[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIOQA7uMpi0wJ9sHzx_p0HFXqo9WWMPjFLO3_S3XP3yA":3,"$fAHfvFe8jIjjTdc2tt_tLxGUjk5Gwmspd5lYZ4q67rJg":452,"$fcQMnk6Xp8i6UIov49Gwlk3UTB1Veu7EmHvCCgK1zMc0":456},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":38,"analysis":146,"fingerprints":414},"follow-bbpress","Follow for bbPress","1.0","Mostafa Shahiri","https:\u002F\u002Fprofiles.wordpress.org\u002Fmostafadeveloper\u002F","\u003Cp>The Follow for bbPress is a simple following system for bbPress plugin. It provides a very easy and simple way to create a following system for bbPress.\u003Cbr \u002F>\nUsers can easily follow\u002Funfollow each other and they can see the topics of followings via wall page.\u003C\u002Fp>\n\u003Cp>When you activate Follow for bbPress plugin, information and fields related to this plugin are added to users profile page. These infomation and fields include number\u003Cbr \u002F>\nof followers, number of following, follow\u002Funfollow button and followers and followers\u002Ffollowing links for displaying the followers\u002Ffollowing lists.\u003C\u002Fp>\n\u003Cp>By clicking on followers\u002Ffollowing links, a list of followers (or following) with follow buttons are shown in a popup window and you can also follow other users\u003Cbr \u002F>\nvia these lists. This plugin gains AJAX method for following\u002Funfollowing users and loading the followers\u002Ffollowing lists to improve the performance of your website.\u003C\u002Fp>\n\u003Cp>By using [bbpresswall] shortcode you can easily create a wall of the bbpress topics for users. This wall just displays the topics of the users who you follow them.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Requirements:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>bbPress plugin\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Jquery\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Displaying the topics of the followings via shortcode\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Gaining AJAX method\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Easy to use\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Customizable setting\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>User follow\u002Funfollow system for bbpress\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Displaying followers\u002Ffollowing lists.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin Setting\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Show Forum: Select yes if you want to show forum title for the topics in the wall section\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Show Date: Select yes if you want to show create date of the topics in the wall section\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Number of users per load: The information of how many users are loaded when you open or scroll down the followers\u002Ffollowing lists\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Number of topics per load: How many topics are loaded per request in the wall section\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Limit the length of forum title: You can limit the length of forum title (how many words)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Limit the length of topic title: Similar limitation for topic title (how many words)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Limit the length of topic description: You can also limit the length of descriptions for each topic\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Users can unfollow X days after following: To prevent frequent follow\u002Funfollow requests by users, you can determine a waiting time for users\u003C\u002Fp>\n\u003Cp>If you don’t like to use plugin setting parameters for wall section, you can set them via shortcode attributes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>[bbpresswall] shortcode attributes\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>show_forum:\u003C\u002Fstrong> 1 or 0 for showing or hiding the forum title (Default:1)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>show_date:\u003C\u002Fstrong> 1 or 0 for showing or hiding the create date of topic (Default:1)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>item_limit:\u003C\u002Fstrong> How many topics are loaded per request in the wall section (Default:5)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>forum_limit:\u003C\u002Fstrong> limit the length of forum title (how many words) (Default:5)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>title_limit:\u003C\u002Fstrong> limit the length of topic title (how many words) (Default:5)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>word_limit:\u003C\u002Fstrong> limit the length of descriptions for each topic (how many words) (Default:20)\u003C\u002Fp>\n\u003Cp>Usage example:   [bbpresswall show_forum=”1″ show_date=”0″ word_limit=”50″ item_limit=”10″]\u003C\u002Fp>\n","The Follow for bbPress provides a users following system for bbPress.",10,1591,0,"2020-06-27T08:50:00.000Z","5.2.24","4.5.1","",[19,20,21,22,23],"bbpress","follow","shortcode","topic","user","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffollow-bbpress.