"shortcodeOutput":224},[],[],[],[],[],[]]