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"mostafadeveloper",13,40,83,30,82,"2026-05-19T22:37:58.019Z",[39,64,84,101,123],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":17,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":13,"last_vuln_date":63,"fetched_at":27},"one-user-avatar","One User Avatar | User Profile Picture","2.5.4","One Designs","https:\u002F\u002Fprofiles.wordpress.org\u002Fonedesigns\u002F","\u003Cp>WordPress currently only allows you to use custom avatars that are uploaded through \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa>. \u003Cstrong>One User Avatar\u003C\u002Fstrong> enables you to use any photo uploaded into your Media Library as an avatar. This means you use the same uploader and library as your posts. No extra folders or image editing functions are necessary. This plugin is a fork of WP User Avatar v2.2.16.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>One User Avatar\u003C\u002Fstrong> also lets you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Upload your own Default Avatar in your One User Avatar settings.\u003C\u002Fli>\n\u003Cli>Show the user’s \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatar or Default Avatar if the user doesn’t have a One User Avatar image.\u003C\u002Fli>\n\u003Cli>Disable \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatars and use only local avatars.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar_upload]\u003C\u002Fcode> shortcode to add a standalone uploader to a front page or widget. This uploader is only visible to logged-in users.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar]\u003C\u002Fcode> shortcode in your posts. These shortcodes will work with any theme, whether it has avatar support or not.\u003C\u002Fli>\n\u003Cli>Allow Contributors and Subscribers to upload their own avatars.\u003C\u002Fli>\n\u003Cli>Limit upload file size and image dimensions for Contributors and Subscribers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>One User Avatar\u003Cbr \u002F>\nCopyright (c) 2023 One Designs https:\u002F\u002Fonedesigns.com\u002F\u003Cbr \u002F>\nLicense: GPLv2\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fonedesigns\u002Fone-user-avatar\u003C\u002Fp>\n\u003Cp>One User Avatar is based on WP User Avatar v2.2.16\u003Cbr \u002F>\nCopyright (c) 2020-2021 ProfilePress https:\u002F\u002Fprofilepress.net\u002F\u003Cbr \u002F>\nCopyright (c) 2014-2020 Flippercode https:\u002F\u002Fwww.flippercode.com\u002F\u003Cbr \u002F>\nCopyright (c) 2013-2014 Bangbay Siboliban http:\u002F\u002Fbangbay.com\u002F\u003Cbr \u002F>\nLicense: GPLv2\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fprofilepress\u002Fwp-user-avatar\u003C\u002Fp>\n\u003Cp>One User Avatar is distributed under the terms of the GNU GPL\u003C\u002Fp>\n\u003Cp>This program is free software: you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation, either version 2 of the License, or\u003Cbr \u002F>\n(at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\u003Cbr \u002F>\nGNU General Public License for more details.\u003C\u002Fp>\n\u003Ch3>Advanced Settings\u003C\u002Fh3>\n\u003Ch4>Add One User Avatar to your own profile edit page\u003C\u002Fh4>\n\u003Cp>You can use the [avatar_upload] shortcode to add a standalone uploader to any page. It’s best to use this uploader by itself and without other profile fields.\u003C\u002Fp>\n\u003Cp>If you’re building your own profile edit page with other fields, One User Avatar is automatically added to the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\u002FAction_Reference\u002Fshow_user_profile\" rel=\"nofollow ugc\">show_user_profile\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\u002FAction_Reference\u002Fshow_user_profile\" rel=\"nofollow ugc\">edit_user_profile\u003C\u002Fa> hooks. If you’d rather have One User Avatar in its own section, you could add another hook:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action( 'edit_user_avatar', $current_user );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Then, to add One User Avatar to that hook and remove it from the other hooks outside of the administration panel, you would add this code to the \u003Ccode>functions.php\u003C\u002Fcode> file of your theme:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_avatar_filter() {\n    \u002F\u002F Remove from show_user_profile hook\n    remove_action( 'show_user_profile', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    remove_action( 'show_user_profile', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n\n    \u002F\u002F Remove from edit_user_profile hook\n    remove_action( 'edit_user_profile', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    remove_action( 'edit_user_profile', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n\n    \u002F\u002F Add to edit_user_avatar hook\n    add_action( 'edit_user_avatar', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    add_action( 'edit_user_avatar', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n}\n\n\u002F\u002F Loads only outside of administration panel\nif ( ! is_admin() ) {\n    add_action( 'init','my_avatar_filter' );\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>HTML Wrapper\u003C\u002Fh4>\n\u003Cp>You can change the HTML wrapper of the One User Avatar section by using the functions \u003Ccode>wpua_before_avatar\u003C\u002Fcode> and \u003Ccode>wpua_after_avatar\u003C\u002Fcode>. By default, the avatar code is structured like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv class=\"wpua-edit-container\">\n    \u003Ch3>Avatar\u003C\u002Fh3>\n    \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n    \u003Cp id=\"wpua-add-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-preview\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        Original Size\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-thumbnail\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        Thumbnail\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-remove-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-undo-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n    \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To strip out the div container and h3 heading, you would add the following filters to the \u003Ccode>functions.php\u003C\u002Fcode> file in your theme:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>remove_action( 'wpua_before_avatar', 'wpua_do_before_avatar' );\nremove_action( 'wpua_after_avatar', 'wpua_do_after_avatar' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To add your own wrapper, you could create something like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_before_avatar() {\n    echo '\u003Cdiv id=\"my-avatar\">';\n}\nadd_action( 'wpua_before_avatar', 'my_before_avatar' );\n\nfunction my_after_avatar() {\n    echo '\u003C\u002Fdiv>';\n}\nadd_action( 'wpua_after_avatar', 'my_after_avatar' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would output:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv id=\"my-avatar\">\n    \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n    \u003Cp id=\"wpua-add-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-preview\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        \u003Cspan class=\"description\">Original Size\u003C\u002Fspan>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-thumbnail\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        \u003Cspan class=\"description\">Thumbnail\u003C\u002Fspan>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-remove-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-undo-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n    \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.",100000,501920,94,41,"2026-01-12T00:58:00.000Z","6.9.4","4.0",[55,19,56,57,58],"avatar","gravatar","profile","users","https:\u002F\u002Fonedesigns.com\u002Fplugins\u002Fone-user-avatar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fone-user-avatar.2.5.4.zip",99,2,"2021-09-20 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":32,"last_updated":75,"tested_up_to":52,"requires_at_least":76,"requires_php":17,"tags":77,"homepage":81,"download_link":82,"security_score":83,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"user-access-shortcodes","User Access Shortcodes","2.3","WP Darko","https:\u002F\u002Fprofiles.wordpress.org\u002Fspwebguy\u002F","\u003Cp>This is the simplest way of controlling who sees what in your posts\u002Fpages. This plugin allows you to restrict content to logged in users only (or guests, or by roles) with simple shortcodes. What you see is what you get, and it’s totally free.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Show content only for Guests\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_guest]\nThis content can only be seen by guests.\n[\u002FUAS_guest]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content only for Registered\u002FLogged in users\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_loggedin]\nThis content can only be seen by logged in users.\n[\u002FUAS_loggedin]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content ony for specific roles\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_role roles=\"administrator, editor\"]\nThis content can only be seen by administrators and editors.\n[\u002FUAS_role]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Show content ony for specific users\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[UAS_specific ids=\"23, 127\"]\nThis content can only be seen by users with IDs 23 and 127.\n[\u002FUAS_specific]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Several extra parameters are available, please go to \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\u002Fget-started-with-the-user-access-shortcodes-plugin\u002F\" rel=\"nofollow ugc\">the plugin’s documentation\u003C\u002Fa> if you need more information on how to use this plugin.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Find help on \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\" rel=\"nofollow ugc\">our support platform\u003C\u002Fa> for this plugin (we’ll answer you fast, promise).\u003C\u002Fp>\n","The simplest way of controlling who sees what in your posts\u002Fpages. Restrict content to logged in users only (or guests, or by roles) with simple short &hellip;",1000,23529,98,"2026-01-29T19:32:00.000Z","3.6",[78,79,80,23,58],"access-shortcodes","logged","logged-in","https:\u002F\u002Fwpdarko.com\u002Fsupport\u002Fget-started-with-the-user-access-shortcodes-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-access-shortcodes.2.3.zip",100,{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":72,"downloaded":92,"rating":83,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":17,"tags":97,"homepage":99,"download_link":100,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"user-shortcodes","User Shortcodes","1.0.1","HappyPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fhappyplugins\u002F","\u003Cp>Add a simple list of shortcodes to WordPress in order to display the current user information.\u003C\u002Fp>\n\u003Cp>Unlike other similar plugins this is a very slim solution without any unnecessary features or design styles.\u003C\u002Fp>\n\u003Cp>The plugin check if a user is logged in, if no user is currently logged in all of the shortcodes will return empty information.\u003C\u002Fp>\n\u003Cp>The plugin includes 6 shortcodes:\u003C\u002Fp>\n\u003Cpre>[currentuser_username]\u003C\u002Fpre>\n\u003Cul>\n\u003Cli>Display the current user name\u003Cbr \u002F>\n[currentuser_useremail] – Display the current user email\u003Cbr \u002F>\n[currentuser_displayname] – Display the current user display name\u003Cbr \u002F>\n[currentuser_firstname] – Display the current user first name\u003Cbr \u002F>\n[currentuser_lastname] – Display the current user last name\u003Cbr \u002F>\n[currentuser_id] – Display the current user numeric ID\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>HappyPlugins – eCommerce Plugins for WordPress\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fhappyplugins.com\" rel=\"nofollow ugc\">HappyPlugins\u003C\u002Fa> company develop premium WordPress & Guides for eCommerce websites.\u003C\u002Fp>\n\u003Cp>Our Plugins includes \u003Ca href=\"http:\u002F\u002Fhappyplugins.com\u002F?download_category=wishlist-member\" title=\"Wishlist Member Dedicated Plugins\" rel=\"nofollow ugc\">Wishlist Member Dedicated Plugins\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fhappyplugins.com\u002Fdownloads\u002Fcategory\u002Feasy-digital-downloads\u002F\" title=\"Easy Digital Downloads Dedicated Plugins\" rel=\"nofollow ugc\">Easy Digital Downloads Dedicated Plugins\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Currently HappyPlugins company the number one 3rd party plugins developer for the Wishlist Member Membership Platform.\u003C\u002Fp>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The \u003Ca href=\"http:\u002F\u002Fhappyplugins.com\u002Fdownloads\u002Fuser-shortcodes\u002F\" rel=\"nofollow ugc\">User Shortcodes\u003C\u002Fa> official homepage.\u003C\u002Fli>\n\u003Cli>More \u003Ca href=\"http:\u002F\u002Fhappyplugins.com\" rel=\"nofollow ugc\">WordPress Plugins\u003C\u002Fa> by HappyPlugins\u003C\u002Fli>\n\u003Cli>Build a Membership site that Convert with \u003Ca href=\"http:\u002F\u002Fmembershipinsiders.com\" rel=\"nofollow ugc\">Membership Isiders\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Follow HappyPlugins on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fhappyplugins\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FHappyPlugins\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdiscoverwp.co\" rel=\"nofollow ugc\">DiscoverWP – Find & Compare WordPress Plugins\u003C\u002Fa>\u003Cbr \u002F>\nDiscoverWP was created in thing in mind and that to help every WordPress user to find the right product for his needs.\u003C\u002Fp>\n","Add a simple list of shortcodes to WordPress in order to display the current user information.",18203,12,"2015-04-02T04:55:00.000Z","4.1.42","3.0.1",[23,98,85],"user-information","http:\u002F\u002Fhappyplugins.com\u002Fuser-shortcodes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-shortcodes.1.0.1.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":83,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":17,"tags":115,"homepage":120,"download_link":121,"security_score":122,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"cbxuseronline","CBX User Online & Last Login","1.3.5","Sabuj Kundu","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanchumahara\u002F","\u003Cp>This plugin helps to show online users. Member, guest and bot can be tracked, their counts, most users online etc. This plugin also helps to records any user’s last login time, ip address and device.\u003C\u002Fp>\n\u003Ch3>CBX User Online & Last Login by \u003Ca href=\"https:\u002F\u002Fcodeboxr.com\u002Fproduct\u002Fcbx-user-online-for-wordpress\u002F\" rel=\"nofollow ugc\">Codeboxr\u003C\u002Fa>\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>📺 \u003Ca href=\"https:\u002F\u002Fcodeboxr.net\u002Fwordpress\u002Fdemo-cbx-user-online-for-wordpress\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> | 📋 \u003Ca href=\"https:\u002F\u002Fcodeboxr.com\u002Fdoc\u002Fcbxuseronline-doc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | 🌟 \u003Ca href=\"https:\u002F\u002Fcodeboxr.com\u002Fproduct\u002Fcbx-user-online-for-wordpress\u002F\" rel=\"nofollow ugc\">Upgrade to PRO\u003C\u002Fa> |  👨‍💻 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcbxuseronline\u002F\" rel=\"ugc\">Free Support\u003C\u002Fa> | 🤴 \u003Ca href=\"https:\u002F\u002Fcodeboxr.com\u002Fcontact-us\" rel=\"nofollow ugc\">Pro Support\u003C\u002Fa> | 📱 \u003Ca href=\"https:\u002F\u002Fcodeboxr.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">Contact\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>If you think any necessary feature is missing contact with us, we will add in new release. Best way to check the feature is install the free core version in any dev site and explore\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🛄 Core Plugin Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Cookie for guest user and login session check for registered user which tracks users perfectly.\u003C\u002Fli>\n\u003Cli>Most user online count and date\u003C\u002Fli>\n\u003Cli>Shortcode and widget based display\u003C\u002Fli>\n\u003Cli>Username, ip, user agent, is from mobile or desktop etc are tracked\u003C\u002Fli>\n\u003Cli>Simple plugin option  to set refresh time\u003C\u002Fli>\n\u003Cli>Show logged in member as online list\u003C\u002Fli>\n\u003Cli>Show site or specific page’s online user statistics\u003C\u002Fli>\n\u003Cli>Dynamically created cookie name for guest visitor\u003C\u002Fli>\n\u003Cli>[new] Records user’s last login time, ip and device from v1.0.6\u003C\u002Fli>\n\u003Cli>[new] Elementor & WPBakery support from v1.0.9\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FnZbt4BtqArI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>📺 Live Demo\u003C\u002Fh3>\n\u003Cp>Check \u003Ca href=\"http:\u002F\u002Fcodeboxr.net\u002Fwordpress\u002Fdemo-cbx-user-online-for-wordpress\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>🧮 Shortcodes\u003C\u002Fh3>\n\u003Cp>Shortcode with lot of params. Shortcode works for any post, page or do_shortcode.\u003Cbr \u002F>\nShortcode Format: \u003Ccode>[cbxuseronline]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>🀄 Widgets\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Classic Widgets\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show Memberlist\u003C\u002Fli>\n\u003Cli>Link user to author page\u003C\u002Fli>\n\u003Cli>Show online count\u003C\u002Fli>\n\u003Cli>Show individual count\u003C\u002Fli>\n\u003Cli>Show member count\u003C\u002Fli>\n\u003Cli>Show guest count\u003C\u002Fli>\n\u003Cli>Show bot count\u003C\u002Fli>\n\u003Cli>Show bot count\u003C\u002Fli>\n\u003Cli>Show for current page\u003C\u002Fli>\n\u003Cli>Show most user online\u003C\u002Fli>\n\u003Cli>Show mobile or desktop logged in status\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Elementor Widgets\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show Member list\u003C\u002Fli>\n\u003Cli>Link user to author page\u003C\u002Fli>\n\u003Cli>Show online count\u003C\u002Fli>\n\u003Cli>Show individual count\u003C\u002Fli>\n\u003Cli>Show member count\u003C\u002Fli>\n\u003Cli>Show guest count\u003C\u002Fli>\n\u003Cli>Show bot count\u003C\u002Fli>\n\u003Cli>Show bot count\u003C\u002Fli>\n\u003Cli>Show for current page\u003C\u002Fli>\n\u003Cli>Show most user online\u003C\u002Fli>\n\u003Cli>Show mobile or desktop logged in status\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>WPBakery Addon\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show Member list\u003C\u002Fli>\n\u003Cli>Link user to author page\u003C\u002Fli>\n\u003Cli>Show online count\u003C\u002Fli>\n\u003Cli>Show individual count\u003C\u002Fli>\n\u003Cli>Show member count\u003C\u002Fli>\n\u003Cli>Show guest count\u003C\u002Fli>\n\u003Cli>Show bot count\u003C\u002Fli>\n\u003Cli>Show bot count\u003C\u002Fli>\n\u003Cli>Show for current page\u003C\u002Fli>\n\u003Cli>Show most user online\u003C\u002Fli>\n\u003Cli>Show mobile or desktop logged in status\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>👨‍🏫 \u003Ca href=\"https:\u002F\u002Fcodeboxr.com\u002Fproduct\u002Fcbx-user-online-for-wordpress\" rel=\"nofollow ugc\">See more details and usages guide here\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>💎 Pro Plugin Features\u003C\u002Fh3>\n\u003Cp>Note: free version will be always free but we released pro version with some more extra features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Dashboard widgets: Online users\u003C\u002Fli>\n\u003Cli>Dashboard widgets: Latest Logged in users (New)\u003C\u002Fli>\n\u003Cli>Dashboard details online user page\u003C\u002Fli>\n\u003Cli>User login history listing and tracking\u003C\u002Fli>\n\u003Cli>Pro version enables some extra features in shortcode params and widget setting\u003C\u002Fli>\n\u003Cli>Support Elementor & WPBakery page builder for Latest Logged-in users.\u003C\u002Fli>\n\u003Cli>Admin details page custom setting\u003C\u002Fli>\n\u003Cli>Shortcode extra params\u003C\u002Fli>\n\u003Cli>Buddpress profile link integration (New in V1.0.4)\u003C\u002Fli>\n\u003Cli>BBpress profile link integration (New in V1.0.4)\u003C\u002Fli>\n\u003Cli>Peepso profile link integration (New in V1.1.2)\u003C\u002Fli>\n\u003Cli>BBpress Online User Statistics (New in V1.0.5)\u003C\u002Fli>\n\u003Cli>User login history feature (New in 1.2.3)\u003C\u002Fli>\n\u003Cli>Export\u002FImport plugin settings\u003C\u002Fli>\n\u003Cli>Reset plugin settings\u003C\u002Fli>\n\u003Cli>Export plugin settings single section\u003C\u002Fli>\n\u003Cli>Reset plugin settings single section\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>👍 Liked Codeboxr?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Join our \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fcodeboxr\u002F\" rel=\"nofollow ugc\">Facebook Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Learn from our tutorials on \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fuser\u002Fcodeboxr\" rel=\"nofollow ugc\">Youtube Channel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcbxuseronline\u002Freviews\u002F#new-post\" rel=\"ugc\">rate us\u003C\u002Fa> on WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🔩 Installation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>How to install the plugin and get it working.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Upload \u003Ccode>cbxuseronline\u003C\u002Fcode> folder  to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Go to Setting-> CBX Useronline to edit settings\u003C\u002Fli>\n\u003Cli>In any post or page you can write shortcode [cbxuseronline]\u003C\u002Fli>\n\u003C\u002Fol>\n","Shows online users based on cookie for guest and session for registered user. It also records the last login of user.",900,31991,6,"2025-05-16T19:01:00.000Z","6.8.5","5.3",[19,116,117,118,119],"buddypress","last-login","useronline","wordpress-user-online","https:\u002F\u002Fcodeboxr.com\u002Fproduct\u002Fcbx-user-online-for-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcbxuseronline.1.3.5.zip",92,{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":109,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":52,"requires_at_least":135,"requires_php":136,"tags":137,"homepage":142,"download_link":143,"security_score":144,"vuln_count":111,"unpatched_count":13,"last_vuln_date":145,"fetched_at":27},"forumwp","ForumWP – Forum & Discussion Board","2.1.9","Ultimate Member","https:\u002F\u002Fprofiles.wordpress.org\u002Fultimatemember\u002F","\u003Cp>ForumWP is a forum plugin which adds an online forum to your website. With ForumWP you can easily create forums and allow users to create topics and write replies.\u003C\u002Fp>\n\u003Ch4>Features of the plugin include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Forum visibility\u003C\u002Fli>\n\u003Cli>Forum styling\u003C\u002Fli>\n\u003Cli>Topics list\u003C\u002Fli>\n\u003Cli>Topics search\u003C\u002Fli>\n\u003Cli>Replies list\u003C\u002Fli>\n\u003Cli>Sub-replies and sorting\u003C\u002Fli>\n\u003Cli>User login & registration\u003C\u002Fli>\n\u003Cli>Profile page\u003C\u002Fli>\n\u003Cli>Easy settings\u003C\u002Fli>\n\u003Cli>Manage forums, topics and replies\u003C\u002Fli>\n\u003Cli>Manage modules and email settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Read about all of the plugin’s features at \u003Ca href=\"https:\u002F\u002Fforumwpplugin.com\" rel=\"nofollow ugc\">ForumWP\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Got a problem or need help with ForumWP? Head over to our \u003Ca href=\"http:\u002F\u002Fdocs.forumwpplugin.com\u002F\" rel=\"nofollow ugc\">documentation\u003C\u002Fa> and perform a search of the knowledge base. If you can’t find a solution to your issue then you can create a topic on the \u003Ca href=\"https:\u002F\u002Fforumwpplugin.com\u002Fsupport\" rel=\"nofollow ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n","Add a forum to your website with ForumWP.",30949,70,11,"2026-04-01T12:34:00.000Z","5.5","7.0",[138,139,22,140,141],"forum","reply","user-profile","user-registration","https:\u002F\u002Fforumwpplugin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforumwp.2.1.9.zip",86,"2026-01-05 14:45:41",{"attackSurface":147,"codeSignals":230,"taintFlows":291,"riskAssessment":402,"analyzedAt":413},{"hooks":148,"ajaxHandlers":175,"restRoutes":220,"shortcodes":221,"cronEvents":227,"entryPointCount":228,"unprotectedCount":229},[149,155,159,162,167,171],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","plugins_loaded","bbpf_load_textdomain","follow-for-bbpress.php",47,{"type":150,"name":156,"callback":157,"file":153,"line":158},"wp_enqueue_scripts","bbpf_frontend_scripts",77,{"type":150,"name":160,"callback":161,"file":153,"line":61},"bbp_template_after_user_profile","bbpf_display_follow_box",{"type":150,"name":163,"callback":164,"file":165,"line":166},"admin_menu","bbpf_follow_setup_menu","setting.php",3,{"type":150,"name":168,"callback":169,"file":165,"line":170},"admin_init","bbpf_follow_register_settings",4,{"type":150,"name":172,"callback":173,"file":165,"line":174},"admin_enqueue_scripts","bbpf_setting_scripts",5,[176,181,184,188,190,194,196,200,202,206,208,212,214,218],{"action":177,"nopriv":178,"callback":179,"hasNonce":178,"hasCapCheck":178,"file":153,"line":180},"bbpf_follow",false,"bbpf_follow_ajax_callback",53,{"action":177,"nopriv":182,"callback":179,"hasNonce":178,"hasCapCheck":178,"file":153,"line":183},true,54,{"action":185,"nopriv":178,"callback":186,"hasNonce":178,"hasCapCheck":178,"file":153,"line":187},"bbpf_unfollow","bbpf_unfollow_ajax_callback",56,{"action":185,"nopriv":182,"callback":186,"hasNonce":178,"hasCapCheck":178,"file":153,"line":189},57,{"action":191,"nopriv":178,"callback":192,"hasNonce":178,"hasCapCheck":178,"file":153,"line":193},"bbpf_following_list","bbpf_following_list_ajax_callback",59,{"action":191,"nopriv":182,"callback":192,"hasNonce":178,"hasCapCheck":178,"file":153,"line":195},60,{"action":197,"nopriv":178,"callback":198,"hasNonce":178,"hasCapCheck":178,"file":153,"line":199},"bbpf_follower_list","bbpf_follower_list_ajax_callback",62,{"action":197,"nopriv":182,"callback":198,"hasNonce":178,"hasCapCheck":178,"file":153,"line":201},63,{"action":203,"nopriv":178,"callback":204,"hasNonce":178,"hasCapCheck":178,"file":153,"line":205},"bbpf_follow_from_list","bbpf_follow_from_list_ajax_callback",65,{"action":203,"nopriv":182,"callback":204,"hasNonce":178,"hasCapCheck":178,"file":153,"line":207},66,{"action":209,"nopriv":178,"callback":210,"hasNonce":178,"hasCapCheck":178,"file":153,"line":211},"bbpf_update_user_profile","bbpf_update_user_page_ajax_callback",68,{"action":209,"nopriv":182,"callback":210,"hasNonce":178,"hasCapCheck":178,"file":153,"line":213},69,{"action":215,"nopriv":178,"callback":216,"hasNonce":178,"hasCapCheck":178,"file":153,"line":217},"bbpf_get_wall_topics","bbpf_get_wall_topics_ajax_callback",71,{"action":215,"nopriv":182,"callback":216,"hasNonce":178,"hasCapCheck":178,"file":153,"line":219},72,[],[222],{"tag":223,"callback":224,"file":225,"line":226},"bbpresswall","bbpf_wall_makeshortcode","shortcode.php",81,[],15,14,{"dangerousFunctions":231,"sqlUsage":232,"outputEscaping":234,"fileOperations":13,"externalRequests":13,"nonceChecks":288,"capabilityChecks":289,"bundledLibraries":290},[],{"prepared":32,"raw":13,"locations":233},[],{"escaped":49,"rawEcho":235,"locations":236},28,[237,240,243,245,247,249,251,253,255,256,258,260,262,263,265,267,269,271,273,275,277,278,279,280,281,283,285,286],{"file":153,"line":238,"context":239},163,"raw output",{"file":241,"line":242,"context":239},"helper.php",180,{"file":241,"line":244,"context":239},243,{"file":241,"line":246,"context":239},264,{"file":241,"line":248,"context":239},331,{"file":241,"line":250,"context":239},374,{"file":241,"line":252,"context":239},416,{"file":241,"line":254,"context":239},462,{"file":165,"line":235,"context":239},{"file":165,"line":257,"context":239},33,{"file":165,"line":259,"context":239},37,{"file":165,"line":261,"context":239},39,{"file":165,"line":50,"context":239},{"file":165,"line":264,"context":239},43,{"file":165,"line":266,"context":239},45,{"file":165,"line":268,"context":239},48,{"file":165,"line":270,"context":239},49,{"file":165,"line":272,"context":239},51,{"file":165,"line":274,"context":239},52,{"file":165,"line":276,"context":239},55,{"file":165,"line":187,"context":239},{"file":165,"line":193,"context":239},{"file":165,"line":195,"context":239},{"file":165,"line":201,"context":239},{"file":165,"line":282,"context":239},64,{"file":165,"line":284,"context":239},67,{"file":165,"line":211,"context":239},{"file":225,"line":287,"context":239},75,7,1,[],[292,309,318,327,336,371],{"entryPoint":293,"graph":294,"unsanitizedCount":13,"severity":308},"bbpf_update_user_page_ajax_callback (helper.php:142)",{"nodes":295,"edges":306},[296,301],{"id":297,"type":298,"label":299,"file":241,"line":300},"n0","source","$_POST",148,{"id":302,"type":303,"label":304,"file":241,"line":242,"wp_function":305},"n1","sink","echo() [XSS]","echo",[307],{"from":297,"to":302,"sanitized":182},"low",{"entryPoint":310,"graph":311,"unsanitizedCount":13,"severity":308},"bbpf_follow_ajax_callback (helper.php:185)",{"nodes":312,"edges":316},[313,315],{"id":297,"type":298,"label":299,"file":241,"line":314},191,{"id":302,"type":303,"label":304,"file":241,"line":244,"wp_function":305},[317],{"from":297,"to":302,"sanitized":182},{"entryPoint":319,"graph":320,"unsanitizedCount":13,"severity":308},"bbpf_follow_from_list_ajax_callback (helper.php:247)",{"nodes":321,"edges":325},[322,324],{"id":297,"type":298,"label":299,"file":241,"line":323},251,{"id":302,"type":303,"label":304,"file":241,"line":246,"wp_function":305},[326],{"from":297,"to":302,"sanitized":182},{"entryPoint":328,"graph":329,"unsanitizedCount":13,"severity":308},"bbpf_get_wall_topics_ajax_callback (helper.php:420)",{"nodes":330,"edges":334},[331,333],{"id":297,"type":298,"label":299,"file":241,"line":332},426,{"id":302,"type":303,"label":304,"file":241,"line":254,"wp_function":305},[335],{"from":297,"to":302,"sanitized":182},{"entryPoint":337,"graph":338,"unsanitizedCount":62,"severity":370},"bbpf_unfollow_ajax_callback (helper.php:268)",{"nodes":339,"edges":364},[340,342,343,346,350,354,357,360],{"id":297,"type":298,"label":299,"file":241,"line":341},275,{"id":302,"type":303,"label":304,"file":241,"line":248,"wp_function":305},{"id":344,"type":298,"label":299,"file":241,"line":345},"n2",280,{"id":347,"type":348,"label":349,"file":241,"line":345},"n3","transform","→ bbpf_is_follow()",{"id":351,"type":303,"label":352,"file":241,"line":288,"wp_function":353},"n4","get_row() [SQLi]","get_row",{"id":355,"type":298,"label":299,"file":241,"line":356},"n5",292,{"id":358,"type":348,"label":359,"file":241,"line":356},"n6","→ bbpf_unfollow_user()",{"id":361,"type":303,"label":362,"file":241,"line":154,"wp_function":363},"n7","query() [SQLi]","query",[365,366,367,368,369],{"from":297,"to":302,"sanitized":182},{"from":344,"to":347,"sanitized":178},{"from":347,"to":351,"sanitized":178},{"from":355,"to":358,"sanitized":178},{"from":358,"to":361,"sanitized":178},"high",{"entryPoint":372,"graph":373,"unsanitizedCount":166,"severity":370},"\u003Chelper> (helper.php:0)",{"nodes":374,"edges":394},[375,377,378,379,380,381,382,383,384,387,390],{"id":297,"type":298,"label":376,"file":241,"line":300},"$_POST (x7)",{"id":302,"type":303,"label":304,"file":241,"line":242,"wp_function":305},{"id":344,"type":298,"label":299,"file":241,"line":345},{"id":347,"type":348,"label":349,"file":241,"line":345},{"id":351,"type":303,"label":352,"file":241,"line":288,"wp_function":353},{"id":355,"type":298,"label":299,"file":241,"line":356},{"id":358,"type":348,"label":359,"file":241,"line":356},{"id":361,"type":303,"label":362,"file":241,"line":154,"wp_function":363},{"id":385,"type":298,"label":299,"file":241,"line":386},"n8",437,{"id":388,"type":348,"label":389,"file":241,"line":386},"n9","→ bbpf_get_topics_info()",{"id":391,"type":303,"label":392,"file":241,"line":217,"wp_function":393},"n10","get_results() [SQLi]","get_results",[395,396,397,398,399,400,401],{"from":297,"to":302,"sanitized":182},{"from":344,"to":347,"sanitized":178},{"from":347,"to":351,"sanitized":178},{"from":355,"to":358,"sanitized":178},{"from":358,"to":361,"sanitized":178},{"from":385,"to":388,"sanitized":178},{"from":388,"to":391,"sanitized":178},{"summary":403,"deductions":404},"The \"follow-bbpress\" v1.0 plugin exhibits a concerning security posture due to a large attack surface with a significant number of unprotected entry points. While the plugin demonstrates good practices in SQL query handling and a relatively high percentage of proper output escaping, the lack of authorization checks on 14 out of 15 AJAX handlers is a critical weakness. This means that any user, authenticated or not, could potentially interact with these handlers, leading to unintended actions or information disclosure.\n\nThe taint analysis reveals two flows with unsanitized paths, classified as high severity. This suggests that user-supplied data might be used in a way that could lead to path traversal or other file system-related vulnerabilities, despite no explicit file operations being flagged. The limited number of nonce checks (7) and capability checks (1) further exacerbates the risk, as these are fundamental security mechanisms for protecting against various types of attacks.\n\nCurrently, the plugin has no recorded vulnerability history, which is a positive indicator. However, this does not negate the present risks identified in the static and taint analysis. The plugin's strengths lie in its secure SQL implementation and mostly proper output escaping. Nevertheless, the high number of unprotected AJAX handlers and the identified unsanitized paths present significant security concerns that require immediate attention.",[405,407,409,411],{"reason":406,"points":11},"Unprotected AJAX handlers",{"reason":408,"points":11},"High severity unsanitized paths in taint analysis",{"reason":410,"points":174},"Low number of capability checks",{"reason":412,"points":174},"Moderate percentage of unescaped output","2026-04-16T12:43:27.822Z",{"wat":415,"direct":424},{"assetPaths":416,"generatorPatterns":419,"scriptPaths":420,"versionParams":421},[417,418],"\u002Fwp-content\u002Fplugins\u002Ffollow-bbpress\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Ffollow-bbpress\u002Fjs\u002Fscript.js",[],[418],[422,423],"follow-bbpress\u002Fcss\u002Fstyle.css?ver=","follow-bbpress\u002Fjs\u002Fscript.js?ver=",{"cssClasses":425,"htmlComments":439,"htmlAttributes":440,"restEndpoints":446,"jsGlobals":448,"shortcodeOutput":451},[426,427,428,429,430,197,191,431,432,433,434,435,436,437,177,185,438],"follow_box_container","bbpf_followers","bbpf_followers_link","bbpf_following","bbpf_following_link","popup-inner","popup-header","popup-close","bbpf_view_list","fb_load_container","lds-facebook","bbpf_load_container","bbpf_msg_unfollow",[],[441,442,443,444,445],"data-popup-open","data-popup","data-user_id","data-item_limit","data-popup-close",[447],"\u002Fwp-json\u002Fbbpf-rest\u002Fv1",[449,450],"bbpf_ajax_url","bbpf_nonce",[],{"error":182,"url":453,"statusCode":454,"statusMessage":455,"message":455},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ffollow-bbpress\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":289,"versions":457},[458],{"version":6,"download_url":459,"svn_tag_url":460,"released_at":26,"has_diff":178,"diff_files_changed":461,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":462,"is_current":182},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffollow-bbpress.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffollow-bbpress\u002Ftags\u002F1.0\u002F",[],[]]